public static function submit($formID, $objectID = NULL, $importing = FALSE) { $engine = mfcs::$engine; $backgroundProcessing = array(); if (isnull($objectID)) { $newObject = TRUE; } else { $newObject = FALSE; } // Get the current Form if (($form = self::get($formID)) === FALSE) { errorHandle::newError(__METHOD__ . "() - retrieving form by formID", errorHandle::DEBUG); return FALSE; } // the form is an object form, make sure that it has an ID field defined. // @TODO this check can probably be removed, its being checked in object class if ($form['metadata'] == "0") { $idnoInfo = self::getFormIDInfo($formID); if ($idnoInfo === FALSE) { errorHandle::newError(__METHOD__ . "() - no IDNO field for object form.", errorHandle::DEBUG); return FALSE; } } $fields = $form['fields']; if (usort($fields, 'sortFieldsByPosition') !== TRUE) { errorHandle::newError(__METHOD__ . "() - usort", errorHandle::DEBUG); if (!$importing) { errorHandle::errorMsg("Error retrieving form."); } return FALSE; } $values = array(); // go through all the fields, get their values foreach ($fields as $field) { $value = isset($engine->cleanPost['RAW'][$field['name']]) ? $engine->cleanPost['RAW'][$field['name']] : ""; $validationTests = self::validateSubmission($formID, $field, $value, $objectID); if (isnull($validationTests) || $validationTests === FALSE) { continue; } if (strtolower($field['readonly']) == "true") { // need to pull the data that loaded with the form if ($newObject === FALSE) { // grab it from the database $oldObject = objects::get($objectID); $values[$field['name']] = $oldObject['data'][$field['name']]; } else { // If the form has a variable in the value we apply the variable, otherwise, field value. // we need to check for disabled on insert form if (!isset($field['disabledInsert']) || isset($field['disabledInsert']) && $field['disabledInsert'] == "false") { $values[$field['name']] = self::hasFieldVariables($field['value']) ? self::applyFieldVariables($value) : $field['value']; } // grab the default value from the form. // $values[$field['name']] = $field['value']; } } else { if (strtolower($field['type']) == "file" && isset($engine->cleanPost['MYSQL'][$field['name']])) { // Process uploaded files $uploadID = $engine->cleanPost['MYSQL'][$field['name']]; // Process the uploads and put them into their archival locations if (($tmpArray = files::processObjectUploads($objectID, $uploadID)) === FALSE) { errorHandle::newError(__METHOD__ . "() - Archival Location", errorHandle::DEBUG); return FALSE; } if ($tmpArray !== TRUE) { // didn't generate a proper uuid for the items, rollback if (!isset($tmpArray['uuid'])) { $engine->openDB->transRollback(); $engine->openDB->transEnd(); errorHandle::newError(__METHOD__ . "() - No UUID", errorHandle::DEBUG); return FALSE; } // ads this field to the files object // we can't do inserts yet because we don't have the objectID on // new objects files::addProcessingField($field['name']); // Should the files be processed now or later? if (isset($field['bgProcessing']) && str2bool($field['bgProcessing']) === TRUE) { $backgroundProcessing[$field['name']] = TRUE; } else { $backgroundProcessing[$field['name']] = FALSE; } $values[$field['name']] = $tmpArray; } else { // if we don't have files, and this is an update, we need to pull the files information from the // version that is already in the system. $oldObject = objects::get($objectID); if ($newObject === FALSE && objects::hasFiles($objectID, $field['name']) === TRUE) { $values[$field['name']] = $oldObject['data'][$field['name']]; } } } else { $values[$field['name']] = $value; } } } if (isset($engine->errorStack['error']) && count($engine->errorStack['error']) > 0) { // errorHandle::newError(__METHOD__."() - Error stack not empty.", errorHandle::DEBUG); return FALSE; } // start transactions $result = $engine->openDB->transBegin("objects"); if ($result !== TRUE) { if (!$importing) { errorHandle::errorMsg("Database transactions could not begin."); } errorHandle::newError(__METHOD__ . "() - unable to start database transactions", errorHandle::DEBUG); return FALSE; } if ($newObject === TRUE) { if (objects::create($formID, $values, $form['metadata'], isset($engine->cleanPost['MYSQL']['parentID']) ? $engine->cleanPost['MYSQL']['parentID'] : "0") === FALSE) { $engine->openDB->transRollback(); $engine->openDB->transEnd(); if (!$importing) { errorHandle::errorMsg("Error inserting new object."); } errorHandle::newError(__METHOD__ . "() - Error inserting new object.", errorHandle::DEBUG); return FALSE; } // Grab the objectID of the new object $objectID = localvars::get("newObjectID"); } else { if (objects::update($objectID, $formID, $values, $form['metadata'], isset($engine->cleanPost['MYSQL']['parentID']) ? $engine->cleanPost['MYSQL']['parentID'] : "0") === FALSE) { $engine->openDB->transRollback(); $engine->openDB->transEnd(); if (!$importing) { errorHandle::errorMsg("Error updating."); } errorHandle::newError(__METHOD__ . "() - Error updating.", errorHandle::DEBUG); return FALSE; } } // Now that we have a valid objectID, we insert into the processing table if (files::insertIntoProcessingTable($objectID) === FALSE) { $engine->openDB->transRollback(); $engine->openDB->transEnd(); errorHandle::newError(__METHOD__ . "() - Processing Table", errorHandle::DEBUG); return FALSE; } // end transactions $engine->openDB->transCommit(); $engine->openDB->transEnd(); if (!is_empty($backgroundProcessing)) { foreach ($backgroundProcessing as $fieldName => $V) { if ($V === FALSE) { // No background processing. do it now. files::process($objectID, $fieldName); } } } if ($newObject === TRUE) { if (!$importing) { errorHandle::successMsg("Object created successfully."); } } else { if (!$importing) { errorHandle::successMsg("Object updated successfully."); } } return TRUE; }
if (isset($engine->cleanPost['MYSQL']['moveSubmit'])) { if (!isset($compatibleForms[$engine->cleanPost['MYSQL']['form']])) { throw new Exception("Selected form is not compatible with original form."); } // @TODO this logic shouldn't be here $sql = sprintf("UPDATE `objects` SET `formID`='%s' WHERE `ID`='%s' AND `formID`='%s' LIMIT 1", $engine->cleanPost['MYSQL']['form'], $engine->openDB->escape($engine->cleanPost['MYSQL']['objectID']), $engine->openDB->escape($form['ID'])); $sqlResult = $engine->openDB->query($sql); if (!$sqlResult['result']) { errorHandle::newError(__METHOD__ . "() - : " . $sqlResult['error'], errorHandle::DEBUG); throw new Exception("Error updating object record."); } if (($form = forms::get($engine->cleanPost['MYSQL']['form'])) === FALSE) { throw new Exception("Error retrieving form."); } log::insert("Data Entry: Move: Successful Move", $engine->cleanPost['MYSQL']['objectID'], $form['ID'], $engine->cleanPost['MYSQL']['form']); errorHandle::successMsg("Object Moved."); localvars::add("originalFormTitle", forms::title($form['ID'])); } } catch (Exception $e) { log::insert("Data Entry: Move: Error", 0, 0, $e->getMessage()); errorHandle::errorMsg($e->getMessage()); } log::insert("Data Entry: Move: Page View"); localVars::add("results", displayMessages()); $engine->eTemplate("include", "header"); ?> {local var="projectWarning"} <section> <header class="page-header">
} $tmp = array("selectedViewUsers" => mfcs::AUTH_VIEW, "selectedEntryUsers" => mfcs::AUTH_ENTRY, "selectedUsersAdmins" => mfcs::AUTH_ADMIN); foreach ($tmp as $I => $K) { if (!isset($engine->cleanPost['MYSQL'][$I]) || !is_array($engine->cleanPost['MYSQL'][$I])) { continue; } foreach ($engine->cleanPost['MYSQL'][$I] as $userID) { if (mfcsPerms::add($userID, $formID, $K) === FALSE) { throw new Exception("Error adding Permissions"); } } } // If we get here then the permissions successfully updated! $engine->openDB->transCommit(); $engine->openDB->transEnd(); errorHandle::successMsg("Successfully updated Permissions"); } catch (Exception $e) { errorHandle::newError("{$e->getFile()}:{$e->getLine()} {$e->getMessage()}", errorHandle::DEBUG); errorHandle::errorMsg("Error Updating Project"); $engine->openDB->transRollback(); $engine->openDB->transEnd(); } } if (isset($engine->cleanPost['MYSQL']['projectForm']) && forms::isMetadataForm($formID) === FALSE) { $engine->openDB->transBegin(); if (!isset($engine->cleanPost['MYSQL']['projects'])) { // If no projects are set, we are deleting all the projects if (forms::deleteAllProjects($engine->cleanGet['MYSQL']['id']) === FALSE) { $engine->openDB->transRollback(); $engine->openDB->transEnd(); throw new Exception("Error removing all projects from Object.");
$sqlResult = $engine->openDB->query($sql); if ($sqlResult['result']) { $ID = $sqlResult['id']; header("Location: " . $_SERVER['PHP_SELF'] . '?id=' . $ID); } throw new Exception("Failed to add watermark."); } else { if (isset($engine->cleanPost['MYSQL']["update"])) { log::insert("Admin: Update Watermark"); if (!isset($engine->cleanPost['MYSQL']['name']) || is_empty($engine->cleanPost['MYSQL']['name'])) { throw new Exception("Name field is required."); } $sql = sprintf("UPDATE `watermarks` SET `name`='%s'%s WHERE ID='%s' LIMIT 1", $engine->cleanPost['MYSQL']['name'], $_FILES['image']['size'] > 0 ? ", `data`='" . addslashes(file_get_contents($_FILES['image']['tmp_name'])) . "'" : NULL, $engine->openDB->escape($ID)); $sqlResult = $engine->openDB->query($sql); if ($sqlResult['result']) { errorHandle::successMsg("Successfully updated watermark."); } else { throw new Exception("Failed to update watermark."); } } else { if (isset($engine->cleanPost['MYSQL']["delete"])) { log::insert("Admin: Delete Watermark"); $sql = sprintf("DELETE FROM `watermarks` WHERE ID='%s' LIMIT 1", $engine->openDB->escape($ID)); $sqlResult = $engine->openDB->query($sql); if ($sqlResult['result']) { header("Location: " . $_SERVER['PHP_SELF']); } throw new Exception("Failed to delete watermark."); } } }
$fields = mfcs::$engine->openDB->listFields("forms", FALSE); // Remove unique field foreach ($fields as $I => $field) { if ($field == 'title') { unset($fields[$I]); } } mfcs::$engine->openDB->transBegin(); log::insert("Form Creator: Copy: ", 0, mfcs::$engine->cleanPost['MYSQL']['formSelect'], mfcs::$engine->cleanPost['MYSQL']['newTitle']); $sql = sprintf("INSERT INTO `forms` (`title`,`%s`) (SELECT '%s',`%s` FROM `forms` WHERE `ID`='%s' LIMIT 1)", implode('`,`', $fields), mfcs::$engine->cleanPost['MYSQL']['newTitle'], implode('`,`', $fields), mfcs::$engine->cleanPost['MYSQL']['formSelect']); $sqlResult = mfcs::$engine->openDB->query($sql); if (!$sqlResult['result']) { errorHandle::newError("Error copying form - " . $sqlResult['error'], errorHandle::DEBUG); throw new Exception("Error copying form"); } errorHandle::successMsg("Form copied successfully."); mfcs::$engine->openDB->transCommit(); mfcs::$engine->openDB->transEnd(); } } catch (Exception $e) { errorHandle::errorMsg($e->getMessage()); mfcs::$engine->openDB->transRollback(); mfcs::$engine->openDB->transEnd(); } localVars::add("results", displayMessages()); $engine->eTemplate("include", "header"); ?> <section> <header class="page-header"> <h1>Copy a Form</h1>