public static function validID($id) { if (!validate::integer($id)) { return FALSE; } return TRUE; }
public static function get($userID) { if (validate::integer($userID)) { $whereClause = sprintf("WHERE `ID`='%s'", mfcs::$engine->openDB->escape($userID)); } else { $whereClause = sprintf("WHERE `username`='%s'", mfcs::$engine->openDB->escape($userID)); } $sql = sprintf("SELECT * FROM `users` %s LIMIT 1", $whereClause); $sqlResult = mfcs::$engine->openDB->query($sql); if (!$sqlResult['result']) { errorHandle::newError(__METHOD__ . "() - : " . $sqlResult['error'], errorHandle::DEBUG); return FALSE; } return mysql_fetch_array($sqlResult['result'], MYSQL_ASSOC); }
function getCompanyName($id) { $localvars = localvars::getInstance(); $validate = new validate(); $customers = new Customers(); $returnValue = ""; if (isnull($id) && !$validate->integer($id)) { throw new Exception('not valid integer'); return false; } else { $data = $customers->getRecords($id); $returnValue = $data[0]['companyName']; return $returnValue; } }
public static function getChildren($objectID) { if (!validate::integer($objectID)) { return FALSE; } $engine = EngineAPI::singleton(); $sql = sprintf("SELECT * FROM `objects` WHERE `parentID`='%s'", $engine->openDB->escape($objectID)); $sqlResult = $engine->openDB->query($sql); if (!$sqlResult['result']) { errorHandle::newError(__METHOD__ . "() - : " . $sqlResult['error'], errorHandle::DEBUG); return FALSE; } $children = array(); while ($row = mysql_fetch_array($sqlResult['result'], MYSQL_ASSOC)) { $children[] = self::buildObject($row); } return $children; }
public function setupForm($id = null) { try { // call engine $engine = EngineAPI::singleton(); $localvars = localvars::getInstance(); $validate = new validate(); // create customer form $form = formBuilder::createForm('TimeTracker'); $form->linkToDatabase(array('table' => 'timeTracking')); if (!is_empty($_POST) || session::has('POST')) { $processor = formBuilder::createProcessor(); $processor->processPost(); } // form titles $form->insertTitle = ""; $form->editTitle = ""; $form->updateTitle = ""; // if no valid id throw an exception if (!$validate->integer($id) && !isnull($id)) { throw new Exception(__METHOD__ . '() - Not a valid integer, please check the integer and try again.'); } // form information $form->addField(array('name' => 'timeID', 'type' => 'hidden', 'value' => $id, 'primary' => TRUE, 'fieldClass' => 'id', 'showIn' => array(formBuilder::TYPE_INSERT, formBuilder::TYPE_UPDATE))); $form->addField(array('name' => 'projectIdLink', 'type' => 'hidden', 'label' => 'Project ID:', 'required' => TRUE, 'fieldClass' => 'projectID')); $form->addField(array('name' => 'customerIdLink', 'type' => 'hidden', 'label' => 'Customer ID:', 'fieldClass' => 'customerID', 'required' => TRUE)); $form->addField(array('name' => 'startTime', 'type' => 'hidden', 'label' => 'start time:', 'fieldClass' => 'startTime', 'required' => TRUE)); $form->addField(array('name' => 'endTime', 'type' => 'hidden', 'label' => 'end time:', 'fieldClass' => 'endTime', 'required' => TRUE)); $form->addField(array('name' => 'totalHours', 'type' => 'hidden', 'label' => 'total time:', 'required' => TRUE, 'fieldClass' => 'totalHours')); $form->addField(array('name' => "completed", 'label' => "Has this project been completed?", 'showInEditStrip' => TRUE, 'type' => 'boolean', 'duplicates' => TRUE, 'options' => array("YES", "N0"))); $form->addField(array('name' => "descriptionOfWork", 'label' => "Enter a description of the project:", 'type' => 'textarea')); // buttons and submissions $form->addField(array('showIn' => array(formBuilder::TYPE_UPDATE), 'name' => 'update', 'type' => 'submit', 'fieldClass' => 'submit', 'value' => 'Update')); $form->addField(array('showIn' => array(formBuilder::TYPE_UPDATE), 'name' => 'delete', 'type' => 'delete', 'fieldClass' => 'delete hidden', 'value' => 'Delete')); $form->addField(array('showIn' => array(formBuilder::TYPE_INSERT), 'name' => 'insert', 'type' => 'submit', 'fieldClass' => 'submit', 'value' => 'Submit')); return '{form name="TimeTracker" display="form"}'; } catch (Exception $e) { errorHandle::errorMsg($e->getMessage()); } }
public static function getFormsLinkedTo($formID) { // make sure the provided form exists if (($form = self::get($formID)) === FALSE) { return FALSE; } // make sure its a metadata form if (self::isMetadataForm($formID) === FALSE) { return FALSE; } if (($forms = self::getObjectForms()) === FALSE) { return FALSE; } $linkedForms = array(); foreach ($forms as $form) { foreach ($form['fields'] as $field) { if (isset($field['choicesForm']) && validate::integer($field['choicesForm']) && $field['choicesForm'] == $formID) { $linkedForms[$form['ID']] = $field; break; } } } return $linkedForms; }
public static function process($objectID = NULL, $fieldname = NULL, $state = 1, $returnArray = FALSE) { if ((string) $state != "1" && (string) $state != "3") { errorHandle::newError(__METHOD__ . "() - Invalid state provided: " . $state, errorHandle::DEBUG); return FALSE; } // was a valid objectID provided if (!isnull($objectID) && validate::integer($objectID)) { $objectWhere = sprintf(" AND `objectID`='%s'", mfcs::$engine->openDB->escape($objectID)); } else { if (!isnull($objectID) && !validate::integer($objectID)) { errorHandle::newError(__METHOD__ . "() - Invalid Object ID: " . $objectID, errorHandle::DEBUG); return FALSE; } else { $objectWhere = ""; } } // was a valid fieldname provided if (!isnull($fieldname) && is_string($fieldname)) { $fieldnameWhere = sprintf(" AND `fieldName`='%s'", mfcs::$engine->openDB->escape($fieldname)); } else { $fieldnameWhere = ""; } $sql = sprintf("SELECT * FROM `objectProcessing` WHERE `objectProcessing`.`state`='%s'%s%s", mfcs::$engine->openDB->escape($state), $objectWhere, $fieldnameWhere); $sqlResult = mfcs::$engine->openDB->query($sql); // I'm not sure about database transactions here // We are modifying the file system (exports). transaction rollbacks would // have to be done on the file system as well. while ($row = mysql_fetch_array($sqlResult['result'], MYSQL_ASSOC)) { // set the state of the row to 2 self::setProcessingState($row['ID'], 2); // get the object, and ignore the cache since we are updating in a loop $object = objects::get($row['objectID'], TRUE); $files = $object['data'][$row['fieldName']]; $assetsID = $files['uuid']; $fieldOptions = forms::getField($object['formID'], $row['fieldName']); // do we need to do any processing? // @TODO, i don't like how these are hard coded $combine = str2bool($fieldOptions['combine']); $convert = str2bool($fieldOptions['convert']); $ocr = str2bool($fieldOptions['ocr']); $thumbnail = str2bool($fieldOptions['thumbnail']); $mp3 = str2bool($fieldOptions['mp3']); if (!$combine && !$convert && !$ocr && !$thumbnail && !$mp3) { self::setProcessingState($row['ID'], 0); continue; } $processedFiles = self::processObjectFiles($assetsID, $fieldOptions); $files['files'] = array_merge($files['files'], $processedFiles); $object['data'][$row['fieldName']] = $files; $return = objects::update($objectID, $object['formID'], $object['data'], $object['metadata'], $object['parentID']); // @TODO this return value isn't descriptive enough. It can fail and still // return a valid array. we likely need to return an array with an error // code as well as the array to save to the data if (!$return) { $setRowValue = 3; } else { $setRowValue = 0; } // Processing is done, set state to 0 self::setProcessingState($row['ID'], $setRowValue); if ($returnArray === TRUE) { return $object['data'][$row['fieldName']]; } } return TRUE; }
<?php include "../../header.php"; // Setup revision control $revisions = revisions::create(); ############################################################################################################### try { if (!isset($engine->cleanGet['MYSQL']['objectID']) || !validate::integer($engine->cleanGet['MYSQL']['objectID'])) { throw new Exception('No Object ID Provided.'); } $objectID = $engine->cleanGet['MYSQL']['objectID']; $object = objects::get($objectID); $form = forms::get($object['formID']); $fields = $form['fields']; if (mfcsPerms::isEditor($form['ID']) === FALSE) { throw new Exception("Permission Denied to view objects created with this form."); } log::insert("Data Entry: Revision: View Page", $objectID); ############################################################################################################### // Catch a form submition (which would be a revision being reverted to) if (isset($engine->cleanPost['MYSQL']['revisionID'])) { log::insert("Data Entry: Revision: Revert", $objectID); // @TODO this should use revert2Revision() method instead of this ... $revisionID = $revisions->getRevisionID($engine->cleanGet['MYSQL']['objectID'], $engine->cleanPost['MYSQL']['revisionID']); if (($revision = $revisions->getMetadataForID($revisionID)) === FALSE) { throw new Exception('Could not load revision.'); } if (objects::update($engine->cleanGet['MYSQL']['objectID'], $revision['formID'], decodeFields($revision['data']), $revision['metadata'], $revision['parentID']) !== FALSE) { // Reload the object - To refresh the data $object = objects::get($objectID, TRUE); } else {
<?php // @TODO is this file ever used? // The form select should probably be the index to this directory include "../header.php"; try { if (!isset($engine->cleanGet['MYSQL']['id']) || is_empty($engine->cleanGet['MYSQL']['id']) || !validate::integer($engine->cleanGet['MYSQL']['id'])) { errorHandle::newError(__METHOD__ . "() - No Project ID Provided.", errorHandle::DEBUG); throw new Exception("No Project ID Provided."); } // check for edit permissions on the project if (projects::checkPermissions($engine->cleanGet['MYSQL']['id']) === FALSE) { throw new Exception("Permissions denied for working on this project"); } // Get the project $sql = sprintf("SELECT * FROM `projects` WHERE `ID`='%s'", $engine->cleanGet['MYSQL']['id']); $sqlResult = $engine->openDB->query($sql); if (!$sqlResult['result']) { errorHandle::newError(__METHOD__ . "() - " . $sqlResult['error'], errorHandle::DEBUG); throw new Exception("Error retrieving project."); } $row = mysql_fetch_array($sqlResult['result'], MYSQL_ASSOC); localvars::add("projectName", $row['projectName']); localvars::add("leftnav", buildProjectNavigation($engine->cleanGet['MYSQL']['id'])); } catch (Exception $e) { errorHandle::errorMsg($e->getMessage()); } localVars::add("results", displayMessages()); $engine->eTemplate("include", "header"); ?>
public function getCustomerProjectsJSON($customerID) { try { // call engine $engine = EngineAPI::singleton(); $localvars = localvars::getInstance(); $db = db::get($localvars->get('dbConnectionName')); $sql = "SELECT * FROM `projects`"; $validate = new validate(); // test to see if Id is present and valid if (!isnull($customerID) && $validate->integer($customerID)) { $sql .= sprintf('WHERE customerID = %s', $customerID); } // if no valid id throw an exception if (!$validate->integer($customerID) && !isnull($customerID)) { throw new Exception("An invalid ID was given!"); } // get the results of the query $sqlResult = $db->query($sql); // if return no results // else return the data if ($sqlResult->rowCount() < 1) { return "There are no projects in the database."; } else { $data = array(); while ($row = $sqlResult->fetch()) { $data[] = $row; } return json_encode($data); } } catch (Exception $e) { errorHandle::errorMsg($e->getMessage()); } }
/** * Display a list, with optional links, of children for a given object * * @param string $objectID The ID of the object * @return string|bool * @author Scott Blake **/ public static function generateChildList($objectID, $link = TRUE) { if (!validate::integer($objectID)) { return FALSE; } $engine = EngineAPI::singleton(); if (($children = objects::getChildren($objectID)) === FALSE) { return FALSE; } $output = ''; foreach ($children as $child) { $form = forms::get($child['formID']); $output .= sprintf('<li>%s%s%s</li>', $link === TRUE ? '<a href="?objectID=' . $child['ID'] . '">' : "", htmlSanitize($child['data'][$form['objectTitleField']]), $link === TRUE ? '</a>' : ""); } return $output; }
public function getJSON($id = null) { $validate = new validate(); if (!isnull($id) && $validate->integer($id)) { $data = self::getRecords($id); } else { $data = self::getRecords(); } return json_encode($data); }
<?php $root = $_SERVER['DOCUMENT_ROOT']; require_once $root . "/includes/engine.php"; require_once $root . "/includes/models/index.php"; require_once $root . "/includes/functions/index.php"; $projects = new Projects(); $validate = new validate(); if (isset($_GET['MYSQL']['id']) && $validate->integer($_GET['MYSQL']['id'])) { $data = $projects->getCustomerProjectsJSON($_GET['MYSQL']['id']); } else { $data = $projects->getCustomerProjectsJSON(); } header('Content-Type: application/json'); print $data;