Beispiel #1
0
 /**
  * Gets a cleaned value from a PHP global
  *
  * @param  string $arn
  * @param  string $name
  * @param  mixed  $def
  * @return mixed
  */
 protected static function _globalConv($arn, $name, $def = null)
 {
     switch ($arn) {
         case 'request':
             $value = Application::Input()->get($name, 0, GetterInterface::STRING);
             break;
         case 'get':
         case 'post':
         case 'cookie':
         case 'server':
         case 'env':
             $value = Application::Input()->get($arn . '/' . $name, 0, GetterInterface::STRING);
             break;
         case 'session':
             $value = Application::Session()->get($name, null, GetterInterface::STRING);
             break;
         case 'cbcookie':
             $value = CBCookie::getcookie($name, $def);
             break;
         default:
             trigger_error(sprintf('SQLXML::globalconv error: unknown type %s for %s.', $arn, $name), E_USER_NOTICE);
             $value = null;
             break;
     }
     return stripslashes($value);
 }
Beispiel #2
0
	/**
	 * Returns safe PHP-typed values with type-defined sources
	 * $type can be:
	 * 'const:type'       for constant of $fieldValue
	 * 'param:type'       for the actual data from the model
	 * 'pluginparam:type' for a parameter from the plugin
	 * 'cmsversion:type'  for the cmsversion attribute of type
	 * 'cbconfig:type'    for the config parameter of CB
	 * 'datavalue:type'   for the actual data from the model, but allowing a path
	 *
	 * @param  mixed             $fieldValue   The value to PHP-format safely
	 * @param  string            $type         The type of the value that is wanted (see above for types)
	 * @param  SimpleXMLElement  $element      The element for additional attributes
	 * @param  string            $leftRight  The prefix for additional attributes
	 * @return string|float|int                The safely formatted PHP value
	 */
	function phpCleanType( $fieldValue, $type, $element, $leftRight ) {
		$typeArray				=	explode( ':', $type, 3 );

		if ( count( $typeArray ) < 2 ) {
			$typeArray			=	array( 'const' , $type );
		}

		switch ( $typeArray[0] ) {
			case 'const':
				break;
			case 'param':
				$fieldValue		=	$this->getModelOfData()->get( $fieldValue );
				break;
			case 'pluginparams':
				$fieldValue		=	$this->_pluginParams->get( $fieldValue );
				break;
			case 'cmsversion':
				$fieldValue		=	checkJversion( ( $fieldValue ? $fieldValue : 'api' ) );
				break;
			case 'cbconfig':
				global $ueConfig;
				$fieldValue		=	( array_key_exists( $fieldValue, $ueConfig ) ? $ueConfig[$fieldValue] : '' );
				break;
			case 'datavalue':
				$fieldValue		=	$this->get( $fieldValue ); //TBD: missing default value, but not easy to find, as it's in the view param for now: $param->attributes( 'default' ) );
				break;
			case 'data':
				$leftRightElem	=	$element->getChildByNameAttributes( $leftRight );
				if ( $leftRightElem ) {
					$fieldValue	=	$this->renderAllParams( $leftRightElem, 'params', null, 'view', 'none' );
				} else {
					trigger_error( 'XMLifCondition::phpCleanQuote:name: missing ' . $leftRight . ' element for type ' . htmlspecialchars( $type ), E_USER_NOTICE );
				}
				break;
			case 'user':
				// TODO: Change this to use Inversion Of Control, and allow XML valuetypes to be extended dynamically (e.g. instead of calling specifically CBLib\CB\User or similar when available, it is CB that adds the type and a closure to handle that type.

				if ( $fieldValue == 'viewaccesslevels' ) {
					$fieldValue			=	Application::MyUser()->getAuthorisedViewLevels();
				} else {
					if ( $fieldValue == 'usergroups' ) {
						$fieldValue		=	Application::MyUser()->getAuthorisedGroups( false );
					} else {
						$fieldValue		=	\CBuser::getMyUserDataInstance()->get( $fieldValue );
					}
				}
				break;

			case 'request':
				$fieldValue		=	$this->input->get( $fieldValue, 0, GetterInterface::STRING );
				break;

			case 'get':
			case 'post':
			case 'cookie':
			case 'server':
			case 'env':
				$fieldValue		=	$this->input->get( $typeArray[0] . '/' . $fieldValue, 0, GetterInterface::STRING );
				break;

			case 'session':
				$fieldValue		=	Application::Session()->get( $fieldValue, null, GetterInterface::STRING );
				break;

			default:
				trigger_error( 'XMLifCondition::phpCleanQuote:name: ERROR_UNKNOWN_TYPE: ' . htmlspecialchars( $type ), E_USER_NOTICE );
				break;
		}

		if ( is_array( $fieldValue ) ) {
			$fieldValue			=	implode( '|*|', $fieldValue );
		}

		switch ( $typeArray[1] ) {
			case 'int':
			case 'integer':
				$value			=	(int) $fieldValue;
				break;
			case 'float':
			case 'number':
				$value			=	(float) $fieldValue;
				break;
			case 'formula':
				$value			=	$fieldValue;
				break;
			case 'bool':
			case 'boolean':
				$value			=	(bool) $fieldValue;
				break;
			case 'datetime':
				if ( preg_match( '/[0-9]{4}-[01][0-9]-[0-3][0-9] [0-2][0-9](:[0-5][0-9]){2}/', $fieldValue ) ) {
					$value		=	$fieldValue;
				} else {
					$value		=	'';
				}
				break;
			case 'date':
				if ( preg_match( '/[0-9]{4}-[01][0-9]-[0-3][0-9]/', $fieldValue ) ) {
					$value		=	$fieldValue;
				} else {
					$value		=	'';
				}
				break;
			case 'time':
				if ( preg_match( '/-?[0-9]{1,3}(:[0-5][0-9]){2}/', $fieldValue ) ) {
					$value		=	$fieldValue;
				} else {
					$value		=	'';
				}
				break;
			case 'string':
				$value			=	(string) $fieldValue;
				break;
			case 'null':
				$value			=	null;
				break;
			default:
				//CB2.0: uncomment: trigger_error( 'XMLifCondition::phpCleanQuote:value: ERROR_UNKNOWN_TYPE: ' . htmlspecialchars( $type ), E_USER_NOTICE );
				$value			=	$fieldValue;
				break;
		}

		return $value;
	}