function handle($params)
{
if (!defined('DISABLE_reCAPTCHA')) {
define('DISABLE_reCAPTCHA', 1);
}
import('Dataface/QuickForm.php');
Dataface_QuickForm::$TRACK_SUBMIT = false;
$app = Dataface_Application::getInstance();
$query = $app->getQuery();
$errors = null;
try {
if (!@$_POST['-table']) {
throw new Exception("No table specified");
}
$table = $_POST['-table'];
$rec = new Dataface_Record($table, array());
$tableObj = $rec->_table;
$fields = array();
if (!$rec->checkPermission('new')) {
throw new Exception("Failed to insert record. Permission denied");
}
foreach ($_POST as $k => $v) {
if ($k[0] == '-') {
continue;
}
$fields[] = $k;
$rec->setValue($k, $v);
if (!$rec->checkPermission('new', array('field' => $k))) {
throw new Exception(sprintf("Failed to insert record because you do not have permission to insert data into the %s column", $k));
}
}
$form = df_create_new_record_form($table, $fields);
$form->_flagSubmitted = true;
$res = $form->validate();
if (!$res) {
$errors = $form->_errors;
throw new Exception('Validation error', REST_INSERT_VALIDATION_ERROR);
}
$res = $rec->save(null, true);
if (PEAR::isError($res)) {
throw new Exception("Failed to insert record due to a server error: " . $res->getMessage(), 500);
}
$out = array();
$vals = $rec->strvals();
foreach ($vals as $k => $v) {
if ($rec->checkPermission('view')) {
$out[$k] = $v;
}
}
$this->out(array('code' => 200, 'message' => 'Record successfully inserted', 'record' => $out));
exit;
} catch (Exception $ex) {
$this->out(array('code' => $ex->getCode(), 'message' => $ex->getMessage(), 'errors' => $errors));
exit;
}
}
function &df_create_edit_record_form(&$table, $fields = null)
{
import('Dataface/QuickForm.php');
$form = Dataface_QuickForm::createEditRecordForm($table, $fields);
return $form;
}
function &getRecord()
{
if (Dataface_QuickForm::formSubmitted()) {
$record = new Dataface_Record($_POST['-table'], array());
$io = new Dataface_IO($_POST['-table']);
$query = $_POST['__keys__'];
if (is_array($query)) {
foreach (array_keys($query) as $postKey) {
if ($query[$postKey][0] != '=') {
$query[$postKey] = '=' . $query[$postKey];
}
}
}
$io->read($query, $record);
return $record;
} else {
$app =& Dataface_Application::getInstance();
$qt =& Dataface_QueryTool::loadResult($app->_currentTable);
$curr =& $qt->loadCurrent();
return $curr;
}
}
/**
* Builds the form.
*/
function _build()
{
$app =& Dataface_Application::getInstance();
$mainQuery =& $app->getQuery();
if ($this->_built) {
return true;
}
$r =& $this->_relationship->_schema;
$t =& $this->_parentTable;
$fkCols =& $this->_relatedRecord->getForeignKeyValues();
if (PEAR::isError($fkCols)) {
$fkCols->addUserInfo(df_translate('scripts.Dataface.ExistingRelatedRecordForm._build.ERROR_GETTING_FOREIGN_KEY_COLS', "Error getting foreign key columns while building Related Record Form on line " . __LINE__ . " of file " . __FILE__, array('line' => __LINE__, 'file' => __FILE__)));
echo $fkCols->toString();
return $fkCols;
}
$factory = new HTML_QuickForm('factory');
$fkeys = $this->_relationship->getForeignKeyValues();
// Values of foreign keys (fields involved in where and join clauses)
$table = $this->_relationship->getDomainTable();
// The name of the table holding related records.
if (!isset($table) || PEAR::isError($table)) {
$table = $r['selected_tables'][0];
}
// It is possible for getDomainTable() to return an error if no foreign
// keys are specified. In this case, we will just use the table associated
// with the first selected column.
$relatedTableObject =& Dataface_Table::loadTable($table);
// The Dataface_Table object for the related records.
$tkey_names = array_keys($relatedTableObject->keys());
// The names of the key fields for the related record.
// The main table that holds the related records
$options = $this->_relationship->getAddableValues($this->_record);
if (!$options) {
return PEAR::raiseError('There are no records that can be added to this relationship.', DATAFACE_E_NOTICE);
}
$select =& $this->addElement('select', 'select', df_translate('scripts.Dataface.ExistingRelatedRecordForm._build.LABEL_SELECT', 'Select'), $options, array('class' => 'record_selector'));
$permissions = $this->_record->getPermissions(array('relationship' => $this->_relationshipName));
if (isset($permissions['add existing related record']) and $permissions['add existing related record']) {
// We are allowed to add a new related record, so we will create a mask to allow this.
$mask = array('edit' => 1);
}
// Now we still need to add fields so that the user can specify information about the relationship.
// ie: some fields of the join table may be descriptive.
foreach (array_keys($fkCols) as $fkTable) {
if ($fkTable == $table) {
// This table is the main domain table... we don't want to input any data for this table.
continue;
}
$qfFactory = new Dataface_QuickForm($fkTable, $this->_parentTable->db);
$tableRef =& Dataface_Table::loadTable($fkTable);
$recordRef = new Dataface_Record($fkTable, array());
$recordRef->setValues($fkCols[$fkTable]);
$currFieldnames = array_keys($tableRef->fields());
foreach ($currFieldnames as $currFieldname) {
if (isset($fkCols[$fkTable][$currFieldname])) {
// this value is bound, and should not be changed.
continue;
}
$field =& $tableRef->getField($currFieldname);
//$el = $qfFactory->_buildWidget($field, array_merge($mask, $this->_record->getPermissions(array('field'=>$this->_relationshipName.'.'.$currFieldname))));
$el = $qfFactory->_buildWidget($field, $recordRef->getPermissions(array('field' => $currFieldname, 'recordmask' => $mask)));
// To Do: Make it work with groups
$this->addElement($el);
/*
*
* If there are any validation options set for the field, we must add these rules to the quickform
* element.
*
*/
$validators = $field['validators'];
foreach ($validators as $vname => $validator) {
/*
*
* $validator['arg'] would be specified in the INI file.
* Example ini file listing:
* -------------------------
* [FirstName]
* widget:label = First name
* widget:description = Enter your first name
* validators:regex = "/[0-9a-zA-Z/"
*
* This would result in $validator['arg'] = "/[0-9a-zA-Z/" in this section
* and $vname == "regex". Hence it would mean that a regular expression validator
* is being placed on this field so that only Alphanumeric characters are accepted.
* Please see documentation for HTML_QuickForm PEAR class for more information
* about QuickForm validators.
*
*/
$this->addRule($field['name'], $validator['message'], $vname, $validator['arg'], 'client');
}
unset($field);
}
unset($tableRef);
unset($qfFactory);
}
$keyEls = array();
$keyDefaults = array();
foreach (array_keys($this->_parentTable->keys()) as $key) {
$keyEls[] = $factory->addElement('hidden', $key);
}
$this->addGroup($keyEls, '__keys__');
$keyvals = array();
foreach (array_keys($this->_parentTable->keys()) as $key) {
$keyvals[$key] = $this->_record->getValueAsString($key);
}
$this->setDefaults(array('__keys__' => $keyvals));
$this->addElement('hidden', '-table');
$this->addElement('hidden', '-relationship');
$this->addElement('hidden', '-action');
$this->addElement('submit', 'Save', 'Save');
$this->setDefaults(array('-table' => $this->_parentTable->tablename, '-relationship' => $this->_relationshipName, '-action' => "existing_related_record"));
// Set the return page
$returnPage = @$_SERVER['HTTP_REFERER'];
if (isset($mainQuery['-redirect'])) {
$returnPage = $mainQuery['-redirect'];
} else {
if (isset($mainQuery['--redirect'])) {
$returnPage = $mainQuery['--redirect'];
}
}
if (!$returnPage) {
$returnPage = $app->url('-action=related_records_list&-relationship=' . $this->_relationshipname);
}
$this->addElement('hidden', '--redirect');
$this->setDefaults(array('--redirect' => $returnPage));
/*
* There may be some default values specified in the relationship schema.
*/
if (isset($r['existing'])) {
$this->setDefaults($r['existing']);
}
$this->_built = true;
}
function save($values)
{
$res = parent::save($values);
import('Dataface/TranslationTool.php');
$tt = new Dataface_TranslationTool();
$tt->setTranslationStatus($this->_record, $this->destinationLanguage, $_POST['__translation__']['status']);
return $res;
}
/**
*
* Initialization for the browse action. This method is called before any html is output
* to the browser. It handles form creation and validation.
*
*/
function _browse_init()
{
import('Dataface/QuickForm.php');
/*
*
* If we are not creating a new record, then we'll record this as the last
* valid page visited. This will be useful for forwarding to the last page
* visited when the form is validated.
*
*/
if (!isset($this->_params['new'])) {
setcookie('dataface_lastpage', $_SERVER['QUERY_STRING']);
}
/*
*
* Default functionality ('-relationship' flag is not set) is to show or validate
* the quickform. If the -new flag is specified, it overrides the -relationship flag.
*
*/
if (!isset($this->_params['relationship']) or isset($this->_params['new'])) {
$new = (isset($this->_params['new']) and $this->_params['new']);
/*
*
* Create the quickform for the current record.
*
*/
$form = new Dataface_QuickForm($this->_tablename, $this->_db, $this->_query, '', $new);
if ($this->_resultSet->found() > 0 or $new) {
/*
* There is either a result to edit, or we are creating a new record.
*
*/
$res = $form->_build();
if (PEAR::isError($res)) {
trigger_error($res->toString() . Dataface_Error::printStackTrace(), E_USER_ERROR);
}
/*
*
* We need to add the current GET parameter flags (the GET vars starting with '-') so
* that the controller knows to pass control to this method again upon form submission.
*
*/
foreach ($this->_query as $key => $value) {
if (strpos($key, '-') === 0) {
$form->addElement('hidden', $key);
$form->setDefaults(array($key => $value));
}
}
/*
* Store the current query string (the portion after the '?') in the form, so we
* can retrieve it after and redirect back to our original location.
*/
$form->addElement('hidden', '-query');
$form->setDefaults(array('-action' => $this->_currentAction, '-query' => $_SERVER['QUERY_STRING']));
/*
*
* We have to deal with 3 cases.
* 1) The form has not been submitted.
* 2) The form was submitted but didn't validate (ie: it had some bad input)
* 3) The form was submitted and was validated.
*
* We deal with Case 3 first...
*
*/
if ($form->validate()) {
/*
*
* The form was submitted and it validated ok. We now process it (ie: save its contents).
*
*/
$result = $form->process(array(&$form, 'save'));
$success = true;
$response =& Dataface_Application::getResponse();
if (!$result) {
trigger_error("Error occurred in save: " . mysql_error($this->_db) . Dataface_Error::printStackTrace(), E_USER_ERROR);
exit;
} else {
if (PEAR::isError($result) && !Dataface_Error::isNotice($result)) {
//echo "Error..";
if (Dataface_Error::isDuplicateEntry($result)) {
//echo "dup entry"; exit;
$query = array('-action' => 'error');
$response =& Dataface_Application::getResponse();
$msg = @$response['--msg'];
$msg = urlencode(trim("Failed to save record because another record with the same keys already exists.\n" . $msg));
$link = Dataface_LinkTool::buildLink($query, false) . '&--msg=' . $msg;
header('Location: ' . $link);
exit;
} else {
//echo "not dup entry"; exit;
trigger_error($result->toString() . Dataface_Error::printStackTrace(), E_USER_ERROR);
exit;
}
} else {
if (Dataface_Error::isNotice($result)) {
$response['--msg'] = @$response['--msg'] . "\n" . $result->getMessage();
$success = false;
}
}
}
if ($new) {
/*
*
* If the form created a new record, then it makes more sense to redirect to this newly
* created record than to the old record. We used the 'keys' of the new record to generate
* a redirect link.
*
*/
$query = $form->_record->getValues(array_keys($form->_record->_table->keys()));
$msg = @$response['--msg'];
$msg = urlencode(trim(($success ? "Record successfully saved.\n" : '') . $msg));
$link = Dataface_LinkTool::buildLink($query, false) . '&--msg=' . $msg;
} else {
/*
*
* The original query string will have the -new flag set. We need to remove this
* flag so that we don't redirect the user to create another new record.
*
*/
$vals = $form->exportValues();
$vals['-query'] = preg_replace('/[&\\?]-new=[^&]+/i', '', $vals['-query']);
$msg = @$response['--msg'];
$msg = urlencode(trim(($success ? "Record successfully saved.\n" : '') . $msg));
$link = $_SERVER['HOST_URI'] . DATAFACE_SITE_HREF . '?' . $vals['-query'] . '&--msg=' . $msg;
}
/*
*
* Redirect the user to the appropriate record.
*
*/
header("Location: {$link}");
exit;
}
}
$this->_vars['form'] =& $form;
}
}
