function updateObjectAttributes($object_id) { global $dbxlink; $type_id = getObjectType($object_id); $oldvalues = getAttrValues($object_id); $num_attrs = isset($_REQUEST['num_attrs']) ? $_REQUEST['num_attrs'] : 0; for ($i = 0; $i < $num_attrs; $i++) { genericAssertion("{$i}_attr_id", 'uint'); $attr_id = $_REQUEST["{$i}_attr_id"]; if (!array_key_exists($attr_id, $oldvalues)) { throw new InvalidRequestArgException('attr_id', $attr_id, 'malformed request'); } $value = $_REQUEST["{$i}_value"]; // If the object is a rack, skip certain attributes as they are handled elsewhere // (height, sort_order) if ($type_id == 1560 and ($attr_id == 27 or $attr_id == 29)) { continue; } // Delete attribute and move on, when the field is empty or if the field // type is a dictionary and it is the "--NOT SET--" value of 0. if ($value == '' || $oldvalues[$attr_id]['type'] == 'dict' && $value == 0) { if (permitted(NULL, NULL, NULL, array(array('tag' => '$attr_' . $attr_id)))) { commitUpdateAttrValue($object_id, $attr_id); } else { showError('Permission denied, "' . $oldvalues[$attr_id]['name'] . '" left unchanged'); } continue; } // The value could be uint/float, but we don't know ATM. Let SQL // server check this and complain. if ('date' == $oldvalues[$attr_id]['type']) { $value = assertDateArg("{$i}_value"); } else { assertStringArg("{$i}_value"); } switch ($oldvalues[$attr_id]['type']) { case 'uint': case 'float': case 'string': case 'date': $oldvalue = $oldvalues[$attr_id]['value']; break; case 'dict': $oldvalue = $oldvalues[$attr_id]['key']; break; default: } if ($value === $oldvalue) { // ('' == 0), but ('' !== 0) continue; } if (permitted(NULL, NULL, NULL, array(array('tag' => '$attr_' . $attr_id)))) { commitUpdateAttrValue($object_id, $attr_id, $value); } else { showError('Permission denied, "' . $oldvalues[$attr_id]['name'] . '" left unchanged'); } } }
function handleNetworkAttrsChange() { genericAssertion('num_attrs', 'uint0'); global $dbxlink, $sic, $pageno; $network = spotEntity($pageno === 'ipv4net' ? 'ipv4net' : 'ipv6net', getBypassValue()); $dbxlink->beginTransaction(); // Update optional attributes $oldvalues = getAttrValuesForNetwork($network); for ($i = 0; $i < $_REQUEST['num_attrs']; $i++) { genericAssertion("{$i}_attr_id", 'uint'); $attr_id = $_REQUEST["{$i}_attr_id"]; if (!array_key_exists($attr_id, $oldvalues)) { throw new InvalidRequestArgException('attr_id', $attr_id, 'malformed request'); } $value = $_REQUEST["{$i}_value"]; if ('date' == $oldvalues[$attr_id]['type']) { assertDateArg("{$i}_value", TRUE); if ($value != '') { $value = strtotime($value); } } # Delete attribute and move on, when the field is empty or if the field # type is a dictionary and it is the "--NOT SET--" value of 0. if ($value == '' || $oldvalues[$attr_id]['type'] == 'dict' && $value == 0) { if (permitted(NULL, NULL, NULL, array(array('tag' => '$attr_' . $attr_id)))) { commitUpdateAttrForNetwork($network, $attr_id); } else { showError('Permission denied, "' . $oldvalues[$attr_id]['name'] . '" left unchanged'); } continue; } // The value could be uint/float, but we don't know ATM. Let SQL // server check this and complain. assertStringArg("{$i}_value"); switch ($oldvalues[$attr_id]['type']) { case 'uint': case 'float': case 'string': case 'date': $oldvalue = $oldvalues[$attr_id]['value']; break; case 'dict': $oldvalue = $oldvalues[$attr_id]['key']; break; default: } if ($value === $oldvalue) { // ('' == 0), but ('' !== 0) continue; } if (permitted(NULL, NULL, NULL, array(array('tag' => '$attr_' . $attr_id)))) { commitUpdateAttrForNetwork($network, $attr_id, $value); } else { showError('Permission denied, "' . $oldvalues[$attr_id]['name'] . '" left unchanged'); } } $dbxlink->commit(); return showSuccess("Attributes were updated successfully"); }
// note: in UI, a "num_attrs" input is used to loop and search for update fields foreach ($_REQUEST as $name => $value) { if (preg_match('/^attr_(\\d+)$/', $name, $matches)) { $attr_id = $matches[1]; // make sure the attribute actually exists in the object if (!array_key_exists($attr_id, $oldvalues)) { throw new InvalidRequestArgException('attr_id', $attr_id, 'malformed request'); } // convert date arguments if ('date' == $oldvalues[$attr_id]['type']) { // if given date looks like UNIX timestamp, leave as-is, // otherwise try to parse it just like the UI if (preg_match('/^\\d{10}$/', $value)) { error_log("assuming argument '{$value}' for attribute {$attr_id} is a UNIX timestamp"); } else { assertDateArg($name, TRUE); if ($value != '') { $value = strtotime($value); } } } // Delete attribute and move on, when the field is empty or if the field // type is a dictionary and it is the "--NOT SET--" value of 0. if ($value == '' || $oldvalues[$attr_id]['type'] == 'dict' && $value == 0) { commitUpdateAttrValue($object_id, $attr_id); continue; } assertStringArg($name); // normalize dict values switch ($oldvalues[$attr_id]['type']) { case 'uint':
function updateObject() { genericAssertion('num_attrs', 'uint0'); genericAssertion('object_name', 'string0'); genericAssertion('object_label', 'string0'); genericAssertion('object_asset_no', 'string0'); genericAssertion('object_comment', 'string0'); genericAssertion('object_type_id', 'uint'); $object_id = getBypassValue(); global $dbxlink, $sic; $dbxlink->beginTransaction(); commitUpdateObject($object_id, $_REQUEST['object_name'], $_REQUEST['object_label'], isCheckSet('object_has_problems', 'yesno'), $_REQUEST['object_asset_no'], $_REQUEST['object_comment']); // Update optional attributes $oldvalues = getAttrValues($object_id); for ($i = 0; $i < $_REQUEST['num_attrs']; $i++) { genericAssertion("{$i}_attr_id", 'uint'); $attr_id = $_REQUEST["{$i}_attr_id"]; if (!array_key_exists($attr_id, $oldvalues)) { throw new InvalidRequestArgException('attr_id', $attr_id, 'malformed request'); } $value = $_REQUEST["{$i}_value"]; if ('date' == $oldvalues[$attr_id]['type']) { assertDateArg("{$i}_value", TRUE); if ($value != '') { $value = strtotime($value); } } # Delete attribute and move on, when the field is empty or if the field # type is a dictionary and it is the "--NOT SET--" value of 0. if ($value == '' || $oldvalues[$attr_id]['type'] == 'dict' && $value == 0) { if (permitted(NULL, NULL, NULL, array(array('tag' => '$attr_' . $attr_id)))) { commitUpdateAttrValue($object_id, $attr_id); } else { showError('Permission denied, "' . $oldvalues[$attr_id]['name'] . '" left unchanged'); } continue; } // The value could be uint/float, but we don't know ATM. Let SQL // server check this and complain. assertStringArg("{$i}_value"); switch ($oldvalues[$attr_id]['type']) { case 'uint': case 'float': case 'string': case 'date': $oldvalue = $oldvalues[$attr_id]['value']; break; case 'dict': $oldvalue = $oldvalues[$attr_id]['key']; break; default: } if ($value === $oldvalue) { // ('' == 0), but ('' !== 0) continue; } if (permitted(NULL, NULL, NULL, array(array('tag' => '$attr_' . $attr_id)))) { commitUpdateAttrValue($object_id, $attr_id, $value); } else { showError('Permission denied, "' . $oldvalues[$attr_id]['name'] . '" left unchanged'); } } $object = spotEntity('object', $object_id); if ($sic['object_type_id'] != $object['objtype_id']) { if (!array_key_exists($sic['object_type_id'], getObjectTypeChangeOptions($object_id))) { throw new InvalidRequestArgException('new type_id', $sic['object_type_id'], 'incompatible with requested attribute values'); } usePreparedUpdateBlade('Object', array('objtype_id' => $sic['object_type_id']), array('id' => $object_id)); } // Invalidate thumb cache of all racks objects could occupy. foreach (getResidentRacksData($object_id, FALSE) as $rack_id) { usePreparedDeleteBlade('RackThumbnail', array('rack_id' => $rack_id)); } $dbxlink->commit(); return showFuncMessage(__FUNCTION__, 'OK'); }