/**
* Execute the action
*/
public function execute()
{
parent::execute();
// get parameters
$categoryTitle = trim(\SpoonFilter::getPostValue('value', null, '', 'string'));
// validate
if ($categoryTitle === '') {
$this->output(self::BAD_REQUEST, null, BL::err('TitleIsRequired'));
} else {
// get the data
// build array
$item['title'] = \SpoonFilter::htmlspecialchars($categoryTitle);
$item['language'] = BL::getWorkingLanguage();
$meta['keywords'] = $item['title'];
$meta['keywords_overwrite'] = 'N';
$meta['description'] = $item['title'];
$meta['description_overwrite'] = 'N';
$meta['title'] = $item['title'];
$meta['title_overwrite'] = 'N';
$meta['url'] = BackendBlogModel::getURLForCategory(\SpoonFilter::urlise($item['title']));
// update
$item['id'] = BackendBlogModel::insertCategory($item, $meta);
// output
$this->output(self::OK, $item, vsprintf(BL::msg('AddedCategory'), array($item['title'])));
}
}
/**
* Execute the action
*/
public function execute()
{
parent::execute();
// get parameters
$id = \SpoonFilter::getPostValue('id', null, 0, 'int');
$tag = trim(\SpoonFilter::getPostValue('value', null, '', 'string'));
// validate id
if ($id === 0) {
$this->output(self::BAD_REQUEST, null, 'no id provided');
} else {
// validate tag name
if ($tag === '') {
$this->output(self::BAD_REQUEST, null, BL::err('NameIsRequired'));
} else {
// check if tag exists
if (BackendTagsModel::existsTag($tag)) {
$this->output(self::BAD_REQUEST, null, BL::err('TagAlreadyExists'));
} else {
$item['id'] = $id;
$item['tag'] = \SpoonFilter::htmlspecialchars($tag);
$item['url'] = BackendTagsModel::getURL(CommonUri::getUrl(\SpoonFilter::htmlspecialcharsDecode($item['tag'])), $id);
BackendTagsModel::update($item);
$this->output(self::OK, $item, vsprintf(BL::msg('Edited'), array($item['tag'])));
}
}
}
}
/**
* Execute the action
*/
public function execute()
{
// call parent, this will probably add some general CSS/JS or other required files
parent::execute();
// get parameters
$charset = $this->getContainer()->getParameter('kernel.charset');
$searchTerm = \SpoonFilter::getPostValue('term', null, '');
$term = $charset == 'utf-8' ? \SpoonFilter::htmlspecialchars($searchTerm) : \SpoonFilter::htmlentities($searchTerm);
$limit = (int) $this->get('fork.settings')->get('Search', 'autocomplete_num_items', 10);
// validate
if ($term == '') {
$this->output(self::BAD_REQUEST, null, 'term-parameter is missing.');
} else {
// get matches
$matches = FrontendSearchModel::getStartsWith($term, FRONTEND_LANGUAGE, $limit);
// get search url
$url = FrontendNavigation::getURLForBlock('Search');
// loop items and set search url
foreach ($matches as &$match) {
$match['url'] = $url . '?form=search&q=' . $match['term'];
}
// output
$this->output(self::OK, $matches);
}
}
/**
* Execute the action
*/
public function execute()
{
parent::execute();
// get parameters
$charset = $this->getContainer()->getParameter('kernel.charset');
$searchTerm = \SpoonFilter::getPostValue('term', null, '');
$term = $charset == 'utf-8' ? \SpoonFilter::htmlspecialchars($searchTerm) : \SpoonFilter::htmlentities($searchTerm);
// validate search term
if ($term == '') {
$this->output(self::BAD_REQUEST, null, 'term-parameter is missing.');
} else {
// previous search result
$previousTerm = \SpoonSession::exists('searchTerm') ? \SpoonSession::get('searchTerm') : '';
\SpoonSession::set('searchTerm', '');
// save this term?
if ($previousTerm != $term) {
// format data
$this->statistics = array();
$this->statistics['term'] = $term;
$this->statistics['language'] = LANGUAGE;
$this->statistics['time'] = FrontendModel::getUTCDate();
$this->statistics['data'] = serialize(array('server' => $_SERVER));
$this->statistics['num_results'] = FrontendSearchModel::getTotal($term);
// save data
FrontendSearchModel::save($this->statistics);
}
// save current search term in cookie
\SpoonSession::set('searchTerm', $term);
// output
$this->output(self::OK);
}
}
/**
* Execute the action
*
* @return void
*/
public function execute()
{
// call parent, this will probably add some general CSS/JS or other required files
parent::execute();
// get parameters
$id = SpoonFilter::getPostValue('id', null, 0, 'int');
$tag = trim(SpoonFilter::getPostValue('value', null, '', 'string'));
// validate
if ($id === 0) {
$this->output(self::BAD_REQUEST, null, 'no id provided');
}
if ($tag === '') {
$this->output(self::BAD_REQUEST, null, BL::err('NameIsRequired'));
}
// check if tag exists
if (BackendTagsModel::existsTag($tag)) {
$this->output(self::BAD_REQUEST, null, BL::err('TagAlreadyExists'));
}
// build array
$item['id'] = $id;
$item['tag'] = SpoonFilter::htmlspecialchars($tag);
$item['url'] = BackendTagsModel::getURL($item['tag'], $id);
// update
BackendTagsModel::update($item);
// output
$this->output(self::OK, $item, vsprintf(BL::msg('Edited'), array($item['tag'])));
}
/**
* Retrieve the initial or submitted value.
*
* @param bool[optional] $allowHTML Is HTML allowed?
* @return string
*/
public function getValue($allowHTML = null)
{
// redefine default value
$value = $this->value;
// added to form
if ($this->isSubmitted()) {
// post/get data
$data = $this->getMethod(true);
// submitted by post/get (may be empty)
if (isset($data[$this->attributes['name']])) {
// value
$value = $data[$this->getName()];
$value = is_scalar($value) ? (string) $value : 'Array';
if (!$allowHTML) {
$value = Spoon::getCharset() == 'utf-8' ? SpoonFilter::htmlspecialchars($value) : SpoonFilter::htmlentities($value);
}
}
}
return $value;
}
/**
* Execute the action
*/
public function execute()
{
parent::execute();
// get parameters
$formId = \SpoonFilter::getPostValue('form_id', null, '', 'int');
$fieldId = \SpoonFilter::getPostValue('field_id', null, '', 'int');
$type = \SpoonFilter::getPostValue('type', array('checkbox', 'dropdown', 'datetime', 'heading', 'paragraph', 'radiobutton', 'submit', 'textarea', 'textbox'), '', 'string');
$label = trim(\SpoonFilter::getPostValue('label', null, '', 'string'));
$values = trim(\SpoonFilter::getPostValue('values', null, '', 'string'));
// this is somewhat a nasty hack, but it makes special chars work.
$values = \SpoonFilter::htmlspecialcharsDecode($values);
$defaultValues = trim(\SpoonFilter::getPostValue('default_values', null, '', 'string'));
$placeholder = trim(\SpoonFilter::getPostValue('placeholder', null, '', 'string'));
$required = \SpoonFilter::getPostValue('required', array('Y', 'N'), 'N', 'string');
$requiredErrorMessage = trim(\SpoonFilter::getPostValue('required_error_message', null, '', 'string'));
$validation = \SpoonFilter::getPostValue('validation', array('email', 'numeric', 'time'), '', 'string');
$validationParameter = trim(\SpoonFilter::getPostValue('validation_parameter', null, '', 'string'));
$errorMessage = trim(\SpoonFilter::getPostValue('error_message', null, '', 'string'));
// special field for textbox: reply to
$replyTo = \SpoonFilter::getPostValue('reply_to', array('Y', 'N'), 'N', 'string');
// special fields for datetime
$inputType = \SpoonFilter::getPostValue('input_type', array('date', 'time'), 'date', 'string');
$valueAmount = trim(\SpoonFilter::getPostValue('value_amount', null, '', 'string'));
$valueType = trim(\SpoonFilter::getPostValue('value_type', null, '', 'string'));
// invalid form id
if (!BackendFormBuilderModel::exists($formId)) {
$this->output(self::BAD_REQUEST, null, 'form does not exist');
} else {
// invalid fieldId
if ($fieldId !== 0 && !BackendFormBuilderModel::existsField($fieldId, $formId)) {
$this->output(self::BAD_REQUEST, null, 'field does not exist');
} else {
// invalid type
if ($type == '') {
$this->output(self::BAD_REQUEST, null, 'invalid type provided');
} else {
// extra validation is only possible for textfields & datetime fields
if ($type != 'textbox' && $type != 'datetime') {
$validation = '';
$validationParameter = '';
$errorMessage = '';
}
// init
$errors = array();
// validate textbox
if ($type == 'textbox') {
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($validation != '' && $errorMessage == '') {
$errors['error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($replyTo == 'Y' && $validation != 'email') {
$errors['reply_to_error_message'] = BL::getError('EmailValidationIsRequired');
}
} elseif ($type == 'textarea') {
// validate textarea
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($validation != '' && $errorMessage == '') {
$errors['error_message'] = BL::getError('ErrorMessageIsRequired');
}
} elseif ($type == 'datetime') {
// validate datetime
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if (in_array($valueType, array('day', 'week', 'month', 'year')) && $valueAmount == '') {
$errors['default_value_error_message'] = BL::getError('ValueIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($validation != '' && $errorMessage == '') {
$errors['error_message'] = BL::getError('ErrorMessageIsRequired');
}
} elseif ($type == 'heading' && $values == '') {
// validate heading
$errors['values'] = BL::getError('ValueIsRequired');
} elseif ($type == 'paragraph' && $values == '') {
// validate paragraphs
$errors['values'] = BL::getError('ValueIsRequired');
} elseif ($type == 'submit' && $values == '') {
// validate submitbuttons
$errors['values'] = BL::getError('ValueIsRequired');
} elseif ($type == 'dropdown') {
// validate dropdown
$values = trim($values, ',');
// validate
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($values == '') {
$errors['values'] = BL::getError('ValueIsRequired');
}
} elseif ($type == 'radiobutton') {
// validate radiobutton
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($values == '') {
$errors['values'] = BL::getError('ValueIsRequired');
}
} elseif ($type == 'checkbox') {
// validate checkbox
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
}
// got errors
if (!empty($errors)) {
$this->output(self::OK, array('errors' => $errors), 'form contains errors');
} else {
// htmlspecialchars except for paragraphs
if ($type != 'paragraph') {
if ($values != '') {
$values = \SpoonFilter::htmlspecialchars($values);
}
if ($defaultValues != '') {
$defaultValues = \SpoonFilter::htmlspecialchars($defaultValues);
}
}
// split
if ($type == 'dropdown' || $type == 'checkbox') {
$values = (array) explode('|', $values);
} elseif ($type == 'radiobutton') {
$postedValues = (array) explode('|', $values);
$values = array();
foreach ($postedValues as $postedValue) {
$values[] = array('value' => CommonUri::getUrl($postedValue), 'label' => $postedValue);
}
}
/**
* Save!
*/
// settings
$settings = array();
if ($label != '') {
$settings['label'] = \SpoonFilter::htmlspecialchars($label);
}
if (isset($values)) {
$settings['values'] = $values;
}
if ($defaultValues != '') {
$settings['default_values'] = $defaultValues;
}
if ($placeholder != '') {
$settings['placeholder'] = \SpoonFilter::htmlspecialchars($placeholder);
}
// reply-to, only for textboxes
if ($type == 'textbox') {
$settings['reply_to'] = $replyTo == 'Y';
}
// only for datetime input
if ($type == 'datetime') {
$settings['input_type'] = $inputType;
if ($inputType == 'date') {
$settings['value_amount'] = $valueAmount;
$settings['value_type'] = $valueType;
}
}
// build array
$field = array();
$field['form_id'] = $formId;
$field['type'] = $type;
$field['settings'] = !empty($settings) ? serialize($settings) : null;
// existing field
if ($fieldId !== 0) {
// update field
BackendFormBuilderModel::updateField($fieldId, $field);
// delete all validation (added again later)
BackendFormBuilderModel::deleteFieldValidation($fieldId);
} else {
// sequence
$field['sequence'] = BackendFormBuilderModel::getMaximumSequence($formId) + 1;
// insert
$fieldId = BackendFormBuilderModel::insertField($field);
}
// required
if ($required == 'Y') {
// build array
$validate['field_id'] = $fieldId;
$validate['type'] = 'required';
$validate['error_message'] = \SpoonFilter::htmlspecialchars($requiredErrorMessage);
// add validation
BackendFormBuilderModel::insertFieldValidation($validate);
// add to field (for parsing)
$field['validations']['required'] = $validate;
}
// other validation
if ($validation != '') {
// build array
$validate['field_id'] = $fieldId;
$validate['type'] = $validation;
$validate['error_message'] = \SpoonFilter::htmlspecialchars($errorMessage);
$validate['parameter'] = $validationParameter != '' ? \SpoonFilter::htmlspecialchars($validationParameter) : null;
// add validation
BackendFormBuilderModel::insertFieldValidation($validate);
// add to field (for parsing)
$field['validations'][$type] = $validate;
}
// get item from database (i do this call again to keep the pof as low as possible)
$field = BackendFormBuilderModel::getField($fieldId);
// submit button isnt parsed but handled directly via javascript
if ($type == 'submit') {
$fieldHTML = '';
} else {
// parse field to html
$fieldHTML = FormBuilderHelper::parseField($field);
}
// success output
$this->output(self::OK, array('field_id' => $fieldId, 'field_html' => $fieldHTML), 'field saved');
}
}
}
}
}
/**
* Truncate a string
* syntax: {$var|truncate:max-length[:append-hellip][:closest-word]}
*
* @param string $var The string passed from the template.
* @param int $length The maximum length of the truncated string.
* @param bool $useHellip Should a hellip be appended if the length exceeds the requested length?
* @param bool $closestWord Truncate on exact length or on closest word?
* @return string
*/
public static function truncate($var = null, $length, $useHellip = true, $closestWord = false)
{
// init vars
$charset = BackendModel::getContainer()->getParameter('kernel.charset');
// remove special chars, all of them, also the ones that shouldn't be there.
$var = \SpoonFilter::htmlentitiesDecode($var, null, ENT_QUOTES);
// remove HTML
$var = strip_tags($var);
// less characters
if (mb_strlen($var) <= $length) {
return \SpoonFilter::htmlspecialchars($var);
} else {
// more characters
// hellip is seen as 1 char, so remove it from length
if ($useHellip) {
$length = $length - 1;
}
// truncate
if ($closestWord) {
$var = mb_substr($var, 0, strrpos(substr($var, 0, $length + 1), ' '), $charset);
} else {
$var = mb_substr($var, 0, $length, $charset);
}
// add hellip
if ($useHellip) {
$var .= '…';
}
// return
return \SpoonFilter::htmlspecialchars($var, ENT_QUOTES);
}
}
/**
* Parse SEO specific data
*/
private function parseSeo()
{
// when on the homepage of the default language, set the clean site url as canonical, because of redirect fix
$queryString = trim($this->URL->getQueryString(), '/');
$language = $this->get('fork.settings')->get('Core', 'default_language', SITE_DEFAULT_LANGUAGE);
if ($queryString == $language) {
$this->canonical = rtrim(SITE_URL, '/');
if ($this->getContainer()->getParameter('site.multilanguage')) {
$this->canonical .= '/' . $language;
}
}
// any canonical URL provided?
if ($this->canonical != '') {
$url = $this->canonical;
} else {
// get the chunks of the current url
$urlChunks = parse_url($this->URL->getQueryString());
// a canonical url should contain the domain. So make sure you
// redirect your website to a single url with .htaccess
$url = rtrim(SITE_URL, '/');
if (isset($urlChunks['port'])) {
$url .= ':' . $urlChunks['port'];
}
if (isset($urlChunks['path'])) {
$url .= '/' . $urlChunks['path'];
}
// any items provided through GET?
if (isset($urlChunks['query'])) {
// the items we should add into the canonical url
$itemsToAdd = array('page');
$addToUrl = array();
// loop all items in GET and check if we should ignore them
foreach ($_GET as $key => $value) {
if (in_array($key, $itemsToAdd)) {
$addToUrl[$key] = $value;
}
}
// add GET-params
if (!empty($addToUrl)) {
$url .= '?' . http_build_query($addToUrl);
}
}
}
// prevent against xss
$charset = $this->getContainer()->getParameter('kernel.charset');
$url = $charset == 'utf-8' ? \SpoonFilter::htmlspecialchars($url) : \SpoonFilter::htmlentities($url);
$this->addLink(array('rel' => 'canonical', 'href' => $url));
if ($this->get('fork.settings')->get('Core', 'seo_noodp', false)) {
$this->addMetaData(array('name' => 'robots', 'content' => 'noodp'));
}
if ($this->get('fork.settings')->get('Core', 'seo_noydir', false)) {
$this->addMetaData(array('name' => 'robots', 'content' => 'noydir'));
}
}
/**
* Truncate a string
*
* @param string $string The string to truncate.
* @param int $length The maximumlength for the string.
* @param bool $useHellip Should a hellip be appended?
* @return string
*/
public static function truncate($string, $length, $useHellip = true)
{
// remove special chars
$string = htmlspecialchars_decode($string);
// less characters
if (mb_strlen($string) <= $length) {
return \SpoonFilter::htmlspecialchars($string);
} else {
// more characters
// hellip is seen as 1 char, so remove it from length
if ($useHellip) {
$length = $length - 1;
}
// get the amount of requested characters
$string = mb_substr($string, 0, $length);
// add hellip
if ($useHellip) {
$string .= '…';
}
return \SpoonFilter::htmlspecialchars($string);
}
}
/**
* Truncate a string
* syntax: {{ $string|truncate($max-length, $append-hellip, $closest-word) }}.
*
* @param string $string The string passed from the template.
* @param int $length The maximum length of the truncated string.
* @param bool $useHellip Should a hellip be appended if the length exceeds the requested length?
* @param bool $closestWord Truncate on exact length or on closest word?
*
* @return string
*/
public static function truncate($string, $length, $useHellip = true, $closestWord = false)
{
// remove special chars, all of them, also the ones that shouldn't be there.
$string = \SpoonFilter::htmlentitiesDecode($string, null, ENT_QUOTES);
// remove HTML
$string = strip_tags($string);
// less characters
if (mb_strlen($string) <= $length) {
return \SpoonFilter::htmlspecialchars($string);
} else {
// more characters
// hellip is seen as 1 char, so remove it from length
if ($useHellip) {
--$length;
}
// truncate
if ($closestWord) {
$string = mb_substr($string, 0, strrpos(substr($string, 0, $length + 1), ' '), 'UTF-8');
} else {
$string = mb_substr($string, 0, $length, 'UTF8');
}
// add hellip
if ($useHellip) {
$string .= '…';
}
// return
return \SpoonFilter::htmlspecialchars($string, ENT_QUOTES);
}
}
/**
* Retrieve the initial or submitted value.
*
* @return string
* @param bool[optional] $allowHTML Is HTML allowed?
*/
public function getValue($allowHTML = null)
{
// redefine html & default value
$allowHTML = $allowHTML !== null ? (bool) $allowHTML : $this->isHTML;
$value = $this->value;
// contains html
if ($this->isHTML) {
// set value
$value = SPOON_CHARSET == 'utf-8' ? SpoonFilter::htmlspecialchars($value) : SpoonFilter::htmlentities($value);
}
// form submitted
if ($this->isSubmitted()) {
// post/get data
$data = $this->getMethod(true);
// submitted by post (may be empty)
if (isset($data[$this->getName()])) {
// value
$value = $data[$this->attributes['name']];
// maximum length?
if (isset($this->attributes['maxlength']) && $this->attributes['maxlength'] > 0) {
$value = mb_substr($value, 0, (int) $this->attributes['maxlength'], SPOON_CHARSET);
}
// html allowed?
if (!$allowHTML) {
$value = SPOON_CHARSET == 'utf-8' ? SpoonFilter::htmlspecialchars($value) : SpoonFilter::htmlentities($value);
}
}
}
return $value;
}
/**
* Truncate a string
* syntax: {$var|truncate:max-length[:append-hellip]}
*
* @param string[optional] $var A placeholder var, will be replaced with the generated HTML.
* @param int $length The maximum length of the truncated string.
* @param bool[optional] $useHellip Should a hellip be appended if the length exceeds the requested length?
* @return string
*/
public static function truncate($var = null, $length, $useHellip = true)
{
// remove special chars
$var = htmlspecialchars_decode($var, ENT_QUOTES);
// remove HTML
$var = strip_tags($var);
// less characters
if (mb_strlen($var) <= $length) {
return SpoonFilter::htmlspecialchars($var);
} else {
// hellip is seen as 1 char, so remove it from length
if ($useHellip) {
$length = $length - 1;
}
// get the amount of requested characters
$var = mb_substr($var, 0, $length);
// add hellip
if ($useHellip) {
$var .= '…';
}
return SpoonFilter::htmlspecialchars($var, ENT_QUOTES);
}
}
/**
* Execute the action
*/
public function execute()
{
parent::execute();
// get parameters
$formId = SpoonFilter::getPostValue('form_id', null, '', 'int');
$fieldId = SpoonFilter::getPostValue('field_id', null, '', 'int');
$type = SpoonFilter::getPostValue('type', array('checkbox', 'dropdown', 'heading', 'paragraph', 'radiobutton', 'submit', 'textarea', 'textbox'), '', 'string');
$label = trim(SpoonFilter::getPostValue('label', null, '', 'string'));
$values = trim(SpoonFilter::getPostValue('values', null, '', 'string'));
$defaultValues = trim(SpoonFilter::getPostValue('default_values', null, '', 'string'));
$required = SpoonFilter::getPostValue('required', array('Y', 'N'), 'N', 'string');
$requiredErrorMessage = trim(SpoonFilter::getPostValue('required_error_message', null, '', 'string'));
$validation = SpoonFilter::getPostValue('validation', array('email', 'numeric'), '', 'string');
$validationParameter = trim(SpoonFilter::getPostValue('validation_parameter', null, '', 'string'));
$errorMessage = trim(SpoonFilter::getPostValue('error_message', null, '', 'string'));
// invalid form id
if (!BackendFormBuilderModel::exists($formId)) {
$this->output(self::BAD_REQUEST, null, 'form does not exist');
}
// invalid fieldId
if ($fieldId !== 0 && !BackendFormBuilderModel::existsField($fieldId, $formId)) {
$this->output(self::BAD_REQUEST, null, 'field does not exist');
}
// invalid type
if ($type == '') {
$this->output(self::BAD_REQUEST, null, 'invalid type provided');
}
// init
$errors = array();
// validate textbox
if ($type == 'textbox') {
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($validation != '' && $errorMessage == '') {
$errors['error_message'] = BL::getError('ErrorMessageIsRequired');
}
} elseif ($type == 'textarea') {
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($validation != '' && $errorMessage == '') {
$errors['error_message'] = BL::getError('ErrorMessageIsRequired');
}
} elseif ($type == 'heading' && $values == '') {
$errors['values'] = BL::getError('ValueIsRequired');
} elseif ($type == 'paragraph' && $values == '') {
$errors['values'] = BL::getError('ValueIsRequired');
} elseif ($type == 'submit' && $values == '') {
$errors['values'] = BL::getError('ValueIsRequired');
} elseif ($type == 'dropdown') {
// values trim
$values = trim($values, ',');
// validate
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($values == '') {
$errors['values'] = BL::getError('ValueIsRequired');
}
} elseif ($type == 'radiobutton') {
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($values == '') {
$errors['values'] = BL::getError('ValueIsRequired');
}
} elseif ($type == 'checkbox') {
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
}
// got errors
if (!empty($errors)) {
$this->output(self::OK, array('errors' => $errors), 'form contains errors');
}
// htmlspecialchars except for paragraphs
if ($type != 'paragraph') {
if ($values != '') {
$values = SpoonFilter::htmlspecialchars($values);
}
if ($defaultValues != '') {
$defaultValues = SpoonFilter::htmlspecialchars($defaultValues);
}
}
// split
if ($type == 'dropdown' || $type == 'radiobutton' || $type == 'checkbox') {
$values = (array) explode('|', $values);
}
/**
* Save!
*/
// settings
$settings = array();
if ($label != '') {
$settings['label'] = SpoonFilter::htmlspecialchars($label);
}
if ($values != '') {
$settings['values'] = $values;
}
if ($defaultValues != '') {
$settings['default_values'] = $defaultValues;
}
// build array
$field = array();
$field['form_id'] = $formId;
$field['type'] = $type;
$field['settings'] = !empty($settings) ? serialize($settings) : null;
// existing field
if ($fieldId !== 0) {
// update field
BackendFormBuilderModel::updateField($fieldId, $field);
// delete all validation (added again later)
BackendFormBuilderModel::deleteFieldValidation($fieldId);
} else {
// sequence
$field['sequence'] = BackendFormBuilderModel::getMaximumSequence($formId) + 1;
// insert
$fieldId = BackendFormBuilderModel::insertField($field);
}
// required
if ($required == 'Y') {
// build array
$validate['field_id'] = $fieldId;
$validate['type'] = 'required';
$validate['error_message'] = SpoonFilter::htmlspecialchars($requiredErrorMessage);
// add validation
BackendFormBuilderModel::insertFieldValidation($validate);
// add to field (for parsing)
$field['validations']['required'] = $validate;
}
// other validation
if ($validation != '') {
// build array
$validate['field_id'] = $fieldId;
$validate['type'] = $validation;
$validate['error_message'] = SpoonFilter::htmlspecialchars($errorMessage);
$validate['parameter'] = $validationParameter != '' ? SpoonFilter::htmlspecialchars($validationParameter) : null;
// add validation
BackendFormBuilderModel::insertFieldValidation($validate);
// add to field (for parsing)
$field['validations'][$type] = $validate;
}
// get item from database (i do this call again to keep the points of failure as low as possible)
$field = BackendFormBuilderModel::getField($fieldId);
// submit button isnt parsed but handled directly via javascript
if ($type == 'submit') {
$fieldHTML = '';
} else {
$fieldHTML = FormBuilderHelper::parseField($field);
}
// success output
$this->output(self::OK, array('field_id' => $fieldId, 'field_html' => $fieldHTML), 'field saved');
}
public function testGetValue()
{
$_POST['form'] = 'textfield';
$_POST['name'] = '<a href="http://www.spoon-library.be">Bobby Tables, my friends call mééé</a>';
$this->assertEquals(SpoonFilter::htmlspecialchars($_POST['name']), $this->txtName->getValue());
$this->assertEquals($_POST['name'], $this->txtName->getValue(true));
$_POST['name'] = array('foo', 'bar');
$this->assertEquals('Array', $this->txtName->getValue());
}
/**
* Parse the html for this button.
*
* @return string
* @param SpoonTemplate[optional] $template
*/
public function parse(SpoonTemplate $template = null)
{
// start element
$output = '<input type="' . $this->type . '" value="' . SpoonFilter::htmlspecialchars($this->value) . '"';
// add attributes
$output .= $this->getAttributesHTML(array('[id]' => $this->attributes['id'], '[name]' => $this->attributes['name'], '[value]' => $this->getValue())) . ' />';
// parse
if ($template !== null) {
$template->assign('btn' . SpoonFilter::toCamelCase($this->attributes['name']), $output);
}
return $output;
}
/**
* Validate the form
*/
private function validateForm()
{
// set search term
$searchTerm = SpoonFilter::getPostValue('term', null, '');
$this->term = SPOON_CHARSET == 'utf-8' ? SpoonFilter::htmlspecialchars($searchTerm) : SpoonFilter::htmlentities($searchTerm);
// validate
if ($this->term == '') {
$this->output(self::BAD_REQUEST, null, 'term-parameter is missing.');
}
}
/**
* Validate the form
*/
private function validateForm()
{
// set search term
$charset = $this->getContainer()->getParameter('kernel.charset');
$searchTerm = \SpoonFilter::getPostValue('term', null, '');
$this->term = $charset == 'utf-8' ? \SpoonFilter::htmlspecialchars($searchTerm) : \SpoonFilter::htmlentities($searchTerm);
// validate
if ($this->term == '') {
$this->output(self::BAD_REQUEST, null, 'term-parameter is missing.');
}
}
/**
* Load the form
*/
private function loadForm()
{
// create form
$this->frm = new FrontendForm('search', null, 'get', null, false);
// could also have been submitted by our widget
if (!\SpoonFilter::getGetValue('q', null, '')) {
$_GET['q'] = \SpoonFilter::getGetValue('q_widget', null, '');
}
// create elements
$this->frm->addText('q', null, 255, 'inputText liveSuggest autoComplete', 'inputTextError liveSuggest autoComplete');
// since we know the term just here we should set the canonical url here
$canonicalUrl = SITE_URL . FrontendNavigation::getURLForBlock('Search');
if (isset($_GET['q']) && $_GET['q'] != '') {
$canonicalUrl .= '?q=' . \SpoonFilter::htmlspecialchars($_GET['q']);
}
$this->header->setCanonicalUrl($canonicalUrl);
}
public function testHtmlspecialchars()
{
// setup
$input = '<a href="http://www.spoon-library.be">Ik heb géén bananen vandaag</a>';
$expectedResult = '<a href="http://www.spoon-library.be">Ik heb géén bananen vandaag</a>';
// perform test
$this->assertEquals($expectedResult, SpoonFilter::htmlspecialchars($input, 'utf-8'));
}
/**
* Add all element into the form
*/
protected function loadForm()
{
// is the form submitted?
if ($this->frm->isSubmitted()) {
/**
* If the fields are disabled we don't have any values in the post. When an error occurs in the other fields of the form the meta-fields would be cleared
* therefore we alter the POST so it contains the initial values.
*/
if (!isset($_POST['page_title'])) {
$_POST['page_title'] = isset($this->data['title']) ? $this->data['title'] : null;
}
if (!isset($_POST['meta_description'])) {
$_POST['meta_description'] = isset($this->data['description']) ? $this->data['description'] : null;
}
if (!isset($_POST['meta_keywords'])) {
$_POST['meta_keywords'] = isset($this->data['keywords']) ? $this->data['keywords'] : null;
}
if (!isset($_POST['url'])) {
$_POST['url'] = isset($this->data['url']) ? $this->data['url'] : null;
}
if ($this->custom && !isset($_POST['meta_custom'])) {
$_POST['meta_custom'] = isset($this->data['custom']) ? $this->data['custom'] : null;
}
if (!isset($_POST['seo_index'])) {
$_POST['seo_index'] = isset($this->data['data']['seo_index']) ? $this->data['data']['seo_index'] : 'none';
}
if (!isset($_POST['seo_follow'])) {
$_POST['seo_follow'] = isset($this->data['data']['seo_follow']) ? $this->data['data']['seo_follow'] : 'none';
}
}
// add page title elements into the form
$this->frm->addCheckbox('page_title_overwrite', isset($this->data['title_overwrite']) && $this->data['title_overwrite'] == 'Y');
$this->frm->addText('page_title', isset($this->data['title']) ? $this->data['title'] : null);
// add meta description elements into the form
$this->frm->addCheckbox('meta_description_overwrite', isset($this->data['description_overwrite']) && $this->data['description_overwrite'] == 'Y');
$this->frm->addText('meta_description', isset($this->data['description']) ? $this->data['description'] : null);
// add meta keywords elements into the form
$this->frm->addCheckbox('meta_keywords_overwrite', isset($this->data['keywords_overwrite']) && $this->data['keywords_overwrite'] == 'Y');
$this->frm->addText('meta_keywords', isset($this->data['keywords']) ? $this->data['keywords'] : null);
// add URL elements into the form
$this->frm->addCheckbox('url_overwrite', isset($this->data['url_overwrite']) && $this->data['url_overwrite'] == 'Y');
$this->frm->addText('url', isset($this->data['url']) ? urldecode($this->data['url']) : null);
// advanced SEO
$indexValues = array(array('value' => 'none', 'label' => BL::getLabel('None')), array('value' => 'index', 'label' => 'index'), array('value' => 'noindex', 'label' => 'noindex'));
$this->frm->addRadiobutton('seo_index', $indexValues, isset($this->data['data']['seo_index']) ? $this->data['data']['seo_index'] : 'none');
$followValues = array(array('value' => 'none', 'label' => BL::getLabel('None')), array('value' => 'follow', 'label' => 'follow'), array('value' => 'nofollow', 'label' => 'nofollow'));
$this->frm->addRadiobutton('seo_follow', $followValues, isset($this->data['data']['seo_follow']) ? $this->data['data']['seo_follow'] : 'none');
// should we add the meta-custom field
if ($this->custom) {
// add meta custom element into the form
$this->frm->addTextarea('meta_custom', isset($this->data['custom']) ? $this->data['custom'] : null);
}
$this->frm->addHidden('meta_id', $this->id);
$this->frm->addHidden('base_field_name', $this->baseFieldName);
$this->frm->addHidden('custom', $this->custom);
$this->frm->addHidden('class_name', $this->callback['class']);
$this->frm->addHidden('method_name', $this->callback['method']);
$this->frm->addHidden('parameters', SpoonFilter::htmlspecialchars(serialize($this->callback['parameters'])));
}
/**
* Retrieve the method post/get.
*
* @return string
*/
public function getMethod()
{
// prevent against xss
$method = SPOON_CHARSET == 'utf-8' ? SpoonFilter::htmlspecialchars($this->method) : SpoonFilter::htmlentities($this->method);
return $method;
}
/**
* Parse SEO specific data
*/
private function parseSeo()
{
// any canonical URL provided?
if ($this->canonical != '') {
$url = $this->canonical;
} else {
// get the chunks of the current url
$urlChunks = parse_url($this->URL->getQueryString());
// a canonical url should contain the domain. So make sure you redirect your website to a single url with .htaccess
$url = rtrim(SITE_URL, '/');
if (isset($urlChunks['port'])) {
$url .= ':' . $urlChunks['port'];
}
if (isset($urlChunks['path'])) {
$url .= '/' . $urlChunks['path'];
}
// any items provided through GET?
if (isset($urlChunks['query'])) {
// the items we should add into the canonical url
$itemsToAdd = array('page');
$addToUrl = array();
// loop all items in GET and check if we should ignore them
foreach ($_GET as $key => $value) {
if (in_array($key, $itemsToAdd)) {
$addToUrl[$key] = $value;
}
}
// add GET-params
if (!empty($addToUrl)) {
$url .= '?' . http_build_query($addToUrl);
}
}
}
// prevent against xss
$url = SPOON_CHARSET == 'utf-8' ? SpoonFilter::htmlspecialchars($url) : SpoonFilter::htmlentities($url);
// canonical
$this->addLink(array('rel' => 'canonical', 'href' => $url));
// noodp, noydir
if (FrontendModel::getModuleSetting('core', 'seo_noodp', false)) {
$this->addMetaData(array('name' => 'robots', 'content' => 'noodp'));
}
if (FrontendModel::getModuleSetting('core', 'seo_noydir', false)) {
$this->addMetaData(array('name' => 'robots', 'content' => 'noydir'));
}
}
