/**
  * @param  string             $cbUri             The CB-URI (cbo;,,,)
  * @param  SimpleXMLElement   $sourceElem        The XML element from which the URL is computed
  * @param  TableInterface     $data              The data of the object for dynamic URL request values
  * @param  int                $id                The id of the current row
  * @param  bool               $htmlspecialchars  If htmlspecialchars should be made for this
  * @param  bool               $inPage            URL target: true: html (full page), false: raw (only center component content)
  * @return string                                The URL
  */
 function drawUrl($cbUri, SimpleXMLElement $sourceElem, $data, $id, $htmlspecialchars = true, $inPage = true)
 {
     global $_CB_framework;
     if (!Access::authorised($sourceElem)) {
         return null;
     }
     $ui = $_CB_framework->getUi();
     $actionName = null;
     if (substr($cbUri, 0, 4) == 'cbo:') {
         $subTaskValue = substr($cbUri, 4);
         switch ($subTaskValue) {
             /** @noinspection PhpMissingBreakStatementInspection */
             case 'newrow':
                 // $id	=	0;
                 // fallthrough: no break on purpose.
             // $id	=	0;
             // fallthrough: no break on purpose.
             case 'rowedit':
                 //TBD this is duplicate of below
                 $baseUrl = 'index.php';
                 if ($this->_options['view'] == 'editPlugin') {
                     $task = $this->_options['view'];
                 } else {
                     $task = 'editrow';
                 }
                 $baseUrl .= '?option=' . $this->_options['option'] . '&view=' . $task;
                 if (isset($this->_options['pluginid'])) {
                     $baseUrl .= '&cid=' . $this->_options['pluginid'];
                 }
                 $url = $baseUrl . '&table=' . $this->_tableBrowserModel->attributes('name') . '&action=editrow';
                 // below: . '&tid=' . $id;
                 break;
             case 'saveorder':
             case 'editrows':
             case 'deleterows':
             case 'copyrows':
             case 'updaterows':
             case 'publish':
             case 'unpublish':
             case 'enable':
             case 'disable':
             default:
                 $url = 'javascript:cbDoListTask(this, ' . "'" . addslashes($this->taskName(false)) . "','" . addslashes($this->subtaskName(false)) . "','" . addslashes($this->subtaskValue($subTaskValue, false)) . "','" . addslashes($this->fieldId('id', null, false)) . "'" . ");";
                 break;
         }
     } elseif (substr($cbUri, 0, 10) == 'cb_action:') {
         $actionName = substr($cbUri, 10);
         $action = $this->_actions->getChildByNameAttr('action', 'name', $actionName);
         if ($action) {
             if (!Access::authorised($action)) {
                 return null;
             }
             $requestNames = explode(' ', $action->attributes('request'));
             $requestValues = explode(' ', $action->attributes('action'));
             $parametersValues = explode(' ', $action->attributes('parameters'));
             $baseUrl = 'index.php';
             $baseUrl .= '?';
             $baseRequests = array('option' => 'option', 'view' => 'view', 'cid' => 'pluginid');
             $urlParams = array();
             foreach ($baseRequests as $breq => $breqOptionsValue) {
                 if (!(in_array($breq, $requestNames) || in_array($breq, $parametersValues)) && isset($this->_options[$breqOptionsValue])) {
                     $urlParams[$breq] = $breq . '=' . $this->_options[$breqOptionsValue];
                 }
             }
             for ($i = 0, $n = count($requestNames); $i < $n; $i++) {
                 $urlParams[$requestNames[$i]] = $requestNames[$i] . '=' . $requestValues[$i];
                 // other parameters = paramvalues added below
             }
             $url = $baseUrl . implode('&', $urlParams);
         } else {
             $url = "#action_not_defined:" . $actionName;
         }
     } else {
         $url = cbUnHtmlspecialchars($cbUri);
     }
     if (cbStartOfStringMatch($url, 'index.php')) {
         // get the parameters of action/link from XML :
         $parametersNames = explode(' ', $sourceElem->attributes('parameters'));
         $parametersValues = explode(' ', $sourceElem->attributes('paramvalues'));
         $parametersValuesTypes = explode(' ', $sourceElem->attributes('paramvaluestypes'));
         // generate current action (and parameters ?) as cbprevstate
         $cbprevstate = array();
         foreach ($this->_options as $req => $act) {
             if ($req && $act && !in_array($req, array('cbprevstate'))) {
                 $cbprevstate[] = $req . '=' . $act;
             }
         }
         $parametersNames[] = 'cbprevstate';
         $parametersValues[] = "'" . base64_encode(implode('&', $cbprevstate)) . "'";
         // finally generate URL:
         for ($i = 0, $n = count($parametersNames); $i < $n; $i++) {
             $nameOfVariable = $parametersValues[$i];
             if ($nameOfVariable != '') {
                 if (isset($parametersValuesTypes[$i]) && $parametersValuesTypes[$i]) {
                     if ($parametersValuesTypes[$i] == 'sql:field') {
                         if (is_callable(array($data, 'get'))) {
                             $nameOfVariable = $data->get($nameOfVariable);
                         } else {
                             $nameOfVariable = $data->{$nameOfVariable};
                         }
                     } else {
                         // $nameOfVariable untouched
                     }
                 } elseif (substr($nameOfVariable, 0, 1) == "'" && substr($nameOfVariable, -1) == "'") {
                     $nameOfVariable = substr($nameOfVariable, 1, -1);
                 } else {
                     if (is_callable(array($data, 'get'))) {
                         $nameOfVariable = $data->get($nameOfVariable);
                     } else {
                         $nameOfVariable = $data->{$nameOfVariable};
                     }
                 }
                 $url .= '&' . $parametersNames[$i] . '=' . urlencode($nameOfVariable);
             }
         }
         if ($ui == 2) {
             $url = $_CB_framework->backendUrl($url, $htmlspecialchars, $inPage ? 'html' : 'component');
         } else {
             $url = cbSef($url, $htmlspecialchars, $inPage ? 'html' : 'component');
         }
     } elseif ($htmlspecialchars) {
         $url = htmlspecialchars($url);
     }
     return $url;
 }
Example #2
0
 /**
  * Compacts the ordering sequence of the selected records
  *
  * @param  array           $cid                 array of string  table key ids which need to get saved ($row[]->ordering contains old ordering and $cid contains new ordering)
  * @param  TableInterface  $row                 derived from TableInterface of corresponding class
  * @param  array           $order               ?
  * @param  string          $conditionStatement  Additional "WHERE" query to limit ordering to a particular subset of records
  * @param  string          $orderingField       Field name for this ordering
  */
 protected function saveOrder($cid, &$row, &$order, $conditionStatement, $orderingField = 'ordering')
 {
     global $_CB_framework;
     $total = count($cid);
     $conditions = array();
     $cidsChanged = array();
     // update ordering values
     for ($i = 0; $i < $total; $i++) {
         $row->load($cid[$i]);
         if ($row->{$orderingField} != $order[$i]) {
             $row->{$orderingField} = $order[$i];
             if (!$row->store()) {
                 $_CB_framework->enqueueMessage(CBTxt::T('CANNOT_ORDER_ROW_ID_ID_BECAUSE_ERROR', 'Cannot order row id [id] because: [error]', array('[id]' => $cid, '[error]' => $row->getError())), 'error');
                 return;
             }
             // if
             $cidsChanged[] = $cid[$i];
             // remember to updateOrder this group if multiple groups (conditionStatement gives the group)
             if ($conditionStatement) {
                 $condition = null;
                 // to make php checker happy: the next line defines $condition
                 eval($conditionStatement);
                 //TODO remove eval() use (it's used a single time!)
                 $found = false;
                 foreach ($conditions as $cond) {
                     if ($cond[1] == $condition) {
                         $found = true;
                         break;
                     }
                 }
                 // if
                 if (!$found) {
                     $conditions[] = array($cid[$i], $condition);
                 }
             }
         }
         // if
     }
     // for
     if ($conditionStatement) {
         // execute updateOrder for each group
         foreach ($conditions as $cond) {
             $row->load($cond[0]);
             if ($row->hasFeature('ordered', $orderingField)) {
                 /** @var CheckedOrderedTable $row */
                 $row->updateOrder($cond[1], $cidsChanged, $orderingField);
             }
         }
     } else {
         if ($cidsChanged) {
             $row->load($cidsChanged[0]);
             if ($row->hasFeature('ordered', $orderingField)) {
                 /** @var CheckedOrderedTable $row */
                 $row->updateOrder(null, $cidsChanged, $orderingField);
             }
         }
     }
 }