/**
* @param \UserModel|null $user
*
* @return \Form
*/
public static function GetForm($user = null){
$form = new \Form();
if($user === null) $user = new \UserModel();
$type = ($user->exists()) ? 'edit' : 'registration';
$usermanager = \Core\user()->checkAccess('p:/user/users/manage');
$groupmanager = \Core\user()->checkAccess('p:/user/groups/manage');
$allowemailchanging = \ConfigHandler::Get('/user/email/allowchanging');
if($type == 'registration'){
$form->set('callsmethod', 'Core\\User\\Helper::RegisterHandler');
}
else{
$form->set('callsmethod', 'Core\\User\\Helper::UpdateHandler');
}
$form->addElement('system', ['name' => 'user', 'value' => $user]);
// Because the user system may not use a traditional Model for the backend, (think LDAP),
// I cannot simply do a setModel() call here.
// Only enable email changes if the current user is an admin or it's new.
// (Unless the admin allows it via the site config)
if($type != 'registration' && ( $usermanager || $allowemailchanging)){
$form->addElement('text', array('name' => 'email', 'title' => 'Email', 'required' => true, 'value' => $user->get('email')));
}
// Tack on the active option if the current user is an admin.
if($usermanager){
$form->addElement(
'checkbox',
array(
'name' => 'active',
'title' => 'Active',
'checked' => ($user->get('active') == 1),
)
);
$form->addElement(
'checkbox',
array(
'name' => 'admin',
'title' => 'System Admin',
'checked' => $user->get('admin'),
'description' => 'The system admin, (or root user), has complete control over the site and all systems.',
)
);
}
if($usermanager){
$elements = array_keys($user->getKeySchemas());
}
elseif($type == 'registration'){
$elements = explode('|', \ConfigHandler::Get('/user/register/form_elements'));
}
else{
$elements = explode('|', \ConfigHandler::Get('/user/edit/form_elements'));
}
// If avatars are disabled globally, remove that from the list if it's set.
if(!\ConfigHandler::Get('/user/enableavatar') && in_array('avatar', $elements)){
array_splice($elements, array_search('avatar', $elements), 1);
}
foreach($elements as $k){
if($k){
// Skip blank elements that can be caused by string|param|foo| or empty strings.
$el = $user->getColumn($k)->getAsFormElement();
if($el){
$form->addElement($el);
}
}
}
// Tack on the group registration if the current user is an admin.
if($groupmanager){
// Find all the groups currently on the site.
$where = new DatasetWhereClause();
$where->addWhere('context = ');
if(\Core::IsComponentAvailable('multisite') && \MultiSiteHelper::IsEnabled()){
$where->addWhereSub('OR', ['site = ' . \MultiSiteHelper::GetCurrentSiteID(), 'site = -1']);
}
$groups = \UserGroupModel::Find($where, null, 'name');
if(sizeof($groups)){
$groupopts = array();
foreach($groups as $g){
$groupopts[$g->get('id')] = $g->get('name');
}
$form->addElement(
'checkboxes',
array(
'name' => 'groups[]',
'title' => 'Group Membership',
'options' => $groupopts,
'value' => $user->getGroups()
)
);
}
$where = new DatasetWhereClause();
$where->addWhere('context != ');
if(\Core::IsComponentAvailable('multisite') && \MultiSiteHelper::IsEnabled()){
$w = new DatasetWhereClause();
$w->setSeparator('or');
$w->addWhere('site = ' . \MultiSiteHelper::GetCurrentSiteID());
$w->addWhere('site = -1');
$where->addWhere($w);
}
$contextgroups = \UserGroupModel::Count($where);
if($contextgroups > 0){
// If this is a non-global context.
// Good enough to stop here!
$form->addElement(
new \FormGroup(
[
'name' => 'context-groups',
'id' => 'context-groups',
'title' => 'Context Group Membership',
]
)
);
// So that these elements will be registered on the form object...
$form->addElement('hidden', ['name' => 'contextgroup[]', 'persistent' => false]);
$form->addElement('hidden', ['name' => 'contextgroupcontext[]', 'persistent' => false]);
}
}
// If the config is enabled and the current user is guest...
if($type == 'registration' && \ConfigHandler::Get('/user/register/requirecaptcha') && !\Core\user()->exists()){
$form->addElement('captcha');
}
$form->addElement(
'submit',
[
'value' => (($type == 'registration') ? 'Register' : 'Update'),
'name' => 'submit',
]
);
return $form;
}
/**
* The recursive function that will return the actual SQL string from a group.
*
* @param DatasetWhereClause $group
* @return string
*/
private function _parseWhereClause(DatasetWhereClause $group){
$statements = $group->getStatements();
$ws = [];
foreach($statements as $w){
if($w instanceof DatasetWhereClause){
// Recursively recurring recursion, RECURSE!
$str = $this->_parseWhereClause($w);
if($str){
$ws[] = '( ' . $str . ' )';
}
}
elseif($w instanceof DatasetWhere){
// No field, what can I do?
if(!$w->field) continue;
$op = $w->op;
// Null values should be IS NULL or IS NOT NULL, no sanitizing needed.
if($w->value === null){
$v = 'NULL';
// NULL also has a fun trick with mysql.... = and != doesn't work :/
if($op == '=') $op = 'IS';
elseif($op == '!=') $op = 'IS NOT';
}
elseif($w->value === 1){
// (int)1 is used sometimes to describe enum(1).
$v = "'1'";
}
elseif($w->value === 0){
// (int)0 is used sometimes to describe enum(0).
$v = "'0'";
}
// Numbers are allowed with no sanitizing, they're just numbers.
elseif(is_int($w->value)){
$v = $w->value;
}
// IN statements allow an array to be passed in. Check the values in the array and wrap them with parentheses.
elseif(is_array($w->value) && $op == 'IN'){
$vs = [];
foreach($w->value as $bit){
$vs[] = "'" . $this->_conn->real_escape_string($bit) . "'";
}
$v = '( ' . implode(',', $vs) . ' )';
}
else{
$v = "'" . $this->_conn->real_escape_string($w->value) . "'";
}
$ws[] = '`' . $w->field . '` ' . $op . ' ' . $v;
}
}
return implode(' ' . $group->getSeparator() . ' ', $ws);
}
/**
* Translate a query string to a populated where clause based on the search index criteria.
*
* @param string $query
*
* @return DatasetWhereClause
*/
public static function GetWhereClause($query){
$subwhere = new DatasetWhereClause('search');
$subwhere->setSeparator('or');
// Lowercase it.
$query = strtolower($query);
// Convert this string to latin.
$query = \Core\str_to_latin($query);
// Skip punctuation.
$query = preg_replace('/[^a-z0-9 ]/', '', $query);
// Split out words.
$parts = explode(' ', $query);
$skips = self::GetSkipWords();
$indexes = [];
$primaries = [];
$secondaries = [];
foreach($parts as $word){
if(in_array($word, $skips)) continue;
if(!$word) continue;
$it = new DoubleMetaPhone($word);
$indexes[] = $word;
$primaries[] = $it->primary;
$secondaries[] = $it->secondary;
}
// Remove duplicates
$indexes = array_unique($indexes);
$primaries = array_unique($primaries);
$secondaries = array_unique($secondaries);
// And add a where clause for each one.
foreach($indexes as $word){
if($word) {
// Required to skip spaces.
$subwhere->addWhere('search_index_str LIKE %' . $word . '%');
}
}
foreach($primaries as $word){
if($word){
// Required to skip spaces.
$subwhere->addWhere('search_index_pri LIKE %' . $word . '%');
}
}
foreach($secondaries as $word){
if($word){
// Required to skip spaces.
$subwhere->addWhere('search_index_sec LIKE %' . $word . '%');
}
}
return $subwhere;
}
