/**
* set list filter string (function is called when user hits filter button)
* this function is registered in xajax
* @param string $list_title title of list
* @param string $filter_str filter string that user has set
* @return xajaxResponse every xajax registered function needs to return this object
*/
function action_set_list_filter($list_title, $filter_str)
{
global $logging;
global $user;
global $list_state;
global $list_table_configuration;
global $user_start_time_array;
$logging->info("USER_ACTION " . __METHOD__ . " (user="******", list_title={$list_title}, filter_str={$filter_str})");
# store start time
$user_start_time_array[__METHOD__] = microtime(TRUE);
# create necessary objects
$result = new Result();
$response = new xajaxResponse();
$html_database_table = new HtmlDatabaseTable($list_table_configuration);
# check if filter_str is well formed
if (str_is_well_formed("filter_str", $filter_str) == FALSE_RETURN_STRING) {
set_error_message("filter_form", "below", "ERROR_NOT_WELL_FORMED_STRING", "", "", $response);
return $response;
}
# create list table object
$list_table = new ListTable($list_title);
if ($list_table->get_is_valid() == FALSE) {
$logging->warn("create list object returns false");
$error_message_str = $list_table->get_error_message_str();
$error_log_str = $list_table->get_error_log_str();
$error_str = $list_table->get_error_str();
set_error_message("filter_form", "below", $error_message_str, $error_log_str, $error_str, $response);
return $response;
}
# set filter value
$user->get_list_state($list_table->get_table_name());
$list_state->set_filter_str($filter_str);
$list_state->set_filter_str_sql("");
$user->set_list_state();
# set content
$html_database_table->get_content($list_table, $list_title, "", DATABASETABLE_UNKWOWN_PAGE, $result);
$response->custom_response->assign_with_effect(LIST_CSS_NAME_PREFIX . "content_pane", $result->get_result_str());
# check post conditions
if (check_postconditions($result, $response) == FALSE) {
return $response;
}
# log total time for this function
$logging->info(get_function_time_str(__METHOD__));
return $response;
}
<?php
require_once "../includes/config.php";
require_once "../includes/session.php";
if (!isset($_SESSION['test_name'])) {
set_error_message(TEST_NAME_NOT_FOUND);
redirect_to("../tests/error.php");
}
$file = "../common/common_rules_and_regulations.txt";
$content = file_get_contents($file);
?>
<!DOCTYPE html>
<html>
<head>
<title>
</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7" crossorigin="anonymous">
<link rel="shortcut icon" href="http://s12.postimg.org/8ta2or48d/Graphic1.png" type="image/x-icon" />
<link href='https://fonts.googleapis.com/css?family=Titillium+Web' rel='stylesheet' type='text/css'>
<script type="text/javascript" src="../js/jquery-2.2.0.min.js"></script>
<script type="text/javascript " src="../js/bootstrap.min.js"></script>
<link rel="stylesheet" type="text/css" href="../css/test_details.css">
<script type = "text/javascript" >
history.pushState(null, null, 'rules_regulations.php');
window.addEventListener('popstate', function(event) {
history.pushState(null, null, 'rules_regulations.php');
});
</script>
/**
* update a user record
* this function is registered in xajax
* @param string $title title of page
* @param string $key_string comma separated name value pairs
* @param array $form_values values of new record (array of name value pairs)
* @return xajaxResponse every xajax registered function needs to return this object
*/
function action_update_user_settings_record($title, $key_string, $form_values)
{
global $logging;
global $user;
global $user_settings_table_configuration;
global $firstthingsfirst_field_descriptions;
global $user_start_time_array;
# WARNING: this function is almost identical to function UserAdministration::action_update_user_admin_record
# changes in this function should also lead to changes in that function
$logging->info("USER_ACTION " . __METHOD__ . " (user="******", title={$title}, key_string={$key_string})");
# store start time
$user_start_time_array[__METHOD__] = microtime(TRUE);
$html_str = "";
$name_keys = array_keys($form_values);
$new_form_values = array();
$fields = $user->get_fields();
$field_keys = array_keys($fields);
# create necessary objects
$result = new Result();
$response = new xajaxResponse();
$html_database_table = new HtmlDatabaseTable($user_settings_table_configuration);
foreach ($name_keys as $name_key) {
$value_array = explode(GENERAL_SEPARATOR, $name_key);
$db_field_name = $value_array[0];
$field_type = $value_array[1];
$field_number = $value_array[2];
$check_functions = explode(" ", $firstthingsfirst_field_descriptions[$field_type][FIELD_DESCRIPTION_FIELD_INPUT_CHECKS]);
$result->reset();
$logging->debug("field (name=" . $db_field_name . ", type=" . $field_type . ", number=" . $field_number . ")");
# check field values (check password field only when new password has been set)
if ($db_field_name != USER_PW_FIELD_NAME || $db_field_name == USER_PW_FIELD_NAME && strlen($form_values[$name_key]) > 0) {
check_field($check_functions, $db_field_name, $form_values[$name_key], $user->get_date_format(), $result);
if (strlen($result->get_error_message_str()) > 0) {
set_error_message($name_key, "right", $result->get_error_message_str(), "", "", $response);
return $response;
}
}
# set new value
$new_form_values[$db_field_name] = $result->get_result_str();
$logging->debug("setting new form value (db_field_name=" . $db_field_name . ", result=" . $result->get_result_str() . ")");
}
# check if someone tries to change user admin
if ($user->get_name() == "admin") {
# check if the name of user admin is changed
if ($new_form_values[USER_NAME_FIELD_NAME] != "admin") {
set_error_message("record_contents_buttons", "right", "ERROR_CANNOT_UPDATE_NAME_USER_ADMIN", "", "", $response);
return $response;
}
}
# display error when insertion returns false
if (!$user->update($key_string, $new_form_values, TRUE)) {
$logging->warn("update user settings record returns false");
$error_message_str = $user->get_error_message_str();
$error_log_str = $user->get_error_log_str();
$error_str = $user->get_error_str();
set_error_message("record_contents_buttons", "right", $error_message_str, $error_log_str, $error_str, $response);
return $response;
}
# redirect to portal page with new user settings activated
$response->script("window.location.assign('index.php?action=" . ACTION_GET_PORTAL_PAGE . "')");
# check post conditions not necessary
# log total time for this function
$logging->info(get_function_time_str(__METHOD__));
return $response;
}
/**
* delete a record
* this function is registered in xajax
* @param string $title title of page
* @param string $key_string comma separated name value pairs
* @return xajaxResponse every xajax registered function needs to return this object
*/
function action_delete_user_admin_record($title, $key_string)
{
global $logging;
global $user;
global $user_admin_table_configuration;
global $user_start_time_array;
$logging->info("USER_ACTION " . __METHOD__ . " (user="******", title={$title}, key_string={$key_string})");
# store start time
$user_start_time_array[__METHOD__] = microtime(TRUE);
# create necessary objects
$result = new Result();
$response = new xajaxResponse();
$html_database_table = new HtmlDatabaseTable($user_admin_table_configuration);
$logging->debug("get user record");
$user_array = $user->select_record($key_string);
if (count($user_array) == 0) {
$logging->warn("select user record returns empty array");
$error_message_str = $user->get_error_message_str();
$error_log_str = $user->get_error_log_str();
$error_str = $user->get_error_str();
set_error_message("tab_user_admin_id", "below", $error_message_str, $error_log_str, $error_str, $response);
return $response;
}
$user_name = $user_array[USER_NAME_FIELD_NAME];
$logging->debug("found user: "******"admin") {
set_error_message("tab_user_admin_id", "below", "ERROR_CANNOT_DELETE_USER_ADMIN", "", "", $response);
return $response;
}
# display error when current user wants to delete him/herself
if ($user_name == $user->get_name()) {
set_error_message("tab_user_admin_id", "below", "ERROR_CANNOT_DELETE_YOURSELF", "", "", $response);
return $response;
}
# display error when delete returns false
if ($user->delete($key_string) == FALSE) {
$logging->warn("delete user record returns false");
$error_message_str = $user->get_error_message_str();
$error_log_str = $user->get_error_log_str();
$error_str = $user->get_error_str();
set_error_message("tab_user_admin_id", "below", $error_message_str, $error_log_str, $error_str, $response);
return $response;
}
# set content
$html_database_table->get_content($user, $title, "", DATABASETABLE_UNKWOWN_PAGE, $result);
$response->custom_response->assign_with_effect(USER_ADMIN_CSS_NAME_PREFIX . "content_pane", $result->get_result_str());
# check post conditions
if (check_postconditions($result, $response) == FALSE) {
return $response;
}
# log total time for this function
$logging->info(get_function_time_str(__METHOD__));
return $response;
}
/**
* delete a record
* this function is registered in xajax
* @param string $title title of page
* @param string $key_string comma separated name value pairs
* @return xajaxResponse every xajax registered function needs to return this object
*/
function action_delete_user_list_permissions_record($title, $key_string)
{
global $logging;
global $user;
global $user_list_permissions;
global $user_list_permissions_table_configuration;
global $user_start_time_array;
$logging->info("USER_ACTION " . __METHOD__ . " (user="******", title={$title}, key_string={$key_string})");
# store start time
$user_start_time_array[__METHOD__] = microtime(TRUE);
# create necessary objects
$result = new Result();
$response = new xajaxResponse();
$html_database_table = new HtmlDatabaseTable($user_list_permissions_table_configuration);
# display error when delete returns false
if (!$user_list_permissions->delete($key_string)) {
$logging->warn("delete user list permissions record returns false");
$error_message_str = $user_list_permissions->get_error_message_str();
$error_log_str = $user_list_permissions->get_error_log_str();
$error_str = $user_list_permissions->get_error_str();
set_error_message("tab_list_table_permissions_id", "below", $error_message_str, $error_log_str, $error_str, $response);
return $response;
}
# set content
$html_database_table->get_content($user_list_permissions, $title, "", DATABASETABLE_UNKWOWN_PAGE, $result);
$response->custom_response->assign_with_effect(USERLISTTABLEPERMISSIONS_CSS_NAME_PREFIX . "content_pane", $result->get_result_str());
# check post conditions
if (check_postconditions($result, $response) == FALSE) {
return $response;
}
# log total time for this function
$logging->info(get_function_time_str(__METHOD__));
return $response;
}
/**
* check if given definition is correct
* @todo remove (obsolete) key indicator from definition (requires an update script)
* @param array $definition defintion of current list that is being build
* @param $response xajaxResponse response object
* @return array returns an empty array when given definition was not correct
*/
function check_definition($definition, $response)
{
global $logging;
$logging->trace("check definition");
$definition_values = array_values($definition);
$definition_keys = array_keys($definition);
$new_definition = array();
if (count($definition_values) / 4 < 2) {
$logging->warn("list with only one field");
set_error_message($definition_keys[2], "right", "ERROR_NOT_ENOUGH_FIELDS", "", "", $response);
return array();
}
for ($position = 0; $position < count($definition_values) / 4; $position += 1) {
$field_id = $definition_values[$position * 4];
$field_type = $definition_values[$position * 4 + 1];
$field_name = $definition_values[$position * 4 + 2];
$field_options = $definition_values[$position * 4 + 3];
$logging->debug("found field (id=\"" . $field_id . "\" name=" . $field_name . " type=" . $field_type . " options=" . $field_options . ")");
# check if field name has been given
if (strlen($field_name) == 0) {
$logging->warn("no field name given");
set_error_message($definition_keys[$position * 4 + 2], "right", "ERROR_NO_FIELD_NAME_GIVEN", "", "", $response);
return array();
}
# check if field name is well formed
if (str_is_well_formed("field", $field_name) == FALSE_RETURN_STRING) {
set_error_message($definition_keys[$position * 4 + 2], "right", "ERROR_NOT_WELL_FORMED_STRING", "", "", $response);
return array();
}
# check if field is of type FIELD_TYPE_DEFINITION_SELECTION
if ($field_type == FIELD_TYPE_DEFINITION_SELECTION) {
# check if options string has been given
if (strlen($field_options) == 0) {
$logging->warn("no options given");
set_error_message($definition_keys[$position * 4 + 3], "right", "ERROR_NO_FIELD_OPTIONS_GIVEN", "", "", $response);
return array();
}
# check if options string is well formed
if (str_is_well_formed("field", $field_options, 1) == FALSE_RETURN_STRING) {
set_error_message($definition_keys[$position * 4 + 3], "right", "ERROR_NOT_WELL_FORMED_SELECTION_STRING", "", "", $response);
return array();
}
}
# copy in field_visible_in_overview
$new_field_name = ListTable::_get_db_field_name($field_name);
$field_visible_in_overview = COLUMN_SHOW;
if ($new_field_name == DB_ID_FIELD_NAME) {
$field_visible_in_overview = $field_options;
$field_options = "";
}
$new_definition[$field_id] = array(ListTable::_get_db_field_name($field_name), $field_type, $field_options, $field_visible_in_overview);
}
$logging->trace("checked definition");
return $new_definition;
}
/**
* test if an error has been set in result and show the error on screen if an error has been set
* @param $result Result result object
* @param $response xajaxResponse response object
* @return bool indicated if an error has been set
*/
function check_postconditions($result, $response)
{
global $logging;
global $user;
$logging->trace("check postconditions");
# check if an error is set
if (strlen($result->get_error_message_str()) > 0) {
$logging->warn("an error has been set");
$error_element = $result->get_error_element();
$error_message_str = $result->get_error_message_str();
$error_log_str = $result->get_error_log_str();
$error_str = $result->get_error_str();
set_error_message($error_element, "right", $error_message_str, $error_log_str, $error_str, $response);
return FALSE;
}
$logging->trace("checked postconditions");
return TRUE;
}
/**
* delete a list table
* this function is registered in xajax
* @param string $list_title title of list table
* @param string $key_string comma separated name value pairs
* @return xajaxResponse every xajax registered function needs to return this object
*/
function action_delete_portal_record($list_title)
{
global $logging;
global $user;
global $list_table_description;
global $portal_table_configuration;
global $user_start_time_array;
$logging->info("USER_ACTION " . __METHOD__ . " (user="******", list_title={$list_title})");
# store start time
$user_start_time_array[__METHOD__] = microtime(TRUE);
# create necessary objects
$result = new Result();
$response = new xajaxResponse();
$list_table = new ListTable($list_title);
if ($list_table->get_is_valid() == FALSE) {
$logging->warn("create list object returns false");
$error_message_str = $list_table->get_error_message_str();
$error_log_str = $list_table->get_error_log_str();
$error_str = $list_table->get_error_str();
set_error_message("tab_portal_id", "below", $error_message_str, $error_log_str, $error_str, $response);
return $response;
}
$html_database_table = new HtmlDatabaseTable($portal_table_configuration);
# display error when delete returns false
if ($list_table->drop() == FALSE) {
$logging->warn("drop list returns false");
$error_message_str = $list_table->get_error_message_str();
$error_log_str = $list_table->get_error_log_str();
$error_str = $list_table->get_error_str();
set_error_message("tab_portal_id", "below", $error_message_str, $error_log_str, $error_str, $response);
return $response;
}
# set content
$html_database_table->get_content($list_table_description, $list_title, "", DATABASETABLE_ALL_PAGES, $result);
$response->custom_response->assign_with_effect(PORTAL_CSS_NAME_PREFIX . "content_pane", $result->get_result_str());
# reset current list name only when active list has been removed
if ($list_title == $user->get_current_list_name()) {
$user->set_current_list_name("");
}
# set page navigation and login status to update old 'list' links
$page_navigation_str = get_page_navigation(PAGE_TYPE_PORTAL);
$response->assign("navigation_container", "innerHTML", $page_navigation_str);
# check post conditions
if (check_postconditions($result, $response) == FALSE) {
return $response;
}
# log total time for this function
$logging->info(get_function_time_str(__METHOD__));
return $response;
}
/**
* login a user
* this function is registered in xajax
* @param string $user_name name of user
* @param string $password password for user
* @return xajaxResponse every xajax registered function needs to return this object
*/
function action_login($user_name, $password)
{
global $logging;
global $user;
global $user_start_time_array;
$logging->info("USER_ACTION " . __METHOD__ . " (user_name={$user_name})");
# store start time
$user_start_time_array[__METHOD__] = microtime(TRUE);
# create necessary objects
$response = new xajaxResponse();
if (strlen($user_name) == 0) {
$logging->warn("no user name given");
set_error_message("user_name_id", "right", "ERROR_NO_USER_NAME_GIVEN", "", "", $response);
# set focus on user name
$response->script("document.getElementById('user_name_id').focus()");
return $response;
}
if (strlen($password) == 0) {
$logging->warn("no password given");
set_error_message("password_id", "right", "ERROR_NO_PASSWORD_GIVEN", "", "", $response);
# set focus on password
$response->script("document.getElementById('password_id').focus()");
return $response;
}
if ($user->login($user_name, $password)) {
# redirect to portal page
$response->script("window.location.assign('index.php?action=" . ACTION_GET_PORTAL_PAGE . "')");
# log total time for this function
$logging->info(get_function_time_str(__METHOD__));
return $response;
} else {
$logging->warn("user could not log in");
$error_message_str = $user->get_error_message_str();
$error_log_str = $user->get_error_log_str();
$error_str = $user->get_error_str();
set_error_message("password_id", "right", $error_message_str, $error_log_str, $error_str, $response);
# set focus on user name
$response->script("document.getElementById('user_name_id').focus()");
return $response;
}
}
