public function update(Entity $entity) { $tag = "EntityDAO: update()"; Log::notice("{$tag}"); $entity_id = $entity->getId(); if (empty($entity_id)) { Log::error("{$tag}: Entity id is not set"); throw new Exception("Entity id is not set"); } $errs = EntityValidator::validate($entity); if (count($errs) > 0) { Log::error("{$tag}: Entity has validation errors"); throw new Exception("Entity has validation errors"); } $blueprint = $this->blueprint; $timezone_offset = $this->timezone_offset_modify; $query = "UPDATE " . $this->tableName() . " SET "; foreach ($blueprint->fields() as $field) { $key = $field->getKey(); $value = $entity->get($key); $encType = $field->getEncType(); if (!empty($value) || $value == "0") { // Handle encoded fields if (!empty($encType) && $encType != "plain") { // Determine if encoded field value should be replaced // Load the existing entity to compare to the updated entity try { $existingEntity = $this->load($entity_id); $currentEncodedValue = $existingEntity->get("{$key}"); if ($currentEncodedValue == $value) { // Do not update this already encoded value $value = $value; // does nothing Log::debug("{$tag}: Leaving encrypted value for {$key} alone"); } else { $value = hash($encType, $value); Log::debug("{$tag}: Encrypted value for {$key}: {$value}"); } } catch (Exception $e) { Log::error("{$tag}: Exception: " . $e->getMessage()); throw $e; } } switch ($field->getDataType()) { case "int": $query .= "{$key}={$value}"; break; case "decimal": case "date": $query .= "{$key}='{$value}'"; break; case "datetime": case "time": $query .= "{$key}=CONVERT_TZ('{$value}', '{$timezone_offset}', '" . BPTimezone::UTC . "')"; break; case "enum": $query .= "{$key}='{$value}'"; break; case "string": case "text": case "binary": $value = DatabaseSanitizer::sanitize($value); $query .= "{$key}='{$value}'"; break; } } else { $query .= "{$key}=NULL"; } $query .= ", "; } // END: foreach($blueprint->fields() as $field) $query = substr($query, 0, strlen($query) - 2); // remove trailing comma and space (", ") $query .= " WHERE id=" . $entity_id; $sql = new DatabaseUpdate($query, "update"); try { $sql->doUpdate(); return $entity_id; } catch (Exception $e) { Log::error("{$tag}: [" . $sql->err_code . "] " . $sql->err_message); throw $e; } }
} else { $entity->set($key, NULL); // this is required since this field could have been over written by init($_POST) } } } else { // New Entity $entity->set($key, NULL); $entity->length($key, 0); } } } // END: if($field->getDataType() == "binary") } // Re-Validate Entity (after processing uploads) $errs = EntityValidator::validate($entity); if (count($errs) == 0) { if ($entityId) { /* // Update an existing Entity */ try { // Make sure the user has permission to perform this action if (BPConfig::$guardian_enable !== true || Guardian::authorize(Session::user(BPConfig::$guardian_identity_session_key), "UPDATE", $entityBP->getKey(), $entityId)) { $dao->update($entity); $responseNode->appendChild($dom->createElement("status", "success")); $responseNode->appendChild($dom->createElement("message", "Updated {$entitySignature} ({$entityId})")); } else { Log::warning("* Guardian denied access to update " . $entityBP->getKey() . " with ID {$entityId}"); $responseNode->appendChild($dom->createElement("status", "error")); $responseNode->appendChild($dom->createElement("message", "Access Denied"));