/** * Can the row be edited * * @param object $row Current row to test * * @return boolean */ public function onCanEdit($row) { $params = $this->getParams(); // If $row is null, we were called from the list's canEdit() in a per-table rather than per-row context, // and we don't have an opinion on per-table edit permissions, so just return true. if (is_null($row) || is_null($row[0])) { return true; } if (is_array($row[0])) { $data = ArrayHelper::toObject($row[0]); } else { $data = $row[0]; } /** * If __pk_val is not set or empty, then we've probably been called from somewhere in form processing, * and this is a new row. In which case this plugin cannot offer any opinion! */ if (!isset($data->__pk_val) || empty($data->__pk_val)) { return true; } $field = str_replace('.', '___', $params->get('caneditrow_field')); // If they provided some PHP to eval, we ignore the other settings and just run their code $caneditrow_eval = $params->get('caneditrow_eval', ''); // $$$ rob if no can edit field selected in admin return true if (trim($field) == '' && trim($caneditrow_eval) == '') { $this->acl[$data->__pk_val] = true; return true; } if (!empty($caneditrow_eval)) { $w = new FabrikWorker(); $data = ArrayHelper::fromObject($data); $caneditrow_eval = $w->parseMessageForPlaceHolder($caneditrow_eval, $data); FabrikWorker::clearEval(); $caneditrow_eval = @eval($caneditrow_eval); FabrikWorker::logEval($caneditrow_eval, 'Caught exception on eval in can edit row : %s'); $this->acl[$data['__pk_val']] = $caneditrow_eval; return $caneditrow_eval; } else { // No PHP given, so just do a simple match on the specified element and value settings. if ($params->get('caneditrow_useraw', '0') == '1') { $field .= '_raw'; } $value = $params->get('caneditrow_value'); $operator = $params->get('operator', '='); if (is_object($data->{$field})) { $data->{$field} = ArrayHelper::fromObject($data->{$field}); } switch ($operator) { case '=': default: $return = is_array($data->{$field}) ? in_array($value, $data->{$field}) : $data->{$field} == $value; break; case "!=": $return = is_array($data->{$field}) ? !in_array($value, $data->{$field}) : $data->{$field} != $value; break; } $this->acl[$data->__pk_val] = $return; return $return; } }
/** * Can the row be deleted * * @param object $row Current row to test * * @return boolean */ public function onCanDelete($row) { $params = $this->getParams(); // If $row is null, we were called from the table's canEdit() in a per-table rather than per-row context, // and we don't have an opinion on per-table delete permissions, so just return true. if (is_null($row) || is_null($row[0])) { return true; } if (is_array($row[0])) { $data = ArrayHelper::toObject($row[0]); } else { $data = $row[0]; } $field = str_replace('.', '___', $params->get('candeleterow_field')); // If they provided some PHP to eval, we ignore the other settings and just run their code $canDeleteRowEval = $params->get('candeleterow_eval', ''); // $$$ rob if no can delete field selected in admin return true if (trim($field) == '' && trim($canDeleteRowEval) == '') { return true; } if (!empty($canDeleteRowEval)) { $w = new FabrikWorker(); $data = ArrayHelper::fromObject($data); $canDeleteRowEval = $w->parseMessageForPlaceHolder($canDeleteRowEval, $data); FabrikWorker::clearEval(); $canDeleteRowEval = @eval($canDeleteRowEval); FabrikWorker::logEval($canDeleteRowEval, 'Caught exception on eval in can delete row : %s'); return $canDeleteRowEval; } else { // No PHP given, so just do a simple match on the specified element and value settings. if ($params->get('candeleterow_useraw', '0') == '1') { $field .= '_raw'; } $value = $params->get('candeleterow_value'); $operator = $params->get('operator', '='); if (!isset($data->{$field})) { return false; } switch ($operator) { case '=': default: return $data->{$field} == $value; break; case "!=": return $data->{$field} != $value; break; } } }
/** * Run eval * * @param string $data Original data * @param int $repeatCounter Repeat group counter * * @return string Evaluated PHP function */ private function _eval($data, $repeatCounter = 0) { $params = $this->getParams(); $elementModel = $this->elementModel; $formModel = $elementModel->getFormModel(); $formData = $formModel->formData; $w = new FabrikWorker(); $phpCode = $params->get('php-code'); $phpCode = $w->parseMessageForPlaceHolder($phpCode, $formData, true, true); /** * $$$ hugh - added trigger_error(""), which will "clear" any existing errors, * otherwise logEval will pick up and report notices and warnings generated * by the rest of our code, which can be VERY confusing. Note that this required a tweak * to logEval, as error_get_last won't be null after doing this, but $error['message'] will * be empty. * $$$ hugh - moved the $trigger_error() into a helper func */ FabrikWorker::clearEval(); $return = @eval($phpCode); FabrikWorker::logEval($return, 'Caught exception on php validation of ' . $elementModel->getFullName(true, false) . ': %s'); return $return; }
/** * Looks at the validation condition & evaluates it * if evaluation is true then the validation rule is applied * * @param string $data Elements data * @param int $repeatCounter Repeat group counter * * @return bool apply validation */ public function shouldValidate($data, $repeatCounter = 0) { if (!$this->shouldValidateIn()) { return false; } if (!$this->shouldValidateOn()) { return false; } $params = $this->getParams(); $condition = $params->get($this->pluginName . '-validation_condition'); if ($condition == '') { return true; } $w = new FabrikWorker(); $groupModel = $this->elementModel->getGroupModel(); $inRepeat = $groupModel->canRepeat(); if ($inRepeat) { // Replace repeat data array with current repeatCounter value to ensure placeholders work. // E.g. return {'table___field}' == '1'; $f = JFilterInput::getInstance(); $post = $f->clean($_REQUEST, 'array'); $groupElements = $groupModel->getMyElements(); foreach ($groupElements as $element) { $name = $element->getFullName(true, false); $elementData = ArrayHelper::getValue($post, $name, array()); $post[$name] = ArrayHelper::getValue($elementData, $repeatCounter, ''); $rawData = ArrayHelper::getValue($post, $name . '_raw', array()); $post[$name . '_raw'] = ArrayHelper::getValue($rawData, $repeatCounter, ''); } } else { $post = null; } $condition = trim($w->parseMessageForPlaceHolder($condition, $post)); FabrikWorker::clearEval(); $res = @eval($condition); FabrikWorker::logEval($res, 'Caught exception on eval in validation condition : %s'); if (is_null($res)) { return true; } return $res; }