function _PrepareSQL() { // Replace all "placeholder values" in this request pack that are linked to a DBValues item by current value/result of the value: // ex. replace "__VAL1" by "Yes" when DBValues[1] = "FormInputs.WExx.radio.WExx" (it means linked to a specified html radiogroup) // and current (ex. default) value/result for this radiogroup = "Yes" // In special cases, a corresponding primary key value may be requested instead of the value itself, ex. "__PK1" instead of "__VAL1" // When values are provided directly (not as linked placeholder), strings are put into "", so there's no conflict possible with special prefixes above $this->RequestPack = null; if (!isset($this->Params) || !isset($this->Params['Src'])) { return; } //!! $aSQL = $this->Params['Src']; // pack of sql requests in json format if (substr($aSQL, -1) !== '}' && substr($aSQL, -1) !== ']') { return; } //!! $this->RequestPack = OEDynUtils::decodeJson($aSQL, false); // decode as Object (not Array) if (empty($this->RequestPack)) { return; } $sqlStringQuote = OESQLBase::SQLInstance()->StringQuoteChar(); if (!$sqlStringQuote) { $sqlStringQuote = '"'; } //var_dump($this->RequestPack); $valPref = '__VAL'; // same as DBHelp.SQLPackLinkValue in VB code $pkeyPref = '__PK'; // same as DBHelp.SQLPackLinkPKey in VB code foreach ($this->RequestPack as &$rq) { // $rType = $rq->Type; // $rCode = $rq->Code; $rValues =& $rq->Values; $rVTypes =& $rq->ValueTypes; // string, ex 'issd' // security for non-prepared mode - normally not needed but kept for future modifications or special cases: $rq->ValuesSecured = array(); $rValuesSecured =& $rq->ValuesSecured; // replace placeholders corresponding to DBValue indexes with respective values $rValCount = empty($rValues) ? 0 : count($rValues); for ($i = 0; $i < $rValCount; $i++) { // ex. $rValues[$i] = "__VAL4.SHA" means sha1(DBValues[4]) if (strpos($rValues[$i], $valPref) === 0) { // this placeholder corresponds to one of DBValues items // ex. "__VAL4.SHA" => "4.SHA" => use DBValues[4] and hash it $valInd = substr($rValues[$i], strlen($valPref)); // ex. 4 // replace index "link" by current value of DBValues[$valInd]: $rValues[$i] = $this->Manager->DBValueManager->GetDBValueWithSuffix($valInd); // replace with actual value: get first data row, or in case of iterators the row currently iterated // ex. $rValues[$i] = "7110eda4d09e062aa5e4a390b0a572ac0d2c0220" // for non=prepared mode (remove later?): // type - string or numeric: $isString = false; if (isset($rVTypes[$i])) { // consider value type if it is passed through JSON if ($rVTypes[$i] === 's') { $isString = true; } } $rValuesSecured[$i] = OESQLBase::SQLInstance()->secureSQLValue($rValues[$i], !$isString); // basic protection against injections, depend on string or numeric type //echo "SQL value $i:";var_dump($rValues[$i]); if ($rValuesSecured[$i] === null) { $rValuesSecured[$i] = 'NULL'; //!!check for prepared statements //echo ' - SQL value '.$valInd.' is NULL - '; } else { if ($isString) { $rValuesSecured[$i] = $sqlStringQuote . $rValuesSecured[$i] . $sqlStringQuote; // if it's string, wrap quotes "" } } } else { if (strpos($rValues[$i], $pkeyPref) === 0) { // this placeholder links to Primary Key corresponding to container+row where DBValue-pointed data is, rather than to this data itself // ex. "__PK4" => use primary key value of the result row containing DBValues[4] $valInd = substr($rValues[$i], strlen($pkeyPref)); $rValues[$i] = $this->Manager->DBValueManager->GetDBValueWithSuffix($valInd, 0, true); //!!iterators!! // use primary key value if (isset($rVTypes[$i])) { // force value type to int $rVTypes[$i] = 'i'; } $rValuesSecured[$i] = OESQLBase::SQLInstance()->secureSQLValue($rValues[$i], true); // basic protectyino against injections, true to treat value as numeric // primary key value considered integer, don't put into "" //!!check !!improve for custom keys //echo "with value[$valInd]={$rValues[$i]}"; } } } } //echo "Updated request pack:"."<br/>";var_dump($this->RequestPack);//var_dump($this->Manager->DBValueManager->DBValues); }
function __construct($jsonPageVars) { $this->tm_start = microtime(true); $this->JSData = null; if (!$jsonPageVars) { return; } $this->currLang = $this->_getLangFromPageURL(); // detect current language //!!improve // Deserialise: echo "<span style='color:silver'>==TIME</span>::" . round((microtime(true) - $this->tm_start) * 10000) * 0.1 . " before decodeJSON<br/>"; $this->JSData = OEDynUtils::decodeJson($jsonPageVars); if (!$this->JSData) { return; } //var_dump($this->JSData); echo "<span style='color:silver'>==TIME</span>::" . round((microtime(true) - $this->tm_start) * 10000) * 0.1 . " after Decode JSON<br/>"; //var_dump($this->pageVars["DynEvents"]); if (!is_array($this->JSData) || empty($this->JSData["DynEvents"])) { return; } // no data or events $this->dataContainers = array(); $this->ResultCommands = array(); //echo "Init Ok"."<br/>"; }
function fromJSON($jsonStr) { $this->Reset(); //$decodeJson = new Services_JSON(SERVICES_JSON_LOOSE_TYPE); if (!$decodeJson) return; // get as an associative array, not as object with fields $o = OEDynUtils::decodeJson($jsonStr); if (empty($o)) { return; } if (array_key_exists('Name', o)) { $this->Name =& $o['Name']; } if (array_key_exists('Values', o)) { $this->Values =& $o['Values']; } // if (array_key_exists('PKeys', o)) $this->PKeys =& $o['PKeys']; }