public static function formFieldOptions($formID)
{
$form = forms::get($formID);
$output = '<option value="idno">IDNO</option><optgroup label="Form Fields">';
foreach ($form['fields'] as $field) {
if (isset($field['choicesType'])) {
continue;
}
$output .= sprintf('<option value="%s">%s</option>', $field['name'], $field['label']);
}
$output .= "</optgroup>";
return $output;
}
public static function buildProjectNavigation($formID)
{
if (($form = forms::get($formID)) === FALSE) {
return FALSE;
}
localvars::add("formID", htmlSanitize($formID));
$output = "";
$currentGroup = "";
if (!is_array($form['navigation'])) {
return $output;
}
foreach ($form['navigation'] as $item) {
// deal with field sets
if ($item['grouping'] != $currentGroup) {
if ($currentGroup != "") {
$output .= "</ul></li>";
}
if (!is_empty($item['grouping'])) {
$output .= sprintf('<li><strong>%s</strong><ul>', $item['grouping']);
}
$currentGroup = $item['grouping'];
}
$output .= "<li>";
if ($item['type'] == "logout") {
$output .= sprintf('<a href="%s">%s</a>', htmlSanitize($item['url']), htmlSanitize($item['label']));
} else {
if ($item['type'] == "link") {
$item['url'] = preg_replace("/{siteRoot}/", mfcs::config("siteRoot"), $item['url']);
$output .= sprintf('<a href="%s">%s</a>', htmlSanitize($item['url']), htmlSanitize($item['label']));
} else {
if ($item['type'] == "objectForm" || $item['type'] == "metadataForm") {
$form = forms::get($item['formID']);
$output .= sprintf('<a href="" data-formID="%s" data-header="%s" data-toggle="modal" class="metadataObjectEditor">%s</a>', htmlSanitize($item['formID']), htmlSanitize($item['label']), htmlSanitize(!empty($form['displayTitle']) ? $form['displayTitle'] : (!empty($form['title']) ? $form['title'] : '[No form title]')));
} else {
$output .= sprintf('%s', htmlSanitize($item['label']));
}
}
}
$output .= "</li>";
}
return $output;
}
}
if (forms::validID() === FALSE) {
throw new Exception("No Form ID Provided.");
}
if (mfcsPerms::isEditor($engine->cleanGet['MYSQL']['formID']) === FALSE) {
$permissions = FALSE;
throw new Exception("Permission Denied to view objects created with this form.");
}
if (isset($engine->cleanGet['MYSQL']['parentID']) && objects::validID(TRUE, $engine->cleanGet['MYSQL']['parentID']) === FALSE) {
throw new Exception("ParentID Provided is invalid.");
}
// if an object ID is provided make sure the object is from this form
if (!isnull($engine->cleanGet['MYSQL']['objectID']) && !objects::checkObjectInForm($engine->cleanGet['MYSQL']['formID'], $engine->cleanGet['MYSQL']['objectID'])) {
throw new Exception("Object not from this form.");
}
if (($form = forms::get($engine->cleanGet['MYSQL']['formID'])) === FALSE) {
throw new Exception("Error retrieving form.");
}
if (forms::isProductionReady($engine->cleanGet['MYSQL']['formID']) === FALSE) {
$permissions = FALSE;
throw new Exception("Form is not production ready.");
}
if (forms::isMetadataForm($engine->cleanGet['MYSQL']['formID'])) {
throw new Exception("Metadata form provided (Object forms only).");
}
/* Parent Object 'Stuff' */
if (isset($engine->cleanGet['MYSQL']['parentID']) && ($parentObject = objects::get($engine->cleanGet['MYSQL']['parentID'])) === FALSE) {
throw new Exception("Unable to retrieve parent object");
}
/* End Parent Object 'Stuff' */
// Editor information
} else {
$ajax = FALSE;
}
$permissions = TRUE;
try {
if (objects::validID() === FALSE) {
throw new Exception("ObjectID Provided is invalid.");
}
if (forms::validID() === FALSE) {
throw new Exception("No Form ID Provided.");
}
if (mfcsPerms::isAdmin($engine->cleanGet['MYSQL']['formID']) === FALSE) {
$permissions = FALSE;
throw new Exception("Permission Denied to view objects created with this form.");
}
$form = forms::get($engine->cleanGet['MYSQL']['formID']);
if ($form === FALSE) {
throw new Exception("Error retrieving form.");
}
if (forms::isProductionReady($engine->cleanGet['MYSQL']['formID']) === FALSE) {
$permissions = FALSE;
throw new Exception("Form is not production ready.");
}
if (forms::isMetadataForm($engine->cleanGet['MYSQL']['formID']) === FALSE) {
throw new Exception("Object form provided (Metadata forms only).");
}
// if an object ID is provided make sure the object is from this form
if (isset($engine->cleanGet['MYSQL']['objectID']) && !checkObjectInForm($engine->cleanGet['MYSQL']['formID'], $engine->cleanGet['MYSQL']['objectID'])) {
throw new Exception("Object not from this form");
}
localvars::add("formName", $form['title']);
<?php
include "../../header.php";
// Setup revision control
$revisions = revisions::create();
###############################################################################################################
try {
if (!isset($engine->cleanGet['MYSQL']['objectID']) || !validate::integer($engine->cleanGet['MYSQL']['objectID'])) {
throw new Exception('No Object ID Provided.');
}
$objectID = $engine->cleanGet['MYSQL']['objectID'];
$object = objects::get($objectID);
$form = forms::get($object['formID']);
$fields = $form['fields'];
if (mfcsPerms::isEditor($form['ID']) === FALSE) {
throw new Exception("Permission Denied to view objects created with this form.");
}
log::insert("Data Entry: Revision: View Page", $objectID);
###############################################################################################################
// Catch a form submition (which would be a revision being reverted to)
if (isset($engine->cleanPost['MYSQL']['revisionID'])) {
log::insert("Data Entry: Revision: Revert", $objectID);
// @TODO this should use revert2Revision() method instead of this ...
$revisionID = $revisions->getRevisionID($engine->cleanGet['MYSQL']['objectID'], $engine->cleanPost['MYSQL']['revisionID']);
if (($revision = $revisions->getMetadataForID($revisionID)) === FALSE) {
throw new Exception('Could not load revision.');
}
if (objects::update($engine->cleanGet['MYSQL']['objectID'], $revision['formID'], decodeFields($revision['data']), $revision['metadata'], $revision['parentID']) !== FALSE) {
// Reload the object - To refresh the data
$object = objects::get($objectID, TRUE);
} else {
public static function getForms($projectID, $form = FALSE)
{
$sql = sprintf("SELECT `formID` FROM `forms_projects` WHERE `projectID`='%s'", mfcs::$engine->openDB->escape($projectID));
$sqlResult = mfcs::$engine->openDB->query($sql);
if (!$sqlResult['result']) {
errorHandle::newError(__METHOD__ . "() - : " . $sqlResult['error'], errorHandle::DEBUG);
return FALSE;
}
$formIDs = array();
while ($row = mysql_fetch_array($sqlResult['result'], MYSQL_ASSOC)) {
if ($form === TRUE) {
if (($formIDs[$row['formID']] = forms::get($row['formID'])) === FALSE) {
return FALSE;
}
} else {
$formIDs[] = $row['formID'];
}
}
return $formIDs;
}
<?php
include "../../header.php";
$form = forms::get("9");
print "<pre>";
var_dump($form);
print "</pre>";
public static function metadataObjects($formID, $objectID)
{
// get all the object forms that have this metadata form linked to it
$forms = forms::getFormsLinkedTo($formID);
$data = array();
foreach ($forms as $formID => $field) {
$objects = objects::getAllObjectsForForm($formID);
$form = forms::get($formID);
foreach ($objects as $object) {
if (strtolower($field['type']) == "select") {
if ($object['data'][$field['name']] == $objectID) {
$data[] = array($object['ID'], $object['idno'], $object['data'][$form['objectTitleField']], self::genLinkURLs("view", $object['ID']), self::genLinkURLs("edit", $object['ID']), self::genLinkURLs("revisions", $object['ID']));
}
} else {
if (strtolower($field['type']) == "multiselect") {
if (in_array($objectID, $object['data'][$field['name']])) {
$data[] = array($object['ID'], $object['idno'], $object['data'][$form['objectTitleField']], self::genLinkURLs("view", $object['ID']), self::genLinkURLs("edit", $object['ID']), self::genLinkURLs("revisions", $object['ID']));
}
}
}
}
}
return self::createTable($data);
return;
}
public static function update($objectID, $formID, $data, $metadata, $parentID = 0, $modifiedTime = NULL)
{
if (!is_array($data)) {
errorHandle::newError(__METHOD__ . "() - : data is not array", errorHandle::DEBUG);
return FALSE;
}
// Get the current Form
if (($form = forms::get($formID)) === FALSE) {
errorHandle::newError(__METHOD__ . "() - retrieving form by formID", errorHandle::DEBUG);
return FALSE;
}
// the form is an object form, make sure that it has an ID field defined.
if (($idnoInfo = forms::getFormIDInfo($formID)) === FALSE) {
errorHandle::newError(__METHOD__ . "() - no IDNO field for object form.", errorHandle::DEBUG);
return FALSE;
}
// begin transactions
$result = mfcs::$engine->openDB->transBegin("objects");
if ($result !== TRUE) {
errorHandle::newError(__METHOD__ . "() - unable to start database transactions", errorHandle::DEBUG);
return FALSE;
}
// place old version into revision control
// excluding metadata objects
if ($metadata == 0) {
$rcs = revisions::create();
$return = $rcs->insertRevision($objectID);
if ($return !== TRUE) {
mfcs::$engine->openDB->transRollback();
mfcs::$engine->openDB->transEnd();
errorHandle::newError(__METHOD__ . "() - unable to insert revisions", errorHandle::DEBUG);
return FALSE;
}
}
// insert new version
$sql = sprintf("UPDATE `objects` SET `parentID`='%s', `data`='%s', `formID`='%s', `metadata`='%s', `modifiedTime`='%s', `modifiedBy`='%s' WHERE `ID`='%s'", isset(mfcs::$engine->cleanPost['MYSQL']['parentID']) ? mfcs::$engine->cleanPost['MYSQL']['parentID'] : mfcs::$engine->openDB->escape($parentID), encodeFields($data), mfcs::$engine->openDB->escape($formID), mfcs::$engine->openDB->escape($metadata), isnull($modifiedTime) ? time() : $modifiedTime, mfcs::$engine->openDB->escape(users::user('ID')), mfcs::$engine->openDB->escape($objectID));
$sqlResult = mfcs::$engine->openDB->query($sql);
if (!$sqlResult['result']) {
mfcs::$engine->openDB->transRollback();
mfcs::$engine->openDB->transEnd();
errorHandle::newError(__METHOD__ . "() - " . $sql . " -- " . $sqlResult['error'], errorHandle::DEBUG);
return FALSE;
}
// Insert into the new data table
if (self::insertObjectData($objectID, $data, $formID) === FALSE) {
mfcs::$engine->openDB->transRollback();
mfcs::$engine->openDB->transEnd();
errorHandle::newError(__METHOD__ . "() - inserting objects", errorHandle::DEBUG);
return FALSE;
}
// Update duplicate matching table
if (duplicates::updateDupeTable($formID, $objectID, $data) === FALSE) {
mfcs::$engine->openDB->transRollback();
mfcs::$engine->openDB->transEnd();
errorHandle::newError(__METHOD__ . "() - updating dupe matching", errorHandle::DEBUG);
return FALSE;
}
// if it is an object form (not a metadata form)
// do the IDNO stuff
// We only have to do this if the IDNO is managed by the user
if ($form['metadata'] == "0" && $idnoInfo['managedBy'] != "system") {
// the form is an object form, make sure that it has an ID field defined.
if (($idnoInfo = forms::getFormIDInfo($formID)) === FALSE) {
errorHandle::newError(__METHOD__ . "() - no IDNO field for object form.", errorHandle::DEBUG);
return FALSE;
}
$idno = isset(mfcs::$engine->cleanPost['MYSQL']['idno']) && !isempty(mfcs::$engine->cleanPost['MYSQL']['idno']) ? mfcs::$engine->cleanPost['MYSQL']['idno'] : self::getIDNOForObjectID($objectID);
if ($idno === FALSE || isempty($idno)) {
mfcs::$engine->openDB->transRollback();
mfcs::$engine->openDB->transEnd();
return FALSE;
}
if (!self::updateIDNO($objectID, $idno)) {
mfcs::$engine->openDB->transRollback();
mfcs::$engine->openDB->transEnd();
errorHandle::newError(__METHOD__ . "() - updating the IDNO: " . $sqlResult['error'], errorHandle::DEBUG);
return FALSE;
}
}
// end transactions
mfcs::$engine->openDB->transCommit();
mfcs::$engine->openDB->transEnd();
return TRUE;
}
}
localvars::add("originalFormTitle", forms::title($form['ID']));
localvars::add("compatibleForms", $temp);
// handle submission
if (isset($engine->cleanPost['MYSQL']['moveSubmit'])) {
if (!isset($compatibleForms[$engine->cleanPost['MYSQL']['form']])) {
throw new Exception("Selected form is not compatible with original form.");
}
// @TODO this logic shouldn't be here
$sql = sprintf("UPDATE `objects` SET `formID`='%s' WHERE `ID`='%s' AND `formID`='%s' LIMIT 1", $engine->cleanPost['MYSQL']['form'], $engine->openDB->escape($engine->cleanPost['MYSQL']['objectID']), $engine->openDB->escape($form['ID']));
$sqlResult = $engine->openDB->query($sql);
if (!$sqlResult['result']) {
errorHandle::newError(__METHOD__ . "() - : " . $sqlResult['error'], errorHandle::DEBUG);
throw new Exception("Error updating object record.");
}
if (($form = forms::get($engine->cleanPost['MYSQL']['form'])) === FALSE) {
throw new Exception("Error retrieving form.");
}
log::insert("Data Entry: Move: Successful Move", $engine->cleanPost['MYSQL']['objectID'], $form['ID'], $engine->cleanPost['MYSQL']['form']);
errorHandle::successMsg("Object Moved.");
localvars::add("originalFormTitle", forms::title($form['ID']));
}
} catch (Exception $e) {
log::insert("Data Entry: Move: Error", 0, 0, $e->getMessage());
errorHandle::errorMsg($e->getMessage());
}
log::insert("Data Entry: Move: Page View");
localVars::add("results", displayMessages());
$engine->eTemplate("include", "header");
?>
if (!$sqlResult['result']) {
throw new Exception("Error retreiving watermarks");
}
$tmp = array();
while ($row = mysql_fetch_array($sqlResult['result'], MYSQL_ASSOC)) {
$tmp[] = sprintf('<option value="%s">%s</option>', $row['ID'], $row['name']);
}
localVars::add("watermarkList", implode("", $tmp));
unset($tmp);
} catch (Exception $e) {
errorHandle::errorMsg($e->getMessage());
}
localVars::add("thisSubmitButton", "Add Form");
if (!isnull($formID)) {
localVars::add("thisSubmitButton", "Update Form");
$form = forms::get($formID);
if ($form !== FALSE) {
$formPreview = NULL;
localVars::add("formID", htmlSanitize($form['ID']));
localVars::add("formTitle", htmlSanitize($form['title']));
localVars::add("displayTitle", htmlSanitize($form['displayTitle']));
localVars::add("linkTitle", htmlSanitize($form['linkTitle']));
localVars::add("formDescription", htmlSanitize($form['description']));
localVars::add("submitButton", htmlSanitize($form['submitButton']));
localVars::add("updateButton", htmlSanitize($form['updateButton']));
localVars::add("formContainer", $form['container'] == '1' ? "checked" : "");
localVars::add("formProduction", $form['production'] == '1' ? "checked" : "");
localVars::add("formMetadata", $form['metadata'] == '1' ? "checked" : "");
if (is_empty($form['fields'])) {
$form['fields'] = array();
}