/** * Set Etag * * if it's empty, set a valid Etag in the entries table * * @author Brian Hendrickson <*****@*****.**> * @access public * @return string[] */ function set_etag($person_id = NULL) { global $db; $Entry =& $db->get_table('entries'); $atomentry = $Entry->find_by(array('resource' => $this->table, 'record_id' => $this->id), $this->id); if ($atomentry) { return true; } $atomentry = $Entry->base(); if ($person_id == NULL) { $person_id = get_person_id(); } if ($atomentry) { $id = $this->primary_key; $atomentry->set_value('etag', getEtag($this->{$id})); $atomentry->set_value('resource', $this->table); $atomentry->set_value('record_id', $this->{$id}); $atomentry->set_value('content_type', 'text/html'); $atomentry->set_value('last_modified', timestamp()); $atomentry->set_value('person_id', $person_id); $aresult = $atomentry->save_changes(); if ($aresult && array_key_exists('entry_id', $this->attributes)) { $this->set_value('entry_id', $atomentry->id); $this->save_changes(); } } }
function update_from_post(&$req) { trigger_before('update_from_post', $this, $req); global $db; $fields = $this->fields_from_request($req); if (isset($fields[$req->resource])) { $fieldsarr = $fields[$req->resource]; } if (!isset($fieldsarr)) { trigger_error("The fields were not found in the request." . print_r($fields), E_USER_ERROR); } if ($this->has_metadata) { $Person =& $db->model('Person'); $Group =& $db->model('Group'); if (!isset($req->params['entry']['etag'])) { trigger_error("Sorry, the etag was not submitted with the database entry", E_USER_ERROR); } $atomentry = $db->models['entries']->find_by('etag', $req->params['entry']['etag']); if (!$atomentry->exists) { $atomentry = $db->models['entries']->base(); $atomentry->set_value('etag', getEtag(srand(date("s")))); $atomentry->set_value('resource', $req->resource); $atomentry->set_value('record_id', $rec->{$pkfield}); $atomentry->set_value('content_type', $content_type); $atomentry->set_value('last_modified', timestamp()); $atomentry->set_value('person_id', get_person_id()); $aresult = $atomentry->save_changes(); } $p = $Person->find(get_person_id()); if (!($p->id == $atomentry->attributes['person_id']) && !$this->can_superuser($req->resource)) { trigger_error("Sorry, your id does not match the owner of the database entry", E_USER_ERROR); } $recid = $atomentry->attributes['record_id']; if (empty($recid)) { trigger_error('The input form eTag did not match a record_id in entries.', E_USER_ERROR); } } else { $recid = $req->id; if (empty($recid)) { trigger_error('The record id was not found in the "id" form field.', E_USER_ERROR); } } $rec = $this->find($recid); foreach ($fieldsarr as $field => $type) { if ($this->has_metadata && is_blob($rec->table . '.' . $field)) { if (isset($_FILES[strtolower(classify($rec->table))]['name'][$field])) { if ($this->has_metadata) { $content_type = type_of($_FILES[strtolower(classify($rec->table))]['name'][$field]); $atomentry->set_value('content_type', $content_type); } } } $rec->set_value($field, $req->params[strtolower(classify($rec->table))][$field]); } $result = $rec->save_changes(); foreach ($fields as $table => $fieldlist) { // for each table in the submission do $mdl =& $db->get_table($table); if (!$mdl->can_write_fields($fieldlist)) { trigger_error("Sorry, you do not have permission to " . $req->action . " " . $table, E_USER_ERROR); } if (!in_array($table, array('entries', $rec->table), true)) { $rel = $rec->FirstChild($table); foreach ($fieldlist as $field => $type) { $rel->set_value($field, $req->params[strtolower(classify($table))][$field]); } $rel->save_changes(); } } if ($result) { $req->set_param('id', $rec->id); if ($this->has_metadata) { $atomentry->set_value('last_modified', timestamp()); $atomentry->save_changes(); } } else { trigger_error("The record could not be updated in the database.", E_USER_ERROR); } trigger_after('update_from_post', $this, $rec); }