/**
* @return array<string> list of field names
*/
public static function getSkipFields()
{
if (self::$skipFields === NULL) {
self::$skipFields = array('widget_code', 'html_message', 'body_html', 'msg_html', 'description', 'intro', 'thankyou_text', 'tf_thankyou_text', 'intro_text', 'page_text', 'body_text', 'footer_text', 'thankyou_footer', 'thankyou_footer_text', 'new_text', 'renewal_text', 'help_pre', 'help_post', 'confirm_title', 'confirm_text', 'confirm_footer_text', 'confirm_email_text', 'event_full_text', 'waitlist_text', 'approval_req_text', 'report_header', 'report_footer', 'cc_id', 'bcc_id', 'premiums_intro_text', 'honor_block_text', 'pay_later_receipt', 'label', 'url', 'details', 'msg_text', 'text_message', 'data', 'sqlQuery', 'pcp_title', 'pcp_intro_text');
}
return self::$skipFields;
}
/**
* Returns 'safe' elements' values
*
* Unlike getSubmitValues(), this will return only the values
* corresponding to the elements present in the form.
*
* @param mixed Array/string of element names, whose values we want. If not set then return all elements.
* @access public
* @return array An assoc array of elements' values
* @throws HTML_QuickForm_Error
*/
function exportValues($elementList = null)
{
$values = array();
if (null === $elementList) {
// iterate over all elements, calling their exportValue() methods
foreach (array_keys($this->_elements) as $key) {
$value = $this->_elements[$key]->exportValue($this->_submitValues, true);
$fldName = null;
if (isset($this->_elements[$key]->_attributes['name'])) {
//filter the value across XSS vulnerability issues.
$fldName = $this->_elements[$key]->_attributes['name'];
}
if (!in_array($this->_elements[$key]->_type, array('text', 'textarea')) or CRM_Core_HTMLInputCoder::isSkippedField($fldName)) {
// …don’t filter, otherwise filter (else clause below)
} else {
//here value might be array or single value.
//so we should iterate and get filtered value.
CRM_Core_HTMLInputCoder::encodeInput($value);
}
if (is_array($value)) {
// This shit throws a bogus warning in PHP 4.3.x
$values = HTML_QuickForm::arrayMerge($values, $value);
}
}
} else {
if (!is_array($elementList)) {
$elementList = array_map('trim', explode(',', $elementList));
}
foreach ($elementList as $elementName) {
$value = $this->exportValue($elementName);
//filter the value across XSS vulnerability issues.
if (!CRM_Core_HTMLInputCoder::isSkippedField($elementName)) {
CRM_Core_HTMLInputCoder::encodeInput($value);
}
if (PEAR::isError($value)) {
return $value;
}
$values[$elementName] = $value;
}
}
return $values;
}
function civicrm_api($entity, $action, $params, $extra = NULL)
{
$apiWrappers = array(CRM_Core_HTMLInputCoder::singleton());
try {
require_once 'api/v3/utils.php';
require_once 'api/Exception.php';
if (!is_array($params)) {
throw new API_Exception('Input variable `params` is not an array', 2000);
}
_civicrm_api3_initialize();
$errorScope = CRM_Core_TemporaryErrorScope::useException();
require_once 'CRM/Utils/String.php';
require_once 'CRM/Utils/Array.php';
$apiRequest = array();
$apiRequest['entity'] = CRM_Utils_String::munge($entity);
$apiRequest['action'] = CRM_Utils_String::munge($action);
$apiRequest['version'] = civicrm_get_api_version($params);
$apiRequest['params'] = $params;
$apiRequest['extra'] = $extra;
// look up function, file, is_generic
$apiRequest += _civicrm_api_resolve($apiRequest);
if (strtolower($action) == 'create' || strtolower($action) == 'delete') {
$apiRequest['is_transactional'] = 1;
$tx = new CRM_Core_Transaction();
}
$errorFnName = $apiRequest['version'] == 2 ? 'civicrm_create_error' : 'civicrm_api3_create_error';
if ($apiRequest['version'] > 2) {
_civicrm_api3_api_check_permission($apiRequest['entity'], $apiRequest['action'], $apiRequest['params']);
}
// we do this before we
_civicrm_api3_swap_out_aliases($apiRequest);
if (strtolower($action) != 'getfields') {
if (!CRM_Utils_Array::value('id', $params)) {
$apiRequest['params'] = array_merge(_civicrm_api3_getdefaults($apiRequest), $apiRequest['params']);
}
//if 'id' is set then only 'version' will be checked but should still be checked for consistency
civicrm_api3_verify_mandatory($apiRequest['params'], NULL, _civicrm_api3_getrequired($apiRequest));
}
foreach ($apiWrappers as $apiWrapper) {
$apiRequest = $apiWrapper->fromApiInput($apiRequest);
}
$function = $apiRequest['function'];
if ($apiRequest['function'] && $apiRequest['is_generic']) {
// Unlike normal API implementations, generic implementations require explicit
// knowledge of the entity and action (as well as $params). Bundle up these bits
// into a convenient data structure.
$result = $function($apiRequest);
} elseif ($apiRequest['function'] && !$apiRequest['is_generic']) {
_civicrm_api3_validate_fields($apiRequest['entity'], $apiRequest['action'], $apiRequest['params']);
$result = isset($extra) ? $function($apiRequest['params'], $extra) : $function($apiRequest['params']);
} else {
return $errorFnName("API (" . $apiRequest['entity'] . "," . $apiRequest['action'] . ") does not exist (join the API team and implement it!)");
}
foreach ($apiWrappers as $apiWrapper) {
$result = $apiWrapper->toApiOutput($apiRequest, $result);
}
if (CRM_Utils_Array::value('format.is_success', $apiRequest['params']) == 1) {
if ($result['is_error'] === 0) {
return 1;
} else {
return 0;
}
}
if (CRM_Utils_Array::value('format.only_id', $apiRequest['params']) && isset($result['id'])) {
return $result['id'];
}
if (CRM_Utils_Array::value('is_error', $result, 0) == 0) {
_civicrm_api_call_nested_api($apiRequest['params'], $result, $apiRequest['action'], $apiRequest['entity'], $apiRequest['version']);
}
if (CRM_Utils_Array::value('format.smarty', $apiRequest['params']) || CRM_Utils_Array::value('format_smarty', $apiRequest['params'])) {
// return _civicrm_api_parse_result_through_smarty($result,$apiRequest['params']);
}
if (function_exists('xdebug_time_index') && CRM_Utils_Array::value('debug', $apiRequest['params']) && is_array($result)) {
$result['xdebug']['peakMemory'] = xdebug_peak_memory_usage();
$result['xdebug']['memory'] = xdebug_memory_usage();
$result['xdebug']['timeIndex'] = xdebug_time_index();
}
return $result;
} catch (PEAR_Exception $e) {
if (CRM_Utils_Array::value('format.is_success', $apiRequest['params']) == 1) {
return 0;
}
$data = array();
$err = civicrm_api3_create_error($e->getMessage(), $data, $apiRequest);
if (CRM_Utils_Array::value('debug', $apiRequest['params'])) {
$err['trace'] = $e->getTraceSafe();
} else {
$err['tip'] = "add debug=1 to your API call to have more info about the error";
}
if (CRM_Utils_Array::value('is_transactional', $apiRequest)) {
$tx->rollback();
}
return $err;
} catch (API_Exception $e) {
if (!isset($apiRequest)) {
$apiRequest = array();
}
if (CRM_Utils_Array::value('format.is_success', CRM_Utils_Array::value('params', $apiRequest)) == 1) {
return 0;
}
$data = $e->getExtraParams();
$err = civicrm_api3_create_error($e->getMessage(), $data, $apiRequest, $e->getCode());
if (CRM_Utils_Array::value('debug', CRM_Utils_Array::value('params', $apiRequest))) {
$err['trace'] = $e->getTraceAsString();
}
if (CRM_Utils_Array::value('is_transactional', CRM_Utils_Array::value('params', $apiRequest))) {
$tx->rollback();
}
return $err;
} catch (Exception $e) {
if (CRM_Utils_Array::value('format.is_success', $apiRequest['params']) == 1) {
return 0;
}
$data = array();
$err = civicrm_api3_create_error($e->getMessage(), $data, $apiRequest, $e->getCode());
if (CRM_Utils_Array::value('debug', $apiRequest['params'])) {
$err['trace'] = $e->getTraceAsString();
}
if (CRM_Utils_Array::value('is_transactional', $apiRequest)) {
$tx->rollback();
}
return $err;
}
}
