/** * Pulls the data from the underlying $record object into the field. * @param Dataface_Record &$record The Dataface_Record object from which the * data is being pulled. * * @param array &$field The field configuration array for the field being * pulled. * * @param HTML_QuickForm &$form The form that is pulling the data. * * @param string $formFieldName The name of the field within the form. * * @param boolean $new Whether or not this is a new record form. In this * case default values will be used. * * @returns mixed PEAR_Error if there is an error. or true on success. * */ function pullField(&$record, &$field, &$form, $formFieldName, $new = false) { $element =& $this->getElement($form, $field, $formFieldName); // Reference to the form element that will contain the field's value if (PEAR::isError($element)) { return $element; } // Step 1: Load references to objects that we will need to use $table =& $record->_table; if (!$table->hasField($field['name'])) { return PEAR::raiseError("Table " . $table->tablename . " has no field {$field['name']} while trying to pull field value.", DATAFACE_E_NOTICE); } // Reference to the table // Reference to the field descriptor array that we are pulling $widget =& $field['widget']; // See if there is a widgethandler registered for this widget type $widgetHandler =& $this->getWidgetHandler($widget['type']); if (isset($widgetHandler) and method_exists($widgetHandler, 'pullField')) { return $widgetHandler->pullField($record, $field, $form, $formFieldName, $new); } // Reference to the widget descriptor if (!Dataface_PermissionsTool::view($record, array('field' => $field['name']))) { return Dataface_Error::permissionDenied(df_translate('scripts.Dataface.QuickForm.pullField.ERROR_NO_ACCESS_TO_FIELD', "No read access on field '{$field['name']}'", array('fieldname' => $field['name']))); } $raw = $record->getValue($field['name']); // the raw value from the field $delegate =& $table->getDelegate(); // Reference to the table's delegate object (may be null). // Step 2: Insert the value into the form element if ($delegate !== null and method_exists($delegate, $field['name'] . "__pullValue")) { /* * * The delegate defines a conversion method that should be used. * */ $method = $field['name'] . '__pullValue'; $val = $delegate->{$method}($record, $element); } else { if (isset($widgetHandler) and method_exists($widgetHandler, 'pullValue')) { $val = $widgetHandler->pullValue($record, $field, $form, $element, $new); } else { $val = $record->getValueAsString($field['name']); } } $form->setDefaults(array($formFieldName => $val)); /* * * If we got this far, it must have been a success. Return true. * */ return true; }
function test_basic_check_array() { $pt =& Dataface_PermissionsTool::getInstance(); $this->assertTrue($pt->checkPermission('view', array('view' => 'View'))); $this->assertTrue(Dataface_PermissionsTool::checkPermission('view', array('view' => 'View'))); $this->assertTrue(!$pt->checkPermission('view', array())); $this->assertTrue(!Dataface_PermissionsTool::checkPermission('view', array())); $this->assertTrue($pt->checkPermission('edit', array('view' => 'View', 'edit' => 'Edit'))); $perms = array('view' => 'View'); $this->assertTrue($pt->view($perms)); $perms = array('view' => 'View'); $this->assertTrue(Dataface_PermissionsTool::view($perms)); $perms = array('edit' => 'Edit'); $this->assertTrue(!$pt->view($perms)); $perms = array('edit' => 'Edit'); $this->assertTrue(!Dataface_PermissionsTool::view($perms)); $this->assertTrue($pt->edit($perms)); $this->assertTrue(Dataface_PermissionsTool::edit($perms)); $perms = array('delete' => 'Delete'); $this->assertTrue(!$pt->edit($perms)); $this->assertTrue(!Dataface_PermissionsTool::edit($perms)); $this->assertTrue($pt->delete($perms)); $this->assertTrue(Dataface_PermissionsTool::delete($perms)); }
/** * This method sits above "display" on the output stack for a field. * I.e. it wraps "display()" and adds some extra filtering to make the * output directly appropriate to be displayed as HTML. In text fields * this will convert newlines to breaks, and in blob fields, this will output * either the full a-href tag or img tag depending on the type of content that * is stored. * * @param $fieldname The name of the field to output * @param $params Associative array of html parameters that can optionally * be supplied. * Returns HTML string. */ function htmlValue($fieldname, $index = 0, $where = 0, $sort = 0, $params = array()) { $recid = $this->getId(); $uri = $recid . '#' . $fieldname; $domid = $uri . '-' . rand(); $delegate =& $this->_table->getDelegate(); if (isset($delegate) && method_exists($delegate, $fieldname . '__htmlValue')) { $methodname = $fieldname . '__htmlValue'; $res = $delegate->{$methodname}($this); //$res = call_user_func(array(&$delegate, $fieldname.'__htmlValue'), $this); if (is_string($res) and DATAFACE_USAGE_MODE == 'edit' and $this->checkPermission('edit', array('field' => $fieldname)) and !$this->_table->isMetaField($fieldname)) { $res = '<span id="' . $domid . '" df:id="' . $uri . '" class="df__editable">' . $res . '</span>'; } return $res; } $parent =& $this->getParentRecord(); if (isset($parent) and $parent->_table->hasField($fieldname)) { return $parent->htmlValue($fieldname, $index, $where, $sort, $params); } $val = $this->display($fieldname, $index, $where, $sort); if ($this->secureDisplay and !Dataface_PermissionsTool::view($this, array('field' => $fieldname))) { $del =& $this->_table->getDelegate(); if ($del and method_exists($del, 'no_access_link')) { $link = $del->no_access_link($this, array('field' => $fieldname)); return '<a href="' . htmlspecialchars($link) . '">' . $val . '</a>'; } } $field = $this->_table->getField($fieldname); //if ( $field['widget']['type'] != 'htmlarea' ) $val = htmlentities($val,ENT_COMPAT, 'UTF-8'); if ($this->_table->isText($fieldname) and $field['widget']['type'] != 'htmlarea') { $val = nl2br($val); } if ($this->_table->isBlob($fieldname) or $this->_table->isContainer($fieldname)) { if ($this->getLength($fieldname, $index, $where, $sort) > 0) { if ($this->isImage($fieldname, $index, $where, $sort)) { $val = '<img src="' . $val . '"'; if (!isset($params['width']) and isset($field['width'])) { $params['width'] = $field['width']; } foreach ($params as $pkey => $pval) { $val .= ' ' . $pkey . '="' . $pval . '"'; } $val .= '/>'; } else { $file_icon = df_translate($this->getMimetype($fieldname, $index, $where, $sort) . ' file icon', df_absolute_url(DATAFACE_URL) . '/images/document_icon.gif'); $val = '<img src="' . $file_icon . '"/><a href="' . $val . '" target="_blank"'; foreach ($params as $pkey => $pval) { $val .= ' ' . $pkey . '="' . $pval . '"'; } $val .= '>View Field Content In New Window (' . $this->getMimetype($fieldname, $index, $where, $sort) . ')</a>'; } } else { $val = "(Empty)"; } } if (is_string($val) and DATAFACE_USAGE_MODE == 'edit' and $this->checkPermission('edit', array('field' => $fieldname)) and !$this->_table->isMetaField($fieldname)) { $val = '<span id="' . $domid . '" df:id="' . $uri . '" class="df__editable">' . $val . '</span>'; } return $val; }
function display() { if ($this->_resultSet->found() > 0 || $this->_new) { $res = $this->_build(); if (PEAR::isError($res)) { return $res; } else { //$this->displayTabs(); if (!$this->_new and !Dataface_PermissionsTool::edit($this->_record)) { $this->freeze(); } if ($this->_new and !Dataface_PermissionsTool::checkPermission('new', $this->_table)) { $this->freeze(); } $formTool =& Dataface_FormTool::getInstance(); if ($this->_new || Dataface_PermissionsTool::view($this->_record)) { //echo $this->_renderer->toHtml(); echo $formTool->display($this); } else { echo "<p>" . df_translate('scripts.GLOBAL.INSUFFICIENT_PERMISSIONS_TO_VIEW_RECORD', 'Sorry you have insufficient permissions to view this record.') . "</p>"; } //parent::display(); } } else { echo "<p>" . df_translate('scripts.GLOBAL.NO_RECORDS_MATCHED_REQUEST', 'No records matched your request.') . "</p>"; } }
/** * @brief Returns an HTML-friendly value of a field. * * @param string $fieldname The name of the field to return. * @param int $index For related fields indicates the index within the related list of the record to retrieve. * @param string $where Optional where clause to filter related list when retrieving a related field. * @param string $sort Optional sort clause when retrieving a related field. Used to sort related list before * selecting the related record from which the value is to be returned. * @param array $params Optional additional parameters to customize the HTML output. This may be passed to * include HTML attributes width and height to blob fields containing an image. * * @return string The HTML string result. * * @since 0.5 * * @section Synopsis * * This method sits above "display" on the output stack for a field. * I.e. it wraps display() and adds some extra filtering to make the * output directly appropriate to be displayed as HTML. In text fields * this will convert newlines to breaks, and in blob fields, this will output * either the full a-href tag or img tag depending on the type of content that * is stored. * * * @see display() * @see getValue() * @see getValueAsString() * */ function htmlValue($fieldname, $index = 0, $where = 0, $sort = 0, $params = array()) { $recid = $this->getId(); $uri = $recid . '#' . $fieldname; $domid = $uri . '-' . rand(); $delegate =& $this->_table->getDelegate(); if (isset($delegate) && method_exists($delegate, $fieldname . '__htmlValue')) { $methodname = $fieldname . '__htmlValue'; $res = $delegate->{$methodname}($this); //$res = call_user_func(array(&$delegate, $fieldname.'__htmlValue'), $this); if (is_string($res) and DATAFACE_USAGE_MODE == 'edit' and $this->checkPermission('edit', array('field' => $fieldname)) and !$this->_table->isMetaField($fieldname)) { $res = '<span id="' . df_escape($domid) . '" df:id="' . df_escape($uri) . '" class="df__editable">' . $res . '</span>'; } return $res; } $event = new StdClass(); $event->record = $this; $event->fieldname = $fieldname; $event->index = $index; $event->where = $where; $event->sort = $sort; $event->params = $params; $event->out = null; Dataface_Application::getInstance()->fireEvent('Dataface_Record__htmlValue', $event); if (isset($event->out)) { return $event->out; } $parent =& $this->getParentRecord(); if (isset($parent) and $parent->_table->hasField($fieldname)) { return $parent->htmlValue($fieldname, $index, $where, $sort, $params); } $val = $this->display($fieldname, $index, $where, $sort); $strval = $this->strval($fieldname, $index, $where, $sort); $field = $this->_table->getField($fieldname); if (!@$field['passthru'] and $this->escapeOutput) { $val = nl2br(df_escape($val)); } if ($this->secureDisplay and !Dataface_PermissionsTool::view($this, array('field' => $fieldname))) { $del =& $this->_table->getDelegate(); if ($del and method_exists($del, 'no_access_link')) { $link = $del->no_access_link($this, array('field' => $fieldname)); return '<a href="' . df_escape($link) . '">' . $val . '</a>'; } } //if ( $field['widget']['type'] != 'htmlarea' ) $val = htmlentities($val,ENT_COMPAT, 'UTF-8'); //if ( $this->_table->isText($fieldname) and $field['widget']['type'] != 'htmlarea' and $field['contenttype'] != 'text/html' ) $val = nl2br($val); if ($this->_table->isBlob($fieldname) or $this->_table->isContainer($fieldname)) { if ($this->getLength($fieldname, $index, $where, $sort) > 0) { if ($this->isImage($fieldname, $index, $where, $sort)) { $val = '<img src="' . $val . '"'; if (!isset($parmas['alt'])) { $params['alt'] = $strval; } if (!isset($params['width']) and isset($field['width'])) { $params['width'] = $field['width']; } foreach ($params as $pkey => $pval) { $val .= ' ' . df_escape($pkey) . '="' . df_escape($pval) . '"'; } $val .= '/>'; } else { $file_icon = df_translate($this->getMimetype($fieldname, $index, $where, $sort) . ' file icon', df_absolute_url(DATAFACE_URL) . '/images/document_icon.gif'); $val = '<img src="' . df_escape($file_icon) . '"/><a href="' . $val . '" target="_blank"'; foreach ($params as $pkey => $pval) { $val .= ' ' . df_escape($pkey) . '="' . df_escape($pval) . '"'; } $val .= '>' . df_escape($strval) . ' (' . df_escape($this->getMimetype($fieldname, $index, $where, $sort)) . ')</a>'; } } else { $val = "(Empty)"; } } if (is_string($val) and DATAFACE_USAGE_MODE == 'edit' and $this->checkPermission('edit', array('field' => $fieldname)) and !$this->_table->isMetaField($fieldname)) { $val = '<span id="' . df_escape($domid) . '" df:id="' . df_escape($uri) . '" class="df__editable">' . $val . '</span>'; } return $val; }
/** * Builds the form. */ function _build() { if ($this->_built) { return true; } $r =& $this->_relationship->_schema; $t =& $this->_parentTable; $fkCols = $this->_relatedRecord->getForeignKeyValues(); if (PEAR::isError($fkCols)) { $fkCols->addUserInfo("Error getting foreign key columns while building Related Record Form"); error_log($fkCols->toString()); return $fkCols; } //echo "<h1>fkcols</h1>";print_r($fkCols); //$cols =& $r['columns']; $cols =& $this->_fieldNames; $dummyRecords = array(); // to hold records that will allow us to get permissions information form existing data. foreach ($cols as $col) { list($tablename, $fieldname) = explode('.', $col); if (!isset($dummyRecords[$tablename])) { $dummyRecords[$tablename] = new Dataface_Record($tablename, array()); } } foreach (array_keys($dummyRecords) as $dummyTable) { if (isset($fkCols[$dummyTable])) { $dummyRecords[$dummyTable]->setValues($fkCols[$dummyTable]); } } $quickForms = array(); // array for each quickform object.. one for each table in relationship. //$permissions = $t->getRelationshipPermissions($this->_relationshipName); $permissions = $this->_record->getPermissions(array('relationship' => $this->_relationshipName)); if (isset($permissions['add new related record']) and $permissions['add new related record']) { // We are allowed to add a new related record, so we will create a mask to allow this. $mask = array('edit' => 1, 'new' => 1, 'view' => 1); } else { $mask = array(); } $groupsStarted = array(); $fieldDefs = array(); foreach ($cols as $col) { $absFieldname = Dataface_Table::absoluteFieldName($col, $r['tables']); if (PEAR::isError($absFieldname)) { $absFieldname->addUserInfo("Error obtaining absolute field name for field '{$col}' while building Related Record Form "); return $absFieldname; } list($tablename, $fieldname) = explode('.', $absFieldname); $thisTable =& Dataface_Table::loadTable($tablename); //echo $absFieldname; if (array_key_exists($tablename, $fkCols) and array_key_exists($fieldname, $fkCols[$tablename])) { // This column is already specified by the foreign key relationship so we don't need to pass // this information using the form. // Actually - this isn't entirely true. If there is no auto-incrementing field // associated with this foreign key, then if ($this->_relationship->isNullForeignKey($fkCols[$tablename][$fieldname])) { $furthestField = $fkCols[$tablename][$fieldname]->getFurthestField(); if ($furthestField != $absFieldname) { // We only display this field if it is the furthest field of the key continue; } } else { continue; } } $field =& $this->_parentTable->getTableField($col); if (@$field['grafted'] && !@$field['transient']) { continue; } $fieldDefs[$absFieldname] =& $field; unset($field); unset($thisTable); } //foreach ($cols as $col){ $formTool =& Dataface_FormTool::getInstance(); $groups = $formTool->groupFields($fieldDefs); $firstGroup = true; // Let's see if we need to use tabs foreach ($groups as $sectionName => $fields) { unset($group); $firstField = reset($fields); if (!$firstField) { continue; } $thisTable =& Dataface_Table::loadTable($firstField['tablename']); $group =& $thisTable->getFieldgroup($sectionName); if (PEAR::isError($group)) { $group = array('label' => df_translate('scripts.Dataface_QuickForm.LABEL_EDIT_DETAILS', 'Edit Details'), 'order' => 1); } $groupEmpty = true; // A flag to check when the group has at least one element foreach ($fields as $field) { $tablename = $field['tablename']; $fieldname = $field['name']; $absFieldname = $tablename . '.' . $fieldname; unset($thisTable); $thisTable =& Dataface_Table::loadTable($tablename); if (isset($r[$thisTable->tablename]['readonly'])) { continue; } if (!isset($this->_quickForms[$tablename])) { $this->_quickForms[$tablename] = new Dataface_QuickForm($tablename, '', '', '', true); } if (isset($quickForm)) { unset($quickForm); } $quickForm =& $this->_quickForms[$tablename]; if (array_key_exists($tablename, $fkCols) and array_key_exists($fieldname, $fkCols[$tablename])) { // This column is already specified by the foreign key relationship so we don't need to pass // this information using the form. // Actually - this isn't entirely true. If there is no auto-incrementing field // associated with this foreign key, then if ($this->_relationship->isNullForeignKey($fkCols[$tablename][$fieldname])) { $furthestField = $fkCols[$tablename][$fieldname]->getFurthestField(); if ($furthestField != $absFieldname) { // We only display this field if it is the furthest field of the key continue; } } else { continue; } //continue; } //$field =& $this->_parentTable->getTableField($col); $widget =& $field['widget']; $perms = $dummyRecords[$tablename]->getPermissions(array('field' => $fieldname, 'recordmask' => $mask)); if (!Dataface_PermissionsTool::view($perms)) { continue; } $el = $quickForm->_buildWidget($field, $perms); if (PEAR::isError($el)) { error_log($el->toString() . "\n" . implode("\n", $el->getBacktrace())); throw new Exception("Failed to build widget for {$fieldname}. See error log for details.", E_USER_ERROR); } if ($groupEmpty and @$field['widget']['type'] !== 'hidden') { // This is the first field in the group, so we add a header for the // group. if (!$firstGroup) { $this->addElement('submit', '', df_translate('save_button_label', 'Save')); } $headerel =& $this->addElement('header', $group['label'], $group['label']); $headerel->setFieldDef($group); unset($headerel); $groupEmpty = false; $firstGroup = false; } $this->addElement($el); // set default value $defaultValue = $thisTable->getDefaultValue($fieldname); if (isset($defaultValue)) { $defaults = array($fieldname => $defaultValue); $this->setDefaults($defaults); } /* * * If there are any validation options set for the field, we must add these rules to the quickform * element. * */ $validators = $field['validators']; foreach ($validators as $vname => $validator) { /* * * $validator['arg'] would be specified in the INI file. * Example ini file listing: * ------------------------- * [FirstName] * widget:label = First name * widget:description = Enter your first name * validators:regex = "/[0-9a-zA-Z/" * * This would result in $validator['arg'] = "/[0-9a-zA-Z/" in this section * and $vname == "regex". Hence it would mean that a regular expression validator * is being placed on this field so that only Alphanumeric characters are accepted. * Please see documentation for HTML_QuickForm PEAR class for more information * about QuickForm validators. * */ $this->addRule($fieldname, $validator['message'], $vname, $validator['arg'], 'client'); } unset($field); unset($widget); unset($grp); unset($thisTable); unset($el); } } $factory = new HTML_QuickForm('factory'); $keyEls = array(); $keyDefaults = array(); foreach (array_keys($this->_parentTable->keys()) as $key) { $keyEls[] = $factory->addElement('hidden', $key); } $this->addGroup($keyEls, '__keys__'); $keyvals = array(); foreach (array_keys($this->_parentTable->keys()) as $key) { $keyvals[$key] = $this->_record->getValueAsString($key); } $this->setDefaults(array('__keys__' => $keyvals)); $this->addElement('hidden', '-table'); $this->addElement('hidden', '-relationship'); $this->addElement('hidden', '-action'); $this->addElement('submit', '-Save', df_translate('save_button_label', 'Save')); $this->setDefaults(array('-table' => $this->_parentTable->tablename, '-relationship' => $this->_relationshipName, '-action' => "new_related_record")); /* * There may be some default values specified in the relationship schema. */ if (isset($r['new'])) { $this->setDefaults($r['new']); } $this->_built = true; }
function build() { $formTool =& Dataface_FormTool::getInstance(); foreach ($this->getFieldDefs() as $uri => $fieldDef) { //$qf =& $this->getQuickForm($uri); $record =& $this->getRecord($uri); /* * * If the user does not have permission to view this field, we should not generate this widget. * */ if (!Dataface_PermissionsTool::view($record, array('field' => $fieldDef['name']))) { continue; } $el =& $formTool->buildWidget($record, $fieldDef, $this, $uri); if (PEAR::isError($el)) { trigger_error($el->getMessage(), E_USER_ERROR); } //$el->setName($uri); //$this->addElement($el); //$this->setDefaults(array( $uri => df_get($uri,'strval'))); unset($el); unset($record); unset($fieldDef); } $this->addElement('submit', 'submit', 'Save'); }