function test_string_values()
{
$record = new Dataface_Record('Profiles', array());
$record->setValue('id', 6);
$this->assertEquals($record->strval('id'), "6");
$this->assertEquals($record->stringValue('id'), "6");
$this->assertEquals($record->getValueAsString('id'), "6");
$record2 = new Dataface_Record('Test', array('id' => 2));
$record2->setValue('timestampfield_date', "February 4 2005 12:36:15");
$this->assertEquals('20050204123615', $record2->strval('timestampfield_date'));
}
/**
* Builds an SQL query to copy the given record. This honours permissions
* and will only copy columns for which 'view' access is available in the
* source record and 'edit' access is available in the destination record.
*
* Individual column failures (due to permissions) are recorded in the
* $warnings variable of this class. It will be an array of Dataface_Error
* objects.
*
* @param Dataface_Record $record The record being copied.
* @param array $valls Values that should be placed in the copied version.
* @param boolean $force If true this will perform the copy despite individual
* column warnings.
* @returns string The SQL query to copy the record.
*/
function buildCopyQuery($record, $vals = array(), $force = true)
{
$dummy = new Dataface_Record($record->_table->tablename, $vals);
if (!$record->checkPermission('view') || !$dummy->checkPermission('edit')) {
return Dataface_Error::permissionDenied("Failed to copy record '" . $record->getTitle() . "' because of insufficient permissions.");
}
$copy_fields = array_keys($record->_table->fields());
// Go through each field and see if we have copy permission.
// Copy permission is two-fold: 1- make sure the source is viewable
// 2- make sure the destination is editable.
$failed = false;
foreach ($copy_fields as $key => $fieldname) {
if (!$record->checkPermission('view', array('field' => $fieldname)) || !$dummy->checkPermission('edit', array('field' => $fieldname))) {
$this->warnings[] = Dataface_Error::permissionDenied("The field '{$fieldname}' could not be copied for record '" . $record->getTitle() . "' because of insufficient permissions.");
unset($copy_fields[$key]);
$failed = true;
}
}
// If we are not forcing completion, any failures will result in cancellation
// of the copy.
if (!$force and $failed) {
return Dataface_Error::permissionDenied("Failed to copy the record '" . $record->getTitle() . "' due to insufficient permissions on one or more of the columns.");
}
// We don't copy auto increment fields.
$auto_inc_field = $record->_table->getAutoIncrementField();
if ($auto_inc_field) {
$key = array_search($auto_inc_field, $copy_fields);
if ($key !== false) {
unset($copy_fields[$key]);
}
}
// Now we can build the query.
$sql = array();
$sql[] = "insert into `" . $record->_table->tablename . "`";
$sql[] = "(`" . implode('`,`', $copy_fields) . "`)";
$copy_values = array();
foreach ($copy_fields as $key => $val) {
if (isset($vals[$val])) {
$copy_values[$key] = "'" . addslashes($dummy->getSerializedValue($val)) . "' as `{$val}`";
} else {
$copy_values[$key] = "`" . $val . "`";
}
}
$sql[] = "select " . implode(', ', $copy_values) . " from `" . $record->_table->tablename . "`";
$qb = new Dataface_QueryBuilder($record->_table->tablename);
$keys = array_keys($record->_table->keys());
$q = array();
foreach ($keys as $key_fieldname) {
$q[$key_fieldname] = $record->strval($key_fieldname);
}
$where = $qb->_where($q);
$where = $qb->_secure($where);
$sql[] = $where;
return implode(' ', $sql);
}
function handle(&$params)
{
$app = Dataface_Application::getInstance();
if (!isset($_GET['code'])) {
// We need this parameter or we can do nothing.
return PEAR::raiseError(df_translate('actions.activate.MESSAGE_MISSING_CODE_PARAMETER', 'The code parameter is missing from your request. Validation cannot take place. Please check your url and try again.'), DATAFACE_E_ERROR);
}
// Step 0: Find out what the redirect URL will be
// We accept --redirect markers to specify which page to redirect
// to after we're done. This will usually be the page that the
// user was on before they went to the login page.
if (isset($_SESSION['--redirect'])) {
$url = $_SESSION['--redirect'];
} else {
if (isset($_SESSION['-redirect'])) {
$url = $_SESSION['-redirect'];
} else {
if (isset($_REQUEST['--redirect'])) {
$url = $_REQUEST['--redirect'];
} else {
if (isset($_REQUEST['-redirect'])) {
$url = $_REQUEST['-redirect'];
} else {
$url = $app->url('-action=' . $app->_conf['default_action']);
}
}
}
}
if (strpos($url, '?') === false) {
$url .= '?';
}
// Step 1: Delete all registrations older than time limit
$time_limit = 24 * 60 * 60;
// 1 day
if (isset($params['time_limit'])) {
$time_limit = intval($params['time_limit']);
}
$res = xf_db_query("delete from dataface__registrations \n\t\t\t\twhere registration_date < '" . addslashes(date('Y-m-d H:i:s', time() - $time_limit)) . "'", df_db());
if (!$res) {
error_log(xf_db_error(df_db()));
throw new Exception("Failed to delete registrations due to an SQL error. See error log for details.", E_USER_ERROR);
}
// Step 2: Load the specified registration information
$res = xf_db_query("select registration_data from dataface__registrations\n\t\t\t\twhere registration_code = '" . addslashes($_GET['code']) . "'", df_db());
if (!$res) {
error_log(xf_db_error(df_db()));
throw new Exception("Failed to load registration information due to an SQL error. See error log for details.", E_USER_ERROR);
}
if (xf_db_num_rows($res) == 0) {
// We didn't find any records matching the prescribed code, so
// we redirect the user to their desired page and inform them
// that the registration didn't work.
$msg = df_translate('actions.activate.MESSAGE_REGISTRATION_NOT_FOUND', 'No registration information could be found to match this code. Please try registering again.');
$app->redirect($url . '&--msg=' . urlencode($msg));
}
// Step 3: Check to make sure that there are no other users with the
// same name.
list($raw_data) = xf_db_fetch_row($res);
$values = unserialize($raw_data);
$appdel = $app->getDelegate();
if (isset($appdel) and method_exists($appdel, 'validateRegistrationForm')) {
$res = $appdel->validateRegistrationForm($values);
if (PEAR::isError($res)) {
$msg = $res->getMessage();
$app->redirect($url . '&--msg=' . urlencode($msg));
}
} else {
$res = xf_db_query("select count(*) from \n\t\t\t\t`" . str_replace('`', '', $app->_conf['_auth']['users_table']) . "` \n\t\t\t\twhere `" . str_replace('`', '', $app->_conf['_auth']['username_column']) . "` = '" . addslashes($values[$app->_conf['_auth']['username_column']]) . "'\n\t\t\t\t", df_db());
if (!$res) {
error_log(xf_db_error(df_db()));
throw new Exception("Failed to find user records due to an SQL error. See error log for details.", E_USER_ERROR);
}
list($num) = xf_db_fetch_row($res);
if ($num > 0) {
$msg = df_translate('actions.activate.MESSAGE_DUPLICATE_USER', 'Registration failed because a user already exists by that name. Try registering again with a different name.');
$app->redirect($url . '&--msg=' . urlencode($msg));
}
}
// Step 4: Save the registration data and log the user in.
$record = new Dataface_Record($app->_conf['_auth']['users_table'], array());
$record->setValues($values);
$res = $record->save();
if (PEAR::isError($res)) {
$app->redirect($url . '&--msg=' . urlencode($res->getMessage()));
} else {
$res = xf_db_query("delete from dataface__registrations\n\t\t\t\t\twhere registration_code = '" . addslashes($_GET['code']) . "'", df_db());
if (!$res) {
error_log(xf_db_error(df_db()));
throw new Exception("Failed to clean up old registrations due to an SQL error. See error log for details.", E_USER_ERROR);
}
$msg = df_translate('actions.activate.MESSAGE_REGISTRATION_COMPLETE', 'Registration complete. You are now logged in.');
$_SESSION['UserName'] = $record->strval($app->_conf['_auth']['username_column']);
import('Dataface/Utilities.php');
Dataface_Utilities::fireEvent('after_action_activate', array('record' => $record));
$app->redirect($url . '&--msg=' . urlencode($msg));
}
}
