Esempio n. 1
0
 public function destroy($id = null)
 {
     // If multiple ids are specified
     if ($id == 'multiple') {
         $selected_ids = trim(Input::get('selected_ids'));
         if ($selected_ids == '') {
             return Redirect::back()->with('error_message', "Nothing was selected to delete");
         }
         $selected_ids = explode(' ', $selected_ids);
     } else {
         $selected_ids = array($id);
     }
     foreach ($selected_ids as $id) {
         $post = FormEntry::findOrFail($id);
         $post->delete();
     }
     $wasOrWere = count($selected_ids) > 1 ? 's were' : ' was';
     $message = 'The form entry' . $wasOrWere . ' deleted.';
     return Redirect::back()->with('success_message', $message);
 }
Esempio n. 2
0
 public function destroy($id = null)
 {
     // If multiple ids are specified
     if ($id == 'multiple') {
         $selected_ids = trim(Input::get('selected_ids'));
         if ($selected_ids == '') {
             return Redirect::back()->with('error_message', trans('error_messages.nothing_selected_delete'));
         }
         $selected_ids = explode(' ', $selected_ids);
     } else {
         $selected_ids = array($id);
     }
     foreach ($selected_ids as $id) {
         $post = FormEntry::findOrFail($id);
         $post->delete();
     }
     $translation = count($selected_ids) > 1 ? 'form_entries_delete' : 'form_entry_delete';
     $message = trans('success_messages.' . $translation);
     return Redirect::back()->with('success_message', $message);
 }
Esempio n. 3
0
 /**
  * renders the form head
  * @return string html
  */
 public function renderFormHead($using_custom = false)
 {
     // start the form html using an array
     $html = [];
     $form_status = 'idle';
     if (self::$success) {
         $form_status = 'success';
     }
     if (self::$invalid) {
         $form_status = 'has_errors';
     }
     $html[] = sprintf('<form action="%s" data-form-status="%s" method="%s" class="%s" id="%s" data-use-ajax="%s" %s>', $this->settings['action'], $form_status, $this->settings['method'], $this->settings['css_class'] . ' mrspicy-forms', $this->settings['id'], $this->settings['use_ajax'], $this->settings['novalidate'] ? 'novalidate' : '');
     if ($this->settings['use_recaptcha']) {
         $html[] = '<script src="https://www.google.com/recaptcha/api.js"></script>';
     }
     // get neccessary fields CSRF protection
     $form_entry_helper = new \FormEntry();
     $html[] = $form_entry_helper->getRenderPublicField('nonce');
     $html[] = $form_entry_helper->getRenderPublicField('class');
     $html[] = sprintf('<input name="form_config" type="hidden" value="%d">', $this->conf_ID);
     $html[] = '<input name="mrspicy_form_submission" type="hidden" value="true">';
     if ($this->settings['use_ajax']) {
         $html[] = '<input type="hidden" name="use_ajax" value="1">';
     }
     if ($this->settings['use_honeypot']) {
         $html[] = $this->renderHoneyPotField();
     }
     // wrap with row and columns (foundation)
     if (!$this->settings['exclude_post_content'] && !$using_custom) {
         $html[] = $this->settings['label_field_wrapper']($this->conf_instance->getTheContent(), $this->settings['column_classes']);
     }
     $messages = [];
     if (strlen($this->get('error_message'))) {
         $messages['error_message'] = $this->get('error_message');
     }
     //get form messages
     if (!$using_custom) {
         $html[] = $this->settings['label_field_wrapper']($this->getFormMessages($messages), $this->settings['column_classes'] . ' form-messages');
         $this->renderMessages();
     }
     return join('', $html);
 }
function display_form_entry_edit_form($user, $id = False, $form_id = False)
{
    // displays a form to edit form parameters.
    if (!($id === False)) {
        $caught = False;
        try {
            $formEntry = new FormEntry($user->dbConn, $id);
            $form_id = $formEntry->form['id'];
        } catch (Exception $e) {
            $id = False;
            $form_id = False;
            $caught = True;
        }
    } else {
        $formEntry = new FormEntry($user->dbConn, 0, $form_id ? intval($form_id) : Null);
        $formEntry->formValues = $formEntry->getAutosaveValues($user);
    }
    if (!($form_id === False)) {
        try {
            $form = new Form($user->dbConn, $form_id);
        } catch (Exception $e) {
            $form_id = False;
        }
        $formEntry->form = array('id' => $form->id, 'name' => $form->name);
    } else {
        echo "Please specify a valid form entry ID or form ID.";
        return;
    }
    $jsParameters = array();
    if ($formEntry->machine) {
        // instantiate all machine_type_attributes in php and js.
        $machine = new Machine($user->dbConn, $formEntry->machine['id']);
        foreach ($machine->machineParameters as $parameter) {
            @($value = unserialize($parameter->value));
            if (!$value) {
                $value = $parameter->value;
            } else {
                $value = json_encode($value);
            }
            ${$parameter->machineTypeAttribute['name']} = $value;
            $jsParameters[$parameter->machineTypeAttribute['name']] = $value;
        }
    } else {
        // instantiate all the global machine parameters.
        $machineParameters = $user->dbConn->stdQuery("SELECT `machine_type_attributes`.`name` FROM `machine_type_attributes`");
        while ($parameter = $machineParameters->fetch_assoc()) {
            ${$parameter['name']} = array();
            $jsParameters[$parameter['name']] = "{}";
        }
    }
    if ($form->php != '' && $form->php != 'NULL') {
        // i know this is terrible ugh but custom forms eventually
        eval($form->php);
    }
    if ($form->js != '' && $form->js != 'NULL') {
        echo "<script type='text/javascript'>\n";
        foreach ($jsParameters as $name => $value) {
            echo "var " . $name . " = " . $value . ";\n";
        }
        echo $form->js . "\n</script>\n";
    }
}
    } else {
        $approvalVal = 0;
    }
    $formEntry = new FormEntry($database, intval($_REQUEST['id']));
    if (!$formEntry->user['id'] || $user->id != $formEntry->user['id'] && !$user->isPhysicist() && !$user->isAdmin()) {
        redirect_to(array('location' => 'form_entry.php?action=edit&id=' . intval($formEntry->id), 'status' => "You don't have permissions to update that entry.", 'class' => 'error'));
    }
    if ($formEntry->setApproval($user, $approvalVal)) {
        redirect_to(array('location' => 'form_entry.php?action=index&form_id=' . intval($formEntry->form['id']), 'status' => "Successfully " . $_REQUEST['action'] . "d entry.", 'class' => 'success'));
    } else {
        redirect_to(array('location' => 'form_entry.php?action=edit&id=' . intval($formEntry->id), 'status' => "An error occurred while un/approving this entry.", 'class' => 'error'));
    }
} elseif ($_REQUEST['action'] == 'delete' && isset($_REQUEST['id'])) {
    // check to see if this user has perms to delete.
    try {
        $targetEntry = new FormEntry($database, intval($_REQUEST['id']));
    } catch (Exception $e) {
        echo "0";
        exit;
    }
    if ($targetEntry->approvedOn != '') {
        echo "0";
        exit;
    }
    if ($targetEntry->user['id'] != $user->id && !$user->isPhysicist() && !$user->isAdmin()) {
        echo "0";
        exit;
    }
    try {
        $targetMachine = new Machine($database, intval($targetEntry->machine['id']));
    } catch (Exception $e) {