/** * update a record * this function is registered in xajax * @param string $title title of page * @param string $key_string comma separated name value pairs * @param array $form_values values of new record (array of name value pairs) * @return xajaxResponse every xajax registered function needs to return this object */ function action_update_user_admin_record($title, $key_string, $form_values) { global $logging; global $user; global $user_admin_table_configuration; global $firstthingsfirst_field_descriptions; global $user_start_time_array; # WARNING: this function is almost identical to function UserSettings::action_update_user_setting_record # changes in this function should also lead to changes in that function $logging->info("USER_ACTION " . __METHOD__ . " (user="******", title={$title}, key_string={$key_string})"); # store start time $user_start_time_array[__METHOD__] = microtime(TRUE); $html_str = ""; $name_keys = array_keys($form_values); $new_form_values = array(); $fields = $user->get_fields(); $field_keys = array_keys($fields); # create the key_string for user admin (who always has id=1) $key_string_admin_user = DatabaseTable::_get_encoded_key_string(array(DB_ID_FIELD_NAME => "1")); # create necessary objects $result = new Result(); $response = new xajaxResponse(); $html_database_table = new HtmlDatabaseTable($user_admin_table_configuration); foreach ($name_keys as $name_key) { $value_array = explode(GENERAL_SEPARATOR, $name_key); $db_field_name = $value_array[0]; $field_type = $value_array[1]; $field_number = $value_array[2]; $check_functions = explode(" ", $firstthingsfirst_field_descriptions[$field_type][FIELD_DESCRIPTION_FIELD_INPUT_CHECKS]); $result->reset(); $logging->debug("field (name=" . $db_field_name . ", type=" . $field_type . ", number=" . $field_number . ")"); # check field values (check password field only when new password has been set) if ($db_field_name != USER_PW_FIELD_NAME || $db_field_name == USER_PW_FIELD_NAME && strlen($form_values[$name_key]) > 0) { check_field($check_functions, $db_field_name, $form_values[$name_key], $user->get_date_format(), $result); if (strlen($result->get_error_message_str()) > 0) { set_error_message($name_key, "right", $result->get_error_message_str(), "", "", $response); return $response; } } # set new value $new_form_values[$db_field_name] = $result->get_result_str(); $logging->debug("setting new form value (db_field_name=" . $db_field_name . ", result=" . $result->get_result_str() . ")"); } # check if all booleans have been set foreach ($field_keys as $db_field_name) { if ($fields[$db_field_name][1] == FIELD_TYPE_DEFINITION_BOOL) { if (!isset($new_form_values[$db_field_name])) { $logging->debug("found an unset bool field"); $new_form_values[$db_field_name] = "0"; } } } # check if someone tries to change user admin if ($key_string_admin_user == $key_string) { # check if the name of user admin is changed if ($new_form_values[USER_NAME_FIELD_NAME] != "admin") { set_error_message("record_contents_buttons", "right", "ERROR_CANNOT_UPDATE_NAME_USER_ADMIN", "", "", $response); return $response; } # check if the permissions of user admin is changed if ($new_form_values[USER_CAN_CREATE_LIST_FIELD_NAME] != "1" || $new_form_values[USER_IS_ADMIN_FIELD_NAME] != "1") { set_error_message("record_contents_buttons", "right", "ERROR_CANNOT_UPDATE_PERMISSIONS_USER_ADMIN", "", "", $response); return $response; } } # display error when insertion returns false if (!$user->update($key_string, $new_form_values)) { $logging->warn("update user admin record returns false"); $error_message_str = $user->get_error_message_str(); $error_log_str = $user->get_error_log_str(); $error_str = $user->get_error_str(); set_error_message("record_contents_buttons", "right", $error_message_str, $error_log_str, $error_str, $response); return $response; } # set content $result->reset(); $html_database_table->get_content($user, $title, "", DATABASETABLE_UNKWOWN_PAGE, $result); $response->custom_response->assign_with_effect(USER_ADMIN_CSS_NAME_PREFIX . "content_pane", $result->get_result_str()); # set action pane $html_str = $html_database_table->get_action_bar($title, ""); $response->custom_response->assign_with_effect("action_pane", $html_str); # check post conditions if (check_postconditions($result, $response) == FALSE) { return $response; } # log total time for this function $logging->info(get_function_time_str(__METHOD__)); return $response; }
/** * import uploaded list records to current list * this function is registered in xajax * @param string $list_title title of list * @param string $file_specs specifications of uploaded file to be precessed * @return xajaxResponse every xajax registered function needs to return this object */ function action_import_list_records($list_title, $file_specs, $field_seperator) { global $logging; global $user; global $list_table_configuration; global $user_start_time_array; global $firstthingsfirst_field_descriptions; $file_specs_array = explode("|", $file_specs); $file_name = $file_specs_array[0]; $file_org_name = $file_specs_array[1]; $file_size = $file_specs_array[2]; $file_type = $file_specs_array[3]; $logging->error("USER_ACTION " . __METHOD__ . " (user="******", list_title={$list_title}, file_name={$file_name} ({$file_size}), field_seperator={$field_seperator})"); # store start time $user_start_time_array[__METHOD__] = microtime(TRUE); # create necessary objects $result = new Result(); $response = new xajaxResponse(); $html_database_table = new HtmlDatabaseTable($list_table_configuration); # check if a file_name has been given if ($file_name == "NO_FILE") { $logging->warn("no file was uploaded"); set_error_message("button_import", "above", "ERROR_UPLOAD_SELECT_FILE", "", "", $response); return $response; } $full_file_name = "uploads/{$file_name}"; # create list table object $list_table = new ListTable($list_title); if ($list_table->get_is_valid() == FALSE) { $logging->warn("create list object returns false"); $error_message_str = $list_table->get_error_message_str(); $error_log_str = $list_table->get_error_log_str(); $error_str = $list_table->get_error_str(); set_error_message("button_import", "above", $error_message_str, $error_log_str, $error_str, $response); return $response; } $logging->debug("starting to read uploaded file ({$full_file_name}=" . $full_file_name . ")"); if (file_exists($full_file_name) == FALSE) { $logging->warn("cannot find uploaded file"); set_error_message("button_import", "above", "ERROR_UPLOAD_FILE_NOT_FOUND", "", "", $response); return $response; } $fields = $list_table->get_fields(); # line number counter $line_number = 1; # database field names of all columns to import $import_db_field_names = array_slice($list_table->get_db_field_names(), 1); $num_of_import_db_field_names = count($import_db_field_names); # open file to import $file_handler = fopen($full_file_name, "r"); if ($file_handler == FALSE) { $logging->warn("could not open file to import (file_name={$full_file_name})"); set_error_message("button_import", "above", "ERROR_UPLOAD_COULD_NOT_OPEN", "", "", $response); return $response; } # read a line from the file to import while (($line_array = fgetcsv($file_handler, 10000, $field_seperator)) !== FALSE) { $logging->debug("reading line (line_number={$line_number})"); # add dummy column for attachments array_push($line_array, "@"); $num_of_columns = count($line_array); # check if number of columns is correct if ($num_of_columns != $num_of_import_db_field_names) { $logging->warn("wrong colum count (num_of_columns={$num_of_columns}, num_of_import_db_field_names={$num_of_import_db_field_names})"); $error_message_str = "LABEL_IMPORT_LINE_NUMBER {$line_number} <br> ERROR_IMPORT_WRONG_COLUMN_COUNT"; set_error_message("button_import", "above", $error_message_str, "", "", $response); return $response; } $insert_array = array(); $counter = 0; # create an array with all db_field_names and values from file foreach ($import_db_field_names as $db_field_name) { $field_name = $fields[$db_field_name][0]; $field_type = $fields[$db_field_name][1]; $check_functions = explode(" ", $firstthingsfirst_field_descriptions[$field_type][FIELD_DESCRIPTION_FIELD_INPUT_CHECKS]); $result->reset(); # check field values and store new field value in result check_field($check_functions, $db_field_name, $line_array[$counter], $user->get_date_format(), $result); if (strlen($result->get_error_message_str()) > 0) { $error_message_str = "LABEL_IMPORT_LINE_NUMBER {$line_number} <br> LABEL_IMPORT_FIELDNAME {$field_name} <br> " . $result->get_error_message_str(); #$error_message_str = $result->get_error_message_str(); set_error_message(button_import, "above", $error_message_str, "", "", $response); return $response; } $logging->debug("field (name={$db_field_name}, type={$field_type}, content=" . $result->get_result_str() . ")"); # convert auto created and auto modified fields if ($field_type == FIELD_TYPE_DEFINITION_AUTO_CREATED || $field_type == FIELD_TYPE_DEFINITION_AUTO_MODIFIED) { $insert_array[$db_field_name] = 0; } # store the new field value (either as note or as normal value) if ($field_type == FIELD_TYPE_DEFINITION_NOTES_FIELD) { $insert_array[$db_field_name] = array(array(0, $result->get_result_str())); } else { if ($field_type == FIELD_TYPE_DEFINITION_ATTACHMENTS) { $insert_array[$db_field_name] = array(array(0, LISTTABLEATTACHMENT_EMPTY_ATTACHMENT . "|-|-|-")); } else { $insert_array[$db_field_name] = $result->get_result_str(); } } $counter++; } # insert a line $return_value = $list_table->insert($insert_array, $user->get_name()); if ($return_value == 0) { $logging->warn("insert list record returns false"); $error_message_str = LABEL_IMPORT_LINE_NUMBER . " {$line_number} <br> " . $result->get_error_message_str(); #$error_message_str = $list_table->get_error_message_str(); $error_log_str = $list_table->get_error_log_str(); $error_str = $list_table->get_error_str(); set_error_message("button_import", "above", $error_message_str, $error_log_str, $error_str, $response); return $response; } $line_number++; } $logging->debug("imported all lines from file (line_number={$line_number})"); # delete the import file fclose($file_handler); unlink($full_file_name); # set content $result->reset(); $html_database_table->get_content($list_table, $list_title, "", DATABASETABLE_UNKWOWN_PAGE, $result); $response->custom_response->assign_with_effect(LIST_CSS_NAME_PREFIX . "content_pane", $result->get_result_str()); # set action pane $html_str = $html_database_table->get_action_bar($list_title, ""); $response->custom_response->assign_with_effect("action_pane", $html_str); # set footer $response->assign("footer_text", "innerHTML", get_footer($list_table->get_creator_modifier_array())); # check post conditions if (check_postconditions($result, $response) == FALSE) { return $response; } set_info_message("action_bar_button_import", "above", "LABEL_IMPORT_SUCCESS", $response); # log total time for this function $logging->info(get_function_time_str(__METHOD__)); return $response; }
/** * update a user record * this function is registered in xajax * @param string $title title of page * @param string $key_string comma separated name value pairs * @param array $form_values values of new record (array of name value pairs) * @return xajaxResponse every xajax registered function needs to return this object */ function action_update_user_settings_record($title, $key_string, $form_values) { global $logging; global $user; global $user_settings_table_configuration; global $firstthingsfirst_field_descriptions; global $user_start_time_array; # WARNING: this function is almost identical to function UserAdministration::action_update_user_admin_record # changes in this function should also lead to changes in that function $logging->info("USER_ACTION " . __METHOD__ . " (user="******", title={$title}, key_string={$key_string})"); # store start time $user_start_time_array[__METHOD__] = microtime(TRUE); $html_str = ""; $name_keys = array_keys($form_values); $new_form_values = array(); $fields = $user->get_fields(); $field_keys = array_keys($fields); # create necessary objects $result = new Result(); $response = new xajaxResponse(); $html_database_table = new HtmlDatabaseTable($user_settings_table_configuration); foreach ($name_keys as $name_key) { $value_array = explode(GENERAL_SEPARATOR, $name_key); $db_field_name = $value_array[0]; $field_type = $value_array[1]; $field_number = $value_array[2]; $check_functions = explode(" ", $firstthingsfirst_field_descriptions[$field_type][FIELD_DESCRIPTION_FIELD_INPUT_CHECKS]); $result->reset(); $logging->debug("field (name=" . $db_field_name . ", type=" . $field_type . ", number=" . $field_number . ")"); # check field values (check password field only when new password has been set) if ($db_field_name != USER_PW_FIELD_NAME || $db_field_name == USER_PW_FIELD_NAME && strlen($form_values[$name_key]) > 0) { check_field($check_functions, $db_field_name, $form_values[$name_key], $user->get_date_format(), $result); if (strlen($result->get_error_message_str()) > 0) { set_error_message($name_key, "right", $result->get_error_message_str(), "", "", $response); return $response; } } # set new value $new_form_values[$db_field_name] = $result->get_result_str(); $logging->debug("setting new form value (db_field_name=" . $db_field_name . ", result=" . $result->get_result_str() . ")"); } # check if someone tries to change user admin if ($user->get_name() == "admin") { # check if the name of user admin is changed if ($new_form_values[USER_NAME_FIELD_NAME] != "admin") { set_error_message("record_contents_buttons", "right", "ERROR_CANNOT_UPDATE_NAME_USER_ADMIN", "", "", $response); return $response; } } # display error when insertion returns false if (!$user->update($key_string, $new_form_values, TRUE)) { $logging->warn("update user settings record returns false"); $error_message_str = $user->get_error_message_str(); $error_log_str = $user->get_error_log_str(); $error_str = $user->get_error_str(); set_error_message("record_contents_buttons", "right", $error_message_str, $error_log_str, $error_str, $response); return $response; } # redirect to portal page with new user settings activated $response->script("window.location.assign('index.php?action=" . ACTION_GET_PORTAL_PAGE . "')"); # check post conditions not necessary # log total time for this function $logging->info(get_function_time_str(__METHOD__)); return $response; }