public function verifyActionData()
{
$returnValue = true;
if ($this->action_id != NULL && !TasksappValidator::checkInteger($this->action_id)) {
$this->errorArray['action_id'] = true;
}
if (!TasksappValidator::checkString($this->action)) {
$this->errorArray['action'] = true;
}
if (!TasksappValidator::checkList($this->importance, array("0", "1", "2", "3", "4", "wf"))) {
$this->errorArray['importance'] = true;
}
if (!TasksappValidator::checkDate($this->dateDue)) {
$this->errorArray['dateDue'] = true;
}
if (!TasksappValidator::checkList($this->context, Command::getContexts())) {
$this->errorArray['context'] = true;
}
if (!TasksappValidator::checkInteger($this->project_id)) {
$this->errorArray['project_id'] = true;
}
if (count($this->errorArray) != 0) {
$returnValue = false;
}
return $returnValue;
}
/**
* Validate users details
*
* This method checks the user's given details with the database to make
* sure the password given is the same as we hold in the database. Return
* True if it is, False if it is not.
*
* @return Boolean
*
*/
public static function checkUserDetails($uname, $pword)
{
$mysql = new PDOConfig();
$returnValue = False;
$clean = array();
$resultArray = array();
if (isset($uname) && TasksappValidator::checkPassword($uname)) {
$clean['username'] = $uname;
}
if (isset($pword) && TasksappValidator::checkPassword($pword)) {
$clean['password'] = $pword;
}
$query = $mysql->prepare("SELECT user_id, username, password from gl_user WHERE username=:username LIMIT 1");
$query->execute(array(':username' => $clean['username']));
foreach ($query->fetchAll() as $row) {
$resultArray = $row;
}
print md5(Config::mySalt . $clean['password']);
if (count($resultArray) && $clean['username'] == $resultArray['username'] && md5(Config::mySalt . $clean['password']) == $resultArray['password']) {
$_SESSION['user_id'] = $resultArray['user_id'];
$_SESSION['username'] = $resultArray['username'];
$_SESSION['usertype'] = $resultArray['usertype'];
$returnValue = True;
}
return $returnValue;
}
/**
* Validate an importance variable
*
* Tests that the input is a nmber, and that it is in the array of acceptable
* values
*
* @param Integer $testDate The importance to validate
*
* @return Bool
*
*/
public static function checkImportance($testInteger)
{
$impValues = array(0, 1, 2, 3, 4, 5, 6);
if (TasksappValidator::checkInteger($testInteger) && in_array($testInteger, $impValues)) {
return True;
} else {
return False;
}
}
/**
* Verifies that the project data is safe to be saved to the database
*
* Uses the Validator class to make sure that all of the data passed in to
* populate the ivars is valid. An error is raised for any that fail, and
* this should be used to provide feedback to the user to fix any details
* that are not correct.
*
* @return Bool
*
*/
public function verifyData()
{
$returnValue = True;
if (!TasksappValidator::checkId($this->project_id) && $this->project_id != NULL) {
$this->errorArray['project_id'] = True;
$returnValue = False;
}
if (!TasksappValidator::checkId($this->client_id)) {
$this->errorArray['client_id'] = True;
$returnValue = False;
}
if (!TasksappValidator::checkString($this->name)) {
$this->errorArray['name'] = True;
$returnValue = False;
}
/**
* Removing check on notes as we want to allow any thing to be stored
* here as long as it is escaped correctly
*
* if(!TasksappValidator::isBlank($this->notes)) {
* $this->errorArray['notes'] = True;
* $returnValue = False;
* }
*/
if (!TasksappValidator::checkImportance($this->importance)) {
$this->errorArray['importance'] = True;
$returnValue = False;
}
if (!TasksappValidator::checkDone($this->done)) {
$this->errorArray['done'] = True;
$returnValue = False;
}
return $returnValue;
}
<?php
$actionID = $this->id();
Command::captureUrl();
if (TasksappValidator::checkInteger($actionID)) {
$db = Database::getInstance();
$inputArray = $db->getActionByActionID($actionID);
$action = $inputArray[0];
} else {
$action = new Action($_POST);
if ($action->verifyActionData()) {
$action->save();
header("Location: " . Command::retrieveUrl());
exit;
}
}
$projectsArray = Command::getProjectList($action->client_id());
include_once '../views/showEditActionForm.php';
/**
* Return a dynamic array of user's current projects
*
* This method queries the database and uses the result to populate an array
* containing project_id/name pairs. This array is returned to the calling
* script, mainly to facilitate display of all a user's projects using the
* ProjectContainer class.
*
* @param void
* @return Array
*
*/
public static function getProjectList($client_id)
{
$db = Database::getInstance();
$projectsArray[1] = "@inbox";
foreach ($db->getProjectsInScope($client_id) as $row) {
if (TasksappValidator::checkInteger(intval($row->project_id())) && TasksappValidator::checkString($row->name())) {
$projectsArray[$row->project_id()] = $row->name();
}
}
return $projectsArray;
}
