function getDocument($objectId, Search_Type_Factory_Interface $typeFactory)
{
/*
If you wonder why this method uses straight SQL and not trklib, it's because
trklib performs no meaningful work when extracting the data and strips all
required semantics.
*/
$data = array('title' => $typeFactory->sortable(tr('Unknown')), 'language' => $typeFactory->identifier('unknown'));
$item = $this->trklib->get_tracker_item($objectId);
if (empty($item)) {
return false;
}
$itemObject = Tracker_Item::fromInfo($item);
if (empty($itemObject) || !$itemObject->getDefinition()) {
// ignore corrupted items, e.g. where trackerId == 0
return false;
}
$permNeeded = $itemObject->getViewPermission();
$specialUsers = $itemObject->getSpecialPermissionUsers($objectId, 'Modify');
$definition = Tracker_Definition::get($item['trackerId']);
if (!$definition) {
return $data;
}
foreach (self::getIndexableHandlers($definition, $item) as $handler) {
$data = array_merge($data, $handler->getDocumentPart($typeFactory));
}
$ownerGroup = $itemObject->getOwnerGroup();
$data = array_merge($data, array('title' => $typeFactory->sortable($this->trklib->get_isMain_value($item['trackerId'], $objectId)), 'modification_date' => $typeFactory->timestamp($item['lastModif']), 'creation_date' => $typeFactory->timestamp($item['created']), 'contributors' => $typeFactory->multivalue(array_unique(array($item['createdBy'], $item['lastModifBy']))), 'tracker_status' => $typeFactory->identifier($item['status']), 'tracker_id' => $typeFactory->identifier($item['trackerId']), 'view_permission' => $typeFactory->identifier($permNeeded), '_extra_users' => $specialUsers, '_permission_accessor' => $itemObject->getPerms(), '_extra_groups' => $ownerGroup ? array($ownerGroup) : null));
return $data;
}
private function infobox_trackeritem($input)
{
$itemId = $input->object->int();
$trklib = TikiLib::lib('trk');
if (!($item = $trklib->get_tracker_item($itemId))) {
throw new Services_Exception_NotFound();
}
if (!($definition = Tracker_Definition::get($item['trackerId']))) {
throw new Services_Exception_NotFound();
}
$itemObject = Tracker_Item::fromInfo($item);
if (!$itemObject->canView()) {
throw new Services_Exception('Permission denied', 403);
}
$fields = array();
foreach ($definition->getPopupFields() as $fieldId) {
if ($itemObject->canViewField($fieldId) && ($field = $definition->getField($fieldId))) {
$fields[] = $field;
}
}
$smarty = TikiLib::lib('smarty');
$smarty->assign('fields', $fields);
$smarty->assign('item', $item);
$smarty->assign('can_modify', $itemObject->canModify());
$smarty->assign('can_remove', $itemObject->canRemove());
$smarty->assign('mode', $input->mode->text() ? $input->mode->text() : '');
// default divs mode
return $smarty->fetch('object/infobox/trackeritem.tpl');
}
function wikiplugin_archivebuilder_trackeratt($basepath, $trackerItem)
{
$trklib = TikiLib::lib('trk');
$data = $trklib->get_tracker_item($trackerItem);
$item = Tracker_Item::fromInfo($data);
if (!$item->canView()) {
return array();
}
$basepath = rtrim($basepath, '/') . '/';
$attachments = array();
$files = $trklib->list_item_attachments($trackerItem, 0, -1, 'attId_asc');
foreach ($files['data'] as $file) {
$name = $basepath . $file['filename'];
$complete = $trklib->get_item_attachment($file['attId']);
$attachments[$name] = wikiplugin_archivebuilder_tracker_get_attbody($complete);
}
return $attachments;
}
function smarty_block_permission($params, $content, $smarty, &$repeat)
{
if ($repeat) {
return;
}
// Removing and Modifying a tracker item require a special permissions check
if ($params['type'] == 'trackeritem') {
$removePerms = ['remove_tracker_items', 'remove_tracker_items_pending', 'remove_tracker_items_closed'];
$modifyPerms = ['modify_tracker_items', 'modify_tracker_items_pending', 'modify_tracker_items_closed'];
$trklib = TikiLib::lib('trk');
$itemInfo = $trklib->get_tracker_item($params['object']);
if (!$itemInfo) {
return "";
//invalid tracker item.
}
$itemObject = Tracker_Item::fromInfo($itemInfo);
if (in_array($params['name'], $removePerms)) {
if ($itemObject->canRemove()) {
return $content;
}
} elseif (in_array($params['name'], $modifyPerms)) {
if ($itemObject->canModify()) {
return $content;
}
}
}
//Standard permissions check
$context = array();
if (isset($params['type'], $params['object'])) {
$context['type'] = $params['type'];
$context['object'] = $params['object'];
}
$perms = Perms::get($context);
$name = $params['name'];
if ($perms->{$name}) {
return $content;
} else {
return '';
}
}
if (isset($_REQUEST["returntracker"]) || isset($_REQUEST["save_return"])) {
require_once 'lib/smarty_tiki/block.self_link.php';
header('Location: ' . smarty_block_self_link(array('_script' => 'tiki-view_tracker.php', '_tag' => 'n', '_urlencode' => 'n', 'itemId' => 'NULL', 'trackerId' => $_REQUEST['trackerId']), '', $smarty));
die;
}
// ********************************************************
if (isset($tracker_info['useRatings']) and $tracker_info['useRatings'] == 'y' and $tiki_p_tracker_vote_ratings == 'y') {
if ($user and $tiki_p_tracker_vote_ratings == 'y' and isset($rateFieldId) and isset($_REQUEST['ins_' . $rateFieldId])) {
$trklib->replace_rating($_REQUEST['trackerId'], $_REQUEST['itemId'], $rateFieldId, $user, $_REQUEST['ins_' . $rateFieldId]);
header('Location: tiki-view_tracker_item.php?trackerId=' . $_REQUEST['trackerId'] . '&itemId=' . $_REQUEST['itemId']);
die;
}
}
if ($_REQUEST["itemId"]) {
$info = $trklib->get_tracker_item($_REQUEST["itemId"]);
$itemObject = Tracker_Item::fromInfo($info);
if (!isset($info['trackerId'])) {
$info['trackerId'] = $_REQUEST['trackerId'];
}
if (!$itemObject->canView()) {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra('Permission denied'));
$smarty->display('error.tpl');
die;
}
$last = array();
$lst = '';
$tracker_item_main_value = '';
$fieldFactory = $definition->getFieldFactory();
foreach ($xfields["data"] as $i => $current_field) {
$current_field_ins = null;
$item_info = $trklib->get_item_info($batchid);
$actionObject = Tracker_Item::fromInfo($item_info);
if ($actionObject->canRemove()) {
$trklib->remove_tracker_item($batchid);
}
}
$transaction->commit();
} elseif (isset($_REQUEST['batchaction']) and ($_REQUEST['batchaction'] == 'o' || $_REQUEST['batchaction'] == 'p' || $_REQUEST['batchaction'] == 'c')) {
check_ticket('view-trackers');
$transaction = $tikilib->begin();
foreach ($_REQUEST['action'] as $batchid) {
$item_info = $trklib->get_item_info($batchid);
$actionObject = Tracker_Item::fromInfo($item_info);
if ($actionObject->canModify()) {
$trklib->replace_item($_REQUEST['trackerId'], $batchid, array('data' => ''), $_REQUEST['batchaction']);
}
}
$transaction->commit();
}
$smarty->assign('mail_msg', '');
$smarty->assign('email_mon', '');
if ($prefs['feature_user_watches'] == 'y' and $tiki_p_watch_trackers == 'y') {
if ($user and isset($_REQUEST['watch'])) {
check_ticket('view-trackers');
if ($_REQUEST['watch'] == 'add') {
$tikilib->add_user_watch($user, 'tracker_modified', $_REQUEST["trackerId"], 'tracker', $tracker_info['name'], "tiki-view_tracker.php?trackerId=" . $_REQUEST["trackerId"]);
} else {
function wikiplugin_tracker($data, $params)
{
global $user, $group, $page, $prefs;
$parserlib = TikiLib::lib('parser');
$trklib = TikiLib::lib('trk');
$userlib = TikiLib::lib('user');
$tikilib = TikiLib::lib('tiki');
$smarty = TikiLib::lib('smarty');
$captchalib = TikiLib::lib('captcha');
static $iTRACKER = 0;
++$iTRACKER;
if (isset($params['itemId']) && empty($params['itemId'])) {
return;
}
$smarty->assign('trackerEditFormId', $iTRACKER);
$default = array('overwrite' => 'n', 'embedded' => 'n', 'showtitle' => 'n', 'showdesc' => 'n', 'showfieldsdesc' => 'y', 'sort' => 'n', 'showmandatory' => 'y', 'status' => '', 'transactionFinalStep' => 'y', 'registration' => 'n', 'chosenGroup' => 'Registered', 'validateusers' => '', 'emailformat' => 'text');
$params = array_merge($default, $params);
$item = array();
extract($params, EXTR_SKIP);
if (empty($transactionName) xor empty($transactionStep)) {
return '<b>' . tra("You need to define both transaction name and transaction step, or none of the two.") . '</b>';
} else {
if (isset($transactionName) && !isset($_SESSION[$transactionName])) {
$_SESSION[$transactionName] = array();
}
if (isset($transactionStep) && !isset($_SESSION[$transactionName][$transactionStep])) {
$_SESSION[$transactionName][$transactionStep] = array();
}
if (!isset($_SESSION[$transactionName]['transactionStep'])) {
$_SESSION[$transactionName]['transactionStep'] = 0;
}
if ($_SESSION[$transactionName]['transactionStep'] != $transactionStep) {
return;
}
}
if ($prefs['feature_trackers'] != 'y') {
return $smarty->fetch("wiki-plugins/error_tracker.tpl");
}
if (empty($trackerId) || !($definition = Tracker_Definition::get($trackerId))) {
return $smarty->fetch("wiki-plugins/error_tracker.tpl");
}
$tracker = $definition->getInformation();
if (empty($trackerId) && !empty($view) && $view == 'user' && $prefs['userTracker'] == 'y') {
// the user tracker item
$utid = $userlib->get_tracker_usergroup($user);
if (!empty($utid) && !empty($utid['usersTrackerId'])) {
$itemId = $trklib->get_item_id($utid['usersTrackerId'], $utid['usersFieldId'], $user);
$trackerId = $utid['usersTrackerId'];
$usertracker = true;
}
} elseif (!empty($trackerId) && !empty($view) && $view == 'user') {
// the user item of a tracker
$itemId = $trklib->get_user_item($trackerId, $tracker, null, null, strlen($status) == 1 ? $status : '');
$usertracker = true;
} elseif (!empty($trackerId) && !empty($view) && $view == 'page' && !empty($_REQUEST['page']) && ($f = $trklib->get_page_field($trackerId))) {
// the page item
$itemId = $trklib->get_item_id($trackerId, $f['fieldId'], $_REQUEST['page']);
} elseif (!empty($trackerId) && !empty($_REQUEST['view_user'])) {
$itemId = $trklib->get_user_item($trackerId, $tracker, $_REQUEST['view_user']);
} elseif (!empty($_REQUEST['itemId']) && (empty($ignoreRequestItemId) || $ignoreRequestItemId != 'y')) {
$itemId = $_REQUEST['itemId'];
$item = $trklib->get_tracker_item($itemId);
$trackerId = $item['trackerId'];
} elseif (!empty($view) && $view == 'group') {
$gtid = $userlib->get_grouptrackerid($group);
if (isset($gtid['groupTrackerId'])) {
$trackerId = $gtid['groupTrackerId'];
$itemId = $trklib->get_item_id($trackerId, $gtid['groupFieldId'], $group);
$grouptracker = true;
}
}
if (!isset($trackerId)) {
return $smarty->fetch("wiki-plugins/error_tracker.tpl");
}
//test for validation errors for registration tracker calls
if (isset($_REQUEST['register']) && ($_REQUEST['register'] == 'Register' || $_REQUEST['register'] == 'register')) {
$regtracker = $userlib->get_usertrackerid('Registered');
if ($trackerId == $regtracker['usersTrackerId'] && $_REQUEST['valerror'] !== false) {
if (is_array($_REQUEST['valerror'])) {
foreach ($_REQUEST['valerror'] as $valerror) {
if (is_a($valerror, 'RegistrationError')) {
return false;
break;
}
}
} elseif (is_a($_REQUEST['valerror'], 'RegistrationError')) {
return false;
}
}
}
if (!isset($action)) {
$action = array('Save');
}
if (!is_array($action)) {
$action = array($action);
}
$dynamicSave = false;
if (count($action) == 1 && reset($action) == 'NONE') {
$action = array();
$dynamicSave = true;
}
if (!isset($action_style)) {
$action_style = array();
foreach ($action as $ac) {
$action_style[] = 'btn btn-primary';
}
}
if (isset($preview)) {
if (empty($preview)) {
$preview = 'Preview';
}
} else {
unset($_REQUEST['tr_preview']);
}
if (isset($reset)) {
if (empty($reset)) {
$reset = 'reset';
}
} else {
unset($_REQUEST['tr_reset']);
}
$smarty->assign('showmandatory', empty($wiki) && empty($tpl) ? 'n' : $showmandatory);
if (!empty($wiki)) {
if (preg_match('/^wiki:(.+)$/', $wiki, $wiki_matches)) {
$wiki = $wiki_matches[1];
}
$wiki = trim($wiki);
}
if (!isset($params['formtag'])) {
$params['formtag'] = 'y';
}
$fields_prefix = 'ins_';
if (isset($values)) {
if (!is_array($values)) {
$values = $parserlib->quotesplit(':', $values);
foreach ($values as $i => $v) {
$values[$i] = preg_replace('/^"(.*)"$/', '$1', $v);
}
}
}
if (isset($_REQUEST['values'])) {
if (is_array($_REQUEST['values'])) {
foreach ($_REQUEST['values'] as $i => $k) {
$_REQUEST['values'][$i] = urldecode($k);
}
} else {
$_REQUEST['values'] = urldecode($_REQUEST['values']);
}
}
$perms = $tikilib->get_perm_object($trackerId, 'tracker', $tracker, false);
if (empty($_SERVER['SCRIPT_NAME']) || strpos($_SERVER['SCRIPT_NAME'], 'tiki-register.php') === false) {
if ($perms['tiki_p_create_tracker_items'] == 'n' && empty($itemId)) {
return '<b>' . tra("You do not have permission to insert an item") . '</b>';
} elseif (!empty($itemId)) {
$item_info = $trklib->get_tracker_item($itemId);
if (empty($item_info)) {
return '<b>' . tra("Incorrect item") . '</b>';
}
$itemObject = Tracker_Item::fromInfo($item_info);
if (!$itemObject->canModify()) {
return '<b>' . tra("You do not have permission to modify an item") . '</b>';
}
}
}
if (!empty($itemId)) {
$logslib = TikiLib::lib('logs');
$logslib->add_action('Viewed', $itemId, 'trackeritem', $_SERVER['REQUEST_URI']);
}
if (isset($_REQUEST['removeattach']) && $tracker['useAttachments'] == 'y') {
$owner = $trklib->get_item_attachment_owner($_REQUEST['removeattach']);
if ($perms['tiki_p_admin_trackers'] == 'y' || $user && $user == $owner) {
$trklib->remove_item_attachment($_REQUEST["removeattach"]);
unset($_REQUEST['removeattach']);
}
}
if (isset($_REQUEST['removeImage']) && !empty($_REQUEST['trackerId']) && !empty($_REQUEST['itemId']) && !empty($_REQUEST['fieldId']) && !empty($_REQUEST['fieldName'])) {
$img_field = array('data' => array());
$img_field['data'][] = array('fieldId' => $_REQUEST['fieldId'], 'type' => 'i', 'name' => $_REQUEST['fieldName'], 'value' => 'blank');
$trklib->replace_item($_REQUEST['trackerId'], $_REQUEST['itemId'], $img_field);
}
$back = '';
$thisIsThePlugin = isset($_REQUEST['iTRACKER']) && $_REQUEST['iTRACKER'] == $iTRACKER;
if (!isset($_REQUEST["ok"]) || $_REQUEST["ok"] == "n" || !$thisIsThePlugin || isset($_REQUEST['tr_preview'])) {
$field_errors = array('err_mandatory' => array(), 'err_value' => array());
$notificationlib = TikiLib::lib('notification');
$tracker = $trklib->get_tracker($trackerId);
$tracker = array_merge($tracker, $trklib->get_tracker_options($trackerId));
if (!empty($tracker['start']) && $tikilib->now < $tracker['start'] || !empty($tracker['end']) && $tikilib->now > $tracker['end']) {
return;
}
$outf = array();
$auto_fieldId = array();
$hidden_fieldId = array();
if (!empty($fields) || !empty($wiki) || !empty($tpl)) {
if ($registration == 'y' && $prefs["user_register_prettytracker"] == 'y' && !empty($prefs["user_register_prettytracker_tpl"])) {
$registrationlib = TikiLib::lib('registration');
$smarty->assign('listgroups', $registrationlib->merged_prefs['choosable_groups']);
$smarty->assign('register_login', $smarty->fetch('register-login.tpl'));
$smarty->assign('register_email', $smarty->fetch('register-email.tpl'));
$smarty->assign('register_pass', $smarty->fetch('register-pass.tpl'));
$smarty->assign('register_pass2', $smarty->fetch('register-pass2.tpl'));
$smarty->assign('register_passcode', $smarty->fetch('register-passcode.tpl'));
$smarty->assign('register_groupchoice', $smarty->fetch('register-groupchoice.tpl'));
if ($prefs['feature_antibot'] == 'y') {
$smarty->assign('showantibot', true);
$smarty->assign('form', 'register');
$smarty->assign('register_antibot', $smarty->fetch('antibot.tpl'));
}
$wiki = $prefs["user_register_prettytracker_tpl"];
}
if (!empty($wiki)) {
$outf = $trklib->get_pretty_fieldIds($wiki, 'wiki', $prettyModifier, $trackerId);
} elseif (!empty($tpl)) {
$outf = $trklib->get_pretty_fieldIds($tpl, 'tpl', $prettyModifier, $trackerId);
} elseif (!empty($fields)) {
$outf = $fields;
}
if (!empty($_REQUEST['autosavefields'])) {
$autosavefields = explode(':', $_REQUEST['autosavefields']);
$autosavevalues = explode(':', $_REQUEST['autosavevalues']);
if (isset($params['autosavefields'])) {
$autosavefields = array_merge($autosavefields, $params['autosavefields']);
$autosavevalues = array_merge($autosavevalues, $params['autosavevalues']);
}
}
if (!empty($autosavefields)) {
$auto_fieldId = array_merge($auto_fieldId, $autosavefields);
}
foreach ($definition->getFields() as $field) {
// User and group on autoassign create/modify
if (($user || $registration == 'y' || isset($_SESSION[$transactionName]) && isset($_SESSION[$transactionName]['registrationName'])) && ($field['type'] == 'u' || $field['type'] == 'g')) {
$autoassign = $field['options_map']['autoassign'];
if ($autoassign == 1 || $autoassign == 2) {
if ($user) {
$hidden_fieldId[] = $field['fieldId'];
}
$userField = $field['fieldId'];
}
}
// IP and page on autoassign
if ($field['type'] == 'I' || $field['type'] == 'k') {
$autoassign = $field['options_map']['autoassign'];
if ($autoassign == 1) {
$hidden_fieldId[] = $field['fieldId'];
}
}
// Auto-increment
if ($field['type'] == 'q') {
$auto_fieldId[] = $field['fieldId'];
}
}
foreach ($auto_fieldId as $k => $v) {
if (empty($v) || in_array($v, $outf)) {
unset($auto_fieldId[$k]);
} else {
$outf[] = $v;
}
}
foreach ($hidden_fieldId as $k => $v) {
if (empty($v) || in_array($v, $outf)) {
unset($hidden_fieldId[$k]);
} else {
$outf[] = $v;
}
}
}
$definition = Tracker_Definition::get($trackerId);
$item_info = isset($item_info) ? $item_info : array();
$factory = $definition->getFieldFactory();
if (empty($item_info)) {
$itemObject = Tracker_Item::newItem($trackerId);
} elseif (!isset($itemObject)) {
$itemObject = Tracker_Item::fromInfo($item_info);
}
if (empty($outf)) {
$unfiltered = array('data' => $definition->getFields());
} else {
$unfiltered = array('data' => array());
foreach ($outf as $fieldId) {
$unfiltered['data'][] = $definition->getField($fieldId);
}
}
$flds = array('data' => array());
foreach ($unfiltered['data'] as $f) {
if ($itemObject->canModifyField($f['fieldId']) || $registration == 'y' && empty($item_info)) {
$flds['data'][] = $f;
}
}
// If we create multiple items, get field Ids, default values and separator
if (!empty($fieldsfill)) {
$fill_fields = $fieldsfill;
// Allow for superfluous spaces and ignore them
$fill_flds = array('data' => array());
$fill_defaults = array();
$fill_flds_defaults = array();
// May be different from fill_defaults if some fields are not editable
$fieldsfillnames = array();
if (trim($fieldsfilldefaults) != '') {
$fill_defaults = preg_split('/ *: */', $fieldsfilldefaults);
}
foreach ($fill_fields as $k => $fieldId) {
if ($itemObject->canModifyField($fieldId)) {
$tmp = $definition->getField($fieldId);
$fill_flds['data'][] = $tmp;
if (isset($fill_defaults[$k])) {
$fill_flds_defaults[] = $fill_defaults[$k];
} else {
$fill_flds_defaults[] = '';
}
$fieldsfillnames[] = $tmp['name'];
}
}
$fill_line_cant = count($fill_flds['data']);
if ($fieldsfillseparator == '') {
$fieldsfillseparator = '|';
}
}
$bad = array();
$embeddedId = false;
$onemandatory = false;
$full_fields = array();
$mainfield = '';
if ($thisIsThePlugin) {
/* ------------------------------------- Recup all values from REQUEST -------------- */
if (!empty($autosavefields)) {
foreach ($autosavefields as $i => $f) {
if (!($ff = $trklib->get_field($f, $flds['data']))) {
continue;
}
if (preg_match('/categories\\(([0-9]+)\\)/', $autosavevalues[$i], $matches)) {
if (ctype_digit($matches[1]) && $matches[1] > 0) {
$filter = array('identifier' => $matches[1], 'type' => 'descendants');
} else {
$filter = NULL;
}
$categlib = TikiLib::lib('categ');
$categs = $categlib->getCategories($filter, true, false);
$_REQUEST["{$fields_prefix}{$f}"][] = $categs[0]['categId'];
} elseif (preg_match('/preference\\((.*)\\)/', $autosavevalues[$i], $matches)) {
$_REQUEST["{$fields_prefix}{$f}"] = $prefs[$matches[1]];
} elseif (isset($transactionName) && preg_match('/#TSTEP\\[(\\d+)\\]\\[(\\d+|name|pass)\\]/', $autosavevalues[$i], $matches)) {
$traStep = $matches[1];
$traStepInsField = $matches[2];
if (preg_match('/\\d+/', $matches[2])) {
$traStepInsField = "{$fields_prefix}{$traStepInsField}";
}
$_REQUEST["{$fields_prefix}{$f}"] = str_replace($matches[0], $_SESSION[$transactionName][$traStep]['request'][$traStepInsField], $autosavevalues[$i]);
} elseif ($ff['type'] == 'e') {
$_REQUEST["{$fields_prefix}{$f}"][] = $autosavevalues[$i];
} else {
if (isset($params['levelupfields']) && in_array($f, $params['levelupfields'])) {
$current_levelup_val = $trklib->get_item_value($trackerId, $itemId, $f);
if ($autosavevalues[$i] <= $current_levelup_val) {
continue;
}
}
$_REQUEST["{$fields_prefix}{$f}"] = $autosavevalues[$i];
}
}
}
if ($registration == 'y' && isset($userField) && isset($_REQUEST['name'])) {
$_REQUEST["{$fields_prefix}{$userField}"] = $_REQUEST['name'];
}
foreach ($flds['data'] as $k => $field) {
$handler = $factory->getHandler($field, $item_info);
if ($handler) {
$value_field = $handler->getFieldData($_REQUEST);
$ins_fields['data'][$k] = array_merge($field, $value_field);
if (isset($ins_fields['data'][$k]['value'])) {
// add ins value into field if creating or editing item
$flds['data'][$k] = $ins_fields['data'][$k];
// to keep user input in case of errors (not only value)
}
}
}
$cpt = 0;
if (isset($fields)) {
$fields_plugin = $fields;
}
if (!isset($itemId) && $tracker['oneUserItem'] == 'y' && $registration != 'y') {
$itemId = $trklib->get_user_item($trackerId, $tracker);
}
if ($embedded == 'y' && isset($_REQUEST['page'])) {
$ins_fields["data"][] = array('fieldId' => $embeddedId, 'value' => $_REQUEST['page']);
}
if (isset($userField) && ($registration == 'y' && isset($_REQUEST['name']) || isset($_SESSION[$transactionName]) && isset($_SESSION[$transactionName]['registrationName']))) {
$userFieldDef = $definition->getField($userField);
if (isset($_REQUEST['name'])) {
$userFieldDef['value'] = $_REQUEST['name'];
if (isset($_SESSION[$transactionName])) {
$_SESSION[$transactionName]['registrationName'] = $_REQUEST['name'];
}
} elseif (isset($_SESSION[$transactionName]) && isset($_SESSION[$transactionName]['registrationName'])) {
$userFieldDef['value'] = $_SESSION[$transactionName]['registrationName'];
}
$ins_fields['data'][] = $userFieldDef;
}
$ins_categs = 0;
// important: non-array ins_categs means categories should remain unchanged
$parent_categs_only = array();
foreach ($ins_fields['data'] as $current_field) {
if ($current_field['type'] == 'e' && isset($current_field['selected_categories'])) {
if (!is_array($ins_categs)) {
$ins_categs = array();
}
$ins_categs = array_merge($ins_categs, $current_field['selected_categories']);
$parent_categs_only[] = $current_field['options_array'][0];
}
}
$categorized_fields = $definition->getCategorizedFields();
/* ------------------------------------- End recup all values from REQUEST -------------- */
/* ------------------------------------- Check field values for each type and presence of mandatory ones ------------------- */
$field_errors = $trklib->check_field_values($ins_fields, $categorized_fields, $trackerId, empty($itemId) ? '' : $itemId);
if ($prefs['feature_antibot'] === 'y' && $registration === 'y' && isset($_REQUEST['valerror'])) {
// in_tracker session var checking is for tiki-register.php
if (isset($_REQUEST['valerror'])) {
$rve = $_REQUEST['valerror'];
if (is_array($rve)) {
foreach ($rve as $ve) {
if (is_a($ve, 'RegistrationError')) {
if (isset($ve->field) && $ve->field == 'antibotcode') {
$field_errors['err_antibot'] = 'y';
continue;
}
}
}
} elseif (is_a($rve, 'RegistrationError')) {
if (isset($rve->field) && $rve->field == 'antibotcode') {
$field_errors['err_antibot'] = 'y';
}
}
} else {
if (!$captchalib->validate()) {
$field_errors['err_antibot'] = 'y';
}
}
}
// check valid page name for wiki output if requested
if (isset($outputtowiki) && !empty($outputwiki)) {
$newpagename = '';
foreach ($ins_fields["data"] as $fl) {
if ($fl["fieldId"] == $outputtowiki) {
$newpagename = $fl["value"];
}
if ($fl["type"] == 'F') {
$newpagefreetags = $fl["value"];
}
$newpagefields[] = $fl["fieldId"];
}
if ($newpagename) {
if ($prefs['namespace_enabled'] == 'y' && !empty($outputwikinamespace)) {
$newpagename = $outputwikinamespace . $prefs['namespace_separator'] . $newpagename;
}
if ($tikilib->page_exists($newpagename)) {
$field_errors['err_outputwiki'] = tra('The page to output the results to already exists. Try another name.');
}
$page_badchars_display = TikiLib::lib('wiki')->get_badchars();
if (TikiLib::lib('wiki')->contains_badchars($newName)) {
$field_errors['err_outputwiki'] = tr("The page to output the results to contains the following prohibited characters: %0. Try another name.", $page_badchars_display);
}
} else {
unset($outputtowiki);
}
}
if (count($field_errors['err_mandatory']) == 0 && count($field_errors['err_value']) == 0 && empty($field_errors['err_antibot']) && empty($field_errors['err_outputwiki']) && !isset($_REQUEST['tr_preview'])) {
if (isset($_REQUEST['status'])) {
$status = $_REQUEST['status'];
} elseif (isset($newstatus) && ($newstatus == 'o' || $newstatus == 'c' || $newstatus == 'p')) {
$status = $newstatus;
} elseif (empty($itemId) && isset($tracker['newItemStatus'])) {
$status = $tracker['newItemStatus'];
} else {
$status = '';
}
$saveThis = array('trackerId' => $trackerId, 'request' => $_REQUEST, 'chosenGroup' => $chosenGroup, 'registration' => $registration, 'registrationTrackerId' => $registrationTrackerId, 'validateusers' => $validateusers, 'status' => $status, 'ins_fields' => $ins_fields, 'itemId' => $itemId, 'ins_categs' => $ins_categs, 'newItemRate' => $newItemRate);
//-- check if we are in a transaction
if (isset($transactionName)) {
$_SESSION[$transactionName][$transactionStep] = $saveThis;
if ($transactionFinalStep == 'y') {
//-- final step: commit the transaction of registrations and tracker changes of all the transaction steps
foreach ($_SESSION[$transactionName] as $saveStep) {
$rid = wikiplugin_tracker_save($saveStep);
}
unset($_SESSION[$transactionName]);
// the tracker transaction can be closed
} else {
$_SESSION[$transactionName]['transactionStep'] += 1;
// switch to the next step
}
} else {
// no transaction is used
$rid = wikiplugin_tracker_save($saveThis);
}
// now for wiki output if desired
if (isset($outputtowiki) && !empty($outputwiki)) {
// note that values will be raw - that is the limit of the capability of this feature for now
$newpageinfo = $tikilib->get_page_info($outputwiki);
$wikioutput = $newpageinfo["data"];
$newpagefields = $trklib->get_pretty_fieldIds($outputwiki, 'wiki', $prettyModifier, $trackerId);
$tracker_definition = Tracker_Definition::get($trackerId);
foreach ($newpagefields as $lf) {
$field = $tracker_definition->getField($lf);
$lfpermname = $field['permName'];
$wikioutput = str_replace('{$f_' . $lf . '}', $trklib->get_item_value($trackerId, $rid, $lf), $wikioutput);
$wikioutput = str_replace('{$f_' . $lfpermname . '}', $trklib->get_item_value($trackerId, $rid, $lf), $wikioutput);
}
if (isset($registration)) {
$wikioutput = str_replace('{$register_login}', $user, $wikioutput);
$wikioutput = str_replace('{$register_email}', $_REQUEST['email'], $wikioutput);
}
$tikilib->create_page($newpagename, 0, $wikioutput, $tikilib->now, '', $user, $tikilib->get_ip_address());
$cat_desc = '';
$cat_type = 'wiki page';
$cat_name = $newpagename;
$cat_objid = $newpagename;
$cat_href = "tiki-index.php?page=" . urlencode($newpagename);
if (count($ins_categs)) {
$_REQUEST['cat_categories'] = $ins_categs;
$_REQUEST['cat_categorize'] = 'on';
include_once "categorize.php";
}
if (isset($newpagefreetags) && $newpagefreetags) {
$_REQUEST['freetag_string'] = $newpagefreetags;
include_once "freetag_apply.php";
}
if ($discarditem == 'y') {
$trklib->remove_tracker_item($rid);
} elseif ($outputwikirelation == 'y') {
TikiLib::lib('relation')->add_relation('tiki.wiki.linkeditem', 'wiki page', $newpagename, 'trackeritem', $rid);
TikiLib::lib('relation')->add_relation('tiki.wiki.linkedfield', 'wiki page', $newpagename, 'trackerfield', $outputtowiki);
}
if (empty($url)) {
$wikilib = TikiLib::lib('wiki');
$url[0] = $wikilib->sefurl($newpagename);
}
}
// end wiki output
// send emails if email param is set and tracker_always_notify or something was changed (mail_data is set in \TrackerLib::send_replace_item_notifications)
if (!empty($email) && ($prefs['tracker_always_notify'] === 'y' || !empty($smarty->getTemplateVars('mail_data')))) {
// expose the pretty tracker fields to the email tpls
foreach ($flds['data'] as $f) {
$prettyout = strip_tags(wikiplugin_tracker_render_value($f, $item));
$smarty->assign('f_' . $f['fieldId'], $prettyout);
$smarty->assign('f_' . $f['permName'], $prettyout);
}
$emailOptions = preg_split("#\\|#", $email);
if (is_numeric($emailOptions[0])) {
$emailOptions[0] = $trklib->get_item_value($trackerId, $rid, $emailOptions[0]);
}
if (empty($emailOptions[0])) {
// from
$emailOptions[0] = $prefs['sender_email'];
}
if (empty($emailOptions[1])) {
// to
$emailOptions[1][0] = $prefs['sender_email'];
} else {
$emailOptions[1] = preg_split('/ *, */', $emailOptions[1]);
foreach ($emailOptions[1] as $key => $email) {
if (is_numeric($email)) {
$emailOptions[1][$key] = $trklib->get_item_value($trackerId, $rid, $email);
}
}
}
include_once 'lib/webmail/tikimaillib.php';
$mail = new TikiMail();
$mail->setFrom($emailOptions[0]);
if (!empty($emailOptions[2])) {
//tpl
$emailOptions[2] = preg_split('/ *, */', $emailOptions[2]);
foreach ($emailOptions[2] as $ieo => $eo) {
if (!preg_match('/\\.tpl$/', $eo)) {
$emailOptions[2][$ieo] = $eo . '.tpl';
}
$tplSubject[$ieo] = str_replace('.tpl', '_subject.tpl', $emailOptions[2][$ieo]);
}
} else {
$emailOptions[2] = array('tracker_changed_notification.tpl');
}
if (empty($tplSubject)) {
$tplSubject = array('tracker_changed_notification_subject.tpl');
}
$itpl = 0;
$smarty->assign('mail_date', $tikilib->now);
$smarty->assign('mail_itemId', $rid);
foreach ($emailOptions[1] as $ieo => $ueo) {
@($mail_data = $smarty->fetch('mail/' . $tplSubject[$itpl]));
if (empty($mail_data)) {
$mail_data = tra('Tracker was modified at ') . $_SERVER["SERVER_NAME"];
}
$mail->setSubject($mail_data);
$mail_data = $smarty->fetch('mail/' . $emailOptions[2][$itpl]);
if ($emailformat == 'html') {
$mail->setHtml($mail_data);
} else {
$mail->setText($mail_data);
}
try {
$mail->send($ueo);
$title = 'mail';
} catch (Zend_Mail_Exception $e) {
$title = 'mail error';
}
if ($title == 'mail error') {
// Log the email error at the tiki syslog
$logslib = TikiLib::lib('logs');
$logslib->add_log('mail error', 'plugin tracker email error / ' . $emailOptions[1][$ieo] . ' / item' . $rid);
} elseif ($title == 'mail' && $prefs['log_mail'] == 'y') {
// Log the email at the tiki syslog
$logslib = TikiLib::lib('logs');
$logslib->add_log('mail', 'plugin tracker email sent / ' . $emailOptions[1][$ieo] . ' / item' . $rid);
}
if (isset($tplSubject[$itpl + 1])) {
++$itpl;
}
}
}
if (empty($url)) {
if (!empty($_REQUEST['ajax_add'])) {
// called by tracker ItemLink fields when adding new list items
while (ob_get_level()) {
ob_end_clean();
}
if ($prefs['feature_obzip'] == 'y') {
ob_start('ob_gzhandler');
} else {
ob_start();
}
// Need to add newly created itemId for item link selector
$ins_fields['itemId'] = $rid;
$access = TikiLib::lib('access');
$access->output_serialized($ins_fields);
ob_end_flush();
die;
} else {
if (!empty($page)) {
$url = "tiki-index.php?page=" . urlencode($page);
if (!empty($itemId)) {
$url .= "&itemId=" . $itemId;
}
$url .= "&ok=y&iTRACKER={$iTRACKER}";
$url .= "#wikiplugin_tracker{$iTRACKER}";
TikiLib::lib('access')->redirect($url);
exit;
} else {
return '';
}
}
} else {
$key = 0;
foreach ($action as $key => $act) {
if (!empty($_REQUEST["action{$key}"])) {
break;
}
}
$itemIdPos = strpos($url[$key], 'itemId');
if ($itemIdPos !== false) {
if (strstr($url[$key], '#itemId')) {
$url[$key] = str_replace('#itemId', $rid, $url[$key]);
} else {
if ($itemIdPos + strlen('itemId') >= strlen($url[$key]) - 1 || substr($url[$key], $itemIdPos + strlen('itemId'), 1) == "&") {
// replace by the itemId if in the end (or -1: for backward compatibility so that "&itemId=" also works) or if it is followed by an '&'
$url[$key] = str_replace('itemId', 'itemId=' . $rid, $url[$key]);
}
}
}
TikiLib::lib('access')->redirect($url[$key]);
exit;
}
} elseif (isset($_REQUEST['trackit']) and $_REQUEST['trackit'] == $trackerId) {
$smarty->assign('wikiplugin_tracker', $trackerId);
//used in vote plugin
}
} else {
if ((empty($itemId) || $overwrite == 'y') && !empty($values) || (!empty($_REQUEST['values']) and empty($_REQUEST['prefills']))) {
// assign default values for each filedId specify
if (empty($values)) {
// url with values[]=x&values[] witouth the list of fields
$values = $_REQUEST['values'];
}
if (!is_array($values)) {
$values = array($values);
}
if (isset($fields)) {
$fl = $fields;
for ($j = 0, $count_fl = count($fl); $j < $count_fl; $j++) {
for ($i = 0, $count_flds = count($flds['data']); $i < $count_flds; $i++) {
if ($flds['data'][$i]['fieldId'] == $fl[$j]) {
$flds['data'][$i]['value'] = $values[$j];
}
}
}
} else {
// values contains all the fields value in the default order
$i = 0;
foreach ($values as $value) {
$flds['data'][$i++]['value'] = $value;
}
}
} elseif (!empty($itemId)) {
if (isset($fields)) {
$fl = $fields;
$filter = '';
foreach ($flds['data'] as $f) {
if (in_array($f['fieldId'], $fl)) {
$filter[] = $f;
}
}
} else {
$filter =& $flds['data'];
}
if (!empty($filter)) {
foreach ($filter as $f) {
$filter2[$f['fieldId']] = $f;
}
$flds['data'] = $trklib->get_item_fields($trackerId, $itemId, $filter2, $itemUser, true);
}
// todo: apply the values for fields with no values
} else {
if (isset($_REQUEST['values']) && isset($_REQUEST['prefills'])) {
//url:prefills=1:2&values[]=x&values[]=y
if (!is_array($_REQUEST['values'])) {
$_REQUEST['values'] = array($_REQUEST['values']);
}
$fl = preg_split('/:/', $_REQUEST['prefills']);
} else {
unset($fl);
}
for ($i = 0, $count_flds2 = count($flds['data']); $i < $count_flds2; $i++) {
if (isset($fl) && ($j = array_search($flds['data'][$i]['fieldId'], $fl)) !== false) {
$flds['data'][$i]['value'] = $_REQUEST['values'][$j];
} else {
// setting default value prevent dropdown default value working
$options = $flds['data'][$i]['options_array'];
if (!in_array($flds['data'][$i]['type'], array('d', 'D', 'R', 'M')) || count($options) === count(array_unique($options))) {
$flds['data'][$i]['value'] = '';
// initialize fields with blank values
}
}
}
}
}
// Check that individual fields are in the tracker
if (!empty($fields)) {
$fl = $fields;
if ($sort == 'y') {
$flds = $trklib->sort_fields($flds, $fl);
}
foreach ($fl as $l) {
$ok = false;
foreach ($flds['data'] as $f) {
if ($f['fieldId'] == $l) {
$ok = true;
break;
}
}
if (!$ok) {
$back .= '<div class="alert alert-warning"><strong>' . tra('Incorrect fieldId:') . ' ' . $l . '</strong>.<br> ' . tra("Please ensure you are using the correct field ID and that it is properly included in the template, if any.") . '</div>';
}
}
} elseif (empty($fields) && empty($wiki) && empty($tpl)) {
// in this case outf still be blank and needs to be filled
foreach ($flds['data'] as $f) {
$outf[] = $f['fieldId'];
}
}
// Check that multiple fill fields are in the tracker
if (!empty($fieldsfill)) {
foreach ($fill_fields as $l) {
$ok = false;
foreach ($fill_flds['data'] as $f) {
if ($f['fieldId'] == $l) {
$ok = true;
break;
}
}
if (!$ok) {
$back .= '<div class="alert alert-warning">' . tra('Incorrect fieldId:') . ' ' . $l . '</div>';
}
}
}
// Display warnings when needed
if (count($field_errors['err_mandatory']) > 0 || count($field_errors['err_value']) > 0) {
$back .= $smarty->fetch('tracker_error.tpl');
$_REQUEST['error'] = 'y';
if (count($field_errors['err_mandatory']) > 0) {
$msg = tra('Following mandatory fields are missing');
foreach ($field_errors['err_mandatory'] as $err) {
$msg .= '<br> ' . $err['name'];
}
TikiLib::lib('errorreport')->report($msg);
}
if (count($field_errors['err_value']) > 0) {
$msg = tra('Following fields are incorrect');
foreach ($field_errors['err_value'] as $err) {
$msg .= '<br> ' . $err['name'];
}
TikiLib::lib('errorreport')->report($msg);
}
if ($registration && !empty($userField) && isset($_REQUEST['name']) && $_REQUEST['name'] === $userField['value'] && $_REQUEST['name'] === $user) {
// if in registration and creating a user tracker item for the new user
// remove the user if they did not complete the tracker correctly
$userlib->remove_user($userField['value']);
if ($prefs['eponymousGroups'] == 'y') {
// eponymous group will contain only this (former) user so remove that too
$userlib->remove_group($userField['value']);
}
$user = '';
// needed to re-include the captcha inputs
$hidden_fieldId = array();
// remove hidden user fields which are otherwise required
foreach ($flds['data'] as $k => $v) {
// remove the login field otherwise it gets rendered in the form also required
if ($v['fieldId'] == $userField['fieldId']) {
unset($flds['data'][$k]);
}
}
}
if (isset($field_errors['err_antibot'])) {
$_REQUEST['error'] = 'y';
}
if (isset($field_errors['err_outputwiki'])) {
$smarty->loadPlugin('smarty_function_icon');
$icon = smarty_function_icon(['name' => 'warning'], $smarty);
$back .= '<div class="alert alert-warning">' . $icon . ' ';
$back .= $field_errors['err_outputwiki'];
$back .= '</div><br />';
$_REQUEST['error'] = 'y';
}
if (count($field_errors['err_mandatory']) > 0 || count($field_errors['err_value']) > 0 || isset($field_errors['err_antibot']) || isset($field_errors['err_outputwiki'])) {
$smarty->assign('input_err', 'y');
}
}
if (!empty($page)) {
$back .= '~np~';
$smarty->assign_by_ref('tiki_p_admin_trackers', $perms['tiki_p_admin_trackers']);
}
if (!empty($params['_ajax_form_ins_id'])) {
$headerlib = TikiLib::lib('header');
$old_js['js'] = $headerlib->js;
// of tracker form JS into a function to initialise it when the dialog is created
$old_js['jq_onready'] = $headerlib->jq_onready;
$headerlib->clear_js();
// so store existing js for later and clear
}
if ($prefs['feature_jquery'] == 'y' && $prefs['feature_jquery_validation'] == 'y') {
$validatorslib = TikiLib::lib('validators');
$customvalidation = '';
$customvalidation_m = '';
if ($registration == 'y') {
// email validation
$customvalidation .= 'email: { ';
$customvalidation .= 'required: true, ';
$customvalidation .= 'email: true }, ';
$customvalidation_m .= 'email: { email: "' . tra("Invalid email") . '", required: "' . tra("This field is required") . '"}, ';
// password validation
$customvalidation .= 'pass: { ';
$customvalidation .= 'required: true, ';
$customvalidation .= 'remote: { ';
$customvalidation .= 'url: "validate-ajax.php", ';
$customvalidation .= 'type: "post", ';
$customvalidation .= 'data: { ';
$customvalidation .= 'validator: "password", ';
$customvalidation .= 'input: function() { ';
$customvalidation .= 'return $("#pass1").val(); ';
$customvalidation .= '} } } ';
$customvalidation .= '}, ';
$customvalidation_m .= 'pass: { required: "' . tra("This field is required") . '"}, ';
// password repeat validation
$customvalidation .= 'passAgain: { equalTo: "#pass1" }, ';
$customvalidation_m .= 'passAgain: { equalTo: "' . tra("Passwords do not match") . '"}, ';
// username validation
$customvalidation .= 'name: { ';
$customvalidation .= 'required: true, ';
$customvalidation .= 'remote: { ';
$customvalidation .= 'url: "validate-ajax.php", ';
$customvalidation .= 'type: "post", ';
$customvalidation .= 'data: { ';
$customvalidation .= 'validator: "username", ';
$customvalidation .= 'input: function() { ';
$customvalidation .= 'return $("#name").val(); ';
$customvalidation .= '} } } ';
$customvalidation .= '}, ';
$customvalidation_m .= 'name: { required: "' . tra("This field is required") . '"}, ';
if (extension_loaded('gd') && function_exists('imagepng') && function_exists('imageftbbox') && $prefs['feature_antibot'] == 'y' && empty($user) && $prefs['recaptcha_enabled'] != 'y') {
// antibot validation
$customvalidation .= '"captcha[input]": { ';
$customvalidation .= 'required: true, ';
$customvalidation .= 'remote: { ';
$customvalidation .= 'url: "validate-ajax.php", ';
$customvalidation .= 'type: "post", ';
$customvalidation .= 'data: { ';
$customvalidation .= 'validator: "captcha", ';
$customvalidation .= 'parameter: function() { ';
$customvalidation .= 'return $("#captchaId").val(); ';
$customvalidation .= '}, ';
$customvalidation .= 'input: function() { ';
$customvalidation .= 'return $("#antibotcode").val(); ';
$customvalidation .= '} } } ';
$customvalidation .= '}, ';
$customvalidation_m .= '"captcha[input]": { required: "' . tra("This field is required") . '"}, ';
}
if ($prefs['useRegisterPasscode'] == 'y') {
$customvalidation .= 'passcode: {
required: true,
remote: {
url: "validate-ajax.php",
type: "post",
data: {
validator: "passcode",
input: function() {
return $("#passcode").val();
}
}
}
}, ';
$customvalidation_m .= 'passcode: { required: "' . tra("This field is required") . '"}, ';
}
}
$validationjs = $validatorslib->generateTrackerValidateJS($flds['data'], $fields_prefix, $customvalidation, $customvalidation_m);
if (!empty($params['_ajax_form_ins_id']) && $params['_ajax_form_ins_id'] === 'group') {
$headerlib->add_jq_onready("var ajaxTrackerValidation_group={validation:{" . $validationjs . '};');
// return clean rules and messages object for ajax
} else {
$smarty->assign('validationjs', $validationjs);
$back .= $smarty->fetch('tracker_validator.tpl');
}
}
if ($params['formtag'] == 'y') {
//check if tracker has custom form classes, else default to form-horizontal
$formClasses = $tracker['useFormClasses'] == 'y' ? $tracker['formClasses'] : "form-horizontal";
$back .= '<form class="' . $formClasses . '" name="editItemForm' . $iTRACKER . '" id="editItemForm' . $iTRACKER . '" enctype="multipart/form-data" method="post"' . (isset($target) ? ' target="' . $target . '"' : '') . ' action="' . $_SERVER['REQUEST_URI'] . '"><input type="hidden" name="trackit" value="' . $trackerId . '" />';
$back .= '<input type="hidden" name="refresh" value="1" />';
}
$back .= '<input type="hidden" name="iTRACKER" value="' . $iTRACKER . '" />';
if (isset($_REQUEST['page'])) {
$back .= '<input type="hidden" name="page" value="' . $_REQUEST["page"] . '" />';
}
// for registration
if (isset($_REQUEST['name'])) {
$back .= '<input type="hidden" name="name" value="' . $_REQUEST["name"] . '" />';
}
if (isset($_REQUEST['pass'])) {
$back .= '<input type="hidden" name="pass" value="' . $_REQUEST["pass"] . '" />';
$back .= '<input type="hidden" name="passAgain" value="' . $_REQUEST["pass"] . '" />';
}
if (isset($_REQUEST['email'])) {
$back .= '<input type="hidden" name="email" value="' . $_REQUEST["email"] . '" />';
}
if (isset($_REQUEST['antibotcode'])) {
$back .= '<input type="hidden" name="antibotcode" value="' . $_REQUEST["antibotcode"] . '" />';
}
if (isset($_REQUEST['chosenGroup'])) {
// for registration
$back .= '<input type="hidden" name="chosenGroup" value="' . $_REQUEST["chosenGroup"] . '" />';
}
if (isset($_REQUEST['register'])) {
$back .= '<input type="hidden" name="register" value="' . $_REQUEST["register"] . '" />';
}
if ($showtitle == 'y') {
$back .= '<div class="h1">' . $tracker["name"] . '</div>';
}
if ($showdesc == 'y' && $tracker['description']) {
if ($tracker['descriptionIsParsed'] == 'y') {
$back .= '<div class="wikitext">' . $tikilib->parse_data($tracker['description']) . '</div><br />';
} else {
$back .= '<div class="wikitext">' . tra($tracker["description"]) . '</div><br />';
}
}
if (isset($_REQUEST['tr_preview'])) {
// use for the computed and join fields
$assocValues = array();
$assocNumerics = array();
foreach ($flds['data'] as $f) {
if (empty($f['value']) && ($f['type'] == 'u' || $f['type'] == 'g' || $f['type'] == 'I') && ($f['options_array'][0] == '1' || $f['options_array'][0] == '2')) {
//need to fill the selector fields for the join
$f['value'] = $f['type'] == 'I' ? $tikilib->get_ip_address() : ($f['type'] == 'g' ? $group : $user);
}
$assocValues[$f['fieldId']] = $f['value'];
$assocNumerics[$f['fieldId']] = preg_replace('/[^0-9\\.\\+]/', '', $f['value']);
// get rid off the $ and such unit
}
}
if (!empty($itemId)) {
$item = array('itemId' => $itemId, 'trackerId' => $trackerId);
} else {
$item = array('itemId' => '');
}
foreach ($flds['data'] as $i => $f) {
// collect additional infos
if (in_array($f['fieldId'], $outf)) {
$flds['data'][$i]['ins_id'] = $f['type'] == 'e' ? 'ins_' . $f['fieldId'] : $fields_prefix . $f['fieldId'];
if (($f['isHidden'] == 'c' || $f['isHidden'] == 'p') && !empty($itemId) && !isset($item['creator'])) {
$item['creator'] = $trklib->get_item_creator($trackerId, $itemId);
}
}
}
if (!empty($showstatus) && $showstatus == 'y') {
$status_types = $trklib->status_types();
$smarty->assign_by_ref('status_types', $status_types);
$smarty->assign('form_status', 'status');
$smarty->assign_by_ref('tracker', $tracker);
if (!empty($item_info)) {
$smarty->assign_by_ref('item', $item_info);
}
$status_input = $smarty->fetch('tracker_status_input.tpl');
}
$labelclass = 'col-md-3';
$inputclass = 'col-md-9';
$buttonclass = 'col-md-9 col-md-offset-3';
if ($registration == "y") {
$back .= '<input type="hidden" name="register" value="Register">';
$labelclass = 'col-md-4 col-sm-3';
$inputclass = 'col-md-4 col-sm-6';
$buttonclass = 'col-md-8 col-md-offset-4';
}
// Loop on tracker fields and display form
if (empty($tpl) && empty($wiki)) {
$back .= '<div class="wikiplugin_tracker">';
if (!empty($showstatus) && $showstatus == 'y') {
$back .= '<div class="alert alert-info">' . tra('Status') . $status_input . '</div>';
// <tr><td>'.tra('Status').'</td><td>'.$status_input.'</td></tr>
}
if ($registration == 'y' && $prefs["user_register_prettytracker"] != 'y') {
$back .= $smarty->fetch('register-form.tpl');
}
} else {
$back .= '<div class="wikiplugin_tracker">';
if (!empty($showstatus) && $showstatus == 'y') {
$smarty->assign_by_ref('f_status_input', $status_input);
}
}
$backLength0 = strlen($back);
foreach ($flds['data'] as $f) {
if (!in_array($f['fieldId'], $auto_fieldId) && in_array($f['fieldId'], $hidden_fieldId)) {
// Show in hidden form
$back .= '<span style="display:none;">' . wikiplugin_tracker_render_input($f, $item, $dynamicSave) . '</span>';
} elseif (!in_array($f['fieldId'], $auto_fieldId) && in_array($f['fieldId'], $outf)) {
if ($showmandatory == 'y' and $f['isMandatory'] == 'y') {
$onemandatory = true;
}
if ($f['type'] == 'A') {
$smarty->assign_by_ref('tiki_p_attach_trackers', $perms['tiki_p_attach_trackers']);
}
if (!empty($tpl) || !empty($wiki)) {
if ($prettyModifier[$f['fieldId']] == "output") {
//check if modifier is set to "output" ( set in getPrettyFieldIds() in trackerlib )
$prettyout = '<span class="outputPretty" id="track_' . $f['fieldId'] . '" name="track_' . $f['fieldId'] . '">' . wikiplugin_tracker_render_value($f, $item) . '</span>';
$smarty->assign('f_' . $f['fieldId'], $prettyout);
$smarty->assign('f_' . $f['permName'], $prettyout);
} else {
$mand = ($showmandatory == 'y' and $f['isMandatory'] == 'y') ? " <strong class='mandatory_star'>*</strong> " : '';
if (!empty($f['description'])) {
$desc = $f['descriptionIsParsed'] == 'y' ? $tikilib->parse_data($f['description']) : tra($f['description']);
$desc = '<div class="trackerplugindesc">' . $desc . '</div>';
} else {
$desc = '';
}
if (!empty($prettyModifier[$f['fieldId']])) {
// check if a template was specified in prettyModifier
$smarty->assign("field_name", $f['name']);
$smarty->assign("field_id", $f['fieldId']);
$smarty->assign("permname", $f['permName']);
$smarty->assign("mandatory_sym", $mand);
$smarty->assign("field_input", wikiplugin_tracker_render_input($f, $item, $dynamicSave));
$smarty->assign("description", $desc);
$smarty->assign("field_type", $f['type']);
$prettyout = $smarty->fetch($prettyModifier[$f['fieldId']]);
//fetch template identified in prettyModifier
} else {
$prettyout = wikiplugin_tracker_render_input($f, $item, $dynamicSave) . $mand . $desc;
}
$smarty->assign('f_' . $f['fieldId'], $prettyout);
$smarty->assign('f_' . $f['permName'], $prettyout);
}
} else {
$back .= '<div class="form-group tracker_input_label"';
// <tr><td class="tracker_input_label"
// If type is has a samerow param and samerow is "No", show text on one line and the input field on the next
$isTextOnSameRow = true;
switch ($f['type']) {
case 't':
// Text field
// Text field
case 'n':
// Numeric field
// Numeric field
case 'b':
// Currency
if (empty($f['options_array']) || isset($f['options_array']['0']) && strlen($f['options_array']['0']) == 0) {
// Use default
// Pending: Unable to locate the object to check to determine the default (in the tracker field definitions). Hardcode true. Arild
$isTextOnSameRow = true;
} else {
$isTextOnSameRow = intval($f['options_array']['0']) == 0 ? false : true;
}
break;
case 'a':
// Text area
$isTextOnSameRow = true;
if (isset($f['options_array']['8'])) {
if (empty($f['options_array']) || isset($f['options_array']['8']) && strlen($f['options_array']['8']) == 0) {
// Use default
// Pending: Unable to locate the object to check to determine the default (in the tracker field definitions). Hardcode true. Arild
$isTextOnSameRow = true;
} else {
$isTextOnSameRow = intval($f['options_array']['8']) == 0 ? false : true;
}
}
break;
}
if (!empty($colwidth)) {
$back .= " width='" . $colwidth . "'";
}
$back .= '><label class="' . $labelclass . ' control-label" for="' . $f['ins_id'] . '">' . wikiplugin_tracker_name($f['fieldId'], tra($f['name']), $field_errors);
//
if ($showmandatory == 'y' and $f['isMandatory'] == 'y' && $registration != 'y') {
$back .= " <strong class='mandatory_star'>*</strong> ";
}
$back .= '</label>';
// If use different lines, add a line break.
// Otherwise a new column
if (!$isTextOnSameRow) {
$back .= "<br/>";
} else {
$back .= '<div class="' . $inputclass . ' tracker_input_value tracker_field' . $f['fieldId'] . '">';
// '</td><td class="tracker_input_value">';
}
$back .= wikiplugin_tracker_render_input($f, $item, $dynamicSave) . "</div>";
// chibaguy added /divs
if ($showmandatory == 'y' and $f['isMandatory'] == 'y' && $registration == 'y') {
$back .= '<div class="col-md-1 col-sm-1"><span class="text-danger tips" title=":' . tra('This field is mandatory') . '">*</span></div>';
}
if ($isTextOnSameRow) {
$back .= '</div>';
}
}
if ($f['type'] != 'S' && empty($tpl) && empty($wiki)) {
if ($showfieldsdesc == 'y') {
$back .= '<div class="form-group tracker-help-block"><div class="' . $labelclass . ' control-label sr-only">Label</div><div class="' . $inputclass . ' trackerplugindesc help-block">';
if ($f['descriptionIsParsed'] == 'y') {
$back .= $tikilib->parse_data($f['description']);
} else {
$back .= tra($f['description']);
}
$back .= '</div></div>';
}
}
}
}
if (isset($params['fieldsfill']) && !empty($params['fieldsfill']) && empty($itemId)) {
// $back.= '<tr><td><label for="ins_fill">' . tra("Create multiple items (one per line).") . '</label>';
$back .= '<div class="form-group"><label class="col-md-3" for="ins_fill">' . tra("Insert one item per line:") . '<br />' . '<br />' . '<br />' . '</label>';
$back .= <<<FILL
// </td><td>
<input type="hidden" value="" name="mode_wysiwyg"/>
<input type="hidden" value="" name="mode_normal"/>
<div class="edit-zone">
<textarea id="ins_fill" class="wikiedit class="form-control" data-syntax="" data-codemirror="" onkeyup="" rows="15" name="ins_fill" >
</textarea>
</div>
<input type="hidden" value="n" name="wysiwyg"/>
<div name="ins_fill_desc" class="trackerplugindesc" >
FILL;
$back .= sprintf(tra('Each line is a list of %d field values separated with: %s'), $fill_line_cant, htmlspecialchars($fieldsfillseparator));
$back .= '</div><div name="ins_fill_desc2" class="trackerplugindesc" >' . htmlspecialchars(implode($fieldsfillseparator, $fieldsfillnames));
$back .= '</div>';
// $back .= '</td></tr>';
}
if ($prefs['feature_antibot'] == 'y' && (empty($user) || !empty($user) && isset($_REQUEST['error']) && $_REQUEST['error'] == 'y')) {
$smarty->assign('showantibot', true);
}
if (!empty($tpl)) {
$smarty->security = true;
$back .= $smarty->fetch($tpl);
} elseif (!empty($wiki)) {
$smarty->security = true;
if ($tikilib->page_exists($wiki)) {
$back .= $smarty->fetch('wiki:' . $wiki);
} else {
$back .= '<span class="alert-warning">' . tr('Missing wiki template page "%0"', htmlspecialchars($wiki)) . '</span>';
}
}
$smarty->assign('showmandatory', $showmandatory);
if ($prefs['feature_antibot'] == 'y' && empty($user) && (!isset($transactionStep) || $transactionStep == 0) && $params['formtag'] != 'n' && ($registration != 'y' || $prefs["user_register_prettytracker"] != 'y')) {
// in_tracker session var checking is for tiki-register.php
$smarty->assign('antibot_table', empty($wiki) && empty($tpl) ? 'n' : 'y');
$captchalib = TikiLib::lib('captcha');
$smarty->assign('captchalib', $captchalib);
if ($registration == 'y') {
$smarty->assign('form', 'register');
}
$back .= $smarty->fetch('antibot.tpl');
}
$back .= '</div>';
if ($params['formtag'] == 'y') {
if (empty($wiki) && empty($tpl)) {
$back .= '<div class="form-group"><div class="input_submit_container btn-bar ' . $buttonclass . '">';
} else {
$back .= '<div class="form-group"><div class="input_submit_container btn-bar">';
}
if (!empty($reset)) {
$back .= '<input class="button submit preview" type="reset" name="tr_reset" value="' . tra($reset) . '" />';
}
if (!empty($preview)) {
$back .= '<input class="btn btn-default button submit preview" type="submit" name="tr_preview" value="' . tra($preview) . '" />';
}
foreach ($action as $key => $act) {
$back .= '<input class="button submit ' . $action_style[$key] . '" type="submit" name="action' . $key . '" value="' . tra($act) . '" onclick="needToConfirm=false" />';
}
$back .= '</div></div>';
}
if ($showmandatory == 'y' and $onemandatory) {
if (empty($wiki) && empty($tpl)) {
$back .= "<div class='form-group'><div class='" . $buttonclass . "'><div class='text-center alert alert-danger'><em>" . tra("Fields marked with an * are mandatory.") . "</em></div></div></div>";
} else {
$back .= "<div class='form-group'><div class='text-center alert alert-danger'><em>" . tra("Fields marked with an * are mandatory.") . "</em></div></div>";
}
}
if ($params['formtag'] == 'y') {
$back .= '</form>';
}
if (!empty($params['_ajax_form_ins_id'])) {
// save new js in a function for the form init fn
$headerlib->add_js(' var ajaxTrackerFormInit_' . $params['_ajax_form_ins_id'] . ' = function() {' . $headerlib->output_js(false) . '}', 10);
// put back the pre-existing js
$headerlib->js = array_merge($headerlib->js, $old_js['js']);
$headerlib->jq_onready = array_merge($headerlib->jq_onready, $old_js['jq_onready']);
}
if (!empty($page)) {
$back .= '~/np~';
}
$smarty->assign_by_ref('tiki_p_admin_trackers', $perms['tiki_p_admin_trackers']);
return $back;
} else {
if (isset($_REQUEST['trackit']) and $_REQUEST['trackit'] == $trackerId) {
$smarty->assign('wikiplugin_tracker', $trackerId);
}
//used in vote plugin
$id = ' id="wikiplugin_tracker' . $iTRACKER . '"';
if ($showtitle == 'y') {
$back .= '<div class="h1"' . $id . '>' . $tracker["name"] . '</div>';
$id = '';
}
if ($showdesc == 'y') {
$back .= '<div class="wikitext"' . $id . '>' . $tracker["description"] . '</div><br />';
$id = '';
}
$back .= "<div{$id}>" . $data . '</div>';
return $back;
}
}
function renderOutput($context = array())
{
global $prefs;
global $mimetypes;
include 'lib/mime/mimetypes.php';
$galleryId = (int) $this->getOption('galleryId');
if (!isset($context['list_mode'])) {
$context['list_mode'] = 'n';
}
$value = $this->getValue();
if ($context['list_mode'] === 'csv') {
return $value;
}
$ret = '';
if (!empty($value)) {
if ($this->getOption('displayImages')) {
// images
$params = array('fileId' => $value);
if ($context['list_mode'] === 'y') {
$params['thumb'] = $context['list_mode'];
$params['rel'] = 'box[' . $this->getInsertId() . ']';
$otherParams = $this->getOption('imageParamsForLists');
} else {
$otherParams = $this->getOption('imageParams');
}
if ($otherParams) {
parse_str($otherParams, $otherParams);
$params = array_merge($params, $otherParams);
}
include_once 'lib/wiki-plugins/wikiplugin_img.php';
$params['fromFieldId'] = $this->getConfiguration('fieldId');
$params['fromItemId'] = $this->getItemId();
$item = Tracker_Item::fromInfo($this->getItemData());
$params['checkItemPerms'] = $item->canModify() ? 'n' : 'y';
$ret = wikiplugin_img('', $params, 0);
$ret = preg_replace('/~\\/?np~/', '', $ret);
} else {
$smarty = TikiLib::lib('smarty');
$smarty->loadPlugin('smarty_function_object_link');
$ret = '<ol>';
foreach ($this->getConfiguration('files') as $fileId => $file) {
$ret .= '<li>';
$ret .= smarty_function_object_link(array('type' => 'file', 'id' => $fileId, 'title' => $file['name']), $smarty);
$globalperms = Perms::get(array('type' => 'file gallery', 'object' => $galleryId));
if ($prefs['feature_draw'] == 'y' && $globalperms->upload_files == 'y' && ($file['filetype'] == $mimetypes["svg"] || $file['filetype'] == $mimetypes["gif"] || $file['filetype'] == $mimetypes["jpg"] || $file['filetype'] == $mimetypes["png"] || $file['filetype'] == $mimetypes["tiff"])) {
$ret .= " <a href='tiki-edit_draw.php?fileId=" . $file['fileId'] . "' onclick='return \$(this).ajaxEditDraw();' title='Edit: " . $file['name'] . "' data-fileid='" . $file['fileId'] . "' data-galleryid='" . $file['galleryId'] . "'>\n\t\t\t\t\t\t\t<img width='16' height='16' class='icon' alt='Edit' src='img/icons/page_edit.png' />\n\t\t\t\t\t\t</a>";
}
$ret .= '</li>';
}
$ret .= '</ol>';
}
}
return $ret;
}
public function list_items($trackerId, $offset = 0, $maxRecords = -1, $sort_mode = '', $listfields = '', $filterfield = '', $filtervalue = '', $status = '', $initial = '', $exactvalue = '', $filter = '', $allfields = null, $skip_status_perm_check = false, $skip_permission_check = false)
{
//echo '<pre>FILTERFIELD:'; print_r($filterfield); echo '<br />FILTERVALUE:';print_r($filtervalue); echo '<br />EXACTVALUE:'; print_r($exactvalue); echo '<br />STATUS:'; print_r($status); echo '<br />FILTER:'; print_r($filter); /*echo '<br />LISTFIELDS'; print_r($listfields);*/ echo '</pre>';
global $prefs;
$cat_table = '';
$sort_tables = '';
$sort_join_clauses = '';
$csort_mode = '';
$corder = '';
$trackerId = (int) $trackerId;
$numsort = false;
$mid = ' WHERE tti.`trackerId` = ? ';
$bindvars = array($trackerId);
$join = '';
if (!empty($filter)) {
$mid2 = array();
$this->parse_filter($filter, $mid2, $bindvars);
if (!empty($mid2)) {
$mid .= ' AND ' . implode(' AND ', $mid2);
}
}
if (!$this->getSqlStatus($status, $mid, $bindvars, $trackerId, $skip_status_perm_check) && !$skip_status_perm_check && $status) {
return array('cant' => 0, 'data' => '');
}
if (substr($sort_mode, 0, 2) == 'f_') {
list($a, $asort_mode, $corder) = preg_split('/_/', $sort_mode);
}
if ($initial) {
$mid .= ' AND ttif.`value` LIKE ?';
$bindvars[] = $initial . '%';
if (isset($asort_mode)) {
$mid .= ' AND ttif.`fieldId` = ?';
$bindvars[] = $asort_mode;
}
}
if (!$sort_mode) {
$sort_mode = 'lastModif_desc';
}
if (substr($sort_mode, 0, 2) == 'f_' or !empty($filterfield)) {
$cat_table = '';
if (substr($sort_mode, 0, 2) == 'f_') {
$csort_mode = 'sttif.`value` ';
$sort_tables = ' LEFT JOIN (`tiki_tracker_item_fields` sttif)' . ' ON (tti.`itemId` = sttif.`itemId`' . (!empty($asort_mode) ? " AND sttif.`fieldId` = {$asort_mode}" : '') . ')';
// Do we need a numerical sort on the field ?
$field = $this->get_tracker_field($asort_mode);
switch ($field['type']) {
case 'C':
case '*':
case 'q':
case 'n':
$numsort = true;
break;
case 'l':
// Do nothing, value is dynamic and thus cannot be sorted on
$csort_mode = 1;
$csort_tables = '';
break;
case 'r':
$link_field = intval($field['fieldId']);
$remote_field = intval($field['options_array'][1]);
$sort_tables = '
LEFT JOIN `tiki_tracker_item_fields` itemlink ON tti.itemId = itemlink.itemId AND itemlink.fieldId = ' . $link_field . '
LEFT JOIN `tiki_tracker_item_fields` sttif ON itemlink.value = sttif.itemId AND sttif.fieldId = ' . $remote_field . '
';
break;
case 's':
// if ($field['name'] == 'Rating' || $field['name'] == tra('Rating')) { // No need to have that string, isn't it? Admins can replace for a more suited string in their use case
$numsort = true;
// }
break;
}
} else {
list($csort_mode, $corder) = preg_split('/_/', $sort_mode);
$csort_mode = 'tti.`' . $csort_mode . '` ';
}
if (empty($filterfield)) {
$nb_filtered_fields = 0;
} elseif (!is_array($filterfield)) {
$fv = $filtervalue;
$ev = $exactvalue;
$ff = (int) $filterfield;
$nb_filtered_fields = 1;
} else {
$nb_filtered_fields = count($filterfield);
}
$last = 0;
for ($i = 0; $i < $nb_filtered_fields; $i++) {
if (is_array($filterfield)) {
//multiple filter on an exact value or a like value - each value can be simple or an array
$ff = (int) $filterfield[$i];
$ff_array = $filterfield[$i];
// Need value as array used below
$ev = !empty($exactvalue[$i]) ? $exactvalue[$i] : '';
$fv = !empty($filtervalue[$i]) ? $filtervalue[$i] : '';
}
$filter = $this->get_tracker_field($ff);
// Determine if field is an item list field and postpone filtering till later if so
if ($filter["type"] == 'l' && isset($filter['options_array'][2]) && isset($filter['options_array'][2]) && isset($filter['options_array'][3])) {
$linkfilter[] = array('filterfield' => $ff, 'exactvalue' => $ev, 'filtervalue' => $fv);
continue;
}
$j = $last > 0 ? '0' : '';
$cat_table .= " INNER JOIN `tiki_tracker_item_fields` ttif{$i} ON (ttif{$i}.`itemId` = ttif{$j}.`itemId`)";
$last++;
if (isset($ff_array['sqlsearch']) && is_array($ff_array['sqlsearch'])) {
$mid .= " AND ttif{$i}.`fieldId` in (" . implode(',', array_fill(0, count($ff_array['sqlsearch']), '?')) . ')';
$bindvars = array_merge($bindvars, $ff_array['sqlsearch']);
} elseif ($ff) {
$mid .= " AND ttif{$i}.`fieldId`=? ";
$bindvars[] = $ff;
}
if ($filter['type'] == 'e' && $prefs['feature_categories'] == 'y' && (!empty($ev) || !empty($fv))) {
//category
$value = empty($fv) ? $ev : $fv;
if (!is_array($value) && $value != '') {
$value = array($value);
$not = '';
} elseif (is_array($value) && array_key_exists('not', $value)) {
$value = array($value['not']);
$not = 'not';
}
if (empty($not)) {
$cat_table .= " INNER JOIN `tiki_objects` tob{$ff} ON (tob{$ff}.`itemId` = tti.`itemId`)" . " INNER JOIN `tiki_category_objects` tco{$ff} ON (tob{$ff}.`objectId` = tco{$ff}.`catObjectId`)";
$mid .= " AND tob{$ff}.`type` = 'trackeritem' AND tco{$ff}.`categId` IN ( ";
} else {
$cat_table .= " left JOIN `tiki_objects` tob{$ff} ON (tob{$ff}.`itemId` = tti.`itemId`)" . " left JOIN `tiki_category_objects` tco{$ff} ON (tob{$ff}.`objectId` = tco{$ff}.`catObjectId`)";
$mid .= " AND tob{$ff}.`type` = 'trackeritem' AND tco{$ff}.`categId` NOT IN ( ";
}
$first = true;
foreach ($value as $k => $catId) {
if (is_array($catId)) {
// this is a grouped AND logic for optimization indicated by the value being array
$innerfirst = true;
foreach ($catId as $c) {
if (is_array($c)) {
$innerfirst = true;
foreach ($c as $d) {
$bindvars[] = $d;
if ($innerfirst) {
$innerfirst = false;
} else {
$mid .= ',';
}
$mid .= '?';
}
} else {
$bindvars[] = $c;
$mid .= '?';
}
}
if ($k < count($value) - 1) {
$mid .= " ) AND ";
if (empty($not)) {
$ff2 = $ff . '_' . $k;
$cat_table .= " INNER JOIN `tiki_category_objects` tco{$ff2} ON (tob{$ff}.`objectId` = tco{$ff2}.`catObjectId`)";
$mid .= "tco{$ff2}.`categId` IN ( ";
} else {
$ff2 = $ff . '_' . $k;
$cat_table .= " left JOIN `tiki_category_objects` tco{$ff2} ON (tob{$ff}.`objectId` = tco{$ff2}.`catObjectId`)";
$mid .= "tco{$ff2}.`categId` NOT IN ( ";
}
}
} else {
$bindvars[] = $catId;
if ($first) {
$first = false;
} else {
$mid .= ',';
}
$mid .= '?';
}
}
$mid .= " ) ";
if (!empty($not)) {
$mid .= " OR tco{$ff}.`categId` IS NULL ";
}
} elseif ($filter['type'] == 'usergroups') {
$definition = Tracker_Definition::get($trackerId);
$userFieldId = $definition->getUserField();
$cat_table .= " INNER JOIN `tiki_tracker_item_fields` ttifu ON (tti.`itemId`=ttifu.`itemId`) INNER JOIN `users_users` uu ON (ttifu.`value`=uu.`login`) INNER JOIN `users_usergroups` uug ON (uug.`userId`=uu.`userId`)";
$mid .= ' AND ttifu.`fieldId`=? AND uug.`groupName`=? ';
$bindvars[] = $userFieldId;
$bindvars[] = empty($ev) ? $fv : $ev;
} elseif ($filter['type'] == '*') {
// star
$mid .= " AND ttif{$i}.`value`*1>=? ";
$bindvars[] = $ev;
if (($j = array_search($ev, $filter['options_array'])) !== false && $j + 1 < count($filter['options_array'])) {
$mid .= " AND ttif{$i}.`value`*1<? ";
$bindvars[] = $filter['options_array'][$j + 1];
}
} elseif ($filter['type'] == 'r' && ($fv || $ev)) {
$cv = $fv ? $fv : $ev;
if (is_numeric($cv)) {
$mid .= " AND ttif{$i}.`value` = ? ";
$bindvars[] = $cv;
} else {
$cat_table .= " INNER JOIN tiki_tracker_item_fields ttif{$i}_remote ON ttif{$i}.`value` = ttif{$i}_remote.`itemId` AND ttif{$i}_remote.`fieldId` = " . intval($filter['options_array'][1]) . ' ';
$mid .= " AND ttif{$i}_remote.`value` LIKE ? ";
$bindvars[] = $ev ? $ev : "%{$fv}%";
}
} elseif ($ev > '') {
if (is_array($ev)) {
$keys = array_keys($ev);
if (in_array((string) $keys[0], array('<', '>'))) {
$mid .= " AND ttif{$i}.`value`" . $keys[0] . "? + 0";
$bindvars[] = $ev[$keys[0]];
} elseif (in_array((string) $keys[0], array('<=', '>='))) {
$mid .= " AND (ttif{$i}.`value`" . $keys[0] . "? + 0 OR ttif{$i}.`value` = ?)";
$bindvars[] = $ev[$keys[0]];
$bindvars[] = $ev[$keys[0]];
} elseif ($keys[0] === 'not') {
$mid .= " AND ttif{$i}.`value` not in (" . implode(',', array_fill(0, count($ev), '?')) . ")";
$bindvars = array_merge($bindvars, array_values($ev));
} else {
$mid .= " AND ttif{$i}.`value` in (" . implode(',', array_fill(0, count($ev), '?')) . ")";
$bindvars = array_merge($bindvars, array_values($ev));
}
} elseif (isset($ff_array['sqlsearch']) && is_array($ff_array['sqlsearch'])) {
$mid .= " AND MATCH(ttif{$i}.`value`) AGAINST(? IN BOOLEAN MODE)";
$bindvars[] = $ev;
} else {
$mid .= " AND ttif{$i}.`value`=? ";
$bindvars[] = $ev == '' ? $fv : $ev;
}
} elseif ($fv > '') {
if (!is_array($fv)) {
$value = array($fv);
} else {
$value = $fv;
}
$mid .= ' AND(';
$cpt = 0;
foreach ($value as $v) {
if ($cpt++) {
$mid .= ' OR ';
}
$mid .= " upper(ttif{$i}.`value`) like upper(?) ";
if (substr($v, 0, 1) == '*' || substr($v, 0, 1) == '%') {
$bindvars[] = '%' . substr($v, 1);
} elseif (substr($v, -1, 1) == '*' || substr($v, -1, 1) == '%') {
$bindvars[] = substr($v, 0, strlen($v) - 1) . '%';
} else {
$bindvars[] = '%' . $v . '%';
}
}
$mid .= ')';
} elseif (is_null($ev) && is_null($fv)) {
// test null value
$mid .= " AND ttif{$i}.`value`=? OR ttif{$i}.`value` IS NULL";
$bindvars[] = '';
}
}
} else {
if (strpos($sort_mode, '_') !== false) {
list($csort_mode, $corder) = preg_split('/_/', $sort_mode);
} else {
$csort_mode = $sort_mode;
$corder = 'asc';
}
$csort_mode = "`" . $csort_mode . "`";
if ($csort_mode == '`itemId`') {
$csort_mode = 'tti.`itemId`';
}
$sort_tables = '';
$cat_tables = '';
}
$categlib = TikiLib::lib('categ');
if ($jail = $categlib->get_jail()) {
$categlib->getSqlJoin($jail, 'trackeritem', 'tti.`itemId`', $join, $mid, $bindvars);
}
$base_tables = '(' . ' `tiki_tracker_items` tti' . ' INNER JOIN `tiki_tracker_item_fields` ttif ON tti.`itemId` = ttif.`itemId`' . ' INNER JOIN `tiki_tracker_fields` ttf ON ttf.`fieldId` = ttif.`fieldId`' . ')' . $join;
$fieldIds = array();
foreach ($listfields as $k => $f) {
if (isset($f['fieldId'])) {
$fieldIds[] = $f['fieldId'];
} else {
$fieldIds[] = $k;
// sometimes filterfields are provided with the fieldId only on the array keys
}
}
if (!empty($filterfield)) {
// fix: could be that there is just one field. in this case it might be a scalar,
// not an array due to not handle $filterfield proper somewhere else in the code
if (!is_array($filterfield)) {
$filterfield = array($filterfield);
}
foreach ($filterfield as $f) {
if (!in_array($f, $fieldIds)) {
$fieldIds[] = $f;
}
}
}
if (!empty($fieldIds)) {
$mid .= ' AND ' . $this->in('ttif.fieldId', $fieldIds, $bindvars);
}
if ($csort_mode == '`created`') {
$csort_mode = 'tti.created';
}
$query = 'SELECT tti.*' . ', ' . ($numsort ? "cast(max({$csort_mode}) as decimal)" : "max({$csort_mode})") . ' as `sortvalue`' . ' FROM ' . $base_tables . $sort_tables . $cat_table . $mid . ' GROUP BY tti.`itemId`' . ' ORDER BY ' . $this->convertSortMode('sortvalue_' . $corder);
if ($numsort) {
$query .= ',' . $this->convertSortMode($csort_mode);
}
//echo htmlentities($query); print_r($bindvars);
$query_cant = 'SELECT count(DISTINCT ttif.`itemId`) FROM ' . $base_tables . $sort_tables . $cat_table . $mid;
// save the result
$ret = array();
// Start loop to get the required number of items if permissions / filters are in use.
// The problem: If $maxItems and $offset are given,
// but the sql query returns items the user has no permissions or the filter criteria does not match,
// then only a subset of what is available would be returned.
// Due to performance issues with trackers having more than 5k items, we make it optional
// $exactPaging true : slow on large tracker, check each item for permission and filtering
// false: pass offset directly to sql, could lead to wrong pagination if perms / filter are used on items
// Need to get this into tracker setup, so one can decide for each tracker how $exactPaging should work.
// $definition = Tracker_Definition::get($trackerId);
// default is old behaviour as of tiki14 - get offset directly from sql without taking permissions or filter into account.
$exactPaging = false;
// defaults for $exactPaging == false
// original requested number of items
$maxRecordsRequested = $maxRecords;
// original page (from pagination)
$offsetRequested = $offset;
// offset calculated on $offsetRequested
$currentOffset = 0;
// set to true when we have enough records or no records left.
$finished = false;
// used internaly - one time query that returns the total number of records without taking into account filter or permissions
$cant = $this->getOne($query_cant, $bindvars);
// $cant will be modified bc its used otherwise. so save the totalCount value
$totalCount = $cant;
// total number of records read so far
$currentCount = 0;
// number of records in the result set
$resultCount = 0;
// settings for $exactPaging == true
if ($exactPaging == true) {
// outer loop - grab more records bc it might be we must filter out records.
// 300 seems to be ok, bc paganination offers this as well as the size of the resultset
// NOTE: This value is important with respect to memory usage and performance - especially when lots of items (like 10k+) are in use.
$maxRecords = 300;
// offset used for sql query
$offset = 0;
}
while (!$finished) {
$ret1 = $this->fetchAll($query, $bindvars, $maxRecords, $offset);
// add. security - should not be necessary bc of check at the end. no records left - end outer loop
if (count($ret1) == 0) {
$finished = true;
}
foreach ($ret1 as $res) {
$mem = TikiLib::lib('tiki')->get_memory_avail();
if ($mem < 1048576 * 10) {
// Less than 10MB left?
// post an error even though it doesn't get displayed when using export as the output goes into the output file
TikiLib::lib('errorreport')->report(tr('Tracker list_items ran out of memory after %0 items.', count($ret)));
break;
}
$res['itemUser'] = '';
if ($listfields !== null) {
$res['field_values'] = $this->get_item_fields($trackerId, $res['itemId'], $listfields, $res['itemUser']);
}
if (!$skip_permission_check) {
$itemObject = Tracker_Item::fromInfo($res);
if (!$itemObject->canView()) {
$cant--;
// skipped record bc of permissions - need to count for outer loop
$currentCount++;
continue;
}
}
if (!empty($asort_mode)) {
foreach ($res['field_values'] as $i => $field) {
if ($field['fieldId'] == $asort_mode) {
$kx = $field['value'] . '.' . $res['itemId'];
}
}
}
if (isset($linkfilter) && $linkfilter) {
$filterout = false;
// NOTE: This implies filterfield if is link field has to be in fields set
foreach ($res['field_values'] as $i => $field) {
foreach ($linkfilter as $lf) {
if ($field['fieldId'] == $lf["filterfield"]) {
// extra comma at the front and back of filtervalue to avoid ambiguity in partial match
if ($lf["filtervalue"] && strpos(',' . implode(',', $field['items']) . ',', $lf["filtervalue"]) === false) {
$filterout = true;
break 2;
} elseif ($lf["exactvalue"] && !in_array($lf['exactvalue'], $field['items'])) {
$filterout = true;
break 2;
}
}
}
}
if ($filterout) {
$cant--;
// skipped record bc of filter criteria - need to count for outer loop
$currentCount++;
continue;
}
}
$res['geolocation'] = TikiLib::lib('geo')->get_coordinates('trackeritem', $res['itemId']);
// have a field, adjust counter and check if we have enough items
$currentCount++;
$currentOffset++;
// field is stored in $res. See wether we can add it to the resultset, based on the requested offset
// if clause logic mainly for $exactPaging == true
if ($currentOffset > $offsetRequested || $exactPaging == false) {
$resultCount++;
if (empty($kx)) {
// ex: if the sort field is non visible, $kx is null
$ret[] = $res;
} else {
$ret[$kx] = $res;
}
}
// logic for $exactPaging == true. enough items - need to leave the foreach loop
if ($resultCount == $maxRecordsRequested) {
$finished = true;
break;
}
}
// foreach
// foreach loop done - depending on $exactPaging we finish or might need to go ahead
if ($exactPaging == false) {
$finished = true;
}
// are items left? - this part is only relevant when $exactPaging == true
if ($currentCount == $totalCount) {
$finished = true;
} else {
$offset += $maxRecords;
}
}
// while
// End loop to get the required number of items if permissions / filters are in use
$retval = array();
$retval['data'] = array_values($ret);
$retval['cant'] = $cant;
return $retval;
}
function action_remove_item($input)
{
$processedFields = array();
$trackerId = $input->trackerId->int();
$definition = Tracker_Definition::get($trackerId);
if (!$definition) {
throw new Services_Exception_NotFound();
}
if (!($itemId = $input->itemId->int())) {
throw new Services_Exception_MissingValue('itemId');
}
$itemInfo = TikiLib::lib('trk')->get_tracker_item($itemId);
if (!$itemInfo || $itemInfo['trackerId'] != $trackerId) {
throw new Services_Exception_NotFound();
}
$itemObject = Tracker_Item::fromInfo($itemInfo);
if (!$itemObject->canRemove()) {
throw new Services_Exception(tr('Permission denied.'), 403);
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->utilities->removeItem($itemId);
TikiLib::lib('unifiedsearch')->processUpdateQueue();
}
return array('trackerId' => $trackerId, 'itemId' => $itemId);
}
public function list_items($trackerId, $offset = 0, $maxRecords = -1, $sort_mode = '', $listfields = '', $filterfield = '', $filtervalue = '', $status = '', $initial = '', $exactvalue = '', $filter = '', $allfields = null, $skip_status_perm_check = false, $skip_permission_check = false)
{
//echo '<pre>FILTERFIELD:'; print_r($filterfield); echo '<br />FILTERVALUE:';print_r($filtervalue); echo '<br />EXACTVALUE:'; print_r($exactvalue); echo '<br />STATUS:'; print_r($status); echo '<br />FILTER:'; print_r($filter); /*echo '<br />LISTFIELDS'; print_r($listfields);*/ echo '</pre>';
global $prefs;
$cat_table = '';
$sort_tables = '';
$sort_join_clauses = '';
$csort_mode = '';
$corder = '';
$trackerId = (int) $trackerId;
$numsort = false;
$mid = ' WHERE tti.`trackerId` = ? ';
$bindvars = array($trackerId);
$join = '';
if (!empty($filter)) {
$mid2 = array();
$this->parse_filter($filter, $mid2, $bindvars);
if (!empty($mid2)) {
$mid .= ' AND ' . implode(' AND ', $mid2);
}
}
if (!$this->getSqlStatus($status, $mid, $bindvars, $trackerId) && !$skip_status_perm_check && $status) {
return array('cant' => 0, 'data' => '');
}
if (substr($sort_mode, 0, 2) == 'f_') {
list($a, $asort_mode, $corder) = preg_split('/_/', $sort_mode);
}
if ($initial) {
$mid .= ' AND ttif.`value` LIKE ?';
$bindvars[] = $initial . '%';
if (isset($asort_mode)) {
$mid .= ' AND ttif.`fieldId` = ?';
$bindvars[] = $asort_mode;
}
}
if (!$sort_mode) {
$sort_mode = 'lastModif_desc';
}
if (substr($sort_mode, 0, 2) == 'f_' or !empty($filterfield)) {
$cat_table = '';
if (substr($sort_mode, 0, 2) == 'f_') {
$csort_mode = 'sttif.`value` ';
$sort_tables = ' LEFT JOIN (`tiki_tracker_item_fields` sttif)' . ' ON (tti.`itemId` = sttif.`itemId`' . (!empty($asort_mode) ? " AND sttif.`fieldId` = {$asort_mode}" : '') . ')';
// Do we need a numerical sort on the field ?
$field = $this->get_tracker_field($asort_mode);
switch ($field['type']) {
case 'C':
case '*':
case 'q':
case 'n':
$numsort = true;
break;
case 'l':
// Do nothing, value is dynamic and thus cannot be sorted on
$csort_mode = 1;
$csort_tables = '';
break;
case 'r':
$link_field = intval($field['fieldId']);
$remote_field = intval($field['options_array'][1]);
$sort_tables = '
LEFT JOIN `tiki_tracker_item_fields` itemlink ON tti.itemId = itemlink.itemId AND itemlink.fieldId = ' . $link_field . '
LEFT JOIN `tiki_tracker_item_fields` sttif ON itemlink.value = sttif.itemId AND sttif.fieldId = ' . $remote_field . '
';
break;
case 's':
// if ($field['name'] == 'Rating' || $field['name'] == tra('Rating')) { // No need to have that string, isn't it? Admins can replace for a more suited string in their use case
$numsort = true;
// }
break;
}
} else {
list($csort_mode, $corder) = preg_split('/_/', $sort_mode);
$csort_mode = 'tti.`' . $csort_mode . '` ';
}
if (empty($filterfield)) {
$nb_filtered_fields = 0;
} elseif (!is_array($filterfield)) {
$fv = $filtervalue;
$ev = $exactvalue;
$ff = (int) $filterfield;
$nb_filtered_fields = 1;
} else {
$nb_filtered_fields = count($filterfield);
}
$last = 0;
for ($i = 0; $i < $nb_filtered_fields; $i++) {
if (is_array($filterfield)) {
//multiple filter on an exact value or a like value - each value can be simple or an array
$ff = (int) $filterfield[$i];
$ev = !empty($exactvalue[$i]) ? $exactvalue[$i] : '';
$fv = !empty($filtervalue[$i]) ? $filtervalue[$i] : '';
}
$filter = $this->get_tracker_field($ff);
// Determine if field is an item list field and postpone filtering till later if so
if ($filter["type"] == 'l' && isset($filter['options_array'][2]) && isset($filter['options_array'][2]) && isset($filter['options_array'][3])) {
$linkfilter[] = array('filterfield' => $ff, 'exactvalue' => $ev, 'filtervalue' => $fv);
continue;
}
$j = $last > 0 ? '0' : '';
$cat_table .= " INNER JOIN `tiki_tracker_item_fields` ttif{$i} ON (ttif{$i}.`itemId` = ttif{$j}.`itemId`)";
$last++;
if (isset($ff['sqlsearch']) && is_array($ff['sqlsearch'])) {
$mid .= " AND ttif{$i}.`fieldId` in (" . implode(',', array_fill(0, count($ff['sqlsearch']), '?')) . ')';
$bindvars = array_merge($bindvars, $ff['sqlsearch']);
} elseif ($ff) {
$mid .= " AND ttif{$i}.`fieldId`=? ";
$bindvars[] = $ff;
}
if ($filter['type'] == 'e' && $prefs['feature_categories'] == 'y' && (!empty($ev) || !empty($fv))) {
//category
$value = empty($fv) ? $ev : $fv;
if (!is_array($value) && $value != '') {
$value = array($value);
$not = '';
} elseif (is_array($value) && array_key_exists('not', $value)) {
$value = array($value['not']);
$not = 'not';
}
if (empty($not)) {
$cat_table .= " INNER JOIN `tiki_objects` tob{$ff} ON (tob{$ff}.`itemId` = tti.`itemId`)" . " INNER JOIN `tiki_category_objects` tco{$ff} ON (tob{$ff}.`objectId` = tco{$ff}.`catObjectId`)";
$mid .= " AND tob{$ff}.`type` = 'trackeritem' AND tco{$ff}.`categId` IN ( ";
} else {
$cat_table .= " left JOIN `tiki_objects` tob{$ff} ON (tob{$ff}.`itemId` = tti.`itemId`)" . " left JOIN `tiki_category_objects` tco{$ff} ON (tob{$ff}.`objectId` = tco{$ff}.`catObjectId`)";
$mid .= " AND tob{$ff}.`type` = 'trackeritem' AND tco{$ff}.`categId` NOT IN ( ";
}
$first = true;
foreach ($value as $k => $catId) {
if (is_array($catId)) {
// this is a grouped AND logic for optimization indicated by the value being array
$innerfirst = true;
foreach ($catId as $c) {
if (is_array($c)) {
$innerfirst = true;
foreach ($c as $d) {
$bindvars[] = $d;
if ($innerfirst) {
$innerfirst = false;
} else {
$mid .= ',';
}
$mid .= '?';
}
} else {
$bindvars[] = $c;
$mid .= '?';
}
}
if ($k < count($value) - 1) {
$mid .= " ) AND ";
if (empty($not)) {
$ff2 = $ff . '_' . $k;
$cat_table .= " INNER JOIN `tiki_category_objects` tco{$ff2} ON (tob{$ff}.`objectId` = tco{$ff2}.`catObjectId`)";
$mid .= "tco{$ff2}.`categId` IN ( ";
} else {
$ff2 = $ff . '_' . $k;
$cat_table .= " left JOIN `tiki_category_objects` tco{$ff2} ON (tob{$ff}.`objectId` = tco{$ff2}.`catObjectId`)";
$mid .= "tco{$ff2}.`categId` NOT IN ( ";
}
}
} else {
$bindvars[] = $catId;
if ($first) {
$first = false;
} else {
$mid .= ',';
}
$mid .= '?';
}
}
$mid .= " ) ";
if (!empty($not)) {
$mid .= " OR tco{$ff}.`categId` IS NULL ";
}
} elseif ($filter['type'] == 'usergroups') {
$definition = Tracker_Definition::get($trackerId);
$userFieldId = $definition->getUserField();
$cat_table .= " INNER JOIN `tiki_tracker_item_fields` ttifu ON (tti.`itemId`=ttifu.`itemId`) INNER JOIN `users_users` uu ON (ttifu.`value`=uu.`login`) INNER JOIN `users_usergroups` uug ON (uug.`userId`=uu.`userId`)";
$mid .= ' AND ttifu.`fieldId`=? AND uug.`groupName`=? ';
$bindvars[] = $userFieldId;
$bindvars[] = empty($ev) ? $fv : $ev;
} elseif ($filter['type'] == '*') {
// star
$mid .= " AND ttif{$i}.`value`*1>=? ";
$bindvars[] = $ev;
if (($j = array_search($ev, $filter['options_array'])) !== false && $j + 1 < count($filter['options_array'])) {
$mid .= " AND ttif{$i}.`value`*1<? ";
$bindvars[] = $filter['options_array'][$j + 1];
}
} elseif ($filter['type'] == 'r' && ($fv || $ev)) {
$cv = $fv ? $fv : $ev;
if (is_numeric($cv)) {
$mid .= " AND ttif{$i}.`value` = ? ";
$bindvars[] = $cv;
} else {
$cat_table .= " INNER JOIN tiki_tracker_item_fields ttif{$i}_remote ON ttif{$i}.`value` = ttif{$i}_remote.`itemId` AND ttif{$i}_remote.`fieldId` = " . intval($filter['options_array'][1]) . ' ';
$mid .= " AND ttif{$i}_remote.`value` LIKE ? ";
$bindvars[] = $ev ? $ev : "%{$fv}%";
}
} elseif ($ev > '') {
if (is_array($ev)) {
$keys = array_keys($ev);
if (in_array((string) $keys[0], array('<', '>'))) {
$mid .= " AND ttif{$i}.`value`" . $keys[0] . "? + 0";
$bindvars[] = $ev[$keys[0]];
} elseif (in_array((string) $keys[0], array('<=', '>='))) {
$mid .= " AND (ttif{$i}.`value`" . $keys[0] . "? + 0 OR ttif{$i}.`value` = ?)";
$bindvars[] = $ev[$keys[0]];
$bindvars[] = $ev[$keys[0]];
} elseif ($keys[0] === 'not') {
$mid .= " AND ttif{$i}.`value` not in (" . implode(',', array_fill(0, count($ev), '?')) . ")";
$bindvars = array_merge($bindvars, array_values($ev));
} else {
$mid .= " AND ttif{$i}.`value` in (" . implode(',', array_fill(0, count($ev), '?')) . ")";
$bindvars = array_merge($bindvars, array_values($ev));
}
} elseif (isset($ff['sqlsearch']) && is_array($ff['sqlsearch'])) {
$mid .= " AND MATCH(ttif{$i}.`value`) AGAINST(? IN BOOLEAN MODE)";
$bindvars[] = $ev;
} else {
$mid .= " AND ttif{$i}.`value`=? ";
$bindvars[] = $ev == '' ? $fv : $ev;
}
} elseif ($fv > '') {
if (!is_array($fv)) {
$value = array($fv);
} else {
$value = $fv;
}
$mid .= ' AND(';
$cpt = 0;
foreach ($value as $v) {
if ($cpt++) {
$mid .= ' OR ';
}
$mid .= " upper(ttif{$i}.`value`) like upper(?) ";
if (substr($v, 0, 1) == '*' || substr($v, 0, 1) == '%') {
$bindvars[] = '%' . substr($v, 1);
} elseif (substr($v, -1, 1) == '*' || substr($v, -1, 1) == '%') {
$bindvars[] = substr($v, 0, strlen($v) - 1) . '%';
} else {
$bindvars[] = '%' . $v . '%';
}
}
$mid .= ')';
} elseif (is_null($ev) && is_null($fv)) {
// test null value
$mid .= " AND ttif{$i}.`value`=? OR ttif{$i}.`value` IS NULL";
$bindvars[] = '';
}
}
} else {
if (strpos($sort_mode, '_') !== false) {
list($csort_mode, $corder) = preg_split('/_/', $sort_mode);
} else {
$csort_mode = $sort_mode;
$corder = 'asc';
}
$csort_mode = "`" . $csort_mode . "`";
if ($csort_mode == '`itemId`') {
$csort_mode = 'tti.`itemId`';
}
$sort_tables = '';
$cat_tables = '';
}
$categlib = TikiLib::lib('categ');
if ($jail = $categlib->get_jail()) {
$categlib->getSqlJoin($jail, 'trackeritem', 'tti.`itemId`', $join, $mid, $bindvars);
}
$base_tables = '(' . ' `tiki_tracker_items` tti' . ' INNER JOIN `tiki_tracker_item_fields` ttif ON tti.`itemId` = ttif.`itemId`' . ' INNER JOIN `tiki_tracker_fields` ttf ON ttf.`fieldId` = ttif.`fieldId`' . ')' . $join;
$fieldIds = array();
foreach ($listfields as $k => $f) {
if (isset($f['fieldId'])) {
$fieldIds[] = $f['fieldId'];
} else {
$fieldIds[] = $k;
// sometimes filterfields are provided with the fieldId only on the array keys
}
}
if (!empty($filterfield)) {
foreach ($filterfield as $f) {
if (!in_array($f, $fieldIds)) {
$fieldIds[] = $f;
}
}
}
if (!empty($fieldIds)) {
$mid .= ' AND ' . $this->in('ttif.fieldId', $fieldIds, $bindvars);
}
if ($csort_mode == '`created`') {
$csort_mode = 'tti.created';
}
$query = 'SELECT tti.*, ttif.`value`, ttf.`type`' . ', ' . ($numsort ? "cast({$csort_mode} as decimal)" : $csort_mode) . ' as `sortvalue`' . ' FROM ' . $base_tables . $sort_tables . $cat_table . $mid . ' GROUP BY tti.`itemId`' . ' ORDER BY ' . $this->convertSortMode('sortvalue_' . $corder);
if ($numsort) {
$query .= ',' . $this->convertSortMode($csort_mode);
}
//echo htmlentities($query); print_r($bindvars);
$query_cant = 'SELECT count(DISTINCT ttif.`itemId`) FROM ' . $base_tables . $sort_tables . $cat_table . $mid;
$ret1 = $this->fetchAll($query, $bindvars, $maxRecords, $offset);
$cant = $this->getOne($query_cant, $bindvars);
$type = '';
$ret = array();
foreach ($ret1 as $res) {
$mem = TikiLib::lib('tiki')->get_memory_avail();
if ($mem < 1048576 * 10) {
// Less than 10MB left?
// post an error even though it doesn't get displayed when using export as the output goes into the output file
TikiLib::lib('errorreport')->report(tr('Tracker list_items ran out of memory after %0 items.', count($ret)));
break;
}
$res['itemUser'] = '';
if ($listfields !== null) {
$res['field_values'] = $this->get_item_fields($trackerId, $res['itemId'], $listfields, $res['itemUser']);
}
if (!$skip_permission_check) {
$itemObject = Tracker_Item::fromInfo($res);
if (!$itemObject->canView()) {
$cant--;
continue;
}
}
if (!empty($asort_mode)) {
foreach ($res['field_values'] as $i => $field) {
if ($field['fieldId'] == $asort_mode) {
$kx = $field['value'] . '.' . $res['itemId'];
}
}
}
if (isset($linkfilter) && $linkfilter) {
$filterout = false;
// NOTE: This implies filterfield if is link field has to be in fields set
foreach ($res['field_values'] as $i => $field) {
foreach ($linkfilter as $lf) {
if ($field['fieldId'] == $lf["filterfield"]) {
// extra comma at the front and back of filtervalue to avoid ambiguity in partial match
if ($lf["filtervalue"] && strpos(',' . implode(',', $field['items']) . ',', $lf["filtervalue"]) === false) {
$filterout = true;
break 2;
} elseif ($lf["exactvalue"] && !in_array($lf['exactvalue'], $field['items'])) {
$filterout = true;
break 2;
}
}
}
}
if ($filterout) {
$cant--;
continue;
}
}
$res['geolocation'] = TikiLib::lib('geo')->get_coordinates('trackeritem', $res['itemId']);
if (empty($kx)) {
// ex: if the sort field is non visible, $kx is null
$ret[] = $res;
} else {
$ret[$kx] = $res;
}
}
$retval = array();
$retval['data'] = array_values($ret);
$retval['cant'] = $cant;
return $retval;
}
private function isLink($context = array())
{
$type = $this->getConfiguration('type');
if ($type == 'x') {
return false;
}
if ($this->getConfiguration('showlinks', 'y') == 'n') {
return false;
}
if (isset($context['showlinks']) && $context['showlinks'] == 'n') {
return false;
}
if (isset($context['list_mode']) && $context['list_mode'] == 'csv') {
return false;
}
$itemId = $this->getItemId();
if (empty($itemId)) {
return false;
}
$itemObject = Tracker_Item::fromInfo($this->itemData);
$status = $this->getData('status');
if ($this->getConfiguration('isMain', 'n') == 'y' && ($itemObject->canView() || $itemObject->getPerm('comment_tracker_items'))) {
return (bool) $this->getItemId();
}
return false;
}
function action_remove_item($input)
{
$trackerId = $input->trackerId->int();
$definition = Tracker_Definition::get($trackerId);
if (!$definition) {
throw new Services_Exception_NotFound();
}
if (!($itemId = $input->itemId->int())) {
throw new Services_Exception_MissingValue('itemId');
}
$itemInfo = TikiLib::lib('trk')->get_tracker_item($itemId);
if (!$itemInfo || $itemInfo['trackerId'] != $trackerId) {
throw new Services_Exception_NotFound();
}
$itemObject = Tracker_Item::fromInfo($itemInfo);
if (!$itemObject->canRemove()) {
throw new Services_Exception_Denied();
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$trklib = TikiLib::lib('trk');
foreach ($trklib->get_child_items($itemId) as $info) {
$childItem = Tracker_Item::fromId($info['itemId']);
if ($childItem->canRemove()) {
$data = $childItem->getData();
$childDefinition = $childItem->getDefinition();
// handle specific deleting actions
foreach ($childDefinition->getFields() as $field) {
$handler = $childDefinition->getFieldFactory()->getHandler($field, $data);
if (method_exists($handler, 'handleDelete')) {
$handler->handleDelete();
}
}
$this->utilities->removeItem($info['itemId']);
}
}
foreach ($definition->getFields() as $field) {
$itemData = $itemObject->getData();
$handler = $definition->getFieldFactory()->getHandler($field, $itemData);
if (method_exists($handler, 'handleDelete')) {
$handler->handleDelete();
}
}
$this->utilities->removeItem($itemId);
TikiLib::lib('unifiedsearch')->processUpdateQueue();
}
return array('trackerId' => $trackerId, 'itemId' => $itemId);
}
function renderOutput($context = array())
{
global $prefs;
global $mimetypes;
include 'lib/mime/mimetypes.php';
$galleryId = (int) $this->getOption('galleryId');
if (!isset($context['list_mode'])) {
$context['list_mode'] = 'n';
}
$value = $this->getValue();
if ($context['list_mode'] === 'csv') {
return $value;
}
$ret = '';
if (!empty($value)) {
if ($this->getOption('displayMode')) {
// images etc
$params = array('fileId' => $value);
if ($context['list_mode'] === 'y') {
$otherParams = $this->getOption('displayParamsForLists');
} else {
$otherParams = $this->getOption('displayParams');
}
if ($otherParams) {
parse_str($otherParams, $otherParams);
$params = array_merge($params, $otherParams);
}
$params['fromFieldId'] = $this->getConfiguration('fieldId');
$params['fromItemId'] = $this->getItemId();
$item = Tracker_Item::fromInfo($this->getItemData());
$params['checkItemPerms'] = $item->canModify() ? 'n' : 'y';
if ($this->getOption('displayMode') == 'img') {
// img
if ($context['list_mode'] === 'y') {
$params['thumb'] = $context['list_mode'];
$params['rel'] = 'box[' . $this->getInsertId() . ']';
}
include_once 'lib/wiki-plugins/wikiplugin_img.php';
$ret = wikiplugin_img('', $params);
} else {
if ($this->getOption('displayMode') == 'vimeo') {
// Vimeo videos stored as filegal REMOTEs
include_once 'lib/wiki-plugins/wikiplugin_vimeo.php';
$ret = wikiplugin_vimeo('', $params);
} else {
if ($this->getOption('displayMode') == 'moodlescorm') {
include_once 'lib/wiki-plugins/wikiplugin_playscorm.php';
foreach ($this->getConfiguration('files') as $fileId => $file) {
$params['fileId'] = $fileId;
$ret .= wikiplugin_playscorm('', $params);
}
} else {
if ($this->getOption('displayMode') == 'googleviewer') {
if ($prefs['auth_token_access'] != 'y') {
$ret = tra('Token access needs to be enabled for Google viewer to be used');
} else {
$files = array();
foreach ($this->getConfiguration('files') as $fileId => $file) {
global $base_url, $tikiroot, $https_mode;
if ($https_mode) {
$scheme = 'https';
} else {
$scheme = 'http';
}
$googleurl = $scheme . "://docs.google.com/viewer?url=";
$fileurl = urlencode($base_url . "tiki-download_file.php?fileId=" . $fileId);
require_once 'lib/auth/tokens.php';
$tokenlib = AuthTokens::build($prefs);
$token = $tokenlib->createToken($tikiroot . "tiki-download_file.php", array('fileId' => $fileId), array('Registered'), array('timeout' => 300, 'hits' => 3));
$fileurl .= urlencode("&TOKEN=" . $token);
$url = $googleurl . $fileurl . '&embedded=true';
$title = $file['name'];
$files[] = array('url' => $url, 'title' => $title, 'id' => $fileId);
}
$smarty = TikiLib::lib('smarty');
$smarty->assign('files', $files);
$ret = $smarty->fetch('trackeroutput/files_googleviewer.tpl');
}
}
}
}
}
$ret = preg_replace('/~\\/?np~/', '', $ret);
} else {
$smarty = TikiLib::lib('smarty');
$smarty->loadPlugin('smarty_function_object_link');
$ret = '<ol class="tracker-item-files">';
foreach ($this->getConfiguration('files') as $fileId => $file) {
$ret .= '<li>';
$ret .= smarty_function_object_link(array('type' => 'file', 'id' => $fileId, 'title' => $file['name']), $smarty);
$globalperms = Perms::get(array('type' => 'file gallery', 'object' => $galleryId));
if ($prefs['feature_draw'] == 'y' && $globalperms->upload_files == 'y' && ($file['filetype'] == $mimetypes["svg"] || $file['filetype'] == $mimetypes["gif"] || $file['filetype'] == $mimetypes["jpg"] || $file['filetype'] == $mimetypes["png"] || $file['filetype'] == $mimetypes["tiff"])) {
$ret .= " <a href='tiki-edit_draw.php?fileId=" . $file['fileId'] . "' onclick='return \$(this).ajaxEditDraw();' title='Edit: " . $file['name'] . "' data-fileid='" . $file['fileId'] . "' data-galleryid='" . $galleryId . "'>\n\t\t\t\t\t\t\t<img width='16' height='16' class='icon' alt='Edit' src='img/icons/page_edit.png' />\n\t\t\t\t\t\t</a>";
}
$ret .= '</li>';
}
$ret .= '</ol>';
}
}
return $ret;
}
function action_update_item_status($input)
{
if ($input->status->word() == 'DONE') {
return array('status' => 'DONE', 'redirect' => $input->redirect->word());
}
$trackerId = $input->trackerId->int();
$definition = Tracker_Definition::get($trackerId);
if (!$definition) {
throw new Services_Exception_NotFound();
}
if (!($itemId = $input->itemId->int())) {
throw new Services_Exception_MissingValue('itemId');
}
$itemInfo = TikiLib::lib('trk')->get_tracker_item($itemId);
if (!$itemInfo || $itemInfo['trackerId'] != $trackerId) {
throw new Services_Exception_NotFound();
}
if (empty($input->item_label->text())) {
$item_label = "item";
} else {
$item_label = $input->item_label->text();
}
if (empty($input->title->text())) {
$title = "Change item status";
} else {
$title = $input->title->text();
}
if (empty($input->button_label->text())) {
$button_label = "Update " . $item_label;
} else {
$button_label = $input->button_label->text();
}
$itemObject = Tracker_Item::fromInfo($itemInfo);
if (!$itemObject->canModify()) {
throw new Services_Exception_Denied();
}
if ($input->confirm->int()) {
$result = $this->utilities->updateItem($definition, array('itemId' => $itemId, 'trackerId' => $trackerId, 'status' => $input->status->text()));
return array('FORWARD' => array('controller' => 'tracker', 'action' => 'update_item_status', 'status' => 'DONE', 'redirect' => $input->redirect->text()));
} else {
return array('trackerId' => $trackerId, 'itemId' => $itemId, 'item_label' => $item_label, 'status' => $input->status->text(), 'redirect' => $input->redirect->text(), 'confirmation_message' => $input->confirmation_message->text(), 'title' => $title, 'button_label' => $button_label);
}
if (false === $result) {
throw new Services_Exception(tr('Validation error'), 406);
}
}
function wikiplugin_trackeritemfield($data, $params)
{
global $userTracker, $group, $user, $userlib, $tiki_p_admin_trackers, $prefs, $smarty, $tikilib;
global $trklib;
include_once 'lib/trackers/trackerlib.php';
static $memoItemId = 0;
static $memoTrackerId = 0;
static $memoStatus = 0;
static $memoUserTracker = false;
static $memoItemObject = null;
extract($params, EXTR_SKIP);
if (empty($itemId) && !empty($_REQUEST['itemId'])) {
if (!empty($trackerId)) {
$info = $trklib->get_item_info($_REQUEST['itemId']);
if (!empty($info) && $info['trackerId'] == $trackerId) {
$itemId = $_REQUEST['itemId'];
}
} else {
$itemId = $_REQUEST['itemId'];
}
}
if (empty($itemId) && !empty($trackerId) && ($tracker_info = $trklib->get_tracker($trackerId))) {
if ($t = $trklib->get_tracker_options($trackerId)) {
$tracker_info = array_merge($tracker_info, $t);
}
$itemId = $trklib->get_user_item($trackerId, $tracker_info);
}
if (!empty($itemId) && $memoItemId == $itemId || empty($itemId) && !empty($memoItemId)) {
$itemId = $memoItemId;
if (empty($memoTrackerId)) {
return tra('Incorrect param');
}
$trackerId = $memoTrackerId;
$itemObject = $memoItemObject;
} else {
if (!empty($trackerId) && !empty($_REQUEST['view_user'])) {
$itemId = $trklib->get_user_item($trackerId, $tracker_info, $_REQUEST['view_user']);
}
if (empty($trackerId) && empty($itemId) && (isset($userTracker) && $userTracker == 'y' || isset($prefs) && $prefs['userTracker'] == 'y') && !empty($group) && ($utid = $userlib->get_tracker_usergroup($user)) && $utid['usersTrackerId']) {
$trackerId = $utid['usersTrackerId'];
$itemId = $trklib->get_item_id($trackerId, $utid['usersFieldId'], $user);
} else {
if (empty($trackerId) && !empty($itemId)) {
$item = $trklib->get_tracker_item($itemId);
$trackerId = $item['trackerId'];
}
}
if (empty($itemId) && empty($test) && empty($status)) {
// need an item
return tra('Incorrect param') . ': itemId';
}
if (!empty($status) && !$trklib->valid_status($status)) {
return tra('Incorrect param') . ': status';
}
$info = $trklib->get_tracker_item($itemId);
if (!empty($info) && empty($trackerId)) {
$trackerId = $info['trackerId'];
}
$itemObject = Tracker_Item::fromInfo($info);
if (!$itemObject->canView()) {
return WikiParser_PluginOutput::error(tr('Permission denied'), tr('You are not allowed to view this item.'));
}
$memoStatus = $info['status'];
$memoItemId = $itemId;
$memoTrackerId = $info['trackerId'];
$memoItemObject = $itemObject;
if (isset($_REQUEST['itemId']) && $_REQUEST['itemId'] != $itemId) {
global $logslib;
include_once 'lib/logs/logslib.php';
$logslib->add_action('Viewed', $itemId, 'trackeritem', $_SERVER['REQUEST_URI'] . '&trackeritemfield');
}
}
if (!isset($data)) {
$data = $dataelse = '';
} elseif (!empty($data) && strpos($data, '{ELSE}')) {
$dataelse = substr($data, strpos($data, '{ELSE}') + 6);
$data = substr($data, 0, strpos($data, '{ELSE}'));
} else {
$dataelse = '';
}
if (!empty($status)) {
if (!strstr($status, $memoStatus)) {
return $dataelse;
}
}
if (empty($itemId) && !empty($test)) {
return $dataelse;
} elseif (empty($itemId)) {
return tra('Incorrect param') . ': itemId';
} elseif (isset($fields)) {
$all_fields = $trklib->list_tracker_fields($trackerId, 0, -1);
$all_fields = $all_fields['data'];
if (!empty($fields)) {
foreach ($all_fields as $i => $fopt) {
if (!in_array($fopt['fieldId'], $fields)) {
unset($all_fields[$i]);
}
}
if (empty($all_fields)) {
return tra('Incorrect param');
}
}
$field_values = $trklib->get_item_fields($trackerId, $itemId, $all_fields, $itemUser);
foreach ($field_values as $field_value) {
if ($field_value['type'] == 'p' && $field_value['options_array'][0] == 'password' || $field_value['isHidden'] != 'n' && $field_value['isHidden'] != 'c') {
continue;
}
if (!$itemObject->canViewField($field_value['fieldId'])) {
continue;
}
if (empty($field_value['value'])) {
return $dataelse;
}
}
} elseif (!empty($fieldId)) {
if (!($field = $trklib->get_tracker_field($fieldId))) {
return tra('Incorrect param') . ': fieldId';
}
if (!$itemObject->canViewField($fieldId)) {
return WikiParser_PluginOutput::error(tr('Permission denied'), tr('You are not allowed to view this field.'));
}
if (empty($test)) {
$test = false;
}
if (($val = $trklib->get_item_value($trackerId, $itemId, $fieldId)) !== false) {
if ($test) {
if (!empty($value) && $val != $value) {
return $dataelse;
}
return $data;
} else {
$field['value'] = $val;
$handler = $trklib->get_field_handler($field, $info);
// gets the handler to blend back the value into the definitions array
$out = $handler->renderOutput(array('showlinks' => 'n'));
return $out;
}
} elseif ($test) {
// testing the value of a field that does not exist yet
return $dataelse;
}
}
return $data;
}
function wikiplugin_tracker($data, $params)
{
global $tikilib, $userlib, $user, $group, $page, $smarty, $prefs, $trklib, $captchalib;
$parserlib = TikiLib::lib('parser');
static $iTRACKER = 0;
++$iTRACKER;
if (isset($params['itemId']) && empty($params['itemId']))
return;
include_once('lib/trackers/trackerlib.php');
$default = array('overwrite' => 'n', 'embedded' => 'n', 'showtitle' => 'n', 'showdesc' => 'n', 'sort' => 'n', 'showmandatory'=>'y', 'status' => '', 'registration' => 'n', 'emailformat' => 'text');
$params = array_merge($default, $params);
$item = array();
extract($params, EXTR_SKIP);
if ($prefs['feature_trackers'] != 'y') {
return $smarty->fetch("wiki-plugins/error_tracker.tpl");
}
if (empty($trackerId) || !($tracker = $trklib->get_tracker($trackerId))) {
return $smarty->fetch("wiki-plugins/error_tracker.tpl");
}
if ($t = $trklib->get_tracker_options($trackerId)) {
$tracker = array_merge($tracker, $t);
}
if (empty($trackerId) && !empty($view) && $view == 'user' && $prefs['userTracker'] == 'y') { // the user tracker item
$utid = $userlib->get_tracker_usergroup($user);
if (!empty($utid) && !empty($utid['usersTrackerId'])) {
$itemId = $trklib->get_item_id($utid['usersTrackerId'], $utid['usersFieldId'], $user);
$trackerId = $utid['usersTrackerId'];
$usertracker = true;
}
} elseif (!empty($trackerId) && !empty($view) && $view == 'user') {// the user item of a tracker
$itemId = $trklib->get_user_item($trackerId, $tracker, null, null, strlen($status) == 1 ? $status : '');
$usertracker = true;
} elseif (!empty($trackerId) && !empty($view) && $view == 'page' && !empty($_REQUEST['page']) && (($f = $trklib->get_field_id_from_type($trackerId, 'k', '1%')) || ($f = $trklib->get_field_id_from_type($trackerId, 'k', '%,1%')) || ($f = $trklib->get_field_id_from_type($trackerId, 'k')))) {// the page item
$itemId = $trklib->get_item_id($trackerId, $f, $_REQUEST['page']);
} elseif (!empty($trackerId) && !empty($_REQUEST['view_user'])) {
$itemId = $trklib->get_user_item($trackerId, $tracker, $_REQUEST['view_user']);
} elseif (!empty($_REQUEST['itemId']) && (empty($ignoreRequestItemId) || $ignoreRequestItemId != 'y')) {
$itemId = $_REQUEST['itemId'];
$item = $trklib->get_tracker_item($itemId);
$trackerId = $item['trackerId'];
} elseif (!empty($view) && $view == 'group') {
$gtid = $userlib->get_grouptrackerid($group);
if (isset($gtid['groupTrackerId'])) {
$trackerId = $gtid['groupTrackerId'];
$itemId = $trklib->get_item_id($trackerId, $gtid['groupFieldId'], $group);
$grouptracker = true;
}
}
if (!isset($trackerId)) {
return $smarty->fetch("wiki-plugins/error_tracker.tpl");
}
if (!isset($action)) {
$action = array('Save');
}
if (!is_array($action)) {
$action = array( $action );
}
if (isset($preview)) {
if (empty($preview)) {
$preview = 'Preview';
}
} else {
unset($_REQUEST['tr_preview']);
}
if (isset($reset)) {
if (empty($reset)) {
$reset = 'reset';
}
} else {
unset($_REQUEST['tr_reset']);
}
$smarty->assign('showmandatory', empty($wiki) && empty($tpl)? 'n': $showmandatory);
if (!empty($wiki)) {
if (preg_match('/^wiki:(.+)$/', $wiki, $wiki_matches)) {
$wiki = $wiki_matches[1];
}
$wiki = trim($wiki);
}
if (!isset($params['formtag'])) {
$params['formtag'] = 'y';
}
$fields_prefix = 'ins_';
if (isset($values)) {
if (!is_array($values)) {
$values = $parserlib->quotesplit(':', $values);
foreach ($values as $i=>$v) {
$values[$i] = preg_replace('/^"(.*)"$/', '$1', $v);
}
}
}
if (isset($_REQUEST['values'])) {
if (is_array($_REQUEST['values'])) {
foreach ($_REQUEST['values'] as $i=>$k) {
$_REQUEST['values'][$i] = urldecode($k);
}
} else {
$_REQUEST['values'] = urldecode($_REQUEST['values']);
}
}
$perms = $tikilib->get_perm_object($trackerId, 'tracker', $tracker, false);
if (empty($_SERVER['SCRIPT_NAME']) || strpos($_SERVER['SCRIPT_NAME'], 'tiki-register.php') === false) {
if ($perms['tiki_p_create_tracker_items'] == 'n' && empty($itemId)) {
return '<b>'.tra("You do not have permission to insert an item").'</b>';
} elseif (!empty($itemId)) {
$item_info = $trklib->get_tracker_item($itemId);
if (empty($item_info)) {
return '<b>'.tra("Incorrect item").'</b>';
}
$itemObject = Tracker_Item::fromInfo($item_info);
if (! $itemObject->canModify()) {
return '<b>'.tra("You do not have permission to modify an item").'</b>';
}
}
}
if (!empty($itemId)) {
global $logslib; include_once('lib/logs/logslib.php');
$logslib->add_action('Viewed', $itemId, 'trackeritem', $_SERVER['REQUEST_URI']);
}
if (isset($_REQUEST['removeattach']) && $tracker['useAttachments'] == 'y') {
$owner = $trklib->get_item_attachment_owner($_REQUEST['removeattach']);
if ($perms['tiki_p_admin_trackers'] == 'y' || ($user && $user == $owner)) {
$trklib->remove_item_attachment($_REQUEST["removeattach"]);
unset($_REQUEST['removeattach']);
}
}
if (isset($_REQUEST['removeImage']) && !empty($_REQUEST['trackerId']) && !empty($_REQUEST['itemId']) && !empty($_REQUEST['fieldId']) && !empty($_REQUEST['fieldName'])) {
$img_field = array('data' => array());
$img_field['data'][] = array('fieldId' => $_REQUEST['fieldId'], 'type' => 'i', 'name' => $_REQUEST['fieldName'], 'value' => 'blank');
$trklib->replace_item($_REQUEST['trackerId'], $_REQUEST['itemId'], $img_field);
}
$back = '';
$thisIsThePlugin = isset($_REQUEST['iTRACKER']) && $_REQUEST['iTRACKER'] == $iTRACKER;
if (!isset($_REQUEST["ok"]) || $_REQUEST["ok"] == "n" || !$thisIsThePlugin || isset($_REQUEST['tr_preview'])) {
$field_errors = array('err_mandatory'=>array(), 'err_value'=>array());
global $notificationlib; include_once('lib/notifications/notificationlib.php');
$tracker = $trklib->get_tracker($trackerId);
$tracker = array_merge($tracker, $trklib->get_tracker_options($trackerId));
if ((!empty($tracker['start']) && $tikilib->now < $tracker['start']) || (!empty($tracker['end']) && $tikilib->now > $tracker['end']))
return;
$outf = array();
$auto_fieldId = array();
$hidden_fieldId = array();
if (!empty($fields) || !empty($wiki) || !empty($tpl)) {
if ($registration == 'y' && $prefs["user_register_prettytracker"] == 'y' && !empty($prefs["user_register_prettytracker_tpl"])) {
$smarty->assign('register_login', $smarty->fetch('register-login.tpl'));
$smarty->assign('register_email', $smarty->fetch('register-email.tpl'));
$smarty->assign('register_pass', $smarty->fetch('register-pass.tpl'));
$smarty->assign('register_pass2', $smarty->fetch('register-pass2.tpl'));
$smarty->assign('register_passcode', $smarty->fetch('register-passcode.tpl'));
$smarty->assign('register_groupchoice', $smarty->fetch('register-groupchoice.tpl'));
$smarty->assign('register_antibot', $smarty->fetch('antibot.tpl'));
$wiki = $prefs["user_register_prettytracker_tpl"];
}
if (!empty($wiki)) {
$outf = $trklib->get_pretty_fieldIds($wiki, 'wiki', $outputPretty);
} elseif (!empty($tpl)) {
$outf = $trklib->get_pretty_fieldIds($tpl, 'tpl', $outputPretty);
} elseif (!empty($fields)) {
$outf = preg_split('/ *: */', $fields);
}
if (!empty($_REQUEST['autosavefields'])) {
$autosavefields = explode(':', $_REQUEST['autosavefields']);
$autosavevalues = explode(':', $_REQUEST['autosavevalues']);
if (isset($params['autosavefields'])) {
$autosavefields = array_merge($autosavefields, $params['autosavefields']);
$autosavevalues = array_merge($autosavevalues, $params['autosavevalues']);
}
}
if (!empty($autosavefields)) {
$auto_fieldId = array_merge($auto_fieldId, $autosavefields);
}
if ($user) {
$hidden_fieldId[] = $trklib->get_field_id_from_type($trackerId, 'u', '1%'); // user owner
$hidden_fieldId[] = $trklib->get_field_id_from_type($trackerId, 'u', '2%'); // user modifier
$hidden_fieldId[] = $trklib->get_field_id_from_type($trackerId, 'g', '1%'); // owner group
$hidden_fieldId[] = $trklib->get_field_id_from_type($trackerId, 'g', '2%'); // owner modifier
}
$hidden_fieldId[] = $trklib->get_field_id_from_type($trackerId, 'I', '1%'); // IP auto-assign
$hidden_fieldId[] = $trklib->get_field_id_from_type($trackerId, 'k', '1%'); // page creator
$auto_fieldId[] = $trklib->get_field_id_from_type($trackerId, 'q'); // auto-increment
foreach ($auto_fieldId as $k => $v) {
if (empty($v) || in_array($v, $outf)) {
unset($auto_fieldId[$k]);
} else {
$outf[] = $v;
}
}
foreach ($hidden_fieldId as $k => $v) {
if (empty($v) || in_array($v, $outf)) {
unset($hidden_fieldId[$k]);
} else {
$outf[] = $v;
}
}
}
$definition = Tracker_Definition::get($trackerId);
$item_info = isset($item_info) ? $item_info : array();
$factory = $definition->getFieldFactory();
if (empty($item_info)) {
$itemObject = Tracker_Item::newItem($trackerId);
} elseif (! isset($itemObject)) {
$itemObject = Tracker_Item::fromInfo($item_info);
}
if (empty($outf)) {
$unfiltered = array('data' => $definition->getFields());
} else {
$unfiltered = array('data' => array());
foreach ($outf as $fieldId) {
$unfiltered['data'][] = $definition->getField($fieldId);
}
}
$flds = array('data' => array());
foreach ($unfiltered['data'] as $f) {
if ($itemObject->canModifyField($f['fieldId']) || $registration == 'y' && empty($item_info)) {
$flds['data'][] = $f;
}
}
// If we create multiple items, get field Ids, default values and separator
if (!empty($fieldsfill)) {
$fill_fields = preg_split('/ *: */', $fieldsfill); // Allow for superfluous spaces and ignore them
$fill_flds = array('data' => array());
$fill_defaults = array();
$fill_flds_defaults = array(); // May be different from fill_defaults if some fields are not editable
$fieldsfillnames = array();
if (trim($fieldsfilldefaults) != '') {
$fill_defaults = preg_split('/ *: */', $fieldsfilldefaults);
}
foreach ($fill_fields as $k=>$fieldId) {
if ($itemObject->canModifyField($fieldId)) {
$tmp = $definition->getField($fieldId);
$fill_flds['data'][] = $tmp;
if (isset($fill_defaults[$k])) {
$fill_flds_defaults[] = $fill_defaults[$k];
} else {
$fill_flds_defaults[] = '';
}
$fieldsfillnames[] = $tmp['name'];
}
}
$fill_line_cant = count($fill_flds['data']);
if ($fieldsfillseparator == '') {
$fieldsfillseparator = '|';
}
}
$bad = array();
$embeddedId = false;
$onemandatory = false;
$full_fields = array();
$mainfield = '';
if ($thisIsThePlugin) {
/* ------------------------------------- Recup all values from REQUEST -------------- */
if (!empty($autosavefields)) {
foreach ($autosavefields as $i=>$f) {
if (!$ff = $trklib->get_field($f, $flds['data'])) {
continue;
}
if (preg_match('/categories\(([0-9]+)\)/', $autosavevalues[$i], $matches)) {
if (ctype_digit($matches[1]) && $matches[1] > 0) {
$filter = array('identifier'=>$matches[1], 'type'=>'descendants');
} else {
$filter = NULL;
}
global $categlib; include_once('lib/categories/categlib.php');
$categs = $categlib->getCategories($filter, true, false);
$_REQUEST["ins_$f"][] = $categs[0]['categId'];
} elseif (preg_match('/preference\((.*)\)/', $autosavevalues[$i], $matches)) {
$_REQUEST["ins_$f"] = $prefs[$matches[1]];
} elseif ($ff['type'] == 'e') {
$_REQUEST["ins_$f"][] = $autosavevalues[$i];
} else {
if (isset($params['levelupfields']) && in_array($f, $params['levelupfields'])) {
$current_levelup_val = $trklib->get_item_value($trackerId, $itemId, $f);
if ($autosavevalues[$i] <= $current_levelup_val) {
continue;
}
}
$_REQUEST["ins_$f"] = $autosavevalues[$i];
}
}
}
foreach ($flds['data'] as $k => $field) {
$handler = $factory->getHandler($field, $item_info);
if ($handler) {
$ins_fields['data'][$k] = array_merge($field, $handler->getFieldData($_REQUEST));
if (isset($ins_fields['data'][$k]['value'])) { // add ins value into field if creating or editing item
$flds['data'][$k] = $ins_fields['data'][$k]; // to keep user input in case of errors (not only value)
}
}
}
$cpt = 0;
if (isset($fields)) {
$fields_plugin = preg_split('/:/', $fields);
}
if (!isset($itemId) && $tracker['oneUserItem'] == 'y') {
$itemId = $trklib->get_user_item($trackerId, $tracker);
}
if ($embedded == 'y' && isset($_REQUEST['page'])) {
$ins_fields["data"][] = array('fieldId' => $embeddedId, 'value' => $_REQUEST['page']);
}
if ($registration == 'y' && isset($params['userField'])) {
$userField = $definition->getField($params['userField']);
$userField['value'] = $_REQUEST['name'];
$ins_fields['data'][] = $userField;
}
$ins_categs = 0; // important: non-array ins_categs means categories should remain unchanged
$parent_categs_only = array();
foreach ($ins_fields['data'] as $current_field) {
if ($current_field['type'] == 'e' && isset($current_field['selected_categories'])) {
if (!is_array($ins_categs)) {
$ins_categs = array();
}
$ins_categs = array_merge($ins_categs, $current_field['selected_categories']);
$parent_categs_only[] = $current_field['options_array'][0];
}
}
$categorized_fields = $definition->getCategorizedFields();
/* ------------------------------------- End recup all values from REQUEST -------------- */
/* ------------------------------------- Check field values for each type and presence of mandatory ones ------------------- */
$field_errors = $trklib->check_field_values($ins_fields, $categorized_fields, $trackerId, empty($itemId)?'':$itemId);
if (empty($user) && $prefs['feature_antibot'] == 'y' && $registration != 'y') {
// in_tracker session var checking is for tiki-register.php
if (!$captchalib->validate()) {
$field_errors['err_antibot'] = 'y';
}
}
// check valid page name for wiki output if requested
if (isset($outputtowiki) && !empty($outputwiki)) {
$newpagename = '';
foreach ($ins_fields["data"] as $fl) {
if ($fl["fieldId"] == $outputtowiki) {
$newpagename = $fl["value"];
}
if ($fl["type"] == 'F') {
$newpagefreetags = $fl["value"];
}
$newpagefields[] = $fl["fieldId"];
}
if ($newpagename) {
if ($tikilib->page_exists($newpagename)) {
$field_errors['err_outputwiki'] = tra('The page to output the results to already exists. Try another name.');
}
$page_badchars_display = ":/?#[]@!$&'()*+,;=<>";
$page_badchars = "/[:\/?#\[\]@!$&'()*+,;=<>]/";
$matches = preg_match($page_badchars, $newpagename);
if ($matches) {
$field_errors['err_outputwiki'] = tr("The page to output the results to contains the following prohibited characters: %0. Try another name.", $page_badchars_display);
}
} else {
unset($outputtowiki);
}
}
if ( count($field_errors['err_mandatory']) == 0 && count($field_errors['err_value']) == 0 && empty($field_errors['err_antibot']) && empty($field_errors['err_outputwiki']) && !isset($_REQUEST['tr_preview'])) {
/* ------------------------------------- save the item ---------------------------------- */
if (isset($_REQUEST['status'])) {
$status = $_REQUEST['status'];
} elseif (isset($newstatus) && ($newstatus == 'o' || $newstatus == 'c'|| $newstatus == 'p')) {
$status = $newstatus;
} elseif (empty($itemId) && isset($tracker['newItemStatus'])) {
$status = $tracker['newItemStatus'];
} else {
$status = '';
}
if (!empty($fieldsfill) && !empty($_REQUEST['ins_fill']) ) { // We create multiple items
$fill_lines = explode("\n", $_REQUEST['ins_fill']);
foreach ($fill_lines as $fill_line) {
if (trim($fill_line) == '') { // Ignore blank lines
continue;
}
$fill_line_item = explode($fieldsfillseparator,$fill_line,$fill_line_cant); // Extra fields are merged with the last field. this avoids data loss and permits a last text field with commas
$rid = $trklib->replace_item($trackerId, $itemId, $ins_fields, $status, $ins_categs);
for ($i=0;$i<$fill_line_cant;$i++) {
if ($fill_line_item[$i] != '') {
$fill_item = trim($fill_line_item[$i]);
} else {
$fill_item = $fill_flds_defaults[$i];
}
$fill_rid = $trklib->modify_field($rid, $fill_flds['data'][$i]['fieldId'], $fill_item);
}
if (is_array($ins_categs)) {
if ($registration == 'y' && empty($item_info)) {
$override_perms = true;
} else {
$override_perms = false;
}
$trklib->categorized_item($trackerId, $rid, $mainfield, $ins_categs, $parent_categs_only, $override_perms);
}
if (isset($newItemRate)) {
$trklib->replace_rating($trackerId, $rid, $newItemRateField, $user, $newItemRate);
}
}
} else {
if ($registration == 'y' && $_SERVER['REQUEST_METHOD'] != 'POST') {
return false;
}
$rid = $trklib->replace_item($trackerId, $itemId, $ins_fields, $status, $ins_categs);
if (is_array($ins_categs)) {
if ($registration == 'y' && empty($item_info)) {
$override_perms = true;
} else {
$override_perms = false;
}
$trklib->categorized_item($trackerId, $rid, $mainfield, $ins_categs, $parent_categs_only, $override_perms);
}
if (isset($newItemRate)) {
$trklib->replace_rating($trackerId, $rid, $newItemRateField, $user, $newItemRate);
}
}
// now for wiki output if desired
if (isset($outputtowiki) && !empty($outputwiki)) {
// note that values will be raw - that is the limit of the capability of this feature for now
$newpageinfo = $tikilib->get_page_info($outputwiki);
$wikioutput = $newpageinfo["data"];
$newpagefields = $trklib->get_pretty_fieldIds($outputwiki, 'wiki', $outputPretty);
foreach ($newpagefields as $lf) {
$wikioutput = str_replace('{$f_' . $lf . '}', $trklib->get_item_value($trackerId, $rid, $lf), $wikioutput);
}
if (isset($registration)) {
$wikioutput = str_replace('{$register_login}', $user, $wikioutput);
$wikioutput = str_replace('{$register_email}', $_REQUEST['email'], $wikioutput);
}
$tikilib->create_page($newpagename, 0, $wikioutput, $tikilib->now, '', $user, $tikilib->get_ip_address());
$cat_desc = '';
$cat_type = 'wiki page';
$cat_name = $newpagename;
$cat_objid = $newpagename;
$cat_href = "tiki-index.php?page=".urlencode($newpagename);
if (count($ins_categs)) {
$_REQUEST['cat_categories'] = $ins_categs;
$_REQUEST['cat_categorize'] = 'on';
include_once("categorize.php");
}
if (isset($newpagefreetags) && $newpagefreetags) {
$_REQUEST['freetag_string'] = $newpagefreetags;
include_once("freetag_apply.php");
}
if ($discarditem == 'y') {
$trklib->remove_tracker_item($rid);
}
if (empty($url)) {
global $wikilib;
$url[0] = $wikilib->sefurl($newpagename);
}
}
// end wiki output
if (!empty($email)) {
$emailOptions = preg_split("#\|#", $email);
if (is_numeric($emailOptions[0])) {
$emailOptions[0] = $trklib->get_item_value($trackerId, $rid, $emailOptions[0]);
}
if (empty($emailOptions[0])) { // from
$emailOptions[0] = $prefs['sender_email'];
}
if (empty($emailOptions[1])) { // to
$emailOptions[1][0] = $prefs['sender_email'];
} else {
$emailOptions[1] = preg_split('/ *, */', $emailOptions[1]);
foreach ($emailOptions[1] as $key=>$email) {
if (is_numeric($email))
$emailOptions[1][$key] = $trklib->get_item_value($trackerId, $rid, $email);
}
}
include_once('lib/webmail/tikimaillib.php');
$mail = new TikiMail();
$mail->setHeader('From', $emailOptions[0]);
if (!empty($emailOptions[2])) { //tpl
$emailOptions[2] = preg_split('/ *, */', $emailOptions[2]);
foreach ($emailOptions[2] as $ieo=>$eo) {
if (!preg_match('/\.tpl$/', $eo))
$emailOptions[2][$ieo] = $eo.'.tpl';
$tplSubject[$ieo] = str_replace('.tpl', '_subject.tpl', $emailOptions[2][$ieo]);
}
} else {
$emailOptions[2] = array('tracker_changed_notification.tpl');
}
if (empty($tplSubject)) {
$tplSubject = array('tracker_changed_notification_subject.tpl');
}
$itpl = 0;
$smarty->assign('mail_date', $tikilib->now);
$smarty->assign('mail_itemId', $rid);
foreach ($emailOptions[1] as $ieo=>$ueo) {
@$mail_data = $smarty->fetch('mail/'.$tplSubject[$itpl]);
if (empty($mail_data))
$mail_data = tra('Tracker was modified at '). $_SERVER["SERVER_NAME"];
$mail->setSubject($mail_data);
$mail_data = $smarty->fetch('mail/'.$emailOptions[2][$itpl]);
if ($emailformat == 'html') {
$mail->setHtml($mail_data);
} else {
$mail->setText($mail_data);
}
$mail->buildMessage(array('text_encoding' => '8bit'));
$mail->send($ueo);
if (isset($tplSubject[$itpl+1]))
++$itpl;
}
}
if (empty($url)) {
if (!empty($_REQUEST['ajax_add'])) { // called by tracker ItemLink fields when adding new list items
global $access;
while ( ob_get_level() ) {
ob_end_clean();
}
if ( $prefs['feature_obzip'] == 'y' ) {
ob_start('ob_gzhandler');
} else {
ob_start();
}
// Need to add newly created itemId for item link selector
$ins_fields['itemId'] = $rid;
$access->output_serialized($ins_fields);
ob_end_flush();
die;
} else if (!empty($page)) {
$url = "tiki-index.php?page=".urlencode($page);
if (!empty($itemId)) {
$url .= "&itemId=".$itemId;
}
$url .= "&ok=y&iTRACKER=$iTRACKER";
$url .= "#wikiplugin_tracker$iTRACKER";
header("Location: $url");
exit;
} else {
return '';
}
} else {
$key = 0;
foreach ($action as $key=>$act) {
if (!empty($_REQUEST["action$key"])) {
break;
}
}
$itemIdPos = strpos($url[$key], 'itemId');
if ($itemIdPos !== false) {
if (strstr($url[$key], '#itemId')) {
$url[$key] = str_replace('#itemId', $rid, $url[$key]);
} else if (($itemIdPos+strlen('itemId') >= strlen($url[$key])-1) || (substr($url[$key], $itemIdPos+strlen('itemId'), 1) == "&")) {
// replace by the itemId if in the end (or -1: for backward compatibility so that "&itemId=" also works) or if it is followed by an '&'
$url[$key] = str_replace('itemId', 'itemId='.$rid, $url[$key]);
}
}
header('Location: '.$url[$key]);
exit;
}
/* ------------------------------------- end save the item ---------------------------------- */
} elseif (isset($_REQUEST['trackit']) and $_REQUEST['trackit'] == $trackerId) {
$smarty->assign('wikiplugin_tracker', $trackerId);//used in vote plugin
}
} else if ((empty($itemId) || $overwrite == 'y') && !empty($values) || (!empty($_REQUEST['values']) and empty($_REQUEST['prefills']))) { // assign default values for each filedId specify
if (empty($values)) { // url with values[]=x&values[] witouth the list of fields
$values = $_REQUEST['values'];
}
if (!is_array($values)) {
$values = array($values);
}
if (isset($fields)) {
$fl = preg_split('/:/', $fields);
for ($j = 0, $count_fl = count($fl); $j < $count_fl; $j++) {
for ($i = 0, $count_flds = count($flds['data']); $i < $count_flds; $i++) {
if ($flds['data'][$i]['fieldId'] == $fl[$j]) {
$flds['data'][$i]['value'] = $values[$j];
}
}
}
} else { // values contains all the fields value in the default order
$i = 0;
foreach ($values as $value) {
$flds['data'][$i++]['value'] = $value;
}
}
} elseif (!empty($itemId)) {
if (isset($fields)) {
$fl = preg_split('/:/', $fields);
$filter = '';
foreach ($flds['data'] as $f) {
if (in_array($f['fieldId'], $fl))
$filter[] = $f;
}
} else {
$filter = &$flds['data'];
}
if (!empty($filter)) {
foreach ($filter as $f) {
$filter2[$f['fieldId']] = $f;
}
$flds['data'] = $trklib->get_item_fields($trackerId, $itemId, $filter2, $itemUser, true);
}
// todo: apply the values for fields with no values
} else {
if (isset($_REQUEST['values']) && isset($_REQUEST['prefills'])) { //url:prefields=1:2&values[]=x&values[]=y
if (!is_array($_REQUEST['values']))
$_REQUEST['values'] = array($_REQUEST['values']);
$fl = preg_split('/:/', $_REQUEST['prefills']);
} else {
unset($fl);
}
for ($i = 0, $count_flds2 = count($flds['data']); $i < $count_flds2; $i++) {
if (isset($fl) && ($j = array_search($flds['data'][$i]['fieldId'], $fl)) !== false) {
$flds['data'][$i]['value'] = $_REQUEST['values'][$j];
} else {
$flds['data'][$i]['value'] = ''; // initialize fields with blank values
}
}
}
// Check that individual fields are in the tracker
if (!empty($fields)) {
$fl = preg_split('/:/', $fields);
if ($sort == 'y') {
$flds = $trklib->sort_fields($flds, $fl);
}
foreach ($fl as $l) {
$ok = false;
foreach ($flds['data'] as $f) {
if ($f['fieldId'] == $l) {
$ok = true;
break;
}
}
if (!$ok) {
$back .= '<div class="error">' . tra('Incorrect fieldId:').' '.$l . '</div>';
}
}
} elseif (empty($fields) && empty($wiki) && empty($tpl)) {
// in this case outf still be blank and needs to be filled
foreach ($flds['data'] as $f) {
$outf[] = $f['fieldId'];
}
}
// Check that multiple fill fields are in the tracker
if (!empty($fieldsfill)) {
foreach ($fill_fields as $l) {
$ok = false;
foreach ($fill_flds['data'] as $f) {
if ($f['fieldId'] == $l) {
$ok = true;
break;
}
}
if (!$ok) {
$back .= '<div class="error">' . tra('Incorrect fieldId:').' '.$l . '</div>';
}
}
}
// Display warnings when needed
if (count($field_errors['err_mandatory']) > 0) {
$smarty->assign_by_ref('err_mandatory', $field_errors['err_mandatory']);
}
if (count($field_errors['err_value']) > 0) {
$smarty->assign_by_ref('err_value', $field_errors['err_value']);
}
if (count($field_errors['err_mandatory']) > 0 || count($field_errors['err_value']) > 0) {
$back .= $smarty->fetch('tracker_error.tpl');
$_REQUEST['error'] = 'y';
}
if (isset($field_errors['err_antibot'])) {
$back.= '<div class="simplebox highlight"><img src="img/icons/exclamation.png" alt=" '.tra('Error').'" style="vertical-align:middle" /> ';
$back .= $captchalib->getErrors();
$back.= '</div><br />';
$_REQUEST['error'] = 'y';
}
if (isset($field_errors['err_outputwiki'])) {
$back.= '<div class="simplebox highlight"><img src="img/icons/exclamation.png" alt=" '.tra('Error').'" style="vertical-align:middle" /> ';
$back .= $field_errors['err_outputwiki'];
$back.= '</div><br />';
$_REQUEST['error'] = 'y';
}
if (count($field_errors['err_mandatory']) > 0 || count($field_errors['err_value']) > 0 || isset($field_errors['err_antibot']) || isset($field_errors['err_outputwiki'])) {
$smarty->assign('input_err', 'y');
}
if (!empty($page))
$back .= '~np~';
$smarty->assign_by_ref('tiki_p_admin_trackers', $perms['tiki_p_admin_trackers']);
$smarty->assign('trackerEditFormId', $iTRACKER);
if (!empty($params['_ajax_form_ins_id'])) {
global $headerlib; // when called via AJAX take a copy of the JS so far to allow collection
$old_js['js'] = $headerlib->js; // of tracker form JS into a function to initialise it when the dialog is created
$old_js['jq_onready'] = $headerlib->jq_onready;
$headerlib->clear_js(); // so store existing js for later and clear
}
if ($prefs['feature_jquery'] == 'y' && $prefs['feature_jquery_validation'] == 'y') {
global $validatorslib;
include_once('lib/validatorslib.php');
$customvalidation = '';
$customvalidation_m = '';
if ($registration == 'y') {
// email validation
$customvalidation .= 'email: { ';
$customvalidation .= 'required: true, ';
$customvalidation .= 'email: true }, ';
$customvalidation_m .= 'email: { email: "'. tra("Invalid email")
. '", required: "' . tra("This field is required")
. '"}, ';
// password validation
$customvalidation .= 'pass: { ';
$customvalidation .= 'required: true, ';
$customvalidation .= 'remote: { ';
$customvalidation .= 'url: "validate-ajax.php", ';
$customvalidation .= 'type: "post", ';
$customvalidation .= 'data: { ';
$customvalidation .= 'validator: "password", ';
$customvalidation .= 'input: function() { ';
$customvalidation .= 'return $("#pass1").val(); ';
$customvalidation .= '} } } ';
$customvalidation .= '}, ';
$customvalidation_m .= 'pass: { required: "' . tra("This field is required") . '"}, ';
// password repeat validation
$customvalidation .= 'passAgain: { equalTo: "#pass1" }, ';
$customvalidation_m .= 'passAgain: { equalTo: "'. tra("Passwords do not match") . '"}, ';
// username validation
$customvalidation .= 'name: { ';
$customvalidation .= 'required: true, ';
$customvalidation .= 'remote: { ';
$customvalidation .= 'url: "validate-ajax.php", ';
$customvalidation .= 'type: "post", ';
$customvalidation .= 'data: { ';
$customvalidation .= 'validator: "username", ';
$customvalidation .= 'input: function() { ';
$customvalidation .= 'return $("#name").val(); ';
$customvalidation .= '} } } ';
$customvalidation .= '}, ';
$customvalidation_m .= 'name: { required: "' . tra("This field is required") . '"}, ';
if (extension_loaded('gd') && function_exists('imagepng') && function_exists('imageftbbox') && $prefs['feature_antibot'] == 'y' && empty($user) && $prefs['recaptcha_enabled'] != 'y') {
// antibot validation
$customvalidation .= '"captcha[input]": { ';
$customvalidation .= 'required: true, ';
$customvalidation .= 'remote: { ';
$customvalidation .= 'url: "validate-ajax.php", ';
$customvalidation .= 'type: "post", ';
$customvalidation .= 'data: { ';
$customvalidation .= 'validator: "captcha", ';
$customvalidation .= 'parameter: function() { ';
$customvalidation .= 'return $jq("#captchaId").val(); ';
$customvalidation .= '}, ';
$customvalidation .= 'input: function() { ';
$customvalidation .= 'return $jq("#antibotcode").val(); ';
$customvalidation .= '} } } ';
$customvalidation .= '}, ';
$customvalidation_m .= '"captcha[input]": { required: "' . tra("This field is required") . '"}, ';
}
if ($prefs['useRegisterPasscode'] == 'y') {
$customvalidation .= 'passcode: {
required: true,
remote: {
url: "validate-ajax.php",
type: "post",
data: {
validator: "passcode",
input: function() {
return $("#passcode").val();
}
}
}
}, ';
$customvalidation_m .= 'passcode: { required: "' . tra("This field is required") . '"}, ';
}
}
$validationjs = $validatorslib->generateTrackerValidateJS($flds['data'], $fields_prefix, $customvalidation, $customvalidation_m);
$smarty->assign('validationjs', $validationjs);
$back .= $smarty->fetch('tracker_validator.tpl');
}
if ($params['formtag'] == 'y') {
$back .= '<form name="editItemForm' . $iTRACKER . '" id="editItemForm' . $iTRACKER . '" enctype="multipart/form-data" method="post"'.(isset($target)?' target="'.$target.'"':'').' action="'. $_SERVER['REQUEST_URI'] .'"><input type="hidden" name="trackit" value="'.$trackerId.'" />';
$back .= '<input type="hidden" name="refresh" value="1" />';
}
$back .= '<input type="hidden" name="iTRACKER" value="'.$iTRACKER.'" />';
if (isset($_REQUEST['page']))
$back.= '<input type="hidden" name="page" value="'.$_REQUEST["page"].'" />';
// for registration
if (isset($_REQUEST['name']))
$back.= '<input type="hidden" name="name" value="'.$_REQUEST["name"].'" />';
if (isset($_REQUEST['pass'])) {
$back.= '<input type="hidden" name="pass" value="'.$_REQUEST["pass"].'" />';
$back.= '<input type="hidden" name="passAgain" value="'.$_REQUEST["pass"].'" />';
}
if (isset($_REQUEST['email']))
$back.= '<input type="hidden" name="email" value="'.$_REQUEST["email"].'" />';
if (isset($_REQUEST['antibotcode']))
$back.= '<input type="hidden" name="antibotcode" value="'.$_REQUEST["antibotcode"].'" />';
if (isset($_REQUEST['chosenGroup'])) // for registration
$back.= '<input type="hidden" name="chosenGroup" value="'.$_REQUEST["chosenGroup"].'" />';
if (isset($_REQUEST['register']))
$back.= '<input type="hidden" name="register" value="'.$_REQUEST["register"].'" />';
if ($showtitle == 'y') {
$back.= '<div class="titlebar">'.$tracker["name"].'</div>';
}
if ($showdesc == 'y' && $tracker['description']) {
if ($tracker['descriptionIsParsed'] == 'y') {
$back .= '<div class="wikitext">'.$tikilib->parse_data($tracker['description']).'</div><br />';
} else {
$back.= '<div class="wikitext">'.tra($tracker["description"]).'</div><br />';
}
}
if (isset($_REQUEST['tr_preview'])) { // use for the computed and join fields
$assocValues = array();
$assocNumerics = array();
foreach ($flds['data'] as $f) {
if (empty($f['value']) && ($f['type'] == 'u' || $f['type'] == 'g' || $f['type'] == 'I') && ($f['options_array'][0] == '1' || $f['options_array'][0] == '2')) { //need to fill the selector fields for the join
$f['value'] = ($f['type'] == 'I')? $tikilib->get_ip_address(): (($f['type'] == 'g')? $group: $user);
}
$assocValues[$f['fieldId']] = $f['value'];
$assocNumerics[$f['fieldId']] = preg_replace('/[^0-9\.\+]/', '', $f['value']); // get rid off the $ and such unit
}
}
if (!empty($itemId)) {
$item = array('itemId'=>$itemId, 'trackerId'=>$trackerId);
} else {
$item = array('itemId'=>'');
}
foreach ($flds['data'] as $i=>$f) { // collect additional infos
if (in_array($f['fieldId'], $outf)) {
$flds['data'][$i]['ins_id'] = ($f['type'] == 'e')?'ins_'.$f['fieldId']: $fields_prefix.$f['fieldId'];
if (($f['isHidden'] == 'c' || $f['isHidden'] == 'p') && !empty($itemId) && !isset($item['creator'])) {
$item['creator'] = $trklib->get_item_creator($trackerId, $itemId);
}
}
}
if (!empty($showstatus) && $showstatus == 'y') {
$status_types = $trklib->status_types();
$smarty->assign_by_ref('status_types', $status_types);
$smarty->assign('form_status', 'status');
$smarty->assign_by_ref('tracker', $tracker);
if (!empty($item_info)) {
$smarty->assign_by_ref('item', $item_info);
}
$status_input = $smarty->fetch('tracker_status_input.tpl');
}
if ($registration == "y") {
$back .= '<input type="hidden" name="register" value="Register" />';
}
// Loop on tracker fields and display form
if (empty($tpl) && empty($wiki)) {
$back.= '<table class="wikiplugin_tracker">';
if (!empty($showstatus) && $showstatus == 'y') {
$back .= '<tr><td>'.tra('Status').'</td><td>'.$status_input.'</td></tr>';
}
if ($registration == 'y' && $prefs["user_register_prettytracker"] != 'y') {
$back .= $smarty->fetch('register-form.tpl');
}
} else {
$back .= '<div class="wikiplugin_tracker">';
if (!empty($showstatus) && $showstatus == 'y') {
$smarty->assign_by_ref('f_status_input', $status_input);
}
}
$backLength0 = strlen($back);
foreach ($flds['data'] as $f) {
if (!in_array($f['fieldId'], $auto_fieldId) && in_array($f['fieldId'], $hidden_fieldId)) {
// Show in hidden form
$back.= '<span style="display:none;">' . wikiplugin_tracker_render_input($f, $item) . '</span>';
} elseif (!in_array($f['fieldId'], $auto_fieldId) && in_array($f['fieldId'], $outf)) {
if ($showmandatory == 'y' and $f['isMandatory'] == 'y') {
$onemandatory = true;
}
if ($f['type'] == 'A') {
$smarty->assign_by_ref('tiki_p_attach_trackers', $perms['tiki_p_attach_trackers']);
}
if (!empty($tpl) || !empty($wiki)) {
if (!empty($outputPretty) && in_array($f['fieldId'], $outputPretty)) {
$smarty->assign('f_'.$f['fieldId'], '<span class="outputPretty" id="track_'.$f['fieldId'].'" name="track_'.$f['fieldId'].'">'. wikiplugin_tracker_render_value($f, $item) . '</span>');
} else {
$mand = ($showmandatory == 'y' and $f['isMandatory'] == 'y')? " <strong class='mandatory_star'>*</strong> ":'';
$smarty->assign('f_'.$f['fieldId'], wikiplugin_tracker_render_input($f, $item).$mand);
}
} else {
$back.= "<tr><td";
if (!empty($colwidth)) {
$back .= " width='".$colwidth."'";
}
$back .= '><label for="' . $f['ins_id'] . '">'
. wikiplugin_tracker_name($f['fieldId'], tra($f['name']), $field_errors) . '</label>';
if ($showmandatory == 'y' and $f['isMandatory'] == 'y') {
$back.= " <strong class='mandatory_star'>*</strong> ";
}
$back.= '</td><td>';
$back .= wikiplugin_tracker_render_input($f, $item);
}
if ($f['type'] != 'S') {
$back .= '<div class="trackerplugindesc">';
}
if ($f['type'] != 'S') {
if ($f['descriptionIsParsed'] == 'y') {
$back .= $tikilib->parse_data($f['description']);
} else {
$back .= tra($f['description']);
}
}
if ($f['type'] != 'S') {
$back .= '</div>';
}
}
}
if ( isset($params['fieldsfill']) && !empty($params['fieldsfill']) && empty($itemId) ) {
// $back.= '<tr><td><label for="ins_fill">' . tra("Create multiple items (one per line).") . '</label>';
$back.= '<tr><td><label for="ins_fill">' . tra("Insert one item per line:")
. '<br />'
. '<br />'
. '<br />'
. '</label>';
$back.= <<<FILL
</td><td>
<input type="hidden" value="" name="mode_wysiwyg"/>
<input type="hidden" value="" name="mode_normal"/>
<div class="edit-zone">
<textarea id="ins_fill" class="wikiedit" style="width: 99%;" data-syntax="" data-codemirror="" onkeyup="" rows="15" cols="50" name="ins_fill" >
</textarea >
</div>
<input type="hidden" value="n" name="wysiwyg"/>
<div name="ins_fill_desc" class="trackerplugindesc" >
FILL;
$back.= sprintf(tra('Each line is a list of %d field values separated with: %s'),$fill_line_cant,htmlspecialchars($fieldsfillseparator));
$back .= '</div><div name="ins_fill_desc2" class="trackerplugindesc" >' . htmlspecialchars(implode($fieldsfillseparator,$fieldsfillnames)) ;
$back .= '</div></td></tr>';
}
if (!empty($tpl)) {
$smarty->security = true;
$back .= $smarty->fetch($tpl);
} elseif (!empty($wiki)) {
$smarty->security = true;
if ($tikilib->page_exists($wiki)) {
$back .= $smarty->fetch('wiki:'.$wiki);
} else {
$back .= '<span class="error">' . tr('Missing wiki template page "%0"', htmlspecialchars($wiki)) . '</span>';
}
}
include_once('lib/smarty_tiki/function.trackerheader.php');
$back .= smarty_function_trackerheader(array('level'=>-1, 'title'=>'', 'inTable' =>(empty($tpl) && empty($wiki))?'wikiplugin_tracker':'' ), $smarty);
if ($prefs['feature_antibot'] == 'y' && empty($user) && $formtag != 'n'
&& ($registration != 'y' || $prefs["user_register_prettytracker"] != 'y') ) {
// in_tracker session var checking is for tiki-register.php
$smarty->assign('showmandatory', $showmandatory);
$smarty->assign('antibot_table', empty($wiki) && empty($tpl)?'n': 'y');
$back .= $smarty->fetch('antibot.tpl');
}
if (empty($tpl) && empty($wiki)) {
$back.= "</table>";
} else {
$back .= '</div>';
}
if ($params['formtag'] == 'y') {
$back .= '<div class="input_submit_container">';
if (!empty($reset)) {
$back .= '<input class="button submit preview" type="reset" name="tr_reset" value="'.tra($reset).'" />';
}
if (!empty($preview)) {
$back .= '<input class="button submit preview" type="submit" name="tr_preview" value="'.tra($preview).'" />';
}
foreach ($action as $key=>$act) {
$back .= '<input class="button submit" type="submit" name="action'.$key.'" value="'.tra($act).'" onclick="needToConfirm=false" />';
}
$back .= '</div>';
}
if ($showmandatory == 'y' and $onemandatory) {
$back.= "<em class='mandatory_note'>".tra("Fields marked with a * are mandatory.")."</em>";
}
if ($params['formtag'] == 'y') {
$back.= '</form>';
}
if (!empty($params['_ajax_form_ins_id'])) { // save new js in a function for the form init fn
$headerlib->add_js(' var ajaxTrackerFormInit_' . $params['_ajax_form_ins_id'] . ' = function() {' . $headerlib->output_js(false) . '}', 10);
// put back the pre-existing js
$headerlib->js = array_merge( $headerlib->js, $old_js['js']);
$headerlib->jq_onready = array_merge( $headerlib->jq_onready, $old_js['jq_onready']);
}
if (!empty($page))
$back .= '~/np~';
$smarty->assign_by_ref('tiki_p_admin_trackers', $perms['tiki_p_admin_trackers']);
return $back;
} else {
if (isset($_REQUEST['trackit']) and $_REQUEST['trackit'] == $trackerId)
$smarty->assign('wikiplugin_tracker', $trackerId);//used in vote plugin
$id = ' id="wikiplugin_tracker'.$iTRACKER.'"';
if ($showtitle == 'y') {
$back.= '<div class="titlebar"'.$id.'>'.$tracker["name"].'</div>';
$id = '';
}
if ($showdesc == 'y') {
$back.= '<div class="wikitext"'.$id.'>'.$tracker["description"].'</div><br />';
$id = '';
}
$back.= "<div$id>".$data.'</div>';
return $back;
}
}
