public function UpdateField($fieldAlias, $newValue, &$pkVal = NULL) { $this->_SetupFields(); if (!array_key_exists($fieldAlias, $this->fields)) { return; } if ($pkVal === NULL && !$this->flag_is_set(ALLOW_ADD, $fieldAlias)) { throw new Exception('Module does not allow adding records'); } if ($pkVal !== NULL && !$this->flag_is_set(ALLOW_EDIT, $fieldAlias)) { throw new Exception('Module does not allow editing records'); } if (!$this->bypassSecurity && !$this->flag_is_set(PERSISTENT, $fieldAlias) && uEvents::TriggerEvent('CanAccessModule', $this) === FALSE) { throw new Exception('Access Denied when attempting to update field'); } $tableAlias = $this->fields[$fieldAlias]['tablename']; if (!$tableAlias) { return FALSE; } // cannot update a field that has no table if (uEvents::TriggerEvent('BeforeUpdateField', $this, array($fieldAlias, $newValue, &$pkVal)) === FALSE) { $this->ResetField($fieldAlias, $pkVal); return FALSE; } $oldPkVal = $pkVal; $fieldPK = $this->GetPrimaryKey($fieldAlias); $tbl = $this->fields[$fieldAlias]['vtable']; $values = $this->GetValues($fieldAlias, $pkVal); $fieldType = $this->GetFieldType($fieldAlias); if ($this->fields[$fieldAlias]['inputtype'] == itPASSWORD && $fieldType !== ftRAW) { if (empty($newValue)) { return FALSE; } $newValue = uCrypt::Encrypt($newValue); } $originalValue = $newValue; $field = $this->fields[$fieldAlias]['field']; $table = $tbl['tModule']; $tablePk = $tbl['pk']; if (preg_match('/{[^}]+}/', $field) > 0 || IsSelectStatement($field) || is_array($field)) { $this->ResetField($fieldAlias, $pkVal); return FALSE; // this field is a pragma, select statement or callback } $preModPk = NULL; if ($table !== $this->GetTabledef()) { if ($pkVal === NULL) { // current module PK if not row exists, create it $this->UpdateField($this->GetPrimaryKey(), null, $pkVal); } $row = $this->LookupRecord($pkVal, true); $pkLinkTo = null; $pkLinkFrom = null; $pkValTo = null; $pkValFrom = null; foreach ($tbl['joins'] as $fromField => $toField) { if ($toField == $this->sqlTableSetupFlat[$tbl['parent']]['pk']) { $pkLinkFrom = $fromField; $pkLinkTo = $toField; // from (parent) pk / to (child) pk foreach ($this->fields as $_f => $_finfo) { if ($_finfo['tablename'] == $this->sqlTableSetupFlat[$tbl['parent']]['alias'] && $_finfo['field'] == $fromField) { $pkValFrom = $row[$_f]; } elseif ($_finfo['tablename'] == $this->sqlTableSetupFlat[$tbl['alias']]['alias'] && $_finfo['field'] == $toField) { $pkValTo = $row[$_f]; } } } } $tableObj = utopia::GetInstance($table); if ($pkValTo === NULL && $pkValFrom) { $tableObj->UpdateField($pkLinkTo, $pkValFrom); $row = $this->LookupRecord($pkVal, true); } $tableObj = utopia::GetInstance($table); if ($tableObj instanceof iLinkTable) { // delete all where tofield is oldpk database::query('DELETE FROM `' . $tableObj->tablename . '` WHERE `' . $pkLinkTo . '` = ?', array($pkVal)); // loop through new values (unless empty) and add them to the link table if ($newValue !== NULL && $newValue !== '') { if (!is_array($newValue)) { $newValue = array($newValue); } foreach ($newValue as $v) { $n = null; $tableObj->UpdateField($pkLinkTo, $pkVal, $n, $fieldType); //set left $tableObj->UpdateField($field, $v, $n, $fieldType); //set right } } return true; } // pk of table $preModPk = $pkVal; $pkVal = $row['_' . $tableAlias . '_pk']; if ($pkVal === NULL) { // linked target does not exist, create it if ($pkLinkTo == $field) { $tableObj->UpdateField($pkLinkTo, $newValue, $pkVal, $fieldType); } else { $tableObj->UpdateField($field, $newValue, $pkVal, $fieldType); } foreach ($this->fields as $_f => $_finfo) { // set pkLinkFrom to newly created record in linked table if (isset($_finfo['vtable']) && $_finfo['vtable']['tModule'] == $this->GetTabledef() && $_finfo['field'] == $pkLinkFrom) { $this->UpdateField($_f, $pkVal, $preModPk); break; } } } } // lets update the field $tableObj = utopia::GetInstance($table); try { $ret = $tableObj->UpdateField($field, $newValue, $pkVal, $fieldType) === FALSE ? FALSE : TRUE; } catch (Exception $e) { $ret = false; switch ($e->getCode()) { case 1062: // duplicate key uNotices::AddNotice('An entry already exists with this value.', NOTICE_TYPE_ERROR); break; default: throw $e; } } if ($preModPk !== NULL) { $pkVal = $preModPk; } if ($oldPkVal === NULL) { // new record added // update default values if (!$this->noDefaults) { $this->noDefaults = true; foreach ($this->fields as $dalias => $fieldData) { if ($fieldAlias == $dalias) { continue; } // dont update the default for the field which is being set. if ($dalias == $this->GetPrimaryKey()) { continue; } $default = $this->GetDefaultValue($dalias); if (!empty($default)) { //echo "//setting default for $dalias to $default PK $pkVal\n"; $this->UpdateField($dalias, $default, $pkVal); } } $this->noDefaults = false; } // new record has been created. pass the info on to child modules, incase they need to act on it. uEvents::TriggerEvent('OnNewRecord', $this, $pkVal); } if (array_key_exists('onupdate', $this->fields[$fieldAlias])) { foreach ($this->fields[$fieldAlias]['onupdate'] as $callback) { list($callback, $arr) = $callback; //echo "$callback,".print_r($arr,true); if (is_string($callback)) { // $callback = array($this,$callback); $callback = array($this, $callback); } array_unshift($arr, $pkVal); $newRet = call_user_func_array($callback, $arr); if ($ret === TRUE) { $ret = $newRet; } } } $this->ResetField($fieldAlias, $pkVal); if ($oldPkVal !== $pkVal) { $this->ResetField($fieldAlias, $oldPkVal); } if (uEvents::TriggerEvent('AfterUpdateField', $this, array($fieldAlias, $newValue, &$pkVal)) === FALSE) { return FALSE; } return $ret; }
public static function TryLogin() { if (isset($_SESSION['current_user'])) { return; } // login not attempted. if (!array_key_exists('__login_u', $_POST)) { return; } if (!array_key_exists('__login_p', $_POST)) { return; } $un = $_POST['__login_u']; $pw = $_POST['__login_p']; unset($_POST['__login_p']); if (($userID = uUsersList::TestCredentials($un, $pw)) !== false) { self::SetLogin($userID); $obj = utopia::GetInstance(__CLASS__); $rec = $obj->LookupRecord($userID, true); // check if password is the most secure we can have. if ($rec && !uCrypt::IsStrongest($pw, $rec['password'])) { $pk = $rec['user_id']; $obj->UpdateField('password', uCrypt::Encrypt($pw), $pk); } $obj->UpdateFieldRaw('last_login', 'NOW()', $userID); if (isset($_REQUEST['remember_me'])) { session_set_cookie_params(604800, PATH_REL_ROOT); session_regenerate_id(true); $_SESSION['SESSION_LIFETIME'] = 604800; } uEvents::TriggerEvent('AfterLogin'); } else { uNotices::AddNotice('Username and password do not match.', NOTICE_TYPE_ERROR); } }