/**
* Gets the form inputs and validates it's format and dataype and if it's required or not
* @param form_name The name of the form
* @param exclude_columns array of columns names that you dont want to validate
* @return boolean
*/
public static function ValidRequest($form_name, $exclude_columns = null)
{
$inputs = SystemQueries::form_input_structure($form_name);
foreach ($inputs as $input) {
if ($exclude_columns == null || !in_array($input->input_name, $exclude_columns)) {
self::Set($input);
self::Nullable($input);
if ($input->input_type != "file") {
if (self::VarcharBlobText($input)) {
continue;
} else {
if (self::Integer($input)) {
continue;
} else {
if (self::DoubleFloat($input)) {
continue;
} else {
return false;
}
}
}
}
}
}
return true;
}
/**
* Uploads all files in a specific form
* @param string $form_name_id The id/name of the form
* @param string $input_name The input name of the input file
* @return array ["original_filename", "extension", "fullpath] File info of the uploaded file
*/
public static function UploadFormFiles($form_name_id, $input_name)
{
//Get the inputs of type=file
$inputs = SystemQueries::GetFormInputsFileType($form_name_id, $input_name);
//Set file info for return
$files;
// = array();
//Loop through input type=file
foreach ($inputs as $input) {
// No file has been selected for upload
if ($_FILES[$input->input_name]['error'] == UPLOAD_ERR_NO_FILE || $_FILES[$input->input_name]['size'] == 0) {
$files = array("original_filename" => null, "extension" => null, "fullpath" => null);
//No file selected
//Set the file link to the post object
$_POST[$input->input_name] = null;
} else {
if ($_FILES[$input->input_name]['error'] != UPLOAD_ERR_OK || $_FILES[$input->input_name]["error"] > 0 || empty($_FILES[$input->input_name]["name"]) || empty($_FILES[$input->input_name]["tmp_name"])) {
Logger::File();
RequestManager::RequestError();
//Error on upload
} else {
if (is_uploaded_file($_FILES[$input->input_name]["tmp_name"]) && $_FILES[$input->input_name]['error'] == UPLOAD_ERR_OK) {
if (trim($input["input_attributes"]) != "" || self::IsFileWithExpectedExtension($input) || self::IsFileWithExpectedMimeType($input)) {
// Default web root directory definition with the new folder defined in the argument
$web_server_directory = $_SERVER['DOCUMENT_ROOT'] . "/uploads";
if (!self::CreatePath($web_server_directory)) {
Logger::File();
RequestManager::RequestError();
//Error creating the file directory;
}
$full_path = self::file_directory($web_server_directory, $input->input_name);
// Saves the uploaded file
if (move_uploaded_file($_FILES[$input->input_name]["tmp_name"], $full_path)) {
//Renames the current uploaded file for uniqueness
$fullpath = self::file_name_generator($web_server_directory, $input);
if (rename($full_path, $fullpath)) {
$files = array("original_filename" => $_FILES[$input->input_name]["name"], "extension" => self::GetUploadedFileExtension($input), "fullpath" => $fullpath);
//Set the file link to the post object
$_POST[$input->input_name] = $fullpath;
} else {
Logger::File();
RequestManager::RequestError();
//Error on file directory or directory doesn't exist, upload failed
}
} else {
Logger::File();
RequestManager::RequestError();
//Error moving file to the specified directory or directory doesn't exist
}
} else {
Logger::File();
RequestManager::RequestError();
//File type not allowed upload failed
}
}
}
}
}
return $files;
}
/**
* Invokes the class method stored on database
* @param $Request The request object
* @return void
*/
private static function InvokeMethod($Request)
{
//Check if the class exist in a file inside the controllers folder
//Note the class_name must be same has the file name to prevent security issues
$FileDirectory = dirname(dirname(__FILE__)) . "/controllers/" . $Request->Get->class_name . ".php";
if (file_exists($FileDirectory)) {
require_once $FileDirectory;
if (method_exists($Request->Get->class_name, $Request->Get->function_name)) {
call_user_func(array($Request->Get->class_name, $Request->Get->function_name));
} else {
Logger::Error("Request error: The requested function doesn't exist. Requested class_name:" . $Request->Get->class_name . " - function_name:" . $Request->Get->function_name);
Dialog::RequestClassOrMethodNotExist();
}
} else {
$class = json_decode(json_encode(SystemQueries::GetClass($Request->Get->class_name)));
if (count($class) === 0) {
Logger::Error("Request error: The requested class_name doesn't exist. Requested class_name:" . $Request->Get->class_name . " - function_name:" . $Request->Get->function_name);
Dialog::RequestClassOrMethodNotExist();
} else {
if (is_callable(array($class->class_name, $Request->Get->function_name), true)) {
try {
eval("?>" . $class->class_code);
if (method_exists($class->class_name, $Request->Get->function_name)) {
call_user_func(array($class->class_name, $Request->Get->function_name));
} else {
Logger::Error("Request error: The requested function doesn't exist. Requested class_name:" . $Request->Get->class_name . " - function_name:" . $Request->Get->function_name);
Dialog::RequestClassOrMethodNotExist();
}
} catch (Exception $e) {
Logger::Error("Request error: The class code could not be interpreted at runtime. Please check that your code is free of errors. Requested class_name:" . $Request->Get->class_name . " - function_name:" . $Request->Get->function_name);
Dialog::RequestRuntimeErrorOnCompilingCode();
}
} else {
Logger::Error("Request error: The requested function name can't be used to call a method. Requested class_name:" . $Request->Get->class_name . " - function_name:" . $Request->Get->function_name);
Dialog::RequestClassOrMethodNotExist();
}
}
}
}
/**
* Returns the result of the executing query. Enum String Version
* @param string $query The query name or string to execute
* @param array $array The params for the query
* @param QueryType $QueryType The query type
* @return array
*/
public static function QueryTypeExecuterString($query, $params = null, $QueryType = QueryTypeString::Text)
{
if ($QueryType == QueryType::Text) {
return DBManager::ExecuteQuery($query, $params, $QueryType);
} else {
$query_str = SystemQueries::GetQuery($query);
return DBManager::ExecuteQuery($query_str->query_text, $params, QueryType::Text);
}
}
/**
* Executes query returns the db resultset in an array
* @param string $query The query string to execute
* @param array $params The values to be set for the query
* @param integer $QueryType The type of query
* @return array
*/
public static function ExecuteQueryArray($query, $params = null, $QueryType = QueryType::Text)
{
$PDODB = new PDODB();
if ($QueryType == QueryType::Text) {
$PDODB->ExecuteQuery($query, $params);
return $PDODB->GetDataArray();
} else {
$query_str = SystemQueries::GetQuery($query);
$PDODB->ExecuteQuery($query_str->query_text, $params);
return $PDODB->GetDataArray();
}
}
/**
* This function creates the class in the database,
* Also creates a .php file template with the class name in the controllers folder
* @param $Request
* @param $class
* @return void
*/
private static function CreateAndExecuteClass($Request, $class)
{
$inserted = SystemQueries::InsertClass($Request, $class);
if (is_dir("controllers")) {
@mkdir('controllers', 0755, true);
}
$created = file_put_contents("controllers/" . $Request->Get->table_name . ".php", $class);
if (!$inserted) {
Dialog::Danger("Error", "There was an error creating the class on the database! The class may already exist. Check system logs for more details.", "Ok");
} else {
if (!$created) {
Dialog::Danger("Error", "There was an error creating the class on the controllers folder!", "Ok");
} else {
Dialog::Success("Succesful", "The class and model for " . $Request->Get->table_name . " where created on the controllers and models folder and on the database succesfully", "Ok");
}
}
}
/**
* This function display all tables of the administrator page
* @return void
*/
public static function AdministratorItemList()
{
$menus = SystemQueries::GetAllDatabaseTables();
self::HasMenus($menus);
require_once "framework/views/administrator/menus/menubuttonitemlist.php";
}