public function searchAction()
{
$filters = array('q' => array('StringTrim', 'StripTags'));
$validators = array('q' => array('presence' => 'required'));
$input = new Zend_Filter_Input($filters, $validators, $_GET);
if (is_string($this->_request->getParam('q'))) {
$queryString = $input->getEscaped('q');
$this->view->queryString = $queryString;
if ($input->isValid()) {
$config = Zend_Registry::get('config');
$index = App_Search_Lucene::open($config->luceneIndex);
$query = new Zend_Search_Lucene_Search_Query_Boolean();
$pathTerm = new Zend_Search_Lucene_Index_Term($queryString);
$pathQuery = new Zend_Search_Lucene_Search_Query_Term($pathTerm);
$query->addSubquery($pathQuery, true);
$pathTerm = new Zend_Search_Lucene_Index_Term('20091023', 'CreationDate');
$pathQuery = new Zend_Search_Lucene_Search_Query_Term($pathTerm);
$query->addSubquery($pathQuery, true);
try {
$hits = $index->find($query);
} catch (Zend_Search_Lucene_Exception $ex) {
$hits = array();
}
$this->view->hits = $hits;
} else {
$this->view->messages = $input->getMessages();
}
}
}
public function testGetEscapedMultiValue()
{
$data = array('multiSelect' => array('C&H', 'B&O', 'AT&T'));
$input = new Zend_Filter_Input(null, null, $data);
$this->assertFalse($input->hasMissing(), 'Expected hasMissing() to return false');
$this->assertFalse($input->hasInvalid(), 'Expected hasInvalid() to return false');
$this->assertFalse($input->hasUnknown(), 'Expected hasUnknown() to return false');
$this->assertTrue($input->hasValid(), 'Expected hasValid() to return true');
$multi = $input->getEscaped('multiSelect');
$this->assertType('array', $multi);
$this->assertEquals(3, count($multi));
$this->assertEquals(array('C&H', 'B&O', 'AT&T'), $multi);
}
public function loaduserdataAction()
{
$this->_helper->viewRenderer->setNoRender();
$this->_helper->getHelper("layout")->disableLayout();
$aInputFilters = array("*" => array(new Zend_Filter_StringTrim()));
$aInputValidators = array("num_row_per_page" => array(new Zend_Validate_Digits()), "curr_page" => array(new Zend_Validate_Digits()), "sort_column" => array(new AppCms2_Validate_SpecialAlpha()), "sort_method" => array(new Zend_Validate_Alpha()), "filter_company_name" => array("allowEmpty" => true), "filter_user_name" => array("allowEmpty" => true), "filter_email_address" => array("allowEmpty" => true), "filter_user_category_name" => array("allowEmpty" => true));
$oInput = new Zend_Filter_Input($aInputFilters, $aInputValidators, $_POST);
if ($oInput->isValid()) {
$oModelVUser = new Admin_Model_VUser();
$nNumRowPerPage = $oInput->getEscaped("num_row_per_page");
$nCurrPage = $oInput->getEscaped("curr_page");
$sSortColumn = $oInput->getEscaped("sort_column");
$sSortMethod = $oInput->getEscaped("sort_method");
$aFilter = array("company_name" => $oInput->getEscaped("filter_company_name"), "user_name" => $oInput->getEscaped("filter_user_name"), "email_address" => $oInput->getEscaped("filter_email_address"), "user_category_name" => $oInput->getEscaped("filter_user_category_name"));
$oRowset = $oModelVUser->getAllUser($aFilter, $nNumRowPerPage, ($nCurrPage - 1) * $nNumRowPerPage, $sSortColumn . " " . $sSortMethod);
$nNumRows = $oModelVUser->getAllUser($aFilter)->count();
$aJson = array("rowset" => $oRowset->toArray(), "num_rows" => $nNumRows);
header("Content-type: application/json");
echo Zend_Json::encode($aJson);
}
}
/**
* @group ZF-3004
*/
public function testInsertingNullDoesNotGetEscapedWithDefaultEscapeMethod()
{
$input = new Zend_Filter_Input(null, null, array('test' => null));
$input->process();
$this->assertFalse($input->hasMissing(), 'Expected hasMissing() to return false');
$this->assertFalse($input->hasInvalid(), 'Expected hasInvalid() to return false');
$this->assertFalse($input->hasUnknown(), 'Expected hasUnknown() to return false');
$this->assertTrue($input->hasValid(), 'Expected hasValid() to return true');
$this->assertNull($input->getUnescaped('test'), 'getUnescaped of test fails to return null');
$this->assertNull($input->getEscaped('test'), 'getEscaped of test fails to return null');
$this->assertNull($input->test, 'magic get of test fails to return null');
}
public function loaddataordersnewAction()
{
$this->_helper->viewRenderer->setNoRender();
$this->_helper->getHelper("layout")->disableLayout();
$aInputFilters = array("*" => array(new Zend_Filter_StringTrim()));
$aInputValidators = array("num_row_per_page" => array(new Zend_Validate_Digits()), "curr_page" => array(new Zend_Validate_Digits()), "sort_column" => array(new AppCms2_Validate_SpecialAlpha()), "sort_method" => array(new Zend_Validate_Alpha()), "filter_order_status_id" => array(new Zend_Validate_Digits()), "filter_call_id" => array("allowEmpty" => true), "filter_journal_title" => array("allowEmpty" => true), "filter_amount" => array("allowEmpty" => true), "filter_id" => array(new Zend_Validate_Digits()));
$oInput = new Zend_Filter_Input($aInputFilters, $aInputValidators, $_POST);
$nNumRowPerPage = $oInput->getUnescaped("num_row_per_page");
$nCurrPage = $oInput->getUnescaped("curr_page");
$sSortColumn = $oInput->getUnescaped("sort_column");
$sSortMethod = $oInput->getUnescaped("sort_method");
$aFilter = array("order_status_id" => $oInput->getEscaped("filter_order_status_id") != NULL ? $oInput->getUnescaped("filter_order_status_id") : NULL, "call_id" => $oInput->getEscaped("filter_call_id") != NULL ? $oInput->getUnescaped("filter_call_id") : NULL, "journal_title" => $oInput->getEscaped("filter_journal_title") != NULL ? $oInput->getUnescaped("filter_journal_title") : NULL, "amount" => $oInput->getEscaped("filter_amount") != NULL ? (double) $oInput->getUnescaped("filter_amount") * 100 : NULL, "id" => $oInput->getUnescaped("filter_id"));
foreach ($aFilter as $sKey => $sValue) {
if (!isset($sValue)) {
unset($aFilter[$sKey]);
}
}
$oModelVOrderJournal = new User_Model_VOrderJournal();
$oRowset = $oModelVOrderJournal->getUserOrders(null, $aFilter, $nNumRowPerPage, ($nCurrPage - 1) * $nNumRowPerPage, $sSortColumn . " " . $sSortMethod);
$nNumRows = $oModelVOrderJournal->getUserOrders(null, $aFilter)->count();
$aRowset = $oRowset->toArray();
foreach ($aRowset as $nKey => $aValue) {
$oOrderRelationships = $oModelVOrderJournal->getOrderRelationships($aValue["id"], $aValue["item_id"]);
$aRowset[$nKey]["relationships_count"] = $oOrderRelationships->count();
$aRowset[$nKey]["relationships"] = $oOrderRelationships->toArray();
}
$aJson = array("rowset" => $aRowset, "num_rows" => $nNumRows);
header("Content-type: application/json");
echo Zend_Json::encode($aJson);
exit;
}
/**
* zendInputFilter() - strips tags from input and optionally returns escaped output
* @param array $input - array of user input
* @param $escaped - will additionally run an html entities filter if set to true
* @return array
*/
public static function zendInputFilter($input, $escaped = false)
{
if ($input) {
$output = new Zend_Filter_Input(array('*' => 'StripTags'), array(), $input);
//strips tags from all input
$escaped = $output->getEscaped();
// will be automatically run through an HTML-entities-filter
// or
$unescaped = $output->getUnescaped();
// the values as they come out of the filter-chain.
if ($escaped == true) {
return $escaped;
} else {
return $unescaped;
}
} else {
//Logger::log("No input received ".__METHOD__, Logger::DEBUG);
return $input;
}
}
/**
* Validate and filter data (not used)
*/
public static function cleanData($data)
{
if (!is_array($data)) {
$data = array($data);
}
$filters = array('*' => array('StringTrim', 'HtmlEntities', 'StripTags', 'Alnum'));
$validators = array('*' => array('NotEmpty', 'presence' => 'required'));
$input = new Zend_Filter_Input($filters, $validators, $data);
if ($input->isValid()) {
// return filtered and escaped data
$ret = $input->getEscaped();
return $ret[0];
}
return false;
}
/**
* Save changes to an existing page, or create a new page. If creating a new page the function will return the ID
*
* @return int
*/
protected function _savePage($siteID)
{
// First of all we need to validate and sanitise the input from the form
$urlFilter = new Zend_Filter();
$urlFilter->addFilter(new Zend_Filter_StringTrim());
$urlFilter->addFilter(new Zend_Filter_StringTrim('/'));
$requiredText = new Zend_Validate();
$requiredText->addValidator(new Zend_Validate_NotEmpty());
$filters = array('id' => 'Digits', 'pageTitle' => 'StringTrim', 'pageURL' => $urlFilter, 'metaKeywords' => 'StringTrim', 'metaDescription' => 'StringTrim', 'template' => 'Digits');
$validators = array('id' => array('allowEmpty' => true), 'pageTitle' => $requiredText, 'pageURL' => 'NotEmpty', 'metaKeywords' => array('allowEmpty' => true), 'metaDescription' => array('allowEmpty' => true), 'pageContent' => array('allowEmpty' => true), 'template' => 'NotEmpty');
$input = new Zend_Filter_Input($filters, $validators, $_POST);
if ($input->isValid()) {
// Data is all valid, formatted and sanitized so we can save it in the database
$page = new Datasource_Cms_Pages();
$auth = Zend_Auth::getInstance();
$auth->setStorage(new Zend_Auth_Storage_Session('hl_admin'));
$username = $auth->getStorage()->read()->username;
if (!$input->id) {
// This is a new page so we need to create a new ID
$pageID = $page->addNew($siteID, $input->pageTitle, $input->pageURL, $input->getUnescaped('pageContent'), $input->metaKeywords, $input->metaDescription, $input->template);
// Record activity
Application_Core_ActivityLogger::log('CMS Page Added', 'complete', 'CMS-Admin', $username, "Page URL: /" . $input->pageURL);
} else {
// This is an existing page
// If the URL is not editable, use the original saved version
$pageEdit = $page->getByID($input->id);
if ($pageEdit['urlEditable'] == 0) {
$input->pageURL = $pageEdit['url'];
}
$page->saveChanges($input->id, $input->pageTitle, $input->pageURL, $input->getUnescaped('pageContent'), $input->metaKeywords, $input->metaDescription, $input->template);
$pageID = $input->id;
Application_Core_ActivityLogger::log('CMS Page Edited ', 'complete', 'CMS-Admin', $username, "Page URL: /" . $input->pageURL);
}
// Now we need to save any meta data associated with this page
$metaFields = $page->getMetaFields($pageID);
// We now have an array that tells us what meta fields are expected and what type they are - so first
// we need to make a filter and validator array for them.
// This could be expanded in the future to allow us to require certain meta data to be entered
// if a 'required' flag is set in the meta database.
$metaFilters = array();
$metaValidators = array();
foreach ($metaFields as $metaField) {
if ($metaField['metaType'] == 'string' || $metaField['metaType'] == 'html' || $metaField['metaType'] == 'icon') {
array_push($metaFilters, array($metaField['metaName'] => 'StringTrim'));
array_push($metaValidators, array($metaField['metaName'] => array('allowEmpty' => true)));
}
}
$metaInput = new Zend_Filter_Input($metaFilters, $metaValidators, $_POST);
$metaDataArray = array();
foreach ($metaFields as $metaField) {
if ($metaField['metaType'] == 'html') {
$metaDataArray[$metaField['metaName']] = $metaInput->getUnescaped($metaField['metaName']);
} else {
$metaDataArray[$metaField['metaName']] = $metaInput->getEscaped($metaField['metaName']);
}
}
$page->saveMeta($pageID, $metaDataArray);
// Changes saved - so send them back with a nice success message
$this->_helper->getHelper('FlashMessenger')->addMessage(array('saved' => true));
$this->_helper->getHelper('Redirector')->goToUrl('/cms-admin/pages/edit?id=' . $pageID);
} else {
// Invalid data in form
/*
print_r($_POST);
print_r($input->getErrors());
print_r($input->getInvalid());
*/
}
}
/**
* Retrieve the AgentID for the reference and display the report.
*
* @todo: push parameters into the view
*
* @return void
*/
public function retrieveAction()
{
$baseRefUrl = $this->_params->connect->baseUrl->referencing;
$request = $this->getRequest();
$refno = $request->getParam('refno');
$reptype = $request->getParam('repType');
// Requested time generation for the report
$timegenerated1 = $request->getParam('generated');
if (!$timegenerated1) {
$timegenerated1 = 0;
}
// Latest time generation of the report
$reportDatasource = new Datasource_ReferencingLegacy_ReportHistory();
$timegenerated2 = $reportDatasource->getTimeReportGenerated($refno, $reptype);
//$timegenerated2=strtotime($timegenerated);
// If refno belongs to the agent then push params into view
if ($this->_isReferenceOwnedBy($refno, $this->_agentSchemeNumber)) {
// Create Filters for params
$filters = array('*' => array('StringTrim', 'HtmlEntities', 'StripTags'));
//Create Validators
$validators = array('*' => array('allowEmpty' => false));
// Check values
$requestFilter = new Zend_Filter_Input($filters, $validators, array('refno' => $refno, 'reptype' => $reptype));
if ($requestFilter->isValid()) {
$this->view->refNo = $requestFilter->getEscaped('refno');
$this->view->repType = $requestFilter->getEscaped('reptype');
$this->view->timegenerated1 = $timegenerated1;
$this->view->timegenerated2 = $timegenerated2;
// $this->_helper->layout()->disableLayout();
// $page=$this->_helper->redirector->gotoUrlAndExit($baseRefUrl . '/cgi-bin/refviewreport.pl?refno=' . $refno.'&repType=interim');
// $this->_redirect($page);
}
} else {
$this->render('report_error');
}
}
public function getuserinfoAction()
{
$this->_helper->viewRenderer->setNoRender();
$this->_helper->getHelper("layout")->disableLayout();
$aInputFilters = array("*" => array(new Zend_Filter_Digits()));
$aInputValidators = array("user_id" => array(new Zend_Validate_Digits(), "allowEmpty" => false));
$oInput = new Zend_Filter_Input($aInputFilters, $aInputValidators, $_POST);
if ($oInput->isValid() && $oInput->getEscaped("user_id")) {
$oModelVUser = new Admin_Model_VUser();
$nUserId = (int) $oInput->getEscaped("user_id");
$oRow = $oModelVUser->getRecipientInfo($nUserId);
}
header("Content-type: application/json");
echo Zend_Json::encode($oRow);
}
public function continueAction()
{
if ($this->getRequest()->isPost()) {
// Sanitise ref_num
$filters = array('*' => array('StringTrim', 'HtmlEntities', 'StripTags'));
$validators = array('*' => array('allowEmpty' => true));
$input['referenceNumber'] = $this->_request->getParam('ref_num');
$validate = new Zend_Filter_Input($filters, $validators, $input);
Zend_Debug::dump($input['referenceNumber']);
$referenceNumber = $validate->getEscaped('referenceNumber');
$pageSession = new Zend_Session_Namespace('online_claims');
$pageSession->ClaimReferenceNumber = $referenceNumber;
/*
We are always going to go back to step1 for claims when continuing but we have to set the session variables up
to know how far into the process we got. Otherwise this crap f*cking Sword code doesn't bother
populating any of the forms with data already saved.
I hate this - so much it gives me headache just thinking about it…
*/
//Claim Manager
$claimManager = new Manager_Insurance_RentGuaranteeClaim_Claim();
//Identify the Step
$pageSession->completed[1] = true;
$pageSession->identifier[1] = true;
$claimData = $claimManager->getClaim($referenceNumber, $this->_agentSchemeNumber);
if ($claimData->getTenancyStartDate() != "") {
$step = 2;
$pageSession->completed[2] = true;
$pageSession->identifier[2] = true;
}
$rentPayments = $claimManager->getRentPaymentsByReferenceNumber($referenceNumber);
if (count($rentPayments) > 0) {
$step = 3;
$pageSession->completed[3] = true;
$pageSession->identifier[3] = true;
}
$supportingDocs = $claimManager->getSupportingDocumentsByReferenceNumber($referenceNumber);
if (count($supportingDocs) > 0) {
$step = 4;
$pageSession->completed[4] = true;
$pageSession->identifier[4] = true;
}
$this->_helper->redirector->gotoUrl('rentguaranteeclaims/step1');
}
}
