/** * execute method of the class; check if master record exists and return null or error; * @param none * @return mix null or error object if records don't exists * @access public */ function Execute() { $this->errorIfExists(false); $err = parent::Execute(); if ($err != NULL) { $useSavedData = false; if (in_array($this->tNG->transactionType, array('_delete', '_multipleDelete'))) { $useSavedData = true; } $this->errorMsg = KT_DynamicData($this->errorMsg, $this->tNG, '', $useSavedData); $err = new tNG_error('TRIGGER_MESSAGE__CHECK_MASTER_RECORD', array(), array()); if ($this->fkField != '') { // set field error to $this->errorMsg $err->setFieldError($this->fkField, '%s', array($this->errorMsg)); if ($this->tNG->columns[$this->fkField]['method'] != 'POST') { // set composed message as user error $err->addDetails('%s', array($this->errorMsg), array('')); } } else { // set composed message as user error $err->addDetails('%s', array($this->errorMsg), array('')); } } return $err; }
function Trigger_UpdatePassword_CheckOldPassword(&$tNG) { $password_field = $GLOBALS['tNG_login_config']['password_field']; $password_value = $tNG->getColumnValue($password_field); $old_password_value = KT_DynamicData("{POST.old_" . $password_field . "}", $tNG); if ($old_password_value != "" && $password_value == "") { $errObj = new tNG_error("UPDATEPASS_NO_NEW_PASS", array(), array()); $errObj->setFieldError($password_field, "UPDATEPASS_NO_NEW_PASS_FIELDERR", array()); return $errObj; } if ($password_value != "") { if ($GLOBALS['tNG_login_config']['password_encrypt'] == "true") { if ($old_password_value != "") { $old_password_value = tNG_encryptString($old_password_value); } } $table = $GLOBALS['tNG_login_config']['table']; $pk_field = $GLOBALS['tNG_login_config']['pk_field']; $pk_value = KT_escapeForSql($tNG->getPrimaryKeyValue(), $GLOBALS['tNG_login_config']['pk_type']); $sql = "SELECT " . KT_escapeFieldName($password_field) . " FROM " . $table . " WHERE " . KT_escapeFieldName($pk_field) . "=" . $pk_value; $rs = $tNG->connection->Execute($sql); if (!is_object($rs)) { return new tNG_error("LOGIN_RECORDSET_ERR", array(), array()); } if ($rs->RecordCount() == 0) { return new tNG_error("UPDATEPASS_NO_RECORD", array(), array()); } if ($rs->RecordCount() != 1) { return new tNG_error("UPDATEPASS_TOMANY_RECORDS", array(), array()); } $db_password_value = $rs->Fields($GLOBALS['tNG_login_config']['password_field']); if ($db_password_value != $old_password_value) { $tNG->addColumn("old_" . $password_field, "STRING_TYPE", "VALUE", ""); $errObj = new tNG_error("UPDATEPASS_WRONG_OLD_PASS", array(), array()); $errObj->setFieldError("old_" . $password_field, "UPDATEPASS_WRONG_OLD_PASS_FIELDERR", array()); return $errObj; } } return null; }
/** * Main Class method. Sets the action: remove|replace|block. * @return mixt object in case of errors or null * @access public */ function Execute() { $ret = null; $arr = $this->tNG->columns; $columns = array(); foreach ($arr as $colName => $colDetails) { if ($colDetails['type'] == 'STRING_TYPE') { $columns[$colName] = $colDetails['value']; } } if (count($columns) == 0) { return; } $words = $this->getWords(); if (is_object($this->error)) { return $this->error; } if (count($words) == 0) { return; } $fieldWithErrors = array(); foreach ($columns as $colName => $value) { if (!$this->checkValue($colName, $value, $words)) { $error = true; $fieldWithErrors[] = $colName; } } // action block if (isset($error) && $this->action == 'block') { if ($this->errorMsg == '') { $ret = new tNG_error('TRIGGER_MESSAGE__CHECK_FORBIDDEN_WORDS', array(implode(', ', $fieldWithErrors)), array()); } else { $ret = new tNG_error('%s', array($this->errorMsg), array('')); } $errorMsg = KT_getResource('FORBIDDEN_FIELD_ERROR', 'tNG', array()); foreach ($fieldWithErrors as $colName) { // set field error to $errorMsg $ret->setFieldError($colName, '%s', array($errorMsg)); if ($this->tNG->columns[$colName]['method'] != 'POST') { // set composed message as user error $ret->addDetails('%s', array($errorMsg), array('')); } } // action remove/replace } else { if (isset($error) && $this->action != 'block') { foreach ($this->replacements as $colName => $value) { $this->tNG->setColumnValue($colName, $value); } } } return $ret; }
/** NAME: Execute DESCRIPTION: validates the columnsValue based on regExp and required information ARGUMENTS: none - property used: $columns $columnsValue RETURN: string - empty on succes , an error message if fails property changed: - none **/ function Execute() { $failed = false; $errObj = new tNG_error('', array(), array()); if ($this->mustValidate && count($this->columns) > 0) { $columnKeys = array_keys($this->columns); $cols = count($columnKeys); for ($i = 0; $i < $cols; $i++) { $doRequiredVal = true; $colIdx = $columnKeys[$i]; $column =& $this->columns[$colIdx]; if (!in_array($column['name'], array_keys($this->tNG->columns))) { continue; } // on update don't require FILE_TYPE and tNG password fields if ($this->tNG->getTransactionType() == '_update' || $this->tNG->getTransactionType() == '_multipleUpdate') { if ($this->tNG->getColumnType($column['name']) == 'FILE_TYPE') { $doRequiredVal = false; } if ($this->tNG->getTable() == $GLOBALS['tNG_login_config']["table"] && $column['name'] == $GLOBALS['tNG_login_config']["password_field"]) { $doRequiredVal = false; } // if it is setted to CURRVAL is not required; if ($this->tNG->columns[$column['name']]['method'] == 'CURRVAL') { $doRequiredVal = false; } } $hasRequiredError = false; $hasTypeError = false; $tmpFieldValue = $this->tNG->getColumnValue($column['name']); if ($column['type'] == 'date' && $column['format'] != '') { if (!in_array($this->tNG->getColumnType($column['name']), array('DATE_TYPE', 'DATE_ACCESS_TYPE'))) { $tmpFieldValue = KT_formatDate2DB($tmpFieldValue); } } $column['failed'] = false; // required parameter validation $colCustomMsg = $column['message']; if ($doRequiredVal && $column['required']) { if (strlen($colCustomMsg) == 0) { $colCustomMsg = $this->genericValidationMessages['required']; } if ((string) $tmpFieldValue == '') { $failed = true; $hasRequiredError = true; $column['failed'] = true; if ($this->tNG->exportsRecordset() !== true) { $colCustomMsg = KT_DynamicData($colCustomMsg, $this->tNG, '', $this->tNG->transactionType == '_delete'); $errObj->addDetails('%s', array($colCustomMsg), array($colCustomMsg)); } else { $errObj->setFieldError($column['name'], '%s', array($colCustomMsg)); } } } // type and format validation $colCustomMsg = $column['message']; if ($tmpFieldValue != '' && $column['type'] != '') { if (strlen($colCustomMsg) == 0) { $colCustomMsgBefore = $this->genericValidationMessages['format']; $colCustomMsgAfter = $this->genericValidationMessages[$column['type'] . '_' . $column['format']]; $colCustomMsg = sprintf($colCustomMsgBefore, $colCustomMsgAfter); } $tmpFieldValue = substr($tmpFieldValue, 0, 400); switch ($column['type']) { case 'regexp': $res = @preg_match($column['additional_params'], $tmpFieldValue); if ($res === false) { $hasTypeError = true; $colCustomMsgBefore = $this->genericValidationMessages['format']; $colCustomMsgAfter = $this->genericValidationMessages['regexp_failed']; $colCustomMsg = sprintf($colCustomMsgBefore, $colCustomMsgAfter); } if ($res === 0) { $hasTypeError = true; } break; case 'mask': $myRegexp = $this->mask2regexp($column['additional_params']); if (!preg_match($myRegexp, $tmpFieldValue)) { $hasTypeError = true; } break; case 'text': case 'numeric': case 'double': $type = $column['type']; $format = $column['format']; if (is_array($this->validationRules[$type][$format])) { $myValidationRule =& $this->validationRules[$type][$format]; if (isset($myValidationRule['mask'])) { $myRegexp = $this->mask2regexp($myValidationRule['mask']); $myValidationRule['regexp'] = $myRegexp; } if (isset($myValidationRule['regexp'])) { if (!preg_match($myValidationRule['regexp'], $tmpFieldValue)) { $hasTypeError = true; } } if (isset($myValidationRule['callback'])) { $ret = call_user_func(array('tNG_FormValidation', $myValidationRule['callback']), $tmpFieldValue); if (!$ret) { $hasTypeError = true; } } } break; case 'date': $format = $column['format']; $checkFullDateTime = true; switch ($format) { case 'date': $inFmtRule = KT_format2rule($GLOBALS['KT_db_date_format']); $checkFullDateTime = true; break; case 'time': $inFmtRule = KT_format2rule($GLOBALS['KT_db_time_format_internal']); $checkFullDateTime = false; break; case 'datetime': $inFmtRule = KT_format2rule($GLOBALS['KT_db_date_format'] . ' ' . $GLOBALS['KT_db_time_format_internal']); $checkFullDateTime = true; break; default: break 2; } $dateArr = KT_applyDate2rule($tmpFieldValue, $inFmtRule); $ret = KT_isValidDate($dateArr, $checkFullDateTime); if (!$ret) { $hasTypeError = true; } break; } } if (!$hasRequiredError && $hasTypeError) { $column['failed'] = true; $failed = true; if ($this->tNG->exportsRecordset() !== true) { $colCustomMsg = KT_DynamicData($colCustomMsg, $this->tNG, '', $this->tNG->transactionType == '_delete'); $errObj->addDetails('%s', array($colCustomMsg), array($colCustomMsg)); } else { $errObj->setFieldError($column['name'], '%s', array($colCustomMsg)); } } } for ($i = 0; $i < $cols; $i++) { $colIdx = $columnKeys[$i]; $column =& $this->columns[$colIdx]; if (!in_array($column['name'], array_keys($this->tNG->columns))) { continue; } $hasMinMaxError = false; $tmpFieldValue = $this->tNG->getColumnValue($column['name']); if ($column['type'] == 'date' && $column['format'] != '') { if (!in_array($this->tNG->getColumnType($column['name']), array('DATE_TYPE', 'DATE_ACCESS_TYPE'))) { $tmpFieldValue = KT_formatDate2DB($tmpFieldValue); } } // MIN MAX parameter validation $tNG_tNGfield_min = array(); $tNG_tNGfield_max = array(); $min = $column['min']; $min_placeholders = KT_getReplacementsFromMessage($min); if (count($min_placeholders) > 0) { foreach ($min_placeholders as $key => $placeholder) { if (strpos($placeholder, '.') === false) { $tNG_tNGfield_min[] = $placeholder; } } } $max = $column['max']; $max_placeholders = KT_getReplacementsFromMessage($max); if (count($max_placeholders) > 0) { foreach ($max_placeholders as $key => $placeholder) { if (strpos($placeholder, '.') === false) { $tNG_tNGfield_max[] = $placeholder; } } } $min = KT_DynamicData($min, $this->tNG); $max = KT_DynamicData($max, $this->tNG); // MIN parameter validation if ($tmpFieldValue != '' && $min != '') { if ($column['type'] == 'text') { if (strlen($tmpFieldValue) < $min) { $hasMinMaxError = true; } } if (in_array($column['type'], array('numeric', 'double'))) { $evaluateNumeric = true; if (count($tNG_tNGfield_min) > 0) { foreach ($tNG_tNGfield_min as $key => $tNG_tNGfield) { if (!isset($this->columns[$tNG_tNGfield]) || !in_array($this->columns[$tNG_tNGfield]['type'], array('numeric', 'double')) || $this->columns[$tNG_tNGfield]['format'] == '' || $column['failed']) { $evaluateNumeric = false; break; } } } $tmpFieldValue = str_replace(',', '.', $tmpFieldValue); $min = str_replace(',', '.', $min); if ($evaluateNumeric) { $min = $this->tNG->evaluateNumeric($min); } if (floatval($tmpFieldValue) < floatval($min)) { $hasMinMaxError = true; } } if ($column['type'] == 'date') { if (count($tNG_tNGfield_min) > 0) { foreach ($tNG_tNGfield_min as $key => $tNG_tNGfield) { if (in_array($this->tNG->getColumnType($tNG_tNGfield), array('DATE_TYPE', 'DATE_ACCESS_TYPE'))) { $min = KT_formatDate($min); break; } } } $minDate = KT_formatDate2DB($min); $format = $column['format']; $checkFullDateTime = true; switch ($format) { case 'date': $inFmtRule = KT_format2rule($GLOBALS['KT_db_date_format']); $checkFullDateTime = true; break; case 'time': $inFmtRule = KT_format2rule($GLOBALS['KT_db_time_format_internal']); $checkFullDateTime = false; break; case 'datetime': $inFmtRule = KT_format2rule($GLOBALS['KT_db_date_format'] . ' ' . $GLOBALS['KT_db_time_format_internal']); $checkFullDateTime = true; break; default: break 2; } $dateArr = KT_applyDate2rule($tmpFieldValue, $inFmtRule); $minArr = KT_applyDate2rule($minDate, $inFmtRule); if (KT_isValidDate($minArr, $checkFullDateTime)) { if (KT_compareDates($dateArr, $minArr) === 1) { $hasMinMaxError = true; } } } } // MAX parameter validation if ($tmpFieldValue != '' && $max != '') { if ($column['type'] == 'text') { if (strlen($tmpFieldValue) > $max) { $hasMinMaxError = true; } } if (in_array($column['type'], array('numeric', 'double'))) { $evaluateNumeric = true; if (count($tNG_tNGfield_max) > 0) { foreach ($tNG_tNGfield_max as $key => $tNG_tNGfield) { if (!isset($this->columns[$tNG_tNGfield]) || !in_array($this->columns[$tNG_tNGfield]['type'], array('numeric', 'double')) || $this->columns[$tNG_tNGfield]['format'] == '' || $column['failed']) { $evaluateNumeric = false; break; } } } $tmpFieldValue = str_replace(',', '.', $tmpFieldValue); $max = str_replace(',', '.', $max); if ($evaluateNumeric) { $max = $this->tNG->evaluateNumeric($max); } if (floatval($tmpFieldValue) > floatval($max)) { $hasMinMaxError = true; } } if ($column['type'] == 'date') { if (count($tNG_tNGfield_max) > 0) { foreach ($tNG_tNGfield_max as $key => $tNG_tNGfield) { if (in_array($this->tNG->getColumnType($tNG_tNGfield), array('DATE_TYPE', 'DATE_ACCESS_TYPE'))) { $max = KT_formatDate($max); break; } } } $maxDate = KT_formatDate2DB($max); $format = $column['format']; $checkFullDateTime = true; switch ($format) { case 'date': $inFmtRule = KT_format2rule($GLOBALS['KT_db_date_format']); $checkFullDateTime = true; break; case 'time': $inFmtRule = KT_format2rule($GLOBALS['KT_db_time_format_internal']); $checkFullDateTime = false; break; case 'datetime': $inFmtRule = KT_format2rule($GLOBALS['KT_db_date_format'] . ' ' . $GLOBALS['KT_db_time_format_internal']); $checkFullDateTime = true; break; default: break 2; } $dateArr = KT_applyDate2rule($tmpFieldValue, $inFmtRule); $maxArr = KT_applyDate2rule($maxDate, $inFmtRule); if (KT_isValidDate($maxArr, $checkFullDateTime)) { if (KT_compareDates($dateArr, $maxArr) === -1) { $hasMinMaxError = true; } } } } $colCustomMsg = $column['message']; if (strlen($colCustomMsg) == 0) { $colCustomMsgBefore = $column['type'] == 'text' ? 'text' : 'other'; if ($min != '' && $max != '') { $colCustomMsgAfter = 'between'; $colCustomMsg = $this->genericValidationMessages[$colCustomMsgBefore . '_' . $colCustomMsgAfter]; $colCustomMsg = sprintf($colCustomMsg, $min, $max); } elseif ($min != '') { $colCustomMsgAfter = 'min'; $colCustomMsg = $this->genericValidationMessages[$colCustomMsgBefore . '_' . $colCustomMsgAfter]; $colCustomMsg = sprintf($colCustomMsg, $min); } else { $colCustomMsgAfter = 'max'; $colCustomMsg = $this->genericValidationMessages[$colCustomMsgBefore . '_' . $colCustomMsgAfter]; $colCustomMsg = sprintf($colCustomMsg, $max); } } if ($hasMinMaxError && $column['failed'] == false) { $column['failed'] = true; $failed = true; if ($this->tNG->exportsRecordset() !== true) { $colCustomMsg = KT_DynamicData($colCustomMsg, $this->tNG, '', $this->tNG->transactionType == '_delete'); $errObj->addDetails('%s', array($colCustomMsg), array($colCustomMsg)); } else { $errObj->setFieldError($column['name'], '%s', array($colCustomMsg)); } } } } if (!$failed) { $errObj = null; } else { if ($this->tNG->exportsRecordset() === true) { $errObj->addDetails('%s', array($this->genericValidationMessages['failed']), array('')); } } return $errObj; }
/** * execute method of the class; check if record exists and return null or error; * @param none * @return mix null or error object if record exists * @access public */ function Execute() { $where = array(); $i = 0; foreach ($this->field as $field) { if ($i++ == 0) { $first = $field; } $type = $this->tNG->getColumnType($field); $value = $this->tNG->getColumnValue($field); $where[] = KT_escapeFieldName($field) . " = " . KT_escapeForSql($value, $type); } $sql = "SELECT * FROM " . $this->table . " WHERE " . implode(' AND ', $where); if (in_array($this->tNG->transactionType, array('_update', '_multipleUpdate'))) { $pk = $this->tNG->getPrimaryKey(); $pk_value = $this->tNG->getPrimaryKeyValue(); $pk_type = $this->tNG->getColumnType($this->tNG->getPrimaryKey()); $pk_value = KT_escapeForSql($pk_value, $pk_type); $sql .= " AND " . $pk . " <> " . $pk_value; } $ret = $this->tNG->connection->Execute($sql); if ($ret === false) { return new tNG_error('CHECK_TF_SQL_ERROR', array(), array($this->tNG->connection->ErrorMsg(), $sql)); } if (!$ret->EOF) { $useSavedData = false; if (in_array($this->tNG->transactionType, array('_delete', '_multipleDelete'))) { $useSavedData = true; } $this->errorMsg = KT_DynamicData($this->errorMsg, $this->tNG, '', $useSavedData); if ($GLOBALS['tNG_debug_mode'] == 'DEVELOPMENT') { $err = new tNG_error('TRIGGER_MESSAGE__CHECK_UNIQUE', array(implode(', ', $this->field)), array()); } else { $err = new tNG_error('%s', array($this->errorMsg), array()); } if (count($this->field) == 1 && isset($this->tNG->columns[$this->field[$first]])) { // set field error to $this->errorMsg $err->setFieldError($this->field[$first], '%s', array($this->errorMsg)); if ($this->tNG->columns[$this->field[$first]]['method'] != 'POST') { // set composed message as user error $err->addDetails('%s', array($this->errorMsg), array('')); } } else { // set composed message as user error $err->addDetails('%s', array($this->errorMsg), array('')); } return $err; } return null; }
/** * Main method of the class. Execute the code * Return the error object with the error message in it and set the field error message on the field from transaction if the field was set in the class; * @return object error * @access public */ function Execute() { $useSavedData = false; if (in_array($this->tNG->transactionType, array('_delete', '_multipleDelete'))) { $useSavedData = true; } $this->errorMsg = KT_DynamicData($this->errorMsg, $this->tNG, '', $useSavedData); $this->fieldErrorMsg = KT_DynamicData($this->fieldErrorMsg, $this->tNG, '', $useSavedData); $err = new tNG_error('%s', array($this->errorMsg), array('')); if (isset($this->tNG->columns[$this->field])) { // set field error to $this->errorMsg $err->setFieldError($this->field, '%s', array($this->fieldErrorMsg)); if ($this->tNG->columns[$this->field]['method'] != 'POST') { // set composed message as user error $err->addDetails('%s', array($this->fieldErrorMsg), array('')); } } else { // set composed message as user error $err->addDetails('%s', array($this->fieldErrorMsg), array('')); } return $err; }
/** * the main method, execute the code of the class * return mix null or error object * @access public */ function Execute() { $ret = NULL; $baseFolder = KT_realpath($this->baseFolder); if ($this->rename == false && $this->dbFieldName != '') { $fileName = $this->tNG->getSavedValue($this->dbFieldName); } else { $fileName = KT_DynamicData($this->renameRule, $this->tNG, '', true); } $folder = KT_DynamicData($this->folder, $this->tNG, '', true); // security if (substr(KT_realpath($baseFolder . $folder . $fileName), 0, strlen($baseFolder)) != $baseFolder) { $ret = new tNG_error("FOLDER_DEL_SECURITY_ERROR", array(), array(dirname(KT_realpath($baseFolder . $folder . $fileName, false)), $baseFolder)); return $ret; } if ($fileName != "") { $fullFileName = $baseFolder . $folder . $fileName; if (file_exists($fullFileName)) { $delRet = @unlink($fullFileName); if ($delRet !== true) { $ret = new tNG_error('FILE_DEL_ERROR', array(), array($fullFileName)); $ret->setFieldError($this->fieldName, 'FILE_DEL_ERROR_D', array($fullFileName)); } else { $path_info = KT_pathinfo($fullFileName); $this->deleteThumbnails($path_info['dirname'] . '/thumbnails/', $path_info['basename']); } } } return $ret; }