/**
* Validate the form.
*/
private function validateForm()
{
// is the form submitted?
if ($this->frm->isSubmitted()) {
// cleanup the submitted fields, ignore fields that were added by hackers
$this->frm->cleanupFields();
// get field
/** @var $txtName \SpoonFormText */
$txtName = $this->frm->getField('name');
// name filled in?
if ($txtName->isFilled(BL::getError('NameIsRequired'))) {
// name exists?
if (BackendProfilesModel::existsGroupName($txtName->getValue())) {
// set error
$txtName->addError(BL::getError('GroupNameExists'));
}
}
// no errors?
if ($this->frm->isCorrect()) {
// build item
$values['name'] = $txtName->getValue();
// insert values
$id = BackendProfilesModel::insertGroup($values);
// trigger event
BackendModel::triggerEvent($this->getModule(), 'after_add_group', array('item' => $values));
// everything is saved, so redirect to the overview
$this->redirect(BackendModel::createURLForAction('Groups') . '&report=group-added&var=' . urlencode($values['name']) . '&highlight=row-' . $id);
}
}
}
/**
* Validate the form
*/
private function validateForm()
{
if ($this->frm->isSubmitted()) {
$this->frm->cleanupFields();
// get fields
$ddmGroup = $this->frm->getField('group');
$fileFile = $this->frm->getField('file');
$csv = array();
// validate input
$ddmGroup->isFilled(BL::getError('FieldIsRequired'));
if ($fileFile->isFilled(BL::err('FieldIsRequired'))) {
if ($fileFile->isAllowedExtension(array('csv'), sprintf(BL::getError('ExtensionNotAllowed'), 'csv'))) {
$csv = Csv::fileToArray($fileFile->getTempFileName());
if ($csv === false) {
$fileFile->addError(BL::getError('InvalidCSV'));
}
}
}
if ($this->frm->isCorrect()) {
// import the profiles
$overwrite = $this->frm->getField('overwrite_existing')->isChecked();
$statistics = BackendProfilesModel::importCsv($csv, $ddmGroup->getValue(), $overwrite);
// trigger event
BackendModel::triggerEvent($this->getModule(), 'after_import', array('statistics' => $statistics));
// build redirect url with the right message
$redirectUrl = BackendModel::createURLForAction('index') . '&report=';
$redirectUrl .= $overwrite ? 'profiles-imported-and-updated' : 'profiles-imported';
$redirectUrl .= '&var[]=' . $statistics['count']['inserted'];
$redirectUrl .= '&var[]=' . $statistics['count']['exists'];
// everything is saved, so redirect to the overview
$this->redirect($redirectUrl);
}
}
}
/**
* Validate the form
*/
private function validateForm()
{
if ($this->frm->isSubmitted()) {
$this->frm->cleanupFields();
// redefine fields
/** @var $fileFile \SpoonFormFile */
$fileFile = $this->frm->getField('file');
$chkOverwrite = $this->frm->getField('overwrite');
// name checks
if ($fileFile->isFilled(BL::err('FieldIsRequired'))) {
// only xml files allowed
if ($fileFile->isAllowedExtension(array('xml'), sprintf(BL::getError('ExtensionNotAllowed'), 'xml'))) {
// load xml
$xml = @simplexml_load_file($fileFile->getTempFileName());
// invalid xml
if ($xml === false) {
$fileFile->addError(BL::getError('InvalidXML'));
}
}
}
if ($this->frm->isCorrect()) {
// import
$statistics = BackendLocaleModel::importXML($xml, $chkOverwrite->getValue());
// trigger event
BackendModel::triggerEvent($this->getModule(), 'after_import', array('statistics' => $statistics));
// everything is imported, so redirect to the overview
$this->redirect(BackendModel::createURLForAction('Index') . '&report=imported&var=' . ($statistics['imported'] . '/' . $statistics['total']) . $this->filterQuery);
}
}
}
/**
* Validate the form.
*/
private function validateForm()
{
// is the form submitted?
if ($this->frm->isSubmitted()) {
// cleanup the submitted fields, ignore fields that were added by hackers
$this->frm->cleanupFields();
// get fields
$ddmGroup = $this->frm->getField('group');
$txtExpirationDate = $this->frm->getField('expiration_date');
$txtExpirationTime = $this->frm->getField('expiration_time');
// fields filled?
$ddmGroup->isFilled(BL::getError('FieldIsRequired'));
if ($txtExpirationDate->isFilled()) {
$txtExpirationDate->isValid(BL::getError('DateIsInvalid'));
}
if ($txtExpirationTime->isFilled()) {
$txtExpirationTime->isValid(BL::getError('TimeIsInvalid'));
}
// no errors?
if ($this->frm->isCorrect()) {
// build item
$values['profile_id'] = $this->id;
$values['group_id'] = $ddmGroup->getSelected();
$values['starts_on'] = BackendModel::getUTCDate();
// only format date if not empty
if ($txtExpirationDate->isFilled() && $txtExpirationTime->isFilled()) {
// format date
$values['expires_on'] = BackendModel::getUTCDate(null, BackendModel::getUTCTimestamp($txtExpirationDate, $txtExpirationTime));
}
// insert values
$id = BackendProfilesModel::insertProfileGroup($values);
// trigger event
BackendModel::triggerEvent($this->getModule(), 'after_profile_add_to_group', array('item' => $values));
// everything is saved, so redirect to the overview
$this->redirect(BackendModel::createURLForAction('Edit') . '&id=' . $values['profile_id'] . '&report=membership-added&highlight=row-' . $id . '#tabGroups');
}
}
}
/**
* Validate the form
*/
private function validateForm()
{
if ($this->frm->isSubmitted()) {
$this->frm->cleanupFields();
// shorten the fields
$txtName = $this->frm->getField('name');
$txtEmail = $this->frm->getField('email');
$ddmMethod = $this->frm->getField('method');
$txtSuccessMessage = $this->frm->getField('success_message');
$txtIdentifier = $this->frm->getField('identifier');
$emailAddresses = (array) explode(',', $txtEmail->getValue());
// validate fields
$txtName->isFilled(BL::getError('NameIsRequired'));
$txtSuccessMessage->isFilled(BL::getError('SuccessMessageIsRequired'));
if ($ddmMethod->isFilled(BL::getError('NameIsRequired')) && $ddmMethod->getValue() == 'database_email') {
$error = false;
// check the addresses
foreach ($emailAddresses as $address) {
$address = trim($address);
if (!\SpoonFilter::isEmail($address)) {
$error = true;
break;
}
}
// add error
if ($error) {
$txtEmail->addError(BL::getError('EmailIsInvalid'));
}
}
// identifier
if ($txtIdentifier->isFilled()) {
// invalid characters
if (!\SpoonFilter::isValidAgainstRegexp('/^[a-zA-Z0-9\\.\\_\\-]+$/', $txtIdentifier->getValue())) {
$txtIdentifier->setError(BL::getError('InvalidIdentifier'));
} elseif (BackendFormBuilderModel::existsIdentifier($txtIdentifier->getValue())) {
// unique identifier
$txtIdentifier->setError(BL::getError('UniqueIdentifier'));
}
}
if ($this->frm->isCorrect()) {
// build array
$values['language'] = BL::getWorkingLanguage();
$values['user_id'] = BackendAuthentication::getUser()->getUserId();
$values['name'] = $txtName->getValue();
$values['method'] = $ddmMethod->getValue();
$values['email'] = $ddmMethod->getValue() == 'database_email' ? serialize($emailAddresses) : null;
$values['success_message'] = $txtSuccessMessage->getValue(true);
$values['identifier'] = $txtIdentifier->isFilled() ? $txtIdentifier->getValue() : BackendFormBuilderModel::createIdentifier();
$values['created_on'] = BackendModel::getUTCDate();
$values['edited_on'] = BackendModel::getUTCDate();
// insert the item
$id = BackendFormBuilderModel::insert($values);
// trigger event
BackendModel::triggerEvent($this->getModule(), 'after_add', array('item' => $values));
// set frontend locale
FL::setLocale(BL::getWorkingLanguage(), true);
// create submit button
$field['form_id'] = $id;
$field['type'] = 'submit';
$field['settings'] = serialize(array('values' => \SpoonFilter::ucfirst(FL::getLabel('Send'))));
BackendFormBuilderModel::insertField($field);
// everything is saved, so redirect to the editform
$this->redirect(BackendModel::createURLForAction('Edit') . '&id=' . $id . '&report=added&var=' . urlencode($values['name']) . '#tabFields');
}
}
}
/**
* Execute the action
*/
public function execute()
{
parent::execute();
// get parameters
$formId = \SpoonFilter::getPostValue('form_id', null, '', 'int');
$fieldId = \SpoonFilter::getPostValue('field_id', null, '', 'int');
$type = \SpoonFilter::getPostValue('type', array('checkbox', 'dropdown', 'datetime', 'heading', 'paragraph', 'radiobutton', 'submit', 'textarea', 'textbox'), '', 'string');
$label = trim(\SpoonFilter::getPostValue('label', null, '', 'string'));
$values = trim(\SpoonFilter::getPostValue('values', null, '', 'string'));
// this is somewhat a nasty hack, but it makes special chars work.
$values = \SpoonFilter::htmlspecialcharsDecode($values);
$defaultValues = trim(\SpoonFilter::getPostValue('default_values', null, '', 'string'));
$placeholder = trim(\SpoonFilter::getPostValue('placeholder', null, '', 'string'));
$required = \SpoonFilter::getPostValue('required', array('Y', 'N'), 'N', 'string');
$requiredErrorMessage = trim(\SpoonFilter::getPostValue('required_error_message', null, '', 'string'));
$validation = \SpoonFilter::getPostValue('validation', array('email', 'numeric', 'time'), '', 'string');
$validationParameter = trim(\SpoonFilter::getPostValue('validation_parameter', null, '', 'string'));
$errorMessage = trim(\SpoonFilter::getPostValue('error_message', null, '', 'string'));
// special field for textbox: reply to
$replyTo = \SpoonFilter::getPostValue('reply_to', array('Y', 'N'), 'N', 'string');
// special fields for datetime
$inputType = \SpoonFilter::getPostValue('input_type', array('date', 'time'), 'date', 'string');
$valueAmount = trim(\SpoonFilter::getPostValue('value_amount', null, '', 'string'));
$valueType = trim(\SpoonFilter::getPostValue('value_type', null, '', 'string'));
// invalid form id
if (!BackendFormBuilderModel::exists($formId)) {
$this->output(self::BAD_REQUEST, null, 'form does not exist');
} else {
// invalid fieldId
if ($fieldId !== 0 && !BackendFormBuilderModel::existsField($fieldId, $formId)) {
$this->output(self::BAD_REQUEST, null, 'field does not exist');
} else {
// invalid type
if ($type == '') {
$this->output(self::BAD_REQUEST, null, 'invalid type provided');
} else {
// extra validation is only possible for textfields & datetime fields
if ($type != 'textbox' && $type != 'datetime') {
$validation = '';
$validationParameter = '';
$errorMessage = '';
}
// init
$errors = array();
// validate textbox
if ($type == 'textbox') {
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($validation != '' && $errorMessage == '') {
$errors['error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($replyTo == 'Y' && $validation != 'email') {
$errors['reply_to_error_message'] = BL::getError('EmailValidationIsRequired');
}
} elseif ($type == 'textarea') {
// validate textarea
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($validation != '' && $errorMessage == '') {
$errors['error_message'] = BL::getError('ErrorMessageIsRequired');
}
} elseif ($type == 'datetime') {
// validate datetime
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if (in_array($valueType, array('day', 'week', 'month', 'year')) && $valueAmount == '') {
$errors['default_value_error_message'] = BL::getError('ValueIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($validation != '' && $errorMessage == '') {
$errors['error_message'] = BL::getError('ErrorMessageIsRequired');
}
} elseif ($type == 'heading' && $values == '') {
// validate heading
$errors['values'] = BL::getError('ValueIsRequired');
} elseif ($type == 'paragraph' && $values == '') {
// validate paragraphs
$errors['values'] = BL::getError('ValueIsRequired');
} elseif ($type == 'submit' && $values == '') {
// validate submitbuttons
$errors['values'] = BL::getError('ValueIsRequired');
} elseif ($type == 'dropdown') {
// validate dropdown
$values = trim($values, ',');
// validate
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($values == '') {
$errors['values'] = BL::getError('ValueIsRequired');
}
} elseif ($type == 'radiobutton') {
// validate radiobutton
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
if ($values == '') {
$errors['values'] = BL::getError('ValueIsRequired');
}
} elseif ($type == 'checkbox') {
// validate checkbox
if ($label == '') {
$errors['label'] = BL::getError('LabelIsRequired');
}
if ($required == 'Y' && $requiredErrorMessage == '') {
$errors['required_error_message'] = BL::getError('ErrorMessageIsRequired');
}
}
// got errors
if (!empty($errors)) {
$this->output(self::OK, array('errors' => $errors), 'form contains errors');
} else {
// htmlspecialchars except for paragraphs
if ($type != 'paragraph') {
if ($values != '') {
$values = \SpoonFilter::htmlspecialchars($values);
}
if ($defaultValues != '') {
$defaultValues = \SpoonFilter::htmlspecialchars($defaultValues);
}
}
// split
if ($type == 'dropdown' || $type == 'checkbox') {
$values = (array) explode('|', $values);
} elseif ($type == 'radiobutton') {
$postedValues = (array) explode('|', $values);
$values = array();
foreach ($postedValues as $postedValue) {
$values[] = array('value' => CommonUri::getUrl($postedValue), 'label' => $postedValue);
}
}
/**
* Save!
*/
// settings
$settings = array();
if ($label != '') {
$settings['label'] = \SpoonFilter::htmlspecialchars($label);
}
if (isset($values)) {
$settings['values'] = $values;
}
if ($defaultValues != '') {
$settings['default_values'] = $defaultValues;
}
if ($placeholder != '') {
$settings['placeholder'] = \SpoonFilter::htmlspecialchars($placeholder);
}
// reply-to, only for textboxes
if ($type == 'textbox') {
$settings['reply_to'] = $replyTo == 'Y';
}
// only for datetime input
if ($type == 'datetime') {
$settings['input_type'] = $inputType;
if ($inputType == 'date') {
$settings['value_amount'] = $valueAmount;
$settings['value_type'] = $valueType;
}
}
// build array
$field = array();
$field['form_id'] = $formId;
$field['type'] = $type;
$field['settings'] = !empty($settings) ? serialize($settings) : null;
// existing field
if ($fieldId !== 0) {
// update field
BackendFormBuilderModel::updateField($fieldId, $field);
// delete all validation (added again later)
BackendFormBuilderModel::deleteFieldValidation($fieldId);
} else {
// sequence
$field['sequence'] = BackendFormBuilderModel::getMaximumSequence($formId) + 1;
// insert
$fieldId = BackendFormBuilderModel::insertField($field);
}
// required
if ($required == 'Y') {
// build array
$validate['field_id'] = $fieldId;
$validate['type'] = 'required';
$validate['error_message'] = \SpoonFilter::htmlspecialchars($requiredErrorMessage);
// add validation
BackendFormBuilderModel::insertFieldValidation($validate);
// add to field (for parsing)
$field['validations']['required'] = $validate;
}
// other validation
if ($validation != '') {
// build array
$validate['field_id'] = $fieldId;
$validate['type'] = $validation;
$validate['error_message'] = \SpoonFilter::htmlspecialchars($errorMessage);
$validate['parameter'] = $validationParameter != '' ? \SpoonFilter::htmlspecialchars($validationParameter) : null;
// add validation
BackendFormBuilderModel::insertFieldValidation($validate);
// add to field (for parsing)
$field['validations'][$type] = $validate;
}
// get item from database (i do this call again to keep the pof as low as possible)
$field = BackendFormBuilderModel::getField($fieldId);
// submit button isnt parsed but handled directly via javascript
if ($type == 'submit') {
$fieldHTML = '';
} else {
// parse field to html
$fieldHTML = FormBuilderHelper::parseField($field);
}
// success output
$this->output(self::OK, array('field_id' => $fieldId, 'field_html' => $fieldHTML), 'field saved');
}
}
}
}
}
/**
* Validate the form
*/
private function validateForm()
{
if ($this->frm->isSubmitted()) {
$this->frm->cleanupFields();
// shorten the fields
$txtName = $this->frm->getField('name');
$txtEmail = $this->frm->getField('email');
$ddmMethod = $this->frm->getField('method');
$txtSuccessMessage = $this->frm->getField('success_message');
$txtIdentifier = $this->frm->getField('identifier');
$emailAddresses = (array) explode(',', $txtEmail->getValue());
// validate fields
$txtName->isFilled(BL::getError('NameIsRequired'));
$txtSuccessMessage->isFilled(BL::getError('SuccessMessageIsRequired'));
if ($ddmMethod->isFilled(BL::getError('NameIsRequired')) && $ddmMethod->getValue() == 'database_email') {
$error = false;
// check the addresses
foreach ($emailAddresses as $address) {
$address = trim($address);
if (!\SpoonFilter::isEmail($address)) {
$error = true;
break;
}
}
// add error
if ($error) {
$txtEmail->addError(BL::getError('EmailIsInvalid'));
}
}
// identifier
if ($txtIdentifier->isFilled()) {
// invalid characters
if (!\SpoonFilter::isValidAgainstRegexp('/^[a-zA-Z0-9\\.\\_\\-]+$/', $txtIdentifier->getValue())) {
$txtIdentifier->setError(BL::getError('InvalidIdentifier'));
} elseif (BackendFormBuilderModel::existsIdentifier($txtIdentifier->getValue(), $this->id)) {
$txtIdentifier->setError(BL::getError('UniqueIdentifier'));
}
}
if ($this->frm->isCorrect()) {
// build array
$values['name'] = $txtName->getValue();
$values['method'] = $ddmMethod->getValue();
$values['email'] = $ddmMethod->getValue() == 'database_email' ? serialize($emailAddresses) : null;
$values['success_message'] = $txtSuccessMessage->getValue(true);
$values['identifier'] = $txtIdentifier->isFilled() ? $txtIdentifier->getValue() : BackendFormBuilderModel::createIdentifier();
$values['edited_on'] = BackendModel::getUTCDate();
// insert the item
$id = (int) BackendFormBuilderModel::update($this->id, $values);
// trigger event
BackendModel::triggerEvent($this->getModule(), 'after_edit', array('item' => $values));
// everything is saved, so redirect to the overview
$this->redirect(BackendModel::createURLForAction('Index') . '&report=edited&var=' . urlencode($values['name']) . '&highlight=row-' . $id);
}
}
}
/**
* Validate the form
*/
private function validateForm()
{
// is the form submitted?
if ($this->frm->isSubmitted()) {
// cleanup the submitted fields, ignore fields that were added by hackers
$this->frm->cleanupFields();
// get fields
$txtEmail = $this->frm->getField('email');
$txtDisplayName = $this->frm->getField('display_name');
$txtPassword = $this->frm->getField('password');
$txtFirstName = $this->frm->getField('first_name');
$txtLastName = $this->frm->getField('last_name');
$txtCity = $this->frm->getField('city');
$ddmGender = $this->frm->getField('gender');
$ddmDay = $this->frm->getField('day');
$ddmMonth = $this->frm->getField('month');
$ddmYear = $this->frm->getField('year');
$ddmCountry = $this->frm->getField('country');
// email filled in?
if ($txtEmail->isFilled(BL::getError('EmailIsRequired'))) {
// valid email?
if ($txtEmail->isEmail(BL::getError('EmailIsInvalid'))) {
// email already exists?
if (BackendProfilesModel::existsByEmail($txtEmail->getValue())) {
// set error
$txtEmail->addError(BL::getError('EmailExists'));
}
}
}
// display name filled in?
if ($txtDisplayName->isFilled(BL::getError('DisplayNameIsRequired'))) {
// display name already exists?
if (BackendProfilesModel::existsDisplayName($txtDisplayName->getValue())) {
// set error
$txtDisplayName->addError(BL::getError('DisplayNameExists'));
}
}
// password filled in?
$txtPassword->isFilled(BL::err('FieldIsRequired'));
// one of the birthday fields are filled in
if ($ddmDay->isFilled() || $ddmMonth->isFilled() || $ddmYear->isFilled()) {
// valid date?
if (!checkdate($ddmMonth->getValue(), $ddmDay->getValue(), $ddmYear->getValue())) {
// set error
$ddmYear->addError(BL::getError('DateIsInvalid'));
}
}
// no errors?
if ($this->frm->isCorrect()) {
// get new salt
$salt = BackendProfilesModel::getRandomString();
// build item
$values = array('email' => $txtEmail->getValue(), 'registered_on' => BackendModel::getUTCDate(), 'display_name' => $txtDisplayName->getValue(), 'url' => BackendProfilesModel::getUrl($txtDisplayName->getValue()), 'password' => BackendProfilesModel::getEncryptedString($txtPassword->getValue(), $salt), 'last_login' => BackendModel::getUTCDate(null, 0));
$this->id = BackendProfilesModel::insert($values);
// update salt
BackendProfilesModel::setSetting($this->id, 'salt', $salt);
// update values
BackendProfilesModel::update($this->id, $values);
// bday is filled in
if ($ddmYear->isFilled()) {
// mysql format
$birthDate = $ddmYear->getValue() . '-';
$birthDate .= str_pad($ddmMonth->getValue(), 2, '0', STR_PAD_LEFT) . '-';
$birthDate .= str_pad($ddmDay->getValue(), 2, '0', STR_PAD_LEFT);
} else {
// not filled in
$birthDate = null;
}
// update settings
BackendProfilesModel::setSetting($this->id, 'first_name', $txtFirstName->getValue());
BackendProfilesModel::setSetting($this->id, 'last_name', $txtLastName->getValue());
BackendProfilesModel::setSetting($this->id, 'gender', $ddmGender->getValue());
BackendProfilesModel::setSetting($this->id, 'birth_date', $birthDate);
BackendProfilesModel::setSetting($this->id, 'city', $txtCity->getValue());
BackendProfilesModel::setSetting($this->id, 'country', $ddmCountry->getValue());
// trigger event
BackendModel::triggerEvent($this->getModule(), 'after_add', array('item' => $values));
// everything is saved, so redirect to the overview
$this->redirect(BackendModel::createURLForAction('Edit') . '&id=' . $this->id);
}
}
}
/**
* Validate the form
*
* @return void
*/
private function validateForm()
{
// is the form submitted?
if ($this->frm->isSubmitted()) {
// cleanup the submitted fields, ignore fields that were added by hackers
$this->frm->cleanupFields();
// validate fields
$this->frm->getField('title')->isFilled(BL::err('TitleIsRequired'));
$this->frm->getField('categories')->isFilled(BL::err('CategoryIsRequired'));
if ($this->frm->getField('width')->isFilled(BL::err('WidthIsRequired'))) {
$this->frm->getField('width')->isNumeric(BL::err('NumericCharactersOnly'));
}
if ($this->frm->getField('height')->isFilled()) {
$this->frm->getField('height')->isNumeric(BL::err('NumericCharactersOnly'));
}
$this->frm->getField('publish_on_date')->isValid(BL::getError('DateIsInvalid'));
$this->frm->getField('publish_on_time')->isValid(BL::getError('TimeIsInvalid'));
if ($this->frm->getField('filename')->isFilled()) {
// correct extension?
if ($this->frm->getField('filename')->isAllowedExtension(array('jpg', 'jpeg', 'gif', 'png'), BL::err('JPGGIFAndPNGOnly'))) {
// correct mimetype?
$this->frm->getField('filename')->isAllowedMimeType(array('image/gif', 'image/jpg', 'image/jpeg', 'image/png'), BL::err('JPGGIFAndPNGOnly'));
}
}
// validate meta
$this->meta->validate();
// no errors?
if ($this->frm->isCorrect()) {
// build item
$item['user_id'] = BackendAuthentication::getUser()->getUserId();
$item['meta_id'] = $this->meta->save();
$item['category_id'] = $this->frm->getField('categories')->getValue();
$item['language'] = BL::getWorkingLanguage();
$item['title'] = $this->frm->getField('title')->getValue();
$item['width'] = $this->frm->getField('width')->getValue();
$item['height'] = $this->frm->getField('height')->getValue();
// set height to null if empty
if (empty($item['height'])) {
$item['height'] = null;
}
$item['description'] = $this->frm->getField('description')->getValue(true);
if ($this->frm->getField('filename')->isFilled()) {
// create new filename
$filename = $this->meta->getURL();
$filename .= '-' . uniqid();
$filename .= '-' . BL::getWorkingLanguage();
$filename .= '.' . $this->frm->getField('filename')->getExtension();
$item['filename'] = $filename;
// create thumbnail
$this->frm->getField('filename')->createThumbnail(FRONTEND_FILES_PATH . '/slideshow/thumbnails/' . $filename, 100, 100, false, false, 100);
// @todo fix this
$this->frm->getField('filename')->moveFile(FRONTEND_FILES_PATH . '/slideshow/' . $filename);
}
$item['hidden'] = $this->frm->getField('hidden')->getValue();
$item['sequence'] = BackendSlideshowModel::getMaximumGallerySequence($this->frm->getField('categories')->getValue()) + 1;
$item['created_on'] = BackendModel::getUTCDate();
$item['publish_on'] = BackendModel::getUTCDate(null, BackendModel::getUTCTimestamp($this->frm->getField('publish_on_date'), $this->frm->getField('publish_on_time')));
// insert the item
$id = BackendSlideshowModel::insertGallery($item);
// insert default settings
BackendSlideshowModel::setSettings($id, $this->get('fork.settings')->getForModule('Slideshow'));
// trigger event
BackendModel::triggerEvent($this->getModule(), 'after_add', array('item' => $item));
// everything is saved, so redirect to the overview
$this->redirect(BackendModel::createURLForAction('AddImage') . '&report=added&id=' . $id);
}
}
}
/**
* Fetch the module information from the info.xml file.
*
* @param string $module
* @return array
*/
public static function getModuleInformation($module)
{
$pathInfoXml = BACKEND_MODULES_PATH . '/' . $module . '/info.xml';
$information = array('data' => array(), 'warnings' => array());
if (is_file($pathInfoXml)) {
try {
$infoXml = @new \SimpleXMLElement($pathInfoXml, LIBXML_NOCDATA, true);
$information['data'] = self::processModuleXml($infoXml);
if (empty($information['data'])) {
$information['warnings'][] = array('message' => BL::getMessage('InformationFileIsEmpty'));
}
// check if cronjobs are installed already
if (isset($information['data']['cronjobs'])) {
foreach ($information['data']['cronjobs'] as $cronjob) {
if (!$cronjob['active']) {
$information['warnings'][] = array('message' => BL::getError('CronjobsNotSet'));
}
break;
}
}
} catch (Exception $e) {
$information['warnings'][] = array('message' => BL::getMessage('InformationFileCouldNotBeLoaded'));
}
} else {
$information['warnings'][] = array('message' => BL::getMessage('InformationFileIsMissing'));
}
return $information;
}
/**
* Validate the form
*/
private function validateForm()
{
// is the form submitted?
if ($this->frm->isSubmitted()) {
// cleanup the submitted fields, ignore fields that were added by hackers
$this->frm->cleanupFields();
// required fields
$this->frm->getField('file')->isFilled(BL::err('FieldIsRequired'));
$this->frm->getField('label')->isFilled(BL::err('FieldIsRequired'));
$this->frm->getField('format')->isFilled(BL::err('FieldIsRequired'));
// check if the template file exists
if ($this->frm->getField('theme')->getValue() == 'Core') {
$templateFile = PATH_WWW . '/src/Frontend/Core/Layout/Templates/' . $this->frm->getField('file')->getValue();
} else {
$templateFile = PATH_WWW . '/src/Frontend/Themes/' . $this->frm->getField('theme')->getValue() . '/Core/Layout/Templates/' . $this->frm->getField('file')->getValue();
}
if (!is_file($templateFile)) {
$this->frm->getField('file')->addError(BL::err('TemplateFileNotFound'));
}
// validate syntax
$syntax = trim(str_replace(array("\n", "\r", ' '), '', $this->frm->getField('format')->getValue()));
// init var
$table = BackendExtensionsModel::templateSyntaxToArray($syntax);
// validate the syntax
if ($table === false) {
$this->frm->getField('format')->addError(BL::err('InvalidTemplateSyntax'));
} else {
$html = BackendExtensionsModel::buildTemplateHTML($syntax);
$cellCount = 0;
$first = true;
$errors = array();
// loop rows
foreach ($table as $row) {
// first row defines the cellcount
if ($first) {
$cellCount = count($row);
}
// not same number of cells
if (count($row) != $cellCount) {
// add error
$errors[] = BL::err('InvalidTemplateSyntax');
// stop
break;
}
// double check position names
foreach ($row as $cell) {
// ignore unavailable space
if ($cell != '/') {
// not alphanumeric -> error
if (!in_array($cell, $this->names)) {
$errors[] = sprintf(BL::getError('NonExistingPositionName'), $cell);
} elseif (substr_count($html, '"#position-' . $cell . '"') != 1) {
// can't build proper html -> error
$errors[] = BL::err('InvalidTemplateSyntax');
}
}
}
// reset
$first = false;
}
// add errors
if ($errors) {
$this->frm->getField('format')->addError(implode('<br />', array_unique($errors)));
}
}
// no errors?
if ($this->frm->isCorrect()) {
// build array
$item['id'] = $this->id;
$item['theme'] = $this->frm->getField('theme')->getValue();
$item['label'] = $this->frm->getField('label')->getValue();
$item['path'] = 'Core/Layout/Templates/' . $this->frm->getField('file')->getValue();
$item['active'] = $this->frm->getField('active')->getChecked() ? 'Y' : 'N';
// copy data from previous version, otherwise default_extras from other languages are overwritten
$item['data'] = $this->record['data'];
$item['data']['format'] = trim(str_replace(array("\n", "\r", ' '), '', $this->frm->getField('format')->getValue()));
$item['data']['names'] = $this->names;
$item['data']['default_extras'] = $this->extras;
$item['data']['default_extras_' . BL::getWorkingLanguage()] = $this->extras;
// serialize
$item['data'] = serialize($item['data']);
// if this is the default template make the template active
if ($this->get('fork.settings')->get('Pages', 'default_template') == $this->record['id']) {
$item['active'] = 'Y';
}
// if the template is in use we can't de-activate it
if (BackendExtensionsModel::isTemplateInUse($item['id'])) {
$item['active'] = 'Y';
}
// insert the item
BackendExtensionsModel::updateTemplate($item);
// trigger event
BackendModel::triggerEvent($this->getModule(), 'after_edit_template', array('item' => $item));
// set default template
if ($this->frm->getField('default')->getChecked() && $item['theme'] == $this->get('fork.settings')->get('Core', 'theme', 'core')) {
$this->get('fork.settings')->set('pages', 'default_template', $item['id']);
}
// update all existing pages using this template to add the newly inserted block(s)
if (BackendExtensionsModel::isTemplateInUse($item['id'])) {
BackendPagesModel::updatePagesTemplates($item['id'], $item['id'], $this->frm->getField('overwrite')->getChecked());
}
// everything is saved, so redirect to the overview
$this->redirect(BackendModel::createURLForAction('ThemeTemplates') . '&theme=' . $item['theme'] . '&report=edited-template&var=' . urlencode($item['label']) . '&highlight=row-' . $item['id']);
}
}
}
/**
* Validate a submitted form and process it.
*/
private function validateForm()
{
// the form is submitted
if ($this->frm->isSubmitted()) {
// shorten field variables
$fileFile = $this->frm->getField('file');
// validate the file
if ($fileFile->isFilled(BL::err('FieldIsRequired')) && $fileFile->isAllowedExtension(array('zip'), sprintf(BL::getError('ExtensionNotAllowed'), 'zip'))) {
$moduleName = $this->installModule();
}
// passed all validation
if ($this->frm->isCorrect()) {
// by now, the module has already been installed in processZipFile()
// redirect with fireworks
$this->redirect(BackendModel::createURLForAction('Modules') . '&report=module-installed&var=' . $moduleName . '&highlight=row-module_' . $moduleName);
}
}
}
/**
* Validates the general tab
*/
private function validateGeneralForm()
{
// form is submitted
if ($this->frmGeneral->isSubmitted()) {
// validate required fields
$this->frmGeneral->getField('from_name')->isFilled(BL::getError('FieldIsRequired'));
$this->frmGeneral->getField('from_email')->isEmail(BL::getError('EmailIsInvalid'));
$this->frmGeneral->getField('reply_to_email')->isEmail(BL::getError('EmailIsInvalid'));
// user is god
if (BackendAuthentication::getUser()->isGod()) {
if ($this->frmGeneral->getField('price_per_email')->isFilled(BL::err('FieldIsRequired'))) {
$this->frmGeneral->getField('price_per_email')->isFloat(BL::err('InvalidPrice'));
}
if ($this->frmGeneral->getField('price_per_campaign')->isFilled(BL::err('FieldIsRequired'))) {
$this->frmGeneral->getField('price_per_campaign')->isFloat(BL::err('InvalidPrice'));
}
}
// form is validated
if ($this->frmGeneral->isCorrect()) {
// set sender info
$this->get('fork.settings')->set($this->getModule(), 'from_name', $this->frmGeneral->getField('from_name')->getValue());
$this->get('fork.settings')->set($this->getModule(), 'from_email', $this->frmGeneral->getField('from_email')->getValue());
$this->get('fork.settings')->set($this->getModule(), 'reply_to_email', $this->frmGeneral->getField('reply_to_email')->getValue());
$this->get('fork.settings')->set($this->getModule(), 'plain_text_editable', $this->frmGeneral->getField('plain_text_editable')->getValue());
// user is god?
if (BackendAuthentication::getUser()->isGod()) {
// set price per email
$this->get('fork.settings')->set($this->getModule(), 'price_per_email', $this->frmGeneral->getField('price_per_email')->getValue());
// set price per campaign
$this->get('fork.settings')->set($this->getModule(), 'price_per_campaign', $this->frmGeneral->getField('price_per_campaign')->getValue());
}
// trigger event
BackendModel::triggerEvent($this->getModule(), 'after_saved_general_settings');
// redirect to the settings page
$this->redirect(BackendModel::createURLForAction('Settings') . '&report=saved#tabGeneral');
}
}
}
/**
* Validate a submitted form and process it.
*/
private function validateForm()
{
// the form is submitted
if ($this->frm->isSubmitted()) {
// shorten field variables
/** @var $fileFile \SpoonFormFile */
$fileFile = $this->frm->getField('file');
// validate the file
if ($fileFile->isFilled(BL::err('FieldIsRequired'))) {
// only zip files allowed
if ($fileFile->isAllowedExtension(array('zip'), sprintf(BL::getError('ExtensionNotAllowed'), 'zip'))) {
// create ziparchive instance
$zip = new \ZipArchive();
// try and open it
if ($zip->open($fileFile->getTempFileName()) === true) {
// zip file needs to contain some files
if ($zip->numFiles > 0) {
// get first entry (= the theme folder)
$file = $zip->statIndex(0);
// name of the module we are trying to upload
$themeName = trim($file['name'], '/');
// find info.xml
$infoXml = $zip->getFromName($themeName . '/info.xml');
// add error if info.xml is not found
if ($infoXml === false) {
$fileFile->addError(sprintf(BL::getError('NoInformationFile'), $themeName));
} else {
// parse xml
try {
// load info.xml
$infoXml = @new \SimpleXMLElement($infoXml, LIBXML_NOCDATA, false);
// convert xml to useful array
$this->information = BackendExtensionsModel::processThemeXml($infoXml);
// empty data (nothing useful)
if (empty($this->information)) {
$fileFile->addError(BL::getMessage('InformationFileIsEmpty'));
}
// check if theme name in info.xml matches folder name
if ($this->information['name'] != $themeName) {
$fileFile->addError(BL::err('ThemeNameDoesntMatch'));
}
} catch (\Exception $e) {
// warning that the information file is corrupt
$fileFile->addError(BL::getMessage('InformationFileCouldNotBeLoaded'));
}
}
// wow wow, you are trying to upload an already existing theme
if (BackendExtensionsModel::existsTheme($themeName)) {
$fileFile->addError(sprintf(BL::getError('ThemeAlreadyExists'), $themeName));
}
// list of validated files (these files will actually be unpacked)
$files = array();
// check every file in the zip
for ($i = 0; $i < $zip->numFiles; $i++) {
// get the file name
$file = $zip->statIndex($i);
$fileName = $file['name'];
// yay, in a valid directory
if (stripos($fileName, $themeName . '/') === 0) {
// valid file, add to extraction-list
$files[] = $fileName;
}
}
} else {
// empty zip file
$fileFile->addError(BL::getError('FileIsEmpty'));
}
} else {
// something went very wrong, probably corrupted
$fileFile->addError(BL::getError('CorruptedFile'));
}
}
}
// passed all validation
if ($this->frm->isCorrect()) {
// unpack module files
$zip->extractTo(FRONTEND_PATH . '/Themes', $files);
// run installer
BackendExtensionsModel::installTheme($themeName);
// redirect with fireworks
$this->redirect(BackendModel::createURLForAction('Themes') . '&report=theme-installed&var=' . $themeName);
}
}
}