/** * set list filter string (function is called when user hits filter button) * this function is registered in xajax * @param string $list_title title of list * @param string $filter_str filter string that user has set * @return xajaxResponse every xajax registered function needs to return this object */ function action_set_list_filter($list_title, $filter_str) { global $logging; global $user; global $list_state; global $list_table_configuration; global $user_start_time_array; $logging->info("USER_ACTION " . __METHOD__ . " (user="******", list_title={$list_title}, filter_str={$filter_str})"); # store start time $user_start_time_array[__METHOD__] = microtime(TRUE); # create necessary objects $result = new Result(); $response = new xajaxResponse(); $html_database_table = new HtmlDatabaseTable($list_table_configuration); # check if filter_str is well formed if (str_is_well_formed("filter_str", $filter_str) == FALSE_RETURN_STRING) { set_error_message("filter_form", "below", "ERROR_NOT_WELL_FORMED_STRING", "", "", $response); return $response; } # create list table object $list_table = new ListTable($list_title); if ($list_table->get_is_valid() == FALSE) { $logging->warn("create list object returns false"); $error_message_str = $list_table->get_error_message_str(); $error_log_str = $list_table->get_error_log_str(); $error_str = $list_table->get_error_str(); set_error_message("filter_form", "below", $error_message_str, $error_log_str, $error_str, $response); return $response; } # set filter value $user->get_list_state($list_table->get_table_name()); $list_state->set_filter_str($filter_str); $list_state->set_filter_str_sql(""); $user->set_list_state(); # set content $html_database_table->get_content($list_table, $list_title, "", DATABASETABLE_UNKWOWN_PAGE, $result); $response->custom_response->assign_with_effect(LIST_CSS_NAME_PREFIX . "content_pane", $result->get_result_str()); # check post conditions if (check_postconditions($result, $response) == FALSE) { return $response; } # log total time for this function $logging->info(get_function_time_str(__METHOD__)); return $response; }
<?php require_once "../includes/config.php"; require_once "../includes/session.php"; if (!isset($_SESSION['test_name'])) { set_error_message(TEST_NAME_NOT_FOUND); redirect_to("../tests/error.php"); } $file = "../common/common_rules_and_regulations.txt"; $content = file_get_contents($file); ?> <!DOCTYPE html> <html> <head> <title> </title> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7" crossorigin="anonymous"> <link rel="shortcut icon" href="http://s12.postimg.org/8ta2or48d/Graphic1.png" type="image/x-icon" /> <link href='https://fonts.googleapis.com/css?family=Titillium+Web' rel='stylesheet' type='text/css'> <script type="text/javascript" src="../js/jquery-2.2.0.min.js"></script> <script type="text/javascript " src="../js/bootstrap.min.js"></script> <link rel="stylesheet" type="text/css" href="../css/test_details.css"> <script type = "text/javascript" > history.pushState(null, null, 'rules_regulations.php'); window.addEventListener('popstate', function(event) { history.pushState(null, null, 'rules_regulations.php'); }); </script>
/** * update a user record * this function is registered in xajax * @param string $title title of page * @param string $key_string comma separated name value pairs * @param array $form_values values of new record (array of name value pairs) * @return xajaxResponse every xajax registered function needs to return this object */ function action_update_user_settings_record($title, $key_string, $form_values) { global $logging; global $user; global $user_settings_table_configuration; global $firstthingsfirst_field_descriptions; global $user_start_time_array; # WARNING: this function is almost identical to function UserAdministration::action_update_user_admin_record # changes in this function should also lead to changes in that function $logging->info("USER_ACTION " . __METHOD__ . " (user="******", title={$title}, key_string={$key_string})"); # store start time $user_start_time_array[__METHOD__] = microtime(TRUE); $html_str = ""; $name_keys = array_keys($form_values); $new_form_values = array(); $fields = $user->get_fields(); $field_keys = array_keys($fields); # create necessary objects $result = new Result(); $response = new xajaxResponse(); $html_database_table = new HtmlDatabaseTable($user_settings_table_configuration); foreach ($name_keys as $name_key) { $value_array = explode(GENERAL_SEPARATOR, $name_key); $db_field_name = $value_array[0]; $field_type = $value_array[1]; $field_number = $value_array[2]; $check_functions = explode(" ", $firstthingsfirst_field_descriptions[$field_type][FIELD_DESCRIPTION_FIELD_INPUT_CHECKS]); $result->reset(); $logging->debug("field (name=" . $db_field_name . ", type=" . $field_type . ", number=" . $field_number . ")"); # check field values (check password field only when new password has been set) if ($db_field_name != USER_PW_FIELD_NAME || $db_field_name == USER_PW_FIELD_NAME && strlen($form_values[$name_key]) > 0) { check_field($check_functions, $db_field_name, $form_values[$name_key], $user->get_date_format(), $result); if (strlen($result->get_error_message_str()) > 0) { set_error_message($name_key, "right", $result->get_error_message_str(), "", "", $response); return $response; } } # set new value $new_form_values[$db_field_name] = $result->get_result_str(); $logging->debug("setting new form value (db_field_name=" . $db_field_name . ", result=" . $result->get_result_str() . ")"); } # check if someone tries to change user admin if ($user->get_name() == "admin") { # check if the name of user admin is changed if ($new_form_values[USER_NAME_FIELD_NAME] != "admin") { set_error_message("record_contents_buttons", "right", "ERROR_CANNOT_UPDATE_NAME_USER_ADMIN", "", "", $response); return $response; } } # display error when insertion returns false if (!$user->update($key_string, $new_form_values, TRUE)) { $logging->warn("update user settings record returns false"); $error_message_str = $user->get_error_message_str(); $error_log_str = $user->get_error_log_str(); $error_str = $user->get_error_str(); set_error_message("record_contents_buttons", "right", $error_message_str, $error_log_str, $error_str, $response); return $response; } # redirect to portal page with new user settings activated $response->script("window.location.assign('index.php?action=" . ACTION_GET_PORTAL_PAGE . "')"); # check post conditions not necessary # log total time for this function $logging->info(get_function_time_str(__METHOD__)); return $response; }
/** * delete a record * this function is registered in xajax * @param string $title title of page * @param string $key_string comma separated name value pairs * @return xajaxResponse every xajax registered function needs to return this object */ function action_delete_user_admin_record($title, $key_string) { global $logging; global $user; global $user_admin_table_configuration; global $user_start_time_array; $logging->info("USER_ACTION " . __METHOD__ . " (user="******", title={$title}, key_string={$key_string})"); # store start time $user_start_time_array[__METHOD__] = microtime(TRUE); # create necessary objects $result = new Result(); $response = new xajaxResponse(); $html_database_table = new HtmlDatabaseTable($user_admin_table_configuration); $logging->debug("get user record"); $user_array = $user->select_record($key_string); if (count($user_array) == 0) { $logging->warn("select user record returns empty array"); $error_message_str = $user->get_error_message_str(); $error_log_str = $user->get_error_log_str(); $error_str = $user->get_error_str(); set_error_message("tab_user_admin_id", "below", $error_message_str, $error_log_str, $error_str, $response); return $response; } $user_name = $user_array[USER_NAME_FIELD_NAME]; $logging->debug("found user: "******"admin") { set_error_message("tab_user_admin_id", "below", "ERROR_CANNOT_DELETE_USER_ADMIN", "", "", $response); return $response; } # display error when current user wants to delete him/herself if ($user_name == $user->get_name()) { set_error_message("tab_user_admin_id", "below", "ERROR_CANNOT_DELETE_YOURSELF", "", "", $response); return $response; } # display error when delete returns false if ($user->delete($key_string) == FALSE) { $logging->warn("delete user record returns false"); $error_message_str = $user->get_error_message_str(); $error_log_str = $user->get_error_log_str(); $error_str = $user->get_error_str(); set_error_message("tab_user_admin_id", "below", $error_message_str, $error_log_str, $error_str, $response); return $response; } # set content $html_database_table->get_content($user, $title, "", DATABASETABLE_UNKWOWN_PAGE, $result); $response->custom_response->assign_with_effect(USER_ADMIN_CSS_NAME_PREFIX . "content_pane", $result->get_result_str()); # check post conditions if (check_postconditions($result, $response) == FALSE) { return $response; } # log total time for this function $logging->info(get_function_time_str(__METHOD__)); return $response; }
/** * delete a record * this function is registered in xajax * @param string $title title of page * @param string $key_string comma separated name value pairs * @return xajaxResponse every xajax registered function needs to return this object */ function action_delete_user_list_permissions_record($title, $key_string) { global $logging; global $user; global $user_list_permissions; global $user_list_permissions_table_configuration; global $user_start_time_array; $logging->info("USER_ACTION " . __METHOD__ . " (user="******", title={$title}, key_string={$key_string})"); # store start time $user_start_time_array[__METHOD__] = microtime(TRUE); # create necessary objects $result = new Result(); $response = new xajaxResponse(); $html_database_table = new HtmlDatabaseTable($user_list_permissions_table_configuration); # display error when delete returns false if (!$user_list_permissions->delete($key_string)) { $logging->warn("delete user list permissions record returns false"); $error_message_str = $user_list_permissions->get_error_message_str(); $error_log_str = $user_list_permissions->get_error_log_str(); $error_str = $user_list_permissions->get_error_str(); set_error_message("tab_list_table_permissions_id", "below", $error_message_str, $error_log_str, $error_str, $response); return $response; } # set content $html_database_table->get_content($user_list_permissions, $title, "", DATABASETABLE_UNKWOWN_PAGE, $result); $response->custom_response->assign_with_effect(USERLISTTABLEPERMISSIONS_CSS_NAME_PREFIX . "content_pane", $result->get_result_str()); # check post conditions if (check_postconditions($result, $response) == FALSE) { return $response; } # log total time for this function $logging->info(get_function_time_str(__METHOD__)); return $response; }
/** * check if given definition is correct * @todo remove (obsolete) key indicator from definition (requires an update script) * @param array $definition defintion of current list that is being build * @param $response xajaxResponse response object * @return array returns an empty array when given definition was not correct */ function check_definition($definition, $response) { global $logging; $logging->trace("check definition"); $definition_values = array_values($definition); $definition_keys = array_keys($definition); $new_definition = array(); if (count($definition_values) / 4 < 2) { $logging->warn("list with only one field"); set_error_message($definition_keys[2], "right", "ERROR_NOT_ENOUGH_FIELDS", "", "", $response); return array(); } for ($position = 0; $position < count($definition_values) / 4; $position += 1) { $field_id = $definition_values[$position * 4]; $field_type = $definition_values[$position * 4 + 1]; $field_name = $definition_values[$position * 4 + 2]; $field_options = $definition_values[$position * 4 + 3]; $logging->debug("found field (id=\"" . $field_id . "\" name=" . $field_name . " type=" . $field_type . " options=" . $field_options . ")"); # check if field name has been given if (strlen($field_name) == 0) { $logging->warn("no field name given"); set_error_message($definition_keys[$position * 4 + 2], "right", "ERROR_NO_FIELD_NAME_GIVEN", "", "", $response); return array(); } # check if field name is well formed if (str_is_well_formed("field", $field_name) == FALSE_RETURN_STRING) { set_error_message($definition_keys[$position * 4 + 2], "right", "ERROR_NOT_WELL_FORMED_STRING", "", "", $response); return array(); } # check if field is of type FIELD_TYPE_DEFINITION_SELECTION if ($field_type == FIELD_TYPE_DEFINITION_SELECTION) { # check if options string has been given if (strlen($field_options) == 0) { $logging->warn("no options given"); set_error_message($definition_keys[$position * 4 + 3], "right", "ERROR_NO_FIELD_OPTIONS_GIVEN", "", "", $response); return array(); } # check if options string is well formed if (str_is_well_formed("field", $field_options, 1) == FALSE_RETURN_STRING) { set_error_message($definition_keys[$position * 4 + 3], "right", "ERROR_NOT_WELL_FORMED_SELECTION_STRING", "", "", $response); return array(); } } # copy in field_visible_in_overview $new_field_name = ListTable::_get_db_field_name($field_name); $field_visible_in_overview = COLUMN_SHOW; if ($new_field_name == DB_ID_FIELD_NAME) { $field_visible_in_overview = $field_options; $field_options = ""; } $new_definition[$field_id] = array(ListTable::_get_db_field_name($field_name), $field_type, $field_options, $field_visible_in_overview); } $logging->trace("checked definition"); return $new_definition; }
/** * test if an error has been set in result and show the error on screen if an error has been set * @param $result Result result object * @param $response xajaxResponse response object * @return bool indicated if an error has been set */ function check_postconditions($result, $response) { global $logging; global $user; $logging->trace("check postconditions"); # check if an error is set if (strlen($result->get_error_message_str()) > 0) { $logging->warn("an error has been set"); $error_element = $result->get_error_element(); $error_message_str = $result->get_error_message_str(); $error_log_str = $result->get_error_log_str(); $error_str = $result->get_error_str(); set_error_message($error_element, "right", $error_message_str, $error_log_str, $error_str, $response); return FALSE; } $logging->trace("checked postconditions"); return TRUE; }
/** * delete a list table * this function is registered in xajax * @param string $list_title title of list table * @param string $key_string comma separated name value pairs * @return xajaxResponse every xajax registered function needs to return this object */ function action_delete_portal_record($list_title) { global $logging; global $user; global $list_table_description; global $portal_table_configuration; global $user_start_time_array; $logging->info("USER_ACTION " . __METHOD__ . " (user="******", list_title={$list_title})"); # store start time $user_start_time_array[__METHOD__] = microtime(TRUE); # create necessary objects $result = new Result(); $response = new xajaxResponse(); $list_table = new ListTable($list_title); if ($list_table->get_is_valid() == FALSE) { $logging->warn("create list object returns false"); $error_message_str = $list_table->get_error_message_str(); $error_log_str = $list_table->get_error_log_str(); $error_str = $list_table->get_error_str(); set_error_message("tab_portal_id", "below", $error_message_str, $error_log_str, $error_str, $response); return $response; } $html_database_table = new HtmlDatabaseTable($portal_table_configuration); # display error when delete returns false if ($list_table->drop() == FALSE) { $logging->warn("drop list returns false"); $error_message_str = $list_table->get_error_message_str(); $error_log_str = $list_table->get_error_log_str(); $error_str = $list_table->get_error_str(); set_error_message("tab_portal_id", "below", $error_message_str, $error_log_str, $error_str, $response); return $response; } # set content $html_database_table->get_content($list_table_description, $list_title, "", DATABASETABLE_ALL_PAGES, $result); $response->custom_response->assign_with_effect(PORTAL_CSS_NAME_PREFIX . "content_pane", $result->get_result_str()); # reset current list name only when active list has been removed if ($list_title == $user->get_current_list_name()) { $user->set_current_list_name(""); } # set page navigation and login status to update old 'list' links $page_navigation_str = get_page_navigation(PAGE_TYPE_PORTAL); $response->assign("navigation_container", "innerHTML", $page_navigation_str); # check post conditions if (check_postconditions($result, $response) == FALSE) { return $response; } # log total time for this function $logging->info(get_function_time_str(__METHOD__)); return $response; }
/** * login a user * this function is registered in xajax * @param string $user_name name of user * @param string $password password for user * @return xajaxResponse every xajax registered function needs to return this object */ function action_login($user_name, $password) { global $logging; global $user; global $user_start_time_array; $logging->info("USER_ACTION " . __METHOD__ . " (user_name={$user_name})"); # store start time $user_start_time_array[__METHOD__] = microtime(TRUE); # create necessary objects $response = new xajaxResponse(); if (strlen($user_name) == 0) { $logging->warn("no user name given"); set_error_message("user_name_id", "right", "ERROR_NO_USER_NAME_GIVEN", "", "", $response); # set focus on user name $response->script("document.getElementById('user_name_id').focus()"); return $response; } if (strlen($password) == 0) { $logging->warn("no password given"); set_error_message("password_id", "right", "ERROR_NO_PASSWORD_GIVEN", "", "", $response); # set focus on password $response->script("document.getElementById('password_id').focus()"); return $response; } if ($user->login($user_name, $password)) { # redirect to portal page $response->script("window.location.assign('index.php?action=" . ACTION_GET_PORTAL_PAGE . "')"); # log total time for this function $logging->info(get_function_time_str(__METHOD__)); return $response; } else { $logging->warn("user could not log in"); $error_message_str = $user->get_error_message_str(); $error_log_str = $user->get_error_log_str(); $error_str = $user->get_error_str(); set_error_message("password_id", "right", $error_message_str, $error_log_str, $error_str, $response); # set focus on user name $response->script("document.getElementById('user_name_id').focus()"); return $response; } }