function formHandler() { global $url, $log, $auth; $http_accept = getValIfExists($_SERVER, 'HTTP_ACCEPT'); $format = $http_accept ? substr($http_accept, strpos($http_accept, '/') + 1) : ''; $ext = substr($url, strrpos($url, ".") + 1); $format = $ext != "" ? $ext : $format; $prj = new EcProject(); $pNameEnd = strpos($url, "/"); $prj->name = substr($url, 0, $pNameEnd); $prj->fetch(); if (!$prj->id) { echo applyTemplate("./base.html", "./error.html", array("errorType" => "404 ", "error" => "The project {$prj->name} does not exist on this server")); return; } $permissionLevel = 0; $loggedIn = $auth->isLoggedIn(); if ($loggedIn) { $permissionLevel = $prj->checkPermission($auth->getEcUserId()); } if (!$prj->isPublic && !$loggedIn) { loginHandler($url); return; } else { if (!$prj->isPublic && $permissionLevel < 2) { echo applyTemplate("./base.html", "./error.html", array("errorType" => "403 ", "error" => "You do not have permission to view this project")); return; } } $extStart = strpos($url, "."); $frmName = rtrim(substr($url, $pNameEnd + 1, ($extStart > 0 ? $extStart : strlen($url)) - $pNameEnd - 1), "/"); if (!array_key_exists($frmName, $prj->tables)) { echo applyTemplate("./base.html", "./error.html", array("errorType" => "404 ", "error" => "The project {$prj->name} does not contain the form {$frmName}")); return; } if ($_SERVER["REQUEST_METHOD"] == 'POST') { $log->write("debug", json_encode($_POST)); header("Cache-Control: no-cache, must-revalidate"); $_f = getValIfExists($_FILES, "upload"); if ($_f) { if ($_f['tmp_name'] == '') { flash('The file is too big to upload', 'err'); } else { try { ini_set('max_execution_time', 200); ini_set("auto_detect_line_endings", true); if (preg_match("/\\.csv\$/", $_f["name"])) { $fh = fopen($_f["tmp_name"], 'r'); $res = $prj->tables[$frmName]->parseEntriesCSV($fh); fclose($fh); unset($fh); } elseif (preg_match("/\\.xml\$/", $_f["name"])) { $res = $prj->tables[$frmName]->parseEntries(simplexml_load_string(file_get_contents($_f["tmp_name"]))); } //echo "{\"success\":" . ($res === true ? "true": "false") . ", \"msg\":\"" . ($res==="true" ? "success" : $res) . "\"}"; flash("Upload Complete"); } catch (Exception $ex) { flash($ex->getMessage(), 'err'); } } } else { $ent = $prj->tables[$frmName]->createEntry(); $ent->created = $_POST["created"]; $ent->deviceId = $_POST["DeviceID"]; $ent->uploaded = getTimestamp('Y-m-d H:i:s'); $ent->user = 0; foreach (array_keys($ent->values) as $key) { if (!$prj->tables[$frmName]->fields[$key]->active) { continue; } if (array_key_exists($key, $_POST)) { $ent->values[$key] = $_POST[$key]; } elseif (!$prj->tables[$frmName]->fields[$key]->required && !$prj->tables[$frmName]->fields[$key]->key) { $ent->values[$key] = ""; } else { header("HTTP/1.1 405 Bad Request"); echo "{\"success\":false, \"msg\":\"{$key} is a required field\"}"; return; } } try { $res = $ent->post(); echo "{\"success\":" . ($res === true ? "true" : "false") . ", \"msg\":\"" . ($res === "true" ? "success" : $res) . "\"}"; return; } catch (Exception $e) { header("HTTP/1.1 500 Conflict"); echo $e->getMessage(); } } } elseif ($_SERVER["REQUEST_METHOD"] == "DELETE") { echo "delete form"; return; } else { ini_set('max_execution_time', 200); header("Cache-Control: no-cache, must-revalidate"); $offset = array_key_exists('start', $_GET) ? $_GET['start'] : 0; $limit = array_key_exists('limit', $_GET) ? $_GET['limit'] : 0; $full_urls = getValIfExists($_GET, 'full_paths', true); if ($full_urls === 'false') { $full_urls = false; } elseif ($full_urls === 'true') { $full_urls = true; } switch ($format) { case 'json': header('Content-Type: application/json'); $res = $prj->tables[$frmName]->ask($_GET, $offset, $limit, getValIfExists($_GET, "sort"), getValIfExists($_GET, "dir"), false, "object"); if ($res !== true) { die($res); } $i = 0; $recordSet = array(); while ($rec = $prj->tables[$frmName]->recieve(1, $full_urls)) { $recordSet = array_merge($recordSet, $rec); } echo json_encode($recordSet); return; case "xml": header("Content-Type: text/xml"); if (array_key_exists("mode", $_GET) && $_GET["mode"] == "list") { echo "<entries>"; $res = $prj->tables[$frmName]->ask($_GET, $offset, $limit, getValIfExists($_GET, "sort"), getValIfExists($_GET, "dir"), false, "object"); if ($res !== true) { die($res); } while ($ent = $prj->tables[$frmName]->recieve(1, true)) { echo "<entry>"; foreach ($ent[0] as $key => $val) { if (array_key_exists($key, $prj->tables[$frmName]->fields) && ($prj->tables[$frmName]->fields[$key]->type === 'location' || $prj->tables[$frmName]->fields[$key]->type === 'gps')) { foreach ($val as $x => $y) { printf('<%s_%s>%s</%s_%s>', $key, $x, $y, $key, $x); } } else { printf('<%s>%s</%s>', $key, $val, $key); } } echo "</entry>"; } echo "</entries>"; return; } else { echo $prj->tables[$frmName]->toXml(); return; } case "kml": header("Content-Type: application/vnd.google-earth.kml+xml"); echo '<?xml version="1.0" encoding="UTF-8"?><kml xmlns="http://earth.google.com/kml/2.0"><Document><name>EpiCollect</name><Folder><name>'; echo "{$prj->name} - {$frmName}"; echo '</name><visibility>1</visibility>'; $arr = $prj->tables[$frmName]->ask(false, $offset, $limit); while ($ent = $prj->tables[$frmName]->recieve(1, true)) { echo "<Placemark>"; $desc = ""; $title = ""; foreach ($prj->tables[$frmName]->fields as $name => $fld) { if (!$fld->active) { continue; } if ($fld->type == "location" || $fld->type == "gps") { $loc = json_decode($ent[0][$name]); echo "<Point><coordinates>{$loc->longitude},{$loc->latitude}</coordinates></Point>"; } elseif ($fld->title) { $title = $title == "" ? $ent[0][$name] : "{$title}\t{$ent[0][$name]}"; } else { $desc = "{$name} : {$ent[0][$name]}"; } } if ($title == "") { $title = $arr[$prj->tables[$frmName]->key]; } echo "<name>{$title}</name>"; echo "<description><![CDATA[{$desc}]]></description>"; echo "</Placemark>"; } echo '</Folder></Document></kml>'; return; case "csv": // if (!file_exists('ec/uploads')) { mkdir('ec/uploads'); } $filename = sprintf('ec/uploads/%s_%s_%s%s.csv', $prj->name, $frmName, $prj->getLastUpdated(), md5(http_build_query($_GET))); if (!file_exists($filename) || getValIfExists($_GET, 'bypass_cache') === 'true') { //ob_implicit_flush(false); $fp = fopen($filename, 'w+'); //$arr = $prj->tables[$frmName]->get(false, $offset, $limit); //$arr = $arr[$frmName]; //echo assocToDelimStr($arr, ","); $headers = array_merge(array('DeviceID', 'created', 'lastEdited', 'uploaded'), array_keys($prj->tables[$frmName]->fields)); $_off = 4; $num_h = count($headers) - $_off; $nxt = $prj->getNextTable($frmName, true); if ($nxt) { array_push($headers, sprintf('%s_entries', $nxt->name)); } $real_flds = $headers; for ($i = 0; $i < $num_h; $i++) { $fld = $prj->tables[$frmName]->fields[$headers[$i + $_off]]; if (!$fld->active) { array_splice($headers, $i + $_off, 1); $num_h--; } elseif ($fld->type == "gps" || $fld->type == "location") { $name = $fld->name; //take the GPS fields table, apply each one as a suffix to the field name and then splice $gps_flds = array_values(EcTable::$GPS_FIELDS); foreach ($gps_flds as &$val) { $val = sprintf('%s%s', $name, $val); } array_splice($headers, $i + $_off, 1, $gps_flds); $i = $i + 5; } } fwrite($fp, sprintf("\"%s\"\n", implode('","', $headers))); $res = $prj->tables[$frmName]->ask($_GET, $offset, $limit, getValIfExists($_GET, "sort"), getValIfExists($_GET, "dir"), false, "object", true); if ($res !== true) { die($res); } $count_h = count($real_flds); while ($xml = $prj->tables[$frmName]->recieve(1, true)) { $xml = $xml[0]; // fwrite($fp, sprintf('"%s" //', $xml)); ///print_r($xml); for ($i = 0; $i < $count_h; $i++) { if ($i > 0) { fwrite($fp, ','); } fwrite($fp, '"'); if (array_key_exists($real_flds[$i], $xml)) { if ($i >= $_off && array_key_exists($real_flds[$i], $prj->tables[$frmName]->fields) && ($prj->tables[$frmName]->fields[$real_flds[$i]]->type == "gps" || $prj->tables[$frmName]->fields[$real_flds[$i]]->type == "location")) { try { $arr = $xml[$real_flds[$i]]; if (is_string($arr) && trim($xml[$real_flds[$i]]) != '') { $escval = str_replace(': N/A', ': "N/A"', $xml[$real_flds[$i]]); $arr = json_decode($escval, true); } if (is_array($arr)) { $x = 0; foreach (array_keys(EcTable::$GPS_FIELDS) as $k) { if ($x > 0) { fwrite($fp, '","'); } if (array_key_exists($k, $arr)) { fwrite($fp, $arr[$k]); } $x++; } } else { for ($fieldsIn = 0; $fieldsIn < 6; $fieldsIn++) { fwrite($fp, '","'); } } } catch (Exception $e) { throw $e; } } else { fwrite($fp, $xml[$real_flds[$i]]); } } fwrite($fp, '"'); } fwrite($fp, "\r\n"); } } global $SITE_ROOT; header("Content-Type: text/csv"); header(sprintf('location: http://%s%s/%s', $_SERVER['HTTP_HOST'], $SITE_ROOT, $filename)); return; case "tsv": if (!file_exists('ec/uploads')) { mkdir('ec/uploads'); } $filename = sprintf('ec/uploads/%s_%s_%s%s.tsv', $prj->name, $frmName, $prj->getLastUpdated(), md5(http_build_query($_GET))); if (!file_exists($filename)) { //ob_implicit_flush(false); $fp = fopen($filename, 'w+'); //$arr = $prj->tables[$frmName]->get(false, $offset, $limit); //$arr = $arr[$frmName]; //echo assocToDelimStr($arr, ","); $headers = array_merge(array('DeviceID', 'created', 'lastEdited', 'uploaded'), array_keys($prj->tables[$frmName]->fields)); $_off = 4; $num_h = count($headers) - $_off; $nxt = $prj->getNextTable($frmName, true); if ($nxt) { array_push($headers, sprintf('%s_entries', $nxt->name)); } $real_flds = $headers; for ($i = 0; $i < $num_h; $i++) { $fld = $prj->tables[$frmName]->fields[$headers[$i + $_off]]; if (!$fld->active) { array_splice($headers, $i + $_off, 1); } elseif ($fld->type == "gps" || $fld->type == "location") { $name = $fld->name; //take the GPS fields table, apply each one as a suffix to the field name and then splice $gps_flds = array_values(EcTable::$GPS_FIELDS); foreach ($gps_flds as &$val) { $val = sprintf('%s_%s', $name, $val); } array_splice($headers, $i + $_off, 1, $gps_flds); $i = $i + 5; } } fwrite($fp, sprintf("\"%s\"\n", implode("\"\t\"", $headers))); $res = $prj->tables[$frmName]->ask($_GET, $offset, $limit, getValIfExists($_GET, "sort"), getValIfExists($_GET, "dir"), false, "object", true); if ($res !== true) { die($res); } $count_h = count($real_flds); while ($xml = $prj->tables[$frmName]->recieve(1, true)) { $xml = $xml[0]; // fwrite($fp, sprintf('"%s" //', $xml)); ///print_r($xml); for ($i = 0; $i < $count_h; $i++) { if ($i > 0) { fwrite($fp, ','); } fwrite($fp, '"'); if (array_key_exists($real_flds[$i], $xml)) { if ($i > $_off && $i != $count_h - 1 && ($prj->tables[$frmName]->fields[$real_flds[$i]]->type == "gps" || $prj->tables[$frmName]->fields[$real_flds[$i]]->type == "location")) { try { $arr = $xml[$real_flds[$i]]; if (is_string($arr) && trim($xml[$real_flds[$i]]) != '') { $escval = str_replace(': N/A', ': "N/A"', $xml[$real_flds[$i]]); $arr = json_decode($escval, true); } if (is_array($arr)) { $x = 0; foreach (array_keys(EcTable::$GPS_FIELDS) as $k) { if ($x > 0) { fwrite($fp, "\"\t\""); } if (array_key_exists($k, $arr)) { fwrite($fp, $arr[$k]); } $x++; } } else { for ($fieldsIn = 0; $fieldsIn < 6; $fieldsIn++) { fwrite($fp, "\"t\""); } } } catch (Exception $e) { throw $e; } } else { fwrite($fp, $xml[$real_flds[$i]]); } } fwrite($fp, '"'); } fwrite($fp, "\r\n"); } } global $SITE_ROOT; header("Content-Type: text/tsv"); header(sprintf('location: http://%s%s/%s', $_SERVER['HTTP_HOST'], $SITE_ROOT, $filename)); case "js": global $SITE_ROOT; $files = array("./Ext/ext-base.js", "./Ext/ext-all.js", "./js/EpiCollect2.js"); header("Content-type: text/javascript"); echo packFiles($files); echo "var survey;\n\t\tvar table;\n\t\t\n\t\tvar uid = 'web_" . md5($_SERVER["HTTP_HOST"]) . "';\n\t\t\n\t\tfunction init()\n\t\t{\n\t\t\tsurvey = new EcSurvey;\n\t\t\t//table = new EcTable();\n\t\t\tExt.Ajax.request({\n\t\t\t\turl: location.pathname.substring(0, location.pathname.lastIndexOf('/')) + \".xml\",\n\t\t\t\tsuccess: function (res)\n\t\t\t\t{\n\t\t\t\t\tsurvey.parse(res.responseXML);\n\t\t\t\t\ttable = survey.tables[location.pathname.substring(location.pathname.lastIndexOf('/') + 1)]\n\t\t\t\t\tdrawPage();\n\t\t\t\t}\n\t\t\t})\n\t\t}\n\t\t\n\t\tfunction drawPage(){\n\t\t\tvar tbl = table.getTable(true, true, true);\n\t\t\ttbl.render('tabPanel');\n\t\t}\n\t\t\n\t\tExt.onReady(init);"; return; case "css": global $SITE_ROOT; header("Cache-Control: public; max-age=100000;"); header("Content-type: text/css"); $files = array("./Ext/ext-all.css", "./css/EpiCollect2.css"); echo packFiles($files); echo ".cp-item {\n\t\t\tvertical-align: top;\n\t\t\tdisplay: inline-block;\n\t\t\tmargin-left : 10px;\n\t\t}\n\t\t\n\t\t.cp-item img {\n\t\t\tmargin: 0;\n\t\t}\n\t\t\n\t\t.entry\n\t\t{\n\t\t\tborder-bottom : 1px solid #CCCCCC;\n\t\t\tbackground-color : #EEEEEE;\n\t\t\tmargin : 0;\n\t\t\tpadding : 5px 5px 5px 5px;\n\t\t\t\n\t\t}\n\t\t\n\t\t.nolocation\n\t\t{\n\t\t\tfont-style : italic; \n\t\t}\n\t\t\n\t\t#timeText\n\t\t{\n\t\t\twidth : 30em;\n\t\t}\n\n\t\t.button\n\t\t{\n\t\t\tpadding : 0.25em 0.5em 0.25em 0.5em;\n\t\t\tmargin : 0em 0.25em 0em 0.25em;\n\t\t\tbackground-color:#C7DFFC;\n\t\t\tborder-radius: 0.25em;\n\t\t\tcursor: pointer;\n\t\t\tfont-weight : bold;\t\n\t\t\twidth : 30%;\n\t\t}\n\n\t\t\n\t\t.button:active\n\t\t{\n\t\t\tbackground-color: #CCCCCC;\n\t\t}\n\t\t\t\t\t"; return; default: break; } } global $SITE_ROOT; $referer = array_key_exists("HTTP_REFERER", $_SERVER) ? $_SERVER["HTTP_REFERER"] : ""; if (!array_key_exists("formCrumbs", $_SESSION) || !$prj->getPreviousTable($frmName) || !preg_match("/{$prj->name}\\//", $referer)) { $_SESSION["formCrumbs"] = array(); } $p = ""; if (array_key_exists("prevForm", $_GET)) { $pKey = $prj->tables[$_GET["prevForm"]]->key; $_SESSION["formCrumbs"][$_GET["prevForm"]] = $_GET[$pKey]; //if we've come back up a step we need to remove the entry. We assume that the crumbs are in the correct order to //draw them in the correct order } $pk = null; $pv = null; foreach ($_SESSION["formCrumbs"] as $k => $v) { if ($prj->tables[$k]->number >= $prj->tables[$frmName]->number) { unset($_SESSION["formCrumbs"][$k]); } else { if ($pk) { $p .= "> <a href=\"{$k}?{$prj->tables[$pk]->key}={$pv}\">{$k} : {$v} </a>"; } else { $p .= "> <a href=\"{$k}\">{$k} : {$v} </a>"; } $pk = $k; $pv = $v; } } $mapScript = $prj->tables[$frmName]->hasGps() ? "<script type=\"text/javascript\" src=\"" . (getValIfExists($_SERVER, 'HTTPS') ? 'https' : 'http') . "://maps.google.com/maps/api/js?sensor=false\"></script>\n\t<script type=\"text/javascript\" src=\"{$SITE_ROOT}/js/markerclusterer.js\"></script>" : ""; $vars = array("prevForm" => $p, "projectName" => $prj->name, "formName" => $frmName, "curate" => $permissionLevel > 1 ? "true" : "false", "mapScript" => $mapScript, "curationbuttons" => $permissionLevel > 1 ? sprintf('<span class="button-set"><a href="javascript:project.forms[formName].displayForm({ vertical : false });"><img src="%s/images/glyphicons/glyphicons_248_asterisk.png" title="New Entry" alt="New Entry"></a> <a href="javascript:editSelected();"><img src="%s/images/glyphicons/glyphicons_030_pencil.png" title="Edit Entry" alt="Edit Entry"></a> <a href="javascript:project.forms[formName].deleteEntry(window.ecplus_entries[$(\'.ecplus-data tbody tr.selected\').index()][project.forms[formName].key]);"><img src="%s/images/glyphicons/glyphicons_016_bin.png" title="Delete Entry" alt="Delete Entry"></a></span>', $SITE_ROOT, $SITE_ROOT, $SITE_ROOT) : '', "csvform" => $permissionLevel > 1 ? $csvform = '<div id="csvform"> <h3><a href="#">Upload data from a CSV file</a></h3> <div> <form method="POST" enctype="multipart/form-data" > <label for="upload">File to upload : </label><input type="file" name="upload" /><br /> <input type="submit" name="submit" value="Upload File" /> </form> </div> </div>' : ''); echo applyTemplate('base.html', './FormHome.html', $vars); }