function __construct() { // find active entity $user = Authentication::require_user(); $this->entity = Entity::get(@$_SERVER['PATH_INFO'], !$user->is_admin); // Redjudge all if (isset($_REQUEST['rejudge_all']) and Authentication::is_admin()) { Log::info("Requested redjudgement for all submissions in this entity", $this->entity->path()); foreach ($this->entity->all_submissions() as $subm) { $subm->rejudge(); } Util::redirect(str_replace('rejudge_all=1', '', $_SERVER['REQUEST_URI'])); } }
protected function getDuplicateWhereClause(Entity $entity) { return array('name' => $entity->get('name')); }
public static function validateField(Entity $entity, $key) { $tag = "EntityValidator::validateField({$key})"; Log::debug("{$tag}"); try { $value = $entity->get($key); $blueprint = $entity->blueprint(); $field = $blueprint->get($key); $displayName = $field->getDisplayName(); $dataType = $field->getDataType(); if ($field->isRequired()) { if (empty($value) && $value != "0") { return "Missing required value '{$displayName}'"; } } if (!empty($value) || $value == "0") { switch ($dataType) { case "string": $max = $field->getMax(); if (!empty($max) && strlen($value) > $max) { return "'{$displayName}' exceeds maximum character limit ({$max})"; } $regexp = $field->getRegexp(); if (!empty($regexp)) { if (!ereg($regexp, $value)) { $example = $field->getExample(); return "'{$displayName}' does not match the required pattern '{$example}'"; } } break; case "int": if (!is_numeric($value) || strpos($value, ".")) { return "'{$displayName}' must be an integer"; } $min = $field->getMin(); if ((!empty($min) || $min == "0") && $value < $min) { return "'{$displayName}' less than minimum required ({$min})"; } $max = $field->getMax(); if ((!empty($max) || $max == "0") && $value > $max) { return "'{$displayName}' greater than maximum allowed ({$max})"; } break; case "decimal": if (!is_numeric($value)) { return "'{$displayName}' must be a number"; } $min = $field->getMin(); if ((!empty($min) || $min == "0") && $value < $min) { return "'{$displayName}' less than minimum required ({$min})"; } $max = $field->getMax(); if ((!empty($max) || $max == "0") && $value > $max) { return "'{$displayName}' greater than maximum allowed ({$max})"; } $precision = $field->getPrecision(); if ($decimalPosition = strpos($value, ".")) { $decimals = substr($value, $decimalPosition + 1); if (!empty($precision) && strlen($decimals) > $precision) { return "'{$displayName}' has more than {$precision} allowed digits after decimal point"; } } break; case "date": $regexp = "^([0-9]{4})\\-([0-9]{2})\\-([0-9]{2})\$"; $example = $field->getExample(); if (!ereg($regexp, $value, $regs)) { return "'{$displayName}' does not match required pattern '{$example}'"; } $year = $regs[1]; $month = $regs[2]; $day = $regs[3]; if (!checkdate($month, $day, $year)) { return "'{$displayName}' is not a valid date"; } break; case "datetime": $regexp = "^([0-9]{4})\\-([0-9]{2})\\-([0-9]{2}) ([0-9]{2})\\:([0-9]{2})\\:([0-9]{2})\$"; $example = $field->getExample(); if (!ereg($regexp, $value, $regs)) { return "'{$displayName}' does not match required pattern '{$example}'"; } $year = $regs[1]; $month = $regs[2]; $day = $regs[3]; $hour = $regs[4]; $minute = $regs[5]; $seconds = $regs[6]; if (!checkdate($month, $day, $year)) { return "'{$displayName}' contains an valid date"; } if ($hour > 23 || $minute > 59 || $seconds > 59) { return "'{$displayName}' contains an invalid time"; } break; case "time": $regexp = "^([0-9]{2})\\:([0-9]{2})(\\:([0-9]{2}))?\$"; $example = $field->getExample(); if (!ereg($regexp, $value, $regs)) { return "'{$displayName}' does not match required pattern '{$example}'"; } $hour = $regs[1]; $minute = $regs[2]; $seconds = $regs[4]; if ($hour > 23 || $minute > 59 || $seconds > 59) { return "'{$displayName}' contains an invalid time"; } break; case "enum": $enumOptions = $field->getEnumOptions(); if (!in_array($value, $enumOptions)) { return "'{$value}' is not a valid selection for '{$displayName}'"; } break; case "text": $min = $field->getMin(); $max = $field->getMax(); $mimeType = $field->getMimeType(); break; case "binary": $min = $field->getMin(); $max = $field->getMax(); $mimeType = $field->getMimeType(); break; } // END: switch($dataType) if ($field->isUnique()) { if ($dataType == "int") { $query = "SELECT id FROM " . $blueprint->getKey() . " WHERE " . $field->getKey() . "={$value}"; } else { $query = "SELECT id FROM " . $blueprint->getKey() . " WHERE " . $field->getKey() . "='{$value}'"; } try { $sql = new DatabaseQuery($query); $sql->doQuery(); if ($sql->get_num_rows() > 0) { $row = $sql->get_next_row(); $id = $row->id; if ($id == $entity->getId()) { // this entity is simply using its own pre-existing unique value for key } else { // unique value is already in use for this key return "'{$value}' is already in use for '{$displayName}'"; } } } catch (Exception $e) { // query failed Log::error("{$tag}: " . $e->getMessage()); return "Unable to validate uniqueness of '{$displayName}'"; } } } // END: if((!empty($value)) || ($value==0)) } catch (Exception $e) { // blueprint does not contain a field for $key Log::warning("{$tag}: No field defined for '{$key}'"); // do not report an error return false; } return false; }
public function insert(Entity $entity) { $tag = "EntityDAO: insert()"; Log::notice("{$tag}"); $blueprint = $this->blueprint; $timezone_offset = $this->timezone_offset_modify; $query = "INSERT INTO " . $this->tableName() . " SET "; if ($entity->getId() != 0) { $query .= "id=" . $entity->getId() . ", "; } foreach ($blueprint->fields() as $field) { $key = $field->getKey(); $value = $entity->get($key); $encType = $field->getEncType(); if (!empty($value) || $value == "0") { if (!empty($encType) && $encType != "plain") { $value = hash($encType, $value); Log::debug("{$tag}: Encrypted value for {$key}: {$value}"); } switch ($field->getDataType()) { case "int": $query .= "{$key}={$value}"; break; case "decimal": case "date": $query .= "{$key}='{$value}'"; break; case "datetime": case "time": $query .= "{$key}=CONVERT_TZ('{$value}', '{$timezone_offset}', '" . BPTimezone::UTC . "')"; break; case "enum": $query .= "{$key}='{$value}'"; break; case "string": case "text": case "binary": $value = DatabaseSanitizer::sanitize($value); $query .= "{$key}='{$value}'"; break; } } else { $query .= "{$key}=NULL"; } $query .= ", "; } $query = substr($query, 0, strlen($query) - 2); // remove trailing comma and space (", ") $sql = new DatabaseUpdate($query, "insert"); try { $sql->doUpdate(); return $sql->last_insert_id(); } catch (Exception $e) { Log::error("{$tag}: [" . $sql->err_code . "] " . $sql->err_message); throw $e; } }
protected function getDuplicateWhereClause(Entity $entity) { return array('OR' => array(array('firstName' => $entity->get('firstName'), 'lastName' => $entity->get('lastName')), array('emailAddress' => $entity->get('emailAddress')))); }
function entity() { // it is not a fetal error if the entity does not exist return Entity::get($this->entity_path, false, false); }
<?php require_once '../lib/bootstrap.inc'; // ----------------------------------------------------------------------------- // Ajax utility: return newest submissions // ----------------------------------------------------------------------------- if (Authentication::current_user() == false) { echo '{"logout":"true"}'; } else { if (Authentication::is_admin() and isset($_GET['entity']) and isset($_GET['submissionid'])) { try { // get entity $entity = Entity::get($_GET['entity'], false, true); $submissions = $entity->submissions_after($_GET['submissionid']); $arr = array(); foreach ($submissions as $s) { $arr[] = $s->submissionid; } echo '{"new_ids":' . json_encode($arr) . '}'; } catch (NotFoundException $e) { exit; } } else { die("You have no rights to view this submission"); } }
/** * Checks if a given entity or its children entities have errors. * If so, sets _hasErrors and returns true, if not, returns false. * * @param Entity $entity entity which has possibly errors in it * @return bool has errors => true | has no errors => false */ public function checkForErrors($entity) { if (is_callable([$entity, 'errors']) && !empty($entity->errors())) { return $this->hasErrors(true); } foreach ($entity->visibleProperties() as $propertyName) { $property = $entity->get($propertyName); if (is_callable([$property, 'errors']) && !empty($property->errors())) { return $this->hasErrors(true); } } return false; }
/** * Tests that only accessible properties can be set * * @return void */ public function testSetWithAccessibleWithArray() { $entity = new Entity(['foo' => 1, 'bar' => 2]); $options = ['guard' => true]; $entity->accessible('foo', true); $entity->set(['bar' => 3, 'foo' => 4], $options); $this->assertEquals(2, $entity->get('bar')); $this->assertEquals(4, $entity->get('foo')); $entity->accessible('bar', true); $entity->set(['bar' => 3, 'foo' => 5], $options); $this->assertEquals(3, $entity->get('bar')); $this->assertEquals(5, $entity->get('foo')); }
<?php require_once '../lib/bootstrap.inc'; // ----------------------------------------------------------------------------- // Allow a user do download 'extra' files for an entity // ----------------------------------------------------------------------------- $user = Authentication::require_user(); $entity = Entity::get(@$_SERVER['PATH_INFO'], !$user->is_admin); // Which file are we downloading? if (isset($_REQUEST['all'])) { // download all files as a zip archive $filepath = tempnam('', 'zip'); $delete_temp_file = $filepath; $zip = new ZipArchive(); $result = $zip->open($filepath, ZIPARCHIVE::CREATE | ZIPARCHIVE::OVERWRITE); if ($result !== true) { die("Failed to open zip file '{$filepath}', error code {$result}"); } $files = $entity->downloadable_files(); foreach ($files as $filename) { $zip->addFile($entity->data_path() . $filename, $filename); } $zip->close(); $filename = $entity->dir_name() . '.zip'; $filetype = 'application/zip'; } else { $filename = @$_REQUEST['f']; $files = $entity->downloadable_files(); if (!in_array($filename, $files)) { die("You have no rights to view this file."); }