public function destroy($id = null)
{
// If multiple ids are specified
if ($id == 'multiple') {
$selected_ids = trim(Input::get('selected_ids'));
if ($selected_ids == '') {
return Redirect::back()->with('error_message', "Nothing was selected to delete");
}
$selected_ids = explode(' ', $selected_ids);
} else {
$selected_ids = array($id);
}
foreach ($selected_ids as $id) {
$post = FormEntry::findOrFail($id);
$post->delete();
}
$wasOrWere = count($selected_ids) > 1 ? 's were' : ' was';
$message = 'The form entry' . $wasOrWere . ' deleted.';
return Redirect::back()->with('success_message', $message);
}
public function destroy($id = null)
{
// If multiple ids are specified
if ($id == 'multiple') {
$selected_ids = trim(Input::get('selected_ids'));
if ($selected_ids == '') {
return Redirect::back()->with('error_message', trans('error_messages.nothing_selected_delete'));
}
$selected_ids = explode(' ', $selected_ids);
} else {
$selected_ids = array($id);
}
foreach ($selected_ids as $id) {
$post = FormEntry::findOrFail($id);
$post->delete();
}
$translation = count($selected_ids) > 1 ? 'form_entries_delete' : 'form_entry_delete';
$message = trans('success_messages.' . $translation);
return Redirect::back()->with('success_message', $message);
}
/**
* renders the form head
* @return string html
*/
public function renderFormHead($using_custom = false)
{
// start the form html using an array
$html = [];
$form_status = 'idle';
if (self::$success) {
$form_status = 'success';
}
if (self::$invalid) {
$form_status = 'has_errors';
}
$html[] = sprintf('<form action="%s" data-form-status="%s" method="%s" class="%s" id="%s" data-use-ajax="%s" %s>', $this->settings['action'], $form_status, $this->settings['method'], $this->settings['css_class'] . ' mrspicy-forms', $this->settings['id'], $this->settings['use_ajax'], $this->settings['novalidate'] ? 'novalidate' : '');
if ($this->settings['use_recaptcha']) {
$html[] = '<script src="https://www.google.com/recaptcha/api.js"></script>';
}
// get neccessary fields CSRF protection
$form_entry_helper = new \FormEntry();
$html[] = $form_entry_helper->getRenderPublicField('nonce');
$html[] = $form_entry_helper->getRenderPublicField('class');
$html[] = sprintf('<input name="form_config" type="hidden" value="%d">', $this->conf_ID);
$html[] = '<input name="mrspicy_form_submission" type="hidden" value="true">';
if ($this->settings['use_ajax']) {
$html[] = '<input type="hidden" name="use_ajax" value="1">';
}
if ($this->settings['use_honeypot']) {
$html[] = $this->renderHoneyPotField();
}
// wrap with row and columns (foundation)
if (!$this->settings['exclude_post_content'] && !$using_custom) {
$html[] = $this->settings['label_field_wrapper']($this->conf_instance->getTheContent(), $this->settings['column_classes']);
}
$messages = [];
if (strlen($this->get('error_message'))) {
$messages['error_message'] = $this->get('error_message');
}
//get form messages
if (!$using_custom) {
$html[] = $this->settings['label_field_wrapper']($this->getFormMessages($messages), $this->settings['column_classes'] . ' form-messages');
$this->renderMessages();
}
return join('', $html);
}
function display_form_entry_edit_form($user, $id = False, $form_id = False)
{
// displays a form to edit form parameters.
if (!($id === False)) {
$caught = False;
try {
$formEntry = new FormEntry($user->dbConn, $id);
$form_id = $formEntry->form['id'];
} catch (Exception $e) {
$id = False;
$form_id = False;
$caught = True;
}
} else {
$formEntry = new FormEntry($user->dbConn, 0, $form_id ? intval($form_id) : Null);
$formEntry->formValues = $formEntry->getAutosaveValues($user);
}
if (!($form_id === False)) {
try {
$form = new Form($user->dbConn, $form_id);
} catch (Exception $e) {
$form_id = False;
}
$formEntry->form = array('id' => $form->id, 'name' => $form->name);
} else {
echo "Please specify a valid form entry ID or form ID.";
return;
}
$jsParameters = array();
if ($formEntry->machine) {
// instantiate all machine_type_attributes in php and js.
$machine = new Machine($user->dbConn, $formEntry->machine['id']);
foreach ($machine->machineParameters as $parameter) {
@($value = unserialize($parameter->value));
if (!$value) {
$value = $parameter->value;
} else {
$value = json_encode($value);
}
${$parameter->machineTypeAttribute['name']} = $value;
$jsParameters[$parameter->machineTypeAttribute['name']] = $value;
}
} else {
// instantiate all the global machine parameters.
$machineParameters = $user->dbConn->stdQuery("SELECT `machine_type_attributes`.`name` FROM `machine_type_attributes`");
while ($parameter = $machineParameters->fetch_assoc()) {
${$parameter['name']} = array();
$jsParameters[$parameter['name']] = "{}";
}
}
if ($form->php != '' && $form->php != 'NULL') {
// i know this is terrible ugh but custom forms eventually
eval($form->php);
}
if ($form->js != '' && $form->js != 'NULL') {
echo "<script type='text/javascript'>\n";
foreach ($jsParameters as $name => $value) {
echo "var " . $name . " = " . $value . ";\n";
}
echo $form->js . "\n</script>\n";
}
}
} else {
$approvalVal = 0;
}
$formEntry = new FormEntry($database, intval($_REQUEST['id']));
if (!$formEntry->user['id'] || $user->id != $formEntry->user['id'] && !$user->isPhysicist() && !$user->isAdmin()) {
redirect_to(array('location' => 'form_entry.php?action=edit&id=' . intval($formEntry->id), 'status' => "You don't have permissions to update that entry.", 'class' => 'error'));
}
if ($formEntry->setApproval($user, $approvalVal)) {
redirect_to(array('location' => 'form_entry.php?action=index&form_id=' . intval($formEntry->form['id']), 'status' => "Successfully " . $_REQUEST['action'] . "d entry.", 'class' => 'success'));
} else {
redirect_to(array('location' => 'form_entry.php?action=edit&id=' . intval($formEntry->id), 'status' => "An error occurred while un/approving this entry.", 'class' => 'error'));
}
} elseif ($_REQUEST['action'] == 'delete' && isset($_REQUEST['id'])) {
// check to see if this user has perms to delete.
try {
$targetEntry = new FormEntry($database, intval($_REQUEST['id']));
} catch (Exception $e) {
echo "0";
exit;
}
if ($targetEntry->approvedOn != '') {
echo "0";
exit;
}
if ($targetEntry->user['id'] != $user->id && !$user->isPhysicist() && !$user->isAdmin()) {
echo "0";
exit;
}
try {
$targetMachine = new Machine($database, intval($targetEntry->machine['id']));
} catch (Exception $e) {
