function _PrepareSQL()
{
// Replace all "placeholder values" in this request pack that are linked to a DBValues item by current value/result of the value:
// ex. replace "__VAL1" by "Yes" when DBValues[1] = "FormInputs.WExx.radio.WExx" (it means linked to a specified html radiogroup)
// and current (ex. default) value/result for this radiogroup = "Yes"
// In special cases, a corresponding primary key value may be requested instead of the value itself, ex. "__PK1" instead of "__VAL1"
// When values are provided directly (not as linked placeholder), strings are put into "", so there's no conflict possible with special prefixes above
$this->RequestPack = null;
if (!isset($this->Params) || !isset($this->Params['Src'])) {
return;
}
//!!
$aSQL = $this->Params['Src'];
// pack of sql requests in json format
if (substr($aSQL, -1) !== '}' && substr($aSQL, -1) !== ']') {
return;
}
//!!
$this->RequestPack = OEDynUtils::decodeJson($aSQL, false);
// decode as Object (not Array)
if (empty($this->RequestPack)) {
return;
}
$sqlStringQuote = OESQLBase::SQLInstance()->StringQuoteChar();
if (!$sqlStringQuote) {
$sqlStringQuote = '"';
}
//var_dump($this->RequestPack);
$valPref = '__VAL';
// same as DBHelp.SQLPackLinkValue in VB code
$pkeyPref = '__PK';
// same as DBHelp.SQLPackLinkPKey in VB code
foreach ($this->RequestPack as &$rq) {
// $rType = $rq->Type;
// $rCode = $rq->Code;
$rValues =& $rq->Values;
$rVTypes =& $rq->ValueTypes;
// string, ex 'issd'
// security for non-prepared mode - normally not needed but kept for future modifications or special cases:
$rq->ValuesSecured = array();
$rValuesSecured =& $rq->ValuesSecured;
// replace placeholders corresponding to DBValue indexes with respective values
$rValCount = empty($rValues) ? 0 : count($rValues);
for ($i = 0; $i < $rValCount; $i++) {
// ex. $rValues[$i] = "__VAL4.SHA" means sha1(DBValues[4])
if (strpos($rValues[$i], $valPref) === 0) {
// this placeholder corresponds to one of DBValues items
// ex. "__VAL4.SHA" => "4.SHA" => use DBValues[4] and hash it
$valInd = substr($rValues[$i], strlen($valPref));
// ex. 4
// replace index "link" by current value of DBValues[$valInd]:
$rValues[$i] = $this->Manager->DBValueManager->GetDBValueWithSuffix($valInd);
// replace with actual value: get first data row, or in case of iterators the row currently iterated
// ex. $rValues[$i] = "7110eda4d09e062aa5e4a390b0a572ac0d2c0220"
// for non=prepared mode (remove later?):
// type - string or numeric:
$isString = false;
if (isset($rVTypes[$i])) {
// consider value type if it is passed through JSON
if ($rVTypes[$i] === 's') {
$isString = true;
}
}
$rValuesSecured[$i] = OESQLBase::SQLInstance()->secureSQLValue($rValues[$i], !$isString);
// basic protection against injections, depend on string or numeric type
//echo "SQL value $i:";var_dump($rValues[$i]);
if ($rValuesSecured[$i] === null) {
$rValuesSecured[$i] = 'NULL';
//!!check for prepared statements
//echo ' - SQL value '.$valInd.' is NULL - ';
} else {
if ($isString) {
$rValuesSecured[$i] = $sqlStringQuote . $rValuesSecured[$i] . $sqlStringQuote;
// if it's string, wrap quotes ""
}
}
} else {
if (strpos($rValues[$i], $pkeyPref) === 0) {
// this placeholder links to Primary Key corresponding to container+row where DBValue-pointed data is, rather than to this data itself
// ex. "__PK4" => use primary key value of the result row containing DBValues[4]
$valInd = substr($rValues[$i], strlen($pkeyPref));
$rValues[$i] = $this->Manager->DBValueManager->GetDBValueWithSuffix($valInd, 0, true);
//!!iterators!! // use primary key value
if (isset($rVTypes[$i])) {
// force value type to int
$rVTypes[$i] = 'i';
}
$rValuesSecured[$i] = OESQLBase::SQLInstance()->secureSQLValue($rValues[$i], true);
// basic protectyino against injections, true to treat value as numeric
// primary key value considered integer, don't put into "" //!!check !!improve for custom keys
//echo "with value[$valInd]={$rValues[$i]}";
}
}
}
}
//echo "Updated request pack:"."<br/>";var_dump($this->RequestPack);//var_dump($this->Manager->DBValueManager->DBValues);
}
function __construct($jsonPageVars)
{
$this->tm_start = microtime(true);
$this->JSData = null;
if (!$jsonPageVars) {
return;
}
$this->currLang = $this->_getLangFromPageURL();
// detect current language //!!improve
// Deserialise:
echo "<span style='color:silver'>==TIME</span>::" . round((microtime(true) - $this->tm_start) * 10000) * 0.1 . " before decodeJSON<br/>";
$this->JSData = OEDynUtils::decodeJson($jsonPageVars);
if (!$this->JSData) {
return;
}
//var_dump($this->JSData);
echo "<span style='color:silver'>==TIME</span>::" . round((microtime(true) - $this->tm_start) * 10000) * 0.1 . " after Decode JSON<br/>";
//var_dump($this->pageVars["DynEvents"]);
if (!is_array($this->JSData) || empty($this->JSData["DynEvents"])) {
return;
}
// no data or events
$this->dataContainers = array();
$this->ResultCommands = array();
//echo "Init Ok"."<br/>";
}
function fromJSON($jsonStr)
{
$this->Reset();
//$decodeJson = new Services_JSON(SERVICES_JSON_LOOSE_TYPE); if (!$decodeJson) return; // get as an associative array, not as object with fields
$o = OEDynUtils::decodeJson($jsonStr);
if (empty($o)) {
return;
}
if (array_key_exists('Name', o)) {
$this->Name =& $o['Name'];
}
if (array_key_exists('Values', o)) {
$this->Values =& $o['Values'];
}
// if (array_key_exists('PKeys', o)) $this->PKeys =& $o['PKeys'];
}
