public function referencing($from = null, $id = null, $model_context = array())
{
if ($reference = self::resolve_model_reference('self', $model_context['where'], true)) {
if (is_array($reference) && count($reference) == 1) {
$this->reference = $reference[0];
}
} elseif ($reference = self::resolve_model_reference('direct', $model_context['where'], true)) {
if (is_array($reference) && count($reference) == 1) {
$this->reference = $reference[0];
}
}
if (!is_null($from) && !is_null($id) && is_numeric($id)) {
$SQL = 'SELECT `models`.`reference` FROM `{PREFIX}models` AS `models` WHERE `models`.`model_class` = :class' . PHP_EOL;
$params = array(':class' => $this->class);
if ($this->class != $from) {
$SQL .= 'AND `models`.`table_from` = :from' . PHP_EOL;
$params[':from'] = $from;
}
$SQL .= 'AND `models`.`table_id` = :id';
$params[':id'] = $id;
if ($result = \Routerunner\Db::query($SQL, $params)) {
$this->reference = $result[0]['reference'];
} elseif (substr(get_class($this), 0, 8) != 'backend\\') {
// create reference
$SQL = 'INSERT INTO `{PREFIX}models` (`model_class`, `table_from`, `table_id`) VALUES (?, ?, ?)';
$params = array($this->class, $from, $id);
$this->created = true;
$this->reference = \Routerunner\Db::insert($SQL, $params);
}
} elseif ($this->reference) {
$SQL = 'SELECT `models`.`table_from`, `models`.`table_id` FROM `{PREFIX}models` AS `models` WHERE ' . '`models`.`reference` = :reference' . PHP_EOL;
$params = array(':reference' => $this->reference);
if ($result = \Routerunner\Db::query($SQL, $params)) {
$from = $result[0]["table_from"];
$id = $result[0]["table_id"];
}
}
$this->table_from = $from;
$this->table_id = $id;
$parents = \runner::stack("parents");
if (isset($parents[$this->reference])) {
$this->parent = $parents[$this->reference];
}
$prevs = \runner::stack("prevs");
if (isset($prevs[$this->reference])) {
$this->prev = $prevs[$this->reference];
}
if (!isset($model_context['skip_referencing']) || !$model_context['skip_referencing']) {
$this->permissioning();
if (!$this->permission && !empty($_POST['parent']) && is_numeric($_POST['parent']) && (\runner::stack("model_create") && isset($this->route, \runner::stack("model_create")["route"]) && $this->route == \runner::stack("model_create")["route"])) {
$this->permissioning($_POST['parent']);
}
$this->statement();
}
}
public static function submit($forms, &$errors = array(), &$return_SQL = false, &$return_params = false, &$values = array())
{
if (!is_array($forms)) {
$forms = array($forms);
}
foreach ($forms as $frm_name => $form) {
$flashed = \Routerunner\Routerunner::$slim->flash($form->path . DIRECTORY_SEPARATOR . $form->formname);
$params = \Routerunner\Bootstrap::$params;
$halt = false;
if (isset($flashed, $flashed['fields'])) {
// check form fields
$fields = $flashed['fields'];
$form_fields = array_keys($form->fields);
if (($_routerunner_form_id_index = array_search($form->id_field, $form_fields)) && ($_routerunner_form_nonce_index = array_search('_routerunner_form_nonce', $form_fields))) {
unset($form_fields[$_routerunner_form_id_index], $form_fields[$_routerunner_form_nonce_index]);
}
if (\Routerunner\Common::arrDiff($fields, $form_fields)) {
// exception
$halt = true;
}
unset($flashed['fields']);
// check form params
/*
if (\Routerunner\Common::arrDiff($flashed, $form->params)) {
// exception
$halt = true;
}
*/
$form->params = $flashed;
} else {
$errors[] = 'Form not exists or the page has been refreshed!';
}
$fid = false;
if (!empty($form->fields[$form->id_field]['value'])) {
$fid = $form->fields[$form->id_field]['value'];
}
if ($fid && !empty($form->fields['_routerunner_form_nonce']['value'])) {
if (!isset($_SESSION['nonce-' . $fid]) || !\Routerunner\Crypt::checker($form->fields['_routerunner_form_nonce']['value'], $_SESSION['nonce-' . $fid])) {
$errors[] = 'Error in form submit or data has been sent already!';
$halt = true;
}
}
if (!$halt) {
unset($form->fields[$form->id_field]);
unset($form->fields['_routerunner_form_nonce']);
unset($_SESSION['nonce-' . $fid]);
}
$succeed = false;
if (!$halt) {
$error_row = isset($form->params['error_format']) ? $form->params['error_format'] : '<p class="err">%s</p>' . PHP_EOL;
$succeed = true;
$submit_params = array();
if (isset($form->unset) && is_array($form->unset)) {
foreach ($form->unset as $field) {
if (isset($form->fields[$field], $form->fields[$field]["value"])) {
$values[$field] = $form->fields[$field]["value"];
} elseif (isset($form->fields[$field])) {
$values[$field] = $form->fields[$field]["value"];
}
unset($form->fields[$field]);
}
}
if (isset($form->set) && is_array($form->set)) {
foreach ($form->set as $field => $value) {
$values[$field] = $value;
$form->fields[$field] = array("field" => $field, "value" => $value);
}
}
foreach ($form->fields as $field => $field_param) {
$field_succeed = true;
$values[$field] = null;
if (!isset($params[$field]) && isset($field_param['value'])) {
$params[$field] = $field_param['value'];
}
$regexps = isset($field_param['regexp']) ? $field_param['regexp'] : false;
if ($regexps && !is_array($regexps)) {
$regexps = array($regexps);
} elseif (!$regexps) {
$regexps = array();
}
if (!isset($params[$field]) || !$params[$field]) {
if (isset($field_param['default_on_fail'], $field_param['default']) && $field_param['default_on_fail']) {
$params[$field] = $field_param['default'];
} elseif (isset($field_param['errormsg'])) {
$errors[$field] = sprintf($error_row, $field_param['errormsg']);
if (isset($field_param['mandatory']) && $field_param['mandatory']["value"] === true) {
if (isset($field_param['mandatory']['msg']) && !isset($errors[$field])) {
$errors[$field] = sprintf($error_row, $field_param['mandatory']['msg']);
}
$field_succeed = false;
$regexps = array();
}
} elseif (isset($field_param['mandatory']) && $field_param['mandatory']["value"] === true) {
if (isset($field_param['mandatory']['msg']) && !isset($errors[$field])) {
$errors[$field] = sprintf($error_row, $field_param['mandatory']['msg']);
}
$field_succeed = false;
$regexps = array();
}
}
foreach ($regexps as $regexp) {
$isOk = false;
if (is_array($regexp["value"])) {
foreach ($regexp["value"] as $regexp_key => $regexp_value) {
$pattern = "~" . trim($regexp_value, "/~ ") . "~";
if (isset($regexp['options'])) {
$pattern .= is_array($regexp["options"]) && isset($regexp["options"][$regexp_key]) ? $regexp["options"][$regexp_key] : $regexp["options"];
}
if (preg_match($pattern, $params[$field])) {
$isOk = true;
}
}
} else {
$pattern = "~" . trim($regexp["value"], "~/ ") . "~";
if (isset($regexp['options'])) {
$pattern .= $regexp['options'];
}
$isOk = preg_match($pattern, $params[$field]);
}
if (isset($params[$field]) && !$isOk) {
if (isset($regexp['msg']) && !isset($errors[$field])) {
$errors[$field] = sprintf($error_row, $regexp['msg']);
}
$field_succeed = false;
}
}
if ($field_succeed) {
if (isset($params[$field]) && isset($field_param["field"])) {
if (isset($field_param['function']) && function_exists($field_param['function'])) {
$fn = $field_param['function'];
$submit_params[$field] = $fn($params[$field]);
} else {
$submit_params[$field] = $params[$field];
}
$values[$field] = $submit_params[$field];
}
} else {
$succeed = false;
}
}
}
if ($succeed) {
$method = isset($form->params['xmethod']) ? $form->params['xmethod'] : $form->params['method'];
if (isset($form->params[$method . '_sql'])) {
$sql = $form->params[$method . '_sql'];
if (preg_match('/\\:[a-z0-9]+/im', $sql)) {
// named parameters
array_walk($sql_params, function ($value, &$key) {
if (substr($key, 0, 1) != ':') {
$key = ':' . $key;
}
});
}
} else {
$from = isset($form->params['from']) ? $form->params['from'] : $form->class;
$from = \Routerunner\Common::dbField($from);
$sql_params = array();
if ($method === 'post') {
$sql = 'INSERT INTO ' . $from . ' (';
$fields = array();
foreach ($submit_params as $field => $submit_value) {
$field_param = $form->fields[$field];
if (isset($params[$field]) && (!isset($field_param['fixed']) || $field_param['fixed'] !== true) && (!isset($field_param['field']) || $field_param['field'] !== false)) {
$_field = isset($field_param['field']) ? $field_param['field'] : $field;
$fields[] = \Routerunner\Common::dbField($_field);
$param_key = \Routerunner\Common::dbField($_field, ':', '', '.', '` .', '.');
$sql_params[$param_key] = $submit_value;
/*
if (isset($submit_params[$field])) {
$sql_params[$param_key] = $submit_params[$field];
} else {
$sql_params[$param_key] = $params[$field];
}
*/
}
}
$sql .= implode(', ', $fields) . ') VALUES (' . implode(', ', array_keys($sql_params)) . ')';
} elseif ($method == 'put') {
$sql = 'UPDATE ' . $from . ' SET ';
$fields = array();
foreach ($submit_params as $field => $submit_value) {
$field_param = $form->fields[$field];
if (isset($params[$field]) && (!isset($field_param['fixed']) || $field_param['fixed'] !== true) && (!isset($field_param['field']) || $field_param['field'] !== false)) {
$_field = isset($field_param['field']) ? $field_param['field'] : $field;
$row = \Routerunner\Common::dbField($_field) . ' = ';
$param_key = \Routerunner\Common::dbField($_field, ':', '', '.', '` .', '.');
$row .= $param_key;
$sql_params[$param_key] = $submit_value;
/*
if (isset($submit_params[$field])) {
$sql_params[$param_key] = $submit_params[$field];
} else {
$sql_params[$param_key] = $params[$field];
}
*/
$fields[] = $row;
}
}
$sql .= implode(', ', $fields) . ' WHERE ';
if (isset($form->params['condition'])) {
$conditions = $form->params['condition'];
while ($condition = array_shift($conditions)) {
if (!is_array($condition)) {
$condition = array($condition);
}
$add_condition = true;
if (isset($condition[1]) && is_array($condition[1])) {
foreach ($condition[1] as $condition_field => $condition_value) {
if (isset($form->fields[$condition_value]['value'])) {
$sql_params[$condition_field] = $form->fields[$condition_value]['value'];
} else {
$add_condition = false;
}
}
} elseif (isset($condition[1])) {
$sql_params[] = $condition[1];
} else {
$add_condition = false;
}
if ($add_condition) {
$sql .= $condition[0];
if (count($conditions) && isset($condition[2])) {
$sql .= ' ' . $condition[2] . ' ';
}
}
}
} else {
// exception
}
} elseif ($method == 'delete') {
$sql = 'DELETE FROM ' . $from . ' WHERE ';
if (isset($form->params['condition'])) {
$conditions = $form->params['condition'];
while ($condition = array_shift($conditions)) {
if (!is_array($condition)) {
$condition = array($condition);
}
$add_condition = true;
if (isset($condition[1]) && is_array($condition[1])) {
foreach ($condition[1] as $condition_field => $condition_value) {
if (isset($form->fields[$condition_value]['value'])) {
$sql_params[$condition_field] = $form->fields[$condition_value]['value'];
} else {
$add_condition = false;
}
}
} elseif (isset($condition[1])) {
$sql_params[] = $condition[1];
} else {
$add_condition = false;
}
if ($add_condition) {
$sql .= $condition[0];
if (count($conditions) && isset($condition[2])) {
$sql .= ' ' . $condition[2] . ' ';
}
}
}
} elseif (isset($submit_params) && $submit_params) {
$fields = array();
foreach ($submit_params as $field => $submit_value) {
$field_param = $form->fields[$field];
if (isset($params[$field]) && (!isset($field_param['fixed']) || $field_param['fixed'] !== true) && (!isset($field_param['field']) || $field_param['field'] !== false)) {
$_field = isset($field_param['field']) ? $field_param['field'] : $field;
$row = \Routerunner\Common::dbField($_field) . ' = ';
$param_key = \Routerunner\Common::dbField($_field, ':', '', '.', '` .', '.');
$row .= $param_key;
$sql_params[$param_key] = $submit_value;
/*
if (isset($submit_params[$field])) {
$sql_params[$param_key] = $submit_params[$field];
} else {
$sql_params[$param_key] = $params[$field];
}
*/
$fields[] = $row;
}
}
$sql .= implode(' AND ', $fields);
} else {
// exception
}
}
}
if ($return_SQL || $return_params) {
$return_SQL = $sql;
$return_params = $sql_params;
} else {
\Routerunner\Db::begin_transaction();
if ($method === 'post') {
$succeed = \Routerunner\Db::insert($sql, $sql_params);
} else {
\Routerunner\Db::query($sql, $sql_params);
}
\Routerunner\Db::commit();
}
}
}
return $succeed;
}
public static function insert($SQL, $params = array())
{
return \Routerunner\Db::insert($SQL, $params);
}
