/**
* Default error action.
*
* On Phprojekt_PublishedException, return an error string in JSON format.
* <pre>
* - type => 'error'.
* - message => Error message.
* - code => Error code.
* </pre>
*
* On wrong controller name or action, terminates script execution.
*
* In all cases, the error is logged.
*
* @return void
*/
public function errorAction()
{
$error = $this->_getParam('error_handler');
$this->getResponse()->clearBody();
switch ($error->type) {
case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_CONTROLLER:
case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_ACTION:
// 404 error -- controller or action not found
$this->getResponse()->setRawHeader('HTTP/1.1 404 Not Found');
$message = "The url " . Cleaner::sanitize('xss', urldecode($error->request->getRequestUri())) . " do not exists";
Phprojekt::getInstance()->getLog()->err($message);
die($message);
break;
default:
$exception = $error->exception;
// We only forward exception with type PublishedException
if ($exception instanceof Phprojekt_PublishedException) {
$error = array('type' => 'error', 'message' => $exception->getMessage(), 'code' => $exception->getCode());
echo '{}&&(' . Zend_Json_Encoder::encode($error) . ')';
} else {
$logger = Phprojekt::getInstance()->getLog();
$logger->err($exception->getMessage() . "\n" . $exception->getTraceAsString());
}
break;
}
}
/**
* Default error action.
*
* On Zend_Controller_Action_Exception, if the error code is 4xx return an error message matching the accepted type.
*
* On wrong controller name or action, terminates script execution.
*
* In all cases, the error is logged.
*
* @return void
*/
public function errorAction()
{
$error = $this->_getParam('error_handler');
$this->getResponse()->clearBody();
$exception = $error->exception;
$viewerror = array('type' => 'error', 'message' => 'Internal Server Error');
switch ($error->type) {
case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_CONTROLLER:
case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_ACTION:
// 404 error -- controller or action not found
$this->getResponse()->setHttpResponseCode(404);
$message = "The url " . Cleaner::sanitize('xss', urldecode($error->request->getRequestUri())) . " do not exists";
Phprojekt::getInstance()->getLog()->err($message);
die($message);
break;
default:
// We only forward exception with 4xx code to the client
if ($exception instanceof Zend_Controller_Action_Exception && $exception->getCode() >= 400 && $exception->getCode() < 500) {
$this->getResponse()->setHttpResponseCode($exception->getCode());
$viewerror['message'] = $exception->getMessage();
} else {
$this->getResponse()->setHttpResponseCode(500);
$logger = Phprojekt::getInstance()->getLog();
$logger->err($exception->getMessage() . "\n" . $exception->getTraceAsString());
}
break;
}
$this->view->error = $viewerror;
}
/**
* Validate the configurations.
*
* @param array $params Array with values to save.
*
* @return string|null Error message.
*/
public function validateConfigurations($params)
{
$message = null;
// Company Name
$companyName = Cleaner::sanitize('string', $params['companyName']);
if (empty($companyName)) {
$message = Phprojekt::getInstance()->translate('The Company name is empty');
}
return $message;
}
/**
* Returns the statistics data.
*
* Also return the Total per rows.
*
* OPTIONAL request parameters:
* <pre>
* - date <b>startDate</b> ISO start date for filter.
* - date <b>endDate</b> ISO end date for filter.
* - integer <b>nodeId</b> List all the projects under nodeId.
* </pre>
*
* The return is in CSV format.
*
* @return void
*/
public function csvListAction()
{
$startDate = Cleaner::sanitize('date', $this->getRequest()->getParam('startDate', date("Y-m-d")));
$endDate = Cleaner::sanitize('date', $this->getRequest()->getParam('endDate', date("Y-m-d")));
$projectId = (int) $this->getRequest()->getParam('nodeId', null);
$this->setCurrentProjectId();
$data = $this->getModelObject()->getStatistics($startDate, $endDate, $projectId);
$data = $data['data'];
$rows = array();
$sumPerUser = array();
$index = 0;
$rows[$index][] = 'Project';
foreach ($data['users'] as $name) {
$rows[$index][] = $name;
}
$rows[$index][] = 'Total';
$index++;
$converter = new Phprojekt_Converter_Time();
foreach ($data['projects'] as $projectId => $title) {
$sumPerProject = 0;
$rows[$index][] = $title;
foreach (array_keys($data['users']) as $userId) {
if (!isset($data['rows'][$projectId][$userId])) {
$rows[$index][] = $converter->convertMinutesToHours(0);
} else {
$rows[$index][] = $converter->convertMinutesToHours($data['rows'][$projectId][$userId]);
$sumPerProject = $sumPerProject + $data['rows'][$projectId][$userId];
if (!isset($sumPerUser[$userId])) {
$sumPerUser[$userId] = 0;
}
$sumPerUser[$userId] = $sumPerUser[$userId] + $data['rows'][$projectId][$userId];
}
}
$rows[$index][] = $converter->convertMinutesToHours($sumPerProject);
$index++;
}
$rows[$index][] = 'Total';
$total = 0;
foreach (array_keys($data['users']) as $userId) {
if (!isset($sumPerUser[$userId])) {
$rows[$index][] = $converter->convertMinutesToHours(0);
} else {
$rows[$index][] = $converter->convertMinutesToHours($sumPerUser[$userId]);
$total = $total + $sumPerUser[$userId];
}
}
$rows[$index][] = $converter->convertMinutesToHours($total);
Phprojekt_Converter_Csv::echoConvert($rows);
}
public function jsonGetSpecificUsersAction()
{
$ids = Cleaner::sanitize('arrayofint', $this->getRequest()->getParam('users', array()));
if (empty($ids)) {
$ids[] = (int) PHprojekt_Auth::getUserId();
}
$db = Phprojekt::getInstance()->getDb();
$where = sprintf('status = %s AND id IN (%s)', $db->quote('A'), implode(", ", $ids));
$user = new Phprojekt_User_User();
$records = $user->fetchAll($where);
$data = array();
foreach ($records as $record) {
$data['data'][] = array('id' => (int) $record->id, 'display' => $record->displayName);
}
Phprojekt_Converter_Json::echoConvert($data, Phprojekt_ModelInformation_Default::ORDERING_LIST);
}
/**
* Checks in the session if user is loggued in or not.
* If it is not logged, tries to log him/her using browser cookies.
*
* @throws Phprojekt_Auth_UserNotLoggedInException On user not logged in.
*
* @return boolean True if user is logued in.
*/
public static function isLoggedIn()
{
$authNamespace = new Zend_Session_Namespace('Phprojekt_Auth-login');
// Is there session data?
if (!isset($authNamespace->userId) || empty($authNamespace->userId)) {
// No - Read cookies
$readingPrefix = str_replace('.', '_', self::COOKIES_PREFIX);
$cookieHashName = $readingPrefix . self::LOGGED_TOKEN . '_hash';
$cookieUserId = $readingPrefix . self::LOGGED_TOKEN . '_user';
// Are there cookies?
if (isset($_COOKIE[$cookieHashName]) && isset($_COOKIE[$cookieUserId]) && (int) $_COOKIE[$cookieUserId] > 0) {
// Yes
$tokenCookieHash = Cleaner::sanitize('alnum', $_COOKIE[$cookieHashName]);
$tokenCookieUserId = (int) $_COOKIE[$cookieUserId];
$goToLoginPage = false;
$setting = Phprojekt_Loader::getLibraryClass('Phprojekt_Setting');
$setting->setModule('User');
$tokenDbHash = $setting->getSetting(self::LOGGED_TOKEN . '_hash', $tokenCookieUserId);
$tokenDbExpires = (int) $setting->getSetting(self::LOGGED_TOKEN . '_expires', (int) $tokenCookieUserId);
// Is there valid DB token data, which has not expired?
if ($tokenDbExpires > time()) {
// Yes - The expiration time exists and is valid. The hashes match?
if ($tokenCookieHash == $tokenDbHash) {
// Yes - Log in the user
$user = Phprojekt_Loader::getLibraryClass('Phprojekt_User_User');
$user->find($tokenCookieUserId);
// If the user was found we will save the user information in the session
$authNamespace->userId = $user->id;
$authNamespace->admin = $user->admin;
// Save the data into the DB and Cookies
self::_saveLoginData($tokenCookieUserId);
} else {
$goToLoginPage = true;
}
} else {
$goToLoginPage = true;
}
if ($goToLoginPage) {
self::_deleteDbAndCookies($tokenCookieUserId);
throw new Phprojekt_Auth_UserNotLoggedInException('User not logged in', 1);
}
} else {
throw new Phprojekt_Auth_UserNotLoggedInException('User not logged in', 1);
}
}
return true;
}
/**
* Return a value for set, using some validations from the table data.
*
* @param string $type Type of field.
* @param mixed $value Value to transform.
*
* @return mixed Sanitized value.
*/
public static function set($type, $value)
{
switch ($type) {
case 'int':
$value = Cleaner::sanitize('integer', $value, 0);
break;
case 'float':
$value = Cleaner::sanitize('float', $value, 0);
if ($value !== false) {
$value = Zend_Locale_Format::getFloat($value, array('precision' => 2));
} else {
$value = 0;
}
break;
case 'date':
$value = Cleaner::sanitize('date', $value);
break;
case 'time':
$value = Cleaner::sanitize('time', $value);
$value = date("H:i:s", Phprojekt_Converter_Time::userToUtc($value));
break;
case 'datetime':
case 'timestamp':
$value = Cleaner::sanitize('timestamp', $value);
$value = date("Y-m-d H:i:s", Phprojekt_Converter_Time::userToUtc($value));
break;
case 'text':
default:
if (is_array($value)) {
// if given value for a text field is an array, it's from a MultiSelect field
$value = implode(',', $value);
}
// Run html sanitize only if the text contain some html code
if (preg_match("/([\\<])([^\\>]{1,})*([\\>])/i", $value)) {
$value = Cleaner::sanitize('html', $value);
} else {
$value = Cleaner::sanitize('string', $value);
}
break;
}
return $value;
}
/**
* Returns the list of actions done in one item.
*
* REQUIRES request parameters:
* <pre>
* - integer <b>moduleId</b> id of the module (if moduleName is sent, this is not necessary).
* - integer <b>itemId</b> id of the item.
* </pre>
*
* OPTIONAL request parameters:
* <pre>
* - integer <b>userId</b> To filter by user id.
* - string <b>moduleName</b> Name of the module (if moduleId is sent, this is not necessary).
* - date <b>startDate</b> To filter by start date.
* - date <b>endDate</b> To filter by end date.
* </pre>
*
* The return is in JSON format.
*
* @throws Zend_Controller_Action_Exception On missing or wrong moduleId or itemId.
*
* @return void
*/
public function jsonListAction()
{
$moduleId = (int) $this->getRequest()->getParam('moduleId', null);
$itemId = (int) $this->getRequest()->getParam('itemId', null);
$userId = (int) $this->getRequest()->getParam('userId', null);
$moduleName = Cleaner::sanitize('alnum', $this->getRequest()->getParam('moduleName', 'Default'));
$startDate = Cleaner::sanitize('date', $this->getRequest()->getParam('startDate', null));
$endDate = Cleaner::sanitize('date', $this->getRequest()->getParam('endDate', null));
$this->setCurrentProjectId();
if (empty($moduleId)) {
$moduleId = Phprojekt_Module::getId($moduleName);
}
if (empty($itemId) || empty($moduleId)) {
throw new Zend_Controller_Action_Exception("Invalid module or item", 400);
} else {
$history = new Phprojekt_History();
$data = $history->getHistoryData(null, $itemId, $moduleId, $startDate, $endDate, $userId);
$data = array('data' => $data);
Phprojekt_Converter_Json::echoConvert($data);
}
}
/**
* Saves a module.
*
* If the request parameter "id" is null or 0, the function will add a new module,
* if the "id" is an existing module, the function will update it.
*
* The save action will try also to copy files into the application folder
* if the module is a new one.
*
* OPTIONAL request parameters:
* <pre>
* - integer <b>id</b> id of the module to save.
* - string <b>name</b> Name of the module.
* - string <b>label</b> Display of the module.
* - mixed <b>all other module fields</b> All the fields values to save.
* </pre>
*
* If there is an error, the save will return a Phprojekt_PublishedException,
* if not, it returns a string in JSON format with:
* <pre>
* - type => 'success'.
* - message => Success message.
* - code => 0.
* - id => Id of the module.
* </pre>
*
* @throws Phprojekt_PublishedException On error in the action save.
*
* @return void
*/
public function jsonSaveAction()
{
$id = (int) $this->getRequest()->getParam('id');
$this->setCurrentProjectId();
if (empty($id)) {
$model = $this->getModelObject();
$message = Phprojekt::getInstance()->translate('The module was added correctly');
} else {
$model = $this->getModelObject()->find($id);
$message = Phprojekt::getInstance()->translate('The module was edited correctly');
}
// Set the hidden name to name or label
// use ucfirst and delete spaces
$module = Cleaner::sanitize('alnum', $this->getRequest()->getParam('name', null));
if (empty($module)) {
$module = Cleaner::sanitize('alnum', $this->getRequest()->getParam('label', null));
}
$module = ucfirst(str_replace(" ", "", $module));
$this->getRequest()->setParam('name', $module);
$model->saveModule($this->getRequest()->getParams());
$return = array('type' => 'success', 'message' => $message, 'code' => 0, 'id' => $model->id);
Phprojekt_Converter_Json::echoConvert($return);
}
/**
* Assign a value to a var using some validations from the table data.
*
* @param string $varname Name of the var to assign.
* @param mixed $value Value for assign to the var.
*
* @return void
*/
public function __set($varname, $value)
{
$varForInfo = Phprojekt_ActiveRecord_Abstract::convertVarToSql($varname);
$info = $this->info();
if (true == isset($info['metadata'][$varForInfo])) {
$type = $info['metadata'][$varForInfo]['DATA_TYPE'];
$value = Phprojekt_Converter_Value::set($type, $value);
} else {
$value = Cleaner::sanitize('string', $value);
}
parent::__set($varname, $value);
}
/**
* Validate the params and if is all ok, migrate the data.
*
* REQUIRES request parameters:
* <pre>
* - string <b>migrationConfigFile</b> File for get the config of P5.
* - integer <b>diffToUtc</b> Difference between the server and UTC.
* - string <b>module</b> Module to migrate.
* </pre>
*
* The return have:
* <pre>
* - type => The type of the message (error or success).
* - message => The message.
* - template => The template to show.
* </pre>
*
* The return is in JSON format.
*
* @return void
*/
public function jsonMigrateSetupAction()
{
$this->view->message = array();
$this->view->success = array();
$params = array('migrationConfigFile' => Cleaner::sanitize('string', $this->getRequest()->getParam('migrationConfigFile')), 'diffToUtc' => Cleaner::sanitize('integer', $this->getRequest()->getParam('diffToUtc')), 'module' => Cleaner::sanitize('string', $this->getRequest()->getParam('module')));
if (null !== $this->_setup) {
if ($this->_setup->validateMigration($params)) {
if (in_array($params['module'], $this->view->exportModules)) {
ob_start();
$this->_setup->migrate($params);
$errors = ob_get_contents();
if (!empty($errors)) {
$message = $errors;
$type = 'error';
} else {
$message = "Migration OK";
$type = 'success';
}
ob_end_clean();
} else {
$message = 'Wrong module';
$type = 'error';
}
} else {
$error = $this->_setup->getError();
$message = array_shift($error);
$type = 'error';
}
} else {
$this->getResponse()->setHttpResponseCode(403);
$this->sendResponse();
}
$template = $this->view->render('migrationOk.phtml');
$this->returnContent($type, $message, $template, $params['module']);
}
/**
* Returns all the words translated in each modules for the request language.
*
* REQUIRES request parameters:
* <pre>
* - string <b>language</b> The current language for get the translations.
* </pre>
*
* The return is in JSON format.
*
* @return void
*/
public function jsonGetTranslatedStringsAction()
{
$language = Cleaner::sanitize('alpha', $this->getRequest()->getParam('language', 'en'));
$translate = Phprojekt::getInstance()->getTranslate();
Phprojekt_Converter_Json::echoConvert($translate->getTranslatedStrings($language));
}
/**
* Converts the P5 datetime format YYYYMMDDHHMMSS to P6 date format YYYY-MM-DD.
*
* @param string $date Date & time in YYYYMMDDHHMMSS format.
*
* @return string Date in YYYY-MM-DD format.
*/
private function _longDateToShortDate($date)
{
if (strlen($date) == 14) {
$year = substr($date, 0, 4);
$month = substr($date, 4, 2);
$day = substr($date, 6, 2);
$dateOut = $year . "-" . $month . "-" . $day;
$dateOut = Cleaner::sanitize('date', $dateOut);
} else {
$dateOut = null;
}
return $dateOut;
}
/**
* Saves the design of all the fields in the module.
*
* If the request parameter "id" is null or 0, the function will add a new module,
* if the "id" is an existing module, the function will update it.
*
* The save action will try to add or update the module table itself and the database_manager.
*
* REQUIRES request parameters:
* <pre>
* - integer <b>id</b> id of the module to save.
* - string <b>designerData</b> Data of the fields.
* - string <b>name</b> Name of the module.
* - string <b>label</b> Display of the module.
* </pre>
*
* The return is a string in JSON format with:
* <pre>
* - type => 'success' or 'error'.
* - message => Success or error message.
* - id => id of the module.
* </pre>
*
* @throws Zend_Controller_Action_Exception On error in the action save.
*
* @return void
*/
public function jsonSaveAction()
{
$id = (int) $this->getRequest()->getParam('id');
$data = $this->getRequest()->getParam('designerData');
$saveType = (int) $this->getRequest()->getParam('saveType');
$model = null;
$module = Cleaner::sanitize('alnum', $this->getRequest()->getParam('name', null));
$this->setCurrentProjectId();
if (empty($module)) {
$module = Cleaner::sanitize('alnum', $this->getRequest()->getParam('label'));
}
$module = ucfirst(str_replace(" ", "", $module));
$this->getRequest()->setParam('name', $module);
if ($id > 0) {
$model = Phprojekt_Loader::getModel($module, $module);
}
$message = $this->_handleDatabaseChange($model, $module, $data, $saveType, $id);
if (!is_null($message)) {
Phprojekt_Converter_Json::echoConvert($message);
return;
}
$this->setCurrentProjectId();
$message = '';
if (empty($id)) {
$model = new Phprojekt_Module_Module();
$message = Phprojekt::getInstance()->translate('The module was added correctly');
} else {
$model = new Phprojekt_Module_Module();
$model = $model->find($id);
$message = Phprojekt::getInstance()->translate('The module was edited correctly');
}
$model->saveModule($this->getRequest()->getParams());
Phprojekt_Module::clearCache();
$return = array('type' => 'success', 'message' => $message, 'id' => $model->id);
Phprojekt_Converter_Json::echoConvert($return);
}
/**
* Convert the rule and value into a real where clause.
*
* @param string $field Field for filter.
* @param string $identifier Converted field for filter.
* @param string $rule Rule for apply the filter.
* @param string $keyword Value used for filter.
*
* @return string Where clause.
*/
private function _convertRule($field, $identifier, $rule, $keyword)
{
// Sanitize values
if ($this->_info['metadata'][$identifier]['DATA_TYPE'] == 'time') {
// Moving the value to UTC
$identifier = $this->_record->getTableName() . '.' . $identifier;
$identifier = Phprojekt::getInstance()->getDb()->quoteIdentifier($identifier);
$value = Cleaner::sanitize('time', $keyword);
$k = date("H:i:s", Phprojekt_Converter_Time::userToUtc($value));
//$identifier = 'TIME(' . $identifier . ')';
} else {
if ($this->_info['metadata'][$identifier]['DATA_TYPE'] == 'datetime') {
$identifier = $this->_record->getTableName() . '.' . $identifier;
$identifier = Phprojekt::getInstance()->getDb()->quoteIdentifier($identifier);
if (strstr($keyword, '-')) {
// Use it as date
$k = Cleaner::sanitize('date', $keyword);
$identifier = 'DATE(' . $identifier . ')';
} else {
if (strstr($keyword, ':')) {
// Use it as time
$value = Cleaner::sanitize('time', $keyword);
$k = date("H:i:s", Phprojekt_Converter_Time::userToUtc($value));
$identifier = 'TIME(' . $identifier . ')';
} else {
// Use it as datetime
$value = Cleaner::sanitize('timestamp', $keyword);
$k = date("Y-m-d H:i:s", Phprojekt_Converter_Time::userToUtc($value));
}
}
} else {
$keyword = mb_strtolower($keyword, 'UTF-8');
$k = $keyword;
$identifier = $this->_record->getTableName() . '.' . $identifier;
$identifier = Phprojekt::getInstance()->getDb()->quoteIdentifier($identifier);
}
}
switch ($rule) {
case 'equal':
$w = $identifier . ' = ? ';
break;
case 'notEqual':
$w = $identifier . ' != ? ';
break;
case 'major':
$w = $identifier . ' > ? ';
break;
case 'majorEqual':
$w = $identifier . ' >= ? ';
break;
case 'minor':
$w = $identifier . ' < ? ';
break;
case 'minorEqual':
$w = $identifier . ' <= ? ';
break;
case 'begins':
$w = $identifier . ' LIKE ? ';
$k = $keyword . '%';
break;
case 'ends':
$w = $identifier . ' LIKE ? ';
$k = '%' . $keyword;
break;
case 'notLike':
$w = $identifier . ' NOT LIKE ? ';
$k = '%' . $keyword . '%';
break;
case 'like':
default:
$w = $identifier . ' LIKE ? ';
$k = '%' . $keyword . '%';
}
return Phprojekt::getInstance()->getDb()->quoteInto($w, $k);
}
protected function getFilterWhere($where = null)
{
$filters = $this->getRequest()->getParam('filters', "[]");
$filters = Zend_Json_Decoder::decode($filters);
if (!empty($filters)) {
$filterClass = new Phprojekt_Filter($this->newModelObject(), $where);
foreach ($filters as $filter) {
list($filterOperator, $filterField, $filterRule, $filterValue) = $filter;
$filterOperator = Cleaner::sanitize('alpha', $filterOperator, null);
$filterField = Cleaner::sanitize('alpha', $filterField, null);
$filterRule = Cleaner::sanitize('alpha', $filterRule, null);
if (isset($filterOperator) && isset($filterField) && isset($filterRule) && isset($filterValue)) {
$filterClass->addFilter($filterField, $filterRule, $filterValue, $filterOperator);
}
}
$where = $filterClass->getWhere();
}
return $where;
}
/**
* Returns the list of events where the logged user is involved,
* for a specific period (like week or month).
*
* The function use Phprojekt_ModelInformation_Default::ORDERING_LIST for get and sort the fields.
*
* OPTIONAL request parameters:
* <pre>
* - date <b>dateStart</b> Start date for filter.
* - date <b>dateEnd</b> End date for filter.
* - integer <b>count</b> Use for SQL LIMIT count.
* - integer <b>offset</b> Use for SQL LIMIT offset.
* </pre>
*
* The return is in CSV format.
*
* @return void
*/
public function csvPeriodListAction()
{
$count = (int) $this->getRequest()->getParam('count', null);
$offset = (int) $this->getRequest()->getParam('start', null);
$db = Phprojekt::getInstance()->getDb();
$dateStart = $db->quote(Cleaner::sanitize('date', $this->getRequest()->getParam('dateStart', date("Y-m-d"))));
$dateEnd = $db->quote(Cleaner::sanitize('date', $this->getRequest()->getParam('dateEnd', date("Y-m-d"))));
$this->setCurrentProjectId();
$where = sprintf('participant_id = %d AND DATE(start_datetime) <= %s AND DATE(end_datetime) >= %s', (int) PHprojekt_Auth::getUserId(), $dateEnd, $dateStart);
$records = $this->getModelObject()->fetchAll($where, "start_datetime", $count, $offset);
Phprojekt_Converter_Csv::echoConvert($records, Phprojekt_ModelInformation_Default::ORDERING_FORM);
}
/**
* Delete the tags for one item.
*
* REQUIRES request parameters:
* <pre>
* - integer <b>id</b> id of the item.
* </pre>
*
* OPTIONAL request parameters:
* <pre>
* - string <b>moduleName</b> Name of the module.
* </pre>
*
* If there is an error, the delete will return a Zend_Controller_Action_Exception,
* if not, it returns a string in JSON format with:
* <pre>
* - type => 'success'.
* - message => Success message.
* - id => 0.
* </pre>
*
* @throws Zend_Controller_Action_Exception On missing or wrong id.
*
* @return void
*/
public function jsonDeleteTagsAction()
{
$tagObj = new Phprojekt_Tags();
$id = (int) $this->getRequest()->getParam('id');
if (empty($id)) {
throw new Zend_Controller_Action_Exception(self::ID_REQUIRED_TEXT, 400);
}
$module = Cleaner::sanitize('alnum', $this->getRequest()->getParam('moduleName', 'Project'));
$moduleId = (int) Phprojekt_Module::getId($module);
$tagObj->deleteTagsByItem($moduleId, $id);
$message = Phprojekt::getInstance()->translate('The Tags were deleted correctly');
$return = array('type' => 'success', 'message' => $message, 'id' => 0);
Phprojekt_Converter_Json::echoConvert($return);
}
/**
* Set some values deppend on the params.
*
* @return array POST values with some changes.
*/
public function setParams()
{
$args = func_get_args();
$params = $args[0];
$model = $args[1];
if (empty($params['topicDate'])) {
unset($params['topicDate']);
} else {
$params['topicDate'] = Cleaner::sanitize('date', $params['topicDate']);
}
if (empty($params['userId'])) {
unset($params['userId']);
} else {
$params['userId'] = (int) $params['userId'];
}
$params['projectId'] = $model->projectId;
$params['ownerId'] = $model->ownerId;
if (isset($params['parentOrder']) && is_numeric($params['parentOrder']) && $params['parentOrder'] > 0) {
// This item is supposed to be sorted after the given order
$params['sortOrder'] = $params['parentOrder'] + 1;
unset($params['parentOrder']);
}
return $params;
}
/**
* Set the file parameters needed by all the file actions.
*
* @return array A list with the file parameters.
*/
private function _getFileParameters()
{
$model = $this->getModelObject();
$field = Cleaner::sanitize('alnum', $this->getRequest()->getParam('field', null));
$itemId = (int) $this->getRequest()->getParam('id', null);
$this->setCurrentProjectId();
return array($model, $field, $itemId);
}
/**
* Saves the design of all the fields in the module.
*
* If the request parameter "id" is null or 0, the function will add a new module,
* if the "id" is an existing module, the function will update it.
*
* The save action will try to add or update the module table itself and the database_manager.
*
* REQUIRES request parameters:
* <pre>
* - integer <b>id</b> id of the module to save.
* - string <b>designerData</b> Data of the fields.
* - string <b>name</b> Name of the module.
* - string <b>label</b> Display of the module.
* </pre>
*
* The return is a string in JSON format with:
* <pre>
* - type => 'success' or 'error'.
* - message => Success or error message.
* - code => 0.
* - id => id of the module.
* </pre>
*
* @throws Phprojekt_PublishedException On error in the action save.
*
* @return void
*/
public function jsonSaveAction()
{
$id = (int) $this->getRequest()->getParam('id');
$data = $this->getRequest()->getParam('designerData');
$saveType = (int) $this->getRequest()->getParam('saveType');
$model = null;
$module = Cleaner::sanitize('alnum', $this->getRequest()->getParam('name', null));
$this->setCurrentProjectId();
if (empty($module)) {
$module = Cleaner::sanitize('alnum', $this->getRequest()->getParam('label'));
}
$module = ucfirst(str_replace(" ", "", $module));
if ($id > 0) {
$model = Phprojekt_Loader::getModel($module, $module);
}
if ($model instanceof Phprojekt_Item_Abstract || $id == 0) {
$databaseManager = new Phprojekt_DatabaseManager($model);
$data = Zend_Json_Decoder::decode($data);
// Validate
if ($databaseManager->recordValidate($data, $saveType)) {
// Update Table Structure
$tableData = $this->_getTableData($data);
if (!$databaseManager->syncTable($data, $module, $tableData)) {
$type = 'error';
$message = Phprojekt::getInstance()->translate('There was an error writing the table');
} else {
// Update DatabaseManager Table
$databaseManager->saveData($module, $data, $tableData);
if (empty($id)) {
$message = Phprojekt::getInstance()->translate('The table module was created correctly');
} else {
$message = Phprojekt::getInstance()->translate('The table module was edited correctly');
}
$type = 'success';
}
} else {
$error = $databaseManager->getError();
$message = $error['label'] . ': ' . $error['message'];
$type = 'error';
}
} else {
$type = 'success';
$message = null;
}
$return = array('type' => $type, 'message' => $message, 'code' => 0, 'id' => $id);
Phprojekt_Converter_Json::echoConvert($return);
}
/**
* Set some values deppend on the params
*
* Sanitize some values and calculate the minutes value.
*
* @return array
*/
public function setParams()
{
$args = func_get_args();
$params = $args[0];
$model = $args[1];
$params['startDatetime'] = Cleaner::sanitize('datetime', $params['startDatetime']);
if (isset($params['endTime'])) {
$params['endTime'] = Cleaner::sanitize('time', $params['endTime']);
if ($params['endTime'] == '') {
unset($params['endTime']);
}
}
$params['projectId'] = (int) $params['projectId'];
$params['notes'] = Cleaner::sanitize('string', $params['notes']);
if (isset($params['endTime']) && isset($params['startDatetime'])) {
$params['minutes'] = Timecard_Models_Timecard::getDiffTime($params['endTime'], substr($params['startDatetime'], 11));
} else {
if (!isset($params['endTime'])) {
$params['minutes'] = 0;
} else {
$params['minutes'] = Timecard_Models_Timecard::getDiffTime($params['endTime'], substr($model->startDatetime, 11));
}
}
return $params;
}
/**
* Sanitize all the parsams.
*
* @return array Array with the form values.
*/
private function _setParams()
{
return array('serverType' => Cleaner::sanitize('string', $this->getRequest()->getParam('serverType')), 'dbHost' => Cleaner::sanitize('string', $this->getRequest()->getParam('dbHost')), 'dbUser' => Cleaner::sanitize('string', $this->getRequest()->getParam('dbUser')), 'dbPass' => Cleaner::sanitize('string', $this->getRequest()->getParam('dbPass')), 'dbName' => Cleaner::sanitize('string', $this->getRequest()->getParam('dbName')), 'adminPass' => Cleaner::sanitize('string', $this->getRequest()->getParam('adminPass')), 'adminPassConfirm' => Cleaner::sanitize('string', $this->getRequest()->getParam('adminPassConfirm')), 'testPass' => Cleaner::sanitize('string', $this->getRequest()->getParam('testPass')), 'testPassConfirm' => Cleaner::sanitize('string', $this->getRequest()->getParam('testPassConfirm')), 'migrationConfigFile' => Cleaner::sanitize('string', $this->getRequest()->getParam('migrationConfigFile')), 'diffToUtc' => Cleaner::sanitize('integer', $this->getRequest()->getParam('diffToUtc')), 'useExtraData' => (int) $this->getRequest()->getParam('useExtraData'));
}
/**
* Deletes a file and then renders the upload.phtml template.
*
* This function draws the upload field in the form.
*
* OPTIONAL request parameters:
* <pre>
* - string <b>moduleName</b> Current module name.
* - string <b>field</b> Name of the field in the module.
* - integer <b>id</b> Id of the current item.
* - integer <b>order</b> Position of the file (Can be many uploaded files in the same field).
* </pre>
*
* @return void
*/
public function fileDeleteAction()
{
$module = Cleaner::sanitize('alnum', $this->getRequest()->getParam('moduleName', 'Project'));
$field = Cleaner::sanitize('alnum', $this->getRequest()->getParam('field', null));
$itemId = (int) $this->getRequest()->getParam('id', null);
$order = (int) $this->getRequest()->getParam('order', 0);
$this->getResponse()->clearHeaders();
$this->getResponse()->clearBody();
$linkBegin = Phprojekt::getInstance()->getConfig()->webpath . 'index.php/Default/File/';
$model = Phprojekt_Loader::getModel($module, $module);
$this->_fileCheckParamField($model, $field);
$this->_fileCheckWritePermission($model, $itemId);
$filesIn = explode('||', $_SESSION['uploadedFiles_' . $field]);
$this->_fileCheckParamOrder($order, count($filesIn));
// Delete the file name and md5 from the string
$filesOut = '';
$i = 1;
foreach ($filesIn as $file) {
if ($i != $order) {
if ($filesOut != '') {
$filesOut .= '||';
}
$filesOut .= $file;
} else {
// Delete the file from the server
$md5Name = substr($file, 0, strpos($file, '|'));
$fileAbsolutePath = Phprojekt::getInstance()->getConfig()->uploadPath . $md5Name;
if (preg_match("/^[A-Fa-f0-9]{32,32}\$/", $md5Name) && file_exists($fileAbsolutePath)) {
unlink($fileAbsolutePath);
}
}
$i++;
}
$_SESSION['uploadedFiles_' . $field] = $filesOut;
$this->_fileRenderView($linkBegin, $module, $itemId, $field, $filesOut, true);
}
/**
* Collect all the js files in the module folder, and return it as one.
*
* OPTIONAL request parameters:
* <pre>
* - string <b>name</b> Name of the module to consult.
* </pre>
*
* @return void
*/
public function moduleAction()
{
$scripttext = '';
$module = Cleaner::sanitize('alnum', $this->getRequest()->getParam('name', null));
$module = ucfirst(str_replace(" ", "", $module));
// Load the module
if (is_dir(PHPR_USER_CORE_PATH . $module . '/Views/dojo/scripts/')) {
$scripts = scandir(PHPR_USER_CORE_PATH . $module . '/Views/dojo/scripts/');
} else {
$scripts = array();
}
$scripttext .= $this->_getModuleScripts(PHPR_USER_CORE_PATH, $scripts, $module);
$scripttext .= '
phpr.pageManager.deregister(\'' . $module . '\');
phpr.pageManager.register(
new phpr.' . $module . '.Main()
);
';
$this->_send($this->_collectTemplates() . $scripttext);
}
/**
* Executes the login by json using the username and password.
*
* OPTIONAL request parameters:
* <pre>
* - string <b>username</b> Username for login.
* - string <b>password</b> Password for login.
* </pre>
*
* The return is a string in JSON format with:
* <pre>
* - type => 'success' or 'error'.
* - message => Success or error message.
* </pre>
*
* @return void
*/
public function jsonLoginAction()
{
$username = Cleaner::sanitize('xss', $this->getRequest()->getParam('username', null));
$password = Cleaner::sanitize('xss', $this->getRequest()->getParam('password', null));
try {
$success = Phprojekt_Auth::login($username, $password);
if ($success === true) {
$return = array('type' => 'success', 'message' => '');
}
} catch (Phprojekt_Auth_Exception $error) {
$return = array('type' => 'error', 'message' => $error->getMessage());
}
$this->_helper->viewRenderer->setNoRender();
$this->view->clearVars();
Phprojekt_Converter_Json::echoConvert($return);
}
/**
* Collect all the js files in the module folder, and return it as one.
*
* OPTIONAL request parameters:
* <pre>
* - string <b>name</b> Name of the module to consult.
* </pre>
*
* @return void
*/
public function moduleAction()
{
$module = Cleaner::sanitize('alnum', $this->getRequest()->getParam('name', null));
$module = ucfirst(str_replace(" ", "", $module));
// Load the module
if (is_dir(PHPR_CORE_PATH . '/' . $module . '/Views/dojo/scripts/')) {
$scripts = scandir(PHPR_CORE_PATH . '/' . $module . '/Views/dojo/scripts/');
} else {
$scripts = array();
}
echo 'dojo.registerModulePath' . '("phpr.' . $module . '", "../../../application/' . $module . '/Views/dojo/scripts");';
echo $this->_getModuleScripts($scripts, $module);
// Preload the templates and save them into __phpr_templateCache
foreach ($this->_templates as $templateData) {
$content = str_replace("'", "\\" . "'", $templateData['contents']);
$content = str_replace("<", "<' + '", $content);
echo '
__phpr_templateCache["phpr.' . $templateData['module'] . '.template.' . $templateData['name'] . '"] = \'' . $content . '\';';
}
echo '
this.' . $module . ' = new phpr.' . $module . '.Main();
';
}
/**
* Saves the settings for one module.
*
* OPTIONAL request parameters:
* <pre>
* - string <b>moduleName</b> Name of the module.
* - mixed <b>all other module fields</b> All the fields values to save.
* </pre>
*
* The return is a string in JSON format with:
* <pre>
* - type => 'success' or 'error'.
* - message => Success or error message.
* - code => 0.
* - id => 0.
* </pre>
*
* @throws Phprojekt_PublishedException On error in the action save or wrong id.
*
* @return void
*/
public function jsonSaveAction()
{
$module = Cleaner::sanitize('alnum', $this->getRequest()->getParam('moduleName', null));
$this->setCurrentProjectId();
$setting = Phprojekt_Loader::getLibraryClass('Phprojekt_Setting');
$setting->setModule($module);
$message = $setting->validateSettings($this->getRequest()->getParams());
if (!empty($message)) {
$type = "error";
} else {
$message = Phprojekt::getInstance()->translate(self::EDIT_TRUE_TEXT);
$setting->setSettings($this->getRequest()->getParams());
$type = "success";
}
$return = array('type' => $type, 'message' => $message, 'code' => 0, 'id' => 0);
Phprojekt_Converter_Json::echoConvert($return);
}
/**
* Sanitizes an item in the wrapped scope to a certain type.
*
* @param string $type Type of parameter/item to sanitize.
* @param string $name Name of parameter / Name of item in scope.
* @param mixed $default Return value, if parameter/item is null/empty/...
* @param boolean $empty Must parameter/item be not null or empty.
* @param object $messages Messages generated while sanitizing.
*
* @return mixed Sanitized value.
*/
public function sanitize($type, $name, $default = null, $empty = false, $messages = null)
{
$value = isset($this->_scope[$name]) ? $this->_scope[$name] : null;
return Cleaner::sanitize($type, $value, $default, $empty, $messages);
}
