public function update(Entity $entity)
{
$tag = "EntityDAO: update()";
Log::notice("{$tag}");
$entity_id = $entity->getId();
if (empty($entity_id)) {
Log::error("{$tag}: Entity id is not set");
throw new Exception("Entity id is not set");
}
$errs = EntityValidator::validate($entity);
if (count($errs) > 0) {
Log::error("{$tag}: Entity has validation errors");
throw new Exception("Entity has validation errors");
}
$blueprint = $this->blueprint;
$timezone_offset = $this->timezone_offset_modify;
$query = "UPDATE " . $this->tableName() . " SET ";
foreach ($blueprint->fields() as $field) {
$key = $field->getKey();
$value = $entity->get($key);
$encType = $field->getEncType();
if (!empty($value) || $value == "0") {
// Handle encoded fields
if (!empty($encType) && $encType != "plain") {
// Determine if encoded field value should be replaced
// Load the existing entity to compare to the updated entity
try {
$existingEntity = $this->load($entity_id);
$currentEncodedValue = $existingEntity->get("{$key}");
if ($currentEncodedValue == $value) {
// Do not update this already encoded value
$value = $value;
// does nothing
Log::debug("{$tag}: Leaving encrypted value for {$key} alone");
} else {
$value = hash($encType, $value);
Log::debug("{$tag}: Encrypted value for {$key}: {$value}");
}
} catch (Exception $e) {
Log::error("{$tag}: Exception: " . $e->getMessage());
throw $e;
}
}
switch ($field->getDataType()) {
case "int":
$query .= "{$key}={$value}";
break;
case "decimal":
case "date":
$query .= "{$key}='{$value}'";
break;
case "datetime":
case "time":
$query .= "{$key}=CONVERT_TZ('{$value}', '{$timezone_offset}', '" . BPTimezone::UTC . "')";
break;
case "enum":
$query .= "{$key}='{$value}'";
break;
case "string":
case "text":
case "binary":
$value = DatabaseSanitizer::sanitize($value);
$query .= "{$key}='{$value}'";
break;
}
} else {
$query .= "{$key}=NULL";
}
$query .= ", ";
}
// END: foreach($blueprint->fields() as $field)
$query = substr($query, 0, strlen($query) - 2);
// remove trailing comma and space (", ")
$query .= " WHERE id=" . $entity_id;
$sql = new DatabaseUpdate($query, "update");
try {
$sql->doUpdate();
return $entity_id;
} catch (Exception $e) {
Log::error("{$tag}: [" . $sql->err_code . "] " . $sql->err_message);
throw $e;
}
}
} else {
$entity->set($key, NULL);
// this is required since this field could have been over written by init($_POST)
}
}
} else {
// New Entity
$entity->set($key, NULL);
$entity->length($key, 0);
}
}
}
// END: if($field->getDataType() == "binary")
}
// Re-Validate Entity (after processing uploads)
$errs = EntityValidator::validate($entity);
if (count($errs) == 0) {
if ($entityId) {
/*
// Update an existing Entity
*/
try {
// Make sure the user has permission to perform this action
if (BPConfig::$guardian_enable !== true || Guardian::authorize(Session::user(BPConfig::$guardian_identity_session_key), "UPDATE", $entityBP->getKey(), $entityId)) {
$dao->update($entity);
$responseNode->appendChild($dom->createElement("status", "success"));
$responseNode->appendChild($dom->createElement("message", "Updated {$entitySignature} ({$entityId})"));
} else {
Log::warning("* Guardian denied access to update " . $entityBP->getKey() . " with ID {$entityId}");
$responseNode->appendChild($dom->createElement("status", "error"));
$responseNode->appendChild($dom->createElement("message", "Access Denied"));
