/**
*
* @param string $rowId
* @param string[] $columnsToFill
* @return boolean
*/
public function updateRowFromPost($rowId, $columnsToFill)
{
$siteBasePath = WOOOF::$instance->getConfigurationFor('siteBasePath');
$imagesRelativePath = WOOOF::$instance->getConfigurationFor('imagesRelativePath');
global $__isAdminPage;
if (!is_array($columnsToFill)) {
WOOOF::$instance->log(WOOOF_loggingLevels::WOOOF_ERROR, self::_ECP . "0110 " . 'Update from post failed as no array with columns to update was provided!');
return FALSE;
}
$query1 = 'update ' . $this->tableName . ' set';
$query = '';
$error = '';
$columnsToFill = array_values($columnsToFill);
$pleaseNoComma = false;
for ($q = 0; $q < count($columnsToFill); $q++) {
$succ = TRUE;
if (!isset($_POST[$columnsToFill[$q]]) && !isset($_POST[$columnsToFill[$q] . '4']) && !isset($_POST[$columnsToFill[$q] . '1']) && !isset($_FILES[$columnsToFill[$q]])) {
WOOOF::$instance->debug("Warning in updateRowFromPost: Column to fill [{$columnsToFill[$q]}] does not appear in POST or FILES.");
continue;
}
// antonis
$skipColumn = array();
if ($columnsToFill[$q] != 'id' && isset($this->columns[$columnsToFill[$q]])) {
if (isset($skipColumn[$columnsToFill[$q]]) && $skipColumn[$columnsToFill[$q]] == TRUE) {
continue;
}
if ($query != '') {
if ($pleaseNoComma) {
$pleaseNoComma = false;
} else {
$query .= ',';
}
}
$metaData = $this->columns[$columnsToFill[$q]]->getColumnMetaData();
$trimmedOrderingColumn = trim(str_replace('desc', '', $this->getOrderingColumnForListings()));
$trimmedOrderingColumn = trim(str_replace('asc', '', $trimmedOrderingColumn));
if ($trimmedOrderingColumn == $columnsToFill[$q] && (isset($_POST[$columnsToFill[$q]]) && (trim($_POST[$columnsToFill[$q]]) == '0' || trim($_POST[$columnsToFill[$q]]) == '')) && $metaData['type'] == WOOOF_dataBaseColumnTypes::int) {
$oR = $this->dataBase->query('select max(' . $trimmedOrderingColumn . ') as maxOrd from ' . $this->tableName);
if ($oR !== FALSE && $this->dataBase->getNumRows($oR) > 0) {
$o = $this->dataBase->fetchAssoc($oR);
$_POST[$columnsToFill[$q]] = $o['maxOrd'] + 10;
} else {
WOOOF::$instance->log(WOOOF_loggingLevels::WOOOF_ERROR, 'No maximum ' . $trimmedOrderingColumn . ' was returned from database uppon insert of new row.');
}
}
if ($metaData['presentationType'] == WOOOF_columnPresentationTypes::file) {
$externalFileId = $this->handleFileUpload($columnsToFill[$q]);
if ($externalFileId === FALSE) {
//die('File Upload Failure!');
WOOOf::$instance->log(WOOOF_loggingLevels::WOOOF_NOTICE, self::_ECP . "0120 " . 'No file uploaded or file upload error for \'' . $columnsToFill[$q] . '\'.');
$pleaseNoComma = true;
} else {
$query .= ' ' . $columnsToFill[$q] . '=\'' . $externalFileId . '\'';
}
} elseif ($metaData['presentationType'] == WOOOF_columnPresentationTypes::picture && isset($_FILES[$columnsToFill[$q]])) {
if (trim($metaData['presentationParameters']) != '') {
$outputPath = $siteBasePath . $metaData['presentationParameters'];
} else {
$outputPath = $siteBasePath . $imagesRelativePath;
}
$fromFile = $outputPath . WOOOF::randomString(10) . '_' . $_FILES[$columnsToFill[$q]]['name'];
$mvResult = move_uploaded_file($_FILES[$columnsToFill[$q]]['tmp_name'], $fromFile);
if ($mvResult) {
if ($metaData['resizeWidth'] != '') {
$choppedFile = '';
$filePieces = explode('.', $_FILES[$columnsToFill[$q]]['name']);
for ($b = 0; $b < count($filePieces) - 1; $b++) {
$choppedFile .= $filePieces[$b] . '.';
}
$choppedFile .= 'jpg';
$targetFilename = $this->tableId . '_' . $metaData['columnId'] . '_' . $rowId . '_' . $choppedFile;
WOOOF::resizePicture($fromFile, $outputPath . $targetFilename, $metaData['resizeWidth'], $metaData['resizeHeight']);
$query .= ' ' . $columnsToFill[$q] . '=\'' . WOOOF::$instance->cleanUserInput($targetFilename) . '\'';
if ($metaData['thumbnailWidth'] != '') {
WOOOF::resizePicture($fromFile, $outputPath . 'thumb_' . $targetFilename, $metaData['thumbnailWidth'], $metaData['thumbnailHeight']);
if ($metaData['thumbnailColumn'] != '') {
$this->dataBase->query('update ' . $this->tableName . ' set ' . $metaData['thumbnailColumn'] . '=\'' . 'thumb_' . $targetFilename . '\' where id=\'' . $rowId . '\'');
}
}
if ($metaData['midSizeWidth'] != '') {
WOOOF::resizePicture($fromFile, $outputPath . 'mid_' . $targetFilename, $metaData['midSizeWidth'], $metaData['midSizeHeight']);
if ($metaData['thumbnailColumn'] != '') {
$this->dataBase->query('update ' . $this->tableName . ' set ' . $metaData['midSizeColumn'] . '=\'' . 'mid_' . $targetFilename . '\' where id=\'' . $rowId . '\'');
}
}
unlink($fromFile);
} else {
//echo basename(WOOOF::$instance->cleanUserInput($fromFile));
$query .= ' ' . $columnsToFill[$q] . '=\'' . basename(WOOOF::$instance->cleanUserInput($fromFile)) . '\'';
//exit;
}
} else {
WOOOf::$instance->log(WOOOF_loggingLevels::WOOOF_ERROR, self::_ECP . "0130 " . 'File upload error for \'' . $columnsToFill[$q] . '\': File was uploaded but move failed to the designated directory.');
$query .= ' ' . $columnsToFill[$q] . '=' . $columnsToFill[$q];
}
} elseif ($metaData['presentationType'] == WOOOF_columnPresentationTypes::htmlText) {
if (!$__isAdminPage) {
require_once 'HTMLPurifier.standalone.php';
$config = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($config);
if (!is_object($purifier)) {
WOOOf::$instance->log(WOOOF_loggingLevels::WOOOF_ERROR, self::_ECP . "0140 " . 'Html purification for \'' . $columnsToFill[$q] . '\' failed. Object was not initialized. Posted information was not entered in the database for security reasons.');
return FALSE;
} else {
$query .= ' ' . $columnsToFill[$q] . '=\'' . $this->dataBase->escape($purifier->purify($_POST[$columnsToFill[$q]])) . '\'';
}
} else {
$query .= ' ' . $columnsToFill[$q] . '=\'' . $this->dataBase->escape($_POST[$columnsToFill[$q]]) . '\'';
}
} elseif ($metaData['presentationType'] == WOOOF_columnPresentationTypes::date || $metaData['presentationType'] == WOOOF_columnPresentationTypes::time || $metaData['presentationType'] == WOOOF_columnPresentationTypes::dateAndTime) {
if ($metaData['isReadOnly'] || $metaData['isReadOnlyAfterFirstUpdate']) {
$pleaseNoComma = true;
continue;
}
$tempDate = WOOOF::buildDateTimeFromAdminPost($columnsToFill[$q], $metaData['presentationType']);
if ($this->columns[$columnsToFill[$q]]->checkValue($tempDate) === FALSE) {
return FALSE;
}
$query .= ' ' . $columnsToFill[$q] . '=\'' . WOOOF::$instance->cleanUserInput($tempDate) . '\'';
} else {
if ($this->columns[$columnsToFill[$q]]->checkValue($_POST[$columnsToFill[$q]]) === FALSE) {
return FALSE;
}
$query .= ' ' . $columnsToFill[$q] . '=\'' . WOOOF::$instance->cleanUserInput($_POST[$columnsToFill[$q]]) . '\'';
// $succ = $this->columns[$columnsToFill[$q]]->checkValue($_POST[$columnsToFill[$q]]);
if (trim($metaData['orderingMirror']) != '') {
$query .= ', ' . $metaData['orderingMirror'] . ' = \'' . WOOOF::customOrderTranslation(WOOOF::$instance->cleanUserInput($_POST[$columnsToFill[$q]])) . '\'';
$skipColumn[$metaData['orderingMirror']] = TRUE;
}
}
}
}
if ($succ === FALSE) {
return FALSE;
}
if (trim($query) == '') {
WOOOf::$instance->log(WOOOF_loggingLevels::WOOOF_ERROR, self::_ECP . "0150 " . 'No columns to update.');
return FALSE;
}
$query = $query1 . $query . ' where id=\'' . WOOOF::$instance->cleanUserInput($rowId) . '\'';
//echo $query;
$result = $this->dataBase->query($query);
return $result === FALSE ? FALSE : TRUE;
}
