$role_user = \Sop\Session::getSiteData('role_user'); $user_id = \Sop\Session::getSiteData('user_id'); $pj_id = \Sop\Request::requiredValue('pj_id'); $sop_id = \Sop\Request::requiredValue('sop_id'); $tpl_id = \Sop\Request::requiredValue('tpl_id'); $new_aprv_flg = \Sop\Request::requiredValue('new_aprv_flg'); // --- 関連付く schema を全て取得 $sql = getSQLBaseForSchemaList(); $sql .= " AND `schema`.tpl_id = :tpl_id"; foreach (R::getAll($sql, array(':tpl_id' => $tpl_id)) as $schema) { // sopimageの場合、入力フォームが設定されていない場合は許可しない。 if ($schema['schema_type'] == $SCHEMA_TYPE_SRC) { $sql = getSQLBaseForFormList(); $sql .= " AND form.tpl_id = :tpl_id"; if (count(R::getAll($sql, array(':tpl_id' => $tpl_id))) == 0) { \Sop\Log::warning(__FILE__, __LINE__, 'There is no associated form.'); $msg001 = ""; // 入力フォームを追加してから申請してください。 \Sop\Api::exitWithError(array($msg001)); } } } // --------------------------- // 承認可能状態に変更 // --------------------------- $db->beginTransaction(); $date = date("Y-m-d H:i:s"); // --- TBL: tpl $rslt = updTplTransitAprv($db, $tpl_id, $new_aprv_flg); if (!$rslt) { \Sop\Log::error(__FILE__, __LINE__, 'Failed to update tpl.');
// ファイル情報取得 // --------------------------- // --- tpl データ存在チェック $sel_sql = getSQLBaseForTplList(); $sel_sql .= " AND tpl.tpl_id = :tpl_id"; $sql = "SELECT count(*) cnt FROM ({$sel_sql}) as tmp"; $params = array(); $params[':tpl_id'] = $tpl_id; $stmt = $db->prepare($sql); $stmt->execute($params); $cnt = 0; foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { $cnt = (int) $row['cnt']; } if ($cnt == 0) { \Sop\Log::warning(__FILE__, __LINE__, 'User tries to get non-existent sop.'); $msg005 = "The object of data already has been deleted."; // 対象のデータは既に削除されています \Sop\Api::exitWithError(array($msg005)); } // --- schema 取得 $sql = getSQLBaseForSchemaList(); $sql .= " AND schema.tpl_id = :tpl_id AND v_tpl.grp_id = :grp_id"; $params = array(); $params[':tpl_id'] = $tpl_id; $params[':grp_id'] = $grp_id; $stmt = $db->prepare($sql); $stmt->execute($params); $schema = null; foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { $schema = $row;
<?php include_once __DIR__ . "/../../sop/src/config.php"; include_once __DIR__ . "/../../sop/src/db_common.php"; \Sop\Database::setupRedBean(); /** * ログイン */ $user = \Sop\Login::getUser(); // --- ロール判定(管理権限がないとエラー) if (!$user['admin_flag']) { $msg001 = "You do not hava the permission."; // 権限がありません $message = array($msg001); \Sop\Log::warning(__FILE__, __LINE__, 'User (' . $user['user_id'] . ') does not have role.'); \Sop\Login::exitWithLoginError($message, $message); } \Sop\Login::registerToSession($user); \Sop\Login::exitWithSuccess();
\Sop\Api::exitWithError(array($msg001)); } // --- データ存在チェック $sel_sql = getSQLBaseForPjList(); $sel_sql .= " AND pj.pj_id = :pj_id"; $sql = "SELECT count(*) cnt FROM ({$sel_sql}) as tmp"; $params = array(); $params[':pj_id'] = $pj_id; $stmt = $db->prepare($sql); $stmt->execute($params); $cnt = 0; foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { $cnt = (int) $row['cnt']; } if ($cnt == 0) { \Sop\Log::warning(__FILE__, __LINE__, 'User tries to delete non-existent project.'); $msg002 = "The data already has been deleted."; // 対象のデータは既に削除されています \Sop\Api::exitWithError(array($msg002)); } // --- 関連付く schema の file_path を全て取得 $sql = getSQLBaseForSchemaList(); $sql .= " AND `schema`.pj_id = :pj_id"; $params = array(); $params[':pj_id'] = $pj_id; $stmt = $db->prepare($sql); $stmt->execute($params); $file_path_list = array(); foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { array_push($file_path_list, $row['file_path']); if ($row['schema_type'] == $SCHEMA_TYPE_SRC) {
\Sop\Api::exitWithError(array($meg001)); } // --- データ存在チェック $sel_sql = getSQLBaseForTplList(); $sel_sql .= " AND tpl.tpl_id = :tpl_id"; $sql = "SELECT count(*) cnt FROM ({$sel_sql}) as tmp"; $params = array(); $params[':tpl_id'] = $tpl_id; $stmt = $db->prepare($sql); $stmt->execute($params); $cnt = 0; foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { $cnt = (int) $row['cnt']; } if ($cnt == 0) { \Sop\Log::warning(__FILE__, __LINE__, 'sop is already deleted.'); $msg002 = "The data already has been deleted."; // 対象のデータは既に削除されています \Sop\Api::exitWithError(array($msg002)); } // --------------------------- // データ登録 // --------------------------- $db->beginTransaction(); // 既存のデータを削除する。 delForm($db, $tpl_id); $div = 'upd'; foreach ($form_list as $form) { $form_id = array_key_exists('form_id', $form) ? $form['form_id'] : ''; $div = trim($form_id) == '' ? 'add' : 'upd'; $x = $form['x'];
$tpl_name = array_key_exists('tpl_name', $_REQUEST) ? $_REQUEST['tpl_name'] : ''; $upld_cmnt = array_key_exists('upld_cmnt', $_REQUEST) ? $_REQUEST['upld_cmnt'] : ''; // --- データ存在チェック (親データ) $sel_sql = getSQLBaseForTplList(); $sel_sql .= " AND tpl.tpl_id = :tpl_id"; $sql = "SELECT count(*) cnt FROM ({$sel_sql}) as tmp"; $params = array(); $params[':tpl_id'] = $tpl_id; $stmt = $db->prepare($sql); $stmt->execute($params); $cnt = 0; foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { $cnt = (int) $row['cnt']; } if ($cnt == 0) { \Sop\Log::warning(__FILE__, __LINE__, 'Specified template does not exist.'); $msg001 = "The template already has been deleted."; // テンプレートは既に削除されています \Sop\Api::exitWithError(array($msg001)); } //データの取得 $params = array(); $params[':tpl_id'] = $tpl_id; $stmt = $db->prepare($sel_sql); $stmt->execute($params); foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { $schema_id = (int) $row['schema_id']; } // --------------------------- // データ登録 // ---------------------------
} // --- Wordファイルダウンロード(Wordファイルダウンロード ボタン押下時) if ($btn == 'src') { $sql = getSQLBaseForSchemaList(); $sql .= " AND schema.tpl_id = :tpl_id AND schema.schema_type = :schema_type"; $params = array(); $params[':tpl_id'] = $tpl_id; $params[':schema_type'] = $SCHEMA_TYPE_SRC; $stmt = $db->prepare($sql); $stmt->execute($params); $schema = null; foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { $schema = $row; } if ($schema == null) { \Sop\Log::warning(__FILE__, __LINE__, 'Specified schema does not exist.'); $msg004 = "The data already has been deleted."; // 対象のデータは既に削除されています \Sop\Api::exitWithError(array($msg004)); } $info = pathinfo($schema['file_path']); $extensionList = array('.doc', '.docx'); foreach ($extensionList as $i) { $file_path = str_replace(".{$info['extension']}", $i, $row['file_path']); if (file_exists($file_path)) { $file_name = $schema['original_filename'] . $i; break; } } } // ---------------------------
$params = array(); $params[':tpl_id'] = $tpl_id; $stmt = $db->prepare($sql); $stmt->execute($params); $schema_list = array(); foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { $schema = $row; if ($schema['schema_type'] == $SCHEMA_TYPE_SRC) { $html = str_replace(array("\r\n", "\r", "\n", "\t"), '', file_get_contents($schema['file_path'])); $html = \Sop\Form::replaceFormInjectionTag($html, $tpl_id); $schema['config'] = $html; } if ($schema['schema_type'] == $SCHEMA_TYPE_TBL) { $schema['config'] = getSchemaVcfgForExt($db, $schema['schema_id']); } array_push($schema_list, $schema); } if (count($schema_list) == 0) { \Sop\Log::warning(__FILE__, __LINE__, 'There is not associated schema.'); $msg002 = "There is not the schema information."; // スキーマ情報が存在しません \Sop\Api::exitWithError(array($msg002)); } // --------------------------- // 終了処理 // --------------------------- $db = null; $msg003 = "The system succeeded in an accession to the data."; // データの取得に成功しました echo json_encode(array('success' => true, 'msg' => \Sop\Api::htmlEncodeLines(array($msg003)), 'schema_list' => $schema_list)); exit;
\Sop\Api::exitWithError(array($msg001)); } // --- データ存在チェック $sel_sql = getSQLBaseForSopList(); $sel_sql .= " AND sop.sop_id = :sop_id"; $sql = "SELECT count(*) cnt FROM ({$sel_sql}) as tmp"; $params = array(); $params[':sop_id'] = $sop_id; $stmt = $db->prepare($sql); $stmt->execute($params); $cnt = 0; foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { $cnt = (int) $row['cnt']; } if ($cnt == 0) { \Sop\Log::warning(__FILE__, __LINE__, 'User tried to delete non-existent sop.'); $msg002 = "The data already has been deleted."; // 対象のデータは既に削除されています \Sop\Api::exitWithError(array($msg003)); } // --- 関連付く schema の file_path を全て取得 $sql = getSQLBaseForSchemaList(); $sql .= " AND schema.sop_id = :sop_id"; $params = array(); $params[':sop_id'] = $sop_id; $stmt = $db->prepare($sql); $stmt->execute($params); $file_path_list = array(); foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { array_push($file_path_list, $row['file_path']); if ($row['schema_type'] == $SCHEMA_TYPE_SRC) {
\Sop\Api::exitWithError(array($msg001)); } // --- データ存在チェック $sel_sql = getSQLBaseForTplList(); $sel_sql .= " AND tpl.tpl_id = :tpl_id"; $sql = "SELECT count(*) cnt FROM ({$sel_sql}) as tmp"; $params = array(); $params[':tpl_id'] = $tpl_id; $stmt = $db->prepare($sql); $stmt->execute($params); $cnt = 0; foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { $cnt = (int) $row['cnt']; } if ($cnt == 0) { \Sop\Log::warning(__FILE__, __LINE__, 'User tries to delete non-existent template.'); $msg002 = "The data already has been deleted."; // \Sop\Api::exitWithError(array($msg002)); } // --- 関連付く schema の file_path を全て取得 $sql = getSQLBaseForSchemaList(); $sql .= " AND schema.tpl_id = :tpl_id"; $params = array(); $params[':tpl_id'] = $tpl_id; $stmt = $db->prepare($sql); $stmt->execute($params); $file_path_list = array(); foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { array_push($file_path_list, $row['file_path']); if ($row['schema_type'] == $SCHEMA_TYPE_SRC) {
$div = trim($grp_id) == '' ? 'add' : 'upd'; if ($div == 'upd') { // --- 存在チェック $sel_sql = getSQLBaseForGrp(); $sel_sql .= " AND grp_id = :grp_id"; $sql = "SELECT count(*) cnt FROM ({$sel_sql}) as tmp"; $params = array(); $params[':grp_id'] = $grp_id; $stmt = $db->prepare($sql); $stmt->execute($params); $cnt = 0; foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { $cnt = (int) $row['cnt']; } if ($cnt == 0) { \Sop\Log::warning(__FILE__, __LINE__, 'User tried to update non-existent group.'); $msg001 = "This group already has been deleted."; // このグループは既に削除されています \Sop\Api::exitWithError(array($msg001)); } } // --------------------------- // データ登録 // --------------------------- $db->beginTransaction(); if ($div == 'add') { // --- TBL: grp $grp_id = -1; $rslt = addGrp($db, $grp_id, $grp_name); if (!$rslt) { \Sop\Log::error(__FILE__, __LINE__, 'Failed to insert group.');
// 展開先ディレクトリの作成に失敗しました。 \Sop\Api::exitWithError(array($msg008)); } } $zip->extractTo($extract_dir); $zip->close(); // 1.png が存在するかチェックする。 if (!file_exists("{$extract_dir}/1.png")) { // ない場合は展開済みのファイルを削除。 $pageList = glob("{$extract_dir}/*.png"); foreach ($pageList as $imagefilepath) { // error_log("unlink: " . $imagefilepath ); unlink($imagefilepath); } rmdir($extract_dir); \Sop\Log::warning(__FILE__, __LINE__, 'Invalid sopimage is uploaded.'); $msg009 = "This is not a suitable sopimage file."; // 対応してないsopimageファイルです。 \Sop\Api::exitWithError(array($msg009)); } else { $upload_dir = "{$DATA_DIR_PATH_FILE}/{$pj_id}_{$sop_id}_{$tpl_id}_{$schema_id}"; rename($extract_dir, $upload_dir); } } $fd = NULL; $zip = NULL; // 後続処理で使うため、変数定義はする。 $file_path = "{$DATA_DIR_PATH_FILE}/{$pj_id}_{$sop_id}_{$tpl_id}_{$schema_id}.{$ext}"; // 移動先ファイルパス } else { $file_path = "{$DATA_DIR_PATH_FILE}/{$pj_id}_{$sop_id}_{$tpl_id}_{$schema_id}.{$ext}";
$params[':user_id'] = $user_id; $stmt = $db->prepare($sql); $stmt->execute($params); $cnt = 0; foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { $cnt = (int) $row['cnt']; } if ($cnt == 0) { \Sop\Log::warning(__FILE__, __LINE__, 'User tried to delete non-existent user.'); $msg001 = "This usr already has been delted."; // このユーザーは既に削除されています \Sop\Api::exitWithError(array($msg001)); } // 自分自身は削除不可 if (\Sop\Session::getSiteData('user_id') == $user_id) { \Sop\Log::warning(__FILE__, __LINE__, 'User tried to delete oneself.'); $msg002 = "You can not delete oneself."; // 自分自身は削除できません。 \Sop\Api::exitWithError(array($msg002)); } // --------------------------- // データ削除 // --------------------------- $db->beginTransaction(); // --- TBL: user $rslt = delUser($db, $user_id); if (!$rslt) { \Sop\Log::error(__FILE__, __LINE__, 'Failed to delete user.'); $msg003 = "The delete failed.: user"; // 削除に失敗しました: user \Sop\Api::exitWithError(array($msg003));
} // --- 重複行が存在する場合 $smpl_list = file($file_path, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $smpl_list_unique = array_unique($smpl_list); if (count($smpl_list) != count($smpl_list_unique)) { unlink($file_path); \Sop\Log::warning(__FILE__, __LINE__, 'Duplicate lines in smpl file.'); $msg008 = "There are redundant lines in the sample file."; // サンプルファイルに重複行が存在します \Sop\Api::exitWithError(array($msg008)); } // --- 無効な文字が存在する場合 $smpl_file = file_get_contents($file_path); if (strpos($smpl_file, "'") !== false || strpos($smpl_file, '"') !== false) { unlink($file_path); \Sop\Log::warning(__FILE__, __LINE__, 'Invalid characters in smpl file.'); $msg009 = "You do not use ['] and [\"]."; // 「'」「\"」は使用できません" \Sop\Api::exitWithError(array($msg009)); } // --- 文字コード変換 $file_src = mb_convert_encoding(file_get_contents($file_path), "UTF-8", "SJIS-win"); // 文字コード変換 file_put_contents($file_path, $file_src); // 一旦ファイル内容保存 // --------------------------- // データ登録 // --------------------------- $db->beginTransaction(); if ($div == 'add') { // --- TBL: pj
\Sop\Api::exitWithError(array($msg001)); } // --- ユーザー 存在チェック $sel_sql = getSQLBaseForUserGrp(); $sel_sql .= " WHERE grp_id = :grp_id"; $sql = "SELECT count(*) cnt FROM ({$sel_sql}) as tmp"; $params = array(); $params[':grp_id'] = $grp_id; $stmt = $db->prepare($sql); $stmt->execute($params); $cnt = 0; foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $row) { $cnt = (int) $row['cnt']; } if ($cnt > 0) { \Sop\Log::warning(__FILE__, __LINE__, 'User tried to delete group that has users.'); $msg002 = "Please delete an user that belong to this group."; // このグループに所属するユーザーを削除してください \Sop\Api::exitWithError(array($msg002)); } // --------------------------- // データ削除 // --------------------------- $db->beginTransaction(); // --- TBL: grp $rslt = delGrp($db, $grp_id); if (!$rslt) { \Sop\Log::error(__FILE__, __LINE__, 'Failed to delete group.'); $msg003 = "The delete failed.: grp"; // 削除に失敗しました: grp \Sop\Api::exitWithError(array($msg003));
\Sop\Log::warning(__FILE__, __LINE__, 'Invalid group is specified.'); $msg004 = "This group already has been deleted."; // このグループは既に削除されています: \Sop\Api::exitWithError(array("{$msg004} {$grp_id}")); } //} // --- 権限 $role_aprv = $role_aprv == '' ? '0' : '1'; $role_upld = $role_upld == '' ? '0' : '1'; $role_user = $role_user == '' ? '0' : '1'; $role = "{$role_aprv}{$role_upld}{$role_user}"; // 承認、登録、一般 の順で連結 ※例)100:承認、001:一般、101:承認+一般 $admin_flag = $admin_flag != '' ? 1 : 0; // 自分の管理権限は変更不可 if (\Sop\Session::getSiteData('user_id') == $user_id && $admin_flag == 0) { \Sop\Log::warning(__FILE__, __LINE__, 'User tried to delete own admin role.'); $msg005 = "You can not undo the administrative permission by oneself."; // 自分自身の管理権限は外せません。 \Sop\Api::exitWithError(array($msg005)); } // --------------------------- // データ登録 // --------------------------- $db->beginTransaction(); if ($div == 'add') { //削除済みユーザー $sel_sql = getSQLDeletedBaseForOneUser(); $sel_sql .= " AND user_id = :user_id"; $sql = "SELECT count(*) deleted_cnt FROM ({$sel_sql}) as tmp"; $params = array(); $params[':user_id'] = $user_id;