/** * Gets a cleaned value from a PHP global * * @param string $arn * @param string $name * @param mixed $def * @return mixed */ protected static function _globalConv($arn, $name, $def = null) { switch ($arn) { case 'request': $value = Application::Input()->get($name, 0, GetterInterface::STRING); break; case 'get': case 'post': case 'cookie': case 'server': case 'env': $value = Application::Input()->get($arn . '/' . $name, 0, GetterInterface::STRING); break; case 'session': $value = Application::Session()->get($name, null, GetterInterface::STRING); break; case 'cbcookie': $value = CBCookie::getcookie($name, $def); break; default: trigger_error(sprintf('SQLXML::globalconv error: unknown type %s for %s.', $arn, $name), E_USER_NOTICE); $value = null; break; } return stripslashes($value); }
/** * Returns safe PHP-typed values with type-defined sources * $type can be: * 'const:type' for constant of $fieldValue * 'param:type' for the actual data from the model * 'pluginparam:type' for a parameter from the plugin * 'cmsversion:type' for the cmsversion attribute of type * 'cbconfig:type' for the config parameter of CB * 'datavalue:type' for the actual data from the model, but allowing a path * * @param mixed $fieldValue The value to PHP-format safely * @param string $type The type of the value that is wanted (see above for types) * @param SimpleXMLElement $element The element for additional attributes * @param string $leftRight The prefix for additional attributes * @return string|float|int The safely formatted PHP value */ function phpCleanType( $fieldValue, $type, $element, $leftRight ) { $typeArray = explode( ':', $type, 3 ); if ( count( $typeArray ) < 2 ) { $typeArray = array( 'const' , $type ); } switch ( $typeArray[0] ) { case 'const': break; case 'param': $fieldValue = $this->getModelOfData()->get( $fieldValue ); break; case 'pluginparams': $fieldValue = $this->_pluginParams->get( $fieldValue ); break; case 'cmsversion': $fieldValue = checkJversion( ( $fieldValue ? $fieldValue : 'api' ) ); break; case 'cbconfig': global $ueConfig; $fieldValue = ( array_key_exists( $fieldValue, $ueConfig ) ? $ueConfig[$fieldValue] : '' ); break; case 'datavalue': $fieldValue = $this->get( $fieldValue ); //TBD: missing default value, but not easy to find, as it's in the view param for now: $param->attributes( 'default' ) ); break; case 'data': $leftRightElem = $element->getChildByNameAttributes( $leftRight ); if ( $leftRightElem ) { $fieldValue = $this->renderAllParams( $leftRightElem, 'params', null, 'view', 'none' ); } else { trigger_error( 'XMLifCondition::phpCleanQuote:name: missing ' . $leftRight . ' element for type ' . htmlspecialchars( $type ), E_USER_NOTICE ); } break; case 'user': // TODO: Change this to use Inversion Of Control, and allow XML valuetypes to be extended dynamically (e.g. instead of calling specifically CBLib\CB\User or similar when available, it is CB that adds the type and a closure to handle that type. if ( $fieldValue == 'viewaccesslevels' ) { $fieldValue = Application::MyUser()->getAuthorisedViewLevels(); } else { if ( $fieldValue == 'usergroups' ) { $fieldValue = Application::MyUser()->getAuthorisedGroups( false ); } else { $fieldValue = \CBuser::getMyUserDataInstance()->get( $fieldValue ); } } break; case 'request': $fieldValue = $this->input->get( $fieldValue, 0, GetterInterface::STRING ); break; case 'get': case 'post': case 'cookie': case 'server': case 'env': $fieldValue = $this->input->get( $typeArray[0] . '/' . $fieldValue, 0, GetterInterface::STRING ); break; case 'session': $fieldValue = Application::Session()->get( $fieldValue, null, GetterInterface::STRING ); break; default: trigger_error( 'XMLifCondition::phpCleanQuote:name: ERROR_UNKNOWN_TYPE: ' . htmlspecialchars( $type ), E_USER_NOTICE ); break; } if ( is_array( $fieldValue ) ) { $fieldValue = implode( '|*|', $fieldValue ); } switch ( $typeArray[1] ) { case 'int': case 'integer': $value = (int) $fieldValue; break; case 'float': case 'number': $value = (float) $fieldValue; break; case 'formula': $value = $fieldValue; break; case 'bool': case 'boolean': $value = (bool) $fieldValue; break; case 'datetime': if ( preg_match( '/[0-9]{4}-[01][0-9]-[0-3][0-9] [0-2][0-9](:[0-5][0-9]){2}/', $fieldValue ) ) { $value = $fieldValue; } else { $value = ''; } break; case 'date': if ( preg_match( '/[0-9]{4}-[01][0-9]-[0-3][0-9]/', $fieldValue ) ) { $value = $fieldValue; } else { $value = ''; } break; case 'time': if ( preg_match( '/-?[0-9]{1,3}(:[0-5][0-9]){2}/', $fieldValue ) ) { $value = $fieldValue; } else { $value = ''; } break; case 'string': $value = (string) $fieldValue; break; case 'null': $value = null; break; default: //CB2.0: uncomment: trigger_error( 'XMLifCondition::phpCleanQuote:value: ERROR_UNKNOWN_TYPE: ' . htmlspecialchars( $type ), E_USER_NOTICE ); $value = $fieldValue; break; } return $value; }