QuickFormQuery.php 72.8 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
<?php
/**
 * Created by PhpStorm.
 * User: ep
 * Date: 12/23/15
 * Time: 6:33 PM
 */

namespace qfq;

Carsten  Rose's avatar
Carsten Rose committed
11
use qfq;
12
13
14
15
16
17
18
19
20

//use qfq\Report;

//use qfq\BuildFormPlain;
//use qfq\BuildFormTable;
//use qfq\BuildFormBootstrap;
//use qfq\UserException;
//use qfq\CodeException;
//use qfq\DbException;
21
//use qfq\helper;
22
//use qfq\Store;
Carsten  Rose's avatar
Carsten Rose committed
23

Carsten  Rose's avatar
Carsten Rose committed
24

25
require_once(__DIR__ . '/store/Store.php');
26
require_once(__DIR__ . '/store/Sip.php');
27
28
29
30
31
32
33
34
35
36
require_once(__DIR__ . '/store/FillStoreForm.php');
require_once(__DIR__ . '/store/Session.php');
require_once(__DIR__ . '/Constants.php');
require_once(__DIR__ . '/Save.php');
require_once(__DIR__ . '/helper/KeyValueStringParser.php');
require_once(__DIR__ . '/helper/HelperFormElement.php');
require_once(__DIR__ . '/exceptions/UserFormException.php');
require_once(__DIR__ . '/exceptions/CodeException.php');
require_once(__DIR__ . '/exceptions/DbException.php');
require_once(__DIR__ . '/exceptions/ErrorHandler.php');
37
38
require_once(__DIR__ . '/database/Database.php');
require_once(__DIR__ . '/database/DatabaseUpdate.php');
39
40
41
42
43
require_once(__DIR__ . '/Evaluate.php');
require_once(__DIR__ . '/BuildFormPlain.php');
require_once(__DIR__ . '/BuildFormTable.php');
require_once(__DIR__ . '/BuildFormBootstrap.php');
require_once(__DIR__ . '/report/Report.php');
44
require_once(__DIR__ . '/report/Monitor.php');
45
46
require_once(__DIR__ . '/BodytextParser.php');
require_once(__DIR__ . '/Delete.php');
47
require_once(__DIR__ . '/form/FormAction.php');
Carsten  Rose's avatar
Carsten Rose committed
48
require_once(__DIR__ . '/form/Dirty.php');
49
require_once(__DIR__ . '/form/DragAndDrop.php');
50
51
52
53
54
55
56
57
58
59
60
61
/*
 * Form will be called
 * a) with a SIP identifier, or
 * b) without a SIP identifier (form setting has to allow this) and will create on the fly a new SIP.
 *
 * The SIP-Store stores:
 *  form=<formname>
 *  r=<record id>  (table.id for a single record form)
 *  keySemId,keySemIduser
 *  <further individual variables>
 */

Carsten  Rose's avatar
Carsten Rose committed
62
/**
63
 * Class Qfq
Carsten  Rose's avatar
Carsten Rose committed
64
65
 * @package qfq
 */
66
class QuickFormQuery {
67

68
    /**
69
     * @var Store instantiated class
70
     */
Carsten  Rose's avatar
Carsten Rose committed
71
    protected $store = null;
72

73
    /**
74
     * @var \qfq\Database[] - Array of Database instantiated class
75
     */
76
    protected $dbArray = array();
77

78
79
80
    /**
     * @var Evaluate instantiated class
     */
81
82
    protected $evaluate = null;

83
84
85
    protected $formSpec = array();
    protected $feSpecAction = array();  // Form Definition: copy of the loaded form
    protected $feSpecNative = array(); // FormEelement Definition: all formElement.class='action' of the loaded form
86
    protected $feSpecNativeRaw = array(); // FormEelement Definition: all formElement.class='action' of the loaded form
87

88
89
90
    /**
     * @var array
     */
91
    private $t3data = array(); // FormElement Definition: all formElement.class='native' of the loaded form
92

93
94
95
    /**
     * @var bool
     */
96
97
    private $phpUnit = false;

98
99
100
101
102
    /**
     * @var bool
     */
    private $inlineReport = false;

103
104
105
106
107
    /**
     * @var Session
     */
    private $session = null;

108
109
110
    private $dbIndexData = false;
    private $dbIndexQfq = false;

111
112
113
114
115
116
117
118
119
120
121
    /*
     * TODO:
     *  Preparation: setup logging, database access, record locking
     *  fill stores
     *  Check permission_create / permission_update
     *  Multi: iterate over all records, Single: activate record
     *      Check mode: Load | Save
     *      doActions 'Before'
     *      Do all FormElements
     *      doActions 'After'
     */
122

123
124
125
    /**
     * Construct the Form Class and Store too. This is the base initialization moment.
     *
126
127
     * As a result of instantiating of Form, the class Store will initially called the first time and therefore
     * instantiated automatically. Store might throw an exception, in case the URL-passed SIP is invalid.
128
     *
129
     * @param array $t3data
Carsten  Rose's avatar
Carsten Rose committed
130
     * @param bool $phpUnit
131
     * @param bool $inlineReport
132
     *
133
     * @throws CodeException
Carsten  Rose's avatar
Carsten Rose committed
134
     * @throws DbException
135
     * @throws UserFormException
Carsten  Rose's avatar
Carsten Rose committed
136
     * @throws UserReportException
137
     */
138
    public function __construct(array $t3data = array(), $phpUnit = false, $inlineReport = true) {
139
        $this->phpUnit = $phpUnit;
140
        $this->inlineReport = $inlineReport;
141

142
        mb_internal_encoding("UTF-8");
143

144
145
        $this->session = Session::getInstance($phpUnit);

146
        // Refresh the session even if no new data saved.
147
        Session::set(SESSION_LAST_ACTIVITY, time());
148

149
        set_error_handler("\\qfq\\ErrorHandler::exception_error_handler");
Carsten  Rose's avatar
Carsten Rose committed
150
151
        // PHPExcel
        set_include_path(get_include_path() . PATH_SEPARATOR . '../../Resources/Private/Classes/');
152

153
154
155
156
157
158
159
        if (!isset($t3data[T3DATA_BODYTEXT])) {
            $t3data[T3DATA_BODYTEXT] = '';
        }

        if (!isset($t3data[T3DATA_UID])) {
            $t3data[T3DATA_UID] = 0;
        }
160

161
        $btp = new BodytextParser();
162
        $t3data[T3DATA_BODYTEXT_RAW] = $t3data[T3DATA_BODYTEXT];
163
        $t3data[T3DATA_BODYTEXT] = $btp->process($t3data[T3DATA_BODYTEXT]);
164

165
166
        $this->t3data = $t3data;

167
        $bodytext = $this->t3data[T3DATA_BODYTEXT];
168
169

        $this->store = Store::getInstance($bodytext, $phpUnit);
170

171
172
173
        $timeout = $this->store::getVar(SYSTEM_SESSION_TIMEOUT_SECONDS, STORE_SYSTEM);
        Session::checkSessionExpired($timeout);

174
        // If an FE user logs out and a different user logs in (same browser session) - the old values has to be destroyed!
175
        if (Session::getAndDestroyFlagFeUserHasChanged()) {
176
177
178
            $this->store->unsetStore(STORE_USER);
        }

179
        $this->store->setVar(TYPO3_TT_CONTENT_UID, $t3data[T3DATA_UID], STORE_TYPO3);
180

181
182
        $this->dbIndexData = $this->store->getVar(SYSTEM_DB_INDEX_DATA, STORE_SYSTEM);
        $this->dbIndexQfq = $this->store->getVar(SYSTEM_DB_INDEX_QFQ, STORE_SYSTEM);
183

184
        $this->dbArray[$this->dbIndexData] = new Database($this->dbIndexData);
185

186
187
188
        if ($this->dbIndexData != $this->dbIndexQfq) {
            $this->dbArray[$this->dbIndexQfq] = new Database($this->dbIndexQfq);
        }
189

190
        $this->evaluate = new Evaluate($this->store, $this->dbArray[$this->dbIndexData]);
191

192
        $dbUpdate = $this->store->getVar(SYSTEM_DB_UPDATE, STORE_SYSTEM);
193
        $updateDb = new DatabaseUpdate($this->dbArray[$this->dbIndexQfq]);
194
        $updateDb->checkNupdate($dbUpdate);
195

196
        $this->store->FillStoreSystemBySql(); // Do this after the DB-update
197
198
199

        // Set dbIndex, evaluate any
        $dbIndex = $this->store->getVar(TOKEN_DB_INDEX, STORE_TYPO3 . STORE_EMPTY);
200
        $dbIndex = $this->evaluate->parse($dbIndex);
201
202
        $dbIndex = ($dbIndex == '') ? DB_INDEX_DEFAULT : $dbIndex;
        $this->store->setVar(TOKEN_DB_INDEX, $dbIndex, STORE_TYPO3);
Carsten  Rose's avatar
Carsten Rose committed
203
204
    }

205
    /**
206
     * Returns the defined forwardMode and set forwardPage
207
     *
208
     * @return array
209
210
     * @throws CodeException
     * @throws UserFormException
211
     */
212
213
    public function getForwardMode() {

214
        if (!isset($this->formSpec[F_FORWARD_PAGE])) {
Carsten  Rose's avatar
Carsten Rose committed
215
            // For QFQ inline editing: no redirect and no further processing.
216
217
218
            return [API_REDIRECT => API_ANSWER_REDIRECT_NO, API_REDIRECT_URL => ''];
        }

219
        $forwardPage = $this->formSpec[F_FORWARD_PAGE];
220

Carsten  Rose's avatar
Carsten Rose committed
221
222
223
224
        if ($this->formSpec[F_FORWARD_MODE] == F_FORWARD_MODE_URL_SIP) {
            $forwardPage = store::getSipInstance()->queryStringToSip($forwardPage, RETURN_URL);
            // F_FORWARD_MODE_URL_SIP is not defined in API PROTOCOL. At the moment it's only used for 'copyForm'.
            // 'copyForm' behaves better if the page is not in history.
225
            // An option for better implementing would be to separate SKIP History from ForwardMode. For API, it can be combined again.
Carsten  Rose's avatar
Carsten Rose committed
226
227
228
            $this->formSpec[F_FORWARD_MODE] = F_FORWARD_MODE_URL_SKIP_HISTORY;
        }

229
230
        return ([
            API_REDIRECT => $this->formSpec[F_FORWARD_MODE],
Carsten  Rose's avatar
Carsten Rose committed
231
            API_REDIRECT_URL => $forwardPage,
232
        ]);
233
234
    }

235
    /**
Carsten  Rose's avatar
Carsten Rose committed
236
     * Main entrypoint for display content: a) form and/or b) report
237
     *
238
     * @return string
239
240
     * @throws CodeException
     * @throws DbException
241
     * @throws DownloadException
242
     * @throws UserFormException
Carsten  Rose's avatar
Carsten Rose committed
243
     * @throws UserReportException
244
245
246
     * @throws \PhpOffice\PhpSpreadsheet\Exception
     * @throws \PhpOffice\PhpSpreadsheet\Reader\Exception
     * @throws \PhpOffice\PhpSpreadsheet\Writer\Exception
Carsten  Rose's avatar
Carsten Rose committed
247
     */
248
    public function process() {
249
        $html = '';
250

251
        if ($this->store->getVar(TYPO3_DEBUG_SHOW_BODY_TEXT, STORE_TYPO3) === 'yes') {
252
253
            $htmlId = HelperFormElement::buildFormElementId($this->formSpec[F_ID], 0, 0, 0);
            $html .= Support::doTooltip($htmlId . HTML_ID_EXTENSION_TOOLTIP, $this->t3data['bodytext']);
254
255
256
        }

        $html .= $this->doForm(FORM_LOAD);
257
        $html .= $this->doReport();
Carsten  Rose's avatar
Carsten Rose committed
258

259
        // Only needed if there are potential 'download'-links, which shall show a popup during processing of the download.
Carsten  Rose's avatar
Carsten Rose committed
260
261
262
263
        if ($this->store->getVar(SYSTEM_DOWNLOAD_POPUP, STORE_SYSTEM) == DOWNLOAD_POPUP_REQUEST) {
            $html .= $this->getModalCode();
        }

264
265
266
267
268
        // Only needed if there are 'drag and drop' elements.
        if ($this->store->getVar(SYSTEM_DRAG_AND_DROP_JS, STORE_SYSTEM) == 'true') {
            $html .= $this->getDragAndDropCode();
        }

269
        $class = $this->store->getVar(SYSTEM_CSS_CLASS_QFQ_CONTAINER, STORE_SYSTEM);
Carsten  Rose's avatar
Carsten Rose committed
270
        if ($class) {
271
            $html = Support::wrapTag("<div class='$class'>", $html);
Carsten  Rose's avatar
Carsten Rose committed
272
273
        }

274
        return $html;
275
276
    }

277
278
    /**
     * Determine the name of the language parameter field, which has to be taken to fill language specific defintions.
279
280
281
     *
     * @throws CodeException
     * @throws UserFormException
282
283
284
285
286
287
288
289
290
     */
    private function setParameterLanguageFieldName() {

        $typo3PageLanguage = $this->store->getVar(TYPO3_PAGE_LANGUAGE, STORE_TYPO3);
        if (empty($typo3PageLanguage)) {
            return;
        }

        foreach (['A', 'B', 'C', 'D'] as $key) {
291
            $languageIdx = SYSTEM_FORM_LANGUAGE . "$key" . "Id";
292
293
294
295
296
297
298
            if ($this->store->getVar($languageIdx, STORE_SYSTEM) == $typo3PageLanguage) {
                $this->store->setVar(SYSTEM_PARAMETER_LANGUAGE_FIELD_NAME, 'parameterLanguage' . $key, STORE_SYSTEM);
                break;
            }
        }
    }

299
    /**
300
301
     * Creates an empty file. This indicates that the current form is in debug mode. Returns HTML element which will be
     * replaced by the logfile.
302
303
304
     *
     * @param $formName
     * @param $formLogMode
305
     * @return string
306
307
308
309
310
311
312
     * @throws CodeException
     * @throws UserFormException
     * @throws UserReportException
     */
    private function getFormLog($formName, $formLogMode) {

        $formLogFileName = Support::getFormLogFileName($formName, $formLogMode);
313
        file_put_contents($formLogFileName, '');
314

315
316
        $monitor = new Monitor();

317
318
        return "<pre id='" . FORM_LOG_HTML_ID . "'>Please wait</pre>" .
            $monitor->process([TOKEN_L_FILE => $formLogFileName, TOKEN_L_APPEND => '1', TOKEN_L_HTML_ID => FORM_LOG_HTML_ID]);
319
    }
320

321
    /**
322
     * Process form.
323
324
325
326
327
     * $mode=
     *   FORM_LOAD: The whole form will be rendered as HTML Code, including the values of all form elements
     *   FORM_UPDATE: States and values of all form elements will be returned as JSON.
     *   FORM_SAVE: The submitted form will be saved. Return Failure or Success as JSON.
     *   FORM_DELETE:
328
     *
329
     * @param string $formMode FORM_LOAD | FORM_UPDATE | FORM_SAVE | FORM_DELETE
330
     *
331
     * @return array|string
332
     * @throws CodeException
333
     * @throws DbException
334
     * @throws DownloadException
335
     * @throws UserFormException
Carsten  Rose's avatar
Carsten Rose committed
336
     * @throws UserReportException
Carsten  Rose's avatar
Carsten Rose committed
337
338
339
     * @throws \PhpOffice\PhpSpreadsheet\Exception
     * @throws \PhpOffice\PhpSpreadsheet\Reader\Exception
     * @throws \PhpOffice\PhpSpreadsheet\Writer\Exception
340
     */
341
    private function doForm($formMode) {
Carsten  Rose's avatar
Carsten Rose committed
342
        $data = '';
Carsten  Rose's avatar
Carsten Rose committed
343
        $foundInStore = '';
344
        $flagApiStructureReGroup = true;
345

Carsten  Rose's avatar
Carsten Rose committed
346
        // Fill STORE_FORM
Carsten  Rose's avatar
Carsten Rose committed
347
348
349
350
351
352
353
        switch ($formMode) {
            case FORM_UPDATE:
            case FORM_SAVE:
            case FORM_REST:
                $fillStoreForm = new FillStoreForm();
                $fillStoreForm->process($formMode);
                break;
Carsten  Rose's avatar
Carsten Rose committed
354
        }
355

356
        $recordId = $this->store->getVar(SIP_RECORD_ID, STORE_SIP . STORE_TYPO3 . STORE_CLIENT . STORE_ZERO);
357
        $this->setParameterLanguageFieldName();
358

359
360
361
        $formName = $this->loadFormSpecification($formMode, $recordId, $foundInStore, $formLogMode);
        if ($formName !== false && $formLogMode !== false) {
            return $this->getFormLog($formName, $formLogMode);
362
363
        }

364
        if ($formName === false) {
365
            switch ($formMode) {
366
367
368
369
370
371
372
                case FORM_DELETE:
                    break;
                case FORM_DRAG_AND_DROP:
                    throw new CodeException('Missing form in SIP', ERROR_MISSING_FORM);
                default:
                    return '';// No form found: do nothing
            }
373
        }
374

Carsten  Rose's avatar
Carsten Rose committed
375
        // Check 'session expire' happens quite late, cause it can be configured per form.
376
377
        Session::checkSessionExpired($this->formSpec[F_SESSION_TIMEOUT_SECONDS]);

378
        if ($formName !== false) {
Carsten  Rose's avatar
Carsten Rose committed
379
380
381
            // Validate (only if there is a 'real' form, not a FORM_DELETE with only a tablename).
            // Attention: $formModeNew will be set
            $sipFound = $this->validateForm($foundInStore, $formMode, $formModeNew);
382
383

        } else {
384
            // FORM_DELETE without a form definition: Fake the form with only a tableName.
385
386
            $table = $this->store->getVar(SIP_TABLE, STORE_SIP);
            if ($table === false) {
387
                throw new UserFormException("No 'form' and no 'table' definition found.", ERROR_MISSING_VALUE);
388
            }
389

390
391
392
            $sipFound = true;
            $this->formSpec[F_NAME] = '';
            $this->formSpec[F_TABLE_NAME] = $table;
393
394
            $this->formSpec[F_RECORD_LOCK_TIMEOUT_SECONDS] = 1; // just indicate a timeout, the exact timeout is stored in the dirty record.
            $this->formSpec[F_DIRTY_MODE] = DIRTY_MODE_EXCLUSIVE; // just set a mode,, the exact mode is stored in the dirty record.
395
396
397
398
399
400
401
402
403
404

            $tmpDbIndexData = $this->store->getVar(PARAM_DB_INDEX_DATA, STORE_SIP);
            if (!empty($tmpDbIndexData)) {
                $this->formSpec[F_DB_INDEX] = $tmpDbIndexData;
                if ($tmpDbIndexData != $this->dbIndexData) {
                    if (!isset($this->dbArray[$tmpDbIndexData])) {
                        $this->dbArray[$tmpDbIndexData] = new Database($tmpDbIndexData);
                    }
                }
            }
405
406
        }

407
408
        // For 'new' record always create a new Browser TAB-uniq (for this current form, nowhere else used) SIP.
        // With such a Browser TAB-uniq SIP, multiple Browser TABs and following repeated NEWs are easily implemented.
409
410
411
412
        if ($formMode != FORM_REST) {
            if (!$sipFound || ($formMode == FORM_LOAD && $recordId === 0)) {
                $this->store->createSipAfterFormLoad($formName);
            }
413
        }
414

415
        // Fill STORE_BEFORE
416
        if ($this->store->getVar($this->formSpec[F_PRIMARY_KEY], STORE_BEFORE) === false) {
417
            $this->store->fillStoreWithRecord($this->formSpec[F_TABLE_NAME], $recordId,
418
                $this->dbArray[$this->dbIndexData], $this->formSpec[F_PRIMARY_KEY], STORE_BEFORE);
419
420
        }

421
        // Check (and release) dirtyRecord.
Carsten  Rose's avatar
Carsten Rose committed
422
        if ($formModeNew === FORM_DELETE || $formModeNew === FORM_SAVE) {
423
            $dirty = new Dirty(false, $this->dbIndexData, $this->dbIndexQfq);
Carsten  Rose's avatar
Carsten Rose committed
424

Carsten  Rose's avatar
Carsten Rose committed
425
            $answer = $dirty->checkDirtyAndRelease($formModeNew, $this->formSpec[F_RECORD_LOCK_TIMEOUT_SECONDS],
426
                $this->formSpec[F_DIRTY_MODE], $this->formSpec[F_TABLE_NAME], $this->formSpec[F_PRIMARY_KEY], $recordId, true);
427

428
            // In case of a conflict, return immediately
Carsten  Rose's avatar
Carsten Rose committed
429
430
            if ($answer[API_STATUS] != API_ANSWER_STATUS_SUCCESS) {
                $answer[API_STATUS] = API_ANSWER_STATUS_ERROR;
431

432
433
                return $answer;
            }
Carsten  Rose's avatar
Carsten Rose committed
434
435
        }

436
        // FORM_LOAD: if there is a foreign exclusive record lock - show form in F_MODE_READONLY mode.
Carsten  Rose's avatar
Carsten Rose committed
437
        if ($formModeNew === FORM_LOAD) {
438
            $dirty = new Dirty(false, $this->dbIndexData, $this->dbIndexQfq);
439
440
441
442
443
444
445
            $recordDirty = array();
            $rcLockFound = $dirty->getCheckDirty($this->formSpec[F_TABLE_NAME], $recordId, $recordDirty, $msg);
            if (($rcLockFound == LOCK_FOUND_CONFLICT || $rcLockFound == LOCK_FOUND_OWNER) && $recordDirty[F_DIRTY_MODE] == DIRTY_MODE_EXCLUSIVE) {
                $this->formSpec[F_MODE] = F_MODE_READONLY;
            }
        }

Carsten  Rose's avatar
Carsten Rose committed
446
        switch ($formModeNew) {
447
448
449
450
451
452
453
454
455
            case FORM_DELETE:
                $build = new Delete($this->dbIndexData);
                break;
            case FORM_REST:
                break;
            case FORM_LOAD:
            case FORM_SAVE:
            case FORM_UPDATE:
            case FORM_DRAG_AND_DROP:
456

457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
                $tableDefinition = $this->dbArray[$this->dbIndexData]->getTableDefinition($this->formSpec[F_TABLE_NAME]);
                $this->store->fillStoreTableDefaultColumnType($tableDefinition);

                switch ($this->formSpec['render']) {
                    case 'plain':
                        $build = new BuildFormPlain($this->formSpec, $this->feSpecAction, $this->feSpecNative, $this->dbArray);
                        break;
                    case 'table':
                        $build = new BuildFormTable($this->formSpec, $this->feSpecAction, $this->feSpecNative, $this->dbArray);
                        break;
                    case 'bootstrap':
                        $build = new BuildFormBootstrap($this->formSpec, $this->feSpecAction, $this->feSpecNative, $this->dbArray);
                        break;
                    default:
                        throw new CodeException("This statement should never be reached", ERROR_CODE_SHOULD_NOT_HAPPEN);
                }
                break;
            default:
                throw new CodeException("This statement should never be reached", ERROR_CODE_SHOULD_NOT_HAPPEN);
476
477
        }

478
        $formAction = new FormAction($this->formSpec, $this->dbArray[$this->dbIndexData], $this->phpUnit);
Carsten  Rose's avatar
Carsten Rose committed
479
        switch ($formModeNew) {
480
            case FORM_LOAD:
481
                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_BEFORE_LOAD);
Carsten  Rose's avatar
Carsten Rose committed
482
                $data = $build->process($formModeNew);
483
484
485
486
                $tmpClass = is_numeric($this->formSpec[F_BS_COLUMNS]) ? ('col-md-' . $this->formSpec[F_BS_COLUMNS]) : $this->formSpec[F_BS_COLUMNS];
//                $data = Support::wrapTag("<div class='" . 'col-md-' . $this->formSpec[F_BS_COLUMNS] . "'>", $data);
                $data = Support::wrapTag('<div class="' . $tmpClass . '">', $data);
                $data = Support::wrapTag('<div class="row">', $data);
487
488
489
                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_AFTER_LOAD);
                break;

Carsten  Rose's avatar
Carsten Rose committed
490
            case FORM_UPDATE:
491
                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_BEFORE_LOAD);
492
                // data['form-update']=....
Carsten  Rose's avatar
Carsten Rose committed
493
                $data = $build->process($formModeNew);
494
                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_AFTER_LOAD);
495
                break;
Carsten  Rose's avatar
Carsten Rose committed
496

497
498
499
            case FORM_DELETE:
                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_BEFORE_DELETE);

500
                $build->process($this->formSpec[F_TABLE_NAME], $recordId, $this->formSpec[F_PRIMARY_KEY]);
501
502
503
504

                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_AFTER_DELETE);
                break;

505
            case FORM_SAVE:
506
507
                $this->logFormSubmitRequest();

Carsten  Rose's avatar
Carsten Rose committed
508
                $recordId = $this->store->getVar(SIP_RECORD_ID, STORE_SIP . STORE_TYPO3);
509

510
                // Action: Before
511
512
                $feTypeList = FE_TYPE_BEFORE_SAVE . ',' . ($recordId == 0 ? FE_TYPE_BEFORE_INSERT : FE_TYPE_BEFORE_UPDATE);
                $formAction->elements($recordId, $this->feSpecAction, $feTypeList);
513

514
                // If an old record exist: load it. Necessary to delete uploaded files which should be overwritten.
515
                $this->store->fillStoreWithRecord($this->formSpec[F_TABLE_NAME], $recordId,
516
                    $this->dbArray[$this->dbIndexData], $this->formSpec[F_PRIMARY_KEY]);
517

518
519
                $this->ifPillIsHiddenSetChildFeToHidden();

520
                // SAVE
521
                $save = new Save($this->formSpec, $this->feSpecAction, $this->feSpecNative, $this->feSpecNativeRaw);
522
523

                $save->processAllImageCutFE();
524
                $save->checkRequiredHidden();
525

526
527
                $rc = $save->process();

528
                // Reload fresh saved record and fill STORE_RECORD with it.
529
                $this->store->fillStoreWithRecord($this->formSpec[F_TABLE_NAME], $rc, $this->dbArray[$this->dbIndexData], $this->formSpec[F_PRIMARY_KEY]);
530

Carsten  Rose's avatar
Upload:    
Carsten Rose committed
531
532
                $save->processAllUploads($rc);

533
                // Action: After
534
535
                $feTypeList = FE_TYPE_AFTER_SAVE . ',' . ($recordId == 0 ? FE_TYPE_AFTER_INSERT : FE_TYPE_AFTER_UPDATE);
                $status = $formAction->elements($rc, $this->feSpecAction, $feTypeList);
536
                if ($status != ACTION_ELEMENT_NO_CHANGE) {
537
                    // Reload fresh saved record and fill STORE_RECORD with it.
538
                    $this->store->fillStoreWithRecord($this->formSpec[F_TABLE_NAME], $rc, $this->dbArray[$this->dbIndexData], $this->formSpec[F_PRIMARY_KEY]);
539
                }
540

Carsten  Rose's avatar
Carsten Rose committed
541
542
543
544
545
546
                // Action: Paste
                $this->pasteClipboard($this->formSpec[F_ID], $formAction);

                // Action: Sendmail
                $formAction->elements($rc, $this->feSpecAction, FE_TYPE_SENDMAIL);

Carsten  Rose's avatar
Carsten Rose committed
547
548
549
550
551
                if ($formMode == FORM_REST) {
                    $data = ['id' => $rc];
                    $flagApiStructureReGroup=false;
                    break;
                }
552
553
554
555
556
557
558

                $customForward = $this->setForwardModePage();

                // Logic: If a) r=0 and
                //           b) User presses only 'save' (not save & close) and
                //           c) there is no forwardMode=='url...'
                // then the client should reload the current page with the newly created record. A new SIP is necessary!
559
                $getJson = true;
560
561
562
563
564
                if (0 == $this->store->getVar(SIP_RECORD_ID, STORE_SIP) &&
                    API_SUBMIT_REASON_SAVE == $this->store->getVar(API_SUBMIT_REASON, STORE_CLIENT . STORE_EMPTY, SANITIZE_ALLOW_ALNUMX) &&
                    $customForward == false
                ) {
                    $this->formSpec = $this->buildNSetReloadUrl($this->formSpec, $rc);
565
                    $getJson = false;
566
                }
567

568
                if ($getJson) {
569

570
                    // Values of FormElements might be changed during 'afterSave': rebuild the form to load the new values. Especially for non primary template groups.
571
572
573
574
                    $feSpecNative = $this->getNativeFormElements(SQL_FORM_ELEMENT_NATIVE_TG_COUNT, [$this->formSpec[F_ID]], $this->formSpec);
                    $parameterLanguageFieldName = $this->store->getVar(SYSTEM_PARAMETER_LANGUAGE_FIELD_NAME, STORE_SYSTEM);
                    $feSpecNative = HelperFormElement::setLanguage($feSpecNative, $parameterLanguageFieldName);
                    $this->feSpecNative = HelperFormElement::setFeContainerFormElementId($feSpecNative, $this->formSpec[F_ID], $recordId);
575

Carsten  Rose's avatar
Carsten Rose committed
576
                    $data = $build->process($formModeNew, false, $this->feSpecNative);
577
                }
578
                break;
579

580
581
582
            case FORM_DRAG_AND_DROP:
                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_BEFORE_LOAD);

583
                $dragAndDrop = new DragAndDrop($this->formSpec);
584
                $data = $dragAndDrop->process();
585
                $flagApiStructureReGroup = false;
586
587

                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_AFTER_LOAD);
588
                break;
Carsten  Rose's avatar
Carsten Rose committed
589

590
            case FORM_REST:
Carsten  Rose's avatar
Carsten Rose committed
591
                $flagApiStructureReGroup=false;
592
                $data = $this->doRestGet();
593
594
                break;

595
596
597
598
            default:
                throw new CodeException("This statement should never be reached", ERROR_CODE_SHOULD_NOT_HAPPEN);
        }

Carsten  Rose's avatar
Carsten Rose committed
599
        if ($flagApiStructureReGroup && is_array($data) ) {
600
            // $data['element-update']=...
601
602
            $data = $this->groupElementUpdateEntries($data);
        }
Carsten  Rose's avatar
Carsten Rose committed
603

Carsten  Rose's avatar
Carsten Rose committed
604
        return $data;
605
606
    }

607
608
609
610
611
612
613
614
    /**
     * @param array $restIds
     * @return array
     * @throws CodeException
     * @throws DbException
     * @throws UserFormException
     * @throws UserReportException
     */
615
    private function doRestGet() {
616

Carsten  Rose's avatar
Carsten Rose committed
617
        $this->nameGenericRestParam();
618
619
620
621

        $r = $this->store::getVar(TYPO3_RECORD_ID, STORE_TYPO3);
        $key = empty($r) ? F_REST_SQL_LIST : F_REST_SQL_DATA;

622
        if (!isset($this->formSpec[$key])) {
623
624
625
626
627
628
629
            throw new UserFormException("Missing Parameter '$key'", ERROR_INVALID_VALUE);
        }

        return $this->evaluate->parse($this->formSpec[$key]);

    }

Carsten  Rose's avatar
Carsten Rose committed
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
    /**
     * Checks if $serverToken matches HTTP_HEADER_AUTHORIZATION,
     * If not: throw an exception.
     *
     * @param string|array $serverToken
     * @throws CodeException
     * @throws UserFormException
     */
    private function restCheckAuthToken($serverToken) {

        // No serverToken: no check necessary
        if ($serverToken === '') {
            return;
        }

        if ($serverToken === $this->store::getVar(HTTP_HEADER_AUTHORIZATION, STORE_CLIENT . STORE_EMPTY, SANITIZE_ALLOW_ALL)) {
            return;
        }

        // Delay before answering.
        $seconds = $this->store::getVar(SYSTEM_SECURITY_FAILED_AUTH_DELAY, STORE_SYSTEM);
        sleep($seconds);

        throw new UserFormException('Missing or wrong authorization token', ERROR_REST_AUTHORIZATION);
    }

656
657
658
659
660
661
662
    /**
     * STORE_CLIENT: copy parameter _id1,_id2,...,_idN to named variables, specified via $this->formSpec[F_REST_PARAM] (CSV list)
     *
     * @throws CodeException
     * @throws UserFormException
     * @throws UserReportException
     */
Carsten  Rose's avatar
Carsten Rose committed
663
    private function nameGenericRestParam() {
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682

        $paramNames = explode(',', $this->formSpec[F_REST_PARAM] ?? '');

        $ii = 1;
        foreach ($paramNames as $key) {
            switch ($key) {
                case CLIENT_FORM:
                case CLIENT_RECORD_ID:
                    throw new UserFormException("Name '$key' is forbidden in " . F_REST_PARAM, ERROR_INVALID_VALUE);
                    break;
                default:
                    break;
            }
            $val = $this->store::getVar(CLIENT_REST_ID . $ii, STORE_CLIENT);
            $this->store::setVar($key, $val, STORE_CLIENT);
            $ii++;
        }
    }

683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
    /**
     * Copies state 'hidden' from a FE pill to all FE child elements of that pill.
     *
     * @throws CodeException
     * @throws DbException
     * @throws UserFormException
     * @throws UserReportException
     */
    private function ifPillIsHiddenSetChildFeToHidden() {

        $feFilter = OnArray::filter($this->feSpecNative, FE_TYPE, FE_TYPE_PILL);

        if (!empty($feFilter)) {
            foreach ($feFilter AS $feParent) {

698
                if ($feParent[FE_MODE_SQL]) {
699
                    $mode = $this->evaluate->parse($feParent[FE_MODE_SQL]);
700
701
                    if ($mode != '') {
                        $feParent[FE_MODE] = $mode;
702
703
704
705
706
707
708
709
                    }
                }

                if ($feParent[FE_MODE] == FE_MODE_HIDDEN) {
                    $feChild = OnArray::filter($this->feSpecNative, FE_ID_CONTAINER, $feParent[FE_ID]);
                    foreach ($feChild AS $fe) {

                        # Search for origin
710
711
                        foreach ($this->feSpecNative as $key => $value) {
                            if ($value[FE_ID] == $fe[FE_ID]) {
712
713
714
715
716
717
718
719
720
721
                                $this->feSpecNative[$key][FE_MODE] = FE_MODE_HIDDEN;
                                break;
                            }
                        }
                    }
                }
            }
        }
    }

722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
    /**
     * @throws CodeException
     * @throws DbException
     * @throws UserFormException
     */
    private function logFormSubmitRequest() {
        $formSubmitLogMode = $this->formSpec[F_FORM_SUBMIT_LOG_MODE] ??
            $this->store->getVar(SYSTEM_FORM_SUBMIT_LOG_MODE, STORE_SYSTEM, SANITIZE_ALLOW_ALNUMX);
        if ($formSubmitLogMode === FORM_SUBMIT_LOG_MODE_NONE) {
            return;
        }

        $formData = $_POST;
        unset($formData[CLIENT_SIP]);
        $formData = json_encode($formData, JSON_UNESCAPED_UNICODE);
        $clientIp = $_SERVER[CLIENT_REMOTE_ADDRESS];
        $userAgent = $_SERVER[CLIENT_HTTP_USER_AGENT];
        $sipData = json_encode($this->store->getStore(STORE_SIP), JSON_UNESCAPED_UNICODE);
        $formId = $this->formSpec[F_ID];
        $recordId = $this->store->getVar(SIP_RECORD_ID, STORE_SIP);
        $feUser = $this->store->getVar(TYPO3_FE_USER, STORE_TYPO3, SANITIZE_ALLOW_ALNUMX);
        $pageId = $this->store->getVar(TYPO3_PAGE_ID, STORE_TYPO3, SANITIZE_ALLOW_ALNUMX);
        $sessionId = session_id();

        $sql = "INSERT INTO FormSubmitLog (formData, sipData, clientIp, feUser, userAgent, formId, recordId, pageId, sessionId, created)" .
747
            "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, NOW())";
748
749
750
751
        $params = [$formData, $sipData, $clientIp, $feUser, $userAgent, $formId, $recordId, $pageId, $sessionId];
        $this->dbArray[$this->dbIndexQfq]->sql($sql, ROW_REGULAR, $params);
    }

752
753
754
755
756
757
758
759
760
761
762

    /**
     * Check if forwardMode='url...'.
     * yes: process 'forwardPage' and fill $this->formSpec[F_FORWARD_MODE] and $this->formSpec[F_FORWARD_PAGE]
     * no: do nothing
     *
     * '$this->formSpec[F_FORWARD_PAGE]' might give a new forwardMode. If so, set $this->formSpec[F_FORWARD_MODE] to
     * it.
     *
     * '$this->formSpec[F_FORWARD_PAGE]':
     * a) url     http://www.nzz.ch/index.html?a=123#bottom, website.html?a=123#bottom,
763
     *            ?[id=]<T3 Alias pageid>&a=123#bottom, ?id=<T3 page id>&a=123#bottom
764
765
766
767
768
     * b) mode      no|client|url|...
     * c) mode|url  combination of above
     *
     * @return bool  TRUE if F_FORWARD_MODE = 'url..', else FALSE
     *
Carsten  Rose's avatar
Carsten Rose committed
769
770
     * @throws CodeException
     * @throws DbException
771
     * @throws UserFormException
Carsten  Rose's avatar
Carsten Rose committed
772
     * @throws UserReportException
773
774
775
     */
    private function setForwardModePage() {

776
        if (F_FORWARD_MODE_URL != substr($this->formSpec[F_FORWARD_MODE], 0, 3)) {
777
778
779
            return false;
        }

780
        $forwardPageTmp = $this->evaluate->parse($this->formSpec[F_FORWARD_PAGE]);
781
782
783
784
785
786

        // Format: [mode/url][|url]
        $forwardArray = explode('|', $forwardPageTmp, 2);
        $forward = trim($forwardArray[0]);
        switch ($forward) {

787
            case F_FORWARD_MODE_AUTO:
788
            case F_FORWARD_MODE_CLOSE:
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
            case F_FORWARD_MODE_NO:
            case F_FORWARD_MODE_URL:
            case F_FORWARD_MODE_URL_SKIP_HISTORY:
            case F_FORWARD_MODE_URL_SIP:
                $this->formSpec[F_FORWARD_MODE] = $forward;
                if (isset($forwardArray[1])) {
                    $this->formSpec[F_FORWARD_PAGE] = trim($forwardArray[1]);
                } else {
                    $this->formSpec[F_FORWARD_PAGE] = '';
                }
                break;

            default:
                $this->formSpec[F_FORWARD_PAGE] = $forward;
                break;
        }

        if ('url' == substr($this->formSpec[F_FORWARD_MODE], 0, 3)) {
            if ($this->formSpec[F_FORWARD_PAGE] == '') {
808
                $this->formSpec[F_FORWARD_MODE] = F_FORWARD_MODE_AUTO;
809
810
811
812
813
814
815
816
817
818
819
820
821
                $customForward = false;
            } else {
                $customForward = true;
            }

        } else {
            $customForward = false;
        }

        return $customForward;

    }

Carsten  Rose's avatar
Carsten Rose committed
822
823
824
    /**
     * Iterate over all Clipboard source records and fire for each all FE.type=paste records.
     *
Carsten  Rose's avatar
Carsten Rose committed
825
     * @param int $formId
Carsten  Rose's avatar
Carsten Rose committed
826
     * @param FormAction $formAction
827
     *
Carsten  Rose's avatar
Carsten Rose committed
828
829
830
     * @throws CodeException
     * @throws DbException
     * @throws UserFormException
Carsten  Rose's avatar
Carsten Rose committed
831
     * @throws UserReportException
Carsten  Rose's avatar
Carsten Rose committed
832
833
834
     */
    private function pasteClipboard($formId, FormAction $formAction) {

835
836
837
838
        if (!$this->isPasteRecord()) {
            return;
        }

Carsten  Rose's avatar
Carsten Rose committed
839
840
841
842
843
844
845
        $cookieQfq = $this->store->getVar(CLIENT_COOKIE_QFQ, STORE_CLIENT, SANITIZE_ALLOW_ALNUMX);
        if ($cookieQfq === false || $cookieQfq == '') {
            throw new UserFormException('Qfq Session missing', ERROR_QFQ_SESSION_MISSING);
        }

        # select clipboard records
        $sql = "SELECT c.idSrc as id, c.xId FROM Clipboard AS c WHERE c.cookie='$cookieQfq' AND c.formIdPaste=$formId ORDER BY c.id";
846
        $arrClipboard = $this->dbArray[$this->dbIndexQfq]->sql($sql);
Carsten  Rose's avatar
Carsten Rose committed
847
848
849
850
851
852
853
854

        // Process clipboard records.
        foreach ($arrClipboard AS $srcIdRecord) {
            $formAction->doAllFormElementPaste($this->feSpecAction, $this->formSpec[F_TABLE_NAME], $this->formSpec[F_TABLE_NAME], "", $srcIdRecord);
        }

    } # doClipboard()

855
856
857
858
859
860
861
862
863
864
    /**
     * @return bool  true if there is at least one paste record, else false.
     */
    private function isPasteRecord() {

        foreach ($this->feSpecAction as $formElement) {
            if ($formElement[FE_TYPE] == FE_TYPE_PASTE) {
                return true;
            }
        }
865

866
867
868
869
        return false;

    }

870
871
872
873
874
    /**
     * Set F_FORWARD_MODE to  F_FORWARD_MODE_PAGE and builds a redirection URL to the current page with the already
     * used parameters. Do this by building a new SIP with the new recordId.
     *
     * @param array $formSpec
Carsten  Rose's avatar
Carsten Rose committed
875
     * @param int $recordId
876
     *
877
878
879
880
881
882
     * @return array
     * @throws CodeException
     * @throws UserFormException
     */
    private function buildNSetReloadUrl(array $formSpec, $recordId) {

883
        $formSpec[F_FORWARD_MODE] = API_ANSWER_REDIRECT_URL_SKIP_HISTORY;
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900

        // Rebuild original URL
        $storeT3 = $this->store->getStore(STORE_TYPO3);
        $storeT3['id'] = $storeT3[TYPO3_PAGE_ID];
        $storeT3 = OnArray::getArrayItems($storeT3, ['id', TYPO3_PAGE_TYPE, TYPO3_PAGE_LANGUAGE], true, true);

        $arr = KeyValueStringParser::parse($this->store->getVar(SIP_URLPARAM, STORE_SIP), '=', '&');
        $arr[SIP_RECORD_ID] = $recordId;
        $arr = array_merge($storeT3, $arr);
        $queryString = KeyValueStringParser::unparse($arr, '=', '&');

        $formSpec[F_FORWARD_PAGE] = store::getSipInstance()->queryStringToSip($queryString, RETURN_URL);

        return $formSpec;

    }

901
    /**
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
     * Checks if there is formLog mode active for FORM_LOG_SESSION or FORM_LOG_ALL.
     * If yes, set $form[FORM_LOG_FILE_SESSION] resp.  $form[FORM_LOG_FILE_ALL].
     * If the last action is older FORM_LOG_FILE_EXPIRE, the file will be deleted and formLog mode stops (disabled).
     *
     * @param array $form
     * @return array
     * @throws CodeException
     * @throws UserFormException
     * @throws UserReportException
     */
    private function checkFormLogMode(array $form) {

        $form[FORM_LOG_FILE_SESSION] = '';
        $form[FORM_LOG_FILE_ALL] = '';

        foreach ([FORM_LOG_SESSION, FORM_LOG_ALL] as $mode) {
            $file = Support::getFormLogFileName($form[F_NAME], $mode);
919
            if (file_exists($file) && false !== ($arr = stat($file))) {
920
921

                if (time() - $arr['mtime'] > FORM_LOG_FILE_EXPIRE) {
922
                    HelperFile::unlink($file);
923
924
                } else {
                    $form[FORM_LOG_FILE . '_' . $mode] = $file;
925
                    $form[FORM_LOG_ACTIVE] = 1;
926
927
928
929
930
931
932
                }
            }
        }

        return $form;
    }

933
    /**
934
935
     * Get form name
     * Check if the form is in log mode: set formLog and return
936
     * Load form. Evaluates form. Load FormElements.
937
     *
Carsten  Rose's avatar
Carsten Rose committed
938
     * After processing:
939
940
941
942
     * Loaded Form is in  $this->formSpec
     * Loaded 'action' FormElements are in $this->feSpecAction
     * Loaded 'native' FormElements are in $this->feSpecNative
     *
943
     * @param string $mode FORM_LOAD|FORM_SAVE|FORM_UPDATE|FORM_REST
Carsten  Rose's avatar
Carsten Rose committed
944
     * @param int $recordId
Carsten  Rose's avatar
Carsten Rose committed
945
     * @param string $foundInStore
946
     * @param string $formLogMode
Carsten  Rose's avatar
Carsten Rose committed
947
     * @return bool|string if found the formName, else 'false'.
948
     *
Carsten  Rose's avatar
Carsten Rose committed
949
     * @throws CodeException
950
     * @throws DbException
951
     * @throws UserFormException
Carsten  Rose's avatar
Carsten Rose committed
952
     * @throws UserReportException
953
     */
954
955
956
    private function loadFormSpecification($mode, $recordId, &$foundInStore = '', &$formLogMode = '') {

        $formLogMode = false; // Important: if no form is found, formLogMode needs also to be false.
Carsten  Rose's avatar
Carsten Rose committed
957

958
        // formName
Carsten  Rose's avatar
Carsten Rose committed
959
        if (false === ($formName = $this->getFormName($mode, $foundInStore))) {
960
961
            return false;
        }
962

963
964
965
966
        // Check for '_formLogMode'=logSession|logAll
        $formLogMode = $this->store::getVar(FORM_LOG_MODE, STORE_SIP);
        if ($formLogMode !== false) {
            return $formName; // fomLog: getting the formName is sufficient.
967
968
        }

969
970
        if (!$this->dbArray[$this->dbIndexQfq]->existTable(TABLE_NAME_FORM)) {
            throw new UserFormException("Table '" . TABLE_NAME_FORM . "' not found", ERROR_MISSING_TABLE);
971
972
        }

973
        // Preparation for Log, Debug
974
        $this->store->setVar(SYSTEM_FORM, $formName, STORE_SYSTEM);
Carsten  Rose's avatar
Carsten Rose committed
975

976
977
        // Check if there is a recordId specified in Bodytext - as variable or query.
        $rTmp = $this->store->getVar(CLIENT_RECORD_ID, STORE_TYPO3, SANITIZE_ALLOW_ALL);
978
        if (false !== $rTmp && !ctype_digit($rTmp)) {
979
            $rTmp = $this->evaluate->parse($rTmp);
980
981
982
            $this->store->setVar(CLIENT_RECORD_ID, $rTmp, STORE_TYPO3);
        }

983
        // Load form