QuickFormQuery.php 16.4 KB
Newer Older
1
2
3
4
5
6
7
8
<?php
/**
 * Created by PhpStorm.
 * User: ep
 * Date: 12/23/15
 * Time: 6:33 PM
 */

Carsten  Rose's avatar
Carsten Rose committed
9

10
11
namespace qfq;

Carsten  Rose's avatar
Carsten Rose committed
12
use qfq;
13
14
15
16
17
18
19
20
21

//use qfq\Report;

//use qfq\BuildFormPlain;
//use qfq\BuildFormTable;
//use qfq\BuildFormBootstrap;
//use qfq\UserException;
//use qfq\CodeException;
//use qfq\DbException;
22
//use qfq\helper;
23
//use qfq\Store;
Carsten  Rose's avatar
Carsten Rose committed
24

Carsten  Rose's avatar
Carsten Rose committed
25

26
require_once(__DIR__ . '/../qfq/store/Store.php');
Carsten  Rose's avatar
Carsten Rose committed
27
require_once(__DIR__ . '/../qfq/store/FillStoreForm.php');
Carsten  Rose's avatar
Carsten Rose committed
28
require_once(__DIR__ . '/../qfq/Constants.php');
29
require_once(__DIR__ . '/../qfq/Save.php');
Carsten  Rose's avatar
Carsten Rose committed
30
require_once(__DIR__ . '/../qfq/helper/KeyValueStringParser.php');
31
require_once(__DIR__ . '/../qfq/helper/HelperFormElement.php');
32
require_once(__DIR__ . '/../qfq/exceptions/UserFormException.php');
33
34
require_once(__DIR__ . '/../qfq/exceptions/CodeException.php');
require_once(__DIR__ . '/../qfq/exceptions/DbException.php');
35
require_once(__DIR__ . '/../qfq/exceptions/ErrorHandler.php');
36
require_once(__DIR__ . '/../qfq/Database.php');
Carsten  Rose's avatar
Carsten Rose committed
37
require_once(__DIR__ . '/../qfq/Evaluate.php');
38
39
40
require_once(__DIR__ . '/../qfq/BuildFormPlain.php');
require_once(__DIR__ . '/../qfq/BuildFormTable.php');
require_once(__DIR__ . '/../qfq/BuildFormBootstrap.php');
41
require_once(__DIR__ . '/../qfq/report/Report.php');
42
require_once(__DIR__ . '/../qfq/BodytextParser.php');
43

44
45
46
47
48
49
50
51
52
53
54
55
/*
 * Form will be called
 * a) with a SIP identifier, or
 * b) without a SIP identifier (form setting has to allow this) and will create on the fly a new SIP.
 *
 * The SIP-Store stores:
 *  form=<formname>
 *  r=<record id>  (table.id for a single record form)
 *  keySemId,keySemIduser
 *  <further individual variables>
 */

Carsten  Rose's avatar
Carsten Rose committed
56
/**
57
 * Class Qfq
Carsten  Rose's avatar
Carsten Rose committed
58
59
 * @package qfq
 */
60
class QuickFormQuery {
61
    /**
62
     * @var \qfq\Store instantiated class
63
     */
Carsten  Rose's avatar
Carsten Rose committed
64
    protected $store = null;
65
66
67
    /**
     * @var Database instantiated class
     */
68
    protected $db = null;
69
70
71
72
    /**
     * @var Evaluate instantiated class
     */
    protected $eval = null;
73
74
75
76
77
78
79
    protected $formSpec = array();
    protected $feSpecAction = array();  // Form Definition: copy of the loaded form
    protected $feSpecNative = array(); // FormEelement Definition: all formElement.class='action' of the loaded form
    /**
     * @var array
     */
    private $t3data = array(); // FormEelement Definition: all formElement.class='native' of the loaded form
80

81
82
    private $phpUnit = false;

83
84
85
86
87
88
89
90
91
92
93
    /*
     * TODO:
     *  Preparation: setup logging, database access, record locking
     *  fill stores
     *  Check permission_create / permission_update
     *  Multi: iterate over all records, Single: activate record
     *      Check mode: Load | Save
     *      doActions 'Before'
     *      Do all FormElements
     *      doActions 'After'
     */
94

95
96
97
98
99
    /**
     * Construct the Form Class and Store too. This is the base initialization moment.
     *
     * As a result of instantiating of Form, the class Store will initially called the first time and therefore instantiated automatically.
     * Store might throw an exception, in case the URL-passed SIP is invalid.
100
     *
101
     * @param string $bodytext
102
     */
103
104
    public function __construct(array $t3data = array(), $phpUnit = false) {

105
106
        $this->phpUnit = $phpUnit;

107
        mb_internal_encoding("UTF-8");
108

Carsten  Rose's avatar
Carsten Rose committed
109
110
111
112
113
114
115
116
117
118
        // session.cache_expire
        // session.cookie_lifetime
        // session.gc_maxlifetime

//        $arr1['sessionname'] =   session_name();
//        $arr1['session.auto_start']  = ini_get('session.auto_start');
//        $arr1['session.gc_maxlifetime']  = ini_get('session.gc_maxlifetime');
//        $arr1['session.cookie_lifetime']  = ini_get('session.cookie_lifetime');
//        $arr1['session.name']  = ini_get('session.name');

119
120
121
        // Refresh the session even if no new data saved.
        $_SESSION['LAST_ACTIVITY'] = time();

122
        set_error_handler("\\qfq\\ErrorHandler::exception_error_handler");
123

124
125
126
127
128
        if (!isset($t3data['bodytext']))
            $t3data['bodytext'] = '';
        if (!isset($t3data['uid']))
            $t3data['uid'] = 0;

129
130
131
        $btp = new BodytextParser();
        $t3data['bodytext'] = $btp->process($t3data['bodytext']);

132
133
        $this->t3data = $t3data;

134
135
136
        $bodytext = $this->t3data['bodytext'];

        $this->store = Store::getInstance($bodytext, $phpUnit);
137
        $this->store->setVar(TYPO3_TT_CONTENT_UID, $t3data['uid'], STORE_TYPO3);
138
139
        $this->db = new Database();
        $this->eval = new Evaluate($this->store, $this->db);
Carsten  Rose's avatar
Carsten Rose committed
140
141
    }

142
    /**
143
144
     * Returns the defined forwardMode and set, if necessary, $forwardPage
     *
145
146
147
148
149
150
151
152
     * @param $forwardPage
     * @return mixed
     */
    public function getForwardMode(&$forwardPage) {
        $forwardPage = $this->formSpec['forwardPage'];
        return $this->formSpec['forwardMode'];
    }

153
    /**
154
155
     * Main entrypoint for display content: form or report
     *
156
     * @return string
Carsten  Rose's avatar
Carsten Rose committed
157
     */
158
    public function process() {
159
        $html = '';
160

161
        if ($this->store->getVar(TYPO3_DEBUG_SHOW_BODY_TEXT, STORE_TYPO3) === '1') {
162
163
164
165
            $html .= Support::appendTooltip('', $this->t3data['bodytext']);
        }

        $html .= $this->doForm(FORM_LOAD);
166
        $html .= $this->doReport();
Carsten  Rose's avatar
Carsten Rose committed
167

168
169
170
171
        $class = $this->store->getVar(SYSTEM_CSS_CLASS_QFQ_CONTAINER, STORE_SYSTEM);
        if ($class)
            $html = Support::wrapTag("<div class='$class'>", $html);

172
        return $html;
173
174
    }

175
    /**
176
177
178
179
     * Process form.
     * $mode=FORM_LOAD: The whole form will be rendered as HTML Code, including the values of all form elements
     * $mode=FORM_UPDATE: States and values of all form elements will be returned as JSON.
     * $mode=FORM_SAVE: The submitted form will be saved. Return Failure or Success as JSON.
180
     *
181
182
     * @param $mode   FORM_LOAD | FORM_UPDATE | FORM_SAVE
     * @return array|string
183
     * @throws CodeException
184
     * @throws UserFormException
185
     */
Carsten  Rose's avatar
Carsten Rose committed
186
187
    private function doForm($mode) {
        $data = '';
Carsten  Rose's avatar
Carsten Rose committed
188
        $foundInStore = '';
189

Carsten  Rose's avatar
Carsten Rose committed
190
191
192
193
194
        // Fill STORE_FORM
        if ($mode === FORM_UPDATE || $mode === FORM_SAVE) {
            $fillStoreForm = new FillStoreForm();
            $fillStoreForm->process();
        }
195

Carsten  Rose's avatar
Carsten Rose committed
196
        $formName = $this->loadFormSpecification($mode, $foundInStore);
197
198
199
        if ($formName === false)
            return '';

Carsten  Rose's avatar
Carsten Rose committed
200
        $sipFound = $this->validateForm($foundInStore);
201
202
203
204
205
206
207
        if (!$sipFound) {
            $this->store->createSipAfterFormLoad($formName);
        }
        $this->store->fillStoreTableDefaultColumnType($this->formSpec['tableName']);

        switch ($mode) {
            case FORM_LOAD:
Carsten  Rose's avatar
Carsten Rose committed
208
            case FORM_UPDATE:
209
210
211
212
213
214
215
216
217
218
219
220
221
                switch ($this->formSpec['render']) {
                    case 'plain':
                        $build = new BuildFormPlain($this->formSpec, $this->feSpecAction, $this->feSpecNative);
                        break;
                    case 'table':
                        $build = new BuildFormTable($this->formSpec, $this->feSpecAction, $this->feSpecNative);
                        break;
                    case 'bootstrap':
                        $build = new BuildFormBootstrap($this->formSpec, $this->feSpecAction, $this->feSpecNative);
                        break;
                    default:
                        throw new CodeException("This statement should never be reached", ERROR_CODE_SHOULD_NOT_HAPPEN);
                }
Carsten  Rose's avatar
Carsten Rose committed
222
223

                $data = $build->process($mode);
224
                break;
Carsten  Rose's avatar
Carsten Rose committed
225

226
227
228
229
            case FORM_SAVE:
                $save = new Save($this->formSpec, $this->feSpecAction, $this->feSpecNative);
                $save->process();
                break;
Carsten  Rose's avatar
Carsten Rose committed
230

231
232
233
234
            default:
                throw new CodeException("This statement should never be reached", ERROR_CODE_SHOULD_NOT_HAPPEN);
        }

Carsten  Rose's avatar
Carsten Rose committed
235
        return $data;
236
237
    }

238
    /**
239
     * Load form. Evaluates form. Load FormElements.
240
     *
Carsten  Rose's avatar
Carsten Rose committed
241
     * After processing:
242
243
244
245
     * Loaded Form is in  $this->formSpec
     * Loaded 'action' FormElements are in $this->feSpecAction
     * Loaded 'native' FormElements are in $this->feSpecNative
     *
Carsten  Rose's avatar
Carsten Rose committed
246
247
248
249
     * @param string $mode FORM_LOAD|FORM_SAVE|FORM_UPDATE
     * @param string $foundInStore
     * @return bool|string if found the formName, else 'false'.
     * @throws CodeException
250
     * @throws DbException
251
     * @throws UserFormException
252
     */
Carsten  Rose's avatar
Carsten Rose committed
253
    private function loadFormSpecification($mode, &$foundInStore = '') {
Carsten  Rose's avatar
Carsten Rose committed
254

255
        // formName
Carsten  Rose's avatar
Carsten Rose committed
256
        if (false === ($formName = $this->getFormName($mode, $foundInStore))) {
257
258
            return false;
        }
259
        $this->store->setVar(SYSTEM_FORM, $formName, STORE_SYSTEM);
Carsten  Rose's avatar
Carsten Rose committed
260

261
262
263
264
265
266
267
        // Check if there is a recordId specified in Bodytext - as variable or query.
        $rTmp = $this->store->getVar(CLIENT_RECORD_ID, STORE_TYPO3, SANITIZE_ALLOW_ALL);
        if (false !== $rTmp && !is_int($rTmp)) {
            $rTmp = $this->eval->parse($rTmp);
            $this->store->setVar(CLIENT_RECORD_ID, $rTmp, STORE_TYPO3);
        }

268
269
270
        // Load form
        $form = $this->db->sql("SELECT * FROM Form AS f WHERE f.name LIKE ? AND f.deleted='no'", ROW_EXPECT_1,
            [$formName], 'Form not found or multiple forms with the same name.');
271
272

        $this->formSpec = $this->eval->parseArray($form);
273
        HelperFormElement::explodeParameter($this->formSpec);
274

Carsten  Rose's avatar
Carsten Rose committed
275
276
277
278
        # Set defaults:
        if (!isset($this->formSpec['class']))
            $this->formSpec['class'] = '';

Carsten  Rose's avatar
Carsten Rose committed
279
        // Clear
280
281
        $this->store->setVar(SYSTEM_FORM_ELEMENT, '', STORE_SYSTEM);

282
        // FE: Action
283
284
        $this->feSpecAction = $this->eval->parseArray($this->db->sql(SQL_FORM_ELEMENT_ALL_CONTAINER, ROW_REGULAR,
            ['no', $this->formSpec["id"], 'action']));
285
        HelperFormElement::explodeParameterInArrayElements($this->feSpecAction);
286
287

        // FE: Native & Container
288
289
290
        // "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.feIdContainer = ? AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
        switch ($mode) {
            case FORM_LOAD:
291
292
                $this->feSpecNative = $this->db->sql(SQL_FORM_ELEMENT_SPECIFIC_CONTAINER, ROW_REGULAR,
                    ['no', $this->formSpec["id"], 'native,container', 0]);
293
294
295
                break;

            case FORM_SAVE:
Carsten  Rose's avatar
Carsten Rose committed
296
            case FORM_UPDATE:
297
298
                $this->feSpecNative = $this->db->sql(SQL_FORM_ELEMENT_ALL_CONTAINER, ROW_REGULAR,
                    ['no', $this->formSpec["id"], 'native']);
299
300
301
302
303
                break;

            default:
        }

304
        HelperFormElement::explodeParameterInArrayElements($this->feSpecNative);
305
306

        return $formName;
Carsten  Rose's avatar
Carsten Rose committed
307
308
    }

Carsten  Rose's avatar
Carsten Rose committed
309
    /**
310
311
     * Get the formName from STORE_TYPO3 (bodytext), STORE_SIP or by STORE_CLIENT (URL).
     *
312
313
314
315
316
317
318
319
320
321
322
323
     * FORM_LOAD:
     *   Specified in T3 body text with form=<formname>            Returned Store:Typo3
     *   Specified in T3 body text with form={{form}} ':FSRD'      Returned Store:SIP
     *   Specified in T3 body text with form={{form:C:ALNUMX}}     Returned Store:Client
     *   Specified in T3 body text with form={{SELECT registrationFormName FROM Conference WHERE id={{conferenceId:S0}} }}
     *   Specified in T3 body text with form={{SELECT registrationFormName FROM Conference WHERE id={{conferenceId:C0:DIGIT}} }}
     *   Specified in SIP
     *
     * FORM_SAVE:
     *   Specified in SIP
     *
     *
Carsten  Rose's avatar
Carsten Rose committed
324
     * @param string $mode FORM_LOAD|FORM_SAVE|FORM_UPDATE
Carsten  Rose's avatar
Carsten Rose committed
325
     * @param string $foundInStore
Carsten  Rose's avatar
Carsten Rose committed
326
327
     * @return array|bool|mixed|null|string  Formname (Form.name) or FALSE, if no formname found.
     * @throws CodeException
328
     * @throws UserFormException
Carsten  Rose's avatar
Carsten Rose committed
329
     */
Carsten  Rose's avatar
Carsten Rose committed
330
    private function getFormName($mode, &$foundInStore = '') {
331
        $dummy = array();
Carsten  Rose's avatar
Carsten Rose committed
332

Carsten  Rose's avatar
Carsten Rose committed
333
334
335
336
337
338
339
340
341
342
343
344
        switch ($mode) {
            case FORM_LOAD:
                $store = STORE_TYPO3;
                break;
            case FORM_SAVE:
            case FORM_UPDATE:
                $store = STORE_SIP;
                break;
            default:
                throw new CodeException("Unknown mode: $mode.", ERROR_UNKNOWN_MODE);
        }

345
346
        $storeFormName = $this->store->getVar(SIP_FORM, $store, '', $foundInStore);
        $formName = $this->eval->parse($storeFormName, 0, $dummy, $foundInStore);
Carsten  Rose's avatar
Carsten Rose committed
347

348
349
350
351
352
353
354
355
        // If the formname is '': no formname name.
        if ($formName === '')
            return false;

        // If the formname is surrounded by single ticks: the token (typically 'form') has not been replaced by a value.
        if ($formName[0] === "'" && $formName[strlen($formName) - 1] === "'") {
            return false;
        }
356

357
        return $formName;
358
    }
Carsten  Rose's avatar
Carsten Rose committed
359

360
    /**
Carsten  Rose's avatar
Carsten Rose committed
361
     * Check if loading of the given form is permitted. If not, throw an exception.
362
     *
Carsten  Rose's avatar
Carsten Rose committed
363
364
     * @param $formNameFoundInStore
     * @return bool 'true' if SIP exists, else 'false'
365
     * @throws CodeException
366
     * @throws UserFormException
Carsten  Rose's avatar
Carsten Rose committed
367
     * @internal param $foundInStore
368
     */
Carsten  Rose's avatar
Carsten Rose committed
369
    private function validateForm($formNameFoundInStore) {
370
371

        // Retrieve record_id either from SIP (prefered) or via URL
372
        $r = $this->store->getVar(SIP_RECORD_ID, STORE_SIP . STORE_TYPO3 . STORE_CLIENT, '', $recordIdFoundInStore);
373

Carsten  Rose's avatar
Carsten Rose committed
374
        // If there is a record_id>0: EDIT else NEW: 'sip','logged_in','logged_out','always','never'
375
        $permitMode = ($r > 0) ? $this->formSpec['permitEdit'] : $this->formSpec['permitNew'];
376
377
378
379
380

        $feUserLoggedIn = isset($GLOBALS["TSFE"]->fe_user->user["uid"]) && $GLOBALS["TSFE"]->fe_user->user["uid"] > 0;

        $sipFound = $this->store->getVar(SIP_SIP, STORE_SIP) !== false;

Carsten  Rose's avatar
Carsten Rose committed
381
382
        if ($sipFound) {
            if (($formNameFoundInStore === STORE_CLIENT) || ($recordIdFoundInStore === STORE_CLIENT)) {
383
                throw new UserFormException("SIP exist but FORM or RECORD_ID are given by CLIENT.", ERROR_SIP_EXIST_BUT_OTHER_PARAM_GIVEN_BY_CLIENT);
Carsten  Rose's avatar
Carsten Rose committed
384
385
386
            }
        }

387
        switch ($permitMode) {
388
            case  FORM_PERMISSION_SIP:
Carsten  Rose's avatar
Carsten Rose committed
389
                if (!$sipFound || $formNameFoundInStore !== STORE_SIP || $recordIdFoundInStore !== STORE_SIP) {
390
                    throw new UserFormException("SIP Parameter needed for this form.", ERROR_SIP_NEEDED_FOR_THIS_FORM);
391
392
393
394
                }
                break;
            case  FORM_PERMISSION_LOGGED_IN:
                if (!$feUserLoggedIn) {
395
                    throw new UserFormException("User not logged in.", ERROR_USER_NOT_LOGGED_IN);
396
397
398
399
                }
                break;
            case FORM_PERMISSION_LOGGED_OUT:
                if ($feUserLoggedIn) {
400
                    throw new UserFormException("User logged in.", ERROR_USER_LOGGED_IN);
401
402
403
404
405
                }
                break;
            case FORM_PERMISSION_ALWAYS:
                break;
            case FORM_PERMISSION_NEVER:
406
                throw new UserFormException("Loading form forbidden.", ERROR_FORM_FORBIDDEN);
407
            default:
408
                throw new CodeException("Unknown permission mode: '" . $permitMode . "'", ERROR_FORM_UNKNOWN_PERMISSION_MODE);
409
        }
Carsten  Rose's avatar
Carsten Rose committed
410

Carsten  Rose's avatar
Carsten Rose committed
411
        // Form Definition valid?
412
        if ($this->formSpec['multiMode'] !== 'none' && $this->formSpec['multiSql'] === '') {
413
            throw new UserFormException("MultiMode selected, but MultiSQL missing", ERROR_MULTI_SQL_MISSING);
Carsten  Rose's avatar
Carsten Rose committed
414
415
        }

416
        return $sipFound;
417
    }
Carsten  Rose's avatar
Carsten Rose committed
418

419
    /**
420
421
     * Process the SQL Queries from bodytext. Return the output.
     *
422
423
     * @return string
     */
424
    private function doReport() {
425
        $report = new Report($this->t3data, $this->store->getVar(SYSTEM_SESSION_NAME, STORE_SYSTEM), $this->eval, $this->phpUnit);
426

427
        $html = $report->process();
428
429
430
431
432

        return $html;

    }

433
    /**
434
435
     * Save the current form.
     *
436
437
438
439
     * @return string
     */
    public function saveForm() {

Carsten  Rose's avatar
Carsten Rose committed
440
        $html = $this->doForm(FORM_SAVE);
441
442
443
444

        return $html;
    }

Carsten  Rose's avatar
Carsten Rose committed
445
446
447
448
449
450
451
452
453
454
455
456
457
    /**
     * Update FormElements and form values. Receives the current form values via POST.
     *
     * @return array
     * @throws CodeException
     */
    public function updateForm() {

        $json = $this->doForm(FORM_UPDATE);

        return $json;
    }

458
459
460
461
462
    /**
     * Delete a record (tablename and recordid are given) or process a 'delete form'
     *
     * @throws CodeException
     * @throws DbException
463
     * @throws UserFormException
464
465
466
467
468
469
470
471
472
     */
    public function delete() {

        #TODO: implement 'delete form'

        // simple delete: table and recordId are given
        $recordId = $this->store->getVar(SIP_RECORD_ID, STORE_SIP);
        $table = $this->store->getVar(SIP_TABLE, STORE_SIP);

Carsten  Rose's avatar
Carsten Rose committed
473
        if ($recordId === false || $recordId < 1 || $table === false || $table === '') {
474
            throw new UserFormException("Invalid or missing parameter: recordId=$recordId, table=$table", ERROR_INVALID_OR_MISSING_PARAMETER);
475
476
        }

Carsten  Rose's avatar
Carsten Rose committed
477
        $this->db->sql("DELETE FROM $table WHERE id = ? LIMIT 1", ROW_REGULAR, [$recordId]);
478
479
    }

480
}