QuickFormQuery.php 18.3 KB
Newer Older
1
2
3
4
5
6
7
8
<?php
/**
 * Created by PhpStorm.
 * User: ep
 * Date: 12/23/15
 * Time: 6:33 PM
 */

Carsten  Rose's avatar
Carsten Rose committed
9

10
11
namespace qfq;

Carsten  Rose's avatar
Carsten Rose committed
12
use qfq;
13
14
15
16
17
18
19
20
21

//use qfq\Report;

//use qfq\BuildFormPlain;
//use qfq\BuildFormTable;
//use qfq\BuildFormBootstrap;
//use qfq\UserException;
//use qfq\CodeException;
//use qfq\DbException;
22
//use qfq\helper;
23
//use qfq\Store;
Carsten  Rose's avatar
Carsten Rose committed
24

Carsten  Rose's avatar
Carsten Rose committed
25

26
require_once(__DIR__ . '/../qfq/store/Store.php');
Carsten  Rose's avatar
Carsten Rose committed
27
require_once(__DIR__ . '/../qfq/store/FillStoreForm.php');
Carsten  Rose's avatar
Carsten Rose committed
28
require_once(__DIR__ . '/../qfq/Constants.php');
29
require_once(__DIR__ . '/../qfq/Save.php');
Carsten  Rose's avatar
Carsten Rose committed
30
require_once(__DIR__ . '/../qfq/helper/KeyValueStringParser.php');
31
require_once(__DIR__ . '/../qfq/helper/HelperFormElement.php');
32
require_once(__DIR__ . '/../qfq/exceptions/UserFormException.php');
33
34
require_once(__DIR__ . '/../qfq/exceptions/CodeException.php');
require_once(__DIR__ . '/../qfq/exceptions/DbException.php');
35
require_once(__DIR__ . '/../qfq/exceptions/ErrorHandler.php');
36
require_once(__DIR__ . '/../qfq/Database.php');
Carsten  Rose's avatar
Carsten Rose committed
37
require_once(__DIR__ . '/../qfq/Evaluate.php');
38
39
40
require_once(__DIR__ . '/../qfq/BuildFormPlain.php');
require_once(__DIR__ . '/../qfq/BuildFormTable.php');
require_once(__DIR__ . '/../qfq/BuildFormBootstrap.php');
41
require_once(__DIR__ . '/../qfq/report/Report.php');
42
require_once(__DIR__ . '/../qfq/BodytextParser.php');
43

44
45
46
47
48
49
50
51
52
53
54
55
/*
 * Form will be called
 * a) with a SIP identifier, or
 * b) without a SIP identifier (form setting has to allow this) and will create on the fly a new SIP.
 *
 * The SIP-Store stores:
 *  form=<formname>
 *  r=<record id>  (table.id for a single record form)
 *  keySemId,keySemIduser
 *  <further individual variables>
 */

Carsten  Rose's avatar
Carsten Rose committed
56
/**
57
 * Class Qfq
Carsten  Rose's avatar
Carsten Rose committed
58
59
 * @package qfq
 */
60
class QuickFormQuery {
61
    /**
62
     * @var \qfq\Store instantiated class
63
     */
Carsten  Rose's avatar
Carsten Rose committed
64
    protected $store = null;
65
66
67
    /**
     * @var Database instantiated class
     */
68
    protected $db = null;
69
70
71
72
    /**
     * @var Evaluate instantiated class
     */
    protected $eval = null;
73
74
75
76
77
78
79
    protected $formSpec = array();
    protected $feSpecAction = array();  // Form Definition: copy of the loaded form
    protected $feSpecNative = array(); // FormEelement Definition: all formElement.class='action' of the loaded form
    /**
     * @var array
     */
    private $t3data = array(); // FormEelement Definition: all formElement.class='native' of the loaded form
80

81
82
    private $phpUnit = false;

83
84
85
86
87
88
89
90
91
92
93
    /*
     * TODO:
     *  Preparation: setup logging, database access, record locking
     *  fill stores
     *  Check permission_create / permission_update
     *  Multi: iterate over all records, Single: activate record
     *      Check mode: Load | Save
     *      doActions 'Before'
     *      Do all FormElements
     *      doActions 'After'
     */
94

95
96
97
98
99
    /**
     * Construct the Form Class and Store too. This is the base initialization moment.
     *
     * As a result of instantiating of Form, the class Store will initially called the first time and therefore instantiated automatically.
     * Store might throw an exception, in case the URL-passed SIP is invalid.
100
     *
101
     * @param string $bodytext
102
     */
103
104
    public function __construct(array $t3data = array(), $phpUnit = false) {

105
106
        $this->phpUnit = $phpUnit;

107
        mb_internal_encoding("UTF-8");
108

Carsten  Rose's avatar
Carsten Rose committed
109
110
111
112
113
114
115
116
117
118
        // session.cache_expire
        // session.cookie_lifetime
        // session.gc_maxlifetime

//        $arr1['sessionname'] =   session_name();
//        $arr1['session.auto_start']  = ini_get('session.auto_start');
//        $arr1['session.gc_maxlifetime']  = ini_get('session.gc_maxlifetime');
//        $arr1['session.cookie_lifetime']  = ini_get('session.cookie_lifetime');
//        $arr1['session.name']  = ini_get('session.name');

119
120
121
        // Refresh the session even if no new data saved.
        $_SESSION['LAST_ACTIVITY'] = time();

122
        set_error_handler("\\qfq\\ErrorHandler::exception_error_handler");
123

124
125
126
127
128
        if (!isset($t3data['bodytext']))
            $t3data['bodytext'] = '';
        if (!isset($t3data['uid']))
            $t3data['uid'] = 0;

129
130
131
        $btp = new BodytextParser();
        $t3data['bodytext'] = $btp->process($t3data['bodytext']);

132
133
        $this->t3data = $t3data;

134
135
136
        $bodytext = $this->t3data['bodytext'];

        $this->store = Store::getInstance($bodytext, $phpUnit);
137
        $this->store->setVar(TYPO3_TT_CONTENT_UID, $t3data['uid'], STORE_TYPO3);
138
139
        $this->db = new Database();
        $this->eval = new Evaluate($this->store, $this->db);
Carsten  Rose's avatar
Carsten Rose committed
140
141
    }

142
    /**
143
144
     * Returns the defined forwardMode and set, if necessary, $forwardPage
     *
145
146
147
148
149
150
151
152
     * @param $forwardPage
     * @return mixed
     */
    public function getForwardMode(&$forwardPage) {
        $forwardPage = $this->formSpec['forwardPage'];
        return $this->formSpec['forwardMode'];
    }

153
    /**
154
155
     * Main entrypoint for display content: form or report
     *
156
     * @return string
Carsten  Rose's avatar
Carsten Rose committed
157
     */
158
    public function process() {
159
        $html = '';
160

161
        if ($this->store->getVar(TYPO3_DEBUG_SHOW_BODY_TEXT, STORE_TYPO3) === '1') {
162
163
164
165
            $html .= Support::appendTooltip('', $this->t3data['bodytext']);
        }

        $html .= $this->doForm(FORM_LOAD);
166
        $html .= $this->doReport();
Carsten  Rose's avatar
Carsten Rose committed
167

168
169
170
171
        $class = $this->store->getVar(SYSTEM_CSS_CLASS_QFQ_CONTAINER, STORE_SYSTEM);
        if ($class)
            $html = Support::wrapTag("<div class='$class'>", $html);

172
        return $html;
173
174
    }

175
    /**
176
177
178
179
     * Process form.
     * $mode=FORM_LOAD: The whole form will be rendered as HTML Code, including the values of all form elements
     * $mode=FORM_UPDATE: States and values of all form elements will be returned as JSON.
     * $mode=FORM_SAVE: The submitted form will be saved. Return Failure or Success as JSON.
180
     *
181
     * @param string $mode FORM_LOAD | FORM_UPDATE | FORM_SAVE
182
     * @return array|string
183
     * @throws CodeException
184
     * @throws UserFormException
185
     */
Carsten  Rose's avatar
Carsten Rose committed
186
187
    private function doForm($mode) {
        $data = '';
Carsten  Rose's avatar
Carsten Rose committed
188
        $foundInStore = '';
189

Carsten  Rose's avatar
Carsten Rose committed
190
191
192
193
194
        // Fill STORE_FORM
        if ($mode === FORM_UPDATE || $mode === FORM_SAVE) {
            $fillStoreForm = new FillStoreForm();
            $fillStoreForm->process();
        }
195

Carsten  Rose's avatar
Carsten Rose committed
196
        $formName = $this->loadFormSpecification($mode, $foundInStore);
197
198
199
        if ($formName === false)
            return '';

Carsten  Rose's avatar
Carsten Rose committed
200
        $sipFound = $this->validateForm($foundInStore);
201
202
203
204
205
        if (!$sipFound) {
            $this->store->createSipAfterFormLoad($formName);
        }
        $this->store->fillStoreTableDefaultColumnType($this->formSpec['tableName']);

206
207
208
209
210
211
212
213
214
215
216
217
218
219
        switch ($this->formSpec['render']) {
            case 'plain':
                $build = new BuildFormPlain($this->formSpec, $this->feSpecAction, $this->feSpecNative);
                break;
            case 'table':
                $build = new BuildFormTable($this->formSpec, $this->feSpecAction, $this->feSpecNative);
                break;
            case 'bootstrap':
                $build = new BuildFormBootstrap($this->formSpec, $this->feSpecAction, $this->feSpecNative);
                break;
            default:
                throw new CodeException("This statement should never be reached", ERROR_CODE_SHOULD_NOT_HAPPEN);
        }

220
221
        switch ($mode) {
            case FORM_LOAD:
Carsten  Rose's avatar
Carsten Rose committed
222
223
224
            case FORM_UPDATE:

                $data = $build->process($mode);
225
                break;
Carsten  Rose's avatar
Carsten Rose committed
226

227
228
            case FORM_SAVE:
                $save = new Save($this->formSpec, $this->feSpecAction, $this->feSpecNative);
229
230
231
232
233
234
235
236
237
238
239
240
241
242
                $rc = $save->process();

                // Reload fresh saved record and fill STORE_RECORD with it
                $record = $this->db->sql("SELECT * FROM " . $this->formSpec['tableName'] . " WHERE id = ?", ROW_EXPECT_1, [$rc]);
                $this->store->setVarArray($record, STORE_RECORD, true);

                $htmlElementNameIdZero = false;
                // Retrieve current STORE_SIP.
                $sipArray = $this->store->getStore(STORE_SIP);
                if ($sipArray[SIP_RECORD_ID] == 0) {
                    // After insert: a new SIP for the new record id is required
                    $this->newRecordCreateSip($sipArray, $rc);
                    $htmlElementNameIdZero = true;
                }
243
244

                // Retrieve FE Values as JSON
245
                $data = $build->process($mode, $htmlElementNameIdZero);
246
                break;
Carsten  Rose's avatar
Carsten Rose committed
247

248
249
250
251
            default:
                throw new CodeException("This statement should never be reached", ERROR_CODE_SHOULD_NOT_HAPPEN);
        }

Carsten  Rose's avatar
Carsten Rose committed
252
        return $data;
253
254
    }

255
    /**
256
     * Load form. Evaluates form. Load FormElements.
257
     *
Carsten  Rose's avatar
Carsten Rose committed
258
     * After processing:
259
260
261
262
     * Loaded Form is in  $this->formSpec
     * Loaded 'action' FormElements are in $this->feSpecAction
     * Loaded 'native' FormElements are in $this->feSpecNative
     *
Carsten  Rose's avatar
Carsten Rose committed
263
264
265
266
     * @param string $mode FORM_LOAD|FORM_SAVE|FORM_UPDATE
     * @param string $foundInStore
     * @return bool|string if found the formName, else 'false'.
     * @throws CodeException
267
     * @throws DbException
268
     * @throws UserFormException
269
     */
Carsten  Rose's avatar
Carsten Rose committed
270
    private function loadFormSpecification($mode, &$foundInStore = '') {
Carsten  Rose's avatar
Carsten Rose committed
271

272
        // formName
Carsten  Rose's avatar
Carsten Rose committed
273
        if (false === ($formName = $this->getFormName($mode, $foundInStore))) {
274
275
            return false;
        }
276
        $this->store->setVar(SYSTEM_FORM, $formName, STORE_SYSTEM);
Carsten  Rose's avatar
Carsten Rose committed
277

278
279
280
281
282
283
284
        // Check if there is a recordId specified in Bodytext - as variable or query.
        $rTmp = $this->store->getVar(CLIENT_RECORD_ID, STORE_TYPO3, SANITIZE_ALLOW_ALL);
        if (false !== $rTmp && !is_int($rTmp)) {
            $rTmp = $this->eval->parse($rTmp);
            $this->store->setVar(CLIENT_RECORD_ID, $rTmp, STORE_TYPO3);
        }

285
286
287
        // Load form
        $form = $this->db->sql("SELECT * FROM Form AS f WHERE f.name LIKE ? AND f.deleted='no'", ROW_EXPECT_1,
            [$formName], 'Form not found or multiple forms with the same name.');
288
289

        $this->formSpec = $this->eval->parseArray($form);
290
        HelperFormElement::explodeParameter($this->formSpec);
291

Carsten  Rose's avatar
Carsten Rose committed
292
293
294
295
        # Set defaults:
        if (!isset($this->formSpec['class']))
            $this->formSpec['class'] = '';

Carsten  Rose's avatar
Carsten Rose committed
296
        // Clear
297
298
        $this->store->setVar(SYSTEM_FORM_ELEMENT, '', STORE_SYSTEM);

299
        // FE: Action
300
301
        $this->feSpecAction = $this->eval->parseArray($this->db->sql(SQL_FORM_ELEMENT_ALL_CONTAINER, ROW_REGULAR,
            ['no', $this->formSpec["id"], 'action']));
302
        HelperFormElement::explodeParameterInArrayElements($this->feSpecAction);
303
304

        // FE: Native & Container
305
306
307
        // "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.feIdContainer = ? AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
        switch ($mode) {
            case FORM_LOAD:
308
309
                $this->feSpecNative = $this->db->sql(SQL_FORM_ELEMENT_SPECIFIC_CONTAINER, ROW_REGULAR,
                    ['no', $this->formSpec["id"], 'native,container', 0]);
310
311
312
                break;

            case FORM_SAVE:
Carsten  Rose's avatar
Carsten Rose committed
313
            case FORM_UPDATE:
314
315
                $this->feSpecNative = $this->db->sql(SQL_FORM_ELEMENT_ALL_CONTAINER, ROW_REGULAR,
                    ['no', $this->formSpec["id"], 'native']);
316
317
318
319
320
                break;

            default:
        }

321
        HelperFormElement::explodeParameterInArrayElements($this->feSpecNative);
322
323

        return $formName;
Carsten  Rose's avatar
Carsten Rose committed
324
325
    }

Carsten  Rose's avatar
Carsten Rose committed
326
    /**
327
328
     * Get the formName from STORE_TYPO3 (bodytext), STORE_SIP or by STORE_CLIENT (URL).
     *
329
330
331
332
333
334
335
336
337
338
339
340
     * FORM_LOAD:
     *   Specified in T3 body text with form=<formname>            Returned Store:Typo3
     *   Specified in T3 body text with form={{form}} ':FSRD'      Returned Store:SIP
     *   Specified in T3 body text with form={{form:C:ALNUMX}}     Returned Store:Client
     *   Specified in T3 body text with form={{SELECT registrationFormName FROM Conference WHERE id={{conferenceId:S0}} }}
     *   Specified in T3 body text with form={{SELECT registrationFormName FROM Conference WHERE id={{conferenceId:C0:DIGIT}} }}
     *   Specified in SIP
     *
     * FORM_SAVE:
     *   Specified in SIP
     *
     *
Carsten  Rose's avatar
Carsten Rose committed
341
     * @param string $mode FORM_LOAD|FORM_SAVE|FORM_UPDATE
Carsten  Rose's avatar
Carsten Rose committed
342
     * @param string $foundInStore
Carsten  Rose's avatar
Carsten Rose committed
343
344
     * @return array|bool|mixed|null|string  Formname (Form.name) or FALSE, if no formname found.
     * @throws CodeException
345
     * @throws UserFormException
Carsten  Rose's avatar
Carsten Rose committed
346
     */
Carsten  Rose's avatar
Carsten Rose committed
347
    private function getFormName($mode, &$foundInStore = '') {
348
        $dummy = array();
Carsten  Rose's avatar
Carsten Rose committed
349

Carsten  Rose's avatar
Carsten Rose committed
350
351
352
353
354
355
        switch ($mode) {
            case FORM_LOAD:
                $store = STORE_TYPO3;
                break;
            case FORM_SAVE:
            case FORM_UPDATE:
356
            $store = STORE_SIP;
Carsten  Rose's avatar
Carsten Rose committed
357
358
359
360
361
                break;
            default:
                throw new CodeException("Unknown mode: $mode.", ERROR_UNKNOWN_MODE);
        }

362
363
        $storeFormName = $this->store->getVar(SIP_FORM, $store, '', $foundInStore);
        $formName = $this->eval->parse($storeFormName, 0, $dummy, $foundInStore);
Carsten  Rose's avatar
Carsten Rose committed
364

365
366
367
368
369
370
371
372
        // If the formname is '': no formname name.
        if ($formName === '')
            return false;

        // If the formname is surrounded by single ticks: the token (typically 'form') has not been replaced by a value.
        if ($formName[0] === "'" && $formName[strlen($formName) - 1] === "'") {
            return false;
        }
373

374
        return $formName;
375
    }
Carsten  Rose's avatar
Carsten Rose committed
376

377
    /**
Carsten  Rose's avatar
Carsten Rose committed
378
     * Check if loading of the given form is permitted. If not, throw an exception.
379
     *
Carsten  Rose's avatar
Carsten Rose committed
380
381
     * @param $formNameFoundInStore
     * @return bool 'true' if SIP exists, else 'false'
382
     * @throws CodeException
383
     * @throws UserFormException
Carsten  Rose's avatar
Carsten Rose committed
384
     * @internal param $foundInStore
385
     */
Carsten  Rose's avatar
Carsten Rose committed
386
    private function validateForm($formNameFoundInStore) {
387
388

        // Retrieve record_id either from SIP (prefered) or via URL
389
        $r = $this->store->getVar(SIP_RECORD_ID, STORE_SIP . STORE_TYPO3 . STORE_CLIENT, '', $recordIdFoundInStore);
390

Carsten  Rose's avatar
Carsten Rose committed
391
        // If there is a record_id>0: EDIT else NEW: 'sip','logged_in','logged_out','always','never'
392
        $permitMode = ($r > 0) ? $this->formSpec['permitEdit'] : $this->formSpec['permitNew'];
393
394
395
396
397

        $feUserLoggedIn = isset($GLOBALS["TSFE"]->fe_user->user["uid"]) && $GLOBALS["TSFE"]->fe_user->user["uid"] > 0;

        $sipFound = $this->store->getVar(SIP_SIP, STORE_SIP) !== false;

Carsten  Rose's avatar
Carsten Rose committed
398
399
        if ($sipFound) {
            if (($formNameFoundInStore === STORE_CLIENT) || ($recordIdFoundInStore === STORE_CLIENT)) {
400
                throw new UserFormException("SIP exist but FORM or RECORD_ID are given by CLIENT.", ERROR_SIP_EXIST_BUT_OTHER_PARAM_GIVEN_BY_CLIENT);
Carsten  Rose's avatar
Carsten Rose committed
401
402
403
            }
        }

404
        switch ($permitMode) {
405
            case  FORM_PERMISSION_SIP:
Carsten  Rose's avatar
Carsten Rose committed
406
                if (!$sipFound || $formNameFoundInStore !== STORE_SIP || $recordIdFoundInStore !== STORE_SIP) {
407
                    throw new UserFormException("SIP Parameter needed for this form.", ERROR_SIP_NEEDED_FOR_THIS_FORM);
408
409
410
411
                }
                break;
            case  FORM_PERMISSION_LOGGED_IN:
                if (!$feUserLoggedIn) {
412
                    throw new UserFormException("User not logged in.", ERROR_USER_NOT_LOGGED_IN);
413
414
415
416
                }
                break;
            case FORM_PERMISSION_LOGGED_OUT:
                if ($feUserLoggedIn) {
417
                    throw new UserFormException("User logged in.", ERROR_USER_LOGGED_IN);
418
419
420
421
422
                }
                break;
            case FORM_PERMISSION_ALWAYS:
                break;
            case FORM_PERMISSION_NEVER:
423
                throw new UserFormException("Loading form forbidden.", ERROR_FORM_FORBIDDEN);
424
            default:
425
                throw new CodeException("Unknown permission mode: '" . $permitMode . "'", ERROR_FORM_UNKNOWN_PERMISSION_MODE);
426
        }
Carsten  Rose's avatar
Carsten Rose committed
427

Carsten  Rose's avatar
Carsten Rose committed
428
        // Form Definition valid?
429
        if ($this->formSpec['multiMode'] !== 'none' && $this->formSpec['multiSql'] === '') {
430
            throw new UserFormException("MultiMode selected, but MultiSQL missing", ERROR_MULTI_SQL_MISSING);
Carsten  Rose's avatar
Carsten Rose committed
431
432
        }

433
        return $sipFound;
434
    }
Carsten  Rose's avatar
Carsten Rose committed
435

436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
    /**
     * @param $sipArray
     * @param $recordId
     */
    private function newRecordCreateSip($sipArray, $recordId) {

        $tmpParam = array();

        foreach ($sipArray as $key => $value) {
            switch ($key) {
                case SIP_SIP:
                case SIP_URLPARAM:
                case SIP_TABLE:
                    continue;

                case SIP_RECORD_ID:
                    $tmpParam[SIP_RECORD_ID] = $recordId;
                    break;
                default:
                    // further vars stored in old SIP (form, maybe default values)
                    $tmpParam[$key] = $value;
                    break;
            }
        }

        // Construct fake urlparam
        $tmpUrlparam = OnArray::toString($tmpParam);

        // Create a SIP which has never been passed by URL - further processing might expect this to exist.
        $sip = store::getSipInstance()->queryStringToSip($tmpUrlparam, RETURN_SIP);
        $this->store->setVar(CLIENT_SIP, $sip, STORE_CLIENT);

        // Overwrite SIP Store
        $tmpParam[SIP_SIP] = $sip;
        $this->store->setVarArray($tmpParam, STORE_SIP, true);
    }

473
    /**
474
475
     * Process the SQL Queries from bodytext. Return the output.
     *
476
477
     * @return string
     */
478
    private function doReport() {
479
        $report = new Report($this->t3data, $this->store->getVar(SYSTEM_SESSION_NAME, STORE_SYSTEM), $this->eval, $this->phpUnit);
480

481
        $html = $report->process();
482
483
484
485
486

        return $html;

    }

487
    /**
488
489
     * Save the current form.
     *
490
491
492
493
     * @return string
     */
    public function saveForm() {

494
        $json = $this->doForm(FORM_SAVE);
495

496
        return $json;
497
498
    }

Carsten  Rose's avatar
Carsten Rose committed
499
500
501
502
503
504
505
506
507
508
509
510
511
    /**
     * Update FormElements and form values. Receives the current form values via POST.
     *
     * @return array
     * @throws CodeException
     */
    public function updateForm() {

        $json = $this->doForm(FORM_UPDATE);

        return $json;
    }

512
513
514
515
516
    /**
     * Delete a record (tablename and recordid are given) or process a 'delete form'
     *
     * @throws CodeException
     * @throws DbException
517
     * @throws UserFormException
518
519
520
521
522
523
524
525
526
     */
    public function delete() {

        #TODO: implement 'delete form'

        // simple delete: table and recordId are given
        $recordId = $this->store->getVar(SIP_RECORD_ID, STORE_SIP);
        $table = $this->store->getVar(SIP_TABLE, STORE_SIP);

Carsten  Rose's avatar
Carsten Rose committed
527
        if ($recordId === false || $recordId < 1 || $table === false || $table === '') {
528
            throw new UserFormException("Invalid or missing parameter: recordId=$recordId, table=$table", ERROR_INVALID_OR_MISSING_PARAMETER);
529
530
        }

Carsten  Rose's avatar
Carsten Rose committed
531
        $this->db->sql("DELETE FROM $table WHERE id = ? LIMIT 1", ROW_REGULAR, [$recordId]);
532
533
    }

534
}