Store.php

<?php
/**
 * Created by PhpStorm.
 * User: crose
 * Date: 1/1/16
 * Time: 6:51 PM
 */

namespace qfq;

use qfq\CodeException;
use qfq\keyValueStringParser;
use qfq\OnArray;
use qfq;

require_once(__DIR__ . '/../../qfq/helper/KeyValueStringParser.php');
require_once(__DIR__ . '/../../qfq/helper/Sanitize.php');
require_once(__DIR__ . '/../../qfq/Constants.php');
require_once(__DIR__ . '/../../qfq/store/Sip.php');
require_once(__DIR__ . '/../../qfq/Database.php');


/*
 * Stores:
 * - SIP
 * - webVar
 * - record
 * - form
 * - formElement
 */

/**
 * Class Store
 * @package qfq
 */
class Store {

    /**
     * @var Store Instance of class Store. There should only be one class 'Store' at a time.
     */
    private static $instance = null;

    /**
     * @var Sip Instance of class SIP
     */
    private static $sip = null;

    /**
     * @var array Stores all indiviudal stores with the variable raw values
     *
     * $raw['D']['id'] = 0  - Defaultvalues from Tabledefinition
     * ...
     * $raw['S']['r'] = 1234 - record ID from current SIP identifier
     * ...
     * $raw['C']['HTTP_SERVER'] = 'qfq' - Servername
     * $raw['C']['s'] = 'badcaffee1234' - recent SIP
     */
    private static $raw = array();

    /**
     * @var array Default sanitize classes.
     */
    private static $sanitizeClass = array();

    /**
     * $sanitizeClass['S'] = false
     * $sanitizeClass['C'] = true
     * ...
     *
     * @var array each entry with true/false - depending if store needs to be sanitized.
     */
    private static $sanitizeStore = array();

    private static $phpUnit = false;

    /**
     * @param string $bodytext
     */
    private function __construct($bodytext = '') {

        self::$sanitizeClass = [
//            TYPO3_DEBUG_LOAD => SANITIZE_ALLOW_DIGIT,
//            TYPO3_DEBUG_SAVE => SANITIZE_ALLOW_DIGIT,
//            TYPO3_FORM => SANITIZE_ALLOW_ALNUMX,
//            TYPO3_FE_USER => SANITIZE_ALLOW_ALNUMX,
//            TYPO3_FE_USER_UID => SANITIZE_ALLOW_DIGIT,
//            TYPO3_FE_USER_GROUP => SANITIZE_ALLOW_ALNUMX,

            CLIENT_SIP => SANITIZE_ALLOW_ALNUMX,
            CLIENT_RECORD_ID => SANITIZE_ALLOW_DIGIT,
            CLIENT_KEY_SEM_ID => SANITIZE_ALLOW_DIGIT,
            CLIENT_KEY_SEM_ID_USER => SANITIZE_ALLOW_DIGIT,
            CLIENT_PAGE_ID => SANITIZE_ALLOW_DIGIT,
            CLIENT_PAGE_TYPE => SANITIZE_ALLOW_DIGIT,
            CLIENT_PAGE_LANGUAGE => SANITIZE_ALLOW_DIGIT,
            CLIENT_FORM => SANITIZE_ALLOW_ALNUMX,

            // Part of $_SERVER. Missing vars must be requested individual with the needed sanitize class.
            CLIENT_SCRIPT_URL => SANITIZE_ALLOW_ALNUMX,
            CLIENT_SCRIPT_URI => SANITIZE_ALLOW_ALNUMX,
            CLIENT_HTTP_HOST => SANITIZE_ALLOW_ALNUMX,
            CLIENT_HTTP_USER_AGENT => SANITIZE_ALLOW_ALNUMX,
            CLIENT_SERVER_NAME => SANITIZE_ALLOW_ALNUMX,
            CLIENT_SERVER_ADDRESS => SANITIZE_ALLOW_ALNUMX,
            CLIENT_SERVER_PORT => SANITIZE_ALLOW_DIGIT,
            CLIENT_REMOTE_ADDRESS => SANITIZE_ALLOW_ALNUMX,
            CLIENT_REQUEST_SCHEME => SANITIZE_ALLOW_ALNUMX,
            CLIENT_SCRIPT_FILENAME => SANITIZE_ALLOW_ALNUMX,
            CLIENT_QUERY_STRING => SANITIZE_ALLOW_ALL,
            CLIENT_REQUEST_URI => SANITIZE_ALLOW_ALL,
            CLIENT_SCRIPT_NAME => SANITIZE_ALLOW_ALNUMX,
            CLIENT_PHP_SELF => SANITIZE_ALLOW_ALNUMX,

//            SYSTEM_DBUSER => SANITIZE_ALLOW_ALNUMX,
//            SYSTEM_DBSERVER => SANITIZE_ALLOW_ALNUMX,
//            SYSTEM_DBPW => SANITIZE_ALLOW_ALL,
//            SYSTEM_DB => SANITIZE_ALLOW_ALNUMX,
//            SYSTEM_TESTDB => SANITIZE_ALLOW_ALNUMX,
//            SYSTEM_SESSIONNAME => SANITIZE_ALLOW_ALNUMX,
//            SYSTEM_DBH => SANITIZE_ALLOW_ALL,

//            SYSTEM_SQL_RAW => SANITIZE_ALLOW_ALL,
//            SYSTEM_SQL_FINAL => SANITIZE_ALLOW_ALL,
//            SYSTEM_SQL_COUNT => SANITIZE_ALLOW_DIGIT,
//            SYSTEM_SQL_PARAM_ARRAY => SANITIZE_ALLOW_ALL,

//            SIP_SIP => SANITIZE_ALLOW_ALNUMX,
//            SIP_RECORD_ID => SANITIZE_ALLOW_DIGIT,
//            SIP_FORM => SANITIZE_ALLOW_ALNUMX,
//            SIP_URLPARAM => SANITIZE_ALLOW_ALL

        ];

        self::$sanitizeStore = [
            STORE_FORM => true,
            STORE_SIP => false,
            STORE_RECORD => false,
            STORE_PARENT_RECORD => false,
            STORE_TABLE_DEFAULT => false,
            STORE_TABLE_COLUMN_TYPES => false,
            STORE_CLIENT => true,
            STORE_TYPO3 => false,
            STORE_ZERO => false,
            STORE_SYSTEM => false,
            STORE_EXTRA => true
        ];

        self::fillSystemStore();
        self::fillStoreTypo3($bodytext);
        self::fillStoreClient();
        self::fillStoreSip();
        self::fillStoreExtra();
    }

    /**
     * @throws CodeException
     * @throws qfq\UserFormException
     */
    private static function fillSystemStore() {
        try {
            //TODO: Vernuenftige Fehlermeldung falls nicht auf qfq.ini zugegriffen werden kann.
            //TODO: sinnvollen Platz fuer qfq.ini bestimmen. In der Installationsdoku erwaehnen.
            $config = parse_ini_file(__DIR__ . '/../../../' . CONFIG_INI, false);

            //TODO: auskommentiert weil dann die Unittests nicht mehr laufen. Sollte eigentlich wieder aktiviert werden.
//            $config['SQLLOG'] = Support::ifRelativePathPrependExtensionPath($config['SQLLOG']);

        } catch (\Exception $e) {
            throw new qfq\UserFormException ("Error read file " . CONFIG_INI . ": " . $e->getMessage(), ERROR_IO_READ_FILE);
        }

        // Adjust config
        if (!isset($config['SHOW_DEBUG_INFO']) || $config['SHOW_DEBUG_INFO'] === 'auto') {
            $config['SHOW_DEBUG_INFO'] = (isset($GLOBALS["TSFE"]->beUserLogin) && $GLOBALS["TSFE"]->beUserLogin === true) ? 'yes' : 'no';
        }

        // SYSTEM_PATH_EXT: compute only if not already defined.
        if (!isset($config[SYSTEM_PATH_EXT]) || $config[SYSTEM_PATH_EXT] === '' || $config[SYSTEM_PATH_EXT][0] !== '/') {
            $relExtDir = '/typo3conf/ext/' . EXT_KEY;

            // If we are called through AJAX API (e.g. api/save.php), there is no TYPO3 environment.
            if (isset($_SERVER['SCRIPT_FILENAME'])) {
                $pos = strpos($_SERVER['SCRIPT_FILENAME'], $relExtDir);
                if ($pos === false && isset($GLOBALS['TYPO3_LOADED_EXT'][EXT_KEY]['ext_localconf.php'])) {

                    // probably: index.php - THERE should be a TYPO3 environment.
                    $config[SYSTEM_PATH_EXT] = dirname($GLOBALS['TYPO3_LOADED_EXT'][EXT_KEY]['ext_localconf.php']);
                } else {
                    $config[SYSTEM_PATH_EXT] = substr($_SERVER['SCRIPT_FILENAME'], 0, $pos + strlen($relExtDir));
                }
            }
        }

        // Defaults
        Support::setIfNotSet($config, SYSTEM_DATE_FORMAT, 'yyyy-mm-dd');

        // make SQL PATH absolute. This is necessary to work in different directories correctly.
        if (isset($config[SYSTEM_SQL_LOG]) && $config[SYSTEM_SQL_LOG][0] !== '/') {
            $config[SYSTEM_SQL_LOG] = $config[SYSTEM_PATH_EXT] . '/' . $config[SYSTEM_SQL_LOG];
        }


        self::setVarArray($config, STORE_SYSTEM, true);
    }

    /**
     * @param array $dataArray
     * @param $store
     * @param bool|false $flagOverwrite
     * @throws UserFormException
     * @throws \qfq\CodeException
     */
    public static function setVarArray(array $dataArray, $store, $flagOverwrite = false) {
        // Check valid Storename
        if (!isset(self::$sanitizeStore))
            throw new UserFormException("Unknown Store: $store", ERROR_UNNOWN_STORE);


        if ($store === STORE_ZERO)
            throw new CodeException("setVarArray() for STORE_ZERO is impossible - there are no values.", ERROR_SET_STORE_ZERO);

        if (!$flagOverwrite && isset(self::$raw[$store]) && count(self::$raw[$store]) > 0) {
            throw new CodeException("Raw values already been copied to store '$store'. Do this only one time.", ERROR_STORE_VALUE_ALREADY_CODPIED);
        }

        self::$raw[$store] = $dataArray;
    }

    /**
     * @param $bodytext
     * @throws CodeException
     */
    private static function fillStoreTypo3($bodytext) {

        $arr = KeyValueStringParser::parse($bodytext, "=", "\n");

        if (isset($GLOBALS["TSFE"]->fe_user->user["username"]))
            $arr[TYPO3_FE_USER] = $GLOBALS["TSFE"]->fe_user->user["username"];

        if (isset($GLOBALS["TSFE"]->fe_user->user["uid"]))
            $arr[TYPO3_FE_USER_UID] = $GLOBALS["TSFE"]->fe_user->user["uid"];

        if (isset($GLOBALS["TSFE"]->fe_user->user["usergroup"]))
            $arr[TYPO3_FE_USER_GROUP] = $GLOBALS["TSFE"]->fe_user->user["usergroup"];

        if (isset($GLOBALS["TSFE"]->page["uid"]))
            $arr[TYPO3_TT_CONTENT_UID] = $GLOBALS["TSFE"]->page["uid"];

        if (isset($GLOBALS["TSFE"]->id))
            $arr[TYPO3_PAGE_ID] = $GLOBALS["TSFE"]->id;

        if (isset($GLOBALS["TSFE"]->type))
            $arr[TYPO3_PAGE_TYPE] = $GLOBALS["TSFE"]->type;

        if (isset($GLOBALS["TSFE"]->sys_language_uid))
            $arr[TYPO3_PAGE_LANGUAGE] = $GLOBALS["TSFE"]->sys_language_uid;

        self::setVarArray($arr, STORE_TYPO3, true);
    }

    /**
     * @throws CodeException
     */
    private static function fillStoreClient() {
        // copy GET and POST and SERVER Parameter. Priority: SERVER, POST, GET
        $arr = array();
        if (isset($_GET))
            $arr = array_merge($arr, $_GET);

        if (isset($_POST))
            $arr = array_merge($arr, $_POST);

        if (isset($_SERVER))
            $arr = array_merge($arr, $_SERVER);

        self::setVarArray($arr, STORE_CLIENT, true);
    }

    /**
     * @throws CodeException
     * @throws UserFormException
     */
    private static function fillStoreSip() {

        $sessionName = self::getVar(SYSTEM_SESSION_NAME, STORE_SYSTEM);
        self::$sip = new Sip($sessionName);

        $s = self::getVar(CLIENT_SIP, STORE_CLIENT);
        if ($s !== false) {
            // if session is given, copy values to store
            $param = self::$sip->getVarsFromSip($s);
            $param[SIP_SIP] = $s;
            $param[SIP_URLPARAM] = self::$sip->getQueryStringFromSip($s);

//            self::setVarArray(KeyValueStringParser::parse($param, "=", "&"), STORE_SIP);
            self::setVarArray($param, STORE_SIP, true);
        }
    }

    /**
     * Cycles through all stores in $useStore.
     * First match will return the found value.
     * During cycling: fill cache with requestet value and sanitize raw value.
     *
     * @param string $key
     * @param string $useStores f.e.: 'FSRD'
     * @param string $sanitizeClass
     * @param string $foundInStore Returns the name of the store where $key has been found. If $key is not found, return ''.
     * @return string a) if found: value, b) false
     * @throws \qfq\CodeException
     */
    public static function getVar($key, $useStores = STORE_USE_DEFAULT, $sanitizeClass = '', &$foundInStore = '') {

        // no store specifed?
        if ($useStores === "" || $useStores === null) {
            $useStores = STORE_USE_DEFAULT;
        }

        // no sanitizeClass specified: take predefined (if exist) or default.
        if ($sanitizeClass === '' || $sanitizeClass === null) {
            $sanitizeClass = isset(self::$sanitizeClass[$key]) ? self::$sanitizeClass[$key] : SANITIZE_DEFAULT;
        }

        while ($useStores !== false) {

            $store = substr($useStores, 0, 1); // next store
            $foundInStore = $store;
            $useStores = substr($useStores, 1); // shift left remaining stores

            if (!isset(self::$raw[$store][$key])) {
                switch ($store) {
                    case STORE_ZERO:
                        return 0;
                    case STORE_EMPTY:
                        return '';
                    case STORE_VAR:
                        if ($key === VAR_RANDOM) {
                            return Support::randomAlphaNum(RANDOM_LENGTH);
                        } else {
                            continue 2;  // no value provided, continue with while loop
                        }
                        break;
                    default:
                        continue 2; // no value provided, continue with while loop
                        break;
                }
            }

            $rawVal = isset(self::$raw[$store][$key]) ? self::$raw[$store][$key] : null;
            if (self::$sanitizeStore[$store] && $sanitizeClass != '') {
                if ($sanitizeClass == SANITIZE_ALLOW_PATTERN || $sanitizeClass == SANITIZE_ALLOW_MIN_MAX || $sanitizeClass == SANITIZE_ALLOW_MIN_MAX_DATE) {
                    // We do not have any pattern or min|max values at this point. For those who be affected, they already checked earlier. So set 'no check'
                    $sanitizeClass = SANITIZE_ALLOW_ALL;
                }
                return \qfq\Sanitize::sanitize($rawVal, $sanitizeClass, '', SANATIZE_EMPTY_STRING);
            } else {
                return $rawVal;
            }
        }
        $foundInStore = '';
        return false;
    }

    /**
     * @throws UserFormException
     * @throws \qfq\CodeException
     */
    private static function fillStoreExtra() {
        if (isset($_SESSION[STORE_EXTRA]))
            self::setVarArray($_SESSION[STORE_EXTRA], STORE_EXTRA, true);
        else
            self::setVarArray(array(), STORE_EXTRA, true);
    }

    /**
     * @param string $bodytext
     * @param bool|false $phpUnit
     * @return null|\qfq\Store
     */
    public static function getInstance($bodytext = '', $phpUnit = false) {

        if ($phpUnit) {
            if (self::$instance !== null) {

                self::unsetStore(STORE_TYPO3);
                self::fillStoreTypo3($bodytext);

                self::unsetStore(STORE_CLIENT);
                self::fillStoreClient();
            }
        }

        // Design Pattern: Singleton
        if (self::$instance === null) {
            self::$phpUnit = $phpUnit;

            self::$instance = new self($bodytext);
        } else {
            // Class Store seems to be presistent over multiple QFQ instantiation. Set bodytext again, with every new request (if bodytext is given).
            if ($bodytext !== '')
                self::fillStoreTypo3($bodytext);
        }

        // Disable TYPO3_DEBUG_SHOW_BODY_TEXT=1 if SYSTEM_SHOW_DEBUG_INFO!='yes'
        if (self::getVar(TYPO3_DEBUG_SHOW_BODY_TEXT, STORE_TYPO3) === '1' &&
            self::getVar(SYSTEM_SHOW_DEBUG_INFO, STORE_SYSTEM) !== 'yes'
        ) {
            self::setVar(TYPO3_DEBUG_SHOW_BODY_TEXT, '0', STORE_TYPO3);
        }

        return self::$instance;
    }

    /**
     * @param $store
     * @throws UserFormException
     * @throws \qfq\CodeException
     */
    public static function unsetStore($store) {
        // Check valid Storename
        if (!isset(self::$sanitizeStore))
            throw new UserFormException("Unknown Store: $store", ERROR_UNNOWN_STORE);

        if ($store === STORE_ZERO)
            throw new CodeException("unsetStore() for STORE_ZERO is impossible - there are no values.", ERROR_SET_STORE_ZERO);

        if (isset(self::$raw[$store])) {
            self::$raw[$store] = array();
        }

    }

    /**
     * @param string $key
     * @param string|array $value
     * @param string $store
     * @param bool|true $overWrite
     * @throws UserFormException
     * @throws \qfq\CodeException
     */
    public static function setVar($key, $value, $store, $overWrite = true) {
        // Check valid Storename
        if (!isset(self::$sanitizeStore))
            throw new UserFormException("Unknown Store: $store", ERROR_UNNOWN_STORE);

        if ($store === STORE_ZERO)
            throw new CodeException("setVar() for STORE_ZERO is impossible - there are no values.", ERROR_SET_STORE_ZERO);

        if ($overWrite === false && isset(self::$raw[$store][$key])) {
            throw new UserFormException("Value of '$key' already be set in store '$store'.", ERROR_STORE_KEY_EXIST);
        }

        self::$raw[$store][$key] = $value;

        // The STORE_EXTRA saves arrays and is persistent
        if ($store === STORE_EXTRA) {
            foreach ($value as $k1 => $v1) {
                $_SESSION[STORE_EXTRA][$key][$k1] = $v1;
            }
        }

    }

    /**
     * @param $formName
     * @throws CodeException
     */
    public static function createSipAfterFormLoad($formName) {
        $recordId = self::getVar(CLIENT_RECORD_ID, STORE_TYPO3 . STORE_CLIENT);
        if ($recordId === false) {
            $recordId = 0;
        }

        $tmpParam = [SIP_RECORD_ID => $recordId, SIP_FORM => $formName];

        // Construct fake urlparam
        $tmpUrlparam = OnArray::toString($tmpParam);

        // Create a fake SIP which has never been passed by URL - further processing might expect this to exist.
        $sip = self::getSipInstance()->queryStringToSip($tmpUrlparam, RETURN_SIP);
        self::setVar(CLIENT_SIP, $sip, STORE_CLIENT);

        // Store in SIP Store (cause it's empty until now).
        $tmpParam[SIP_SIP] = $sip;
        self::setVarArray($tmpParam, STORE_SIP);

    }

    /**
     * @return null|Sip
     */
    public static function getSipInstance() {
        return self::$sip;
    }

    /**
     * @param $store
     * @return array
     * @throws UserFormException
     * @throws \qfq\CodeException
     */
    public static function getStore($store) {
        // Check valid Storename
        if (!isset(self::$sanitizeStore[$store]))
            throw new UserFormException("Unknown Store: $store", ERROR_UNNOWN_STORE);

        if ($store === STORE_ZERO)
            throw new CodeException("getStore() for STORE_ZERO is impossible - there are no values saved.", ERROR_GET_STORE_ZERO);

        if (isset(self::$raw[$store])) {
            return self::$raw[$store];
        }
        return array();
    }


    /**
     * Fills STORE_TABLE_DEFAULT and STORE_TABLE_COLUMN_TYPES
     *
     * @param $tableName
     * @throws CodeException
     */
    public static function fillStoreTableDefaultColumnType($tableName) {
        $db = new qfq\Database();

        $tableDefinition = $db->getTableDefinition($tableName);

        self::setVarArray(array_column($tableDefinition, 'Default', 'Field'), STORE_TABLE_DEFAULT, true);
        self::setVarArray(array_column($tableDefinition, 'Type', 'Field'), STORE_TABLE_COLUMN_TYPES, true);
    }
}