QuickFormQuery.php

<?php
/**
 * Created by PhpStorm.
 * User: ep
 * Date: 12/23/15
 * Time: 6:33 PM
 */


namespace qfq;

use qfq;

//use qfq\Report;

//use qfq\BuildFormPlain;
//use qfq\BuildFormTable;
//use qfq\BuildFormBootstrap;
//use qfq\UserException;
//use qfq\CodeException;
//use qfq\DbException;
//use qfq\helper;
//use qfq\Store;


require_once(__DIR__ . '/store/Store.php');
require_once(__DIR__ . '/store/FillStoreForm.php');
require_once(__DIR__ . '/store/Session.php');
require_once(__DIR__ . '/Constants.php');
require_once(__DIR__ . '/Save.php');
require_once(__DIR__ . '/helper/KeyValueStringParser.php');
require_once(__DIR__ . '/helper/HelperFormElement.php');
require_once(__DIR__ . '/exceptions/UserFormException.php');
require_once(__DIR__ . '/exceptions/CodeException.php');
require_once(__DIR__ . '/exceptions/DbException.php');
require_once(__DIR__ . '/exceptions/ErrorHandler.php');
require_once(__DIR__ . '/Database.php');
require_once(__DIR__ . '/Evaluate.php');
require_once(__DIR__ . '/BuildFormPlain.php');
require_once(__DIR__ . '/BuildFormTable.php');
require_once(__DIR__ . '/BuildFormBootstrap.php');
require_once(__DIR__ . '/report/Report.php');
require_once(__DIR__ . '/BodytextParser.php');
require_once(__DIR__ . '/Delete.php');
require_once(__DIR__ . '/form/FormAction.php');

/*
 * Form will be called
 * a) with a SIP identifier, or
 * b) without a SIP identifier (form setting has to allow this) and will create on the fly a new SIP.
 *
 * The SIP-Store stores:
 *  form=<formname>
 *  r=<record id>  (table.id for a single record form)
 *  keySemId,keySemIduser
 *  <further individual variables>
 */

/**
 * Class Qfq
 * @package qfq
 */
class QuickFormQuery {

    /**
     * @var \qfq\Store instantiated class
     */
    protected $store = null;

    /**
     * @var Database instantiated class
     */
    protected $db = null;

    /**
     * @var Evaluate instantiated class
     */
    protected $eval = null;
    protected $formSpec = array();
    protected $feSpecAction = array();  // Form Definition: copy of the loaded form
    protected $feSpecNative = array(); // FormEelement Definition: all formElement.class='action' of the loaded form

    /**
     * @var array
     */
    private $t3data = array(); // FormEelement Definition: all formElement.class='native' of the loaded form

    /**
     * @var bool
     */
    private $phpUnit = false;

    /**
     * @var Session
     */
    private $session = null;

    /*
     * TODO:
     *  Preparation: setup logging, database access, record locking
     *  fill stores
     *  Check permission_create / permission_update
     *  Multi: iterate over all records, Single: activate record
     *      Check mode: Load | Save
     *      doActions 'Before'
     *      Do all FormElements
     *      doActions 'After'
     */

    /**
     * Construct the Form Class and Store too. This is the base initialization moment.
     *
     * As a result of instantiating of Form, the class Store will initially called the first time and therefore instantiated automatically.
     * Store might throw an exception, in case the URL-passed SIP is invalid.
     *
     * @param string $bodytext
     */
    public function __construct(array $t3data = array(), $phpUnit = false) {

        $this->phpUnit = $phpUnit;

        mb_internal_encoding("UTF-8");

//        session_name(SESSION_NAME);
//        session_start();

        $this->session = Session::getInstance($phpUnit);

        // session.cache_expire
        // session.cookie_lifetime
        // session.gc_maxlifetime

//        $arr1['sessionname'] =   session_name();
//        $arr1['session.auto_start']  = ini_get('session.auto_start');
//        $arr1['session.gc_maxlifetime']  = ini_get('session.gc_maxlifetime');
//        $arr1['session.cookie_lifetime']  = ini_get('session.cookie_lifetime');
//        $arr1['session.name']  = ini_get('session.name');

        // Refresh the session even if no new data saved.
        Session::set('LAST_ACTIVITY', time());

        set_error_handler("\\qfq\\ErrorHandler::exception_error_handler");

        if (!isset($t3data[T3DATA_BODYTEXT])) {
            $t3data[T3DATA_BODYTEXT] = '';
        }

        if (!isset($t3data[T3DATA_UID])) {
            $t3data[T3DATA_UID] = 0;
        }

        $btp = new BodytextParser();
        $t3data[T3DATA_BODYTEXT] = $btp->process($t3data[T3DATA_BODYTEXT]);

        $this->t3data = $t3data;

        $bodytext = $this->t3data[T3DATA_BODYTEXT];

        $this->store = Store::getInstance($bodytext, $phpUnit);
        $this->store->setVar(TYPO3_TT_CONTENT_UID, $t3data[T3DATA_UID], STORE_TYPO3);
        $this->db = new Database();
        $this->eval = new Evaluate($this->store, $this->db);
    }

    /**
     * Returns the defined forwardMode and set, if necessary, $forwardPage
     *
     * @param $forwardPage
     * @return mixed
     */
    public function getForwardMode(&$forwardPage) {
        $forwardPage = $this->formSpec['forwardPage'];
        return $this->formSpec['forwardMode'];
    }

    /**
     * Main entrypoint for display content: form or report
     *
     * @return string
     */
    public function process() {
        $html = '';

        if ($this->store->getVar(TYPO3_DEBUG_SHOW_BODY_TEXT, STORE_TYPO3) === '1') {
            $html .= Support::appendTooltip('', $this->t3data['bodytext']);
        }

        $html .= $this->doForm(FORM_LOAD);
        $html .= $this->doReport();

        $class = $this->store->getVar(SYSTEM_CSS_CLASS_QFQ_CONTAINER, STORE_SYSTEM);
        if ($class)
            $html = Support::wrapTag("<div class='$class'>", $html);

//        $feUidLoggedIn = isset($GLOBALS["TSFE"]->fe_user->user["uid"]) ? $GLOBALS["TSFE"]->fe_user->user["uid"] : false;
//        $feUidSession = $_SESSION[SESSION_NAME][SESSION_FE_USER_UID];
//        $html .= "<p>feUidLoggedIn: $feUidLoggedIn / feUidSession: $feUidSession</p>";

        return $html;
    }

    /**
     * Process form.
     * $mode=FORM_LOAD: The whole form will be rendered as HTML Code, including the values of all form elements
     * $mode=FORM_UPDATE: States and values of all form elements will be returned as JSON.
     * $mode=FORM_SAVE: The submitted form will be saved. Return Failure or Success as JSON.
     *
     * @param string $mode FORM_LOAD | FORM_UPDATE | FORM_SAVE
     * @return array|string
     * @throws CodeException
     * @throws UserFormException
     */
    private function doForm($mode) {
        $data = '';
        $foundInStore = '';

        // Fill STORE_FORM
        if ($mode === FORM_UPDATE || $mode === FORM_SAVE) {
            $fillStoreForm = new FillStoreForm();
            $fillStoreForm->process();
        }

        $formName = $this->loadFormSpecification($mode, $foundInStore);
        if ($formName === false) {
            return '';
        }

        $sipFound = $this->validateForm($foundInStore);
        if (!$sipFound) {
            $this->store->createSipAfterFormLoad($formName);
        }

        $formAction = new FormAction($this->formSpec, $this->db, $this->phpUnit);

        $this->store->fillStoreTableDefaultColumnType($this->formSpec[F_TABLE_NAME]);

        switch ($this->formSpec['render']) {
            case 'plain':
                $build = new BuildFormPlain($this->formSpec, $this->feSpecAction, $this->feSpecNative);
                break;
            case 'table':
                $build = new BuildFormTable($this->formSpec, $this->feSpecAction, $this->feSpecNative);
                break;
            case 'bootstrap':
                $build = new BuildFormBootstrap($this->formSpec, $this->feSpecAction, $this->feSpecNative);
                break;
            default:
                throw new CodeException("This statement should never be reached", ERROR_CODE_SHOULD_NOT_HAPPEN);
        }

        switch ($mode) {
            case FORM_LOAD:
            case FORM_UPDATE:
                $recordId = $this->store->getVar(SIP_RECORD_ID, STORE_SIP . STORE_TYPO3 . STORE_CLIENT);
                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_BEFORE_LOAD);

                $data = $build->process($mode);

                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_AFTER_LOAD);
                break;

            case FORM_SAVE:
                $recordId = $this->store->getVar(SIP_RECORD_ID, STORE_SIP);

                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_BEFORE_INSERT . ',' . FE_TYPE_BEFORE_UPDATE . ',' . FE_TYPE_BEFORE_SAVE);

                // If an old record exist: load it. Necessary to delete uploaded files which should be overwritten.
                $this->fillStoreRecord($this->formSpec[F_TABLE_NAME], $recordId);

                $save = new Save($this->formSpec, $this->feSpecAction, $this->feSpecNative);
                $rc = $save->process();

                // Reload fresh saved record and fill STORE_RECORD with it.
                $this->fillStoreRecord($this->formSpec[F_TABLE_NAME], $rc);

                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_AFTER_INSERT . ',' . FE_TYPE_AFTER_UPDATE . ',' . FE_TYPE_AFTER_SAVE);

                $htmlElementNameIdZero = false;
                // Retrieve current STORE_SIP.
                $sipArray = $this->store->getStore(STORE_SIP);
                if ($sipArray[SIP_RECORD_ID] == 0) {
                    // After insert: a new SIP for the new record id is required.
                    $this->newRecordCreateSip($sipArray, $rc);
                    $htmlElementNameIdZero = true;
                }

                // Retrieve FE Values as JSON
                $data = $build->process($mode, $htmlElementNameIdZero);
                break;

            default:
                throw new CodeException("This statement should never be reached", ERROR_CODE_SHOULD_NOT_HAPPEN);
        }

        return $data;
    }

    /**
     * Load form. Evaluates form. Load FormElements.
     *
     * After processing:
     * Loaded Form is in  $this->formSpec
     * Loaded 'action' FormElements are in $this->feSpecAction
     * Loaded 'native' FormElements are in $this->feSpecNative
     *
     * @param string $mode FORM_LOAD|FORM_SAVE|FORM_UPDATE
     * @param string $foundInStore
     * @return bool|string if found the formName, else 'false'.
     * @throws CodeException
     * @throws DbException
     * @throws UserFormException
     */
    private function loadFormSpecification($mode, &$foundInStore = '') {

        // formName
        if (false === ($formName = $this->getFormName($mode, $foundInStore))) {
            return false;
        }

        // Preparation for Log, Debug
        $this->store->setVar(SYSTEM_FORM, $formName, STORE_SYSTEM);

        // Check if there is a recordId specified in Bodytext - as variable or query.
        $rTmp = $this->store->getVar(CLIENT_RECORD_ID, STORE_TYPO3, SANITIZE_ALLOW_ALL);
        if (false !== $rTmp && !is_int($rTmp)) {
            $rTmp = $this->eval->parse($rTmp);
            $this->store->setVar(CLIENT_RECORD_ID, $rTmp, STORE_TYPO3);
        }

        // Load form
        $form = $this->db->sql("SELECT * FROM Form AS f WHERE f.name LIKE ? AND f.deleted='no'", ROW_EXPECT_1,
            [$formName], 'Form not found or multiple forms with the same name.');

        $this->formSpec = $this->eval->parseArray($form);
        HelperFormElement::explodeParameter($this->formSpec);

        # Set defaults:
        Support::setIfNotSet($this->formSpec, 'class', '');
        Support::setIfNotSet($this->formSpec, F_BS_LABEL_COLUMNS, 3, '');
        Support::setIfNotSet($this->formSpec, F_BS_INPUT_COLUMNS, 8, '');
        Support::setIfNotSet($this->formSpec, F_BS_NOTE_COLUMNS, 1, '');

        // Clear
        $this->store->setVar(SYSTEM_FORM_ELEMENT, '', STORE_SYSTEM);

        // FE: Action
//        $this->feSpecAction = $this->eval->parseArray($this->db->sql(SQL_FORM_ELEMENT_ALL_CONTAINER, ROW_REGULAR,
//            ['no', $this->formSpec["id"], 'action']));
        $this->feSpecAction = $this->db->sql(SQL_FORM_ELEMENT_ALL_CONTAINER, ROW_REGULAR, ['no', $this->formSpec["id"], 'action']);
        HelperFormElement::explodeParameterInArrayElements($this->feSpecAction);

        // FE: Native & Container
        // "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.feIdContainer = ? AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
        switch ($mode) {
            case FORM_LOAD:
                $this->feSpecNative = $this->db->sql(SQL_FORM_ELEMENT_SPECIFIC_CONTAINER, ROW_REGULAR,
                    ['no', $this->formSpec["id"], 'native,container', 0]);
                break;

            case FORM_SAVE:
            case FORM_UPDATE:
                $this->feSpecNative = $this->db->sql(SQL_FORM_ELEMENT_ALL_CONTAINER, ROW_REGULAR,
                    ['no', $this->formSpec["id"], 'native']);
                break;

            default:
        }

        HelperFormElement::explodeParameterInArrayElements($this->feSpecNative);

        return $formName;
    }

    /**
     * Get the formName from STORE_TYPO3 (bodytext), STORE_SIP or by STORE_CLIENT (URL).
     *
     * FORM_LOAD:
     *   Specified in T3 body text with form=<formname>            Returned Store:Typo3
     *   Specified in T3 body text with form={{form}} ':FSRD'      Returned Store:SIP
     *   Specified in T3 body text with form={{form:C:ALNUMX}}     Returned Store:Client
     *   Specified in T3 body text with form={{SELECT registrationFormName FROM Conference WHERE id={{conferenceId:S0}} }}
     *   Specified in T3 body text with form={{SELECT registrationFormName FROM Conference WHERE id={{conferenceId:C0:DIGIT}} }}
     *   Specified in SIP
     *
     * FORM_SAVE:
     *   Specified in SIP
     *
     *
     * @param string $mode FORM_LOAD|FORM_SAVE|FORM_UPDATE
     * @param string $foundInStore
     * @return array|bool|mixed|null|string  Formname (Form.name) or FALSE, if no formname found.
     * @throws CodeException
     * @throws UserFormException
     */
    public function getFormName($mode, &$foundInStore = '') {
        $dummy = array();

        switch ($mode) {
            case FORM_LOAD:
                $store = STORE_TYPO3;
                break;
            case FORM_SAVE:
            case FORM_UPDATE:
            $store = STORE_SIP;
                break;
            default:
                throw new CodeException("Unknown mode: $mode.", ERROR_UNKNOWN_MODE);
        }

        $storeFormName = $this->store->getVar(SIP_FORM, $store, '', $foundInStore);
        $formName = $this->eval->parse($storeFormName, 0, $dummy, $foundInStore);

        // If the formname is '': no formname name.
        if ($formName === '' || $foundInStore === '')
            return false;

        // If the formname is surrounded by single ticks: the token (typically 'form') has not been replaced by a value.
        if ($formName[0] === "'" && $formName[strlen($formName) - 1] === "'") {
            return false;
        }

        return $formName;
    }

    /**
     * Check if loading of the given form is permitted. If not, throw an exception.
     *
     * @param $formNameFoundInStore
     * @return bool 'true' if SIP exists, else 'false'
     * @throws CodeException
     * @throws UserFormException
     * @internal param $foundInStore
     */
    private function validateForm($formNameFoundInStore) {

        // Retrieve record_id either from SIP (prefered) or via URL
        $r = $this->store->getVar(SIP_RECORD_ID, STORE_SIP . STORE_TYPO3 . STORE_CLIENT, '', $recordIdFoundInStore);

        // Missing 'r' is in general an error
        if ($r === false) {
            $r = 0;
            $this->store->setVar(TYPO3_RECORD_ID, $r, STORE_TYPO3);
            $recordIdFoundInStore = STORE_TYPO3;
        }

        // If there is a record_id>0: EDIT else NEW: 'sip','logged_in','logged_out','always','never'
        $permitMode = ($r > 0) ? $this->formSpec['permitEdit'] : $this->formSpec['permitNew'];

        $feUserLoggedIn = isset($GLOBALS["TSFE"]->fe_user->user["uid"]) && $GLOBALS["TSFE"]->fe_user->user["uid"] > 0;

        $sipFound = $this->store->getVar(SIP_SIP, STORE_SIP) !== false;

        if ($sipFound) {
            if (($formNameFoundInStore === STORE_CLIENT) || ($recordIdFoundInStore === STORE_CLIENT)) {
                throw new UserFormException("SIP exist but FORM or RECORD_ID are given by CLIENT.", ERROR_SIP_EXIST_BUT_OTHER_PARAM_GIVEN_BY_CLIENT);
            }
        }

        switch ($permitMode) {
            case  FORM_PERMISSION_SIP:
                if (!$sipFound || $formNameFoundInStore !== STORE_SIP || $recordIdFoundInStore !== STORE_SIP) {
                    throw new UserFormException("SIP Parameter needed for this form.", ERROR_SIP_NEEDED_FOR_THIS_FORM);
                }
                break;
            case  FORM_PERMISSION_LOGGED_IN:
                if (!$feUserLoggedIn) {
                    throw new UserFormException("User not logged in.", ERROR_USER_NOT_LOGGED_IN);
                }
                break;
            case FORM_PERMISSION_LOGGED_OUT:
                if ($feUserLoggedIn) {
                    throw new UserFormException("User logged in.", ERROR_USER_LOGGED_IN);
                }
                break;
            case FORM_PERMISSION_ALWAYS:
                break;
            case FORM_PERMISSION_NEVER:
                throw new UserFormException("Loading form forbidden.", ERROR_FORM_FORBIDDEN);
            default:
                throw new CodeException("Unknown permission mode: '" . $permitMode . "'", ERROR_FORM_UNKNOWN_PERMISSION_MODE);
        }

        // Form Definition valid?
        if ($this->formSpec['multiMode'] !== 'none' && $this->formSpec['multiSql'] === '') {
            throw new UserFormException("MultiMode selected, but MultiSQL missing", ERROR_MULTI_SQL_MISSING);
        }

        $sipArray = $this->store->getStore(STORE_SIP);
        // Check: requiredParameter: '' or 'form' or 'form,grId' or 'form #formname for form,grId'
        $param = explode(',', $this->formSpec[F_REQUIRED_PARAMETER]);
        foreach ($param AS $name) {

            $name = explode('#', $name, 2);
            $name = trim($name[0]);

            if ($name === '') {
                continue;
            }

            if (!isset($sipArray[$name])) {
                throw new UserFormException("Missing required SIP parameter: $name", ERROR_MISSING_REQUIRED_PARAMETER);
            }
        }

        return $sipFound;
    }

    /**
     * @param string $table
     * @param string $recordId
     * @throws CodeException
     * @throws DbException
     * @throws UserFormException
     */
    private function fillStoreRecord($table, $recordId) {
        if ($recordId !== false && $recordId > 0) {
            $record = $this->db->sql("SELECT * FROM $table WHERE id = ?", ROW_EXPECT_1, [$recordId]);
            $this->store->setVarArray($record, STORE_RECORD, true);
        }

    }

    /**
     * @param $sipArray
     * @param $recordId
     */
    private function newRecordCreateSip($sipArray, $recordId) {

        $tmpParam = array();

        foreach ($sipArray as $key => $value) {
            switch ($key) {
                case SIP_SIP:
                case SIP_URLPARAM:
                case SIP_TABLE:
                    continue;

                case SIP_RECORD_ID:
                    $tmpParam[SIP_RECORD_ID] = $recordId;
                    break;
                default:
                    // further vars stored in old SIP (form, maybe default values)
                    $tmpParam[$key] = $value;
                    break;
            }
        }

        // Construct fake urlparam
        $tmpUrlparam = OnArray::toString($tmpParam);

        // Create a SIP which has never been passed by URL - further processing might expect this to exist.
        $sip = store::getSipInstance()->queryStringToSip($tmpUrlparam, RETURN_SIP);
        $this->store->setVar(CLIENT_SIP, $sip, STORE_CLIENT);

        // Overwrite SIP Store
        $tmpParam[SIP_SIP] = $sip;
        $this->store->setVarArray($tmpParam, STORE_SIP, true);
    }

    /**
     * Process the SQL Queries from bodytext. Return the output.
     *
     * @return string
     */
    private function doReport() {
        $report = new Report($this->t3data, $this->eval, $this->phpUnit);

        $html = $report->process($this->t3data['bodytext']);

        return $html;

    }

    /**
     * Save the current form.
     *
     * @return string
     */
    public function saveForm() {

        $json = $this->doForm(FORM_SAVE);

        return $json;
    }

    /**
     * Update FormElements and form values. Receives the current form values via POST.
     *
     * @return array
     * @throws CodeException
     */
    public function updateForm() {

        $json = $this->doForm(FORM_UPDATE);

        return $json;
    }

    /**
     * Delete a record (tablename and recordid are given) or process a 'delete form'
     *
     * @return mixed
     * @throws CodeException
     */
    public function delete() {

        $msg = array();
        #TODO: implement 'delete form'

        $recordId = $this->store->getVar(SIP_RECORD_ID, STORE_SIP);
        $table = $this->store->getVar(SIP_TABLE, STORE_SIP);
        $form = $this->store->getVar(SIP_FORM, STORE_SIP);
        $targetUrl = $this->store->getVar(SIP_TARGET_URL, STORE_SIP);
        $modeAnswer = $this->store->getVar(SIP_MODE_ANSWER, STORE_SIP);

        // fake until 'delete by form' is implemented too
        $form = [F_TABLE_NAME => $table];

        $delete = new Delete();
        $rc = $delete->process($form, $recordId, $msg);

        switch ($modeAnswer) {
            case MODE_JSON:

                if ($rc === true) {
                    $answer[API_MESSAGE] = 'delete: success';
                    $answer[API_REDIRECT] = API_ANSWER_REDIRECT_CLIENT;
                    $answer[API_STATUS] = API_ANSWER_STATUS_SUCCESS;

                } else {
                    $answer[API_MESSAGE] = $msg[MSG_CONTENT];
                    $answer[API_REDIRECT] = API_ANSWER_REDIRECT_NO;
                    $answer[API_STATUS] = API_ANSWER_STATUS_ERROR;
                }

                $result[MSG_HEADER] = "Content-Type: application/json";
                $result[MSG_CONTENT] = json_encode($answer);

                break;

            case MODE_HTML:
                if ($targetUrl === false || $targetUrl === '') {
                    $result[MSG_CONTENT] = 'Missing target URL. ' . ERROR_MISSING_VALUE;
                }

                if ($rc === true) {
                    $result[MSG_HEADER] = "Location: $targetUrl";
                    $result[MSG_CONTENT] = '';
                } else {
                    $result[MSG_CONTENT] = $msg[MSG_CONTENT];
                }

                break;

            default:
                throw new CodeException('Unknown mode: ' . $modeAnswer, ERROR_UNKNOWN_MODE);
                break;
        }

        return $result;
    }

}