QuickFormQuery.php 25.2 KB
Newer Older
1
2
3
4
5
6
7
8
<?php
/**
 * Created by PhpStorm.
 * User: ep
 * Date: 12/23/15
 * Time: 6:33 PM
 */

Carsten  Rose's avatar
Carsten Rose committed
9

10
11
namespace qfq;

Carsten  Rose's avatar
Carsten Rose committed
12
use qfq;
13
14
15
16
17
18
19
20
21

//use qfq\Report;

//use qfq\BuildFormPlain;
//use qfq\BuildFormTable;
//use qfq\BuildFormBootstrap;
//use qfq\UserException;
//use qfq\CodeException;
//use qfq\DbException;
22
//use qfq\helper;
23
//use qfq\Store;
Carsten  Rose's avatar
Carsten Rose committed
24

Carsten  Rose's avatar
Carsten Rose committed
25

26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
require_once(__DIR__ . '/store/Store.php');
require_once(__DIR__ . '/store/FillStoreForm.php');
require_once(__DIR__ . '/store/Session.php');
require_once(__DIR__ . '/Constants.php');
require_once(__DIR__ . '/Save.php');
require_once(__DIR__ . '/helper/KeyValueStringParser.php');
require_once(__DIR__ . '/helper/HelperFormElement.php');
require_once(__DIR__ . '/exceptions/UserFormException.php');
require_once(__DIR__ . '/exceptions/CodeException.php');
require_once(__DIR__ . '/exceptions/DbException.php');
require_once(__DIR__ . '/exceptions/ErrorHandler.php');
require_once(__DIR__ . '/Database.php');
require_once(__DIR__ . '/Evaluate.php');
require_once(__DIR__ . '/BuildFormPlain.php');
require_once(__DIR__ . '/BuildFormTable.php');
require_once(__DIR__ . '/BuildFormBootstrap.php');
require_once(__DIR__ . '/report/Report.php');
require_once(__DIR__ . '/BodytextParser.php');
require_once(__DIR__ . '/Delete.php');
45
require_once(__DIR__ . '/form/FormAction.php');
46

47
48
49
50
51
52
53
54
55
56
57
58
/*
 * Form will be called
 * a) with a SIP identifier, or
 * b) without a SIP identifier (form setting has to allow this) and will create on the fly a new SIP.
 *
 * The SIP-Store stores:
 *  form=<formname>
 *  r=<record id>  (table.id for a single record form)
 *  keySemId,keySemIduser
 *  <further individual variables>
 */

Carsten  Rose's avatar
Carsten Rose committed
59
/**
60
 * Class Qfq
Carsten  Rose's avatar
Carsten Rose committed
61
62
 * @package qfq
 */
63
class QuickFormQuery {
64

65
    /**
66
     * @var \qfq\Store instantiated class
67
     */
Carsten  Rose's avatar
Carsten Rose committed
68
    protected $store = null;
69

70
71
72
    /**
     * @var Database instantiated class
     */
73
    protected $db = null;
74

75
76
77
78
    /**
     * @var Evaluate instantiated class
     */
    protected $eval = null;
79
80
81
    protected $formSpec = array();
    protected $feSpecAction = array();  // Form Definition: copy of the loaded form
    protected $feSpecNative = array(); // FormEelement Definition: all formElement.class='action' of the loaded form
82

83
84
85
86
    /**
     * @var array
     */
    private $t3data = array(); // FormEelement Definition: all formElement.class='native' of the loaded form
87

88
89
90
    /**
     * @var bool
     */
91
92
    private $phpUnit = false;

93
94
95
96
97
    /**
     * @var Session
     */
    private $session = null;

98
99
100
101
102
103
104
105
106
107
108
    /*
     * TODO:
     *  Preparation: setup logging, database access, record locking
     *  fill stores
     *  Check permission_create / permission_update
     *  Multi: iterate over all records, Single: activate record
     *      Check mode: Load | Save
     *      doActions 'Before'
     *      Do all FormElements
     *      doActions 'After'
     */
109

110
111
112
113
114
    /**
     * Construct the Form Class and Store too. This is the base initialization moment.
     *
     * As a result of instantiating of Form, the class Store will initially called the first time and therefore instantiated automatically.
     * Store might throw an exception, in case the URL-passed SIP is invalid.
115
     *
116
     * @param string $bodytext
117
     */
118
119
    public function __construct(array $t3data = array(), $phpUnit = false) {

120
121
        $this->phpUnit = $phpUnit;

122
        mb_internal_encoding("UTF-8");
123

124
125
126
127
128
//        session_name(SESSION_NAME);
//        session_start();

        $this->session = Session::getInstance($phpUnit);

Carsten  Rose's avatar
Carsten Rose committed
129
130
131
132
133
134
135
136
137
138
        // session.cache_expire
        // session.cookie_lifetime
        // session.gc_maxlifetime

//        $arr1['sessionname'] =   session_name();
//        $arr1['session.auto_start']  = ini_get('session.auto_start');
//        $arr1['session.gc_maxlifetime']  = ini_get('session.gc_maxlifetime');
//        $arr1['session.cookie_lifetime']  = ini_get('session.cookie_lifetime');
//        $arr1['session.name']  = ini_get('session.name');

139
        // Refresh the session even if no new data saved.
140
        Session::set('LAST_ACTIVITY', time());
141

142
        set_error_handler("\\qfq\\ErrorHandler::exception_error_handler");
143

144
145
146
147
148
149
150
        if (!isset($t3data[T3DATA_BODYTEXT])) {
            $t3data[T3DATA_BODYTEXT] = '';
        }

        if (!isset($t3data[T3DATA_UID])) {
            $t3data[T3DATA_UID] = 0;
        }
151

152
        $btp = new BodytextParser();
153
        $t3data[T3DATA_BODYTEXT] = $btp->process($t3data[T3DATA_BODYTEXT]);
154

155
156
        $this->t3data = $t3data;

157
        $bodytext = $this->t3data[T3DATA_BODYTEXT];
158
159

        $this->store = Store::getInstance($bodytext, $phpUnit);
160
        $this->store->setVar(TYPO3_TT_CONTENT_UID, $t3data[T3DATA_UID], STORE_TYPO3);
161
162
        $this->db = new Database();
        $this->eval = new Evaluate($this->store, $this->db);
Carsten  Rose's avatar
Carsten Rose committed
163
164
    }

165
    /**
Carsten  Rose's avatar
Carsten Rose committed
166
     * Returns the defined forwardMode and set $forwardPage (call be reference)
167
     *
168
169
170
171
172
173
174
175
     * @param $forwardPage
     * @return mixed
     */
    public function getForwardMode(&$forwardPage) {
        $forwardPage = $this->formSpec['forwardPage'];
        return $this->formSpec['forwardMode'];
    }

176
    /**
Carsten  Rose's avatar
Carsten Rose committed
177
     * Main entrypoint for display content: a) form and/or b) report
178
     *
179
     * @return string
Carsten  Rose's avatar
Carsten Rose committed
180
     */
181
    public function process() {
182
        $html = '';
183

184
        if ($this->store->getVar(TYPO3_DEBUG_SHOW_BODY_TEXT, STORE_TYPO3) === '1') {
185
186
187
188
            $html .= Support::appendTooltip('', $this->t3data['bodytext']);
        }

        $html .= $this->doForm(FORM_LOAD);
189
        $html .= $this->doReport();
Carsten  Rose's avatar
Carsten Rose committed
190

191
192
193
194
        $class = $this->store->getVar(SYSTEM_CSS_CLASS_QFQ_CONTAINER, STORE_SYSTEM);
        if ($class)
            $html = Support::wrapTag("<div class='$class'>", $html);

195
196
197
198
//        $feUidLoggedIn = isset($GLOBALS["TSFE"]->fe_user->user["uid"]) ? $GLOBALS["TSFE"]->fe_user->user["uid"] : false;
//        $feUidSession = $_SESSION[SESSION_NAME][SESSION_FE_USER_UID];
//        $html .= "<p>feUidLoggedIn: $feUidLoggedIn / feUidSession: $feUidSession</p>";

199
        return $html;
200
201
    }

202
    /**
203
204
205
206
     * Process form.
     * $mode=FORM_LOAD: The whole form will be rendered as HTML Code, including the values of all form elements
     * $mode=FORM_UPDATE: States and values of all form elements will be returned as JSON.
     * $mode=FORM_SAVE: The submitted form will be saved. Return Failure or Success as JSON.
207
     *
208
     * @param string $mode FORM_LOAD | FORM_UPDATE | FORM_SAVE
209
     * @return array|string
210
     * @throws CodeException
211
     * @throws UserFormException
212
     */
Carsten  Rose's avatar
Carsten Rose committed
213
214
    private function doForm($mode) {
        $data = '';
Carsten  Rose's avatar
Carsten Rose committed
215
        $foundInStore = '';
216

Carsten  Rose's avatar
Carsten Rose committed
217
218
219
220
221
        // Fill STORE_FORM
        if ($mode === FORM_UPDATE || $mode === FORM_SAVE) {
            $fillStoreForm = new FillStoreForm();
            $fillStoreForm->process();
        }
222

Carsten  Rose's avatar
Carsten Rose committed
223
        $formName = $this->loadFormSpecification($mode, $foundInStore);
224
        if ($formName === false) {
225
            return '';
226
        }
227

Carsten  Rose's avatar
Carsten Rose committed
228
        $sipFound = $this->validateForm($foundInStore);
Carsten  Rose's avatar
#2067    
Carsten Rose committed
229
230
231
232
        $recordId = $this->store->getVar(SIP_RECORD_ID, STORE_SIP . STORE_TYPO3 . STORE_CLIENT);
        // For 'new' record always create a new TAB-uniq (for this current form, nowhere else used) SIP.
        // With such a TAB-uniq SIP, multiple TABs and following repeated NEWs are easily implemented.
        if (!$sipFound || ($mode == FORM_LOAD && $recordId == 0)) {
233
234
            $this->store->createSipAfterFormLoad($formName);
        }
235

236
        $this->store->fillStoreTableDefaultColumnType($this->formSpec[F_TABLE_NAME]);
237

238
239
240
241
242
243
244
245
246
247
248
249
250
251
        switch ($this->formSpec['render']) {
            case 'plain':
                $build = new BuildFormPlain($this->formSpec, $this->feSpecAction, $this->feSpecNative);
                break;
            case 'table':
                $build = new BuildFormTable($this->formSpec, $this->feSpecAction, $this->feSpecNative);
                break;
            case 'bootstrap':
                $build = new BuildFormBootstrap($this->formSpec, $this->feSpecAction, $this->feSpecNative);
                break;
            default:
                throw new CodeException("This statement should never be reached", ERROR_CODE_SHOULD_NOT_HAPPEN);
        }

Carsten  Rose's avatar
#2067    
Carsten Rose committed
252
        $formAction = new FormAction($this->formSpec, $this->db, $this->phpUnit);
253
254
        switch ($mode) {
            case FORM_LOAD:
Carsten  Rose's avatar
Carsten Rose committed
255
            case FORM_UPDATE:
256
                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_BEFORE_LOAD);
Carsten  Rose's avatar
Carsten Rose committed
257
258

                $data = $build->process($mode);
259
260

                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_AFTER_LOAD);
261
                break;
Carsten  Rose's avatar
Carsten Rose committed
262

263
            case FORM_SAVE:
264
265
                $recordId = $this->store->getVar(SIP_RECORD_ID, STORE_SIP);

266
                // Action: Before
267
268
                $formAction->elements($recordId, $this->feSpecAction, FE_TYPE_BEFORE_INSERT . ',' . FE_TYPE_BEFORE_UPDATE . ',' . FE_TYPE_BEFORE_SAVE);

269
                // If an old record exist: load it. Necessary to delete uploaded files which should be overwritten.
270
                $this->fillStoreRecord($this->formSpec[F_TABLE_NAME], $recordId);
271

272
                $save = new Save($this->formSpec, $this->feSpecAction, $this->feSpecNative);
273
274
                $rc = $save->process();

275
                // Reload fresh saved record and fill STORE_RECORD with it.
276
                $this->fillStoreRecord($this->formSpec[F_TABLE_NAME], $rc);
277

Carsten  Rose's avatar
Upload:    
Carsten Rose committed
278
279
                $save->processAllUploads($rc);

280
                // Action: After
281
282
283
284
285
                $modified = $formAction->elements($rc, $this->feSpecAction, FE_TYPE_AFTER_INSERT . ',' . FE_TYPE_AFTER_UPDATE . ',' . FE_TYPE_AFTER_SAVE);
                if ($modified) {
                    // Reload fresh saved record and fill STORE_RECORD with it.
                    $this->fillStoreRecord($this->formSpec[F_TABLE_NAME], $rc);
                }
286

287
288
289
290
                $htmlElementNameIdZero = false;
                // Retrieve current STORE_SIP.
                $sipArray = $this->store->getStore(STORE_SIP);
                if ($sipArray[SIP_RECORD_ID] == 0) {
291
                    // After insert: a new SIP for the new record id is required.
Carsten  Rose's avatar
#2067    
Carsten Rose committed
292
                    $this->newRecordUpdateSip($rc);
293
294
                    $htmlElementNameIdZero = true;
                }
295

296
                // Action: Sendmail
297
                $formAction->elements($rc, $this->feSpecAction, FE_TYPE_SENDMAIL);
298

299
                // Retrieve FE Values as JSON
300
                $data = $build->process($mode, $htmlElementNameIdZero);
301
                break;
Carsten  Rose's avatar
Carsten Rose committed
302

303
304
305
306
            default:
                throw new CodeException("This statement should never be reached", ERROR_CODE_SHOULD_NOT_HAPPEN);
        }

Carsten  Rose's avatar
Carsten Rose committed
307
        return $data;
308
309
    }

310
    /**
311
     * Load form. Evaluates form. Load FormElements.
312
     *
Carsten  Rose's avatar
Carsten Rose committed
313
     * After processing:
314
315
316
317
     * Loaded Form is in  $this->formSpec
     * Loaded 'action' FormElements are in $this->feSpecAction
     * Loaded 'native' FormElements are in $this->feSpecNative
     *
Carsten  Rose's avatar
Carsten Rose committed
318
319
320
321
     * @param string $mode FORM_LOAD|FORM_SAVE|FORM_UPDATE
     * @param string $foundInStore
     * @return bool|string if found the formName, else 'false'.
     * @throws CodeException
322
     * @throws DbException
323
     * @throws UserFormException
324
     */
Carsten  Rose's avatar
Carsten Rose committed
325
    private function loadFormSpecification($mode, &$foundInStore = '') {
Carsten  Rose's avatar
Carsten Rose committed
326

327
        // formName
Carsten  Rose's avatar
Carsten Rose committed
328
        if (false === ($formName = $this->getFormName($mode, $foundInStore))) {
329
330
            return false;
        }
331

332
333
334
335
        if (!$this->db->existTable('Form')) {
            throw new UserFormException("Table 'Form' not found", ERROR_MISSING_TABLE);
        }

336
        // Preparation for Log, Debug
337
        $this->store->setVar(SYSTEM_FORM, $formName, STORE_SYSTEM);
Carsten  Rose's avatar
Carsten Rose committed
338

339
340
341
342
343
344
345
        // Check if there is a recordId specified in Bodytext - as variable or query.
        $rTmp = $this->store->getVar(CLIENT_RECORD_ID, STORE_TYPO3, SANITIZE_ALLOW_ALL);
        if (false !== $rTmp && !is_int($rTmp)) {
            $rTmp = $this->eval->parse($rTmp);
            $this->store->setVar(CLIENT_RECORD_ID, $rTmp, STORE_TYPO3);
        }

346
        // Load form
347
        $form = $this->db->sql("SELECT * FROM Form AS f WHERE f." . F_NAME . " LIKE ? AND f.deleted='no'", ROW_EXPECT_1,
348
            [$formName], 'Form not found or multiple forms with the same name.');
349
350

        $this->formSpec = $this->eval->parseArray($form);
351
        HelperFormElement::explodeParameter($this->formSpec);
352

Carsten  Rose's avatar
Carsten Rose committed
353
        # Set defaults:
354
        Support::setIfNotSet($this->formSpec, 'class', '');
355
        Support::setIfNotSet($this->formSpec, F_BS_LABEL_COLUMNS, 3, '');
356
357
        Support::setIfNotSet($this->formSpec, F_BS_INPUT_COLUMNS, 6, '');
        Support::setIfNotSet($this->formSpec, F_BS_NOTE_COLUMNS, 3, '');
Carsten  Rose's avatar
Carsten Rose committed
358

359
360
        Support::setIfNotSet($this->formSpec, F_SUBMIT_BUTTON_TEXT, '');

361
362
363
364
365
366
367
368
369
        // Take default from config.ini
        $class = $this->store->getVar(SYSTEM_CSS_CLASS_QFQ_FORM_PILL, STORE_SYSTEM);
        $class = $class ? $class : 'qfq-color-grey-1';
        Support::setIfNotSet($this->formSpec, F_CLASS_PILL, $class);

        // Take default from config.ini
        $class = $this->store->getVar(SYSTEM_CSS_CLASS_QFQ_FORM_BODY, STORE_SYSTEM);
        $class = $class ? $class : 'qfq-color-grey-2';
        Support::setIfNotSet($this->formSpec, F_CLASS_BODY, $class);
370

Carsten  Rose's avatar
Carsten Rose committed
371
        // Clear
372
373
        $this->store->setVar(SYSTEM_FORM_ELEMENT, '', STORE_SYSTEM);

374
        // FE: Action
375
376
377
//        $this->feSpecAction = $this->eval->parseArray($this->db->sql(SQL_FORM_ELEMENT_ALL_CONTAINER, ROW_REGULAR,
//            ['no', $this->formSpec["id"], 'action']));
        $this->feSpecAction = $this->db->sql(SQL_FORM_ELEMENT_ALL_CONTAINER, ROW_REGULAR, ['no', $this->formSpec["id"], 'action']);
378
        HelperFormElement::explodeParameterInArrayElements($this->feSpecAction);
379
380

        // FE: Native & Container
381
382
383
        // "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.feIdContainer = ? AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
        switch ($mode) {
            case FORM_LOAD:
384
385
                $this->feSpecNative = $this->db->sql(SQL_FORM_ELEMENT_SPECIFIC_CONTAINER, ROW_REGULAR,
                    ['no', $this->formSpec["id"], 'native,container', 0]);
386
387
388
                break;

            case FORM_SAVE:
Carsten  Rose's avatar
Carsten Rose committed
389
            case FORM_UPDATE:
390
391
                $this->feSpecNative = $this->db->sql(SQL_FORM_ELEMENT_ALL_CONTAINER, ROW_REGULAR,
                    ['no', $this->formSpec["id"], 'native']);
392
393
394
395
396
                break;

            default:
        }

397
        HelperFormElement::explodeParameterInArrayElements($this->feSpecNative);
398
399

        return $formName;
Carsten  Rose's avatar
Carsten Rose committed
400
401
    }

Carsten  Rose's avatar
Carsten Rose committed
402
    /**
403
404
     * Get the formName from STORE_TYPO3 (bodytext), STORE_SIP or by STORE_CLIENT (URL).
     *
405
406
407
408
409
410
411
412
413
414
415
416
     * FORM_LOAD:
     *   Specified in T3 body text with form=<formname>            Returned Store:Typo3
     *   Specified in T3 body text with form={{form}} ':FSRD'      Returned Store:SIP
     *   Specified in T3 body text with form={{form:C:ALNUMX}}     Returned Store:Client
     *   Specified in T3 body text with form={{SELECT registrationFormName FROM Conference WHERE id={{conferenceId:S0}} }}
     *   Specified in T3 body text with form={{SELECT registrationFormName FROM Conference WHERE id={{conferenceId:C0:DIGIT}} }}
     *   Specified in SIP
     *
     * FORM_SAVE:
     *   Specified in SIP
     *
     *
Carsten  Rose's avatar
Carsten Rose committed
417
     * @param string $mode FORM_LOAD|FORM_SAVE|FORM_UPDATE
Carsten  Rose's avatar
Carsten Rose committed
418
     * @param string $foundInStore
Carsten  Rose's avatar
Carsten Rose committed
419
420
     * @return array|bool|mixed|null|string  Formname (Form.name) or FALSE, if no formname found.
     * @throws CodeException
421
     * @throws UserFormException
Carsten  Rose's avatar
Carsten Rose committed
422
     */
423
    public function getFormName($mode, &$foundInStore = '') {
424
        $dummy = array();
Carsten  Rose's avatar
Carsten Rose committed
425

Carsten  Rose's avatar
Carsten Rose committed
426
427
428
429
430
431
        switch ($mode) {
            case FORM_LOAD:
                $store = STORE_TYPO3;
                break;
            case FORM_SAVE:
            case FORM_UPDATE:
432
            $store = STORE_SIP;
Carsten  Rose's avatar
Carsten Rose committed
433
434
435
436
437
                break;
            default:
                throw new CodeException("Unknown mode: $mode.", ERROR_UNKNOWN_MODE);
        }

438
439
        $storeFormName = $this->store->getVar(SIP_FORM, $store, '', $foundInStore);
        $formName = $this->eval->parse($storeFormName, 0, $dummy, $foundInStore);
Carsten  Rose's avatar
Carsten Rose committed
440

441
        // If the formname is '': no formname name.
442
        if ($formName === '' || $foundInStore === '')
443
444
445
446
447
448
            return false;

        // If the formname is surrounded by single ticks: the token (typically 'form') has not been replaced by a value.
        if ($formName[0] === "'" && $formName[strlen($formName) - 1] === "'") {
            return false;
        }
449

450
        return $formName;
451
    }
Carsten  Rose's avatar
Carsten Rose committed
452

453
    /**
Carsten  Rose's avatar
Carsten Rose committed
454
     * Check if loading of the given form is permitted. If not, throw an exception.
455
     *
Carsten  Rose's avatar
Carsten Rose committed
456
457
     * @param $formNameFoundInStore
     * @return bool 'true' if SIP exists, else 'false'
458
     * @throws CodeException
459
     * @throws UserFormException
Carsten  Rose's avatar
Carsten Rose committed
460
     * @internal param $foundInStore
461
     */
Carsten  Rose's avatar
Carsten Rose committed
462
    private function validateForm($formNameFoundInStore) {
463
464

        // Retrieve record_id either from SIP (prefered) or via URL
465
        $r = $this->store->getVar(SIP_RECORD_ID, STORE_SIP . STORE_TYPO3 . STORE_CLIENT, '', $recordIdFoundInStore);
466

Carsten  Rose's avatar
Carsten Rose committed
467
        // Set missing 'r'.
468
        if ($r === false) {
469
470
471
            $r = 0;
            $this->store->setVar(TYPO3_RECORD_ID, $r, STORE_TYPO3);
            $recordIdFoundInStore = STORE_TYPO3;
472
473
        }

Carsten  Rose's avatar
Carsten Rose committed
474
        // If there is a record_id>0: EDIT else NEW: 'sip','logged_in','logged_out','always','never'
475
        $permitMode = ($r > 0) ? $this->formSpec['permitEdit'] : $this->formSpec['permitNew'];
476
477
478
479
480

        $feUserLoggedIn = isset($GLOBALS["TSFE"]->fe_user->user["uid"]) && $GLOBALS["TSFE"]->fe_user->user["uid"] > 0;

        $sipFound = $this->store->getVar(SIP_SIP, STORE_SIP) !== false;

Carsten  Rose's avatar
Carsten Rose committed
481
482
        if ($sipFound) {
            if (($formNameFoundInStore === STORE_CLIENT) || ($recordIdFoundInStore === STORE_CLIENT)) {
483
                throw new UserFormException("SIP exist but FORM or RECORD_ID are given by CLIENT.", ERROR_SIP_EXIST_BUT_OTHER_PARAM_GIVEN_BY_CLIENT);
Carsten  Rose's avatar
Carsten Rose committed
484
485
486
            }
        }

487
        switch ($permitMode) {
488
            case  FORM_PERMISSION_SIP:
Carsten  Rose's avatar
Carsten Rose committed
489
                if (!$sipFound || $formNameFoundInStore !== STORE_SIP || $recordIdFoundInStore !== STORE_SIP) {
490
                    throw new UserFormException("SIP Parameter needed for this form.", ERROR_SIP_NEEDED_FOR_THIS_FORM);
491
492
493
494
                }
                break;
            case  FORM_PERMISSION_LOGGED_IN:
                if (!$feUserLoggedIn) {
495
                    throw new UserFormException("User not logged in.", ERROR_USER_NOT_LOGGED_IN);
496
497
498
499
                }
                break;
            case FORM_PERMISSION_LOGGED_OUT:
                if ($feUserLoggedIn) {
500
                    throw new UserFormException("User logged in.", ERROR_USER_LOGGED_IN);
501
502
503
504
505
                }
                break;
            case FORM_PERMISSION_ALWAYS:
                break;
            case FORM_PERMISSION_NEVER:
506
                throw new UserFormException("Loading form forbidden.", ERROR_FORM_FORBIDDEN);
507
            default:
508
                throw new CodeException("Unknown permission mode: '" . $permitMode . "'", ERROR_FORM_UNKNOWN_PERMISSION_MODE);
509
        }
Carsten  Rose's avatar
Carsten Rose committed
510

Carsten  Rose's avatar
Carsten Rose committed
511
        // Form Definition valid?
512
        if ($this->formSpec['multiMode'] !== 'none' && $this->formSpec['multiSql'] === '') {
513
            throw new UserFormException("MultiMode selected, but MultiSQL missing", ERROR_MULTI_SQL_MISSING);
Carsten  Rose's avatar
Carsten Rose committed
514
515
        }

516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
        $sipArray = $this->store->getStore(STORE_SIP);
        // Check: requiredParameter: '' or 'form' or 'form,grId' or 'form #formname for form,grId'
        $param = explode(',', $this->formSpec[F_REQUIRED_PARAMETER]);
        foreach ($param AS $name) {

            $name = explode('#', $name, 2);
            $name = trim($name[0]);

            if ($name === '') {
                continue;
            }

            if (!isset($sipArray[$name])) {
                throw new UserFormException("Missing required SIP parameter: $name", ERROR_MISSING_REQUIRED_PARAMETER);
            }
        }

533
        return $sipFound;
534
    }
Carsten  Rose's avatar
Carsten Rose committed
535

536
    /**
Carsten  Rose's avatar
Carsten Rose committed
537
538
     * Load record $id from $table.
     *
539
540
541
542
543
544
545
546
547
548
549
550
551
     * @param string $table
     * @param string $recordId
     * @throws CodeException
     * @throws DbException
     * @throws UserFormException
     */
    private function fillStoreRecord($table, $recordId) {
        if ($recordId !== false && $recordId > 0) {
            $record = $this->db->sql("SELECT * FROM $table WHERE id = ?", ROW_EXPECT_1, [$recordId]);
            $this->store->setVarArray($record, STORE_RECORD, true);
        }
    }

552
    /**
Carsten  Rose's avatar
Carsten Rose committed
553
554
     * Update current SIP Store with new $recordId and update SESSION store.
     *
555
     * @param $recordId
Carsten  Rose's avatar
Carsten Rose committed
556
557
     * @throws CodeException
     * @throws UserFormException
558
     */
Carsten  Rose's avatar
#2067    
Carsten Rose committed
559
560
561
    private function newRecordUpdateSip($recordId) {
        // Update current SIP store with new RecordID
        $sipArray = $this->store->getStore(STORE_SIP);
Carsten  Rose's avatar
Carsten Rose committed
562
563
564
565
566

        if (isset($sipArray[SIP_RECORD_ID]) && $sipArray[SIP_RECORD_ID] > 0) {
            throw new CodeException('Attemp to overwrite existing record id: SIP(otf)=' . $sipArray[SIP_SIP] . " existing_r=" . $sipArray[SIP_RECORD_ID] . " new_r=" . $recordId, ERROR_OVERWRITE_RECORD_ID);
        }

Carsten  Rose's avatar
#2067    
Carsten Rose committed
567
568
        $sipArray[SIP_RECORD_ID] = $recordId;
        $this->store->setVarArray($sipArray, STORE_SIP, true);
569

Carsten  Rose's avatar
#2067    
Carsten Rose committed
570
571
        // Update SIP urlparam
        store::getSipInstance()->updateSipToSession($sipArray);
572
573
574

    }

575
    /**
576
577
     * Process the SQL Queries from bodytext. Return the output.
     *
578
579
     * @return string
     */
580
    private function doReport() {
581
        $report = new Report($this->t3data, $this->eval, $this->phpUnit);
582

583
        $html = $report->process($this->t3data['bodytext']);
584
585
586
587
588

        return $html;

    }

589
    /**
590
591
     * Save the current form.
     *
592
593
594
595
     * @return string
     */
    public function saveForm() {

596
        $json = $this->doForm(FORM_SAVE);
597

598
        return $json;
599
600
    }

Carsten  Rose's avatar
Carsten Rose committed
601
602
603
604
605
606
607
608
609
610
611
612
613
    /**
     * Update FormElements and form values. Receives the current form values via POST.
     *
     * @return array
     * @throws CodeException
     */
    public function updateForm() {

        $json = $this->doForm(FORM_UPDATE);

        return $json;
    }

614
615
616
    /**
     * Delete a record (tablename and recordid are given) or process a 'delete form'
     *
617
     * @return mixed
618
619
620
621
     * @throws CodeException
     */
    public function delete() {

622
        $msg = array();
623
624
625
626
        #TODO: implement 'delete form'

        $recordId = $this->store->getVar(SIP_RECORD_ID, STORE_SIP);
        $table = $this->store->getVar(SIP_TABLE, STORE_SIP);
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
        $form = $this->store->getVar(SIP_FORM, STORE_SIP);
        $targetUrl = $this->store->getVar(SIP_TARGET_URL, STORE_SIP);
        $modeAnswer = $this->store->getVar(SIP_MODE_ANSWER, STORE_SIP);

        // fake until 'delete by form' is implemented too
        $form = [F_TABLE_NAME => $table];

        $delete = new Delete();
        $rc = $delete->process($form, $recordId, $msg);

        switch ($modeAnswer) {
            case MODE_JSON:

                if ($rc === true) {
                    $answer[API_MESSAGE] = 'delete: success';
                    $answer[API_REDIRECT] = API_ANSWER_REDIRECT_CLIENT;
                    $answer[API_STATUS] = API_ANSWER_STATUS_SUCCESS;

                } else {
                    $answer[API_MESSAGE] = $msg[MSG_CONTENT];
                    $answer[API_REDIRECT] = API_ANSWER_REDIRECT_NO;
                    $answer[API_STATUS] = API_ANSWER_STATUS_ERROR;
                }

                $result[MSG_HEADER] = "Content-Type: application/json";
                $result[MSG_CONTENT] = json_encode($answer);
653

654
655
656
657
658
                break;

            case MODE_HTML:
                if ($targetUrl === false || $targetUrl === '') {
                    $result[MSG_CONTENT] = 'Missing target URL. ' . ERROR_MISSING_VALUE;
659
660
                    //TODO: vermutlich muss hier $rc=false gesetzt werden. Habe zur Zeit keine Moeglichkeit das zu testen.
//                    $rc = false;
661
662
663
664
665
666
667
668
669
670
671
672
673
674
                }

                if ($rc === true) {
                    $result[MSG_HEADER] = "Location: $targetUrl";
                    $result[MSG_CONTENT] = '';
                } else {
                    $result[MSG_CONTENT] = $msg[MSG_CONTENT];
                }

                break;

            default:
                throw new CodeException('Unknown mode: ' . $modeAnswer, ERROR_UNKNOWN_MODE);
                break;
675
676
        }

677
        return $result;
678
679
    }

Carsten  Rose's avatar
#2067    
Carsten Rose committed
680
    /**
Carsten  Rose's avatar
Carsten Rose committed
681
682
     * Based on the given SIP, create a new uniqe SIP by copying the relevant old params and taking the new recordId..
     *
Carsten  Rose's avatar
#2067    
Carsten Rose committed
683
684
685
686
687
688
689
690
691
692
693
694
     * @param $sipArray
     * @param $recordId
     */
    private function newRecordCreateSip($sipArray, $recordId) {

        $tmpParam = array();

        foreach ($sipArray as $key => $value) {
            switch ($key) {
                case SIP_SIP:
                case SIP_URLPARAM:
                case SIP_TABLE:
Carsten  Rose's avatar
Carsten Rose committed
695
                continue; // do not copy these params to the new SIP
Carsten  Rose's avatar
#2067    
Carsten Rose committed
696
697

                case SIP_RECORD_ID:
Carsten  Rose's avatar
Carsten Rose committed
698
                    // set the new recordId
Carsten  Rose's avatar
#2067    
Carsten Rose committed
699
700
701
                    $tmpParam[SIP_RECORD_ID] = $recordId;
                    break;
                default:
Carsten  Rose's avatar
Carsten Rose committed
702
                    // copy further vars stored in old SIP (form, maybe default values)
Carsten  Rose's avatar
#2067    
Carsten Rose committed
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
                    $tmpParam[$key] = $value;
                    break;
            }
        }

        // Construct fake urlparam
        $tmpUrlparam = OnArray::toString($tmpParam);

        // Create a SIP which has never been passed by URL - further processing might expect this to exist.
        $sip = store::getSipInstance()->queryStringToSip($tmpUrlparam, RETURN_SIP);
        $this->store->setVar(CLIENT_SIP, $sip, STORE_CLIENT);

        // Overwrite SIP Store
        $tmpParam[SIP_SIP] = $sip;
        $this->store->setVarArray($tmpParam, STORE_SIP, true);
    }

720
}