You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233
  1. <?php
  2. /**
  3. * Postfix Admin
  4. *
  5. * LICENSE
  6. * This source file is subject to the GPL license that is bundled with
  7. * this package in the file LICENSE.TXT.
  8. *
  9. * Further details on the project are available at http://postfixadmin.sf.net
  10. *
  11. * @version $Id$
  12. * @license GNU GPL v2 or later.
  13. *
  14. * File: edit.php
  15. * This file implements the handling of edit forms.
  16. * The form layout is retrieved from the *Handler classes, which also do
  17. * the actual work of verifying and storing the values.
  18. *
  19. * GET parameters:
  20. * table what to edit (*Handler)
  21. * edit item to edit (if net given: a new item will be created)
  22. * additional parameters will be accepted if specified in *Handler->webformConfig()[prefill] when creating a new item
  23. */
  24. require_once('common.php');
  25. $username = authentication_get_username(); # enforce login
  26. $table = safepost('table', safeget('table'));
  27. $handlerclass = ucfirst($table) . 'Handler';
  28. if (!preg_match('/^[a-z]+$/', $table) || !file_exists(dirname(__FILE__) . "/../model/$handlerclass.php")) { # validate $table
  29. die("Invalid table name given!");
  30. }
  31. $error = 0;
  32. $edit = safepost('edit', safeget('edit'));
  33. $new = 0;
  34. if ($edit == "") {
  35. $new = 1;
  36. }
  37. $is_admin = authentication_has_role('admin');
  38. $handler = new $handlerclass($new, $username, $is_admin);
  39. $formconf = $handler->webformConfig();
  40. if ($is_admin) {
  41. authentication_require_role($formconf['required_role']);
  42. } else {
  43. if (empty($formconf['user_hardcoded_field'])) {
  44. die($handlerclass . ' is not available for users');
  45. }
  46. }
  47. if ($new == 0 || $formconf['early_init']) {
  48. if (!$handler->init($edit)) {
  49. if (count($handler->errormsg) == 0) {
  50. # should never happen and indicates a bug in $handler->init()
  51. flash_error($handlerclass . "->init() failed, but didn't set any error message");
  52. }
  53. flash_error($handler->errormsg);
  54. header("Location: " . $formconf['listview']);
  55. exit;
  56. }
  57. }
  58. $form_fields = $handler->getStruct();
  59. $id_field = $handler->getId_field();
  60. if ($_SERVER['REQUEST_METHOD'] == "GET") {
  61. if ($new) { # new - prefill fields from URL parameters if allowed in $formconf['prefill']
  62. if (isset($formconf['prefill'])) {
  63. foreach ($formconf['prefill'] as $field) {
  64. $prefillvalue = safeget($field, safesession("prefill:$table:$field"));
  65. if ($prefillvalue != '') {
  66. $form_fields[$field]['default'] = $prefillvalue;
  67. $handler->prefill($field, $prefillvalue);
  68. }
  69. }
  70. }
  71. $form_fields = $handler->getStruct(); # refresh $form_fields - a prefill field might have changed something
  72. } else { # edit mode - read values from database
  73. if (!$handler->view()) {
  74. flash_error($handler->errormsg);
  75. header("Location: " . $formconf['listview']);
  76. exit;
  77. } else {
  78. $values = $handler->result;
  79. $values[$id_field] = $edit;
  80. }
  81. }
  82. }
  83. if ($_SERVER['REQUEST_METHOD'] == "POST") {
  84. if (safepost('token') != $_SESSION['PFA_token']) {
  85. die('Invalid token!');
  86. }
  87. $inp_values = safepost('value', array());
  88. foreach ($form_fields as $key => $field) {
  89. if ($field['editable'] && $field['display_in_form']) {
  90. if (!isset($inp_values[$key])) {
  91. $inp_values[$key] = ''; # newer PHP versions don't include empty fields in $_POST (noticed with PHP 5.6.6)
  92. }
  93. if ($field['type'] == 'bool' && $inp_values[$key] == '') {
  94. $values[$key] = 0; # isset() for unchecked checkboxes is always false
  95. } elseif ($field['type'] == 'txtl') {
  96. $values[$key] = $inp_values[$key];
  97. $values[$key] = preg_replace('/\\\r\\\n/', ',', $values[$key]);
  98. $values[$key] = preg_replace('/\r\n/', ',', $values[$key]);
  99. $values[$key] = preg_replace('/,[\s]+/i', ',', $values[$key]);
  100. $values[$key] = preg_replace('/[\s]+,/i', ',', $values[$key]);
  101. $values[$key] = preg_replace('/,,*/', ',', $values[$key]);
  102. $values[$key] = preg_replace('/,*$|^,*/', '', $values[$key]);
  103. if ($values[$key] == '') {
  104. $values[$key] = array();
  105. } else {
  106. $values[$key] = explode(",", $values[$key]);
  107. }
  108. } else {
  109. $values[$key] = $inp_values[$key];
  110. }
  111. }
  112. }
  113. if (isset($formconf['hardcoded_edit']) && $formconf['hardcoded_edit']) {
  114. $values[$id_field] = $form_fields[$id_field]['default'];
  115. } elseif ($new == 0) {
  116. $values[$id_field] = $edit;
  117. }
  118. if ($new && ($form_fields[$id_field]['display_in_form'] == 0)) {
  119. if ($form_fields[$id_field]['editable'] == 1) { # address split to localpart and domain?
  120. $values[$id_field] = $handler->mergeId($values);
  121. } else { # probably auto_increment
  122. $values[$id_field] = '';
  123. }
  124. }
  125. if (!$handler->init($values[$id_field])) {
  126. $error = 1;
  127. $errormsg = $handler->errormsg;
  128. }
  129. if (!$handler->set($values)) {
  130. $error = 1;
  131. $errormsg = $handler->errormsg;
  132. }
  133. $form_fields = $handler->getStruct(); # refresh $form_fields - set() might have changed something
  134. if ($error != 1) {
  135. if (!$handler->store()) {
  136. $errormsg = $handler->errormsg;
  137. } else {
  138. flash_info($handler->infomsg);
  139. if (count($handler->errormsg)) { # might happen if domain_postcreation fails
  140. flash_error($handler->errormsg);
  141. }
  142. # remember prefill values for next usage of the form
  143. if (isset($formconf['prefill'])) {
  144. foreach ($formconf['prefill'] as $field) {
  145. if (isset($values[$field])) {
  146. $_SESSION["prefill:$table:$field"] = $values[$field];
  147. }
  148. }
  149. }
  150. if ($new == 0) {
  151. header("Location: " . $formconf['listview']);
  152. exit;
  153. } else {
  154. header("Location: edit.php?table=$table");
  155. exit;
  156. }
  157. }
  158. }
  159. }
  160. if ($error != 1 && $new) { # no error and not in edit mode - reset fields to default for new item
  161. $values = array();
  162. foreach (array_keys($form_fields) as $key) {
  163. $values[$key] = $form_fields[$key]['default'];
  164. }
  165. }
  166. $errormsg = $handler->errormsg;
  167. $fielderror = array();
  168. foreach ($form_fields as $key => $field) {
  169. if ($form_fields[$key]['display_in_form']) {
  170. if (isset($errormsg[$key])) {
  171. $fielderror[$key] = $errormsg[$key];
  172. unset($errormsg[$key]);
  173. } else {
  174. $fielderror[$key] = '';
  175. }
  176. if (isset($values[$key])) {
  177. $smarty->assign("value_$key", $values[$key]);
  178. } else {
  179. $smarty->assign("value_$key", $form_fields[$key]['default']);
  180. }
  181. }
  182. }
  183. if (count($errormsg)) {
  184. flash_error($errormsg);
  185. } # display the remaining error messages (not related to a field) with flash_error
  186. if ($new) {
  187. $smarty->assign('mode', 'create');
  188. $smarty->assign('formtitle', Config::lang($formconf['formtitle_create']));
  189. $smarty->assign('submitbutton', Config::lang($formconf['create_button']));
  190. } else {
  191. $smarty->assign('mode', 'edit');
  192. $smarty->assign('formtitle', Config::lang($formconf['formtitle_edit']));
  193. $smarty->assign('submitbutton', Config::lang('save'));
  194. }
  195. $smarty->assign('struct', $form_fields);
  196. $smarty->assign('fielderror', $fielderror);
  197. $smarty->assign('table', $table);
  198. $smarty->assign('smarty_template', 'editform');
  199. $smarty->display('index.tpl');
  200. /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */