You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

edit.php 7.7KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229
  1. <?php
  2. /**
  3. * Postfix Admin
  4. *
  5. * LICENSE
  6. * This source file is subject to the GPL license that is bundled with
  7. * this package in the file LICENSE.TXT.
  8. *
  9. * Further details on the project are available at http://postfixadmin.sf.net
  10. *
  11. * @version $Id: edit.php 1842 2016-05-20 20:42:04Z christian_boltz $
  12. * @license GNU GPL v2 or later.
  13. *
  14. * File: edit.php
  15. * This file implements the handling of edit forms.
  16. * The form layout is retrieved from the *Handler classes, which also do
  17. * the actual work of verifying and storing the values.
  18. *
  19. * GET parameters:
  20. * table what to edit (*Handler)
  21. * edit item to edit (if net given: a new item will be created)
  22. * additional parameters will be accepted if specified in *Handler->webformConfig()[prefill] when creating a new item
  23. */
  24. require_once('common.php');
  25. $username = authentication_get_username(); # enforce login
  26. $table = safepost('table', safeget('table'));
  27. $handlerclass = ucfirst($table) . 'Handler';
  28. if ( !preg_match('/^[a-z]+$/', $table) || !file_exists("model/$handlerclass.php")) { # validate $table
  29. die ("Invalid table name given!");
  30. }
  31. $error = 0;
  32. $edit = safepost('edit', safeget('edit'));
  33. $new = 0;
  34. if ($edit == "") $new = 1;
  35. $is_admin = authentication_has_role('admin');
  36. $handler = new $handlerclass($new, $username, $is_admin);
  37. $formconf = $handler->webformConfig();
  38. if ($is_admin) {
  39. authentication_require_role($formconf['required_role']);
  40. } else {
  41. if (empty($formconf['user_hardcoded_field'])) {
  42. die($handlerclass . ' is not available for users');
  43. }
  44. }
  45. if ($new == 0 || $formconf['early_init']) {
  46. if (!$handler->init($edit)) {
  47. if (count($handler->errormsg) == 0) {
  48. # should never happen and indicates a bug in $handler->init()
  49. flash_error($handlerclass . "->init() failed, but didn't set any error message");
  50. }
  51. flash_error($handler->errormsg);
  52. header ("Location: " . $formconf['listview']);
  53. exit;
  54. }
  55. }
  56. $form_fields = $handler->getStruct();
  57. $id_field = $handler->getId_field();
  58. if ($_SERVER['REQUEST_METHOD'] == "GET") {
  59. if ($new) { # new - prefill fields from URL parameters if allowed in $formconf['prefill']
  60. if ( isset($formconf['prefill']) ) {
  61. foreach ($formconf['prefill'] as $field) {
  62. $prefillvalue = safeget($field, safesession("prefill:$table:$field"));
  63. if ($prefillvalue != '') {
  64. $form_fields[$field]['default'] = $prefillvalue;
  65. $handler->prefill($field, $prefillvalue);
  66. }
  67. }
  68. }
  69. $form_fields = $handler->getStruct(); # refresh $form_fields - a prefill field might have changed something
  70. } else { # edit mode - read values from database
  71. if (!$handler->view()) {
  72. flash_error($handler->errormsg);
  73. header ("Location: " . $formconf['listview']);
  74. exit;
  75. } else {
  76. $values = $handler->result;
  77. $values[$id_field] = $edit;
  78. }
  79. }
  80. }
  81. if ($_SERVER['REQUEST_METHOD'] == "POST") {
  82. if (safepost('token') != $_SESSION['PFA_token']) die('Invalid token!');
  83. $inp_values = safepost('value', array() );
  84. foreach($form_fields as $key => $field) {
  85. if ($field['editable'] && $field['display_in_form']) {
  86. if (!isset($inp_values[$key])) {
  87. $inp_values[$key] = ''; # newer PHP versions don't include empty fields in $_POST (noticed with PHP 5.6.6)
  88. }
  89. if($field['type'] == 'bool' && $inp_values[$key] == '') {
  90. $values[$key] = 0; # isset() for unchecked checkboxes is always false
  91. } elseif($field['type'] == 'txtl') {
  92. $values[$key] = $inp_values[$key];
  93. $values[$key] = preg_replace ('/\\\r\\\n/', ',', $values[$key]);
  94. $values[$key] = preg_replace ('/\r\n/', ',', $values[$key]);
  95. $values[$key] = preg_replace ('/,[\s]+/i', ',', $values[$key]);
  96. $values[$key] = preg_replace ('/[\s]+,/i', ',', $values[$key]);
  97. $values[$key] = preg_replace ('/,,*/', ',', $values[$key]);
  98. $values[$key] = preg_replace ('/,*$|^,*/', '', $values[$key]);
  99. if ($values[$key] == '') {
  100. $values[$key] = array();
  101. } else {
  102. $values[$key] = explode(",", $values[$key]);
  103. }
  104. } else {
  105. $values[$key] = $inp_values[$key];
  106. }
  107. }
  108. }
  109. if (isset($formconf['hardcoded_edit']) && $formconf['hardcoded_edit']) {
  110. $values[$id_field] = $form_fields[$id_field]['default'];
  111. } elseif ($new == 0) {
  112. $values[$id_field] = $edit;
  113. }
  114. if ($new && ($form_fields[$id_field]['display_in_form'] == 0)) {
  115. if ($form_fields[$id_field]['editable'] == 1) { # address split to localpart and domain?
  116. $values[$id_field] = $handler->mergeId($values);
  117. } else { # probably auto_increment
  118. $values[$id_field] = '';
  119. }
  120. }
  121. if (!$handler->init($values[$id_field])) {
  122. $error = 1;
  123. $errormsg = $handler->errormsg;
  124. }
  125. if (!$handler->set($values)) {
  126. $error = 1;
  127. $errormsg = $handler->errormsg;
  128. }
  129. $form_fields = $handler->getStruct(); # refresh $form_fields - set() might have changed something
  130. if ($error != 1) {
  131. if (!$handler->store()) {
  132. $errormsg = $handler->errormsg;
  133. } else {
  134. flash_info($handler->infomsg);
  135. if (count($handler->errormsg)) { # might happen if domain_postcreation fails
  136. flash_error($handler->errormsg);
  137. }
  138. # remember prefill values for next usage of the form
  139. if ( isset($formconf['prefill']) ) {
  140. foreach ($formconf['prefill'] as $field) {
  141. if (isset($values[$field])) {
  142. $_SESSION["prefill:$table:$field"] = $values[$field];
  143. }
  144. }
  145. }
  146. if ($new == 0) {
  147. header ("Location: " . $formconf['listview']);
  148. exit;
  149. } else {
  150. header("Location: edit.php?table=$table");
  151. exit;
  152. }
  153. }
  154. }
  155. }
  156. if ($error != 1 && $new) { # no error and not in edit mode - reset fields to default for new item
  157. $values = array();
  158. foreach (array_keys($form_fields) as $key) {
  159. $values[$key] = $form_fields[$key]['default'];
  160. }
  161. }
  162. $errormsg = $handler->errormsg;
  163. $fielderror = array();
  164. foreach($form_fields as $key => $field) {
  165. if($form_fields[$key]['display_in_form']) {
  166. if (isset($errormsg[$key])) {
  167. $fielderror[$key] = $errormsg[$key];
  168. unset ($errormsg[$key]);
  169. } else {
  170. $fielderror[$key] = '';
  171. }
  172. if (isset($values[$key])) {
  173. $smarty->assign ("value_$key", $values[$key]);
  174. } else {
  175. $smarty->assign ("value_$key", $form_fields[$key]['default']);
  176. }
  177. }
  178. }
  179. if (count($errormsg)) flash_error($errormsg); # display the remaining error messages (not related to a field) with flash_error
  180. if ($new) {
  181. $smarty->assign ('mode', 'create');
  182. $smarty->assign('formtitle', Config::lang($formconf['formtitle_create']));
  183. $smarty->assign('submitbutton', Config::lang($formconf['create_button']));
  184. } else {
  185. $smarty->assign ('mode', 'edit');
  186. $smarty->assign('formtitle', Config::lang($formconf['formtitle_edit']));
  187. $smarty->assign('submitbutton', Config::lang('save'));
  188. }
  189. $smarty->assign ('struct', $form_fields);
  190. $smarty->assign ('fielderror', $fielderror);
  191. $smarty->assign ('table', $table);
  192. $smarty->assign ('smarty_template', 'editform');
  193. $smarty->display ('index.tpl');
  194. /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */
  195. ?>