mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-04 05:37:32 +02:00
Code Issues Releases Wiki Activity

Issue #1775 Rich text extended user field. User-extended class cleanup.

Browse Source
This commit is contained in:
Cameron
2019-06-08 10:31:15 -07:00
parent 944bb732c9
commit 020a93cee2
2 changed files with 154 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

148
e107_handlers/user_extended_class.php
View File

@@ -108,6 +108,12 @@ class e107_user_extended
'xup' 'xup'
); );
$this->init();
}
public function init()
{
$sql = e107::getDb(); $sql = e107::getDb();
// Read in all the field and category fields // Read in all the field and category fields
@@ -148,8 +154,14 @@ class e107_user_extended
} }
} }
} }
return null;
} }
/** /**
* Check read/write access on extended user-fields * Check read/write access on extended user-fields
* @param string $field eg. user_something * @param string $field eg. user_something
@@ -373,6 +385,64 @@ class e107_user_extended
return $eufVals; return $eufVals;
} }
/**
* Sanitize User submitted user-extended fields.
* @param $posted
* @return array
*/
function sanitizeAll($posted)
{
$arr = array();
foreach($posted as $field => $value)
{
$type = $this->getFieldType($field);
switch($type)
{
case EUF_INTEGER : //integer
$arr[$field] = (int) $value;
break;
case EUF_TEXT : //textbox
case EUF_COUNTRY:
case EUF_RADIO : //radio
case EUF_CHECKBOX : //checkboxes
case EUF_DROPDOWN : //dropdown
case EUF_PREDEFINED : // predefined list, shown in dropdown
case EUF_DB_FIELD : //db_field
case EUF_DATE : //date
case EUF_LANGUAGE : // language
case EUF_TEXTAREA : //textarea
case EUF_PREFIELD:
case EUF_ADDON:
$arr[$field] = filter_var($value,FILTER_SANITIZE_STRING);
break;
case EUF_RICHTEXTAREA : // rich textarea (using WYSIWYG editor)
$arr[$field] = e107::getParser()->cleanHtml($value);
break;
default:
e107::getDebug()->log("User extended field: ".$field." is missing a valid field-type.");
}
}
return $arr;
}
/** /**
* alias of user_extended_get_categories(); * alias of user_extended_get_categories();
* *
@@ -454,6 +524,7 @@ class e107_user_extended
* @param $cat * @param $cat
* @param $indexField; * @param $indexField;
* @param $system - include system fields. * @param $system - include system fields.
* @return array
*/ */
function user_extended_get_fieldList($cat = "", $indexField = 'user_extended_struct_id', $system = false) function user_extended_get_fieldList($cat = "", $indexField = 'user_extended_struct_id', $system = false)
{ {
@@ -464,6 +535,8 @@ class e107_user_extended
$sql = e107::getDb('ue'); $sql = e107::getDb('ue');
$ret = array();
$more = ($cat != '') ? " AND user_extended_struct_parent = ".intval($cat)." " : ""; $more = ($cat != '') ? " AND user_extended_struct_parent = ".intval($cat)." " : "";
$sys = ($system == false) ? " AND user_extended_struct_text != '_system_' " : ""; $sys = ($system == false) ? " AND user_extended_struct_text != '_system_' " : "";
@@ -474,6 +547,7 @@ class e107_user_extended
$ret[$row[$indexField]] = $row; $ret[$row[$indexField]] = $row;
} }
} }
return $ret; return $ret;
} }
@@ -569,6 +643,12 @@ class e107_user_extended
case EUF_DB_FIELD : case EUF_DB_FIELD :
case EUF_LANGUAGE : case EUF_LANGUAGE :
case EUF_PREDEFINED : case EUF_PREDEFINED :
$db_type = 'VARCHAR(255)';
break;
case EUF_PREFIELD: // FIXME Predefined field - this should be assignable from XML typically.
$db_type = 'VARCHAR(255)'; $db_type = 'VARCHAR(255)';
break; break;
@@ -779,8 +859,10 @@ class e107_user_extended
/** /**
* BC alias of renderElement * BC alias of renderElement
* @param $struct *
* @param $curval * @param array $struct
* @param mixed $curval
* @return array|string
*/ */
function user_extended_edit($struct, $curval) function user_extended_edit($struct, $curval)
{ {
@@ -812,8 +894,8 @@ class e107_user_extended
$parms = explode("^,^",$struct['user_extended_struct_parms']); $parms = explode("^,^",$struct['user_extended_struct_parms']);
$include = preg_replace("/\n/", " ", $tp->toHTML($parms[0])); $include = preg_replace("/\n/", " ", $tp->toHTML($parms[0]));
$regex = $tp->toText(varset($parms[1])); // $regex = $tp->toText(varset($parms[1]));
$regexfail = $tp->toText(varset($parms[2])); // $regexfail = $tp->toText(varset($parms[2]));
$fname = "ue[user_".$struct['user_extended_struct_name']."]"; $fname = "ue[user_".$struct['user_extended_struct_name']."]";
$required = vartrue($struct['user_extended_struct_required']) == 1 ? "required" : ""; $required = vartrue($struct['user_extended_struct_required']) == 1 ? "required" : "";
$fid = $frm->name2id($fname); $fid = $frm->name2id($fname);
@@ -836,6 +918,7 @@ class e107_user_extended
$include .= " class='".$class."' "; $include .= " class='".$class."' ";
} }
$ret = null;
switch($struct['user_extended_struct_type']) switch($struct['user_extended_struct_type'])
{ {
@@ -923,6 +1006,7 @@ class e107_user_extended
require_once($filename); require_once($filename);
$className = 'extended_'.$listRoot; $className = 'extended_'.$listRoot;
if (!class_exists($className)) return '?????'; if (!class_exists($className)) return '?????';
/** @var extended_timezones $temp */
$temp = new $className(); $temp = new $className();
if (!method_exists($className, 'getValue')) return '???-???'; if (!method_exists($className, 'getValue')) return '???-???';
$temp->pointerReset(); $temp->pointerReset();
@@ -1019,21 +1103,28 @@ class e107_user_extended
} }
// Alias of getStructure(); /**
function getStructure($orderby="user_extended_struct_order") * BC Alias for getStructure()
* @param string $orderby
* @return mixed
*/
function user_extended_getStruct($orderby="user_extended_struct_order")
{ {
return $this->user_extended_getStruct($orderby); return $this->user_extended_getStruct($orderby);
} }
/** /**
* Preferred version of user_extended_getStruct(); * Return all extended-field structure information
* @param string $orderby
* @return array|mixed
*/ */
function user_extended_getStruct($orderby="user_extended_struct_order") function getStructure($orderby="user_extended_struct_order")
{ {
if($ueStruct = getcachedvars('ue_struct'))
$id = 'core/userextended/structure';
if($ueStruct = e107::getRegistry($id))
{ {
return $ueStruct; return $ueStruct;
} }
@@ -1057,17 +1148,17 @@ class e107_user_extended
} }
} }
cachevars('ue_struct',$ret); e107::setRegistry($id, $ret);
return $ret; return $ret;
} }
/** /**
* @param $contents
* @param bool|false $no_cache * @param bool|false $no_cache
* @return array * @return bool
*/ */
function parse_extended_xml($contents, $no_cache = FALSE) function parse_extended_xml($no_cache = false)
{ {
if($no_cache == FALSE && $this->extended_xml) if($no_cache == FALSE && $this->extended_xml)
{ {
@@ -1115,13 +1206,13 @@ class e107_user_extended
/** /**
* Proxy Method to retrieve the value of an extended field * Proxy Method to retrieve the value of an extended field
* @param int $uid * @param int $uid
* @param var $field_name * @param string $field_name
* @param object $ifnotset [optional] * @param mixed $ifnotset [optional]
* @return mixed * @return mixed
*/ */
function get($uid, $field_name, $ifnotset=false) function get($uid, $field_name, $ifnotset=false)
{ {
return user_extended_getvalue($uid, $field_name, $ifnotset); return $this->user_extended_getvalue($uid, $field_name, $ifnotset);
} }
@@ -1148,7 +1239,11 @@ class e107_user_extended
* $ue = new e107_user_extended; * $ue = new e107_user_extended;
* $result = $ue->user_extended_setvalue(1, 'location', 'Pittsburgh'); * $result = $ue->user_extended_setvalue(1, 'location', 'Pittsburgh');
* *
* * @param int $uid
* @param string $field_name
* @param mixed $newvalue
* @param string $fieldType
* @return bool|int
*/ */
function user_extended_setvalue($uid, $field_name, $newvalue, $fieldType = 'todb') function user_extended_setvalue($uid, $field_name, $newvalue, $fieldType = 'todb')
{ {
@@ -1189,6 +1284,10 @@ class e107_user_extended
* $ue = new e107_user_extended; * $ue = new e107_user_extended;
* $value = $ue->user_extended_getvalue(2, 'location'); * $value = $ue->user_extended_getvalue(2, 'location');
* *
* @param int $uid
* @param string $field_name
* @param bool $ifnotset
* @return bool
*/ */
function user_extended_getvalue($uid, $field_name, $ifnotset=false) function user_extended_getvalue($uid, $field_name, $ifnotset=false)
{ {
@@ -1204,9 +1303,12 @@ class e107_user_extended
/** /**
*
* Given a predefined list field, returns the display text corresponding to the passed value * Given a predefined list field, returns the display text corresponding to the passed value
* *
* @TODO: consider whether to cache the class object * TODO: consider whether to cache the class object@param $table
* @param $value
* @return mixed|string
*/ */
function user_extended_display_text($table, $value) function user_extended_display_text($table, $value)
{ {
@@ -1215,6 +1317,7 @@ class e107_user_extended
require_once($filename); require_once($filename);
$className = 'extended_'.$table; $className = 'extended_'.$table;
if (!class_exists($className)) return '?????'; if (!class_exists($className)) return '?????';
/** @var extended_timezones $temp */
$temp = new $className(); $temp = new $className();
if (!method_exists($className, 'getValue')) return '???-???'; if (!method_exists($className, 'getValue')) return '???-???';
return $temp->getValue($value); return $temp->getValue($value);
@@ -1282,8 +1385,9 @@ class e107_user_extended
// code to be executed if n is different from all labels; // code to be executed if n is different from all labels;
} }
return null;
} }
} }
?>

13
usersettings.php
View File

@@ -348,9 +348,14 @@ class usersettings_front // Begin Usersettings rewrite.
if (!empty($_POST['updatesettings'])) if (!empty($_POST['updatesettings']))
{ {
$ueVals = $_POST['ue'];
$_POST = e107::getParser()->filter($_POST); $_POST = e107::getParser()->filter($_POST);
$_POST['ue'] = $ueVals;
unset($ueVals);
if (!vartrue($pref['auth_method'])) if (!vartrue($pref['auth_method']))
{ {
$pref['auth_method'] = 'e107'; $pref['auth_method'] = 'e107';
@@ -468,12 +473,18 @@ class usersettings_front // Begin Usersettings rewrite.
// Validate Extended User Fields. // Validate Extended User Fields.
if (isset($_POST['ue'])) if (isset($_POST['ue']))
{ {
$eufVals = $ue->userExtendedValidateAll($_POST['ue'], varset($_POST['hide'],TRUE)); // Validate the extended user fields $eufVals = $ue->sanitizeAll($_POST['ue']);
$eufVals = $ue->userExtendedValidateAll($eufVals, varset($_POST['hide'],TRUE)); // Validate the extended user fields
$changedEUFData['data'] = validatorClass::findChanges($eufVals['data'], $udata,FALSE); $changedEUFData['data'] = validatorClass::findChanges($eufVals['data'], $udata,FALSE);
} }
e107::getMessage()->addDebug("<h4>Extended Data - post validation</h4>".print_a($changedEUFData['data'],true));
// Determine whether we have an error // Determine whether we have an error
$error = ((isset($allData['errors']) && count($allData['errors'])) || (isset($eufVals['errors']) && count($eufVals['errors'])) || count($extraErrors)); $error = ((isset($allData['errors']) && count($allData['errors'])) || (isset($eufVals['errors']) && count($eufVals['errors'])) || count($extraErrors));