From 1a9cb284b416e5bbe72497586d670057608a262c Mon Sep 17 00:00:00 2001
From: SecretR <secretr@e107.org>
Date: Wed, 6 Feb 2013 17:03:00 +0200
Subject: [PATCH] Admin UI generic ajax 'sortable' solution; Admin UI generic
 ajax 'inline edit' solution (works only on number and text field types at
 this moment); Model/Admin UI now support GUID like Primary Id's; various
 minor fixes, language defines

---
 e107_handlers/admin_ui.php                 | 89 +++++++++++++++++++++-
 e107_handlers/form_handler.php             | 45 ++++++-----
 e107_handlers/model_class.php              |  2 +
 e107_languages/English/admin/lan_admin.php |  1 +
 e107_plugins/faqs/admin_config.php         | 24 +-----
 5 files changed, 120 insertions(+), 41 deletions(-)

diff --git a/e107_handlers/admin_ui.php b/e107_handlers/admin_ui.php
index 764838808..61590f371 100644
--- a/e107_handlers/admin_ui.php
+++ b/e107_handlers/admin_ui.php
@@ -135,7 +135,7 @@ class e_admin_request
 		// Set current id
 		if(isset($this->_request_qry[$this->_id_key]))
 		{
-			$this->_id = intval($this->_request_qry[$this->_id_key]);
+			$this->_id = preg_replace('/[^\w\-]/', '', $this->_request_qry[$this->_id_key]);
 		}
 
 		$this->_posted_qry =& $_POST; //raw?
@@ -2222,6 +2222,11 @@ class e_admin_controller_ui extends e_admin_controller
 	 * @var string SQL order, false to disable order, null is default order
 	 */
 	protected $listOrder = null;
+	
+	/**
+	 * @var string SQL order, false to disable order, null is default order
+	 */
+	protected $sortField = null;
 
 	/**
 	 * Structure same as TreeModel parameters used for building the load() SQL
@@ -4115,7 +4120,7 @@ class e_admin_ui extends e_admin_controller_ui
 	public function ListObserver()
 	{
 		$this->getTreeModel()->setParam('db_query', $this->_modifyListQry(false, false, false, false, $this->listQry))->load();
-		$this->addTitle('List'); // FIXME - get captions from dispatch list
+		$this->addTitle(LAN_LIST); // FIXME - get captions from dispatch list
 	}
 
 	/**
@@ -4126,6 +4131,86 @@ class e_admin_ui extends e_admin_controller_ui
 	{
 		return $this->renderAjaxFilterResponse($this->listQry); //listQry will be used only if available
 	}
+	
+	/**
+	 * Inline edit action
+	 * @return void
+	 */
+	public function InlineAjaxPage()
+	{
+		$protocol = (isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.0');
+		if(!vartrue($_POST['name']) || !vartrue($this->fields[$_POST['name']]))
+		{
+			header($protocol.': 404 Not Found', true, 404);
+			header("Status: 404 Not Found", true, 404);
+			echo 'Field not found'; // FIXME lan
+			return;
+		}
+		
+		$_name = $_POST['name'];
+		$_value = $_POST['value'];
+		$parms = $this->fields[$_name]['readParms'] ? $this->fields[$_name]['readParms'] : '';
+		if(!is_array($parms)) parse_str($parms, $parms);
+		if(vartrue($parms['editable'])) $this->fields[$_name]['inline'] = true;
+		
+		if(vartrue($this->fields[$_name]['noedit']) || vartrue($this->fields[$_name]['nolist']) || !vartrue($this->fields[$_name]['inline']))
+		{
+			header($protocol.': 403 Forbidden', true, 403);
+			header("Status: 403 Forbidden", true, 403);
+			echo 'Forbidden'; // FIXME lan
+			return;
+		}
+		
+		$model = $this->getModel()->load($this->getId());
+		
+		$res = $model->setPostedData($_name, $_value, false)
+			->save(true);
+			
+		if($model->hasError())
+		{
+			// using 400
+			header($protocol.': 400 Bad Request', true, 400);
+			header("Status: 400 Bad Request", true, 400);
+			// DEBUG e107::getMessage()->addError('Error test.', $model->getMessageStackName())->addError('Another error test.', $model->getMessageStackName());
+			$message = e107::getMessage()->get('error', $model->getMessageStackName(), true);
+			if(!empty($message)) echo implode(' ', $message);
+			return;
+		}
+	}
+
+	
+	/**
+	 * Drag-n-Drop sort action
+	 * @return void
+	 */
+	public function SortAjaxPage()
+	{
+		if(!isset($_POST['all']) || empty($_POST['all']))
+		{
+			return;
+		}
+		if(!$this->sortField)
+		{
+			echo 'Missing sort field value';
+			return;
+		}
+		
+		$sql = e107::getDb();
+		$c = ($_GET['from']) ? intval($_GET['from']) : 0;
+		$updated = array();
+		
+		foreach($_POST['all'] as $row)
+		{
+			
+			list($tmp,$id) = explode("-", $row, 2);
+			if($sql->db_Update($this->table, $this->sortField." = ".intval($c)." WHERE ".$this->pid." = ".intval($id)))
+			{
+				$updated[] = $id;
+			}
+			$c++;		
+		}
+		//echo "Updated ".implode(",",$updated);
+	}
 
 	/**
 	 * Generic List action page
diff --git a/e107_handlers/form_handler.php b/e107_handlers/form_handler.php
index 7d12915f2..e09bfef41 100644
--- a/e107_handlers/form_handler.php
+++ b/e107_handlers/form_handler.php
@@ -1878,21 +1878,22 @@ class e_form
 					
 					if(vartrue($parms['sort']))//FIXME use a global variable such as $fieldpref
 					{
-						$value .= "<a class='e-sort' style='cursor:move' href='".e_SELF."?".(e_QUERY ? e_QUERY."&amp;ajax_used=1" : "ajax_used=1")."' title='Re-order'>".ADMIN_SORT_ICON."</a> ";	
-					}		
-			
-					$value .= "<a href='".e_SELF."?{$query}' class='e-tip' title='".LAN_EDIT."' data-placement='left'>
-					<img class='icon action edit list' src='".ADMIN_EDIT_ICON_PATH."' alt='".LAN_EDIT."' /></a>";
-	
-/*
-						$value .= "<a href='".e_SELF."?{$query}' class='btn e-tip' title='".LAN_EDIT."' data-placement='left'>
-					".ADMIN_EDIT_ICON."
-					</a>";
-					*/
+						$mode = preg_replace('/[^\w]/', '', vartrue($_GET['mode'], ''));
+						$value .= "<a class='e-sort' style='cursor:move' href='".e_SELF."?mode={$mode}&action=sort&ajax_used=1' title='Re-order'>".ADMIN_SORT_ICON."</a> ";	
+					}	
 					
-					
-					
-	
+					$cls = false;
+					if(varset($parms['editClass']))
+					{
+						$cls = (deftrue($parms['editClass'])) ? constant($parms['editClass']) : $parms['editClass'];
+
+					}	
+					if(false === $cls || check_class($cls))
+					{
+						$value .= "<a href='".e_SELF."?{$query}' class='e-tip' title='".LAN_EDIT."' data-placement='left'>
+						<img class='icon action edit list' src='".ADMIN_EDIT_ICON_PATH."' alt='".LAN_EDIT."' /></a>";
+					}
+
 					$delcls = vartrue($attributes['noConfirm']) ? ' no-confirm' : '';
 					if(varset($parms['deleteClass']))
 					{
@@ -1927,6 +1928,14 @@ class e_form
 					if(!isset($parms['sep'])) $value = number_format($value, $parms['decimals']);
 					else $value = number_format($value, $parms['decimals'], vartrue($parms['point'], '.'), vartrue($parms['sep'], ' '));
 				}
+				
+				if(vartrue($attributes['inline'])) $parms['editable'] = true;
+				if(!vartrue($attributes['noedit']) && vartrue($parms['editable']) && !vartrue($parms['link'])) // avoid bad markup, better solution coming up
+				{
+					$mode = preg_replace('/[^\w]/', '', vartrue($_GET['mode'], ''));
+					$value = "<a class='e-tip e-editable' data-name='".$field."' title=\"".LAN_EDIT." ".$attributes['title']."\" data-type='text' data-pk='".$id."' data-url='".e_SELF."?mode={$mode}&action=inline&id={$id}&ajax_used=1' href='#'>".$value."</a>";
+				}
+				
 				$value = vartrue($parms['pre']).$value.vartrue($parms['post']);
 				// else same
 			break;
@@ -2008,6 +2017,8 @@ class e_form
 			break;
 
 			case 'text':
+				// attribute alias
+				if(vartrue($attributes['inline'])) $parms['editable'] = true;
 				
 				if(vartrue($parms['truncate']))
 				{
@@ -2029,10 +2040,10 @@ class e_form
 					$value = "<a class='e-tip {$dialog}' href='".$link."' title='Quick View'>".$value."</a>";
 				}
 				
-				//XXX NEW Inline-editing support. Handling of $_POST not done yet. 
-				if(vartrue($parms['editable']))
+				if(!vartrue($attributes['noedit']) && vartrue($parms['editable']) && !vartrue($parms['link'])) // avoid bad markup, better solution coming up
 				{
-					$value = "<a class='e-tip e-editable'data-name='".$field."' title=\"".LAN_EDIT." ".$attributes['title']."\" data-type='text' data-pk='".$id."' data-url='".e_SELF."' href='#'>".$value."</a>";
+					$mode = preg_replace('/[^\w]/', '', vartrue($_GET['mode'], ''));
+					$value = "<a class='e-tip e-editable' data-name='".$field."' title=\"".LAN_EDIT." ".$attributes['title']."\" data-type='text' data-pk='".$id."' data-url='".e_SELF."?mode={$mode}&action=inline&id={$id}&ajax_used=1' href='#'>".$value."</a>";
 				}
 				
 
diff --git a/e107_handlers/model_class.php b/e107_handlers/model_class.php
index 5a3755851..5ca15ec9b 100644
--- a/e107_handlers/model_class.php
+++ b/e107_handlers/model_class.php
@@ -1361,6 +1361,8 @@ class e_model extends e_object
 		}
 		else
 		{
+			if(!is_numeric($id)) $id = "'{$id}'";
+			
 			$res = $sql->db_Select(
 				$this->getModelTable(),
 				$this->getParam('db_fields', '*'),
diff --git a/e107_languages/English/admin/lan_admin.php b/e107_languages/English/admin/lan_admin.php
index 7be3c5a5d..b8af3ef5c 100644
--- a/e107_languages/English/admin/lan_admin.php
+++ b/e107_languages/English/admin/lan_admin.php
@@ -310,6 +310,7 @@ define("LAN_MEDIAMANAGER", "Media Manager");
 define("LAN_MOREINFO","More Information...");
 define("LAN_COMMENTMAN", "Comments Manager");
 
+define("LAN_LIST", "List");
 define("LAN_FILTER", "Filter");
 define("LAN_NO_RECORDS", "No Records Found");
 define("LAN_STATUS", "Status");
diff --git a/e107_plugins/faqs/admin_config.php b/e107_plugins/faqs/admin_config.php
index 7fa7df93b..151c9ae4e 100644
--- a/e107_plugins/faqs/admin_config.php
+++ b/e107_plugins/faqs/admin_config.php
@@ -162,6 +162,7 @@ class faq_main_ui extends e_admin_ui
 		protected $perPage 		= 10;
 		protected $batchDelete	= true;
 		protected $listOrder	= 'faq_order ASC';
+		protected $sortField	= 'faq_order';
 		
 		//TODO - finish 'user' type, set 'data' to all editable fields, set 'noedit' for all non-editable fields
     	protected $fields = array(
@@ -175,7 +176,7 @@ class faq_main_ui extends e_admin_ui
             'faq_author' 			=> array('title'=> LAN_USER,		'type' => 'user',			'data'=> 'int', 'width' => 'auto', 'thclass' => 'center', 'class'=>'center', 'writeParms' => 'currentInit=1', 'filter' => true, 'batch' => true, 'nolist' => true	),	 	// Photo
        		'u.user_name' 			=> array('title'=> "User name",		'type' => 'user',			'width' => 'auto', 'noedit' => true, 'readParms'=>'idField=faq_author&link=1'),	// User name
        		'u.user_loginname' 		=> array('title'=> "User login",	'type' => 'user',			'width' => 'auto', 'noedit' => true, 'readParms'=>'idField=faq_author&link=1'),	// User login name
-			'faq_order' 			=> array('title'=> "Order",			'type' => 'number',			'data'=> 'int','width' => '5%', 'thclass' => 'center','nolist' => true, 'noedit'=>true),	
+			'faq_order' 			=> array('title'=> LAN_ORDER,			'type' => 'number',			'data'=> 'int','width' => '5%', 'thclass' => 'center','nolist' => false, 'noedit'=>false),	
 			'options' 				=> array('title'=> LAN_OPTIONS,		'type' => null,				'forced'=>TRUE, 'width' => '10%', 'thclass' => 'center last', 'class' => 'center','readParms'=>'sort=1')
 		);
 		 
@@ -191,27 +192,6 @@ class faq_main_ui extends e_admin_ui
 	
 	public function init()
 	{
-		if(e_AJAX_REQUEST) // ajax link sorting. 
-		{
-			$sql = e107::getDb();
-			$c= ($_GET['from']) ? intval($_GET['from']) : 0;
-			$updated = array();
-			foreach($_POST['all'] as $row)
-			{
-				
-				list($tmp,$id) = explode("-",$row);
-				if($sql->db_Update("faqs","faq_order = ".intval($c)." WHERE faq_id = ".intval($id)))
-				{
-					$updated[] = $id;
-				}
-				$c++;		
-			}
-			
-		//	echo "Updated ".implode(",",$updated);
-			exit;
-		}	
-		
-		
 	}