From 3bc59210af32762842e228729f6cc77f718de812 Mon Sep 17 00:00:00 2001 From: secretr Date: Tue, 7 Feb 2012 16:37:44 +0000 Subject: [PATCH] Various system fixes, improvements and code flexibility (base models, user model, sql handler, user signup/handling) --- class2.php | 2 +- .../shortcodes/batch/signup_shortcodes.php | 2 +- e107_handlers/admin_ui.php | 2 + e107_handlers/e107_class.php | 2 +- e107_handlers/login.php | 26 +++--- e107_handlers/model_class.php | 91 +++++++++++++++---- e107_handlers/mysql_class.php | 10 +- e107_handlers/user_extended_class.php | 3 +- e107_handlers/user_handler.php | 2 +- e107_handlers/user_model.php | 25 +++-- usersettings.php | 2 +- 11 files changed, 124 insertions(+), 43 deletions(-) diff --git a/class2.php b/class2.php index 3262db54e..a71adead4 100644 --- a/class2.php +++ b/class2.php @@ -1073,7 +1073,7 @@ if (!file_exists(FOOTERF)) message_handler('CRITICAL_ERROR', 'Unable to find file: '.FOOTERF, __LINE__ - 2, __FILE__); } -define('LOGINMESSAGE', ''); +//define('LOGINMESSAGE', ''); - not needed, breaks login messages define('OPEN_BASEDIR', (ini_get('open_basedir') ? true : false)); define('SAFE_MODE', (ini_get('safe_mode') ? true : false)); define('FILE_UPLOADS', (ini_get('file_uploads') ? true : false)); diff --git a/e107_core/shortcodes/batch/signup_shortcodes.php b/e107_core/shortcodes/batch/signup_shortcodes.php index 8453ae6dc..ca6a9e954 100755 --- a/e107_core/shortcodes/batch/signup_shortcodes.php +++ b/e107_core/shortcodes/batch/signup_shortcodes.php @@ -194,7 +194,7 @@ foreach($catList as $cat) $done_heading = TRUE; } $replace = array( - $tp->toHTML($ext['user_extended_struct_text'], FALSE, 'emotes_off,defs'), + $tp->toHTML(deftrue($ext['user_extended_struct_text'], $ext['user_extended_struct_text']), FALSE, 'emotes_off,defs'), ($ext['user_extended_struct_required'] == 1 ? $EXTENDED_USER_FIELD_REQUIRED : ''), $usere->user_extended_edit($ext, $_POST['ue']['user_'.$ext['user_extended_struct_name']]) ); diff --git a/e107_handlers/admin_ui.php b/e107_handlers/admin_ui.php index 3d7505956..c7b97e517 100644 --- a/e107_handlers/admin_ui.php +++ b/e107_handlers/admin_ui.php @@ -3622,6 +3622,8 @@ class e_admin_ui extends e_admin_controller_ui { $vttl = $this->getUI()->renderValue($field, $value, $this->getFieldAttr($field)); $this->getTreeModel()->addMessageSuccess(sprintf(LAN_UI_BATCH_UPDATE_SUCCESS, $vttl, $cnt)); + // force reload the collection from DB, fix some issues as 'observer' is executed before the batch handler + $this->getTreeModel()->setParam('db_query', $this->_modifyListQry(false, false, false, false, $this->listQry))->load(true); } $this->getTreeModel()->setMessages(); return $cnt; diff --git a/e107_handlers/e107_class.php b/e107_handlers/e107_class.php index 763784daf..c3e5c9af3 100644 --- a/e107_handlers/e107_class.php +++ b/e107_handlers/e107_class.php @@ -1158,7 +1158,7 @@ class e107 /** * Retrieve IP/ban handler singleton object * - * @return language + * @return eIPHandler */ public static function getIPHandler() { diff --git a/e107_handlers/login.php b/e107_handlers/login.php index 0b6d42f91..a878c7a03 100644 --- a/e107_handlers/login.php +++ b/e107_handlers/login.php @@ -441,68 +441,68 @@ class userlogin switch ($reason) { case LOGIN_ABORT : // alt_auth reject - define("LOGINMESSAGE", LAN_LOGIN_21."

"); + define("LOGINMESSAGE", LAN_LOGIN_21); $this->genNote($this->userIP,$username, 'Alt_auth: '.LAN_LOGIN_14); $this->logNote('LAN_ROLL_LOG_04', 'Alt_Auth: '.$username); $doCheck = TRUE; break; case LOGIN_DB_ERROR : // alt_auth couldn't add valid user - define("LOGINMESSAGE", LAN_LOGIN_31."

"); + define("LOGINMESSAGE", LAN_LOGIN_31); $this->genNote($username, 'Alt_auth: '.LAN_LOGIN_30); // $this->logNote('LAN_ROLL_LOG_04', 'Alt_Auth: '.$username); // Added in alt_auth login $doCheck = TRUE; break; case LOGIN_BAD_PW : - define("LOGINMESSAGE", LAN_LOGIN_21."

"); + define("LOGINMESSAGE", LAN_LOGIN_21); $this->logNote('LAN_ROLL_LOG_03', $username); break; case LOGIN_CHAP_FAIL : - define("LOGINMESSAGE", LAN_LOGIN_21."

"); + define("LOGINMESSAGE", LAN_LOGIN_21); $this->logNote('LAN_ROLL_LOG_03', 'CHAP: '.$username); break; case LOGIN_BAD_USER : - define("LOGINMESSAGE", LAN_LOGIN_21."

"); + define("LOGINMESSAGE", LAN_LOGIN_21); $this->genNote($username, LAN_LOGIN_14); $this->logNote('LAN_ROLL_LOG_04', $username); $doCheck = TRUE; break; case LOGIN_BAD_USERNAME : - define("LOGINMESSAGE", LAN_LOGIN_21."

"); + define("LOGINMESSAGE", LAN_LOGIN_21); $this->logNote('LAN_ROLL_LOG_08', $username); break; case LOGIN_MULTIPLE : - define("LOGINMESSAGE", LAN_LOGIN_24."

"); + define("LOGINMESSAGE", LAN_LOGIN_24); $this->logNote('LAN_ROLL_LOG_07', "U: {$username} IP: {$this->userIP}"); $this->genNote($username, LAN_LOGIN_16); $doCheck = TRUE; break; case LOGIN_BAD_CODE : - define("LOGINMESSAGE", LAN_LOGIN_23."

"); + define("LOGINMESSAGE", LAN_LOGIN_23); $this->logNote('LAN_ROLL_LOG_02', $username); break; case LOGIN_NOT_ACTIVATED : $srch = array("[","]"); $repl = array("",""); - define("LOGINMESSAGE", str_replace($srch,$repl,LAN_LOGIN_22)."

"); + define("LOGINMESSAGE", str_replace($srch,$repl,LAN_LOGIN_22)); $this->logNote('LAN_ROLL_LOG_05', $username); $this->genNote($username, LAN_LOGIN_27); $doCheck = TRUE; break; case LOGIN_BLANK_FIELD : - define("LOGINMESSAGE", LAN_LOGIN_20."

"); + define("LOGINMESSAGE", LAN_LOGIN_20); $this->logNote('LAN_ROLL_LOG_01', $username); break; case LOGIN_BAD_TRIGGER : - define("LOGINMESSAGE", $extra_text."

"); + define("LOGINMESSAGE", $extra_text); $this->logNote('LAN_ROLL_LOG_06', $username); break; case LOGIN_BANNED : - define("LOGINMESSAGE", LAN_LOGIN_21."

"); // Just give 'incorrect login' message + define("LOGINMESSAGE", LAN_LOGIN_21); // Just give 'incorrect login' message $this->genNote($username, LAN_LOGIN_25); $this->logNote('LAN_ROLL_LOG_09', $username); break; default : // Something's gone wrong! - define("LOGINMESSAGE", LAN_LOGIN_21."

"); // Just give 'incorrect login' message + define("LOGINMESSAGE", LAN_LOGIN_21); // Just give 'incorrect login' message $this->genNote($username, LAN_LOGIN_26); $this->logNote('LAN_ROLL_LOG_10', $username); } diff --git a/e107_handlers/model_class.php b/e107_handlers/model_class.php index 578071eb9..d77ad14fa 100644 --- a/e107_handlers/model_class.php +++ b/e107_handlers/model_class.php @@ -94,7 +94,7 @@ class e_object { if ($this->getFieldIdName()) { - return $this->get($this->getFieldIdName(), 0); + return $this->get($this->getFieldIdName(), null); } return $this->get('id', 0); } @@ -108,7 +108,7 @@ class e_object { if ($this->getFieldIdName()) { - return $this->set($this->getFieldIdName(), intval($id)); + return $this->set($this->getFieldIdName(), $id); } return $this; } @@ -1340,7 +1340,7 @@ class e_model extends e_object $this->setData(array()) ->_clearCacheData(); } - $id = intval($id); + $id = e107::getParser()->toDB($id); if(!$id) { return $this; @@ -2377,11 +2377,18 @@ class e_front_model extends e_model } $qry['_FIELD_TYPES'] = $this->_FIELD_TYPES; //DB field types are optional - $qry['data'][$this->getFieldIdName()] = $this->getId(); - $qry['_FIELD_TYPES'][$this->getFieldIdName()] = 'int'; - + + // support for tables with no auto-increment PK + $id = $this->getId(); + $qry['data'][$this->getFieldIdName()] = $id; + + if($action == 'create' && !$id) $qry['_FIELD_TYPES'][$this->getFieldIdName()] = 'NULL'; + elseif(is_numeric($id)) $qry['_FIELD_TYPES'][$this->getFieldIdName()] = 'integer'; + else $qry['_FIELD_TYPES'][$this->getFieldIdName()] = 'string'; + foreach ($this->_data_fields as $key => $type) { + if($key == $this->getFieldIdName()) { continue; @@ -2396,7 +2403,7 @@ class e_front_model extends e_model switch($action) { case 'create': - $qry['data'][$this->getFieldIdName()] = 0; + //$qry['data'][$this->getFieldIdName()] = NULL; break; case 'replace': $qry['_REPLACE'] = true; @@ -2404,7 +2411,9 @@ class e_front_model extends e_model case 'update': unset($qry['data'][$this->getFieldIdName()]); - $qry['WHERE'] = $this->getFieldIdName().'='.intval($this->getId()); //intval just in case... + if(is_numeric($id)) $id = intval($id); + else $id = "'".e107::getParser()->toDB($id)."'"; + $qry['WHERE'] = $this->getFieldIdName().'='.$id; break; } @@ -2458,6 +2467,7 @@ class e_front_model extends e_model case 'str': case 'string': + case 'array': return $tp->toDB($value); break; @@ -2555,6 +2565,28 @@ class e_front_model extends e_model return false; } + + /** + * Update record + * + * @param boolen $from_post + * @return boolean|integer + */ + public function update($from_post = true, $force = false, $session_messages = false) + { + if(!$this->getFieldIdName()) + { + return false; + } + + if($from_post) + { + //no strict copy, validate & sanitize + $this->mergePostedData(false, true, true); + } + + return $this->dbUpdate($force, $session_messages); + } /** * Exactly what it says - your debug helper @@ -2629,6 +2661,24 @@ class e_admin_model extends e_front_model return $this->dbInsert($session_messages); } + + /** + * Insert record + * + * @param boolen $from_post + * @param boolean $session_messages + * @return integer inserted ID or false on error + */ + public function insert($from_post = true, $session_messages = false) + { + if($from_post) + { + //no strict copy, validate & sanitize + $this->mergePostedData(false, true, true); + } + + return $this->dbInsert($session_messages); + } public function delete($destroy = true, $session_messages = false) { @@ -2728,7 +2778,10 @@ class e_admin_model extends e_front_model return 0; } $sql = e107::getDb(); - $res = $sql->db_Delete($this->getModelTable(), $this->getFieldIdName().'='.intval($this->getId())); + $id = $this->getId(); + if(is_numeric($id)) $id = intval($id); + else $id = "'".e107::getParser()->toDB($id)."'"; + $res = $sql->db_Delete($this->getModelTable(), $this->getFieldIdName().'='.$id); if(!$res) { $this->_db_errno = $sql->getLastErrorNumber(); @@ -2945,7 +2998,9 @@ class e_tree_model extends e_front_model // auto-load all if(!$this->getParam('db_query') && $this->getModelTable()) { - $this->setParam('db_query', 'SELECT'.(!$this->getParam('nocount') ? ' SQL_CALC_FOUND_ROWS' : '').' * FROM #'.$this->getModelTable() + $this->setParam('db_query', 'SELECT'.(!$this->getParam('nocount') ? ' SQL_CALC_FOUND_ROWS' : '') + .($this->getParam('db_cols') ? ' '.$this->getParam('db_cols') : ' *').' FROM #'.$this->getModelTable() + .($this->getParam('db_joins') ? ' '.$this->getParam('db_joins') : '') .($this->getParam('db_where') ? ' WHERE '.$this->getParam('db_where') : '') .($this->getParam('db_order') ? ' ORDER BY '.$this->getParam('db_order') : '') .($this->getParam('db_limit') ? ' LIMIT '.$this->getParam('db_limit') : '') @@ -3216,9 +3271,9 @@ class e_front_tree_model extends e_tree_model if($sanitize) { - $ids = array_map('intval', $ids); + $ids = array_map(array($tp, 'toDB'), $ids); $field = $tp->toDb($field); - $value = "'".$tp->toDb($value)."'"; + $value = "'".$tp->toDB($value)."'"; } $idstr = implode(', ', $ids); @@ -3281,7 +3336,8 @@ class e_admin_tree_model extends e_front_tree_model $ids = explode(',', $ids); } - $ids = array_map('intval', $ids); + $tp = e107::getParser(); + $ids = array_map(array($tp, 'toDB'), $ids); $idstr = implode(', ', $ids); $sql = e107::getDb(); @@ -3321,12 +3377,13 @@ class e_admin_tree_model extends e_front_tree_model */ public function copy($ids) { - $ids = array_map('intval', $ids); + $tp = e107::getParser(); + $ids = array_map(array($tp, 'toDB'), $ids); $idstr = implode(', ', $ids); $sql = e107::getDb(); - - if($res = $sql->db_CopyRow($this->getModelTable(), "*", $this->getFieldIdName().' IN ('.$idstr.')')) + $res = $sql->db_CopyRow($this->getModelTable(), "*", $this->getFieldIdName().' IN ('.$idstr.')'); + if(false !== $res) { $this->addMessageSuccess('Copied #'.$idstr); } @@ -3334,7 +3391,7 @@ class e_admin_tree_model extends e_front_tree_model { if($sql->getLastErrorNumber()) { - $this->addMessageError('SQL Delete Error', $session_messages); //TODO - Lan + $this->addMessageError('SQL Copy Error', $session_messages); //TODO - Lan $this->addMessageDebug('SQL Error #'.$sql->getLastErrorNumber().': '.$sql->getLastErrorText()); } } diff --git a/e107_handlers/mysql_class.php b/e107_handlers/mysql_class.php index 0894ea70f..152615e9e 100644 --- a/e107_handlers/mysql_class.php +++ b/e107_handlers/mysql_class.php @@ -668,6 +668,14 @@ class e_db_mysql case 'escape': return "'".mysql_real_escape_string($fieldValue)."'"; break; + + case 'array': + if(is_array($fieldValue)) + { + return "'".e107::getArrayStorage()->writeArray($fieldValue, true)."'"; + } + return "'". (string) $fieldValue."'"; + break; case 'todb': default: @@ -1442,7 +1450,7 @@ class e_db_mysql { if(!$table || !$args ) { - return; + return false; } if($fields == '*') diff --git a/e107_handlers/user_extended_class.php b/e107_handlers/user_extended_class.php index 44b44247d..2be3b1055 100644 --- a/e107_handlers/user_extended_class.php +++ b/e107_handlers/user_extended_class.php @@ -174,9 +174,10 @@ class e107_user_extended case EUF_LANGUAGE : case EUF_PREDEFINED : case EUF_CHECKBOX : + case EUF_RADIO : $target['_FIELD_TYPES'][$k] = 'todb'; break; - case EUF_RADIO : + case EUF_INTEGER : $target['_FIELD_TYPES'][$k] = 'int'; break; diff --git a/e107_handlers/user_handler.php b/e107_handlers/user_handler.php index 9fb6eed83..0e0114570 100644 --- a/e107_handlers/user_handler.php +++ b/e107_handlers/user_handler.php @@ -360,7 +360,7 @@ class UserHandler $digitLength = strlen($digit) - 1; // Create alpha numeric [A-Z][a-z] - $alphaNum = $alpha.$digit; + $alphaNum = $alpha.$digit.chr(45).chr(95); // add support for - and _ $alphaNumLength = strlen($alphaNum) - 1; // Next character of seed (if used) diff --git a/e107_handlers/user_model.php b/e107_handlers/user_model.php index 942510fdc..291237d23 100644 --- a/e107_handlers/user_model.php +++ b/e107_handlers/user_model.php @@ -26,7 +26,7 @@ if (!defined('e107_INIT')) exit; } -class e_user_model extends e_front_model +class e_user_model extends e_admin_model { /** * Describes all model data, used as _FIELD_TYPE array as well @@ -888,6 +888,7 @@ class e_user_model extends e_front_model // TODO - do the save manually in this order: validate() on user model, save() on extended fields, save() on user model $ret = parent::save(true, $force, $session); + if(false !== $ret && null !== $this->_extended_model) // don't load extended fields if not already used { $ret_e = $this->_extended_model->save($force, $session); @@ -1352,7 +1353,7 @@ class e_user extends e_user_model } } -class e_user_extended_model extends e_front_model +class e_user_extended_model extends e_admin_model { /** * Describes known model fields @@ -1740,10 +1741,11 @@ class e_user_extended_model extends e_front_model // validaton rules $vtype = $parms[1] ? 'regex' : $ftype; - $this->setValidationRule($structure_model->getValue('name'), array($vtype, $parms[1], $structure_model->getValue('text'), $parms[2]), $structure_model->getValue('required')); + $name = 'user_'.$structure_model->getValue('name'); + $this->setValidationRule($name, array($vtype, $parms[1], $structure_model->getValue('text'), $parms[2]), $structure_model->getValue('required')); // data type, required for sql query - $this->_data_fields[$structure_model->getValue('name')] = $ftype; + $this->_data_fields[$name] = $ftype; return $this; } @@ -1762,7 +1764,7 @@ class e_user_extended_model extends e_front_model $fields = $struct_tree->getTree(); foreach ($fields as $id => $field) { - if (!in_array($field->getValue('name'), $ignore)) + if (!in_array('user_'.$field->getValue('name'), $ignore) && !$field->isCategory()) { // build _data_type and rules $this->_buildManageField($field); @@ -1808,7 +1810,17 @@ class e_user_extended_model extends e_front_model */ public function save($force = false, $session = false) { + // when not loaded from db, see the construct check + if(!$this->getId()) + { + $this->setId($this->getUser()->getId()); + } $this->_buildManageRules(); + // insert new record + if(!e107::getDb()->db_Count('user_extended', '(user_extended_id)', "user_extended_id=".$this->getId())) + { + return $this->insert(true, $session); + } return parent::save(true, $force, $session); } @@ -2116,7 +2128,8 @@ class e_user_pref extends e_front_model */ public function apply() { - $this->_user->set('user_prefs', $this->toString(true)); + $data = $this->hasData() ? $this->toString(true) : ''; + $this->_user->set('user_prefs', $data); return $this; } diff --git a/usersettings.php b/usersettings.php index 4449d403c..706f56edc 100644 --- a/usersettings.php +++ b/usersettings.php @@ -425,7 +425,7 @@ if ($dataToSave && !$promptPassword) //print_a($changedEUFData); // ***** Next line creates a record which presumably should be there anyway, so could generate an error $sql->db_Select_gen("INSERT INTO #user_extended (user_extended_id, user_hidden_fields) values ('".intval($inp)."', '')"); - if (!$sql->db_Update('user_extended', $changedEUFData)) + if (false === $sql->db_Update('user_extended', $changedEUFData)) { $message .= '
Error updating EUF'; }