Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
bc77d7c0 | 4 | | Copyright CiviCRM LLC. All rights reserved. | |
6a488035 | 5 | | | |
bc77d7c0 TO |
6 | | This work is published under the GNU AGPLv3 license with some | |
7 | | permitted exceptions and without any warranty. For full license | | |
8 | | and copyright information, see https://civicrm.org/licensing | | |
6a488035 | 9 | +--------------------------------------------------------------------+ |
d25dd0ee | 10 | */ |
6a488035 TO |
11 | |
12 | /** | |
13 | * | |
14 | * @package CRM | |
ca5cec67 | 15 | * @copyright CiviCRM LLC https://civicrm.org/licensing |
6a488035 TO |
16 | * $Id$ |
17 | * | |
18 | */ | |
19 | class CRM_Import_DataSource_SQL extends CRM_Import_DataSource { | |
20 | ||
e0ef6999 | 21 | /** |
fe482240 | 22 | * Provides information about the data source. |
e0ef6999 | 23 | * |
a6c01b45 CW |
24 | * @return array |
25 | * collection of info about this data source | |
e0ef6999 | 26 | */ |
6a488035 | 27 | public function getInfo() { |
be2fb01f | 28 | return [ |
11749569 | 29 | 'title' => ts('SQL Query'), |
be2fb01f CW |
30 | 'permissions' => ['import SQL datasource'], |
31 | ]; | |
6a488035 TO |
32 | } |
33 | ||
e0ef6999 | 34 | /** |
fe482240 | 35 | * Set variables up before form is built. |
67f947ac EM |
36 | * |
37 | * @param CRM_Core_Form $form | |
e0ef6999 | 38 | */ |
3a05d67e TO |
39 | public function preProcess(&$form) { |
40 | } | |
6a488035 | 41 | |
e0ef6999 EM |
42 | /** |
43 | * This is function is called by the form object to get the DataSource's | |
44 | * form snippet. It should add all fields necesarry to get the data | |
45 | * uploaded to the temporary table in the DB. | |
46 | * | |
c490a46a | 47 | * @param CRM_Core_Form $form |
e0ef6999 | 48 | * |
a6c01b45 CW |
49 | * @return void |
50 | * (operates directly on form argument) | |
e0ef6999 | 51 | */ |
6a488035 TO |
52 | public function buildQuickForm(&$form) { |
53 | $form->add('hidden', 'hidden_dataSource', 'CRM_Import_DataSource_SQL'); | |
54 | $form->add('textarea', 'sqlQuery', ts('Specify SQL Query'), 'rows=10 cols=45', TRUE); | |
be2fb01f | 55 | $form->addFormRule(['CRM_Import_DataSource_SQL', 'formRule'], $form); |
6a488035 TO |
56 | } |
57 | ||
e0ef6999 EM |
58 | /** |
59 | * @param $fields | |
60 | * @param $files | |
c490a46a | 61 | * @param CRM_Core_Form $form |
e0ef6999 EM |
62 | * |
63 | * @return array|bool | |
64 | */ | |
00be9182 | 65 | public static function formRule($fields, $files, $form) { |
be2fb01f | 66 | $errors = []; |
6a488035 | 67 | |
e047612e | 68 | // Makeshift query validation (case-insensitive regex matching on word boundaries) |
be2fb01f | 69 | $forbidden = ['ALTER', 'CREATE', 'DELETE', 'DESCRIBE', 'DROP', 'SHOW', 'UPDATE', 'information_schema']; |
6a488035 TO |
70 | foreach ($forbidden as $pattern) { |
71 | if (preg_match("/\\b$pattern\\b/i", $fields['sqlQuery'])) { | |
be2fb01f | 72 | $errors['sqlQuery'] = ts('The query contains the forbidden %1 command.', [1 => $pattern]); |
6a488035 TO |
73 | } |
74 | } | |
75 | ||
76 | return $errors ? $errors : TRUE; | |
77 | } | |
78 | ||
e0ef6999 | 79 | /** |
fe482240 | 80 | * Process the form submission. |
54957108 | 81 | * |
82 | * @param array $params | |
83 | * @param string $db | |
84 | * @param \CRM_Core_Form $form | |
e0ef6999 | 85 | */ |
6a488035 | 86 | public function postProcess(&$params, &$db, &$form) { |
719a6fec | 87 | $importJob = new CRM_Contact_Import_ImportJob( |
481a74f4 | 88 | CRM_Utils_Array::value('import_table_name', $params), |
3a05d67e | 89 | $params['sqlQuery'], TRUE |
6a488035 TO |
90 | ); |
91 | ||
92 | $form->set('importTableName', $importJob->getTableName()); | |
93 | } | |
96025800 | 94 | |
6a488035 | 95 | } |