Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
7e9e8871 | 4 | | CiviCRM version 4.7 | |
6a488035 | 5 | +--------------------------------------------------------------------+ |
0f03f337 | 6 | | Copyright CiviCRM LLC (c) 2004-2017 | |
6a488035 TO |
7 | +--------------------------------------------------------------------+ |
8 | | This file is a part of CiviCRM. | | |
9 | | | | |
10 | | CiviCRM is free software; you can copy, modify, and distribute it | | |
11 | | under the terms of the GNU Affero General Public License | | |
12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | | |
13 | | | | |
14 | | CiviCRM is distributed in the hope that it will be useful, but | | |
15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | | |
16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | | |
17 | | See the GNU Affero General Public License for more details. | | |
18 | | | | |
19 | | You should have received a copy of the GNU Affero General Public | | |
20 | | License and the CiviCRM Licensing Exception along | | |
21 | | with this program; if not, contact CiviCRM LLC | | |
22 | | at info[AT]civicrm[DOT]org. If you have questions about the | | |
23 | | GNU Affero General Public License or the licensing of CiviCRM, | | |
24 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | | |
25 | +--------------------------------------------------------------------+ | |
d25dd0ee | 26 | */ |
6a488035 TO |
27 | |
28 | /** | |
29 | * | |
30 | * @package CRM | |
0f03f337 | 31 | * @copyright CiviCRM LLC (c) 2004-2017 |
6a488035 TO |
32 | * |
33 | */ | |
34 | ||
35 | /** | |
36 | * This class generates form components for custom data | |
37 | * | |
38 | * It delegates the work to lower level subclasses and integrates the changes | |
39 | * back in. It also uses a lot of functionality with the CRM API's, so any change | |
40 | * made here could potentially affect the API etc. Be careful, be aware, use unit tests. | |
41 | * | |
42 | */ | |
43 | class CRM_Profile_Form_Edit extends CRM_Profile_Form { | |
44 | protected $_postURL = NULL; | |
45 | protected $_cancelURL = NULL; | |
46 | protected $_errorURL = NULL; | |
47 | protected $_context; | |
48 | protected $_blockNo; | |
49 | protected $_prefix; | |
2b63c577 | 50 | protected $returnExtra; |
6a488035 TO |
51 | |
52 | /** | |
100fef9d | 53 | * Pre processing work done here. |
6a488035 TO |
54 | * |
55 | * @param | |
56 | * | |
6a488035 | 57 | */ |
00be9182 | 58 | public function preProcess() { |
6a488035 TO |
59 | $this->_mode = CRM_Profile_Form::MODE_CREATE; |
60 | ||
e5e3f1ad | 61 | $this->_onPopupClose = CRM_Utils_Request::retrieve('onPopupClose', 'String', $this); |
3a2e7d2b | 62 | $this->assign('onPopupClose', $this->_onPopupClose); |
ac79535c | 63 | |
6a488035 TO |
64 | //set the context for the profile |
65 | $this->_context = CRM_Utils_Request::retrieve('context', 'String', $this); | |
66 | ||
67 | //set the block no | |
68 | $this->_blockNo = CRM_Utils_Request::retrieve('blockNo', 'String', $this); | |
69 | ||
70 | //set the prefix | |
71 | $this->_prefix = CRM_Utils_Request::retrieve('prefix', 'String', $this); | |
72 | ||
882a1be2 | 73 | // Fields for the EntityRef widget |
2b63c577 | 74 | $this->returnExtra = CRM_Utils_Request::retrieve('returnExtra', 'String', $this); |
882a1be2 | 75 | |
6a488035 TO |
76 | $this->assign('context', $this->_context); |
77 | ||
78 | if ($this->_blockNo) { | |
79 | $this->assign('blockNo', $this->_blockNo); | |
80 | $this->assign('prefix', $this->_prefix); | |
81 | } | |
82 | ||
83 | $this->assign('createCallback', CRM_Utils_Request::retrieve('createCallback', 'String', $this)); | |
84 | ||
85 | if ($this->get('skipPermission')) { | |
86 | $this->_skipPermission = TRUE; | |
87 | } | |
88 | ||
89 | if ($this->get('edit')) { | |
90 | // make sure we have right permission to edit this user | |
91 | $session = CRM_Core_Session::singleton(); | |
353ffa53 | 92 | $userID = $session->get('userID'); |
1a447f39 J |
93 | |
94 | // Set the ID from the query string, otherwise default to the current user | |
353ffa53 | 95 | $id = CRM_Utils_Request::retrieve('id', 'Positive', $this, FALSE, $userID); |
6a488035 TO |
96 | |
97 | if ($id) { | |
98 | // this is edit mode. | |
99 | $this->_mode = CRM_Profile_Form::MODE_EDIT; | |
100 | ||
101 | if ($id != $userID) { | |
102 | // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228 | |
541d99d7 | 103 | // see also CRM-19079 for modifications to the condition |
6a488035 | 104 | $config = CRM_Core_Config::singleton(); |
541d99d7 | 105 | if ($config->userFrameworkFrontend && $config->userSystem->is_joomla) { |
6a488035 TO |
106 | CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($id, $this); |
107 | } | |
108 | else { | |
109 | CRM_Contact_BAO_Contact_Permission::validateChecksumContact($id, $this); | |
110 | } | |
111 | $this->_isPermissionedChecksum = TRUE; | |
112 | } | |
113 | } | |
1a447f39 J |
114 | |
115 | // CRM-16784: If there is no ID then this can't be an 'edit' | |
116 | else { | |
117 | CRM_Core_Error::fatal(ts('No user/contact ID was specified, so the Profile cannot be used in edit mode.')); | |
118 | } | |
119 | ||
6a488035 TO |
120 | } |
121 | ||
122 | parent::preProcess(); | |
123 | ||
6a488035 TO |
124 | // and also the profile is of type 'Profile' |
125 | $query = " | |
2e57a21b DG |
126 | SELECT module,is_reserved |
127 | FROM civicrm_uf_group | |
128 | LEFT JOIN civicrm_uf_join ON uf_group_id = civicrm_uf_group.id | |
74ee0fba | 129 | WHERE civicrm_uf_group.id = %1 |
6a488035 | 130 | "; |
74ee0fba | 131 | |
6a488035 TO |
132 | $params = array(1 => array($this->_gid, 'Integer')); |
133 | $dao = CRM_Core_DAO::executeQuery($query, $params); | |
2e57a21b | 134 | |
192e8d1a | 135 | $isProfile = FALSE; |
136 | while ($dao->fetch()) { | |
137 | $isProfile = ($isProfile || ($dao->module == "Profile")); | |
138 | } | |
2e57a21b | 139 | |
192e8d1a | 140 | //Check that the user has the "add contacts" Permission |
141 | $canAdd = CRM_Core_Permission::check("add contacts"); | |
2e57a21b | 142 | |
192e8d1a | 143 | //Remove need for Profile module type when using reserved profiles [CRM-14488] |
144 | if (!$dao->N || (!$isProfile && !($dao->is_reserved && $canAdd))) { | |
6a488035 | 145 | CRM_Core_Error::fatal(ts('The requested Profile (gid=%1) is not configured to be used for \'Profile\' edit and view forms in its Settings. Contact the site administrator if you need assistance.', |
192e8d1a | 146 | array(1 => $this->_gid) |
147 | )); | |
6a488035 TO |
148 | } |
149 | } | |
150 | ||
151 | /** | |
fe482240 | 152 | * Build the form object. |
6a488035 | 153 | * |
6a488035 TO |
154 | */ |
155 | public function buildQuickForm() { | |
a3dbd1bc | 156 | if (empty($this->_ufGroup['id'])) { |
6a488035 TO |
157 | CRM_Core_Error::fatal(); |
158 | } | |
159 | ||
160 | // set the title | |
161 | if ($this->_multiRecord && $this->_customGroupTitle) { | |
dc98079b | 162 | $groupTitle = ($this->_multiRecord & CRM_Core_Action::UPDATE) ? 'Edit ' . $this->_customGroupTitle . ' Record' : $this->_customGroupTitle; |
6a488035 | 163 | |
0db6c3e1 TO |
164 | } |
165 | else { | |
a3dbd1bc | 166 | $groupTitle = $this->_ufGroup['title']; |
6a488035 TO |
167 | } |
168 | CRM_Utils_System::setTitle($groupTitle); | |
169 | $this->assign('recentlyViewed', FALSE); | |
170 | ||
171 | if ($this->_context != 'dialog') { | |
a3dbd1bc TO |
172 | $this->_postURL = $this->_ufGroup['post_URL']; |
173 | $this->_cancelURL = $this->_ufGroup['cancel_URL']; | |
6a488035 TO |
174 | |
175 | $gidString = $this->_gid; | |
176 | if (!empty($this->_profileIds)) { | |
177 | $gidString = implode(',', $this->_profileIds); | |
178 | } | |
179 | ||
6a488035 TO |
180 | if (!$this->_postURL) { |
181 | if ($this->_context == 'Search') { | |
182 | $this->_postURL = CRM_Utils_System::url('civicrm/contact/search'); | |
183 | } | |
184 | elseif ($this->_id && $this->_gid) { | |
185 | $urlParams = "reset=1&id={$this->_id}&gid={$gidString}"; | |
186 | if ($this->_isContactActivityProfile && $this->_activityId) { | |
187 | $urlParams .= "&aid={$this->_activityId}"; | |
188 | } | |
189 | // get checksum if present | |
190 | if ($this->get('cs')) { | |
191 | $urlParams .= "&cs=" . $this->get('cs'); | |
192 | } | |
193 | $this->_postURL = CRM_Utils_System::url('civicrm/profile/view', $urlParams); | |
194 | } | |
195 | } | |
196 | ||
197 | if (!$this->_cancelURL) { | |
a3dbd1bc TO |
198 | $this->_cancelURL = CRM_Utils_System::url('civicrm/profile', |
199 | "reset=1&gid={$gidString}" | |
200 | ); | |
6a488035 TO |
201 | } |
202 | ||
6a488035 TO |
203 | // we do this gross hack since qf also does entity replacement |
204 | $this->_postURL = str_replace('&', '&', $this->_postURL); | |
205 | $this->_cancelURL = str_replace('&', '&', $this->_cancelURL); | |
206 | ||
6a488035 TO |
207 | // also retain error URL if set |
208 | $this->_errorURL = CRM_Utils_Array::value('errorURL', $_POST); | |
209 | if ($this->_errorURL) { | |
210 | // we do this gross hack since qf also does entity replacement | |
211 | $this->_errorURL = str_replace('&', '&', $this->_errorURL); | |
212 | $this->addElement('hidden', 'errorURL', $this->_errorURL); | |
213 | } | |
214 | ||
215 | // replace the session stack in case user cancels (and we dont go into postProcess) | |
216 | $session = CRM_Core_Session::singleton(); | |
217 | $session->replaceUserContext($this->_postURL); | |
218 | } | |
219 | ||
220 | parent::buildQuickForm(); | |
221 | ||
fc942baa CW |
222 | $this->assign('cancelURL', $this->_cancelURL); |
223 | ||
6a488035 TO |
224 | if (($this->_multiRecord & CRM_Core_Action::DELETE) && $this->_recordExists) { |
225 | $this->_deleteButtonName = $this->getButtonName('upload', 'delete'); | |
226 | ||
7ce5cba4 | 227 | $this->addElement('submit', $this->_deleteButtonName, ts('Delete')); |
6a488035 | 228 | |
6a488035 TO |
229 | return; |
230 | } | |
231 | ||
232 | //get the value from session, this is set if there is any file | |
233 | //upload field | |
234 | $uploadNames = $this->get('uploadNames'); | |
235 | ||
236 | if (!empty($uploadNames)) { | |
237 | $buttonName = 'upload'; | |
238 | } | |
239 | else { | |
240 | $buttonName = 'next'; | |
241 | } | |
242 | ||
243 | $buttons[] = array( | |
244 | 'type' => $buttonName, | |
245 | 'name' => ts('Save'), | |
246 | 'isDefault' => TRUE, | |
247 | ); | |
248 | ||
6a488035 TO |
249 | $this->addButtons($buttons); |
250 | ||
251 | $this->addFormRule(array('CRM_Profile_Form', 'formRule'), $this); | |
252 | } | |
253 | ||
254 | /** | |
255 | * Process the user submitted custom data values. | |
256 | * | |
6a488035 TO |
257 | */ |
258 | public function postProcess() { | |
259 | parent::postProcess(); | |
260 | ||
882a1be2 | 261 | // Send back data for the EntityRef widget |
2b63c577 CW |
262 | if ($this->returnExtra) { |
263 | $contact = civicrm_api3('Contact', 'getsingle', array( | |
264 | 'id' => $this->_id, | |
265 | 'return' => $this->returnExtra, | |
266 | )); | |
267 | foreach (explode(',', $this->returnExtra) as $field) { | |
268 | $field = trim($field); | |
269 | $this->ajaxResponse['extra'][$field] = CRM_Utils_Array::value($field, $contact); | |
270 | } | |
882a1be2 | 271 | } |
79ae07d9 | 272 | |
f90f3ac1 CW |
273 | // When saving (not deleting) and not in an ajax popup |
274 | if (empty($_POST[$this->_deleteButtonName]) && $this->_context != 'dialog') { | |
6a488035 TO |
275 | CRM_Core_Session::setStatus(ts('Your information has been saved.'), ts('Thank you.'), 'success'); |
276 | } | |
277 | ||
278 | $session = CRM_Core_Session::singleton(); | |
279 | // only replace user context if we do not have a postURL | |
280 | if (!$this->_postURL) { | |
281 | $gidString = $this->_gid; | |
282 | if (!empty($this->_profileIds)) { | |
283 | $gidString = implode(',', $this->_profileIds); | |
284 | } | |
285 | ||
286 | $urlParams = "reset=1&id={$this->_id}&gid={$gidString}"; | |
287 | if ($this->_isContactActivityProfile && $this->_activityId) { | |
288 | $urlParams .= "&aid={$this->_activityId}"; | |
289 | } | |
290 | // Get checksum if present | |
291 | if ($this->get('cs')) { | |
292 | $urlParams .= "&cs=" . $this->get('cs'); | |
293 | } | |
294 | // Generate one if needed | |
295 | elseif (!CRM_Contact_BAO_Contact_Permission::allow($this->_id)) { | |
296 | $urlParams .= "&cs=" . CRM_Contact_BAO_Contact_Utils::generateChecksum($this->_id); | |
297 | } | |
298 | $url = CRM_Utils_System::url('civicrm/profile/view', $urlParams); | |
299 | } | |
300 | else { | |
301 | // Replace tokens from post URL | |
302 | $contactParams = array( | |
303 | 'contact_id' => $this->_id, | |
304 | 'version' => 3, | |
305 | ); | |
306 | ||
307 | $contact = civicrm_api('contact', 'get', $contactParams); | |
308 | $contact = reset($contact['values']); | |
309 | ||
310 | $dummyMail = new CRM_Mailing_BAO_Mailing(); | |
311 | $dummyMail->body_text = $this->_postURL; | |
312 | $tokens = $dummyMail->getTokens(); | |
313 | ||
314 | $url = CRM_Utils_Token::replaceContactTokens($this->_postURL, $contact, FALSE, CRM_Utils_Array::value('text', $tokens)); | |
315 | } | |
316 | ||
317 | $session->replaceUserContext($url); | |
318 | } | |
319 | ||
320 | /** | |
fe482240 | 321 | * Intercept QF validation and do our own redirection. |
6a488035 TO |
322 | * |
323 | * We use this to send control back to the user for a user formatted page | |
324 | * This allows the user to maintain the same state and display the error messages | |
325 | * in their own theme along with any modifications | |
326 | * | |
327 | * This is a first version and will be tweaked over a period of time | |
328 | * | |
6a488035 | 329 | * |
317fceb4 | 330 | * @return bool |
a6c01b45 | 331 | * true if no error found |
6a488035 | 332 | */ |
00be9182 | 333 | public function validate() { |
6a488035 TO |
334 | $errors = parent::validate(); |
335 | ||
8cc574cf | 336 | if (!$errors && !empty($_POST['errorURL'])) { |
6a488035 TO |
337 | $message = NULL; |
338 | foreach ($this->_errors as $name => $mess) { | |
339 | $message .= $mess; | |
340 | $message .= '<p>'; | |
341 | } | |
342 | ||
343 | CRM_Utils_System::setUFMessage($message); | |
344 | ||
345 | $message = urlencode($message); | |
346 | ||
347 | $errorURL = $_POST['errorURL']; | |
348 | if (strpos($errorURL, '?') !== FALSE) { | |
349 | $errorURL .= '&'; | |
350 | } | |
351 | else { | |
352 | $errorURL .= '?'; | |
353 | } | |
354 | $errorURL .= "gid={$this->_gid}&msg=$message"; | |
355 | CRM_Utils_System::redirect($errorURL); | |
356 | } | |
357 | ||
358 | return $errors; | |
359 | } | |
96025800 | 360 | |
6a488035 | 361 | } |