[civicrm-core.git] / CRM / Profile / Form / Edit.php

<?php
/*
 +--------------------------------------------------------------------+
 | CiviCRM version 4.7                                                |
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC (c) 2004-2017                                |
 +--------------------------------------------------------------------+
 | This file is a part of CiviCRM.                                    |
 |                                                                    |
 | CiviCRM is free software; you can copy, modify, and distribute it  |
 | under the terms of the GNU Affero General Public License           |
 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
 |                                                                    |
 | CiviCRM is distributed in the hope that it will be useful, but     |
 | WITHOUT ANY WARRANTY; without even the implied warranty of         |
 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
 | See the GNU Affero General Public License for more details.        |
 |                                                                    |
 | You should have received a copy of the GNU Affero General Public   |
 | License and the CiviCRM Licensing Exception along                  |
 | with this program; if not, contact CiviCRM LLC                     |
 | at info[AT]civicrm[DOT]org. If you have questions about the        |
 | GNU Affero General Public License or the licensing of CiviCRM,     |
 | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
 +--------------------------------------------------------------------+
 */

/**
 *
 * @package CRM
 * @copyright CiviCRM LLC (c) 2004-2017
 *
 */

/**
 * This class generates form components for custom data
 *
 * It delegates the work to lower level subclasses and integrates the changes
 * back in. It also uses a lot of functionality with the CRM API's, so any change
 * made here could potentially affect the API etc. Be careful, be aware, use unit tests.
 *
 */
class CRM_Profile_Form_Edit extends CRM_Profile_Form {
  protected $_postURL = NULL;
  protected $_cancelURL = NULL;
  protected $_errorURL = NULL;
  protected $_context;
  protected $_blockNo;
  protected $_prefix;
  protected $returnExtra;

  /**
   * Pre processing work done here.
   *
   * @param
   *
   */
  public function preProcess() {
    $this->_mode = CRM_Profile_Form::MODE_CREATE;

    $this->_onPopupClose = CRM_Utils_Request::retrieve('onPopupClose', 'String', $this);
    $this->assign('onPopupClose', $this->_onPopupClose);

    //set the context for the profile
    $this->_context = CRM_Utils_Request::retrieve('context', 'String', $this);

    //set the block no
    $this->_blockNo = CRM_Utils_Request::retrieve('blockNo', 'String', $this);

    //set the prefix
    $this->_prefix = CRM_Utils_Request::retrieve('prefix', 'String', $this);

    // Fields for the EntityRef widget
    $this->returnExtra = CRM_Utils_Request::retrieve('returnExtra', 'String', $this);

    $this->assign('context', $this->_context);

    if ($this->_blockNo) {
      $this->assign('blockNo', $this->_blockNo);
      $this->assign('prefix', $this->_prefix);
    }

    $this->assign('createCallback', CRM_Utils_Request::retrieve('createCallback', 'String', $this));

    if ($this->get('skipPermission')) {
      $this->_skipPermission = TRUE;
    }

    if ($this->get('edit')) {
      // make sure we have right permission to edit this user
      $session = CRM_Core_Session::singleton();
      $userID = $session->get('userID');

      // Set the ID from the query string, otherwise default to the current user
      $id = CRM_Utils_Request::retrieve('id', 'Positive', $this, FALSE, $userID);

      if ($id) {
        // this is edit mode.
        $this->_mode = CRM_Profile_Form::MODE_EDIT;

        if ($id != $userID) {
          // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228
          // see also CRM-19079 for modifications to the condition
          $config = CRM_Core_Config::singleton();
          if ($config->userFrameworkFrontend && $config->userSystem->is_joomla) {
            CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($id, $this);
          }
          else {
            CRM_Contact_BAO_Contact_Permission::validateChecksumContact($id, $this);
          }
          $this->_isPermissionedChecksum = TRUE;
        }
      }

      // CRM-16784: If there is no ID then this can't be an 'edit'
      else {
        CRM_Core_Error::fatal(ts('No user/contact ID was specified, so the Profile cannot be used in edit mode.'));
      }

    }

    parent::preProcess();

    // and also the profile is of type 'Profile'
    $query = "
SELECT module,is_reserved
  FROM civicrm_uf_group
  LEFT JOIN civicrm_uf_join ON uf_group_id = civicrm_uf_group.id
  WHERE civicrm_uf_group.id = %1
";

    $params = array(1 => array($this->_gid, 'Integer'));
    $dao = CRM_Core_DAO::executeQuery($query, $params);

    $isProfile = FALSE;
    while ($dao->fetch()) {
      $isProfile = ($isProfile || ($dao->module == "Profile"));
    }

    //Check that the user has the "add contacts" Permission
    $canAdd = CRM_Core_Permission::check("add contacts");

    //Remove need for Profile module type when using reserved profiles [CRM-14488]
    if (!$dao->N || (!$isProfile && !($dao->is_reserved && $canAdd))) {
      CRM_Core_Error::fatal(ts('The requested Profile (gid=%1) is not configured to be used for \'Profile\' edit and view forms in its Settings. Contact the site administrator if you need assistance.',
        array(1 => $this->_gid)
      ));
    }
  }

  /**
   * Build the form object.
   *
   */
  public function buildQuickForm() {
    if (empty($this->_ufGroup['id'])) {
      CRM_Core_Error::fatal();
    }

    // set the title
    if ($this->_multiRecord && $this->_customGroupTitle) {
      $groupTitle = ($this->_multiRecord & CRM_Core_Action::UPDATE) ? 'Edit ' . $this->_customGroupTitle . ' Record' : $this->_customGroupTitle;

    }
    else {
      $groupTitle = $this->_ufGroup['title'];
    }
    CRM_Utils_System::setTitle($groupTitle);
    $this->assign('recentlyViewed', FALSE);

    if ($this->_context != 'dialog') {
      $this->_postURL = $this->_ufGroup['post_URL'];
      $this->_cancelURL = $this->_ufGroup['cancel_URL'];

      $gidString = $this->_gid;
      if (!empty($this->_profileIds)) {
        $gidString = implode(',', $this->_profileIds);
      }

      if (!$this->_postURL) {
        if ($this->_context == 'Search') {
          $this->_postURL = CRM_Utils_System::url('civicrm/contact/search');
        }
        elseif ($this->_id && $this->_gid) {
          $urlParams = "reset=1&id={$this->_id}&gid={$gidString}";
          if ($this->_isContactActivityProfile && $this->_activityId) {
            $urlParams .= "&aid={$this->_activityId}";
          }
          // get checksum if present
          if ($this->get('cs')) {
            $urlParams .= "&cs=" . $this->get('cs');
          }
          $this->_postURL = CRM_Utils_System::url('civicrm/profile/view', $urlParams);
        }
      }

      if (!$this->_cancelURL) {
        $this->_cancelURL = CRM_Utils_System::url('civicrm/profile',
          "reset=1&gid={$gidString}"
        );
      }

      // we do this gross hack since qf also does entity replacement
      $this->_postURL = str_replace('&amp;', '&', $this->_postURL);
      $this->_cancelURL = str_replace('&amp;', '&', $this->_cancelURL);

      // also retain error URL if set
      $this->_errorURL = CRM_Utils_Array::value('errorURL', $_POST);
      if ($this->_errorURL) {
        // we do this gross hack since qf also does entity replacement
        $this->_errorURL = str_replace('&amp;', '&', $this->_errorURL);
        $this->addElement('hidden', 'errorURL', $this->_errorURL);
      }

      // replace the session stack in case user cancels (and we dont go into postProcess)
      $session = CRM_Core_Session::singleton();
      $session->replaceUserContext($this->_postURL);
    }

    parent::buildQuickForm();

    $this->assign('cancelURL', $this->_cancelURL);

    if (($this->_multiRecord & CRM_Core_Action::DELETE) && $this->_recordExists) {
      $this->_deleteButtonName = $this->getButtonName('upload', 'delete');

      $this->addElement('submit', $this->_deleteButtonName, ts('Delete'));

      return;
    }

    //get the value from session, this is set if there is any file
    //upload field
    $uploadNames = $this->get('uploadNames');

    if (!empty($uploadNames)) {
      $buttonName = 'upload';
    }
    else {
      $buttonName = 'next';
    }

    $buttons[] = array(
      'type' => $buttonName,
      'name' => ts('Save'),
      'isDefault' => TRUE,
    );

    $this->addButtons($buttons);

    $this->addFormRule(array('CRM_Profile_Form', 'formRule'), $this);
  }

  /**
   * Process the user submitted custom data values.
   *
   */
  public function postProcess() {
    parent::postProcess();

    // Send back data for the EntityRef widget
    if ($this->returnExtra) {
      $contact = civicrm_api3('Contact', 'getsingle', array(
        'id' => $this->_id,
        'return' => $this->returnExtra,
      ));
      foreach (explode(',', $this->returnExtra) as $field) {
        $field = trim($field);
        $this->ajaxResponse['extra'][$field] = CRM_Utils_Array::value($field, $contact);
      }
    }

    // When saving (not deleting) and not in an ajax popup
    if (empty($_POST[$this->_deleteButtonName]) && $this->_context != 'dialog') {
      CRM_Core_Session::setStatus(ts('Your information has been saved.'), ts('Thank you.'), 'success');
    }

    $session = CRM_Core_Session::singleton();
    // only replace user context if we do not have a postURL
    if (!$this->_postURL) {
      $gidString = $this->_gid;
      if (!empty($this->_profileIds)) {
        $gidString = implode(',', $this->_profileIds);
      }

      $urlParams = "reset=1&id={$this->_id}&gid={$gidString}";
      if ($this->_isContactActivityProfile && $this->_activityId) {
        $urlParams .= "&aid={$this->_activityId}";
      }
      // Get checksum if present
      if ($this->get('cs')) {
        $urlParams .= "&cs=" . $this->get('cs');
      }
      // Generate one if needed
      elseif (!CRM_Contact_BAO_Contact_Permission::allow($this->_id)) {
        $urlParams .= "&cs=" . CRM_Contact_BAO_Contact_Utils::generateChecksum($this->_id);
      }
      $url = CRM_Utils_System::url('civicrm/profile/view', $urlParams);
    }
    else {
      // Replace tokens from post URL
      $contactParams = array(
        'contact_id' => $this->_id,
        'version' => 3,
      );

      $contact = civicrm_api('contact', 'get', $contactParams);
      $contact = reset($contact['values']);

      $dummyMail = new CRM_Mailing_BAO_Mailing();
      $dummyMail->body_text = $this->_postURL;
      $tokens = $dummyMail->getTokens();

      $url = CRM_Utils_Token::replaceContactTokens($this->_postURL, $contact, FALSE, CRM_Utils_Array::value('text', $tokens));
    }

    $session->replaceUserContext($url);
  }

  /**
   * Intercept QF validation and do our own redirection.
   *
   * We use this to send control back to the user for a user formatted page
   * This allows the user to maintain the same state and display the error messages
   * in their own theme along with any modifications
   *
   * This is a first version and will be tweaked over a period of time
   *
   *
   * @return bool
   *   true if no error found
   */
  public function validate() {
    $errors = parent::validate();

    if (!$errors && !empty($_POST['errorURL'])) {
      $message = NULL;
      foreach ($this->_errors as $name => $mess) {
        $message .= $mess;
        $message .= '<p>';
      }

      CRM_Utils_System::setUFMessage($message);

      $message = urlencode($message);

      $errorURL = $_POST['errorURL'];
      if (strpos($errorURL, '?') !== FALSE) {
        $errorURL .= '&';
      }
      else {
        $errorURL .= '?';
      }
      $errorURL .= "gid={$this->_gid}&msg=$message";
      CRM_Utils_System::redirect($errorURL);
    }

    return $errors;
  }

}
Commit	Line	Data
6a488035 TO	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
7e9e8871	4	\| CiviCRM version 4.7 \|
6a488035	5	+--------------------------------------------------------------------+
0f03f337	6	\| Copyright CiviCRM LLC (c) 2004-2017 \|
6a488035 TO	7	+--------------------------------------------------------------------+
	8	\| This file is a part of CiviCRM. \|
	9	\| \|
	10	\| CiviCRM is free software; you can copy, modify, and distribute it \|
	11	\| under the terms of the GNU Affero General Public License \|
	12	\| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. \|
	13	\| \|
	14	\| CiviCRM is distributed in the hope that it will be useful, but \|
	15	\| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	16	\| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. \|
	17	\| See the GNU Affero General Public License for more details. \|
	18	\| \|
	19	\| You should have received a copy of the GNU Affero General Public \|
	20	\| License and the CiviCRM Licensing Exception along \|
	21	\| with this program; if not, contact CiviCRM LLC \|
	22	\| at info[AT]civicrm[DOT]org. If you have questions about the \|
	23	\| GNU Affero General Public License or the licensing of CiviCRM, \|
	24	\| see the CiviCRM license FAQ at http://civicrm.org/licensing \|
	25	+--------------------------------------------------------------------+
d25dd0ee	26	*/
6a488035 TO	27
	28	/**
	29	*
	30	* @package CRM
0f03f337	31	* @copyright CiviCRM LLC (c) 2004-2017
6a488035 TO	32	*
	33	*/
	34
	35	/**
	36	* This class generates form components for custom data
	37	*
	38	* It delegates the work to lower level subclasses and integrates the changes
	39	* back in. It also uses a lot of functionality with the CRM API's, so any change
	40	* made here could potentially affect the API etc. Be careful, be aware, use unit tests.
	41	*
	42	*/
	43	class CRM_Profile_Form_Edit extends CRM_Profile_Form {
	44	protected $_postURL = NULL;
	45	protected $_cancelURL = NULL;
	46	protected $_errorURL = NULL;
	47	protected $_context;
	48	protected $_blockNo;
	49	protected $_prefix;
2b63c577	50	protected $returnExtra;
6a488035 TO	51
6a488035 TO	52	/**
100fef9d	53	* Pre processing work done here.
6a488035 TO	54	*
	55	* @param
	56	*
6a488035	57	*/
00be9182	58	public function preProcess() {
6a488035 TO	59	$this->_mode = CRM_Profile_Form::MODE_CREATE;
6a488035 TO	60
e5e3f1ad	61	$this->_onPopupClose = CRM_Utils_Request::retrieve('onPopupClose', 'String', $this);
3a2e7d2b	62	$this->assign('onPopupClose', $this->_onPopupClose);
ac79535c	63
6a488035 TO	64	//set the context for the profile
	65	$this->_context = CRM_Utils_Request::retrieve('context', 'String', $this);
	66
	67	//set the block no
	68	$this->_blockNo = CRM_Utils_Request::retrieve('blockNo', 'String', $this);
	69
	70	//set the prefix
	71	$this->_prefix = CRM_Utils_Request::retrieve('prefix', 'String', $this);
	72
882a1be2	73	// Fields for the EntityRef widget
2b63c577	74	$this->returnExtra = CRM_Utils_Request::retrieve('returnExtra', 'String', $this);
882a1be2	75
6a488035 TO	76	$this->assign('context', $this->_context);
	77
	78	if ($this->_blockNo) {
	79	$this->assign('blockNo', $this->_blockNo);
	80	$this->assign('prefix', $this->_prefix);
	81	}
	82
	83	$this->assign('createCallback', CRM_Utils_Request::retrieve('createCallback', 'String', $this));
	84
	85	if ($this->get('skipPermission')) {
	86	$this->_skipPermission = TRUE;
	87	}
	88
	89	if ($this->get('edit')) {
	90	// make sure we have right permission to edit this user
	91	$session = CRM_Core_Session::singleton();
353ffa53	92	$userID = $session->get('userID');
1a447f39 J	93
1a447f39 J	94	// Set the ID from the query string, otherwise default to the current user
353ffa53	95	$id = CRM_Utils_Request::retrieve('id', 'Positive', $this, FALSE, $userID);
6a488035 TO	96
	97	if ($id) {
	98	// this is edit mode.
	99	$this->_mode = CRM_Profile_Form::MODE_EDIT;
	100
	101	if ($id != $userID) {
	102	// do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228
541d99d7	103	// see also CRM-19079 for modifications to the condition
6a488035	104	$config = CRM_Core_Config::singleton();
541d99d7	105	if ($config->userFrameworkFrontend && $config->userSystem->is_joomla) {
6a488035 TO	106	CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($id, $this);
	107	}
	108	else {
	109	CRM_Contact_BAO_Contact_Permission::validateChecksumContact($id, $this);
	110	}
	111	$this->_isPermissionedChecksum = TRUE;
	112	}
	113	}
1a447f39 J	114
	115	// CRM-16784: If there is no ID then this can't be an 'edit'
	116	else {
	117	CRM_Core_Error::fatal(ts('No user/contact ID was specified, so the Profile cannot be used in edit mode.'));
	118	}
	119
6a488035 TO	120	}
	121
	122	parent::preProcess();
	123
6a488035 TO	124	// and also the profile is of type 'Profile'
6a488035 TO	125	$query = "
2e57a21b DG	126	SELECT module,is_reserved
	127	FROM civicrm_uf_group
	128	LEFT JOIN civicrm_uf_join ON uf_group_id = civicrm_uf_group.id
74ee0fba	129	WHERE civicrm_uf_group.id = %1
6a488035	130	";
74ee0fba	131
6a488035 TO	132	$params = array(1 => array($this->_gid, 'Integer'));
6a488035 TO	133	$dao = CRM_Core_DAO::executeQuery($query, $params);
2e57a21b	134
192e8d1a	135	$isProfile = FALSE;
	136	while ($dao->fetch()) {
	137	$isProfile = ($isProfile \|\| ($dao->module == "Profile"));
	138	}
2e57a21b	139
192e8d1a	140	//Check that the user has the "add contacts" Permission
192e8d1a	141	$canAdd = CRM_Core_Permission::check("add contacts");
2e57a21b	142
192e8d1a	143	//Remove need for Profile module type when using reserved profiles [CRM-14488]
192e8d1a	144	if (!$dao->N \|\| (!$isProfile && !($dao->is_reserved && $canAdd))) {
6a488035	145	CRM_Core_Error::fatal(ts('The requested Profile (gid=%1) is not configured to be used for \'Profile\' edit and view forms in its Settings. Contact the site administrator if you need assistance.',
192e8d1a	146	array(1 => $this->_gid)
192e8d1a	147	));
6a488035 TO	148	}
	149	}
	150
	151	/**
fe482240	152	* Build the form object.
6a488035	153	*
6a488035 TO	154	*/
6a488035 TO	155	public function buildQuickForm() {
a3dbd1bc	156	if (empty($this->_ufGroup['id'])) {
6a488035 TO	157	CRM_Core_Error::fatal();
	158	}
	159
	160	// set the title
	161	if ($this->_multiRecord && $this->_customGroupTitle) {
dc98079b	162	$groupTitle = ($this->_multiRecord & CRM_Core_Action::UPDATE) ? 'Edit ' . $this->_customGroupTitle . ' Record' : $this->_customGroupTitle;
6a488035	163
0db6c3e1 TO	164	}
0db6c3e1 TO	165	else {
a3dbd1bc	166	$groupTitle = $this->_ufGroup['title'];
6a488035 TO	167	}
	168	CRM_Utils_System::setTitle($groupTitle);
	169	$this->assign('recentlyViewed', FALSE);
	170
	171	if ($this->_context != 'dialog') {
a3dbd1bc TO	172	$this->_postURL = $this->_ufGroup['post_URL'];
a3dbd1bc TO	173	$this->_cancelURL = $this->_ufGroup['cancel_URL'];
6a488035 TO	174
	175	$gidString = $this->_gid;
	176	if (!empty($this->_profileIds)) {
	177	$gidString = implode(',', $this->_profileIds);
	178	}
	179
6a488035 TO	180	if (!$this->_postURL) {
	181	if ($this->_context == 'Search') {
	182	$this->_postURL = CRM_Utils_System::url('civicrm/contact/search');
	183	}
	184	elseif ($this->_id && $this->_gid) {
	185	$urlParams = "reset=1&id={$this->_id}&gid={$gidString}";
	186	if ($this->_isContactActivityProfile && $this->_activityId) {
	187	$urlParams .= "&aid={$this->_activityId}";
	188	}
	189	// get checksum if present
	190	if ($this->get('cs')) {
	191	$urlParams .= "&cs=" . $this->get('cs');
	192	}
	193	$this->_postURL = CRM_Utils_System::url('civicrm/profile/view', $urlParams);
	194	}
	195	}
	196
	197	if (!$this->_cancelURL) {
a3dbd1bc TO	198	$this->_cancelURL = CRM_Utils_System::url('civicrm/profile',
	199	"reset=1&gid={$gidString}"
	200	);
6a488035 TO	201	}
6a488035 TO	202
6a488035 TO	203	// we do this gross hack since qf also does entity replacement
	204	$this->_postURL = str_replace('&', '&', $this->_postURL);
	205	$this->_cancelURL = str_replace('&', '&', $this->_cancelURL);
	206
6a488035 TO	207	// also retain error URL if set
	208	$this->_errorURL = CRM_Utils_Array::value('errorURL', $_POST);
	209	if ($this->_errorURL) {
	210	// we do this gross hack since qf also does entity replacement
	211	$this->_errorURL = str_replace('&', '&', $this->_errorURL);
	212	$this->addElement('hidden', 'errorURL', $this->_errorURL);
	213	}
	214
	215	// replace the session stack in case user cancels (and we dont go into postProcess)
	216	$session = CRM_Core_Session::singleton();
	217	$session->replaceUserContext($this->_postURL);
	218	}
	219
	220	parent::buildQuickForm();
	221
fc942baa CW	222	$this->assign('cancelURL', $this->_cancelURL);
fc942baa CW	223
6a488035 TO	224	if (($this->_multiRecord & CRM_Core_Action::DELETE) && $this->_recordExists) {
	225	$this->_deleteButtonName = $this->getButtonName('upload', 'delete');
	226
7ce5cba4	227	$this->addElement('submit', $this->_deleteButtonName, ts('Delete'));
6a488035	228
6a488035 TO	229	return;
	230	}
	231
	232	//get the value from session, this is set if there is any file
	233	//upload field
	234	$uploadNames = $this->get('uploadNames');
	235
	236	if (!empty($uploadNames)) {
	237	$buttonName = 'upload';
	238	}
	239	else {
	240	$buttonName = 'next';
	241	}
	242
	243	$buttons[] = array(
	244	'type' => $buttonName,
	245	'name' => ts('Save'),
	246	'isDefault' => TRUE,
	247	);
	248
6a488035 TO	249	$this->addButtons($buttons);
	250
	251	$this->addFormRule(array('CRM_Profile_Form', 'formRule'), $this);
	252	}
	253
	254	/**
	255	* Process the user submitted custom data values.
	256	*
6a488035 TO	257	*/
	258	public function postProcess() {
	259	parent::postProcess();
	260
882a1be2	261	// Send back data for the EntityRef widget
2b63c577 CW	262	if ($this->returnExtra) {
	263	$contact = civicrm_api3('Contact', 'getsingle', array(
	264	'id' => $this->_id,
	265	'return' => $this->returnExtra,
	266	));
	267	foreach (explode(',', $this->returnExtra) as $field) {
	268	$field = trim($field);
	269	$this->ajaxResponse['extra'][$field] = CRM_Utils_Array::value($field, $contact);
	270	}
882a1be2	271	}
79ae07d9	272
f90f3ac1 CW	273	// When saving (not deleting) and not in an ajax popup
f90f3ac1 CW	274	if (empty($_POST[$this->_deleteButtonName]) && $this->_context != 'dialog') {
6a488035 TO	275	CRM_Core_Session::setStatus(ts('Your information has been saved.'), ts('Thank you.'), 'success');
	276	}
	277
	278	$session = CRM_Core_Session::singleton();
	279	// only replace user context if we do not have a postURL
	280	if (!$this->_postURL) {
	281	$gidString = $this->_gid;
	282	if (!empty($this->_profileIds)) {
	283	$gidString = implode(',', $this->_profileIds);
	284	}
	285
	286	$urlParams = "reset=1&id={$this->_id}&gid={$gidString}";
	287	if ($this->_isContactActivityProfile && $this->_activityId) {
	288	$urlParams .= "&aid={$this->_activityId}";
	289	}
	290	// Get checksum if present
	291	if ($this->get('cs')) {
	292	$urlParams .= "&cs=" . $this->get('cs');
	293	}
	294	// Generate one if needed
	295	elseif (!CRM_Contact_BAO_Contact_Permission::allow($this->_id)) {
	296	$urlParams .= "&cs=" . CRM_Contact_BAO_Contact_Utils::generateChecksum($this->_id);
	297	}
	298	$url = CRM_Utils_System::url('civicrm/profile/view', $urlParams);
	299	}
	300	else {
	301	// Replace tokens from post URL
	302	$contactParams = array(
	303	'contact_id' => $this->_id,
	304	'version' => 3,
	305	);
	306
	307	$contact = civicrm_api('contact', 'get', $contactParams);
	308	$contact = reset($contact['values']);
	309
	310	$dummyMail = new CRM_Mailing_BAO_Mailing();
	311	$dummyMail->body_text = $this->_postURL;
	312	$tokens = $dummyMail->getTokens();
	313
	314	$url = CRM_Utils_Token::replaceContactTokens($this->_postURL, $contact, FALSE, CRM_Utils_Array::value('text', $tokens));
	315	}
	316
	317	$session->replaceUserContext($url);
	318	}
	319
	320	/**
fe482240	321	* Intercept QF validation and do our own redirection.
6a488035 TO	322	*
	323	* We use this to send control back to the user for a user formatted page
	324	* This allows the user to maintain the same state and display the error messages
	325	* in their own theme along with any modifications
	326	*
	327	* This is a first version and will be tweaked over a period of time
	328	*
6a488035	329	*
317fceb4	330	* @return bool
a6c01b45	331	* true if no error found
6a488035	332	*/
00be9182	333	public function validate() {
6a488035 TO	334	$errors = parent::validate();
6a488035 TO	335
8cc574cf	336	if (!$errors && !empty($_POST['errorURL'])) {
6a488035 TO	337	$message = NULL;
	338	foreach ($this->_errors as $name => $mess) {
	339	$message .= $mess;
	340	$message .= '<p>';
	341	}
	342
	343	CRM_Utils_System::setUFMessage($message);
	344
	345	$message = urlencode($message);
	346
	347	$errorURL = $_POST['errorURL'];
	348	if (strpos($errorURL, '?') !== FALSE) {
	349	$errorURL .= '&';
	350	}
	351	else {
	352	$errorURL .= '?';
	353	}
	354	$errorURL .= "gid={$this->_gid}&msg=$message";
	355	CRM_Utils_System::redirect($errorURL);
	356	}
	357
	358	return $errors;
	359	}
96025800	360
6a488035	361	}