| 1 | <?php |
| 2 | /* |
| 3 | +--------------------------------------------------------------------+ |
| 4 | | CiviCRM version 4.4 | |
| 5 | +--------------------------------------------------------------------+ |
| 6 | | Copyright CiviCRM LLC (c) 2004-2013 | |
| 7 | +--------------------------------------------------------------------+ |
| 8 | | This file is a part of CiviCRM. | |
| 9 | | | |
| 10 | | CiviCRM is free software; you can copy, modify, and distribute it | |
| 11 | | under the terms of the GNU Affero General Public License | |
| 12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | |
| 13 | | | |
| 14 | | CiviCRM is distributed in the hope that it will be useful, but | |
| 15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | |
| 17 | | See the GNU Affero General Public License for more details. | |
| 18 | | | |
| 19 | | You should have received a copy of the GNU Affero General Public | |
| 20 | | License and the CiviCRM Licensing Exception along | |
| 21 | | with this program; if not, contact CiviCRM LLC | |
| 22 | | at info[AT]civicrm[DOT]org. If you have questions about the | |
| 23 | | GNU Affero General Public License or the licensing of CiviCRM, | |
| 24 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | |
| 25 | +--------------------------------------------------------------------+ |
| 26 | */ |
| 27 | |
| 28 | /** |
| 29 | * |
| 30 | * @package CRM |
| 31 | * @copyright CiviCRM LLC (c) 2004-2013 |
| 32 | * $Id$ |
| 33 | * |
| 34 | */ |
| 35 | |
| 36 | /** |
| 37 | * This class generates form components for custom data |
| 38 | * |
| 39 | * It delegates the work to lower level subclasses and integrates the changes |
| 40 | * back in. It also uses a lot of functionality with the CRM API's, so any change |
| 41 | * made here could potentially affect the API etc. Be careful, be aware, use unit tests. |
| 42 | * |
| 43 | */ |
| 44 | class CRM_Profile_Form_Edit extends CRM_Profile_Form { |
| 45 | protected $_postURL = NULL; |
| 46 | protected $_cancelURL = NULL; |
| 47 | protected $_errorURL = NULL; |
| 48 | protected $_context; |
| 49 | protected $_blockNo; |
| 50 | protected $_prefix; |
| 51 | |
| 52 | /** |
| 53 | * pre processing work done here. |
| 54 | * |
| 55 | * @param |
| 56 | * |
| 57 | * @return void |
| 58 | * |
| 59 | * @access public |
| 60 | * |
| 61 | */ |
| 62 | function preProcess() { |
| 63 | $this->_mode = CRM_Profile_Form::MODE_CREATE; |
| 64 | |
| 65 | $this->_onPopupClose = CRM_Utils_Request::retrieve('onPopupClose', 'String', $this); |
| 66 | $this->assign('onPopupClose', $this->_onPopupClose); |
| 67 | |
| 68 | //set the context for the profile |
| 69 | $this->_context = CRM_Utils_Request::retrieve('context', 'String', $this); |
| 70 | |
| 71 | //set the block no |
| 72 | $this->_blockNo = CRM_Utils_Request::retrieve('blockNo', 'String', $this); |
| 73 | |
| 74 | //set the prefix |
| 75 | $this->_prefix = CRM_Utils_Request::retrieve('prefix', 'String', $this); |
| 76 | |
| 77 | $this->assign('context', $this->_context); |
| 78 | |
| 79 | if ($this->_blockNo) { |
| 80 | $this->assign('blockNo', $this->_blockNo); |
| 81 | $this->assign('prefix', $this->_prefix); |
| 82 | } |
| 83 | |
| 84 | $this->assign('createCallback', CRM_Utils_Request::retrieve('createCallback', 'String', $this)); |
| 85 | |
| 86 | if ($this->get('skipPermission')) { |
| 87 | $this->_skipPermission = TRUE; |
| 88 | } |
| 89 | |
| 90 | if ($this->get('edit')) { |
| 91 | // make sure we have right permission to edit this user |
| 92 | $session = CRM_Core_Session::singleton(); |
| 93 | $userID = $session->get('userID'); |
| 94 | $id = CRM_Utils_Request::retrieve('id', 'Positive', $this, FALSE, $userID); |
| 95 | |
| 96 | if ($id) { |
| 97 | // this is edit mode. |
| 98 | $this->_mode = CRM_Profile_Form::MODE_EDIT; |
| 99 | |
| 100 | if ($id != $userID) { |
| 101 | // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228 |
| 102 | $config = CRM_Core_Config::singleton(); |
| 103 | if ($config->userFrameworkFrontend) { |
| 104 | CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($id, $this); |
| 105 | } |
| 106 | else { |
| 107 | CRM_Contact_BAO_Contact_Permission::validateChecksumContact($id, $this); |
| 108 | } |
| 109 | $this->_isPermissionedChecksum = TRUE; |
| 110 | } |
| 111 | } |
| 112 | } |
| 113 | |
| 114 | parent::preProcess(); |
| 115 | |
| 116 | // make sure the gid is set and valid |
| 117 | if (!$this->_gid) { |
| 118 | CRM_Core_Error::fatal(ts('The requested Profile (gid=%1) is disabled, OR there is no Profile with that ID, OR a valid \'gid=\' integer value is missing from the URL. Contact the site administrator if you need assistance.', |
| 119 | array(1 => $this->_gid) |
| 120 | )); |
| 121 | } |
| 122 | |
| 123 | // and also the profile is of type 'Profile' |
| 124 | $query = " |
| 125 | SELECT module |
| 126 | FROM civicrm_uf_join |
| 127 | WHERE module = 'Profile' |
| 128 | AND uf_group_id = %1 |
| 129 | "; |
| 130 | $params = array(1 => array($this->_gid, 'Integer')); |
| 131 | $dao = CRM_Core_DAO::executeQuery($query, $params); |
| 132 | if (!$dao->fetch()) { |
| 133 | CRM_Core_Error::fatal(ts('The requested Profile (gid=%1) is not configured to be used for \'Profile\' edit and view forms in its Settings. Contact the site administrator if you need assistance.', |
| 134 | array(1 => $this->_gid) |
| 135 | )); |
| 136 | } |
| 137 | } |
| 138 | |
| 139 | /** |
| 140 | * Function to actually build the form |
| 141 | * |
| 142 | * @return void |
| 143 | * @access public |
| 144 | */ |
| 145 | public function buildQuickForm() { |
| 146 | // add the hidden field to redirect the postProcess from |
| 147 | $ufGroup = new CRM_Core_DAO_UFGroup(); |
| 148 | |
| 149 | $ufGroup->id = $this->_gid; |
| 150 | if (!$ufGroup->find(TRUE)) { |
| 151 | CRM_Core_Error::fatal(); |
| 152 | } |
| 153 | |
| 154 | // set the title |
| 155 | if ($this->_multiRecord && $this->_customGroupTitle) { |
| 156 | $groupTitle = ($this->_multiRecord & CRM_Core_Action::UPDATE) ? |
| 157 | 'Edit ' . $this->_customGroupTitle . ' Record' : $this->_customGroupTitle; |
| 158 | |
| 159 | } else { |
| 160 | $groupTitle = $ufGroup->title; |
| 161 | } |
| 162 | CRM_Utils_System::setTitle($groupTitle); |
| 163 | $this->assign('recentlyViewed', FALSE); |
| 164 | |
| 165 | if ($this->_context != 'dialog') { |
| 166 | $this->_postURL = CRM_Utils_Array::value('postURL', $_POST); |
| 167 | $this->_cancelURL = CRM_Utils_Array::value('cancelURL', $_POST); |
| 168 | |
| 169 | $gidString = $this->_gid; |
| 170 | if (!empty($this->_profileIds)) { |
| 171 | $gidString = implode(',', $this->_profileIds); |
| 172 | } |
| 173 | |
| 174 | if (!$this->_postURL) { |
| 175 | $this->_postURL = $ufGroup->post_URL; |
| 176 | } |
| 177 | |
| 178 | if (!$this->_postURL) { |
| 179 | if ($this->_context == 'Search') { |
| 180 | $this->_postURL = CRM_Utils_System::url('civicrm/contact/search'); |
| 181 | } |
| 182 | elseif ($this->_id && $this->_gid) { |
| 183 | $urlParams = "reset=1&id={$this->_id}&gid={$gidString}"; |
| 184 | if ($this->_isContactActivityProfile && $this->_activityId) { |
| 185 | $urlParams .= "&aid={$this->_activityId}"; |
| 186 | } |
| 187 | // get checksum if present |
| 188 | if ($this->get('cs')) { |
| 189 | $urlParams .= "&cs=" . $this->get('cs'); |
| 190 | } |
| 191 | $this->_postURL = CRM_Utils_System::url('civicrm/profile/view', $urlParams); |
| 192 | } |
| 193 | } |
| 194 | |
| 195 | if (!$this->_cancelURL) { |
| 196 | if ($ufGroup->cancel_URL) { |
| 197 | $this->_cancelURL = $ufGroup->cancel_URL; |
| 198 | } |
| 199 | else { |
| 200 | $this->_cancelURL = CRM_Utils_System::url('civicrm/profile', |
| 201 | "reset=1&gid={$gidString}" |
| 202 | ); |
| 203 | } |
| 204 | } |
| 205 | |
| 206 | if ($this->_multiRecordProfile) { |
| 207 | $urlParams = "reset=1&id={$this->_id}&gid={$gidString}"; |
| 208 | |
| 209 | // get checksum if present |
| 210 | if ($this->get('cs')) { |
| 211 | $urlParams .= "&cs=" . $this->get('cs'); |
| 212 | } |
| 213 | $this->_postURL = CRM_Utils_System::url('civicrm/profile/edit', $urlParams); |
| 214 | $this->_cancelURL = CRM_Utils_System::url('civicrm/profile/edit', $urlParams); |
| 215 | |
| 216 | //passing the post url to template so the popup form does |
| 217 | //proper redirection and proccess form errors if any |
| 218 | if (!isset($this->_onPopupClose) || $this->_onPopupClose == 'redirectToProfile') { |
| 219 | $popupRedirect = CRM_Utils_System::url('civicrm/profile/edit', $urlParams, FALSE, NULL, FALSE); |
| 220 | } |
| 221 | elseif ($this->_onPopupClose == 'redirectToTab') { |
| 222 | $popupRedirect = CRM_Utils_System::url('civicrm/contact/view', |
| 223 | "reset=1&cid={$this->_id}&selectedChild=custom_{$this->_customGroupId}", FALSE, NULL, FALSE); |
| 224 | } |
| 225 | |
| 226 | $this->assign('urlParams', $urlParams); |
| 227 | $this->assign('postUrl', $popupRedirect); |
| 228 | } |
| 229 | |
| 230 | // we do this gross hack since qf also does entity replacement |
| 231 | $this->_postURL = str_replace('&', '&', $this->_postURL); |
| 232 | $this->_cancelURL = str_replace('&', '&', $this->_cancelURL); |
| 233 | |
| 234 | $this->addElement('hidden', 'postURL', $this->_postURL); |
| 235 | if ($this->_cancelURL) { |
| 236 | $this->addElement('hidden', 'cancelURL', $this->_cancelURL); |
| 237 | } |
| 238 | |
| 239 | // also retain error URL if set |
| 240 | $this->_errorURL = CRM_Utils_Array::value('errorURL', $_POST); |
| 241 | if ($this->_errorURL) { |
| 242 | // we do this gross hack since qf also does entity replacement |
| 243 | $this->_errorURL = str_replace('&', '&', $this->_errorURL); |
| 244 | $this->addElement('hidden', 'errorURL', $this->_errorURL); |
| 245 | } |
| 246 | |
| 247 | // replace the session stack in case user cancels (and we dont go into postProcess) |
| 248 | $session = CRM_Core_Session::singleton(); |
| 249 | $session->replaceUserContext($this->_postURL); |
| 250 | } |
| 251 | |
| 252 | parent::buildQuickForm(); |
| 253 | |
| 254 | if (($this->_multiRecord & CRM_Core_Action::DELETE) && $this->_recordExists) { |
| 255 | $this->_deleteButtonName = $this->getButtonName('upload', 'delete'); |
| 256 | |
| 257 | $this->addElement('submit', |
| 258 | $this->_deleteButtonName, |
| 259 | ts('Delete') |
| 260 | ); |
| 261 | |
| 262 | $buttons[] = array( |
| 263 | 'type' => 'cancel', |
| 264 | 'name' => ts('Cancel'), |
| 265 | 'isDefault' => TRUE, |
| 266 | ); |
| 267 | $this->addButtons($buttons); |
| 268 | return; |
| 269 | } |
| 270 | |
| 271 | //get the value from session, this is set if there is any file |
| 272 | //upload field |
| 273 | $uploadNames = $this->get('uploadNames'); |
| 274 | |
| 275 | if (!empty($uploadNames)) { |
| 276 | $buttonName = 'upload'; |
| 277 | } |
| 278 | else { |
| 279 | $buttonName = 'next'; |
| 280 | } |
| 281 | |
| 282 | $buttons[] = array( |
| 283 | 'type' => $buttonName, |
| 284 | 'name' => ts('Save'), |
| 285 | 'isDefault' => TRUE, |
| 286 | ); |
| 287 | |
| 288 | if ($this->_context != 'dialog') { |
| 289 | $buttons[] = array( |
| 290 | 'type' => 'cancel', |
| 291 | 'name' => ts('Cancel'), |
| 292 | 'isDefault' => TRUE, |
| 293 | ); |
| 294 | } |
| 295 | |
| 296 | $this->addButtons($buttons); |
| 297 | |
| 298 | $this->addFormRule(array('CRM_Profile_Form', 'formRule'), $this); |
| 299 | } |
| 300 | |
| 301 | /** |
| 302 | * Process the user submitted custom data values. |
| 303 | * |
| 304 | * @access public |
| 305 | * |
| 306 | * @return void |
| 307 | */ |
| 308 | public function postProcess() { |
| 309 | parent::postProcess(); |
| 310 | |
| 311 | // this is special case when we create contact using Dialog box |
| 312 | if ($this->_context == 'dialog') { |
| 313 | $displayName = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_id, 'display_name'); |
| 314 | $sortName = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_id, 'sort_name'); |
| 315 | $returnArray = array( |
| 316 | 'contactID' => $this->_id, |
| 317 | 'displayName' => $displayName, |
| 318 | 'sortName' => $sortName, |
| 319 | 'newContactSuccess' => TRUE, |
| 320 | ); |
| 321 | |
| 322 | echo json_encode($returnArray); |
| 323 | CRM_Utils_System::civiExit(); |
| 324 | } |
| 325 | |
| 326 | //for delete record handling |
| 327 | if (!CRM_Utils_Array::value($this->_deleteButtonName, $_POST)) { |
| 328 | CRM_Core_Session::setStatus(ts('Your information has been saved.'), ts('Thank you.'), 'success'); |
| 329 | } |
| 330 | |
| 331 | $session = CRM_Core_Session::singleton(); |
| 332 | // only replace user context if we do not have a postURL |
| 333 | if (!$this->_postURL) { |
| 334 | $gidString = $this->_gid; |
| 335 | if (!empty($this->_profileIds)) { |
| 336 | $gidString = implode(',', $this->_profileIds); |
| 337 | } |
| 338 | |
| 339 | $urlParams = "reset=1&id={$this->_id}&gid={$gidString}"; |
| 340 | if ($this->_isContactActivityProfile && $this->_activityId) { |
| 341 | $urlParams .= "&aid={$this->_activityId}"; |
| 342 | } |
| 343 | // Get checksum if present |
| 344 | if ($this->get('cs')) { |
| 345 | $urlParams .= "&cs=" . $this->get('cs'); |
| 346 | } |
| 347 | // Generate one if needed |
| 348 | elseif (!CRM_Contact_BAO_Contact_Permission::allow($this->_id)) { |
| 349 | $urlParams .= "&cs=" . CRM_Contact_BAO_Contact_Utils::generateChecksum($this->_id); |
| 350 | } |
| 351 | $url = CRM_Utils_System::url('civicrm/profile/view', $urlParams); |
| 352 | } |
| 353 | else { |
| 354 | // Replace tokens from post URL |
| 355 | $contactParams = array( |
| 356 | 'contact_id' => $this->_id, |
| 357 | 'version' => 3, |
| 358 | ); |
| 359 | |
| 360 | $contact = civicrm_api('contact', 'get', $contactParams); |
| 361 | $contact = reset($contact['values']); |
| 362 | |
| 363 | $dummyMail = new CRM_Mailing_BAO_Mailing(); |
| 364 | $dummyMail->body_text = $this->_postURL; |
| 365 | $tokens = $dummyMail->getTokens(); |
| 366 | |
| 367 | $url = CRM_Utils_Token::replaceContactTokens($this->_postURL, $contact, FALSE, CRM_Utils_Array::value('text', $tokens)); |
| 368 | } |
| 369 | |
| 370 | $session->replaceUserContext($url); |
| 371 | } |
| 372 | |
| 373 | /** |
| 374 | * Function to intercept QF validation and do our own redirection |
| 375 | * |
| 376 | * We use this to send control back to the user for a user formatted page |
| 377 | * This allows the user to maintain the same state and display the error messages |
| 378 | * in their own theme along with any modifications |
| 379 | * |
| 380 | * This is a first version and will be tweaked over a period of time |
| 381 | * |
| 382 | * @access public |
| 383 | * |
| 384 | * @return boolean true if no error found |
| 385 | */ |
| 386 | function validate() { |
| 387 | $errors = parent::validate(); |
| 388 | |
| 389 | if (!$errors && |
| 390 | CRM_Utils_Array::value('errorURL', $_POST) |
| 391 | ) { |
| 392 | $message = NULL; |
| 393 | foreach ($this->_errors as $name => $mess) { |
| 394 | $message .= $mess; |
| 395 | $message .= '<p>'; |
| 396 | } |
| 397 | |
| 398 | CRM_Utils_System::setUFMessage($message); |
| 399 | |
| 400 | $message = urlencode($message); |
| 401 | |
| 402 | $errorURL = $_POST['errorURL']; |
| 403 | if (strpos($errorURL, '?') !== FALSE) { |
| 404 | $errorURL .= '&'; |
| 405 | } |
| 406 | else { |
| 407 | $errorURL .= '?'; |
| 408 | } |
| 409 | $errorURL .= "gid={$this->_gid}&msg=$message"; |
| 410 | CRM_Utils_System::redirect($errorURL); |
| 411 | } |
| 412 | |
| 413 | return $errors; |
| 414 | } |
| 415 | } |
| 416 | |