projects / civicrm-core.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
security/core#14 Validate "context" inputs
[civicrm-core.git] / CRM / Campaign / Form / Campaign.php
1 <?php
2 /*
3 +--------------------------------------------------------------------+
4 | CiviCRM version 5 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2018 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
26 */
27
28 /**
29 *
30 * @package CRM
31 * @copyright CiviCRM LLC (c) 2004-2018
32 */
33
34 /**
35 * This class generates form components for processing a campaign.
36 */
37 class CRM_Campaign_Form_Campaign extends CRM_Core_Form {
38
39 /**
40 * Action
41 *
42 * @var int
43 */
44 public $_action;
45
46 /**
47 * Context
48 *
49 * @var string
50 */
51 protected $_context;
52
53 /**
54 * Object values.
55 *
56 * @var array
57 */
58 protected $_values;
59
60 /**
61 * The id of the campaign we are proceessing
62 *
63 * @var int
64 */
65 protected $_campaignId;
66
67 /**
68 * Explicitly declare the entity api name.
69 */
70 public function getDefaultEntity() {
71 return 'Campaign';
72 }
73
74 public function preProcess() {
75 if (!CRM_Campaign_BAO_Campaign::accessCampaign()) {
76 CRM_Utils_System::permissionDenied();
77 }
78
79 $this->_context = CRM_Utils_Request::retrieve('context', 'Alphanumeric', $this);
80
81 $this->assign('context', $this->_context);
82
83 $this->_action = CRM_Utils_Request::retrieve('action', 'String', $this);
84 $this->_campaignId = CRM_Utils_Request::retrieve('id', 'Positive', $this);
85
86 $title = NULL;
87 if ($this->_action & CRM_Core_Action::UPDATE) {
88 $title = ts('Edit Campaign');
89 }
90 if ($this->_action & CRM_Core_Action::DELETE) {
91 $title = ts('Delete Campaign');
92 }
93 if ($title) {
94 CRM_Utils_System::setTitle($title);
95 }
96
97 $session = CRM_Core_Session::singleton();
98 $session->pushUserContext(CRM_Utils_System::url('civicrm/campaign', 'reset=1&subPage=campaign'));
99 $this->assign('action', $this->_action);
100
101 //load the values;
102 $this->_values = $this->get('values');
103 if (!is_array($this->_values)) {
104 $this->_values = array();
105
106 // if we are editing
107 if (isset($this->_campaignId) && $this->_campaignId) {
108 $params = array('id' => $this->_campaignId);
109 CRM_Campaign_BAO_Campaign::retrieve($params, $this->_values);
110 }
111
112 //lets use current object session.
113 $this->set('values', $this->_values);
114 }
115
116 // when custom data is included in form.
117 if (!empty($_POST['hidden_custom'])) {
118 $campaignTypeId = empty($_POST['campaign_type_id']) ? NULL : $_POST['campaign_type_id'];
119 $this->set('type', 'Campaign');
120 $this->set('subType', $campaignTypeId);
121 $this->set('entityId', $this->_campaignId);
122
123 CRM_Custom_Form_CustomData::preProcess($this, NULL, $campaignTypeId, 1, 'Campaign', $this->_campaignId);
124 CRM_Custom_Form_CustomData::buildQuickForm($this);
125 CRM_Custom_Form_CustomData::setDefaultValues($this);
126 }
127 }
128
129 /**
130 * Set default values for the form. Note that in edit/view mode
131 * the default values are retrieved from the database
132 *
133 *
134 * @return array
135 */
136 public function setDefaultValues() {
137 $defaults = $this->_values;
138
139 if (isset($defaults['start_date'])) {
140 list($defaults['start_date'], $defaults['start_date_time'])
141 = CRM_Utils_Date::setDateDefaults($defaults['start_date'], 'activityDateTime');
142 }
143 else {
144 list($defaults['start_date'], $defaults['start_date_time'])
145 = CRM_Utils_Date::setDateDefaults();
146 }
147
148 if (isset($defaults['end_date'])) {
149 list($defaults['end_date'], $defaults['end_date_time'])
150 = CRM_Utils_Date::setDateDefaults($defaults['end_date'], 'activityDateTime');
151 }
152
153 if (!isset($defaults['is_active'])) {
154 $defaults['is_active'] = 1;
155 }
156
157 if (!$this->_campaignId) {
158 return $defaults;
159 }
160
161 $dao = new CRM_Campaign_DAO_CampaignGroup();
162
163 $campaignGroups = array();
164 $dao->campaign_id = $this->_campaignId;
165 $dao->find();
166
167 while ($dao->fetch()) {
168 $campaignGroups[$dao->entity_table][$dao->group_type][] = $dao->entity_id;
169 }
170
171 if (!empty($campaignGroups)) {
172 $defaults['includeGroups'] = $campaignGroups['civicrm_group']['Include'];
173 }
174 return $defaults;
175 }
176
177 public function buildQuickForm() {
178 if ($this->_action & CRM_Core_Action::DELETE) {
179
180 $this->addButtons(array(
181 array(
182 'type' => 'next',
183 'name' => ts('Delete'),
184 'isDefault' => TRUE,
185 ),
186 array(
187 'type' => 'cancel',
188 'name' => ts('Cancel'),
189 ),
190 )
191 );
192 return;
193 }
194
195 $this->applyFilter('__ALL__', 'trim');
196
197 //lets assign custom data type and subtype.
198 $this->assign('customDataType', 'Campaign');
199 $this->assign('entityID', $this->_campaignId);
200 $this->assign('customDataSubType', CRM_Utils_Array::value('campaign_type_id', $this->_values));
201
202 $attributes = CRM_Core_DAO::getAttribute('CRM_Campaign_DAO_Campaign');
203
204 // add comaign title.
205 $this->add('text', 'title', ts('Title'), $attributes['title'], TRUE);
206
207 // add description
208 $this->add('textarea', 'description', ts('Description'), $attributes['description']);
209
210 // add campaign start date
211 $this->addDateTime('start_date', ts('Start Date'), TRUE, array('formatType' => 'activityDateTime'));
212
213 // add campaign end date
214 $this->addDateTime('end_date', ts('End Date'), FALSE, array('formatType' => 'activityDateTime'));
215
216 // add campaign type
217 $this->addSelect('campaign_type_id', array('onChange' => "CRM.buildCustomData( 'Campaign', this.value );"), TRUE);
218
219 // add campaign status
220 $this->addSelect('status_id');
221
222 // add External Identifier Element
223 $this->add('text', 'external_identifier', ts('External ID'),
224 CRM_Core_DAO::getAttribute('CRM_Campaign_DAO_Campaign', 'external_identifier'), FALSE
225 );
226
227 // add Campaign Parent Id
228 $campaigns = CRM_Campaign_BAO_Campaign::getCampaigns(CRM_Utils_Array::value('parent_id', $this->_values), $this->_campaignId);
229 if (!empty($campaigns)) {
230 $this->addElement('select', 'parent_id', ts('Parent ID'),
231 array('' => ts('- select Parent -')) + $campaigns,
232 array('class' => 'crm-select2')
233 );
234 }
235 $groups = CRM_Core_PseudoConstant::nestedGroup();
236 //get the campaign groups.
237 $this->add('select', 'includeGroups',
238 ts('Include Group(s)'),
239 $groups,
240 FALSE,
241 array(
242 'multiple' => TRUE,
243 'class' => 'crm-select2 huge',
244 'placeholder' => ts('- none -'),
245 )
246 );
247
248 $this->add('wysiwyg', 'goal_general', ts('Campaign Goals'), array('rows' => 2, 'cols' => 40));
249 $this->add('text', 'goal_revenue', ts('Revenue Goal'), array('size' => 8, 'maxlength' => 12));
250 $this->addRule('goal_revenue', ts('Please enter a valid money value (e.g. %1).',
251 array(1 => CRM_Utils_Money::format('99.99', ' '))
252 ), 'money');
253
254 // is this Campaign active
255 $this->addElement('checkbox', 'is_active', ts('Is Active?'));
256
257 $this->addButtons(array(
258 array(
259 'type' => 'upload',
260 'name' => ts('Save'),
261 'isDefault' => TRUE,
262 ),
263 array(
264 'type' => 'upload',
265 'name' => ts('Save and New'),
266 'subName' => 'new',
267 ),
268 array(
269 'type' => 'cancel',
270 'name' => ts('Cancel'),
271 ),
272 )
273 );
274 }
275
276 /**
277 * add the rules (mainly global rules) for form.
278 * All local rules are added near the element
279 *
280 * @param $fields
281 * @param $files
282 * @param $errors
283 *
284 * @return bool|array
285 * @see valid_date
286 */
287 public static function formRule($fields, $files, $errors) {
288 $errors = array();
289
290 return empty($errors) ? TRUE : $errors;
291 }
292
293 /**
294 * Form submission of new/edit campaign is processed.
295 */
296 public function postProcess() {
297 // store the submitted values in an array
298 $params = $this->controller->exportValues($this->_name);
299 $session = CRM_Core_Session::singleton();
300
301 $groups = array();
302 if (isset($this->_campaignId)) {
303 if ($this->_action & CRM_Core_Action::DELETE) {
304 CRM_Campaign_BAO_Campaign::del($this->_campaignId);
305 CRM_Core_Session::setStatus(ts('Campaign has been deleted.'), ts('Record Deleted'), 'success');
306 $session->replaceUserContext(CRM_Utils_System::url('civicrm/campaign', 'reset=1&subPage=campaign'));
307 return;
308 }
309 $params['id'] = $this->_campaignId;
310 }
311 else {
312 $params['created_id'] = $session->get('userID');
313 $params['created_date'] = date('YmdHis');
314 }
315 // format params
316 $params['start_date'] = CRM_Utils_Date::processDate($params['start_date'], $params['start_date_time']);
317 $params['end_date'] = CRM_Utils_Date::processDate($params['end_date'], $params['end_date_time'], TRUE);
318 $params['is_active'] = CRM_Utils_Array::value('is_active', $params, FALSE);
319 $params['last_modified_id'] = $session->get('userID');
320 $params['last_modified_date'] = date('YmdHis');
321
322 if (is_array($params['includeGroups'])) {
323 foreach ($params['includeGroups'] as $key => $id) {
324 if ($id) {
325 $groups['include'][] = $id;
326 }
327 }
328 }
329 $params['groups'] = $groups;
330
331 // delete previous includes/excludes, if campaign already existed
332 $groupTableName = CRM_Contact_BAO_Group::getTableName();
333 $dao = new CRM_Campaign_DAO_CampaignGroup();
334 $dao->campaign_id = $this->_campaignId;
335 $dao->entity_table = $groupTableName;
336 $dao->find();
337 while ($dao->fetch()) {
338 $dao->delete();
339 }
340
341 //process custom data.
342 $customFields = CRM_Core_BAO_CustomField::getFields('Campaign', FALSE, FALSE,
343 CRM_Utils_Array::value('campaign_type_id', $params)
344 );
345 $params['custom'] = CRM_Core_BAO_CustomField::postProcess($params,
346 $this->_campaignId,
347 'Campaign'
348 );
349
350 $result = CRM_Campaign_BAO_Campaign::create($params);
351
352 if ($result) {
353 CRM_Core_Session::setStatus(ts('Campaign %1 has been saved.', array(1 => $result->title)), ts('Saved'), 'success');
354 $session->pushUserContext(CRM_Utils_System::url('civicrm/campaign', 'reset=1&subPage=campaign'));
355 }
356
357 $buttonName = $this->controller->getButtonName();
358 if ($buttonName == $this->getButtonName('upload', 'new')) {
359 CRM_Core_Session::setStatus(ts(' You can add another Campaign.'), '', 'info');
360 $session->replaceUserContext(CRM_Utils_System::url('civicrm/campaign/add', 'reset=1&action=add'));
361 }
362 else {
363 $session->replaceUserContext(CRM_Utils_System::url('civicrm/campaign', 'reset=1&subPage=campaign'));
364 }
365 }
366
367 }