projects / civicrm-core.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
CRM-14488 Reserved profiles no longer need Used for = standalone form.
[civicrm-core.git] / CRM / Profile / Form / Edit.php
1 <?php
2 /*
3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.5 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2014 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
26 */
27
28 /**
29 *
30 * @package CRM
31 * @copyright CiviCRM LLC (c) 2004-2014
32 * $Id$
33 *
34 */
35
36 /**
37 * This class generates form components for custom data
38 *
39 * It delegates the work to lower level subclasses and integrates the changes
40 * back in. It also uses a lot of functionality with the CRM API's, so any change
41 * made here could potentially affect the API etc. Be careful, be aware, use unit tests.
42 *
43 */
44 class CRM_Profile_Form_Edit extends CRM_Profile_Form {
45 protected $_postURL = NULL;
46 protected $_cancelURL = NULL;
47 protected $_errorURL = NULL;
48 protected $_context;
49 protected $_blockNo;
50 protected $_prefix;
51
52 /**
53 * pre processing work done here.
54 *
55 * @param
56 *
57 * @return void
58 *
59 * @access public
60 *
61 */
62 function preProcess() {
63 $this->_mode = CRM_Profile_Form::MODE_CREATE;
64
65 $this->_onPopupClose = CRM_Utils_Request::retrieve('onPopupClose', 'String', $this);
66 $this->assign('onPopupClose', $this->_onPopupClose);
67
68 //set the context for the profile
69 $this->_context = CRM_Utils_Request::retrieve('context', 'String', $this);
70
71 //set the block no
72 $this->_blockNo = CRM_Utils_Request::retrieve('blockNo', 'String', $this);
73
74 //set the prefix
75 $this->_prefix = CRM_Utils_Request::retrieve('prefix', 'String', $this);
76
77 $this->assign('context', $this->_context);
78
79 if ($this->_blockNo) {
80 $this->assign('blockNo', $this->_blockNo);
81 $this->assign('prefix', $this->_prefix);
82 }
83
84 $this->assign('createCallback', CRM_Utils_Request::retrieve('createCallback', 'String', $this));
85
86 if ($this->get('skipPermission')) {
87 $this->_skipPermission = TRUE;
88 }
89
90 if ($this->get('edit')) {
91 // make sure we have right permission to edit this user
92 $session = CRM_Core_Session::singleton();
93 $userID = $session->get('userID');
94 $id = CRM_Utils_Request::retrieve('id', 'Positive', $this, FALSE, $userID);
95
96 if ($id) {
97 // this is edit mode.
98 $this->_mode = CRM_Profile_Form::MODE_EDIT;
99
100 if ($id != $userID) {
101 // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228
102 $config = CRM_Core_Config::singleton();
103 if ($config->userFrameworkFrontend) {
104 CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($id, $this);
105 }
106 else {
107 CRM_Contact_BAO_Contact_Permission::validateChecksumContact($id, $this);
108 }
109 $this->_isPermissionedChecksum = TRUE;
110 }
111 }
112 }
113
114 parent::preProcess();
115
116 // make sure the gid is set and valid
117 if (!$this->_gid) {
118 CRM_Core_Error::fatal(ts('The requested Profile (gid=%1) is disabled, OR there is no Profile with that ID, OR a valid \'gid=\' integer value is missing from the URL. Contact the site administrator if you need assistance.',
119 array(1 => $this->_gid)
120 ));
121 }
122
123 // and also the profile is of type 'Profile'
124 $query = "
125 SELECT module,is_reserved
126 FROM civicrm_uf_group
127 LEFT JOIN civicrm_uf_join ON uf_group_id = civicrm_uf_group.id
128 WHERE civicrm_uf_group.id = %1
129 ";
130 $params = array(1 => array($this->_gid, 'Integer'));
131 $dao = CRM_Core_DAO::executeQuery($query, $params);
132 $error = $dao->fetch();
133
134
135 //Check that the user has the "add contacts" Permission
136 $canAdd = CRM_Core_Permission::check("add contacts");
137
138 //Remove need for Profile module type when using reserved profiles [CRM-14488]
139 if( !$error || ($dao->module != "Profile" && !($dao->is_reserved && $canAdd))) {
140 CRM_Core_Error::fatal(ts('The requested Profile (gid=%1) is not configured to be used for \'Profile\' edit and view forms in its Settings. Contact the site administrator if you need assistance.',
141 array(1 => $this->_gid)
142 ));
143 }
144 }
145
146 /**
147 * Function to actually build the form
148 *
149 * @return void
150 * @access public
151 */
152 public function buildQuickForm() {
153 // add the hidden field to redirect the postProcess from
154 $ufGroup = new CRM_Core_DAO_UFGroup();
155
156 $ufGroup->id = $this->_gid;
157 if (!$ufGroup->find(TRUE)) {
158 CRM_Core_Error::fatal();
159 }
160
161 // set the title
162 if ($this->_multiRecord && $this->_customGroupTitle) {
163 $groupTitle = ($this->_multiRecord & CRM_Core_Action::UPDATE) ?
164 'Edit ' . $this->_customGroupTitle . ' Record' : $this->_customGroupTitle;
165
166 } else {
167 $groupTitle = $ufGroup->title;
168 }
169 CRM_Utils_System::setTitle($groupTitle);
170 $this->assign('recentlyViewed', FALSE);
171
172 if ($this->_context != 'dialog') {
173 $this->_postURL = CRM_Utils_Array::value('postURL', $_POST);
174 $this->_cancelURL = CRM_Utils_Array::value('cancelURL', $_POST);
175
176 $gidString = $this->_gid;
177 if (!empty($this->_profileIds)) {
178 $gidString = implode(',', $this->_profileIds);
179 }
180
181 if (!$this->_postURL) {
182 $this->_postURL = $ufGroup->post_URL;
183 }
184
185 if (!$this->_postURL) {
186 if ($this->_context == 'Search') {
187 $this->_postURL = CRM_Utils_System::url('civicrm/contact/search');
188 }
189 elseif ($this->_id && $this->_gid) {
190 $urlParams = "reset=1&id={$this->_id}&gid={$gidString}";
191 if ($this->_isContactActivityProfile && $this->_activityId) {
192 $urlParams .= "&aid={$this->_activityId}";
193 }
194 // get checksum if present
195 if ($this->get('cs')) {
196 $urlParams .= "&cs=" . $this->get('cs');
197 }
198 $this->_postURL = CRM_Utils_System::url('civicrm/profile/view', $urlParams);
199 }
200 }
201
202 if (!$this->_cancelURL) {
203 if ($ufGroup->cancel_URL) {
204 $this->_cancelURL = $ufGroup->cancel_URL;
205 }
206 else {
207 $this->_cancelURL = CRM_Utils_System::url('civicrm/profile',
208 "reset=1&gid={$gidString}"
209 );
210 }
211 }
212
213 // we do this gross hack since qf also does entity replacement
214 $this->_postURL = str_replace('&amp;', '&', $this->_postURL);
215 $this->_cancelURL = str_replace('&amp;', '&', $this->_cancelURL);
216
217 $this->addElement('hidden', 'postURL', $this->_postURL);
218 if ($this->_cancelURL) {
219 $this->addElement('hidden', 'cancelURL', $this->_cancelURL);
220 }
221
222 // also retain error URL if set
223 $this->_errorURL = CRM_Utils_Array::value('errorURL', $_POST);
224 if ($this->_errorURL) {
225 // we do this gross hack since qf also does entity replacement
226 $this->_errorURL = str_replace('&amp;', '&', $this->_errorURL);
227 $this->addElement('hidden', 'errorURL', $this->_errorURL);
228 }
229
230 // replace the session stack in case user cancels (and we dont go into postProcess)
231 $session = CRM_Core_Session::singleton();
232 $session->replaceUserContext($this->_postURL);
233 }
234
235 parent::buildQuickForm();
236
237 if (($this->_multiRecord & CRM_Core_Action::DELETE) && $this->_recordExists) {
238 $this->_deleteButtonName = $this->getButtonName('upload', 'delete');
239
240 $this->addElement('submit', $this->_deleteButtonName, ts('Delete'));
241
242 $buttons[] = array(
243 'type' => 'cancel',
244 'name' => ts('Cancel'),
245 'isDefault' => TRUE,
246 );
247 $this->addButtons($buttons);
248 return;
249 }
250
251 //get the value from session, this is set if there is any file
252 //upload field
253 $uploadNames = $this->get('uploadNames');
254
255 if (!empty($uploadNames)) {
256 $buttonName = 'upload';
257 }
258 else {
259 $buttonName = 'next';
260 }
261
262 $buttons[] = array(
263 'type' => $buttonName,
264 'name' => ts('Save'),
265 'isDefault' => TRUE,
266 );
267
268 $buttons[] = array(
269 'type' => 'cancel',
270 'name' => ts('Cancel'),
271 'isDefault' => TRUE,
272 );
273
274 $this->addButtons($buttons);
275
276 $this->addFormRule(array('CRM_Profile_Form', 'formRule'), $this);
277 }
278
279 /**
280 * Process the user submitted custom data values.
281 *
282 * @access public
283 *
284 * @return void
285 */
286 public function postProcess() {
287 parent::postProcess();
288
289 $displayName = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_id, 'display_name');
290 $sortName = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_id, 'sort_name');
291 $this->ajaxResponse['label'] = $sortName;
292
293 // When saving (not deleting) and not in an ajax popup
294 if (empty($_POST[$this->_deleteButtonName]) && $this->_context != 'dialog') {
295 CRM_Core_Session::setStatus(ts('Your information has been saved.'), ts('Thank you.'), 'success');
296 }
297
298 $session = CRM_Core_Session::singleton();
299 // only replace user context if we do not have a postURL
300 if (!$this->_postURL) {
301 $gidString = $this->_gid;
302 if (!empty($this->_profileIds)) {
303 $gidString = implode(',', $this->_profileIds);
304 }
305
306 $urlParams = "reset=1&id={$this->_id}&gid={$gidString}";
307 if ($this->_isContactActivityProfile && $this->_activityId) {
308 $urlParams .= "&aid={$this->_activityId}";
309 }
310 // Get checksum if present
311 if ($this->get('cs')) {
312 $urlParams .= "&cs=" . $this->get('cs');
313 }
314 // Generate one if needed
315 elseif (!CRM_Contact_BAO_Contact_Permission::allow($this->_id)) {
316 $urlParams .= "&cs=" . CRM_Contact_BAO_Contact_Utils::generateChecksum($this->_id);
317 }
318 $url = CRM_Utils_System::url('civicrm/profile/view', $urlParams);
319 }
320 else {
321 // Replace tokens from post URL
322 $contactParams = array(
323 'contact_id' => $this->_id,
324 'version' => 3,
325 );
326
327 $contact = civicrm_api('contact', 'get', $contactParams);
328 $contact = reset($contact['values']);
329
330 $dummyMail = new CRM_Mailing_BAO_Mailing();
331 $dummyMail->body_text = $this->_postURL;
332 $tokens = $dummyMail->getTokens();
333
334 $url = CRM_Utils_Token::replaceContactTokens($this->_postURL, $contact, FALSE, CRM_Utils_Array::value('text', $tokens));
335 }
336
337 $session->replaceUserContext($url);
338 }
339
340 /**
341 * Function to intercept QF validation and do our own redirection
342 *
343 * We use this to send control back to the user for a user formatted page
344 * This allows the user to maintain the same state and display the error messages
345 * in their own theme along with any modifications
346 *
347 * This is a first version and will be tweaked over a period of time
348 *
349 * @access public
350 *
351 * @return boolean true if no error found
352 */
353 function validate() {
354 $errors = parent::validate();
355
356 if (!$errors && !empty($_POST['errorURL'])) {
357 $message = NULL;
358 foreach ($this->_errors as $name => $mess) {
359 $message .= $mess;
360 $message .= '<p>';
361 }
362
363 CRM_Utils_System::setUFMessage($message);
364
365 $message = urlencode($message);
366
367 $errorURL = $_POST['errorURL'];
368 if (strpos($errorURL, '?') !== FALSE) {
369 $errorURL .= '&';
370 }
371 else {
372 $errorURL .= '?';
373 }
374 $errorURL .= "gid={$this->_gid}&msg=$message";
375 CRM_Utils_System::redirect($errorURL);
376 }
377
378 return $errors;
379 }
380 }
381