CRM/UF/Form/Inline/Preview.php

   1 <?php
   2 /*
   3  +--------------------------------------------------------------------+
   4  | CiviCRM version 5                                                  |
   5  +--------------------------------------------------------------------+
   6  | Copyright CiviCRM LLC (c) 2004-2020                                |
   7  +--------------------------------------------------------------------+
   8  | This file is a part of CiviCRM.                                    |
   9  |                                                                    |
  10  | CiviCRM is free software; you can copy, modify, and distribute it  |
  11  | under the terms of the GNU Affero General Public License           |
  12  | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
  13  |                                                                    |
  14  | CiviCRM is distributed in the hope that it will be useful, but     |
  15  | WITHOUT ANY WARRANTY; without even the implied warranty of         |
  16  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
  17  | See the GNU Affero General Public License for more details.        |
  18  |                                                                    |
  19  | You should have received a copy of the GNU Affero General Public   |
  20  | License and the CiviCRM Licensing Exception along                  |
  21  | with this program; if not, contact CiviCRM LLC                     |
  22  | at info[AT]civicrm[DOT]org. If you have questions about the        |
  23  | GNU Affero General Public License or the licensing of CiviCRM,     |
  24  | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
  25  +--------------------------------------------------------------------+
  26  */
  27
  28 /**
  29  *
  30  * @package CRM
  31  * @copyright CiviCRM LLC (c) 2004-2020
  32  */
  33
  34 /**
  35  * This class generates form components
  36  * for previewing Civicrm Profile Group
  37  */
  38 class CRM_UF_Form_Inline_Preview extends CRM_UF_Form_AbstractPreview {
  39
  40   /**
  41    * Pre processing work done here.
  42    *
  43    * gets session variables for group or field id
  44    */
  45   public function preProcess() {
  46     if ($_SERVER['REQUEST_METHOD'] != 'POST') {
  47       // CRM_Core_Controller validates qfKey for POST requests, but not necessarily
  48       // for GET requests. Allowing GET would therefore be CSRF vulnerability.
  49       CRM_Core_Error::fatal(ts('Preview only supports HTTP POST'));
  50     }
  51     // Inline forms don't get menu-level permission checks
  52     $checkPermission = [
  53       [
  54         'administer CiviCRM',
  55         'manage event profiles',
  56       ],
  57     ];
  58     if (!CRM_Core_Permission::check($checkPermission)) {
  59       CRM_Core_Error::fatal(ts('Permission Denied'));
  60     }
  61     $content = json_decode($_REQUEST['ufData'], TRUE);
  62     foreach (['ufGroup', 'ufFieldCollection'] as $key) {
  63       if (!is_array($content[$key])) {
  64         CRM_Core_Error::fatal("Missing JSON parameter, $key");
  65       }
  66     }
  67     //echo '<pre>'.htmlentities(var_export($content, TRUE)) .'</pre>';
  68     //CRM_Utils_System::civiExit();
  69     $fields = CRM_Core_BAO_UFGroup::formatUFFields($content['ufGroup'], $content['ufFieldCollection']);
  70     //$fields = CRM_Core_BAO_UFGroup::getFields(1);
  71     $this->setProfile($fields);
  72     //echo '<pre>'.htmlentities(var_export($fields, TRUE)) .'</pre>';CRM_Utils_System::civiExit();
  73   }
  74
  75 }