3 +--------------------------------------------------------------------+
4 | Copyright CiviCRM LLC. All rights reserved. |
6 | This work is published under the GNU AGPLv3 license with some |
7 | permitted exceptions and without any warranty. For full license |
8 | and copyright information, see https://civicrm.org/licensing |
9 +--------------------------------------------------------------------+
13 * This class generates form components
14 * for previewing Civicrm Profile Group
16 class CRM_UF_Form_Inline_Preview
extends CRM_UF_Form_AbstractPreview
{
19 * Pre processing work done here.
21 * gets session variables for group or field id
23 public function preProcess() {
24 if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
25 // CRM_Core_Controller validates qfKey for POST requests, but not necessarily
26 // for GET requests. Allowing GET would therefore be CSRF vulnerability.
27 CRM_Core_Error
::statusBounce(ts('Preview only supports HTTP POST'));
29 // Inline forms don't get menu-level permission checks
33 'manage event profiles',
36 if (!CRM_Core_Permission
::check($checkPermission)) {
37 CRM_Core_Error
::statusBounce(ts('Permission Denied'));
39 $content = json_decode($_REQUEST['ufData'], TRUE);
40 foreach (['ufGroup', 'ufFieldCollection'] as $key) {
41 if (!is_array($content[$key])) {
42 CRM_Core_Error
::statusBounce("Missing JSON parameter, $key");
46 $fields = CRM_Core_BAO_UFGroup
::formatUFFields($content['ufGroup'], $content['ufFieldCollection']);
47 $this->setProfile($fields);