$attrs = ['class' => 'crm-form-submit'] + (array) CRM_Utils_Array::value('js', $button);
- // A lot of forms use the hacky method of looking at
- // `$params['button name']` (dating back to them being inputs with a
- // "value" of the button label) rather than looking at
- // `$this->controller->getButtonName()`. It makes sense to give buttons a
- // value by default as a precaution.
- $attrs['value'] = 1;
-
if (!empty($button['class'])) {
$attrs['class'] .= ' ' . $button['class'];
}
}
if ($button['type'] === 'reset') {
- $attrs['type'] = 'reset';
- $prevnext[] = $this->createElement('xbutton', 'reset', $button['name'], $attrs);
+ $prevnext[] = $this->createElement($button['type'], 'reset', $button['name'], $attrs);
}
else {
if (!empty($button['subName'])) {
if (in_array($button['type'], ['next', 'upload', 'done']) && $button['name'] === ts('Save')) {
$attrs['accesskey'] = 'S';
}
- $buttonContents = CRM_Core_Page::crmIcon($button['icon'] ?? $defaultIcon) . ' ' . $button['name'];
+ $icon = CRM_Utils_Array::value('icon', $button, $defaultIcon);
+ if ($icon) {
+ $attrs['crm-icon'] = $icon;
+ }
$buttonName = $this->getButtonName($button['type'], CRM_Utils_Array::value('subName', $button));
- $attrs['class'] .= " crm-button crm-button-type-{$button['type']} crm-button{$buttonName}";
- $attrs['type'] = 'submit';
- $prevnext[] = $this->createElement('xbutton', $buttonName, $buttonContents, $attrs);
+ $prevnext[] = $this->createElement('submit', $buttonName, $button['name'], $attrs);
}
if (!empty($button['isDefault'])) {
$this->setDefaultAction($button['type']);
/**
* Get the contact id of the logged in user.
+ *
+ * @return int|false
*/
public function getLoggedInUserContactID() {
// check if the user is logged in and has a contact ID
$session = CRM_Core_Session::singleton();
- return $session->get('userID');
+ return $session->get('userID') ? (int) $session->get('userID') : FALSE;
}
/**
* - id_field
* - url (for ajax lookup)
*
+ * @throws \CRM_Core_Exception
* @todo add data attributes so we can deal with multiple instances on a form
*/
public function addAutoSelector($profiles = [], $autoCompleteField = []) {
$this->_actionButtonName = $this->getButtonName('next', 'action');
}
$this->assign('actionButtonName', $this->_actionButtonName);
- $this->add('xbutton', $this->_actionButtonName, ts('Go'), [
- 'type' => 'submit',
- 'class' => 'hiddenElement crm-search-go-button',
- ]);
+ $this->add('submit', $this->_actionButtonName, ts('Go'), ['class' => 'hiddenElement crm-search-go-button']);
// Radio to choose "All items" or "Selected items only"
$selectedRowsRadio = $this->addElement('radio', 'radio_ts', NULL, '', 'ts_sel', ['checked' => 'checked']);
}
}
+ /**
+ * Get the contact if from the url, using the checksum or the cid if it is the logged in user.
+ *
+ * This function returns the user being validated. It is not intended to get another user
+ * they have permission to (setContactID does do that) and can be used to check if the user is
+ * accessing their own record.
+ *
+ * @return int|false
+ * @throws \CRM_Core_Exception
+ */
+ protected function getContactIDIfAccessingOwnRecord() {
+ $contactID = (int) CRM_Utils_Request::retrieve('cid', 'Positive', $this);
+ if (!$contactID) {
+ return FALSE;
+ }
+ if ($contactID === $this->getLoggedInUserContactID()) {
+ return $contactID;
+ }
+ $userChecksum = CRM_Utils_Request::retrieve('cs', 'String', $this);
+ return CRM_Contact_BAO_Contact_Utils::validChecksum($contactID, $userChecksum) ? $contactID : FALSE;
+ }
+
}