From 9c3f979fa4a51aaae9b7347c8bbe156cf483eab5 Mon Sep 17 00:00:00 2001 From: Mattias Michaux Date: Mon, 25 Apr 2016 17:16:49 +0200 Subject: [PATCH] First WIP for AJAX cleanup. --- CRM/Activity/Page/AJAX.php | 121 ++++++++++--------------------------- CRM/Core/Page/AJAX.php | 27 ++++++++- CRM/Custom/Page/AJAX.php | 22 +++---- CRM/Group/Page/AJAX.php | 19 +----- CRM/Mailing/Page/AJAX.php | 23 +------ CRM/Utils/Type.php | 2 +- 6 files changed, 69 insertions(+), 145 deletions(-) diff --git a/CRM/Activity/Page/AJAX.php b/CRM/Activity/Page/AJAX.php index 4035106c84..783f262c47 100644 --- a/CRM/Activity/Page/AJAX.php +++ b/CRM/Activity/Page/AJAX.php @@ -37,27 +37,23 @@ */ class CRM_Activity_Page_AJAX { public static function getCaseActivity() { + // Should those params be passed through the getSanitizedParams method? $caseID = CRM_Utils_Type::escape($_GET['caseID'], 'Integer'); $contactID = CRM_Utils_Type::escape($_GET['cid'], 'Integer'); $userID = CRM_Utils_Type::escape($_GET['userID'], 'Integer'); $context = CRM_Utils_Type::escape(CRM_Utils_Array::value('context', $_GET), 'String'); - $sortMapper = array(); - foreach ($_GET['columns'] as $key => $value) { - $sortMapper[$key] = $value['data']; - }; - - $offset = isset($_GET['start']) ? CRM_Utils_Type::escape($_GET['start'], 'Integer') : 0; - $rowCount = isset($_GET['length']) ? CRM_Utils_Type::escape($_GET['length'], 'Integer') : 25; - $sort = isset($_GET['order'][0]['column']) ? CRM_Utils_Array::value(CRM_Utils_Type::escape($_GET['order'][0]['column'], 'Integer'), $sortMapper) : NULL; - $sortOrder = isset($_GET['order'][0]['dir']) ? CRM_Utils_Type::escape($_GET['order'][0]['dir'], 'String') : 'asc'; + $optionalParameters = array( + 'source_contact_id' => 'Integer', + 'status_id' => 'Integer', + 'activity_deleted' => 'Boolean', + 'activity_type_id' => 'Integer', + 'activity_date_low' => 'String', + 'activity_date_high' => 'String', + ); - $params = $_GET; - if ($sort && $sortOrder) { - $params['sortBy'] = $sort . ' ' . $sortOrder; - } - $params['page'] = ($offset / $rowCount) + 1; - $params['rp'] = $rowCount; + $params = CRM_Core_Page_AJAX::defaultSortAndPagerParams(); + $params += CRM_Core_Page_AJAX::getSanitizedParams(array(), $optionalParameters); // get the activities related to given case $activities = CRM_Case_BAO_Case::getCaseActivity($caseID, $params, $contactID, $context, $userID); @@ -66,31 +62,15 @@ class CRM_Activity_Page_AJAX { } public static function getCaseGlobalRelationships() { - $sortMapper = array(); - foreach ($_GET['columns'] as $key => $value) { - $sortMapper[$key] = $value['data']; - }; - - $offset = isset($_GET['start']) ? CRM_Utils_Type::escape($_GET['start'], 'Integer') : 0; - $rowCount = isset($_GET['length']) ? CRM_Utils_Type::escape($_GET['length'], 'Integer') : 25; - $sort = isset($_GET['order'][0]['column']) ? CRM_Utils_Array::value(CRM_Utils_Type::escape($_GET['order'][0]['column'], 'Integer'), $sortMapper) : NULL; - $sortOrder = isset($_GET['order'][0]['dir']) ? CRM_Utils_Type::escape($_GET['order'][0]['dir'], 'String') : 'asc'; - - $params = $_GET; - - // CRM-14466 initialize variable to avoid php notice. - $sortSQL = ""; - if ($sort && $sortOrder) { - $sortSQL = $sort . ' ' . $sortOrder; - } + $params = CRM_Core_Page_AJAX::defaultSortAndPagerParams(); // get the activities related to given case $globalGroupInfo = array(); // get the total row count - $relGlobalTotalCount = CRM_Case_BAO_Case::getGlobalContacts($globalGroupInfo, NULL, FALSE, TRUE, NULL, NULL); + CRM_Case_BAO_Case::getGlobalContacts($globalGroupInfo, NULL, FALSE, TRUE, NULL, NULL); // limit the rows - $relGlobal = CRM_Case_BAO_Case::getGlobalContacts($globalGroupInfo, $sortSQL, $showLinks = TRUE, FALSE, $offset, $rowCount); + $relGlobal = CRM_Case_BAO_Case::getGlobalContacts($globalGroupInfo, $params['sortBy'], $showLinks = TRUE, FALSE, $params['offset'], $params['rp']); $relationships = array(); // after sort we can update username fields to be a url @@ -103,12 +83,10 @@ class CRM_Activity_Page_AJAX { array_push($relationships, $relationship); } - $params['total'] = count($relationships); - $globalRelationshipsDT = array(); $globalRelationshipsDT['data'] = $relationships; - $globalRelationshipsDT['recordsTotal'] = $params['total']; - $globalRelationshipsDT['recordsFiltered'] = $params['total']; + $globalRelationshipsDT['recordsTotal'] = count($relationships); + $globalRelationshipsDT['recordsFiltered'] = count($relationships); CRM_Utils_JSON::output($globalRelationshipsDT); } @@ -117,17 +95,7 @@ class CRM_Activity_Page_AJAX { $caseID = CRM_Utils_Type::escape($_GET['caseID'], 'Integer'); $contactID = CRM_Utils_Type::escape($_GET['cid'], 'Integer'); - $sortMapper = array(); - foreach ($_GET['columns'] as $key => $value) { - $sortMapper[$key] = $value['data']; - }; - - $offset = isset($_GET['start']) ? CRM_Utils_Type::escape($_GET['start'], 'Integer') : 0; - $rowCount = isset($_GET['length']) ? CRM_Utils_Type::escape($_GET['length'], 'Integer') : 25; - $sort = isset($_GET['order'][0]['column']) ? CRM_Utils_Array::value(CRM_Utils_Type::escape($_GET['order'][0]['column'], 'Integer'), $sortMapper) : NULL; - $sortOrder = isset($_GET['order'][0]['dir']) ? CRM_Utils_Type::escape($_GET['order'][0]['dir'], 'String') : 'asc'; - - $params = $_GET; + $params = CRM_Core_Page_AJAX::defaultSortAndPagerParams(); // Retrieve ALL client relationships $relClient = CRM_Contact_BAO_Relationship::getRelationship($contactID, @@ -148,9 +116,9 @@ class CRM_Activity_Page_AJAX { // sort clientRelationships array using jquery call params foreach ($clientRelationships as $key => $row) { - $sortArray[$key] = $row[$sort]; + $sortArray[$key] = $row[$params['_raw_values']['sort'][0]]; } - $sort_type = "SORT_" . strtoupper($sortOrder); + $sort_type = "SORT_" . strtoupper($params['_raw_values']['order'][0]); array_multisort($sortArray, constant($sort_type), $clientRelationships); $relationships = array(); @@ -166,12 +134,10 @@ class CRM_Activity_Page_AJAX { array_push($relationships, $relationship); } - $params['total'] = count($relationships); - $clientRelationshipsDT = array(); $clientRelationshipsDT['data'] = $relationships; - $clientRelationshipsDT['recordsTotal'] = $params['total']; - $clientRelationshipsDT['recordsFiltered'] = $params['total']; + $clientRelationshipsDT['recordsTotal'] = count($relationships); + $clientRelationshipsDT['recordsFiltered'] = count($relationships); CRM_Utils_JSON::output($clientRelationshipsDT); } @@ -181,17 +147,7 @@ class CRM_Activity_Page_AJAX { $caseID = CRM_Utils_Type::escape($_GET['caseID'], 'Integer'); $contactID = CRM_Utils_Type::escape($_GET['cid'], 'Integer'); - $sortMapper = array(); - foreach ($_GET['columns'] as $key => $value) { - $sortMapper[$key] = $value['data']; - }; - - $offset = isset($_GET['start']) ? CRM_Utils_Type::escape($_GET['start'], 'Integer') : 0; - $rowCount = isset($_GET['length']) ? CRM_Utils_Type::escape($_GET['length'], 'Integer') : 25; - $sort = isset($_GET['order'][0]['column']) ? CRM_Utils_Array::value(CRM_Utils_Type::escape($_GET['order'][0]['column'], 'Integer'), $sortMapper) : NULL; - $sortOrder = isset($_GET['order'][0]['dir']) ? CRM_Utils_Type::escape($_GET['order'][0]['dir'], 'String') : 'asc'; - - $params = $_GET; + $params = CRM_Core_Page_AJAX::defaultSortAndPagerParams(); $caseRelationships = CRM_Case_BAO_Case::getCaseRoles($contactID, $caseID); $caseTypeName = CRM_Case_BAO_Case::getCaseType($caseID, 'name'); @@ -241,9 +197,9 @@ class CRM_Activity_Page_AJAX { // sort clientRelationships array using jquery call params foreach ($caseRelationships as $key => $row) { - $sortArray[$key] = $row[$sort]; + $sortArray[$key] = $row[$params['_raw_values']['sort'][0]]; } - $sort_type = "SORT_" . strtoupper($sortOrder); + $sort_type = "SORT_" . strtoupper($params['_raw_values']['order'][0]); array_multisort($sortArray, constant($sort_type), $caseRelationships); $relationships = array(); @@ -434,29 +390,16 @@ class CRM_Activity_Page_AJAX { } public static function getContactActivity() { - $contactID = CRM_Utils_Type::escape($_GET['cid'], 'Integer'); - $context = CRM_Utils_Type::escape(CRM_Utils_Array::value('context', $_GET), 'String'); - - $sortMapper = array(); - foreach ($_GET['columns'] as $key => $value) { - $sortMapper[$key] = $value['data']; - }; - - $offset = isset($_GET['start']) ? CRM_Utils_Type::escape($_GET['start'], 'Integer') : 0; - $rowCount = isset($_GET['length']) ? CRM_Utils_Type::escape($_GET['length'], 'Integer') : 25; - $sort = isset($_GET['order'][0]['column']) ? CRM_Utils_Array::value(CRM_Utils_Type::escape($_GET['order'][0]['column'], 'Integer'), $sortMapper) : NULL; - $sortOrder = isset($_GET['order'][0]['dir']) ? CRM_Utils_Type::escape($_GET['order'][0]['dir'], 'String') : 'asc'; - - $params = $_GET; - if ($sort && $sortOrder) { - $params['sortBy'] = $sort . ' ' . $sortOrder; - } + $requiredParameters = array( + 'cid' => 'Integer', + ); - $params['page'] = ($offset / $rowCount) + 1; - $params['rp'] = $rowCount; + $optionalParameters = array( + 'context' => 'String', + ); - $params['contact_id'] = $contactID; - $params['context'] = $context; + $params = CRM_Core_Page_AJAX::defaultSortAndPagerParams(); + $params += CRM_Core_Page_AJAX::getSanitizedParams($requiredParameters, $optionalParameters); // get the contact activities $activities = CRM_Activity_BAO_Activity::getContactActivitySelector($params); diff --git a/CRM/Core/Page/AJAX.php b/CRM/Core/Page/AJAX.php index 9777e8f5d1..cfc7e8d909 100644 --- a/CRM/Core/Page/AJAX.php +++ b/CRM/Core/Page/AJAX.php @@ -215,7 +215,9 @@ class CRM_Core_Page_AJAX { } public static function defaultSortAndPagerParams($defaultOffset = 0, $defaultRowCount = 25, $defaultSort = NULL, $defaultsortOrder = 'asc') { - $params = array(); + $params = array( + '_raw_values' => array(), + ); $sortMapper = array(); foreach ($_GET['columns'] as $key => $value) { @@ -230,12 +232,33 @@ class CRM_Core_Page_AJAX { if ($sort) { $params['sortBy'] = "`{$sort}` {$sortOrder}"; + + $params['_raw_values']['sort'][0] = $sort; + $params['_raw_values']['order'][0] = $sortOrder; } - $params['page'] = ($offset / $rowCount) + 1; + $params['offset'] = $offset; $params['rp'] = $rowCount; + $params['page'] = ($offset / $rowCount) + 1; + + return $params; + } + + public static function getSanitizedParams($requiredParams = array(), $optionalParams = array()) { + $params = array(); + + foreach ($requiredParams as $param => $type) { + $params[$param] = CRM_Utils_Type::escape(CRM_Utils_Array::value($param, $_GET), $type); + } + + foreach ($optionalParams as $param => $type) { + if (CRM_Utils_Array::value($param, $_GET)) { + $params[$param] = CRM_Utils_Type::escape(CRM_Utils_Array::value($param, $_GET), $type); + } + } return $params; + } } diff --git a/CRM/Custom/Page/AJAX.php b/CRM/Custom/Page/AJAX.php index 59b5cf28e0..1bd938996f 100644 --- a/CRM/Custom/Page/AJAX.php +++ b/CRM/Custom/Page/AJAX.php @@ -111,19 +111,11 @@ class CRM_Custom_Page_AJAX { * */ public static function getMultiRecordFieldList() { - $params = $_GET; - $offset = isset($_GET['start']) ? CRM_Utils_Type::escape($_GET['start'], 'Integer') : 0; - $rowCount = isset($_GET['length']) ? CRM_Utils_Type::escape($_GET['length'], 'Integer') : 10; - $sortMapper = array(); - foreach ($_GET['columns'] as $key => $value) { - $sortMapper[$key] = $value['data']; - }; - $sort = isset($_GET['order'][0]['column']) ? CRM_Utils_Array::value(CRM_Utils_Type::escape($_GET['order'][0]['column'], 'Integer'), $sortMapper) : NULL; - $sortOrder = isset($_GET['order'][0]['dir']) ? CRM_Utils_Type::escape($_GET['order'][0]['dir'], 'String') : 'asc'; + $params = CRM_Core_Page_AJAX::defaultSortAndPagerParams(0, 10); + $params['cid'] = CRM_Utils_Type::escape($_GET['cid'], 'Integer'); + $params['cgid'] = CRM_Utils_Type::escape($_GET['cgid'], 'Integer'); - $params['page'] = ($offset / $rowCount) + 1; - $params['rp'] = $rowCount; $contactType = CRM_Contact_BAO_Contact::getContactType($params['cid']); $obj = new CRM_Profile_Page_MultipleRecordFieldsListing(); @@ -133,9 +125,11 @@ class CRM_Custom_Page_AJAX { $obj->_contactType = $contactType; $obj->_DTparams['offset'] = ($params['page'] - 1) * $params['rp']; $obj->_DTparams['rowCount'] = $params['rp']; - if ($sort && $sortOrder) { - $sort = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_CustomField', $sort, 'column_name', 'label'); - $obj->_DTparams['sort'] = $sort . ' ' . $sortOrder; + if (isset($params['_raw_values']['sort'][0])) { + // Will this work when CiviCRM is translated, as searching happens on the label column? + // I can't find a place where the sort is added, but it should use the name, not the label. + $sort = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_CustomField', $params['_raw_values']['sort'][0], 'column_name', 'label'); + $obj->_DTparams['sort'] = $sort . ' ' . $params['_raw_values']['order'][0]; } list($fields, $attributes) = $obj->browse(); diff --git a/CRM/Group/Page/AJAX.php b/CRM/Group/Page/AJAX.php index 045e611914..2050348fa9 100644 --- a/CRM/Group/Page/AJAX.php +++ b/CRM/Group/Page/AJAX.php @@ -50,24 +50,7 @@ class CRM_Group_Page_AJAX { CRM_Utils_JSON::output($groups); } else { - - $sortMapper = array(); - $columns = CRM_Utils_Array::value('columns', $params, array()); - foreach ($columns as $key => $value) { - $sortMapper[$key] = $value['data']; - } - - $offset = isset($_GET['start']) ? CRM_Utils_Type::escape($_GET['start'], 'Integer') : 0; - $rowCount = isset($_GET['length']) ? CRM_Utils_Type::escape($_GET['length'], 'Integer') : 25; - $sort = isset($_GET['order'][0]['column']) ? CRM_Utils_Array::value(CRM_Utils_Type::escape($_GET['order'][0]['column'], 'Integer'), $sortMapper) : NULL; - $sortOrder = isset($_GET['order'][0]['dir']) ? CRM_Utils_Type::escape($_GET['order'][0]['dir'], 'String') : 'asc'; - - if ($sort && $sortOrder) { - $params['sortBy'] = $sort . ' ' . $sortOrder; - } - - $params['page'] = ($offset / $rowCount) + 1; - $params['rp'] = $rowCount; + $params = CRM_Core_Page_AJAX::defaultSortAndPagerParams(); // get group list $groups = CRM_Contact_BAO_Group::getGroupListSelector($params); diff --git a/CRM/Mailing/Page/AJAX.php b/CRM/Mailing/Page/AJAX.php index 72341aca53..3e7f9746df 100644 --- a/CRM/Mailing/Page/AJAX.php +++ b/CRM/Mailing/Page/AJAX.php @@ -61,27 +61,8 @@ class CRM_Mailing_Page_AJAX { * Retrieve contact mailings. */ public static function getContactMailings() { - $contactID = CRM_Utils_Type::escape($_GET['contact_id'], 'Integer'); - - $sortMapper = array(); - foreach ($_GET['columns'] as $key => $value) { - $sortMapper[$key] = $value['data']; - }; - - $offset = isset($_GET['start']) ? CRM_Utils_Type::escape($_GET['start'], 'Integer') : 0; - $rowCount = isset($_GET['length']) ? CRM_Utils_Type::escape($_GET['length'], 'Integer') : 25; - $sort = isset($_GET['order'][0]['column']) ? CRM_Utils_Array::value(CRM_Utils_Type::escape($_GET['order'][0]['column'], 'Integer'), $sortMapper) : NULL; - $sortOrder = isset($_GET['order'][0]['dir']) ? CRM_Utils_Type::escape($_GET['order'][0]['dir'], 'String') : 'asc'; - - $params = $_GET; - if ($sort && $sortOrder) { - $params['sortBy'] = $sort . ' ' . $sortOrder; - } - - $params['page'] = ($offset / $rowCount) + 1; - $params['rp'] = $rowCount; - - $params['contact_id'] = $contactID; + $params = CRM_Core_Page_AJAX::defaultSortAndPagerParams(); + $params += CRM_Core_Page_AJAX::getSanitizedParams(array('contact_id' => 'Integer')); // get the contact mailings $mailings = CRM_Mailing_BAO_Mailing::getContactMailingSelector($params); diff --git a/CRM/Utils/Type.php b/CRM/Utils/Type.php index 25bf54ff21..50c242df8d 100644 --- a/CRM/Utils/Type.php +++ b/CRM/Utils/Type.php @@ -258,7 +258,7 @@ class CRM_Utils_Type { case 'MysqlColumnNameLoose': if (CRM_Utils_Rule::mysqlColumnNameLoose($data)) { - return str_replace('`', '', $data); + return str_replace('`', '``', $data); } break; -- 2.25.1