CRM/Core/Page/AJAX.php

   1 <?php
   2 /*
   3  +--------------------------------------------------------------------+
   4  | CiviCRM version 4.5                                                |
   5  +--------------------------------------------------------------------+
   6  | Copyright CiviCRM LLC (c) 2004-2014                                |
   7  +--------------------------------------------------------------------+
   8  | This file is a part of CiviCRM.                                    |
   9  |                                                                    |
  10  | CiviCRM is free software; you can copy, modify, and distribute it  |
  11  | under the terms of the GNU Affero General Public License           |
  12  | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
  13  |                                                                    |
  14  | CiviCRM is distributed in the hope that it will be useful, but     |
  15  | WITHOUT ANY WARRANTY; without even the implied warranty of         |
  16  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
  17  | See the GNU Affero General Public License for more details.        |
  18  |                                                                    |
  19  | You should have received a copy of the GNU Affero General Public   |
  20  | License and the CiviCRM Licensing Exception along                  |
  21  | with this program; if not, contact CiviCRM LLC                     |
  22  | at info[AT]civicrm[DOT]org. If you have questions about the        |
  23  | GNU Affero General Public License or the licensing of CiviCRM,     |
  24  | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
  25  +--------------------------------------------------------------------+
  26 */
  27
  28 /**
  29  *
  30  * @package CRM
  31  * @copyright CiviCRM LLC (c) 2004-2014
  32  * $Id$
  33  *
  34  */
  35
  36 /**
  37  * This is base class for all ajax calls
  38  */
  39 class CRM_Core_Page_AJAX {
  40
  41   /**
  42    * function to call generic ajax forms
  43    *
  44    * @static
  45    * @access public
  46    */
  47   static function run() {
  48     $className = CRM_Utils_Type::escape($_REQUEST['class_name'], 'String');
  49     $type = '';
  50     if (!empty($_REQUEST['type'])) {
  51       $type = CRM_Utils_Type::escape($_REQUEST['type'], 'String');
  52     }
  53
  54     if (!$className) {
  55       CRM_Core_Error::fatal(ts('Invalid className: %1', array(1 => $className)));
  56     }
  57
  58     $fnName = NULL;
  59     if (isset($_REQUEST['fn_name'])) {
  60       $fnName = CRM_Utils_Type::escape($_REQUEST['fn_name'], 'String');
  61     }
  62
  63     if (!self::checkAuthz($type, $className, $fnName)) {
  64       CRM_Utils_System::civiExit();
  65     }
  66
  67     switch ($type) {
  68       case 'method':
  69         call_user_func(array($className, $fnName));
  70         break;
  71
  72       case 'page':
  73       case 'class':
  74       case '':
  75         // FIXME: This is done to maintain current wire protocol, but it might be
  76         // simpler to just require different 'types' for pages and forms
  77         if (preg_match('/^CRM_[a-zA-Z0-9]+_Page_Inline_/', $className)) {
  78           $page = new $className;
  79           $page->run();
  80         }
  81         else {
  82           $wrapper = new CRM_Utils_Wrapper();
  83           $wrapper->run($className);
  84         }
  85         break;
  86       default:
  87         CRM_Core_Error::debug_log_message('Unsupported inline request type: ' . var_export($type, TRUE));
  88     }
  89     CRM_Utils_System::civiExit();
  90   }
  91
  92   /**
  93    * function to change is_quick_config priceSet to complex
  94    *
  95    * @static
  96    * @access public
  97    */
  98   static function setIsQuickConfig() {
  99     $id = $context = NULL;
 100     if (!empty($_REQUEST['id'])) {
 101       $id = CRM_Utils_Type::escape($_REQUEST['id'], 'Integer');
 102     }
 103
 104     if (!empty($_REQUEST['context'])) {
 105       $context = CRM_Utils_Type::escape($_REQUEST['context'], 'String');
 106     }
 107     // return false if $id is null and
 108     // $context is not civicrm_event or civicrm_contribution_page
 109     if (!$id || !in_array($context, array('civicrm_event', 'civicrm_contribution_page'))) {
 110       return false;
 111     }
 112     $priceSetId = CRM_Price_BAO_PriceSet::getFor($context, $id, NULL);
 113     if ($priceSetId) {
 114       $result = CRM_Price_BAO_PriceSet::setIsQuickConfig($priceSetId, 0);
 115       if ($context == 'civicrm_event') {
 116         $sql = "UPDATE
 117           civicrm_price_set cps
 118           INNER JOIN civicrm_discount cd ON cd.price_set_id = cps.id
 119           SET cps.is_quick_config = 0
 120           WHERE cd.entity_id = (%1) AND cd.entity_table = 'civicrm_event' ";
 121         $params = array(1 => array($id, 'Integer'));
 122         CRM_Core_DAO::executeQuery($sql, $params);
 123         CRM_Core_BAO_Discount::del($id, $context);
 124       }
 125     }
 126     if (!$result) {
 127       $priceSetId = null;
 128     }
 129     CRM_Utils_JSON::output($priceSetId);
 130   }
 131
 132   /**
 133    * Determine whether the request is for a valid class/method name.
 134    *
 135    * @param string $type 'method'|'class'|''
 136    * @param string $className 'Class_Name'
 137    * @param string $fnName method name
 138    *
 139    * @return bool
 140    */
 141   static function checkAuthz($type, $className, $fnName = null) {
 142     switch ($type) {
 143       case 'method':
 144         if (!preg_match('/^CRM_[a-zA-Z0-9]+_Page_AJAX$/', $className)) {
 145           return FALSE;
 146         }
 147         if (!preg_match('/^[a-zA-Z0-9]+$/', $fnName)) {
 148           return FALSE;
 149         }
 150
 151         // ensure that function exists
 152         return method_exists($className, $fnName);
 153
 154       case 'page':
 155       case 'class':
 156       case '':
 157         if (!preg_match('/^CRM_[a-zA-Z0-9]+_(Page|Form)_Inline_[a-zA-Z0-9]+$/', $className)) {
 158           return FALSE;
 159         }
 160         return class_exists($className);
 161       default:
 162         return FALSE;
 163     }
 164   }
 165
 166   /**
 167    * Outputs the CiviCRM standard json-formatted page/form response
 168    * @param array|string $response
 169    */
 170   static function returnJsonResponse($response) {
 171     // Allow lazy callers to not wrap content in an array
 172     if (is_string($response)) {
 173       $response = array('content' => $response);
 174     }
 175     // Add session variables to response
 176     $session = CRM_Core_Session::singleton();
 177     $response += array(
 178       'status' => 'success',
 179       'userContext' => htmlspecialchars_decode($session->readUserContext()),
 180       'title' => CRM_Utils_System::$title,
 181     );
 182     // crmMessages will be automatically handled by our ajax preprocessor
 183     // @see js/Common.js
 184     if ($session->getStatus(FALSE)) {
 185       $response['crmMessages'] = $session->getStatus(TRUE);
 186     }
 187     $output = json_encode($response);
 188
 189     // CRM-11831 @see http://www.malsup.com/jquery/form/#file-upload
 190     if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
 191       header('Content-Type: application/json');
 192     }
 193     else {
 194       $output = "<textarea>$output</textarea>";
 195     }
 196     echo $output;
 197     CRM_Utils_System::civiExit();
 198   }
 199
 200   /**
 201    * Set headers appropriate for a js file
 202    */
 203   static function setJsHeaders() {
 204     // Encourage browsers to cache for a long time - 1 year
 205     $year = 60*60*24*364;
 206     header('Expires: '.gmdate('D, d M Y H:i:s \G\M\T', time() + $year));
 207     header('Content-Type:       application/javascript');
 208     header("Cache-Control: max-age=$year, public");
 209   }
 210
 211 }
 212