Merge branch 'master' of 192.168.3.251:connector-php

Author: Maria-Staskova

codebase/base_connector.php

@@ -288,6 +288,10 @@ class Connector {
 	protected $encoding="utf-8";//!< assigned encoding (UTF-8 by default) 
 	protected $editing=false;//!< flag of edit mode ( response for dataprocessor )
 
+	public static $filter_var="dhx_filter";
+	public static $sort_var="dhx_sort";
+	public static $kids_var="dhx_kids";
+
 	public $model=false;
 
 	private $updating=false;//!< flag of update mode ( response for data-update )
@@ -309,7 +313,8 @@ class Connector {
 	protected $filters;
 	protected $sorts;
 	protected $mix;
-	
+	protected $order = false;
+
 	/*! constructor
 		
 		Here initilization of all Masters occurs, execution timer initialized
@@ -590,22 +595,26 @@ protected function parse_request(){
             $this->request->set_user($_GET["dhx_user"]);
         }
 
-		if (isset($_GET["dhx_sort"]))
-			foreach($_GET["dhx_sort"] as $k => $v){
+		if (isset($_GET[Connector::$sort_var]))
+			foreach($_GET[Connector::$sort_var] as $k => $v){
 				$k = $this->safe_field_name($k);
 				$this->request->set_sort($this->resolve_parameter($k),$v);
 			}
 
-		if (isset($_GET["dhx_filter"]))
-			foreach($_GET["dhx_filter"] as $k => $v){
+		if (isset($_GET[Connector::$filter_var]))
+			foreach($_GET[Connector::$filter_var] as $k => $v){
 				$k = $this->safe_field_name($k);
-				$this->request->set_filter($this->resolve_parameter($k),$v);
+				if ($v !== "")
+					$this->request->set_filter($this->resolve_parameter($k),$v);
 			}
 
+		$this->check_csrf();
+	}
+
+	protected function check_csrf(){
 		$key = ConnectorSecurity::checkCSRF($this->editing);
 		if ($key !== "")
-			$this->add_top_attribute("dhx_security", $key);
-		
+			$this->add_top_attribute(ConnectorSecurity::$security_var, $key);
 	}
 
 	/*! convert incoming request name to the actual DB name
@@ -701,7 +710,23 @@ public function set_encoding($encoding){
 	*/
 	public function dynamic_loading($count){
 		$this->dload=$count;
-	}	
+	}
+
+	/*! enable or disable data reordering
+		
+		@param name 
+			name of field, which will be used for order storing, optional
+			by default 'sortorder' field will be used
+	*/
+	public function enable_order($name = true){
+		if ($name === true)
+			$name = "sortorder";
+
+		$this->sort($name);
+		$this->access->allow("order");
+		$this->request->set_order($name);
+		$this->order = $name;
+	}
 
 	/*! enable logging
 		
@@ -750,7 +775,10 @@ protected function xml_start(){
 	*/
 	protected function xml_end(){
 		$this->fill_collections();
-		return $this->extra_output."</data>";
+		if (isset($this->extra_output))
+			return $this->extra_output."</data>";
+		else
+			return "</data>";
 	}
 
 	protected function fill_collections($list=""){

codebase/connector.js

@@ -83,7 +83,7 @@ if (window.dhtmlXGridObject && !dhtmlXGridObject.prototype._init_point_connector
 		if (!this._colls_loaded && this.cellType){
 			var ar=[];
 			for (var i=0; i < this.cellType.length; i++)
-				if (this.cellType[i].indexOf("co")==0 || this._con_f_used[i]==2) ar.push(i);
+				if (this.cellType[i].indexOf("co")==0 || this.cellType[i].indexOf("clist")==0 || this._con_f_used[i]==2) ar.push(i);
 			if (ar.length)
 				arguments[0]+=(arguments[0].indexOf("?")!=-1?"&":"?")+"connector=true&dhx_colls="+ar.join(",");
 		}
@@ -120,8 +120,13 @@ if (window.dhtmlXGridObject && !dhtmlXGridObject.prototype._init_point_connector
 					} else
 						v[v.length]=val;
 				}
-				if (opts.length)
-					combo.addOption(opts);
+				if (opts.length){
+					if (combo)
+						combo.addOption(opts);
+				} else if (v.length && !combo)
+					if (this.registerCList)
+						this.registerCList(f*1, v);
+
 
 				if (this._con_f_used[f*1])
 					this._con_f_used[f*1]=v;

codebase/convert.php

@@ -41,6 +41,10 @@ private function as_file($size, $name, $inline){
 	}	
 	public function convert($conn, $out){
 
+		$str_out = str_replace("<rows>","<rows profile='color'>", $out);
+		$str_out = str_replace("<head>","<head><columns>", $str_out);
+		$str_out = str_replace("</head>","</columns></head>", $str_out);
+
 		if ($this->type == "pdf")
 			header("Content-type: application/pdf");
 		else
@@ -50,7 +54,7 @@ public function convert($conn, $out){
 		curl_setopt($handle, CURLOPT_POST, true);
 		curl_setopt($handle, CURLOPT_HEADER, false);
 		curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
-		curl_setopt($handle, CURLOPT_POSTFIELDS, "grid_xml=".urlencode(str_replace("<rows>","<rows profile='color'>", $out)));
+		curl_setopt($handle, CURLOPT_POSTFIELDS, "grid_xml=".urlencode($str_out));
 
 
 		$out->reset();

codebase/crosslink_connector.php

@@ -109,6 +109,10 @@ public function afterProcessing($action){
 				$this->link->delete($master_key);
 				break;
 			case "updated":
+				//cross link options not loaded yet, so we can skip update
+				if (!array_key_exists($this->link_name, $action->get_data()))
+					break;
+				//else, delete old options and continue in insert section to add new values
 				$this->link->delete($master_key);
 			case "inserted":
 				for ($i=0; $i < sizeof($link_key); $i++)

codebase/data_connector.php

@@ -114,7 +114,10 @@ public function add_section($name, $string){
 	}
 
 	protected function parse_request_mode(){
-		//do nothing, at least for now
+		if (isset($_GET['action']) && $_GET["action"] != "get")
+			$this->editing = true;
+		else
+			parent::parse_request_mode();
 	}
 
 	//parse GET scoope, all operations with incoming request must be done here
@@ -134,10 +137,10 @@ protected function parse_request(){
 				//data saving
 				$this->editing = true;
 			}
+			parent::check_csrf();
 		} else {
 			if (isset($_GET['editing']) && isset($_POST['ids']))
 				$this->editing = true;			
-			
 			parent::parse_request();
 		}
 
@@ -149,7 +152,10 @@ protected function parse_request(){
 	/*! renders self as  xml, starting part
 	*/
 	protected function xml_start(){
-		$start = parent::xml_start();
+		$start = "<data";
+		foreach($this->attributes as $k=>$v)
+			$start .= " ".$k."='".$v."'";
+		$start.= ">";
 
 		foreach($this->sections as $k=>$v)
 			$start .= "<".$k.">".$v."</".$k.">\n";
@@ -195,7 +201,7 @@ protected function fill_collections($list=""){
 			$name = $k;
 			$option="\"{$name}\":[";
 			if (!is_string($this->options[$name]))
-				$option.=substr($this->options[$name]->render(),0,-2);
+				$option.=substr(json_encode($this->options[$name]->render()),1,-1);
 			else
 				$option.=$this->options[$name];
 			$option.="]";
@@ -274,8 +280,11 @@ function to_xml(){
 		}
 
 		if ($this->userdata !== false)
-			foreach ($this->userdata as $key => $value)
+			foreach ($this->userdata as $key => $value){
+				if ($value === null)
+					$data[$key]="";
 				$data[$key]=$value;
+			}
 
 		return $data;
 	}
@@ -340,7 +349,7 @@ function to_xml_start(){
 				$str.=" ".$key."='".$this->xmlentities($value)."'";
 
 		if ($this->kids === true)
-			$str .=" dhx_kids='1'";
+			$str .=" ".Connector::$kids_var."='1'";
 
 		return $str.">";
 	}
@@ -394,7 +403,11 @@ protected function parse_request(){
 	/*! renders self as  xml, starting part
 	*/
 	protected function xml_start(){
-		return "<data parent='".$this->request->get_relation()."'>";
+		$attributes = " parent='".$this->request->get_relation()."' ";
+		foreach($this->attributes as $k=>$v)
+			$attributes .= " ".$k."='".$v."'";
+
+		return "<data".$attributes.">";
 	}	
 }
 
@@ -420,6 +433,10 @@ protected function output_as_xml($res){
         if (!empty($this->options))
             $data["collections"] = $this->options;
 
+
+		foreach($this->attributes as $k=>$v)
+			$data[$k] = $v;
+		
 		$data = json_encode($data);
 
 		// return as string
@@ -489,7 +506,7 @@ function to_xml_start(){
 				$data[$key]=$value;
 
 		if ($this->kids === true)
-			$data["dhx_kids"] = 1;
+			$data[Connector::$kids_var] = 1;
 
 		return $data;
 	}

codebase/dataprocessor.php

@@ -160,12 +160,15 @@ protected function inner_process($action){
 
 			$mode = $this->status_to_mode($action->get_status());
 			if (!$this->connector->access->check($mode)){
-				LogMaster::log("Access control: {$operation} operation blocked");
+				LogMaster::log("Access control: {$mode} operation blocked");
 				$action->error();
 			} else {
 				$check = $this->connector->event->trigger("beforeProcessing",$action);
 				if (!$action->is_ready())
 					$this->check_exts($action,$mode);
+				if ($mode == "insert" && $action->get_status() != "error" && $action->get_status() != "invalid")
+					$this->connector->sql->new_record_order($action, $this->request);
+
 				$check = $this->connector->event->trigger("afterProcessing",$action);
 			}
 
@@ -178,13 +181,14 @@ protected function inner_process($action){
 
 		if ($this->connector->sql->is_record_transaction()){
 			if ($action->get_status()=="error" || $action->get_status()=="invalid")
-				$this->connector->sql->rollback_transaction();		
+				$this->connector->sql->rollback_transaction();
 			else
-				$this->connector->sql->commit_transaction();		
+				$this->connector->sql->commit_transaction();
 		}
-				
+
 		return $action;
 	}
+
 	/*! check if some event intercepts processing, send data to DataWrapper in other case
 
 		@param action 
@@ -220,7 +224,7 @@ function check_exts($action,$mode){
 		}
 		$this->connector->event->trigger("after".$mode,$action);
 
-		$this->config = $old_config;
+		$this->config->copy($old_config);
 	}
 
 	/*! output xml response for dataprocessor
@@ -484,11 +488,23 @@ function success($id=false){
 	function to_xml(){
 		$str="<action type='{$this->status}' sid='{$this->id}' tid='{$this->nid}' ";
 		foreach ($this->attrs as $k => $v) {
-			$str.=$k."='".$v."' ";
+			$str.=$k."='".$this->xmlentities($v)."' ";
 		}
 		$str.=">{$this->output}</action>";	
 		return $str;
 	}
+
+	/*! replace xml unsafe characters
+		
+		@param string 
+			string to be escaped
+		@return 
+			escaped string
+	*/
+	public function xmlentities($string) { 
+   		return str_replace( array( '&', '"', "'", '<', '>', '’' ), array( '&amp;' , '&quot;', '&apos;' , '&lt;' , '&gt;', '&apos;' ), $string);
+	}
+
 	/*! convert self to string ( for logs )
 		
 		@return 

codebase/dataview_connector.php

@@ -60,7 +60,6 @@ protected function xml_start(){
 		foreach($this->attributes as $k=>$v)
 			$attributes .= " ".$k."='".$v."'";
 
-		$start.= ">";
 		if ($this->dload){
 			if ($pos=$this->request->get_start())
 				return "<data pos='".$pos."'".$attributes.">";