fix settings validation
This commit is contained in:
parent
f82a3fb1d8
commit
45bbf95972
|
@ -1,40 +1,43 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Update Setting.
|
||||
* Get settings.
|
||||
*/
|
||||
function Settings() {
|
||||
$settings = sql_select("SELECT * FROM `Settings` LIMIT 1");
|
||||
if ($settings === false)
|
||||
return false;
|
||||
if (count($settings) > 0)
|
||||
return $settings[0];
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Update Settings.
|
||||
*
|
||||
* @param string $event_name
|
||||
* @param int $buildup_start_date
|
||||
* @param int $event_start_date
|
||||
* @param int $event_end_date
|
||||
* @param int $teardown_end_date
|
||||
* @param string $event_welcome_msg
|
||||
* @param int $buildup_start_date
|
||||
* @param int $event_start_date
|
||||
* @param int $event_end_date
|
||||
* @param int $teardown_end_date
|
||||
* @param string $event_welcome_msg
|
||||
*/
|
||||
function Settings_update($event_name, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date, $event_welcome_msg) {
|
||||
if (Settings() == null) {
|
||||
return sql_query("INSERT INTO `Settings` SET
|
||||
`event_name`=" . sql_null($event_name) . ",
|
||||
`buildup_start_date`=" . sql_null($buildup_start_date) . ",
|
||||
`event_start_date`=" . sql_null($event_start_date) . ",
|
||||
`event_end_date`=" . sql_null($event_end_date) . ",
|
||||
`teardown_end_date`=" . sql_null($teardown_end_date) . ",
|
||||
`event_welcome_msg`=" . sql_null($event_welcome_msg));
|
||||
}
|
||||
return sql_query("UPDATE `Settings` SET
|
||||
`event_name`='" . sql_escape($event_name) . "',
|
||||
`buildup_start_date`='" . sql_escape($buildup_start_date) . "',
|
||||
`event_start_date`='" . sql_escape($event_start_date) . "',
|
||||
`event_end_date`='" . sql_escape($event_end_date) . "',
|
||||
`teardown_end_date`='" . sql_escape($teardown_end_date) . "',
|
||||
`event_welcome_msg`='" . sql_escape($event_welcome_msg) . "'");
|
||||
}
|
||||
/**
|
||||
* Create Settings.
|
||||
*
|
||||
* @param string $event_name
|
||||
* @param int $buildup_start_date
|
||||
* @param int $event_start_date
|
||||
* @param int $event_end_date
|
||||
* @param int $teardown_end_date
|
||||
* @param string $event_welcome_msg
|
||||
*/
|
||||
function Settings_create($event_name, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date, $event_welcome_msg) {
|
||||
return sql_query("INSERT INTO `Settings` SET
|
||||
`event_name`='" . sql_escape($event_name) . "',
|
||||
`buildup_start_date`='" . sql_escape($buildup_start_date) . "',
|
||||
`event_start_date`='" . sql_escape($event_start_date) . "',
|
||||
`event_end_date`='" . sql_escape($event_end_date) . "',
|
||||
`teardown_end_date`='" . sql_escape($teardown_end_date) . "',
|
||||
`event_welcome_msg`='" . sql_escape($event_welcome_msg) . "'");
|
||||
`event_name`=" . sql_null($event_name) . ",
|
||||
`buildup_start_date`=" . sql_null($buildup_start_date) . ",
|
||||
`event_start_date`=" . sql_null($event_start_date) . ",
|
||||
`event_end_date`=" . sql_null($event_end_date) . ",
|
||||
`teardown_end_date`=" . sql_null($teardown_end_date) . ",
|
||||
`event_welcome_msg`=" . sql_null($event_welcome_msg));
|
||||
}
|
||||
?>
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
*/
|
||||
function sql_close() {
|
||||
global $sql_connection;
|
||||
|
||||
|
||||
return $sql_connection->close();
|
||||
}
|
||||
|
||||
|
@ -21,7 +21,7 @@ function sql_null($value = null) {
|
|||
*/
|
||||
function sql_transaction_start() {
|
||||
global $sql_nested_transaction_level;
|
||||
|
||||
|
||||
if ($sql_nested_transaction_level ++ == 0)
|
||||
return sql_query("BEGIN");
|
||||
else
|
||||
|
@ -33,7 +33,7 @@ function sql_transaction_start() {
|
|||
*/
|
||||
function sql_transaction_commit() {
|
||||
global $sql_nested_transaction_level;
|
||||
|
||||
|
||||
if (-- $sql_nested_transaction_level == 0)
|
||||
return sql_query("COMMIT");
|
||||
else
|
||||
|
@ -45,7 +45,7 @@ function sql_transaction_commit() {
|
|||
*/
|
||||
function sql_transaction_rollback() {
|
||||
global $sql_nested_transaction_level;
|
||||
|
||||
|
||||
if (-- $sql_nested_transaction_level == 0)
|
||||
return sql_query("ROLLBACK");
|
||||
else
|
||||
|
@ -55,17 +55,17 @@ function sql_transaction_rollback() {
|
|||
/**
|
||||
* Logs an sql error.
|
||||
*
|
||||
* @param string $message
|
||||
* @param string $message
|
||||
* @return false
|
||||
*/
|
||||
function sql_error($message) {
|
||||
sql_close();
|
||||
|
||||
|
||||
$message = trim($message) . "\n";
|
||||
$message .= debug_string_backtrace() . "\n";
|
||||
|
||||
|
||||
error_log('mysql_provider error: ' . $message);
|
||||
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
@ -84,21 +84,21 @@ function sql_error($message) {
|
|||
*/
|
||||
function sql_connect($host, $user, $pass, $db) {
|
||||
global $sql_connection;
|
||||
|
||||
|
||||
$sql_connection = new mysqli($host, $user, $pass, $db);
|
||||
if ($sql_connection->connect_errno) {
|
||||
error("Unable to connect to MySQL: " . $sql_connection->connect_error);
|
||||
error("Unable to connect to MySQL: " . $sql_connection->connect_error);
|
||||
return sql_error("Unable to connect to MySQL: " . $sql_connection->connect_error);
|
||||
}
|
||||
|
||||
|
||||
$result = $sql_connection->query("SET CHARACTER SET utf8;");
|
||||
if (! $result)
|
||||
return sql_error("Unable to set utf8 character set (" . $sql_connection->errno . ") " . $sql_connection->error);
|
||||
|
||||
|
||||
$result = $sql_connection->set_charset('utf8');
|
||||
if (! $result)
|
||||
return sql_error("Unable to set utf8 names (" . $sql_connection->errno . ") " . $sql_connection->error);
|
||||
|
||||
|
||||
return $sql_connection;
|
||||
}
|
||||
|
||||
|
@ -119,12 +119,12 @@ function sql_select_db($db_name) {
|
|||
/**
|
||||
* MySQL SELECT query
|
||||
*
|
||||
* @param string $query
|
||||
* @param string $query
|
||||
* @return Result array or false on error
|
||||
*/
|
||||
function sql_select($query) {
|
||||
global $sql_connection;
|
||||
|
||||
|
||||
$result = $sql_connection->query($query);
|
||||
if ($result) {
|
||||
$data = array();
|
||||
|
@ -138,12 +138,12 @@ function sql_select($query) {
|
|||
/**
|
||||
* MySQL execute a query
|
||||
*
|
||||
* @param string $query
|
||||
* @param string $query
|
||||
* @return mysqli_result boolean resource or false on error
|
||||
*/
|
||||
function sql_query($query) {
|
||||
global $sql_connection;
|
||||
|
||||
|
||||
$result = $sql_connection->query($query);
|
||||
if ($result) {
|
||||
return $result;
|
||||
|
@ -164,7 +164,7 @@ function sql_id() {
|
|||
/**
|
||||
* Escape a string for a sql query.
|
||||
*
|
||||
* @param string $query
|
||||
* @param string $query
|
||||
* @return string
|
||||
*/
|
||||
function sql_escape($query) {
|
||||
|
@ -175,7 +175,7 @@ function sql_escape($query) {
|
|||
/**
|
||||
* Convert a boolean for mysql-queries.
|
||||
*
|
||||
* @param boolean $boolean
|
||||
* @param boolean $boolean
|
||||
* @return string
|
||||
*/
|
||||
function sql_bool($boolean) {
|
||||
|
@ -185,7 +185,7 @@ function sql_bool($boolean) {
|
|||
/**
|
||||
* Count query result lines.
|
||||
*
|
||||
* @param string $query
|
||||
* @param string $query
|
||||
* @return int Count of result lines
|
||||
*/
|
||||
function sql_num_query($query) {
|
||||
|
|
|
@ -1,87 +1,94 @@
|
|||
<?php
|
||||
|
||||
function admin_settings_title() {
|
||||
return _("Settings");
|
||||
}
|
||||
|
||||
function admin_settings() {
|
||||
$settings_source = sql_select("SELECT * FROM `Settings`");
|
||||
if (count($settings_source) == 1) {
|
||||
$event_name = $settings_source[0]['event_name'];
|
||||
$buildup_start_date = $settings_source[0]['buildup_start_date'];
|
||||
$event_start_date = $settings_source[0]['event_start_date'];
|
||||
$event_end_date = $settings_source[0]['event_end_date'];
|
||||
$teardown_end_date = $settings_source[0]['teardown_end_date'];
|
||||
$event_welcome_msg = $settings_source[0]['event_welcome_msg'];
|
||||
$event_name = null;
|
||||
$event_welcome_msg = null;
|
||||
$buildup_start_date = null;
|
||||
$event_start_date = null;
|
||||
$event_end_date = null;
|
||||
$teardown_end_date = null;
|
||||
|
||||
$settings_source = Settings();
|
||||
if ($settings_source === false)
|
||||
engelsystem_error('Unable to load settings.');
|
||||
if ($settings_source != null) {
|
||||
$event_name = $settings_source['event_name'];
|
||||
$buildup_start_date = $settings_source['buildup_start_date'];
|
||||
$event_start_date = $settings_source['event_start_date'];
|
||||
$event_end_date = $settings_source['event_end_date'];
|
||||
$teardown_end_date = $settings_source['teardown_end_date'];
|
||||
$event_welcome_msg = $settings_source['event_welcome_msg'];
|
||||
}
|
||||
|
||||
if (isset($_REQUEST['submit'])) {
|
||||
$ok = true;
|
||||
if (isset($_REQUEST['event_name']))
|
||||
$event_name = strip_request_item('event_name');
|
||||
if (isset($_REQUEST['buildup_start_date']) && $_REQUEST['buildup_start_date'] != '') {
|
||||
if (DateTime::createFromFormat("Y-m-d", trim($_REQUEST['buildup_start_date']))) {
|
||||
$buildup_start_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['buildup_start_date']))->getTimestamp();
|
||||
} else {
|
||||
$ok = false;
|
||||
$msg .= error(_("Please enter buildup start date."), true);
|
||||
}
|
||||
} else
|
||||
$buildup_start_date = null;
|
||||
if (isset($_REQUEST['event_start_date']) && $_REQUEST['event_start_date'] != '') {
|
||||
if (DateTime::createFromFormat("Y-m-d", trim($_REQUEST['event_start_date']))) {
|
||||
$event_start_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['event_start_date']))->getTimestamp();
|
||||
} else {
|
||||
$ok = false;
|
||||
$msg .= error(_("Please enter event start date."), true);
|
||||
}
|
||||
} else
|
||||
$event_start_date = null;
|
||||
if (isset($_REQUEST['event_end_date']) && $_REQUEST['event_end_date'] != '') {
|
||||
if (DateTime::createFromFormat("Y-m-d", trim($_REQUEST['event_end_date']))) {
|
||||
$event_end_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['event_end_date']))->getTimestamp();
|
||||
} else {
|
||||
$ok = false;
|
||||
$msg .= error(_("Please enter event end date."), true);
|
||||
}
|
||||
} else
|
||||
$event_end_date = null;
|
||||
if (isset($_REQUEST['teardown_end_date']) && $_REQUEST['teardown_end_date'] != '') {
|
||||
if (DateTime::createFromFormat("Y-m-d", trim($_REQUEST['teardown_end_date']))) {
|
||||
$teardown_end_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['teardown_end_date']))->getTimestamp();
|
||||
} else {
|
||||
$ok = false;
|
||||
$msg .= error(_("Please enter teardown end date."), true);
|
||||
|
||||
if (isset($_REQUEST['event_name']))
|
||||
$event_name = strip_request_item('event_name');
|
||||
if ($event_name == '')
|
||||
$event_name = null;
|
||||
|
||||
if (isset($_REQUEST['event_welcome_msg']))
|
||||
$event_welcome_msg = strip_request_item_nl('event_welcome_msg');
|
||||
if ($event_welcome_msg == '')
|
||||
$event_welcome_msg = null;
|
||||
|
||||
$result = check_request_date('buildup_start_date', _("Please enter buildup start date."), true);
|
||||
$buildup_start_date = $result->getValue();
|
||||
$ok &= $result->isOk();
|
||||
|
||||
$result = check_request_date('event_start_date', _("Please enter event start date."), true);
|
||||
$event_start_date = $result->getValue();
|
||||
$ok &= $result->isOk();
|
||||
|
||||
$result = check_request_date('event_end_date', _("Please enter event end date."), true);
|
||||
$event_end_date = $result->getValue();
|
||||
$ok &= $result->isOk();
|
||||
|
||||
$result = check_request_date('teardown_end_date', _("Please enter teardown end date."), true);
|
||||
$teardown_end_date = $result->getValue();
|
||||
$ok &= $result->isOk();
|
||||
|
||||
if ($ok) {
|
||||
$result = Settings_update($event_name, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date, $event_welcome_msg);
|
||||
|
||||
if ($result === false)
|
||||
engelsystem_error("Unable to update settings.");
|
||||
|
||||
success(_("Settings saved."));
|
||||
redirect(page_link_to('admin_settings'));
|
||||
}
|
||||
} else
|
||||
$teardown_end_date = null;
|
||||
if (isset($_REQUEST['event_welcome_msg']))
|
||||
$event_welcome_msg = strip_request_item('event_welcome_msg');
|
||||
}
|
||||
if ($ok) {
|
||||
if (count($settings_source) == 1)
|
||||
Settings_update($event_name, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date, $event_welcome_msg);
|
||||
else
|
||||
Settings_create($event_name, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date, $event_welcome_msg);
|
||||
}
|
||||
|
||||
success(_("Settings saved."));
|
||||
redirect(page_link_to('admin_settings'));
|
||||
}
|
||||
return page_with_title(admin_settings_title(), array(
|
||||
$msg,
|
||||
return page_with_title(admin_settings_title(), [
|
||||
msg(),
|
||||
div('row', array(
|
||||
div('col-md-12', array(
|
||||
form(array(
|
||||
form_info('', _("Here you can change event information.")),
|
||||
form_text('event_name', _("Event Name"), $event_name),
|
||||
form_date('buildup_start_date', _("Buildup date"), $buildup_start_date, time()),
|
||||
form_date('event_start_date', _("Event start date"), $event_start_date, time()),
|
||||
form_date('event_end_date', _("Event end date"), $event_end_date, time()),
|
||||
form_date('teardown_end_date', _("Teardown end date"), $teardown_end_date, time()),
|
||||
form_info('', _("Here you can write your display message for registration:")),
|
||||
form_text('event_welcome_msg', _("Event Welcome Message"), $event_welcome_msg),
|
||||
form_submit('submit', _("Save"))
|
||||
))
|
||||
))
|
||||
))
|
||||
));
|
||||
form([
|
||||
div('row', [
|
||||
div('col-md-6', [
|
||||
form_text('event_name', _("Event Name"), $event_name),
|
||||
form_info('', _("Event Name is shown on the start page.")),
|
||||
form_textarea('event_welcome_msg', _("Event Welcome Message"), $event_welcome_msg),
|
||||
form_info('', _("Welcome message is shown after successful registration. You can use markdown."))
|
||||
]),
|
||||
div('col-md-3', [
|
||||
form_date('buildup_start_date', _("Buildup date"), $buildup_start_date),
|
||||
form_date('event_start_date', _("Event start date"), $event_start_date)
|
||||
]),
|
||||
div('col-md-3', [
|
||||
form_date('teardown_end_date', _("Teardown end date"), $teardown_end_date),
|
||||
form_date('event_end_date', _("Event end date"), $event_end_date)
|
||||
])
|
||||
]),
|
||||
div('row', [
|
||||
div('col-md-6', [
|
||||
form_submit('submit', _("Save"))
|
||||
])
|
||||
])
|
||||
])
|
||||
]);
|
||||
}
|
||||
?>
|
||||
|
|
|
@ -18,6 +18,46 @@ function raw_output($output) {
|
|||
die();
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if given request item (name) can be parsed to a date.
|
||||
* If not parsable, given error message is put into msg() and null is returned.
|
||||
*
|
||||
* @param string $input
|
||||
* String to be parsed into a date.
|
||||
* @param string $error_message
|
||||
* the error message displayed if $input is not parsable
|
||||
* @param boolean $null_allowed
|
||||
* is a null value allowed?
|
||||
* @return ValidationResult containing the parsed date
|
||||
*/
|
||||
function check_request_date($name, $error_message = null, $null_allowed = false) {
|
||||
if (! isset($_REQUEST[$name]))
|
||||
return new ValidationResult($null_allowed, null);
|
||||
return check_date($_REQUEST[$name], $error_message, $null_allowed);
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if given string can be parsed to a date.
|
||||
* If not parsable, given error message is put into msg() and null is returned.
|
||||
*
|
||||
* @param string $input
|
||||
* String to be parsed into a date.
|
||||
* @param string $error_message
|
||||
* the error message displayed if $input is not parsable
|
||||
* @param boolean $null_allowed
|
||||
* is a null value allowed?
|
||||
* @return ValidationResult containing the parsed date
|
||||
*/
|
||||
function check_date($input, $error_message = null, $null_allowed = false) {
|
||||
if (DateTime::createFromFormat("Y-m-d", trim($input)))
|
||||
return new ValidationResult(true, DateTime::createFromFormat("Y-m-d", trim($input)));
|
||||
if ($null_allowed)
|
||||
return new ValidationResult(true, null);
|
||||
|
||||
error($error_message);
|
||||
return new ValidationResult(false, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Gibt den gefilterten REQUEST Wert ohne Zeilenumbrüche zurück
|
||||
*/
|
||||
|
@ -57,4 +97,38 @@ function check_email($email) {
|
|||
return (bool) filter_var($email, FILTER_VALIDATE_EMAIL);
|
||||
}
|
||||
|
||||
class ValidationResult {
|
||||
|
||||
private $ok;
|
||||
|
||||
private $value;
|
||||
|
||||
/**
|
||||
* Constructor.
|
||||
*
|
||||
* @param boolean $ok
|
||||
* Is the value valid?
|
||||
* @param * $value
|
||||
* The validated value
|
||||
*/
|
||||
public function ValidationResult($ok, $value) {
|
||||
$this->ok = $ok;
|
||||
$this->value = $value;
|
||||
}
|
||||
|
||||
/**
|
||||
* Is the value valid?
|
||||
*/
|
||||
public function isOk() {
|
||||
return $this->ok;
|
||||
}
|
||||
|
||||
/**
|
||||
* The parsed/validated value.
|
||||
*/
|
||||
public function getValue() {
|
||||
return $this->value;
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:noNamespaceSchemaLocation="http://schema.phpunit.de/4.0/phpunit.xsd"
|
||||
xsi:noNamespaceSchemaLocation="http://schema.phpunit.de/4.5/phpunit.xsd"
|
||||
bootstrap="../includes/engelsystem_provider.php" colors="true"
|
||||
convertErrorsToExceptions="true" convertNoticesToExceptions="true"
|
||||
convertWarningsToExceptions="true" forceCoversAnnotation="false">
|
||||
<testsuites>
|
||||
<testsuite name="Models">
|
||||
<directory>model</directory>
|
||||
<directory>model/*</directory>
|
||||
</testsuite>
|
||||
</testsuites>
|
||||
<php>
|
||||
|
|
Loading…
Reference in New Issue