Dominique.Fournier/DomFramework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

routeSQL : Test if the chained object exists or send a 404

Browse Source 
git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@2031 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
This commit is contained in:
Dominique Fournier
2015-03-17 19:57:15 +00:00
parent c27d60107d
commit 03cdd0b394
1 changed files with 159 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

213
routeSQL.php
View File

@@ -13,6 +13,8 @@ error_reporting (E_ALL);
Allow to do CRUD on datas with only one line in index.php */
class routeSQL
{
/** Activate the debug */
public $debug=0;
/** Display the Actions column in list of entries */
public $displayActions = true;
/** Do a confirmation in javascript before deleting entry */
@@ -123,10 +125,14 @@ class routeSQL
$dataflash .= "<div class='alert ";
switch ($flash[0])
{
case 4: $dataflash .= "alert-danger";$alert = _("Error!");break;
case 3: $dataflash .= "alert-warning";$alert = _("Warning!");break;
case 2: $dataflash .= "alert-info";$alert = _("Info :");break;
case 1: $dataflash .= "alert-success";$alert = _("Success : ");break;
case 4: $dataflash .= "alert-danger";
$alert = dgettext("domframework","Error!");break;
case 3: $dataflash .= "alert-warning";
$alert = dgettext("domframework","Warning!");break;
case 2: $dataflash .= "alert-info";
$alert = dgettext("domframework","Info :");break;
case 1: $dataflash .= "alert-success";
$alert = dgettext("domframework","Success : ");break;
}
$dataflash .= " alert-dismissable'>\n";
$dataflash .= "<strong>$alert</strong> ".$flash[1]."\n";
@@ -230,7 +236,7 @@ class routeSQL
}
/** Display the search area */
public function searchArea ($nbentries, $page, $num, $search)
private function searchArea ($nbentries, $page, $num, $search)
{
$route = new route ();
$content = "";
@@ -280,6 +286,7 @@ class routeSQL
}
/** Add HTML routes */
$route = new route ();
$route->debug = $this->debug;;
$route->allowSlashes=false;
$route->get ($this->url_prefix."/", function ($chain) use ($route)
{
@@ -292,18 +299,30 @@ class routeSQL
function ($p1, $v1, $p2, $v2, $p3, $v3, $chain) use ($route)
{
// List all the objects of the table
if ($this->chained !== null &&
$this->chained->accessright ($chain) !== TRUE)
if ($this->chained !== null)
{
if ($this->chained->accessright ($chain) !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework",
"Anonymous not allowed"), 401);
throw new Exception (dgettext("domframework",
"Access forbidden"), 403);
}
$this->chained->connect();
// $chainedValues are the informations associated to the $chain
$chainedValues = $this->chained->keyexists ($chain);
if ($chainedValues === false)
throw new Exception (dgettext("domframework",
"Object not found"), 404);
}
if ($this->accessright () !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework",
"Anonymous not allowed"), 401);
throw new Exception (dgettext("domframework",
"Access forbidden"), 403);
}
if ($this->chained !== null &&
@@ -338,7 +357,7 @@ class routeSQL
//echo "PAGE=$page\n";
//echo "NUM=$num\n";
//echo "SEARCH=$search\n";
//$route->debug=1;
//$route->debug=$this->debug;
$this->connect();
$csrf = new csrf ();
$token = $csrf->createToken ();
@@ -541,27 +560,39 @@ echo $content;
function ($id, $token, $chain)
{
// Delete an existing object if the token is valid
if ($this->chained !== null &&
$this->chained->editright ($chain) !== TRUE)
if ($this->chained !== null)
{
if ($this->chained->editright ($chain) !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework",
"Anonymous not allowed"), 401);
throw new Exception (dgettext("domframework","Access forbidden"),
403);
}
$this->chained->connect();
// $chainedValues are the informations associated to the $chain
$chainedValues = $this->chained->keyexists ($chain);
if ($chainedValues === false)
throw new Exception (dgettext("domframework",
"Object not found"), 404);
}
if ($this->accessright ($id) !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework","Anonymous not allowed"),
401);
throw new Exception (dgettext("domframework","Access forbidden"), 403);
}
if ($this->editright ($id) !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework","Anonymous not allowed"),
401);
throw new Exception (dgettext("domframework","Access forbidden"), 403);
}
if ($this->readonly ($id) === TRUE)
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework","Access forbidden"), 403);
$this->connect();
$csrf = new csrf ();
@@ -589,27 +620,39 @@ echo $content;
$route->get ($this->url_prefix."/add", function ($chain)
{
// Add a new entry : form to be filled by the user
if ($this->chained !== null &&
$this->chained->editright ($chain) !== TRUE)
if ($this->chained !== null)
{
if ($this->chained->editright ($chain) !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework",
"Anonymous not allowed"), 401);
throw new Exception (dgettext("domframework","Access forbidden"),
403);
}
$this->chained->connect();
// $chainedValues are the informations associated to the $chain
$chainedValues = $this->chained->keyexists ($chain);
if ($chainedValues === false)
throw new Exception (dgettext("domframework",
"Object not found"), 404);
}
if ($this->accessright () !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework","Anonymous not allowed"),
401);
throw new Exception (dgettext("domframework","Access forbidden"), 403);
}
if ($this->editright () !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework","Anonymous not allowed"),
401);
throw new Exception (dgettext("domframework","Access forbidden"), 403);
}
if ($this->readonly () === TRUE)
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework","Access forbidden"), 403);
$this->connect();
$content = $this->showflash ();
@@ -675,8 +718,9 @@ echo $content;
unset ($field);
}
$field = new formfield ("submit", _("Save the datas"));
$field->defaults = _("Save the datas");
$field = new formfield ("submit", dgettext("domframework",
"Save the datas"));
$field->defaults = dgettext("domframework","Save the datas");
$field->type = "submit";
$fields[] = $field;
unset ($field);
@@ -688,27 +732,39 @@ echo $content;
$route->post ($this->url_prefix."/add", function ($chain) use ($route)
{
// Add a new entry : effective save of the datas
if ($this->chained !== null &&
$this->chained->editright ($chain) !== TRUE)
if ($this->chained !== null)
{
if ($this->chained->editright ($chain) !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework",
"Anonymous not allowed"), 401);
throw new Exception (dgettext("domframework","Access forbidden"),
403);
}
$this->chained->connect();
// $chainedvalues are the informations associated to the $chain
$chainedvalues = $this->chained->keyexists ($chain);
if ($chainedvalues === false)
throw new exception (dgettext("domframework",
"Object not found"), 404);
}
if ($this->accessright () !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework","Anonymous not allowed"),
401);
throw new Exception (dgettext("domframework","Access forbidden"), 403);
}
if ($this->editright () !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework","Anonymous not allowed"),
401);
throw new Exception (dgettext("domframework","Access forbidden"), 403);
}
if ($this->readonly () === TRUE)
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework","Access forbidden"), 403);
$this->connect();
$f = new form ();
@@ -720,7 +776,8 @@ echo $content;
{
$this->objectDB->insert ($values);
$renderer = new renderer ();
$renderer->flash ("SUCCESS", _("Creation done"));
$renderer->flash ("SUCCESS", dgettext("domframework",
"Creation done"));
$route->redirect ("/".
str_replace ("{chain}", $chain, $this->url_prefix),
"");
@@ -749,18 +806,29 @@ echo $content;
$route->get ($this->url_prefix."/{id}", function ($id, $chain)
{
// List the details of one existing object
if ($this->chained !== null &&
$this->chained->accessright ($chain) !== TRUE)
if ($this->chained !== null)
{
if ($this->chained->accessright ($chain) !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework",
"Anonymous not allowed"), 401);
throw new Exception (dgettext("domframework","Access forbidden"),
403);
}
$this->chained->connect();
// $chainedvalues are the informations associated to the $chain
$chainedvalues = $this->chained->keyexists ($chain);
if ($chainedvalues === false)
throw new exception (dgettext("domframework",
"Object not found"), 404);
}
if ($this->accessright ($id) !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework","Anonymous not allowed"),
401);
throw new Exception (dgettext("domframework","Access forbidden"), 403);
}
if ($this->chained !== null &&
$this->chained->editright ($chain) !== true)
@@ -842,8 +910,9 @@ echo $content;
if ($readonly === false && $this->readwriteAllowed === true)
{
$field = new formfield ("submit", _("Save the datas"));
$field->defaults = _("Save the datas");
$field = new formfield ("submit", dgettext("domframework",
"Save the datas"));
$field->defaults = dgettext("domframework","Save the datas");
$field->type = "submit";
$fields[] = $field;
unset ($field);
@@ -856,27 +925,39 @@ echo $content;
$route->post ($this->url_prefix."/{id}", function ($id, $chain) use ($route)
{
// Save the details of one existing object
if ($this->chained !== null &&
$this->chained->editright ($chain) !== TRUE)
if ($this->chained !== null)
{
if ($this->chained->editright ($chain) !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework",
"Anonymous not allowed"), 401);
throw new Exception (dgettext("domframework","Access forbidden"),
403);
}
$this->chained->connect();
// $chainedvalues are the informations associated to the $chain
$chainedvalues = $this->chained->keyexists ($chain);
if ($chainedvalues === false)
throw new exception (dgettext("domframework",
"Object not found"), 404);
}
if ($this->accessright ($id) !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework","Anonymous not allowed"),
401);
throw new Exception (dgettext("domframework","Access forbidden"), 403);
}
if ($this->editright ($id) !== TRUE)
{
if ($this->auth["email"] === "anonymous")
throw new Exception (_("Anonymous not allowed"), 401);
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework","Anonymous not allowed"),
401);
throw new Exception (dgettext("domframework","Access forbidden"), 403);
}
if ($this->readonly ($id) === TRUE)
throw new Exception (_("Access forbidden"), 403);
throw new Exception (dgettext("domframework","Access forbidden"), 403);
$this->connect();
$oldvalues = $this->objectDB->read (array (array
@@ -903,7 +984,7 @@ echo $content;
{
$this->objectDB->update ($id, $values);
$renderer = new renderer ();
$renderer->flash ("SUCCESS", _("Update done"));
$renderer->flash ("SUCCESS", dgettext("domframework","Update done"));
$route->redirect ("/".
str_replace ("{chain}", $chain, $this->url_prefix),
"");
@@ -982,4 +1063,16 @@ echo $content;
}
return FALSE;
}
/** Return the datas of the row if the $id exists in the primary key of the
table
Return FALSE in the other cases */
public function keyexists ($id)
{
$datas = $this->objectDB->read (array (array ($this->objectDB->primary,
$id)));
if (count ($datas) > 0)
return $datas[0];
return FALSE;
}
}