*/
require_once ("domframework/csrf.php");
/** This class permit to create easily some forms to HTML (or text mode in
* future).
* Each field can be checked in AJAX or HTML. */
class form
{
/** All the fields */
private $fields = NULL;
/** The name of the form */
private $formName;
/** Allow to debug the PHP */
public $debug=0;
/** CSRF protection
* By default, the CSRF protection is active if a SESSION is active too.
* It can be disabled if needed. An Exception is raised if the form is send
* back without the token */
public $csrf=TRUE;
/** Name of the CSRF hidden field in HTML page */
public $csrfField = "CSRF_TOKEN";
/** The method used to send the values */
private $method = "post";
/** The Bootstrap width of the column of titles */
public $titlewidth = 2;
/** The Bootstrap width of the column of fields */
public $fieldwidth = 10;
/** Create a form
* @param string|null $formName The form name
*/
public function __construct ($formName = "form")
{
$this->formName = $formName;
}
/** Save the array of fields into the structure.
* Available :
* - name : name of the field in the HTML page
* - label : label written to the describe the field
* - [titles] : text written in radio/checkboxes
* - [defaults] : default values. Must be array for checkbox/select, and
* string for others
* - [type] : text, password, hidden, checkbox, select, radio, submit,
* textarea
* text by default
* - [help] : The Help message (written below the field). Overwrited in
* case of error
* - [multiple] : Multiple selection are possible (if the type supports it)
* - [group] : define a fieldset and define the title with groupe name
* Warning : all the elements of the same group must be
* consecutive !
* - [readonly] : put a read-only flag on the field (the user see it but
* can't interract on it. The value will be sent to next
* page
* - [mandatory] : boolean to add a red star at end of label
* - [hidden] : hide the field (add a style='display:hidden' to the field)
* - [maxlength] : the maximum length of the content of the field in chars
* - [rows] : Number of rows
* - [cols] : Number of columns
* - [placeholder] : The text to be displayed in the placeholder
*
* @param array $fields The fields to be displayed
*/
public function fields ($fields)
{
$this->fields = $fields;
}
/** Add a field to the form. For the details of a field, see the description
* in fields method */
public function addfield ($field)
{
$this->fields[] = $field;
}
/** Return the values provided by the user. Test the CSRF before continue
* NEVER read the values from $_POST in your codes or CSRF will not be
* checked */
public function values ()
{
$values = array ();
if ($this->method === "post")
{
if (isset ($_POST[$this->formName]))
$values = $_POST[$this->formName];
}
elseif ($this->method === "get")
{
if (isset ($_GET[$this->formName]))
$values = $_GET[$this->formName];
}
else
{
throw new Exception (dgettext("domframework",
"Unknown FORM method (GET or POST allowed)"));
}
if (count ($values) !== 0)
{
// CSRF protection
try
{
$this->checkToken ($values[$this->csrfField]);
}
catch (Exception $e)
{
throw new Exception ($e->getMessage(), 500);
}
// Remove the field CSRF : can not be used outside the form
unset ($values[$this->csrfField]);
}
return $values;
}
/** Return the fields in HTML code. If $values is provided, use it in place
* of default values. In case of select boxes, $values are the selected
* elements
* $method is the method written in method field of \n";
if (isset ($_SESSION))
$_SESSION["domframework"]["form"]["fields"] = $this->fields;
return $res;
}
/** Check the token from the user
* @param string $tokenFromUser The value form the user's token */
public function checkToken ($tokenFromUser)
{
$csrf = new csrf ();
$csrf->field = $this->csrfField;
$csrf->checkToken ($tokenFromUser);
}
/** Check if the parameters are correct with the defined fields
* Need the session !
* @return array containing the errors
*/
public function verify ($values, $fields=array ())
{
if (count ($fields) === 0)
{
if (! isset ($_SESSION["domframework"]["form"]["fields"]))
return array ();
$fields = $_SESSION["domframework"]["form"]["fields"];
}
$errors = array ();
foreach ($fields as $field)
{
if ($field->mandatory !== null &&
(! array_key_exists ($field->name, $values) ||
trim ($values[$field->name]) === ""))
$errors[$field->name] = _("Field mandatory and not provided");
}
return $errors;
}
/** Save the values and errors to be displayed in the next page if the session
* is available
* Need the session to work
* @param array $values The values of the fields filled by the user
* @param array|null $errors The errors detected by a verify
*/
public function saveValuesErrors ($values, $errors=array ())
{
if (isset ($_SESSION))
{
$_SESSION["domframework"]["form"]["values"] = $values;
$_SESSION["domframework"]["form"]["errors"] = $errors;
}
}
/** Reset the saved values to provide a clean form next page
* Need the session to work
*/
public function saveValuesErrorsReset ()
{
unset ($_SESSION["domframework"]["form"]["values"]);
unset ($_SESSION["domframework"]["form"]["errors"]);
}
/** Get the stored values if there is one. If there is no stored values,
* return the values provided as parameter
* @param array $values The values returned if there is no stored values
* @return array The values to use
*/
public function getOldValues ($values)
{
if (isset ($_SESSION["domframework"]["form"]["values"]))
{
$values = $_SESSION["domframework"]["form"]["values"];
unset ($_SESSION["domframework"]["form"]["values"]);
}
return $values;
}
/** Get the stored errors if there is one. If there is no sorted errors,
* return the errors provided as parameter
* @param array $errors The values returned if there is no stored values
* @return array The errors to use
*/
public function getOldErrors ($errors)
{
if (isset ($_SESSION["domframework"]["form"]["errors"]))
{
$errors = $_SESSION["domframework"]["form"]["errors"];
unset ($_SESSION["domframework"]["form"]["errors"]);
}
return $errors;
}
/** Convert Date received in one format to another.
* If the provided string is not corresponding to the format, don't change
* anything.
* Format used http://php.net/manual/en/datetime.createfromformat.php
* @param string $inputDate
* @param string $inputFormat
* @param string $outputFormat
* @return string
*/
public function convertDate ($inputDate, $inputFormat, $outputFormat)
{
$date = DateTime::CreateFromFormat ($inputFormat, $inputDate);
$errors = $date->getLastErrors();
if ($errors["warning_count"] > 0 || $errors["error_count"] > 0)
return $inputDate;
return $date->format ($outputFormat);
}
}
/** the definition of a formfield */
class formfield
{
/** The form name */
public $formName;
/** The name of the field */
public $name;
/** The label of the field */
public $label;
/** The titles of the field */
public $titles;
/** The defaults values of the field */
public $defaults;
/** The type of the field (text, password, checkbox, select)*/
public $type="text";
/** Allow a help message to be displayed below the field. In case of error,
* it is overrided by the error message */
public $help;
/** The multiplicity of selection of the field (available in select only)*/
public $multiple;
/** The name of group for the fields */
public $group;
/** The read-only feature of the field */
public $readonly;
/** The field is mandatory */
public $mandatory;
/** The statut of error of the field */
public $error;
/** Number of rows */
public $rows;
/** Number of columns */
public $cols;
/** The Bootstrap width of the column of titles */
public $titlewidth = 2;
/** The Bootstrap width of the column of fields */
public $fieldwidth = 10;
/** When adding a field, the name and the label are the minimum mandatory
* @param string $name Name of the field
* @param string $label Label of the field */
public function __construct ($name, $label)
{
$this->name = $name;
$this->label = $label;
}
/** Display really the form */
public function display ()
{
$func = "field".$this->type;
return $this->$func ();
}
/** Return the checkbox defined */
public function fieldcheckbox ()
{
// No $this->multiple, $this->rows $this->cols $this->placeholder,
// $this->maxlength
$res = "";
$res .= "
\n"; // End form-group
return $res;
}
/** Return the radio field defined */
public function fieldradio ()
{
$res = "";
// No $this->multiple, $this->rows $this->cols $this->placeholder
// $this->maxlength
$res .= "
\n"; // End form-group
return $res;
}
/** Return the text defined */
public function fieldtext ()
{
$res = "";
// No $this->multiple, $this->titles, $this->rows, $this->cols
$res .= "