* @copyright PrestaShop
* @license http://www.opensource.org/licenses/osl-3.0.php Open-source licence 3.0
* @version 1.3
*
*/
abstract class AdminTab
{
/** @var integer Tab id */
public $id = -1;
/** @var string Associated table name */
public $table;
/** @var string Object identifier inside the associated table */
protected $identifier = false;
/** @var string Tab name */
public $name;
/** @var string Security token */
public $token;
/** @var boolean Automatically join language table if true */
public $lang = false;
/** @var boolean Tab Automatically displays edit/delete icons if true */
public $edit = false;
/** @var boolean Tab Automatically displays view icon if true */
public $view = false;
/** @var boolean Tab Automatically displays delete icon if true */
public $delete = false;
/** @var boolean Table records are not deleted but marked as deleted */
public $deleted = false;
/** @var boolean Tab Automatically displays duplicate icon if true */
public $duplicate = false;
/** @var boolean Tab Automatically displays '$color' as background color on listing if true */
public $colorOnBackground = false;
/** @var string Add fields into data query to display list */
protected $_select;
/** @var string Join tables into data query to display list */
protected $_join;
/** @var string Add conditions into data query to display list */
protected $_where;
/** @var string Group rows into data query to display list */
protected $_group;
/** @var string Having rows into data query to display list */
protected $_having;
/** @var array Name and directory where class image are located */
public $fieldImageSettings = array();
/** @var string Image type */
public $imageType = 'jpg';
/** @var array Fields to display in list */
public $fieldsDisplay = array();
/** @var array Cache for query results */
protected $_list = array();
/** @var integer Number of results in list */
protected $_listTotal = 0;
/** @var array WHERE clause determined by filter fields */
protected $_filter = '';
/** @var array Temporary SQL table WHERE clause determinated by filter fields */
protected $_tmpTableFilter = '';
/** @var array Number of results in list per page (used in select field) */
protected $_pagination = array(20, 50, 100, 300);
/** @var string ORDER BY clause determined by field/arrows in list header */
protected $_orderBy;
/** @var string Default ORDER BY clause when $_orderBy is not defined */
protected $_defaultOrderBy = false;
/** @var string Order way (ASC, DESC) determined by arrows in list header */
protected $_orderWay;
/** @var integer Max image size for upload */
protected $maxImageSize = 2000000;
/** @var array Errors displayed after post processing */
public $_errors = array();
/** @var array Confirmations displayed after post processing */
private $_conf;
/** @var object Object corresponding to the tab */
private $_object = false;
/** @var array tabAccess */
public $tabAccess;
/** @var bool Redirect or not ater a creation */
protected $_redirect = true;
protected $_languages = NULL;
protected $_defaultFormLanguage = NULL;
private $_includeObj = array();
protected $_includeVars = false;
protected $_includeContainer = true;
public function __construct()
{
global $cookie;
$this->id = Tab::getCurrentTabId();
$this->_conf = array(
1 => $this->l('Deletion successful'), 2 => $this->l('Selection successfully deleted'),
3 => $this->l('Creation successful'), 4 => $this->l('Update successful'),
5 => $this->l('Status update successful'), 6 => $this->l('Settings update successful'),
7 => $this->l('Image successfully deleted'), 8 => $this->l('Module downloaded successfully'),
9 => $this->l('Thumbnails successfully regenerated'), 10 => $this->l('Message sent to the customer'),
11 => $this->l('Comment added'), 12 => $this->l('Module installed successfully'),
13 => $this->l('Module uninstalled successfully'), 14 => $this->l('Language successfully copied'),
15 => $this->l('Translations successfully added'), 16 => $this->l('Module transplanted successfully to hook'),
17 => $this->l('Module removed successfully from hook'), 18 => $this->l('Upload successful'),
19 => $this->l('Duplication successfully done'), 20 => $this->l('Translation added successfully but the language has been not created'));
if (!$this->identifier) $this->identifier = 'id_'.$this->table;
if (!$this->_defaultOrderBy) $this->_defaultOrderBy = $this->identifier;
$className = get_class($this);
if ($className == 'AdminCategories' OR $className == 'AdminProducts')
$className = 'AdminCatalog';
$this->token = Tools::getAdminToken($className.intval($this->id).intval($cookie->id_employee));
}
protected function l($string, $class = __CLASS__, $addslashes = FALSE, $htmlentities = TRUE)
{
global $_LANGADM;
/* Disabled in 1.3a1 version for performance issues, however that case must not appen
if (!is_array($_LANGADM))
{
return str_replace('"', '"', $string);
}
*/
$key = md5(str_replace('\'', '\\\'', $string));
$str = (key_exists(get_class($this).$key, $_LANGADM)) ? $_LANGADM[get_class($this).$key] : ((key_exists($class.$key, $_LANGADM)) ? $_LANGADM[$class.$key] : $string);
$str = $htmlentities ? htmlentities($str, ENT_QUOTES, 'utf-8') : $str;
return str_replace('"', '"', ($addslashes ? addslashes($str) : stripslashes($str)));
}
/**
* Manage page display (form, list...)
*
* @global string $currentIndex Current URL in order to keep current Tab
*/
public function display()
{
global $currentIndex, $cookie;
// Include other tab in current tab
if ($this->includeSubTab('display', array('submitAdd2', 'add', 'update', 'view')));
// Include current tab
elseif ((Tools::getValue('submitAdd'.$this->table) AND sizeof($this->_errors)) OR isset($_GET['add'.$this->table]))
{
if ($this->tabAccess['add'] === '1')
{
$this->displayForm();
echo '
'.$this->l('Back to list').' ';
}
else
echo $this->l('You do not have permission to add here');
}
elseif (isset($_GET['update'.$this->table]))
{
if ($this->tabAccess['edit'] === '1')
{
$this->displayForm();
echo '
'.$this->l('Back to list').' ';
}
else
echo $this->l('You do not have permission to edit here');
}
elseif (isset($_GET['view'.$this->table]))
$this->{'view'.$this->table}();
else
{
$this->getList(intval($cookie->id_lang));
$this->displayList();
$this->displayOptionsList();
$this->includeSubTab('display');
}
}
public function includeSubTab($methodname, $actions = array())
{
if (!isset($this->_includeTab) OR !is_array($this->_includeTab))
return ;
$key = 0;
foreach ($this->_includeTab as $subtab => $extraVars)
{
/* New tab loading */
$classname = 'Admin'.$subtab;
if ($module = Db::getInstance()->getValue('SELECT `module` FROM `'._DB_PREFIX_.'tab` WHERE `class_name` = \''.pSQL($classname).'\'') AND file_exists(_PS_MODULE_DIR_.'/'.$module.'/'.$classname.'.php'))
include_once(_PS_MODULE_DIR_.'/'.$module.'/'.$classname.'.php');
elseif (file_exists(PS_ADMIN_DIR.'/tabs/'.$classname.'.php'))
include_once('tabs/'.$classname.'.php');
if (!isset($this->_includeObj[$key]))
$this->_includeObj[$key] = new $classname;
$adminTab = $this->_includeObj[$key];
$adminTab->token = $this->token;
/* Extra variables addition */
if (!empty($extraVars) AND is_array($extraVars))
foreach ($extraVars AS $varKey => $varValue)
$adminTab->$varKey = $varValue;
/* Actions management */
foreach ($actions as $action)
{
switch ($action)
{
case 'submitAdd1':
if (Tools::getValue('submitAdd'.$adminTab->table))
$ok_inc = true;
break;
case 'submitAdd2':
if (Tools::getValue('submitAdd'.$adminTab->table) AND sizeof($adminTab->_errors))
$ok_inc = true;
break;
case 'submitDel':
if (Tools::getValue('submitDel'.$adminTab->table))
$ok_inc = true;
break;
case 'submitFilter':
if (Tools::isSubmit('submitFilter'.$adminTab->table))
$ok_inc = true;
case 'submitReset':
if (Tools::isSubmit('submitReset'.$adminTab->table))
$ok_inc = true;
default:
if (isset($_GET[$action.$adminTab->table]))
$ok_inc = true;
}
}
$inc = false;
if ((isset($ok_inc) AND $ok_inc) OR !sizeof($actions))
{
if (!$adminTab->viewAccess())
{
echo Tools::displayError('access denied');
return false;
}
if (!sizeof($actions))
if (($methodname == 'displayErrors' AND sizeof($adminTab->_errors)) OR $methodname != 'displayErrors')
echo (isset($this->_includeTabTitle[$key]) ? '
'.$this->_includeTabTitle[$key].'
' : '');
if ($adminTab->_includeVars)
foreach ($adminTab->_includeVars AS $var => $value)
$adminTab->$var = $this->$value;
$adminTab->$methodname();
$inc = true;
}
$key++;
}
return $inc;
}
/**
* Manage page display (form, list...)
*
* @param string $className Allow to validate a different class than the current one
*/
public function validateRules($className = false)
{
if (!$className)
$className = $this->className;
/* Class specific validation rules */
$rules = call_user_func(array($className, 'getValidationRules'), $className);
if ((sizeof($rules['requiredLang']) OR sizeof($rules['sizeLang']) OR sizeof($rules['validateLang'])))
{
/* Language() instance determined by default language */
$defaultLanguage = new Language(intval(Configuration::get('PS_LANG_DEFAULT')));
/* All availables languages */
$languages = Language::getLanguages();
}
/* Checking for required fields */
foreach ($rules['required'] AS $field)
if (($value = Tools::getValue($field)) == false AND (string)$value != '0')
if (!Tools::getValue($this->identifier) OR ($field != 'passwd' AND $field != 'no-picture'))
$this->_errors[] = $this->l('the field').' '.call_user_func(array($className, 'displayFieldName'), $field, $className).' '.$this->l('is required');
/* Checking for multilingual required fields */
foreach ($rules['requiredLang'] AS $fieldLang)
if (($empty = Tools::getValue($fieldLang.'_'.$defaultLanguage->id)) === false OR empty($empty))
$this->_errors[] = $this->l('the field').' '.call_user_func(array($className, 'displayFieldName'), $fieldLang, $className).' '.$this->l('is required at least in').' '.$defaultLanguage->name;
/* Checking for maximum fields sizes */
foreach ($rules['size'] AS $field => $maxLength)
if (Tools::getValue($field) !== false AND Tools::strlen(Tools::getValue($field)) > $maxLength)
$this->_errors[] = $this->l('the field').' '.call_user_func(array($className, 'displayFieldName'), $field, $className).' '.$this->l('is too long').' ('.$maxLength.' '.$this->l('chars max').')';
/* Checking for maximum multilingual fields size */
foreach ($rules['sizeLang'] AS $fieldLang => $maxLength)
foreach ($languages AS $language)
if (Tools::getValue($fieldLang.'_'.$language['id_lang']) !== false AND Tools::strlen(Tools::getValue($fieldLang.'_'.$language['id_lang'])) > $maxLength)
$this->_errors[] = $this->l('the field').' '.call_user_func(array($className, 'displayFieldName'), $fieldLang, $className).' ('.$language['name'].') '.$this->l('is too long').' ('.$maxLength.' '.$this->l('chars max').')';
/* Overload this method for custom checking */
$this->_childValidation();
/* Checking for fields validity */
foreach ($rules['validate'] AS $field => $function)
if (($value = Tools::getValue($field)) !== false AND ($field != 'passwd'))
if (!Validate::$function($value))
$this->_errors[] = $this->l('the field').' '.call_user_func(array($className, 'displayFieldName'), $field, $className).' '.$this->l('is invalid');
/* Checking for passwd_old validity */
if (($value = Tools::getValue('passwd')) != false)
{
if ($className == 'Employee' AND !Validate::isPasswdAdmin($value))
$this->_errors[] = $this->l('the field').' '.call_user_func(array($className, 'displayFieldName'), 'passwd', $className).' '.$this->l('is invalid');
elseif ($className == 'Customer' AND !Validate::isPasswd($value))
$this->_errors[] = $this->l('the field').' '.call_user_func(array($className, 'displayFieldName'), 'passwd', $className).' '.$this->l('is invalid');
}
/* Checking for multilingual fields validity */
foreach ($rules['validateLang'] AS $fieldLang => $function)
foreach ($languages AS $language)
if (($value = Tools::getValue($fieldLang.'_'.$language['id_lang'])) !== false AND !empty($value))
if (!Validate::$function($value))
$this->_errors[] = $this->l('the field').' '.call_user_func(array($className, 'displayFieldName'), $fieldLang, $className).' ('.$language['name'].') '.$this->l('is invalid');
}
/**
* Overload this method for custom checking
*/
protected function _childValidation() { }
/**
* Overload this method for custom checking
*
* @param integer $id Object id used for deleting images
*/
public function deleteImage($id)
{
$dir = null;
/* Deleting object images and thumbnails (cache) */
if (key_exists('dir', $this->fieldImageSettings) AND $this->fieldImageSettings['dir'].'/')
{
$dir = $this->fieldImageSettings['dir'].'/';
if (file_exists(_PS_IMG_DIR_.$dir.$id.'.'.$this->imageType) AND !unlink(_PS_IMG_DIR_.$dir.$id.'.'.$this->imageType))
return false;
}
if (file_exists(_PS_TMP_IMG_DIR_.$this->table.'_'.$id.'.'.$this->imageType) AND !unlink(_PS_TMP_IMG_DIR_.$this->table.'_'.$id.'.'.$this->imageType))
return false;
if (file_exists(_PS_TMP_IMG_DIR_.$this->table.'_mini_'.$id.'.'.$this->imageType) AND !unlink(_PS_TMP_IMG_DIR_.$this->table.'_mini_'.$id.'.'.$this->imageType))
return false;
$types = ImageType::getImagesTypes();
foreach ($types AS $imageType)
if (file_exists(_PS_IMG_DIR_.$dir.$id.'-'.stripslashes($imageType['name']).'.'.$this->imageType) AND !unlink(_PS_IMG_DIR_.$dir.$id.'-'.stripslashes($imageType['name']).'.'.$this->imageType))
return false;
return true;
}
/**
* Manage page processing
*
* @global string $currentIndex Current URL in order to keep current Tab
*/
public function postProcess()
{
global $currentIndex, $cookie;
if (!isset($this->table))
return false;
// set token
$token = Tools::getValue('token') ? Tools::getValue('token') : $this->token;
// Sub included tab postProcessing
$this->includeSubTab('postProcess', array('submitAdd1', 'submitDel', 'delete', 'submitFilter', 'submitReset'));
/* Delete object image */
if (isset($_GET['deleteImage']))
{
if (Validate::isLoadedObject($object = $this->loadObject()) AND isset($this->fieldImageSettings))
if ($this->deleteImage($object->id))
Tools::redirectAdmin($currentIndex.'&add'.$this->table.'&'.$this->identifier.'='.Tools::getValue($this->identifier).'&conf=7&token='.$token);
$this->_errors[] = Tools::displayError('an error occurred during image deletion (cannot load object)');
}
/* Delete object */
elseif (isset($_GET['delete'.$this->table]))
{
if ($this->tabAccess['delete'] === '1')
{
if (Validate::isLoadedObject($object = $this->loadObject()) AND isset($this->fieldImageSettings))
{
// check if request at least one object with noZeroObject
if (isset($object->noZeroObject) AND sizeof($taxes = call_user_func(array($this->className, $object->noZeroObject))) <= 1)
$this->_errors[] = Tools::displayError('you need at least one object').' '.$this->table.''.Tools::displayError(', you cannot delete all of them');
else
{
$this->deleteImage($object->id);
if ($this->deleted)
{
$object->deleted = 1;
if ($object->update())
Tools::redirectAdmin($currentIndex.'&conf=1&token='.$token);
}
elseif ($object->delete())
Tools::redirectAdmin($currentIndex.'&conf=1&token='.$token);
$this->_errors[] = Tools::displayError('an error occurred during deletion');
}
}
else
$this->_errors[] = Tools::displayError('an error occurred while deleting object').' '.$this->table.' '.Tools::displayError('(cannot load object)');
}
else
$this->_errors[] = Tools::displayError('You do not have permission to delete here.');
}
/* Change object statuts (active, inactive) */
elseif (isset($_GET['status']) AND Tools::getValue($this->identifier))
{
if ($this->tabAccess['edit'] === '1')
{
if (Validate::isLoadedObject($object = $this->loadObject()))
{
if ($object->toggleStatus())
Tools::redirectAdmin($currentIndex.'&conf=5'.((($id_category = intval(Tools::getValue('id_category'))) AND Tools::getValue('id_product')) ? '&id_category='.$id_category : '').'&token='.$token);
else
$this->_errors[] = Tools::displayError('an error occurred while updating status');
}
else
$this->_errors[] = Tools::displayError('an error occurred while updating status for object').' '.$this->table.' '.Tools::displayError('(cannot load object)');
}
else
$this->_errors[] = Tools::displayError('You do not have permission to edit anything here.');
}
/* Move an object */
elseif (isset($_GET['position']))
{
if ($this->tabAccess['edit'] !== '1')
$this->_errors[] = Tools::displayError('You do not have permission to edit anything here.');
elseif (!Validate::isLoadedObject($object = $this->loadObject()))
$this->_errors[] = Tools::displayError('an error occurred while updating status for object').' '.$this->table.' '.Tools::displayError('(cannot load object)');
elseif (!$object->updatePosition(intval(Tools::getValue('way')), intval(Tools::getValue('position'))))
$this->_errors[] = Tools::displayError('Failed to update the position.');
else
Tools::redirectAdmin($currentIndex.'&'.$this->table.'Orderby=position&'.$this->table.'Orderway=asc&conf=5'.((($id_category = intval(Tools::getValue('id_category'))) AND Tools::getValue('id_product')) ? '&id_category='.$id_category : '').'&token='.$token);
}
/* Delete multiple objects */
elseif (Tools::getValue('submitDel'.$this->table))
{
if ($this->tabAccess['delete'] === '1')
{
if (isset($_POST[$this->table.'Box']))
{
$object = new $this->className();
if (isset($object->noZeroObject) AND
// Check if all object will be deleted
(sizeof(call_user_func(array($this->className, $object->noZeroObject))) <= 1 OR sizeof($_POST[$this->table.'Box']) == sizeof(call_user_func(array($this->className, $object->noZeroObject)))))
$this->_errors[] = Tools::displayError('you need at least one object').' '.$this->table.''.Tools::displayError(', you cannot delete all of them');
else
{
if ($object->deleteSelection($_POST[$this->table.'Box']))
Tools::redirectAdmin($currentIndex.'&conf=2&token='.$token);
$this->_errors[] = Tools::displayError('an error occurred while deleting selection');
}
}
else
$this->_errors[] = Tools::displayError('you must select at least one element to delete');
}
else
$this->_errors[] = Tools::displayError('You do not have permission to delete here.');
}
/* Create or update an object */
elseif (Tools::getValue('submitAdd'.$this->table))
{
/* Checking fields validity */
$this->validateRules();
if (!sizeof($this->_errors))
{
$id = intval(Tools::getValue($this->identifier));
/* Object update */
if (isset($id) AND !empty($id))
{
if ($this->tabAccess['edit'] === '1')
{
$object = new $this->className($id);
if (Validate::isLoadedObject($object))
{
/* Specific to objects which must not be deleted */
if ($this->deleted AND $this->beforeDelete($object))
{
// Create new one with old objet values
$objectNew = new $this->className($object->id);
$objectNew->id = NULL;
$objectNew->date_add = '';
$objectNew->date_upd = '';
// Update old object to deleted
$object->deleted = 1;
$object->update();
// Update new object with post values
$this->copyFromPost($objectNew, $this->table);
$result = $objectNew->add();
if (Validate::isLoadedObject($objectNew))
$this->afterDelete($objectNew, $object->id);
}
else
{
$this->copyFromPost($object, $this->table);
$result = $object->update();
}
if (!$result)
$this->_errors[] = Tools::displayError('an error occurred while updating object').' '.$this->table.' ('.Db::getInstance()->getMsgError().')';
elseif ($this->postImage($object->id) AND !sizeof($this->_errors))
{
$parent_id = intval(Tools::getValue('id_parent', 1));
// Specific back redirect
if ($back = Tools::getValue('back'))
Tools::redirectAdmin(urldecode($back).'&conf=4');
// Specific scene feature
if (Tools::getValue('stay_here') == 'on' || Tools::getValue('stay_here') == 'true' || Tools::getValue('stay_here') == '1')
Tools::redirectAdmin($currentIndex.'&'.$this->identifier.'='.$object->id.'&conf=4&updatescene&token='.$token);
// Save and stay on same form
if (Tools::isSubmit('submitAdd'.$this->table.'AndStay'))
Tools::redirectAdmin($currentIndex.'&'.$this->identifier.'='.$object->id.'&conf=4&update'.$this->table.'&token='.$token);
// Save and back to parent
if (Tools::isSubmit('submitAdd'.$this->table.'AndBackToParent'))
Tools::redirectAdmin($currentIndex.'&'.$this->identifier.'='.$parent_id.'&conf=3&token='.$token);
// Default behavior (save and back)
Tools::redirectAdmin($currentIndex.($parent_id ? '&'.$this->identifier.'='.$object->id : '').'&conf=3&token='.$token);
}
}
else
$this->_errors[] = Tools::displayError('an error occurred while updating object').' '.$this->table.' '.Tools::displayError('(cannot load object)');
}
else
$this->_errors[] = Tools::displayError('You do not have permission to edit anything here.');
}
/* Object creation */
else
{
if ($this->tabAccess['add'] === '1')
{
$object = new $this->className();
$this->copyFromPost($object, $this->table);
if (!$object->add())
$this->_errors[] = Tools::displayError('an error occurred while creating object').' '.$this->table.' ('.mysql_error().')';
elseif (($_POST[$this->identifier] = $object->id /* voluntary */) AND $this->postImage($object->id) AND !sizeof($this->_errors) AND $this->_redirect)
{
$parent_id = intval(Tools::getValue('id_parent', 1));
// Save and stay on same form
if (Tools::isSubmit('submitAdd'.$this->table.'AndStay'))
Tools::redirectAdmin($currentIndex.'&'.$this->identifier.'='.$object->id.'&conf=3&update'.$this->table.'&token='.$token);
// Save and back to parent
if (Tools::isSubmit('submitAdd'.$this->table.'AndBackToParent'))
Tools::redirectAdmin($currentIndex.'&'.$this->identifier.'='.$parent_id.'&conf=3&token='.$token);
// Default behavior (save and back)
Tools::redirectAdmin($currentIndex.($parent_id ? '&'.$this->identifier.'='.$object->id : '').'&conf=3&token='.$token);
}
}
else
$this->_errors[] = Tools::displayError('You do not have permission to add anything here.');
}
}
$this->_errors = array_unique($this->_errors);
}
/* Cancel all filters for this tab */
elseif (isset($_POST['submitReset'.$this->table]))
{
$filters = $cookie->getFamily($this->table.'Filter_');
foreach ($filters AS $cookieKey => $filter)
if (strncmp($cookieKey, $this->table.'Filter_', 7 + Tools::strlen($this->table)) == 0)
{
$key = substr($cookieKey, 7 + Tools::strlen($this->table));
/* Table alias could be specified using a ! eg. alias!field */
$tmpTab = explode('!', $key);
$key = (count($tmpTab) > 1 ? $tmpTab[1] : $tmpTab[0]);
if (array_key_exists($key, $this->fieldsDisplay))
unset($cookie->$cookieKey);
}
if (isset($cookie->{'submitFilter'.$this->table}))
unset($cookie->{'submitFilter'.$this->table});
if (isset($cookie->{$this->table.'Orderby'}))
unset($cookie->{$this->table.'Orderby'});
if (isset($cookie->{$this->table.'Orderway'}))
unset($cookie->{$this->table.'Orderway'});
unset($_POST);
}
/* Submit options list */
elseif (Tools::getValue('submitOptions'.$this->table))
{
if ($this->tabAccess['edit'] === '1')
{
foreach ($this->_fieldsOptions as $key => $field)
{
if ($field['type'] == 'textLang')
{
$languages = Language::getLanguages();
$list = array();
foreach ($languages as $language)
$list[$language['id_lang']] = (isset($field['cast']) ? $field['cast'](Tools::getValue($key.'_'.$language['id_lang'])) : Tools::getValue($key.'_'.$language['id_lang']));
Configuration::updateValue($key, $list);
} else
Configuration::updateValue($key, (isset($field['cast']) ? $field['cast'](Tools::getValue($key)) : Tools::getValue($key)));
}
Tools::redirectAdmin($currentIndex.'&conf=6&token='.$token);
}
else
$this->_errors[] = Tools::displayError('You do not have permission to edit anything here.');
}
/* Manage list filtering */
elseif (Tools::isSubmit('submitFilter'.$this->table) OR $cookie->{'submitFilter'.$this->table} !== false)
{
$object = new $this->className();
$_POST = array_merge($cookie->getFamily($this->table.'Filter_'), (isset($_POST) ? $_POST : array()));
foreach ($_POST AS $key => $value)
{
/* Extracting filters from $_POST on key filter_ */
if ($value != NULL AND !strncmp($key, $this->table.'Filter_', 7 + Tools::strlen($this->table)))
{
$key = Tools::substr($key, 7 + Tools::strlen($this->table));
/* Table alias could be specified using a ! eg. alias!field */
$tmpTab = explode('!', $key);
$filter = count($tmpTab) > 1 ? $tmpTab[1] : $tmpTab[0];
if ($field = $this->filterToField($key, $filter))
{
$type = (array_key_exists('filter_type', $field) ? $field['filter_type'] : (array_key_exists('type', $field) ? $field['type'] : false));
if (($type == 'date' OR $type == 'datetime') AND is_string($value))
$value = unserialize($value);
$key = isset($tmpTab[1]) ? $tmpTab[0].'.`'.$tmpTab[1].'`' : '`'.$tmpTab[0].'`';
if (array_key_exists('tmpTableFilter', $field))
$sqlFilter = & $this->_tmpTableFilter;
elseif (array_key_exists('havingFilter', $field))
$sqlFilter = & $this->_filterHaving;
else
$sqlFilter = & $this->_filter;
/* Only for date filtering (from, to) */
if (is_array($value))
{
if (isset($value[0]) AND !empty($value[0]))
{
if (!Validate::isDate($value[0]))
$this->_errors[] = Tools::displayError('\'from:\' date format is invalid (YYYY-MM-DD)');
else
$sqlFilter .= ' AND '.pSQL($key).' >= \''.pSQL(Tools::dateFrom($value[0])).'\'';
}
if (isset($value[1]) AND !empty($value[1]))
{
if (!Validate::isDate($value[1]))
$this->_errors[] = Tools::displayError('\'to:\' date format is invalid (YYYY-MM-DD)');
else
$sqlFilter .= ' AND '.pSQL($key).' <= \''.pSQL(Tools::dateTo($value[1])).'\'';
}
}
else
{
$sqlFilter .= ' AND ';
if ($type == 'int' OR $type == 'bool')
$sqlFilter .= (($key == $this->identifier OR $key == '`'.$this->identifier.'`') ? 'a.' : '').pSQL($key).' = '.intval($value).' ';
elseif ($type == 'decimal')
$sqlFilter .= (($key == $this->identifier OR $key == '`'.$this->identifier.'`') ? 'a.' : '').pSQL($key).' = '.floatval($value).' ';
else
$sqlFilter .= (($key == $this->identifier OR $key == '`'.$this->identifier.'`') ? 'a.' : '').pSQL($key).' LIKE \'%'.pSQL($value).'%\' ';
}
}
}
}
}
}
protected function uploadImage($id, $name, $dir, $ext = false)
{
if (isset($_FILES[$name]['tmp_name']) AND !empty($_FILES[$name]['tmp_name']))
{
// Delete old image
$this->deleteImage($id);
// Check image validity
if ($error = checkImage($_FILES[$name], $this->maxImageSize))
$this->_errors[] = $error;
elseif (!$tmpName = tempnam(_PS_TMP_IMG_DIR_, 'PS') OR !move_uploaded_file($_FILES[$name]['tmp_name'], $tmpName))
return false;
else
{
$_FILES[$name]['tmp_name'] = $tmpName;
// Copy new image
if (!imageResize($tmpName, _PS_IMG_DIR_.$dir.$id.'.'.$this->imageType, NULL, NULL, ($ext ? $ext : $this->imageType)))
$this->_errors[] = Tools::displayError('an error occurred while uploading image');
if (sizeof($this->_errors))
return false;
if ($this->afterImageUpload())
{
unlink($tmpName);
return true;
}
return false;
}
}
return true;
}
protected function uploadIco($name, $dest)
{
if (isset($_FILES[$name]['tmp_name']) AND !empty($_FILES[$name]['tmp_name']))
{
/* Check ico validity */
if ($error = checkIco($_FILES[$name], $this->maxImageSize))
$this->_errors[] = $error;
/* Copy new ico */
elseif(!copy($_FILES[$name]['tmp_name'], $dest))
$this->_errors[] = Tools::displayError('an error occurred while uploading favicon: '.$_FILES[$name]['tmp_name'].' to '.$dest);
}
return !sizeof($this->_errors) ? true : false;
}
/**
* Overload this method for custom checking
*
* @param integer $id Object id used for deleting images
* @return boolean
*/
protected function postImage($id)
{
if (isset($this->fieldImageSettings['name']) AND isset($this->fieldImageSettings['dir']))
return $this->uploadImage($id, $this->fieldImageSettings['name'], $this->fieldImageSettings['dir'].'/');
elseif (!empty($this->fieldImageSettings))
foreach ($this->fieldImageSettings AS $image)
if (isset($image['name']) AND isset($image['dir']))
$this->uploadImage($id, $image['name'], $image['dir'].'/');
return !sizeof($this->_errors) ? true : false;
}
/**
* Copy datas from $_POST to object
*
* @param object &$object Object
* @param string $table Object table
*/
protected function copyFromPost(&$object, $table)
{
/* Classical fields */
foreach ($_POST AS $key => $value)
if (key_exists($key, $object) AND $key != 'id_'.$table)
{
/* Do not take care of password field if empty */
if ($key == 'passwd' AND Tools::getValue('id_'.$table) AND empty($value))
continue;
/* Automatically encrypt password in MD5 */
if ($key == 'passwd' AND !empty($value))
$value = Tools::encrypt($value);
$object->{$key} = $value;
}
/* Multilingual fields */
$rules = call_user_func(array(get_class($object), 'getValidationRules'), get_class($object));
if (sizeof($rules['validateLang']))
{
$languages = Language::getLanguages();
foreach ($languages AS $language)
foreach ($rules['validateLang'] AS $field => $validation)
if (isset($_POST[$field.'_'.intval($language['id_lang'])]))
$object->{$field}[intval($language['id_lang'])] = $_POST[$field.'_'.intval($language['id_lang'])];
}
}
/**
* Display errors
*/
public function displayErrors()
{
if ($nbErrors = sizeof($this->_errors) AND $this->_includeContainer)
{
echo '
';
}
/**
* Display list header (filtering, pagination and column names)
*
* @global string $currentIndex Current URL in order to keep current Tab
*/
public function displayListHeader($token = NULL)
{
global $currentIndex, $cookie;
if (!isset($token) OR empty($token))
$token = $this->token;
/* Determine total page number */
$totalPages = ceil($this->_listTotal / Tools::getValue('pagination', (isset($cookie->{$this->table.'_pagination'}) ? $cookie->{$this->table.'_pagination'} : $this->_pagination[0])));
if (!$totalPages) $totalPages = 1;
echo '';
echo '';
if (isset($this->_includeTab) AND sizeof($this->_includeTab))
echo '
';
}
/**
* Options lists
*/
public function displayOptionsList()
{
global $currentIndex, $cookie, $tab;
if (!isset($this->_fieldsOptions) OR !sizeof($this->_fieldsOptions))
return ;
$defaultLanguage = intval(Configuration::get('PS_LANG_DEFAULT'));
$languages = Language::getLanguages();
$tab = Tab::getTab(intval($cookie->id_lang), Tab::getIdFromClassName($tab));
echo '
';
echo (isset($this->optionTitle) ? '
'.$this->optionTitle.'
' : '');
echo '
';
}
/**
* Load class object using identifier in $_GET (if possible)
* otherwise return an empty object, or die
*
* @param boolean $opt Return an empty object if load fail
* @return object
*/
protected function loadObject($opt = false)
{
if ($id = intval(Tools::getValue($this->identifier)) AND Validate::isUnsignedId($id))
{
if (!$this->_object)
$this->_object = new $this->className($id);
if (!Validate::isLoadedObject($this->_object))
die (Tools::displayError('object cannot be loaded'));
return $this->_object;
}
elseif ($opt)
{
$this->_object = new $this->className();
return $this->_object;
}
else
die(Tools::displayError('object cannot be loaded'));
}
/**
* Return field value if possible (both classical and multilingual fields)
*
* Case 1 : Return value if present in $_POST / $_GET
* Case 2 : Return object value
*
* @param object $obj Object
* @param string $key Field name
* @param integer $id_lang Language id (optional)
* @return string
*/
protected function getFieldValue($obj, $key, $id_lang = NULL)
{
if ($id_lang)
$defaultValue = ($obj->id AND isset($obj->{$key}[$id_lang])) ? $obj->{$key}[$id_lang] : '';
else
$defaultValue = isset($obj->{$key}) ? $obj->{$key} : '';
return Tools::getValue($key.($id_lang ? '_'.$id_lang : ''), $defaultValue);
}
/**
* Display form
*
* @global string $currentIndex Current URL in order to keep current Tab
*/
public function displayForm($isMainTab = true)
{
global $cookie;
$allowEmployeeFormLang = Configuration::get('PS_BO_ALLOW_EMPLOYEE_FORM_LANG') ? Configuration::get('PS_BO_ALLOW_EMPLOYEE_FORM_LANG') : 0;
if ($allowEmployeeFormLang && !$cookie->employee_form_lang)
$cookie->employee_form_lang = intval(Configuration::get('PS_LANG_DEFAULT'));
$useLangFromCookie = false;
$this->_languages = Language::getLanguages();
if ($allowEmployeeFormLang)
foreach ($this->_languages AS $lang)
if ($cookie->employee_form_lang == $lang['id_lang'])
$useLangFromCookie = true;
if (!$useLangFromCookie)
$this->_defaultFormLanguage = intval(Configuration::get('PS_LANG_DEFAULT'));
else
$this->_defaultFormLanguage = intval($cookie->employee_form_lang);
$output = '
';
echo $output;
}
/**
* Display object details
*
* @global string $currentIndex Current URL in order to keep current Tab
*/
public function viewDetails() { global $currentIndex; }
/**
* Called before deletion
*
* @param object $object Object
* @return boolean
*/
protected function beforeDelete($object) { return true; }
/**
* Called before deletion
*
* @param object $object Object
* @return boolean
*/
protected function afterDelete($object, $oldId) { return true; }
/**
* Check rights to view the current tab
*
* @return boolean
*/
protected function afterImageUpload() {
return true;
}
/**
* Check rights to view the current tab
*
* @return boolean
*/
public function viewAccess($disable = false)
{
global $cookie;
if ($disable)
return true;
$this->tabAccess = Profile::getProfileAccess($cookie->profile, $this->id);
if ($this->tabAccess['view'] === '1')
return true;
return false;
}
/**
* Check for security token
*/
public function checkToken()
{
$token = Tools::getValue('token');
if (!$token OR empty($token) OR ($token != $this->token))
{
echo '
'.Tools::displayError('Invalid security token').'
';
return false;
}
return true;
}
/**
* Display flags in forms for translations
*
* @param array $languages All languages available
* @param integer $defaultLanguage Default language id
* @param string $ids Multilingual div ids in form
* @param string $id Current div id]
* #param boolean $return define the return way : false for a display, true for a return
*/
public function displayFlags($languages, $defaultLanguage, $ids, $id, $return = false)
{
if (sizeof($languages) == 1)
return false;
$defaultIso = Language::getIsoById($defaultLanguage);
$output = '
'.$this->l('Back to list').'
'.$this->_conf[intval($conf)].'
'.$this->l('Delete').'
'.Tools::displayError('Invalid security token').'
!['.$language['name'].'](../img/l/'.intval($language['id_lang']).'.jpg "'.$language['name'].'")
';
$output .= '