/*
* Filename : forms.inc
* Author : hide@address.com,hide@address.com
* Comments : The formclass is a wrapper class for performing any form related functions.
* It simplifies the form submission process and automates various tasks of
* processing inputs from POST/GET operation. The formclass depends on PHPLIB
* for session management and for database management. So, before using formclass,
* PHPLIB should be installed.
*/
class formclass{
var $classname = 'formclass';
var $persistent_slots = array(
'formid','vars', 'primarykeys','query', 'tfvariables','fieldvalues',
'datavalues','tablelist','tablefieldarray','tablefields','no_of_entries',
'allowedtables','autotrigger','filelist','formno','errorout'
);
var $formid;
var $vars; // => contains an array of POST/GET variables depending on form submit method.
var $query; // => contains an array of queries for inserting data.
var $fieldvalues; // => array of all field names sent through form submit indexed by number.
var $datavalues; // => array of values for each field indexed by field name.
var $tablelist; // => array of all table names indexed by tablename.
var $tableparams; // => array of table parameters
var $tablefieldarray; // => array of field names for each table, indexed by tablename
var $tablefields; // => list of fieldnames separated by commas for each table
var $no_of_entries; // => array for each table containing the number of records to be inserted
var $allowedtables; // => array of table names that are allowed - to be inserted by user
var $autotrigger; // => variable holding current page number
var $filelist; // => array of filenames of forms to display indexed by pageno.
var $formno; // => variable used to keep track of current form no of the form displayed
var $primarykeys; // => array of primary keys for each table. "table" => "primarykeys1, pk2.."
var $errorout; // => array holding any errors due to primarykey conflicts
var $db; // => db handler
var $tfvariables;
// Constructor
function formclass(){
$this->filelist = array(); // depends on the no of pages the continuos process of insertion is going to occur
$this->fieldvalues = array();
$this->allowedtables = array();
$this->tfvariables = array();
$this->autotrigger = true;
$this->formno = 0;
$this->db = new DB_Example;
}
// chop the last character in a string and return it.
function chopc($str){
return(substr($str,0,-1));
}
// set auto trigger to true to automate the display of next form in the formlist array.
function set_auto_trigger($yesno){
$this->autotrigger = $yesno;
}
function set_form($id){
$this->formid = $id;
}
function get_form(){
return $this->formid;
}
// restrict the allowed tables for modification by adding the table names here
function set_allowed_tables($tablearray){
foreach($tablearray as $tname){
array_push($this->allowedtables,$tname);
}
}
// set the primary keys that need to be checked for uniqueness before every insert/update.
function set_primary_keys($pkeys){
foreach($pkeys as $table => $key){
$this->primarykeys["$table"] = $key;
}
}
// set default values for fields not passed from the form.
function set_default_values($arrayfields){
foreach($arrayfields as $fieldname => $data){
array_push($this->fieldvalues,$fieldname);
$this->datavalues[$fieldname] = $data;
//echo "<br> setting default values for $fieldname with $data <br>";
}
}
function set_tf_values($arrfields){
// if(!isset($this->tfvariables))
$this->tfvariables = $arrfields;
}
function process_tf($formno){
require 'template.inc';
// echo "the form no is $formno";
// $filename = str_replace("\\","/",$this->filelist[$formno]);
$filename = $this->filelist[$formno];
//echo "<br>the filename = ".$filename;
$t = new Template();
$t->set_file('mainpage',$filename);
$t->set_var($this->tfvariables);
$t->parse('output', 'mainpage');
$t->p('output');
}
function getval($variable){
//echo "<script>alert($variable)</script>";
return ($this->datavalues[$variable]);
}
function add($filename){
array_push($this->filelist, $filename);
//echo "<br> adding file $filename, ".sizeof($this->filelist)." <br>";
}
// get the next formname in the formlist
function next(){
if($this->formno != sizeof($this->filelist)){
$formname = key($this->filelist);
//echo "the formname is $formname";
next($this->filelist);
return $formname;
} else{
return false;
}
}
function show($formno){
header ('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); // Date in the past
header ('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); // always modified
header ('Cache-Control: no-cache, must-revalidate'); // HTTP/1.1
header ('Pragma: no-cache'); // HTTP/1.0
$this->formno = $formno;
if($formno < sizeof($this->filelist)){
if(!empty($this->tfvariables)){
$this->process_tf($formno);
} else{
include $this->filelist[$formno];
}
}
}
// get the next formname and show
function shownext(){
if(!empty($this->errorout)){
$this->show($this->formno);
//echo '<h2> what the heck is this error ? </h2>';
} else{
$this->formno++;
if($this->formno < sizeof($this->filelist)){
$this->show($this->formno);
} else{
// echo "<h2> no page to show </h2>";
}
}
}
// get the name=value pairs and pass it to create_variable_map() for parsing.
function gethttpvars(){
global $HTTP_POST_VARS;
global $HTTP_GET_VARS;
// CHECK for POST/GET & Assign the name-pair values to variable $vars.
// Works with both POST & GET.
if($HTTP_POST_VARS){
$this->vars = $HTTP_POST_VARS;
} elseif($HTTP_GET_VARS){
$this->vars = $HTTP_GET_VARS;
} else{
return (false);
}
if ($this->create_variable_map()){
return (true);
}
} // end of function gethttpvars()
// returns true if end of form is reached.
function end(){
if($this->formno >= sizeof($this->filelist)){
return true;
} else{
return false;
}
}
// validate for primary keys. check if the primary key value to be inserted is unique.
function validate(){
if(empty($this->tablelist)){
return;
}
$errorout = array();
foreach($this->tablelist as $tl){
$selectquery = "select * from $tl where ";
if($this->primarykeys[$tl] != ""){
$pk = explode(',',$this->primarykeys[$tl]);
foreach($pk as $key){
$selectquery .= "$key = '".$this->datavalues[$key]."' and ";
//echo "the query is$selectquery";
}
$selectquery = substr($selectquery,0,-4) . ';';
$numrows = $this->execute_query($selectquery);
if($numrows > 0){
array_push($errorout,$this->primarykeys[$tl]);
}
}
}
return $errorout;
}
// execute a query
function execute_query($querystr){
global $db;
$ret = $this->db->query($querystr);
return($this->db->nf());
// return (0);
}
// execute a set of queries in a array.
function execute_queryset($queryset){
global $db;
if($queryset == 0){
return;
}
foreach($queryset as $q){
//echo "<br> Query is : $q <br>";
$this->db->query($q);
}
return $ret;
}
// check if the user is allowed to access the table.
function checkvalidity($tablename){
if(empty($this->allowedtables)){
return (true);
}
if(in_array($tablename,$this->allowedtables)){
return (true);
} else{
//echo "<h2>nice try.. The tablename $tablename is invalid!</h2>";
return (false);
}
}
// 1. create fieldvalues[] array containing list of all fields in the form
// 2. create datavalues[] array containing the values for the fields.
// 3. find the no. of entries for each table.
function create_variable_map(){
$counter = 0;
// Walk through the name value pairs created
foreach($this->vars as $k => $v){
if((strcasecmp(substr($k,0,5),'table') != 0) && (strcasecmp(trim($k),'submit') != 0)){
array_push($this->fieldvalues,trim($k));
$this->datavalues[$k] = '';
if(is_array($v)){
foreach($v as $vsub){
$this->datavalues[$k] .= trim($vsub).",";
}
$this->datavalues[$k] = substr($this->datavalues[$k],0,-1);
} else{
$this->datavalues[$k] = $v;
}
} else if(strcasecmp(substr($k,0,5),'table') == 0){
$this->tableparams = explode(',',$v);
if(strrpos($this->tableparams[0],'#') ){
$n = explode('#',$this->tableparams[0]);
$tablename = $n[0];
$this->tablelist[$tablename] = $tablename;
$this->no_of_entries[$tablename] = $n[1];
} else{
$tablename = trim(strtolower($this->tableparams[0]));
$this->tablelist[$tablename] = $tablename;
$this->no_of_entries[$tablename] = 1;
}
unset($this->tableparams[0]);
$this->tablefieldarray[$tablename] = $this->tableparams;
$this->tablefields[$tablename] = '';
foreach($this->tableparams as $tp){
$tp = trim(strtolower($tp));
$this->tablefields[$tablename] .= "$tp,";
}
}
}
return(1);
}
// generate queries based on fieldvalues[] and datavalues[] for updating the database.
function generate_update_queries(){
$q_no = 0;
if(empty($this->tablelist)){
return(0);
}
foreach($this->tablelist as $tl){
if(!$this->checkvalidity($tl)){
continue;
}
if($this->no_of_entries[$tl] <= 1){
$this->tablefields[$tl] = "";
$selectquery = "";
if($this->primarykeys[$tl] != ""){
$pk = explode(",",$this->primarykeys[$tl]);
foreach($pk as $key){
$selectquery .= $key . " = '".$this->datavalues[$key]."' and ";
}
$selectquery = substr($selectquery,0,-4);
}
if(count($this->tablefieldarray[$tl]) == 0){
foreach($this->fieldvalues as $fl){
$this->tablefields[$tl] .= "$fl = '".$this->datavalues[$fl]."', ";
}
} else{
foreach($this->tablefieldarray[$tl] as $tfa){
$tfa= trim($tfa);
$this->tablefields[$tl] .= "$tfa = '".$this->datavalues[$tfa]. "', ";
}
}
$this->tablefields[$tl] = $this->chopc($this->tablefields[$tl]);
$this->query[$q_no] = sprintf("UPDATE %s SET %s WHERE (%s);",
$tl,$this->chopc($this->tablefields[$tl]),$selectquery);
$q_no++;
} else{
for($count = 1; $count <= $this->no_of_entries[$tl]; $count++){
foreach($this->tablefieldarray[$tl] as $tfa){
$fieldtmp = $tfa.$count;
$this->tablefields[$tl] .= "$tfa = '".$this->datavalues[$fieldtmp]."',";
}
$this->tablefields[$tl] = substr($this->tablefields[$tl],0,-1);
$this->query[$q_no] = sprintf("UPDATE %s SET %s WHERE (%s);",
$tl,$this->chopc($this->tablefields[$tl]),$selectquery);
$q_no++;
$this->tablefields[$tl] = "";
}
}
}
return ($this->query);
}
// generate queries based on fieldvalues[] and datavaluesp[] for inserting into the database
function generate_insertion_queries(){
$q_no = 0;
if(empty($this->tablelist)){
return(0);
}
foreach($this->tablelist as $tl){
if(!$this->checkvalidity($tl)){
continue;
}
$this->data = "";
if($this->no_of_entries[$tl] < 1){
if(count($this->tablefieldarray[$tl]) == 0){
$this->tablefields[$tl] = "";
foreach($this->fieldvalues as $fl){
$this->data .= "'".$this->datavalues[$fl]."',";
$this->tablefields[$tl] .= "$fl,";
}
}
foreach($this->tablefieldarray[$tl] as $tfa){
$tfa= trim($tfa);
$this->data .= "'".$this->datavalues[$tfa]."',";
}
$this->data = $this->chopc($this->data);
$this->query[$q_no] = sprintf("INSERT INTO %s (%s) VALUES (%s);",
$tl,$this->chopc($this->tablefields[$tl]), trim($this->data));
$q_no++;
} else{
for($count = 1; $count <= $this->no_of_entries[$tl]; $count++){
foreach($this->tablefieldarray[$tl] as $tfa){
$tfa = trim($tfa);
$fieldtmp = $tfa.$count;
if(($this->datavalues[$tfa] != "")){
$this->data .= "'".$this->datavalues[$tfa]."',";
} else{
$this->data .= "'".$this->datavalues[$fieldtmp]."',";
}
}
$this->data = $this->chopc($this->data);
$this->query[$q_no] = sprintf("INSERT INTO %s (%s) VALUES (%s);",
$tl,$this->chopc($this->tablefields[$tl]), $this->data);
$q_no++;
$this->data = "";
}
}
}
return ($this->query);
} // end of function generate_insertion_queries()
}; // end of class formclass