issue 37 Server Side Validator apply core code

git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.0@8477 201d5d3c-b55e-5fd7-737f-ddc643e51545

classes/context/Context.class.php

@@ -925,6 +925,8 @@ class Context {
 	 **/
 	function get($key) {
 		is_a($this,'Context')?$self=&$this:$self=&Context::getInstance();
+
+		if(!isset($self->context->{$key})) return null;
 		return $self->context->{$key};
 	}
 

classes/display/HTMLDisplayHandler.php

@@ -92,6 +92,15 @@ class HTMLDisplayHandler {
 		// prevent the 2nd request due to url(none) of the background-image
 		$output = preg_replace('/url\((["\']?)none(["\']?)\)/is', 'none', $output);
 
+		if(is_array(Context::get('INPUT_ERROR')))
+		{
+			$INPUT_ERROR = Context::get('INPUT_ERROR');
+			$keys = array_keys($INPUT_ERROR);
+			$keys = '('.implode('|', $keys).')';
+
+			$output = preg_replace('/(<input[^>]*?)(?:value="[^"]*"([^>]*?name="'.$keys.'"[^>])|(name="'.$keys.'"[^>]*?)value="[^"]*")([^>]*?\/?>)/ise', '"\\1\\2\\4 value=\\"".htmlspecialchars($INPUT_ERROR["\\3\\5"])."\\" \\6"', $output);
+		}
+
 		if(__DEBUG__==3) $GLOBALS['__trans_content_elapsed__'] = getMicroTime()-$start;
 
 		// Remove unnecessary information

classes/module/ModuleHandler.class.php

@@ -297,8 +297,23 @@
 				if(!empty($rulesetFile))
 				{
 					$Validator = new Validator($rulesetFile);
-					if(!$Validator->validate())
-						return $Validator->getLastError();
+					$result = $Validator->validate();
+					if(!$result)
+					{
+						$lastError = $Validator->getLastError();
+						$returnUrl = Context::get('error_return_url')?Context::get('error_return_url'):getUrl();
+						$errorMsg = $lastError['msg'] ? $lastError['msg'] : 'validation error';
+
+						//for xml response
+						$oModule->setError(-1);
+						$oModule->setMessage($errorMsg);
+						//for html redirect
+						$this->error = $errorMsg;
+						$_SESSION['XE_VALIDATOR_ERROR'] = $this->error;
+						$_SESSION['XE_VALIDATOR_ERROR_RETURN_URL'] = $returnUrl;
+						$this->_setInputValueToSession();
+						return $oModule;
+					}
 				}
 			}
 
@@ -315,11 +330,37 @@
 			}
 
             // execute the action, and if failed, set error
-            if(!$oModule->proc()) $this->error = $oModule->getMessage();
+            if(!$oModule->proc()) 
+			{
+				// case post, redirect page
+            	if(!in_array(Context::getRequestMethod(),array('XMLRPC','JSON')))
+				{
+					$this->_setInputValueToSession();
+					$returnUrl = Context::get('error_return_url')?Context::get('error_return_url'):getUrl();
+					header('location:'.$returnUrl);
+					return;
+				}
+				// case exec xml, return xml response
+				else $this->error = $oModule->getMessage();
+			}
+			else
+			{
+				if(count($_SESSION['INPUT_ERROR']))
+				{
+					Context::set('INPUT_ERROR', $_SESSION['INPUT_ERROR']);
+					$_SESSION['INPUT_ERROR'] = '';
+				}
+			}
 
             return $oModule;
         }
 
+		function _setInputValueToSession()
+		{
+			$requestVars = Context::getRequestVars();
+			foreach($requestVars AS $key=>$value) $_SESSION['INPUT_ERROR'][$key] = $value;
+		}
+
         /**
          * @brief display contents from executed module
          * @param[in] $oModule module instance
@@ -344,6 +385,12 @@
             if(!in_array(Context::getRequestMethod(),array('XMLRPC','JSON'))) {
                 // If error occurred, handle it
                 if($this->error) {
+					if($_SESSION['XE_VALIDATOR_ERROR'] && $_SESSION['XE_VALIDATOR_ERROR_RETURN_URL'])
+					{
+						header('location:'.$_SESSION['XE_VALIDATOR_ERROR_RETURN_URL']);
+						return;
+					}
+
                     // display content with message module instance 
 					$type = Mobile::isFromMobilePhone() ? 'mobile' : 'view';
 					$oMessageObject = &ModuleHandler::getModuleInstance('message',$type);
@@ -353,9 +400,8 @@
 
                     // If module was called normally, change the templates of the module into ones of the message view module
                     if($oModule) {
-                        $oModule->setTemplatePath($oMessageObject->getTemplatePath());
-                        $oModule->setTemplateFile($oMessageObject->getTemplateFile());
-
+						$oModule->setTemplatePath($oMessageObject->getTemplatePath());
+						$oModule->setTemplateFile($oMessageObject->getTemplateFile());
                     // Otherwise, set message instance as the target module
                     } else {
                         $oModule = $oMessageObject;
@@ -410,9 +456,15 @@
                 }
             }
 
+			if($_SESSION['XE_VALIDATOR_ERROR'] && !Context::get('XE_VALIDATOR_ERROR')) Context::set('XE_VALIDATOR_ERROR', $_SESSION['XE_VALIDATOR_ERROR']);
+			if($_SESSION['XE_VALIDATOR_ERROR_RETURN_URL'] && !Context::get('XE_VALIDATOR_ERROR_RETURN_URL')) Context::set('XE_VALIDATOR_ERROR_RETURN_URL', $_SESSION['XE_VALIDATOR_ERROR_RETURN_URL']);
+
             // Display contents 
             $oDisplayHandler = new DisplayHandler();
             $oDisplayHandler->printContent($oModule);
+
+			$_SESSION['XE_VALIDATOR_ERROR'] = '';
+			$_SESSION['XE_VALIDATOR_ERROR_RETURN_URL'] = '';
         }
 
         /**

classes/template/TemplateHandler.class.php

@@ -187,6 +187,9 @@
             // javascript plugin import
             $buff = preg_replace_callback('!<\!--%load_js_plugin\(\"([^\"]*?)\"\)-->!is', array($this, '_compileLoadJavascriptPlugin'), $buff);
 
+			// form auto generation
+			$buff = preg_replace_callback('/(<form.*?>)(.*)(<\/form>)/is', array($this, '_compileFormAuthGeneration'), $buff);
+
             // replace variables
             $buff = preg_replace_callback('/\{[^@^ ]([^\{\}\n]+)\}/i', array($this, '_compileVarToContext'), $buff);
 
@@ -200,6 +203,46 @@
             $this->buff = '<?php if(!defined("__ZBXE__")) exit();?>'.$buff;
         }
 
+		/**
+		 * @brief 1. remove ruleset from form tag
+		 * 2. add hidden tag with ruleset value
+		 * 3. if empty default hidden tag, generate hidden tag (ex:mid, vid, act...)
+		 * 4. generate return url, return url use in server side validator
+		 **/
+		function _compileFormAuthGeneration($matches)
+		{
+			// form ruleset attribute move to hidden tag
+			if($matches[1])
+			{
+				preg_match('/ruleset="([^"]*?)"/is', $matches[1], $m);
+				if($m[0])
+				{
+					$matches[1] = preg_replace('/'.$m[0].'/i', '', $matches[1]);
+					$matches[2] = '<input type="hidden" name="ruleset" value="'.$m[1].'" />'.$matches[2];
+				}
+			}
+
+			// if not exists default hidden tag, generate hidden tag
+			preg_match_all('/<input[^>]* name="(act|mid|vid)"/is', $matches[2], $m2);
+			$checkVar = array('act', 'mid', 'vid');
+			$resultArray = array_diff($checkVar, $m2[1]);
+			if(is_array($resultArray))
+			{
+				$generatedHidden = '';
+				foreach($resultArray AS $key=>$value)
+				{
+					$generatedHidden .= '<input type="hidden" name="'.$value.'" value="{$'.$value.'}">';
+				}
+				$matches[2] = $generatedHidden.$matches[2];
+			}
+
+			// return url generate
+			$matches[2] = '<input type="hidden" name="error_return_url" value="{getRequestUriByServerEnviroment()}" />'.$matches[2];
+
+			$matches[0] = '';
+			return implode($matches);
+		}
+
         /**
          * @brief fetch using ob_* function 
          * @param[in] $compiled_tpl_file path of compiled template file

config/func.inc.php

@@ -820,6 +820,14 @@
         return $url;
     }
 
+    /**
+     * return the requested script path
+     **/
+	function getRequestUriByServerEnviroment()
+	{
+		return $_SERVER['REQUEST_URI'];
+	}
+
     /**
      * php unescape function of javascript's escape
      * Function converts an Javascript escaped string back into a string with specified charset (default is UTF-8).

modules/message/message.view.php

@@ -37,8 +37,7 @@
             Context::set('system_message', nl2br($this->getMessage()));
 
             $this->setTemplatePath($template_path);
-            $this->setTemplateFile('system_message');
+			$this->setTemplateFile('system_message');
         }
-
     }
 ?>