1: <?php
  2: 
  3: // include the config file
  4: if(!isset($config)) {
  5:     require_once '../util/AlphaConfig.inc';
  6:     $config = AlphaConfig::getInstance();
  7: 
  8:     require_once $config->get('app.root').'alpha/util/AlphaAutoLoader.inc';
  9: }
 10: 
 11: /**
 12:  * Controller used to create a new BO, whose classname must be supplied in GET vars
 13:  *
 14:  * @package alpha::controller
 15:  * @since 1.0
 16:  * @author John Collins <dev@alphaframework.org>
 17:  * @version $Id: Create.php 1646 2013-02-15 14:43:16Z alphadevx $
 18:  * @license http://www.opensource.org/licenses/bsd-license.php The BSD License
 19:  * @copyright Copyright (c) 2013, John Collins (founder of Alpha Framework).
 20:  * All rights reserved.
 21:  *
 22:  * <pre>
 23:  * Redistribution and use in source and binary forms, with or
 24:  * without modification, are permitted provided that the
 25:  * following conditions are met:
 26:  *
 27:  * * Redistributions of source code must retain the above
 28:  *   copyright notice, this list of conditions and the
 29:  *   following disclaimer.
 30:  * * Redistributions in binary form must reproduce the above
 31:  *   copyright notice, this list of conditions and the
 32:  *   following disclaimer in the documentation and/or other
 33:  *   materials provided with the distribution.
 34:  * * Neither the name of the Alpha Framework nor the names
 35:  *   of its contributors may be used to endorse or promote
 36:  *   products derived from this software without specific
 37:  *   prior written permission.
 38:  *
 39:  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
 40:  * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
 41:  * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 42:  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 43:  * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
 44:  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 45:  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 46:  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 47:  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 48:  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 49:  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 50:  * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 51:  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 52:  * </pre>
 53:  *
 54:  */
 55: class Create extends AlphaController implements AlphaControllerInterface {
 56:     /**
 57:      * The name of the BO
 58:      *
 59:      * @var string
 60:      * @since 1.0
 61:      */
 62:     protected $BOname;
 63: 
 64:     /**
 65:      * The new BO to be created
 66:      *
 67:      * @var AlphaDAO
 68:      * @since 1.0
 69:      */
 70:     protected $BO;
 71: 
 72:     /**
 73:      * The AlphaView object used for rendering the objects to create
 74:      *
 75:      * @var AlphaView
 76:      * @since 1.0
 77:      */
 78:     private $BOView;
 79: 
 80:     /**
 81:      * Trace logger
 82:      *
 83:      * @var Logger
 84:      * @since 1.0
 85:      */
 86:     private static $logger = null;
 87: 
 88:     /**
 89:      * Constructor to set up the object
 90:      *
 91:      * @param string $visibility
 92:      * @since 1.0
 93:      */
 94:     public function __construct($visibility='Admin') {
 95:         self::$logger = new Logger('Create');
 96:         self::$logger->debug('>>__construct(visibility=['.$visibility.'])');
 97: 
 98:         global $config;
 99: 
100:         // ensure that the super class constructor is called, indicating the rights group
101:         parent::__construct($visibility);
102: 
103:         self::$logger->debug('<<__construct');
104:     }
105: 
106:     /**
107:      * Handle GET requests
108:      *
109:      * @param array $params
110:      * @throws IllegalArguementException
111:      * @throws ResourceNotFoundException
112:      * @since 1.0
113:      */
114:     public function doGET($params) {
115:         self::$logger->debug('>>doGET($params=['.var_export($params, true).'])');
116: 
117:         try{
118:             // load the business object (BO) definition
119:             if (isset($params['bo'])) {
120:                 $BOname = $params['bo'];
121:                 $this->BOname = $BOname;
122:             }elseif(isset($this->BOname)) {
123:                 $BOname = $this->BOname;
124:             }else{
125:                 throw new IllegalArguementException('No BO available to create!');
126:             }
127: 
128:             AlphaDAO::loadClassDef($BOname);
129: 
130:             /*
131:              *  check and see if a custom create controller exists for this BO, and if it does use it otherwise continue
132:              */
133:             if($this->getCustomControllerName($BOname, 'create') != null)
134:                 $this->loadCustomController($BOname, 'create');
135: 
136:             $this->BO = new $BOname();
137: 
138:             $this->BOView = AlphaView::getInstance($this->BO);
139: 
140:             // set up the title and meta details
141:             if(!isset($this->title))
142:                 $this->setTitle('Create a new '.$BOname);
143:             if(!isset($this->description))
144:                 $this->setDescription('Page to create a new '.$BOname.'.');
145:             if(!isset($this->keywords))
146:                 $this->setKeywords('create,new,'.$BOname);
147: 
148:             echo AlphaView::displayPageHead($this);
149: 
150:             echo $this->BOView->createView();
151:         }catch(IllegalArguementException $e) {
152:             self::$logger->warn($e->getMessage());
153:             throw new ResourceNotFoundException('The file that you have requested cannot be found!');
154:         }
155: 
156:         echo AlphaView::displayPageFoot($this);
157: 
158:         self::$logger->debug('<<doGET');
159:     }
160: 
161:     /**
162:      * Method to handle POST requests
163:      *
164:      * @param array $params
165:      * @throws ResourceNotAllowedException
166:      * @since 1.0
167:      */
168:     public function doPOST($params) {
169:         self::$logger->debug('>>doPOST($params=['.var_export($params, true).'])');
170: 
171:         global $config;
172: 
173:         try {
174:             // check the hidden security fields before accepting the form POST data
175:             if(!$this->checkSecurityFields())
176:                 throw new SecurityException('This page cannot accept post data from remote servers!');
177: 
178:             // load the business object (BO) definition
179:             if (isset($params['bo'])) {
180:                 $BOname = $params['bo'];
181:                 $this->BOname = $BOname;
182:             }elseif(isset($this->BOname)) {
183:                 $BOname = $this->BOname;
184:             }else{
185:                 throw new IllegalArguementException('No BO available to create!');
186:             }
187: 
188:             AlphaDAO::loadClassDef($BOname);
189: 
190:             $this->BO = new $BOname();
191: 
192:             if (isset($params['createBut'])) {
193:                 // populate the transient object from post data
194:                 $this->BO->populateFromPost();
195: 
196:                 $this->BO->save();
197: 
198:                 self::$logger->action('Created new '.$BOname.' instance with OID '.$this->BO->getOID());
199: 
200:                 AlphaDAO::disconnect();
201: 
202:                 try {
203:                     if ($this->getNextJob() != '')
204:                         header('Location: '.$this->getNextJob());
205:                     else
206:                         header('Location: '.FrontController::generateSecureURL('act=Detail&bo='.get_class($this->BO).'&oid='.$this->BO->getOID()));
207:                 }catch(AlphaException $e) {
208:                     echo AlphaView::displayPageHead($this);
209:                     self::$logger->error($e->getTraceAsString());
210:                     echo AlphaView::displayErrorMessage('Error creating the new ['.$BOname.'], check the log!');
211:                 }
212:             }
213: 
214:             if (isset($params['cancelBut'])) {
215:                 header('Location: '.FrontController::generateSecureURL('act=ListBusinessObjects'));
216:             }
217:         }catch(SecurityException $e) {
218:             self::$logger->warn($e->getMessage());
219:             echo AlphaView::displayPageHead($this);
220:             throw new ResourceNotAllowedException($e->getMessage());
221:         }catch(IllegalArguementException $e) {
222:             self::$logger->warn($e->getMessage());
223:             echo AlphaView::displayPageHead($this);
224:             throw new ResourceNotFoundException('The file that you have requested cannot be found!');
225:         }catch(ValidationException $e) {
226:             self::$logger->warn($e->getMessage().', query ['.$this->BO->getLastQuery().']');
227:             $this->setStatusMessage(AlphaView::displayErrorMessage($e->getMessage()));
228:             $this->doGET($params);
229:         }
230: 
231:         self::$logger->debug('<<doPOST');
232:     }
233: 
234:     /**
235:      * Use this callback to inject in the admin menu template fragment for admin users of
236:      * the backend only.
237:      *
238:      * @since 1.2
239:      */
240:     public function after_displayPageHead_callback() {
241:         $menu = '';
242: 
243:         if (isset($_SESSION['currentUser']) && AlphaDAO::isInstalled() && $_SESSION['currentUser']->inGroup('Admin') && strpos($_SERVER['REQUEST_URI'], '/tk/') !== false) {
244:             $menu .= AlphaView::loadTemplateFragment('html', 'adminmenu.phtml', array());
245:         }
246: 
247:         return $menu;
248:     }
249: }
250: 
251: // now build the new controller
252: if(basename($_SERVER['PHP_SELF']) == 'Create.php') {
253:     $controller = new Create();
254: 
255:     if(!empty($_POST)) {
256:         $controller->doPOST($_REQUEST);
257:     }else{
258:         $controller->doGET($_GET);
259:     }
260: }
261: 
262: ?>