This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | |||
4 | class UpdateNote extends DataObject |
||
5 | { |
||
6 | private static $fields_to_remove_in_the_cms_fields = []; |
||
7 | |||
8 | private static $singular_name = 'Update Note'; |
||
9 | |||
10 | public function i18n_singular_name() |
||
11 | { |
||
12 | return self::$singular_name; |
||
13 | } |
||
14 | |||
15 | private static $plural_name = 'Update Notes'; |
||
16 | |||
17 | public function i18n_plural_name() |
||
18 | { |
||
19 | return self::$plural_name; |
||
20 | } |
||
21 | |||
22 | private static $db = array( |
||
23 | 'Note' => 'Varchar', |
||
24 | 'FutureReminderDate' => 'Date', |
||
25 | 'FutureReminderNote' => 'Varchar', |
||
26 | 'FutureReminderCompleted' => 'Boolean', |
||
27 | 'UpdateNoteRecordID' => 'Int', |
||
28 | 'UpdateNoteRecordClass' => 'Varchar(100)' |
||
29 | ); |
||
30 | |||
31 | private static $has_one = array( |
||
32 | 'UpdatedBy' => 'Member', |
||
33 | 'UpdateNoteRecord' => 'DataObject' |
||
34 | ); |
||
35 | |||
36 | private static $casting = array( |
||
37 | 'Title' => 'Varchar' |
||
38 | ); |
||
39 | |||
40 | private static $indexes = array( |
||
41 | 'UpdateNoteRecordID' => true, |
||
42 | 'UpdateNoteRecordClass' => true, |
||
43 | 'FutureReminderNote' => true, |
||
44 | 'FutureReminderDate' => true |
||
45 | ); |
||
46 | |||
47 | private static $default_sort = array( |
||
48 | 'IF("ClassName" = \'UpdateNoteToBeCompleted\' AND "FutureReminderCompleted" = 0, 0, 1)' => 'ASC', |
||
49 | 'FutureReminderDate' => 'ASC', |
||
50 | 'Created' => 'DESC' |
||
51 | ); |
||
52 | |||
53 | // private static $required_fields = array(); |
||
54 | |||
55 | private static $summary_fields = array( |
||
56 | 'Created.Nice' => 'When', |
||
57 | 'LastEdited.Nice' => 'Last Edited', |
||
58 | 'UpdateNoteRecord.Title' => 'What', |
||
59 | 'Note' => 'Note', |
||
60 | 'UpdatedBy.Email' => 'Editor', |
||
61 | 'FutureReminderDate.Nice' => 'Future Reminder', |
||
62 | 'FutureReminderNote' => 'Reminder Note' |
||
63 | ); |
||
64 | |||
65 | private static $field_labels = array( |
||
66 | 'Note' => 'Note', |
||
67 | 'FutureReminderDate' => 'Future Reminder Date', |
||
68 | 'FutureReminderNote' => 'Future Reminder Note', |
||
69 | 'UpdateNoteRecord' => 'What', |
||
70 | 'UpdateNoteRecordClass' => 'Record Type', |
||
71 | 'UpdateNoteRecordID' => 'Record ID', |
||
72 | 'UpdatedBy' => 'Editor' |
||
73 | ); |
||
74 | |||
75 | /** |
||
76 | * |
||
77 | * PartialMatchFilter |
||
78 | */ |
||
79 | private static $searchable_fields = array( |
||
80 | 'UpdatedByID' => array( |
||
81 | 'field' => 'UpdateNoteSearchField', |
||
82 | 'filter' => 'ExactMatchFilter', |
||
83 | 'title' => 'Edited By' |
||
84 | ), |
||
85 | 'Note' => 'PartialMatchFilter', |
||
86 | 'FutureReminderDate' => 'PartialMatchFilter', |
||
87 | 'FutureReminderNote' => 'PartialMatchFilter', |
||
88 | ); |
||
89 | |||
90 | |||
91 | protected function getEditorsDropdown() |
||
92 | { |
||
93 | $admins = EcommerceRole::list_of_admins(true); |
||
94 | return DropdownField::create( |
||
95 | 'UpdatedByID', |
||
96 | 'Edited By', |
||
97 | $admins |
||
98 | ); |
||
99 | } |
||
100 | |||
101 | /** |
||
102 | * e.g. |
||
103 | * $controller = singleton("MyModelAdmin"); |
||
104 | * return $controller->Link().$this->ClassName."/EditForm/field/".$this->ClassName."/item/".$this->ID."/edit"; |
||
105 | */ |
||
106 | public function CMSEditLink() |
||
107 | { |
||
108 | return Controller::join_links( |
||
109 | Director::baseURL(), |
||
110 | "/admin/updatenotes/".$this->ClassName."/EditForm/field/".$this->ClassName."/item/".$this->ID."/edit" |
||
111 | ); |
||
112 | } |
||
113 | |||
114 | /** |
||
115 | * CMS Fields |
||
116 | * @return FieldList |
||
117 | */ |
||
118 | public function getCMSFields() |
||
119 | { |
||
120 | $fields = parent::getCMSFields(); |
||
121 | $fields->insertBefore(ReadonlyField::create('Created'), 'Note'); |
||
122 | $fields->insertBefore(ReadonlyField::create('LastEdited'), 'Note'); |
||
123 | $fieldLabels = $this->fieldLabels(); |
||
124 | $fields->removeByName('UpdateNoteRecordClass'); |
||
125 | $fields->removeByName('UpdateNoteRecordID'); |
||
126 | |||
127 | $otherFieldsToRemove = $this->Config()->get('fields_to_remove_in_the_cms_fields'); |
||
128 | foreach ($otherFieldsToRemove as $field) { |
||
129 | $fields->removeByName($field); |
||
130 | // code... |
||
131 | } |
||
132 | $fields->insertBefore( |
||
133 | ReadonlyField::create( |
||
134 | 'Created' |
||
135 | ), |
||
136 | 'Note' |
||
137 | ); |
||
138 | $fields->insertBefore( |
||
139 | ReadonlyField::create( |
||
140 | 'LastEdited' |
||
141 | ), |
||
142 | 'Note' |
||
143 | ); |
||
144 | if ($whoField = $fields->dataFieldByName('UpdatedByID')) { |
||
145 | $fields->removeFieldFromTab('Root.Main', 'UpdatedByID'); |
||
146 | $who = $this->UpdatedBy(); |
||
0 ignored issues
–
show
|
|||
147 | if ($who && $who->exists()) { |
||
148 | View Code Duplication | if ($who->hasMethod('CMSEditLink')) { |
|
149 | $fields->addFieldToTab( |
||
150 | 'Root.Main', |
||
151 | $whoField = ReadonlyField::create( |
||
152 | 'UpdatedByLink', |
||
153 | $fieldLabels['UpdatedBy'], |
||
154 | '<h2><a href="'.$who->CMSEditLink().'" target="_blank">'.$who->getTitle().'</a></h2>' |
||
155 | ) |
||
156 | ); |
||
157 | } else { |
||
158 | $fields->addFieldToTab( |
||
159 | 'Root.Main', |
||
160 | $whoField = ReadonlyField::create( |
||
161 | 'UpdatedByLink', |
||
162 | $fieldLabels['UpdatedBy'], |
||
163 | '<h2>'.$who->getTitle().'.</h2>' |
||
164 | ) |
||
165 | ); |
||
166 | } |
||
167 | } else { |
||
168 | $fields->addFieldToTab( |
||
169 | 'Root.Main', |
||
170 | $whoField = ReadonlyField::create( |
||
171 | 'UpdatedByLink', |
||
172 | $fieldLabels['UpdatedBy'], |
||
173 | '<p class="message warning">no editor found</p>' |
||
174 | ) |
||
175 | ); |
||
176 | } |
||
177 | $whoField->dontEscape = true; |
||
178 | } |
||
179 | |||
180 | if ($parent = $this->getParent()) { |
||
181 | View Code Duplication | if ($parent->hasMethod('CMSEditLink')) { |
|
182 | $fields->addFieldToTab( |
||
183 | 'Root.Main', |
||
184 | $parentField = ReadonlyField::create( |
||
185 | 'ParentLink', |
||
186 | $fieldLabels['UpdateNoteRecord'], |
||
187 | '<h2><a href="'.$parent->CMSEditLink().'" target="_blank">'.$parent->getTitle().'</a></h2>' |
||
188 | ) |
||
189 | ); |
||
190 | } else { |
||
191 | $fields->addFieldToTab( |
||
192 | 'Root.Main', |
||
193 | $parentField = ReadonlyField::create( |
||
194 | 'ParentLink', |
||
195 | $fieldLabels['UpdateNoteRecord'], |
||
196 | '<h2>'.$parent->getTitle().'</h2>' |
||
197 | ) |
||
198 | ); |
||
199 | } |
||
200 | $parentField->dontEscape = true; |
||
201 | } |
||
202 | return $fields; |
||
203 | } |
||
204 | |||
205 | public function getParentField($fieldLabels = null, $linkMethod = 'CMSEditLink') |
||
206 | { |
||
207 | if ($fieldLabels === null) { |
||
208 | $fieldLabels = $this->fieldLabels(); |
||
209 | } |
||
210 | $parentField = null; |
||
211 | if ($parent = $this->owner->getParent()) { |
||
212 | if ($parent->hasMethod($linkMethod)) { |
||
213 | $parentField = ReadonlyField::create( |
||
214 | 'ParentLink', |
||
215 | $fieldLabels['UpdateNoteRecord'], |
||
216 | '<p><a href="'.$parent->$linkMethod().'" target="_blank">'.$parent->getTitle().'</a></p>' |
||
217 | ); |
||
218 | } else { |
||
219 | $parentField = ReadonlyField::create( |
||
220 | 'ParentLink', |
||
221 | $fieldLabels['UpdateNoteRecord'], |
||
222 | '<p>'.$parent->getTitle().'</p>' |
||
223 | ); |
||
224 | } |
||
225 | $parentField->dontEscape = true; |
||
226 | } else { |
||
227 | $parentField = LiteralField::create('ParentLink', '<p class="message bad">No parent found</p>'); |
||
228 | } |
||
229 | return $parentField; |
||
230 | } |
||
231 | |||
232 | public function getParent() |
||
233 | { |
||
234 | if ($obj = $this->UpdateNoteRecord()) { |
||
0 ignored issues
–
show
The method
UpdateNoteRecord does not exist on object<UpdateNote> ? Since you implemented __call , maybe consider adding a @method annotation.
If you implement This is often the case, when class ParentClass {
private $data = array();
public function __call($method, array $args) {
if (0 === strpos($method, 'get')) {
return $this->data[strtolower(substr($method, 3))];
}
throw new \LogicException(sprintf('Unsupported method: %s', $method));
}
}
/**
* If this class knows which fields exist, you can specify the methods here:
*
* @method string getName()
*/
class SomeClass extends ParentClass { }
Loading history...
|
|||
235 | return $obj; |
||
236 | } else { |
||
237 | $className = $this->UpdateNoteRecordClass; |
||
0 ignored issues
–
show
The property
UpdateNoteRecordClass does not seem to exist. Did you mean record ?
An attempt at access to an undefined property has been detected. This may either be a typographical error or the property has been renamed but there are still references to its old name. If you really want to allow access to undefined properties, you can define magic methods to allow access. See the php core documentation on Overloading.
Loading history...
|
|||
238 | if ($className && class_exists($className)) { |
||
239 | $id = intval($this->UpdateNoteRecordID); |
||
0 ignored issues
–
show
The property
UpdateNoteRecordID does not seem to exist. Did you mean record ?
An attempt at access to an undefined property has been detected. This may either be a typographical error or the property has been renamed but there are still references to its old name. If you really want to allow access to undefined properties, you can define magic methods to allow access. See the php core documentation on Overloading.
Loading history...
|
|||
240 | if ($id) { |
||
241 | return $className::get()->byID($id); |
||
242 | } |
||
243 | } |
||
244 | } |
||
245 | } |
||
246 | |||
247 | |||
248 | /** |
||
249 | * Event handler called before writing to the database. |
||
250 | */ |
||
251 | public function onBeforeWrite() |
||
252 | { |
||
253 | parent::onBeforeWrite(); |
||
254 | if ($this->FutureReminderCompleted && $this instanceof UpdateNoteToBeCompleted) { |
||
255 | $this->ClassName = 'UpdateNote'; |
||
256 | } elseif ($this->FutureReminderDate && ! $this instanceof UpdateNoteToBeCompleted) { |
||
257 | $this->ClassName = 'UpdateNoteToBeCompleted'; |
||
258 | } elseif (!$this->FutureReminderDate && $this instanceof UpdateNoteToBeCompleted) { |
||
259 | $this->ClassName = 'UpdateNote'; |
||
260 | } |
||
261 | } |
||
262 | /** |
||
263 | * Creating Permissions |
||
264 | * @return bool |
||
265 | */ |
||
266 | public function canCreate($member = null) |
||
267 | { |
||
268 | return false; |
||
269 | } |
||
270 | |||
271 | /** |
||
272 | * Editing Permissions |
||
273 | * @return bool |
||
274 | */ |
||
275 | public function canEdit($member = null) |
||
276 | { |
||
277 | return parent::canEdit(); |
||
278 | } |
||
279 | |||
280 | /** |
||
281 | * Deleting Permissions |
||
282 | * @return bool |
||
283 | */ |
||
284 | public function canDelete($member = null) |
||
285 | { |
||
286 | return false; |
||
287 | } |
||
288 | |||
289 | public function getTitle() |
||
290 | { |
||
291 | $obj = $this->getParent(); |
||
292 | if ($obj && $obj->exists()) { |
||
293 | $titleArray = array($this->Created, $obj->getTitle()); |
||
294 | if ($this->Note) { |
||
295 | array_push($titleArray, $this->Note); |
||
296 | } |
||
297 | return implode(' - ', $titleArray); |
||
298 | } |
||
299 | } |
||
300 | } |
||
301 |
If you implement
__call
and you know which methods are available, you can improve IDE auto-completion and static analysis by adding a @method annotation to the class.This is often the case, when
__call
is implemented by a parent class and only the child class knows which methods exist: