vijinho /
f3-cms
| @@ 24-70 (lines=47) @@ | ||
| 21 | * @param array $prohibitedFields |
|
| 22 | * @return void |
|
| 23 | */ |
|
| 24 | private function save(\Base $f3, array $prohibitedFields = []) |
|
| 25 | { |
|
| 26 | // do not allow request to define these fields: |
|
| 27 | $data = $f3->get('REQUEST'); |
|
| 28 | foreach ($prohibitedFields as $field) { |
|
| 29 | if (array_key_exists($field, $data)) { |
|
| 30 | unset($data[$field]); |
|
| 31 | } |
|
| 32 | } |
|
| 33 | ||
| 34 | // load pre-existing value |
|
| 35 | $db = \Registry::get('db'); |
|
| 36 | $m = $this->getMapper(); |
|
| 37 | ||
| 38 | // copy data and validate |
|
| 39 | $m->copyfrom($data); |
|
| 40 | $m->validationRequired([ |
|
| 41 | 'key', 'value', 'type', 'rank' |
|
| 42 | ]); |
|
| 43 | ||
| 44 | $errors = $m->validate(false); |
|
| 45 | if (true !== $errors) { |
|
| 46 | foreach ($errors as $error) { |
|
| 47 | $this->setOAuthError('invalid_request'); |
|
| 48 | $this->failure($error['field'], $error['rule']); |
|
| 49 | } |
|
| 50 | } else { |
|
| 51 | // load original record, ovewrite |
|
| 52 | if ($f3->get('VERB') == 'PUT') { |
|
| 53 | $m->load(['uuid = ?', $data['uuid']]); |
|
| 54 | } else { |
|
| 55 | $m->load([$db->quotekey('key') . ' = ?', $data['key']]); |
|
| 56 | } |
|
| 57 | $m->copyfrom($data); |
|
| 58 | ||
| 59 | // load in original data and then replace for save |
|
| 60 | if (!$m->save()) { |
|
| 61 | $this->setOAuthError('invalid_request'); |
|
| 62 | $this->failure('error', 'Unable to update object.'); |
|
| 63 | return; |
|
| 64 | } |
|
| 65 | ||
| 66 | // return raw data for object? |
|
| 67 | $adminView = $f3->get('isAdmin') && 'admin' == $f3->get('REQUEST.view'); |
|
| 68 | $this->data = $adminView ? $m->castFields($f3->get('REQUEST.fields')) : $m->exportArray($f3->get('REQUEST.fields')); |
|
| 69 | } |
|
| 70 | } |
|
| 71 | ||
| 72 | ||
| 73 | /** |
|
| @@ 28-70 (lines=43) @@ | ||
| 25 | * @param array $prohibitedFields |
|
| 26 | * @return void |
|
| 27 | */ |
|
| 28 | protected function save(\Base $f3, array $prohibitedFields = []) |
|
| 29 | { |
|
| 30 | // do not allow request to define these fields: |
|
| 31 | $data = $f3->get('REQUEST'); |
|
| 32 | foreach ($prohibitedFields as $field) { |
|
| 33 | if (array_key_exists($field, $data)) { |
|
| 34 | unset($data[$field]); |
|
| 35 | } |
|
| 36 | } |
|
| 37 | ||
| 38 | // load pre-existing value |
|
| 39 | $db = \Registry::get('db'); |
|
| 40 | $m = $this->getMapper(); |
|
| 41 | if ($f3->get('VERB') == 'PUT') { |
|
| 42 | $m->load(['uuid = ?', $data['uuid']]); |
|
| 43 | } else { |
|
| 44 | $m->load(['users_uuid = ? AND ' . $db->quotekey('key') . ' = ?', $data['users_uuid'], $data['key']]); |
|
| 45 | } |
|
| 46 | ||
| 47 | // copy data and validate |
|
| 48 | $m->copyfrom($data); |
|
| 49 | $m->validationRequired([ |
|
| 50 | 'users_uuid', 'key', 'name', 'query' |
|
| 51 | ]); |
|
| 52 | $errors = $m->validate(false); |
|
| 53 | if (true !== $errors) { |
|
| 54 | foreach ($errors as $error) { |
|
| 55 | $this->setOAuthError('invalid_request'); |
|
| 56 | $this->failure($error['field'], $error['rule']); |
|
| 57 | } |
|
| 58 | } else { |
|
| 59 | // load in original data and then replace for save |
|
| 60 | if (!$m->save()) { |
|
| 61 | $this->setOAuthError('invalid_request'); |
|
| 62 | $this->failure('error', 'Unable to update object.'); |
|
| 63 | return; |
|
| 64 | } |
|
| 65 | ||
| 66 | // return raw data for object? |
|
| 67 | $adminView = $f3->get('isAdmin') && 'admin' == $f3->get('REQUEST.view'); |
|
| 68 | $this->data = $adminView ? $m->castFields($f3->get('REQUEST.fields')) : $m->exportArray($f3->get('REQUEST.fields')); |
|
| 69 | } |
|
| 70 | } |
|
| 71 | ||
| 72 | } |
|
| 73 | ||
| @@ 27-69 (lines=43) @@ | ||
| 24 | * @param array $prohibitedFields |
|
| 25 | * @return void |
|
| 26 | */ |
|
| 27 | protected function save(\Base $f3, array $prohibitedFields = []) |
|
| 28 | { |
|
| 29 | // do not allow request to define these fields: |
|
| 30 | $data = $f3->get('REQUEST'); |
|
| 31 | foreach ($prohibitedFields as $field) { |
|
| 32 | if (array_key_exists($field, $data)) { |
|
| 33 | unset($data[$field]); |
|
| 34 | } |
|
| 35 | } |
|
| 36 | ||
| 37 | // load pre-existing value |
|
| 38 | $db = \Registry::get('db'); |
|
| 39 | $m = $this->getMapper(); |
|
| 40 | if ($f3->get('VERB') == 'PUT') { |
|
| 41 | $m->load(['uuid = ?', $data['uuid']]); |
|
| 42 | } else { |
|
| 43 | $m->load(['users_uuid = ? AND ' . $db->quotekey('key') . ' = ?', $data['users_uuid'], $data['key']]); |
|
| 44 | } |
|
| 45 | ||
| 46 | // copy data and validate |
|
| 47 | $m->copyfrom($data); |
|
| 48 | $m->validationRequired([ |
|
| 49 | 'users_uuid', 'key', 'value' |
|
| 50 | ]); |
|
| 51 | $errors = $m->validate(false); |
|
| 52 | if (true !== $errors) { |
|
| 53 | foreach ($errors as $error) { |
|
| 54 | $this->setOAuthError('invalid_request'); |
|
| 55 | $this->failure($error['field'], $error['rule']); |
|
| 56 | } |
|
| 57 | } else { |
|
| 58 | // load in original data and then replace for save |
|
| 59 | if (!$m->save()) { |
|
| 60 | $this->setOAuthError('invalid_request'); |
|
| 61 | $this->failure('error', 'Unable to update object.'); |
|
| 62 | return; |
|
| 63 | } |
|
| 64 | ||
| 65 | // return raw data for object? |
|
| 66 | $adminView = $f3->get('isAdmin') && 'admin' == $f3->get('REQUEST.view'); |
|
| 67 | $this->data = $adminView ? $m->castFields($f3->get('REQUEST.fields')) : $m->exportArray($f3->get('REQUEST.fields')); |
|
| 68 | } |
|
| 69 | } |
|
| 70 | ||
| 71 | ||
| 72 | /** |
|
