action.php

Go to the documentation of this file.
00001 <?php
00002 
00005 
00006 
00007 set_include_path( '../php' . PATH_SEPARATOR . get_include_path());
00008 set_include_path( '../smarty/libs' . PATH_SEPARATOR . get_include_path());
00009 
00010 require_once('Smarty.class.php');
00011 
00012 require_once('redirect.php');
00013 require_once('edit_item.php');
00014 require_once('mod_item.php');
00015 require_once('del_item.php');
00016 require_once('view_item.php');
00017 require_once('setpw.php');
00018 require_once('email.php');
00019 require_once('const.php');
00020 require_once('config.php');
00021 require_once('report.php');
00022 require_once('util.php');
00023 
00075 
00076 function do_action() {
00077 
00078 global $_GET, $_POST, $_SESSION;
00079 global $actions_info, $item_info, $validation_info;
00080 
00081 if (session_id() == "") { session_start(); }
00082 
00083 $smarty =& smarty_init();
00084 
00085 # syntax
00086 # action.php?action=xxx&item=yyy&id=zz
00087 $INPUT = array_merge($_GET,$_POST);
00088 
00089 ## validation of user input
00090 
00091 $errors = check_input($INPUT, $validation_info); 
00092 
00093 if (!empty($errors)) {
00094         user_error("Missing or malformed input parameter(s): " . join($errors, ", "), E_USER_ERROR); 
00095 }
00096 
00097 $item   = $INPUT['item'];
00098 $id     = $INPUT['id'];
00099 
00100 ## xxx prevent multiple invocations of the same form
00101 
00102 ## xxx ugly hack
00103 
00104 if(isset($INPUT['b_ok_x'])) {
00105         $INPUT['b_ok'] = "yes";
00106         unset($INPUT['b_ok_x']); 
00107         unset($INPUT['b_ok_y']);
00108 }
00109 
00110 ## "cancel" button pressed?
00111 $action = "";   # action
00112 
00113 if (isset($INPUT['action'])) {
00114         # action specified as part of URL
00115 
00116         $action = $INPUT['action'];
00117         unset($INPUT['action']);
00118 
00119 }  else {
00120 
00121         # button pressed?
00122 
00123         foreach ($actions_info as $k => $v) {
00124         $btn = $v['button'];
00125 
00126         if (isset($INPUT[$btn])) {
00127                 $action = $k; 
00128                 unset($INPUT[$btn]);
00129         }
00130         }
00131 }
00132 
00133 # suppress confirmation question (because user told us to shut up)
00134 
00135 if (isset($INPUT['c_dontask'])) {
00136         $_SESSION['noconfirm'][$action][$item] = TRUE;
00137 }
00138 
00139 # user pressed "cancel" button
00140 
00141 if (($action == "cancel") or isset($INPUT['b_cancel'])) {
00142 
00143         if (isset($INPUT['redirect'])) {
00144                 $url = $INPUT['redirect'];
00145         } else {
00146                 $url = $_SESSION['last_page'];
00147                 if (isset($INPUT['document_id']))  {
00148                         $url .= "#id_" .$INPUT['document_id']; 
00149                 } else if (isset($INPUT['id'])) {
00150                         $url .= "#id_" .$INPUT['id']; 
00151                 }
00152         }
00153 
00154 
00155         redirect($url);
00156         exit(0);
00157 }
00158 
00159 $db = sql_init();
00160 
00161 # may the user do what he intends to do? 
00162 
00163 if (!check_acl($actions_info[$action]['acl'],$item,$INPUT['id'],$db)) {
00164         user_error("Permission denied: action '$action' on item type '$item'", 
00165                 E_USER_ERROR); 
00166 }
00167 
00168 # ask the user for confirmation (e.g. when deleting something)
00169 
00170 if (($actions_info[$action]['confirm']) and !isset($INPUT['b_ok'])
00171         and !isset($_SESSION['noconfirm'][$action][$item]) ) {
00172 
00173         $smarty->assign('item', $INPUT['item']);
00174         $smarty->assign('id', $INPUT['id']);
00175         $smarty->assign('action', $action);
00176         $smarty->assign('file', $INPUT['file']);
00177         $smarty->assign('redirect', $INPUT['redirect']);
00178 
00179         $smarty->display("header.tpl");
00180         $smarty->display("confirm.tpl");
00181         $smarty->display("footer.tpl");
00182 
00183         exit(0);
00184 }
00185 
00186 
00187 
00188 # execute the action
00189 
00190 foreach ($actions_info as $v) {
00191         $b = $v['button'];
00192         unset($INPUT[$b]);
00193 }
00194 
00195 
00196 unset($INPUT['action']);
00197 
00198 ## override of $INPUT[] by $actions_info[$action['input'] 
00199 
00200 $INPUT = array_merge($INPUT, $actions_info[$action]['input']);
00201 
00202 
00203 if (isset($actions_info[$action]['url'])) {
00204 
00205         # action is an url --> redirect
00206 
00207         $url = $actions_info[$action]['url'];
00208 
00209         foreach ($INPUT as $k => $v) {
00210                 $url .= urlencode($k) .  "=" . urlencode($v) . "&";
00211         }
00212 
00213         $url = rtrim($url,'&?');
00214 
00215         redirect($url);
00216         exit(0);
00217 
00218 } else if (isset( $actions_info[$action]['eval'])) {
00219 
00220         # action is php code --> eval()
00221 
00222         expire($smarty, $db);
00223 
00224         eval($actions_info[$action]['eval']);
00225 
00226 
00227 } else {
00228         user_error("Unknown action:  $action", E_USER_ERROR); 
00229 }
00230 
00231 # cleanup, go to last_page
00232 
00233 sql_exit($db);
00234 
00235 if (isset($INPUT['redirect']))  {
00236         $url = $INPUT['redirect'];
00237 } else {
00238         $url = $_SESSION['last_page'];
00239         if (isset($INPUT['document_id']))  {
00240                 $url .= "#id_" .$INPUT['document_id']; 
00241         } else if (isset($INPUT['id'])) {
00242                 $url .= "#id_" .$INPUT['id']; 
00243         }
00244 }
00245 
00246 
00247 redirect($url);
00248 
00249 }
00250 
00251 do_action(); // execute this function
00252 
00253 ?>
Generated on Fri Jul 14 17:38:54 2006 for semapp by  doxygen 1.4.7