From 4a9c1b2d39a4352f7df95356218d3da2ff41bb2d Mon Sep 17 00:00:00 2001 From: jonathan Quispe Date: Fri, 15 Sep 2017 11:54:39 +0000 Subject: [PATCH] HOR-4861 --- Rakefile | 1 + config/constants.php | 10 + config/enviromentvariables.json | 5 + gulpfile.js | 36 ++- .../translations/english/processmaker.en.po | 12 + workflow/engine/data/mysql/insert.sql | 2 + .../ProcessMaker/BusinessModel/DynaForm.php | 78 ++++++ .../BusinessModel/ReportTable.php | 256 +++++++++--------- .../ProcessMaker/BusinessModel/Validator.php | 118 ++++---- .../ProcessMaker/BusinessModel/Variable.php | 3 +- 10 files changed, 340 insertions(+), 181 deletions(-) create mode 100644 config/constants.php diff --git a/Rakefile b/Rakefile index 8ffc4d77f..c0d680a19 100644 --- a/Rakefile +++ b/Rakefile @@ -141,6 +141,7 @@ def generateEnviromentVariables() file = File.read('./config/enviromentvariables.json') dataUser = JSON.parse(file) content = content + "__env.USER_GUEST = " + JSON.generate(dataUser['constants']['userguest']) + content = content + "; __env.pmVariable = " + JSON.generate(dataUser['validation']['pmVariable']) dir = "vendor/colosa/MichelangeloFE/src/enviroment/" # create a directory enviroment FileUtils.mkdir_p(dir) diff --git a/config/constants.php b/config/constants.php new file mode 100644 index 000000000..f51963dc0 --- /dev/null +++ b/config/constants.php @@ -0,0 +1,10 @@ + [ + 'pmVariable' => [ + 'regEx' => '/^[a-zA-Z\_]{1}\w+$/' + ] + ] +]; + diff --git a/config/enviromentvariables.json b/config/enviromentvariables.json index 57d9fc8da..e97f1b876 100644 --- a/config/enviromentvariables.json +++ b/config/enviromentvariables.json @@ -8,5 +8,10 @@ "lastname": "Guest", "username": "guest" } + }, + "validation": { + "pmVariable": { + "regEx": "/^[a-zA-Z\\_]{1}\\w+$/" + } } } \ No newline at end of file diff --git a/gulpfile.js b/gulpfile.js index 2ecbb281b..5e9b4c5cc 100644 --- a/gulpfile.js +++ b/gulpfile.js @@ -471,6 +471,37 @@ gulp.task('clean', function () { cleanDirectory('workflow/public_html/lib'); }); +/** + * Exports from the config/constants.php the configuration constants to the + * enviromentvariables.json file + */ +gulp.task('exportBackendConstants', function () { + var runner = require('child_process'); + gutil.log(gutil.colors.green('Export ProcessMaker constants...')); + + var envVarsJsonFile = 'config/enviromentvariables.json'; + + var code = 'require_once "gulliver/system/class.g.php";' + + 'require_once "bootstrap/autoload.php";' + + 'require_once "bootstrap/app.php";' + + 'app()->make(Illuminate\\Foundation\\Http\\Kernel::class)->bootstrap();' + + 'print(json_encode(config("constants", JSON_UNESCAPED_SLASHES)));'; + + runner.exec( + 'php -r \'' + code + '\'', + function (err, stdout, stderr) { + var pmConstants = JSON.parse(stdout); + var envVar = JSON.parse(fs.readFileSync(envVarsJsonFile)); + + for (var attr in pmConstants) { + envVar[attr] = pmConstants[attr]; + } + + fs.writeFileSync(envVarsJsonFile, JSON.stringify(envVar, null, 2)); + return pmConstants; + }); +}); + /** * This scheduled task is to be able to create the guest user constants */ @@ -490,7 +521,7 @@ gulp.task('__env', function (cb) { ); }); -gulp.task('default', ['clean', '__env'], function (cb) { +gulp.task('default', ['clean', 'exportBackendConstants', '__env'], function (cb) { var i, tasks = []; gutil.log(gutil.colors.green('Initializing ProcessMaker building...')); @@ -499,4 +530,5 @@ gulp.task('default', ['clean', '__env'], function (cb) { tasks.push(_.bind(processTask, config[i])); } executeSequence(tasks, cb); -}); \ No newline at end of file +}); + diff --git a/workflow/engine/content/translations/english/processmaker.en.po b/workflow/engine/content/translations/english/processmaker.en.po index f233bcd21..1f0217879 100644 --- a/workflow/engine/content/translations/english/processmaker.en.po +++ b/workflow/engine/content/translations/english/processmaker.en.po @@ -8945,6 +8945,12 @@ msgstr "No skins to display" msgid "No users to display" msgstr "No users to display" +# TRANSLATION +# LABEL/ID_GRID_VARIABLE_NAME_ERROR +#: LABEL/ID_GRID_VARIABLE_NAME_ERROR +msgid "A valid variable starts with a letter or underscore, followed by any number of letters, numbers, or underscores. Variables with wrong names: {0}" +msgstr "A valid variable starts with a letter or underscore, followed by any number of letters, numbers, or underscores. Variables with wrong names: {0}" + # TRANSLATION # LABEL/ID_GRID_WIZARD #: LABEL/ID_GRID_WIZARD @@ -20675,6 +20681,12 @@ msgstr "File \"{0}\" imported but with errors:" msgid "The following fields cannot be created because they contain the reserved words \"{0}\"" msgstr "The following fields cannot be created because they contain the reserved words \"{0}\"" +# TRANSLATION +# LABEL/ID_PMTABLE_INVALID_FIELD_NAME_VARIABLE +#: LABEL/ID_PMTABLE_INVALID_FIELD_NAME_VARIABLE +msgid "There is a conflict with some field names: \"{0}\", please rename them avoiding the use of numbers and considering that underscores are ignored when validating unique field names." +msgstr "There is a conflict with some field names: \"{0}\", please rename them avoiding the use of numbers and considering that underscores are ignored when validating unique field names." + # TRANSLATION # LABEL/ID_PMTABLE_INVALID_FILE #: LABEL/ID_PMTABLE_INVALID_FILE diff --git a/workflow/engine/data/mysql/insert.sql b/workflow/engine/data/mysql/insert.sql index e292db7d1..14659bfb5 100644 --- a/workflow/engine/data/mysql/insert.sql +++ b/workflow/engine/data/mysql/insert.sql @@ -58318,6 +58318,7 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE ( 'LABEL','ID_GRID_PAGE_NO_ROWS_MESSAGE','en','No rows to display','2014-01-15') , ( 'LABEL','ID_GRID_PAGE_NO_SKIN_MESSAGE','en','No skins to display','2014-01-15') , ( 'LABEL','ID_GRID_PAGE_NO_USERS_MESSAGE','en','No users to display','2014-01-15') , +( 'LABEL','ID_GRID_VARIABLE_NAME_ERROR','en','A valid variable starts with a letter or underscore, followed by any number of letters, numbers, or underscores. Variables with wrong names: {0}','2017-11-16') , ( 'LABEL','ID_GRID_WIZARD','en','ProcessMaker Grid Wizard','2014-01-15') , ( 'LABEL','ID_GROUP','en','Group','2014-01-15') , ( 'LABEL','ID_GROUPS','en','Groups','2014-01-15') , @@ -60295,6 +60296,7 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE ( 'LABEL','ID_PMTABLE_IMPORT_SUCCESS','en','File "{0}" imported successfully.','2014-01-15') , ( 'LABEL','ID_PMTABLE_IMPORT_WITH_ERRORS','en','File "{0}" imported but with errors:','2016-02-18') , ( 'LABEL','ID_PMTABLE_INVALID_FIELD_NAME','en','The following fields cannot be created because they contain the reserved words "{0}"','2014-10-21') , +( 'LABEL','ID_PMTABLE_INVALID_FIELD_NAME_VARIABLE','en','There is a conflict with some field names: "{0}", please rename them avoiding the use of numbers and considering that underscores are ignored when validating unique field names.','2018-04-03') , ( 'LABEL','ID_PMTABLE_INVALID_FILE','en','Invalid PM table(s) file, import aborted!','2014-01-15') , ( 'LABEL','ID_PMTABLE_INVALID_NAME','en','Could not create the table with the name "{0}" because it is a reserved word.','2014-01-15') , ( 'LABEL','ID_PMTABLE_NOT_FOUND','en','The PM Table associated with this DynaForm could not be found.','2014-11-12') , diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/DynaForm.php b/workflow/engine/src/ProcessMaker/BusinessModel/DynaForm.php index cea3ed5e7..d2c1bb2a9 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/DynaForm.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/DynaForm.php @@ -2,7 +2,11 @@ namespace ProcessMaker\BusinessModel; +use AdditionalTables; use DynaformHandler; +use Exception; +use G; +use PmDynaform; class DynaForm { @@ -407,6 +411,8 @@ class DynaForm $this->throwExceptionIfExistsTitle($processUid, $arrayData["DYN_TITLE"], $this->arrayFieldNameForException["dynaFormTitle"]); + $this->throwExceptionIfTheColumnIdentifierIsNotValid($arrayData); + //Create $dynaForm = new \Dynaform(); @@ -461,6 +467,8 @@ class DynaForm $this->throwExceptionIfExistsTitle($processUid, $arrayData["DYN_TITLE"], $this->arrayFieldNameForException["dynaFormTitle"], $dynaFormUid); } + $this->throwExceptionIfTheColumnIdentifierIsNotValid($arrayData); + //Update $arrayData["DYN_UID"] = $dynaFormUid; @@ -1131,4 +1139,74 @@ class DynaForm throw $e; } } + + /** + * Validates if the grid columns tha will be stored have valid names, otherwise + * it throws an exception. + * + * @param array $arrayData, form data that will be saved + * + * @throws Exception + */ + public function throwExceptionIfTheColumnIdentifierIsNotValid($arrayData) + { + if (isset($arrayData['DYN_CONTENT'])) { + $oldDynaform = $this->getDynaFormRecordByPk($arrayData['DYN_UID'], []); + $oldGrids = PmDynaform::getGridsAndFields($oldDynaform['DYN_CONTENT']); + $oldColumns = $this->getColumnsOfArrayGrids($oldGrids); + + $grids = PmDynaform::getGridsAndFields($arrayData['DYN_CONTENT']); + $columns = $this->getColumnsOfArrayGrids($grids); + + foreach ($oldColumns as $oldField) { + foreach ($columns as $key => $field) { + if ($oldField->id === $field->id) { + unset($columns[$key]); + break; + } + } + } + + $invalids = []; + $identicals = []; + foreach ($columns as $column) { + try { + Validator::isValidVariableName($column->id); + } catch (Exception $e) { + $invalids[] = $column->id; + } + foreach ($oldColumns as $oldColumn) { + if (strtolower(AdditionalTables::getPHPName($column->id)) === strtolower(AdditionalTables::getPHPName($oldColumn->id))) { + $identicals[] = "'" . $column->id . "' - '" . $oldColumn->id . "'"; + } + } + } + + if (count($invalids) > 0) { + throw (new Exception(G::LoadTranslation("ID_GRID_VARIABLE_NAME_ERROR", [implode(', ', $invalids)]))); + } + + if (count($identicals) > 0) { + throw (new Exception(G::LoadTranslation("DYNAFIELD_PHPNAME_ALREADY_EXIST", [implode(', ', $identicals)]))); + } + } + } + + /** + * Gets a list of all columns of the grid array. + * + * @param array $grids + * + * @return array + */ + private function getColumnsOfArrayGrids($grids) + { + $columns = []; + foreach ($grids as $grid) { + if (isset($grid->columns)) { + $columns = array_merge($columns, $grid->columns); + } + } + return $columns; + } } diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/ReportTable.php b/workflow/engine/src/ProcessMaker/BusinessModel/ReportTable.php index 2ea868a00..387257903 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/ReportTable.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/ReportTable.php @@ -1,8 +1,15 @@ loadByName($tableName); @@ -122,13 +129,7 @@ class ReportTable array_multisort($primaryKeyColumn, SORT_ASC, $contentData); foreach ($contentData as $row) { - $arrayResult = $this->createRecord( - [ - 'id' => $arrayAdditionalTableData['ADD_TAB_UID'], - 'rows' => base64_encode(serialize($row)), - ], - 'base64' - ); + $arrayResult = $this->createRecord(['id' => $arrayAdditionalTableData['ADD_TAB_UID'], 'rows' => base64_encode(serialize($row)),], 'base64'); if (!$arrayResult['success']) { $errors .= $arrayResult['message']; @@ -141,7 +142,7 @@ class ReportTable //Return return $errors; - } catch (\Exception $e) { + } catch (Exception $e) { throw $e; } } @@ -157,21 +158,20 @@ class ReportTable public function createRecord(array $arrayData, $codification = 'json') { try { - $additionalTable = new \AdditionalTables(); + $additionalTable = new AdditionalTables(); $arrayAdditionalTableData = $additionalTable->load($arrayData['id'], true); $additionalTableClassName = $arrayAdditionalTableData['ADD_TAB_CLASS_NAME']; $additionalTableClassPeerName = $additionalTableClassName . 'Peer'; - $row = ($codification == 'base64')? - unserialize(base64_decode($arrayData['rows'])) : \G::json_decode($arrayData['rows']); - $row = (array)($row); + $row = ($codification == 'base64') ? unserialize(base64_decode($arrayData['rows'])) : G::json_decode($arrayData['rows']); + $row = (array) ($row); $row = array_merge(array_change_key_case($row, CASE_LOWER), array_change_key_case($row, CASE_UPPER)); $flagSave = false; if (!file_exists(PATH_WORKSPACE . 'classes' . PATH_SEP . $additionalTableClassName . '.php')) { - throw new Exception(\G::LoadTranslation('ID_PMTABLE_CLASS_DOESNT_EXIST', [$additionalTableClassName])); + throw new Exception(G::LoadTranslation('ID_PMTABLE_CLASS_DOESNT_EXIST', [$additionalTableClassName])); } require_once(PATH_WORKSPACE . 'classes' . PATH_SEP . $additionalTableClassName . '.php'); @@ -188,17 +188,13 @@ class ReportTable $primaryKeysValues = []; foreach ($additionalTable->getPrimaryKeys() as $primaryKey) { - $method = 'get' . \AdditionalTables::getPHPName($primaryKey['FLD_NAME']); + $method = 'get' . AdditionalTables::getPHPName($primaryKey['FLD_NAME']); $primaryKeysValues[] = $obj->$method(); } - $index = \G::encrypt(implode(',', $primaryKeysValues), 'pmtable'); + $index = G::encrypt(implode(',', $primaryKeysValues), 'pmtable'); - \G::auditLog( - 'AddDataPmtable', - 'Table Name: ' . $arrayAdditionalTableData['ADD_TAB_NAME'] . - ' Table ID: (' . $arrayAdditionalTableData['ADD_TAB_UID'] . ')' - ); + G::auditLog('AddDataPmtable', 'Table Name: ' . $arrayAdditionalTableData['ADD_TAB_NAME'] . ' Table ID: (' . $arrayAdditionalTableData['ADD_TAB_UID'] . ')'); $flagSave = true; } else { @@ -208,10 +204,7 @@ class ReportTable $msg .= $objValidationFailure->getMessage() . "\n"; } - throw new Exception( - \G::LoadTranslation('ID_ERROR_TRYING_INSERT') . - '"' . $arrayAdditionalTableData['ADD_TAB_NAME'] . "\"\n" . $msg - ); + throw new Exception(G::LoadTranslation('ID_ERROR_TRYING_INSERT') . '"' . $arrayAdditionalTableData['ADD_TAB_NAME'] . "\"\n" . $msg); } } else { $flagSave = false; @@ -220,11 +213,11 @@ class ReportTable //Return return [ 'success' => $flagSave, - 'message' => ($flagSave)? \G::LoadTranslation('ID_RECORD_SAVED_SUCCESFULLY') : '', - 'rows' => ($flagSave)? $obj->toArray(\BasePeer::TYPE_FIELDNAME) : [], - 'index' => ($flagSave)? $index : '', + 'message' => ($flagSave) ? G::LoadTranslation('ID_RECORD_SAVED_SUCCESFULLY') : '', + 'rows' => ($flagSave) ? $obj->toArray(\BasePeer::TYPE_FIELDNAME) : [], + 'index' => ($flagSave) ? $index : '', ]; - } catch (\Exception $e) { + } catch (Exception $e) { throw $e; } } @@ -240,13 +233,8 @@ class ReportTable * * @return array */ - public function checkPmtFileThrowErrors( - array $arrayTableSchema, - $processUid, - $flagFromAdmin, - $flagOverwrite, - $postProUid - ) { + public function checkPmtFileThrowErrors(array $arrayTableSchema, $processUid, $flagFromAdmin, $flagOverwrite, $postProUid) + { try { $arrayError = []; @@ -254,7 +242,7 @@ class ReportTable $processMap = new \ProcessMap(); $arrayProcessUid = []; - foreach (\G::json_decode($processMap->getAllProcesses()) as $value) { + foreach (G::json_decode($processMap->getAllProcesses()) as $value) { if ($value->value != '') { $arrayProcessUid[] = $value->value; } @@ -266,19 +254,19 @@ class ReportTable $contentSchema = $value; //The table exists? - $additionalTable = new \AdditionalTables(); + $additionalTable = new AdditionalTables(); $arrayAdditionalTableData = $additionalTable->loadByName($contentSchema['ADD_TAB_NAME']); - $tableProUid = (isset($contentSchema['PRO_UID']))? $contentSchema['PRO_UID'] : $postProUid; - $flagIsPmTable = ($contentSchema['PRO_UID'] == '')? true : false; + $tableProUid = (isset($contentSchema['PRO_UID'])) ? $contentSchema['PRO_UID'] : $postProUid; + $flagIsPmTable = ($contentSchema['PRO_UID'] == '') ? true : false; if ($flagFromAdmin) { if ($flagIsPmTable) { if ($arrayAdditionalTableData && !$flagOverwrite) { $arrayError[$i]['NAME_TABLE'] = $contentSchema['ADD_TAB_NAME']; $arrayError[$i]['ERROR_TYPE'] = 1; //ERROR_PM_TABLES_OVERWRITE - $arrayError[$i]['ERROR_MESS'] = \G::LoadTranslation('ID_OVERWRITE_PMTABLE', [$contentSchema['ADD_TAB_NAME']]); + $arrayError[$i]['ERROR_MESS'] = G::LoadTranslation('ID_OVERWRITE_PMTABLE', [$contentSchema['ADD_TAB_NAME']]); $arrayError[$i]['IS_PMTABLE'] = $flagIsPmTable; $arrayError[$i]['PRO_UID'] = $tableProUid; } @@ -286,14 +274,14 @@ class ReportTable if (!in_array($tableProUid, $arrayProcessUid)) { $arrayError[$i]['NAME_TABLE'] = $contentSchema['ADD_TAB_NAME']; $arrayError[$i]['ERROR_TYPE'] = 2; //ERROR_PROCESS_NOT_EXIST - $arrayError[$i]['ERROR_MESS'] = \G::LoadTranslation('ID_PROCESS_NOT_EXIST', [$contentSchema['ADD_TAB_NAME']]); + $arrayError[$i]['ERROR_MESS'] = G::LoadTranslation('ID_PROCESS_NOT_EXIST', [$contentSchema['ADD_TAB_NAME']]); $arrayError[$i]['IS_PMTABLE'] = $flagIsPmTable; $arrayError[$i]['PRO_UID'] = $tableProUid; } else { if ($arrayAdditionalTableData && !$flagOverwrite) { $arrayError[$i]['NAME_TABLE'] = $contentSchema['ADD_TAB_NAME']; $arrayError[$i]['ERROR_TYPE'] = 3; //ERROR_RP_TABLES_OVERWRITE - $arrayError[$i]['ERROR_MESS'] = \G::LoadTranslation('ID_OVERWRITE_RPTABLE', [$contentSchema['ADD_TAB_NAME']]); + $arrayError[$i]['ERROR_MESS'] = G::LoadTranslation('ID_OVERWRITE_RPTABLE', [$contentSchema['ADD_TAB_NAME']]); $arrayError[$i]['IS_PMTABLE'] = $flagIsPmTable; $arrayError[$i]['PRO_UID'] = $tableProUid; } @@ -303,21 +291,21 @@ class ReportTable if ($flagIsPmTable) { $arrayError[$i]['NAME_TABLE'] = $contentSchema['ADD_TAB_NAME']; $arrayError[$i]['ERROR_TYPE'] = 4; //ERROR_NO_REPORT_TABLE - $arrayError[$i]['ERROR_MESS'] = \G::LoadTranslation('ID_NO_REPORT_TABLE', [$contentSchema['ADD_TAB_NAME']]); + $arrayError[$i]['ERROR_MESS'] = G::LoadTranslation('ID_NO_REPORT_TABLE', [$contentSchema['ADD_TAB_NAME']]); $arrayError[$i]['IS_PMTABLE'] = $flagIsPmTable; $arrayError[$i]['PRO_UID'] = $tableProUid; } else { if ($tableProUid !== $processUid) { $arrayError[$i]['NAME_TABLE'] = $contentSchema['ADD_TAB_NAME']; $arrayError[$i]['ERROR_TYPE'] = 5; //ERROR_OVERWRITE_RELATED_PROCESS - $arrayError[$i]['ERROR_MESS'] = \G::LoadTranslation('ID_OVERWRITE_RELATED_PROCESS', [$contentSchema['ADD_TAB_NAME']]); + $arrayError[$i]['ERROR_MESS'] = G::LoadTranslation('ID_OVERWRITE_RELATED_PROCESS', [$contentSchema['ADD_TAB_NAME']]); $arrayError[$i]['IS_PMTABLE'] = $flagIsPmTable; $arrayError[$i]['PRO_UID'] = $tableProUid; } else { if ($arrayAdditionalTableData && !$flagOverwrite) { $arrayError[$i]['NAME_TABLE'] = $contentSchema['ADD_TAB_NAME']; $arrayError[$i]['ERROR_TYPE'] = 3; //ERROR_RP_TABLES_OVERWRITE - $arrayError[$i]['ERROR_MESS'] = \G::LoadTranslation('ID_OVERWRITE_RPTABLE', [$contentSchema['ADD_TAB_NAME']]); + $arrayError[$i]['ERROR_MESS'] = G::LoadTranslation('ID_OVERWRITE_RPTABLE', [$contentSchema['ADD_TAB_NAME']]); $arrayError[$i]['IS_PMTABLE'] = $flagIsPmTable; $arrayError[$i]['PRO_UID'] = $tableProUid; } @@ -330,7 +318,7 @@ class ReportTable //Return return $arrayError; - } catch (\Exception $e) { + } catch (Exception $e) { throw $e; } } @@ -351,9 +339,9 @@ class ReportTable $additionalTableUid = $arrayData['REP_TAB_UID']; $flagNew = 0; - $additionalTables = \AdditionalTablesPeer::retrieveByPK($arrayData['REP_TAB_UID']); + $additionalTables = AdditionalTablesPeer::retrieveByPK($arrayData['REP_TAB_UID']); - if (!is_null($additionalTables)){ + if (!is_null($additionalTables)) { $arrayData['REP_TAB_NAME'] = 'PMT_' . trim($arrayData['REP_TAB_NAME']); if ($additionalTables->getAddTabName() != $arrayData['REP_TAB_NAME']) { @@ -365,7 +353,7 @@ class ReportTable ob_start(); $arrayData['PRO_UID'] = trim($arrayData['PRO_UID']); - $arrayData['columns'] = \G::json_decode(stripslashes($arrayData['columns'])); //Decofing data columns + $arrayData['columns'] = G::json_decode(stripslashes($arrayData['columns'])); //Decofing data columns if ($flagNew == 1) { $arrayNewColumn = []; @@ -387,27 +375,27 @@ class ReportTable $arrayData['columns'] = $arrayNewColumn; } - $additionalTable = new \AdditionalTables(); + $additionalTable = new AdditionalTables(); $repTabClassName = $additionalTable->getPHPName($arrayData['REP_TAB_NAME']); - $flagIsReportTable = ($arrayData['PRO_UID'] != '')? true : false; + $flagIsReportTable = ($arrayData['PRO_UID'] != '') ? true : false; $columns = $arrayData['columns']; //Reserved Words Table $reservedWords = [ - 'ALTER', 'CLOSE', 'COMMIT', 'CREATE','DECLARE','DELETE','DROP','FETCH','FUNCTION','GRANT','INDEX', - 'INSERT','OPEN','REVOKE','ROLLBACK','SELECT','SYNONYM','TABLE','UPDATE','VIEW','APP_UID','ROW','PMTABLE' + 'ALTER', 'CLOSE', 'COMMIT', 'CREATE', 'DECLARE', 'DELETE', 'DROP', 'FETCH', 'FUNCTION', 'GRANT', 'INDEX', + 'INSERT', 'OPEN', 'REVOKE', 'ROLLBACK', 'SELECT', 'SYNONYM', 'TABLE', 'UPDATE', 'VIEW', 'APP_UID', 'ROW', 'PMTABLE' ]; //Reserved Words Field $reservedWordsPhp = [ - 'case','catch','cfunction','class','clone','const','continue','declare','default','do','else','elseif', - 'enddeclare','endfor','endforeach','endif','endswitch','endwhile','extends','final','for','foreach', - 'function','global','goto','if','implements','interface','instanceof','private','namespace','new', - 'old_function','or','throw','protected','public','static','switch','xor','try','use','var','while' + 'case', 'catch', 'cfunction', 'class', 'clone', 'const', 'continue', 'declare', 'default', 'do', 'else', 'elseif', + 'enddeclare', 'endfor', 'endforeach', 'endif', 'endswitch', 'endwhile', 'extends', 'final', 'for', 'foreach', + 'function', 'global', 'goto', 'if', 'implements', 'interface', 'instanceof', 'private', 'namespace', 'new', + 'old_function', 'or', 'throw', 'protected', 'public', 'static', 'switch', 'xor', 'try', 'use', 'var', 'while' ]; - $reservedWordsSql = \G::reservedWordsSql(); + $reservedWordsSql = G::reservedWordsSql(); //Verify if exists if ($arrayData['REP_TAB_UID'] == '' || (isset($arrayData['forceUid']) && $arrayData['forceUid'])) { @@ -419,23 +407,25 @@ class ReportTable } //Validations - if ($additionalTable->loadByName($arrayData['REP_TAB_NAME'])) { - throw new \Exception(\G::LoadTranslation('ID_PMTABLE_ALREADY_EXISTS', [$arrayData['REP_TAB_NAME']])); + if (is_array($additionalTable->loadByName($arrayData['REP_TAB_NAME']))) { + throw new Exception(G::LoadTranslation('ID_PMTABLE_ALREADY_EXISTS', [$arrayData['REP_TAB_NAME']])); } if (in_array(strtoupper($arrayData['REP_TAB_NAME']), $reservedWords) || - in_array(strtoupper($arrayData['REP_TAB_NAME']), $reservedWordsSql) + in_array(strtoupper($arrayData['REP_TAB_NAME']), $reservedWordsSql) ) { - throw new \Exception(\G::LoadTranslation('ID_PMTABLE_INVALID_NAME', [$arrayData['REP_TAB_NAME']])); + throw new Exception(G::LoadTranslation('ID_PMTABLE_INVALID_NAME', [$arrayData['REP_TAB_NAME']])); } } + $this->validateFieldName($columns); + //Backward compatility foreach ($columns as $i => $column) { if (in_array(strtoupper($columns[$i]->field_name), $reservedWordsSql) || - in_array(strtolower($columns[$i]->field_name), $reservedWordsPhp) + in_array(strtolower($columns[$i]->field_name), $reservedWordsPhp) ) { - throw new \Exception(\G::LoadTranslation('ID_PMTABLE_INVALID_FIELD_NAME', [$columns[$i]->field_name])); + throw new Exception(G::LoadTranslation('ID_PMTABLE_INVALID_FIELD_NAME', [$columns[$i]->field_name])); } switch ($column->field_type) { @@ -475,19 +465,19 @@ class ReportTable } $pmTable->build(); - + $buildResult = ob_get_contents(); ob_end_clean(); //Updating additional table struture information $addTabData = [ - 'ADD_TAB_UID' => $arrayData['REP_TAB_UID'], + 'ADD_TAB_UID' => $arrayData['REP_TAB_UID'], 'ADD_TAB_NAME' => $arrayData['REP_TAB_NAME'], - 'ADD_TAB_CLASS_NAME' => $repTabClassName, + 'ADD_TAB_CLASS_NAME' => $repTabClassName, 'ADD_TAB_DESCRIPTION' => $arrayData['REP_TAB_DSC'], 'ADD_TAB_PLG_UID' => '', - 'DBS_UID' => ($arrayData['REP_TAB_CONNECTION'])? $arrayData['REP_TAB_CONNECTION'] : 'workflow', + 'DBS_UID' => ($arrayData['REP_TAB_CONNECTION']) ? $arrayData['REP_TAB_CONNECTION'] : 'workflow', 'PRO_UID' => $arrayData['PRO_UID'], 'ADD_TAB_TYPE' => $arrayData['REP_TAB_TYPE'], 'ADD_TAB_GRID' => $arrayData['REP_TAB_GRID'] @@ -514,37 +504,30 @@ class ReportTable foreach ($columns as $i => $column) { $field->create([ - 'FLD_UID' => $column->uid, - 'FLD_INDEX' => $i, + 'FLD_UID' => $column->uid, + 'FLD_INDEX' => $i, 'ADD_TAB_UID' => $addTabUid, 'FLD_NAME' => $column->field_name, 'FLD_DESCRIPTION' => $column->field_label, 'FLD_TYPE' => $column->field_type, - 'FLD_SIZE' => ($column->field_size == '')? null : $column->field_size, - 'FLD_NULL' => ($column->field_null)? 1 : 0, - 'FLD_AUTO_INCREMENT' => ($column->field_autoincrement)? 1 : 0, - 'FLD_KEY' => ($column->field_key)? 1 : 0, - 'FLD_TABLE_INDEX' => (isset($column->field_index) && $column->field_index)? 1 : 0, + 'FLD_SIZE' => ($column->field_size == '') ? null : $column->field_size, + 'FLD_NULL' => ($column->field_null) ? 1 : 0, + 'FLD_AUTO_INCREMENT' => ($column->field_autoincrement) ? 1 : 0, + 'FLD_KEY' => ($column->field_key) ? 1 : 0, + 'FLD_TABLE_INDEX' => (isset($column->field_index) && $column->field_index) ? 1 : 0, 'FLD_FOREIGN_KEY' => 0, 'FLD_FOREIGN_KEY_TABLE' => '', 'FLD_DYN_NAME' => $column->field_dyn, - 'FLD_DYN_UID' => $column->field_uid, - 'FLD_FILTER' => (isset($column->field_filter) && $column->field_filter)? 1 : 0 + 'FLD_DYN_UID' => $column->field_uid, + 'FLD_FILTER' => (isset($column->field_filter) && $column->field_filter) ? 1 : 0 ]); } if ($flagIsReportTable && $flagAlterTable) { //The table was create successfully but we're catching problems while populating table try { - $additionalTable->populateReportTable( - $arrayData['REP_TAB_NAME'], - $pmTable->getDataSource(), - $arrayData['REP_TAB_TYPE'], - $arrayData['PRO_UID'], - $arrayData['REP_TAB_GRID'], - $addTabUid - ); - } catch (\Exception $e) { + $additionalTable->populateReportTable($arrayData['REP_TAB_NAME'], $pmTable->getDataSource(), $arrayData['REP_TAB_TYPE'], $arrayData['PRO_UID'], $arrayData['REP_TAB_GRID'], $addTabUid); + } catch (Exception $e) { $result->message = $result->msg = $e->getMessage(); } } @@ -561,10 +544,7 @@ class ReportTable } } - \G::auditLog( - (isset($arrayData['REP_TAB_UID']) && $arrayData['REP_TAB_UID'] == '')? - 'CreatePmtable' : 'UpdatePmtable', 'Fields: ' . $fieldsName - ); + G::auditLog((isset($arrayData['REP_TAB_UID']) && $arrayData['REP_TAB_UID'] == '') ? 'CreatePmtable' : 'UpdatePmtable', 'Fields: ' . $fieldsName); $result->success = true; $result->message = $result->msg = $buildResult; @@ -575,12 +555,12 @@ class ReportTable $pmTablesProxy = new \pmTablesProxy(); $obj = new \stdClass(); - $obj->rows = \G::json_encode([['id' => $additionalTableUid, 'type' => '']]); + $obj->rows = G::json_encode([['id' => $additionalTableUid, 'type' => '']]); //Delete Report Table $resultDeleteReportTable = $pmTablesProxy->delete($obj); } - } catch (\Exception $e) { + } catch (Exception $e) { $buildResult = ob_get_contents(); ob_end_clean(); @@ -593,7 +573,7 @@ class ReportTable $result->type = ucfirst($pmTable->getDbConfig()->adapter); } else { $result->message = $result->msg = $e->getMessage(); - $result->type = \G::LoadTranslation('ID_EXCEPTION'); + $result->type = G::LoadTranslation('ID_EXCEPTION'); } $result->trace = $e->getTraceAsString(); @@ -616,15 +596,8 @@ class ReportTable * * @return string */ - public function createStructureOfTables( - array $arrayTableSchema, - array $arrayTableData, - $processUid, - $flagFromAdmin, - $flagOverwrite = true, - array $arrayTablesToExclude = [], - array $arrayTablesToCreate = [] - ) { + public function createStructureOfTables(array $arrayTableSchema, array $arrayTableData, $processUid, $flagFromAdmin, $flagOverwrite = true, array $arrayTablesToExclude = [], array $arrayTablesToCreate = []) + { try { $errors = ''; @@ -636,7 +609,7 @@ class ReportTable $contentSchema = $value; if (!in_array($contentSchema['ADD_TAB_NAME'], $arrayTablesToExclude)) { - $additionalTable = new \AdditionalTables(); + $additionalTable = new AdditionalTables(); $arrayAdditionalTableData = $additionalTable->loadByName($contentSchema['ADD_TAB_NAME']); @@ -644,7 +617,7 @@ class ReportTable $tableData = new \stdClass(); - if (isset( $contentSchema['PRO_UID'] )) { + if (isset($contentSchema['PRO_UID'])) { $tableData->PRO_UID = $contentSchema['PRO_UID']; } else { $tableData->PRO_UID = $_POST['form']['PRO_UID']; @@ -673,9 +646,9 @@ class ReportTable //renaming... $tNameOld = $contentSchema['ADD_TAB_NAME']; $newTableName = $contentSchema['ADD_TAB_NAME'] . '_' . date('YmdHis'); - $contentSchema['ADD_TAB_UID'] = \G::generateUniqueID(); + $contentSchema['ADD_TAB_UID'] = G::generateUniqueID(); $contentSchema['ADD_TAB_NAME'] = $newTableName; - $contentSchema['ADD_TAB_CLASS_NAME'] = \AdditionalTables::getPHPName($newTableName); + $contentSchema['ADD_TAB_CLASS_NAME'] = AdditionalTables::getPHPName($newTableName); //Mapping the table name for posterior uses $tableNameMap[$tNameOld] = $contentSchema['ADD_TAB_NAME']; @@ -691,17 +664,17 @@ class ReportTable foreach ($contentSchema['FIELDS'] as $field) { $columns[] = [ - 'uid' => '', - 'field_uid' => '', - 'field_name' => $field['FLD_NAME'], - 'field_dyn' => (isset($field['FLD_DYN_NAME']))? $field['FLD_DYN_NAME'] : '', - 'field_label' => (isset($field['FLD_DESCRIPTION']))? $field['FLD_DESCRIPTION'] : '', - 'field_type' => $field['FLD_TYPE'], - 'field_size' => $field['FLD_SIZE'], - 'field_key' => (isset($field['FLD_KEY']))? $field['FLD_KEY'] : 0, - 'field_null' => (isset($field['FLD_NULL']))? $field['FLD_NULL'] : 1, - 'field_autoincrement' => (isset($field['FLD_AUTO_INCREMENT']))? - $field['FLD_AUTO_INCREMENT'] : 0 + 'uid' => '', + 'field_uid' => '', + 'field_name' => $field['FLD_NAME'], + 'field_dyn' => (isset($field['FLD_DYN_NAME'])) ? $field['FLD_DYN_NAME'] : '', + 'field_label' => (isset($field['FLD_DESCRIPTION'])) ? $field['FLD_DESCRIPTION'] : '', + 'field_type' => $field['FLD_TYPE'], + 'field_size' => $field['FLD_SIZE'], + 'field_key' => (isset($field['FLD_KEY'])) ? $field['FLD_KEY'] : 0, + 'field_null' => (isset($field['FLD_NULL'])) ? $field['FLD_NULL'] : 1, + 'field_autoincrement' => (isset($field['FLD_AUTO_INCREMENT'])) ? + $field['FLD_AUTO_INCREMENT'] : 0 ]; } @@ -709,23 +682,21 @@ class ReportTable $tableData->REP_TAB_NAME = $contentSchema['ADD_TAB_NAME']; $tableData->REP_TAB_DSC = $contentSchema['ADD_TAB_DESCRIPTION']; $tableData->REP_TAB_CONNECTION = $contentSchema['DBS_UID']; - $tableData->REP_TAB_TYPE = (isset($contentSchema['ADD_TAB_TYPE']))? $contentSchema['ADD_TAB_TYPE'] : ''; - $tableData->REP_TAB_GRID = (isset($contentSchema['ADD_TAB_GRID']))? $contentSchema['ADD_TAB_GRID'] : ''; - $tableData->columns = \G::json_encode($columns); + $tableData->REP_TAB_TYPE = (isset($contentSchema['ADD_TAB_TYPE'])) ? $contentSchema['ADD_TAB_TYPE'] : ''; + $tableData->REP_TAB_GRID = (isset($contentSchema['ADD_TAB_GRID'])) ? $contentSchema['ADD_TAB_GRID'] : ''; + $tableData->columns = G::json_encode($columns); $tableData->forceUid = true; //Save the table $alterTable = false; - $result = $this->saveStructureOfTable((array)($tableData), $alterTable); + $result = $this->saveStructureOfTable((array) ($tableData), $alterTable); if ($result->success) { - \G::auditLog( - 'ImportTable', $contentSchema['ADD_TAB_NAME'] . ' (' . $contentSchema['ADD_TAB_UID'] . ')' - ); + G::auditLog('ImportTable', $contentSchema['ADD_TAB_NAME'] . ' (' . $contentSchema['ADD_TAB_UID'] . ')'); $processQueueTables[$contentSchema['DBS_UID']][] = $contentSchema['ADD_TAB_NAME']; } else { - $errors .= \G::LoadTranslation('ID_ERROR_CREATE_TABLE') . $tableData->REP_TAB_NAME . '-> ' . $result->message . '\n\n'; + $errors .= G::LoadTranslation('ID_ERROR_CREATE_TABLE') . $tableData->REP_TAB_NAME . '-> ' . $result->message . '\n\n'; } } } @@ -747,9 +718,38 @@ class ReportTable //Return return $errors; - } catch (\Exception $e) { + } catch (Exception $e) { throw $e; } } -} + /** + * Throw an exception if the column is not valid for the creation of the field + * in the classes managed by propel. + * + * @param array $columns + * @throws Exception + */ + private function validateFieldName($columns) + { + $validFields = []; + $invalidFields = []; + foreach ($columns as $column) { + try { + $fieldName = $column->field_name; + Validator::isValidVariableName($fieldName); + $fieldName = strtolower(AdditionalTables::getPHPName($fieldName)); + if (in_array($fieldName, $validFields)) { + $invalidFields[] = $fieldName; + } else { + $validFields[] = $fieldName; + } + } catch (Exception $e) { + $invalidFields[] = $fieldName; + } + } + if (!empty($invalidFields)) { + throw new Exception(G::LoadTranslation('ID_PMTABLE_INVALID_FIELD_NAME_VARIABLE', $invalidFields)); + } + } +} diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Validator.php b/workflow/engine/src/ProcessMaker/BusinessModel/Validator.php index 5c61055ae..54fde9163 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/Validator.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/Validator.php @@ -1,6 +1,10 @@ @@ -26,19 +30,19 @@ class Validator { $dep_uid = trim($dep_uid); if ($dep_uid == '') { - throw (new \Exception(\G::LoadTranslation("ID_DEPARTMENT_NOT_EXIST", array($nameField,'')))); + throw (new Exception(G::LoadTranslation("ID_DEPARTMENT_NOT_EXIST", array($nameField, '')))); } $oDepartment = new \Department(); if (!($oDepartment->existsDepartment($dep_uid))) { - throw (new \Exception(\G::LoadTranslation("ID_DEPARTMENT_NOT_EXIST", array($nameField,$dep_uid)))); + throw (new Exception(G::LoadTranslation("ID_DEPARTMENT_NOT_EXIST", array($nameField, $dep_uid)))); } return $dep_uid; } /** * Validate dep_status - * @var string $dep_uid. Uid for Departament - * @var string $nameField. Name of field for message + * @var string $dep_uid . Uid for Departament + * @var string $nameField . Name of field for message * * @access public * @author Brayan Pereyra (Cochalo) @@ -51,7 +55,7 @@ class Validator $dep_status = trim($dep_status); $values = array('ACTIVE', 'INACTIVE'); if (!in_array($dep_status, $values)) { - throw (new \Exception(\G::LoadTranslation("ID_DEPARTMENT_NOT_EXIST", array('dep_status',$dep_status)))); + throw (new Exception(G::LoadTranslation("ID_DEPARTMENT_NOT_EXIST", array('dep_status', $dep_status)))); } return $dep_status; } @@ -59,7 +63,7 @@ class Validator /** * Validate usr_uid * - * @param string $usr_uid, Uid for user + * @param string $usr_uid , Uid for user * @param string $nameField . Name of field for message * * @access public @@ -72,11 +76,11 @@ class Validator { $usr_uid = trim($usr_uid); if ($usr_uid == '') { - throw (new \Exception(\G::LoadTranslation("ID_USER_NOT_EXIST", array($nameField,'')))); + throw (new Exception(G::LoadTranslation("ID_USER_NOT_EXIST", array($nameField, '')))); } $oUsers = new \Users(); if (!($oUsers->userExists($usr_uid))) { - throw (new \Exception(\G::LoadTranslation("ID_USER_NOT_EXIST", array($nameField,$usr_uid)))); + throw (new Exception(G::LoadTranslation("ID_USER_NOT_EXIST", array($nameField, $usr_uid)))); } return $usr_uid; } @@ -84,7 +88,7 @@ class Validator /** * Validate app_uid * - * @param string $app_uid, Uid for application + * @param string $app_uid , Uid for application * @param string $nameField . Name of field for message * * @access public @@ -97,11 +101,11 @@ class Validator { $app_uid = trim($app_uid); if ($app_uid == '') { - throw (new \Exception(\G::LoadTranslation("ID_APPLICATION_NOT_EXIST", array($nameField,'')))); + throw (new Exception(G::LoadTranslation("ID_APPLICATION_NOT_EXIST", array($nameField, '')))); } $oApplication = new \Application(); if (!($oApplication->exists($app_uid))) { - throw (new \Exception(\G::LoadTranslation("ID_APPLICATION_NOT_EXIST", array($nameField,$app_uid)))); + throw (new Exception(G::LoadTranslation("ID_APPLICATION_NOT_EXIST", array($nameField, $app_uid)))); } return $app_uid; } @@ -109,7 +113,7 @@ class Validator /** * Validate app_uid * - * @param string $tri_uid, Uid for trigger + * @param string $tri_uid , Uid for trigger * @param string $nameField . Name of field for message * * @access public @@ -122,11 +126,11 @@ class Validator { $tri_uid = trim($tri_uid); if ($tri_uid == '') { - throw (new \Exception(\G::LoadTranslation("ID_TRIGGER_NOT_EXIST", array($nameField,'')))); + throw (new Exception(G::LoadTranslation("ID_TRIGGER_NOT_EXIST", array($nameField, '')))); } $oTriggers = new \Triggers(); if (!($oTriggers->TriggerExists($tri_uid))) { - throw (new \Exception(\G::LoadTranslation("ID_TRIGGER_NOT_EXIST", array($nameField,$tri_uid)))); + throw (new Exception(G::LoadTranslation("ID_TRIGGER_NOT_EXIST", array($nameField, $tri_uid)))); } return $tri_uid; } @@ -134,7 +138,7 @@ class Validator /** * Validate pro_uid * - * @param string $pro_uid, Uid for process + * @param string $pro_uid , Uid for process * @param string $nameField . Name of field for message * * @access public @@ -147,11 +151,11 @@ class Validator { $pro_uid = trim($pro_uid); if ($pro_uid == '') { - throw (new \Exception(\G::LoadTranslation("ID_PROCESS_NOT_EXIST", array($nameField,'')))); + throw (new Exception(G::LoadTranslation("ID_PROCESS_NOT_EXIST", array($nameField, '')))); } $oProcess = new \Process(); if (!($oProcess->exists($pro_uid))) { - throw (new \Exception(\G::LoadTranslation("ID_PROCESS_NOT_EXIST", array($nameField,$pro_uid)))); + throw (new Exception(G::LoadTranslation("ID_PROCESS_NOT_EXIST", array($nameField, $pro_uid)))); } return $pro_uid; } @@ -159,7 +163,7 @@ class Validator /** * Validate cat_uid * - * @param string $cat_uid, Uid for category + * @param string $cat_uid , Uid for category * @param string $nameField . Name of field for message * * @access public @@ -172,11 +176,11 @@ class Validator { $cat_uid = trim($cat_uid); if ($cat_uid == '') { - throw (new \Exception(\G::LoadTranslation("ID_CATEGORY_NOT_EXIST", array($nameField,'')))); + throw (new Exception(G::LoadTranslation("ID_CATEGORY_NOT_EXIST", array($nameField, '')))); } $oCategory = new \ProcessCategory(); if (!($oCategory->exists($cat_uid))) { - throw (new \Exception(\G::LoadTranslation("ID_CATEGORY_NOT_EXIST", array($nameField,$cat_uid)))); + throw (new Exception(G::LoadTranslation("ID_CATEGORY_NOT_EXIST", array($nameField, $cat_uid)))); } return $cat_uid; } @@ -184,7 +188,7 @@ class Validator /** * Validate date * - * @param string $date, Date for validate + * @param string $date , Date for validate * @param string $nameField . Name of field for message * * @access public @@ -197,18 +201,18 @@ class Validator { $date = trim($date); if ($date == '') { - throw (new \Exception(\G::LoadTranslation("ID_DATE_NOT_VALID", array('',$format)))); + throw (new Exception(G::LoadTranslation("ID_DATE_NOT_VALID", array('', $format)))); } $d = \DateTime::createFromFormat($format, $date); if (!($d && $d->format($format) == $date)) { - throw (new \Exception(\G::LoadTranslation("ID_DATE_NOT_VALID", array($date,$format)))); + throw (new Exception(G::LoadTranslation("ID_DATE_NOT_VALID", array($date, $format)))); } return $date; } /** * Validate is array - * @var array $field. Field type array + * @var array $field . Field type array * * @access public * @author Brayan Pereyra (Cochalo) @@ -219,13 +223,13 @@ class Validator static public function isArray($field, $nameField) { if (!is_array($field)) { - throw (new \Exception(\G::LoadTranslation("ID_INVALID_VALUE_ARRAY", array($nameField)))); + throw (new Exception(G::LoadTranslation("ID_INVALID_VALUE_ARRAY", array($nameField)))); } } /** * Validate is string - * @var array $field. Field type string + * @var array $field . Field type string * * @access public * @author Brayan Pereyra (Cochalo) @@ -236,13 +240,13 @@ class Validator static public function isString($field, $nameField) { if (!is_string($field)) { - throw (new \Exception(\G::LoadTranslation("ID_INVALID_VALUE_STRING", array($nameField)))); + throw (new Exception(G::LoadTranslation("ID_INVALID_VALUE_STRING", array($nameField)))); } } /** * Validate is integer - * @var array $field. Field type integer + * @var array $field . Field type integer * * @access public * @author Brayan Pereyra (Cochalo) @@ -253,13 +257,13 @@ class Validator static public function isInteger($field, $nameField) { if (!is_integer($field)) { - throw (new \Exception(\G::LoadTranslation("ID_INVALID_VALUE_INTEGER", array($nameField)))); + throw (new Exception(G::LoadTranslation("ID_INVALID_VALUE_INTEGER", array($nameField)))); } } /** * Validate is boolean - * @var boolean $field. Field type boolean + * @var boolean $field . Field type boolean * * @access public * @author Brayan Pereyra (Cochalo) @@ -270,13 +274,13 @@ class Validator static public function isBoolean($field, $nameField) { if (!is_bool($field)) { - throw (new \Exception(\G::LoadTranslation("ID_INVALID_VALUE_BOOLEAN", array($nameField)))); + throw (new Exception(G::LoadTranslation("ID_INVALID_VALUE_BOOLEAN", array($nameField)))); } } /** * Validate is boolean - * @var boolean $field. Field type boolean + * @var boolean $field . Field type boolean * * @access public * @author Brayan Pereyra (Cochalo) @@ -287,14 +291,28 @@ class Validator static public function isNotEmpty($field, $nameField) { if (empty($field)) { - throw (new \Exception(\G::LoadTranslation("ID_INVALID_VALUE_IS_EMPTY", array($nameField)))); + throw (new Exception(G::LoadTranslation("ID_INVALID_VALUE_IS_EMPTY", array($nameField)))); + } + } + + /** + * Validate a variable name + * @param $nameField + * @throws \Exception + * @return void + */ + static public function isValidVariableName($nameField) + { + $resp = preg_match(config('constants.validation.pmVariable.regEx'), $nameField, $matches); + if (isset($resp) && $resp === 0) { + throw (new Exception(G::LoadTranslation("ID_INVALID_NAME", array($nameField)))); } } /** * Verify if data is array * - * @param string $data Data + * @param string $data Data * @param string $dataNameForException Data name for the exception * * return void Throw exception if data is not array @@ -303,9 +321,9 @@ class Validator { try { if (!is_array($data)) { - throw new \Exception(\G::LoadTranslation("ID_INVALID_VALUE_THIS_MUST_BE_ARRAY", array($dataNameForException))); + throw new Exception(G::LoadTranslation("ID_INVALID_VALUE_THIS_MUST_BE_ARRAY", array($dataNameForException))); } - } catch (\Exception $e) { + } catch (Exception $e) { throw $e; } } @@ -313,7 +331,7 @@ class Validator /** * Verify if data is empty * - * @param string $data Data + * @param string $data Data * @param string $dataNameForException Data name for the exception * * return void Throw exception if data is empty @@ -322,9 +340,9 @@ class Validator { try { if (empty($data)) { - throw new \Exception(\G::LoadTranslation("ID_INVALID_VALUE_CAN_NOT_BE_EMPTY", array($dataNameForException))); + throw new Exception(G::LoadTranslation("ID_INVALID_VALUE_CAN_NOT_BE_EMPTY", array($dataNameForException))); } - } catch (\Exception $e) { + } catch (Exception $e) { throw $e; } } @@ -332,7 +350,7 @@ class Validator /** * Validate data by ISO 8601 format * - * @param mixed $data Data + * @param mixed $data Data * @param mixed $field Fields * * @return void Throw exception if data has an invalid value @@ -352,7 +370,7 @@ class Validator switch (gettype($data)) { case 'string': if (trim($data) != '' && !preg_match('/^' . $regexpIso8601 . '$/', $data)) { - throw new \Exception(\G::LoadTranslation('ID_ISO8601_INVALID_FORMAT', [(!is_null($field) && is_string($field))? $field : $data])); + throw new Exception(G::LoadTranslation('ID_ISO8601_INVALID_FORMAT', [(!is_null($field) && is_string($field)) ? $field : $data])); } break; case 'array': @@ -360,17 +378,17 @@ class Validator foreach ($field as $value) { $fieldName = $value; - $fieldName = (isset($data[strtoupper($fieldName)]))? strtoupper($fieldName) : $fieldName; - $fieldName = (isset($data[strtolower($fieldName)]))? strtolower($fieldName) : $fieldName; + $fieldName = (isset($data[strtoupper($fieldName)])) ? strtoupper($fieldName) : $fieldName; + $fieldName = (isset($data[strtolower($fieldName)])) ? strtolower($fieldName) : $fieldName; if (isset($data[$fieldName]) && trim($data[$fieldName]) != '' && !preg_match('/^' . $regexpIso8601 . '$/', $data[$fieldName])) { - throw new \Exception(\G::LoadTranslation('ID_ISO8601_INVALID_FORMAT', [$fieldName])); + throw new Exception(G::LoadTranslation('ID_ISO8601_INVALID_FORMAT', [$fieldName])); } } } break; } - } catch (\Exception $e) { + } catch (Exception $e) { throw $e; } } @@ -378,7 +396,7 @@ class Validator /** * Validate pager data * - * @param array $arrayData Data + * @param array $arrayData Data * @param array $arrayVariableNameForException Variable name for exception * * @return mixed Returns TRUE when pager data is valid, Message Error otherwise @@ -387,7 +405,7 @@ class Validator { try { foreach ($arrayPagerData as $key => $value) { - $nameForException = (isset($arrayVariableNameForException[$key]))? + $nameForException = (isset($arrayVariableNameForException[$key])) ? $arrayVariableNameForException[$key] : $key; if (!is_null($value) && @@ -403,7 +421,7 @@ class Validator //Return return true; - } catch (\Exception $e) { + } catch (Exception $e) { throw $e; } } diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Variable.php b/workflow/engine/src/ProcessMaker/BusinessModel/Variable.php index 3b2abc685..dd50d7e30 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/Variable.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/Variable.php @@ -405,6 +405,7 @@ class Variable if (isset($aData["VAR_NAME"])) { Validator::isString($aData['VAR_NAME'], '$var_name'); Validator::isNotEmpty($aData['VAR_NAME'], '$var_name'); + Validator::isValidVariableName($aData['VAR_NAME']); } if (isset($aData["VAR_FIELD_TYPE"])) { Validator::isString($aData['VAR_FIELD_TYPE'], '$var_field_type'); @@ -462,7 +463,7 @@ class Variable if ($variableName === $row["VAR_NAME"]) { throw new Exception(G::LoadTranslation("DYNAFIELD_ALREADY_EXIST")); } - if (AdditionalTables::getPHPName($variableName) === AdditionalTables::getPHPName($row["VAR_NAME"])) { + if (strtolower(AdditionalTables::getPHPName($variableName)) === strtolower(AdditionalTables::getPHPName($row["VAR_NAME"]))) { throw new Exception(G::LoadTranslation("DYNAFIELD_PHPNAME_ALREADY_EXIST", array($row["VAR_NAME"]))); } }