mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
3f6afa2904
svn://svn.silverstripe.com/silverstripe/modules/sapphire/branches/2.2.0-mesq ........ r49834 | ischommer | 2008-02-20 11:45:56 +1300 (Wed, 20 Feb 2008) | 1 line fixed sql-injection ........ git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@49828 467b73ca-7a2a-4603-9d3b-597d59a354a9
125 lines
3.2 KiB
PHP
125 lines
3.2 KiB
PHP
<?php
|
|
|
|
/**
|
|
* @package forms
|
|
* @subpackage fields-formattedinput
|
|
*/
|
|
|
|
/**
|
|
* Text field that automatically checks that the value entered is unique for the given
|
|
* set of fields in a given set of tables
|
|
* @package forms
|
|
* @subpackage fields-formattedinput
|
|
*/
|
|
class AjaxUniqueTextField extends TextField {
|
|
|
|
protected $restrictedField;
|
|
protected $restrictedTable;
|
|
// protected $restrictedMessage;
|
|
protected $validateURL;
|
|
|
|
protected $restrictedRegex;
|
|
|
|
function __construct($name, $title, $restrictedField, $restrictedTable, $value = "", $maxLength = null, $validationURL = null, $restrictedRegex = null ){
|
|
$this->maxLength = $maxLength;
|
|
|
|
$this->restrictedField = $restrictedField;
|
|
|
|
$this->restrictedTable = $restrictedTable;
|
|
|
|
$this->validateURL = $validationURL;
|
|
|
|
$this->restrictedRegex = $restrictedRegex;
|
|
|
|
parent::__construct($name, $title, $value);
|
|
}
|
|
|
|
function Field() {
|
|
Requirements::javascript("sapphire/javascript/UniqueFields.js");
|
|
|
|
$this->jsValidation();
|
|
|
|
$url = Convert::raw2att( $this->validateURL );
|
|
|
|
if( $this->restrictedRegex )
|
|
$restrict = "<input type=\"hidden\" class=\"hidden\" name=\"{$this->name}Restricted\" id=\"" . $this->id() . "RestrictedRegex\" value=\"{$this->restrictedRegex}\" />";
|
|
|
|
if($this->maxLength) {
|
|
return "<input class=\"".$this->class."\" text\" type=\"text\" id=\"" . $this->id() . "\" name=\"{$this->name}\" value=\"" . $this->attrValue() . "\" maxlength=\"$this->maxLength\" />$restrict";
|
|
} else {
|
|
return "<input class=\"".$this->class."\" text\" type=\"text\" id=\"" . $this->id() . "\" name=\"{$this->name}\" value=\"" . $this->attrValue() . "\" />$restrict";
|
|
}
|
|
}
|
|
|
|
function jsValidation() {
|
|
$formID = $this->form->FormName();
|
|
$id = $this->id();
|
|
$url = Director::absoluteBaseURL() . $this->validateURL;
|
|
|
|
if($this->restrictedRegex) {
|
|
$jsCheckFunc = <<<JS
|
|
Element.removeClassName(this, 'invalid');
|
|
var match = this.value.match(/{$this->restrictedRegex}/);
|
|
if(match) {
|
|
Element.addClassName(this, 'invalid');
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
JS;
|
|
} else {
|
|
$jsCheckFunc = "return true;";
|
|
}
|
|
|
|
$jsFunc = <<<JS
|
|
Behaviour.register({
|
|
'#$id' : {
|
|
onkeyup: function() {
|
|
if(this.checkValid()) {
|
|
new Ajax.Request('{$url}?ajax=1&{$this->name}=' + encodeURIComponent(this.value), {
|
|
method: 'get',
|
|
onSuccess: function(response) {
|
|
console.debug(this);
|
|
if(response.responseText == 'ok')
|
|
Element.removeClassName(this, 'inuse');
|
|
else {
|
|
Element.addClassName(this, 'inuse');
|
|
}
|
|
}.bind(this),
|
|
onFailure: function(response) {
|
|
|
|
}
|
|
});
|
|
}
|
|
},
|
|
|
|
checkValid: function() {
|
|
$jsCheckFunc
|
|
}
|
|
}
|
|
});
|
|
JS;
|
|
Requirements::customScript($jsFunc, 'func_validateAjaxUniqueTextField');
|
|
|
|
//return "\$('$formID').validateCurrency('$this->name');";
|
|
|
|
}
|
|
|
|
function validate( $validate ) {
|
|
|
|
$result = DB::query(sprintf(
|
|
"SELECT COUNT(*) FROM `%s` WHERE `%s` = '%s'",
|
|
$this->restrictedTable,
|
|
$this->restrictedField,
|
|
Convert::raw2sql($this->value)
|
|
))->value();
|
|
|
|
if( $result && ( $result > 0 ) ) {
|
|
$validator->validationError( $this->name, _t('Form.VALIDATIONNOTUNIQUE', "The value entered is not unique") );
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
}
|
|
?>
|