2017-08-04 16:28:16 +02:00
< ? php
include_once __DIR__ . '/core.php' ;
2019-07-26 16:24:20 +02:00
use Models\Checklist ;
2019-07-26 17:40:52 +02:00
use Models\Note ;
2019-07-26 16:24:20 +02:00
use Models\User ;
2019-07-26 11:57:59 +02:00
2018-09-19 10:44:32 +02:00
if ( empty ( $structure ) || empty ( $structure [ 'enabled' ])) {
2018-07-18 16:12:25 +02:00
die ( tr ( 'Accesso negato' ));
}
2018-07-10 12:07:48 +02:00
$upload_dir = DOCROOT . '/' . Uploads :: getDirectory ( $id_module , $id_plugin );
2017-08-28 09:49:38 +02:00
2018-08-09 15:33:01 +02:00
$database -> beginTransaction ();
2017-08-04 16:28:16 +02:00
2019-07-05 12:28:19 +02:00
// Upload allegati e rimozione
2017-08-04 16:28:16 +02:00
if ( filter ( 'op' ) == 'link_file' || filter ( 'op' ) == 'unlink_file' ) {
// Controllo sui permessi di scrittura per il modulo
if ( Modules :: getPermission ( $id_module ) != 'rw' ) {
2018-07-19 17:29:21 +02:00
flash () -> error ( tr ( 'Non hai permessi di scrittura per il modulo _MODULE_' , [
2017-09-22 15:19:59 +02:00
'_MODULE_' => '"' . Modules :: get ( $id_module )[ 'name' ] . '"' ,
2018-07-07 13:56:22 +02:00
]));
2017-08-04 16:28:16 +02:00
}
// Controllo sui permessi di scrittura per il file system
2017-09-11 17:49:03 +02:00
elseif ( ! directory ( $upload_dir )) {
2018-07-19 17:29:21 +02:00
flash () -> error ( tr ( 'Non hai i permessi di scrittura nella cartella _DIR_!' , [
2017-09-10 14:35:41 +02:00
'_DIR_' => '"files"' ,
2018-07-07 13:56:22 +02:00
]));
2017-08-04 16:28:16 +02:00
}
// Gestione delle operazioni
else {
// UPLOAD
if ( filter ( 'op' ) == 'link_file' && ! empty ( $_FILES ) && ! empty ( $_FILES [ 'blob' ][ 'name' ])) {
2018-07-03 21:22:29 +02:00
$upload = Uploads :: upload ( $_FILES [ 'blob' ], [
2018-07-03 11:12:32 +02:00
'name' => filter ( 'nome_allegato' ),
'category' => filter ( 'categoria' ),
'id_module' => $id_module ,
'id_plugin' => $id_plugin ,
2018-07-03 21:22:29 +02:00
'id_record' => $id_record ,
2018-07-03 11:12:32 +02:00
]);
2018-05-22 17:42:19 +02:00
2017-09-10 14:35:41 +02:00
// Creazione file fisico
2018-07-03 21:22:29 +02:00
if ( ! empty ( $upload )) {
2018-07-19 17:29:21 +02:00
flash () -> info ( tr ( 'File caricato correttamente!' ));
2017-09-10 14:35:41 +02:00
} else {
2018-07-19 17:29:21 +02:00
flash () -> error ( tr ( 'Errore durante il caricamento del file!' ));
2017-09-10 14:35:41 +02:00
}
2017-08-04 16:28:16 +02:00
}
// DELETE
elseif ( filter ( 'op' ) == 'unlink_file' && filter ( 'filename' ) !== null ) {
2018-07-03 21:22:29 +02:00
$name = Uploads :: delete ( filter ( 'filename' ), [
'id_module' => $id_module ,
'id_plugin' => $id_plugin ,
'id_record' => $id_record ,
]);
2017-08-04 16:28:16 +02:00
2018-07-03 21:22:29 +02:00
if ( ! empty ( $name )) {
2018-07-19 17:29:21 +02:00
flash () -> info ( tr ( 'File _FILE_ eliminato!' , [
2018-07-03 21:22:29 +02:00
'_FILE_' => '"' . $name . '"' ,
2018-07-07 13:56:22 +02:00
]));
2018-07-03 21:22:29 +02:00
} else {
2018-07-19 17:29:21 +02:00
flash () -> error ( tr ( " Errore durante l'eliminazione del file! " ));
2017-08-04 16:28:16 +02:00
}
}
2018-05-16 00:19:10 +02:00
redirect ( ROOTDIR . '/editor.php?id_module=' . $id_module . '&id_record=' . $id_record . (( ! empty ( $options [ 'id_plugin' ])) ? '#tab_' . $options [ 'id_plugin' ] : '' ));
2017-08-04 16:28:16 +02:00
}
2019-07-05 12:28:19 +02:00
}
// Download allegati
elseif ( filter ( 'op' ) == 'download_file' ) {
2017-08-28 09:49:38 +02:00
$rs = $dbo -> fetchArray ( 'SELECT * FROM zz_files WHERE id_module=' . prepare ( $id_module ) . ' AND id=' . prepare ( filter ( 'id' )) . ' AND filename=' . prepare ( filter ( 'filename' )));
2017-09-11 17:49:03 +02:00
download ( $upload_dir . '/' . $rs [ 0 ][ 'filename' ], $rs [ 0 ][ 'original' ]);
2019-07-05 12:28:19 +02:00
}
// Validazione dati
elseif ( filter ( 'op' ) == 'validate' ) {
// Lettura informazioni di base
$init = $structure -> filepath ( 'init.php' );
if ( ! empty ( $init )) {
include_once $init ;
}
// Validazione del campo
$validation = $structure -> filepath ( 'validation.php' );
if ( ! empty ( $validation )) {
include_once $validation ;
}
echo json_encode ( $response );
return ;
}
2019-07-26 11:57:59 +02:00
// Aggiunta nota interna
elseif ( filter ( 'op' ) == 'add_nota' ) {
$contenuto = post ( 'contenuto' );
$data_notifica = post ( 'data_notifica' ) ? : null ;
$nota = Note :: build ( $user , $structure , $id_record , $contenuto , $data_notifica );
flash () -> info ( tr ( 'Nota interna aggiunta correttamente!' ));
}
2019-07-26 16:24:20 +02:00
// Rimozione nota interna
elseif ( filter ( 'op' ) == 'delete_nota' ) {
2019-07-26 11:57:59 +02:00
$id_nota = post ( 'id_nota' );
$nota = Note :: find ( $id_nota );
$nota -> delete ();
flash () -> info ( tr ( 'Nota interna aggiunta correttamente!' ));
}
2019-07-26 16:24:20 +02:00
// Rimozione checklist
elseif ( filter ( 'op' ) == 'add_check' ) {
$content = post ( 'content' );
$parent_id = post ( 'parent' ) ? : null ;
$assigned_user = User :: find ( post ( 'assigned_user' ));
$check = Checklist :: build ( $user , $assigned_user , $structure , $id_record , $content , $parent_id );
}
// Rimozione checklist
elseif ( filter ( 'op' ) == 'delete_check' ) {
$check_id = post ( 'check_id' );
$check = Checklist :: find ( $check_id );
$check -> delete ();
}
// Gestione check per le checklist
elseif ( filter ( 'op' ) == 'toggle_check' ) {
$check_id = post ( 'check_id' );
$check = Checklist :: find ( $check_id );
if ( ! empty ( $check )) {
$check -> checked_at = $check -> checked_at ? null : date ( 'Y-m-d H:i:s' );
$check -> save ();
echo json_encode ([
'checked_at' => timestampFormat ( $check -> checked_at ) ? : null ,
]);
}
}
2019-07-05 12:28:19 +02:00
// Invio email
elseif ( post ( 'op' ) == 'send-email' ) {
2018-09-20 14:41:01 +02:00
$id_template = post ( 'template' );
2018-06-26 14:26:40 +02:00
2018-09-20 14:41:01 +02:00
// Inizializzazione
$mail = new Notifications\EmailNotification ();
$mail -> setTemplate ( $id_template , $id_record );
2018-02-20 17:57:16 +01:00
2019-06-04 20:45:40 +02:00
// Rimozione allegati predefiniti
$mail -> setAttachments ([]);
2018-09-20 14:41:01 +02:00
// Destinatari
2018-09-28 16:43:40 +02:00
$receivers = array_clean ( post ( 'destinatari' ));
2018-09-20 14:41:01 +02:00
$types = post ( 'tipo_destinatari' );
foreach ( $receivers as $key => $receiver ) {
$mail -> addReceiver ( $receiver , $types [ $key ]);
2018-02-21 17:47:43 +01:00
}
2018-02-20 17:57:16 +01:00
2018-09-20 14:41:01 +02:00
// Contenuti
$mail -> setSubject ( post ( 'subject' ));
$mail -> setContent ( post ( 'body' ));
2018-02-20 17:57:16 +01:00
2018-09-20 14:41:01 +02:00
// Stampe da allegare
$prints = post ( 'prints' );
foreach ( $prints as $print ) {
$mail -> addPrint ( $print , $id_record );
}
// Allegati originali
$files = post ( 'attachments' );
2018-11-23 15:17:52 +01:00
foreach ( $files as $file ) {
$mail -> addUpload ( $file );
2018-09-20 14:41:01 +02:00
}
2018-02-20 17:57:16 +01:00
// Invio mail
2018-09-20 14:41:01 +02:00
try {
$mail -> send ( true ); // Il valore true impone la gestione degli errori tramite eccezioni
2018-07-19 17:29:21 +02:00
flash () -> info ( tr ( 'Email inviata correttamente!' ));
2018-09-20 14:41:01 +02:00
} catch ( PHPMailer\PHPMailer\Exception $e ) {
flash () -> error ( tr ( " Errore durante l'invio dell'email " ) . ': ' . $e -> errorMessage ());
2018-02-20 17:57:16 +01:00
}
2017-08-04 16:28:16 +02:00
}
2018-07-18 16:12:25 +02:00
// Inclusione di eventuale plugin personalizzato
2018-09-19 10:44:32 +02:00
if ( ! empty ( $structure [ 'script' ])) {
include $structure -> getEditFile ();
2017-08-04 16:28:16 +02:00
2018-08-11 15:37:38 +02:00
$database -> commitTransaction ();
2018-07-02 15:41:38 +02:00
2018-07-18 16:12:25 +02:00
return ;
}
2017-08-04 16:28:16 +02:00
2018-07-18 16:12:25 +02:00
// Lettura risultato query del modulo
2018-09-19 10:44:32 +02:00
$init = $structure -> filepath ( 'init.php' );
2018-07-19 12:47:28 +02:00
if ( ! empty ( $init )) {
include_once $init ;
}
2017-08-04 16:28:16 +02:00
2018-07-18 16:12:25 +02:00
// Retrocompatibilità
if ( ! isset ( $record ) && isset ( $records [ 0 ])) {
$record = $records [ 0 ];
2018-07-19 09:58:28 +02:00
} elseif ( ! isset ( $records [ 0 ]) && isset ( $record )) {
$records = [ $record ];
2018-07-19 12:47:28 +02:00
} elseif ( ! isset ( $record )) {
$record = [];
$records = [ $record ];
2018-07-18 16:12:25 +02:00
}
2018-07-18 14:50:46 +02:00
2018-07-18 16:12:25 +02:00
// Registrazione del record
HTMLBuilder\HTMLBuilder :: setRecord ( $record );
2018-09-19 10:44:32 +02:00
if ( $structure -> permission == 'rw' ) {
2018-07-18 16:12:25 +02:00
// Esecuzione delle operazioni di gruppo
$id_records = post ( 'id_records' );
$id_records = is_array ( $id_records ) ? $id_records : explode ( ';' , $id_records );
2018-09-28 16:43:40 +02:00
$id_records = array_clean ( $id_records );
2018-07-18 16:12:25 +02:00
$id_records = array_unique ( $id_records );
2018-09-19 10:44:32 +02:00
$bulk = $structure -> filepath ( 'bulk.php' );
2018-07-19 12:47:28 +02:00
$bulk = empty ( $bulk ) ? [] : include $bulk ;
2018-07-18 16:12:25 +02:00
$bulk = empty ( $bulk ) ? [] : $bulk ;
if ( in_array ( post ( 'op' ), array_keys ( $bulk ))) {
redirect ( ROOTDIR . '/controller.php?id_module=' . $id_module , 'js' );
} else {
// Esecuzione delle operazioni del modulo
2018-09-19 10:44:32 +02:00
include $structure -> filepath ( 'actions.php' );
2018-07-18 16:12:25 +02:00
// Operazioni generiche per i campi personalizzati
if ( post ( 'op' ) != null ) {
2019-02-19 18:34:44 +01:00
$custom_where = ! empty ( $id_plugin ) ? '`id_plugin` = ' . prepare ( $id_plugin ) : '`id_module` = ' . prepare ( $id_module );
$query = 'SELECT `id`, `html_name` AS `name` FROM `zz_fields` WHERE ' . $custom_where ;
2018-07-18 16:12:25 +02:00
$customs = $dbo -> fetchArray ( $query );
if ( ! starts_with ( post ( 'op' ), 'delete' )) {
$values = [];
foreach ( $customs as $custom ) {
2018-07-19 15:33:32 +02:00
if ( post ( $custom [ 'name' ]) !== null ) {
$values [ $custom [ 'id' ]] = post ( $custom [ 'name' ]);
2018-02-15 17:30:42 +01:00
}
2018-07-18 16:12:25 +02:00
}
// Inserimento iniziale
if ( starts_with ( post ( 'op' ), 'add' )) {
// Informazioni di log
Filter :: set ( 'get' , 'id_record' , $id_record );
2018-02-10 17:24:16 +01:00
2018-07-18 16:12:25 +02:00
foreach ( $values as $key => $value ) {
$dbo -> insert ( 'zz_field_record' , [
'id_record' => $id_record ,
'id_field' => $key ,
'value' => $value ,
]);
2018-02-10 17:24:16 +01:00
}
2018-07-18 16:12:25 +02:00
}
2018-02-10 17:24:16 +01:00
2018-07-18 16:12:25 +02:00
// Aggiornamento
elseif ( starts_with ( post ( 'op' ), 'update' )) {
2019-02-19 18:34:44 +01:00
$query = 'SELECT `zz_field_record`.`id_field` FROM `zz_field_record` JOIN `zz_fields` ON `zz_fields`.`id` = `zz_field_record`.`id_field` WHERE id_record = ' . prepare ( $id_record ) . ' AND ' . $custom_where ;
$customs_present = $dbo -> fetchArray ( $query );
$customs_present = array_column ( $customs_present , 'id_field' );
2018-07-18 16:12:25 +02:00
foreach ( $values as $key => $value ) {
2019-02-19 18:34:44 +01:00
if ( in_array ( $key , $customs_present )) {
$dbo -> update ( 'zz_field_record' , [
'value' => $value ,
], [
'id_record' => $id_record ,
'id_field' => $key ,
]);
} else {
$dbo -> insert ( 'zz_field_record' , [
'id_record' => $id_record ,
'id_field' => $key ,
'value' => $value ,
]);
}
2018-02-10 17:24:16 +01:00
}
}
2018-07-18 16:12:25 +02:00
}
2018-02-10 17:24:16 +01:00
2018-07-18 16:12:25 +02:00
// Eliminazione
elseif ( ! empty ( $customs )) {
$dbo -> query ( 'DELETE FROM `zz_field_record` WHERE `id_record` = ' . prepare ( $id_record ) . ' AND `id_field` IN (' . implode ( ',' , array_column ( $customs , 'id' )) . ')' );
2018-02-10 17:24:16 +01:00
}
2017-08-04 16:28:16 +02:00
}
}
}
2018-08-09 15:33:01 +02:00
$database -> commitTransaction ();