From 78e4c2900b783e26b75742d0f855b19f5108f0ec Mon Sep 17 00:00:00 2001 From: paolo Date: Wed, 20 Apr 2016 17:57:55 +0200 Subject: [PATCH] Merge origin/ci into ci Conflicts: application/config/rest.php application/libraries/FHC_Auth.php tests/codeception/api/LoginCept.php --- application/controllers/api/Test.php | 4 +- application/controllers/api/v1/Nation.php | 83 ++++ .../controllers/api/v1/person/Person.php | 195 ++++----- .../controllers/api/v1/studies/Course.php | 55 +++ .../controllers/api/v1/studies/Plan.php | 57 +++ application/controllers/person/Kontakt.php | 32 -- application/controllers/person/Person.php | 32 -- application/core/FHC_Model.php | 177 +++++---- application/helpers/fhcdb_helper.php | 20 + application/libraries/FHC_Auth.php | 2 +- application/libraries/REST_Controller.php | 41 +- application/models/Nation_model.php | 71 ++++ application/models/person/Person_model.php | 374 ++++++++++++------ application/models/studies/Course_model.php | 43 ++ application/models/studies/Plan_model.php | 34 ++ ci_hack.php | 18 +- content/pdfExport.php | 8 +- include/nation.class.php | 21 +- include/person.class.php | 11 +- include/prestudent.class.php | 11 +- include/studiengang.class.php | 37 +- include/studienordnung.class.php | 10 +- include/studienplan.class.php | 23 +- 23 files changed, 914 insertions(+), 445 deletions(-) create mode 100644 application/controllers/api/v1/Nation.php create mode 100644 application/controllers/api/v1/studies/Course.php create mode 100644 application/controllers/api/v1/studies/Plan.php delete mode 100644 application/controllers/person/Kontakt.php delete mode 100644 application/controllers/person/Person.php create mode 100644 application/models/Nation_model.php create mode 100644 application/models/studies/Course_model.php create mode 100644 application/models/studies/Plan_model.php diff --git a/application/controllers/api/Test.php b/application/controllers/api/Test.php index d144505d0..8ff7e555a 100644 --- a/application/controllers/api/Test.php +++ b/application/controllers/api/Test.php @@ -21,7 +21,7 @@ class Test extends REST_Controller * * @return void */ - public function test_get() + public function getTest() { $payload = [ 'success' => TRUE, @@ -38,7 +38,7 @@ class Test extends REST_Controller * * @return void */ - public function test_post() + public function postTest() { $payload = [ 'success' => TRUE, diff --git a/application/controllers/api/v1/Nation.php b/application/controllers/api/v1/Nation.php new file mode 100644 index 000000000..4756c227f --- /dev/null +++ b/application/controllers/api/v1/Nation.php @@ -0,0 +1,83 @@ +load->model('nation_model', 'NationModel'); + // Load set the addonID of the model to let to check the permissions + $this->NationModel->setAddonID($this->_getAddonID()); + } + + public function getAll() + { + $notLocked = $this->get('ohnesperre'); + $orderEnglish = $this->get('orderEnglish'); + + $result = $this->NationModel->getAll($notLocked, $orderEnglish); + + if(!is_null($result) && $result->num_rows() > 0) + { + $payload = [ + 'success' => TRUE, + 'message' => 'Nation found', + 'data' => $result->result()[0] + ]; + $httpstatus = REST_Controller::HTTP_OK; + } + else + { + $payload = [ + 'success' => FALSE, + 'message' => 'Nation not found' + ]; + $httpstatus = REST_Controller::HTTP_OK; + } + + $this->response($payload, $httpstatus); + } + + public function getFederalState() + { + $result = $this->NationModel->getFederalState(); + + if(!is_null($result) && $result->num_rows() > 0) + { + $payload = [ + 'success' => TRUE, + 'message' => 'Bundesland found', + 'data' => $result->result_array() + ]; + $httpstatus = REST_Controller::HTTP_OK; + } + else + { + $payload = [ + 'success' => FALSE, + 'message' => 'Bundesland not found' + ]; + $httpstatus = REST_Controller::HTTP_OK; + } + + $this->response($payload, $httpstatus); + } +} \ No newline at end of file diff --git a/application/controllers/api/v1/person/Person.php b/application/controllers/api/v1/person/Person.php index 02954c7e0..d18c7afb6 100644 --- a/application/controllers/api/v1/person/Person.php +++ b/application/controllers/api/v1/person/Person.php @@ -1,5 +1,4 @@ load->model('person/person_model'); - } + // Load model PersonModel + $this->load->model('person/person_model', 'PersonModel'); + // Load set the addonID of the model to let to check the permissions + $this->PersonModel->setAddonID($this->_getAddonID()); + } /** * @return void */ - public function person_get() - { - //if(!$this->session_model->validate($this->get('session_id'), $this->get('device_id'))) - // $this->response(array(['success' => false, 'message' => 'access denied']), REST_Controller::HTTP_UNAUTHORIZED); - + public function getPerson() + { + $personID = $this->get('person_id'); $code = $this->get('code'); $email = $this->get('email'); - $person_id = $this->get('person_id'); - if ((!is_null($code)) && (!is_null($email))) + $result = $this->PersonModel->getPerson($personID, $code, $email); + + if(!is_null($result) && $result->num_rows() > 0) { - $result = $this->person_model->getPersonByCodeAndEmail($code, $email); - } - elseif (! is_null($code)) - { - $result = $this->person_model->getPersonByCode($code); - } - elseif (! is_null($person_id)) - { - $result = $this->person_model->getPerson($person_id); + if($result->num_rows() > 1) + { + $payload = [ + 'success' => TRUE, + 'message' => 'People found', + 'data' => $result->result()[0] + ]; + $httpstatus = REST_Controller::HTTP_OK; + } + else if($result->num_rows() == 1) + { + $payload = [ + 'success' => TRUE, + 'message' => 'Person found', + 'data' => $result->result()[0] + ]; + $httpstatus = REST_Controller::HTTP_OK; + } } else - { - $result = $this->person_model->getPerson(); - } - - if ($result['err']) - { - $payload = [ - 'success' => false, - 'message' => $result['msg'].': '.$result['retval'] - ]; - $httpstatus = REST_Controller::HTTP_OK; - } - else - { - // return all available persons - $payload = [ - 'success' => true, - 'message' => 'Persons found' - ]; - $payload['data'] = $result; - $httpstatus = REST_Controller::HTTP_OK; - } - - if (empty($result)) { $payload = [ - 'success' => false, - 'message' => 'Person not found' + 'success' => FALSE, + 'message' => 'Person not found' ]; $httpstatus = REST_Controller::HTTP_OK; } - else - { - // return all available persons - $payload = [ - 'success' => true, - 'message' => 'Persons found' - ]; - $payload['data'] = $result; - $httpstatus = REST_Controller::HTTP_OK; - } - // Set the response and exit + $this->response($payload, $httpstatus); - } + } - /** + /** * @return void */ - public function person_post() - { - $result = $this->person_model->savePerson($this->post()); - if ($result != false) + public function postPerson() + { + $result = $this->PersonModel->savePerson($this->post()); + + if($result === TRUE) { $httpstatus = REST_Controller::HTTP_OK; $payload = [ @@ -121,40 +97,14 @@ class Person extends APIv1_Controller $httpstatus = REST_Controller::HTTP_OK; } $this->response($payload, $httpstatus); - } + } - /** + /** * @return void */ - public function personUpdate_post() - { - $result = $this->person_model->updatePerson($this->post()); - if ($result != false) - { - $httpstatus = REST_Controller::HTTP_OK; - $payload = [ - 'success' => true, - 'message' => 'Person updated.' - ]; - $payload['data'] = $result; - } - else - { - $payload = [ - 'success' => false, - 'message' => 'Could not update person.' - ]; - $httpstatus = REST_Controller::HTTP_OK; - } - $this->response($payload, $httpstatus); - } - - /** - * @return void - */ - public function checkBewerbung_get() - { - $result = $this->person_model->checkBewerbung($this->get("email"), $this->get("studiensemester_kurzbz")); + public function getCheckBewerbung() + { + $result = $this->PersonModel->checkBewerbung($this->get("email"), $this->get("studiensemester_kurzbz")); $httpstatus = REST_Controller::HTTP_OK; $payload = [ 'success' => true, @@ -162,16 +112,16 @@ class Person extends APIv1_Controller ]; $payload['data'] = $result; $this->response($payload, $httpstatus); - } + } - /** + /** * @return void */ - public function checkZugangscodePerson_get() - { - $result = $this->person_model->checkZugangscodePerson($this->get("code")); + public function getCheckZugangscodePerson() + { + $result = $this->PersonModel->checkZugangscodePerson($this->get("code")); $httpstatus = REST_Controller::HTTP_OK; - if (!empty($result)) + if(!empty($result)) { $payload = [ 'success' => true, @@ -189,5 +139,32 @@ class Person extends APIv1_Controller } $this->response($payload, $httpstatus); - } -} + } + + /** + * + */ + public function postInterestedStudent() + { + $result = $this->PersonModel->saveInterestedStudent($this->post()); + + if($result === TRUE) + { + $httpstatus = REST_Controller::HTTP_OK; + $payload = [ + 'success' => true, + 'message' => 'Interested student saved.' + ]; + $payload['data'] = $result; + } + else + { + $payload = [ + 'success' => false, + 'message' => 'Could not save interested student.' + ]; + $httpstatus = REST_Controller::HTTP_OK; + } + $this->response($payload, $httpstatus); + } +} \ No newline at end of file diff --git a/application/controllers/api/v1/studies/Course.php b/application/controllers/api/v1/studies/Course.php new file mode 100644 index 000000000..75d329ce1 --- /dev/null +++ b/application/controllers/api/v1/studies/Course.php @@ -0,0 +1,55 @@ +load->model('studies/course_model', 'CourseModel'); + // Load set the addonID of the model to let to check the permissions + $this->CourseModel->setAddonID($this->_getAddonID()); + } + + public function getEnabledCourses() + { + $result = $this->CourseModel->getEnabledCourses(); + + if(!is_null($result) && $result->num_rows() > 0) + { + $payload = [ + 'success' => TRUE, + 'message' => 'Courses found', + 'data' => $result->result()[0] + ]; + $httpstatus = REST_Controller::HTTP_OK; + } + else + { + $payload = [ + 'success' => FALSE, + 'message' => 'Person not found' + ]; + $httpstatus = REST_Controller::HTTP_OK; + } + + $this->response($payload, $httpstatus); + } +} \ No newline at end of file diff --git a/application/controllers/api/v1/studies/Plan.php b/application/controllers/api/v1/studies/Plan.php new file mode 100644 index 000000000..909a7b6a5 --- /dev/null +++ b/application/controllers/api/v1/studies/Plan.php @@ -0,0 +1,57 @@ +load->model('studies/plan_model', 'PlanModel'); + // Load set the addonID of the model to let to check the permissions + $this->PlanModel->setAddonID($this->_getAddonID()); + } + + public function getCurricula() + { + $courseOfStudiesID = $this->get('studiengang_kz'); + + $result = $this->PlanModel->getCurricula($courseOfStudiesID); + + if(!is_null($result) && $result->num_rows() > 0) + { + $payload = [ + 'success' => TRUE, + 'message' => 'Curricula found', + 'data' => $result->result()[0] + ]; + $httpstatus = REST_Controller::HTTP_OK; + } + else + { + $payload = [ + 'success' => FALSE, + 'message' => 'Curricula not found' + ]; + $httpstatus = REST_Controller::HTTP_OK; + } + + $this->response($payload, $httpstatus); + } +} \ No newline at end of file diff --git a/application/controllers/person/Kontakt.php b/application/controllers/person/Kontakt.php deleted file mode 100644 index dc6ec2e8d..000000000 --- a/application/controllers/person/Kontakt.php +++ /dev/null @@ -1,32 +0,0 @@ -load->model('kontakt/kontakt_model'); - } - - public function index() - { - $data['person'] = $this->person_model->getPersonen(); - $data['title'] = 'Personen Archiv'; - - $this->load->view('templates/header', $data); - $this->load->view('kontakt/index', $data); - $this->load->view('templates/footer'); - } - - public function view($slug = null) - { - $data['person_item'] = $this->person_model->getPersonen($slug); - if (empty($data['person_item'])) - show_404(); - - $data['title'] = $data['person_item']->titelpre; - - $this->load->view('templates/header', $data); - $this->load->view('kontakt/view', $data); - $this->load->view('templates/footer'); - } -} diff --git a/application/controllers/person/Person.php b/application/controllers/person/Person.php deleted file mode 100644 index ebad71c50..000000000 --- a/application/controllers/person/Person.php +++ /dev/null @@ -1,32 +0,0 @@ -load->model('person/person_model'); - } - - public function index() - { - $data['person'] = $this->person_model->getPersonen(); - $data['title'] = 'Personen Archiv'; - - $this->load->view('templates/header', $data); - $this->load->view('person/index', $data); - $this->load->view('templates/footer'); - } - - public function view($slug = null) - { - $data['person_item'] = $this->person_model->getPersonen($slug); - if (empty($data['person_item'])) - show_404(); - - $data['title'] = $data['person_item']->titelpre; - - $this->load->view('templates/header', $data); - $this->load->view('person/view', $data); - $this->load->view('templates/footer'); - } -} diff --git a/application/core/FHC_Model.php b/application/core/FHC_Model.php index 14377d13d..191313b49 100644 --- a/application/core/FHC_Model.php +++ b/application/core/FHC_Model.php @@ -1,93 +1,106 @@ load->helper('language'); - $this->lang->load('fhcomplete'); - } - - /** --------------------------------------------------------------- - * Success - * - * @param mixed $retval - * @return array - */ - protected function _success($retval = '', $message = FHC_SUCCESS) - { - return array( - 'err' => 0, - 'code' => FHC_SUCCESS, - 'msg' => lang('fhc_' . $message), - 'retval' => $retval - ); - } - - /** --------------------------------------------------------------- - * General Error - * - * @return array - */ - protected function _general_error($retval = '', $message = FHC_ERR_GENERAL) - { - return array( - 'err' => 1, - 'code' => FHC_ERR_GENERAL, - 'msg' => lang('fhc_'.$message), - 'retval' => $retval - ); - } -} - -class DB_Model extends FHC_Model -{ - - protected $dbTable=null; // Name of the DB-Table for CI-Insert, -Update, ... - - function __construct($uid=null) - { - parent::__construct(); - $this->load->database(); - $this->load->helper('language'); - $this->lang->load('fhc_db'); - - // UID must be set in Production Mode - if (ENVIRONMENT=='production' && is_null($uid)) - log_message('error', 'UID must be set in Production Mode.'); - elseif (is_null($uid)) - log_message('info', 'UID is not set.'); - - // Loading Tools for Access Control (Benutzerberechtigungen) - $this->load->library('FHC_DB_ACL',array('uid' => $uid)); - } - - public function insert($data) - { - if (! is_null($this->dbTable)) - { - $this->db->insert($this->dbTable, $data); - return true; - } - else - return false; + $this->lang->load('fhcomplete'); } /** --------------------------------------------------------------- - * Invalid ID - * - * @param integer config.php error code numbers - * @return array - */ - protected function _invalid_id($error = '') - { - return array( - 'err' => 1, - 'code' => $error, - 'msg' => lang('fhc_'.$error) - ); - } + * Success + * + * @param mixed $retval + * @return array + */ + protected function _success($retval = '', $message = FHC_SUCCESS) + { + return array( + 'err' => 0, + 'code' => FHC_SUCCESS, + 'msg' => lang('fhc_' . $message), + 'retval' => $retval + ); + } + + /** --------------------------------------------------------------- + * General Error + * + * @return array + */ + protected function _general_error($retval = '', $message = FHC_ERR_GENERAL) + { + return array( + 'err' => 1, + 'code' => FHC_ERR_GENERAL, + 'msg' => lang('fhc_' . $message), + 'retval' => $retval + ); + } } + +class DB_Model extends FHC_Model +{ + protected $dbTable = NULL; // Name of the DB-Table for CI-Insert, -Update, ... + // Addon ID, stored to let to check the permissions + private $_addonID; + + function __construct() + { + parent::__construct(); + $this->load->database(); + $this->lang->load('fhc_db'); + } + + public function insert($data) + { + if(!is_null($this->dbTable)) + { + $this->db->insert($this->dbTable, $data); + return TRUE; + } + else + { + return FALSE; + } + } + + /** --------------------------------------------------------------- + * Invalid ID + * + * @param integer config.php error code numbers + * @return array + */ + protected function _invalid_id($error = '') + { + return array( + 'err' => 1, + 'code' => $error, + 'msg' => lang('fhc_' . $error) + ); + } + + /** + * TODO + */ + protected function _checkPermissions() + { + // If _addonID is NOT set (core) or if _addonID is set (API call) and has permissions + return !isset($this->_addonID) || (isset($this->_addonID) && TRUE); + } + + /** + * Method setAddonID + * + * @param $addonID + * @return void + */ + public function setAddonID($addonID) + { + $this->_addonID = $addonID; + } +} \ No newline at end of file diff --git a/application/helpers/fhcdb_helper.php b/application/helpers/fhcdb_helper.php index 8f86ea691..c5eee6800 100644 --- a/application/helpers/fhcdb_helper.php +++ b/application/helpers/fhcdb_helper.php @@ -428,3 +428,23 @@ function indexSort($a, $b) { return strcmp($a->index, $b->index); } + +/** + * Bereitet ein Array von Elementen auf, damit es in der IN-Klausel eines + * Select Befehls verwendet werden kann. + */ +function dbImplode4SQL($array) +{ + $string = ''; + + foreach($array as $row) + { + if($string != '') + { + $string.=','; + } + $string.=$this->db_add_param($row); + } + + return $string; +} \ No newline at end of file diff --git a/application/libraries/FHC_Auth.php b/application/libraries/FHC_Auth.php index e716cebf9..83b76e755 100644 --- a/application/libraries/FHC_Auth.php +++ b/application/libraries/FHC_Auth.php @@ -60,4 +60,4 @@ class FHC_Auth return md5($aam->getPasswordByUsername($username)); } -} +} \ No newline at end of file diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index ff6a77759..7caf4646d 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -351,8 +351,13 @@ abstract class REST_Controller extends CI_Controller { self::HTTP_INTERNAL_SERVER_ERROR => 'INTERNAL SERVER ERROR', self::HTTP_NOT_IMPLEMENTED => 'NOT IMPLEMENTED' ]; + + /** + * + */ + protected $_addonID = NULL; - /** + /** * Extend this function to apply additional checking early on in the process * * @access protected @@ -361,7 +366,7 @@ abstract class REST_Controller extends CI_Controller { protected function early_checks() { } - + /** * Constructor for the REST API * @@ -604,8 +609,10 @@ abstract class REST_Controller extends CI_Controller { // Remove the supported format from the function name e.g. index.json => index $object_called = preg_replace('/^(.*)\.(?:' . implode('|', array_keys($this->_supported_formats)) . ')$/', '$1', $object_called); - $controller_method = $object_called . '_' . $this->request->method; - + //$controller_method = $object_called . '_' . $this->request->method; + // CamelCase compliant + $controller_method = $this->request->method.ucfirst($object_called); + // Do we want to log this method (if allowed by config)? $log_method = !(isset($this->methods[$controller_method]['log']) && $this->methods[$controller_method]['log'] === FALSE); @@ -1900,6 +1907,25 @@ abstract class REST_Controller extends CI_Controller { ], self::HTTP_UNAUTHORIZED); } } + + /** + * TO BE COMMENTED + */ + private function _setAddonID($username) + { + if(!isset($this->_addonID) && isset($username)) + { + $this->_addonID = $username; + } + } + + /** + * @return int ID of the authenticated addon + */ + protected function _getAddonID() + { + return $this->_addonID; + } /** * Prepares for basic authentication @@ -1940,6 +1966,10 @@ abstract class REST_Controller extends CI_Controller { { $this->_force_login(); } + else // If logged + { + $this->_setAddonID($username); + } } /** @@ -2155,5 +2185,4 @@ abstract class REST_Controller extends CI_Controller { ->get($this->config->item('rest_access_table')) ->num_rows() > 0; } - -} +} \ No newline at end of file diff --git a/application/models/Nation_model.php b/application/models/Nation_model.php new file mode 100644 index 000000000..396e44242 --- /dev/null +++ b/application/models/Nation_model.php @@ -0,0 +1,71 @@ +_checkPermissions()) + { + $result = $this->db->query($this->_getNationQuery($notLocked, $orderEnglish)); + } + + return $result; + } + + /** + * + */ + protected function _getNationQuery($notLocked = FALSE, $orderEnglish = FALSE) + { + $qry = "SELECT * FROM bis.tbl_nation"; + + if($notLocked) + { + $qry .= " WHERE sperre is null"; + } + if(!$orderEnglish) + { + $qry .= " ORDER BY kurztext"; + } + else + { + $qry .= " ORDER BY engltext"; + } + + return $qry; + } + + /** + * + */ + public function getFederalState() + { + $result = NULL; + + // Checks if the operation is permitted by the API caller + // All the code should be put inside this if statement + if($this->_checkPermissions()) + { + $result = $this->db->query($this->_federalStateQuery); + } + + return $result; + } +} \ No newline at end of file diff --git a/application/models/person/Person_model.php b/application/models/person/Person_model.php index 1cfe356a9..aeffb722f 100644 --- a/application/models/person/Person_model.php +++ b/application/models/person/Person_model.php @@ -2,157 +2,285 @@ class Person_model extends DB_Model { - public function __construct($uid = null) - { - parent::__construct($uid); - $this->dbTable = 'public.tbl_person'; - } + // + protected $_loadQuery = "SELECT person_id, + sprache, + anrede, + titelpost, + titelpre, + nachname, + vorname, + vornamen, + gebdatum, + gebort, + gebzeit, + foto, + anmerkung, + homepage, + svnr, + ersatzkennzeichen, + familienstand, + anzahlkinder, + aktiv, + insertamum, + insertvon, + updateamum, + updatevon, + ext_id, + geschlecht, + staatsbuergerschaft, + geburtsnation, + kurzbeschreibung, + zugangscode, + foto_sperre, + matr_nr + FROM public.tbl_person + WHERE person_id = ?"; + + /** + * + */ + public function __construct() + { + parent::__construct(); + } - public function getPerson($person_id = null) - { - if (is_null($person_id)) + /** + * + */ + public function getPerson($personID = NULL, $code = NULL, $email = NULL) + { + $result = NULL; + + // Checks if the operation is permitted by the API caller + // All the code should be put inside this if statement + if($this->_checkPermissions()) { - $query = $this->db->get_where('public.tbl_person', array()); - return $query->result_object(); + if((!is_null($code)) && (!is_null($email))) + { + $result = $this->_getPersonByCodeAndEmail($code, $email); + } + elseif(!is_null($code)) + { + $result = $this->_getPersonByCode($code); + } + else + { + $result = $this->_getPersonByID($personID); + } } - $query = $this->db->get_where('public.tbl_person', array('person_id' => $person_id)); - return $query->row_object(); - } + + return $result; + } + + /** + * @param int $personID Person ID + * @return object + */ + private function _getPersonByID($personID) + { + $result = NULL; + + if(!is_null($personID)) + { + $result = $this->db->query($this->_loadQuery, array($personID)); + } + + return $result; + } - public function getPersonByCodeAndEmail($code, $email) - { -// if ($this->fhc_db_acl->bb->isBerechtigt('person', 'suid')) -// { - $this->db->select("*") - ->from('public.tbl_person p') - ->join("public.tbl_kontakt k", "k.person_id=p.person_id") - ->where("p.zugangscode", $code) - ->where("k.kontakt", $email); - - return $this->db->get()->result_object(); -// } - } + /** + * + */ + private function _getPersonByCodeAndEmail($code, $email) + { + $this->db->select("*") + ->from('public.tbl_person p') + ->join("public.tbl_kontakt k", "k.person_id=p.person_id") + ->where("p.zugangscode", $code) + ->where("k.kontakt", $email); - public function getPersonByCode($code) - { -// if ($this->fhc_db_acl->bb->isBerechtigt('person', 'suid')) -// { - $query = $this->db->get_where('public.tbl_person', array('zugangscode' => $code)); - return $query->result_object(); -// } - } + return $this->db->get()->result_object(); + } - /** - * Laedt Personendaten eine BenutzerUID - * @param string $uid DB-Attr: tbl_benutzer.uid . - * @return bool - */ - public function getPersonFromBenutzerUID($uid) - { + /** + * + */ + private function _getPersonByCode($code) + { + $query = $this->db->get_where('public.tbl_person', array('zugangscode' => $code)); + return $query->result_object(); + } - if (!$this->fhc_db_acl->bb->isBerechtigt('person', 's')) + /** + * + */ + public function savePerson($person = NULL) + { + // Checks if the operation is permitted by the API caller + // All the code should be put inside this if statement + if($this->_checkPermissions() && isset($person)) + { + if(isset($person['person_id'])) + { + return $this->_updatePerson($person); + } + else + { + return $this->_insertPerson($person); + } + } + } + + /** + * + */ + private function _insertPerson($person) + { + $data = array( + "vorname" => $person["vorname"], + "nachname" => $person["nachname"], + "gebdatum" => $person["gebdatum"], + "aktiv" => TRUE, + "zugangscode" => $person["zugangscode"], + "zugangscode_timestamp" => date('Y-m-d H:i:s'), + "insertamum" => date('Y-m-d H:i:s'), + "insertvon" => $person["insertvon"], + ); + + if($this->db->insert("public.tbl_person", $data)) + { + return $this->db->insert_id(); + } + else + { + return FALSE; + } + } + + /** + * + */ + private function _updatePerson($person) + { + $this->db->set("zugangscode", $person["zugangscode"]); + $this->db->where("person_id", $person["person_id"]); + if($this->db->update("public.tbl_person")) + { + return TRUE; + } + else + { + return FALSE; + } + } + + /** + * Laedt Personendaten eine BenutzerUID + * @param string $uid DB-Attr: tbl_benutzer.uid . + * @return bool + */ + public function getPersonFromBenutzerUID($uid) + { + + if(!$this->fhc_db_acl->bb->isBerechtigt('person', 's')) { $this->db->select('tbl_person.*'); $this->db->from('public.tbl_person JOIN public.tbl_benutzer USING (person_id)'); $query = $this->db->get_where(null, array('uid' => $uid)); return $query->result_object(); } - } + } - public function savePerson($person) - { - //TODO check berechtigung -// if($this->fhc_db_acl->bb->isBerechtigt('person', 'sui')) -// { - $data = array( - "vorname"=>$person["vorname"], - "nachname"=>$person["nachname"], - "gebdatum"=>$person["gebdatum"], - "aktiv" => true, - "zugangscode"=>$person["zugangscode"], - "zugangscode_timestamp"=>date('Y-m-d H:i:s'), - "insertamum"=>date('Y-m-d H:i:s'), - "insertvon"=>$person["insertvon"], - ); - if($this->db->insert("public.tbl_person", $data)){ - return $this->db->insert_id(); - } - else - { - return false; - } -// } -// else -// { -// return "Nicht berechtigt"; -// } - } - - public function checkBewerbung($email, $studiensemester_kurzbz=NULL) - { + /** + * + */ + public function checkBewerbung($email, $studiensemester_kurzbz = NULL) + { $this->db->distinct(); if(is_null($studiensemester_kurzbz)) { $this->db->select("p.person_id, p.zugangscode, p.insertamum") - ->from("public.tbl_person p") - ->join("public.tbl_kontakt k", "p.person_id=k.person_id") - ->join("public.tbl_benutzer b", "p.person_id=b.person_id", "left") - ->where("k.kontakttyp", 'email') - ->where("(kontakt='".$email."'". - " OR alias ||'@technikum-wien.at'='".$email."'". - " OR uid ||'@technikum-wien.at'='".$email."')") - ->order_by("p.insertamum", "DESC") - ->limit(1) + ->from("public.tbl_person p") + ->join("public.tbl_kontakt k", "p.person_id=k.person_id") + ->join("public.tbl_benutzer b", "p.person_id=b.person_id", "left") + ->where("k.kontakttyp", 'email') + ->where("(kontakt='" . $email . "'" . + " OR alias ||'@technikum-wien.at'='" . $email . "'" . + " OR uid ||'@technikum-wien.at'='" . $email . "')") + ->order_by("p.insertamum", "DESC") + ->limit(1) ; } else { $this->db->select("p.person_id,p.zugangscode,p.insertamum") - ->from("public.tbl_person p") - ->join("public.tbl_kontakt k", "p.person_id=k.person_id") - ->join("public.tbl_benutzer b", "p.person_id=b.person_id", "left") - ->join("public.tbl_prestudent ps", "p.person_id=ps.person_id") - ->join("public.tbl_prestudentstatus pst", "pst.prestudent_id=ps.prestudent_id") - ->where("k.kontakttyp", 'email') - ->where("(kontakt='".$email."'". - " OR alias ||'@technikum-wien.at'='".$email."'". - " OR uid ||'@technikum-wien.at'='".$email."')") - ->where("studiensemester_kurzbz='".$studiensemester_kurzbz."'") - ->order_by("p.insertamum", "DESC") - ->limit(1) + ->from("public.tbl_person p") + ->join("public.tbl_kontakt k", "p.person_id=k.person_id") + ->join("public.tbl_benutzer b", "p.person_id=b.person_id", "left") + ->join("public.tbl_prestudent ps", "p.person_id=ps.person_id") + ->join("public.tbl_prestudentstatus pst", "pst.prestudent_id=ps.prestudent_id") + ->where("k.kontakttyp", 'email') + ->where("(kontakt='" . $email . "'" . + " OR alias ||'@technikum-wien.at'='" . $email . "'" . + " OR uid ||'@technikum-wien.at'='" . $email . "')") + ->where("studiensemester_kurzbz='" . $studiensemester_kurzbz . "'") + ->order_by("p.insertamum", "DESC") + ->limit(1) ; } return $this->db->get()->result_array(); - } + } - public function checkZugangscodePerson($code) - { + /** + * + */ + public function checkZugangscodePerson($code) + { $this->db->select("p.person_id") - ->from("public.tbl_person p") - ->where("p.zugangscode", $code); + ->from("public.tbl_person p") + ->where("p.zugangscode", $code); return $this->db->get()->result_array(); - } + } + + /** + * + */ + public function saveInterestedStudent($interestedStudent = NULL) + { + // Checks if the operation is permitted by the API caller + // All the code should be put inside this if statement + if($this->_checkPermissions() && isset($interestedStudent)) + { + /* + $data = array( + "vorname" => $person["vorname"], + "nachname" => $person["nachname"], + "gebdatum" => $person["gebdatum"], + "aktiv" => TRUE, + "zugangscode" => $person["zugangscode"], + "zugangscode_timestamp" => date('Y-m-d H:i:s'), + "insertamum" => date('Y-m-d H:i:s'), + "insertvon" => $person["insertvon"], + ); - public function updatePerson($person) - { - //TODO check berechtigung -// if($this->fhc_db_acl->bb->isBerechtigt('person', 'sui')) -// { - //TODO set other columns to be updated - $this->db->set("zugangscode", $person["zugangscode"]); - $this->db->where("person_id", $person["person_id"]); - if($this->db->update("public.tbl_person")){ - return true; - } - else - { - return false; - } -// } -// else -// { -// return "Nicht berechtigt"; -// } - } -} + if($this->db->insert("public.tbl_person", $data)) + { + return $this->db->insert_id(); + } + else + { + return FALSE; + }*/ + + //$prestudent = new prestudent(); + + error_log($interestedStudent['zgv_code']); + + /*$prestudent->zgv_code = $interestedStudent['zgv_code']; + + $prestudent->save();*/ + } + } +} \ No newline at end of file diff --git a/application/models/studies/Course_model.php b/application/models/studies/Course_model.php new file mode 100644 index 000000000..bd7a4baaa --- /dev/null +++ b/application/models/studies/Course_model.php @@ -0,0 +1,43 @@ +_checkPermissions()) + { + $result = $this->db->query($this->_enabledCoursesQuery); + } + + return $result; + } +} \ No newline at end of file diff --git a/application/models/studies/Plan_model.php b/application/models/studies/Plan_model.php new file mode 100644 index 000000000..e1519a8e0 --- /dev/null +++ b/application/models/studies/Plan_model.php @@ -0,0 +1,34 @@ +_checkPermissions()) + { + $result = $this->db->query($this->_curriculaQuery, array($courseOfStudiesID)); + } + + return $result; + } +} \ No newline at end of file diff --git a/ci_hack.php b/ci_hack.php index 26bdc39c3..d30f0fcfe 100755 --- a/ci_hack.php +++ b/ci_hack.php @@ -465,4 +465,20 @@ trait db_extra else die('Invalid DB Boolean. Wrong DB-Engine?'); } -} + + /** + * Bereitet ein Array von Elementen auf, damit es in der IN-Klausel eines + * Select Befehls verwendet werden kann. + */ + public function db_implode4SQL($array) + { + $string = ''; + foreach($array as $row) + { + if($string!='') + $string.=','; + $string.=$this->db_add_param($row); + } + return $string; + } +} \ No newline at end of file diff --git a/content/pdfExport.php b/content/pdfExport.php index 4cc56ea6e..b754ddf3f 100644 --- a/content/pdfExport.php +++ b/content/pdfExport.php @@ -25,8 +25,12 @@ * Hilfe der XSL-FO Vorlage aus der DB und generiert * daraus ein PDF mittels xslfo2pdf bzw unoconv */ -session_cache_limiter('none'); //muss gesetzt werden sonst funktioniert der Download mit IE8 nicht -session_start(); + +/* + * It raise an error, conflict with CI session + * session_cache_limiter('none'); //muss gesetzt werden sonst funktioniert der Download mit IE8 nicht +session_start();*/ + require_once('../config/vilesci.config.inc.php'); require_once('../include/functions.inc.php'); require_once('../include/benutzerberechtigung.class.php'); diff --git a/include/nation.class.php b/include/nation.class.php index f2caf615e..816f0fbbe 100644 --- a/include/nation.class.php +++ b/include/nation.class.php @@ -24,12 +24,19 @@ * Klasse Nation (FAS-Online) * @create 06-04-2006 */ -require_once(dirname(__FILE__).'/basis_db.class.php'); +require_once(dirname(__FILE__).'/datum.class.php'); -class nation extends basis_db +// CI +require_once(dirname(__FILE__).'/../ci_hack.php'); +require_once(dirname(__FILE__).'/../application/models/Nation_model.php'); + +class nation extends Nation_model { + use db_extra; //CI Hack + public $new; // boolean public $nation = array(); // nation Objekt + public $errormsg; // string //Tabellenspalten public $code; @@ -100,15 +107,7 @@ class nation extends basis_db public function getAll($ohnesperre=false, $orderEnglish=false) { //Lesen der Daten aus der Datenbank - $qry = "SELECT * FROM bis.tbl_nation"; - if($ohnesperre) - $qry .= " WHERE sperre is null"; - if($orderEnglish == false) - $qry .=" ORDER BY kurztext"; - else - $qry .=" ORDER BY engltext"; - - $qry.=';'; + $qry = $this->_getNationQuery($ohnesperre, $orderEnglish); if(!$this->db_query($qry)) { diff --git a/include/person.class.php b/include/person.class.php index 392942512..835660878 100644 --- a/include/person.class.php +++ b/include/person.class.php @@ -22,7 +22,6 @@ /* * Benoetigt functions.inc.php */ -//require_once(dirname(__FILE__).'/basis_db.class.php'); Now over CI require_once(dirname(__FILE__).'/datum.class.php'); // CI @@ -93,12 +92,7 @@ class person extends Person_model //person_id auf gueltigkeit pruefen if (is_numeric($personId) && $personId != '') { - /* Alter Code - $qry = "SELECT person_id, sprache, anrede, titelpost, titelpre, nachname, vorname, vornamen, - gebdatum, gebort, gebzeit, foto, anmerkung, homepage, svnr, ersatzkennzeichen, - familienstand, anzahlkinder, aktiv, insertamum, insertvon, updateamum, updatevon, ext_id, - geschlecht, staatsbuergerschaft, geburtsnation, kurzbeschreibung, zugangscode, foto_sperre, matr_nr - FROM public.tbl_person WHERE person_id=".$this->db_add_param($personId, FHC_INTEGER); + $qry = str_replace('?', $this->db_add_param($personId, FHC_INTEGER), $this->_loadQuery); if (!$this->db_query($qry)) { @@ -106,8 +100,7 @@ class person extends Person_model return false; } - if ($row = $this->db_fetch_object())*/ - if ($row = $this->getPerson($personId)) + if ($row = $this->db_fetch_object()) { $this->person_id = $row->person_id; $this->sprache = $row->sprache; diff --git a/include/prestudent.class.php b/include/prestudent.class.php index 102b496cb..c832ced1e 100644 --- a/include/prestudent.class.php +++ b/include/prestudent.class.php @@ -19,10 +19,17 @@ * Andreas Oesterreicher and * Rudolf Hangl . */ -require_once(dirname(__FILE__).'/person.class.php'); +require_once(dirname(__FILE__).'/datum.class.php'); -class prestudent extends person +// CI +require_once(dirname(__FILE__).'/../ci_hack.php'); +require_once(dirname(__FILE__).'/../application/models/person/Person_model.php'); + +class prestudent extends Person_model { + use db_extra; //CI Hack + public $errormsg; // string + //Tabellenspalten public $prestudent_id; // varchar(16) public $aufmerksamdurch_kurzbz; diff --git a/include/studiengang.class.php b/include/studiengang.class.php index 169c22f6d..925192234 100644 --- a/include/studiengang.class.php +++ b/include/studiengang.class.php @@ -20,12 +20,21 @@ * Rudolf Hangl and * Gerald Raab . */ -require_once(dirname(__FILE__).'/basis_db.class.php'); +//require_once(dirname(__FILE__).'/basis_db.class.php'); -class studiengang extends basis_db +require_once(dirname(__FILE__).'/datum.class.php'); + +// CI +require_once(dirname(__FILE__).'/../ci_hack.php'); +require_once(dirname(__FILE__).'/../application/models/studies/Course_model.php'); + +class studiengang extends Course_model { + use db_extra; //CI Hack + public $new; // boolean public $result = array(); // studiengang Objekt + public $errormsg; // string public $studiengang_kz; // integer public $kurzbz; // varchar(5) @@ -55,7 +64,6 @@ class studiengang extends basis_db public $onlinebewerbung; // boolean public $kuerzel; // = typ + kurzbz (Bsp: BBE) - private $studiengang_typ_arr = array(); // Array mit den Studiengangstypen public $kuerzel_arr = array(); // Array mit allen Kurzeln Index=studiengangs_kz public $moodle; // boolean public $lgartcode; //integer @@ -64,6 +72,8 @@ class studiengang extends basis_db public $bezeichnung_arr = array(); public $beschreibung; + + public $studiengang_typ_arr = array(); // Array mit den Studiengangstypen /** * Konstruktor @@ -84,7 +94,7 @@ class studiengang extends basis_db $this->studiengang_typ_arr["e"] = "Erhalter"; */ } - public function __get($value) + /*public function __get($value) { switch($value) { @@ -95,7 +105,7 @@ class studiengang extends basis_db } } return $this->$value; - } + }*/ /** * Laedt einen Studiengang @@ -109,8 +119,8 @@ class studiengang extends basis_db $this->errormsg = 'Studiengang_kz muss eine gueltige Zahl sein'; return false; } - - $qry = "SELECT * FROM public.tbl_studiengang WHERE studiengang_kz=".$this->db_add_param($studiengang_kz); + + $qry = "SELECT * FROM public.tbl_studiengang WHERE studiengang_kz = " . $this->db_add_param($studiengang_kz); if($this->db_query($qry)) { @@ -237,14 +247,7 @@ class studiengang extends basis_db */ public function getAllForBewerbung() { - $qry = 'SELECT DISTINCT studiengang_kz, typ, organisationseinheittyp_kurzbz, studiengangbezeichnung, standort, studiengangbezeichnung_englisch, lgartcode, tbl_lgartcode.bezeichnung ' - . 'FROM lehre.vw_studienplan ' - . 'LEFT JOIN bis.tbl_lgartcode USING (lgartcode) ' - . 'WHERE onlinebewerbung IS TRUE ' - . 'AND aktiv IS TRUE ' - . 'ORDER BY typ, studiengangbezeichnung, tbl_lgartcode.bezeichnung ASC'; - - if(!$result = $this->db_query($qry)) + if(!$result = $this->db_query($this->_enabledCoursesQuery)) { $this->errormsg = 'Datensatz konnte nicht geladen werden'; return false; @@ -340,7 +343,7 @@ class studiengang extends basis_db if(count($kennzahlen)==0) return true; - $kennzahlen = $this->implode4SQL($kennzahlen); + $kennzahlen = $this->db_implode4SQL($kennzahlen); $qry = 'SELECT * FROM public.tbl_studiengang WHERE studiengang_kz in('.$kennzahlen.')'; if ($aktiv) @@ -903,4 +906,4 @@ class studiengang extends basis_db return false; } } -} +} \ No newline at end of file diff --git a/include/studienordnung.class.php b/include/studienordnung.class.php index 17c1cc366..a07e3425b 100644 --- a/include/studienordnung.class.php +++ b/include/studienordnung.class.php @@ -297,7 +297,7 @@ class studienordnung extends basis_db $this->db_add_param($this->studiengangkurzbzlang).', '. $this->db_add_param($this->akadgrad_id,FHC_INTEGER).', '. $this->db_add_param($this->standort_id,FHC_INTEGER).', '. - $this->db_add_param($this->status_kurzb).', '. + $this->db_add_param($this->status_kurzbz).', '. ' now(), '. $this->db_add_param($this->insertvon).');'; } @@ -417,7 +417,7 @@ class studienordnung extends basis_db $obj->studiengangkurzbzlang = $row->studiengangkurzbzlang; $obj->akadgrad_id = $row->akadgrad_id; $obj->standort_id = $row->standort_id; - $obj->status_kurzb = $row->status_kurzb; + $obj->status_kurzbz = $row->status_kurzbz; $obj->updateamum = $row->updateamum; $obj->updatevon = $row->updatevon; $obj->insertamum = $row->insertamum; @@ -442,7 +442,7 @@ class studienordnung extends basis_db $obj->studiengangkurzbzlang = $this->studiengangkurzbzlang; $obj->akadgrad_id = $this->akadgrad_id; $obj->standort_id = $this->standort_id; - $obj->status_kurzb = $this->status_kurzb; + $obj->status_kurzbz = $this->status_kurzbz; $obj->updateamum = $this->updateamum; $obj->updatevon = $this->updatevon; $obj->insertamum = $this->insertamum; @@ -746,7 +746,7 @@ class studienordnung extends basis_db $this->studiengangkurzbzlang = $row->studiengangkurzbzlang; $this->akadgrad_id = $row->akadgrad_id; $this->standort_id = $row->standort_id; - $this->status_kurzb = $row->status_kurzb; + $this->status_kurzbz = $row->status_kurzbz; $this->updateamum = $row->updateamum; $this->updatevon = $row->updatevon; $this->insertamum = $row->insertamum; @@ -806,7 +806,7 @@ class studienordnung extends basis_db $obj->studiengangkurzbzlang = $row->studiengangkurzbzlang; $obj->akadgrad_id = $row->akadgrad_id; $this->standort_id = $row->standort_id; - $this->status_kurzb = $row->status_kurzb; + $this->status_kurzbz = $row->status_kurzbz; $obj->updateamum = $row->updateamum; $obj->updatevon = $row->updatevon; $obj->insertamum = $row->insertamum; diff --git a/include/studienplan.class.php b/include/studienplan.class.php index 986135738..d6b605d89 100644 --- a/include/studienplan.class.php +++ b/include/studienplan.class.php @@ -24,12 +24,19 @@ * Stefan Puraner */ -require_once(dirname(__FILE__).'/basis_db.class.php'); +require_once(dirname(__FILE__).'/datum.class.php'); -class studienplan extends basis_db +// CI +require_once(dirname(__FILE__).'/../ci_hack.php'); +require_once(dirname(__FILE__).'/../application/models/studies/Plan_model.php'); + +class studienplan extends Plan_model { + use db_extra; //CI Hack + public $new = true; // boolean public $result = array(); // Objekte + public $errormsg; // string //Tabellenspalten protected $studienplan_id; // integer (PK) @@ -74,10 +81,10 @@ class studienplan extends basis_db $this->$name=$value; } - public function __get($name) + /*public function __get($name) { return $this->$name; - } + }*/ /** * Laedt Studienplan mit der ID $studienplan_id @@ -722,13 +729,7 @@ class studienplan extends basis_db */ function getStudienplaene($studiengang_kz) { - $qry = "SELECT - distinct tbl_studienplan.* - FROM - lehre.tbl_studienplan - JOIN lehre.tbl_studienordnung USING(studienordnung_id) - WHERE - tbl_studienordnung.studiengang_kz=".$this->db_add_param($studiengang_kz, FHC_INTEGER); + $qry = str_replace('?', $this->db_add_param($studiengang_kz, FHC_INTEGER), $this->_curriculaQuery); if($result = $this->db_query($qry)) {