File "WPDA_Apps.php"
Full Path: /home/vantageo/public_html/cache/cache/cache/cache/cache/.wp-cli/wp-content/plugins/wp-data-access/WPDataAccess/API/WPDA_Apps.php
File size: 78.68 KB
MIME-type: text/x-php
Charset: utf-8
<?php
namespace WPDataAccess\API;
use stdClass;
use WPDataAccess\Connection\WPDADB;
use WPDataAccess\Data_Dictionary\WPDA_List_Columns_Cache;
use WPDataAccess\Plugin_Table_Models\WPDA_App_Container_Model;
use WPDataAccess\Plugin_Table_Models\WPDA_App_Apps_Model;
use WPDataAccess\Plugin_Table_Models\WPDA_App_Model;
use WPDataAccess\Plugin_Table_Models\WPDA_Table_Settings_Model;
use WPDataAccess\WPDA;
class WPDA_Apps extends WPDA_API_Core {
const METHODS = array('httpGet', 'httpPost', 'httpRequest');
const WPDA_APP_DEFAULT_LANG = 'wpda_app_default_lang';
private function sanitize_settings( $value ) {
if ( is_array( $value ) ) {
foreach ( $value as $index => $item ) {
$value[$index] = $this->sanitize_settings( $item );
}
} elseif ( is_object( $value ) ) {
$object_vars = get_object_vars( $value );
foreach ( $object_vars as $property_name => $property_value ) {
$value->{$property_name} = $this->sanitize_settings( $property_value );
}
} else {
// Allow HTML and onclick for computed fields
$value = apply_filters(
'wp_kses_post',
$value,
"",
["onclick"]
);
}
return $value;
}
public function register_rest_routes() {
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/init', array(
'methods' => array('POST'),
'callback' => array($this, 'app_init'),
'permission_callback' => '__return_true',
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/list', array(
'methods' => array('POST'),
'callback' => array($this, 'app_list'),
'permission_callback' => '__return_true',
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/meta', array(
'methods' => array('POST'),
'callback' => array($this, 'app_meta'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/lang', array(
'methods' => array('POST'),
'callback' => array($this, 'app_lang'),
'permission_callback' => '__return_true',
'args' => array(
'lang' => array(
'required' => true,
'type' => 'string',
'description' => __( 'App default language', 'wp-data-access' ),
'sanitize_callback' => 'sanitize_text_field',
'validate_callback' => 'rest_validate_request_arg',
),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/table/meta', array(
'methods' => array('POST'),
'callback' => array($this, 'app_table_meta'),
'permission_callback' => '__return_true',
'args' => array(
'dbs' => $this->get_param( 'dbs' ),
'tbl' => $this->get_param( 'tbl' ),
'waa' => array(
'required' => false,
'type' => 'boolean',
'description' => __( 'With admin actions (to support table exports)', 'wp-data-access' ),
),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/create', array(
'methods' => array('POST'),
'callback' => array($this, 'app_create'),
'permission_callback' => '__return_true',
'args' => array(
'app_name' => $this->get_param( 'app_name' ),
'app_title' => $this->get_param( 'app_title' ),
'app_type' => $this->get_param( 'app_type' ),
'app_settings' => $this->get_param( 'app_settings' ),
'app_dbs' => $this->get_param( 'dbs' ),
'app_tbl' => $this->get_param( 'tbl' ),
'app_cls' => $this->get_param( 'app_cls' ),
'app_table' => array(
'required' => true,
'type' => 'string',
'description' => __( 'Table settings', 'wp-data-access' ),
'sanitize_callback' => 'sanitize_text_field',
'validate_callback' => 'rest_validate_request_arg',
),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/createapp', array(
'methods' => array('POST'),
'callback' => array($this, 'app_createapp'),
'permission_callback' => '__return_true',
'args' => array(
'app_name' => $this->get_param( 'app_name' ),
'app_title' => $this->get_param( 'app_title' ),
'app_type' => $this->get_param( 'app_type' ),
'app_settings' => $this->get_param( 'app_settings' ),
'app_apps' => $this->get_param( 'app_apps' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/copy', array(
'methods' => array('POST'),
'callback' => array($this, 'app_copy'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/export', array(
'methods' => array('POST'),
'callback' => array($this, 'app_export'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/details', array(
'methods' => array('POST'),
'callback' => array($this, 'app_details'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'cnt_id' => $this->get_param( 'cnt_id' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/detailmeta', array(
'methods' => array('POST'),
'callback' => array($this, 'app_detail_meta'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'cnt_id' => $this->get_param( 'cnt_id' ),
'rel_tab' => $this->get_param( 'rel_tab' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/detailreorder', array(
'methods' => array('POST'),
'callback' => array($this, 'app_detail_reorder'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'cnt_id_from' => $this->get_param( 'cnt_id' ),
'cnt_id_to' => $this->get_param( 'cnt_id' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/relationship/create', array(
'methods' => array('POST'),
'callback' => array($this, 'app_relationship_create'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'app_title' => $this->get_param( 'app_title' ),
'app_dbs' => $this->get_param( 'dbs' ),
'app_tbl' => $this->get_param( 'tbl' ),
'app_cls' => $this->get_param( 'app_cls' ),
'app_relation' => array(
'required' => true,
'type' => 'string',
'description' => __( 'Table settings', 'wp-data-access' ),
'sanitize_callback' => 'sanitize_text_field',
'validate_callback' => 'rest_validate_request_arg',
),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/relationship/update', array(
'methods' => array('POST'),
'callback' => array($this, 'app_relationship_update'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'app_cnt' => $this->get_param( 'cnt_id' ),
'app_title' => $this->get_param( 'app_title' ),
'app_dbs' => $this->get_param( 'dbs' ),
'app_tbl' => $this->get_param( 'tbl' ),
'app_cls' => $this->get_param( 'app_cls' ),
'app_relation' => array(
'required' => true,
'type' => 'string',
'description' => __( 'Table settings', 'wp-data-access' ),
'sanitize_callback' => 'sanitize_text_field',
'validate_callback' => 'rest_validate_request_arg',
),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/relationship/delete', array(
'methods' => array('POST'),
'callback' => array($this, 'app_relationship_delete'),
'permission_callback' => '__return_true',
'args' => array(
'cnt_id' => $this->get_param( 'cnt_id' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/save', array(
'methods' => array('POST'),
'callback' => array($this, 'app_save'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'app_name' => $this->get_param( 'app_name' ),
'app_title' => $this->get_param( 'app_title' ),
'app_type' => $this->get_param( 'app_type' ),
'app_settings' => $this->get_param( 'app_settings' ),
'app_add_to_menu' => $this->get_param( 'app_add_to_menu' ),
'app_dbs' => $this->get_param( 'dbs' ),
'app_tbl' => $this->get_param( 'tbl' ),
'app_cls' => $this->get_param( 'app_cls' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/saveapp', array(
'methods' => array('POST'),
'callback' => array($this, 'app_saveapp'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'app_name' => $this->get_param( 'app_name' ),
'app_title' => $this->get_param( 'app_title' ),
'app_type' => $this->get_param( 'app_type' ),
'app_settings' => $this->get_param( 'app_settings' ),
'app_add_to_menu' => $this->get_param( 'app_add_to_menu' ),
'app_apps' => $this->get_param( 'app_apps' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/remove', array(
'methods' => array('POST'),
'callback' => array($this, 'app_remove'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/settings', array(
'methods' => array('POST'),
'callback' => array($this, 'app_settings'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'cnt_id' => $this->get_param( 'cnt_id' ),
'target' => array(
'required' => true,
'type' => 'string',
'description' => __( 'Setting target', 'wp-data-access' ),
'sanitize_callback' => 'sanitize_text_field',
'validate_callback' => 'rest_validate_request_arg',
),
'settings' => array(
'required' => false,
'type' => 'string',
'description' => __( 'App settings - JSON string', 'wp-data-access' ),
'sanitize_callback' => function ( $param ) {
$satitized_settings = $this->sanitize_settings( json_decode( (string) $param, true ) );
// Save sanitized JSON as string
return json_encode( $satitized_settings );
},
'validate_callback' => 'rest_validate_request_arg',
),
'theme' => array(
'required' => false,
'type' => 'string',
'description' => __( 'Theme settings - JSON string', 'wp-data-access' ),
'sanitize_callback' => 'sanitize_text_field',
'validate_callback' => 'rest_validate_request_arg',
),
),
) );
// DML
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/select', array(
'methods' => array('POST'),
'callback' => array($this, 'app_select'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'cnt_id' => $this->get_param( 'cnt_id' ),
'col' => $this->get_param( 'cols' ),
'page_index' => $this->get_param( 'page_index' ),
'page_size' => $this->get_param( 'page_size' ),
'search' => $this->get_param( 'search' ),
'search_columns' => $this->get_param( 'search_columns' ),
'search_column_fns' => $this->get_param( 'search_column_fns' ),
'search_column_lov' => $this->get_param( 'search_column_lov' ),
'search_data_types' => $this->get_param( 'search_data_types' ),
'search_custom' => $this->get_param( 'search_custom' ),
'search_params' => $this->get_param( 'search_params' ),
'shortcode_params' => $this->get_param( 'search_params' ),
'md' => $this->get_param( 'md' ),
'sorting' => $this->get_param( 'sorting' ),
'row_count' => $this->get_param( 'row_count' ),
'row_count_estimate' => $this->get_param( 'row_count_estimate' ),
'media' => $this->get_param( 'media' ),
'rel_tab' => $this->get_param( 'rel_tab' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/get', array(
'methods' => array('POST'),
'callback' => array($this, 'app_get'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'cnt_id' => $this->get_param( 'cnt_id' ),
'key' => $this->get_param( 'key' ),
'media' => $this->get_param( 'media' ),
'rel_tab' => $this->get_param( 'rel_tab' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/insert', array(
'methods' => array('POST'),
'callback' => array($this, 'app_insert'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'cnt_id' => $this->get_param( 'cnt_id' ),
'val' => $this->get_param( 'val' ),
'join_tab' => $this->get_param( 'join_tab' ),
'rel_tab' => $this->get_param( 'rel_tab' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/update', array(
'methods' => array('POST'),
'callback' => array($this, 'app_update'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'cnt_id' => $this->get_param( 'cnt_id' ),
'key' => $this->get_param( 'key' ),
'val' => $this->get_param( 'val' ),
'join_tab' => $this->get_param( 'join_tab' ),
'rel_tab' => $this->get_param( 'rel_tab' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/delete', array(
'methods' => array('POST'),
'callback' => array($this, 'app_delete'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'cnt_id' => $this->get_param( 'cnt_id' ),
'key' => $this->get_param( 'key' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/lov', array(
'methods' => array('POST'),
'callback' => array($this, 'app_lov'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'cnt_id' => $this->get_param( 'cnt_id' ),
'col' => $this->get_param( 'col' ),
'cols' => $this->get_param( 'cols' ),
'search' => $this->get_param( 'search' ),
'search_columns' => $this->get_param( 'search_columns' ),
'search_column_fns' => $this->get_param( 'search_column_fns' ),
'search_column_lov' => $this->get_param( 'search_column_lov' ),
'search_data_types' => $this->get_param( 'search_data_types' ),
'search_custom' => $this->get_param( 'search_custom' ),
'search_params' => $this->get_param( 'search_params' ),
'shortcode_params' => $this->get_param( 'search_params' ),
'md' => $this->get_param( 'md' ),
'cascade' => $this->get_param( 'cascade' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/lookup', array(
'methods' => array('POST'),
'callback' => array($this, 'app_lookup'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'cnt_id' => $this->get_param( 'cnt_id' ),
'target' => array(
'required' => true,
'type' => 'string',
'description' => __( 'Target: table or form', 'wp-data-access' ),
'sanitize_callback' => 'sanitize_text_field',
'validate_callback' => 'rest_validate_request_arg',
),
'col' => $this->get_param( 'col' ),
'colk' => $this->get_param( 'col' ),
'colv' => $this->get_param( 'col' ),
'cold' => $this->get_param( 'key' ),
'cols' => $this->get_param( 'cols' ),
'search' => $this->get_param( 'search' ),
'search_columns' => $this->get_param( 'search_columns' ),
'search_column_fns' => $this->get_param( 'search_column_fns' ),
'search_column_lov' => $this->get_param( 'search_column_lov' ),
'search_data_types' => $this->get_param( 'search_data_types' ),
'search_custom' => $this->get_param( 'search_custom' ),
'search_params' => $this->get_param( 'search_params' ),
'shortcode_params' => $this->get_param( 'search_params' ),
'md' => $this->get_param( 'md' ),
'cascade' => $this->get_param( 'cascade' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/lookup/dbs', array(
'methods' => array('POST'),
'callback' => array($this, 'app_lookup_dbs'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'cnt_id' => $this->get_param( 'cnt_id' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/lookup/tbl', array(
'methods' => array('POST'),
'callback' => array($this, 'app_lookup_tbl'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'cnt_id' => $this->get_param( 'cnt_id' ),
'dbs' => $this->get_param( 'dbs' ),
),
) );
register_rest_route( WPDA_API::WPDA_NAMESPACE, 'app/lookup/cls', array(
'methods' => array('POST'),
'callback' => array($this, 'app_lookup_cls'),
'permission_callback' => '__return_true',
'args' => array(
'app_id' => $this->get_param( 'app_id' ),
'cnt_id' => $this->get_param( 'cnt_id' ),
'dbs' => $this->get_param( 'dbs' ),
'tbl' => $this->get_param( 'tbl' ),
),
) );
}
private function get_app_columns( $columns ) {
if ( !is_array( $columns ) ) {
return false;
}
return array_map( function ( $value ) {
return $value['columnName'];
}, array_filter( $columns, function ( $column ) {
return $column['isSelected'];
} ) );
}
private function get_app_table_columns( $settings, $table_settings ) {
if ( !isset( $settings['columns'] ) ) {
return false;
}
$columns = $this->get_app_columns( $settings['columns'] );
if ( false === $columns ) {
return false;
}
$columns_available = array_flip( $columns );
if ( !isset( $settings['table'] ) ) {
return array_map( function () {
return true;
}, $columns_available );
}
if ( !is_array( $table_settings ) || !isset( $table_settings['columns'] ) ) {
return false;
}
$table_columns = $table_settings['columns'];
for ($i = 0; $i < count( $columns ); $i++) {
if ( isset( $columns_available[$columns[$i]] ) ) {
$column_name = $columns[$i];
$columns_available[$columns[$i]] = count( array_filter( $table_columns, function ( $column ) use($columns, $column_name) {
if ( !isset( $column['columnName'], $column['queryable'] ) ) {
return false;
}
$queryable = $column['queryable'];
return $column_name === $column['columnName'] && true === $queryable;
} ) ) > 0;
}
}
return $columns_available;
}
private function get_app_form_columns( $settings ) {
if ( !isset( $settings['columns'] ) ) {
return false;
}
return $this->get_app_columns( $settings['columns'] );
}
public function app_export( $request ) {
$app_id = $request->get_param( 'app_id' );
if ( !$this->main_app_access( $app_id, $msg ) ) {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
}
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
return $this->do_app_export( $app_id );
}
public function app_copy( $request ) {
$app_id = $request->get_param( 'app_id' );
if ( !$this->main_app_access( $app_id, $msg ) ) {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
}
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
return $this->do_app_copy( $app_id );
}
public function app_details( $request ) {
$app_id = $request->get_param( 'app_id' );
$cnt_id = $request->get_param( 'cnt_id' );
if ( $this->check_app_access(
$app_id,
$cnt_id,
'select',
$dbs,
$tbl,
$msg,
$settings
) ) {
return $this->WPDA_Rest_Response( '', WPDA_App_Container_Model::select( $app_id, 1 ) );
} else {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
} else {
return new \WP_Error('error', $msg, array(
'status' => 401,
));
}
}
}
public function app_detail_meta( $request ) {
$app_id = $request->get_param( 'app_id' );
$cnt_id = $request->get_param( 'cnt_id' );
$rel_tab = $request->get_param( 'rel_tab' );
if ( $this->check_app_access(
$app_id,
$cnt_id,
'select',
$dbs,
$tbl,
$msg,
$settings
) ) {
$container = WPDA_App_Container_Model::get_container( $cnt_id );
if ( !isset( $container[0] ) ) {
return $this->bad_request();
}
return $this->get_app_container_meta( $app_id, $container, $rel_tab );
} else {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
} else {
return new \WP_Error('error', $msg, array(
'status' => 401,
));
}
}
}
public function app_detail_reorder( $request ) {
$app_id = $request->get_param( 'app_id' );
$cnt_id_from = $request->get_param( 'cnt_id_from' );
$cnt_id_to = $request->get_param( 'cnt_id_to' );
if ( $this->check_app_access(
$app_id,
$cnt_id_from,
'select',
$dbs,
$tbl,
$msg,
$settings
) ) {
$container = WPDA_App_Container_Model::get_container( $cnt_id_from );
if ( !isset( $container[0] ) ) {
return $this->bad_request();
}
$container = WPDA_App_Container_Model::get_container( $cnt_id_to );
if ( !isset( $container[0] ) ) {
return $this->bad_request();
}
return $this->reorder_details( $cnt_id_from, $cnt_id_to );
} else {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
} else {
return new \WP_Error('error', $msg, array(
'status' => 401,
));
}
}
}
public function app_relationship_create( $request ) {
if ( !$this->current_user_can_access() ) {
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
$app_id = $request->get_param( 'app_id' );
$app_title = $request->get_param( 'app_title' );
$app_dbs = $request->get_param( 'app_dbs' );
$app_tbl = $request->get_param( 'app_tbl' );
$app_cls = $request->get_param( 'app_cls' );
$app_relation = $request->get_param( 'app_relation' );
return $this->WPDA_Rest_Response( '', WPDA_App_Container_Model::create(
$app_id,
$app_dbs,
$app_tbl,
json_encode( $app_cls ),
$app_title,
1,
null,
$app_relation
) );
}
public function app_relationship_update( $request ) {
if ( !$this->current_user_can_access() ) {
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
$app_id = $request->get_param( 'app_id' );
$app_cnt = $request->get_param( 'app_cnt' );
$app_title = $request->get_param( 'app_title' );
$app_dbs = $request->get_param( 'app_dbs' );
$app_tbl = $request->get_param( 'app_tbl' );
$app_cls = $request->get_param( 'app_cls' );
$app_relation = $request->get_param( 'app_relation' );
return $this->WPDA_Rest_Response( '', WPDA_App_Container_Model::update(
$app_id,
$app_cnt,
$app_dbs,
$app_tbl,
json_encode( $app_cls ),
$app_title,
1,
null,
$app_relation
) );
}
public function app_relationship_delete( $request ) {
if ( !$this->current_user_can_access() ) {
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
$cnt_id = $request->get_param( 'cnt_id' );
return $this->WPDA_Rest_Response( '', WPDA_App_Container_Model::delete_container( $cnt_id ) );
}
private function build_lookups(
$table_settings,
$dbs,
&$search_columns,
$search_column_lov,
$search_column_fns,
&$default_where,
&$lookups
) {
}
private function build_relationships(
$container,
&$m2m_relationship,
$tbl,
&$default_where
) {
}
public function app_select( $request ) {
$app_id = $request->get_param( 'app_id' );
$cnt_id = $request->get_param( 'cnt_id' );
$col = $request->get_param( 'col' );
$page_index = $request->get_param( 'page_index' );
$page_size = $request->get_param( 'page_size' );
$search = $request->get_param( 'search' );
$search_columns = $request->get_param( 'search_columns' );
$search_column_fns = $request->get_param( 'search_column_fns' );
$search_column_lov = $request->get_param( 'search_column_lov' );
$search_data_types = $request->get_param( 'search_data_types' );
$search_custom = $request->get_param( 'search_custom' );
$search_params = $request->get_param( 'search_params' );
$shortcode_params = $request->get_param( 'shortcode_params' );
$md = $request->get_param( 'md' );
$sorting = $request->get_param( 'sorting' );
$row_count = $request->get_param( 'row_count' );
$row_count_estimate = $request->get_param( 'row_count_estimate' );
$media = $request->get_param( 'media' );
$rel_tab = $request->get_param( 'rel_tab' );
$default_where = '';
$default_orderby = '';
$lookups = array();
$m2m_relationship = array();
if ( $this->check_app_access(
$app_id,
$cnt_id,
'select',
$dbs,
$tbl,
$msg,
$settings
) ) {
$container = WPDA_App_Container_Model::get_container( $cnt_id );
if ( '1' === $rel_tab ) {
} else {
$table_settings = $settings['table'] ?? array();
// Get default where clause
if ( isset( $table_settings['table']['defaultWhere'] ) ) {
$default_where = $table_settings['table']['defaultWhere'];
}
// Get default order by
if ( isset( $table_settings['table']['defaultOrderBy'] ) ) {
$default_orderby_db = $table_settings['table']['defaultOrderBy'];
if ( is_array( $default_orderby_db ) ) {
foreach ( $default_orderby_db as $orderby ) {
if ( isset( $orderby['columnName'], $orderby['order'] ) && '' !== trim( $orderby['columnName'] ) ) {
$default_orderby .= (( '' === $default_orderby ? 'order by ' : ',' )) . '`' . WPDA::remove_backticks( $orderby['columnName'] ) . '` ' . (( 'desc' === $orderby['order'] ? 'desc' : 'asc' ));
}
}
}
}
}
$table_api = new WPDA_Table();
return $table_api->select(
$dbs,
$tbl,
$col,
$page_index,
$page_size,
$search,
$search_columns,
$search_column_fns,
$sorting,
$row_count,
$row_count_estimate,
$media,
$this->process_params(
$default_where,
$search_custom,
$search_params,
$shortcode_params
),
$default_orderby,
$lookups,
$md,
$m2m_relationship,
$search_data_types
);
} else {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
} else {
return new \WP_Error('error', $msg, array(
'status' => 401,
));
}
}
}
private function get_m2m_relationship( $relationship, $tbl, $cols ) {
return array();
}
private function get_lookup_lov( $column_lookup, $search_value, $search_type ) {
return null;
}
private function convert_relation_columns( $columns ) {
return array_map( function ( $value ) {
if ( true === $value['isSelected'] ) {
return $value['columnName'];
}
}, $columns );
}
public function app_get( $request ) {
$app_id = $request->get_param( 'app_id' );
$cnt_id = $request->get_param( 'cnt_id' );
$key = $request->get_param( 'key' );
$media = $request->get_param( 'media' );
$rel_tab = $request->get_param( 'rel_tab' );
if ( $this->check_app_access(
$app_id,
$cnt_id,
'select',
$dbs,
$tbl,
$msg,
$settings
) ) {
$column_names = $this->get_app_form_columns( $settings );
if ( false === $column_names ) {
return $this->invalid_app_settings();
}
$default_where = '';
$table_api = new WPDA_Table();
return $table_api->get(
$dbs,
$tbl,
$key,
$media,
$column_names,
$default_where
);
} else {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
} else {
return new \WP_Error('error', $msg, array(
'status' => 401,
));
}
}
}
public function app_insert( $request ) {
$app_id = $request->get_param( 'app_id' );
$cnt_id = $request->get_param( 'cnt_id' );
$val = $request->get_param( 'val' );
$join_tab = $request->get_param( 'join_tab' );
$rel_tab = $request->get_param( 'rel_tab' );
if ( $this->check_app_access(
$app_id,
$cnt_id,
'insert',
$dbs,
$tbl,
$msg
) ) {
$table_api = new WPDA_Table();
return $table_api->insert( $dbs, $tbl, $val );
} else {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
} else {
return new \WP_Error('error', $msg, array(
'status' => 401,
));
}
}
}
public function app_update( $request ) {
$app_id = $request->get_param( 'app_id' );
$cnt_id = $request->get_param( 'cnt_id' );
$key = $request->get_param( 'key' );
$val = $request->get_param( 'val' );
$join_tab = $request->get_param( 'join_tab' );
$rel_tab = $request->get_param( 'rel_tab' );
if ( $this->check_app_access(
$app_id,
$cnt_id,
'update',
$dbs,
$tbl,
$msg,
$settings
) ) {
$column_names = $this->get_app_form_columns( $settings );
if ( false === $column_names ) {
$column_names = array();
}
$table_api = new WPDA_Table();
return $table_api->update(
$dbs,
$tbl,
$key,
$val,
$column_names
);
} else {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
} else {
return new \WP_Error('error', $msg, array(
'status' => 401,
));
}
}
}
public function app_delete( $request ) {
$app_id = $request->get_param( 'app_id' );
$cnt_id = $request->get_param( 'cnt_id' );
$key = $request->get_param( 'key' );
if ( $this->check_app_access(
$app_id,
$cnt_id,
'delete',
$dbs,
$tbl,
$msg
) ) {
$table_api = new WPDA_Table();
return $table_api->delete( $dbs, $tbl, $key );
} else {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
} else {
return new \WP_Error('error', $msg, array(
'status' => 401,
));
}
}
}
public function app_lov( $request ) {
return $this->bad_request();
}
public function app_lookup( $request ) {
$app_id = $request->get_param( 'app_id' );
$cnt_id = $request->get_param( 'cnt_id' );
$target = $request->get_param( 'target' );
$col = $request->get_param( 'col' );
$colk = $request->get_param( 'colk' );
$colv = $request->get_param( 'colv' );
$cold = $request->get_param( 'cold' );
$cols = $request->get_param( 'cols' );
$search = $request->get_param( 'search' );
$search_columns = $request->get_param( 'search_columns' );
$search_column_fns = $request->get_param( 'search_column_fns' );
$search_column_lov = $request->get_param( 'search_column_lov' );
$search_data_types = $request->get_param( 'search_data_types' );
$search_custom = $request->get_param( 'search_custom' );
$search_params = $request->get_param( 'search_params' );
$shortcode_params = $request->get_param( 'shortcode_params' );
$md = $request->get_param( 'md' );
$cascade = $request->get_param( 'cascade' );
$default_where = '';
$default_where_lookup = '';
$lookups = array();
$m2m_relationship = array();
if ( $this->check_app_access(
$app_id,
$cnt_id,
'select',
$dbs,
$tbl,
$msg,
$settings
) ) {
$container = WPDA_App_Container_Model::get_container( $cnt_id );
if ( !isset( $container[0] ) ) {
return $this->bad_request();
}
$lookup = array();
$lookup_dbs = "";
$lookup_tbl = "";
if ( 'form' === $target ) {
// Handle form lookup
if ( isset( $container[0]['cnt_form'] ) ) {
$lookup = json_decode( (string) $container[0]['cnt_form'], true );
}
} else {
// Handle table lookup
if ( isset( $container[0]['cnt_table'] ) ) {
$lookup = json_decode( (string) $container[0]['cnt_table'], true );
}
}
if ( isset( $lookup['columns'] ) && is_array( $lookup['columns'] ) ) {
foreach ( $lookup['columns'] as $column ) {
if ( $col === $column['columnName'] ) {
if ( !isset( $column['lookup'] ) ) {
return $this->WPDA_Rest_Response( '', [] );
}
$lookup_dbs = $column['lookup']['dbs'];
$lookup_tbl = $column['lookup']['tbl'];
if ( isset( $column['columnName'], $column['lookup']['defaultWhere'] ) ) {
$default_where_lookup = $column['lookup']['defaultWhere'];
}
}
}
}
if ( $lookup_dbs === null || $lookup_dbs === "" || $lookup_tbl === null || $lookup_tbl === "" ) {
return $this->bad_request();
}
$table_api = new WPDA_Table();
return $table_api->lookup(
$lookup_dbs,
$lookup_tbl,
$colk,
$colv,
$cold,
$this->process_params(
$default_where_lookup,
$search_custom,
$search_params,
$shortcode_params
),
'1' === $cascade,
$tbl,
$col,
$this->process_params(
$default_where,
$search_custom,
$search_params,
$shortcode_params
),
$search,
$cols,
$search_columns,
$search_column_fns,
$lookups,
$md,
$m2m_relationship,
$search_data_types
);
} else {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
} else {
return new \WP_Error('error', $msg, array(
'status' => 401,
));
}
}
}
public function app_lookup_dbs( $request ) {
$app_id = $request->get_param( 'app_id' );
$cnt_id = $request->get_param( 'cnt_id' );
if ( $this->check_app_access(
$app_id,
$cnt_id,
'select',
$_dbs,
$_tbl,
$msg
) ) {
$tree_api = new WPDA_Tree();
return $tree_api->get_dbs();
} else {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
} else {
return new \WP_Error('error', $msg, array(
'status' => 401,
));
}
}
}
public function app_lookup_tbl( $request ) {
$app_id = $request->get_param( 'app_id' );
$cnt_id = $request->get_param( 'cnt_id' );
$dbs = $request->get_param( 'dbs' );
if ( $this->check_app_access(
$app_id,
$cnt_id,
'select',
$_dbs,
$_tbl,
$msg
) ) {
$tree_api = new WPDA_Tree();
return $tree_api->get_tbl_vws( $dbs );
} else {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
} else {
return new \WP_Error('error', $msg, array(
'status' => 401,
));
}
}
}
public function app_lookup_cls( $request ) {
$app_id = $request->get_param( 'app_id' );
$cnt_id = $request->get_param( 'cnt_id' );
$dbs = $request->get_param( 'dbs' );
$tbl = $request->get_param( 'tbl' );
if ( $this->check_app_access(
$app_id,
$cnt_id,
'select',
$_dbs,
$_tbl,
$msg
) ) {
$tree_api = new WPDA_Tree();
return $tree_api->get_cls( $dbs, $tbl );
} else {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
} else {
return new \WP_Error('error', $msg, array(
'status' => 401,
));
}
}
}
public function app_lang( $request ) {
if ( !$this->current_user_can_access() ) {
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
$lang = $request->get_param( 'lang' );
update_option( self::WPDA_APP_DEFAULT_LANG, $lang );
return $this->WPDA_Rest_Response( __( 'Successfully saved changes', 'wp-data-access' ) );
}
public function app_meta( $request ) {
$app_id = $request->get_param( 'app_id' );
if ( !$this->main_app_access( $app_id, $msg ) ) {
if ( 'rest_cookie_invalid_nonce' === $msg ) {
return $this->invalid_nonce();
}
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
return $this->get_app_meta( $app_id );
}
public function app_settings( $request ) {
if ( !$this->current_user_can_access() ) {
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
$app_id = $request->get_param( 'app_id' );
$cnt_id = $request->get_param( 'cnt_id' );
$target = $request->get_param( 'target' );
$settings = $request->get_param( 'settings' );
$theme = $request->get_param( 'theme' );
return $this->do_app_settings(
$app_id,
$cnt_id,
$target,
$settings,
$theme
);
}
public function app_init( $request ) {
if ( !$this->current_user_can_access() ) {
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
return $this->get_app_init();
}
public function app_list( $request ) {
if ( !$this->current_user_can_access() ) {
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
return $this->get_app_list();
}
public function app_table_meta( $request ) {
$dbs = $request->get_param( 'dbs' );
$tbl = $request->get_param( 'tbl' );
$waa = $request->get_param( 'waa' );
if ( !$this->current_user_can_access() ) {
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
$table_api = new WPDA_Table();
return $this->WPDA_Rest_Response( '', $table_api->get_table_meta_data( $dbs, $tbl, $waa ) );
}
public function app_create( $request ) {
if ( !$this->current_user_can_access() ) {
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
// App details
$app_name = $request->get_param( 'app_name' );
$app_title = $request->get_param( 'app_title' );
$app_type = $request->get_param( 'app_type' );
$app_settings = $request->get_param( 'app_settings' );
// App container
$app_dbs = $request->get_param( 'app_dbs' );
$app_tbl = $request->get_param( 'app_tbl' );
$app_cls = $request->get_param( 'app_cls' );
$app_table = $request->get_param( 'app_table' );
return $this->do_app_create(
$app_name,
$app_title,
$app_type,
$app_settings,
$app_dbs,
$app_tbl,
$app_cls,
$app_table
);
}
public function app_createapp( $request ) {
if ( !$this->current_user_can_access() ) {
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
$app_name = $request->get_param( 'app_name' );
$app_title = $request->get_param( 'app_title' );
$app_type = $request->get_param( 'app_type' );
$app_settings = $request->get_param( 'app_settings' );
$app_apps = $request->get_param( 'app_apps' );
return $this->do_app_createapp(
$app_name,
$app_title,
$app_type,
$app_settings,
$app_apps
);
}
public function app_remove( $request ) {
if ( !$this->current_user_can_access() ) {
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
$app_id = $request->get_param( 'app_id' );
return $this->do_app_remove( $app_id );
}
public function app_save( $request ) {
if ( !$this->current_user_can_access() ) {
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
// App details
$app_id = $request->get_param( 'app_id' );
$app_name = $request->get_param( 'app_name' );
$app_title = $request->get_param( 'app_title' );
$app_type = $request->get_param( 'app_type' );
$app_settings = $request->get_param( 'app_settings' );
$app_add_to_menu = $request->get_param( 'app_add_to_menu' );
// App container
$app_dbs = $request->get_param( 'app_dbs' );
$app_tbl = $request->get_param( 'app_tbl' );
$app_cls = $request->get_param( 'app_cls' );
return $this->do_app_save(
$app_id,
$app_name,
$app_title,
$app_type,
$app_settings,
$app_add_to_menu,
$app_dbs,
$app_tbl,
$app_cls
);
}
public function app_saveapp( $request ) {
if ( !$this->current_user_can_access() ) {
return $this->unauthorized();
}
if ( !$this->current_user_token_valid( $request ) ) {
return $this->invalid_nonce();
}
$app_id = $request->get_param( 'app_id' );
$app_name = $request->get_param( 'app_name' );
$app_title = $request->get_param( 'app_title' );
$app_type = $request->get_param( 'app_type' );
$app_settings = $request->get_param( 'app_settings' );
$app_add_to_menu = $request->get_param( 'app_add_to_menu' );
$app_apps = $request->get_param( 'app_apps' );
return $this->do_app_saveapp(
$app_id,
$app_name,
$app_title,
$app_type,
$app_settings,
$app_add_to_menu,
$app_apps
);
}
private function do_app_settings(
$app_id,
$cnt_id,
$target,
$settings,
$theme
) {
if ( 1 > $app_id || 1 > $cnt_id || 'table' !== $target && 'form' !== $target && 'theme' !== $target ) {
return $this->bad_request();
}
if ( null === $settings || '' === $settings ) {
// Perform reset
switch ( $target ) {
case 'table':
$error_msg = WPDA_App_Container_Model::update_table_settings( $cnt_id, null );
if ( '' !== $error_msg ) {
return new \WP_Error('error', $error_msg, array(
'status' => 403,
));
}
break;
case 'form':
$error_msg = WPDA_App_Container_Model::update_form_settings( $cnt_id, null );
if ( '' !== $error_msg ) {
return new \WP_Error('error', $error_msg, array(
'status' => 403,
));
}
break;
case 'theme':
$error_msg = WPDA_App_Model::update_theme( $app_id, null );
if ( '' !== $error_msg ) {
return new \WP_Error('error', $error_msg, array(
'status' => 403,
));
}
break;
default:
return $this->bad_request();
}
return $this->WPDA_Rest_Response( __( 'Reset was successful', 'wp-data-access' ) );
}
if ( 'table' === $target ) {
// Update table settings
$error_msg = WPDA_App_Container_Model::update_table_settings( $cnt_id, $settings );
if ( '' !== $error_msg ) {
return new \WP_Error('error', $error_msg, array(
'status' => 403,
));
}
} else {
// Update form settings
$error_msg = WPDA_App_Container_Model::update_form_settings( $cnt_id, $settings );
if ( '' !== $error_msg ) {
return new \WP_Error('error', $error_msg, array(
'status' => 403,
));
}
}
$error_msg = WPDA_App_Model::update_theme( $app_id, $theme );
if ( '' !== $error_msg ) {
return new \WP_Error('error', $error_msg, array(
'status' => 403,
));
}
return $this->WPDA_Rest_Response( __( 'Successfully saved settings', 'wp-data-access' ) );
}
private function do_app_remove( $app_id ) {
WPDA_App_Apps_Model::delete( $app_id );
WPDA_App_Container_Model::delete( $app_id );
WPDA_App_Model::delete( $app_id );
return $this->WPDA_Rest_Response( __( 'Successfully deleted app', 'wp-data-access' ) );
}
private function do_app_create(
$app_name,
$app_title,
$app_type,
$app_settings,
$app_dbs,
$app_tbl,
$app_cls,
$app_table
) {
// Add app
$insert = WPDA_App_Model::create(
$app_name,
$app_title,
$app_type,
$app_settings
);
if ( false !== $insert['app_id'] ) {
$app_id = $insert['app_id'];
// Add app container
$container = WPDA_App_Container_Model::create(
$app_id,
$app_dbs,
$app_tbl,
json_encode( $app_cls ),
$app_title,
0,
$app_table
);
if ( false !== $container['cnt_id'] ) {
// App and container successfully saved
return $this->WPDA_Rest_Response( __( 'Successfully saved changes', 'wp-data-access' ) );
} else {
// Insert failed
// Remove previously created app
WPDA_App_Model::delete( $app_id );
return new \WP_Error('error', $container['msg'], array(
'status' => 403,
));
}
} else {
// Insert failed
return new \WP_Error('error', $insert['msg'], array(
'status' => 403,
));
}
}
private function do_app_createapp(
$app_name,
$app_title,
$app_type,
$app_settings,
$app_apps
) {
// Add app
$insert = WPDA_App_Model::create(
$app_name,
$app_title,
$app_type,
$app_settings
);
if ( false !== $insert['app_id'] ) {
// Add apps
if ( is_array( $app_apps ) ) {
$app_id = $insert['app_id'];
foreach ( $app_apps as $index => $app_id_detail ) {
// Insert app
WPDA_App_Apps_Model::create( $app_id, $app_id_detail, $index );
}
}
// App and details successfully saved
return $this->WPDA_Rest_Response( __( 'Successfully saved changes', 'wp-data-access' ) );
} else {
// Insert failed
return new \WP_Error('error', $insert['msg'], array(
'status' => 403,
));
}
}
private function get_app_init() {
return $this->WPDA_Rest_Response( '', array(
'roles' => $this->get_wp_roles(),
'users' => $this->get_wp_users(),
'lang' => get_option( self::WPDA_APP_DEFAULT_LANG ),
) );
}
private function get_app_list() {
$dataset = WPDA_App_Model::list();
$context = WPDA_App_Apps_Model::list();
return $this->WPDA_Rest_Response( '', $dataset, $context );
}
private function get_relation_columns( $container ) {
return null;
}
private function reorder_details( $cnt_id_from, $cnt_id_to ) {
return $this->bad_request();
}
private function get_app_apps_meta( $app, $apps ) {
$app_id_details = array_map( function ( $e ) {
if ( isset( $e['app_id_detail'] ) ) {
return $e['app_id_detail'];
}
}, $apps );
$app_titles = array();
foreach ( $app_id_details as $app_id_detail ) {
$app_detail = WPDA_App_Model::get_by_id( $app_id_detail );
if ( isset( $app_detail[0]['app_title'] ) ) {
$app_titles[$app_id_detail] = $app_detail[0]['app_title'];
}
}
$response = array(
'app' => array(
'app' => $app,
'container' => array(),
'apps' => $app_id_details,
'titles' => $app_titles,
),
);
$response['settings'] = $this->get_table_settings();
return $this->WPDA_Rest_Response( '', $response );
}
private function get_table_settings( $tbl = null, $dbs = null ) {
$settings = new stdClass();
if ( null !== $dbs && null !== $tbl ) {
$settings_db = WPDA_Table_Settings_Model::query( $tbl, $dbs );
if ( isset( $settings_db[0]['wpda_table_settings'] ) ) {
$settings = json_decode( (string) $settings_db[0]['wpda_table_settings'] );
// Remove old settings from response.
unset($settings->form_labels);
unset($settings->list_labels);
unset($settings->custom_settings);
unset($settings->search_settings);
}
}
$settings->env = $this->get_env();
global $wpdb;
$settings->wp = [
'roles' => $this->get_wp_roles(),
'users' => $this->get_wp_users(),
'home' => admin_url( 'admin.php' ),
'tables' => array_values( $wpdb->tables() ),
'date_format' => get_option( 'date_format' ),
'time_format' => get_option( 'time_format' ),
];
return $settings;
}
private function get_app_container_meta( $app_id, $container, $rel_tab = false ) {
$app = WPDA_App_Model::get_by_id( $app_id );
if ( false === $app ) {
return $this->bad_request();
}
if ( !isset( $container[0]['cnt_dbs'], $container[0]['cnt_tbl'], $container[0]['cnt_cls'] ) ) {
return $this->bad_request();
}
$dbs = $container[0]['cnt_dbs'];
$tbl = $container[0]['cnt_tbl'];
$response = array(
'app' => array(
'app' => $app,
'container' => array_map( function ( $value ) {
$show = current_user_can( 'manage_options' );
if ( !$show ) {
// Hide database and table name in responses for non admin users.
unset($value['cnt_dbs']);
unset($value['cnt_tbl']);
}
return $value;
}, $container ),
'apps' => array(),
),
);
$access = array(
'select' => array(),
'insert' => array(),
'update' => array(),
'delete' => array(),
);
$cls = WPDA_List_Columns_Cache::get_list_columns( $dbs, $tbl );
$media = $this->get_media( $dbs, $tbl, $cls->get_table_columns() );
$response['columns'] = $cls->get_table_columns();
$response['table_labels'] = $cls->get_table_header_labels();
$response['form_labels'] = $cls->get_table_column_headers();
$response['primary_key'] = $cls->get_table_primary_key();
$response['access'] = $access;
$response['settings'] = $this->get_table_settings( $tbl, $dbs );
$response['media'] = $media['media'];
$response['wp_media'] = $media['wp_media'];
$table_settings = json_decode( (string) $container[0]['cnt_table'], true );
if ( isset( $table_settings['table']['defaultWhere'] ) ) {
$default_where = $table_settings['table']['defaultWhere'];
} else {
$default_where = '';
}
$response['table_info'] = $this->get_table_info( $dbs, $tbl, $default_where );
return $this->WPDA_Rest_Response( '', $response );
}
private function get_app_meta( $app_id ) {
$app = WPDA_App_Model::get_by_id( $app_id );
if ( !isset( $app[0]['app_type'] ) ) {
return $this->bad_request();
}
if ( '5' === $app[0]['app_type'] || 5 === $app[0]['app_type'] ) {
// App container
$apps = WPDA_App_Apps_Model::select_all( $app_id, 0 );
return $this->get_app_apps_meta( $app, $apps );
} else {
// Other container
$container = WPDA_App_Container_Model::select( $app_id, 0 );
if ( !isset( $container[0] ) ) {
return $this->bad_request();
}
return $this->get_app_container_meta( $app_id, $container );
}
}
private function do_app_export( $app_id ) {
global $wpdb;
$quotes = function ( $value ) {
return str_replace( "'", "''", $value );
};
$app = WPDA_App_Model::get_by_id( $app_id );
$app_settings = ( null === $app[0]['app_settings'] ? 'null' : "{$quotes( $app[0]['app_settings'] )}" );
$app_theme = ( null === $app[0]['app_theme'] ? 'null' : "{$quotes( $app[0]['app_theme'] )}" );
$app_sql = <<<SQL
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES {$wpdb->charset} */;
# Import app
insert into `{$wpdb->prefix}wpda_app`
\t(`app_name`
\t,`app_title`
\t,`app_type`
\t,`app_settings`
\t,`app_theme`
\t,`app_add_to_menu`
\t)
values
\t('{$quotes( $app[0]['app_name'] )}'
\t,'{$quotes( $app[0]['app_title'] )}'
\t,{$app[0]['app_type']}
\t,'{$app_settings}'
\t,'{$app_theme}'
\t,{$app[0]['app_add_to_menu']}
\t);
SET @APP_ID = LAST_INSERT_ID();
SQL;
$containers = WPDA_App_Container_Model::select_all( $app_id );
$containers_sql = '';
foreach ( $containers as $container ) {
$cnt_table = ( null === $container['cnt_table'] ? 'null' : "{$quotes( $container['cnt_table'] )}" );
$cnt_form = ( null === $container['cnt_form'] ? 'null' : "{$quotes( $container['cnt_form'] )}" );
$cnt_relation = ( null === $container['cnt_relation'] ? 'null' : "{$quotes( $container['cnt_relation'] )}" );
// Replace default WordPress database with conversion string
$cnt_dbs = ( $wpdb->dbname === $container['cnt_dbs'] ? '{wp_schema}' : "{$quotes( $container['cnt_dbs'] )}" );
$cnt_table = str_replace( "\"dbs\":\"{$wpdb->dbname}\"", "\"dbs\":\"{wp_schema}\"", $cnt_table );
$cnt_form = str_replace( "\"dbs\":\"{$wpdb->dbname}\"", "\"dbs\":\"{wp_schema}\"", $cnt_form );
$containers_sql .= <<<SQL
# Import app container
insert into `{$wpdb->prefix}wpda_app_container`
\t(`cnt_dbs`
\t,`cnt_tbl`
\t,`cnt_cls`
\t,`cnt_title`
\t,`app_id`
\t,`cnt_seq_nr`
\t,`cnt_table`
\t,`cnt_form`
\t,`cnt_relation`
\t)
values
\t('{$cnt_dbs}'
\t,'{$quotes( $container['cnt_tbl'] )}'
\t,'{$quotes( $container['cnt_cls'] )}'
\t,'{$quotes( $container['cnt_title'] )}'
\t,@APP_ID
\t,{$container['cnt_seq_nr']}
\t,'{$cnt_table}'
\t,'{$cnt_form}'
\t,'{$cnt_relation}'
\t);
SQL;
if ( 0 === $container['cnt_seq_nr'] || '0' === $container['cnt_seq_nr'] ) {
$containers_sql .= <<<SQL
# Save master container ID
SET @CNT_ID_MASTER_OLD = {$container['cnt_id']};
select LAST_INSERT_ID(`cnt_id`) into @CNT_ID_MASTER_NEW from `{$wpdb->prefix}wpda_app_container` order by 1 desc limit 1;
SQL;
}
}
$apps = WPDA_App_Apps_Model::select_all( $app_id );
$apps_sql = '';
foreach ( $apps as $app ) {
$apps_sql .= <<<SQL
# Import app relationships
insert into `{$wpdb->prefix}wpda_app_apps`
\t(`app_id`
\t,`app_id_detail`
\t,`seq_nr`\t\t\t\t\t
\t)
values
\t(@APP_ID
\t,{$app['app_id_detail']}
\t,{$app['seq_nr']}\t\t\t\t\t
\t);
SQL;
}
// Post update: update master container ids
$containers_sql .= <<<SQL
# Update app master container IDs
update `{$wpdb->prefix}wpda_app_container`
set `cnt_relation` = replace(cnt_relation, '"cnt_id_master":"' + @CNT_ID_MASTER_OLD + '"', '"cnt_id_master":"' + @CNT_ID_MASTER_NEW + '"')
where `app_id` = @APP_ID
and `cnt_relation` is not null;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
SQL;
$data = array(
'data' => $app_sql . $containers_sql . $apps_sql,
);
return $this->WPDA_Rest_Response( __( 'App successfully exported', 'wp-data-access' ), $data );
}
private function do_app_copy( $app_id ) {
$copy = WPDA_App_Model::copy( $app_id );
if ( false === $copy['app_id'] ) {
return new \WP_Error('error', $copy['msg'], array(
'status' => 403,
));
} else {
return $this->WPDA_Rest_Response( __( 'App successfully copied', 'wp-data-access' ) );
}
}
private function do_app_saveapp(
$app_id,
$app_name,
$app_title,
$app_type,
$app_settings,
$app_add_to_menu,
$app_apps
) {
$error_msg = WPDA_App_Model::update(
$app_id,
$app_name,
$app_title,
$app_type,
$app_settings,
$app_add_to_menu
);
if ( '' !== $error_msg ) {
return new \WP_Error('error', $error_msg, array(
'status' => 403,
));
}
WPDA_App_Apps_Model::update( $app_id, $app_apps );
return $this->WPDA_Rest_Response( __( 'Changes successfully saved', 'wp-data-access' ) );
}
private function do_app_save(
$app_id,
$app_name,
$app_title,
$app_type,
$app_settings,
$app_add_to_menu,
$app_dbs,
$app_tbl,
$app_cls
) {
$error_msg = WPDA_App_Model::update(
$app_id,
$app_name,
$app_title,
$app_type,
$app_settings,
$app_add_to_menu
);
if ( '' !== $error_msg ) {
return new \WP_Error('error', $error_msg, array(
'status' => 403,
));
}
$error_msg = WPDA_App_Container_Model::update_master(
$app_id,
$app_dbs,
$app_tbl,
json_encode( $app_cls ),
0
);
if ( '' !== $error_msg ) {
return new \WP_Error('error', $error_msg, array(
'status' => 403,
));
}
return $this->WPDA_Rest_Response( __( 'Changes successfully saved', 'wp-data-access' ) );
}
private function main_app_access( $app_id, &$msg = '' ) {
// Get app info
$app = WPDA_App_Model::get_by_id( $app_id );
if ( false === $app ) {
// App not found
$msg = __( 'Bad request', 'wp-data-access' );
return false;
}
// Check access
$app_settings_db = $app[0]['app_settings'];
$app_settings = json_decode( (string) $app_settings_db, true );
if ( !isset( $app_settings['rest_api']['authorization'], $app_settings['rest_api']['authorized_roles'], $app_settings['rest_api']['authorized_users'] ) || !is_array( $app_settings['rest_api']['authorized_roles'] ) || !is_array( $app_settings['rest_api']['authorized_users'] ) ) {
// App contain no rest api settings
$msg = __( 'Bad request', 'wp-data-access' );
return false;
}
if ( !$this->current_user_can_access() && 'anonymous' !== $app_settings['rest_api']['authorization'] ) {
// Check authorization
// Check user role
$user_roles = WPDA::get_current_user_roles();
if ( !is_array( $user_roles ) || empty( array_intersect( $app_settings['rest_api']['authorized_roles'], $user_roles ) ) ) {
// Check user login
$user_login = WPDA::get_current_user_login();
if ( !in_array( $user_login, $app_settings['rest_api']['authorized_users'] ) ) {
$msg = __( 'Unauthorized', 'wp-data-access' );
return false;
}
}
}
return true;
}
public function check_app_access(
$app_id,
$cnt_id,
$action,
&$dbs,
&$tbl,
&$msg = '',
&$settings = array()
) {
if ( !$this->main_app_access( $app_id, $msg ) ) {
return false;
}
// Get container
$container = WPDA_App_Container_Model::get_container( $cnt_id );
if ( !is_array( $container ) || 0 === count( $container ) ) {
// Container not found
$msg = __( 'Bad request', 'wp-data-access' );
return false;
}
if ( 'select' !== $action ) {
$cnt_table = json_decode( (string) $container[0]['cnt_table'], true );
if ( !isset( $cnt_table['table']['transactions'][$action] ) || false === $cnt_table['table']['transactions'][$action] ) {
$cnt_relation = json_decode( (string) $container[0]['cnt_relation'], true );
if ( !(isset( $cnt_relation['cnt_id_master'] ) && $this->check_master_container_access( $cnt_relation['cnt_id_master'], $action )) ) {
$msg = __( 'Unauthorized', 'wp-data-access' );
return false;
}
}
}
// Return database name, table name and columns
$dbs = $container[0]['cnt_dbs'];
$tbl = $container[0]['cnt_tbl'];
$settings = array(
'columns' => json_decode( (string) $container[0]['cnt_cls'], true ),
'table' => json_decode( (string) $container[0]['cnt_table'], true ),
'form' => json_decode( (string) $container[0]['cnt_form'], true ),
);
return true;
}
private function check_master_container_access( $cnt_id, $action ) {
$container = WPDA_App_Container_Model::get_container( $cnt_id );
if ( !is_array( $container ) || 0 === count( $container ) ) {
// Container not found
return false;
}
$cnt_table = json_decode( (string) $container[0]['cnt_table'], true );
if ( !isset( $cnt_table['table']['transactions'][$action] ) || false === $cnt_table['table']['transactions'][$action] ) {
$cnt_relation = json_decode( (string) $container[0]['cnt_relation'], true );
if ( !(isset( $cnt_relation['cnt_id_master'] ) && $this->check_master_container_access( $cnt_relation['cnt_id_master'], $action )) ) {
return false;
}
}
return true;
}
private function process_params(
$where,
$search_custom,
$search_params,
$shortcode_params
) {
// Process $search_custom > URL parameters
global $wpdb;
foreach ( self::METHODS as $method ) {
$offset = 0;
$search = $method . '[';
while ( ($pos_start = stripos( $where, $search, $offset )) !== false ) {
if ( ($pos_end = stripos( $where, ']', $pos_start )) !== false ) {
// Get filter
$filter = substr( $where, $pos_start, $pos_end - $pos_start + 1 );
// Get name
$arg_name = substr( $where, $pos_start + strlen( $search ), $pos_end - $pos_start - strlen( $search ) );
// Remove quotes from name
if ( substr( $arg_name, 0, 1 ) === "'" && substr( $arg_name, -1 ) === "'" ) {
$arg_name = substr( $arg_name, 1, -1 );
}
// Remove double quotes from name
if ( substr( $arg_name, 0, 1 ) === '"' && substr( $arg_name, -1 ) === '"' ) {
$arg_name = substr( $arg_name, 1, -1 );
}
// Handle GET args
if ( $method === self::METHODS[0] || $method === self::METHODS[2] ) {
if ( isset( $search_custom['get'][$arg_name] ) ) {
$arg_value = sanitize_text_field( wp_unslash( $search_custom['get'][$arg_name] ) );
$where = $wpdb->prepare( substr_replace(
$where,
'%s',
$pos_start,
$pos_end - $pos_start + 1
), $arg_value );
} else {
if ( $method === self::METHODS[0] ) {
$where = str_replace( $filter, 'null', $where );
}
}
}
// Handle POST args
if ( $method === self::METHODS[1] || $method === self::METHODS[2] ) {
if ( isset( $search_custom['post'][$arg_name] ) ) {
$arg_value = sanitize_text_field( wp_unslash( $search_custom['post'][$arg_name] ) );
$where = $wpdb->prepare( substr_replace(
$where,
'%s',
$pos_start,
$pos_end - $pos_start + 1
), $arg_value );
} else {
$where = str_replace( $filter, 'null', $where );
}
}
}
$offset = $pos_start + 6;
if ( $offset > strlen( $where ) ) {
$offset = strlen( $where ) - 1;
}
}
}
// Process $search_params > shortcode parameters
if ( is_array( $search_params ) && 1 === count( $search_params ) ) {
$filter_field_name = $this->sanitize_db_identifier( array_keys( $search_params )[0] );
$filter_field_value = sanitize_text_field( $search_params[$filter_field_name] );
$filter_field_name_array = array_map( 'trim', explode( ',', $filter_field_name ) );
//phpcs:ignore - 8.1 proof
$filter_field_value_array = array_map( 'trim', explode( ',', $filter_field_value ) );
//phpcs:ignore - 8.1 proof
if ( count( $filter_field_name_array ) === count( $filter_field_value_array ) ) {
//phpcs:ignore - 8.1 proof
// Add filter to where clause.
for ($i = 0; $i < count( $filter_field_name_array ); $i++) {
// phpcs:ignore Generic.CodeAnalysis.ForLoopWithTestFunctionCall, Squiz.PHP.DisallowSizeFunctionsInLoops
$where .= (( '' === $where ? '' : ' and ' )) . $wpdb->prepare(
' `%1s` like %s ',
// phpcs:ignore WordPress.DB.PreparedSQLPlaceholders
array($filter_field_name_array[$i], $filter_field_value_array[$i])
);
}
}
}
// Substitute all shortcode parameters
if ( is_array( $shortcode_params ) ) {
foreach ( $shortcode_params as $column_name => $column_value ) {
$occurences = substr_count( strtolower( $where ), strtolower( "shortcodeParam['{$column_name}']" ) );
if ( 0 < $occurences ) {
$column_values = array();
for ($i = 0; $i < $occurences; $i++) {
$column_values[] = sanitize_text_field( $column_value );
}
$where = $wpdb->prepare( str_ireplace( "shortcodeParam['{$column_name}']", '%s', $where ), $column_values );
}
}
}
// Substitute all unused shortcode parameter calls with null
$offset = 0;
$search = "shortcodeParam['";
while ( ($pos_start = stripos( $where, $search, $offset )) !== false ) {
if ( ($pos_end = stripos( $where, "']", $pos_start )) !== false ) {
$shortcode_value = substr( $where, $pos_start, $pos_end - $pos_start + 2 );
$where = str_ireplace( $shortcode_value, 'null', $where );
}
$offset = $pos_start + 4;
if ( $offset > strlen( $where ) ) {
$offset = strlen( $where ) - 1;
}
}
return $where;
}
}