.
if (!defined('EG')) die('Direct access not allowed!');
class GenericController extends BaseController
{
protected $_controllerName = null; //as in the URL
public $orderPopup;
public function __construct($model, $controller, $queryString) {
parent::__construct($model, $controller, $queryString);
$this->model('UsersModel');
$popup = new Popup();
$popup->name = gtext('sort by');
switch ($this->controller)
{
case 'printers':
$popup->itemsName = array('last inserted','alphabetically','alphabetically desc','compatibility');
$popup->itemsValue = array('last-inserted','alphabetically','alphabetically-desc','compatibility');
break;
case 'notebooks':
$popup->itemsName = array('last inserted','alphabetically','alphabetically desc','compatibility');
$popup->itemsValue = array('last-inserted','alphabetically','alphabetically-desc','compatibility');
break;
case 'scanners':
$popup->itemsName = array('last inserted','alphabetically','alphabetically desc','compatibility');
$popup->itemsValue = array('last-inserted','alphabetically','alphabetically-desc','compatibility');
break;
default:
$popup->itemsName = array('last inserted','alphabetically','alphabetically desc');
$popup->itemsValue = array('last-inserted','alphabetically','alphabetically-desc');
break;
}
$this->orderPopup = $popup;
$data['isApproved'] = true;
$this->append($data);
}
protected function insert($lang = 'en', $token = '')
{
$this->shift(2);
if ( strcmp($this->_updating,'no') !== 0 ) $this->redirect('users/login/'.$this->lang,0);
$clean['token'] = sanitizeAlphanum($token);
$data['descriptionPreview'] = null; //contains the HTML of the preview of the description entry
$data['notice'] = null;
$data['submission_response'] = 'error';
$data['tree'] = $this->getSpecHardLink() . " » " . " ".gtext("Insert")."";
$this->s['registered']->checkStatus();
if ($this->s['registered']->status['status'] === 'logged' or Website::$allowAnonymousSubmission === "yes")
{
// if (!$this->s['registered']->checkCsrf($clean['token'])) $this->redirect($this->controller.'/catalogue/'.$this->lang,2,'wrong token..');
// if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) $this->redirect('my/home/'.$this->lang,2,'your account has been blocked..');
if (isset($_POST['insertAction']))
{
if ($this->checkDist())
{
$pci_id = $this->request->post('pci_id','','sanitizeAll');
$interface = $this->request->post('interface','not-defined','sanitizeAll');
if ($this->checkVendorId($interface))
{
if (strcmp($this->m['HardwareModel']->type,'notebook') !== 0)
{
$this->m['HardwareModel']->values['vendor'] = sanitizeAll(Vendors::getName($pci_id,$interface));
$this->m['HardwareModel']->databaseConditions['insert']['+checkUnique'] = 'pci_id|VendorID:ProductID is already present in the database. This means that the device you are trying to insert is already in the database. See here: '.$this->getAlreadyExixtsLink($pci_id);
}
//insert the new device
$this->m['HardwareModel']->updateTable('insert');
if ($this->m['HardwareModel']->queryResult)
{
if (strcmp($this->controller,'notebooks') === 0)
{
@session_start();
$_SESSION['notebook_inserted'] = 'yes';
}
$data['submission_response'] = 'executed';
}
// if ($this->m['HardwareModel']->queryResult)
// {
// $data['submission_response'] = 'executed';
// }
$this->viewRedirect($this->m['HardwareModel']->lastId);
}
}
}
$data['descriptionPreview'] = $this->getPreview();
$data['notice'] = $this->m['HardwareModel']->notice;
$data['submitName'] = "insertAction";
$data['hiddenInput'] = null;
$data['values'] = $this->m['HardwareModel']->getFormValues('insert','sanitizeHtml');
$this->append($data);
if (!isset($_POST['from_client']))
{
$this->load('top_left');
$this->load('license_notice');
$this->load('form');
$this->load('bottom_left');
$this->right();
}
else
{
header ("Content-Type:text/xml");
$this->clean();
$this->load('xml_response');
}
}
else
{
$this->redirect("users/login/".$this->lang."?redirect=".$this->controller."/catalogue/".$this->lang,0);
}
}
public function del($lang = 'en', $token = '')
{
header('Content-type: text/html; charset=UTF-8');
$this->shift(2);
$this->clean();
$clean['token'] = sanitizeAlphanum($token);
if ($this->s['registered']->status['status'] === 'logged')
{
if (!$this->s['registered']->checkCsrf($clean['token'])) die("wrong token");
if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) die("your account has been blocked");
$clean['id_user'] = (int)$this->s['registered']->status['id_user'];
$clean['id_hard'] = $this->request->post('id_hard',0,'forceInt');
$this->model("DeletionModel");
$numb = $this->m['DeletionModel']->where(array("id_hard"=>$clean['id_hard'],"created_by"=>$clean['id_user']))->rowNumber();
if ($numb === 0)
{
$id_dup = $this->request->post('id_duplicate',0,'forceInt');
$object = $this->request->post('object','','sanitizeAll');
if ($id_dup === 0 and strcmp($object,'duplication') === 0)
{
echo "you have no specified the device duplicated by this model";
}
else
{
$this->m['DeletionModel']->setFields('id_hard:forceInt,object,message,id_duplicate:forceInt','sanitizeAll');
$this->m['DeletionModel']->values['created_by'] = $clean['id_user'];
$this->m['DeletionModel']->updateTable('insert');
if ($this->m['DeletionModel']->queryResult)
{
$hard = new HardwareModel();
$c = $hard->where(array('id_hard'=>$clean['id_hard'],'ask_for_del'=>'yes'))->rowNumber();
if ($c < 1)
{
$hard->db->update('hardware','ask_for_del',array('yes'),'id_hard='.$clean['id_hard']);
}
echo "operation executed";
}
else
{
echo "one error occurred, please try later";
}
}
}
else
{
echo "you have already asked for the deletion of this device";
}
}
}
protected function update($lang = 'en', $token = '')
{
$this->shift(2);
$clean['token'] = sanitizeAlphanum($token);
$data['descriptionPreview'] = null; //contains the HTML of the preview of the description entry
$data['notice'] = null;
$data['submission_response'] = 'error';
$this->s['registered']->checkStatus();
if (isset($_POST['id_hard']))
{
//get the id
$clean['id_hard'] = isset($_POST['id_hard']) ? (int)$_POST['id_hard'] : 0;
if ($this->s['registered']->status['status'] === 'logged')
{
if (!$this->s['registered']->checkCsrf($clean['token'])) $this->redirect($this->controller.'/catalogue/'.$this->lang,2,'wrong token..');
if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) $this->redirect('my/home/'.$this->lang,2,'your account has been blocked..');
if ($this->m['HardwareModel']->isCleared($clean['id_hard'])) $this->redirect('generic/cleared/'.$this->lang,0);
$deleted = $this->m['HardwareModel']->select("hardware.deleted")->where(array("id_hard"=>$clean['id_hard']))->limit(1)->toList('deleted')->send();
if (strcmp($deleted[0],'no') === 0)
{
$ne_name = $this->m['HardwareModel']->getTheModelName($clean['id_hard']);
$name = encodeUrl($ne_name);
$data['name'] = $name;
$data['ne_name'] = $ne_name;
$data['tree'] = $this->getSpecHardLink() . " » " . $this->getViewLink($clean['id_hard'],$ne_name) . " » ".gtext("Edit")."";
if (isset($_POST['updateAction']))
{
if ($this->checkDist())
{
$pci_id = $this->request->post('pci_id','','sanitizeAll');
$interface = $this->request->post('interface','not-defined','sanitizeAll');
if ($this->checkVendorId($interface))
{
if (strcmp($this->m['HardwareModel']->type,'notebook') !== 0)
{
$this->m['HardwareModel']->values['vendor'] = sanitizeAll(Vendors::getName($pci_id,$interface));
$this->m['HardwareModel']->databaseConditions['update']['+checkUniqueCompl'] = 'pci_id|VendorID:ProductID is already present in the database. This means that the device you are trying to insert is already in the database. See here: '.$this->getAlreadyExixtsLink($pci_id);
}
//carry out the update database action
$this->m['HardwareModel']->updateTable('update');
if ($this->m['HardwareModel']->queryResult)
{
$data['submission_response'] = 'executed';
}
$this->viewRedirect($this->m['HardwareModel']->lastId);
}
}
}
$data['descriptionPreview'] = $this->getPreview();
$data['notice'] = $this->m['HardwareModel']->notice;
$data['id_hard'] = $clean['id_hard'];
$data['submitName'] = "updateAction";
// echo $this->m['HardwareModel']->fields;
$data['values'] = $this->m['HardwareModel']->getFormValues('update','sanitizeHtml');
$data['hiddenInput'] = "\n";
$this->append($data);
if (!isset($_POST['from_client']))
{
$this->load('top_left');
$this->load('license_notice');
$this->load('form');
$this->load('bottom_left');
$this->right();
}
else
{
header ("Content-Type:text/xml");
$this->clean();
$this->load('xml_response');
}
}
else
{
$this->redirect($this->controller.'/catalogue/'.$this->lang,2,'deleted..');
}
}
else
{
$this->redirect("users/login/".$this->lang."?redirect=".$this->controller."/view/".$this->lang."/".$clean['id_hard'],0);
}
}
else
{
$this->redirect($this->controller.'/catalogue/'.$this->lang);
}
}
//get the preview of the description entry
protected function getPreview()
{
if (isset($_POST['previewAction']))
{
$this->m['HardwareModel']->result = false;
return $this->request->post('description','','sanitizeHtml');
}
return null;
}
protected function checkVendorId($interface)
{
if (strcmp($this->m['HardwareModel']->type,'notebook') === 0) return true;
if (array_key_exists('pci_id',$_POST))
{
if (strcmp($_POST['pci_id'],"") !== 0)
{
if (preg_match('/^[a-zA-Z0-9]{4}(\:)[a-zA-Z0-9]{4}$/',$_POST['pci_id']))
{
if (Vendors::check($_POST['pci_id'],$interface))
{
return true;
}
else
{
$this->m['HardwareModel']->result = false;
$this->m['HardwareModel']->notice = "
Your vendor has not been found.
Your vendorid code is not present in the list. If it is a USB device, please choose the right interface (USB), otherwise the system will check inside the PCI ID vendors' list. If it is not a USB device, and you are not sure about the right interface, choose not-defined, and it should work fine (the system will check inside the PCI ID vendors' list if you choose an interface other than USB).
If your vendor has not been found yet, please open an issue here in order to ask the insertion of your vendor.
If your vendor has not been found you could also send your PCI ID or USB ID to the PCI ID repository (http://pciids.sourceforge.net/) or to the USB ID repository (http://www.linux-usb.org/usb-ids.html).