drupal_module__qbf/qbf.module

<?php
/**
 * @file
 * Query By Form
 *
 * This module allows node modules to add a query by form tab for their node
 * types to the default search form
 *
 * @copyright 2008-2009 Ouest Systemes Informatiques (OSInet)
 * @author Frederic G. MARAND
 * @license Licensed under the CeCILL 2.0 and the General Public Licence version 2 or later
 * @package QBF
 */

// $Id: qbf.module,v 1.9.4.3 2009-03-17 18:48:53 marand Exp $

/**
 * Saved error reporting level.
 *
 * QBF module is supposed to pass parsing at E_ALL|E_STRICT, but other modules
 * may not be so strict, so we save the level at the start of the module and
 * restore it at the end of the module.
 */
global $_qbf_er;

$_qbf_er = error_reporting(E_ALL | E_STRICT);

/**
 * Remove this element from the generated form
 */
define('QBF_LEVEL_REMOVE',           0);
/**
 * This element is only for display in the generated form: do not include it
 * in the query vector.
 */
define('QBF_LEVEL_DISPLAY',          1);
/**
 * Include this element in the generated form and in the query vector, but do
 * not mark it as required.
 */
define('QBF_LEVEL_OPTIONAL',         2);
/**
 * Include this element in the generated form and in the query vector, and
 * mark it as required.
 */
define('QBF_LEVEL_REQUIRED',         3);

/**
 * The main QBF path.
 *
 * It MUST be a single component path, without a "/", otherwise qbf_menu() will
 * need to be changed.
 *
 * @ingroup paths
 * @see qbf_menu()
 */
define('QBF_PATH_MAIN',              'qbf');
/**
 * The QBF autocomplete path for search fields
 * @ingroup paths
 */
define('QBF_PATH_AC',                'qbf/ac');
/**
 * The path to the QBF settings page
 */
define('QBF_PATH_SETTINGS',          'admin/settings/qbf');

/**
 * Authorize use of QBF searches
 */
define('QBF_PERM_QUERY',             'use QBF search functions');
/**
 * Authorize QBF administration
 */
define('QBF_PERM_ADMIN',             'administer QBF');

/**
 * The name of the table used to store queries
 */
define('QBF_TABLE_NAME',             'qbf_queries');

/**
 * Notify owner about saved query deletions, variable name.
 */
define('QBF_VAR_NOTIFY_DELETE',      'qbf_notify_delete');
/**
 * Notify owner about saved query deletions, default value.
 */
define('QBF_DEF_NOTIFY_DELETE',      FALSE);

class Qbf_Query
  {
  public $qid;
  public $uid;
  public $name;
  public $query;
  public $created;
  public $updated;

  /**
   * Constructor
   *
   * @param string $name
   * @param array $ar_values
   * @return void
   */
  public function __construct($name, $ar_values)
    {
    global $user;
    $this->qid = 0; // will be autoset by the DB serial
    $this->uid = $user->uid;
    $this->name = $name;
    $this->query = serialize($ar_values);
    $this->created = $this->updated = time();
    }

  /**
   * Save a named query to the DB, erasing previous homonym queries is any exists.
   *
   * @return int
   */
  public function save()
    {
    // Avoid duplicates
    if (!empty($this->name))
      {
      $sq = "DELETE FROM {%s} WHERE name = '%s'";
      db_query($sq, QBF_TABLE_NAME, $name);
      }

    $ret = drupal_write_record(QBF_TABLE_NAME, $this); // no update param: we just deleted the previous version
    dsm($this);
    if ($ret) // has to be SAVED_NEW, by construction
      {
      $ret = $this->qid; // from serial
      }
    return $ret;
    }
  }

/**
 * Recursively build a query array from the form and its values
 *
 * In the current version, element names are supposed to be unique, even at
 * different levels in the tree.
 *
 * @ingroup forms
 * @param array $form
 * @param array $form_values
 */
function _qbf_extract_query($form, $form_values)
  {
  $name = $form['#parents'][0];
  // Elements which are removed or display-only have no place in the query
  if (array_key_exists('#qbf', $form) && array_key_exists('#level', $form['#qbf'])
    && $form['#qbf']['#level'] >= QBF_LEVEL_OPTIONAL)
    {
    $ret = array($name => $form_values[$name]);
    }
  else
    {
    $ret = array();
    }

  // QBF level is not inherited, so this loop is outside the "if" above
  foreach (element_children($form) as $child_name)
    {
    $ret += _qbf_extract_query($form[$child_name], $form_values);
    }

  return $ret;
  }

/**
 * Delete a query by qid
 *
 * In the qbf/<qid>/delete case, $query has been tested for validity and access
 * in qbf_query_load(), so it is safe and accessible.
 *
 * Outside this context, the function can also be invoken with just a qid, and
 * the same check via qbf_query_load() will be performed.
 *
 * @param mixed $query
 *   int or object
 */
function _qbf_query_delete($query)
  {
  global $user;

  if (is_int($query))
    {
    $query = qbf_query_load($query);
    }

  if ($query) // access already checked in explicit or implicit qbf_query_load
    {
    $qid = $query->qid;
    $sq = 'DELETE FROM %s WHERE qid = %d ';
    $q = db_query($sq, QBF_TABLE_NAME, $qid);
    $message = t('Query @id "@name" has been deleted.', array
      (
      '@id'   => $qid,
      '@name' => $query->name,
      ));
    drupal_set_message($message, 'status');
    $link = l($qid, QBF_PATH_MAIN .'/'. $qid .'/delete');
    $notify = variable_get(QBF_VAR_NOTIFY_DELETE, QBF_DEF_NOTIFY_DELETE);

    watchdog('qbf', $message, NULL, WATCHDOG_NOTICE, $link);
    // access check: we only send the message to the query owner, so access is
    // granted without an additional check
    if ($notify /* && $query->uid != $user->uid */)
      {
      $owner = user_load(array('uid' => $query->uid));
      $language = user_preferred_language($account);
      $params = array
        (
        'query'    => $query,
        'owner'    => $owner, // unused by default, but can be used in a hook_mail_alter() implementation
        'deletor'  => $user,
        'language' => $language,
        );
      $ret = drupal_mail('qbf', __FUNCTION__, $user->mail, $language, $params, $user->mail);
      drupal_set_message(t('User !link has been informed', array
        (
        '!link' => l($account->name, 'user/'. $query->uid),
        )));
      // dsm(array("QQD, ret" => $ret));
      }
    }
  else {
    $message = t('Failed attempt to delete query @qid. Administrator has been alerted.', array
      (
      '@qid' => $qid,
      ));
    drupal_set_message($message, 'error');
    watchdog('qbf', $message, NULL, WATCHDOG_ERROR, $link);
    }
  drupal_goto();
}

/**
 * Transform a form element for QBF.
 *
 * QBF-specific properties are:
 * - #qbf : array of properties
 * - #level: only within #qbf
 *
 * See QBF_* constants
 *
 * @ingroup forms
 * @param string $key
 * @param array $element
 * @return void
 */
function _qbf_transform_element($key, $element) {
  // dsm(array('key' => $key, 'element' => $element));

  /**
   * List default type transformations applied to widget by FAPI.
   *
   * Types without a default transformation are not transformed
   */
  static $ar_default_type_transformations = array
    (
    'button'         => NULL, // no content
    'file'           => NULL, // non-querable (yet ?)
    'image_button'   => NULL, // new in D6
    'markup'         => NULL, // no content
    'password'       => NULL, // forbidden
    'radio'          => NULL, // single radio is useless, unlike a set of them
    'submit'         => NULL, // no content
    'textarea'       => 'textfield', // reduce text for searches

    // Don't transform these:
    // 'checkbox'       => NULL,
    // 'checkboxes'     => NULL,
    // 'date'           => NULL,
    // 'fieldset'       => NULL, // useful visually
    // 'form'           => NULL, // removing it would delete the whole shebang
    // 'hidden'         => NULL, // non-querable visually, but may be useful
    // 'item'           => NULL,
    // 'radios'         => NULL,
    // 'select'         => NULL,
    // 'textfield'      => NULL,
    // 'value'          => 'value',
    // 'weight'         => NULL,
    );

  /**
   * List default property transformations applied to widget by FAPI property.
   *
   * Properties without a default transformation are not transformed
   */
  static $ar_default_property_transformations = array
    (
    // Standard properties
    '#action'        => NULL,
    '#after_build'   => NULL,
    // '#base'          => NULL, // gone in D6
    '#button_type'   => NULL,
    '#built'         => NULL,
    '#description'   => NULL,
    '#method'        => NULL,
    '#parents'       => NULL,
    '#redirect'      => NULL,
    '#ref'           => NULL,
    '#required'      => NULL,
    '#rows'          => NULL,
    '#submit'        => NULL,
    '#tree'          => NULL,
    '#validate'      => NULL,
    );

  /**
   * List properties causing causing element removal.
   *
   * The key is the property name, the value is the one causing removal.
   */
  static $ar_killer_properties = array
    (
    '#disabled'      => TRUE,
    );

  // Transform type
  $source_type = $element['#type'];
  // .. Default transformation
  $dest_type = array_key_exists($source_type, $ar_default_type_transformations)
    ? $ar_default_type_transformations[$source_type]
    : $source_type;
  // .. Apply form-defined type override
  if (isset($element['#qbf']['#type']))
    {
    $dest_type = $element['#qbf']['#type'];
    }

  if (is_null($dest_type))
    {
    $ret = NULL;
    }
  else
    {
    $ret = $element;
    $ret['#type'] = $dest_type;
    if (!array_key_exists('#qbf', $element) || $element['#qbf']['#level'] == QBF_LEVEL_REMOVE)
      {
      $ret = NULL;
      }
    else
      {
      foreach (element_properties($element) as $property_name)
        {
        // Apply killer properties first to avoid useless work
        if (array_key_exists($property_name, $ar_killer_properties)
          && ($element[$property_name] = $ar_killer_properties[$property_name]))
          {
          $ret = NULL;
          break;
          }

        // Now transform or copy remaining properties
        if (array_key_exists($property_name, $ar_default_property_transformations))
          {
          $ret[$property_name] = $ar_default_property_transformations[$property_name];
          }
        else
          {
          $ret[$property_name] = $element[$property_name];
          }

        // And apply form-defined property overrides
        if ($property_name == '#qbf')
          {
          foreach ($element[$property_name] as $override_name => $override_value)
            {
            $ret[$override_name] = $override_value;
            }
          }
        }

      // Recursively transform children
      foreach (element_children($element) as $child_name)
        {
        $child = _qbf_transform_element($child_name, $element[$child_name]);
        if (is_null($child))
          {
          unset($ret[$child_name]);
          }
        else
          {
          $ret[$child_name] = $child;
          }
        }
      }
    }

  //dsm(array('key' => $key, 'transformed element' => $ret));
  return $ret;
  }

/**
 * Implement the former hook_settings().
 *
 * @return array
 */
function qbf_admin_settings()
  {
  $form = array();
  $form[QBF_VAR_NOTIFY_DELETE] = array
    (
    '#type'          => 'checkbox',
    '#default_value' => variable_get(QBF_VAR_NOTIFY_DELETE, QBF_DEF_NOTIFY_DELETE),
    '#title'         => t('Notify users when one of their saved searches has been deleted'),
    );
  return system_settings_form($form);
  }

/**
 * Implement hook_forms().
 *
 * @ingroup forms
 * @ingroup hooks
 * @return array
 */
function qbf_forms()
  {
  $hook_name = 'qbf_register';

  // More efficient than using module_invoke_all: we avoid array-merging + re-looping
  foreach (module_implements($hook_name) as $module)
    {
    foreach (module_invoke($module, $hook_name) as $form_name)
      {
      $forms["qbf_$form_name"] = array
        (
        'callback'           => 'qbf_transform_form',
        'callback arguments' => array($form_name),
        );
      }
    }

  return $forms;
  }

/**
 * List queries owned by a given user.
 *
 * @param int $uid > 0
 * @return array
 */
function qbf_get_queries_by_user($uid = NULL)
  {
  if (is_null($uid))
    {
    global $user;
    $uid = $user->uid;
    }

  $sq = 'SELECT qq.qid, qq.uid, qq.name, qq.query, qq.updated '
      . 'FROM {%s} qq '
      . 'WHERE qq.uid = %d '
      . 'ORDER BY qq.name ';
  // no db_rewrite_sql: this function is not in a menu callback, so it is up to
  // the caller to check access
  $q = db_query($sq, QBF_TABLE_NAME, $uid);
  $ret = array();
  while ($o = db_fetch_object($q))
    {
    $ret[$o->qid] = $o; // qid is the PK, so it is present and unique
    }
  return $ret;
  }

/**
 * Implement hook_menu().
 *
 * @return array
 */
function qbf_menu()
  {
  $items = array();

  $items[QBF_PATH_SETTINGS] = array
    (
    'title'            => 'Query-By-Form',
    'access arguments' => array(QBF_PERM_ADMIN),
    'page callback'    => 'drupal_get_form',
    'page arguments'   => array('qbf_admin_settings'),
    'type'             => MENU_NORMAL_ITEM,
    );

  $items[QBF_PATH_MAIN . '/%qbf_query/delete'] = array
    (
    'type'             => MENU_CALLBACK,
    'access arguments' => array(QBF_PERM_QUERY),
    'page callback'    => '_qbf_query_delete',
    'page arguments'   => array(1),
    );

  return $items;
  }

/**
 * Implement hook_mail().
 *
 * @param string $key
 * @param array $message
 * @param array $params
 * @return void
 */
function qbf_mail($key, &$message, $params)
  {
  // dsm(array('QBF_mail key' => $key, 'message' => $message, 'params' => $params));

  $deletor_tokens = user_mail_tokens($params['deletor'], $params['language']->language);
  $tokens = array_merge($deletor_tokens, array
    (
    '!qname' => $params['query']->name,
    '!qid'   => $params['query']->qid,
    ));

  $message['subject'] = t('Effacement d\'une recherche !site enregistrée', $tokens);
  $message['body'] = t("!date\n\nVotre recherche !qid: !qname\nsur le site !site vient d'être effacée par !username.", $tokens);
  }

/**
 * Implement hook_perm().
 *
 * @todo D7: Format will change
 * @see http://drupal.org/node/224333#descriptions-permissions
 *
 * @ingroup hooks
 * @return array
 */
function qbf_perm()
  {
  $ret = array
    (
    QBF_PERM_ADMIN,
    QBF_PERM_QUERY,
    );

  return $ret;
  }

/**
 * Load a saved QBF query.
 *
 * @see qbf_import_values()
 * @link http://drupal.org/node/109153#load @endlink
 *
 * @param int $qid
 * @return array A form_values array usable by qbf_import_values
 */
function qbf_query_load($qid)
  {
  static $query = NULL;

  if (is_null($query))
    {
    $sq = 'SELECT qq.qid, qq.uid, qq.query, qq.name '
        . 'FROM {%s} qq '
        . 'WHERE qq.qid = %d ';
    // db_rewrite_sql does not apply here: access control is further down
    $q = db_query($sq, QBF_TABLE_NAME, $qid);
    $query = db_fetch_object($q); // 0 or 1 row: we are querying on the primary key
    // FALSE does not happen: only NULL or a value can be here
    if ($query !== NULL)
      {
      $query->query = unserialize($query->query);
      //dsm($query);
      }
    }

  global $user;
  $ret = (isset($query) && isset($query->uid) && (($query->uid == $user->uid) || user_access(QBF_PERM_ADMIN)))
    ? $query
    : FALSE;

  return $ret;
  }

/**
 * Provide an optional automatic mapping mechanism for query building.
 *
 * This function takes a partly built query map $ar_queryMap, and a defaults
 * array to complete it in $ar_defaults, and returns a fully built query array
 * ready to be used for querying.
 *
 * @param array $ar_query_map
 * @param array $ar_defaults
 * @return array
 */
function qbf_query_mapper($ar_query_map = array(), $ar_defaults = array())
  {
  $ret = array();

  foreach ($ar_query_map as $name => $value)
    {
    // accept NULL, empty strings...
    if (!is_array($value))
      {
      $value = array();
      }
    $item = $value;

    foreach ($ar_defaults as $default_key => $default_value)
      {
      if (!array_key_exists($default_key, $item))
        {
        $item[$default_key] = is_null($default_value)
          ? $name
          : $default_value;
        }
      // else if is already in $item, so we don't touch it
      }
    $ret[$name] = $item;
    }
  return $ret;
  }

error_reporting($_qbf_er);

// ======== D6 LIMIT ==================================================================================================

/* TODO Node previews and adding form fields to the node form.
   There is a subtle but important difference in the way node previews (and other
   such operations) are carried out when adding or editing a node. With the new
   Forms API, the node form is handled as a multi-step form. When the node form
   is previewed, all the form values are submitted, and the form is rebuilt with
   those form values put into $form['#node']. Thus, form elements that are added
   to the node form will lose any user input unless they set their '#default_value'
   elements using this embedded node object. */

/**
 * Transform a form array for QBF.
 *
 * This function obtains the form array using Forms API, and transforms it by
 * modifying widgets to other types where needed.
 *
 * Any additional parameter passed to the function is transmitted to the form
 * generating function.
 *
 * @ingroup forms
 * @param string $form_id
 * @return array
 */
function qbf_transform_form($form_id) {
// @todo GW:  function qbf_transform_form(&$form_state, $form_id) {

  $ar_args = func_get_args();
//dsm(array('qtf' => $ar_args));
  // Fetch the basic form and rename it, passing it the caller's arguments
  $form = call_user_func_array('drupal_retrieve_form', $ar_args);
  $new_form_id = "qbf_$form_id";

  // Only keep the children of the form and QBF properties on the form itself
  $elements = array();
  $new_form = array();
  $new_form['#qbf_source_form_id'] = $form_id;
  if (in_array('#qbf', element_properties($form))) {
    $new_form += $form['#qbf'];
  }

  foreach (element_children($form) as $key) {
    // dsm("Transforming $key, type " . $form[$key]['#type']);
    $new_element = _qbf_transform_element($key, $form[$key]);
    if (!is_null($new_element)) {
      $new_form[$key] = $new_element;
    }
  }

  $new_form['#id'] = $new_form_id;
  $new_form['#multistep'] = TRUE;
  // Do not set #redirect, even to FALSE (submit handlers)
  // $new_form['#redirect']  = FALSE;
  $new_form['#after_build'][] = 'qbf_after_build';
  $new_form['#submit'] = array('qbf_submit' => array());
// dsm($new_form);
  return $new_form;
}

/**
 * Insert the query results at the bottom of the query form.
 *
 * @ingroup forms
 * @param array $form
 * @param array $form_values
 * @return array
 */
function qbf_after_build($form, $form_values) {
  if (empty($form['#post'])) {
    return $form;
  }

  // If #post is not empty, we are indeed querying
  $ar_query = _qbf_extract_query($form, $form_values);

  /* This function is called at the end of the form building process, which
   * means that child properties of #qbf have already been upgraded to element
   * properties. So we look for $form['#callback'] and not
   * $form['#qbf']['#callback']
   */
  if (isset($form['#callback']) && function_exists($function = $form['#callback'])) {
    $results = $function($ar_query);
  }
  else {
    drupal_set_message(t('QBF: incorrect callback function for search'), 'error');
  }
  $form['qbf_query_results'] = array
    (
    '#type'    => 'markup',
    '#value'   => $results,
    '#weight'  => 10,
    );
  return $form;
}

/**
 * Load a form_values array into a form used by QBF.
 *
 * This is typically useful when loading saved queries using qbf_query_load().
 * For other cases, the mechanisms built within FAPI should be used instead.
 *
 * @see qbf_query_load()
 *
 * @ingroup forms
 * @param array $form
 * @param array $form_values
 * @return array The modified form
 */
function qbf_import_values($element, $form_values) {
  foreach (element_children($element) as $child_name) {
    if (!empty($form_values[$child_name])) {
      $element[$child_name]['#qbf']['#default_value'] = $form_values[$child_name];
    }
    $element[$child_name] = qbf_import_values($element[$child_name], $form_values);
  }
  return $element;
}

/**
 * Submit handler for query save form.
 *
 * @ingroup forms
 * @param $form_id string
 * @param $form_values array
 * @return string
 */
function qbf_submit($form_id, $form_values) {
/*

function qbf_submit($form, &$form_state) {
/* @TODO GW The 'op' element in the form values is deprecated.
   Each button can have #validate and #submit functions associated with it.
   Thus, there should be one button that submits the form and which invokes
   the normal form_id_validate and form_id_submit handlers. Any additional
   buttons which need to invoke different validate or submit functionality
   should have button-specific functions.
  switch ($form_state['values']['op']) { */

  switch ($form_values['op']) {
    case t('Search'):
      $ret = FALSE;
      break;

    case t('Save query'):
      _qbf_save($form_id, $form_values);
//@TODO GW _qbf_save($form_state['values']['form_id'], $form_state['values']);
      drupal_set_message(t('Your query was saved as "@name".',
        array('@name' => $form_values['save-name'])));
//@TODO GW _qbf_save($form_state['values']['form_id'], $form_state['values']);
        global $user;
      $ret = "user/$user->uid/edit/job";;
      break;
  }
  //dsm(array('QS' => $form_values));
  return $ret;
/* @todo GW
  //dsm(array('QS' => $form_state['values']));
  $form_state['redirect'] = $ret;
*/
}

/**
 * Save a query and return its qid.
 *
 * @ingroup forms
 *
 * @param $form_id string
 * @param $form_state array
 * @return int
 */
function _qbf_save($form_id, $form_state)
  {
  if (user_is_anonymous())
    {
    $warning = t('Attempt by anonymous user to save a QBF query. Should not happen.');
    drupal_set_message($warning, 'error');
    watchdog('qbf', $warning, NULL, WATCHDOG_WARNING);
    $ret = 0;
    }
  else
    {
    // @FIXME check whether form_state is now needed. It wasn't in QBF for D5
    $form = drupal_retrieve_form($form_id, $form_state);
    dsm($form, "retrieve");
    drupal_prepare_form($form_id, $form, $form_state);
    dsm($form, "prepare");
    $name = $form_state['post']['save-name'];
    $form_values = _qbf_extract_query($form, $form_state['post']);
    $ar_values = array();
    foreach ($form_values as $key => $value)
      {
      if (empty($value))
        {
        continue;
        }
      $ar_values[$key] = $value;
      }

    $query = new Qbf_Query($name, $ar_values);
    $ret = $query->save();
    }

  return $ret;
  }