• Main Page
  • Related Pages
  • Namespaces
  • Data Structures
  • Files
  • File List

E:/E/GEAMP/www/openbiz/openbiz/bin/BizController.php

00001 <?PHP
00021 // run controller
00022 //
00023 //session_cache_limiter('public');
00024 ob_start();
00025 header('Content-Type: text/html; charset=utf-8');
00026 include_once("sysheader_inc.php");
00027 
00028 // start session context object
00029 BizSystem::sessionContext();
00030 
00031 $bizCtrller = new BizController();
00032 if($bizCtrller->processSecurityFilters()===true){
00033        $bizCtrller->dispatchRequest();
00034 }
00035 
00044 class BizController
00045 {                  
00046     private $_userTimeoutView = USER_TIMEOUT_VIEW;
00047     private $_accessDeniedView = ACCESS_DENIED_VIEW;
00048     private $_securityDeniedView = SECURITY_DENIED_VIEW;
00049 
00055     public function processSecurityFilters()
00056     {
00057         $securityObj = BizSystem::getService(SECURITY_SERVICE);
00058         $securityObj->processFilters();
00059         if($err_msg = $securityObj->getErrorMessage())
00060         {
00061               if($this->_securityDeniedView){
00062                      $view = $this->_securityDeniedView;
00063               }else{
00064                      $view = $this->_accessDeniedView;         
00065               }
00066             $this->renderView($view);
00067             return false;            
00068         }
00069         return true;
00070     }
00071 
00077     public function dispatchRequest()
00078     {
00079         if ($this->_checkSessionTimeout())  // show timeout view
00080         {
00081             BizSystem::sessionContext()->destroy();
00082             return $this->renderView($this->_userTimeoutView);
00083         }
00084 
00085         // ?view=...&form=...&rule=...&mode=...&...
00086         //$getKeys = array_keys($_GET);
00087         //if ($getKeys[0] == "view")
00088         if (isset($_GET['view']))
00089         {
00090             $form = isset($_GET['form']) ? $_GET['form'] : "";
00091             $rule = isset($_GET['rule']) ? $_GET['rule'] : "";
00092             $hist = isset($_GET['hist']) ? $_GET['hist'] : "";
00093             $viewName = $_GET['view'];
00094             $params = $this->_getParameters();
00095             
00096             if(defined('NOTFOUND_VIEW'))
00097             {
00098               if(!RESOURCE::getXmlFileWithPath($viewName)){
00099                      return $this->renderView(NOTFOUND_VIEW, $form, $rule, $params, $hist);                     
00100                      exit;
00101               }            
00102             }
00103             
00104             if (!$this->_checkViewAccess($viewName))  //access denied error
00105                 return $this->renderView($this->_accessDeniedView);
00106             
00107                      return $this->renderView($viewName, $form, $rule, $params, $hist);
00108         }
00109         else if (isset($_REQUEST['_thisView']) && !empty($_REQUEST['_thisView'])) {
00110             BizSystem::instance()->setCurrentViewName($_REQUEST['_thisView']);
00111         }
00112 
00113         $retval = $this->invoke();
00114 
00115         print($retval." ");
00116         exit();
00117     }
00118 
00124     private function _getParameters()
00125     {
00126         $getKeys = array_keys($_GET);
00127         $params = null;
00128         // read parameters "param:name=value"
00129         foreach ($getKeys as $key)
00130         {
00131             if (substr($key, 0, 6) == "param:")
00132             {
00133                 $paramName = substr($key, 6);
00134                 $paramValue = $_GET[$key];
00135                 $params[$paramName] = $paramValue;
00136             }
00137         }
00138         return $params;
00139     }
00140 
00146     private function _getUserProfile()
00147     {
00148         return BizSystem::getUserProfile();
00149     }
00150 
00156     private function _checkSessionTimeout()
00157     {
00158         return BizSystem::sessionContext()->isTimeout();
00159     }
00160 
00167     private function _checkViewAccess($viewName)
00168     {
00169               // load accessService
00170               $svcobj = BizSystem::getService(ACCESS_SERVICE);    
00171               return $svcobj->allowViewAccess($viewName);
00172     }
00173 
00181     public function renderView($viewName, $form="", $rule="", $params=null, $hist="")
00182     {
00183         $bizSystem = BizSystem::instance();       
00184 
00185         /* @var $viewObj EasyView */
00186         if ($viewName == "__DynPopup")
00187         {
00188             $viewObj = BizSystem::getObject($viewName);
00189             $viewObj->render();
00190             return;
00191         }
00192 
00193         // if previous view is different with the to-be-loaded view, clear the previous session objects
00194         $prevViewName = $bizSystem->getCurrentViewName();
00195         $prevViewSet = $bizSystem->getCurrentViewSet();
00196 
00197         // need to set current view before get view object
00198         $bizSystem->setCurrentViewName($viewName);
00199 
00200         $viewObj = BizSystem::getObject($viewName);
00201         if(!$viewObj)
00202             return;
00203         $viewSet = $viewObj->getViewSet();
00204         $bizSystem->setCurrentViewSet($viewSet);
00205 
00206         /*
00207         if ($prevViewSet && $viewSet && $prevViewSet == $viewSet)   // keep prev view session objects if they have same viewset
00208             BizSystem::sessionContext()->clearSessionObjects(true);
00209         else
00210             BizSystem::sessionContext()->clearSessionObjects(false);
00211               */
00212               BizSystem::sessionContext()->clearSessionObjects(true);
00213             
00214         if ($hist == "N") // clean view history
00215             $viewObj->CleanViewHistory();
00216 
00217         if ($form != "" && $rule != "")
00218             $viewObj->processRule($form, $rule, TRUE);
00219 
00220         if ($params)
00221             $viewObj->setParameters($params);
00222 
00223         if (isset($_GET['mode']))   // can specify mode of form
00224             $viewObj->SetFormMode($form, $_GET['mode']);
00225 
00226         $viewObj->render();
00227     //BizController::hidePageLoading();
00228     }
00229 
00235     protected function invoke()
00236     {
00237               //patched by jixian for fix ajax post data
00238         if(isset($_POST['__url']))
00239         {
00240             $getUrl=parse_url($_POST['__url']);
00241             $query=$getUrl['query'];
00242             $parameter=explode('&',$query);
00243             foreach($parameter as $param)
00244             {
00245                 $data=explode('=',$param);
00246                 $name=$data[0];
00247                 $value=$data[1];
00248                 $_GET[$name]=$value;
00249             }
00250         }
00251 
00252         $func = (isset($_REQUEST['F']) ? $_REQUEST['F'] : "");
00253         $arg_list = array();
00254         $i = 0;
00255 
00256         if ($func != "")
00257         {
00258             eval("\$P$i = (isset(\$_REQUEST['P$i']) ? \$_REQUEST['P$i']:'');");
00259             $Ptmp = "P". $i;
00260 
00261             if (strstr($P0, Popup_Suffix))
00262             {
00263                 $name_len = strlen($P0);
00264                 $suffix_len = strlen(Popup_Suffix);
00265                 $P0 = substr($P0, 0, $name_len - $suffix_len - 1) . "]";
00266             }
00267 
00268             while ($$Ptmp != "")
00269             {
00270                 $parm = $$Ptmp;
00271                 $parm = substr($parm, 1, strlen($parm) - 2);
00272                 $arg_list[] = $parm;
00273                 $i++;
00274                 eval("\$P$i = (isset(\$_REQUEST['P$i']) ? \$_REQUEST['P$i']:'');");
00275                 $Ptmp = "P". $i;
00276             }
00277         }
00278         else
00279             return;
00280       
00281         if ($func != "RPCInvoke" && $func != "Invoke")
00282         {
00283             trigger_error("$func is not a valid invocation", E_USER_ERROR);
00284             return;
00285         }
00286         if ($func == "RPCInvoke")
00287             BizSystem::clientProxy()->setRPCFlag(true);
00288 
00289         // invoke the function
00290         $num_arg = count($arg_list);
00291         if ($num_arg < 2)
00292         {
00293             $errmsg = BizSystem::getMessage("SYS_ERROR_RPCARG", array($class));
00294             trigger_error($errmsg, E_USER_ERROR);
00295         }
00296         else
00297         {
00298             $objName = array_shift($arg_list); 
00299             $methodName = array_shift($arg_list);
00300 
00301             $obj= BizSystem::getObject($objName);
00302 
00303             if ($obj)
00304             {
00305                 if (method_exists($obj, $methodName))
00306                 {
00307                     if (!$this->validateRequest($obj, $methodName))
00308                     {
00309                         $errmsg = BizSystem::getMessage("SYS_ERROR_REQUEST_REJECT", array($obj->m_Name, $methodName));
00310                         trigger_error($errmsg, E_USER_ERROR);
00311                     }
00312                     switch (count($arg_list)) 
00313                     {
00314                         case 0: $rt_val = $obj->$methodName(); break;
00315                         case 1: $rt_val = $obj->$methodName($arg_list[0]); break;
00316                         case 2: $rt_val = $obj->$methodName($arg_list[0], $arg_list[1]); break;
00317                         case 3: $rt_val = $obj->$methodName($arg_list[0], $arg_list[1], $arg_list[2]); break;
00318                         default: $rt_val = call_user_func_array(array($obj, $methodName), $arg_list);
00319                     }
00320                 }
00321                 else
00322                 {
00323                     $errmsg = BizSystem::getMessage("SYS_ERROR_METHODNOTFOUND",array($objName, $methodName));
00324                     trigger_error($errmsg, E_USER_ERROR);
00325                 }
00326             }
00327             else
00328             {
00329                 $errmsg = BizSystem::getMessage("SYS_ERROR_CLASSNOTFOUND", array($objName));
00330                 trigger_error($errmsg, E_USER_ERROR);
00331             }
00332 
00333             if ($func == "Invoke")  // no RPC invoke, page reloaded -> rerender view
00334             {
00335                 if (BizSystem::clientProxy()->hasOutput())
00336                     BizSystem::clientProxy()->printOutput();
00337             }
00338             else if ($func == "RPCInvoke")  // RPC invoke
00339             {
00340                 if (BizSystem::clientProxy()->hasOutput())
00341                 {
00342                     if ($_REQUEST['jsrs'] == 1)
00343                         echo "<html><body><form name=\"jsrs_Form\"><textarea name=\"jsrs_Payload\" id=\"jsrs_Payload\">";
00344                     BizSystem::clientProxy()->printOutput();
00345                     if ($_REQUEST['jsrs'] == 1)
00346                         echo "</textarea></form></body></html>";
00347                 }
00348                 else
00349                     return $rt_val;
00350             }
00351         }
00352     }
00353 
00361     protected function validateRequest($obj, $methodName)
00362     {
00363         if (!is_a($obj,"EasyForm") && !is_a($obj,"BizForm"))
00364         {
00365             return false;
00366         }
00367         if (is_a($obj,"EasyForm"))
00368         {
00369             if (!$obj->validateRequest($methodName))
00370             {
00371                 return false;
00372             }
00373         }
00374         return true;
00375     }
00376 }
00377 ?>

Generated on Thu Apr 19 2012 17:09:13 for openbiz by  doxygen 1.7.2