list.php 4.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
  1. <?php /**
  2. * Postfix Admin
  3. *
  4. * LICENSE
  5. * This source file is subject to the GPL license that is bundled with
  6. * this package in the file LICENSE.TXT.
  7. *
  8. * Further details on the project are available at http://postfixadmin.sf.net
  9. *
  10. * @version $Id: list.php 1752 2015-03-17 22:22:28Z christian_boltz $
  11. * @license GNU GPL v2 or later.
  12. *
  13. * File: list.php
  14. * List all items as a quick overview.
  15. *
  16. */
  17. require_once('common.php');
  18. # if (safeget('token') != $_SESSION['PFA_token']) die('Invalid token!');
  19. $username = authentication_get_username(); # enforce login
  20. $table = safeget('table');
  21. $handlerclass = ucfirst($table) . 'Handler';
  22. if ( !preg_match('/^[a-z]+$/', $table) || !file_exists("model/$handlerclass.php")) { # validate $table
  23. die ("Invalid table name given!");
  24. }
  25. # default: domain admin restrictions
  26. $is_superadmin = 0;
  27. if (authentication_has_role('global-admin')) { # more permissions? Fine!
  28. $is_superadmin = 1;
  29. $username = safepost('username', safeget('username', $username)); # prefer POST over GET variable
  30. }
  31. $is_admin = authentication_has_role('admin');
  32. $handler = new $handlerclass(0, $username, $is_admin);
  33. $formconf = $handler->webformConfig();
  34. $list_admins = array($username);
  35. if ($is_superadmin && $formconf['required_role'] != 'global-admin') { # 'simulate admin' dropdown doesn't make sense for superadmin-only modules
  36. $list_admins = array_keys(list_admins());
  37. }
  38. if ($is_admin) {
  39. authentication_require_role($formconf['required_role']);
  40. } else {
  41. if (empty($formconf['user_hardcoded_field'])) {
  42. die($handlerclass . ' is not available for users');
  43. }
  44. }
  45. $search = safeget('search', safesession("search_$table", array()));
  46. $searchmode = safeget('searchmode', safesession("searchmode_$table", array()));
  47. if (!is_array($search) || !is_array($searchmode)) {
  48. # avoid injection of raw SQL if $search is a string instead of an array
  49. die("Invalid parameter");
  50. }
  51. if (safeget('reset_search', 0)) {
  52. $search = array();
  53. $searchmode = array();
  54. }
  55. $_SESSION["search_$table"] = $search;
  56. $_SESSION["searchmode_$table"] = $searchmode;
  57. if (count($search)) {
  58. $handler->getList($search, $searchmode);
  59. } else {
  60. $handler->getList('');
  61. }
  62. $items = $handler->result();
  63. if (count($handler->errormsg)) flash_error($handler->errormsg);
  64. if (count($handler->infomsg)) flash_error($handler->infomsg);
  65. if (safeget('output') == 'csv') {
  66. $out = fopen('php://output', 'w');
  67. header( 'Content-Type: text/csv; charset=utf-8' );
  68. header( 'Content-Disposition: attachment;filename='.$table.'.csv');
  69. print "\xEF\xBB\xBF"; # utf8 byte-order to indicate the file is utf8 encoded
  70. # print "sep=;"; # hint that ; is used as seperator - breaks the utf8 flag in excel import!
  71. print "\n";
  72. if (!defined('ENT_HTML401')) { # for compability for PHP < 5.4.0
  73. define('ENT_HTML401', 0);
  74. }
  75. # print column headers as csv
  76. $header = array();
  77. $columns = array();
  78. foreach ($handler->getStruct() as $key => $field) {
  79. if ($field['display_in_list'] && $field['label'] != '') { # don't show fields without a label
  80. $header[] = html_entity_decode ( $field['label'], ENT_COMPAT | ENT_HTML401, 'UTF-8' );
  81. $columns[] = $key;
  82. }
  83. }
  84. fputcsv($out, $header, ';');
  85. # print items as csv
  86. foreach ($items as $item) {
  87. $fields = array();
  88. foreach ($columns as $column) {
  89. $fields[] = $item[$column];
  90. }
  91. fputcsv($out, $fields, ';');
  92. }
  93. fclose($out);
  94. } else { # HTML output
  95. $smarty->assign('admin_list', $list_admins);
  96. $smarty->assign('admin_selected', $username);
  97. $smarty->assign('smarty_template', 'list');
  98. $smarty->assign('struct', $handler->getStruct());
  99. $smarty->assign('msg', $handler->getMsg());
  100. $smarty->assign('table', $table);
  101. $smarty->assign('items', $items);
  102. $smarty->assign('id_field', $handler->getId_field());
  103. $smarty->assign('formconf', $formconf);
  104. $smarty->assign('search', $search);
  105. $smarty->assign('searchmode', $searchmode);
  106. $smarty->display ('index.tpl');
  107. }
  108. /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */
  109. ?>