1:   2:   3:   4:   5:   6:   7:   8:   9:  10:  11:  12:  13:  14:  15:  16:  17:  18:  19:  20:  21:  22:  23:  24:  25:  26:  27:  28:  29:  30:  31:  32:  33:  34:  35:  36:  37:  38:  39:  40:  41:  42:  43:  44:  45:  46:  47:  48:  49:  50:  51:  52:  53:  54:  55:  56:  57:  58:  59:  60:  61:  62:  63:  64:  65:  66:  67:  68:  69:  70:  71:  72:  73:  74:  75:  76:  77:  78:  79:  80:  81:  82:  83:  84:  85:  86:  87:  88:  89:  90:  91:  92:  93:  94:  95:  96:  97:  98:  99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233: 234: 235: 236: 237: 238: 239: 240: 241: 242: 243: 244: 245: 246: 247: 248: 249: 250: 251: 252: 253: 254: 255: 256: 257: 258: 259: 260: 261: 262: 263: 264: 265: 266: 267: 268: 269: 270: 271: 272: 273: 274: 275: 276: 277: 278: 279: 280: 281: 282: 283: 284: 285: 286: 287: 288: 289: 290: 291: 292: 293: 294: 295: 296: 297: 298: 299: 300: 301: 302: 303: 304: 305: 306: 307: 308: 309: 310: 311: 312: 313: 314: 315: 316: 317: 318: 319: 320: 321: 322: 323: 324: 325: 326: 327: 328: 329: 330: 331: 332: 333: 334: 335: 336: 337: 338: 339: 340: 341: 342: 343: 344: 345: 346: 347: 348: 349: 350: 351: 352: 353: 354: 355: 356: 357: 358: 359: 360: 361: 362: 363: 364: 365: 366: 367: 368: 369: 370: 371: 372: 373: 374: 375: 376: 377: 378: 379: 380: 381: 382: 383: 384: 385: 386: 387: 388: 389: 390: 391: 392: 393: 394: 395: 396: 397: 398: 399: 400: 401: 402: 403: 404: 405: 406: 407: 408: 409: 410: 411: 412: 413: 414: 415: 416: 417: 418: 419: 420: 421: 422: 423: 424: 425: 426: 427: 428: 429: 430: 431: 432: 433: 434: 435: 436: 437: 438: 439: 440: 441: 442: 443: 444: 445: 446: 447: 448: 449: 450: 451: 452: 453: 454: 455: 456: 457: 458: 459: 460: 461: 462: 463: 464: 465: 466: 467: 468: 469: 470: 

<?php

/**
 * MvcCore
 *
 * This source file is subject to the BSD 3 License
 * For the full copyright and license information, please view 
 * the LICENSE.md file that are distributed with this source code.
 *
 * @copyright   Copyright (c) 2016 Tom Flídr (https://github.com/mvccore/mvccore)
 * @license     https://mvccore.github.io/docs/mvccore/4.0.0/LICENCE.md
 */

namespace MvcCore\Ext;

require_once('Form/Core/Configuration.php');
//require_once('Form/Core/Exception.php');
require_once('Form/Core/Field.php');
//require_once('Form/Core/Helpers.php');
//require_once('Form/Core/View.php');

class Form extends Form\Core\Configuration
{
    /**
     * MvcCore Extension - Form - version:
     * Comparation by PHP function version_compare();
     * @see http://php.net/manual/en/function.version-compare.php
     */
    const VERSION = '4.2.0';
    
    /* public methods ************************************************************************/
    /**
     * Create \MvcCore\Ext\Form instance.
     * Please don't forget to configure at least $form->Id, $form->Action,
     * any control to work with and finaly any button:submit/input:submit 
     * to submit the form to any url defined in $form->Action.
     * @param \MvcCore\Controller|mixed $controller 
     */
    public function __construct (/*\MvcCore\Controller*/ & $controller) {
        $this->Controller = $controller;
        $baseLibPath = str_replace('\\', '/', __DIR__ . '/Form');
        if (!$this->jsAssetsRootDir) $this->jsAssetsRootDir = $baseLibPath;
        if (!$this->cssAssetsRootDir) $this->cssAssetsRootDir = $baseLibPath;
    }
    /**
     * Rendering process alias.
     * @see \MvcCore\Ext\Form::Render();
     * @return string
     */
    public function __toString () {
        return $this->Render();
    }
    /**
     * Add form submit error and switch form result to zero - error state.
     * @param string $errorMsg
     * @param string $fieldName optional
     * @return \MvcCore\Ext\Form
     */
    public function AddError ($errorMsg, $fieldName = '') {
        $errorMsgUtf8 = iconv(
            mb_detect_encoding($errorMsg, mb_detect_order(), true), 
            "UTF-8",
            $errorMsg
        );
        $newErrorRec = array(strip_tags($errorMsgUtf8));
        if ($fieldName) $newErrorRec[] = $fieldName;
        $this->Errors[] = $newErrorRec;
        if ($fieldName && isset($this->Fields[$fieldName])) {
            $this->Fields[$fieldName]->AddError($errorMsgUtf8);
        }
        $this->Result = Form::RESULT_ERRORS;
        return $this;
    }
    /**
     * Add configured form field instance.
     * @param \MvcCore\Ext\Form\Core\Field $field
     * @return \MvcCore\Ext\Form
     */
    public function AddField (\MvcCore\Ext\Form\Core\Field $field) {
        if (!$this->initialized) $this->Init();
        $field->OnAdded($this);
        $this->Fields[$field->Name] = $field;
        return $this;
    }
    /**
     * Add multiple configured form field instances, 
     * function have infinite params with new field instances.
     * @param \MvcCore\Ext\Form\Core\Field $fields,... Any \MvcCore\Ext\Form field instance to add into form
     * @return \MvcCore\Ext\Form
     */
    public function AddFields () {
        if (!$this->initialized) $this->Init();
        $fields = func_get_args();
        foreach ($fields as & $field) {
            $this->AddField($field);
        }
        return $this;
    }
    /**
     * Unset submitted $form->Data records wchid are empty string or empty array.
     * @return \MvcCore\Ext\Form
     */
    public function UnsetEmptyData () {
        $dataKeys = array_keys($this->Data);
        for ($i = 0, $l = count($dataKeys); $i < $l; $i += 1) {
            $dataKey = $dataKeys[$i];
            $dataValue = $this->Data[$dataKey];
            $dataValueType = gettype($dataValue);
            if ($dataValueType == 'array') {
                if (!$dataValue) unset($this->Data[$dataKey]);
            } else {
                if ($dataValue === '') unset($this->Data[$dataKey]);
            }
        }
        return $this;
    }
    /**
     * Clear all session records for this form by form id.
     * Data sended from last submit, any csrf tokens and any errors.
     * @return void
     */
    public function ClearSession () {
        $this->Data = array();
        include_once('Form/Core/Helpers.php');
        Form\Core\Helpers::SetSessionData($this->Id, array());
        Form\Core\Helpers::SetSessionCsrf($this->Id, array());
        Form\Core\Helpers::SetSessionErrors($this->Id, array());
    }
    /**
     * Return current cross site request forgery hidden
     * input name and it's value as stdClass.
     * Result stdClass elements has keys 'name' and 'value'.
     * @return \stdClass
     */
    public function GetCsrf () {
        include_once('Form/Core/Helpers.php');
        list($name, $value) = Form\Core\Helpers::GetSessionCsrf($this->Id);
        return (object) array('name' => $name, 'value' => $value);
    }
    /**
     * Return form field instance by form field name if it exists, else return null;
     * @param string $fieldName
     * @return \MvcCore\Ext\Form\Core\Field|null
     */
    public function & GetField ($fieldName = '') {
        $result = NULL;
        if (isset($this->Fields[$fieldName])) $result = $this->Fields[$fieldName];
        return $result;
    }
    /**
     * Return form field instances by field type string
     * @param string $fieldType
     * @return \MvcCore\Ext\Form\Core\Field[]
     */
    public function & GetFieldsByType ($fieldType = '') {
        $result = array();
        foreach ($this->Fields as & $field) {
            if ($field->Type == $fieldType) $result[$field->Name] = $field;
        }
        return $result;
    }
    /**
     * Return form field instances by field class name
     * compared by 'is_a($field, $fieldClassName)' check
     * @param string $fieldClassName
     * @param bool   $directTypesOnly Get only instances created directly from called type, no extended instances
     * @return \MvcCore\Ext\Form\Core\Field[]
     */
    public function & GetFieldsByClass ($fieldClassName = '', $directTypesOnly = FALSE) {
        $result = array();
        foreach ($this->Fields as & $field) {
            if (is_a($field, $fieldClassName)) {
                if ($directTypesOnly) {
                    if (is_subclass_of($field, $fieldClassName)) continue;
                }
                $result[$field->Name] = $field;
            }
        }
        return $result;
    }
    /**
     * Return first catched form field instance by field class name
     * compared by 'is_a($field, $fieldClassName)' check
     * @param string $fieldClassName
     * @param bool   $directTypesOnly Get only instances created directly from called type, no extended instances
     * @return \MvcCore\Ext\Form\Core\Field|null
     */
    public function & GetFirstFieldsByClass ($fieldClassName = '', $directTypesOnly = FALSE) {
        $result = NULL;
        foreach ($this->Fields as & $field) {
            if (is_a($field, $fieldClassName)) {
                if ($directTypesOnly) {
                    if (is_subclass_of($field, $fieldClassName)) continue;
                }
                $result = $field;
                break;
            }
        }
        return $result;
    }
    /**
     * Initialize the form, check if we are initialized or not and do it only once,
     * check if any form id exists and initialize translation boolean for better field initializations.
     * This is template method. To define any fields in custom \MvcCore\Ext\Form class extension,
     * do it in Init method and call parent method as first line inside your custom Init method.
     * @throws \MvcCore\Ext\Form\Core\Exception
     * @return \MvcCore\Ext\Form
     */
    public function Init () {
        if ($this->initialized) return $this;
        $this->initialized = 1;
        if (!$this->Id) {
            $clsName = get_class($this);
            include_once('Form/Core/Exception.php');
            throw new Form\Core\Exception("No form 'Id' property defined in: '$clsName'.");
        }
        if ((is_null($this->Translate) || $this->Translate === TRUE) && !is_null($this->Translator)) {
            $this->Translate = TRUE;
        } else {
            $this->Translate = FALSE;
        }
        return $this;
    }
    /**
     * Prepare form and it's fields for rendering.
     * This function is called automaticly by rendering process if necessary.
     * But if you need to operate with fields in your controller before rendering
     * with real session values and initialized session errors, you can call this
     * method anytime to prepare form for rendering and operate with anything inside.
     * @return void
     */
    public function Prepare () {
        if (!$this->initialized) $this->Init();
        if ($this->initialized < 2) $this->prepareRenderIfNecessary();
    }
    /**
     * After every custom $form->Submit(); function implementation is at the end,
     * call this function to redirect user by configured success/error/next step address
     * into final place and store everything into session.
     * @return void
     */
    public function RedirectAfterSubmit () {
        if (!$this->initialized) $this->Init();
        include_once('Form/Core/Helpers.php');
        $url = "";
        if ($this->Result === Form::RESULT_ERRORS) {
            $url = $this->ErrorUrl;
        } else if ($this->Result === Form::RESULT_SUCCESS) {
            $url = $this->SuccessUrl;
            $this->Data = array();
        } else if ($this->Result === Form::RESULT_NEXT_PAGE) {
            $url = $this->NextStepUrl;
            $this->Data = array();
        }
        Form\Core\Helpers::SetSessionErrors($this->Id, $this->Errors);
        Form\Core\Helpers::SetSessionData($this->Id, $this->Data);
        $ctrl = $this->Controller;
        $ctrl::Redirect($url, 303);
    }
    /**
     * Remove configured form field instance by field name.
     * @param string $fieldName
     * @return \MvcCore\Ext\Form
     */
    public function RemoveField ($fieldName = '') {
        if (!$this->initialized) $this->Init();
        if (isset($this->Fields[$fieldName])) unset($this->Fields[$fieldName]);
        return $this;
    }
    /**
     * Rendering process.
     * - if forms is not initialized, there is automaticly 
     *   called $form->Init(); method
     * - if form is not prepared for rendering, there is 
     *   automaticly called $form->prepareForRendering(); method
     * - create new form view instance and set up the view with local
     *   context variables
     * - render form naturaly or by custom template
     * - clean session errors, because errors shoud be rendered 
     *   only once, only when it's used and it is now in rendering process
     * @return string
     */
    public function Render () {
        $this->prepareRenderIfNecessary();
        if ($this->TemplatePath) {
            $result = $this->View->RenderTemplate();
        } else {
            $result = $this->View->RenderNaturally();
        }
        $this->cleanUpRenderIfNecessary();
        return $result;
    }
    /**
     * Render form content.
     * Go through all $form->Fields and call $field->Render(); on every field
     * and put it into an empty <div> element. Render each field in full possible
     * way - naturaly by label configuration with possible errors configured beside
     * or with custom field template.
     * @return string
     */
    public function RenderContent () {
        $this->prepareRenderIfNecessary();
        return $this->View->RenderContent();
    }
    /**
     * Render form errors.
     * If form is configured to render all errors together at form beginning,
     * this function completes all form errors into div.errors with div.error elements
     * inside containing each single errors message.
     * @return string
     */
    public function RenderErrors () {
        $this->prepareRenderIfNecessary();
        return $this->View->RenderErrors();
    }
    /**
     * Render form begin.
     * Render opening <form> tag and hidden input with csrf tokens.
     * @return string
     */
    public function RenderBegin () {
        $this->prepareRenderIfNecessary();
        return $this->View->RenderBegin();
    }
    /**
     * Render form end.
     * Render html closing </form> tag and supporting javascript and css files
     * if is form not using external js/css renderers.
     * @return string
     */
    public function RenderEnd () {
        if (!$this->initialized) $this->Init();
        $result = $this->View->RenderEnd();
        $this->cleanUpRenderIfNecessary();
        return $result;
    }
    /**
     * Render all supporting css files directly
     * as <style> tag content inside html template
     * called usualy right after form end tag
     *  or
     * render all supporting css files by external
     * css assets renderer to add only links to html head
     * linked to external css source files.
     * @return string
     */
    public function RenderCss () {
        if (!$this->Css) return '';
        $cssFiles = $this->completeAssets('css');
        $cssFilesContent = '';
        $loadCssFilesContents = !is_callable($this->CssRenderer);
        foreach ($cssFiles as $cssFile) {
            $this->renderAssetFile($cssFilesContent, $this->CssRenderer, $loadCssFilesContents, $cssFile);
        }
        if (!$loadCssFilesContents) return '';
        return '<style type="text/css">'.$cssFilesContent.'</style>';
    }
    /**
     * Render all supporting js files directly
     * as <script> tag content inside html template
     * called usualy right after form end tag
     *  or
     * render all supporting javascript files by external
     * assets renderer to add only scripts to html head
     * linked to external script source files. But there is still created
     * one <script> tag right after form tag end with supporting javascripts
     * initializations by rendered form fieds options, names, counts, values etc...
     * @return string
     */
    public function RenderJs () {
        if (!$this->Js) return '';
        $jsFiles = $this->completeAssets('js');
        $jsFilesContent = '';
        $fieldsConstructors = array();
        $loadJsFilesContents = !is_callable($this->JsRenderer);
        if (!isset(self::$js[$this->JsBaseFile])) {
            $this->JsBaseFile = $this->absolutizeAssetPath($this->JsBaseFile, 'js');
            self::$js[$this->JsBaseFile] = TRUE;
            $this->renderAssetFile($jsFilesContent, $this->JsRenderer, $loadJsFilesContents, $this->JsBaseFile);
        }
        foreach ($jsFiles as $jsFile) {
            $this->renderAssetFile($jsFilesContent, $this->JsRenderer, $loadJsFilesContents, $jsFile);
        }
        foreach ($this->Js as $item) {
            $paramsStr = json_encode($item[2]);
            $paramsStr = mb_substr($paramsStr, 1, mb_strlen($paramsStr) - 2);
            $fieldsConstructors[] = "new " . $item[1] . "(" . $paramsStr . ")";
        }
        $result = $jsFilesContent."new MvcCoreForm("
            ."document.getElementById('".$this->Id."'),"
            ."[".implode(',', $fieldsConstructors)."]"
        .")";
        include_once('Form/Core/View.php');
        if (class_exists('\MvcCore\View') && strpos(\MvcCore\View::$Doctype, 'XHTML') !== FALSE) {
            $result = '/* <![CDATA[ */' . $result . '/* ]]> */';
        }
        return '<script type="text/javascript">' . $result . '</script>';
    }
    /**
     * Create new fresh cross site request forgery tokens,
     * store them into session under $form->Id and return them.
     * @return string[]
     */
    public function SetUpCsrf () {
        $requestPath = $this->getRequestPath();
        $randomHash = bin2hex(openssl_random_pseudo_bytes(32));
        $nowTime = (string)time();
        $name = '____'.sha1($this->Id . $requestPath . 'name' . $nowTime . $randomHash);
        $value = sha1($this->Id . $requestPath . 'value' . $nowTime . $randomHash);
        include_once('Form/Core/Helpers.php');
        Form\Core\Helpers::SetSessionCsrf($this->Id, array($name, $value));
        return array($name, $value);
    }
    /**
     * Process standard low level submit process.
     * If no params passed as first argument, all params from \MvcCore request object are used.
     * - if fields are not initialized - initialize them by calling $form->Init();
     * - check max post size by php configuration if form is posted
     * - check cross site request forgery tokens with session tokens
     * - process all field values and their validators and call $form->AddError() where necessary
     *   AddError method automaticly switch $form->Result property to zero - 0 means error submit result
     * Return array with form result, safe values by validators and errors.
     * @param array $rawParams optional
     * @return array array($form->Result, $form->Data, $form->Errors);
     */
    public function Submit ($rawParams = array()) {
        if (!$this->initialized) $this->Init();
        include_once('Form/Core/Helpers.php');
        Form\Core\Helpers::ValidateMaxPostSizeIfNecessary($this);
        if (!$rawParams) $rawParams = $this->Controller->GetRequest()->Params;
        $this->ValidateCsrf($rawParams);
        $this->submitFields($rawParams);
        return array(
            $this->Result,
            $this->Data,
            $this->Errors,
        );
    }
    /**
     * Check cross site request forgery sended tokens from user with session tokens.
     * If tokens are diferent, add form error and process csrf error handlers queue.
     * @param array $rawRequestParams
     * @return bool
     */
    public function ValidateCsrf ($rawRequestParams = array()) {
        $result = FALSE;
        include_once('Form/Core/Helpers.php');
        $sessionCsrf = Form\Core\Helpers::GetSessionCsrf($this->Id);
        list($name, $value) = $sessionCsrf ? $sessionCsrf : array(NULL, NULL);
        if (!is_null($name) && !is_null($value)) {
            if (isset($rawRequestParams[$name]) && $rawRequestParams[$name] === $value) {
                $result = TRUE;
            }
        }
        if (!$result) {
            $errorMsg = Form::$DefaultMessages[Form::CSRF];
            if ($this->Translate) {
                $errorMsg = call_user_func($this->Translator, $errorMsg);
            }
            $this->AddError($errorMsg);
            foreach (static::$csrfErrorHandlers as $handler) {
                if (is_callable($handler)) {
                    $handler($this, $errorMsg);
                }
            }
        }
        return $result;
    }
}