WebSVN – eFlore/Applications.cel – Diff – /trunk/jrest/services/InventoryTransmit.php

  * @license    CECILL v2 <http://www.cecill.info/licences/Licence_CeCILL_V2-en.txt>
  * @copyright  1999-2014 Tela Botanica <accueil@tela-botanica.org>
  */
 class InventoryTransmit extends Cel  {
+	private $idUtilisateur = null;
+	private $ordres = null;
-	public function updateElement($uid, $pairs) {
+	public function updateElement($ressources, $data) {
-		// Controle detournement utilisateur
+		$this->verifierRessources($ressources);
+		$this->verifierData($data);
+		$transmission = intval($data['transmission']);
+		$date = ($transmission == 1) ? 'NOW()' : 'NULL';
+		$idsObsConcat = implode(',', $this->getIdsObs());
+		$requete = 'UPDATE cel_obs '.
+			"SET transmission = $transmission, date_transmission = $date, date_modification = NOW() ".
+			"WHERE id_observation IN ($idsObsConcat) ".
+			' -- '.__FILE__.':'.__LINE__;
+		$resultatObs = Cel::db()->executer($requete);
+		$requete = 'UPDATE cel_images '.
+			"SET transmission = $transmission, date_transmission = $date, date_modification = NOW() ".
+			"WHERE ce_observation IN ($idsObsConcat) ".
+			' -- '.__FILE__.':'.__LINE__;
+		$resultatImg = Cel::db()->executer($requete);
+		return ($resultatObs != 0 && $resultatImg != 0);
+	}
-		$this->controleUtilisateur($uid[0]);
+	private function verifierRessources($ressources) {
-		if (!isset($uid[1])) {
+		if (!isset($ressources[0])) {
+			return false;
+		} else {
+			$this->controleUtilisateur($ressources[0]);
-			return false;
+			$this->idUtilisateur = $ressources[0];
+		}
+		if (!isset($ressources[1])) {
+			return false;
+		} else {
+			$this->ordres = $ressources[1];
+		}
+	}
-		}
+	private function verifierData($data) {
-		$transmission = intval($pairs['transmission']);
+		$transmission = (int) $data['transmission'];
 		if ($transmission != 0 && $transmission != 1) {
 			return false;
+		}
+	}
-		}
+	private function getIdsObs() {
+		$idUtilisateurP = Cel::db()->proteger($this->idUtilisateur);
+		$ordres = $this->nettoyerOrdres();
-		$ids = array_filter(array_map(create_function('$v','return intval($v);'), explode(',', $uid[1])), 'strlen');
+		$ordreConcat = implode(',', $ordres);
-		$date = ($transmission == 1) ? 'now()' : 'NULL';
-		//TODO: modification pour passer ceci dans la classe gestion observation
-		$requete = 'UPDATE cel_obs '.
-			'SET transmission = '.$pairs['transmission'].', '.
+		$requete = 'SELECT id_observation '.
-			'date_modification = now(), date_transmission = '.$date.' '.
+			'FROM cel_obs '.
-			'WHERE ce_utilisateur = '.Cel::db()->proteger($uid[0]).' '.
+			"WHERE ce_utilisateur = $idUtilisateurP ".
+			"AND ordre IN ($ordreConcat) ".
+			' -- '.__FILE__.':'.__LINE__;
+		$resultats = Cel::db()->executer($requete);
+		$idsObs = array();
+		if ($idsObs && is_array($idsObs)) {
+			foreach ($resultats as $infos) {
+				$idsObs[] = $infos['id_observation'];
+			}
+		}
+		return $idsObs;
+	}
+	private function nettoyerOrdres() {
+		$ordres = explode(',', $this->ordres);
+		$ordresNettoyes = array();
+		foreach ($ordres as $ordre) {
+			if (preg_match('/^\d+$/', $ordre)) {
-			'AND ordre in ('.implode(',', $ids).') '.
+				$ordresNettoyes[] = $ordre;
 			' -- '.__FILE__.':'.__LINE__;
 		$resultat = Cel::db()->executer($requete);
-		return ($resultat != 0);
+		return $ordresNettoyes;

Subversion Repositories eFlore/Applications.cel

(root)/trunk/jrest/services/InventoryTransmit.php – Rev 2458 → 2461