Admin\Backend change non filled dat part comment

publish/last.published

@@ -1 +1 @@
-9.16.0
+9.17.3

src/Admin/Backend.php

@@ -31,6 +31,8 @@ declare(strict_types=1);
 
 namespace CoreLibs\Admin;
 
+use CoreLibs\Convert\Json;
+
 class Backend
 {
 	// page name
@@ -42,7 +44,7 @@ class Backend
 	/** @var array<string> */
 	public array $action_list = [
 		'action', 'action_id', 'action_sub_id', 'action_yes', 'action_flag',
-		'action_menu', 'action_value', 'action_error', 'action_loaded'
+		'action_menu', 'action_value', 'action_type', 'action_error', 'action_loaded'
 	];
 	/** @var string */
 	public string $action;
@@ -61,20 +63,31 @@ class Backend
 	/** @var string */
 	public string $action_value;
 	/** @var string */
+	public string $action_type;
+	/** @var string */
 	public string $action_error;
+
 	// ACL array variable if we want to set acl data from outisde
 	/** @var array<mixed> */
 	public array $acl = [];
 	/** @var int */
 	public int $default_acl;
+
 	// queue key
 	/** @var string */
 	public string $queue_key;
+
+	/** @var array<string> list of allowed types for edit log write */
+	private const WRITE_TYPES = ['BINARY', 'BZIP2', 'LZIP', 'STRING', 'SERIAL', 'JSON'];
+	/** @var array<string> list of available write types for log */
+	private array $write_types_available = [];
+
 	// the current active edit access id
 	/** @var int|null */
 	public int|null $edit_access_id;
 	/** @var string */
 	public string $page_name;
+
 	// error/warning/info messages
 	/** @var array<mixed> */
 	public array $messages = [];
@@ -84,6 +97,7 @@ class Backend
 	public bool $warning = false;
 	/** @var bool */
 	public bool $info = false;
+
 	// internal lang & encoding vars
 	/** @var string */
 	public string $lang_dir = '';
@@ -95,6 +109,7 @@ class Backend
 	public string $domain;
 	/** @var string */
 	public string $encoding;
+
 	/** @var \CoreLibs\Logging\Logging logger */
 	public \CoreLibs\Logging\Logging $log;
 	/** @var \CoreLibs\DB\IO database */
@@ -103,6 +118,7 @@ class Backend
 	public \CoreLibs\Language\L10n $l;
 	/** @var \CoreLibs\Create\Session session class */
 	public \CoreLibs\Create\Session $session;
+
 	// smarty publics [end processing in smarty class]
 	/** @var array<mixed> */
 	public array $DATA = [];
@@ -121,14 +137,16 @@ class Backend
 	 * @param \CoreLibs\Logging\Logging $log     Logging class
 	 * @param \CoreLibs\Create\Session  $session Session interface class
 	 * @param \CoreLibs\Language\L10n   $l10n    l10n language class
-	 * @param int|null                 $set_default_acl_level Default ACL level
+	 * @param int|null                  $set_default_acl_level [default=null] Default ACL level
+	 * @param bool                      $init_action_vars [default=true] If the action vars should be set
 	 */
 	public function __construct(
 		\CoreLibs\DB\IO $db,
 		\CoreLibs\Logging\Logging $log,
 		\CoreLibs\Create\Session $session,
 		\CoreLibs\Language\L10n $l10n,
-		?int $set_default_acl_level = null
+		?int $set_default_acl_level = null,
+		bool $init_action_vars = true
 	) {
 		// attach db class
 		$this->db = $db;
@@ -151,9 +169,9 @@ class Backend
 		// set the page name
 		$this->page_name = \CoreLibs\Get\System::getPageName();
 
-		// set the action ids
+		// NOTE: if any of the "action" vars are used somewhere, it is recommended to NOT set them here
-		foreach ($this->action_list as $_action) {
+		if ($init_action_vars) {
-			$this->$_action = $_POST[$_action] ?? '';
+			$this->adbSetActionVars();
 		}
 
 		if ($set_default_acl_level === null) {
@@ -170,9 +188,12 @@ class Backend
 		}
 
 		// queue key
-		if (preg_match("/^(add|save|delete|remove|move|up|down|push_live)$/", $this->action)) {
+		if (preg_match("/^(add|save|delete|remove|move|up|down|push_live)$/", $this->action ?? '')) {
 			$this->queue_key = \CoreLibs\Create\RandomKey::randomKeyGen(3);
 		}
+
+		// check what edit log data write types are allowed
+		$this->adbSetEditLogWriteTypeAvailable();
 	}
 
 	/**
@@ -183,7 +204,26 @@ class Backend
 		// NO OP
 	}
 
-	// PUBLIC METHODS |=================================================>
+	// MARK: PRIVATE METHODS
+
+	/**
+	 * set the write types that are allowed
+	 *
+	 * @return void
+	 */
+	private function adbSetEditLogWriteTypeAvailable()
+	{
+		// check what edit log data write types are allowed
+		$this->write_types_available = self::WRITE_TYPES;
+		if (!function_exists('bzcompress')) {
+			$this->write_types_available = array_diff($this->write_types_available, ['BINARY', 'BZIP']);
+		}
+		if (!function_exists('gzcompress')) {
+			$this->write_types_available = array_diff($this->write_types_available, ['LZIP']);
+		}
+	}
+
+	// MARK: PUBLIC METHODS |=================================================>
 
 	/**
 	 * set internal ACL from login ACL
@@ -195,30 +235,95 @@ class Backend
 		$this->acl = $acl;
 	}
 
+	/**
+	 * Return current set ACL
+	 *
+	 * @return array<mixed>
+	 */
+	public function adbGetAcl(): array
+	{
+		return $this->acl;
+	}
+
+	/**
+	 * Set _POST action vars if needed
+	 *
+	 * @return void
+	 */
+	public function adbSetActionVars()
+	{
+		// set the action ids
+		foreach ($this->action_list as $_action) {
+			$this->$_action = $_POST[$_action] ?? '';
+		}
+	}
+
 	/**
 	 * writes all action vars plus other info into edit_log table
 	 *
-	 * @param  string              $event      any kind of event description,
+	 * @param  string              $event [default='']        any kind of event description,
-	 * @param  string|array<mixed> $data       any kind of data related to that event
+	 * @param  string|array<mixed> $data [default='']         any kind of data related to that event
-	 * @param  string              $write_type write type can bei STRING or BINARY
+	 * @param  string              $write_type [default=JSON] write type can be
-	 * @param  string|null         $db_schema  override target schema
+	 *                                                        JSON, STRING/SERIEAL, BINARY/BZIP or ZLIB
+	 * @param  string|null         $db_schema [default=null]  override target schema
 	 * @return void
 	 */
 	public function adbEditLog(
 		string $event = '',
 		string|array $data = '',
-		string $write_type = 'STRING',
+		string $write_type = 'JSON',
 		?string $db_schema = null
 	): void {
 		$data_binary = '';
 		$data_write = '';
-		if ($write_type == 'BINARY') {
+		// check if write type is valid, if not fallback to JSON
-			$data_binary = $this->db->dbEscapeBytea((string)bzcompress(serialize($data)));
+		if (!in_array($write_type, $this->write_types_available)) {
-			$data_write = 'see bzip compressed data_binary field';
+			$this->log->warning('Write type not in allowed array, fallback to JSON', context:[
+				"write_type" => $write_type,
+				"write_list" => $this->write_types_available,
+			]);
+			$write_type = 'JSON';
 		}
-		if ($write_type == 'STRING') {
+		switch ($write_type) {
-			$data_binary = '';
+			case 'BINARY':
-			$data_write = $this->db->dbEscapeString(serialize($data));
+			case 'BZIP':
+				$data_binary = $this->db->dbEscapeBytea((string)bzcompress(serialize($data)));
+				$data_write = Json::jsonConvertArrayTo([
+					'type' => 'BZIP',
+					'message' => 'see bzip compressed data_binary field'
+				]);
+				break;
+			case 'ZLIB':
+				$data_binary = $this->db->dbEscapeBytea((string)gzcompress(serialize($data)));
+				$data_write = Json::jsonConvertArrayTo([
+					'type' => 'ZLIB',
+					'message' => 'see zlib compressed data_binary field'
+				]);
+				break;
+			case 'STRING':
+			case 'SERIAL':
+				$data_binary = $this->db->dbEscapeBytea(Json::jsonConvertArrayTo([
+					'type' => 'SERIAL',
+					'message' => 'see serial string data field'
+				]));
+				$data_write = serialize($data);
+				break;
+			case 'JSON':
+				$data_binary = $this->db->dbEscapeBytea(Json::jsonConvertArrayTo([
+					'type' => 'JSON',
+					'message' => 'see json string data field'
+				]));
+				// must be converted to array
+				if (!is_array($data)) {
+					$data = ["data" => $data];
+				}
+				$data_write = Json::jsonConvertArrayTo($data);
+				break;
+			default:
+				$this->log->alert('Invalid type for data compression was set', context:[
+					"write_type" => $write_type
+				]);
+				break;
 		}
 
 		/** @var string $DB_SCHEMA check schema */
@@ -228,44 +333,62 @@ class Backend
 		} elseif (!empty($this->db->dbGetSchema())) {
 			$DB_SCHEMA = $this->db->dbGetSchema();
 		}
-		$q = "INSERT INTO " . $DB_SCHEMA . ".edit_log "
+		$q = <<<SQL
-			. "(euid, event_date, event, data, data_binary, page, "
+		INSERT INTO {DB_SCHEMA}.edit_log (
-			. "ip, user_agent, referer, script_name, query_string, server_name, http_host, "
+			euid, event_date, event, data, data_binary, page,
-			. "http_accept, http_accept_charset, http_accept_encoding, session_id, "
+			ip, user_agent, referer, script_name, query_string, server_name, http_host,
-			. "action, action_id, action_yes, action_flag, action_menu, action_loaded, action_value, action_error) "
+			http_accept, http_accept_charset, http_accept_encoding, session_id,
-			. "VALUES "
+			action, action_id, action_yes, action_flag, action_menu, action_loaded,
-			. "(" . $this->db->dbEscapeString(isset($_SESSION['EUID']) && is_numeric($_SESSION['EUID']) ?
+			action_value, action_type, action_error
-				$_SESSION['EUID'] :
+		) VALUES (
-				'NULL')
+			$1, NOW(), $2, $3, $4, $5,
-			. ", "
+			$6, $7, $8, $9, $10, $11, $12,
-			. "NOW(), "
+			$13, $14, $15, $16,
-			. "'" . $this->db->dbEscapeString((string)$event) . "', "
+			$17, $18, $19, $20, $21, $22,
-			. "'" . $data_write . "', "
+			$23, $24, $25
-			. "'" . $data_binary . "', "
+		)
-			. "'" . $this->db->dbEscapeString((string)$this->page_name) . "', "
+		SQL;
-			. "'" . ($_SERVER["REMOTE_ADDR"] ?? '') . "', "
+		$this->db->dbExecParams(
-			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_USER_AGENT'] ?? '') . "', "
+			str_replace(
-			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_REFERER'] ?? '') . "', "
+				['{DB_SCHEMA}'],
-			. "'" . $this->db->dbEscapeString($_SERVER['SCRIPT_FILENAME'] ?? '') . "', "
+				[$DB_SCHEMA],
-			. "'" . $this->db->dbEscapeString($_SERVER['QUERY_STRING'] ?? '') . "', "
+				$q
-			. "'" . $this->db->dbEscapeString($_SERVER['SERVER_NAME'] ?? '') . "', "
+			),
-			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_HOST'] ?? '') . "', "
+			[
-			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_ACCEPT'] ?? '') . "', "
+				// row 1
-			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_ACCEPT_CHARSET'] ?? '') . "', "
+				isset($_SESSION['EUID']) && is_numeric($_SESSION['EUID']) ?
-			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_ACCEPT_ENCODING'] ?? '') . "', "
+					$_SESSION['EUID'] : null,
-			. ($this->session->getSessionId() === false ?
+				(string)$event,
-				"NULL" :
+				$data_write,
-				"'" . $this->session->getSessionId() . "'")
+				$data_binary,
-			. ", "
+				(string)$this->page_name,
-			. "'" . $this->db->dbEscapeString($this->action) . "', "
+				// row 2
-			. "'" . $this->db->dbEscapeString($this->action_id) . "', "
+				$_SERVER["REMOTE_ADDR"] ?? '',
-			. "'" . $this->db->dbEscapeString($this->action_yes) . "', "
+				$_SERVER['HTTP_USER_AGENT'] ?? '',
-			. "'" . $this->db->dbEscapeString($this->action_flag) . "', "
+				$_SERVER['HTTP_REFERER'] ?? '',
-			. "'" . $this->db->dbEscapeString($this->action_menu) . "', "
+				$_SERVER['SCRIPT_FILENAME'] ?? '',
-			. "'" . $this->db->dbEscapeString($this->action_loaded) . "', "
+				$_SERVER['QUERY_STRING'] ?? '',
-			. "'" . $this->db->dbEscapeString($this->action_value) . "', "
+				$_SERVER['SERVER_NAME'] ?? '',
-			. "'" . $this->db->dbEscapeString($this->action_error) . "')";
+				$_SERVER['HTTP_HOST'] ?? '',
-		$this->db->dbExec($q, 'NULL');
+				// row 3
+				$_SERVER['HTTP_ACCEPT'] ?? '',
+				$_SERVER['HTTP_ACCEPT_CHARSET'] ?? '',
+				$_SERVER['HTTP_ACCEPT_ENCODING'] ?? '',
+				$this->session->getSessionId() !== false ?
+					$this->session->getSessionId() : null,
+				// row 4
+				$this->action ?? '',
+				$this->action_id ?? '',
+				$this->action_yes ?? '',
+				$this->action_flag ?? '',
+				$this->action_menu ?? '',
+				$this->action_loaded ?? '',
+				$this->action_value ?? '',
+				$this->action_type ?? '',
+				$this->action_error ?? '',
+			],
+			'NULL'
+		);
 	}
 
 	/**
@@ -515,16 +638,30 @@ class Backend
 		} elseif (!empty($this->db->dbGetSchema())) {
 			$DB_SCHEMA = $this->db->dbGetSchema();
 		}
-		$q = "INSERT INTO " . $DB_SCHEMA . ".live_queue ("
+		$q = <<<SQL
-			. "queue_key, key_value, key_name, type, target, data, group_key, action, associate, file"
+		INSERT INTO {DB_SCHEMA}.live_queue (
-			. ") VALUES ("
+			queue_key, key_value, key_name, type,
-			. "'" . $this->db->dbEscapeString($queue_key) . "', '" . $this->db->dbEscapeString($key_value) . "', "
+			target, data, group_key, action, associate, file
-			. "'" . $this->db->dbEscapeString($key_name) . "', '" . $this->db->dbEscapeString($type) . "', "
+		) VALUES (
-			. "'" . $this->db->dbEscapeString($target) . "', '" . $this->db->dbEscapeString($data) . "', "
+			$1, $2, $3, $4,
-			. "'" . $this->queue_key . "', '" . $this->action . "', "
+			$5, $6, $7, $8, $9, $10
-			. "'" . $this->db->dbEscapeString((string)$associate) . "', "
+		)
-			. "'" . $this->db->dbEscapeString((string)$file) . "')";
+		SQL;
-		$this->db->dbExec($q);
+		// $this->db->dbExec($q);
+		$this->db->dbExecParams(
+			str_replace(
+				['{DB_SCHEMA}'],
+				[$DB_SCHEMA],
+				$q
+			),
+			[
+				$queue_key, $key_value,
+				$key_name, $type,
+				$target, $data,
+				$this->queue_key, $this->action,
+				(string)$associate, (string)$file
+			]
+		);
 	}
 
 	/**