You are here

function asset_wizard_form_validate in Asset 6

Same name in this branch
  1. 6 asset_wizard.inc \asset_wizard_form_validate()
  2. 6 inc/asset_wizard.inc \asset_wizard_form_validate()
Same name and namespace in other branches
  1. 5 asset_wizard.inc \asset_wizard_form_validate()

Validate callback for asset_wizard_form().

File

./asset_wizard.inc, line 619

Code

function asset_wizard_form_validate($form_id, $form_values) {

  // If the user presses 'cancel' or 'back', we should do no further
  // validation. Also, if they press 'cancel' we should actually
  // goto the finish page, because the 'submit' stage won't be called
  // if the user hasn't filled in one of the mandatory fields. In fact,
  // in that case, Drupal's built in form validation will have set
  // errors that we don't need to show the user.
  if ($form_values['op'] == t(ASSET_WIZARD_CANCEL)) {

    // Clear errors from Drupal's built in validation.
    drupal_get_messages('error');

    // Now go to the 'finish page'
    drupal_goto(ASSET_WIZARD_FINISH_REDIRECT);
    return;
  }
  elseif ($form_values['op'] == t(ASSET_WIZARD_PREVIOUS)) {

    // Clear messages, and do no further validation
    drupal_get_messages('error');
    return;
  }
  elseif ($form_values['op'] == t(ASSET_WIZARD_DELETE)) {
    if (!$form_values['aid']) {
      form_set_error('aid', 'You need to select an asset to delete.');
    }
    elseif ($form_values['deleteme'] == 1) {
      $asset = asset_load(array(
        'aid' => $form_values['aid'],
      ));
      @unlink($asset->filepath);
      db_query('DELETE FROM {asset} WHERE aid=%d LIMIT 1', $form_values['aid']);
      db_query('DELETE FROM {asset_node} WHERE aid=%d', $form_values['aid']);
      drupal_set_message(t('The selected asset has been deleted.'));
    }
  }
  elseif ($form_values['op'] == t('Edit')) {
    if (!$form_values['aid']) {
      form_set_error('aid', 'You need to select an asset to edit.');
    }
  }
  elseif ($form_values['op'] == t('Select') && isset($_SESSION['asset_fieldname'])) {
    $delta = split("-", $_SESSION['asset_fieldname']);
    $delta_count = substr_count($_SESSION['asset_fieldname'], "-");
    $delta_count--;
    $delta = $delta[$delta_count];
    $fieldname = str_replace(array(
      "edit-field-",
      "-{$delta}-",
      "-",
    ), array(
      "",
      "",
      "_",
    ), $_SESSION['asset_fieldname']);
    if (!$form_values['aid']) {
      form_set_error('aid', 'You need to select an asset before inserting it.');
      return;
    }

    // An asset is selected straight from step 1 to insert directly into CCK
    // Create the preview code for the CCK field
    $is_image = array(
      'jpg',
      'jpeg',
      'png',
      'gif',
      'tif',
      'tiff',
      'bmp',
    );
    $a = asset_load(array(
      'aid' => $form_values['aid'],
    ));

    // Preview the image
    if (in_array($a->extension, $is_image)) {
      if (variable_get('asset_imagecache', 0)) {
        $presets = imagecache_presets();
        $preset = $presets[variable_get('asset_imagecache', 0)]['presetname'];
        $preview = theme('imagecache', $preset, str_replace("//", "/", $a->filepath));
      }
      else {
        $asset = array(
          'aid' => $form_values['aid'],
          'format' => 'image',
          'formatter' => 'asset',
          'width' => '120',
          'height' => '80',
        );
        $preview = asset_render_macro($asset);
      }
    }
    else {

      // $preview = asset_preview($form_values['aid']); // This doens't work: inserting javascript code with javascript
      $preview = "Media placeholder";
    }
    $fieldname = "field_" . $fieldname;
    print '<script>
    window.opener.document.getElementById("' . $_SESSION['asset_fieldname'] . 'value").value = "' . $a->filename . '";
    window.opener.document.getElementById("' . $_SESSION['asset_fieldname'] . 'aid").value = "' . $form_values['aid'] . '";
    window.opener.document.getElementById("preview_' . $fieldname . '_' . $delta . '").innerHTML = "' . str_replace("\"", "'", $preview) . '";
    window.opener.document.getElementById("' . $_SESSION['asset_fieldname'] . 'caption").value = "' . $a->title . '";
    window.opener.document.getElementById("' . $_SESSION['asset_fieldname'] . 'copyright").value = "' . $a->author . '";
    window.close();
    </script>';

    // Let's just execute this
    exit;
  }

  // Do whatever validation here. It's probably a good idea to do a
  // switch/case on the wizard step. It may be a good idea to validate
  // everything on each call, as that will catch anyone hacking the
  // form with directly injected form posts, although at slightly
  // more processing.
  switch ($form_values['op']) {
    case t('Next'):
      if ($form_values['delta'] == "directory") {
        if (!$form_values['title']) {
          form_set_error('folder', t('You must specify a folder name.'));
          break;
        }
        if (preg_match('/[^A-Za-z0-9-_.]/', $form_values['title'])) {
          form_set_error('title', t('The folder name may only contain alpha-numeric characters and dashes(-), underscores(_) and periods(.).'));
          break;
        }
        $dir = file_create_path($form_values['parent'] . '/' . $form_values['folder']);
        if (!asset_check_directory($dir, FILE_CREATE_DIRECTORY, 'folder', $form_values)) {
          form_set_error('folder', t('Error creating %dir.', array(
            '%dir' => $dir,
          )));
        }
      }
      if (isset($form_values['delete_confirm'])) {

        // First we delete all assets from this directory
        db_query("DELETE FROM {asset} WHERE type='local' AND dirname='%s'", $form_values['dir']);

        // Then we delete the directory itself
        $path = pathinfo($form_values['dir']);
        db_query("DELETE FROM {asset} WHERE type='directory' AND filename='%s' LIMIT 1", $path['basename']);
        asset_rmdir(file_directory_path() . '/' . $form_values['dir']);

        // We're all done
        unset($_SESSION['messages']);
        drupal_set_message("The directory \"" . $path['basename'] . "\" and its content have been removed");
        drupal_goto(filter_xss($_GET['q']), 'dir=');
      }
      if (isset($form_values['edit-asset'])) {
        db_query('DELETE FROM {asset_role} WHERE aid=%d', $form_values['aid']);
        foreach ($form_values['roles'] as $role => $access) {
          db_query('INSERT INTO {asset_role} (aid, rid, status) VALUES (%d, %d, %d)', array(
            $form_values['aid'],
            $role,
            $access,
          ));
        }
        db_query("UPDATE {asset} SET filename='%s', title='%s', author='%s', description='%s', status=%d WHERE aid=%d LIMIT 1", $form_values['filename'], $form_values['title'], $form_values['author'], $form_values['description'], $form_values['status'], $form_values['aid']);
        $newdir = 0;
        if ($form_value['old-parent'] != $form_values['parent']) {
          $newdir = 1;
        }
        if ($form_values['old-filename'] != $form_values['filename']) {
          $newdir = 1;
        }
        if ($newdir) {
          empty($form_values['parent']) ? $dir = "" : ($dir = $form_values['parent'] . "/");
          empty($form_values['old-parent']) ? $olddir = "" : ($olddir = $form_values['old-parent'] . "/");
          if (rename(file_directory_path() . '/' . $olddir . $form_values['old-filename'], file_directory_path() . '/' . $dir . $form_values['filename'])) {
            db_query("UPDATE {asset} SET dirname='%s' WHERE aid=%d LIMIT 1", $form_values['parent'], $form_values['aid']);
            drupal_set_message(t('Your changes have been saved.'));
            drupal_goto($_GET['q'], 'dir=' . $form_values['parent'] . '&noreset=1');
            break;
          }
          else {
            drupal_set_message(t('There was an error copying the file to the new directory.'), 'error');
            break;
          }
        }
        drupal_set_message(t('Your changes have been saved.'));
        break;
      }
      if ($form_values['step'] == 1 && isset($form_values['module'])) {

        // allow validate to return an aid
        $retval = module_invoke($form_values['module'], 'asset_type', 'validate', $form_values['delta'], $form_values);
        if (is_numeric($retval)) {
          $_POST['aid'] = $retval;
          $form_values['aid'] = $retval;
        }
      }
      if ($form_values['step'] == 1 && !isset($_GET['op']) && !$form_values['aid']) {
        form_set_error('aid', t('Please select a file.'));
      }
      if ($form_values['step'] == 2 && !$form_values['formatter']) {
        form_set_error('formatter', t('Please select a formatter.'));
      }
      break;
  }
}