Class: MF_Widget_file extends MF_Widget
- Package: saf.MailForm
- Author: John Luxford <lux@simian.ca>
- Copyright: Copyright (C) 2001-2003, Simian Systems Inc.
- License: http://www.sitellite.org/index/license Simian Open Software License
- Version: 1.8, 2002-08-05, $Id: File.php,v 1.7 2007/10/06 00:06:30 lux Exp $
- Access: public
File widget. Displays an HTML <input type="file" /> form field.
New in 1.2:
- Added a move() method, to move the temp file to a more permanent location.
move() also calls is_uploaded_file for you, but since the $cgi object
does also it's duplicate code. We do need it though to make sure we don't
try talking to an object under $cgi that doesn't exist.
Calls is_uploaded_file() internally, so there's no need to do it again.
- Added a $path property, so that the path to save files to can be pre-specified.
New in 1.4:
- Added a $web_path property, to distinguish between the filesystem path and the
web folder path.
New in 1.6:
- Added a constructor method to set the $passover_isset value to true, which
is inherited from MF_Widget.
New in 1.8:
- Added $mode, $user, and $group properties, which set the mode, user, and
group information for newly uploaded files during the move() method.
Usage Example
<?php
$widget = new MF_Widget_file ('name');
$widget->validation ('is "foo"');
$widget->setValue ('foo');
$widget->error_message = 'Oops! This widget is being unruly!';
?>
Return to Top
Properties
$invalid_field = ''
Contains the name of the widget that did not validate during
the last call to the invalid () method.
$method
The value of the method attribute of the HTML form tag.
$method is actually an alias for $_attrs['method'].
$action
The value of the action attribute of the HTML form tag.
$action is actually an alias for $_attrs['action'].
$widgets = array ()
An array of form widgets.
$template
The optional template file or data used to customize the look
of the form.
$title
The title to be displayed at the top of the form.
$message
The initial message to be displayed at the top of the form.
$extra = ''
A way to pass extra parameters to the HTML form tag, for
example 'enctype="multipart/form-data"'.
$error_message
Contains the message from any internal errors.
$error_mode = 'single'
Determines the way in which error messages are displayed.
The default ('single') is to display the error message for the first
invalid field only. The other ('all') is to display a list of all
invalid fields with their corresponding error messages. Please note
that $error_mode 'all' assumes that a custom error message is provided
for every rule.
$invalid = array ()
A list of all invalid fields in the form, and their corresponding
error messages.
$submitted = false
Contains a true or false value as to whether the form has been
submitted successfully or not. An invalid form will contain false.
This value is used internally by the setValues() method.
$name
The name of the widget.
$_attrs = array ()
This contains a list of attributes of the HTML form tag.
$sendTo
The email address to send the form to in the default handler.
$sendFrom = ''
The email address to send the form from in the default handler.
$sendExtra = ''
Any extra parameters for the mail() function in the default handler.
$sendSubject = 'Mail Form'
The subject line of the email to send from the default handler.
$screenReply = 'Thank you. Your form has been sent.'
The response to return upon a successfully submitted form in the
default handler. Defaults to "Thank you. Your form has been sent."
$handler
The function or object method to use to handle the submitted form.
This function or method will be called by the run() method. Use the
setHandler() method to change this setting.
$uploadFiles = true
Whether to upload files automatically or to leave them for a custom
saving mechanism.
$verify_sender = false
Whether to verify the REQUEST_METHOD and HTTP_REFERER headers to make
it more difficult (although not impossible) for spammers to abuse your
form. Note that this can be enabled in a form's settings file under
the [Form] block via: verify_sender = yes
$clean_input = false
Whether to strip all HTML and PHP tags/code from all input parameters.
This is off by default because it would break forms with the Xed editor
by default, so it must be enabled as needed. Note that this can be
enabled in a form's settings file under the [Form] block via:
clean_input = yes
$blacklist = true
Whether to verify the remote address of the form submitter against
a list of invalid IP addresses in the database table
sitellite_form_blacklist so as to prevent repeated abuse from a single
source.
$verify_session = true
Whether to verify that the submitter can accept session data, which
helps ensure they are a legitimate human user. Passing session
verification requires cookies to be enabled for the submitter, which
may help prevent abuse in combination with the other abuse-prevention
techniques because a spambot may ignore the cookie, however this
restricts forms for legitimate visitors who have cookies disabled
in their browser (only a very small number of users disable cookies,
but some do). To disable for a single form, add verify_session = no
to its settings.php form.
$autosave = false
Whether this form should tie into Sitellite's autosave capabilities.
Please note that the autosave handler is only available to authenticated
users and not to anonymous forms.
$rule
The original unmodified rule definition.
$msg
The error message for this rule.
$type = 'file'
This is the short name for this widget. The short name is
the class name minus the 'MF_Widget_' prefix.
$value
The rule value. This corresponds to the part of the rule
in double quotes (ie. type "value").
$negated = false
If a 'not' is present at the start of the rule, this will be
set to true, otherwise false.
$allowed = array ()
The access levels the user is allowed to access.
$nullable
Determines whether this widget can be set to null in the database.
$tables = array ()
The list of elements that are to be displayed.
$allow_all_text = 'Allow All'
The text to display for the first element, which defaults to 'Allow All'.
$size = 3
Sets the size attribute of the select box that displays
the current attachments. Defaults to 3.
$addLink = 'addAttachment.php'
This is the link to send the 'Add' button to. Defaults to
'addAttachment.php'.
$removeLink = 'removeAttachment.php'
This is the link to send the 'Remove' button to. Defaults to
'removeAttachment.php'.
$format = '%Y-%m-%d'
This determines the format of the date stored in the hidden
field, and also the format submitted by the form widget.
$displayFormat = '%a, %e %b, %Y'
This determines the format of the date displayed to the user.
$lang = 'en'
This determines the language file to load for the calendar
user interface. See the folder /js/calendar/lang for a list
of available languages.
$style = 'sitellite'
This determines the stylesheet to load for the calendar
user interface. See the CSS files in the folder /js/calendar
for a list of available stylesheets, or information on
writing your own.
$showsTime = false
Determines whether to show the time selection options under the
calendar.
$timeFormat = '12'
Sets the display time to 24 hours, or 12 hours with AM/PM option.
The default is 12 hours.
$fieldset = true
Set this to false if you don't want the fieldset and legend tags.
$align = 'vertical'
This determines the alignment of the buttons. The default is vertical,
which puts each button on its own row. Setting this to horizontal will put
the buttons all on the same row.
$_vertical_template = ' <tr>
<td colspan="2" class="field">
{if obj.fieldset}
<fieldset>
<legend{filter none}{invalid}{end filter}>{display_value}</legend>
{end if}
{loop obj.value}
<input
type="checkbox"
{filter none}{attrstr}{end filter}
value="{loop/_key}"
id="{name}_{loop/_key}"
{if in_array (loop._key, obj.values)}checked="checked"{end if}
{filter none}{extra}{end filter}
/>
<label for="{name}_{loop/_key}">{loop/_value}</label><br />
{end loop}
{if obj.fieldset}
</fieldset>
{end if}
</td>
</tr>
'
$_horizontal_template = ' <tr>
<td colspan="3" class="field">
<table width="100%"><tr><td width="60%" valign="top">
<span{filter none}{invalid}>{display_value}{end filter}</span>
</td>
{loop obj.value}
<td valign="top" align="center"><input
type="checkbox"
{filter none}{attrstr}{end filter}
value="{loop/_key}"
id="{name}_{loop/_key}"
{if in_array (loop._key, obj.values)}checked="checked"{end if}
{filter none}{extra}{end filter}
/>
<label for="{name}_{loop/_key}">{loop/_value}</label></td>
{end loop}
</tr></table>
</td>
</tr>
'
$year
Unused and deprecated.
$month
Unused and deprecated.
$day
Unused and deprecated.
$lowest_year
The lowest year to be displayed in the year select box. Set to a
default value of 25 years ago by the constructor method.
$highest_year
The highest year to be displayed in the year select box. Set to a
default value of one year into the future by the constructor method.
$date
Unused and deprecated.
$time
Unused and deprecated.
$extensions = array ()
Contains a list of valid file extensions to display from the
directory.
$directory
Contains the directory to read the list of files from.
$data_value_DIRLIST
Contains the data value of this widget.
$show_viewbutton
Determines whether or not to display a 'view' link next to
the select box, which will pop up a view of the item from the list.
$web_path = ''
The web path to the directory in which to place the uploaded file.
$formname
Contains the name property of the current form. Required only if
$show_viewbutton is true.
$recursive
Whether or not the list should display recursively into sub-directories.
$path = ''
The directory in which to place the uploaded file.
$mode = false
Specifies a mode to chmod() the newly uploaded file to during
the move() method. The mode is also known as the permissions of the
file. Must be set as a 4-digit octal value with the first digit on
the left being a zero (0), for example 0755. See the PHP documentation
for the chmod() function for more information.
$user = false
Specifies a user to chown() the newly uploaded file to during
the move() method. This is not likely to work on most systems, but
it exists for the few strange (and highly suspect) configurations
where it will. See the PHP documentation for the chown() function
for more information.
$group = false
Specifies a group to chgrp() the newly uploaded file to during
the move() method. Can only be changed to any group that the PHP user
belongs to. See the PHP documentation for the chgrp() function for
more information.
$clear = false
This determines whether to provide a "Clear" button when a file exists
in an edit form, so that the current value can be reset without being
replaced.
Return to Top
Methods
MF_Widget_file ($name)
Constructor Method. Also sets the $passover_isset property
to false.
display ($generate_html = 0)
- Access: public
- Return: string
Returns the display HTML for this widget. The optional
parameter determines whether or not to automatically display the widget
nicely, or whether to simply return the widget (for use in a template).
move ($path = '', $fname = '', $cgi = '')
- Access: public
- Return: boolean
Calls the move() method of the corresponding UploadedFile
object in the provided $cgi object's properties. If no $cgi object
is provided, it assumes a global one. Returns empty on failure or
on 'no file uploaded', and returns the web path to the newly placed
file upon success.
Return to Top