Project-Pro/wingedit.pl
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2fa33a3be9175e3884a8bb91ad482e66f64da681
wingedit.pl/wp-content/plugins/really-simple-ssl/security/wordpress/DynamicDatatable/DataTable.php
Jacek Pyziak 2fa33a3be9 first commit
2024-11-04 20:48:19 +01:00

142 lines
4.7 KiB
PHP
Raw Blame History

<?php
namespace security\wordpress\DynamicTables;
class DataTable {
/**
* @var mixed
*/
public $post;
/**
* @var array|int[]
*/
private $paging;
private $queryBuilder;
/**
* @var array
*/
private $validateRaw;
public function __construct( $POST, QueryBuilder $queryBuilder ) {
$this->post = $POST;
$this->queryBuilder = $queryBuilder;
}
/**
* This class validates all sorting parameters
* @throws Exception
*/
public function validateSorting() {
//first we check if the sortColumn and sortDirection are set
if ( isset( $this->post['sortColumn'] ) && isset( $this->post['sortDirection'] ) ) {
//then we check if the sortColumn is a valid column
if (
! in_array( $this->post['sortColumn']['column'], $this->queryBuilder->getColumns() )
) {
//we also check if it is in the validateRaw array
if ( ! in_array( $this->post['sortColumn']['column'], $this->validateRaw ) ) {
throw new Exception( 'Invalid sort column' );
}
}
//then we check if the sortDirection is a valid direction
if ( ! in_array( $this->post['sortDirection'], array( 'asc', 'desc' ) ) ) {
throw new Exception( 'Invalid sort direction' );
}
$this->queryBuilder->orderBy( $this->post['sortColumn']['column'], $this->post['sortDirection'] );
}
return $this;
}
private function getColumns() {
return $this->queryBuilder->getColumns();
}
/**
* @throws Exception
*/
public function setSelect( array $array ) {
//we loop through the array and check if the column is valid
// and if the column starts with raw: we exclude it from the check
$rawColumns = [];
foreach ( $array as $column ) {
if ( strpos( $column, 'raw:' ) === false ) {
if ( ! in_array( $column, $this->getColumns() ) ) {
throw new Exception( 'Invalid column' );
}
} else {
//we remove the column from the array and add it to the rawColumns array
unset( $array[ array_search( $column, $array ) ] );
$rawColumns[] = str_replace( 'raw:', '', $column );
}
}
//we get the first array element and add it to the query
$this->queryBuilder->select( $array[0] );
//we loop through the rest of the array and add it to the query
for ( $i = 1; $i < count( $array ); $i ++ ) {
$this->queryBuilder->addSelect( $array[ $i ] );
}
//we add the raw columns to the query
foreach ( $rawColumns as $rawColumn ) {
$this->queryBuilder->addSelect( $rawColumn );
//we extract the column name from the raw column
$columnName = explode( ' as ', $rawColumn )[1];
//we add the column name to the columns array
$this->validateRaw[] = $columnName;
}
return $this;
}
public function getResults() {
return $this->queryBuilder->paginate( ...$this->paging );
}
/**
* @throws Exception
*/
public function validatePagination() {
$perPage = 10;
$page = 1;
//we check if the paging parameters are set
if ( isset( $this->post['page'] ) ) {
//we check if the page is a number
if ( ! is_numeric( $this->post['page'] ) ) {
throw new Exception( 'Invalid page number' );
}
$page = $this->post['page'];
}
if ( isset( $this->post['currentRowsPerPage'] ) ) {
//we check if the perPage is a number
if ( ! is_numeric( $this->post['currentRowsPerPage'] ) ) {
throw new Exception( 'Invalid per page number' );
}
$perPage = $this->post['currentRowsPerPage'];
}
$this->paging = [ $perPage, $page ];
return $this;
}
public function validateSearch() {
if ( isset( $this->post['search'] ) && count( $this->post['searchColumns'] ) > 0 ) {
//we check if the searchColumns are valid
foreach ( $this->post['searchColumns'] as $column ) {
if ( ! in_array( $column, $this->getColumns() ) ) {
throw new Exception( 'Invalid search column' );
}
}
//we add the search to the query
foreach ( $this->post['searchColumns'] as $column ) {
$this->queryBuilder->where( $column, 'like', '%' . $this->post['search'] . '%' );
}
}
return $this;
}
}
Reference in New Issue View Git Blame Copy Permalink