diff --git a/docs/changelog/7.x.x.txt b/docs/changelog/7.x.x.txt index db4588b58..80fdd08a0 100644 --- a/docs/changelog/7.x.x.txt +++ b/docs/changelog/7.x.x.txt @@ -12,6 +12,11 @@ Commerce merge migrated to the code provided by YUI 2.5.0. - As a result of the above, we no longer need extjs, and it has been removed. + - fix: Fwd: lazy guys bug report about the product system + - fix: Processing a Cash/Check Order + - Rewrote Event Manager fromthe ground up. + - Added WebGUI.str javascript class with sprintf and trim methods. + 7.5.3 - prevent HTML and Macro injection in usernames diff --git a/docs/upgrades/upgrade_7.5.2-7.5.3.pl b/docs/upgrades/upgrade_7.5.2-7.5.3.pl index 56a52f859..527e7598c 100644 --- a/docs/upgrades/upgrade_7.5.2-7.5.3.pl +++ b/docs/upgrades/upgrade_7.5.2-7.5.3.pl @@ -111,8 +111,8 @@ sub upgradeEMS { )"); $db->write("create table EMSRegistrantRibbon ( badgeId varchar(22) binary not null, - tokenAssetId varchar(22) binary not null, - primary key (badgeId,tokenAssetId) + ribbonAssetId varchar(22) binary not null, + primary key (badgeId,ribbonAssetId) )"); $db->write("create table EMSBadge ( assetId varchar(22) binary not null, diff --git a/lib/WebGUI/Asset/Sku/EMSTicket.pm b/lib/WebGUI/Asset/Sku/EMSTicket.pm index 17036574b..c82b8ec8e 100644 --- a/lib/WebGUI/Asset/Sku/EMSTicket.pm +++ b/lib/WebGUI/Asset/Sku/EMSTicket.pm @@ -88,8 +88,8 @@ sub definition { tab => "properties", fieldType => "integer", defaultValue => $session->db->quickScalar("select max(eventNumber)+1 from EMSTicket"), - label => $i18n->get("seats available"), - hoverHelp => $i18n->get("seats available help"), + label => $i18n->get("event number"), + hoverHelp => $i18n->get("event number help"), }, startDate => { tab => "properties", @@ -107,10 +107,10 @@ sub definition { }, location => { tab => "properties", - fieldType => "comboBox", + fieldType => "combo", options => $session->db->buildHashRef("select distinct(location) from EMSTicket order by location"), - label => $i18n->get("seats available"), - hoverHelp => $i18n->get("seats available help"), + label => $i18n->get("location"), + hoverHelp => $i18n->get("location help"), }, relatedBadges => { tab => "properties", diff --git a/lib/WebGUI/Asset/Wobject/EventManagementSystem.pm b/lib/WebGUI/Asset/Wobject/EventManagementSystem.pm index 73ef4654a..e9aa8c3bc 100644 --- a/lib/WebGUI/Asset/Wobject/EventManagementSystem.pm +++ b/lib/WebGUI/Asset/Wobject/EventManagementSystem.pm @@ -28,6 +28,10 @@ use Text::CSV_XS; use IO::Handle; use File::Temp 'tempfile'; use Data::Dumper; +use WebGUI::Asset::Sku::EMSBadge; +use WebGUI::Asset::Sku::EMSTicket; +use WebGUI::Asset::Sku::EMSRibbon; +use WebGUI::Asset::Sku::EMSToken; #------------------------------------------------------------------- @@ -275,6 +279,47 @@ STOP #------------------------------------------------------------------- +=head2 www_addRibbonToBadge () + +Adds a ribbon to a badge. Expects two form parameters, assetId and badgeId, where assetId represents the ribbon, and badgeId represents the badge. + +=cut + +sub www_addRibbonToBadge { + my $self = shift; + my $session = $self->session; + return $session->privilege->insufficient() unless $self->canView; + my $form = $session->form; + my $ribbon = WebGUI::Asset->new($session, $form->get('assetId'), 'WebGUI::Asset::Sku::EMSRibbon'); + if (defined $ribbon) { + $ribbon->addToCart({badgeId=>$form->get('badgeId')}); + } + return $self->www_getRegistrantAsJson(); +} + +#------------------------------------------------------------------- + +=head2 www_addTokenToBadge () + +Adds a token to a badge. Expects three form parameters, assetId, quantity, and badgeId, where assetId represents the token, quantity is the amount to add, and badgeId represents the badge. + +=cut + +sub www_addTokenToBadge { + my $self = shift; + my $session = $self->session; + return $session->privilege->insufficient() unless $self->canView; + my $form = $session->form; + my $token = WebGUI::Asset->new($session, $form->get('assetId'), 'WebGUI::Asset::Sku::EMSToken'); + if (defined $token) { + my $item = $token->addToCart({badgeId=>$form->get('badgeId')}); + $item->setQuantity($form->get('quantity')); + } + return $self->www_getRegistrantAsJson(); +} + +#------------------------------------------------------------------- + =head2 www_getBadgesAsJson () Retrieves a list of badges for the www_view() method. @@ -321,15 +366,15 @@ sub www_getRibbonsAsJson { return $session->privilege->insufficient() unless $self->canView; my ($db, $form) = $session->quick(qw(db form)); my %results = (); - foreach my $badge (@{$self->getLineage(['children'],{returnObjects=>1, includeOnlyClasses=>['WebGUI::Asset::Sku::EMSRibbon']})}) { + foreach my $ribbon (@{$self->getLineage(['children'],{returnObjects=>1, includeOnlyClasses=>['WebGUI::Asset::Sku::EMSRibbon']})}) { push(@{$results{records}}, { - title => $badge->getTitle, - description => $badge->get('description'), - price => $badge->getPrice+0, - url => $badge->getUrl, - editUrl => $badge->getUrl('func=edit'), - deleteUrl => $badge->getUrl('func=delete'), - assetId => $badge->getId, + title => $ribbon->getTitle, + description => $ribbon->get('description'), + price => $ribbon->getPrice+0, + url => $ribbon->getUrl, + editUrl => $ribbon->getUrl('func=edit'), + deleteUrl => $ribbon->getUrl('func=delete'), + assetId => $ribbon->getId, }); } $results{totalRecords} = $results{recordsReturned} = scalar(@{$results{records}}); @@ -340,6 +385,42 @@ sub www_getRibbonsAsJson { return JSON::to_json(\%results); } + +#------------------------------------------------------------------- + +=head2 www_getTicketsAsJson () + +Retrieves a list of tickets for the www_viewExtras() method. + +=cut + +sub www_getTicketsAsJson { + my ($self) = @_; + my $session = $self->session; + return $session->privilege->insufficient() unless $self->canView; + my ($db, $form) = $session->quick(qw(db form)); + my %results = (); + foreach my $ticket (@{$self->getLineage(['children'],{returnObjects=>1, includeOnlyClasses=>['WebGUI::Asset::Sku::EMSTicket']})}) { + push(@{$results{records}}, { + title => $ticket->getTitle, + description => $ticket->get('description'), + price => $ticket->getPrice+0, + quantityAvailable => $ticket->getQuantityAvailable, + url => $ticket->getUrl, + editUrl => $ticket->getUrl('func=edit'), + deleteUrl => $ticket->getUrl('func=delete'), + assetId => $ticket->getId, + }); + } + $results{totalRecords} = $results{recordsReturned} = scalar(@{$results{records}}); + $results{'startIndex'} = 0; + $results{'sort'} = undef; + $results{'dir'} = "asc"; + $session->http->setMimeType('text/json'); + return JSON::to_json(\%results); +} + + #------------------------------------------------------------------- =head2 www_getTokensAsJson () @@ -354,15 +435,15 @@ sub www_getTokensAsJson { return $session->privilege->insufficient() unless $self->canView; my ($db, $form) = $session->quick(qw(db form)); my %results = (); - foreach my $badge (@{$self->getLineage(['children'],{returnObjects=>1, includeOnlyClasses=>['WebGUI::Asset::Sku::EMSToken']})}) { + foreach my $token (@{$self->getLineage(['children'],{returnObjects=>1, includeOnlyClasses=>['WebGUI::Asset::Sku::EMSToken']})}) { push(@{$results{records}}, { - title => $badge->getTitle, - description => $badge->get('description'), - price => $badge->getPrice+0, - url => $badge->getUrl, - editUrl => $badge->getUrl('func=edit'), - deleteUrl => $badge->getUrl('func=delete'), - assetId => $badge->getId, + title => $token->getTitle, + description => $token->get('description'), + price => $token->getPrice+0, + url => $token->getUrl, + editUrl => $token->getUrl('func=edit'), + deleteUrl => $token->getUrl('func=delete'), + assetId => $token->getId, }); } $results{totalRecords} = $results{recordsReturned} = scalar(@{$results{records}}); @@ -384,10 +465,122 @@ Retrieves the properties of the current badge and the items attached to it. sub www_getRegistrantAsJson { my ($self) = @_; my $session = $self->session; + my $db = $session->db; return $session->privilege->insufficient() unless $self->canView; - my $badgeId = $self->session->form->get('badgeId'); - my $badgeInfo = $session->db->quickHashRef("select * from EMSRegistrant where badgeId=?",[$badgeId]); $session->http->setMimeType('text/json'); + my @tickets = (); + my @tokens = (); + my @ribbons = (); + my $badgeId = $self->session->form->get('badgeId'); + + # get badge info + my $badgeInfo = $session->db->quickHashRef("select * from EMSRegistrant where badgeId=?",[$badgeId]); + return "{}" unless (exists $badgeInfo->{badgeAssetId}); + my $badge = WebGUI::Asset::Sku::EMSBadge->new($session, $badgeInfo->{badgeAssetId}); + $badgeInfo->{title} = $badge->getTitle; + $badgeInfo->{sku} = $badge->get('sku'); + $badgeInfo->{assetId} = $badge->getId; + $badgeInfo->{hasPurchased} = ($badgeInfo->{puchaseComplete}) ? 1 : 0; + + # get existing tickets + my $existingTickets = $db->read("select ticketAssetId from EMSRegistrantTicket where badgeId=? and purchaseComplete=1",[$badgeId]); + while (my ($id) = $existingTickets->array) { + my $ticket = WebGUI::Asset::Sku::EMSTicket->new($session, $id); + push(@tickets, { + title => $ticket->getTitle, + eventNumber => $ticket->get('eventNumber'), + hasPurchased => 1, + startDate => $ticket->get('startDate'), + endDate => $ticket->get('endDate'), + location => $ticket->get('location'), + assetId => $ticket->getId, + sku => $ticket->get('sku'), + }); + } + + # get existing ribbons + my $existingRibbons = $db->read("select ribbonAssetId from EMSRegistrantRibbon where badgeId=?",[$badgeId]); + while (my ($id) = $existingRibbons->array) { + my $ribbon = WebGUI::Asset::Sku::EMSRibbon->new($session, $id); + push(@ribbons, { + title => $ribbon->getTitle, + hasPurchased => 1, + assetId => $ribbon->getId, + sku => $ribbon->get('sku'), + }); + } + + # get existing tokens + my $existingTokens = $db->read("select tokenAssetId,quantity from EMSRegistrantToken where badgeId=?",[$badgeId]); + while (my ($id, $quantity) = $existingTokens->array) { + my $token = WebGUI::Asset::Sku::EMSToken->new($session, $id); + push(@tokens, { + title => $token->getTitle, + hasPurchased => 1, + quantity => $quantity, + assetId => $token->getId, + sku => $token->get('sku'), + }); + } + + # see what's in the cart + my $cart = WebGUI::Shop::Cart->getCartBySession($session); + foreach my $item (@{$cart->getItems}) { + # not related to this badge, so skip it + next unless $item->get('options')->{badgeId} eq $badgeId; + + my $sku = $item->getSku; + # it's a ticket + if ($sku->isa('WebGUI::Asset::Sku::EMSTicket')) { + push(@tickets, { + title => $sku->getTitle, + eventNumber => $sku->get('eventNumber'), + itemId => $item->getId, + startDate => $sku->get('startDate'), + endDate => $sku->get('endDate'), + location => $sku->get('location'), + assetId => $sku->getId, + sku => $sku->get('sku'), + hasPurchased => 0, + price => $sku->getPrice+0, + }); + } + # it's a token + elsif ($sku->isa('WebGUI::Asset::Sku::EMSToken')) { + push(@tokens, { + title => $sku->getTitle, + itemId => $item->getId, + quantity => $item->get('quantity'), + assetId => $sku->getId, + hasPurchased => 0, + sku => $sku->get('sku'), + price => $sku->getPrice+0 * $item->get('quantity'), + }); + } + + # it's a ribbon + elsif ($sku->isa('WebGUI::Asset::Sku::EMSRibbon')) { + push(@ribbons, { + title => $sku->getTitle, + itemId => $item->getId, + assetId => $sku->getId, + hasPurchased => 0, + sku => $sku->get('sku'), + price => $sku->getPrice+0, + }); + } + # it's this badge + elsif ($sku->isa('WebGUI::Asset::Sku::EMSRibbon')) { + $badgeInfo->{hasPurchased} = 0; + $badgeInfo->{itemId} = $item->getId; + $badgeInfo->{price} = $sku->getPrice+0; + } + } + $badgeInfo->{tokens} = \@tokens; + $badgeInfo->{tickets} = \@tickets; + $badgeInfo->{ribbons} = \@ribbons; + + # build json datasource return JSON::to_json($badgeInfo); } @@ -405,7 +598,7 @@ sub www_viewExtras { my ($self, $badgeId, $whichTab) = @_; my $session = $self->session; return $session->privilege->noAccess() unless $self->canView; - $badgeId = $session->form->get("badgeId") unless ($badgeId eq ""); + $badgeId = $session->form->get("badgeId") if ($badgeId eq ""); $whichTab ||= "tickets"; my ($style, $url) = $session->quick(qw(style url)); @@ -419,6 +612,7 @@ sub www_viewExtras { $style->setScript($url->extras('/yui/build/datatable/datatable-beta-min.js'), {type=>'text/javascript'}); $style->setScript($url->extras('/yui/build/container/container-min.js'), {type=>'text/javascript'}); $style->setScript($url->extras('/yui/build/tabview/tabview-min.js'), {type=>'text/javascript'}); + $style->setScript($url->extras('/yui-webgui/build/string/string.js'), {type=>'text/javascript'}); $style->setRawHeadTags(q|