$control_password->readWebValue($values, $blobfields, NULL, NULL, $filename_values);
// processing email
$control_email = $pageObject->getControl("email", $id);
$control_email->readWebValue($values, $blobfields, NULL, NULL, $filename_values);
$strUsername = $values["username"];
$strPassword = $values["password"];
$strEmail = $values["email"];
if ($regCipherer->isFieldEncrypted("username")) {
$sUsername = $regCipherer->MakeDBValue("username", $strUsername, "", true);
} else {
$sUsername = add_db_quotes("username", $strUsername);
}
if ($regCipherer->isFieldEncrypted("email")) {
$sEmail = $regCipherer->MakeDBValue("email", $strEmail, "", true);
} else {
$sEmail = add_db_quotes("email", $strEmail);
}
// add filenames to values
foreach ($filename_values as $key => $value) {
$values[$key] = $value;
}
// check if entered username already exists
if (!strlen($strUsername)) {
$pageObject->jsSettings['tableSettings'][$strTableName]['msg_userError'] = "Username can not be empty.";
$allow_registration = false;
} else {
$strSQL = "select count(*) from " . $pageObject->connection->addTableWrappers("ConsolidatedStockEnquiry_users") . " where " . $pageObject->getFieldSQLDecrypt("username") . "=" . $sUsername;
$data = $pageObject->connection->query($strSQL)->fetchNumeric();
if ($data[0] > 0) {
$pageObject->jsSettings['tableSettings'][$strTableName]['msg_userError'] = "Username" . " <i>" . $strUsername . "</i> " . "already exists. Choose another username.";
$allow_registration = false;
function InsertRecord($arr, $recInd)
{
global $goodlines, $conn, $error_message, $keys_present, $keys, $strOriginalTableName, $strTableName, $eventObj, $locale_info, $auditObj;
$ret = 1;
$rawvalues = array();
foreach ($arr as $key => $val) {
$rawvalues[$key] = $val;
$type = GetFieldType($key);
if (!NeedQuotes($type)) {
$value = (string) $val;
$value = str_replace(",", ".", $value);
if (strlen($value) > 0) {
$value = str_replace($locale_info["LOCALE_SCURRENCY"], "", $value);
$arr[$key] = 0 + $value;
} else {
$arr[$key] = NULL;
}
}
}
$retval = true;
if ($eventObj->exists('BeforeInsert')) {
$retval = $eventObj->BeforeInsert($rawvalues, $arr);
}
if ($retval) {
$fields = array_keys($arr);
foreach ($fields as $key => $val) {
$fields_list[$key] = AddFieldWrappers(GetFullFieldName($val));
}
$values_list = "";
foreach ($arr as $key => $val) {
if (!is_null($arr[$key])) {
$values_list .= add_db_quotes($key, $val) . ", ";
} else {
$values_list .= "NULL, ";
}
}
if (strlen($values_list) > 0) {
$values_list = substr($values_list, 0, strlen($values_list) - 2);
}
$sql = "insert into " . AddTableWrappers($strOriginalTableName) . " (" . implode(",", $fields_list) . ") values (" . $values_list . ")";
if (db_exec_import($sql, $conn)) {
$goodlines++;
if ($auditObj) {
$aKeys = GetKeysArray($arr, true);
$auditObj->LogAdd($strTableName, $arr, $aKeys);
}
} else {
$temp_error_message = "<b>Error:</b> in the line: " . implode(",", $arr) . ' <a linkType="debugOpener" recId="' . $recInd . '" href="" onclick="importMore(' . $recInd . ');">More info</a><br>';
$temp_error_message .= '<div id="importDebugInfoTable' . $recInd . '" cellpadding="3" cellspacing="1" align="center" style="display: none;"><p class="error">SQL query: ' . $sql . '; </p><p class="error">DB error: ' . db_error($conn) . ';</p></div>';
$temp_error_message .= "<br><br>";
// we'll try to update the record
if ($keys_present) {
$sql = "update " . AddTableWrappers($strOriginalTableName) . " set ";
$sqlset = "";
$where = " where ";
foreach ($fields as $k => $val) {
if (!in_array(AddFieldWrappers($fields[$k]), $keys)) {
if (!is_null($arr[$val])) {
$sqlset .= $fields_list[$k] . "=" . add_db_quotes($val, $arr[$val]) . ", ";
} else {
$sqlset .= $fields_list[$k] . "=NULL, ";
}
} else {
$where .= $fields_list[$k] . "=" . add_db_quotes($val, $arr[$val]) . " and ";
}
}
if (strlen($sqlset) > 0) {
$sql .= substr($sqlset, 0, strlen($sqlset) - 2);
}
$where = substr($where, 0, strlen($where) - 5);
$sql .= " " . $where;
$rstmp = db_query("select * from " . AddTableWrappers($strOriginalTableName) . " " . $where, $conn);
$data = db_fetch_array($rstmp);
if ($data) {
if ($auditObj) {
foreach ($data as $key => $val) {
$auditOldValues[$key] = $val;
}
}
if (db_exec_import($sql, $conn)) {
// update successfull
$goodlines++;
if ($auditObj) {
$aKeys = GetKeysArray($arr);
$auditObj->LogEdit($strTableName, $arr, $auditOldValues, $aKeys);
}
} else {
echo 'not updated';
// update not successfull
$error_message .= $temp_error_message;
$ret = 0;
}
} else {
$error_message .= $temp_error_message;
$ret = 0;
}
} else {
$error_message .= $temp_error_message;
}
}
return $ret;
}
}
function DoInsertRecordSQL($table, &$avalues, &$blobfields, $pageid, &$pageObject, &$cipherer)
{
global $error_happened, $conn, $inlineadd, $usermessage, $message, $failed_inline_add, $keys, $strTableName;
// make SQL string
$strSQL = "insert into " . AddTableWrappers($table) . " ";
$strFields = "(";
$strValues = "(";
$blobs = PrepareBlobs($avalues, $blobfields);
foreach ($avalues as $akey => $value) {
$strFields .= $pageObject->pSet->getTableField($akey) . ", ";
if (in_array($akey, $blobfields)) {
$strValues .= $value . ", ";
} else {
if (is_null($cipherer)) {
$strValues .= add_db_quotes($akey, $value) . ", ";
} else {
$strValues .= $cipherer->AddDBQuotes($akey, $value) . ", ";
}
}
}
if (substr($strFields, -2) == ", ") {
$strFields = substr($strFields, 0, strlen($strFields) - 2);
}
if (substr($strValues, -2) == ", ") {
$strValues = substr($strValues, 0, strlen($strValues) - 2);
}
$strSQL .= $strFields . ") values " . $strValues . ")";
if (!ExecuteUpdate($pageObject, $strSQL, $blobs, true)) {
return false;
}
if ($error_happened) {
return false;
}
$pageObject->ProcessFiles();
if ($inlineadd == ADD_INLINE) {
$status = "ADDED";
$message = "" . "Record was added" . "";
$IsSaved = true;
} else {
$message = "<<< " . "Record was added" . " >>>";
}
if ($usermessage != "") {
$message = $usermessage;
}
$auditObj = GetAuditObject($table);
if ($inlineadd == ADD_SIMPLE || $inlineadd == ADD_INLINE || $inlineadd == ADD_ONTHEFLY || $inlineadd == ADD_POPUP || $inlineadd == ADD_MASTER || tableEventExists("AfterAdd", $strTableName) || $auditObj) {
$failed_inline_add = false;
$keyfields = $pageObject->pSet->getTableKeys();
foreach ($keyfields as $k) {
if (array_key_exists($k, $avalues)) {
$keys[$k] = $avalues[$k];
} elseif ($pageObject->pSet->isAutoincField($k)) {
$lastrs = @db_query("SELECT lastval()", $conn);
if ($lastdata = db_fetch_numarray($lastrs)) {
$keys[$k] = $lastdata[0];
}
} else {
$failed_inline_add = true;
}
}
}
return true;
}
/**
* Get the WHERE clause conditions string for the search or suggest SQL query
* @param String SearchFor
* @param String strSearchOption
* @param String SearchFor2
* @param String etype
* @param Boolean isSuggest
*/
function SQLWhere($SearchFor, $strSearchOption, $SearchFor2, $etype, $isSuggest)
{
$baseResult = $this->baseSQLWhere($strSearchOption);
if ($baseResult === false) {
return "";
}
if ($baseResult != "") {
return $baseResult;
}
if (!strlen($SearchFor)) {
return "";
}
$value1 = $this->pageObject->cipherer->MakeDBValue($this->field, $SearchFor, $etype, true);
$value2 = false;
$cleanvalue2 = false;
if ($strSearchOption == "Between") {
$cleanvalue2 = prepare_for_db($this->field, $SearchFor2, $etype);
$value2 = make_db_value($this->field, $SearchFor2, $etype);
}
if ($strSearchOption != "Contains" && $strSearchOption != "Starts with" && ($value1 === "null" || $value2 === "null") && !$this->pageObject->cipherer->isFieldPHPEncrypted($this->field)) {
return "";
}
if (($strSearchOption == "Contains" || $strSearchOption == "Starts with") && !$this->isStringValidForLike($SearchFor)) {
return "";
}
$searchIsCaseInsensitive = $this->pageObject->pSetEdit->getNCSearch();
if (IsCharType($this->type) && !$this->btexttype) {
$gstrField = $this->getFieldSQLDecrypt();
if (!$this->pageObject->cipherer->isFieldPHPEncrypted($this->field) && $searchIsCaseInsensitive) {
$value1 = $this->connection->upper($value1);
$value2 = $this->connection->upper($value2);
$gstrField = $this->connection->upper($gstrField);
}
} elseif ($strSearchOption == "Contains" || $strSearchOption == "Starts with") {
$gstrField = $this->connection->field2char($this->getFieldSQLDecrypt(), $this->type);
} elseif ($this->pageObject->pSetEdit->getViewFormat($this->field) == FORMAT_TIME) {
$gstrField = $this->connection->field2time($this->getFieldSQLDecrypt(), $this->type);
} else {
$gstrField = $this->getFieldSQLDecrypt();
}
if ($strSearchOption == "Contains") {
if ($this->pageObject->cipherer->isFieldPHPEncrypted($this->field)) {
return $gstrField . "=" . $this->pageObject->cipherer->MakeDBValue($this->field, $SearchFor);
}
$SearchFor = $this->connection->escapeLIKEpattern($SearchFor);
if (IsCharType($this->type) && !$this->btexttype && $searchIsCaseInsensitive) {
return $gstrField . " " . $this->like . " " . $this->connection->upper($this->connection->prepareString("%" . $SearchFor . "%"));
}
return $gstrField . " " . $this->like . " " . $this->connection->prepareString("%" . $SearchFor . "%");
}
if ($strSearchOption == "Equals") {
return $gstrField . "=" . $value1;
}
if ($strSearchOption == "Starts with") {
$SearchFor = $this->connection->escapeLIKEpattern($SearchFor);
if (IsCharType($this->type) && !$this->btexttype && $searchIsCaseInsensitive) {
return $gstrField . " " . $this->like . " " . $this->connection->upper($this->connection->prepareString($SearchFor . "%"));
}
return $gstrField . " " . $this->like . " " . $this->connection->prepareString($SearchFor . "%");
}
if ($strSearchOption == "More than") {
return $gstrField . ">" . $value1;
}
if ($strSearchOption == "Less than") {
return $gstrField . "<" . $value1;
}
if ($strSearchOption == "Equal or more than") {
return $gstrField . ">=" . $value1;
}
if ($strSearchOption == "Equal or less than") {
return $gstrField . "<=" . $value1;
}
if ($strSearchOption == "Between") {
$ret = $gstrField . ">=" . $value1 . " and ";
if (IsDateFieldType($this->type)) {
$timeArr = db2time($cleanvalue2);
// for dates without time, add one day
if ($timeArr[3] == 0 && $timeArr[4] == 0 && $timeArr[5] == 0) {
$timeArr = adddays($timeArr, 1);
$value2 = $timeArr[0] . "-" . $timeArr[1] . "-" . $timeArr[2];
$value2 = add_db_quotes($this->field, $value2, $this->pageObject->tName);
$ret .= $gstrField . "<" . $value2;
} else {
$ret .= $gstrField . "<=" . $value2;
}
} else {
$ret .= $gstrField . "<=" . $value2;
}
return $ret;
}
return "";
}
/**
* insert record on Add page
* @param RunnerPage &pageObject
* @intellisense
*/
function DoInsertRecordSQLOnAdd(&$pageObject)
{
$table = $pageObject->pSet->getOriginalTableName();
$avalues = $pageObject->getNewRecordData();
$blobfields = $pageObject->getBlobFields();
// make SQL string
$strSQL = "insert into " . $pageObject->connection->addTableWrappers($table) . " ";
$strFields = "(";
$strValues = "(";
$blobs = PrepareBlobs($avalues, $blobfields, $pageObject);
foreach ($avalues as $akey => $value) {
$strFields .= $pageObject->getTableField($akey) . ", ";
if (in_array($akey, $blobfields)) {
$strValues .= $value . ", ";
} else {
if (is_null($pageObject->cipherer)) {
$strValues .= add_db_quotes($akey, $value) . ", ";
} else {
$strValues .= $pageObject->cipherer->AddDBQuotes($akey, $value) . ", ";
}
}
}
if (substr($strFields, -2) == ", ") {
$strFields = substr($strFields, 0, strlen($strFields) - 2);
}
if (substr($strValues, -2) == ", ") {
$strValues = substr($strValues, 0, strlen($strValues) - 2);
}
$strSQL .= $strFields . ") values " . $strValues . ")";
if (!ExecuteUpdate($pageObject, $strSQL, $blobs)) {
return false;
}
return true;
}
/**
* Check if the field's value duplicates with any of database field's values
*
* @param {String} $fieldName
* @param {String | Number} $value
* @retrun {Boolean}
*/
function hasDuplicateValue($fieldName, $value)
{
if ($this->cipherer->isFieldEncrypted($fieldName)) {
$value = $this->cipherer->MakeDBValue($fieldName, $value, "", true);
} else {
$value = add_db_quotes($fieldName, $value);
}
$where = $this->getFieldSQLDecrypt($fieldName) . '=' . $value;
$sql = "SELECT count(*) from " . $this->connection->addTableWrappers($this->pSet->getOriginalTableName()) . " where " . $where;
$data = $this->connection->query($sql)->fetchNumeric();
if (!$data[0]) {
return false;
}
return true;
}
/**
* Get the date slider's where
* @return string
*/
static function getDateSliderWhere($fName, $pSet, $cipherer, $table, $SearchFor, $SearchFor2, $strSearchOption, $fullFieldName)
{
$firstDelimPos = strpos($SearchFor, "-");
$lastDelimPos = strrpos($SearchFor, "-");
if ($firstDelimPos === FALSE || $firstDelimPos == $lastDelimPos) {
return "";
}
$stepType = $pSet->getFilterStepType($fName);
$timeValueEnvolved = false;
if ($stepType == FSST_SECONDS || $stepType == FSST_MINUTES || $stepType == FSST_HOURS) {
$timeValueEnvolved = true;
}
$value1 = $cipherer->MakeDBValue($fName, $SearchFor, "", true);
switch ($strSearchOption) {
case "slider":
$firstDelimPos = strpos($SearchFor2, "-");
$lastDelimPos = strrpos($SearchFor2, "-");
if ($firstDelimPos === FALSE || $firstDelimPos == $lastDelimPos) {
return "";
}
$cleanvalue2 = prepare_for_db($fName, $SearchFor2, "");
$timeArr = db2time($cleanvalue2);
if (!$timeValueEnvolved) {
// for dates without time, add one day
$timeArr = adddays($timeArr, 1);
$value2 = $timeArr[0] . "-" . $timeArr[1] . "-" . $timeArr[2];
} else {
if ($stepType == FSST_SECONDS) {
$timeArr = addSeconds($timeArr, 1);
} else {
$timeArr = addMinutes($timeArr, 1);
}
$dateString = $timeArr[0] . "-" . $timeArr[1] . "-" . $timeArr[2];
$hours = $timeArr[3] < 10 ? '0' . $timeArr[3] : $timeArr[3];
$minutes = $timeArr[4] < 10 ? '0' . $timeArr[4] : $timeArr[4];
$seconds = $timeArr[5] < 10 ? '0' . $timeArr[5] : $timeArr[5];
$timeString = $hours . ":" . $minutes . ":" . $seconds;
$value2 = $dateString . " " . $timeString;
}
$value2 = add_db_quotes($fName, $value2, $table);
return $fullFieldName . ">=" . $value1 . " and " . $fullFieldName . "<" . $value2;
case 'moreequal':
return $fullFieldName . ">=" . $value1;
case 'lessequal':
return $fullFieldName . "<=" . $value1;
default:
return "";
}
}
/**
* @param String field
* @param Mixed value
*/
public function AddDBQuotes($field, $value)
{
return $this->EncryptValueByDB($field, add_db_quotes($field, $this->EncryptField($field, $value), $this->strTableName));
}
/**
* Get the WHERE clause conditions string for the search or suggest SQL query
* @param String SearchFor
* @param String strSearchOption
* @param String SearchFor2
* @param String etype
* @param Boolean isSuggest
* @return String
*/
function SQLWhere($SearchFor, $strSearchOption, $SearchFor2, $etype, $isSuggest)
{
if ($this->lookupType == LT_LISTOFVALUES) {
return parent::SQLWhere($SearchFor, $strSearchOption, $SearchFor2, $etype, $isSuggest);
}
$baseResult = $this->baseSQLWhere($strSearchOption);
if ($baseResult === false) {
return "";
}
if ($baseResult !== "") {
return $baseResult;
}
if ($this->connection->dbType != nDATABASE_MySQL) {
$this->btexttype = IsTextType($this->type);
}
if ($this->multiselect && $strSearchOption != "Equals") {
$SearchFor = splitvalues($SearchFor);
} else {
$SearchFor = array($SearchFor);
}
$gstrField = $this->getFieldSQLDecrypt();
$gstrField = $this->getFieldSQLDecrypt();
if (($strSearchOption == "Starts with" || $strSearchOption == "Contains") && (!IsCharType($this->type) || $this->btexttype)) {
$gstrField = $this->connection->field2char($gstrField, $this->type);
}
$ret = "";
foreach ($SearchFor as $searchItem) {
$value = $searchItem;
if ($value == "null" || $value == "Null" || $value == "") {
continue;
}
if (strlen(trim($ret))) {
$ret .= " or ";
}
if (($strSearchOption == "Starts with" || $strSearchOption == "Contains") && !$this->multiselect) {
$value = $this->connection->escapeLIKEpattern($value);
if ($strSearchOption == "Starts with") {
$value .= '%';
}
if ($strSearchOption == "Contains") {
$value = '%' . $value . '%';
}
}
if ($strSearchOption != "Starts with" && $strSearchOption != "Contains") {
$value = make_db_value($this->field, $value);
}
$searchIsCaseInsensitive = $this->pageObject->pSetEdit->getNCSearch();
if ($strSearchOption == "Equals" && !($value == "null" || $value == "Null")) {
$condition = $gstrField . '=' . $value;
} else {
if (($strSearchOption == "Starts with" || $strSearchOption == "Contains") && !$this->multiselect) {
$condition = $gstrField . " " . $this->like . " " . $this->connection->prepareString($value);
} else {
if ($strSearchOption == "More than") {
$condition = $gstrField . " > " . $value;
} else {
if ($strSearchOption == "Less than") {
$condition = $gstrField . "<" . $value;
} else {
if ($strSearchOption == "Equal or more than") {
$condition = $gstrField . ">=" . $value1;
} else {
if ($strSearchOption == "Equal or less than") {
$condition = $gstrField . "<=" . $value1;
} else {
if ($strSearchOption == "Between") {
$value2 = $this->connection->prepareString($SearchFor2);
if ($this->lookupType == LT_QUERY && IsCharType($this->type) && !$this->btexttype && $searchIsCaseInsensitive) {
$value2 = $this->connection->upper($value2);
}
$condition = $gstrField . ">=" . $value . " and ";
if (IsDateFieldType($this->type)) {
$timeArr = db2time($SearchFor2);
// for dates without time, add one day
if ($timeArr[3] == 0 && $timeArr[4] == 0 && $timeArr[5] == 0) {
$timeArr = adddays($timeArr, 1);
$SearchFor2 = $timeArr[0] . "-" . $timeArr[1] . "-" . $timeArr[2];
$SearchFor2 = add_db_quotes($this->field, $SearchFor2, $this->tName);
$condition .= $gstrField . "<" . $SearchFor2;
} else {
$condition .= $gstrField . "<=" . $value2;
}
} else {
$condition .= $gstrField . "<=" . $value2;
}
} else {
if ($this->multiselect) {
if (strpos($value, ",") !== false || strpos($value, '"') !== false) {
$value = '"' . str_replace('"', '""', $value) . '"';
}
$fullFieldName = $this->getFieldSQLDecrypt();
$value = $this->connection->escapeLIKEpattern($value);
//for search by multiply Lookup wizard field
$ret .= $fullFieldName . " = " . $this->connection->prepareString($value);
$ret .= " or " . $fullFieldName . " " . $this->like . " " . $this->connection->prepareString("%," . $value . ",%");
$ret .= " or " . $fullFieldName . " " . $this->like . " " . $this->connection->prepareString("%," . $value);
$ret .= " or " . $fullFieldName . " " . $this->like . " " . $this->connection->prepareString($value . ",%");
}
}
}
}
}
}
}
}
if ($condition != "" && ($isSuggest || $strSearchOption == "Contains" || $strSearchOption == "Equals" || $strSearchOption == "Starts with" || $strSearchOption == "More than" || $strSearchOption == "Less than" || $strSearchOption == "Equal or more than" || $strSearchOption == "Equal or less than" || $strSearchOption == "Between")) {
if ($this->linkAndDisplaySame || $strSearchOption != "Contains" && $strSearchOption != "Starts with") {
$ret .= " " . $condition;
} else {
return "";
}
}
}
$ret = trim($ret);
if (strlen($ret)) {
$ret = "(" . $ret . ")";
}
return $ret;
}
function SQLWhere($SearchFor, $strSearchOption, $SearchFor2, $etype, $isSuggest)
{
if ($this->lookupType == LT_LISTOFVALUES) {
return parent::SQLWhere($SearchFor, $strSearchOption, $SearchFor2, $etype, $isSuggest);
}
$baseResult = $this->baseSQLWhere($strSearchOption);
if ($baseResult === false) {
return "";
}
if ($baseResult != "") {
return $baseResult;
}
$displayFieldType = $this->type;
if ($this->lookupType == LT_QUERY) {
$displayFieldType = $this->lookupPSet->getFieldType($this->field);
$this->btexttype = IsTextType($displayFieldType);
}
if ($this->multiselect) {
$SearchFor = splitvalues($SearchFor);
} else {
$SearchFor = array($SearchFor);
}
$ret = "";
if ($this->linkAndDisplaySame) {
$gstrField = GetFullFieldName($this->field, "", false);
} else {
$gstrField = GetFullFieldName($this->displayFieldName, $this->lookupTable, false);
}
if ($this->customDisplay) {
$gstrField = $this->lwDisplayFieldWrapped;
} else {
if (!$this->linkAndDisplaySame && $this->lookupType == LT_QUERY && IsCharType($displayFieldType) && !$this->btexttype && !$this->ciphererDisplay->isFieldPHPEncrypted($this->displayFieldName)) {
$gstrField = $this->lookupPSet->isEnableUpper(GetFullFieldName($this->displayFieldName, $this->lookupTable, false));
}
}
foreach ($SearchFor as $value) {
if (!($value == "null" || $value == "Null" || $value == "")) {
if (strlen(trim($ret))) {
$ret .= " or ";
}
if (!$this->multiselect) {
if ($strSearchOption == "Starts with") {
$value .= '%';
}
if ($isSuggest || $strSearchOption == "Contains") {
$value = '%' . $value . '%';
}
if ($isSuggest || $strSearchOption == "Contains" || $strSearchOption == "Starts with" || $strSearchOption == "More than" || $strSearchOption == "Less than" || $strSearchOption == "Equal or more than" || $strSearchOption == "Equal or less than" || $strSearchOption == "Between" || $strSearchOption == "Equals" && $this->LCType == LCT_AJAX && !$this->linkAndDisplaySame) {
$value = $this->escapeSearchValForMySQL($value);
if ($this->lookupType == LT_QUERY && IsCharType($displayFieldType) && !$this->btexttype) {
$value = $this->lookupPSet->isEnableUpper(db_prepare_string($value));
} else {
$value = db_prepare_string($value);
}
} else {
if ($strSearchOption == "Equals") {
$value = make_db_value($this->field, $value);
}
}
}
if ($strSearchOption == "Equals") {
if (!($value == "null" || $value == "Null")) {
if ($this->LCType == LCT_AJAX && !$this->linkAndDisplaySame) {
$condition = $gstrField . '=' . $value;
} else {
$condition = GetFullFieldName($this->field, "", false) . '=' . $value;
}
}
} else {
if ($strSearchOption == "Starts with" || $strSearchOption == "Contains" && !$this->multiselect) {
$condition = $gstrField . " " . $this->like . " " . $value;
} else {
if ($strSearchOption == "More than") {
$condition = $gstrField . " > " . $value;
} else {
if ($strSearchOption == "Less than") {
$condition = $gstrField . "<" . $value;
} else {
if ($strSearchOption == "Equal or more than") {
$condition = $gstrField . ">=" . $value1;
} else {
if ($strSearchOption == "Equal or less than") {
$condition = $gstrField . "<=" . $value1;
} else {
if ($strSearchOption == "Between") {
if ($this->lookupType == LT_QUERY && IsCharType($displayFieldType) && !$this->btexttype) {
$value2 = $this->lookupPSet->isEnableUpper(db_prepare_string($SearchFor2));
} else {
$value2 = db_prepare_string($SearchFor2);
}
$condition = $gstrField . ">=" . $value . " and ";
if (IsDateFieldType($this->type)) {
$timeArr = db2time($SearchFor2);
// for dates without time, add one day
if ($timeArr[3] == 0 && $timeArr[4] == 0 && $timeArr[5] == 0) {
$timeArr = adddays($timeArr, 1);
$SearchFor2 = $timeArr[0] . "-" . $timeArr[1] . "-" . $timeArr[2];
$SearchFor2 = add_db_quotes($this->field, $SearchFor2, $this->pageObject->tName);
$condition .= $gstrField . "<" . $SearchFor2;
} else {
$condition .= $gstrField . "<=" . $value2;
}
} else {
$condition .= $gstrField . "<=" . $value2;
}
} else {
if (strpos($value, ",") !== false || strpos($value, '"') !== false) {
$value = '"' . str_replace('"', '""', $value) . '"';
}
$value = $this->escapeSearchValForMySQL($value);
//for search by multiply Lookup wizard field
$ret .= GetFullFieldName($this->field, "", false) . " = " . db_prepare_string($value);
$ret .= " or " . GetFullFieldName($this->field, "", false) . " " . $this->like . " " . db_prepare_string("%," . $value . ",%");
$ret .= " or " . GetFullFieldName($this->field, "", false) . " " . $this->like . " " . db_prepare_string("%," . $value);
$ret .= " or " . GetFullFieldName($this->field, "", false) . " " . $this->like . " " . db_prepare_string($value . ",%");
}
}
}
}
}
}
}
if ($condition != "" && ($isSuggest || $strSearchOption == "Contains" || $strSearchOption == "Equals" || $strSearchOption == "Starts with" || $strSearchOption == "More than" || $strSearchOption == "Less than" || $strSearchOption == "Equal or more than" || $strSearchOption == "Equal or less than" || $strSearchOption == "Between")) {
if ($this->linkAndDisplaySame || $strSearchOption == "Equals" && $this->LCType != LCT_AJAX) {
$ret .= " " . $condition;
} else {
if ($this->lookupType == LT_QUERY) {
$lookupQueryObj = $this->lookupPSet->getSQLQuery();
$ret .= " EXISTS (" . $lookupQueryObj->toSql($condition . " and " . GetFullFieldName($this->linkFieldName, $this->lookupTable, false) . " = " . AddTableWrappers($this->pageObject->pSetEdit->getStrOriginalTableName()) . "." . AddFieldWrappers($this->field), '', null, false) . ")";
} else {
$ret .= " EXISTS (SELECT 1 as fld from " . AddTableWrappers($this->lookupTable) . " where " . $condition . " and " . $this->lwLinkField . " = " . AddTableWrappers($this->pageObject->pSetEdit->getStrOriginalTableName()) . "." . AddFieldWrappers($this->field) . ")";
}
}
}
}
}
if (strlen(trim($ret))) {
$ret = "(" . $ret . ")";
} else {
$ret = trim($ret);
}
return $ret;
}
/**
* insert record on Add & Register pages
* @intellisense
*/
function DoInsertRecordSQL($table,&$avalues,&$blobfields, $pageid, &$pageObject, &$cipherer, &$keys)
{
global $error_happened,$conn,$inlineadd,$message,$failed_inline_add,$strTableName;
// make SQL string
$strSQL = "insert into ".AddTableWrappers($table)." ";
$strFields="(";
$strValues="(";
$blobs = PrepareBlobs($avalues,$blobfields);
foreach($avalues as $akey=>$value)
{
$strFields .= $pageObject->pSet->getTableField($akey).", ";
if(in_array($akey, $blobfields))
$strValues.=$value.", ";
else
if(is_null($cipherer))
$strValues .= add_db_quotes($akey,$value).", ";
else
$strValues .= $cipherer->AddDBQuotes($akey,$value).", ";
}
if(substr($strFields,-2)==", ")
$strFields=substr($strFields,0,strlen($strFields)-2);
if(substr($strValues,-2)==", ")
$strValues=substr($strValues,0,strlen($strValues)-2);
$strSQL.=$strFields.") values ".$strValues.")";
if(!ExecuteUpdate($pageObject,$strSQL,$blobs,true))
return false;
if($error_happened)
return false;
$pageObject->ProcessFiles();
if ( $inlineadd==ADD_INLINE )
{
$status="ADDED";
$message=""."Record was added"."";
$IsSaved = true;
}
else
$message="<<< "."Record was added"." >>>";
$auditObj = GetAuditObject($table);
if($inlineadd==ADD_SIMPLE || $inlineadd==ADD_INLINE || $inlineadd==ADD_ONTHEFLY || $inlineadd==ADD_POPUP || $inlineadd==ADD_MASTER || tableEventExists("AfterAdd",$strTableName) || $auditObj)
{
$keys = prepareTableKeysAfterInsert($table, $avalues, $pageObject, $keys);
}
return true;
}
/**
* Check if the field's value duplicates with any of database field's values
*
* @param {String} $fieldName
* @param {String | Number} $value
* @retrun {Boolean}
*/
function hasDuplicateValue($fieldName, $value)
{
global $conn;
if($this->cipherer->isFieldEncrypted($fieldName))
{
$value = $this->cipherer->MakeDBValue($fieldName, $value, "", "", true);
}
else
{
$value = add_db_quotes($fieldName, $value);
}
$where = GetFullFieldName($fieldName, $this->tName, false).'='.$value;
$sql = "SELECT count(*) from ".AddTableWrappers($this->pSet->getOriginalTableName())." where ".$where;
$rs = db_query($sql, $conn);
$data = db_fetch_numarray($rs);
if(!$data[0])
{
return false;
}
return true;
}
/**
* Get the time slider's where
* @return string
*/
static function getTimeSliderWhere($fName, $pSet, $cipherer, $table, $SearchFor, $SearchFor2, $strSearchOption, $fullFieldName)
{
$firstDelimPos = strpos($SearchFor, ":");
$lastDelimPos = strrpos($SearchFor, ":");
if ($firstDelimPos === FALSE || $firstDelimPos == $lastDelimPos) {
return "";
}
$stepType = $pSet->getFilterStepType($fName);
$value1 = $cipherer->MakeDBValue($fName, $SearchFor, "", true);
switch ($strSearchOption) {
case "slider":
$firstDelimPos = strpos($SearchFor2, ":");
$lastDelimPos = strrpos($SearchFor2, ":");
if ($firstDelimPos === FALSE || $firstDelimPos == $lastDelimPos) {
return "";
}
$cleanvalue2 = prepare_for_db($fName, $SearchFor2, "");
$timeArr = parsenumbers($cleanvalue2);
if ($stepType == FSST_SECONDS) {
$timeArr = addSecondsToTime($timeArr, 1);
} else {
$timeArr = addMinutesToTime($timeArr, 1);
}
$hours = $timeArr[0] < 10 ? '0' . $timeArr[0] : $timeArr[0];
$minutes = $timeArr[1] < 10 ? '0' . $timeArr[1] : $timeArr[1];
$seconds = $timeArr[2] < 10 ? '0' . $timeArr[2] : $timeArr[2];
$value2 = $hours . ":" . $minutes . ":" . $seconds;
$value2 = add_db_quotes($fName, $value2, $table);
return $fullFieldName . ">=" . $value1 . " and " . $fullFieldName . "<" . $value2;
case 'moreequal':
return $fullFieldName . ">=" . $value1;
case 'lessequal':
return $fullFieldName . "<=" . $value1;
default:
return "";
}
}
