top.HEURIST.is_logged_in = function() {
        return <?php 
echo intval(is_logged_in());
?>
 > 0;
    };
    top.HEURIST.get_user_id = function() { return <?php 
echo intval(get_user_id());
?>
; };
    top.HEURIST.get_user_name = function() { return "<?php 
echo addslashes(get_user_name());
?>
"; };
    top.HEURIST.get_user_username = function() { return "<?php 
echo addslashes(get_user_username());
?>
"; };
    top.HEURIST.is_admin = function() { return <?php 
echo intval(is_admin());
?>
; };

    top.HEURIST.is_wgAdmin = function(wgID) {
        if(!top)  return false;
        
        var usrID = top.HEURIST.get_user_id(), j, i;
        if (wgID == 0 || usrID == wgID) return true;
        if (!top.HEURIST.workgroups || (wgID && !top.HEURIST.workgroups[wgID])) return false;
        var wgroups = wgID?[wgID]:top.HEURIST.user.workgroups;
	function prepareDbName(){
		$db_name = substr(get_user_username(),0,5);
		$db_name = preg_replace("/[^A-Za-z0-9_\$]/", "", $db_name);
		return $db_name;
	}
Beispiel #3
0
 function Auto(&$lexer, &$container)
 {
     parent::Component($lexer, $container);
     $this->name = $lexer->current_tagparams[0];
     $this->raw = $lexer->current_tagparams[1];
     if ($this->raw[0] == '"') {
         if ($this->raw[strlen($this->raw) - 1] != '"') {
             fatal("Improperly formatted string in " . $lexer->tagtext);
         }
         $this->_value = str_replace(array('\\"', '\\\\'), array('"', '\\'), substr($this->raw, 1, strlen($this->raw) - 2));
         $this->type = 'literal';
     } else {
         switch ($this->raw) {
             /* NB: we're taking a gamble here that these values won't change between parsing and updating ^_^ */
             case 'LOGGED_IN_USR_ID':
                 $this->_value = get_user_id();
                 $this->type = 'literal';
                 break;
             case 'LOGGED_IN_USR_NAME':
                 $this->_value = get_user_name();
                 $this->type = 'literal';
                 break;
             case 'LOGGED_IN_USR_USERNAME':
                 $this->_value = get_user_username();
                 $this->type = 'literal';
                 break;
             case 'CURRENT_TIME':
                 $this->_value = date('Y-m-d H:i:s');
                 $this->type = 'literal';
                 break;
             default:
                 $this->type = 'field';
         }
     }
 }
function is_modeluser()
{
    return get_user_username() == 'model_user';
}
 if (!$rec_id) {
     continue;
 }
 $res = mysql_query('select rec_Title,rec_AddedByUGrpID from Records where rec_ID = ' . $rec_id);
 $row = mysql_fetch_assoc($res);
 $rec_title = $row['rec_Title'];
 $owner = $row['rec_AddedByUGrpID'];
 $res = mysql_query('select ' . USERS_USERNAME_FIELD . ' from Records left join usrBookmarks on bkm_recID=rec_ID left join ' . USERS_DATABASE . '.' . USERS_TABLE . ' on ' . USERS_ID_FIELD . '=bkm_UGrpID where rec_ID = ' . $rec_id);
 $bkmk_count = mysql_num_rows($res);
 $bkmk_users = array();
 while ($row = mysql_fetch_assoc($res)) {
     array_push($bkmk_users, $row[USERS_USERNAME_FIELD]);
 }
 $refs_res = mysql_query('select dtl_RecID from recDetails left join defDetailTypes on dty_ID=dtl_DetailTypeID where  dty_Type="resource and dtl_Value=' . $rec_id . ' "');
 $refs = mysql_num_rows($refs_res);
 $allowed = is_admin() || $owner == get_user_id() && ($bkmk_count == 0 || $bkmk_count == 1 && $bkmk_users[0] == get_user_username());
 $is_checked = $bkmk_count <= 1 && $refs == 0 && $allowed;
 if ($is_checked) {
     $cnt_checked++;
 }
 print "<div" . (!$allowed ? ' class=greyed' : '') . ">";
 print ' <p><input type="checkbox" name="bib[]" value="' . $rec_id . '"' . ($is_checked ? ' checked' : '') . (!$allowed ? ' disabled' : ' onchange="onSelect(this)"') . '>';
 print ' ' . $rec_id . '<a target=_new href="' . HEURIST_BASE_URL . 'records/edit/editRecord.html?db=' . HEURIST_DBNAME . '&recID=' . $rec_id . '"><img src=' . HEURIST_BASE_URL . 'common/images/external_link_16x16.gif></a>';
 print ' ' . $rec_title . "</p>";
 print ' <p style="margin-left: 20px;"><b>' . $bkmk_count . '</b> bookmark' . ($bkmk_count == 1 ? '' : 's') . ($bkmk_count > 0 ? ':' : '') . "  ";
 print join(', ', $bkmk_users);
 print " </p>";
 if ($refs) {
     print ' <p style="margin-left: 20px;">Referenced by: ';
     while ($row = mysql_fetch_assoc($refs_res)) {
         print '  <a target=_new href="' . HEURIST_BASE_URL . 'records/edit/editRecord.html?db=' . HEURIST_DBNAME . '&recID=' . $row['dtl_RecID'] . '">' . $row['dtl_RecID'] . '</a>';
        if (@$_REQUEST['loginerror'] == '1') {
            print '<br/><font color="#ff0000">Incorrect Username / Password for source database</font>';
        }
        print "</div>";
    }
    print "&nbsp;&nbsp;<input type='submit' value='Continue'/>";
    print "</form>";
    exit;
}
// ----FORM 2 - MAPPINGS FORM ----------------------------------------------------------------------------------------
$sourcedbname = $_REQUEST['sourcedbname'];
if (!$is_h2) {
    //verify user+password for source database
    $usecurrentlogin = @$_REQUEST['samelogin'] == '1';
    if ($usecurrentlogin || !(@$_REQUEST['username'] and @$_REQUEST['password'])) {
        $username = get_user_username();
        //take from database
        $res = mysql_query('select * from ' . USERS_TABLE . ' where ' . USERS_USERNAME_FIELD . ' = "' . addslashes($username) . '"');
        $user = mysql_fetch_assoc($res);
        if ($user) {
            $password = $user[USERS_PASSWORD_FIELD];
        } else {
            $password = "";
        }
        $needcrypt = false;
    } else {
        $username = $_REQUEST['username'];
        $password = $_REQUEST['password'];
        $needcrypt = true;
        //(array_key_exists('mode', $_REQUEST) && $_REQUEST['mode']=='2');
    }
		<div class="advanced-search-row">
			<label for="notes">Notes:</label>
			<input id=notes name=notes onChange="update(this);" onKeyPress="return keypress(event);">
		</div>
-->

		<?php 
$groups = mysql__select_assoc(USERS_DATABASE . "." . USER_GROUPS_TABLE . " left join " . USERS_DATABASE . "." . GROUPS_TABLE . " on " . USER_GROUPS_GROUP_ID_FIELD . "=" . GROUPS_ID_FIELD, GROUPS_ID_FIELD, GROUPS_NAME_FIELD, USER_GROUPS_USER_ID_FIELD . "=" . get_user_id() . " and " . GROUPS_TYPE_FIELD . "='workgroup' order by " . GROUPS_NAME_FIELD);
if ($groups && count($groups) > 0) {
    ?>
		<div class="advanced-search-row">
				<label for="user">Owned&nbsp;by:</label>
				<select name="owner" id="owner" onChange="update(this);" style="width:200px;">
					<option value="" selected="selected">(any owner or ownergroup)</option>
					<option value="&quot;<?php 
    echo get_user_username();
    ?>
&quot;"><?php 
    echo get_user_name();
    ?>
</option>
					<?php 
    foreach ($groups as $id => $name) {
        ?>
						<option value="&quot;<?php 
        echo htmlspecialchars($name);
        ?>
&quot;"><?php 
        echo htmlspecialchars($name);
        ?>
</option>
Beispiel #8
0
/**
* Main function
*
* @param mixed $_REQUEST
*/
function executeSmartyTemplate($params)
{
    global $smarty, $outputfile, $isJSout, $rtStructs, $dtStructs, $dtTerms, $gparams, $max_allowed_depth, $publishmode, $execution_counter, $execution_total_counter, $session_id, $mysqli;
    set_time_limit(0);
    //no script execution time limit
    mysql_connection_overwrite(DATABASE);
    //AO: mysql_connection_select - does not work since there is no access to stored procedures(getTemporalDateString)
    //    which Steve used in some queries
    //TODO SAW  grant ROuser EXECUTE on getTemporalDate and any other readonly procs
    //load definitions (USE CACHE)
    //$rtStructs = getAllRectypeStructures(true);
    //$dtStructs = getAllDetailTypeStructures(true);
    //$dtTerms = getTerms(true);
    $params["f"] = 1;
    //always search (do not use cache)
    $isJSout = array_key_exists("mode", $params) && $params["mode"] == "js";
    //use javascript wrap
    $outputfile = array_key_exists("output", $params) ? $params["output"] : null;
    $publishmode = array_key_exists("publish", $params) ? intval($params['publish']) : 0;
    $emptysetmessage = array_key_exists("emptysetmessage", $params) ? $params['emptysetmessage'] : null;
    $gparams = $params;
    //keep to use in other functions
    if (!array_key_exists("limit", $params)) {
        //not defined
        if ($publishmode == 0) {
            $limit_for_interface = intval(@$_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']["display-preferences"]['smarty-output-limit']);
            if (!$limit_for_interface || $limit_for_interface < 1) {
                $limit_for_interface = 50;
                //default limit in dispPreferences
            }
            $params["limit"] = $limit_for_interface;
            //force limit
        } else {
            $params["limit"] = PHP_INT_MAX;
        }
    }
    if (@$params['recordset']) {
        //we already have the list of record ids
        if (is_array($params['recordset'])) {
            $qresult = $params['recordset'];
        } else {
            $qresult = json_decode($params['recordset'], true);
        }
        //truncate recordset  - limit does not work for publish mode
        if ($publishmode == 0 && $qresult && array_key_exists('recIDs', $qresult)) {
            $recIDs = explode(',', $qresult['recIDs']);
            if ($params["limit"] < count($recIDs)) {
                $qresult['recIDs'] = implode(',', array_slice($recIDs, 0, $params["limit"]));
            }
        }
    } else {
        if (@$params['h4'] == 1) {
            //search with h4 search engine and got list of ids
            /*    for future use
                  $params['detail']='ids';
                  $params['vo']='h3';
                  $qresult = recordSearch($system, $params);
                  */
            $url = "";
            foreach ($params as $key => $value) {
                $url = $url . $key . "=" . urlencode($value) . "&";
            }
            $url = HEURIST_BASE_URL . "hserver/controller/record_search.php?" . $url . "&detail=ids&vo=h3";
            $result = loadRemoteURLviaSocket($url);
            // loadRemoteURLContent($url);
            $qresult = json_decode($result, true);
        } else {
            $qresult = loadSearch($params);
            //from search/getSearchResults.php - loads array of records based og GET request
        }
    }
    // EMPTY RESULT SET - EXIT
    if (!$qresult || !array_key_exists('recIDs', $qresult) && !array_key_exists('records', $qresult) || $qresult['resultCount'] == 0) {
        if ($emptysetmessage) {
            $error = $emptysetmessage;
            // allows publisher of URL to customise the message if no records retrieved
        } else {
            if ($publishmode > 0) {
                $error = "<b><font color='#ff0000'>Note: There are no records in this view. The URL will only show records to which the viewer has access. Unless you are logged in to the database, you can only see records which are marked as Public visibility</font></b>";
            } else {
                $error = "<b><font color='#ff0000'>Search or Select records to see template output</font></b>";
            }
        }
        if ($isJSout) {
            $error = add_javascript_wrap4($error, null);
        }
        if ($publishmode > 0 && $outputfile != null) {
            //save empty output into file
            save_report_output2($error . "<div style=\"padding:20px;font-size:110%\">Currently there are no results</div>");
        } else {
            echo $error;
        }
        exit;
    }
    //get name of template file
    $template_file = array_key_exists('template', $params) ? $params['template'] : null;
    //get template body from request (for execution from editor)
    $template_body = array_key_exists('template_body', $params) ? $params['template_body'] : null;
    if (null != $template_file) {
        if (substr($template_file, -4) != ".tpl") {
            $template_file = $template_file . ".tpl";
        }
        if (file_exists(HEURIST_SMARTY_TEMPLATES_DIR . $template_file)) {
            $content = file_get_contents(HEURIST_SMARTY_TEMPLATES_DIR . $template_file);
        } else {
            $error = "<b><font color='#ff0000'>Template file {$template_file} does not exist</font></b>";
            echo $error;
            if ($publishmode > 0 && $outputfile != null) {
                //save empty output into file
                save_report_output2($error);
            }
            exit;
        }
    } else {
        $content = $template_body;
    }
    //verify that template has new features
    //need to detect $heurist->getRecord - if it is not found this is old version - show error message
    if (strpos($content, '$heurist->getRecord(') === false) {
        $error = '<p>To improve performance we have made some small changes to the report template specifications (July 2016).</p>' . '<p>You will need to add  {$r = $heurist->getRecord($r)}  immediately after the start of the main record loop, like this:<p/>' . '{*------------------------------------------------------------*}' . '<br/>{foreach $results as $r}' . '<br/><b>{$r = $heurist->getRecord($r)}</b>' . '<br/>{*------------------------------------------------------------*}' . '<p>and similar expressions for record pointer loops - example: {$r.f103 = $heurist->getRecord($r.f103)}</p>' . '<p>Please generate a new report to obtain an example of the syntax, or simply send your report template to ' . '<br/>support at HeuristNetwork dot org and we will adjust the template for you.</p>';
        if ($publishmode > 0 && $outputfile != null) {
            save_report_output2($error);
        } else {
            echo $error;
        }
        exit;
    }
    $k = strpos($content, "{*depth");
    $kp = 8;
    if (is_bool($k) && !$k) {
        $k = strpos($content, "{* depth");
        $kp = 9;
    }
    if (is_numeric($k) && $k >= 0) {
        $nd = substr($content, $k + $kp, 1);
        //strpos($content,"*}",$k)-$k-8);
        if (is_numeric($nd) && $nd < 3) {
            $max_allowed_depth = $nd;
        }
    }
    //end pre-parsing of template
    $mysqli = mysqli_connection_overwrite(DATABASE);
    if ($publishmode == 0 && $session_id != null) {
        updateProgress($mysqli, $session_id, true, '0,0');
    }
    //convert to array that will assigned to smarty variable
    if (array_key_exists('recIDs', $qresult)) {
        $results = explode(",", $qresult["recIDs"]);
        $execution_total_counter = count($results);
        /* OLD WAY
                $records =  explode(",", $qresult["recIDs"]);
                $results = array();
                $k = 0;
                $execution_total_counter = count($records); //'tot_count'=>$tot_count,
        
                foreach ($records as $recordID){
        
                    if(smarty_function_progress(array('done'=>$k), $smarty)){
                        echo 'Execution was terminated';
                        return;
                    }
        
                    $rec = loadRecord($recordID, false, true); //from search/getSearchResults.php
        
                    $res1 = getRecordForSmarty($rec, 0, $k);
                    $res1["recOrder"]  = $k;
                    $k++;
                    array_push($results, $res1);
                }
        */
    } else {
        $records = $qresult["records"];
        $execution_total_counter = count($records);
        //'tot_count'=>$tot_count,
        //v5.5+ $results =  array_column($records, 'recID');
        $results = array_map(function ($value) {
            return @$value['recID'] ? $value['recID'] : array();
        }, $records);
        /*  OLD WAY        
                $records =  $qresult["records"];
                $execution_total_counter = count($records); //'tot_count'=>$tot_count,
                $results = array();
                $k = 0;
                foreach ($records as $rec){
        
                    if(smarty_function_progress(array('done'=>$k), $smarty)){
                        echo 'Execution was terminated';
                        return;
                    }
        
                    $res1 = getRecordForSmarty($rec, 0, $k);
                    $res1["recOrder"]  = $k;
                    $k++;
                    array_push($results, $res1);
                }
        */
    }
    //activate default template - generic list of records
    //we have access to 2 methods getRecord and getRelatedRecords
    $heuristRec = new ReportRecord();
    //$smarty->registerObject('heurist', $heuristRec, array('getRecord'), false);
    $smarty->assignByRef('heurist', $heuristRec);
    $smarty->assign('results', $results);
    //assign
    //$smarty->getvar()
    ini_set('display_errors', 'false');
    // 'stdout' );
    $smarty->error_reporting = 0;
    if ($template_body) {
        //execute template from string - modified template in editor
        //error report level: 1 notices, 2 all, 3 debug mode
        $replevel = array_key_exists('replevel', $params) ? $params['replevel'] : 0;
        if ($replevel == "1" || $replevel == "2") {
            ini_set('display_errors', 'true');
            // 'stdout' );
            $smarty->debugging = false;
            if ($replevel == "2") {
                $smarty->error_reporting = E_ALL & ~E_STRICT & ~E_NOTICE;
            } else {
                $smarty->error_reporting = E_NOTICE;
            }
        } else {
            $smarty->debugging = $replevel == "3";
        }
        $smarty->debug_tpl = dirname(__FILE__) . '/debug_html.tpl';
        //save temporary template
        //this is user name $template_file = "_temp.tpl";
        $template_file = "_" . get_user_username() . ".tpl";
        $file = fopen($smarty->template_dir . $template_file, "w");
        fwrite($file, $template_body);
        fclose($file);
        //$smarty->display('string:'.$template_body);
    } else {
        // usual way - from file
        if (!$template_file) {
            $template_file = 'test01.tpl';
        }
        $smarty->debugging = false;
        $smarty->error_reporting = 0;
        if ($outputfile != null) {
            $smarty->registerFilter('output', 'smarty_output_filter');
        } else {
            if ($isJSout) {
                $smarty->registerFilter('output', 'add_javascript_wrap5');
            }
        }
    }
    //DEBUG
    $smarty->registerFilter('post', 'smarty_post_filter');
    if ($publishmode == 0 && $session_id != null) {
        updateProgress($mysqli, $session_id, true, '0,' . count($results));
        /*session_start();
          $_SESSION[HEURIST_SESSION_DB_PREFIX.'heurist']['smarty_progress2'] = '0,'.count($results);
          session_write_close();*/
    }
    $execution_counter = -1;
    $execution_total_counter = count($results);
    try {
        $smarty->display($template_file);
    } catch (Exception $e) {
        echo 'Exception on execution: ', $e->getMessage(), "\n";
    }
    if ($publishmode == 0 && $session_id != null) {
        updateProgress($mysqli, $session_id, false, 'REMOVE');
    }
    $mysqli->close();
}
Beispiel #9
0
/**
 * description
 * @global    type description of global variable usage in a function
 * @staticvar type [$varname] description of static variable usage in function
 * @param     type [$varname] description
 * @return    type description
 * @link      URL
 * @see       name of another element (function or object) used in this function
 * @throws    list of exceptions thrown in this code
 * @uses      code_element_name description of use
 */
function outputDetail($dt, $value, $rt, $recInfos, $depth = 0, $outputStub, $parentID)
{
    global $DTN, $DTT, $TL, $RQS, $INV, $GEO_TYPES, $MAX_DEPTH, $INCLUDE_FILE_CONTENT, $SUPRESS_LOOPBACKS, $relTypDT;
    $attrs = array('id' => $dt, 'conceptID' => getDetailTypeConceptID($dt));
    if (array_key_exists($dt, $DTN)) {
        $attrs['type'] = $DTN[$dt];
    }
    if (array_key_exists($rt, $RQS) && array_key_exists($dt, $RQS[$rt])) {
        $attrs['name'] = $RQS[$rt][$dt];
    }
    if ($dt === $relTypDT && array_key_exists($value, $INV) && $INV[$value] && array_key_exists($INV[$value], $TL)) {
        //saw Enum change
        $attrs['inverse'] = $TL[$INV[$value]]['trm_Label'];
        $attrs['invTermConceptID'] = getTermConceptID($INV[$value]);
    }
    if (is_array($value)) {
        if (array_key_exists('id', $value)) {
            // record pointer
            $attrs['isRecordPointer'] = "true";
            if ($MAX_DEPTH == 0 && $outputStub) {
                openTag('detail', $attrs);
                outputRecordStub($recInfos[$value['id']]['record']);
                closeTag('detail');
            } else {
                makeTag('detail', $attrs, $value['id']);
            }
        } else {
            if (array_key_exists('file', $value)) {
                $file = $value['file'];
                if (@$_REQUEST['includeresources'] == '1' && @$_REQUEST['mode'] == '1') {
                    $file = get_uploaded_file_info_internal($file['id'], false);
                    if ($file['fullpath'] && file_exists($file['fullpath'])) {
                        //backup file inot backup/user folder
                        $folder = HEURIST_UPLOAD_DIR . "backup/" . get_user_username() . "/";
                        $path_parts = pathinfo($file['fullpath']);
                        $file['URL'] = $path_parts['basename'];
                        $filename_bk = $folder . $file['URL'];
                        copy($file['fullpath'], $filename_bk);
                        unset($file['thumbURL']);
                    }
                }
                openTag('detail', $attrs);
                openTag('file');
                makeTag('id', null, $file['id']);
                makeTag('nonce', null, $file['nonce']);
                makeTag('origName', null, $file['origName']);
                if (@$file['mimeType']) {
                    makeTag('mimeType', null, $file['mimeType']);
                }
                if (@$file['fileSize']) {
                    makeTag('fileSize', array('units' => 'kB'), $file['fileSize']);
                }
                if (@$file['date']) {
                    makeTag('date', null, $file['date']);
                }
                if (@$file['description']) {
                    makeTag('description', null, $file['description']);
                }
                if (@$file['URL']) {
                    makeTag('url', null, $file['URL']);
                }
                if (@$file['thumbURL']) {
                    makeTag('thumbURL', null, $file['thumbURL']);
                }
                if ($INCLUDE_FILE_CONTENT !== false && $INCLUDE_FILE_CONTENT >= $depth) {
                    makeFileContentNode($file);
                }
                closeTag('file');
                closeTag('detail');
            } else {
                if (array_key_exists('geo', $value)) {
                    openTag('detail', $attrs);
                    openTag('geo');
                    makeTag('type', null, $GEO_TYPES[$value['geo']['type']]);
                    makeTag('wkt', null, $value['geo']['wkt']);
                    closeTag('geo');
                    closeTag('detail');
                }
            }
        }
    } else {
        if ($DTT[$dt] === 'date') {
            openTag('detail', $attrs);
            if (strpos($value, "|") === false) {
                outputDateDetail($attrs, $value);
            } else {
                outputTemporalDetail($attrs, $value);
            }
            closeTag('detail');
        } else {
            if ($DTT[$dt] === 'resource') {
                $attrs['isRecordPointer'] = "true";
                if ($MAX_DEPTH == 0 && $outputStub) {
                    openTag('detail', $attrs);
                    outputRecordStub($recInfos[$value['id']]['record']);
                    closeTag('detail');
                } else {
                    makeTag('detail', $attrs, $value['id']);
                }
            } else {
                if (($DTT[$dt] === 'enum' || $DTT[$dt] === 'relationtype') && array_key_exists($value, $TL)) {
                    $attrs['termID'] = $value;
                    $attrs['termConceptID'] = getTermConceptID($value);
                    if (@$TL[$value]['trm_ParentTermID']) {
                        $attrs['ParentTerm'] = $TL[$TL[$value]['trm_ParentTermID']]['trm_Label'];
                    }
                    makeTag('detail', $attrs, $TL[$value]['trm_Label']);
                } else {
                    makeTag('detail', $attrs, replaceIllegalChars($value));
                }
            }
        }
    }
}
Beispiel #10
0
/**
* Main function
*
* @param mixed $_REQUEST
*/
function executeSmartyTemplate($params)
{
    global $smarty, $outputfile, $isJSout, $rtStructs, $dtStructs, $dtTerms, $gparams;
    mysql_connection_overwrite(DATABASE);
    //AO: mysql_connection_select - does not work since there is no access to stored procedures(getTemporalDateString) Steve uses in some query
    //TODO SAW  grant ROuser EXECUTE on getTemporalDate and any other readonly procs
    //load definitions (USE CACHE)
    $rtStructs = getAllRectypeStructures(true);
    $dtStructs = getAllDetailTypeStructures(true);
    $dtTerms = getTerms(true);
    $params["f"] = 1;
    //always search (do not use cache)
    $isJSout = array_key_exists("mode", $params) && $params["mode"] == "js";
    //use javascript wrap
    $outputfile = array_key_exists("output", $params) ? $params["output"] : null;
    $publishmode = array_key_exists("publish", $params) ? intval($params['publish']) : 0;
    $gparams = $params;
    //keep to use in other functions
    if (!array_key_exists("limit", $params)) {
        //not defined
        $limit = intval(@$_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']["display-preferences"]['report-output-limit']);
        if (!$limit || $limit < 1) {
            $limit = 1000;
            //default limit in dispPreferences
        }
        $params["limit"] = $limit;
        //force limit
    }
    $qresult = loadSearch($params);
    //from search/getSearchResults.php - loads array of records based og GET request
    /*****DEBUG****/
    //error_log(print_r($qresult,true));
    if (!array_key_exists('records', $qresult) || $qresult['resultCount'] == 0) {
        if ($publishmode > 0) {
            $error = "<b><font color='#ff0000'>Note: There are no records in this view. The URL will only show records to which the viewer has access. Unless you are logged in to the database, you can only see records which are marked as Public visibility</font></b>";
        } else {
            $error = "<b><font color='#ff0000'>Search or Select records to see template output</font></b>";
        }
        if ($isJSout) {
            $error = add_javascript_wrap4($error, null);
        }
        echo $error;
        if ($publishmode > 0 && $outputfile != null) {
            //save empty outpurt inot file
            save_report_output2("<div style=\"padding:20px;font-size:110%\">Currently there are no results</div>");
        }
        exit;
    }
    //get name of template file
    $template_file = array_key_exists('template', $params) ? $params['template'] : null;
    //get template body from request (for execution from editor)
    $template_body = array_key_exists('template_body', $params) ? $params['template_body'] : null;
    //convert to array that will assigned to smarty variable
    $records = $qresult["records"];
    $results = array();
    $k = 0;
    foreach ($records as $rec) {
        $res1 = getRecordForSmarty($rec, 0, $k);
        $k++;
        array_push($results, $res1);
    }
    //activate default template - generic list of records
    $smarty->assign('results', $results);
    ini_set('display_errors', 'false');
    // 'stdout' );
    $smarty->error_reporting = 0;
    if ($template_body) {
        //execute template from string - modified temoplate in editor
        /*****DEBUG****/
        //error_log(">>>".$template_body."<<<");
        /*****DEBUG****/
        //error_log(">>>>>>>".$replevel."<<<<<<");
        //error report level: 1 notices, 2 all, 3 debug mode
        $replevel = array_key_exists('replevel', $params) ? $params['replevel'] : 0;
        if ($replevel == "1" || $replevel == "2") {
            ini_set('display_errors', 'true');
            // 'stdout' );
            $smarty->debugging = false;
            if ($replevel == "2") {
                $smarty->error_reporting = E_ALL & ~E_STRICT & ~E_NOTICE;
            } else {
                $smarty->error_reporting = E_NOTICE;
            }
        } else {
            $smarty->debugging = $replevel == "3";
        }
        $smarty->debug_tpl = dirname(__FILE__) . '/debug_html.tpl';
        //save temporary template
        //this is user name $template_file = "_temp.tpl";
        $template_file = "_" . get_user_username() . ".tpl";
        $file = fopen($smarty->template_dir . $template_file, "w");
        fwrite($file, $template_body);
        fclose($file);
        //$smarty->display('string:'.$template_body);
    } else {
        // usual way - from file
        if (!$template_file) {
            $template_file = 'test01.tpl';
        }
        $smarty->debugging = false;
        $smarty->error_reporting = 0;
        if ($outputfile != null) {
            $smarty->registerFilter('output', 'save_report_output');
        } else {
            if ($isJSout) {
                $smarty->registerFilter('output', 'add_javascript_wrap5');
            }
        }
        //$smarty->unregisterFilter('post','add_javascript_wrap');
    }
    try {
        $smarty->display($template_file);
    } catch (Exception $e) {
        echo 'Exception on execution: ', $e->getMessage(), "\n";
    }
    //$tpl_vars = $smarty->get_template_vars();
    //var_dump($tpl_vars);
    //DEBUG stuff
    //@todo - return the list of record types - to obtain the applicable templates
    //echo "query result = ".print_r($qresult,true)."\n";
    //header("Content-type: text/javascript");
    //header('Content-type: text/html; charset=utf-8');
    //echo json_format( $qresult, true);
    //echo "<br/>***<br/>";
    //echo json_format( $results, true);
    //END DEBUG stuff
}