/** * Deletes file identified with id. * * Checks 'mother table' whether this is allowed * Also deletes entries in index table for this file * Returns name of deleted file on succes */ function delete_file($db, $fileid, $USER) { global $system_settings; $tableid = get_cell($db, 'files', 'tablesfk', 'id', $fileid); $tabledesc = get_cell($db, 'tableoftables', 'table_desc_name', 'id', $tableid); $ftableid = get_cell($db, 'files', 'ftableid', 'id', $fileid); // bail out when file was not found if (!$ftableid) { return false; } $columnid = get_cell($db, 'files', 'ftablecolumnid', 'id', $fileid); $associated_table = get_cell($db, $tabledesc, 'associated_table', 'id', $columnid); $filename = get_cell($db, 'files', 'filename', 'id', $fileid); if (!may_write($db, $tableid, $ftableid, $USER)) { return false; } @unlink($system_settings['filedir'] . "/{$fileid}" . "_{$filename}"); // even if unlink fails we should really remove the entry from the database: $db->Execute("DELETE FROM files WHERE id={$fileid}"); // if this was an image: $db->Execute("DELETE FROM images WHERE id={$fileid}"); // remove indexing of file content $db->Execute("DELETE FROM {$associated_table} WHERE fileid={$fileid}"); return $filename; }
echo "<input type='radio' name='pkeypolicy' value='addall' checked> Ignore 'Match Field', add all new records</input></td></tr>\n"; echo "<tr><th>Skip first line?</th>\n"; echo "<td><input type='radio' name='skipfirstline' value='yes' checked> Yes</input></td>\n"; echo "<td><input type='radio' name='skipfirstline' value='no'> No</input></td></tr>\n"; echo "<tr><td colspan=5 align='center'><input type='submit' name='assign' value='Import Data'></input></td></tr>\n"; echo "</table>\n</form>\n<br>\n"; } else { echo "<h3>Problems with file upload, please try again.</h3>\n"; } printfooter(); exit; } else { $string = "Please enter all fields"; } } if ($USERAS && !may_write($db, $tableid, false, $USERAS)) { $string .= "Error: The selected user may not write to the selected database. "; } // Page with file to be uploaded, delimiter, table, and owner (Part 1) echo "<h3 align='center'>{$string}</h3>"; echo "<h3 align='center'>Import Data(1): Select File, delimiter, and Table to import data into</h3>\n"; echo "<form method='post' id='importdata' enctype='multipart/form-data' "; $dbstring = $PHP_SELF; echo "action='{$dbstring}?" . SID . "'>\n"; echo "<table align='center' border='0' cellpadding='5' cellspacing='0'>\n"; echo "<tr>\n"; echo "<th>File with data</th>\n"; echo "<th>Delimiter</th>\n"; echo "<th>Quotes around field</th>\n"; echo "<th>Table</th>\n"; echo "<th>Assign new records to:</th>\n";
* datatype */ // main includes require './include.php'; require './includes/db_inc.php'; $tableinfo = new tableinfo($db, false, $_POST['tableid']); // don't have these fields changed: $forbidden_fields = array('id', 'ownerid'); if (in_array($_POST['field'], $forbidden_fields)) { return false; } if ($_POST['datatype'] == 'date') { $_POST['newvalue'] = strtotime($_POST['newvalue']); } //$db->debug=true; if (may_see_table($db, $USER, $tableinfo->id) && may_write($db, $tableinfo->id, $_post['recordid'], $USER)) { if ($_POST['datatype'] == 'mpulldown') { // $newvalue is a comma separated list with ids of the selected items // remove the last (extra) comma) $_POST['newvalue'] = substr($_POST['newvalue'], 0, -1); $valueArray = explode(',', $_POST['newvalue']); // figure out name of keytable $keytable = get_cell($db, $tableinfo->desname, 'key_table', 'columnname', $_POST['field']); if ($keytable) { update_mpulldown($db, $keytable, $_POST['recordid'], $valueArray); } } else { // if the value is really empty, set to NULL, this is essential for numeric fields if ($_POST['newvalue'] == '') { $result = $db->Execute("UPDATE {$tableinfo->realname} SET {$_POST['field']}=NULL WHERE id={$_POST['recordid']}"); } else {
/** * Prints a form with addition stuff * * $fields is a comma-delimited string with column names * $field_values is hash with column names as keys * $id=0 for a new entry, otherwise it is the id */ function add_g_form($db, $tableinfo, $field_values, $id, $USER, $PHP_SELF, $system_settings) { if (!may_write($db, $tableinfo->id, $id, $USER)) { return false; } if ($id) { $Allfields = getvalues($db, $tableinfo, $tableinfo->fields, id, $id); $namein = get_cell($db, $tableinfo->desname, "title", "id", $id); display_add($db, $tableinfo, $Allfields, $id, $namein, $system_settings); } else { $Allfields = getvalues($db, $tableinfo, $tableinfo->fields); display_add($db, $tableinfo, $Allfields, $id, "", $system_settings); } }
$actionLink = 'tablename=' . $tableinfo->name; if ($sid) { $actionLink .= '&' . $sid; } // output javascript to cpature enter key and use it start Search: echo "<script type='text/javascript' language='JavaScript'>\n function searchOnEnter(e) {\n var pK = e? e.which: window.event.keyCode;\n var node = (e.target) ? e.target : ((e.srcElement) ? e.srcElement : null);\n if (pK == 13 && !(node.type==\"textarea\") ) { \n document.g_form.searchj.value=\"Search\"; \n document.g_form.submit();\n }\n }\n document.onkeypress = searchOnEnter;\n if (document.layers)\n document.captureEvents(Event.KEYPRESS);\n </script>\n "; // print form; //$dbstring=$PHP_SELF."?"."tablename=$tableinfo->name&"; $formname = 'g_form'; // NS 2015-02-24: change method from GET to POST, not sure if there are side-effects echo "<form name='{$formname}' method='POST' id='generalform' enctype='multipart/form-data' action='{$PHP_SELF}?{$actionLink}&copyPOST=true'>\n"; echo "<input type='hidden' name='tablename' value='{$tableinfo->name}'>\n"; echo "<input type='hidden' name='md' value='{$md}'>\n"; echo "<table border='0' width='75%' align='center'>\n<tr>\n"; // variable md contains edit/view mode setting. Propagated to remember state. md can only be changed as a get variable $may_write = may_write($db, $tableinfo->id, false, $USER); if ($may_write) { $modetext = "<a href='{$PHP_SELF}?tablename={$tableinfo->name}&md="; } if ($md == 'edit') { $tabletext = 'Now Editing Table: '; if ($may_write) { $modetext .= "view&" . SID . "'>(to view mode)</a>\n"; } else { $modetext = ""; } } else { $tabletext = 'Now Viewing Table: '; if ($may_write) { $modetext .= "edit'>(to edit mode)</a>\n"; }