function charToHtml($input) { /* Certain characters need to be converted to prevent breaking html code. " & ' < > This works on strings and arrays. */ global $debug; if (is_array($input)) { foreach ($input as $key => &$value) { //Be sure to use the & character so the changes apply to the value and not a reference. if (is_array($value)) { charToHtml($value); } else { $value = htmlspecialchars($value); } } } else { $input = htmlspecialchars($input); } return $input; }
function buildFaqs() { //Build the "add faq" section. global $debug, $message, $Dbc; $output = '<div class="center relative"> Create a new FAQ item: <div class="break textCenter border roundedCorners" style="padding:5px;"> <div class="left"> Add a new topic: <input autocapitalize="on" autocorrect="off" id="addTopic" type="text" size="20"> <input id="addTopicButton" type="button" value="Add Topic"> </div> <div class="right">Delete a topic: <span id="deleteTopicSpan">' . topicsDropDown('deleteTopicDropDown', '', '') . ' </span><input id="deleteTopicButton" type="button" value="Delete Topic"> </div> <div class="textLeft break" style="padding-top:10px;"> Choose a topic: <span id="chooseTopicSpan">' . topicsDropDown('chooseTopicDropDown', '', '') . '</span> </div> <div class="break"> <span class="faqEditQ" style="vertical-align:top">Q: </span><textarea class="faqEditQuestion border blue" id="addQ" rows="2"></textarea> </div> <span class="faqEditA" style="vertical-align:top">A: </span><textarea class="faqEditAnswer" id="addA" rows="5"></textarea> <div class="textCenter"><button id="addFaqButton" type="button">Add New FAQ</button></div> </div> </div> '; //Now the faqs. $faqs = array(); $topics = getTopics(); try { $stmt = $Dbc->query("SELECT\n\tfaqTopics.topicId AS 'topicId',\n\tfaqTopics.topic AS 'topic',\n\tfaqs.faqId AS 'faqId',\n\tfaqs.q AS 'q',\n\tfaqs.a AS 'a'\nFROM\n\tfaqs\nJOIN faqTopics ON faqs.topicId = faqTopics.topicId\nORDER BY faqTopics.topic"); $lastTopic = ''; $bgColor = ''; while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) { $row = charToHtml($row); //Certain characters need to be converted to prevent breaking html code. " & ' < > $middle = '<input autocapitalize="off" autocorrect="off" id="topic' . $row['topicId'] . '" type="text" size="18" value="' . $row['topic'] . '" class="topic"> <input id="topicId' . $row['topicId'] . '" topicid="' . $row['topicId'] . '" type="button" value="Modify Topic">'; if ($row['topic'] != $lastTopic && !empty($lastTopic)) { $output .= ' </ul> </li> <li class="relative"> ' . $middle . ' '; } elseif ($row['topic'] != $lastTopic) { $output .= ' <ol> <li class="relative"> ' . $middle . ' '; } //Create the Q & A section. if ($bgColor == COLORGRAY) { $bgColor = 'white'; } else { $bgColor = COLORGRAY; } $output .= ' <div class="faqEdit roundedCorners" id="faqId' . $row['faqId'] . '" style="background-color:#' . $bgColor . ';"> <div> <span class="faqEditQ">Q: </span><textarea class="faqEditQuestion" style="background-color:#' . $bgColor . '"id="q' . $row['faqId'] . '" rows="2">' . $row['q'] . '</textarea> </div> <div> <span class="faqEditA">A: </span><textarea class="faqEditAnswer" style="background-color:#' . $bgColor . '"id="a' . $row['faqId'] . '" rows="5">' . $row['a'] . '</textarea> </div> <div>See also: <input id="seeAlso' . $row['faqId'] . '" style="width:"10em"></div> <div class="faqEditId">FAQ Id: ' . $row['faqId'] . '</div> <div class="textCenter"> <span class="textSmall">Move to topic:</span>'; $output .= ' <select id="topicDropDown' . $row['faqId'] . '"> '; foreach ($topics as $key2 => $row2) { $output .= '<option value="' . $key2 . '"'; if ($row2 == $row['topic']) { $output .= ' selected="selected"'; } $output .= '>' . $row2 . '</option>'; } $output .= ' </select> '; $output .= '<input id="modifyFaq' . $row['faqId'] . '" faqid="' . $row['faqId'] . '" type="button" value="Modify FAQ"> <input id="deleteFaq' . $row['faqId'] . '" type="button" value="Delete FAQ"> </div> </div> '; $lastTopic = $row['topic']; } } catch (PDOException $e) { error(__LINE__, '', '<pre>' . $e . '</pre>'); } $debug->printArray($faqs, '$faqs'); $output .= ' </li> </ol> <div> </div> '; return $output; }
function editLinePart1() { //Build the edit line div. global $debug, $message, $success, $Dbc, $returnThis; $output = ''; try { if (!isset($_SESSION['listRoleId']) || $_SESSION['listRoleId'] < 2) { throw new Adrlist_CustomException("Your role doesn't allow you to edit this list.", ''); } elseif (empty($_POST['lineId'])) { throw new Adrlist_CustomException('', 'editLinePart1: $_POST[\'lineId\'] is empty.'); } $lineId = intval($_POST['lineId']); $stmt = $Dbc->prepare("SELECT\n\tlinesTable.charId AS 'charId',\n\tlinesTable.lineId as lineId,\n\tlinesTable.reel AS 'reel',\n\tlinesTable.scene AS 'scene',\n\tlinesTable.tcIn AS 'tcIn',\n\tlinesTable.tcOut AS 'tcOut',\n\tlinesTable.line AS 'line',\n\tlinesTable.notes AS 'notes'\nFROM\n\tlinesTable\nWHERE\n\tlinesTable.lineId = ? AND\n\tlinesTable.listId = ?"); $params = array($lineId, $_SESSION['listId']); $stmt->execute($params); $row = $stmt->fetch(PDO::FETCH_ASSOC); if (empty($row)) { error(__LINE__); pdoError(__LINE__, $stmt, $params, 1); } else { $row = charToHtml($row); //Convert all special characters to html. $output .= '<div id="lineDiv' . $lineId . '" class="lineMain ui-corner-all center textCenter" style="border:none"> ' . buildCharacters($row['charId'], 'editLineCharacter', 13) . ' <div class="ui-field-contain"> <label for="editReel" unused="ui-hidden-accessible">Reel</label> <input autocapitalize="off" autocorrect="off" data-mini="true" data-wrapper-class="true" id="editReel" goswitch="addLineButton" name="editReel" placeholder="" type="text" value="' . $row['reel'] . '"> </div> <div class="ui-field-contain"> <label for="editScene" unused="ui-hidden-accessible">Scene</label> <input autocapitalize="off" autocorrect="off" data-mini="true" data-wrapper-class="true" id="editScene" goswitch="addLineButton" name="editScene" placeholder="" type="text" value="' . $row['scene'] . '"> </div> <div class="ui-field-contain"> <label for="editTcIn" unused="ui-hidden-accessible">TC In</label> <input autocapitalize="off" autocorrect="off" class="tcValidate" data-mini="true" data-wrapper-class="true" entry="edit" id="editTcIn" framerate="' . $_SESSION['framerate'] . '" goswitch="addLineButton" maxlength="14" name="editTcIn" otherfield="editTcOut" placeholder="" type="text" value="' . $row['tcIn'] . '"> </div> <button lineId="2351" class="swapTc ui-btn ui-mini ui-btn-inline ui-corner-all" entry="edit"><i class="fa fa-exchange fa-lg fa-rotate-90"></i>Swap</button> <div class="ui-field-contain"> <label for="editTcOut" unused="ui-hidden-accessible">TC Out</label> <input autocapitalize="off" autocorrect="off" class="tcValidate" data-mini="true" data-wrapper-class="true" entry="edit" id="editTcOut" framerate="' . $_SESSION['framerate'] . '" goswitch="addLineButton" maxlength="14" name="editTcOut" otherfield="editTcIn" placeholder="" type="text" value="' . $row['tcOut'] . '"> </div> <div class="ui-field-contain"> <label for="editLine" unused="ui-hidden-accessible">Line</label> <textarea autocapitalize="off" autocorrect="off" data-mini="true" data-wrapper-class="true" id="editLine" framerate="' . $_SESSION['framerate'] . '" goswitch="addLineButton" name="addLine" placeholder="" rows="5">' . $row['line'] . '</textarea> </div> <div class="ui-field-contain"> <label for="editNotes" unused="ui-hidden-accessible">Notes</label> <textarea autocapitalize="off" autocorrect="off" data-mini="false" data-wrapper-class="true" id="editNotes" framerate="' . $_SESSION['framerate'] . '" goswitch="addLineButton" name="addNotes" placeholder="" rows="5">' . $row['notes'] . '</textarea> </div> <button class="ui-btn ui-btn-inline ui-shadow ui-corner-all ui-btn-icon-left ui-icon-heart" id="saveLineButton" lineId="' . $row['lineId'] . '">Save Changes</button><button class="ui-btn ui-btn-b ui-btn-inline ui-shadow ui-corner-all ui-btn-icon-left ui-icon-delete" id="cancelEditLine">Cancel</button> </div>'; $success = MODE == 'editLinePart1' ? true : $success; $returnThis['returnEditLinePart1'] = $output; } } catch (Adrlist_CustomException $e) { } catch (PDOException $e) { error(__LINE__, '', '<pre>' . $e . '</pre>'); } if (MODE == 'editLinePart1') { returnData(); } }