function _getRecords_getQuery($options, $schema)
{
global $VIEWER_NAME, $TABLE_PREFIX;
// create fieldlist
$selectFields = "`{$options['tableName']}`.*";
// add left joins
$LEFT_JOIN = '';
if (@$options['leftJoin']) {
// Fix $_REQUEST keys containing tablename
__replaceUnderscoresInRequest($options['tableName']);
// add qualified fieldsnames to schema
foreach (array_keys(getSchemaFields($schema)) as $fieldname) {
$schema["{$options['tableName']}.{$fieldname}"] = $schema[$fieldname];
$schema["{$options['tableName']}.{$fieldname}"]['name'] = $fieldname;
}
//
foreach ($options['leftJoin'] as $foreignTable => $foreignKey) {
/* get ON condition
* Modified pregmatch statment:
* \b= match 'ON ' anywhere in string.
* /i= don't match case.
* \s= space
*/
if (preg_match("/\\bON\\s/i", $foreignKey)) {
$ON_CONDITION = $foreignKey;
} else {
$ON_CONDITION = "ON {$options['tableName']}.`{$foreignKey}` = {$foreignTable}.num";
}
// add left join
$LEFT_JOIN .= "LEFT JOIN `{$TABLE_PREFIX}{$foreignTable}` AS `{$foreignTable}` {$ON_CONDITION}\n";
// add fieldnames to SELECT
$foreignSchemaFields = getSchemaFields($foreignTable);
$validFieldTypes = array('textfield', 'textbox', 'wysiwyg', 'date', 'list', 'checkbox');
foreach (array_keys($foreignSchemaFields) as $fieldname) {
if (in_array(@$foreignSchemaFields[$fieldname]['type'], $validFieldTypes) || @$fieldname == 'num') {
$selectFields .= ",\n {$foreignTable}.`{$fieldname}` as `{$foreignTable}.{$fieldname}`";
}
// Fix $_REQUEST keys containing tablename
__replaceUnderscoresInRequest($foreignTable);
// add fieldnames to schema
$schema["{$foreignTable}.{$fieldname}"] = $foreignSchemaFields[$fieldname];
$schema["{$foreignTable}.{$fieldname}"]['name'] = $fieldname;
}
}
}
// create where
$where = @$options['where'];
if ($options['allowSearch']) {
$defaultWhere = _createDefaultWhereWithFormInput($schema, '', $options);
if ($options['requireSearchMatch'] && !$defaultWhere) {
$defaultWhere = "0 = 1";
}
// always false
if (!$where) {
$where = $defaultWhere;
} elseif ($where && $defaultWhere) {
$where = "({$where}) AND ({$defaultWhere})";
}
// v2.51 Fixed potential AND/OR precedence issue by adding () AND ()
}
if (@$schema['createdByUserNum'] && @$schema['_hideRecordsFromDisabledAccounts'] && !@$options['includeDisabledAccounts']) {
if ($where) {
$where .= " AND ";
}
$subquery = "SELECT num FROM `{$TABLE_PREFIX}accounts` WHERE disabled != 1 AND (expiresDate > NOW() OR neverExpires = 1)";
$where .= "{$options['tableName']}.createdByUserNum IN ({$subquery})";
}
$where = _addWhereConditionsForSpecialFields($schema, $where, $options, $options['tableName']);
// adds WHERE to beginning of string, do this LAST
if (@$options['orWhere']) {
$where = preg_replace("/^\\s*WHERE\\s*/i", '', $where);
// remove WHERE keyword
if ($where) {
$where = "({$where}) OR {$options['orWhere']}";
} else {
$where = $options['orWhere'];
}
if ($where) {
$where = "\nWHERE {$where}";
}
}
// add select expr
if (@$options['addSelectExpr']) {
$selectFields .= ", {$options['addSelectExpr']}";
}
// create query
$query = "SELECT SQL_CALC_FOUND_ROWS {$selectFields}\n";
$query .= "FROM `{$TABLE_PREFIX}{$options['tableName']}` as `{$options['tableName']}`\n";
$query .= $LEFT_JOIN;
$query .= "{$where}\n";
$query .= @$options['groupBy'] ? " GROUP BY {$options['groupBy']}" : '';
$query .= @$options['having'] ? " HAVING {$options['having']}" : '';
$query .= @$options['orderBy'] ? " ORDER BY {$options['orderBy']}" : '';
if (@$options['limit']) {
$query .= "\n LIMIT " . (int) $options['limit'];
}
if (@$options['offset']) {
$query .= "\nOFFSET " . (int) $options['offset'];
}
if (@$options['debugSql']) {
print "<xmp>{$query}</xmp>";
}
return $query;
}
function _getRecordValuesFromFormInput($fieldPrefix = '')
{
global $schema, $CURRENT_USER, $tableName, $isMyAccountMenu;
$recordValues = array();
$specialFields = array('num', 'createdDate', 'createdByUserNum', 'updatedDate', 'updatedByUserNum');
// load schema columns
foreach (getSchemaFields($schema) as $fieldname => $fieldSchema) {
if (!userHasFieldAccess($fieldSchema)) {
continue;
}
// skip fields that the user has no access to
if ($tableName == 'accounts' && $fieldname == 'isAdmin' && !$CURRENT_USER['isAdmin']) {
continue;
}
// skip admin only fields
// special cases: don't let user set values for:
if (in_array($fieldname, $specialFields)) {
continue;
}
if ($isMyAccountMenu) {
if (@(!$fieldSchema['myAccountField'])) {
continue;
}
// my account - skip fields not displayed or allowed to be edited in "my account"
if ($fieldname == 'password' && !@$_REQUEST[$fieldPrefix . 'password']) {
continue;
}
// my account - skip password field if no value submitted
}
//
switch (@$fieldSchema['type']) {
case 'textfield':
case 'wysiwyg':
case 'checkbox':
case 'parentCategory':
$recordValues[$fieldname] = $_REQUEST[$fieldPrefix . $fieldname];
break;
case 'textbox':
$fieldValue = $_REQUEST[$fieldPrefix . $fieldname];
if ($fieldSchema['autoFormat']) {
$fieldValue = preg_replace("/\r\n|\n/", "<br/>\n", $fieldValue);
// add break tags
}
$recordValues[$fieldname] = $fieldValue;
break;
case 'date':
$recordValues[$fieldname] = sprintf("%04d-%02d-%02d %02d:%02d:%02d", $_REQUEST["{$fieldPrefix}{$fieldname}:year"], $_REQUEST["{$fieldPrefix}{$fieldname}:mon"], $_REQUEST["{$fieldPrefix}{$fieldname}:day"], _getHour24ValueFromDateInput($fieldPrefix . $fieldname), (int) @$_REQUEST["{$fieldPrefix}{$fieldname}:min"], (int) @$_REQUEST["{$fieldPrefix}{$fieldname}:sec"]);
break;
case 'list':
if (is_array(@$_REQUEST[$fieldPrefix . $fieldname]) && @$_REQUEST[$fieldPrefix . $fieldname]) {
// store multi-value fields as tab delimited with leading/trailing tabs
// for easy matching of single values - LIKE "%\tvalue\t%"
$recordValues[$fieldname] = "\t" . join("\t", $_REQUEST[$fieldPrefix . $fieldname]) . "\t";
} else {
$recordValues[$fieldname] = @$_REQUEST[$fieldPrefix . $fieldname];
}
break;
case 'upload':
// images need to be loaded with seperate function call.
break;
case 'dateCalendar':
_updateDateCalendar($fieldname);
break;
// ignored fields
// ignored fields
case '':
// ignore these fields when saving user input
// ignore these fields when saving user input
case 'none':
// ...
// ...
case 'separator':
// ...
// ...
case 'relatedRecords':
// ...
// ...
case 'accessList':
// ...
break;
default:
die(__FUNCTION__ . ": field '{$fieldname}' has unknown field type '" . @$fieldSchema['type'] . "'");
break;
}
}
return $recordValues;
}
function getTableRow($record, $value, $formType)
{
global $isMyAccountMenu;
$parentTable = $GLOBALS['menu'];
// set field attributes
$relatedTable = $this->relatedTable;
$relatedWhere = getEvalOutput(@$this->relatedWhere);
$seeMoreLink = @$this->relatedMoreLink ? "?menu={$relatedTable}&search=1&_ignoreSavedSearch=1&" . getEvalOutput($this->relatedMoreLink) : '';
// load list functions
require_once "lib/menus/default/list_functions.php";
require_once "lib/viewer_functions.php";
// save and update globals
list($originalMenu, $originalTableName, $originalSchema) = array($GLOBALS['menu'], $GLOBALS['tableName'], $GLOBALS['schema']);
$GLOBALS['menu'] = $relatedTable;
$GLOBALS['tableName'] = $relatedTable;
$GLOBALS['schema'] = loadSchema($relatedTable);
$GLOBALS['schema'] = array_merge($GLOBALS['schema'], getSchemaFields($GLOBALS['schema']));
// v2.16+, add pseudo-fields name and _tableName to all fieldSchemas. Doing this once here instead of every time in loadSchema() is less expensive
// load list data
list($listFields, $records, $metaData) = list_functions_init(array('isRelatedRecords' => true, 'tableName' => $relatedTable, 'where' => $relatedWhere, 'perPage' => @$this->relatedLimit));
### show header
$html = '';
$recordCount = count($records);
$oneOrZero = $recordCount > 0 ? 1 : 0;
$seeMoreHTML = $seeMoreLink ? "<br/><a href='{$seeMoreLink}'>" . htmlencode(t("see related records >>")) . "</a>" : '';
$showingText = sprintf(t('Showing %1$s - %2$s of %3$s related records'), $oneOrZero, $recordCount, $metaData['totalRecords']);
ob_start();
?>
<tr><td colspan="2">
<div class="clear"></div>
<div class="content-box">
<div class="content-box-header">
<div style="float:right; text-align: right; line-height: 110%">
<?php
echo $showingText;
?>
<?php
echo $seeMoreHTML;
?>
</div>
<h3><?php
echo $this->label;
?>
<!-- --></h3>
<div class="clear"></div>
</div> <!-- End .content-box-header -->
<div class="content-box-content">
<?php
$html .= ob_get_clean();
### show body
// show list
ob_start();
showListTable($listFields, $records, array('isRelatedRecords' => true, 'showView' => @$this->relatedView, 'showModify' => @$this->relatedModify, 'showErase' => @$this->relatedErase, 'showCreate' => @$this->relatedCreate));
$html .= ob_get_clean();
### get footer
$buttonsRight = '';
if (@$this->relatedCreate) {
// show "create" button for related records
$buttonsRight = relatedRecordsButton(t('Create'), "?menu={$relatedTable}&action=edit&{$parentTable}Num=###");
}
$tableName = $relatedTable;
$isRelatedTable = true;
$buttonsRight = applyFilters('list_buttonsRight', $buttonsRight, $tableName, $isRelatedTable);
$html .= <<<__FOOTER__
<div style='float:right; padding-top: 3px'>
{$buttonsRight}
</div>
<div class='clear'></div>
</div><!-- End .content-box-content -->
</div><!-- End .content-box -->
</td></tr>
__FOOTER__;
// reset globals
list($GLOBALS['menu'], $GLOBALS['tableName'], $GLOBALS['schema']) = array($originalMenu, $originalTableName, $originalSchema);
//
return $html;
}
<?php
// load libraries
require_once "lib/menus/default/common.php";
require_once file_exists('lib/wysiwyg_custom.php') ? 'lib/wysiwyg_custom.php' : 'lib/wysiwyg.php';
// set globals
global $TABLE_PREFIX, $tableName, $escapedTableName, $action, $schema, $CURRENT_USER, $hasEditorAccess, $hasAuthorAccess, $hasViewerAccess, $hasViewerAccessOnly, $hasAuthorViewerAccess, $isMyAccountMenu, $isSingleMenu;
$isMyAccountMenu = $menu == '_myaccount';
$tableName = $isMyAccountMenu ? 'accounts' : $menu;
$schema = loadSchema($tableName);
$schema = array_merge($schema, getSchemaFields($schema));
// v2.16+, add pseudo-fields name and _tableName to all fieldSchemas. Doing this once here instead of every time in loadSchema() is less expensive
$escapedTableName = mysql_escape($TABLE_PREFIX . $tableName);
$hasEditorAccess = userSectionAccess($tableName) >= 9;
$hasAuthorAccess = userSectionAccess($tableName) >= 6;
$hasViewerAccess = userSectionAccess($tableName) >= 3;
$hasViewerAccessOnly = userSectionAccess($tableName) == 3;
$hasAuthorViewerAccess = userSectionAccess($tableName) >= 7;
$isSingleMenu = @$schema['menuType'] == 'single';
// get action
if ($isSingleMenu && $hasAuthorAccess) {
$_defaultAction = 'edit';
} elseif ($isSingleMenu && $hasViewerAccess) {
$_defaultAction = 'view';
} else {
$_defaultAction = 'list';
}
$action = getRequestedAction($_defaultAction);
//
doAction('section_init', $tableName, $action);
//
