function retrieve($var) { global $xoopsModuleConfig; if ($xoopsModuleConfig['site_user_auth'] == 1) { if ($ret = check_for_lock(basename(__FILE__), $username, $password)) { return $ret; } if (!checkright(basename(__FILE__), $username, $password)) { mark_for_lock(basename(__FILE__), $username, $password); return array('ErrNum' => 9, "ErrDesc" => 'No Permission for plug-in'); } } global $xoopsDB; if (strlen($var['tablename']) > 0) { $tbl_id = get_tableid($var['tablename']); } elseif ($var['id'] > 0) { $tbl_id = $var['id']; } else { return array('ErrNum' => 2, "ErrDesc" => 'Table Name or Table ID not specified'); } if (!validate($tbl_id, $var['data'], "allowretrieve")) { return array('ErrNum' => 4, "ErrDesc" => 'Not all fields are allowed retrieve'); } else { $sql = "SELECT "; foreach ($var['data'] as $data) { if ($data['field'] == '*') { return array('ErrNum' => 7, "ErrDesc" => 'Wildcard not accepted'); } $sql_b .= "`" . $data['field'] . "`,"; } if (strlen($var['clause']) > 0) { if (strpos(' ' . strtolower($var['clause']), 'union') > 0) { return array('ErrNum' => 8, "ErrDesc" => 'Union not accepted'); } $sql_c .= 'WHERE ' . $var['clause'] . ""; } global $xoopsModuleConfig; if ($xoopsModuleConfig['site_user_auth'] == 1) { if (!validateuser($var['username'], $var['password'])) { return false; } } //echo $sql." ".substr($sql_b,0,strlen($str_b)-1)." FROM ".$xoopsDB->prefix(get_tablename($tbl_id))." ".$sql_c; $rt = $xoopsDB->queryf($sql . " " . substr($sql_b, 0, strlen($str_b) - 1) . " FROM " . $xoopsDB->prefix(get_tablename($tbl_id)) . " " . $sql_c); if (!$xoopsDB->getRowsNum($rt)) { return array('ErrNum' => 3, "ErrDesc" => 'No Records Returned from Query'); } else { $rtn = array(); while ($row = $xoopsDB->fetchArray($rt)) { $rdata = array(); foreach ($var['data'] as $data) { $rdata[] = array("fieldname" => $data['field'], "value" => $row[$data['field']]); } $rtn[] = $rdata; } } return array("total_records" => $xoopsDB->getRowsNum($rt), "items" => $rtn); } }
function update($var) { global $xoopsModuleConfig; if ($xoopsModuleConfig['site_user_auth'] == 1) { if ($ret = check_for_lock(basename(__FILE__), $username, $password)) { return $ret; } if (!checkright(basename(__FILE__), $username, $password)) { mark_for_lock(basename(__FILE__), $username, $password); return array('ErrNum' => 9, "ErrDesc" => 'No Permission for plug-in'); } } global $xoopsDB; if (strlen($var['tablename']) > 0) { $tbl_id = get_tableid($var['tablename']); } elseif ($var['id'] > 0) { $tbl_id = $var['id']; } else { return array('ErrNum' => 2, "ErrDesc" => 'Table Name or Table ID not specified'); } if (!validate($tbl_id, $var['data'], "allowupdate")) { return array('ErrNum' => 5, "ErrDesc" => 'Not all fields are allowed update'); } else { $sql = "UPDATE " . $xoopsDB->prefix(get_tablename($tbl_id)) . ' SET '; foreach ($var['data'] as $data) { if (!is_fieldkey($data['field'], $tbl_id)) { $sql_b .= "`" . $data['field'] . "` = '" . addslashes($data['value']) . "',"; } else { if (strpos(' ' . $data['value'], '%') > 0 || strpos(' ' . $data['value'], '_') > 0) { return array('ErrNum' => 7, "ErrDesc" => 'Wildcard not accepted'); } if (strpos(' ' . strtolower($data['value']), 'union') > 0) { return array('ErrNum' => 8, "ErrDesc" => 'Union not accepted'); } $sql_c .= " WHERE `" . $data['field'] . "` = '" . addslashes($data['value']) . "'"; } } if (strlen($sql_c) == 0) { return array('ErrNum' => 6, "ErrDesc" => 'No primary key set'); } global $xoopsModuleConfig; if ($xoopsModuleConfig['site_user_auth'] == 1) { if (!validateuser($var['username'], $var['password'])) { return false; } } return $xoopsDB->queryF($sql . substr($sql_b, 0, strlen($sql_b) - 1) . $sql_c); } }
function tableschemer($var) { global $xoopsModuleConfig; if ($xoopsModuleConfig['site_user_auth'] == 1) { if ($ret = check_for_lock(basename(__FILE__), $username, $password)) { return $ret; } if (!checkright(basename(__FILE__), $username, $password)) { mark_for_lock(basename(__FILE__), $username, $password); return array('ErrNum' => 9, "ErrDesc" => 'No Permission for plug-in'); } } global $xoopsDB; $sql = "SELECT * FROM " . $xoopsDB->prefix('curl_fields') . " WHERE visible = 1 "; if ($var['post'] = 1) { $sql .= "and allowpost = 1 "; } elseif ($var['retrieve'] = 1) { $sql .= "and allowretrieve = 1 "; } elseif ($var['update'] = 1) { $sql .= "and allowupdate = 1 "; } if (strlen($var['tablename']) > 0) { $sql .= "and tbl_id = " . get_tableid($var['tablename']); } elseif ($var['id'] > 0) { $sql .= "and tbl_id = " . $var['id']; } else { return array('ErrNum' => 2, "ErrDesc" => 'Table Name or Table ID not specified'); } $ret = $xoopsDB->query($sql); $rtn = array(); while ($row = $xoopsDB->fetchArray($ret)) { $rtn[] = array('table_id' => $row['tbl_id'], 'field' => $row['fieldname'], 'allowpost' => $row['allowpost'], 'allowretrieve' => $row['allowretrieve'], 'allowupdate' => $row['allowupdate'], 'string' => $row['string'], 'int' => $row['int'], 'float' => $row['float'], 'text' => $row['text'], 'key' => $row['key'], 'other' => $row['other']); } global $xoopsModuleConfig; if ($xoopsModuleConfig['site_user_auth'] == 1) { if (!validateuser($var['username'], $var['password'])) { return false; } } return $rtn; }
function post($var) { global $xoopsModuleConfig; if ($xoopsModuleConfig['site_user_auth'] == 1) { if ($ret = check_for_lock(basename(__FILE__), $username, $password)) { return $ret; } if (!checkright(basename(__FILE__), $username, $password)) { mark_for_lock(basename(__FILE__), $username, $password); return array('ErrNum' => 9, "ErrDesc" => 'No Permission for plug-in'); } } global $xoopsDB; if (strlen($var['tablename']) > 0) { $tbl_id = get_tableid($var['tablename']); } elseif ($var['id'] > 0) { $tbl_id = $var['id']; } else { return array('ErrNum' => 2, "ErrDesc" => 'Table Name or Table ID not specified'); } if (!validate($tbl_id, $var['data'], "allowpost")) { return array('ErrNum' => 1, "ErrDesc" => 'Not all fields are allowed posting'); } else { $sql = "INSERT INTO " . $xoopsDB->prefix(get_tablename($tbl_id)); foreach ($var['data'] as $data) { $sql_b .= "`" . $data['field'] . "`,"; $sql_c .= "'" . addslashes($data['value']) . "',"; } global $xoopsModuleConfig; if ($xoopsModuleConfig['site_user_auth'] == 1) { if (!validateuser($var['username'], $var['password'])) { return false; } } // echo $sql." (".substr($sql_b,0,strlen($str_b)-1).") VALUES (".substr($sql_c,0,strlen($str_c)-1).")"; $rt = $xoopsDB->queryF($sql . " (" . substr($sql_b, 0, strlen($str_b) - 1) . ") VALUES (" . substr($sql_c, 0, strlen($str_c) - 1) . ")"); return array("insert_id" => $xoopsDB->getInsertId($rt)); } }
function retrievekeys($var) { global $xoopsModuleConfig; if ($xoopsModuleConfig['site_user_auth'] == 1) { if ($ret = check_for_lock(basename(__FILE__), $username, $password)) { return $ret; } if (!checkright(basename(__FILE__), $username, $password)) { mark_for_lock(basename(__FILE__), $username, $password); return array('ErrNum' => 9, "ErrDesc" => 'No Permission for plug-in'); } } global $xoopsDB; $sql = "SELECT * FROM " . $xoopsDB->prefix('curl_fields') . " WHERE `key` = 1 and visible = 1 "; if (strlen($var['tablename']) > 0) { $sql .= "and tbl_id = " . get_tableid($var['tablename']); $tbl_id = get_tableid($var['tablename']); } elseif ($var['id'] > 0) { $sql .= "and tbl_id = " . $var['id']; $tbl_id = $var['id']; } else { return array('ErrNum' => 2, "ErrDesc" => 'Table Name or Table ID not specified'); } $ret = $xoopsDB->query($sql); $sql = "SELECT "; $tmp = array(); while ($row = $xoopsDB->fetchArray($ret)) { $sql .= '`' . $row['fieldname'] . '`'; $tmp[] = $row['fieldname']; $t++; if ($t < $xoopsDB->getRowsNum($ret)) { $sql .= ', '; } } if (strlen($var['tablename']) > 0) { $sql .= ' FROM ' . $xoopsDB->prefix($var['tablename']); } elseif ($var['id'] > 0) { $sql .= ' FROM ' . $xoopsDB->prefix(get_tablename($var['id'])); } if ($var['clause'] == 1) { if (strpos(' ' . strtolower($var['clause']), 'union') > 0) { return array('ErrNum' => 8, "ErrDesc" => 'Union not accepted'); } $sql .= ' WHERE `' . get_fieldname($var['fieldid'], $tbl_id) . '` ' . $var['clause']; } $ret = $xoopsDB->query($sql); $rtn = array(); while ($row = $xoopsDB->fetchArray($ret)) { $id++; $tmp_b = array(); foreach ($tmp as $result) { $tmp_b[] = array("field" => $result, "value" => $row[$result]); } $rtn[] = array('id' => $id, 'data' => $tmp_b); } global $xoopsModuleConfig; if ($xoopsModuleConfig['site_user_auth'] == 1) { if (!validateuser($var['username'], $var['password'])) { return false; } } return $rtn; }