Ejemplo n.º 1
0
/**
 *  Deletes file identified with id.
 *
 * Checks 'mother table' whether this is allowed
 * Also deletes entries in index table for this file
 * Returns name of deleted file on succes
 */
function delete_file($db, $fileid, $USER)
{
    global $system_settings;
    $tableid = get_cell($db, 'files', 'tablesfk', 'id', $fileid);
    $tabledesc = get_cell($db, 'tableoftables', 'table_desc_name', 'id', $tableid);
    $ftableid = get_cell($db, 'files', 'ftableid', 'id', $fileid);
    // bail out when file was not found
    if (!$ftableid) {
        return false;
    }
    $columnid = get_cell($db, 'files', 'ftablecolumnid', 'id', $fileid);
    $associated_table = get_cell($db, $tabledesc, 'associated_table', 'id', $columnid);
    $filename = get_cell($db, 'files', 'filename', 'id', $fileid);
    if (!may_write($db, $tableid, $ftableid, $USER)) {
        return false;
    }
    @unlink($system_settings['filedir'] . "/{$fileid}" . "_{$filename}");
    // even if unlink fails we should really remove the entry from the database:
    $db->Execute("DELETE FROM files WHERE id={$fileid}");
    // if this was an image:
    $db->Execute("DELETE FROM images WHERE id={$fileid}");
    // remove indexing of file content
    $db->Execute("DELETE FROM {$associated_table} WHERE fileid={$fileid}");
    return $filename;
}
Ejemplo n.º 2
0
            echo "<input type='radio' name='pkeypolicy' value='addall' checked> Ignore 'Match Field', add all new records</input></td></tr>\n";
            echo "<tr><th>Skip first line?</th>\n";
            echo "<td><input type='radio' name='skipfirstline' value='yes' checked> Yes</input></td>\n";
            echo "<td><input type='radio' name='skipfirstline' value='no'> No</input></td></tr>\n";
            echo "<tr><td colspan=5 align='center'><input type='submit' name='assign' value='Import Data'></input></td></tr>\n";
            echo "</table>\n</form>\n<br>\n";
        } else {
            echo "<h3>Problems with file upload, please try again.</h3>\n";
        }
        printfooter();
        exit;
    } else {
        $string = "Please enter all fields";
    }
}
if ($USERAS && !may_write($db, $tableid, false, $USERAS)) {
    $string .= "Error: The selected user may not write to the selected database. ";
}
// Page with file to be uploaded, delimiter, table, and owner (Part 1)
echo "<h3 align='center'>{$string}</h3>";
echo "<h3 align='center'>Import Data(1): Select File, delimiter, and Table to import data into</h3>\n";
echo "<form method='post' id='importdata' enctype='multipart/form-data' ";
$dbstring = $PHP_SELF;
echo "action='{$dbstring}?" . SID . "'>\n";
echo "<table align='center' border='0' cellpadding='5' cellspacing='0'>\n";
echo "<tr>\n";
echo "<th>File with data</th>\n";
echo "<th>Delimiter</th>\n";
echo "<th>Quotes around field</th>\n";
echo "<th>Table</th>\n";
echo "<th>Assign new records to:</th>\n";
Ejemplo n.º 3
0
 * datatype
 */
// main includes
require './include.php';
require './includes/db_inc.php';
$tableinfo = new tableinfo($db, false, $_POST['tableid']);
// don't have these fields changed:
$forbidden_fields = array('id', 'ownerid');
if (in_array($_POST['field'], $forbidden_fields)) {
    return false;
}
if ($_POST['datatype'] == 'date') {
    $_POST['newvalue'] = strtotime($_POST['newvalue']);
}
//$db->debug=true;
if (may_see_table($db, $USER, $tableinfo->id) && may_write($db, $tableinfo->id, $_post['recordid'], $USER)) {
    if ($_POST['datatype'] == 'mpulldown') {
        // $newvalue is a comma separated list with ids of the selected items
        // remove the last (extra) comma)
        $_POST['newvalue'] = substr($_POST['newvalue'], 0, -1);
        $valueArray = explode(',', $_POST['newvalue']);
        // figure out name of keytable
        $keytable = get_cell($db, $tableinfo->desname, 'key_table', 'columnname', $_POST['field']);
        if ($keytable) {
            update_mpulldown($db, $keytable, $_POST['recordid'], $valueArray);
        }
    } else {
        // if the value is really empty, set to NULL, this is essential for numeric fields
        if ($_POST['newvalue'] == '') {
            $result = $db->Execute("UPDATE {$tableinfo->realname} SET {$_POST['field']}=NULL WHERE id={$_POST['recordid']}");
        } else {
Ejemplo n.º 4
0
/**
 *  Prints a form with addition stuff
 *
 * $fields is a comma-delimited string with column names
 * $field_values is hash with column names as keys
 * $id=0 for a new entry, otherwise it is the id
 */
function add_g_form($db, $tableinfo, $field_values, $id, $USER, $PHP_SELF, $system_settings)
{
    if (!may_write($db, $tableinfo->id, $id, $USER)) {
        return false;
    }
    if ($id) {
        $Allfields = getvalues($db, $tableinfo, $tableinfo->fields, id, $id);
        $namein = get_cell($db, $tableinfo->desname, "title", "id", $id);
        display_add($db, $tableinfo, $Allfields, $id, $namein, $system_settings);
    } else {
        $Allfields = getvalues($db, $tableinfo, $tableinfo->fields);
        display_add($db, $tableinfo, $Allfields, $id, "", $system_settings);
    }
}
Ejemplo n.º 5
0
 $actionLink = 'tablename=' . $tableinfo->name;
 if ($sid) {
     $actionLink .= '&amp;' . $sid;
 }
 // output javascript to cpature enter key and use it start Search:
 echo "<script type='text/javascript' language='JavaScript'>\n   function searchOnEnter(e) {\n      var pK = e? e.which: window.event.keyCode;\n      var node = (e.target) ? e.target : ((e.srcElement) ? e.srcElement : null);\n      if (pK == 13  && !(node.type==\"textarea\") ) {   \n         document.g_form.searchj.value=\"Search\"; \n         document.g_form.submit();\n      }\n   }\n   document.onkeypress = searchOnEnter;\n   if (document.layers)\n   document.captureEvents(Event.KEYPRESS);\n   </script>\n   ";
 // print form;
 //$dbstring=$PHP_SELF."?"."tablename=$tableinfo->name&";
 $formname = 'g_form';
 // NS 2015-02-24: change method from GET to POST, not sure if there are side-effects
 echo "<form name='{$formname}' method='POST' id='generalform' enctype='multipart/form-data' action='{$PHP_SELF}?{$actionLink}&amp;copyPOST=true'>\n";
 echo "<input type='hidden' name='tablename' value='{$tableinfo->name}'>\n";
 echo "<input type='hidden' name='md' value='{$md}'>\n";
 echo "<table border='0' width='75%' align='center'>\n<tr>\n";
 // variable md contains edit/view mode setting.  Propagated to remember state.  md can only be changed as a get variable
 $may_write = may_write($db, $tableinfo->id, false, $USER);
 if ($may_write) {
     $modetext = "<a href='{$PHP_SELF}?tablename={$tableinfo->name}&amp;md=";
 }
 if ($md == 'edit') {
     $tabletext = 'Now Editing Table: ';
     if ($may_write) {
         $modetext .= "view&amp;" . SID . "'>(to view mode)</a>\n";
     } else {
         $modetext = "";
     }
 } else {
     $tabletext = 'Now Viewing Table: ';
     if ($may_write) {
         $modetext .= "edit'>(to edit mode)</a>\n";
     }