if (xsrf_guard()) { init_var($_POST['btnCancel']); init_var($_POST['btnSubmit']); init_var($_POST['particularButton']); if ($_POST['btnCancel']) { header("location: ListView_PredefinedLists.php"); exit; } if ($_POST['btnSubmit'] || $_POST['particularButton']) { extract($_POST); } if ($_POST['btnSubmit']) { $errMsg = scriptCheckIfNull('List Name', $List_Name, 'Remarks', $Remarks); for ($a = 0; $a < $particularsCount; $a++) { $b = $a + 1; $errMsg .= scriptCheckIfNull("List Item #{$b}", $List_Item[$a]); } $mysqli = connect_DB(); $select = "SELECT `List_ID` FROM `table_fields_predefined_list` WHERE `List_Name`='" . $mysqli->real_escape_string($List_Name) . "' AND `Project_ID`='" . $mysqli->real_escape_string($_SESSION['Project_ID']) . "'"; $error = "The list name '{$List_Name}' already exists. Please choose a new one. <br>"; $errMsg .= scriptCheckIfUnique($select, $error); if ($errMsg == "") { queryCreatePredefinedList($_POST); header("location: ../success.php?success_tag=CreatePredefinedLists"); exit; } } } drawHeader(); drawPageTitle('Create Predefined List', $errMsg); ?>
if (xsrf_guard()) { init_var($_POST['btnCancel']); init_var($_POST['btnSubmit']); init_var($_POST['particularButton']); if ($_POST['btnCancel']) { header("location: ListView_Tables.php"); exit; } if ($_POST['btnSubmit'] || $_POST['particularButton']) { extract($_POST); } if ($_POST['btnSubmit']) { $errMsg = scriptCheckIfNull('DB Connection', $DB_Connection_ID, 'Table Name', $Table_Name); for ($a = 0; $a < $particularsCount; $a++) { $b = $a + 1; $errMsg .= scriptCheckIfNull("Table page #{$b}", $Page_ID[$a]); $Path_Filename[$a] = trim($Folder) . '/' . trim(basename($Filename[$a])); } if ($errMsg == "") { $select = "SELECT `Table_Name` FROM `table` WHERE `Table_Name`='{$Table_Name}' AND `Table_Name`!='{$Orig_Table_Name}' AND Project_ID='{$_SESSION['Project_ID']}'"; $error = "The table name '{$Table_Name}' already exists. Please choose a new name. <br>"; $errMsg = scriptCheckIfUnique($select, $error); if ($errMsg == "") { //Add additional info needed before passing $_POST $_POST['Project_ID'] = $_SESSION['Project_ID']; $_POST['Path_Filename'] = $Path_Filename; queryCreateTable($_POST); header("location: ../success.php?success_tag=CreateTables"); exit; } }
<?php require '../Core/SCV2_Core.php'; init_SCV2(); if (xsrf_guard()) { init_var($_POST['btnCancel']); init_var($_POST['btnSubmit']); if ($_POST['btnCancel']) { header("location: ListView_DBConnections.php"); exit; } if ($_POST['btnSubmit']) { extract($_POST); $errMsg = scriptCheckIfNull('DB Connection Name', $DB_Connection_Name, 'Hostname', $Hostname, 'Database', $Database, 'Username', $Username); if ($errMsg == "") { if ($Confirm_Password != $Password) { $errMsg = "Passwords do not match. Please re-enter the password."; } } if ($errMsg == "") { //Add additional info needed before passing $_POST $_POST['Project_ID'] = $_SESSION['Project_ID']; $DB_ID = rawurlencode(queryCreateDBConnection($_POST)); header("location: ../success.php?success_tag=CreateDBConnections&DB_ID={$DB_ID}"); exit; } } } drawHeader(); if ($errMsg == '') { $errMsg = 'COMMON SENSE WARNING:<br>
init_SCV2(); if (xsrf_guard()) { init_var($Parent_Field_ID); init_var($_POST['btnCancel']); init_var($_POST['btnSubmit']); extract($_POST); if ($_POST['btnCancel']) { header("location: ListView_TableRelations.php"); exit; } if ($_POST['btnSubmit']) { $errMsg = scriptCheckIfNull('Relation', $Relation, 'Parent', $Parent_Field_ID, 'Child', $Child_Field_ID); //Check for duplicate $errMsg .= scriptCheckIfUnique("SELECT Relation_ID\n FROM table_relations\n WHERE\n `Relation` = '" . $Relation . "' AND\n `Parent_Field_ID` = '" . $Parent_Field_ID . "' AND\n `Child_Field_ID` = '" . $Child_Field_ID . "'", "Cannot add relationship - this relationship already exists!<br />"); if ($Relation == "ONE-to-ONE") { $errMsg .= scriptCheckIfNull('Child Field Subtext', $Child_Field_Subtext); if ($errMsg == '') { //Check if chosen fields actually exist in parent //--Get Table ID $Table_ID = ''; $db_handle = connect_DB(); $db_handle->real_query("SELECT Table_ID\n FROM `table_fields`\n WHERE Field_ID = '{$Parent_Field_ID}'"); if ($result = $db_handle->use_result()) { while ($row = $result->fetch_assoc()) { $Table_ID = $row['Table_ID']; } $result->close(); } //--Get the fields of this table $arr_fields = array(); $db_handle = connect_DB();
<?php require '../Core/SCV2_Core.php'; init_SCV2(); if (xsrf_guard()) { init_var($_POST['btnCancel']); init_var($_POST['btnSubmit']); if ($_POST['btnCancel']) { header("location: ListView_Pages.php"); exit; } if ($_POST['btnSubmit']) { extract($_POST); $errMsg = scriptCheckIfNull('Page Name', $Page_Name, 'Generator', $Generator, 'Description', $Description); if ($errMsg == "") { queryCreatePage($_POST); header("location: ../success.php?success_tag=CreatePages"); exit; } } } drawHeader(); drawPageTitle('Create Page', $errMsg); ?> <div class="container_mid"> <fieldset class="top"> New Page Generator </fieldset> <fieldset class="middle"> <table class="input_form">
extract($data); } else { die($mysqli->error); } } if (xsrf_guard()) { init_var($_POST['btnCancel']); init_var($_POST['btnSubmit']); if ($_POST['btnCancel']) { header("location: " . HOME_PAGE); exit; } if ($_POST['btnSubmit']) { extract($_POST); init_var($Database_Connection_ID); $errMsg = scriptCheckIfNull('Project Name', $Project_Name, 'Client Name', $Client_Name, 'Description', $Project_Description, 'Base Directory', $Base_Directory, 'Database Connection', $Database_Connection_ID); if ($errMsg == "") { $select = "SELECT `Project_ID` FROM `project` WHERE `Project_Name`='{$Project_Name}' AND `Project_ID`!='{$Orig_Project_ID}'"; $error = "The project name '{$Project_Name}' already exists. Please choose a new one. <br>"; $errMsg = scriptCheckIfUnique($select, $error); if ($errMsg == "") { queryUpdateProject($_POST); header("location: ../success.php?success_tag=EditProject"); exit; } } } } drawHeader(); drawPageTitle('Edit Project', $errMsg); ?>
$_POST['formKey'] = 'x'; $_POST['btnSubmit'] = TRUE; $_POST['DB_Connection_ID'] = rawurldecode($_GET['DB_ID']); $tablesReady = 0; } $ShowTables = FALSE; if (xsrf_guard()) { init_var($_POST['btnCancel']); init_var($_POST['btnSubmit']); if ($_POST['btnCancel']) { header("location: ListView_Tables.php"); exit; } if ($_POST['btnSubmit']) { extract($_POST); $errMsg = scriptCheckIfNull('DB Connection', $DB_Connection_ID); //Verify that the DB_Connection_ID supplied is valid for this project/ $mysqli = connect_DB(); $mysqli->real_query("SELECT * FROM database_connection WHERE Project_ID='{$_SESSION['Project_ID']}' AND DB_Connection_ID='{$DB_Connection_ID}'"); if ($result = $mysqli->use_result()) { while ($row = $result->fetch_assoc()) { //Nothing } $num_rows = $result->num_rows; $result->close(); } if ($num_rows == 0) { $errMsg = "Invalid database connection supplied. Please specify a valid connection from the drop-down list below"; } if ($tablesReady) { if (!isset($checkbox) || !is_array($checkbox)) {
$errMsg .= scriptCheckIfNull("SELECT parameter field #{$b}", $Select_Field_ID[$a], "SELECT parameter display setting #{$b}", $Select_Field_Display[$a]); } for ($a = 0; $a < $whereCount; $a++) { $b = $a + 1; if ($Where_Field_ID[$a] != '0') { $errMsg .= scriptCheckIfNull("WHERE parameter field #{$b}", $Where_Field_ID[$a], "WHERE parameter operand #{$b}", $Where_Field_Operand[$a], "WHERE parameter value #{$b}", $Where_Field_Value[$a], "WHERE parameter conncetor #{$b}", $Where_Field_Connector[$a]); } } } else { $errMsg .= scriptCheckIfNull('Predefined List', $List_ID); } } for ($a = 0; $a < $particularsCount; $a++) { $b = $a + 1; if ($particularsCount > 1 && trim($Validation_Routine[0]) != "") { $errMsg .= scriptCheckIfNull("Validation Routine #{$b}", $Validation_Routine[$a]); } } if ($errMsg == "") { //Add additional info needed before passing $_POST queryDefineTableField($_POST); header("location: ../success.php?success_tag=DefineTableFields"); exit; } } } drawHeader(); drawPageTitle('Define Table Fields', $errMsg); ?> <div class="container_mid_huge2"> <fieldset class="top">
$data = $result->fetch_assoc(); extract($data); $Password_2 = $Password; } else { die($mysqli->error); } } elseif (xsrf_guard()) { init_var($_POST['btnCancel']); init_var($_POST['btnSubmit']); if ($_POST['btnCancel']) { header('location: ListView_Users.php'); exit; } if ($_POST['btnSubmit']) { extract($_POST); $errMsg = scriptCheckIfNull('Username', $Username, 'Password', $Password); if ($errMsg == "") { $select = "SELECT `Username` FROM `user` WHERE `Username`='{$Username}' AND `Username`!='{$Orig_Username}'"; $error = "The user you entered already exists. Please choose a new username if you wish to continue. <br>"; $errMsg = scriptCheckIfUnique($select, $error); if ($errMsg == "") { if ($Password == $Password_2) { queryUpdateUser($_POST); header("location: /SCV2/success.php?success_tag=EditUsers"); exit; } else { $errMsg = "Your passwords didn't match, please retype them."; } } } }
$export_status = ''; if (isset($_GET['First_Run'])) { $Export_Name = $_SESSION['Project_Name'] . '_' . date('Y-m-d_His'); $export_status = 'first run'; } if (xsrf_guard()) { init_var($_POST['btnCancel']); init_var($_POST['btnSubmit']); if ($_POST['btnCancel']) { header("location: " . HOME_PAGE); exit; } if ($_POST['btnSubmit']) { extract($_POST); init_var($Database_Connection_ID); $errMsg = scriptCheckIfNull('Export Name', $Export_Name); if ($errMsg == "") { $export_dir = FULLPATH_CORE . '../' . EXPORT_DIRECTORY; if (is_writable($export_dir)) { $file_contents = ''; $filename = $export_dir . '/' . $Export_Name . '.sql'; if (file_exists($filename)) { unlink($filename); } $sqlfile = fopen($filename, "ab"); $mysqli = connect_DB(); $Project_ID = $mysqli->real_escape_string($_SESSION['Project_ID']); $Project_Name = $mysqli->real_escape_string($_SESSION['Project_Name']); //Optimize all tables to make sure they insert in our target machine in the expected order. //This is really only absolutely essential for table_fields, but since it is free and might also //be relevant in the future, we just optimize all of them.
//**** END OF COBALT SELF-CHECK ************************************************************** if (xsrf_guard()) { init_var($ChooseProject); init_var($CreateProject); extract($_POST); if ($ChooseProject) { init_var($Project); if ($Project != '') { $_SESSION['Project_ID'] = $Project; $_SESSION['Project_Name'] = queryProjectName($Project); redirect("main.php"); } else { $errMsg = "You need to have a project stored in the repository in order to start working on it. <br>" . "If there are no projects available, please start by creating a new project."; } } elseif ($CreateProject) { $errMsg = scriptCheckIfNull('Project Name', $Project_Name, 'Client', $Client_Name, 'Description', $Project_Description, 'Base Directory', $Base_Directory); if ($errMsg == "") { queryCreateNewProject($_POST); queryCreateStandardLists(); redirect("main.php"); } } } drawHeader(TRUE, TRUE, FALSE); drawPageTitle("PROJECT", $errMsg, $msgType); ?> <script type="text/javascript"> function submit_enter(my_field,e) { var keypressed = (e.keyCode ? e.keyCode : e.which);