function handle_xml_query_input($mode = false) { if (!$this->top_level_query) { return; } if ($mode == "MENU" && array_key_exists("xmlin", $_SESSION[reportico_namespace()])) { unset_reportico_session_param("xmlin"); } if ($mode == "ADMIN" && array_key_exists("xmlin", $_SESSION[reportico_namespace()])) { unset_reportico_session_param("xmlin"); } // See if XML needs to be read in $this->xmlinput = false; $this->sqlinout = false; if (array_key_exists("xmlin", $_SESSION[reportico_namespace()])) { $this->xmlinput = get_reportico_session_param("xmlin"); set_reportico_session_param("xmlout", $this->xmlinput); } if (array_key_exists("sqlin", $_SESSION[reportico_namespace()])) { $this->sqlinput = get_reportico_session_param("sqlin"); } if (array_key_exists("xmlin", $_REQUEST)) { set_reportico_session_param("firstTimeIn", true); $this->xmlinput = $_REQUEST["xmlin"]; unset_reportico_session_param("xmlintext"); set_reportico_session_param("xmlin", $this->xmlinput); set_reportico_session_param("xmlout", $this->xmlinput); } if ($this->initial_report) { $this->xmlinput = $this->initial_report; set_reportico_session_param("xmlin", $this->xmlinput); set_reportico_session_param("xmlout", $this->xmlinput); } if ($this->initial_sql) { $this->sqlinput = false; if (!get_reportico_session_param("sqlin")) { set_reportico_session_param("sqlin", $this->initial_sql); } $this->sqlinput = get_reportico_session_param("sqlin", $this->initial_sql); set_reportico_session_param("xmlin", false); set_reportico_session_param("xmlout", false); } if ($this->user_template == "_DEFAULT") { $this->user_template = false; $_SESSION['reportico_template'] = $this->user_template; } else { if (!$this->user_template) { $this->user_template = session_request_item('reportico_template', $this->user_template); } } if (array_key_exists("partial_template", $_REQUEST)) { $this->user_template = $_REQUEST["partial_template"]; } // Set template from request if specified //if ( array_key_exists("template", $_SESSION[reportico_namespace()]) ) //{ //$this->user_template = get_reportico_session_param("template"); //set_reportico_session_param("template",$this->user_template); //} //if ( array_key_exists("template", $_REQUEST) ) //{ //$this->user_template = $_REQUEST["template"]; //set_reportico_session_param("template",$this->user_template); //} if ($this->xmlinput && !preg_match("/\\.xml\$/", $this->xmlinput)) { $this->xmlinput .= ".xml"; } if (($this->xmlinput && $mode == "PREPARE" || $mode == "EXECUTE") && $this->login_type == "NORMAL" && ($this->xmlinput == "deleteproject.xml" || $this->xmlinput == "configureproject.xml" || $this->xmlinput == "createtutorials.xml" || $this->xmlinput == "createproject.xml")) { unset_reportico_session_param("xmlin"); $this->xmlinput = "unknown.xml"; $this->xmlin = "unknown.xml"; $_REQUEST["xmlin"] = "unknown.xml"; trigger_error("Can't find report"); return; } if ($this->xmlinput && !preg_match("/^[A-Za-z0-9]/", $this->xmlinput)) { unset_reportico_session_param("xmlin"); $this->xmlinput = "unknown.xml"; $this->xmlin = "unknown.xml"; $_REQUEST["xmlin"] = "unknown.xml"; trigger_error("Can't find report"); return; } // Now work out out file... if (!$this->xmloutfile) { $this->xmloutfile = $this->xmlinput; } if (array_key_exists("xmlout", $_SESSION[reportico_namespace()])) { $this->xmloutfile = get_reportico_session_param("xmlout"); } if (array_key_exists("xmlout", $_REQUEST)) { $this->xmloutfile = $_REQUEST["xmlout"]; set_reportico_session_param("xmlout", $this->xmloutfile); } $this->xmlintext = false; if ($this->top_level_query && array_key_exists("xmlintext", $_SESSION[reportico_namespace()])) { if ($this->xmlintext = get_reportico_session_param("xmlintext")) { $this->xmlinput = false; } } // Has new report been pressed ? If so clear any existing report // definitions if (array_key_exists("submit_maintain_NEW", $_REQUEST) || array_key_exists("new_report", $_REQUEST)) { $this->xmlinput = false; $this->xmlintext = false; $this->xmloutfile = false; set_reportico_session_param("xmlin", $this->xmlinput); set_reportico_session_param("xmlout", $this->xmlinput); } if ($this->sqlinput) { $this->importSQL($this->sqlinput); } else { if ($this->xmlinput || $this->xmlintext) { $this->xmlin = new reportico_xml_reader($this, $this->xmlinput, $this->xmlintext); $this->xmlin->xml2query(); } else { $this->xmlin = new reportico_xml_reader($this, false, ""); $this->xmlin->xml2query(); } } }
/** * Function save_admin_password * * Writes new admin password to the admin config.php */ function save_admin_password($password1, $password2, $language) { global $g_language; if ( $language ) $g_language = $language; if ( $password1 != $password2 ) return sw_translate("The passwords are not identical please reenter"); if ( strlen($password1) == 0 ) return sw_translate("The password may not be blank"); $proj_parent = find_best_location_in_include_path( $this->admin_projects_folder); $proj_dir = $proj_parent."/admin"; $proj_conf = $proj_dir."/config.php"; $proj_template = $proj_dir."/adminconfig.template"; if ( !file_exists ( $proj_parent ) ) return "Projects area $proj_parent does not exist - cannot write project"; if ( file_exists ( $proj_conf ) ) { if ( !is_writeable ( $proj_conf ) ) return "Projects config file $proj_conf is not writeable - cannot write config file - change permissions to continue"; } if ( !is_writeable ( $proj_dir ) ) return "Projects area $proj_dir is not writeable - cannot write project password in config.php - change permissions to continue"; if ( !file_exists ( $proj_conf ) ) if ( !file_exists ( $proj_template ) ) return "Projects config template file $proj_template does not exist - please contact reportico.org"; if ( file_exists ( $proj_conf ) ) { $txt = file_get_contents($proj_conf); } else { $txt = file_get_contents($proj_template); } $proj_language = find_best_location_in_include_path( "language" ) ; $lang_dir = $proj_language."/".$language; if ( !is_dir ( $lang_dir ) ) return "Language directory $language does not exist within the language folder"; $txt = preg_replace ( "/(define.*?SW_ADMIN_PASSWORD',).*\);/", "$1'$password1');", $txt); $txt = preg_replace ( "/(define.*?SW_LANGUAGE',).*\);/", "$1'$language');", $txt); unset_reportico_session_param('admin_password'); $retval = file_put_contents($proj_conf, $txt ); // Password is saved so use it so user can login if ( !defined('SW_ADMIN_PASSWORD') ) define ('SW_ADMIN_PASSWORD', $password1); else define ('SW_ADMIN_PASSWORD_RESET', $password1); return ; }
function handle_user_entry() { // First look for a parameter beginning "submit_". This will identify // What the user wanted to do. $hide_area = false; $show_area = false; $maintain_sql = false; $xmlsavefile = false; $xmldeletefile = false; if ($k = $this->get_matching_post_item("/^submit_/")) { // Strip off "_submit" preg_match("/^submit_(.*)/", $k, $match); // Now we should be left with a field element and an action // Lets strip the two $match1 = preg_split('/_/', $match[0]); $fld = $match1[1]; $action = $match1[2]; switch ($action) { case "ADD": // We have chosen to set a block of data so pass through Request set and see which // fields belong to this set and take appropriate action $this->add_maintain_fields($fld); $show_area = $fld; break; case "DELETE": // We have chosen to set a block of data so pass through Request set and see which // fields belong to this set and take appropriate action $this->delete_maintain_fields($fld); $show_area = $fld; break; case "MOVEUP": // We have chosen to set a block of data so pass through Request set and see which // fields belong to this set and take appropriate action $this->moveup_maintain_fields($fld); $show_area = $fld; break; case "MOVEDOWN": // We have chosen to set a block of data so pass through Request set and see which // fields belong to this set and take appropriate action $this->movedown_maintain_fields($fld); $show_area = $fld; break; case "SET": // We have chosen to set a block of data so pass through Request set and see which // fields belong to this set and take appropriate action $this->update_maintain_fields($fld); $show_area = $fld; break; case "REPORTLINK": case "REPORTLINKITEM": // Link in an item from another report $this->link_in_report_fields("link", $fld, $action); $show_area = $fld; break; case "REPORTIMPORT": case "REPORTIMPORTITEM": // Link in an item from another report $this->link_in_report_fields("import", $fld, $action); $show_area = $fld; break; case "SAVE": $xmlsavefile = $this->query->xmloutfile; if (!$xmlsavefile) { trigger_error(template_xlate("UNABLE_TO_SAVE") . template_xlate("SPECIFYXML"), E_USER_ERROR); } break; case "DELETEREPORT": $xmldeletefile = $this->query->xmloutfile; break; case "HIDE": $hide_area = $fld; break; case "SHOW": $show_area = $fld; break; case "SQL": $show_area = $fld; if ($fld == "mainquerqury") { // Main Query SQL Generation. $sql = stripslashes($_REQUEST["mainquerqury_SQL"]); $maintain_sql = $sql; if ($this->query->login_check()) { $p = new reportico_sql_parser($sql); if ($p->parse()) { $p->import_into_query($qr); if ($this->query->datasource->connect()) { $p->test_query($this->query, $sql); } } } } else { // It's a lookup if (preg_match("/mainquercrit(.*)qury/", $fld, $match1)) { $lookup = (int) $match1[1]; $lookup_char = $match1[1]; // Access the relevant crtieria item .. $qc = false; $ak = array_keys($this->query->lookup_queries); if (array_key_exists($lookup, $ak)) { $q = $this->query->lookup_queries[$ak[$lookup]]->lookup_query; } else { $q = new reportico(); } // Parse the entered SQL $sqlparm = $fld . "_SQL"; $sql = $_REQUEST[$sqlparm]; $q->maintain_sql = $sql; $q = new reportico(); $p = new reportico_sql_parser($sql); if ($p->parse()) { if ($p->test_query($this->query, $sql)) { $p->import_into_query($q); $this->query->set_criteria_lookup($ak[$lookup], $q, "WHAT", "NOW"); } } } } break; } } // Now work out what the maintainance screen should be showing by analysing // whether user pressed a SHOW button a HIDE button or keeps a maintenance item // show by presence of a shown value if (!$show_area) { // User has not pressed SHOW_ button - this would have been picked up in previous submit // So look for longest shown item - this will allow us to draw the maintenace screen with // the correct item maximised foreach ($_REQUEST as $k => $req) { if (preg_match("/^shown_(.*)/", $k, $match)) { $containee = "/^" . $hide_area . "/"; $container = $match[1]; if (!preg_match($containee, $container)) { if (strlen($match[1]) > strlen($show_area)) { $show_area = $match[1]; } } } } } if (!$show_area) { $show_area = "mainquer"; } $xmlout = new reportico_xml_writer($this->query); $xmlout->prepare_xml_data(); // If Save option has been used then write data to the named file and // use this file as the defalt input for future queries if ($xmlsavefile) { if ($this->query->allow_maintain != "SAFE" && $this->query->allow_maintain != "DEMO" && SW_ALLOW_MAINTAIN) { $xmlout->write_file($xmlsavefile); set_reportico_session_param("xmlin", $xmlsavefile); unset_reportico_session_param("xmlintext"); } else { trigger_error(template_xlate("SAFENOSAVE"), E_USER_ERROR); } } // If Delete Report option has been used then remove the file // use this file as the defalt input for future queries if ($xmldeletefile) { if ($this->query->allow_maintain != "SAFE" && $this->query->allow_maintain != "DEMO" && SW_ALLOW_MAINTAIN) { $xmlout->remove_file($xmldeletefile); set_reportico_session_param("xmlin", false); unset_reportico_session_param("xmlintext"); } else { trigger_error(template_xlate("SAFENODEL"), E_USER_ERROR); } } $xml = $xmlout->get_xmldata(); if ($this->query->top_level_query) { $this->query->xmlintext = $xml; } $this->query->xmlin = new reportico_xml_reader($this->query, false, $xml); $this->query->xmlin->show_area = $show_area; $this->query->maintain_sql = false; }