/**
* AgileBill - Open Billing Software
*
* This body of work is free software; you can redistribute it and/or
* modify it under the terms of the Open AgileBill License
* License as published at http://www.agileco.com/agilebill/license1-4.txt
*
* For questions, help, comments, discussion, etc., please join the
* Agileco community forums at http://forum.agileco.com/
*
* @link http://www.agileco.com/
* @copyright 2004-2008 Agileco, LLC.
* @license http://www.agileco.com/agilebill/license1-4.txt
* @author Tony Landis <*****@*****.**>
* @package AgileBill
* @version 1.4.93
*/
function CORE_database_delete($VAR, &$construct, $type)
{
global $C_debug, $C_translate;
# set the id
$id = $construct->table . '_id';
# generate the full query
$q = "DELETE FROM\n\t\t\t" . AGILE_DB_PREFIX . "{$construct->table}\n\t\t\tWHERE\n\t\t\tid \t\t= '" . $db->qstr($VAR["id"], get_magic_quotes_gpc()) . "'\n\t\t\tAND\n\t\t\tsite_id = '" . DEFAULT_SITE . "'";
# execute the query
$db =& DB();
$result = $db->Execute($q);
# Alert
$C_debug->value["id"] = $VAR[$id];
$C_debug->value["module_name"] = $C_translate->translate('menu', $construct->module, "");
$alert = $C_translate->translate('alert_delete_id', "", "");
$C_debug->alert($alert);
# error reporting
if ($result === false) {
global $C_debug;
$C_debug->error('database.inc.php', 'delete', $db->ErrorMsg());
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 0, $VAR);
}
} else {
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 0, $VAR);
}
}
}
function search_show($VAR)
{
$this->charge_construct();
$type = "search";
$this->method["{$type}"] = explode(",", $this->method["{$type}"]);
# set the field list for this method:
$arr = $this->method[$type];
$field_list = '';
$i = 0;
while (list($key, $value) = each($arr)) {
if ($i == 0) {
$field_var = $this->table . '_' . $value;
$field_list .= AGILE_DB_PREFIX . "charge" . "." . $value;
// determine if this record is linked to another table/field
if ($this->field[$value]["asso_table"] != "") {
$this->linked[] = array('field' => $value, 'link_table' => $this->field[$value]["asso_table"], 'link_field' => $this->field[$value]["asso_field"]);
}
} else {
$field_var = $this->table . '_' . $value;
$field_list .= "," . AGILE_DB_PREFIX . "charge" . "." . $value;
// determine if this record is linked to another table/field
if ($this->field[$value]["asso_table"] != "") {
$this->linked[] = array('field' => $value, 'link_table' => $this->field[$value]["asso_table"], 'link_field' => $this->field[$value]["asso_field"]);
}
}
$i++;
}
# get the search details:
if (isset($VAR['search_id'])) {
include_once PATH_CORE . 'search.inc.php';
$search = new CORE_search();
$search->get($VAR['search_id']);
} else {
# invalid search!
echo '<BR> The search terms submitted were invalid!';
# translate... # alert
if (isset($this->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($this->trigger["{$type}"], 0, $VAR);
}
}
# get the sort order details:
if (isset($VAR['order_by']) && $VAR['order_by'] != "") {
$order_by = ' ORDER BY ' . $VAR['order_by'];
$smarty_order = $VAR['order_by'];
} else {
$order_by = ' ORDER BY ' . $this->order_by;
$smarty_order = $search->order_by;
}
# determine the sort order
if (isset($VAR['desc'])) {
$order_by .= ' DESC';
$smarty_sort = 'desc=';
} else {
if (isset($VAR['asc'])) {
$order_by .= ' ASC';
$smarty_sort = 'asc=';
} else {
if (!eregi('date', $smarty_order)) {
$order_by .= ' ASC';
$smarty_sort = 'asc=';
} else {
$order_by .= ' DESC';
$smarty_sort = 'desc=';
}
}
}
# generate the full query
$db =& DB();
$q = eregi_replace("%%fieldList%%", $field_list, $search->sql);
$q = eregi_replace("%%tableList%%", AGILE_DB_PREFIX . $construct->table, $q);
$q = eregi_replace("%%whereList%%", "", $q);
$q .= " site_id = " . $db->qstr(DEFAULT_SITE);
$q .= $order_by;
//////////////////
# echo "<BR> $q <BR>";
$current_page = 1;
$offset = -1;
if (!empty($VAR['page'])) {
$current_page = $VAR['page'];
}
if (empty($search->limit)) {
$search->limit = 25;
}
if ($current_page > 1) {
$offset = $current_page * $search->limit - $search->limit;
}
$result = $db->SelectLimit($q, $search->limit, $offset);
# error reporting
if ($result === false) {
global $C_debug;
$C_debug->error('charge.inc.php', 'search', $db->ErrorMsg());
if (isset($this->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($this->trigger["{$type}"], 0, $VAR);
}
return;
}
# put the results into a smarty accessable array
$i = 0;
$class_name = TRUE;
while (!$result->EOF) {
$smart[$i] = $result->fields;
if ($class_name) {
$smart[$i]['_C'] = 'row1';
$class_name = FALSE;
} else {
$smart[$i]['_C'] = 'row2';
$class_name = TRUE;
}
$result->MoveNext();
$i++;
}
# get any linked fields
if ($i > 0) {
$db_join = new CORE_database();
$this->result = $db_join->join_fields($smart, $this->linked);
} else {
$this->result = $smart;
}
# get the result count:
$results = $result->RecordCount();
# define the DB vars as a Smarty accessible block
global $smarty;
# define the results
$smarty->assign($this->table, $this->result);
$smarty->assign('page', $VAR['page']);
$smarty->assign('order', $smarty_order);
$smarty->assign('sort', $smarty_sort);
$smarty->assign('limit', $search->limit);
$smarty->assign('search_id', $search->id);
$smarty->assign('results', $search->results);
# get the total pages for this search:
if (empty($search->limit)) {
$this->pages = 1;
} else {
$this->pages = intval($search->results / $search->limit);
}
if ($search->results % $search->limit) {
$this->pages++;
}
# total pages
$smarty->assign('pages', $this->pages);
# current page
$smarty->assign('page', $current_page);
$page_arr = '';
for ($i = 0; $i <= $this->pages; $i++) {
if ($this->page != $i) {
$page_arr[] = $i;
}
}
# page array for menu
$smarty->assign('page_arr', $page_arr);
}
/**
* AgileBill - Open Billing Software
*
* This body of work is free software; you can redistribute it and/or
* modify it under the terms of the Open AgileBill License
* License as published at http://www.agileco.com/agilebill/license1-4.txt
*
* For questions, help, comments, discussion, etc., please join the
* Agileco community forums at http://forum.agileco.com/
*
* @link http://www.agileco.com/
* @copyright 2004-2008 Agileco, LLC.
* @license http://www.agileco.com/agilebill/license1-4.txt
* @author Tony Landis <*****@*****.**>
* @package AgileBill
* @version 1.4.93
*/
function CORE_database_add($VAR, $construct, $type)
{
global $C_translate;
# set the field list for this method:
$arr = $construct->method["{$type}"];
# define the validation class
include_once PATH_CORE . 'validate.inc.php';
$validate = new CORE_validate();
$construct->validated = true;
####################################################################
# loop through the field list to validate the required fields
####################################################################
while (list($key, $value) = each($arr)) {
# get the field value
$field_var = $construct->module . '_' . $value;
$field_name = $value;
$construct->validate = true;
####################################################################
# perform any field validation...
####################################################################
# check if this value is unique
if (isset($construct->field["{$value}"]["unique"]) && isset($VAR["{$field_var}"])) {
if (!$validate->validate_unique($construct->table, $field_name, "record_id", $VAR["{$field_var}"])) {
$construct->validated = false;
$construct->val_error[] = array('field' => $construct->table . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $C_translate->translate('validate_unique', "", ""));
}
}
# check if the submitted value meets the specifed requirements
if (isset($construct->field["{$value}"]["validate"])) {
if (isset($VAR["{$field_var}"])) {
if ($VAR["{$field_var}"] != '') {
if (!$validate->validate($field_name, $construct->field["{$value}"], $VAR["{$field_var}"], $construct->field["{$value}"]["validate"])) {
$construct->validated = false;
$construct->val_error[] = array('field' => $construct->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $validate->error["{$field_name}"]);
}
} else {
$construct->validated = false;
$construct->val_error[] = array('field' => $construct->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $C_translate->translate('validate_any', "", ""));
}
} else {
$construct->validated = false;
$construct->val_error[] = array('field' => $construct->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $C_translate->translate('validate_any', "", ""));
}
}
}
####################################################################
# If validation was failed, skip the db insert &
# set the errors & origonal fields as Smarty objects,
# and change the page to be loaded.
####################################################################
if (!$construct->validated) {
global $smarty;
# set the errors as a Smarty Object
$smarty->assign('form_validation', $construct->val_error);
# set the page to be loaded
if (!defined("FORCE_PAGE")) {
define('FORCE_PAGE', $VAR['_page_current']);
}
# define any triggers
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 0, $VAR);
}
# strip slashes
global $C_vars;
$C_vars->strip_slashes_all();
return false;
} else {
# begin the new database class:
$db =& DB();
# loop through the field list to create the sql queries
$field_list = '';
$i = 0;
reset($arr);
while (list($key, $value) = each($arr)) {
# get the field value
$field_var = $construct->module . '_' . $value;
$field_name = $value;
if (isset($VAR["{$field_var}"])) {
# check if html allowed:
if (@$construct->field["{$value}"]["html"] != 1 && !is_array($VAR["{$field_var}"])) {
$insert_value = htmlspecialchars($VAR["{$field_var}"]);
} else {
$insert_value = $VAR["{$field_var}"];
}
# perform data conversions
if (isset($construct->field["{$value}"]["convert"])) {
$insert_value = $validate->convert($field_name, $insert_value, $construct->field["{$value}"]["convert"]);
}
# create the sql statement
if (!empty($insert_value)) {
$field_list .= ", " . $value . "=" . $db->qstr($insert_value, get_magic_quotes_gpc());
}
}
}
# add a comma before the site_id if needed
if ($field_list != '') {
$field_list .= ',';
}
# determine the record id:
$construct->record_id = $db->GenID(AGILE_DB_PREFIX . "" . $construct->table . '_id');
# define the new ID as a constant
define(strtoupper('NEW_RECORD_' . $construct->table . '_ID'), $construct->record_id);
# generate the full query
$q = "INSERT INTO " . AGILE_DB_PREFIX . "{$construct->table}\n\t\t\t\tSET\n\t\t\t\tid = " . $db->qstr($construct->record_id) . "\n\t\t\t\t{$field_list}\n\t\t\t\tsite_id = " . $db->qstr(DEFAULT_SITE);
# execute the query
$result = $db->Execute($q);
## echo $q;
# error reporting:
if ($result === false) {
global $C_debug;
$C_debug->error('database.inc.php', 'add', $db->ErrorMsg());
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 0, $VAR);
return false;
}
}
# define any triggers:
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 1, $VAR);
}
global $VAR;
$VAR["id"] = $construct->record_id;
@($redirect_page = $VAR['_page']);
if (isset($VAR["_escape"]) || isset($VAR["_escape_next"])) {
$_escape = '&_escape=1&_escape_next=1';
}
define('REDIRECT_PAGE', '?_page=' . $redirect_page . '&id=' . $construct->record_id . '' . @$_escape);
return $construct->record_id;
}
}
/**
* AgileBill - Open Billing Software
*
* This body of work is free software; you can redistribute it and/or
* modify it under the terms of the Open AgileBill License
* License as published at http://www.agileco.com/agilebill/license1-4.txt
*
* For questions, help, comments, discussion, etc., please join the
* Agileco community forums at http://forum.agileco.com/
*
* @link http://www.agileco.com/
* @copyright 2004-2008 Agileco, LLC.
* @license http://www.agileco.com/agilebill/license1-4.txt
* @author Tony Landis <*****@*****.**>
* @package AgileBill
* @version 1.4.93
*/
function CORE_database_search($VAR, &$construct, $type)
{
$db =& DB();
include_once PATH_CORE . 'validate.inc.php';
$validate = new CORE_validate();
# set the search criteria array
$arr = $VAR;
# loop through the submitted field_names to get the WHERE statement
$where_list = '';
$i = 0;
while (list($key, $value) = each($arr)) {
if ($i == 0) {
if ($value != '') {
$pat = "^" . $construct->module . "_";
if (preg_match('/' . $pat . '/i', $key)) {
$field = preg_replace('/' . $pat . '/i', "", $key);
if (preg_match('/%/', $value)) {
# do any data conversion for this field (date, encrypt, etc...)
if (isset($construct->field["{$field}"]["convert"])) {
$value = $validate->convert($field, $value, $construct->field["{$field}"]["convert"]);
}
$where_list .= " WHERE " . $field . " LIKE " . $db->qstr($value, get_magic_quotes_gpc());
$i++;
} else {
# check if array
if (is_array($value)) {
for ($i_arr = 0; $i_arr < count($value); $i_arr++) {
if ($value["{$i_arr}"] != '') {
# determine any field options (=, >, <, etc...)
$f_opt = '=';
$pat_field = $construct->module . '_' . $field;
$VAR['field_option']["{$pat_field}"]["{$i_arr}"];
if (isset($VAR['field_option']["{$pat_field}"]["{$i_arr}"])) {
$f_opt = $VAR['field_option']["{$pat_field}"]["{$i_arr}"];
# error checking, safety precaution
if ($f_opt != '=' && $f_opt != '>' && $f_opt != '<' && $f_opt != '>=' && $f_opt != '<=' && $f_opt != '!=') {
$f_opt = '=';
}
}
# do any data conversion for this field (date, encrypt, etc...)
if (isset($construct->field["{$field}"]["convert"])) {
$value["{$i_arr}"] = $validate->convert($field, $value["{$i_arr}"], $construct->field["{$field}"]["convert"]);
}
if ($i_arr == 0) {
$where_list .= " WHERE " . $field . " {$f_opt} " . $db->qstr($value["{$i_arr}"], get_magic_quotes_gpc());
$i++;
} else {
$where_list .= " AND " . $field . " {$f_opt} " . $db->qstr($value["{$i_arr}"], get_magic_quotes_gpc());
$i++;
}
}
}
} else {
$where_list .= " WHERE " . $field . " = " . $db->qstr($value, get_magic_quotes_gpc());
$i++;
}
}
}
}
} else {
if ($value != '') {
$pat = "^" . $construct->module . "_";
if (preg_match('/' . $pat . '/', $key)) {
$field = preg_replace('/' . $pat . '/i', "", $key);
if (preg_match('/%/', $value)) {
# do any data conversion for this field (date, encrypt, etc...)
if (isset($construct->field["{$field}"]["convert"])) {
$value = $validate->convert($field, $value, $construct->field["{$field}"]["convert"]);
}
$where_list .= " AND " . $field . " LIKE " . $db->qstr($value, get_magic_quotes_gpc());
$i++;
} else {
# check if array
if (is_array($value)) {
for ($i_arr = 0; $i_arr < count($value); $i_arr++) {
if ($value["{$i_arr}"] != '') {
# determine any field options (=, >, <, etc...)
$f_opt = '=';
$pat_field = $construct->module . '_' . $field;
if (isset($VAR['field_option']["{$pat_field}"]["{$i_arr}"])) {
$f_opt = $VAR['field_option']["{$pat_field}"]["{$i_arr}"];
# error checking, safety precaution
if ($f_opt != '=' && $f_opt != '>' && $f_opt != '<' && $f_opt != '>=' && $f_opt != '<=' && $f_opt != '!=') {
$f_opt = '=';
}
}
# do any data conversion for this field (date, encrypt, etc...)
if (isset($construct->field["{$field}"]["convert"])) {
$value["{$i_arr}"] = $validate->convert($field, $value["{$i_arr}"], $construct->field["{$field}"]["convert"]);
}
$where_list .= " AND " . $field . " {$f_opt} " . $db->qstr($value["{$i_arr}"], get_magic_quotes_gpc());
$i++;
}
}
} else {
$where_list .= " AND " . $field . " = " . $db->qstr($value, get_magic_quotes_gpc());
$i++;
}
}
}
}
}
}
#### finalize the WHERE statement
if ($where_list == '') {
$where_list .= ' WHERE ';
} else {
$where_list .= ' AND ';
}
# get limit type
if (isset($VAR['limit'])) {
$limit = $VAR['limit'];
} else {
$limit = $construct->limit;
}
# get order by
if (isset($VAR['order_by'])) {
$order_by = $VAR['order_by'];
} else {
$order_by = $construct->order_by;
}
### Get any addition fields to select:
if (isset($construct->custom_EXP)) {
for ($ei = 0; $ei < count($construct->custom_EXP); $ei++) {
if ($ei == 0) {
$field_list = "," . $construct->custom_EXP[$ei]['field'];
}
}
}
# generate the full query
$q = "SELECT id" . $field_list . " FROM\n\t\t " . AGILE_DB_PREFIX . "{$construct->table}\n\t\t {$where_list}\n\t\t site_id = '" . DEFAULT_SITE . "'";
$q_save = "SELECT %%fieldList%% FROM %%tableList%% " . $where_list . " %%whereList%% ";
$result = $db->Execute($q);
//////////////// DEBUG ////
#echo "<PRE>$q</PRE>";
#exit;
# error reporting
if ($result === false) {
global $C_debug;
$C_debug->error('database.inc.php', 'search', $db->ErrorMsg());
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 0, $VAR);
}
return;
}
# get the result count:
$results = $result->RecordCount();
# get the first record id:
if ($results == 1) {
$record_id = $result->fields['id'];
}
### Run any custom validation on this result for
### this module
if (isset($construct->custom_EXP)) {
$results = 0;
while (!$result->EOF) {
for ($ei = 0; $ei < count($construct->custom_EXP); $ei++) {
$field = $construct->custom_EXP[$ei]["field"];
$value = $construct->custom_EXP[$ei]["value"];
if ($result->fields["{$field}"] == $value) {
//$result->MoveNext();
$ei = count($construct->custom_EXP);
$results++;
}
}
$result->MoveNext();
}
}
# define the DB vars as a Smarty accessible block
global $smarty;
# Create the definition for fast-forwarding to a single record:
if ($results == 1 && !isset($construct->fast_forward)) {
$smarty->assign('record_id', $record_id);
}
# create the search record:
if ($results > 0) {
# create the search record
include_once PATH_CORE . 'search.inc.php';
$search = new CORE_search();
$arr['module'] = $construct->module;
$arr['sql'] = $q_save;
$arr['limit'] = $limit;
$arr['order_by'] = $order_by;
$arr['results'] = $results;
$search->add($arr);
# define the search id and other parameters for Smarty
$smarty->assign('search_id', $search->id);
# page:
$smarty->assign('page', '1');
# limit:
$smarty->assign('limit', $limit);
# order_by:
$smarty->assign('order_by', $order_by);
}
# define the result count
$smarty->assign('results', $results);
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 1, $VAR);
}
}
/**
* AgileBill - Open Billing Software
*
* This body of work is free software; you can redistribute it and/or
* modify it under the terms of the Open AgileBill License
* License as published at http://www.agileco.com/agilebill/license1-4.txt
*
* For questions, help, comments, discussion, etc., please join the
* Agileco community forums at http://forum.agileco.com/
*
* @link http://www.agileco.com/
* @copyright 2004-2008 Agileco, LLC.
* @license http://www.agileco.com/agilebill/license1-4.txt
* @author Tony Landis <*****@*****.**>
* @package AgileBill
* @version 1.4.93
*/
function CORE_database_mass_delete($VAR, &$construct, $type)
{
$db =& DB();
# set the id
$id = $construct->table . '_id';
# generate the list of ID's
$id_list = '';
$ii = 0;
if (isset($VAR["delete_id"])) {
$id = split(',', $VAR["delete_id"]);
} elseif (isset($VAR["id"])) {
$id = split(',', $VAR["id"]);
}
for ($i = 0; $i < count($id); $i++) {
if ($id[$i] != '') {
if ($i == 0) {
$id_list .= " id = " . $db->qstr($id[$i], get_magic_quotes_gpc()) . " ";
$ii++;
} else {
$id_list .= " OR id = " . $db->qstr($id[$i], get_magic_quotes_gpc()) . " ";
$ii++;
}
}
}
if ($ii > 0) {
# generate the full query
$q = "DELETE FROM\n\t\t\t\t" . AGILE_DB_PREFIX . "{$construct->table}\n\t\t\t\tWHERE\n\t\t\t\t{$id_list}\n\t\t\t\tAND\n\t\t\t\tsite_id = '" . DEFAULT_SITE . "'";
# execute the query
$result = $db->Execute($q);
# error reporting
if ($result === false) {
global $C_debug;
$C_debug->error('database.inc.php', 'mass_delete', $db->ErrorMsg());
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 0, $VAR);
}
} else {
### Delete any associated records:
if (isset($construct->associated_DELETE)) {
for ($ii = 0; $ii < count($construct->associated_DELETE); $ii++) {
$id_list = '';
for ($i = 0; $i < count($id); $i++) {
if ($id[$i] != '') {
if ($i == 0) {
$id_list .= $construct->associated_DELETE[$ii]["field"] . " = " . $db->qstr($id[$i], get_magic_quotes_gpc()) . " ";
} else {
$id_list .= " OR " . $construct->associated_DELETE[$ii]["field"] . " = " . $db->qstr($id[$i], get_magic_quotes_gpc()) . " ";
}
}
}
# generate the full query
$q = "DELETE FROM\n\t\t\t\t\t\t\t" . AGILE_DB_PREFIX . "" . $construct->associated_DELETE[$ii]["table"] . "\n\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t{$id_list}\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\t\tsite_id = '" . DEFAULT_SITE . "'";
# execute the query
$result = $db->Execute($q);
}
}
# Alert delete message
if (!defined('AJAX')) {
global $C_debug, $C_translate;
$C_translate->value["CORE"]["module_name"] = $C_translate->translate('name', $construct->module, "");
$message = $C_translate->translate('alert_delete_ids', "CORE", "");
$message = ereg_replace('%%module_name%%', '', $message);
$C_debug->alert($message);
}
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 1, $VAR);
}
}
}
}
/**
* AgileBill - Open Billing Software
*
* This body of work is free software; you can redistribute it and/or
* modify it under the terms of the Open AgileBill License
* License as published at http://www.agileco.com/agilebill/license1-4.txt
*
* For questions, help, comments, discussion, etc., please join the
* Agileco community forums at http://forum.agileco.com/
*
* @link http://www.agileco.com/
* @copyright 2004-2008 Agileco, LLC.
* @license http://www.agileco.com/agilebill/license1-4.txt
* @author Tony Landis <*****@*****.**>
* @package AgileBill
* @version 1.4.93
*/
function CORE_database_search_show($VAR, &$construct, $type)
{
# set the field list for this method:
$arr = $construct->method[$type];
$field_list = '';
$i = 0;
while (list($key, $value) = each($arr)) {
if ($i == 0) {
$field_var = $construct->table . '_' . $value;
$field_list .= AGILE_DB_PREFIX . $construct->table . "." . $value;
// determine if this record is linked to another table/field
if ($construct->field[$value]["asso_table"] != "") {
$construct->linked[] = array('field' => $value, 'link_table' => $construct->field[$value]["asso_table"], 'link_field' => $construct->field[$value]["asso_field"]);
}
} else {
$field_var = $construct->table . '_' . $value;
$field_list .= "," . AGILE_DB_PREFIX . $construct->table . "." . $value;
// determine if this record is linked to another table/field
if ($construct->field[$value]["asso_table"] != "") {
$construct->linked[] = array('field' => $value, 'link_table' => $construct->field[$value]["asso_table"], 'link_field' => $construct->field[$value]["asso_field"]);
}
}
$i++;
}
# get the search details:
if (isset($VAR['search_id'])) {
include_once PATH_CORE . 'search.inc.php';
$search = new CORE_search();
$search->get($VAR['search_id']);
} else {
# invalid search!
echo '<BR> The search terms submitted were invalid!<BR>';
# translate... # alert
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 0, $VAR);
}
}
# Check that this search has not been taken over by another account
if ($search->session != SESS && $search->account != SESS_ACCOUNT) {
global $C_debug;
$C_debug->alert('You are not authorized to view this search!');
return false;
}
# get the sort order details:
if (isset($VAR['order_by']) && $VAR['order_by'] != "") {
$order_by = ' ORDER BY ' . $VAR['order_by'];
$smarty_order = $VAR['order_by'];
} else {
$order_by = ' ORDER BY ' . $construct->order_by;
$smarty_order = $search->order_by;
}
# determine the sort order
if (isset($VAR['desc'])) {
$order_by .= ' DESC';
$smarty_sort = 'desc=';
} else {
if (isset($VAR['asc'])) {
$order_by .= ' ASC';
$smarty_sort = 'asc=';
} else {
if (!preg_match('/date/i', $smarty_order)) {
$order_by .= ' ASC';
$smarty_sort = 'asc=';
} else {
$order_by .= ' DESC';
$smarty_sort = 'desc=';
}
}
}
# generate the full query
$db =& DB();
$q = preg_replace("/%%fieldList%%/i", $field_list, $search->sql);
$q = preg_replace("/%%tableList%%/i", AGILE_DB_PREFIX . $construct->table, $q);
$q = preg_replace("/%%whereList%%/i", "", $q);
$q .= " site_id = '" . DEFAULT_SITE . "'";
$q .= $order_by;
///////////////////////
# determine the offset & limit
$current_page = 1;
$offset = -1;
if (!empty($VAR['page'])) {
$current_page = $VAR['page'];
}
if (empty($search->limit)) {
$search->limit = 25;
}
if ($current_page > 1) {
$offset = $current_page * $search->limit - $search->limit;
}
$result = $db->SelectLimit($q, $search->limit, $offset);
# error reporting
if ($result === false) {
global $C_debug;
$C_debug->error('database.inc.php', 'search', $db->ErrorMsg());
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 0, $VAR);
}
return;
}
### Put the results into a smarty accessable array
### Run any custom validation on this result for
### this module
if (isset($construct->custom_EXP)) {
$i = 0;
$class_name = TRUE;
$results = 0;
while (!$result->EOF) {
for ($ei = 0; $ei < count($construct->custom_EXP); $ei++) {
$field = $construct->custom_EXP[$ei]["field"];
$value = $construct->custom_EXP[$ei]["value"];
if ($result->fields["{$field}"] == $value) {
$smart[$i] = $result->fields;
if ($class_name) {
$smart[$i]['_C'] = 'row1';
$class_name = FALSE;
} else {
$smart[$i]['_C'] = 'row2';
$class_name = TRUE;
}
$i++;
$ei = count($construct->custom_EXP);
$results++;
}
}
$result->MoveNext();
}
} else {
$i = 0;
$class_name = TRUE;
while (!$result->EOF) {
$smart[$i] = $result->fields;
if ($class_name) {
$smart[$i]['_C'] = 'row1';
$class_name = FALSE;
} else {
$smart[$i]['_C'] = 'row2';
$class_name = TRUE;
}
$result->MoveNext();
$i++;
}
}
# get any linked fields
if ($i > 0) {
$db_join = new CORE_database();
$construct->result = $db_join->join_fields($smart, $construct->linked);
} else {
$construct->result = $smart;
}
# get the result count:
$results = $result->RecordCount();
# define the DB vars as a Smarty accessible block
global $smarty;
# define the results
$smarty->assign($construct->table, $construct->result);
$smarty->assign('page', $VAR['page']);
$smarty->assign('order', $smarty_order);
$smarty->assign('sort', $smarty_sort);
$smarty->assign('limit', $search->limit);
$smarty->assign('search_id', $search->id);
$smarty->assign('results', $search->results);
# get the total pages for this search:
if (empty($search->limit)) {
$construct->pages = 1;
} else {
$construct->pages = intval($search->results / $search->limit);
}
if ($search->results % $search->limit) {
$construct->pages++;
}
# total pages
$smarty->assign('pages', $construct->pages);
# current page
$smarty->assign('page', $current_page);
$page_arr = '';
for ($i = 0; $i <= $construct->pages; $i++) {
if ($construct->page != $i) {
$page_arr[] = $i;
}
}
# page array for menu
$smarty->assign('page_arr', $page_arr);
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 1, $VAR);
}
return $construct->result;
}
/**
* AgileBill - Open Billing Software
*
* This body of work is free software; you can redistribute it and/or
* modify it under the terms of the Open AgileBill License
* License as published at http://www.agileco.com/agilebill/license1-4.txt
*
* For questions, help, comments, discussion, etc., please join the
* Agileco community forums at http://forum.agileco.com/
*
* @link http://www.agileco.com/
* @copyright 2004-2008 Agileco, LLC.
* @license http://www.agileco.com/agilebill/license1-4.txt
* @author Tony Landis <*****@*****.**>
* @package AgileBill
* @version 1.4.93
*/
function CORE_database_view($VAR, &$construct, $type)
{
$db =& DB();
# set the field list for this method:
$arr = $construct->method[$type];
# loop through the field list to create the sql queries
$field_list = '';
$i = 0;
while (list($key, $value) = each($arr)) {
if ($i == 0) {
$field_var = $construct->table . '_' . $value;
$field_list .= $value;
} else {
$field_var = $construct->table . '_' . $value;
$field_list .= "," . $value;
}
$i++;
}
if (isset($VAR["id"])) {
$id = explode(',', $VAR["id"]);
for ($i = 0; $i < count($id); $i++) {
if ($id[$i] != '') {
if ($i == 0) {
$id_list .= " id = " . $db->qstr($id[$i]) . " ";
$ii++;
} else {
$id_list .= " OR id = " . $db->qstr($id[$i]) . " ";
$ii++;
}
}
}
}
if ($ii > 0) {
# generate the full query
$q = "SELECT\n\t\t\t {$field_list}\n\t\t\t FROM\n\t\t\t " . AGILE_DB_PREFIX . "{$construct->table}\n\t\t\t WHERE\n\t\t\t {$id_list}\n\t\t\t AND site_id = '" . DEFAULT_SITE . "'\n\t\t\t ORDER BY {$construct->order_by} ";
$result = $db->Execute($q);
///////////////////////
# echo $q;
# echo "<BR>" . $db->ErrorMsg();
# error reporting
if ($result === false) {
global $C_debug;
$C_debug->error('database.inc.php', 'view', $db->ErrorMsg());
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 0, $VAR);
}
return;
}
# put the results into a smarty accessable array
$i = 0;
$class_name = TRUE;
while (!$result->EOF) {
### Run any custom validation on this result for
### this module
if (isset($construct->custom_EXP)) {
for ($ei = 0; $ei < count($construct->custom_EXP); $ei++) {
$field = $construct->custom_EXP[$ei]["field"];
$value = $construct->custom_EXP[$ei]["value"];
if ($result->fields["{$field}"] == $value) {
$smart[$i] = $result->fields;
if ($class_name) {
$smart[$i]["i"] = $i;
} else {
$smart[$i]["i"] = $i;
}
$result->MoveNext();
$ei = count($construct->custom_EXP);
$i++;
}
}
$result->MoveNext();
} else {
$smart[$i] = $result->fields;
if ($class_name) {
$smart[$i]["i"] = $i;
} else {
$smart[$i]["i"] = $i;
}
$result->MoveNext();
$i++;
}
}
# get the result count:
$results = $i;
### No results:
if ($i == 0) {
global $C_debug;
$C_debug->error("CORE:database.inc.php", "view()", "The selected record does not\n\t\t\t\t\t\t\t exist any longer, or your account is not authorized to view it");
return;
}
# define the results
global $smarty;
$smarty->assign($construct->table, $smart);
$smarty->assign('results', $search->results);
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 1, $VAR);
}
return $smart;
}
}
function add($VAR)
{
if (!$this->checkLimits()) {
return false;
}
// check account limits
$this->account_construct();
global $C_list, $C_translate, $C_debug, $VAR, $smarty;
$this->validated = true;
### Set the hidden values:
$VAR['account_date_orig'] = time();
$VAR['account_date_last'] = time();
if (defined("SESS_LANGUAGE")) {
@($VAR['account_language_id'] = SESS_LANGUAGE);
} else {
@($VAR['account_language_id'] = DEFAULT_LANGUAGE);
}
if (defined("SESS_AFFILIATE")) {
@($VAR['account_affiliate_id'] = SESS_AFFILIATE);
} else {
@($VAR['account_affiliate_id'] = DEFAULT_AFFILIATE);
}
if (defined("SESS_RESELLER")) {
@($VAR['account_reseller_id'] = SESS_RESELLER);
} else {
@($VAR['account_reseller_id'] = DEFAULT_RESELLER);
}
if (defined("SESS_CURRENCY")) {
@($VAR['account_currency_id'] = SESS_CURRENCY);
} else {
@($VAR['account_currency_id'] = DEFAULT_CURRENCY);
}
if (defined("SESS_THEME")) {
@($VAR['account_theme_id'] = SESS_THEME);
} else {
@($VAR['account_theme_id'] = DEFAULT_THEME);
}
if (defined("SESS_CAMPAIGN")) {
@($VAR['account_campaign_id'] = SESS_CAMPAIGN);
} else {
@($VAR['account_campaign_id'] = 0);
}
if (!isset($VAR['account_email_type']) && @$VAR['account_email_type'] != "1") {
@($VAR['account_email_type'] = '0');
}
### Determine the proper account status:
if (DEFAULT_ACCOUNT_STATUS != '1') {
$status = '1';
} else {
$status = '0';
}
## Single field login:
if (defined('SINGLE_FIELD_LOGIN') && SINGLE_FIELD_LOGIN == true && empty($VAR['account_password'])) {
$VAR['account_password'] = '******';
$VAR['confirm_password'] = '******';
}
####################################################################
### loop through the field list to validate the required fields
####################################################################
$type = 'add';
$this->method["{$type}"] = split(",", $this->method["{$type}"]);
$arr = $this->method["{$type}"];
include_once PATH_CORE . 'validate.inc.php';
$validate = new CORE_validate();
$this->validated = true;
while (list($key, $value) = each($arr)) {
# get the field value
$field_var = $this->module . '_' . $value;
$field_name = $value;
####################################################################
### perform any field validation...
####################################################################
# check if this value is unique
if (isset($this->field["{$value}"]["unique"]) && isset($VAR["{$field_var}"])) {
if (!$validate->validate_unique($this->table, $field_name, "record_id", $VAR["{$field_var}"])) {
$this->validated = false;
$this->val_error[] = array('field' => $this->table . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_unique', "", ""));
}
}
# check if the submitted value meets the specifed requirements
if (isset($this->field["{$value}"]["validate"])) {
if (isset($VAR["{$field_var}"])) {
if ($VAR["{$field_var}"] != '') {
if (!$validate->validate($field_name, $this->field["{$value}"], $VAR["{$field_var}"], $this->field["{$value}"]["validate"])) {
$this->validated = false;
$this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $validate->error["{$field_name}"]);
}
} else {
$this->validated = false;
$this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_any', "", ""));
}
} else {
$this->validated = false;
$this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_any', "", ""));
}
}
}
####################################################################
### Validate the password
####################################################################
if (isset($VAR['account_password']) && $VAR['account_password'] != "") {
if (isset($VAR['confirm_password']) && $VAR['account_password'] == $VAR['confirm_password']) {
$password = $VAR['account_password'];
$smarty->assign('confirm_account_password', $VAR["account_password"]);
} else {
### ERROR: The passwords provided do not match!
$smarty->assign('confirm_account_password', '');
$this->validated = false;
$this->val_error[] = array('field' => 'account_confirm_password', 'field_trans' => $C_translate->translate('field_confirm_password', $this->module, ""), 'error' => $C_translate->translate('password_change_match', "account", ""));
}
} else {
$smarty->assign('confirm_account_password', '');
}
####################################################################
### Validate that the user's IP & E-mail are not banned!
####################################################################
if ($this->validated) {
require_once PATH_MODULES . 'blocked_email/blocked_email.inc.php';
$blocked_email = new blocked_email();
if (!$blocked_email->is_blocked($VAR['account_email'])) {
$this->val_error[] = array('field' => 'account_email', 'field_trans' => $C_translate->translate('field_email', $this->module, ""), 'error' => $C_translate->translate('validate_banned_email', "", ""));
}
require_once PATH_MODULES . 'blocked_ip/blocked_ip.inc.php';
$blocked_ip = new blocked_ip();
if (!$blocked_ip->is_blocked(USER_IP)) {
$this->val_error[] = array('field' => 'IP Address', 'field_trans' => $C_translate->translate('ip_address', $this->module, ""), 'error' => $C_translate->translate('validate_banned_ip', "", ""));
}
}
// validate the tax_id
require_once PATH_MODULES . 'tax/tax.inc.php';
$taxObj = new tax();
$tax_arr = @$VAR['account_tax_id'];
if (is_array($tax_arr)) {
foreach ($tax_arr as $country_id => $tax_id) {
if ($country_id == $VAR['account_country_id']) {
$exempt = @$VAR["account_tax_id_exempt"][$country_id];
if (!$taxObj->TaxIdsValidate($country_id, $tax_id, $exempt)) {
$this->validated = false;
$this->val_error[] = array('field' => 'account_tax_id', 'field_trans' => $taxObj->errField, 'error' => $C_translate->translate('validate_general', "", ""));
}
if ($exempt) {
$VAR['account_tax_id'] = false;
} else {
$VAR['account_tax_id'] = $tax_id;
}
}
}
}
####################################################################
### Get required static_Vars and validate them... return an array
### w/ ALL errors...
####################################################################
require_once PATH_CORE . 'static_var.inc.php';
$static_var = new CORE_static_var();
if (!isset($this->val_error)) {
$this->val_error = false;
}
$all_error = $static_var->validate_form($this->module, $this->val_error);
if ($all_error != false && gettype($all_error) == 'array') {
$this->validated = false;
} else {
$this->validated = true;
}
####################################################################
### If validation was failed, skip the db insert &
### set the errors & origonal fields as Smarty objects,
### and change the page to be loaded.
####################################################################
if (!$this->validated) {
global $smarty;
# set the errors as a Smarty Object
$smarty->assign('form_validation', $all_error);
# set the page to be loaded
if (!defined("FORCE_PAGE")) {
define('FORCE_PAGE', $VAR['_page_current']);
}
# Stripslashes
global $C_vars;
$C_vars->strip_slashes_all();
return;
}
# Get default invoice options
$db =& DB();
$invopt = $db->Execute(sqlSelect($db, "setup_invoice", "*", ""));
if ($invopt && $invopt->RecordCount()) {
$invoice_delivery = $invopt->fields['invoice_delivery'];
$invoice_format = $invopt->fields['invoice_show_itemized'];
}
/* hash the password */
if (defined('PASSWORD_ENCODING_SHA')) {
$password_encoded = sha1($password);
} else {
$password_encoded = md5($password);
}
####################################################################
### Insert the account record
####################################################################
$this->account_id = $db->GenID(AGILE_DB_PREFIX . 'account_id');
$validation_str = time();
/** get parent id */
$this->account_id;
if (empty($this->parent_id)) {
$this->parent_id = $this->account_id;
}
$sql = '
INSERT INTO ' . AGILE_DB_PREFIX . 'account SET
id = ' . $db->qstr($this->account_id) . ',
site_id = ' . $db->qstr(DEFAULT_SITE) . ',
date_orig = ' . $db->qstr($validation_str) . ',
date_last = ' . $db->qstr(time()) . ',
language_id = ' . $db->qstr($VAR["account_language_id"]) . ',
country_id = ' . $db->qstr($VAR["account_country_id"]) . ',
parent_id = ' . $db->qstr($this->parent_id) . ',
affiliate_id = ' . $db->qstr(@$VAR["account_affiliate_id"]) . ',
campaign_id = ' . $db->qstr(@$VAR["account_campaign_id"]) . ',
reseller_id = ' . $db->qstr(@$VAR["account_reseller_id"]) . ',
currency_id = ' . $db->qstr($VAR["account_currency_id"]) . ',
theme_id = ' . $db->qstr($VAR["account_theme_id"]) . ',
username = '******',
password = '******',
status = ' . $db->qstr($status) . ',
first_name = ' . $db->qstr($VAR["account_first_name"], get_magic_quotes_gpc()) . ',
middle_name = ' . $db->qstr($VAR["account_middle_name"], get_magic_quotes_gpc()) . ',
last_name = ' . $db->qstr($VAR["account_last_name"], get_magic_quotes_gpc()) . ',
company = ' . $db->qstr($VAR["account_company"], get_magic_quotes_gpc()) . ',
title = ' . $db->qstr($VAR["account_title"], get_magic_quotes_gpc()) . ',
email = ' . $db->qstr($VAR["account_email"], get_magic_quotes_gpc()) . ',
address1 = ' . $db->qstr($VAR["account_address1"], get_magic_quotes_gpc()) . ',
address2 = ' . $db->qstr($VAR["account_address2"], get_magic_quotes_gpc()) . ',
city = ' . $db->qstr($VAR["account_city"], get_magic_quotes_gpc()) . ',
state = ' . $db->qstr($VAR["account_state"], get_magic_quotes_gpc()) . ',
zip = ' . $db->qstr($VAR["account_zip"], get_magic_quotes_gpc()) . ',
email_type = ' . $db->qstr($VAR["account_email_type"], get_magic_quotes_gpc()) . ',
invoice_delivery= ' . $db->qstr(@$invoice_delivery) . ',
invoice_show_itemized=' . $db->qstr(@$invoice_format) . ',
invoice_advance_gen = ' . $db->qstr(MAX_INV_GEN_PERIOD) . ',
invoice_grace = ' . $db->qstr(GRACE_PERIOD) . ',
tax_id = ' . $db->qstr(@$VAR['account_tax_id']);
$result = $db->Execute($sql);
####################################################################
### error reporting:
####################################################################
if ($result === false) {
global $C_debug;
$C_debug->error('account.inc.php', 'add', $db->ErrorMsg());
if (isset($this->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($this->trigger["{$type}"], 0, $VAR);
}
return;
}
/* password logging class */
if ($C_list->is_installed('account_password_history')) {
include_once PATH_MODULES . 'account_password_history/account_password_history.inc.php';
$accountHistory = new account_password_history();
$accountHistory->setNewPassword($this->account_id, $password_encoded);
}
####################################################################
### Add the account to the default group:
####################################################################
$group_id = $db->GenID(AGILE_DB_PREFIX . 'account_group_id');
$sql = '
INSERT INTO ' . AGILE_DB_PREFIX . 'account_group SET
id = ' . $db->qstr($group_id) . ',
site_id = ' . $db->qstr(DEFAULT_SITE) . ',
date_orig = ' . $db->qstr(time()) . ',
group_id = ' . $db->qstr(DEFAULT_GROUP) . ',
account_id = ' . $db->qstr($this->account_id) . ',
active = ' . $db->qstr('1');
$db->Execute($sql);
####################################################################
### Insert the static vars:
####################################################################
$static_var->add($VAR, $this->module, $this->account_id);
####################################################################
### Mail the user the new_account email template
####################################################################
require_once PATH_MODULES . 'email_template/email_template.inc.php';
$my = new email_template();
if ($status == "1") {
$my->send('account_registration_active', $this->account_id, $this->account_id, '', '');
} else {
$validation_str = strtoupper($validation_str . ':' . $this->account_id);
$my->send('account_registration_inactive', $this->account_id, '', '', $validation_str);
}
####################################################################
### Add the newsletters
####################################################################
if (NEWSLETTER_REGISTRATION == "1") {
@($VAR['newsletter_html'] = $VAR['account_email_type']);
$VAR['newsletter_email'] = $VAR['account_email'];
$VAR['newsletter_first_name'] = $VAR['account_first_name'];
$VAR['newsletter_last_name'] = $VAR['account_last_name'];
require_once PATH_MODULES . '/newsletter/newsletter.inc.php';
$newsletter = new newsletter();
$newsletter->subscribe($VAR, $this);
}
####################################################################
### Log in the user & display the welcome message
####################################################################
if ($status == "1") {
if ($this->parent_id == $this->account_id || empty($this->parent_id)) {
$C_debug->alert($C_translate->translate("user_add_active_welcome", "account", ""));
if (SESSION_EXPIRE == 0) {
$exp = 99999;
} else {
$exp = SESSION_EXPIRE;
}
$date_expire = time() + SESSION_EXPIRE * 60;
# update the session
$db =& DB();
$q = "UPDATE " . AGILE_DB_PREFIX . "session\n\t\t\t\t\t\tSET\n\t\t\t\t\t\tip= " . $db->qstr(USER_IP) . ",\n\t\t\t\t\t\tdate_expire = " . $db->qstr($date_expire) . ",\n\t\t\t\t\t\tlogged = " . $db->qstr('1') . ",\n\t\t\t\t\t\taccount_id = " . $db->qstr($this->account_id) . "\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\tid = " . $db->qstr(SESS) . "\n\t\t\t\t\t\tAND\n\t\t\t\t\t\tsite_id = " . $db->qstr(DEFAULT_SITE);
$result = $db->Execute($q);
### constants
define('FORCE_SESS_ACCOUNT', $this->account_id);
define('FORCE_SESS_LOGGED', 1);
### Reload the session auth cache
if (CACHE_SESSIONS == '1') {
$force = true;
$C_auth = new CORE_auth($force);
global $C_auth2;
$C_auth2 = $C_auth;
}
if (isset($VAR['_page_next'])) {
define('REDIRECT_PAGE', '?_page=' . $VAR['_page_next']);
} elseif (isset($VAR['_page'])) {
define('REDIRECT_PAGE', '?_page=' . $VAR['_page']);
}
}
####################################################################
### Do any db_mapping
####################################################################
if ($C_list->is_installed('db_mapping')) {
include_once PATH_MODULES . 'db_mapping/db_mapping.inc.php';
$db_map = new db_mapping();
if (!empty($password)) {
$db_map->plaintext_password = $password;
} else {
$db_map->plaintext_password = false;
}
$db_map->account_add($this->account_id);
$db_map = new db_mapping();
$db_map->login($this->account_id);
}
####################################################################
### Affiliate Auto Creation
####################################################################
if (AUTO_AFFILIATE == 1 && $C_list->is_installed("affiliate")) {
$VAR['affiliate_account_id'] = $this->account_id;
$VAR['affiliate_template_id'] = DEFAULT_AFFILIATE_TEMPLATE;
include_once PATH_MODULES . 'affiliate/affiliate.inc.php';
$affiliate = new affiliate();
$affiliate->add($VAR, $affiliate);
}
} else {
$C_debug->alert($C_translate->translate("user_add_inactive_welcome", "account", ""));
define('FORCE_PAGE', 'core:blank');
}
}
function add($VAR)
{
$this->construct();
global $C_translate;
$type = "add";
$this->method["{$type}"] = split(",", $this->method["{$type}"]);
# set the field list for this method:
$arr = $this->method["{$type}"];
# define the validation class
include_once PATH_CORE . 'validate.inc.php';
$validate = new CORE_validate();
$this->validated = true;
####################################################################
# loop through the field list to validate the required fields
####################################################################
while (list($key, $value) = each($arr)) {
# get the field value
$field_var = $this->module . '_' . $value;
$field_name = $value;
$this->validate = true;
####################################################################
# perform any field validation...
####################################################################
# check if this value is unique
if (isset($this->field["{$value}"]["unique"]) && isset($VAR["{$field_var}"])) {
if (!$validate->validate_unique($this->table, $field_name, "record_id", $VAR["{$field_var}"])) {
$this->validated = false;
$this->val_error[] = array('field' => $this->table . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_unique', "", ""));
}
}
# check if the submitted value meets the specifed requirements
if (isset($this->field["{$value}"]["validate"])) {
if (isset($VAR["{$field_var}"])) {
if ($VAR["{$field_var}"] != '') {
if (!$validate->validate($field_name, $this->field["{$value}"], $VAR["{$field_var}"], $this->field["{$value}"]["validate"])) {
$this->validated = false;
$this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $validate->error["{$field_name}"]);
}
} else {
$this->validated = false;
$this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_any', "", ""));
}
} else {
$this->validated = false;
$this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_any', "", ""));
}
}
}
####################################################################
# If validation was failed, skip the db insert &
# set the errors & origonal fields as Smarty objects,
# and change the page to be loaded.
####################################################################
if (!$this->validated) {
global $smarty;
# set the errors as a Smarty Object
$smarty->assign('form_validation', $this->val_error);
# set the page to be loaded
if (!defined("FORCE_PAGE")) {
define('FORCE_PAGE', $VAR['_page_current']);
}
# define any triggers
if (isset($this->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($this->trigger["{$type}"], 0, $VAR);
}
return;
} else {
# begin the new database class:
$db =& DB();
# loop through the field list to create the sql queries
$field_list = '';
$i = 0;
reset($arr);
while (list($key, $value) = each($arr)) {
# get the field value
$field_var = $this->module . '_' . $value;
$field_name = $value;
####################################################################
# perform any special actions
####################################################################
# md5, rc5, pgp, gpg, time, date, date-time
if (isset($this->field["{$value}"]["convert"]) && isset($VAR["{$field_var}"])) {
# do the conversion...
$VAR["{$field_var}"] = $validate->convert($field_name, $VAR["{$field_var}"], $this->field["{$value}"]["convert"]);
}
if (isset($VAR["{$field_var}"])) {
$field_list .= ", " . $value . "=" . $db->qstr($VAR["{$field_var}"]);
}
}
# add a comma before the site_id if needed
if ($field_list != '') {
$field_list .= ',';
}
# determine the record id:
$this->record_id = $db->GenID(AGILE_DB_PREFIX . "" . $this->table . '_id');
# determine the record id, if it is an ACCOUNT record
if ($this->table == 'account') {
$this->record_id = md5($this->record_id . '' . microtime());
}
# define the new ID as a constant
define(strtoupper('NEW_RECORD_' . $this->table . '_ID'), $this->record_id);
# generate the full query
$q = "INSERT INTO " . AGILE_DB_PREFIX . "{$this->table}\n\t\t\t\t\tSET\n\t\t\t\t\tid = " . $db->qstr($this->record_id) . "\n\t\t\t\t\t{$field_list}\n\t\t\t\t\tsite_id = " . $db->qstr(DEFAULT_SITE);
# execute the query
$result = $db->Execute($q);
# error reporting:
if ($result === false) {
global $C_debug;
$C_debug->error('database.inc.php', 'add', $db->ErrorMsg());
if (isset($this->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($this->trigger["{$type}"], 0, $VAR);
}
}
$VAR["id"] = $this->record_id;
@($redirect_page = $VAR['_page']);
define('REDIRECT_PAGE', '?_page=' . $redirect_page . '&id=' . $this->record_id . '&s=' . SESS);
# RUN ANY INSTALL SCRIPT!
$file = $VAR['db_mapping_map_file'];
if ($file != '') {
include_once PATH_PLUGINS . 'db_mapping/' . $file . '.php';
eval('$_MAP = new map_' . strtoupper($file) . ';');
if (isset($_MAP->map['install']) && $_MAP->map['install'] == true) {
$_MAP->install();
}
}
}
}
/**
* AgileBill - Open Billing Software
*
* This body of work is free software; you can redistribute it and/or
* modify it under the terms of the Open AgileBill License
* License as published at http://www.agileco.com/agilebill/license1-4.txt
*
* For questions, help, comments, discussion, etc., please join the
* Agileco community forums at http://forum.agileco.com/
*
* @link http://www.agileco.com/
* @copyright 2004-2008 Agileco, LLC.
* @license http://www.agileco.com/agilebill/license1-4.txt
* @author Tony Landis <*****@*****.**>
* @package AgileBill
* @version 1.4.93
*/
function CORE_database_update($VAR, &$construct, $type)
{
global $C_translate;
# set the field list for this method:
$arr = $construct->method["{$type}"];
# define the validation class
include_once PATH_CORE . 'validate.inc.php';
$validate = new CORE_validate();
$construct->validated = true;
# define this record id
$id = $VAR[$construct->module . '_id'];
####################################################################
# loop through the field list to validate the required fields
####################################################################
while (list($key, $value) = each($arr)) {
# get the field value
$field_var = $construct->module . '_' . $value;
$field_name = $value;
$construct->validate = true;
####################################################################
# perform any field validation...
####################################################################
# check if the conversion type required is not one ignored on updates:
$ignore_con = false;
$ignore_convert = array('sha', 'md5', 'rc5', 'crypt');
for ($ic = 0; $ic < count($ignore_convert); $ic++) {
if (isset($construct->field["{$value}"]["convert"])) {
if ($construct->field["{$value}"]["convert"] == $ignore_convert[$ic]) {
$ignore_con = true;
}
}
}
if (!$ignore_con) {
# check if this value is unique
if (isset($construct->field["{$value}"]["unique"])) {
if (isset($VAR["{$field_var}"])) {
if (!$validate->validate_unique($construct->table, $field_name, $id, $VAR["{$field_var}"])) {
$construct->validated = false;
$construct->val_error[] = array('field' => $construct->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $C_translate->translate('validate_unique', "", ""));
}
}
}
# check if the submitted value meets the specifed requirements
if (isset($construct->field["{$value}"]["validate"])) {
if (isset($VAR["{$field_var}"])) {
if ($VAR["{$field_var}"] != '') {
if (!$validate->validate($field_name, $construct->field["{$value}"], $VAR["{$field_var}"], $construct->field["{$value}"]["validate"])) {
$construct->validated = false;
$construct->val_error[] = array('field' => $construct->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $validate->error["{$field_name}"]);
}
} else {
$construct->validated = false;
$construct->val_error[] = array('field' => $construct->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $C_translate->translate('validate_any', "", ""));
}
} else {
$construct->validated = false;
$construct->val_error[] = array('field' => $construct->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $C_translate->translate('validate_any', "", ""));
}
}
}
}
####################################################################
# If validation was failed, skip the db insert &
# set the errors & origonal fields as Smarty objects,
# and change the page to be loaded.
####################################################################
if (!$construct->validated) {
global $smarty;
# set the errors as a Smarty Object
$smarty->assign('form_validation', $construct->val_error);
# change the page to be loaded
global $VAR;
$VAR['_page'] = $construct->module . ':view';
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 0, $VAR);
}
# strip slashes
global $C_vars;
$C_vars->strip_slashes_all();
return false;
} else {
$db =& DB();
$field_list = '';
$i = 0;
reset($arr);
while (list($key, $value) = each($arr)) {
# get the field value
$field_var = $construct->module . '_' . $value;
$field_name = $value;
if (isset($VAR["{$field_var}"]) && $VAR["{$field_var}"] != 'IGNORE-ARRAY-VALUE') {
# check if html allowed:
if (@$construct->field["{$value}"]["html"] != 1 && !is_array($VAR["{$field_var}"])) {
$insert_value = htmlspecialchars($VAR["{$field_var}"]);
} else {
$insert_value = $VAR["{$field_var}"];
}
# perform data conversions
if (isset($construct->field["{$value}"]["convert"])) {
$insert_value = $validate->convert($field_name, $insert_value, $construct->field["{$value}"]["convert"]);
}
if ($i == 0) {
$field_list .= $value . "=" . $db->qstr($insert_value, get_magic_quotes_gpc());
} else {
$field_list .= ", " . $value . "=" . $db->qstr($insert_value, get_magic_quotes_gpc());
}
$i++;
} elseif (@$construct->field["{$value}"]["convert"] == "array" && @$VAR["{$field_var}"] != 'IGNORE-ARRAY-VALUE') {
# Handle blank array string...
$insert_value = serialize(array(""));
if ($i == 0) {
$field_list .= $value . "=" . $db->qstr($insert_value, get_magic_quotes_gpc());
} else {
$field_list .= ", " . $value . "=" . $db->qstr($insert_value, get_magic_quotes_gpc());
}
$i++;
}
}
# generate the full query
$q = "UPDATE " . AGILE_DB_PREFIX . "{$construct->table} SET\n\t\t\t\t{$field_list}\n\t\t\t\tWHERE\n\t\t\t\tid \t\t= " . $db->qstr($id) . "\n\t\t\t\tAND\n\t\t\t\tsite_id = " . $db->qstr(DEFAULT_SITE);
# execute the query
$db =& DB();
$result = $db->Execute($q);
# echo "<PRE>$q</PRE>";
# error reporting
if ($result === false) {
global $C_debug;
$C_debug->error('database.inc.php', 'update', $db->ErrorMsg());
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 0, $VAR);
}
return false;
} else {
if (isset($construct->trigger["{$type}"])) {
include_once PATH_CORE . 'trigger.inc.php';
$trigger = new CORE_trigger();
$trigger->trigger($construct->trigger["{$type}"], 1, $VAR);
}
return true;
}
}
}
