Example #1
0
function isUserAccessPermitted($action, $description = "")
{
    require_once "constants.php";
    if ($description == "") {
        $desc = ActionConstants::getActionDescription($action);
    } else {
        $desc = $description;
    }
    $pageid = $_SESSION['pageid'];
    $found = 0;
    $actionid = 0;
    $qry = "SELECT A.id " . "FROM {$_SESSION['DB_PREFIX']}applicationactions A  " . "WHERE A.pageid = {$pageid} " . "AND A.code = '{$action}'";
    $result = mysql_query($qry);
    if ($result) {
        while ($member = mysql_fetch_assoc($result)) {
            $found = 1;
            $actionid = $member['id'];
        }
    } else {
        logError($qry . " - " . mysql_error());
    }
    if ($found == 0) {
        $qry = "INSERT INTO {$_SESSION['DB_PREFIX']}applicationactions (pageid, code, description, metacreateddate, metacreateduserid, metamodifieddate, metamodifieduserid) VALUES({$pageid}, '{$action}', '{$desc}', NOW(), " . getLoggedOnMemberID() . ", NOW(), " . getLoggedOnMemberID() . ")";
        $result = mysql_query($qry);
        if (!$result) {
            logError($qry . " - " . mysql_error());
        }
        $actionid = mysql_insert_id();
        $qry = "INSERT INTO {$_SESSION['DB_PREFIX']}applicationactionroles (actionid, roleid, metacreateddate, metacreateduserid, metamodifieddate, metamodifieduserid) VALUES({$actionid}, 'PUBLIC', NOW(), " . getLoggedOnMemberID() . ", NOW(), " . getLoggedOnMemberID() . ")";
        $result = mysql_query($qry);
        if (!$result) {
            logError($qry . " - " . mysql_error());
        }
    }
    $found = 0;
    $qry = "SELECT A.* " . "FROM {$_SESSION['DB_PREFIX']}applicationactionroles A  " . "WHERE A.actionid = {$actionid} " . "AND A.roleid IN (" . ArrayToInClause($_SESSION['ROLES']) . ")";
    $result = mysql_query($qry);
    if ($result) {
        while ($member = mysql_fetch_assoc($result)) {
            $found = 1;
        }
    } else {
        logError($qry . " - " . mysql_error());
    }
    return $found == 1;
}
 function initialisePageData()
 {
     $qry = "SELECT DISTINCT A.* FROM pages A " . "INNER JOIN pageroles B " . "ON B.pageid = A.pageid " . "WHERE A.pagename = '" . $_SESSION['pagename'] . "' " . "AND B.roleid IN (" . ArrayToInClause($_SESSION['ROLES']) . ")";
     $result = mysql_query($qry);
     //Check whether the query was successful or not
     if ($result) {
         if (mysql_num_rows($result) == 1) {
             $member = mysql_fetch_assoc($result);
             $_SESSION['pageid'] = $member['pageid'];
             $_SESSION['title'] = $member['label'];
         } else {
             header("location: system-access-denied.php");
         }
     }
 }
Example #3
0
    public function showHTMLAssets()
    {
        ?>
	<div style='height:12px'>
		<?php 
        foreach ($this->applications as $app) {
            $okToRun = true;
            //			if ($app['rule'] != "") {
            //				$okToRun = ($app['rule']($member));
            //			}
            if ($okToRun && $app['action'] != "") {
                $okToRun = isUserAccessPermitted($app['action'], $app['title']);
            }
            if ($okToRun) {
                if ($app['application'] != "") {
                    ?>
				   	<span title="<?php 
                    echo $app['tooltip'];
                    ?>
" id="<?php 
                    echo $app['id'];
                    ?>
"  class="wrapper"><a class='rgap2 link1' href="javascript:application('<?php 
                    echo $app['application'];
                    ?>
')"><em><b><img src='<?php 
                    echo $app['imageurl'];
                    ?>
' /> <?php 
                    echo $app['title'];
                    ?>
</b></em></a></span>
				<?php 
                } else {
                    ?>
				   	<span  title="<?php 
                    echo $app['tooltip'];
                    ?>
" id="<?php 
                    echo $app['id'];
                    ?>
"  class="wrapper"><a class='rgap2 link1' href="javascript:<?php 
                    echo $app['script'];
                    ?>
()"><em><b><img src='<?php 
                    echo $app['imageurl'];
                    ?>
' /> <?php 
                    echo $app['title'];
                    ?>
</b></em></a></span>
				<?php 
                }
            }
        }
        ?>
		
		<?php 
        if ($this->allowFilter) {
            if (isUserAccessPermitted('Filter')) {
                ?>
 
	   	<span id="filterbutton"  class="wrapper">
	   		<?php 
                $memberid = getLoggedOnMemberID();
                $pageid = $_SESSION['pageid'];
                $qry = "SELECT id, description " . "FROM {$_SESSION['DB_PREFIX']}filter " . "WHERE memberid = {$memberid} " . "AND pageid = {$pageid}";
                $result = mysql_query($qry);
                $first = true;
                if ($result) {
                    while ($member = mysql_fetch_assoc($result)) {
                        if ($first) {
                            $first = false;
                            ?>
					   	<ul class="submenu">
						<?php 
                        }
                        echo "<li class='menuitem' onclick='selectFilter(" . $member['id'] . ")'>" . $member['description'] . "</li>";
                    }
                    if (!$first) {
                        ?>
				   	</ul>
					<?php 
                    }
                } else {
                    logError($qry . " - " . mysql_error());
                }
                ?>
	   	<a class='rgap2 link1' href="javascript:filter()"><em><b><img src='images/filter.png' /> Filter</b></em></a>
	   	</span>
		<?php 
            }
        }
        ?>
		
		<?php 
        if ($this->allowAdd) {
            if (isUserAccessPermitted('AddItem')) {
                ?>
 
	   	<span class="wrapper"><a class='rgap2 link1' href="javascript:addCrudItem()"><em><b><img src='images/add.png' /> Add</b></em></a></span>
		<?php 
            }
        }
        ?>
		
		<?php 
        if ($this->allowView) {
            if (isUserAccessPermitted('ViewItem')) {
                ?>
 
	   	<span class="wrapper"><a disabled class='subapp rgap2 link1' href="javascript:viewSelectedRow()"><em><b><img src='images/view.png' /> View</b></em></a></span>
		<?php 
            }
        }
        ?>
		
		<?php 
        if ($this->allowEdit) {
            if (isUserAccessPermitted('EditItem')) {
                ?>
 
	   	<span class="wrapper"><a disabled class='subapp rgap2 link1' href="javascript:editSelectedRow()"><em><b><img src='images/edit.png' /> Edit</b></em></a></span>
		<?php 
            }
        }
        ?>
		
		<?php 
        if ($this->allowRemove) {
            if (isUserAccessPermitted('RemoveItem')) {
                ?>
 
	   	<span class="wrapper"><a disabled class='subapp rgap2 link1' href="javascript:removeSelectedRow()"><em><b><img src='images/delete.png' /> Remove</b></em></a></span>
		<?php 
            }
        }
        ?>
		
		<?php 
        foreach ($this->subapplications as $app) {
            $okToRun = true;
            if ($app['action'] != "") {
                $okToRun = isUserAccessPermitted($app['action'], $app['title']);
            } else {
                if ($app['script'] != "") {
                    $okToRun = isUserAccessPermitted($app['script'], $app['title']);
                }
            }
            if ($okToRun) {
                if ($app['submenu'] != null) {
                    ?>
   	<span title="<?php 
                    echo $app['tooltip'];
                    ?>
" class="submenuwrapper wrapper">
		<ul class="submenu">
<?php 
                    foreach ($app['submenu'] as $submenu) {
                        echo "<li id='" . $submenu['id'] . "' class='menuitem' onclick='if (this.disabled != true) " . $submenu['script'] . "(getPK())'>" . $submenu['title'] . "</li>";
                    }
                    ?>
		</ul> 
		<a disabled class='subapp rgap2 link1' href="javascript:void()"> 
			<em> 
				<b> 
					<img width=16 height=16 src='<?php 
                    echo $app['imageurl'];
                    ?>
' /> <?php 
                    echo $app['title'];
                    ?>
	   			</b>
			</em>
		</a>
	</span>
<?php 
                } else {
                    if ($app['application'] != "") {
                        ?>
   	<span title="<?php 
                        echo $app['tooltip'];
                        ?>
" class="wrapper"> 
   		<a disabled class='subapp rgap2 link1' id="<?php 
                        echo $app['id'];
                        ?>
" href="javascript: subApp('<?php 
                        echo $app['application'];
                        ?>
', getPK())">
			<em> 
				<b> 
					<img width=16 height=16 src='<?php 
                        echo $app['imageurl'];
                        ?>
' /> <?php 
                        echo $app['title'];
                        ?>
   				</b>
			</em>
		</a>
	</span>
<?php 
                    } else {
                        ?>
   	<span title="<?php 
                        echo $app['tooltip'];
                        ?>
" class="wrapper"> 
   		<a disabled class='subapp rgap2 link1' id="<?php 
                        echo $app['id'];
                        ?>
" href="javascript: <?php 
                        echo $app['script'];
                        ?>
(getPK())"> 
   			<em> 
   				<b> 
   					<img width=16 height=16 src='<?php 
                        echo $app['imageurl'];
                        ?>
' /> <?php 
                        echo $app['title'];
                        ?>
   				</b>
			</em>
		</a>
	</span>
<?php 
                    }
                }
            }
        }
        ?>
		
		
		<?php 
        if (isset($_GET['puri'])) {
            ?>
		   	<span class="rgap5 wrapper"><a class='rgap2 link1' href="javascript:back()"><em><b><img src='images/back2.png' /> Back</b></em></a></span>
		
		<?php 
        } else {
            echo "<br>";
        }
        ?>
	</div>
	<br>
	
	<table id="tempgrid">
	</table>
	
	<div id="tempgrid_pager"></div>
	
	<?php 
        $link = "";
        $linkfields = "";
        $firstlink = true;
        $where = "";
        if ($this->sql == "") {
            logError("No SQL provided");
        }
        ?>
	<script>
		<?php 
        $this->preScriptEvent();
        ?>
		var currentCrudID = null;
		var sortByColumn = "<?php 
        echo $this->sortby;
        ?>
";
		var sortByDirection = "<?php 
        echo $this->sortdirection;
        ?>
";
		var fromRow = 0;
		var toRow = "<?php 
        echo $this->torow;
        ?>
";
		var pages = "<?php 
        echo $this->pages;
        ?>
";
		var pageSize = <?php 
        echo $this->pagesize;
        ?>
;
		
		function verifyCrudForm() {
			<?php 
        if ($this->validateForm != null) {
            echo "if (" . $this->validateForm . "() == false) return false;\n";
        }
        ?>
			return verifyStandardForm("#editform");
		}
		
		function subApp(app) {
			$filterurl = "";

<?php 
        foreach ($this->columns as $col) {
            if ($col['filter'] && $_POST['filter_' . $col['name']] != "") {
                if ($col['type'] == "DATACOMBO" || $col['type'] == "MULTIDATACOMBO") {
                    if ($_POST['filter_' . $col['name']] == "0") {
                        continue;
                    }
                }
                $filterurl .= "&filter_" . $col['name'] . "=";
                $filterurl .= base64_encode($_POST['filter_' . $col['name']]);
            }
        }
        ?>
			

			window.location.href = app + "?id=" + getSelectedRow().<?php 
        echo $this->pkViewName;
        ?>
 + "&puri=<?php 
        echo base64_encode($_SERVER['REQUEST_URI'] . $filterurl);
        ?>
&callee=<?php 
        echo base64_encode(basename($_SERVER['PHP_SELF']));
        ?>
";
		}
		
		<?php 
        if (isset($_GET['puri'])) {
            ?>
		function back() {
			window.location.href = "<?php 
            echo base64_decode($_GET['puri']);
            ?>
";
		}
		<?php 
        }
        ?>
		
		function selectFilter(filterid) {
			callAjax(
					"finddata.php", 
					{ 
						sql: "SELECT * FROM <?php 
        echo $_SESSION['DB_PREFIX'];
        ?>
filterdata WHERE filterid = " + filterid
					},
					function(data) {
						var i = 0;
						
						$("#filterpanel input").val("");
						$("#filterpanel select").val("");
						
						for (i = 0; i < data.length; i++) {
							var node = data[i];
							
							$("#filter_" + node.columnname).val(node.value);
						}
						
						/* Filter post. */						
						post("filterform", "filter");
					}
				);
		}
		
		function viewSelectedRow() {
			view(getSelectedRow().<?php 
        echo $this->pkViewName;
        ?>
);
		}
		
		function editSelectedRow() {
			<?php 
        if ($this->allowEdit) {
            if (isUserAccessPermitted('EditItem')) {
                if ($this->preEditScript != null) {
                    $this->preEditScript();
                }
                ?>
 
			edit(getSelectedRow().<?php 
                echo $this->pkViewName;
                ?>
);
			<?php 
            }
        }
        ?>
 
		}
		
		function getSelectedRow() {
			var gr = $("#tempgrid").jqGrid('getGridParam','selrow');
			
			if( gr != null ) {
				return $("#tempgrid").getLocalRow(gr);
			}
			
			return null;
		}
		
		function removeSelectedRow() {
			removeCrudItem(getSelectedRow().<?php 
        echo $this->pkViewName;
        ?>
);
		}
		
		function application(app) {
			post("editform", app);
		}
		
		function filter() {
			$("#filterdialog").dialog("open");
		}
	
		function addCrudItem() {
			<?php 
        if ($this->preAddScriptEvent != null) {
            echo $this->preAddScriptEvent . "();\n";
        }
        ?>
			
			$(".ui-dialog[aria-labelledby=ui-dialog-title-editdialog] .ui-dialog-title").text("Add");
			$(".ui-dialog[aria-labelledby=ui-dialog-title-editdialog] .ui-dialog-buttonset button:first").css("display", "");
			
			$("#crudcmd").val("insert");
			
			<?php 
        foreach ($this->columns as $col) {
            if ($col['editable']) {
                if ($col['readonly'] || $col['type'] == "DERIVED") {
                    if ($col['type'] == "DATACOMBO" || $col['type'] == "MULTIDATACOMBO") {
                        echo "\$('#editpanel #" . $col['name'] . "').attr('disabled', true);\n";
                    } else {
                        echo "\$('#editpanel #" . $col['name'] . "').attr('readonly', true);\n";
                    }
                }
                if ($col['type'] == "TEXTBOX") {
                    echo "\$('#" . $col['name'] . "').val('');\n";
                } else {
                    if ($col['type'] == "GEOLOCATION") {
                        echo "\$('#" . $col['name'] . "').val('');\n";
                    } else {
                        if ($col['type'] == "CHECKBOX") {
                            echo "\$('#" . $col['name'] . "').attr('checked', false);\n";
                        } else {
                            if ($col['type'] == "DERIVED") {
                                echo "\$('#" . $col['name'] . "').val('');\n";
                            } else {
                                if ($col['type'] == "FILE") {
                                    echo "\$('#" . $col['name'] . "').val('');\n";
                                } else {
                                    if ($col['type'] == "PASSWORD") {
                                        echo "\$('#" . $col['name'] . "').val('');\n";
                                    } else {
                                        if ($col['type'] == "BASICTEXTAREA") {
                                            echo "\$('#" . $col['name'] . "').val('');\n";
                                        } else {
                                            if ($col['type'] == "TEXTAREA") {
                                                echo "tinyMCE.get('" . $col['name'] . "').setContent('');\n";
                                            } else {
                                                if ($col['type'] == "IMAGE") {
                                                    echo "\$('#" . $col['name'] . "_img').attr('src', 'images/no-image.gif');\n";
                                                } else {
                                                    if ($col['type'] == "DATACOMBO") {
                                                        echo "\$('#" . $col['name'] . "').val('0');\n";
                                                        if (isset($_GET['callee']) && isset($_GET['id'])) {
                                                            if ($col['pk']) {
                                                                echo "\$('#" . $col['name'] . "').val('" . $_GET['id'] . "');\n";
                                                                echo "\$('#" . $col['name'] . "').attr('disabled', 'true');\n";
                                                            }
                                                        }
                                                    } else {
                                                        if ($col['type'] == "LAZYDATACOMBO") {
                                                            echo "\$('#" . $col['name'] . "').val('0');\n";
                                                            echo "\$('#" . $col['name'] . "_lazy').val('');\n";
                                                        } else {
                                                            if ($col['type'] == "MULTIDATACOMBO") {
                                                                echo "\$('#" . $col['name'] . "').multiselect('uncheckAll');\n";
                                                                if (isset($_GET['callee']) && isset($_GET['id'])) {
                                                                    if ($col['pk']) {
                                                                        echo "\$('#" . $col['name'] . "').val('" . $_GET['id'] . "');\n";
                                                                        echo "\$('#" . $col['name'] . "').attr('disabled', 'true');\n";
                                                                    }
                                                                }
                                                            } else {
                                                                if ($col['type'] == "COMBO") {
                                                                    echo "\$('#" . $col['name'] . "').val('0');\n";
                                                                }
                                                            }
                                                        }
                                                    }
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
        $this->postAddScriptEvent();
        ?>
			$("#editdialog .datepicker").attr("disabled", false);
			$("#editdialog input").attr("readonly", false);
			$("#editdialog input[type=checkbox]").attr("disabled", false);
			$("#editdialog select").attr("disabled", false);
			$(".mceToolbar > div").css("visibility", "visible");
			
			$("#editdialog").dialog("open");
		}
		
		function getPK() {
			return getSelectedRow().<?php 
        echo $this->pkViewName;
        ?>
;
		}
		
		function edit(id) {
			currentCrudID = id;
			
			$(".ui-dialog[aria-labelledby=ui-dialog-title-editdialog] .ui-dialog-title").text("Edit");
			$(".ui-dialog[aria-labelledby=ui-dialog-title-editdialog] .ui-dialog-buttonset button:first").css("display", "");
			
			$("#crudcmd").val("update");
			
			callAjax(
					"finddatarow.php", 
					{ 
						id: id,
						pkname: "<?php 
        echo $this->pkName;
        ?>
",
						table: "<?php 
        echo $this->table;
        ?>
",
						sql: "<?php 
        echo str_replace("\"", "\\\"", $this->sql);
        ?>
"
					},
					function(data) {
						if (data.length > 0) {
							var node = data[0];
							$("#editdialog .datepicker").attr("disabled", false);
							$("#editdialog input").attr("readonly", false);
							$("#editdialog input[type=checkbox]").attr("disabled", false);
							$("#editdialog select").attr("disabled", false);
							$(".mceToolbar > div").css("visibility", "visible");
							
							<?php 
        foreach ($this->columns as $col) {
            if ($col['editable']) {
                if ($col['readonly'] || $col['type'] == "DERIVED") {
                    if ($col['type'] == "DATACOMBO" || $col['type'] == "MULTIDATACOMBO") {
                        echo "\$('#editpanel #" . $col['name'] . "').attr('disabled', true);\n";
                    } else {
                        echo "\$('#editpanel #" . $col['name'] . "').attr('readonly', true);\n";
                    }
                }
                if ($col['type'] == "TEXTBOX") {
                    if ($col['datatype'] == "" || $col['datatype'] == "timestamp") {
                        echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ".substring(0, 10));\n";
                        echo "\$('#editpanel #" . $col['name'] . "_time').val(node." . $col['name'] . ".substring(11, 16));\n";
                    } else {
                        if ($col['datatype'] == "typist") {
                            echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ").trigger('change');\n";
                        } else {
                            if ($col['datatype'] == "user") {
                                echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ").trigger('change');\n";
                            } else {
                                if ($col['datatype'] == "contact") {
                                    echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ").trigger('change');\n";
                                } else {
                                    echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ");\n";
                                }
                            }
                        }
                    }
                } else {
                    if ($col['type'] == "GEOLOCATION") {
                        echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ");\n";
                    } else {
                        if ($col['type'] == "CHECKBOX") {
                            echo "\$('#editpanel #" . $col['name'] . "').attr('checked', node." . $col['name'] . " == 1 ? true : false);\n";
                            echo "\$('#editpanel #" . $col['name'] . "').trigger('change');\n";
                        } else {
                            if ($col['type'] == "DERIVED") {
                                echo "\$('#editpanel #" . $col['name'] . "').val(" . $col['function'] . "(node));\n";
                            } else {
                                if ($col['type'] == "BASICTEXTAREA") {
                                    echo "if (node." . $col['name'] . " != null) {\n";
                                    echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ");\n";
                                    echo "} else {\n";
                                    echo "\$('#editpanel #" . $col['name'] . "').val('');\n";
                                    echo "}\n";
                                } else {
                                    if ($col['type'] == "TEXTAREA") {
                                        echo "if (node." . $col['name'] . " == null) {\n";
                                        echo "tinyMCE.get('" . $col['name'] . "').setContent('');\n";
                                        echo "} else {\n";
                                        echo "tinyMCE.get('" . $col['name'] . "').setContent(node." . $col['name'] . ");\n";
                                        echo "}\n";
                                        echo "tinyMCE.get('" . $col['name'] . "').getBody().setAttribute('contenteditable', true);\n";
                                    } else {
                                        if ($col['type'] == "FILE") {
                                            echo "if (node." . $col['name'] . " == null) {\n";
                                            echo "\$('#" . $col['name'] . "').val('');\n";
                                            echo "} else {\n";
                                            echo "\$('#" . $col['name'] . "').val(node." . $col['name'] . ");\n";
                                            echo "}\n";
                                        } else {
                                            if ($col['type'] == "PASSWORD") {
                                                echo "\$('#" . $col['name'] . "').val('');\n";
                                            } else {
                                                if ($col['type'] == "IMAGE") {
                                                    echo "if (node." . $col['name'] . " == 0 || node." . $col['name'] . " == null) {\n";
                                                    echo "\$('#" . $col['name'] . "_img').attr('src', 'images/no-image.gif');\n";
                                                    echo "} else {\n";
                                                    echo "\$('#" . $col['name'] . "_img').attr('src', 'system-imageviewer.php?id=' + node." . $col['name'] . ");\n";
                                                    echo "}\n";
                                                    echo "\$('#" . $col['name'] . "').val('');\n";
                                                } else {
                                                    if ($col['type'] == "COMBO") {
                                                        echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ");\n";
                                                    } else {
                                                        if ($col['type'] == "DATACOMBO" || $col['type'] == "MULTIDATACOMBO" || $col['type'] == "LAZYDATACOMBO") {
                                                            echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ");\n";
                                                            echo "\$('#editpanel #" . $col['name'] . "_lazy').val(node." . $col['alias'] . ");\n";
                                                            if (isset($_GET['callee']) && isset($_GET['id'])) {
                                                                if ($col['pk']) {
                                                                    echo "\$('#" . $col['name'] . "').attr('disabled', 'true');\n";
                                                                }
                                                            }
                                                        }
                                                    }
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
        foreach ($this->columns as $col) {
            if ($col['type'] == "GEOLOCATION") {
                ?>
									if (node.<?php 
                echo $col['name'] . '_lng';
                ?>
 == "0" || node.<?php 
                echo $col['name'] . '_lng';
                ?>
 == null) {
										$("#editpanel #<?php 
                echo $col['name'];
                ?>
").trigger("change");
									}
									<?php 
            }
        }
        $this->postEditScriptEvent();
        ?>
							
						} else {
							pwAlert("No rows found for edit");
						}
					},
					false
				);
			
			$("#crudid").val(id);
			$("#editdialog").dialog("open");
		}
		
		function view(id) {
			currentCrudID = id;
			
			$("#crudcmd").val("view");
			
			$(".ui-dialog[aria-labelledby=ui-dialog-title-editdialog] .ui-dialog-title").text("View");
			$(".ui-dialog[aria-labelledby=ui-dialog-title-editdialog] .ui-dialog-buttonset button:first").css("display", "none");
			
			callAjax(
					"finddatarow.php", 
					{ 
						id: id,
						pkname: "<?php 
        echo $this->pkName;
        ?>
",
						table: "<?php 
        echo $this->table;
        ?>
",
						sql: "<?php 
        echo str_replace("\"", "\\\"", $this->sql);
        ?>
"
					},
					function(data) {
						if (data.length > 0) {
							var node = data[0];
							
							<?php 
        foreach ($this->columns as $col) {
            if ($col['editable']) {
                if ($col['type'] == "TEXTBOX") {
                    if ($col['datatype'] == "user") {
                        echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ").trigger('change');\n";
                    } else {
                        if ($col['datatype'] == "typist") {
                            echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ").trigger('change');\n";
                        } else {
                            if ($col['datatype'] == "contact") {
                                echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ").trigger('change');\n";
                            } else {
                                echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ");\n";
                            }
                        }
                    }
                } else {
                    if ($col['type'] == "GEOLOCATION") {
                        echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ");\n";
                    } else {
                        if ($col['type'] == "CHECKBOX") {
                            echo "\$('#" . $col['name'] . "').attr('checked', node." . $col['name'] . " == 1 ? true : false);\n";
                            echo "\$('#" . $col['name'] . "').trigger('change');\n";
                        } else {
                            if ($col['type'] == "DERIVED") {
                                echo "\$('#" . $col['name'] . "').val(" . $col['function'] . "(node));\n";
                            } else {
                                if ($col['type'] == "BASICTEXTAREA") {
                                    echo "\$('#editpanel #" . $col['name'] . "').val(node." . $col['name'] . ");\n";
                                } else {
                                    if ($col['type'] == "TEXTAREA") {
                                        echo "tinyMCE.get('" . $col['name'] . "').setContent(node." . $col['name'] . ");\n";
                                        echo "tinyMCE.get('" . $col['name'] . "').getBody().setAttribute('contenteditable', false);\n";
                                    } else {
                                        if ($col['type'] == "FILE") {
                                            echo "\$('#" . $col['name'] . "').val(node." . $col['name'] . ");\n";
                                        } else {
                                            if ($col['type'] == "PASSWORD") {
                                                echo "\$('#" . $col['name'] . "').val('');\n";
                                            } else {
                                                if ($col['type'] == "IMAGE") {
                                                    echo "if (node." . $col['name'] . " == 0) {\n";
                                                    echo "\$('#" . $col['name'] . "_img').attr('src', 'images/no-image.gif');\n";
                                                    echo "} else {\n";
                                                    echo "\$('#" . $col['name'] . "_img').attr('src', 'system-imageviewer.php?id=' + node." . $col['name'] . ");\n";
                                                    echo "}\n";
                                                    echo "\$('#" . $col['name'] . "').val('');\n";
                                                } else {
                                                    if ($col['type'] == "COMBO") {
                                                        echo "\$('#" . $col['name'] . "').val(node." . $col['name'] . ");\n";
                                                    } else {
                                                        if ($col['type'] == "DATACOMBO" || $col['type'] == "MULTIDATACOMBO" || $col['type'] == "LAZYDATACOMBO") {
                                                            echo "\$('#" . $col['name'] . "').val(node." . $col['name'] . ");\n";
                                                            echo "\$('#" . $col['name'] . "_lazy').val(node." . $col['alias'] . ");\n";
                                                            if (isset($_GET['callee']) && isset($_GET['id'])) {
                                                                if ($col['pk']) {
                                                                    echo "\$('#" . $col['name'] . "').attr('disabled', 'true');\n";
                                                                }
                                                            }
                                                        }
                                                    }
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
        $this->postViewScriptEvent();
        ?>
							$(".mceToolbar > div").css("visibility", "hidden");
							$("#editdialog input").attr("readonly", true);
							$("#editdialog input[type=checkbox]").attr("disabled", true);
							$("#editdialog select").attr("disabled", true);
							$("#editdialog .datepicker").attr("disabled", true);
						}
					},
					false
				);
			
			$("#crudid").val(id);
			$("#editdialog").dialog("open");
		}
	
		function post(form, command, target, parameters) {
			var prevCMD = $("#" + form + " #crudcmd").val();
			
			if (target && target != null) {
				$("#" + form).attr("target", target);
				$("#" + form + " #triggerrefresh").val("true");
				
			} else {
				$("#" + form).attr("target", "");
			}
			
			if (parameters) {
				for (var param in parameters) {
					if (parameters[param] instanceof Array) {
						for (var ix = 0; ix < parameters[param].length; ix++) {
							$("<input type='hidden' id='" + param + "' name='" + param + "[]' value='" + parameters[param][ix] + "' />\n").appendTo("#editform");
						}
						
					} else {
						$("#" + form + " #" + param).val(parameters[param]);
					}
					
				}
			}
						
			$("#" + form + " #crudcmd").val(command);
			$("#" + form).submit();
			
			$("#" + form + " #crudcmd").val(prevCMD);
		}
		
		function crudDelete() {
			var correct = true;
			
			$("#confirmdialog").dialog("close");
			
			<?php 
        foreach ($this->checkconstraints as $constraint) {
            ?>
			callAjax(
					"finddata.php", 
					{ 
						sql: "SELECT <?php 
            echo $constraint['column'];
            ?>
 FROM <?php 
            echo $_SESSION['DB_PREFIX'] . $constraint['table'];
            ?>
 WHERE <?php 
            echo $constraint['column'];
            ?>
 = " + currentCrudID
					},
					function(data) {
						if (data.length >= 1) {
							correct = false;
						}
					},
					false
				);
			<?php 
        }
        if ($this->preDeleteScriptEvent != null) {
            echo "if (! " . $this->preDeleteScriptEvent . "(currentCrudID)) return;\n";
        }
        ?>
			
			if (! correct) {
				pwAlert("Row is currently in use. Cannot remove.");
				return;
			}
			
			callAjax(
					"cruddelete.php", 
					{ 
						table: "<?php 
        echo $this->table;
        ?>
",
						pkname: "<?php 
        echo $this->pkName;
        ?>
",
						id: currentCrudID
					},
					function(data) {
					}
				);
			
			refresh();
		}
		
		function removeCrudItem(crudID) {
			currentCrudID = crudID;
			
			$("#confirmdialog .confirmdialogbody").html("You are about to remove this item.<br>Are you sure ?");
			$("#confirmdialog").dialog("open");
		}
		
		function refresh() {
			document.body.style.cursor = "wait";
			
			setTimeout(refreshData, 0);
		}
		
		function showError(str) {
			pwAlert("An error has occurred: " + str);
		}
		
		var colNames = new Array();
		
		$(document).ready(
				function() {
					 var grid = $("#tempgrid");
					 var layout = new Array();
					 var info;
					 var colIndex = 0;
					 
				   	$(".multiselect").multiselect({
				   			multiple: true
					   }); 
					 
					<?php 
        $visibleIndex = 1;
        for ($i = 0; $i < count($this->columns); $i++) {
            $width = 0;
            $hidden = false;
            $columnlabel = "";
            if ($this->columns[$i]['showInView']) {
                $width = $this->columns[$i]['length'];
                if ($this->columns[$i]['length'] < strlen($this->columns[$i]['label'])) {
                    $width = strlen($this->columns[$i]['label']);
                }
                $width = intval($width * 6.2);
                $this->columns[$i]['viewlength'] = $width;
                $this->columns[$i]['hidden'] = $hidden;
                $visibleIndex++;
            }
        }
        foreach ($this->columns as $col) {
            if ($col['showInView'] || $col['pk']) {
                ?>
					 info = {
							index:		"<?php 
                echo $col['viewname'];
                ?>
",
							name:		"<?php 
                echo $col['viewname'];
                ?>
",
							resizable:	false,
							width:		<?php 
                echo $col['viewlength'];
                ?>
,
							hidden:		<?php 
                echo $col['pk'] && !$col['showInView'] || $col['hidden'] ? "true" : "false";
                ?>
,
							align:		"<?php 
                echo $col['align'];
                ?>
",
							sortable:   false
							<?php 
                if ($col['type'] == "CHECKBOX") {
                    echo ", formatter: checkboxFormatter";
                } else {
                    if ($col['formatter'] != "") {
                        echo ", formatter: " . $col['formatter'];
                    }
                }
                ?>
						};
						
					 colNames[colIndex] = "<?php 
                echo $col['label'];
                ?>
";
					 layout[colIndex++] = info;
					<?php 
            }
        }
        ?>

					 grid.jqGrid({
							datatype: "local",
							height: 450,
						   	colNames: colNames,
						   	colModel: layout,
						   	sortable: false,
							shrinkToFit: false,
							autowidth: true,
							rowNum : 18,
						   	rowList: [18,20,30,50,80,100],
						   	pager: "#tempgrid_pager",
						   	
						   	viewRecords: true,
						   	multiselect: false,
						   	
							afterInsertRow: function(rowid, rowData, rowelem) {
						   		<?php 
        $this->afterInsertRow();
        ?>
   						    },						   	
			   	
							ondblClickRow: function (rowid,iRow,iCol,e) {
							<?php 
        if ($this->onDblClick != null) {
            ?>
									<?php 
            echo $this->onDblClick;
            ?>
(getSelectedRow().<?php 
            echo $this->pkViewName;
            ?>
);
							<?php 
        } else {
            if ($this->allowEdit) {
                if (isUserAccessPermitted('EditItem')) {
                    ?>
 
										editSelectedRow();
							<?php 
                }
            }
        }
        ?>
 
					        },						    
						    onSelectRow: function(rowid) {
						    	$(".subapp").removeAttr("disabled");
								
								<?php 
        if ($this->onClickCallback != "") {
            echo "{$this->onClickCallback}(getSelectedRow());\n";
        }
        ?>
						    },
							caption: "<?php 
        echo $this->title;
        ?>
"
						
						});
					
					
				    $('form').bind('submit', function() { 
					        $(this).find('select').removeAttr('disabled'); 
					    }); 
					    
					$("#filterbutton").hover( 
							function () { 
								var child = $(this).find('ul');
								
								child.css("margin-top", "25px");
								child.show();
						  	},  
						  	function () { 
								var child = $(this).find('ul');
								var frame = $(this).find('iframe');
								
						  		child.hide();
								frame.hide();
						  	} 
						); 
				
					$(".submenuwrapper").hover( 
							function () { 
								if ($(this).find("a").attr("disabled") != true) {
									var child = $(this).find('ul');
	
									child.css("margin-top", "-17px");
									child.css("margin-left", (($(this).find('a').offset().left - $(this).parent().offset().left) + 9) + "px");
									child.show();
								}
						  	},  
						  	function () { 
								var child = $(this).find('ul');
								var frame = $(this).find('iframe');
								
						  		child.hide();
								frame.hide();
						  	} 
						); 
					 					
					$("#editdialog").dialog({
							modal: true,
							autoOpen: false,
							show:"fade",
							hide:"fade",
							width: <?php 
        echo $this->dialogwidth;
        ?>
,
							title:"Edit / Add",
							open: function(event, ui){
								
							},
							buttons: {
								Ok: function() {
									if (! verifyCrudForm("#editpanel")) {
										return;
									}
									
									tinyMCE.triggerSave();
									
									$(this).dialog("close")
									
									post("editform", $("#editform #crudcmd").val(), "submitframe");
<?php 
        $this->postUpdateScriptEvent();
        ?>
									
								},
								Cancel: function() {
									$(this).dialog("close");
								}
							}
						});
 					
					$("#filterdialog").dialog({
							modal: true,
							autoOpen: false,
							show:"fade",
							hide:"fade",
							width: <?php 
        echo $this->dialogwidth;
        ?>
,
							title:"Search",
							open: function(event, ui){
								
							},
							buttons: {
								"Search": function() {
									$(this).dialog("close")
									
									post("filterform", "filter");
								},
								"Save": function() {
									$("#filtersavedialog").dialog("open");
								},
								"Clear": function() {
									$("#filterform input").val("");
									$("#filterform select").val("");
								},
								Cancel: function() {
									$("#filterdialog").dialog("close");
								}
							}
						});
 					
					$("#filtersavedialog").dialog({
							modal: true,
							autoOpen: false,
							show:"fade",
							hide:"fade",
							title:"Save Filter",
							open: function(event, ui){
								
							},
							buttons: {
								Ok: function() {
									$(this).dialog("close")
									$("#savefiltername").val($("#filtername").val());
									
									post("filterform", "filtersave");
								},
								Cancel: function() {
									$(this).dialog("close");
								}
							}
						});
						
					<?php 
        if ($this->autoPopulate) {
            $this->rowcount = $this->getRowCount();
            $this->pages = intval($this->rowcount / $this->pagesize);
            if ($this->rowcount % $this->pagesize > 0) {
                $this->pages++;
            }
            if ($this->pages == 0) {
                $this->pages = 1;
            }
            ?>
							pages = <?php 
            echo $this->pages;
            ?>
;
							refresh();
							
					<?php 
        } else {
            $this->rowcount = 0;
            $this->pages = 1;
            ?>
							pages = <?php 
            echo $this->pages;
            ?>
;
					<?php 
        }
        ?>
					
					var marker = false;
					
					$(".ui-pg-table td[dir='ltr']").each(
							function() {
								if (! marker) {
									$(this).html("Page <?php 
        echo intval($this->fromrow / $this->pagesize + 1);
        ?>
 of <?php 
        echo intval($this->pages);
        ?>
");
									marker = true;
								}
							}
						);
					
					$(".ui-jqgrid-sortable").click(
							function() {
								var str = $(this).attr("id");
								var n=str.lastIndexOf("_") + 1; 
								var column = str.substring(n);
								
								$(".ui-jqgrid-sortable span").hide();
								$(this).find("span").show();
								
								<?php 
        foreach ($this->columns as $col) {
            if ($col['sortcolumn'] != null) {
                ?>
								if (column == "<?php 
                echo $col['name'];
                ?>
") column = "<?php 
                echo $col['sortcolumn'];
                ?>
";
								<?php 
            }
        }
        ?>
									
								if (sortByColumn == column) {
									/* Same column, so sort in reverse. */
									if (sortByDirection  == "ASC") {
										sortByDirection = "DESC";
										
									} else {
										sortByDirection = "ASC";
									}
									
								} else {
									sortByColumn = column;
									sortByDirection = "ASC";
								}
								
								refresh();
							}
						);
						
					$(".ui-pager-control .ui-icon-seek-first").click(
							function() {
								fromRow = 0;
								toRow = pageSize;
								
								refresh();
							}
						);
						
					$(".ui-pager-control .ui-icon-seek-end").click(
							function() {
								fromRow = parseInt((pages - 1) * pageSize);
								toRow = pageSize;
								
								refresh();
							}
						);
						
					$(".ui-pager-control .ui-icon-seek-prev").click(
							function() {
								if (fromRow > 0) {
									fromRow = parseInt(fromRow) - parseInt(pageSize);
									toRow = pageSize;
									
									refresh();
								}
							}
						);
						
					$(".ui-pg-selbox").change(
							function() {
								pageSize = parseInt($(this).val());
								fromRow = 0;
								toRow = pageSize;
								
								refresh();
							}
						);
						
					$(".ui-pager-control .ui-icon-seek-next").click(
							function() {
								if ((fromRow + pageSize) < <?php 
        echo $this->rowcount;
        ?>
) {
									fromRow = parseInt(fromRow) + parseInt(pageSize);
									toRow = pageSize;
									
									refresh();
								}
							}
						);
						
	<?php 
        $this->postLoadScriptEvent();
        ?>
				}
			);
			
		function refreshData() {
	    	$(".subapp").attr("disabled", true);

			callAjax(
					"finddata.php", 
					{ 
						sql: "<?php 
        echo str_replace("\"", "\\\"", $this->sql);
        ?>
",
						orderby: sortByColumn,
						direction: sortByDirection,
						from: fromRow,
						to: pageSize
					},
					function(data) {
						var marker = false;
						pages = parseInt(<?php 
        echo $this->rowcount;
        ?>
 / pageSize);
					
						if ((<?php 
        echo $this->rowcount;
        ?>
 % pageSize) > 0) {
							pages++;
						}
						
						if (pages == 0) {
							pages = 1;
						}
					
						$(".ui-pg-table td[dir='ltr']").each(
								function() {
									if (! marker) {
										$(this).html("Page " + ((fromRow / pageSize) + 1) + " of " + pages);
										
										marker = true;
									}
								}
							);
							
						$("#tempgrid").clearGridData(true);
						
						var i = 0;
						var indexNo = 1;
						var item;
						for (i = 0; i < data.length; i++) {
							var node = data[i];
<?php 
        $first = true;
        echo "item = {";
        foreach ($this->columns as $col) {
            if ($col['showInView'] || $col['pk']) {
                if ($first) {
                    $first = false;
                } else {
                    echo ", ";
                }
                echo "'" . $col['viewname'] . "': ";
                if ($col['type'] == "DATACOMBO" || $col['type'] == "LAZYDATACOMBO" || $col['type'] == "MULTIDATACOMBO") {
                    echo "node.";
                    if ($col['alias'] != '') {
                        echo $col['alias'];
                    } else {
                        echo $col['table_name'];
                    }
                } else {
                    if ($col['type'] == "DERIVED") {
                        echo $col['function'] . "(node)";
                    } else {
                        if ($col['type'] == "COMBO") {
                            $comboArray = array();
                            $descArray = array();
                            foreach ($col['options'] as $opt) {
                                array_push($comboArray, $opt['value']);
                                array_push($descArray, $opt['text']);
                            }
                            echo "getComboValue(node." . $col['name'] . ", new Array(" . ArrayToInClause($comboArray) . "), new Array(" . ArrayToInClause($descArray) . "))";
                        } else {
                            echo "node." . $col['name'];
                        }
                    }
                }
            }
        }
        echo "};\n";
        echo "\$('#tempgrid').addRowData(indexNo++, item);\n";
        ?>
						}
						
						$(".ui-state-disabled").each(
								function() {
									$(this).removeClass("ui-state-disabled");
								}
							);
							
						<?php 
        if ($this->postDataRefreshEvent != null) {
            echo $this->postDataRefreshEvent . "(data);\n";
        }
        ?>
						
						document.body.style.cursor = "default";
					}
			);
		}
	<?php 
        $this->postScriptEvent();
        ?>
	
	function checkboxFormatter(el, cval, opts) {
		if (el == 0) {
			return "<img height=16  src='images/checkbox_off.png' />";
		}
		
		return "<img height=16 src='images/checkbox_on.png' />";
    } 	
    
	function getComboValue(value, comboArray, descArray) {
		for (var i = 0; i < comboArray.length; i++) {
			if (comboArray[i] == value) {
				return descArray[i];
			}
		}
		
		return "";
	}
			
	</script>
<?php 
    }
<?php

//Include database connection details
require_once 'system-db.php';
start_db();
$scheduleid = $_POST['scheduleid'];
$sql = "SELECT C.member_id \n\t\t\tFROM {$_SESSION['DB_PREFIX']}scheduleitem A\n\t\t\tINNER JOIN {$_SESSION['DB_PREFIX']}rotaitem B\n\t\t\tON 1 = 1\n\t\t\tINNER JOIN {$_SESSION['DB_PREFIX']}members C\n\t\t\tON C.member_id = B.userid\n\t\t\tWHERE A.id = {$scheduleid}\n\t\t\tAND B.startdate <= A.startdate\n\t\t\tAND B.enddate >= A.enddate\n\t\t\tAND B.userid != A.userid";
$result = mysql_query($sql);
$users = array();
if ($result) {
    while ($member = mysql_fetch_assoc($result)) {
        array_push($users, $member['member_id']);
    }
} else {
    logError($sql . " - " . mysql_error());
}
$in = ArrayToInClause($users);
createComboOptions("member_id", "fullname", "{$_SESSION['DB_PREFIX']}members", "WHERE member_id IN({$in})", false);