function customers_insert()
{
global $Translation;
if ($_GET['insert_x'] != '') {
$_POST = $_GET;
}
// mm: can member insert record?
$arrPerm = getTablePermissions('customers');
if (!$arrPerm[1]) {
return false;
}
$data['CustomerID'] = makeSafe($_POST['CustomerID']);
if ($data['CustomerID'] == empty_lookup_value) {
$data['CustomerID'] = '';
}
$data['CompanyName'] = makeSafe($_POST['CompanyName']);
if ($data['CompanyName'] == empty_lookup_value) {
$data['CompanyName'] = '';
}
$data['ContactName'] = makeSafe($_POST['ContactName']);
if ($data['ContactName'] == empty_lookup_value) {
$data['ContactName'] = '';
}
$data['ContactTitle'] = makeSafe($_POST['ContactTitle']);
if ($data['ContactTitle'] == empty_lookup_value) {
$data['ContactTitle'] = '';
}
$data['Address'] = br2nl(makeSafe($_POST['Address']));
$data['City'] = makeSafe($_POST['City']);
if ($data['City'] == empty_lookup_value) {
$data['City'] = '';
}
$data['Region'] = makeSafe($_POST['Region']);
if ($data['Region'] == empty_lookup_value) {
$data['Region'] = '';
}
$data['PostalCode'] = makeSafe($_POST['PostalCode']);
if ($data['PostalCode'] == empty_lookup_value) {
$data['PostalCode'] = '';
}
$data['Country'] = makeSafe($_POST['Country']);
if ($data['Country'] == empty_lookup_value) {
$data['Country'] = '';
}
$data['Phone'] = makeSafe($_POST['Phone']);
if ($data['Phone'] == empty_lookup_value) {
$data['Phone'] = '';
}
$data['Fax'] = makeSafe($_POST['Fax']);
if ($data['Fax'] == empty_lookup_value) {
$data['Fax'] = '';
}
if ($data['CustomerID'] == '') {
echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Customer ID': " . $Translation['pkfield empty'] . '</div>';
exit;
}
// hook: customers_before_insert
if (function_exists('customers_before_insert')) {
$args = array();
if (!customers_before_insert($data, getMemberInfo(), $args)) {
return false;
}
}
$o = array('silentErrors' => true);
sql('insert into `customers` set `CustomerID`=' . ($data['CustomerID'] !== '' && $data['CustomerID'] !== NULL ? "'{$data['CustomerID']}'" : 'NULL') . ', `CompanyName`=' . ($data['CompanyName'] !== '' && $data['CompanyName'] !== NULL ? "'{$data['CompanyName']}'" : 'NULL') . ', `ContactName`=' . ($data['ContactName'] !== '' && $data['ContactName'] !== NULL ? "'{$data['ContactName']}'" : 'NULL') . ', `ContactTitle`=' . ($data['ContactTitle'] !== '' && $data['ContactTitle'] !== NULL ? "'{$data['ContactTitle']}'" : 'NULL') . ', `Address`=' . ($data['Address'] !== '' && $data['Address'] !== NULL ? "'{$data['Address']}'" : 'NULL') . ', `City`=' . ($data['City'] !== '' && $data['City'] !== NULL ? "'{$data['City']}'" : 'NULL') . ', `Region`=' . ($data['Region'] !== '' && $data['Region'] !== NULL ? "'{$data['Region']}'" : 'NULL') . ', `PostalCode`=' . ($data['PostalCode'] !== '' && $data['PostalCode'] !== NULL ? "'{$data['PostalCode']}'" : 'NULL') . ', `Country`=' . ($data['Country'] !== '' && $data['Country'] !== NULL ? "'{$data['Country']}'" : 'NULL') . ', `Phone`=' . ($data['Phone'] !== '' && $data['Phone'] !== NULL ? "'{$data['Phone']}'" : 'NULL') . ', `Fax`=' . ($data['Fax'] !== '' && $data['Fax'] !== NULL ? "'{$data['Fax']}'" : 'NULL'), $o);
if ($o['error'] != '') {
echo $o['error'];
echo "<a href=\"customers_view.php?addNew_x=1\">{$Translation['< back']}</a>";
exit;
}
$recID = $data['CustomerID'];
// hook: customers_after_insert
if (function_exists('customers_after_insert')) {
$res = sql("select * from `customers` where `CustomerID`='" . makeSafe($recID) . "' limit 1", $eo);
if ($row = db_fetch_assoc($res)) {
$data = array_map('makeSafe', $row);
}
$data['selectedID'] = makeSafe($recID);
$args = array();
if (!customers_after_insert($data, getMemberInfo(), $args)) {
return get_magic_quotes_gpc() ? stripslashes($recID) : $recID;
}
}
// mm: save ownership data
sql("insert into membership_userrecords set tableName='customers', pkValue='{$recID}', memberID='" . getLoggedMemberID() . "', dateAdded='" . time() . "', dateUpdated='" . time() . "', groupID='" . getLoggedGroupID() . "'", $eo);
return get_magic_quotes_gpc() ? stripslashes($recID) : $recID;
}
function patients_update($selected_id)
{
global $Translation;
if ($_GET['update_x'] != '') {
$_POST = $_GET;
}
// mm: can member edit record?
$arrPerm = getTablePermissions('patients');
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='patients' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='patients' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
// allow update?
// update allowed, so continue ...
} else {
return;
}
$data['last_name'] = makeSafe($_POST['last_name']);
if ($data['last_name'] == '') {
echo StyleSheet() . "\n\n<div class=\"Error\">{$Translation['error:']} 'Last name': {$Translation['field not null']}<br /><br />";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['first_name'] = makeSafe($_POST['first_name']);
if ($data['first_name'] == '') {
echo StyleSheet() . "\n\n<div class=\"Error\">{$Translation['error:']} 'First name': {$Translation['field not null']}<br /><br />";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['gender'] = makeSafe($_POST['gender']);
if ($data['gender'] == '') {
echo StyleSheet() . "\n\n<div class=\"Error\">{$Translation['error:']} 'Gender': {$Translation['field not null']}<br /><br />";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['birth_date'] = makeSafe($_POST['birth_dateYear']) . '-' . makeSafe($_POST['birth_dateMonth']) . '-' . makeSafe($_POST['birth_dateDay']);
$data['birth_date'] = parseMySQLDate($data['birth_date'], '');
$data['age'] = makeSafe($_POST['age']);
$data['address'] = makeSafe($_POST['address']);
$data['city'] = makeSafe($_POST['city']);
$data['state'] = makeSafe($_POST['state']);
$data['zip'] = makeSafe($_POST['zip']);
$data['home_phone'] = makeSafe($_POST['home_phone']);
$data['work_phone'] = makeSafe($_POST['work_phone']);
$data['mobile'] = makeSafe($_POST['mobile']);
$data['other_details'] = makeSafe($_POST['other_details']);
$data['comments'] = makeSafe($_POST['comments']);
$data['last_modified'] = parseCode('<%%editingDateTime%%>', false);
$data['selectedID'] = makeSafe($selected_id);
// hook: patients_before_update
if (function_exists('patients_before_update')) {
$args = array();
if (!patients_before_update($data, getMemberInfo(), $args)) {
return FALSE;
}
}
sql('update `patients` set `last_name`=' . ($data['last_name'] != '' ? "'{$data['last_name']}'" : 'NULL') . ', `first_name`=' . ($data['first_name'] != '' ? "'{$data['first_name']}'" : 'NULL') . ', `gender`=' . ($data['gender'] != '' ? "'{$data['gender']}'" : 'NULL') . ', `birth_date`=' . ($data['birth_date'] != '' ? "'{$data['birth_date']}'" : 'NULL') . ', `age`=' . ($data['age'] != '' ? "'{$data['age']}'" : 'NULL') . ', `address`=' . ($data['address'] != '' ? "'{$data['address']}'" : 'NULL') . ', `city`=' . ($data['city'] != '' ? "'{$data['city']}'" : 'NULL') . ', `state`=' . ($data['state'] != '' ? "'{$data['state']}'" : 'NULL') . ', `zip`=' . ($data['zip'] != '' ? "'{$data['zip']}'" : 'NULL') . ', `home_phone`=' . ($data['home_phone'] != '' ? "'{$data['home_phone']}'" : 'NULL') . ', `work_phone`=' . ($data['work_phone'] != '' ? "'{$data['work_phone']}'" : 'NULL') . ', `mobile`=' . ($data['mobile'] != '' ? "'{$data['mobile']}'" : 'NULL') . ', `other_details`=' . ($data['other_details'] != '' ? "'{$data['other_details']}'" : 'NULL') . ', `comments`=' . ($data['comments'] != '' ? "'{$data['comments']}'" : 'NULL') . ', `last_modified`=' . "'{$data['last_modified']}'" . " where `id`='" . makeSafe($selected_id) . "'");
// hook: patients_after_update
if (function_exists('patients_after_update')) {
$args = array();
if (!patients_after_update($data, getMemberInfo(), $args)) {
return FALSE;
}
}
// mm: update ownership data
sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='patients' and pkValue='" . makeSafe($selected_id) . "'");
}
// display confirmation
?>
<div style="width:500px; margin:0px auto; text-align:left;">
<div class="TableTitle">
<?php
echo $Translation['password reset ready'];
?>
</div>
</div>
<?php
exit;
}
#_______________________________________________________________________________
# Step 1: get the username or email of the member who wants to reset his password
#_______________________________________________________________________________
echo StyleSheet();
if ($_GET['emptyData']) {
$highlight = "style=\"color: red;\"";
}
?>
<div align="center">
<form method="post" action="membership_passwordReset.php">
<table border="0" cellspacing="1" cellpadding="4" align="center" width="500">
<tr>
<td colspan="2" class="TableHeader">
<div class="TableTitle"><?php
echo $Translation['password reset'];
?>
</div>
function shippers_update($selected_id)
{
global $Translation;
if ($_GET['update_x'] != '') {
$_POST = $_GET;
}
// mm: can member edit record?
$arrPerm = getTablePermissions('shippers');
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='shippers' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='shippers' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
// allow update?
// update allowed, so continue ...
} else {
return false;
}
$data['CompanyName'] = makeSafe($_POST['CompanyName']);
if ($data['CompanyName'] == empty_lookup_value) {
$data['CompanyName'] = '';
}
if ($data['CompanyName'] == '') {
echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Company Name': {$Translation['field not null']}<br><br>";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['Phone'] = makeSafe($_POST['Phone']);
if ($data['Phone'] == empty_lookup_value) {
$data['Phone'] = '';
}
$data['selectedID'] = makeSafe($selected_id);
// hook: shippers_before_update
if (function_exists('shippers_before_update')) {
$args = array();
if (!shippers_before_update($data, getMemberInfo(), $args)) {
return false;
}
}
$o = array('silentErrors' => true);
sql('update `shippers` set `CompanyName`=' . ($data['CompanyName'] !== '' && $data['CompanyName'] !== NULL ? "'{$data['CompanyName']}'" : 'NULL') . ', `Phone`=' . ($data['Phone'] !== '' && $data['Phone'] !== NULL ? "'{$data['Phone']}'" : 'NULL') . " where `ShipperID`='" . makeSafe($selected_id) . "'", $o);
if ($o['error'] != '') {
echo $o['error'];
echo '<a href="shippers_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>";
exit;
}
// hook: shippers_after_update
if (function_exists('shippers_after_update')) {
$res = sql("SELECT * FROM `shippers` WHERE `ShipperID`='{$data['selectedID']}' LIMIT 1", $eo);
if ($row = db_fetch_assoc($res)) {
$data = array_map('makeSafe', $row);
}
$data['selectedID'] = $data['ShipperID'];
$args = array();
if (!shippers_after_update($data, getMemberInfo(), $args)) {
return;
}
}
// mm: update ownership data
sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='shippers' and pkValue='" . makeSafe($selected_id) . "'", $eo);
}
function symptoms_update($selected_id)
{
global $Translation;
if ($_GET['update_x'] != '') {
$_POST = $_GET;
}
// mm: can member edit record?
$arrPerm = getTablePermissions('symptoms');
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='symptoms' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='symptoms' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
// allow update?
// update allowed, so continue ...
} else {
return;
}
$data['name'] = makeSafe($_POST['name']);
if ($data['name'] == '') {
echo StyleSheet() . "\n\n<div class=\"Error\">{$Translation['error:']} 'Name': {$Translation['field not null']}<br /><br />";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['description'] = makeSafe($_POST['description']);
$data['comments'] = makeSafe($_POST['comments']);
$data['selectedID'] = makeSafe($selected_id);
// hook: symptoms_before_update
if (function_exists('symptoms_before_update')) {
$args = array();
if (!symptoms_before_update($data, getMemberInfo(), $args)) {
return FALSE;
}
}
sql('update `symptoms` set `name`=' . ($data['name'] != '' ? "'{$data['name']}'" : 'NULL') . ', `description`=' . ($data['description'] != '' ? "'{$data['description']}'" : 'NULL') . ', `comments`=' . ($data['comments'] != '' ? "'{$data['comments']}'" : 'NULL') . " where `id`='" . makeSafe($selected_id) . "'");
// hook: symptoms_after_update
if (function_exists('symptoms_after_update')) {
$args = array();
if (!symptoms_after_update($data, getMemberInfo(), $args)) {
return FALSE;
}
}
// mm: update ownership data
sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='symptoms' and pkValue='" . makeSafe($selected_id) . "'");
}
function entries_update($selected_id)
{
global $Translation;
if ($_GET['update_x'] != '') {
$_POST = $_GET;
}
// mm: can member edit record?
$arrPerm = getTablePermissions('entries');
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='entries' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='entries' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
// allow update?
// update allowed, so continue ...
} else {
return false;
}
$data['created'] = parseMySQLDate('', '<%%creationDate%%>');
$data['report'] = makeSafe($_POST['report']);
if ($data['report'] == empty_lookup_value) {
$data['report'] = '';
}
if ($data['report'] == '') {
echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Report': {$Translation['field not null']}<br /><br />";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['outcome_area'] = makeSafe($_POST['outcome']);
if ($data['outcome_area'] == empty_lookup_value) {
$data['outcome_area'] = '';
}
$data['outcome'] = makeSafe($_POST['outcome']);
if ($data['outcome'] == empty_lookup_value) {
$data['outcome'] = '';
}
$data['indicator'] = makeSafe($_POST['indicator']);
if ($data['indicator'] == empty_lookup_value) {
$data['indicator'] = '';
}
$data['score'] = makeSafe($_POST['score']);
if ($data['score'] == empty_lookup_value) {
$data['score'] = '';
}
$data['beneficiary_group'] = makeSafe($_POST['beneficiary_group']);
if ($data['beneficiary_group'] == empty_lookup_value) {
$data['beneficiary_group'] = '';
}
$data['beneficiary_group_relevance'] = makeSafe($_POST['beneficiary_group_relevance']);
if ($data['beneficiary_group_relevance'] == empty_lookup_value) {
$data['beneficiary_group_relevance'] = '';
}
$data['comment'] = br2nl(makeSafe($_POST['comment']));
$data['reference'] = makeSafe($_POST['reference']);
if ($data['reference'] == empty_lookup_value) {
$data['reference'] = '';
}
$data['reliability'] = makeSafe($_POST['reliability']);
if ($data['reliability'] == empty_lookup_value) {
$data['reliability'] = '';
}
$data['intentionality'] = makeSafe($_POST['intentionality']);
if ($data['intentionality'] == empty_lookup_value) {
$data['intentionality'] = '';
}
$data['equivalence'] = makeSafe($_POST['equivalence']);
if ($data['equivalence'] == empty_lookup_value) {
$data['equivalence'] = '';
}
$data['selectedID'] = makeSafe($selected_id);
// hook: entries_before_update
if (function_exists('entries_before_update')) {
$args = array();
if (!entries_before_update($data, getMemberInfo(), $args)) {
return false;
}
}
$o = array('silentErrors' => true);
sql('update `entries` set `created`=' . ($data['created'] != '' ? "'{$data['created']}'" : 'NULL') . ', `report`=' . ($data['report'] !== '' && $data['report'] !== NULL ? "'{$data['report']}'" : 'NULL') . ', `outcome_area`=' . ($data['outcome_area'] !== '' && $data['outcome_area'] !== NULL ? "'{$data['outcome_area']}'" : 'NULL') . ', `outcome`=' . ($data['outcome'] !== '' && $data['outcome'] !== NULL ? "'{$data['outcome']}'" : 'NULL') . ', `indicator`=' . ($data['indicator'] !== '' && $data['indicator'] !== NULL ? "'{$data['indicator']}'" : 'NULL') . ', `score`=' . ($data['score'] !== '' && $data['score'] !== NULL ? "'{$data['score']}'" : 'NULL') . ', `beneficiary_group`=' . ($data['beneficiary_group'] !== '' && $data['beneficiary_group'] !== NULL ? "'{$data['beneficiary_group']}'" : 'NULL') . ', `beneficiary_group_relevance`=' . ($data['beneficiary_group_relevance'] !== '' && $data['beneficiary_group_relevance'] !== NULL ? "'{$data['beneficiary_group_relevance']}'" : 'NULL') . ', `comment`=' . ($data['comment'] !== '' && $data['comment'] !== NULL ? "'{$data['comment']}'" : 'NULL') . ', `reference`=' . ($data['reference'] !== '' && $data['reference'] !== NULL ? "'{$data['reference']}'" : 'NULL') . ', `reliability`=' . ($data['reliability'] !== '' && $data['reliability'] !== NULL ? "'{$data['reliability']}'" : 'NULL') . ', `intentionality`=' . ($data['intentionality'] !== '' && $data['intentionality'] !== NULL ? "'{$data['intentionality']}'" : 'NULL') . ', `equivalence`=' . ($data['equivalence'] !== '' && $data['equivalence'] !== NULL ? "'{$data['equivalence']}'" : 'NULL') . " where `entry_id`='" . makeSafe($selected_id) . "'", $o);
if ($o['error'] != '') {
echo $o['error'];
echo '<a href="entries_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>";
exit;
}
// hook: entries_after_update
if (function_exists('entries_after_update')) {
$res = sql("SELECT * FROM `entries` WHERE `entry_id`='{$data['selectedID']}' LIMIT 1", $eo);
if ($row = mysql_fetch_assoc($res)) {
$data = array_map('makeSafe', $row);
}
$data['selectedID'] = $data['entry_id'];
$args = array();
if (!entries_after_update($data, getMemberInfo(), $args)) {
return;
}
}
// mm: update ownership data
sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='entries' and pkValue='" . makeSafe($selected_id) . "'", $eo);
}
function properties_update($selected_id)
{
global $Translation;
if ($_GET['update_x'] != '') {
$_POST = $_GET;
}
// mm: can member edit record?
$arrPerm = getTablePermissions('properties');
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='properties' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='properties' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
// allow update?
// update allowed, so continue ...
} else {
return false;
}
$data['property_name'] = makeSafe($_POST['property_name']);
if ($data['property_name'] == empty_lookup_value) {
$data['property_name'] = '';
}
if ($data['property_name'] == '') {
echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Property Name': {$Translation['field not null']}<br><br>";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['type'] = makeSafe($_POST['type']);
if ($data['type'] == empty_lookup_value) {
$data['type'] = '';
}
if ($data['type'] == '') {
echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Type': {$Translation['field not null']}<br><br>";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['number_of_units'] = makeSafe($_POST['number_of_units']);
if ($data['number_of_units'] == empty_lookup_value) {
$data['number_of_units'] = '';
}
$data['owner'] = makeSafe($_POST['owner']);
if ($data['owner'] == empty_lookup_value) {
$data['owner'] = '';
}
$data['operating_account'] = makeSafe($_POST['operating_account']);
if ($data['operating_account'] == empty_lookup_value) {
$data['operating_account'] = '';
}
$data['property_reserve'] = makeSafe($_POST['property_reserve']);
if ($data['property_reserve'] == empty_lookup_value) {
$data['property_reserve'] = '';
}
$data['lease_term'] = makeSafe($_POST['lease_term']);
if ($data['lease_term'] == empty_lookup_value) {
$data['lease_term'] = '';
}
$data['country'] = makeSafe($_POST['country']);
if ($data['country'] == empty_lookup_value) {
$data['country'] = '';
}
$data['street'] = makeSafe($_POST['street']);
if ($data['street'] == empty_lookup_value) {
$data['street'] = '';
}
$data['City'] = makeSafe($_POST['City']);
if ($data['City'] == empty_lookup_value) {
$data['City'] = '';
}
$data['State'] = makeSafe($_POST['State']);
if ($data['State'] == empty_lookup_value) {
$data['State'] = '';
}
$data['ZIP'] = makeSafe($_POST['ZIP']);
if ($data['ZIP'] == empty_lookup_value) {
$data['ZIP'] = '';
}
$data['selectedID'] = makeSafe($selected_id);
if ($_POST['photo_remove'] == 1) {
$data['photo'] = '';
} else {
$data['photo'] = PrepareUploadedFile('photo', 1024000, 'jpg|jpeg|gif|png', false, "");
if ($data['photo']) {
createThumbnail($data['photo'], getThumbnailSpecs('properties', 'photo', 'tv'));
}
if ($data['photo']) {
createThumbnail($data['photo'], getThumbnailSpecs('properties', 'photo', 'dv'));
}
}
// hook: properties_before_update
if (function_exists('properties_before_update')) {
$args = array();
if (!properties_before_update($data, getMemberInfo(), $args)) {
return false;
}
}
$o = array('silentErrors' => true);
sql('update `properties` set `property_name`=' . ($data['property_name'] !== '' && $data['property_name'] !== NULL ? "'{$data['property_name']}'" : 'NULL') . ', `type`=' . ($data['type'] !== '' && $data['type'] !== NULL ? "'{$data['type']}'" : 'NULL') . ', `number_of_units`=' . ($data['number_of_units'] !== '' && $data['number_of_units'] !== NULL ? "'{$data['number_of_units']}'" : 'NULL') . ', ' . ($data['photo'] != '' ? "`photo`='{$data['photo']}'" : ($_POST['photo_remove'] != 1 ? '`photo`=`photo`' : '`photo`=NULL')) . ', `owner`=' . ($data['owner'] !== '' && $data['owner'] !== NULL ? "'{$data['owner']}'" : 'NULL') . ', `country`=' . ($data['country'] !== '' && $data['country'] !== NULL ? "'{$data['country']}'" : 'NULL') . ', `street`=' . ($data['street'] !== '' && $data['street'] !== NULL ? "'{$data['street']}'" : 'NULL') . ', `City`=' . ($data['City'] !== '' && $data['City'] !== NULL ? "'{$data['City']}'" : 'NULL') . ', `State`=' . ($data['State'] !== '' && $data['State'] !== NULL ? "'{$data['State']}'" : 'NULL') . ', `ZIP`=' . ($data['ZIP'] !== '' && $data['ZIP'] !== NULL ? "'{$data['ZIP']}'" : 'NULL') . " where `id`='" . makeSafe($selected_id) . "'", $o);
if ($o['error'] != '') {
echo $o['error'];
echo '<a href="properties_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>";
exit;
}
// hook: properties_after_update
if (function_exists('properties_after_update')) {
$res = sql("SELECT * FROM `properties` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
if ($row = db_fetch_assoc($res)) {
$data = array_map('makeSafe', $row);
}
$data['selectedID'] = $data['id'];
$args = array();
if (!properties_after_update($data, getMemberInfo(), $args)) {
return;
}
}
// mm: update ownership data
sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='properties' and pkValue='" . makeSafe($selected_id) . "'", $eo);
}
function units_update($selected_id)
{
global $Translation;
if ($_GET['update_x'] != '') {
$_POST = $_GET;
}
// mm: can member edit record?
$arrPerm = getTablePermissions('units');
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='units' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='units' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
// allow update?
// update allowed, so continue ...
} else {
return false;
}
$data['property'] = makeSafe($_POST['property']);
if ($data['property'] == empty_lookup_value) {
$data['property'] = '';
}
$data['unit_number'] = makeSafe($_POST['unit_number']);
if ($data['unit_number'] == empty_lookup_value) {
$data['unit_number'] = '';
}
$data['status'] = makeSafe($_POST['status']);
if ($data['status'] == empty_lookup_value) {
$data['status'] = '';
}
if ($data['status'] == '') {
echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Status': {$Translation['field not null']}<br><br>";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['size'] = makeSafe($_POST['size']);
if ($data['size'] == empty_lookup_value) {
$data['size'] = '';
}
$data['country'] = makeSafe($_POST['property']);
if ($data['country'] == empty_lookup_value) {
$data['country'] = '';
}
$data['street'] = makeSafe($_POST['property']);
if ($data['street'] == empty_lookup_value) {
$data['street'] = '';
}
$data['city'] = makeSafe($_POST['property']);
if ($data['city'] == empty_lookup_value) {
$data['city'] = '';
}
$data['state'] = makeSafe($_POST['property']);
if ($data['state'] == empty_lookup_value) {
$data['state'] = '';
}
$data['postal_code'] = makeSafe($_POST['property']);
if ($data['postal_code'] == empty_lookup_value) {
$data['postal_code'] = '';
}
$data['rooms'] = makeSafe($_POST['rooms']);
if ($data['rooms'] == empty_lookup_value) {
$data['rooms'] = '';
}
$data['bathroom'] = makeSafe($_POST['bathroom']);
if ($data['bathroom'] == empty_lookup_value) {
$data['bathroom'] = '';
}
if (is_array($_POST['features'])) {
$MultipleSeparator = ', ';
foreach ($_POST['features'] as $k => $v) {
$data['features'] .= makeSafe($v) . $MultipleSeparator;
}
$data['features'] = substr($data['features'], 0, -1 * strlen($MultipleSeparator));
} else {
$data['features'] = '';
}
$data['market_rent'] = makeSafe($_POST['market_rent']);
if ($data['market_rent'] == empty_lookup_value) {
$data['market_rent'] = '';
}
$data['rental_amount'] = makeSafe($_POST['rental_amount']);
if ($data['rental_amount'] == empty_lookup_value) {
$data['rental_amount'] = '';
}
$data['deposit_amount'] = makeSafe($_POST['deposit_amount']);
if ($data['deposit_amount'] == empty_lookup_value) {
$data['deposit_amount'] = '';
}
$data['description'] = makeSafe($_POST['description']);
if ($data['description'] == empty_lookup_value) {
$data['description'] = '';
}
$data['selectedID'] = makeSafe($selected_id);
if ($_POST['photo_remove'] == 1) {
$data['photo'] = '';
} else {
$data['photo'] = PrepareUploadedFile('photo', 1024000, 'jpg|jpeg|gif|png', false, "");
if ($data['photo']) {
createThumbnail($data['photo'], getThumbnailSpecs('units', 'photo', 'tv'));
}
if ($data['photo']) {
createThumbnail($data['photo'], getThumbnailSpecs('units', 'photo', 'dv'));
}
}
// hook: units_before_update
if (function_exists('units_before_update')) {
$args = array();
if (!units_before_update($data, getMemberInfo(), $args)) {
return false;
}
}
$o = array('silentErrors' => true);
sql('update `units` set `property`=' . ($data['property'] !== '' && $data['property'] !== NULL ? "'{$data['property']}'" : 'NULL') . ', `unit_number`=' . ($data['unit_number'] !== '' && $data['unit_number'] !== NULL ? "'{$data['unit_number']}'" : 'NULL') . ', ' . ($data['photo'] != '' ? "`photo`='{$data['photo']}'" : ($_POST['photo_remove'] != 1 ? '`photo`=`photo`' : '`photo`=NULL')) . ', `status`=' . ($data['status'] !== '' && $data['status'] !== NULL ? "'{$data['status']}'" : 'NULL') . ', `size`=' . ($data['size'] !== '' && $data['size'] !== NULL ? "'{$data['size']}'" : 'NULL') . ', `country`=' . ($data['country'] !== '' && $data['country'] !== NULL ? "'{$data['country']}'" : 'NULL') . ', `street`=' . ($data['street'] !== '' && $data['street'] !== NULL ? "'{$data['street']}'" : 'NULL') . ', `city`=' . ($data['city'] !== '' && $data['city'] !== NULL ? "'{$data['city']}'" : 'NULL') . ', `state`=' . ($data['state'] !== '' && $data['state'] !== NULL ? "'{$data['state']}'" : 'NULL') . ', `postal_code`=' . ($data['postal_code'] !== '' && $data['postal_code'] !== NULL ? "'{$data['postal_code']}'" : 'NULL') . ', `rooms`=' . ($data['rooms'] !== '' && $data['rooms'] !== NULL ? "'{$data['rooms']}'" : 'NULL') . ', `bathroom`=' . ($data['bathroom'] !== '' && $data['bathroom'] !== NULL ? "'{$data['bathroom']}'" : 'NULL') . ', `features`=' . ($data['features'] !== '' && $data['features'] !== NULL ? "'{$data['features']}'" : 'NULL') . ', `rental_amount`=' . ($data['rental_amount'] !== '' && $data['rental_amount'] !== NULL ? "'{$data['rental_amount']}'" : 'NULL') . ', `description`=' . ($data['description'] !== '' && $data['description'] !== NULL ? "'{$data['description']}'" : 'NULL') . " where `id`='" . makeSafe($selected_id) . "'", $o);
if ($o['error'] != '') {
echo $o['error'];
echo '<a href="units_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>";
exit;
}
// hook: units_after_update
if (function_exists('units_after_update')) {
$res = sql("SELECT * FROM `units` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
if ($row = db_fetch_assoc($res)) {
$data = array_map('makeSafe', $row);
}
$data['selectedID'] = $data['id'];
$args = array();
if (!units_after_update($data, getMemberInfo(), $args)) {
return;
}
}
// mm: update ownership data
sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='units' and pkValue='" . makeSafe($selected_id) . "'", $eo);
}
function applicants_and_tenants_update($selected_id)
{
global $Translation;
if ($_GET['update_x'] != '') {
$_POST = $_GET;
}
// mm: can member edit record?
$arrPerm = getTablePermissions('applicants_and_tenants');
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='applicants_and_tenants' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='applicants_and_tenants' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
// allow update?
// update allowed, so continue ...
} else {
return false;
}
$data['last_name'] = makeSafe($_POST['last_name']);
if ($data['last_name'] == empty_lookup_value) {
$data['last_name'] = '';
}
$data['first_name'] = makeSafe($_POST['first_name']);
if ($data['first_name'] == empty_lookup_value) {
$data['first_name'] = '';
}
$data['email'] = makeSafe($_POST['email']);
if ($data['email'] == empty_lookup_value) {
$data['email'] = '';
}
$data['phone'] = makeSafe($_POST['phone']);
if ($data['phone'] == empty_lookup_value) {
$data['phone'] = '';
}
$data['birth_date'] = intval($_POST['birth_dateYear']) . '-' . intval($_POST['birth_dateMonth']) . '-' . intval($_POST['birth_dateDay']);
$data['birth_date'] = parseMySQLDate($data['birth_date'], '');
$data['driver_license_number'] = makeSafe($_POST['driver_license_number']);
if ($data['driver_license_number'] == empty_lookup_value) {
$data['driver_license_number'] = '';
}
$data['driver_license_state'] = makeSafe($_POST['driver_license_state']);
if ($data['driver_license_state'] == empty_lookup_value) {
$data['driver_license_state'] = '';
}
$data['requested_lease_term'] = makeSafe($_POST['requested_lease_term']);
if ($data['requested_lease_term'] == empty_lookup_value) {
$data['requested_lease_term'] = '';
}
$data['monthly_gross_pay'] = makeSafe($_POST['monthly_gross_pay']);
if ($data['monthly_gross_pay'] == empty_lookup_value) {
$data['monthly_gross_pay'] = '';
}
$data['additional_income'] = makeSafe($_POST['additional_income']);
if ($data['additional_income'] == empty_lookup_value) {
$data['additional_income'] = '';
}
$data['assets'] = makeSafe($_POST['assets']);
if ($data['assets'] == empty_lookup_value) {
$data['assets'] = '';
}
$data['status'] = makeSafe($_POST['status']);
if ($data['status'] == empty_lookup_value) {
$data['status'] = '';
}
if ($data['status'] == '') {
echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Status': {$Translation['field not null']}<br><br>";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['notes'] = makeSafe($_POST['notes']);
if ($data['notes'] == empty_lookup_value) {
$data['notes'] = '';
}
$data['selectedID'] = makeSafe($selected_id);
// hook: applicants_and_tenants_before_update
if (function_exists('applicants_and_tenants_before_update')) {
$args = array();
if (!applicants_and_tenants_before_update($data, getMemberInfo(), $args)) {
return false;
}
}
$o = array('silentErrors' => true);
sql('update `applicants_and_tenants` set `last_name`=' . ($data['last_name'] !== '' && $data['last_name'] !== NULL ? "'{$data['last_name']}'" : 'NULL') . ', `first_name`=' . ($data['first_name'] !== '' && $data['first_name'] !== NULL ? "'{$data['first_name']}'" : 'NULL') . ', `email`=' . ($data['email'] !== '' && $data['email'] !== NULL ? "'{$data['email']}'" : 'NULL') . ', `phone`=' . ($data['phone'] !== '' && $data['phone'] !== NULL ? "'{$data['phone']}'" : 'NULL') . ', `birth_date`=' . ($data['birth_date'] !== '' && $data['birth_date'] !== NULL ? "'{$data['birth_date']}'" : 'NULL') . ', `driver_license_number`=' . ($data['driver_license_number'] !== '' && $data['driver_license_number'] !== NULL ? "'{$data['driver_license_number']}'" : 'NULL') . ', `monthly_gross_pay`=' . ($data['monthly_gross_pay'] !== '' && $data['monthly_gross_pay'] !== NULL ? "'{$data['monthly_gross_pay']}'" : 'NULL') . ', `additional_income`=' . ($data['additional_income'] !== '' && $data['additional_income'] !== NULL ? "'{$data['additional_income']}'" : 'NULL') . ', `assets`=' . ($data['assets'] !== '' && $data['assets'] !== NULL ? "'{$data['assets']}'" : 'NULL') . ', `status`=' . ($data['status'] !== '' && $data['status'] !== NULL ? "'{$data['status']}'" : 'NULL') . " where `id`='" . makeSafe($selected_id) . "'", $o);
if ($o['error'] != '') {
echo $o['error'];
echo '<a href="applicants_and_tenants_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>";
exit;
}
// hook: applicants_and_tenants_after_update
if (function_exists('applicants_and_tenants_after_update')) {
$res = sql("SELECT * FROM `applicants_and_tenants` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
if ($row = db_fetch_assoc($res)) {
$data = array_map('makeSafe', $row);
}
$data['selectedID'] = $data['id'];
$args = array();
if (!applicants_and_tenants_after_update($data, getMemberInfo(), $args)) {
return;
}
}
// mm: update ownership data
sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='applicants_and_tenants' and pkValue='" . makeSafe($selected_id) . "'", $eo);
}
function tax_entry_update($selected_id)
{
global $Translation;
if ($_GET['update_x'] != '') {
$_POST = $_GET;
}
// mm: can member edit record?
$arrPerm = getTablePermissions('tax_entry');
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='tax_entry' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='tax_entry' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
// allow update?
// update allowed, so continue ...
} else {
return false;
}
$data['created'] = parseMySQLDate('', '<%%creationDate%%>');
$data['report'] = makeSafe($_POST['report']);
if ($data['report'] == empty_lookup_value) {
$data['report'] = '';
}
if ($data['report'] == '') {
echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Report': {$Translation['field not null']}<br /><br />";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['turnover'] = makeSafe($_POST['turnover']);
if ($data['turnover'] == empty_lookup_value) {
$data['turnover'] = '';
}
$data['payroll_tax'] = makeSafe($_POST['payroll_tax']);
if ($data['payroll_tax'] == empty_lookup_value) {
$data['payroll_tax'] = '';
}
$data['ni_contribution'] = makeSafe($_POST['ni_contribution']);
if ($data['ni_contribution'] == empty_lookup_value) {
$data['ni_contribution'] = '';
}
$data['business_rates'] = makeSafe($_POST['business_rates']);
if ($data['business_rates'] == empty_lookup_value) {
$data['business_rates'] = '';
}
$data['corporation_tax'] = makeSafe($_POST['corporation_tax']);
if ($data['corporation_tax'] == empty_lookup_value) {
$data['corporation_tax'] = '';
}
$data['other_tax'] = makeSafe($_POST['other_tax']);
if ($data['other_tax'] == empty_lookup_value) {
$data['other_tax'] = '';
}
$data['sum'] = makeSafe($_POST['sum']);
if ($data['sum'] == empty_lookup_value) {
$data['sum'] = '';
}
$data['ratio'] = makeSafe($_POST['ratio']);
if ($data['ratio'] == empty_lookup_value) {
$data['ratio'] = '';
}
$data['selectedID'] = makeSafe($selected_id);
// hook: tax_entry_before_update
if (function_exists('tax_entry_before_update')) {
$args = array();
if (!tax_entry_before_update($data, getMemberInfo(), $args)) {
return false;
}
}
$o = array('silentErrors' => true);
sql('update `tax_entry` set `created`=' . ($data['created'] != '' ? "'{$data['created']}'" : 'NULL') . ', `report`=' . ($data['report'] !== '' && $data['report'] !== NULL ? "'{$data['report']}'" : 'NULL') . ', `turnover`=' . ($data['turnover'] !== '' && $data['turnover'] !== NULL ? "'{$data['turnover']}'" : 'NULL') . ', `payroll_tax`=' . ($data['payroll_tax'] !== '' && $data['payroll_tax'] !== NULL ? "'{$data['payroll_tax']}'" : 'NULL') . ', `ni_contribution`=' . ($data['ni_contribution'] !== '' && $data['ni_contribution'] !== NULL ? "'{$data['ni_contribution']}'" : 'NULL') . ', `business_rates`=' . ($data['business_rates'] !== '' && $data['business_rates'] !== NULL ? "'{$data['business_rates']}'" : 'NULL') . ', `corporation_tax`=' . ($data['corporation_tax'] !== '' && $data['corporation_tax'] !== NULL ? "'{$data['corporation_tax']}'" : 'NULL') . ', `other_tax`=' . ($data['other_tax'] !== '' && $data['other_tax'] !== NULL ? "'{$data['other_tax']}'" : 'NULL') . ', `sum`=' . ($data['sum'] !== '' && $data['sum'] !== NULL ? "'{$data['sum']}'" : 'NULL') . ', `ratio`=' . ($data['ratio'] !== '' && $data['ratio'] !== NULL ? "'{$data['ratio']}'" : 'NULL') . " where `tax_entry_id`='" . makeSafe($selected_id) . "'", $o);
if ($o['error'] != '') {
echo $o['error'];
echo '<a href="tax_entry_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>";
exit;
}
// hook: tax_entry_after_update
if (function_exists('tax_entry_after_update')) {
$res = sql("SELECT * FROM `tax_entry` WHERE `tax_entry_id`='{$data['selectedID']}' LIMIT 1", $eo);
if ($row = mysql_fetch_assoc($res)) {
$data = array_map('makeSafe', $row);
}
$data['selectedID'] = $data['tax_entry_id'];
$args = array();
if (!tax_entry_after_update($data, getMemberInfo(), $args)) {
return;
}
}
// mm: update ownership data
sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='tax_entry' and pkValue='" . makeSafe($selected_id) . "'", $eo);
}
function PrepareUploadedFile($FieldName, $MaxSize, $FileTypes = 'jpg|jpeg|gif|png', $NoRename = false, $dir = "")
{
global $Translation;
$f = $_FILES[$FieldName];
$dir = getUploadDir($dir);
if ($f['error'] != 4 && $f['name'] != '') {
if ($f['size'] > $MaxSize || $f['error']) {
echo StyleSheet() . "<div class=Error>" . str_replace("<MaxSize>", intval($MaxSize / 1024), $Translation['file too large']) . ". <a href=" . $_SERVER['HTTP_REFERER'] . ">" . $Translation["< back"] . "</a>.</div>";
exit;
}
if (!preg_match('/\\.(' . $FileTypes . ')$/i', $f['name'], $ft)) {
echo StyleSheet() . "<div class=Error>" . str_replace("<FileTypes>", str_replace('|', ', ', $FileTypes), $Translation['invalid file type']) . ". <a href=" . $_SERVER['HTTP_REFERER'] . ">" . $Translation["< back"] . "</a>.</div>";
exit;
}
if ($NoRename) {
$n = str_replace(' ', '_', $f['name']);
} else {
$n = microtime();
$n = str_replace(' ', '_', $n);
$n = str_replace('0.', '', $n);
$n .= $ft[0];
}
if (!file_exists($dir)) {
@mkdir($dir, 0777);
}
if (!@move_uploaded_file($f['tmp_name'], $dir . $n)) {
echo StyleSheet() . "<div class=Error>Error: Couldn't save the uploaded file. Try chmoding the upload folder '" . $dir . "' to 777. <a href=" . $_SERVER['HTTP_REFERER'] . ">" . $Translation["< back"] . "</a>.</div>";
exit;
} else {
@chmod($dir . $n, 0666);
return $n;
}
}
return "";
}
function applications_leases_update($selected_id)
{
global $Translation;
if ($_GET['update_x'] != '') {
$_POST = $_GET;
}
// mm: can member edit record?
$arrPerm = getTablePermissions('applications_leases');
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='applications_leases' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='applications_leases' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
// allow update?
// update allowed, so continue ...
} else {
return false;
}
$data['tenants'] = makeSafe($_POST['tenants']);
if ($data['tenants'] == empty_lookup_value) {
$data['tenants'] = '';
}
$data['status'] = makeSafe($_POST['status']);
if ($data['status'] == empty_lookup_value) {
$data['status'] = '';
}
if ($data['status'] == '') {
echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Application status': {$Translation['field not null']}<br><br>";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['property'] = makeSafe($_POST['property']);
if ($data['property'] == empty_lookup_value) {
$data['property'] = '';
}
$data['unit'] = makeSafe($_POST['unit']);
if ($data['unit'] == empty_lookup_value) {
$data['unit'] = '';
}
$data['type'] = makeSafe($_POST['type']);
if ($data['type'] == empty_lookup_value) {
$data['type'] = '';
}
if ($data['type'] == '') {
echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Lease type': {$Translation['field not null']}<br><br>";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['total_number_of_occupants'] = makeSafe($_POST['total_number_of_occupants']);
if ($data['total_number_of_occupants'] == empty_lookup_value) {
$data['total_number_of_occupants'] = '';
}
$data['start_date'] = intval($_POST['start_dateYear']) . '-' . intval($_POST['start_dateMonth']) . '-' . intval($_POST['start_dateDay']);
$data['start_date'] = parseMySQLDate($data['start_date'], '1');
$data['end_date'] = intval($_POST['end_dateYear']) . '-' . intval($_POST['end_dateMonth']) . '-' . intval($_POST['end_dateDay']);
$data['end_date'] = parseMySQLDate($data['end_date'], '1');
$data['recurring_charges_frequency'] = makeSafe($_POST['recurring_charges_frequency']);
if ($data['recurring_charges_frequency'] == empty_lookup_value) {
$data['recurring_charges_frequency'] = '';
}
if ($data['recurring_charges_frequency'] == '') {
echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Recurring charges frequency': {$Translation['field not null']}<br><br>";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['next_due_date'] = intval($_POST['next_due_dateYear']) . '-' . intval($_POST['next_due_dateMonth']) . '-' . intval($_POST['next_due_dateDay']);
$data['next_due_date'] = parseMySQLDate($data['next_due_date'], '1');
$data['rent'] = makeSafe($_POST['rent']);
if ($data['rent'] == empty_lookup_value) {
$data['rent'] = '';
}
$data['security_deposit'] = makeSafe($_POST['security_deposit']);
if ($data['security_deposit'] == empty_lookup_value) {
$data['security_deposit'] = '';
}
$data['security_deposit_date'] = intval($_POST['security_deposit_dateYear']) . '-' . intval($_POST['security_deposit_dateMonth']) . '-' . intval($_POST['security_deposit_dateDay']);
$data['security_deposit_date'] = parseMySQLDate($data['security_deposit_date'], '');
$data['emergency_contact'] = br2nl(makeSafe($_POST['emergency_contact']));
$data['co_signer_details'] = br2nl(makeSafe($_POST['co_signer_details']));
$data['notes'] = makeSafe($_POST['notes']);
if ($data['notes'] == empty_lookup_value) {
$data['notes'] = '';
}
$data['agreement'] = makeSafe($_POST['agreement']);
if ($data['agreement'] == empty_lookup_value) {
$data['agreement'] = '';
}
$data['selectedID'] = makeSafe($selected_id);
// hook: applications_leases_before_update
if (function_exists('applications_leases_before_update')) {
$args = array();
if (!applications_leases_before_update($data, getMemberInfo(), $args)) {
return false;
}
}
$o = array('silentErrors' => true);
sql('update `applications_leases` set `tenants`=' . ($data['tenants'] !== '' && $data['tenants'] !== NULL ? "'{$data['tenants']}'" : 'NULL') . ', `status`=' . ($data['status'] !== '' && $data['status'] !== NULL ? "'{$data['status']}'" : 'NULL') . ', `property`=' . ($data['property'] !== '' && $data['property'] !== NULL ? "'{$data['property']}'" : 'NULL') . ', `unit`=' . ($data['unit'] !== '' && $data['unit'] !== NULL ? "'{$data['unit']}'" : 'NULL') . ', `type`=' . ($data['type'] !== '' && $data['type'] !== NULL ? "'{$data['type']}'" : 'NULL') . ', `total_number_of_occupants`=' . ($data['total_number_of_occupants'] !== '' && $data['total_number_of_occupants'] !== NULL ? "'{$data['total_number_of_occupants']}'" : 'NULL') . ', `start_date`=' . ($data['start_date'] !== '' && $data['start_date'] !== NULL ? "'{$data['start_date']}'" : 'NULL') . ', `end_date`=' . ($data['end_date'] !== '' && $data['end_date'] !== NULL ? "'{$data['end_date']}'" : 'NULL') . ', `recurring_charges_frequency`=' . ($data['recurring_charges_frequency'] !== '' && $data['recurring_charges_frequency'] !== NULL ? "'{$data['recurring_charges_frequency']}'" : 'NULL') . ', `next_due_date`=' . ($data['next_due_date'] !== '' && $data['next_due_date'] !== NULL ? "'{$data['next_due_date']}'" : 'NULL') . ', `rent`=' . ($data['rent'] !== '' && $data['rent'] !== NULL ? "'{$data['rent']}'" : 'NULL') . ', `security_deposit`=' . ($data['security_deposit'] !== '' && $data['security_deposit'] !== NULL ? "'{$data['security_deposit']}'" : 'NULL') . ', `security_deposit_date`=' . ($data['security_deposit_date'] !== '' && $data['security_deposit_date'] !== NULL ? "'{$data['security_deposit_date']}'" : 'NULL') . ', `emergency_contact`=' . ($data['emergency_contact'] !== '' && $data['emergency_contact'] !== NULL ? "'{$data['emergency_contact']}'" : 'NULL') . ', `co_signer_details`=' . ($data['co_signer_details'] !== '' && $data['co_signer_details'] !== NULL ? "'{$data['co_signer_details']}'" : 'NULL') . ', `notes`=' . ($data['notes'] !== '' && $data['notes'] !== NULL ? "'{$data['notes']}'" : 'NULL') . ', `agreement`=' . ($data['agreement'] !== '' && $data['agreement'] !== NULL ? "'{$data['agreement']}'" : 'NULL') . " where `id`='" . makeSafe($selected_id) . "'", $o);
if ($o['error'] != '') {
echo $o['error'];
echo '<a href="applications_leases_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>";
exit;
}
// hook: applications_leases_after_update
if (function_exists('applications_leases_after_update')) {
$res = sql("SELECT * FROM `applications_leases` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
if ($row = db_fetch_assoc($res)) {
$data = array_map('makeSafe', $row);
}
$data['selectedID'] = $data['id'];
$args = array();
if (!applications_leases_after_update($data, getMemberInfo(), $args)) {
return;
}
}
// mm: update ownership data
sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='applications_leases' and pkValue='" . makeSafe($selected_id) . "'", $eo);
}
