Example #1
0
 function processForm($command, $post, $get)
 {
     $therecord = $this->getDefaults();
     $therecord["action"] = "add record";
     switch ($command) {
         case "edit":
             $therecord = $this->getRecords($get["selid"]);
             $therecord["action"] = "edit record";
             break;
         case "delete":
             $therecord["statusMessage"] = $this->delete($get["selid"]);
             break;
         case "add record":
             $therecord["statusMessage"] = $this->add(addSlashesToArray($post));
             break;
         case "edit record":
             $therecord["statusMessage"] = $this->update(addSlashesToArray($post));
             break;
         case "moveup":
             $therecord["statusMessage"] = $this->move($get["selid"], "up");
             break;
         case "movedown":
             $therecord["statusMessage"] = $this->move($get["selid"], "down");
             break;
     }
     //endswitch
     return $therecord;
 }
Example #2
0
 /**
  * Inserts a new record into the table.
  *
  * @param array $variables associaive array with the record information
  * @param int $createdby id of the user creating the record.  If NULL (default) it will use the currently logged in user
  * @param bool $overrideID Whether to override the `id` field with the new given value (if it exists)
  * @param bool $replace use the SQL replace statement (true) instead of insert (false, deault)
  * @param bool $useUuid generates a uuid and specifies the function to retrn an array with uuid and id instead of just the id
  *
  * @return int|array|bool retruns the id of the newly created record of false on error.  If $useUuid is set to true, it will
  *                        return an associaive array with both the new uuid and new id.
  */
 function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
 {
     if ($createdby === NULL) {
         if (isset($_SESSION["userinfo"]["id"])) {
             $createdby = $_SESSION["userinfo"]["id"];
         } else {
             $error = new appError(-840, "Session Timed Out.", "Creating New Record");
         }
     }
     $variables = addSlashesToArray($variables);
     $fieldlist = "";
     $insertvalues = "";
     foreach ($this->fields as $fieldname => $thefield) {
         if (!isset($thefield["select"])) {
             switch ($fieldname) {
                 case "id":
                     if ($overrideID && isset($variables["id"])) {
                         if ($variables["id"]) {
                             $fieldlist .= "id, ";
                             $insertvalues .= (int) $variables["id"] . ", ";
                         }
                         //end if
                     }
                     //endif
                     break;
                 case "uuid":
                     if (!$useUuid) {
                         $fieldlist .= "`uuid`, ";
                         $insertvalues .= "'" . mysql_real_escape_string($variables["uuid"]) . "', ";
                     }
                     //endif
                     break;
                 case "createdby":
                 case "modifiedby":
                     $fieldlist .= $fieldname . ", ";
                     $insertvalues .= (int) $createdby . ", ";
                     break;
                 case "creationdate":
                 case "modifieddate":
                     $fieldlist .= $fieldname . ", ";
                     $insertvalues .= "NOW(), ";
                     break;
                 default:
                     if (!isset($variables[$fieldname]) && strpos($thefield["flags"], "not_null") !== false) {
                         $variables[$fieldname] = $this->getDefaultByType($thefield["type"], true);
                     }
                     if (isset($variables[$fieldname])) {
                         $fieldlist .= "`" . $fieldname . "`, ";
                         $insertvalues .= $this->prepareFieldForSQL($variables[$fieldname], $thefield["type"], $thefield["flags"]) . ", ";
                     }
                     //endif - fieldname
                     break;
             }
             //end switch field name
         }
         //end if
     }
     //end foreach
     //generate uuid
     if ($useUuid && isset($this->fields["uuid"])) {
         $fieldlist .= "`uuid`, ";
         $variables["uuid"] = uuid($this->prefix . ":");
         $insertvalues .= "'" . $variables["uuid"] . "', ";
     }
     //endif
     $fieldlist = substr($fieldlist, 0, strlen($fieldlist) - 2);
     $insertvalues = substr($insertvalues, 0, strlen($insertvalues) - 2);
     if ($replace) {
         $insertstatement = "REPLACE";
     } else {
         $insertstatement = "INSERT";
     }
     $insertstatement .= " INTO " . $this->maintable . " (" . $fieldlist . ") VALUES (" . $insertvalues . ")";
     $insertresult = $this->db->query($insertstatement);
     if ($insertresult) {
         $newid = $this->db->insertId();
         if ($useUuid) {
             return array("uuid" => $variables["uuid"], "id" => $newid);
         } else {
             return $newid;
         }
     } else {
         return false;
     }
 }
Example #3
0
 function process($variables)
 {
     $variables = addSlashesToArray($variables);
     switch ($variables["cmd"]) {
         case "remove":
             $pos = array_search($variables["uuid"], $this->preferences->bigArea);
             if ($pos !== false) {
                 array_splice($this->preferences->bigArea, $pos, 1);
             } else {
                 $pos = array_search($variables["uuid"], $this->preferences->littleArea);
                 if ($pos !== false) {
                     array_splice($this->preferences->littleArea, $pos, 1);
                 }
             }
             //endif
             $this->updatePreferences();
             break;
         case "add":
             if ($variables["afterwidget"] == "first") {
                 $this->preferences->{$variables}["area"] = array_merge(array($variables["widget"]), $this->preferences->{$variables}["area"]);
             } else {
                 $newArray = array();
                 while (count($this->preferences->{$variables}["area"])) {
                     $item = array_pop($this->preferences->{$variables}["area"]);
                     if ($item == $variables["afterwidget"]) {
                         $newArray[] = $variables["widget"];
                     }
                     $newArray[] = $item;
                 }
                 //endwhile
                 $this->preferences->{$variables}["area"] = array_reverse($newArray);
             }
             //end if
             $this->updatePreferences();
             break;
     }
     //endswitch
 }
Example #4
0
 function process($variables)
 {
     $variables = addSlashesToArray($variables);
     $this->_deleteRecords();
     for ($i = 1; $i < 9; $i++) {
         $record = $this->_grabFieldInfo($i, $variables);
         $this->_insertRecord($record);
     }
     //endfor
     $this->_getRecords();
     return "Custom Fields Updated";
 }
    $thecommand = $_POST["command"];
}
switch ($thecommand) {
    case "edit":
        $singlequicksearchsquery = $quicksearches->get($_GET["quicksearchid"]);
        $thequicksearch = $db->fetchArray($singlequicksearchsquery);
        $action = "edit quick search item";
        break;
    case "delete":
        $statusmessage = $quicksearches->delete($_GET["quicksearchid"]);
        break;
    case "add quick search item":
        $statusmessage = $quicksearches->add(addSlashesToArray($_POST));
        break;
    case "edit quick search item":
        $statusmessage = $quicksearches->update(addSlashesToArray($_POST));
        break;
    case "moveup":
        $statusmessage = $quicksearches->move($_GET["quicksearchid"], "up");
        break;
    case "movedown":
        $statusmessage = $quicksearches->move($_GET["quicksearchid"], "down");
        break;
}
//end switch
$quicksearchsquery = $quicksearches->get();
$pageTitle = "Table Definition Quick Search: " . $tableRecord["displayname"];
$phpbms->cssIncludes[] = "pages/tablequicksearch.css";
//Form Elements
//==============================================================
$theform = new phpbmsForm();
Example #6
0
 |                                                                         |
 +-------------------------------------------------------------------------+
*/
include "../../include/session.php";
include "include/fields.php";
include "modules/base/include/tabledefs_options_include.php";
if (!isset($_GET["id"])) {
    $error = new appError(100, "Passed Parameter not present.");
}
if (!hasRights("Admin")) {
    goURL(APP_PATH . "noaccess.php");
}
$options = new tableOptions($db, $_GET["id"]);
$pageTitle = "Table Definition Options: " . $options->tablename;
if (isset($_POST["command"])) {
    $therecord = $options->processForm(addSlashesToArray($_POST));
} else {
    $therecord = $options->getDefaults();
}
if (isset($therecord["statusmessage"])) {
    $statusmessage = $therecord["statusmessage"];
}
$queryresult = $options->get();
$phpbms->cssIncludes[] = "pages/tableoptions.css";
$phpbms->jsIncludes[] = "modules/base/javascript/tableoptions.js";
//Form Elements
//==============================================================
$theform = new phpbmsForm();
$temparray = array("Integrated Feature" => 0, "Additional Commands" => 1);
if (moduleExists("mod:b2d42220-443b-fe74-dbdb-ed2c0968c38c", $phpbms->modules)) {
    $temparray["Api Commands"] = 2;
Example #7
0
function addSlashesToArray($thearray)
{
    //This function prepares an array for SQL manipulation.
    if (get_magic_quotes_runtime() || get_magic_quotes_gpc()) {
        foreach ($thearray as $key => $value) {
            if (is_array($value)) {
                $thearray[$key] = addSlashesToArray($value);
            } else {
                $thearray[$key] = mysql_real_escape_string(stripslashes($value));
            }
        }
    } else {
        foreach ($thearray as $key => $value) {
            if (is_array($value)) {
                $thearray[$key] = addSlashesToArray($value);
            } else {
                $thearray[$key] = mysql_real_escape_string($value);
            }
        }
    }
    return $thearray;
}
 /**
  * processes settings form
  *
  * Processes the form that updates the settings, or the encryption seed
  *
  * @param array $variables variables array passed from the $_POST
  */
 function processForm($variables)
 {
     $variables = addSlashesToArray($variables);
     switch ($variables["command"]) {
         case "save":
             if ($this->updateSettings($variables)) {
                 if (!$this->updateErrorMessage) {
                     $statusmessage = "Settings Updated";
                 } else {
                     $statusmessage = "ERROR: " . $this->updateErrorMessage;
                 }
             }
             break;
         case "encryption seed":
             if (isset($variables["changeseed"])) {
                 $statusmessage = $this->updateEncryptionSeed($variables["encryption_seed"], $variables["currentpassword"], $_SESSION["userinfo"]["id"]);
             }
             break;
     }
     //endswitch
     return $statusmessage;
 }
Example #9
0
                </p>
                <p align="right">
                    <input name="command" type="submit" class="Buttons" id="done" value="done"/>
                </p>

            </div>
        </form>
        <?php 
        include "footer.php";
    }
}
//end class clientConsolidator
/**
 * PROCESSING ==================================================================
 */
if (!isset($noOutput)) {
    require_once "../../include/session.php";
    $consolidator = new clientConsolidator($db);
    $_POST = addSlashesToArray($_POST);
    if (!isset($_POST["command"])) {
        $error = new appError(200, "passed parameters are not set");
    }
    if ($_POST["command"] === "cancel" || $_POST["command"] === "done") {
        goURL("../../search.php?id=tbld:6d290174-8b73-e199-fe6c-bcf3d4b61083");
    }
    if (!isset($_POST["consolidateTo"]) || !isset($_POST["uuidsArray"])) {
        $error = new appError(200, "passed parameters are not set");
    }
    $consolidator->consolidate($_POST["consolidateTo"], $_POST["uuidsArray"]);
}
//endif
Example #10
0
 function process()
 {
     if (isset($_POST["command"])) {
         switch ($_POST["command"]) {
             case "update":
                 $this->delete();
                 if (isset($_POST["recurr"])) {
                     $this->insert(addSlashesToArray($_POST));
                     $therecord = $this->getRecord();
                     $therecord["statusMessage"] = "recurrence saved";
                 } else {
                     $therecord = $this->getDefaults();
                     $therecord["statusMessage"] = "recurrence removed";
                 }
                 // endif
                 break;
             case "cancel":
                 break;
         }
         // endswitch
     } else {
         $therecord = $this->getRecord();
     }
     return $therecord;
 }
    $thecommand = $_POST["command"];
}
switch ($thecommand) {
    case "edit":
        $singlesearchfieldsquery = $searchfields->get($_GET["searchfieldid"]);
        $thesearchfield = $db->fetchArray($singlesearchfieldsquery);
        $action = "edit search field";
        break;
    case "delete":
        $statusmessage = $searchfields->delete($_GET["searchfieldid"]);
        break;
    case "add search field":
        $statusmessage = $searchfields->add(addSlashesToArray($_POST));
        break;
    case "edit search field":
        $statusmessage = $searchfields->update(addSlashesToArray($_POST));
        break;
    case "moveup":
        $statusmessage = $searchfields->move($_GET["columnid"], "up");
        break;
    case "movedown":
        $statusmessage = $searchfields->move($_GET["columnid"], "down");
        break;
}
//end switch
$searchfieldsquery = $searchfields->get();
$pageTitle = "Table Definition Search Fields: " . $tableRecord["displayname"];
$phpbms->cssIncludes[] = "pages/tablequicksearch.css";
//Form Elements
//==============================================================
$theform = new phpbmsForm();
Example #12
0
 $langdata['available_later'] = $availability;
 $langdata['id_shop'] = $shopId;
 $langdata['id_product'] = $id;
 $langdata['meta_title'] = trim($producer . ' - ' . $name);
 addSlashesToArray($langdata);
 $shopdata = array();
 $shopdata['price'] = $sellingPrice;
 $shopdata['id_shop'] = $shopId;
 $shopdata['on_sale'] = $sale;
 $shopdata['id_product'] = $id;
 $shopdata['active'] = $active;
 $shopdata['id_category_default'] = $categoryDefaultId;
 $shopdata['id_tax_rules_group'] = $taxId;
 $shopdata['indexed'] = 1;
 $shopdata['cache_default_attribute'] = 0;
 addSlashesToArray($shopdata);
 $stockdata = array();
 $stockdata['id_shop'] = $shopId;
 $stockdata['id_product'] = $id;
 $stockdata['quantity'] = $quantity;
 $stockdata['id_product_attribute'] = 0;
 $stockdata['id_shop_group'] = 0;
 $stockdata['out_of_stock'] = 2;
 // default
 // novninky hack
 if ($news) {
     $data['date_add'] = $date;
     $shopdata['date_add'] = $date;
 }
 // product data
 $table = 'product';
Example #13
0
 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY   |
 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT     |
 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE   |
 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.    |
 |                                                                         |
 +-------------------------------------------------------------------------+
*/
include "../../include/session.php";
include "include/fields.php";
include "modules/bms/include/clients_credit.php";
if (!isset($_GET["id"])) {
    $error = new appError(300, "Passed variable not set (id)");
}
$clientCredit = new clientCredit($db, $_GET["id"]);
if (isset($_POST["creditlimit"])) {
    if ($clientCredit->update(addSlashesToArray($_POST))) {
        $statusmessage = "Credit Updated";
    }
}
$therecord = $clientCredit->get();
//setting page title
$pageTitle = "Credit: ";
if ($therecord["company"] == "") {
    $pageTitle .= $therecord["firstname"] . " " . $therecord["lastname"];
} else {
    $pageTitle .= $therecord["company"];
}
$phpbms->cssIncludes[] = "pages/clients_credit.css";
$phpbms->jsIncludes[] = "modules/bms/javascript/clients_credit.js";
//Form Elements
//==============================================================