public function index($date = null, $u_id = null)
{
if (@$this->input->post('picking_date')) {
return redirect(site_url('admin/picking-lists/' . str_replace('/', '-', $this->input->post('picking_date'))));
}
$this->load->model('order_model');
$this->layout->set_title('Picking Lists')->set_breadcrumb('Picking Lists', '/admin/picking-lists');
$this->load->helper('dates_helper');
if (isset($date) && isValidDate($date, '_')) {
$this->data['date'] = strtotime(str_replace('_', '-', $date));
//get relevant confirmed orders
$search = array('oi_delivery_date' => date('Y-m-d', $this->data['date']), 'oi_status' => 'Confirmed', 'order' => array('bg_name', 'u_sname', 'u_fname'));
$notes_where = " AND on_delivery_date = '" . date('Y-m-d', $this->data['date']) . "' ";
if (isset($u_id)) {
$this->data['search_u_id'] = $u_id;
$search['oi_u_id'] = $u_id;
$notes_where .= " AND on_u_id = '" . $u_id . "' ";
}
//permission override?
if (!$this->auth->is_allowed_to('view_picking_lists', 'all')) {
if ($this->auth->is_allowed_to('view_picking_lists', 'bg', $this->session->userdata('u_bg_id'))) {
$search['u_bg_id'] = $this->session->userdata('u_bg_id');
}
if ($this->auth->is_allowed_to('view_picking_lists', 's', $this->session->userdata('u_s_id'))) {
$search['oi_s_id'] = $this->session->userdata('u_s_id');
}
}
//get them...
$this->data['orders'] = $this->order_model->get_orders($search);
$this->data['search'] = $search;
//for displaying what we've filtered on.
$this->data['order_notes'] = $this->order_model->get_notes($notes_where);
$date_str = date('jS M Y', $this->data['date']);
$this->layout->set_title($date_str)->set_breadcrumb($date_str, 'admin/picking-lists/' . $date);
if (isset($u_id)) {
if (isset($this->data['orders'][0])) {
$title = $this->data['orders'][0]['u_title'] . ' ' . $this->data['orders'][0]['u_fname'] . ' ' . $this->data['orders'][0]['u_sname'];
$this->layout->set_title($title)->set_breadcrumb($title);
} else {
//oh crumbs, we don't have the user's name to put in the breadcrumb
$this->load->model('users_model');
$member = $this->users_model->get_user($u_id);
$title = $member['u_title'] . ' ' . $member['u_fname'] . ' ' . $member['u_sname'];
$this->layout->set_title($title)->set_breadcrumb($title);
}
}
$this->load->vars($this->data);
$this->view = 'admin/picking_lists/view';
} else {
if (isset($date) && !isValidDate($date, '_')) {
$this->data['error_message'] = "Not a valid date";
}
$this->layout->set_js(array('views/admin/picking_lists/index', 'plugins/jquery.validate'));
$this->load->vars($this->data);
$this->view = 'admin/picking_lists/index';
}
}
function check_fieldsFormatting_partyRegistrationAsGraduate($data_form)
{
$error = "";
// Überprüfe, ob die Anzahl Gäste nur aus einer Zahl besteht
if (!preg_match("/^[0-9]+\$/iu", $data_form['anzahl_gaeste'])) {
$error = $error . "Als Anzahl an Gästen sind nur Ziffern erlaubt.<br>\n";
}
// Überprüfe das Abschlussdatum auf korrektes Format
if (!isValidDate($data_form['studienabschluss'])) {
$error = $error . "Das eingegebene Abschlussdatum ist kein korrektes Datum. Die Eingabe muss die Form TT.MM.JJJJ haben.<br>\n";
}
return $error;
}
function check_fields_format_register($data_form)
{
$error = "";
// Überprüfe ob die Namensfelder nur Buchstaben enthalten
if (!preg_match("/^[a-zäöüß]+\$/iu", $data_form['vorname'])) {
$error = $error . "Als Vorname sind nur Buchstaben erlaubt.<br>\n";
}
if (!preg_match("/^[a-zäöüß]+\$/iu", $data_form['nachname'])) {
$error = $error . "Als Nachname sind nur Buchstaben erlaubt.<br>\n";
}
// Überprüfe das Geburtsdatum auf korrektes Format
if (!isValidDate($data_form['geburtstag'])) {
$error = $error . "Das eingegebene Geburtsdatum ist kein korrektes Datum. Die Eingabe muss die Form TT.MM.JJJJ haben.<br>\n";
}
// Überprüfe die Email-Adresse auf korrektes Format
if (!filter_var($data_form['email'], FILTER_VALIDATE_EMAIL)) {
$error = $error . "Die eingegebene Email-Adresse ist ungültig.<br>\n";
}
// Überprüfe die IBAN
if (!checkIBAN($data_form['iban'])) {
$error = $error . "Die eingegebene IBAN ist ungültig.<br>\n";
}
// Überprüfe die BIC
if (!checkBIC($data_form['bic'])) {
$error = $error . "Die eingegebene BIC ist ungültig.<br>\n";
}
// falls die Checkbox "newsletter" nicht(!) ausgewählt wurde, muss eine Adresse eingegeben werden
if (!isset($data_form['newsletter'])) {
//Straße und Hausnummer überprüfen macht keinen Sinn (Zu viele Ausnahmefälle)
if (!preg_match("/^[0-9]+\$/", $data_form['plz'])) {
$error = $error . "Als PLZ sind nur Ziffern erlaubt.<br>\n";
}
if ($data_form['land'] === 'Deutschland') {
if (!preg_match("/^[0-9]{5}\$/", $data_form['plz'])) {
$error = $error . "Keine korrekte deutsche PLZ.<br>\n";
}
}
if ($data_form['land'] === 'Deutschland') {
if (!preg_match("/^[a-zäöüß]+\$/iu", $data_form['ort'])) {
$error = $error . "Als Ort sind nur Buchstaben erlaubt.<br>\n";
}
}
if (!preg_match("/^[a-zäöüß]+\$/iu", $data_form['land'])) {
$error = $error . "Als Land sind nur Buchstaben erlaubt.<br>\n";
}
}
// Gib die Fehlermeldungen zurück, leer falls alles ok.
return $error;
}
public static function remove($product_id)
{
DB::transaction(function () use($product_id) {
$product = static::findOrFail($product_id);
if (isValidDate($product->billed_till)) {
$billed_till = new Carbon\Carbon($product->billed_till);
$today = new Carbon\Carbon();
if ($billed_till > $today) {
return;
}
}
$history = ['user_id' => $product->user_id, 'name' => $product->name, 'start_date' => isValidDate($product->billed_till) ? $product->billed_till : $product->assigned_on, 'stop_date' => date('Y-m-d H:i:s'), 'price' => $product->price, 'taxable' => $product->taxable, 'tax_rate' => $product->tax_rate, 'billed_every' => $product->billing_cycle . $product->billing_unit];
if (!APUserRecurringProductHistory::create($history)) {
throw new Exception("Could not add to history");
}
if (!$product->delete()) {
throw new Exception("Could not delete product.");
}
});
}
function getData()
{
parent::getData();
$param =& $this->param;
$user = $this->site->username();
if (empty($user)) {
$user = "******";
}
$error = false;
// echo "<pre>"; print_r ($_POST); echo "</pre>";
if (isset($_GET['key'])) {
$data_src = 'key';
$data_key = $_GET['key'];
} else {
$data_src = $_POST['datasrc'];
}
$data_source_is_dates = $data_src == "dates";
if ($data_source_is_dates) {
$start_date = $_POST['startdate'];
$end_date = $_POST['enddate'];
$error = !isValidDate($start_date) or !empty($end_date) and !isValidDate($end_date);
} elseif ($data_src == 'key') {
$commitsfiles = array($data_key);
} else {
@($commitsmonthfiles = $_POST['commitsmonthfiles']);
if (isset($commitsmonthfiles)) {
$commitsfiles = array();
while (list($y, $v_yfiles) = each($commitsmonthfiles)) {
while (list($m, $v_mfiles) = each($v_yfiles)) {
while (list($d, $v_file) = each($v_mfiles)) {
$commitsfiles[] = $v_file;
}
}
}
}
$error = count($commitsfiles) == 0;
}
// @$commitsfiles = $_POST['commitsfiles'];
$param['DIS_GET_SelectedYear'] = "";
if (isset($_POST['selected_years'])) {
$selected_years = $_POST['selected_years'];
while (list($k, $y) = each($selected_years)) {
$param['DIS_GET_SelectedYear'] .= "{$y}:";
}
}
if (!isset($commitsfiles)) {
$commitsfiles = array();
}
// if (isset ($_GET['key'])) { $commitsfiles[] = $_GET['key']; };
$param['DIS_Application'] = "show";
$param['DIS_Command'] = "cmd";
$param['DIS_Result'] = "Result";
if (!$error) {
@($operation = $_POST['show']);
if (!isset($operation)) {
$operation = 'ShowLogs';
}
$param['DIS_Parameters'] = "Login used = {$user} <BR>";
@($filter = $_POST['filter']);
if (!isset($filter) or strlen($filter) == 0) {
$filter = 'profil';
} else {
$param['DIS_Parameters'] .= "Filter used = {$filter} <BR>";
if ($filter == 'text') {
@($filter_text = $_POST['textfilters']);
$filter_text = cleanedTextModule($filter_text);
$filter_file_tempo_name = tempnam($SCMLOGS['tmpdir'], "FILTER_TEMPO_");
$filter_file_tempo = fopen($filter_file_tempo_name, "w");
fwrite($filter_file_tempo, $filter_text);
fclose($filter_file_tempo);
$param['DIS_Parameters'] .= "Filter text = {$filter_text} <BR>";
}
}
@($format = $_POST['format']);
if (!isset($format) or strlen($format) == 0) {
$format = 'html';
} else {
$param['DIS_Parameters'] .= "Formating used = {$format} <BR>";
}
@($type = $_POST['type']);
if (!isset($type) or strlen($type) == 0) {
$type = 'filtered';
} else {
$param['DIS_Parameters'] .= "Output type used = {$type} <BR>";
}
@($only_user = $_POST['only_user']);
if (!isset($only_user) or strlen($only_user) == 0) {
$only_user = '';
} else {
$param['DIS_Parameters'] .= "Only commits from user = {$only_user} <BR>";
}
@($only_tag = $_POST['only_tag']);
if (!isset($only_tag) or strlen($only_tag) == 0) {
$only_tag = '';
} else {
$param['DIS_Parameters'] .= "Only commits about TAG = {$only_tag} <BR>";
}
$is_mail_operation = FALSE;
switch ($operation) {
case 'EmailLogs':
$is_mail_operation = TRUE;
$param['DIS_Message'] = "Email {$user} all the logs <BR>(in the selected files)<BR>\n";
$processing_fct = "EmailLogsAction";
break;
case 'ShowRawLogs':
$param['DIS_Message'] = "Show the RAW logs file (selected files)<BR>\n";
$processing_fct = "ShowRawLogsAction";
break;
case 'EmailMyLogs':
$is_mail_operation = TRUE;
$only_user = $user;
$param['DIS_Message'] = "Email {$user} all the logs (in the selected files) \n";
$param['DIS_Message'] .= " from <STRONG>{$user}</STRONG><BR>";
$processing_fct = "EmailMyLogsAction";
break;
case 'ShowMyLogs':
$only_user = $user;
$param['DIS_Message'] = "Show {$user} all the logs (in the selected files) \n";
$param['DIS_Message'] .= " from <STRONG>{$user}</STRONG><BR>\n";
$processing_fct = "ShowMyLogsAction";
break;
case 'EmailOnlyLogsFor':
$is_mail_operation = TRUE;
$param['DIS_Message'] = "Email {$user} all the logs (in the selected files)\n";
$param['DIS_Message'] .= " from user : <STRONG>{$only_user}</STRONG>\n";
$param['DIS_Message'] .= " with tag : <STRONG>{$only_tag}</STRONG><BR>\n";
$processing_fct = "EmailOnlyLogsForAction";
break;
case 'ShowOnlyLogsFor':
$param['DIS_Message'] = "Show {$user} all the logs (in the selected files)\n";
$param['DIS_Message'] .= " from user : <STRONG>{$only_user}</STRONG>\n";
$param['DIS_Message'] .= " with tag : <STRONG>{$only_tag}</STRONG><BR>\n";
$processing_fct = "ShowOnlyLogsForAction";
break;
case 'ShowLogs':
default:
$param['DIS_Message'] = "Show {$user} all the logs (in the selected files)<BR>\n";
$processing_fct = "ShowLogsAction";
break;
}
if ($is_mail_operation and $user == 'none') {
$error = TRUE;
$param['DIS_Message'] = "Operation not allowed";
$param['DIS_Result'] = "Email operation is only for authentified users.";
}
}
if (!$error) {
$file_tempo_name = tempnam($SCMLOGS['tmpdir'], "TEMPO_");
$file_tempo = fopen($file_tempo_name, "w");
$param['DIS_Data'] = "";
$repo = SCMLogs_repository();
if ($data_source_is_dates) {
$datesforsvn = "{" . $start_date . "}";
$param['DIS_Data'] .= "from " . $start_date . " ";
if (empty($end_date)) {
$datesforsvn .= ":HEAD";
$param['DIS_Data'] .= " to HEAD";
} elseif (isValidDate($end_date)) {
$datesforsvn .= ":{" . $end_date . "}";
$param['DIS_Data'] .= " to " . $end_date . " ";
} else {
$datesforsvn .= ":HEAD";
$param['DIS_Data'] .= " to HEAD";
}
$datesforsvn = str_replace("/", "-", $datesforsvn);
$ccmd = $SCMLOGS['svn_bin_path'] . 'svn log --config-dir . -v -r "' . $datesforsvn . '" ' . $repo->svnfile_root();
ob_start();
$res = system($ccmd);
$logs = ob_get_contents();
fwrite($file_tempo, $logs);
ob_end_clean();
} else {
$logsdir = $repo->logsdir;
while (list($k, $v_file) = each($commitsfiles)) {
$param['DIS_Data'] .= "<li>{$v_file}";
if (preg_match("/^([0-9][0-9][0-9][0-9])-([0-9][0-9])-([0-9][0-9])\$/", $v_file, $matches)) {
$v_file = $logsdir . '/' . $matches[1] . '/' . $matches[2] . '/' . $v_file;
}
if (preg_match("/^(" . SCMLogs_CurrentCommitFile() . ")\$/", $v_file, $matches)) {
$v_file = $logsdir . '/' . $v_file;
}
//$param['DIS_Data'] .= " :: <em>$v_file</em>";
$param['DIS_Data'] .= "</li>\n";
fwrite($file_tempo, ContentOfFile($v_file));
}
}
fclose($file_tempo);
if ($processing_fct != '') {
ob_start();
$param['DIS_Format'] = $format;
$param['DIS_Type'] = $type;
if ($filter == 'text') {
$param_filter = $filter_file_tempo_name;
} else {
$param_filter = $filter;
}
set_time_limit(150);
$param['DIS_Command'] = $processing_fct($file_tempo_name, $user, $param_filter, $only_user, $only_tag, $format, $type);
$param['DIS_Result'] = ob_get_contents();
ob_end_clean();
} else {
$param['DIS_Format'] = '';
$param['DIS_Command'] = "Not Yet Implemented";
}
if (isset($filter_file_tempo_name)) {
RemoveFile($filter_file_tempo_name);
}
RemoveFile($file_tempo_name);
} else {
$param['DIS_Format'] = '';
$param['DIS_Parameters'] = "...";
$param['DIS_Command'] = "...";
if (empty($param['DIS_Message'])) {
$param['DIS_Message'] = "Please select at least one file or valid dates!!!";
}
if (empty($param['DIS_Data'])) {
$param['DIS_Data'] = "no file or valid dates selected";
}
if (empty($param['DIS_Result'])) {
$param['DIS_Result'] = "...";
}
}
$param['only_user'] =& $only_user;
$param['only_tag'] =& $only_tag;
$param['commitsfiles'] =& $commitsfiles;
}
function ajax_insertHandler($auth)
{
if (!isset($_POST['insert'])) {
return;
}
$request = $_POST['insert'];
$response;
if ($request['what'] == 'duration') {
$values = $request['values'];
//TODO: More thorough validation and sanitisation(make sure id is valid, etc)
if (!isset($values['content_id']) || $values['content_id'] < 1) {
json_die_error('Bad or missing content id');
}
//TODO: confirm content is real and visible to user
if (!isset($values['player_id']) || $values['player_id'] < 1) {
json_die_error('Bad or missing player id');
}
//TODO: confirm player is real
if (!isset($values['date_start']) || $values['date_start'] == -1 || !isValidDate($values['date_start'])) {
json_die_error('Bad or missing date');
}
if (!isset($values['date_end']) || $values['date_end'] == -1 || !isValidDate($values['date_end'])) {
json_die_error('Bad or missing date');
}
//TODO: enforce positive datespan
if (!isset($values['duration_name']) || empty($values['duration_name'])) {
$values['duration_name'] = 'Untitled duration';
} else {
$values['duration_name'] = sanitise_string($values['duration_name']);
}
$values['user_id'] = $auth['user']['user_id'];
//TODO: also check that user can see that content?
if (!APP_CAN_WRITE_INVISIBLE && account_getDurationVisibility($auth, $values) < PRIV_MINE) {
json_die_error('You need permission to view content in order to schedule content on this player!');
}
if (account_getDurationWriteability($auth, $values) < PRIV_MINE) {
json_die_error('You do not have permission to schedule content on this player!');
}
$dbh = db_connect();
$result = db_insertDuration($dbh, $values);
$response['result'] = $result;
$response['error'] = false;
if ($result == -1) {
$response['error'] = true;
}
}
$json = json_encode($response);
die($json);
}
/** This function returns the detail view form ec_field and and its properties in array format.
* Param $uitype - UI type of the ec_field
* Param $fieldname - Form ec_field name
* Param $fieldlabel - Form ec_field label name
* Param $col_fields - array contains the ec_fieldname and values
* Param $generatedtype - Field generated type (default is 1)
* Param $tabid - ec_tab id to which the Field belongs to (default is "")
* Return type is an array
*/
function getDetailViewOutputHtml($uitype, $fieldname, $fieldlabel, $col_fields, $generatedtype, $tabid = '')
{
global $log;
$log->debug("Entering getDetailViewOutputHtml() method ...");
global $adb;
global $mod_strings;
global $app_strings;
global $current_user;
//$fieldlabel = from_html($fieldlabel);
$custfld = '';
$value = '';
$arr_data = array();
$label_fld = array();
$data_fld = array();
if ($generatedtype == 2) {
$mod_strings[$fieldlabel] = $fieldlabel;
}
if (!isset($mod_strings[$fieldlabel])) {
$mod_strings[$fieldlabel] = $fieldlabel;
}
if ($col_fields[$fieldname] == '--None--') {
$col_fields[$fieldname] = '';
}
if ($uitype == 116) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 13) {
$label_fld[] = $mod_strings[$fieldlabel];
$temp_val = $col_fields[$fieldname];
$label_fld[] = $temp_val;
$linkvalue = getComposeMailUrl($temp_val);
$label_fld["link"] = $linkvalue;
} elseif ($uitype == 15 || $uitype == 16 || $uitype == 115 || $uitype == 111) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 10) {
if (isset($app_strings[$fieldlabel])) {
$label_fld[] = $app_strings[$fieldlabel];
} elseif (isset($mod_strings[$fieldlabel])) {
$label_fld[] = $mod_strings[$fieldlabel];
} else {
$label_fld[] = $fieldlabel;
}
$value = $col_fields[$fieldname];
$module_entityname = "";
if ($value != '') {
$query = "SELECT ec_entityname.* FROM ec_crmentityrel inner join ec_entityname on ec_entityname.modulename=ec_crmentityrel.relmodule inner join ec_tab on ec_tab.name=ec_crmentityrel.module WHERE ec_tab.tabid='" . $tabid . "' and ec_entityname.entityidfield='" . $fieldname . "'";
$fldmod_result = $adb->query($query);
$rownum = $adb->num_rows($fldmod_result);
if ($rownum > 0) {
$rel_modulename = $adb->query_result($fldmod_result, 0, 'modulename');
$rel_tablename = $adb->query_result($fldmod_result, 0, 'tablename');
$rel_entityname = $adb->query_result($fldmod_result, 0, 'fieldname');
$rel_entityid = $adb->query_result($fldmod_result, 0, 'entityidfield');
$module_entityname = getEntityNameForTen($rel_tablename, $rel_entityname, $fieldname, $value);
}
}
$label_fld[] = $module_entityname;
$label_fld["secid"] = $value;
$label_fld["link"] = "index.php?module=" . $rel_modulename . "&action=DetailView&record=" . $value;
} elseif ($uitype == 33) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = str_ireplace(' |##| ', ', ', $col_fields[$fieldname]);
} elseif ($uitype == 17) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
//$label_fld[] = '<a href="http://'.$col_fields[$fieldname].'" target="_blank">'.$col_fields[$fieldname].'</a>';
} elseif ($uitype == 19) {
//$tmp_value = str_replace("<","<",nl2br($col_fields[$fieldname]));
//$tmp_value = str_replace(">",">",$tmp_value);
//$col_fields[$fieldname]= make_clickable($tmp_value);
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 20 || $uitype == 21 || $uitype == 22 || $uitype == 24) {
//$col_fields[$fieldname]=nl2br($col_fields[$fieldname]);
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 51 || $uitype == 50 || $uitype == 73) {
$account_id = $col_fields[$fieldname];
$account_name = "";
if ($account_id != '') {
$account_name = getAccountName($account_id);
}
//Account Name View
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $account_name;
$label_fld["secid"] = $account_id;
$label_fld["link"] = "index.php?module=Accounts&action=DetailView&record=" . $account_id;
} elseif ($uitype == 52 || $uitype == 77 || $uitype == 101) {
$label_fld[] = $mod_strings[$fieldlabel];
$user_id = $col_fields[$fieldname];
$user_name = getUserName($user_id);
$label_fld[] = $user_name;
} elseif ($uitype == 53) {
$user_id = $col_fields[$fieldname];
$user_name = getUserName($user_id);
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $user_name;
} elseif ($uitype == 1004) {
if (isset($mod_strings[$fieldlabel])) {
$label_fld[] = $mod_strings[$fieldlabel];
} else {
$label_fld[] = $fieldlabel;
}
$value = $col_fields[$fieldname];
$label_fld[] = getUserName($value);
} elseif ($uitype == 55) {
if ($tabid == 4) {
$query = "select ec_contactdetails.imagename from ec_contactdetails where contactid=" . $col_fields['record_id'];
$result = $adb->query($query);
$imagename = $adb->query_result($result, 0, 'imagename');
if ($imagename != '') {
$imgpath = "test/contact/" . $imagename;
$label_fld[] = $mod_strings[$fieldlabel];
//This is used to show the contact image as a thumbnail near First Name field
//$label_fld["cntimage"] ='<div style="position:absolute;height=100px"><img class="thumbnail" src="'.$imgpath.'" width="60" height="60" border="0"></div> '.$mod_strings[$fieldlabel];
} else {
$label_fld[] = $mod_strings[$fieldlabel];
}
} else {
$label_fld[] = $mod_strings[$fieldlabel];
}
$value = $col_fields[$fieldname];
$sal_value = $col_fields["salutationtype"];
if ($sal_value == '--None--') {
$sal_value = '';
}
$label_fld["salut"] = $sal_value;
$label_fld[] = $value;
//$label_fld[] =$sal_value.' '.$value;
} elseif ($uitype == 56) {
$label_fld[] = $mod_strings[$fieldlabel];
$value = $col_fields[$fieldname];
if ($value == 1) {
//Since "yes" is not been translated it is given as app strings here..
$display_val = $app_strings['yes'];
} else {
$display_val = '';
}
$label_fld[] = $display_val;
} elseif ($uitype == 57) {
$label_fld[] = $mod_strings[$fieldlabel];
$contact_id = $col_fields[$fieldname];
$contact_name = "";
if (trim($contact_id) != '') {
$contact_name = getContactName($contact_id);
}
$label_fld[] = $contact_name;
$label_fld["secid"] = $contact_id;
$label_fld["link"] = "index.php?module=Contacts&action=DetailView&record=" . $contact_id;
} elseif ($uitype == 154) {
$label_fld[] = $mod_strings[$fieldlabel];
$cangkusid = $col_fields[$fieldname];
$cangkuname = "";
if (trim($cangkusid) != '') {
$cangkuname = getCangkuName($cangkusid);
}
$label_fld[] = $cangkuname;
$label_fld["secid"] = $cangkusid;
$label_fld["link"] = "index.php?module=Cangkus&action=DetailView&record=" . $cangkusid;
} elseif ($uitype == 155) {
$label_fld[] = $mod_strings[$fieldlabel];
$cangkusid = $col_fields[$fieldname];
$cangkuname = "";
if (trim($cangkusid) != '') {
$cangkuname = getCangkuName($cangkusid);
}
$label_fld[] = $cangkuname;
$label_fld["secid"] = $cangkusid;
// $label_fld["link"] = "index.php?module=Cangkus&action=DetailView&record=".$cangkusid;
} elseif ($uitype == 58) {
$label_fld[] = $mod_strings[$fieldlabel];
$campaign_id = $col_fields[$fieldname];
if ($campaign_id != '') {
$campaign_name = getCampaignName($campaign_id);
}
$label_fld[] = $campaign_name;
$label_fld["secid"] = $campaign_id;
$label_fld["link"] = "index.php?module=Campaigns&action=DetailView&record=" . $campaign_id;
} elseif ($uitype == 59) {
$label_fld[] = $mod_strings[$fieldlabel];
$product_id = $col_fields[$fieldname];
if ($product_id != '') {
$product_name = getProductName($product_id);
}
//Account Name View
$label_fld[] = $product_name;
$label_fld["secid"] = $product_id;
$label_fld["link"] = "index.php?module=Products&action=DetailView&record=" . $product_id;
} elseif ($uitype == 61) {
global $adb;
$label_fld[] = $mod_strings[$fieldlabel];
if ($tabid == 10) {
$attach_result = $adb->query("select * from ec_seattachmentsrel where crmid = " . $col_fields['record_id']);
for ($ii = 0; $ii < $adb->num_rows($attach_result); $ii++) {
$attachmentid = $adb->query_result($attach_result, $ii, 'attachmentsid');
if ($attachmentid != '') {
$attachquery = "select * from ec_attachments where attachmentsid=" . $attachmentid;
$result = $adb->query($attachquery);
$attachmentsname = $adb->query_result($result, 0, 'name');
if ($attachmentsname != '') {
$custfldval = '<a href = "index.php?module=uploads&action=downloadfile&return_module=' . $col_fields['record_module'] . '&fileid=' . $attachmentid . '&entityid=' . $col_fields['record_id'] . '">' . $attachmentsname . '</a>';
} else {
$custfldval = '';
}
}
$label_fld['options'][] = $custfldval;
}
} else {
$result = $adb->query("select * from ec_seattachmentsrel where crmid = " . $col_fields['record_id']);
$attachmentid = $adb->query_result($result, 0, 'attachmentsid');
if ($col_fields[$fieldname] == '' && $attachmentid != '') {
$attachquery = "select * from ec_attachments where attachmentsid=" . $attachmentid;
$result = $adb->query($attachquery);
$col_fields[$fieldname] = $adb->query_result($result, 0, 'name');
}
//This is added to strip the crmid and _ from the file name and show the original filename
$org_filename = ltrim($col_fields[$fieldname], $col_fields['record_id'] . '_');
if ($org_filename != '') {
$custfldval = '<a href = "index.php?module=uploads&action=downloadfile&return_module=' . $col_fields['record_module'] . '&fileid=' . $attachmentid . '&entityid=' . $col_fields['record_id'] . '">' . $org_filename . '</a>';
} else {
$custfldval = '';
}
}
$label_fld[] = $custfldval;
} elseif ($uitype == 69) {
$label_fld[] = $mod_strings[$fieldlabel];
if ($tabid == 14) {
$images = array();
$image_array = array();
$imagepath_array = array();
$query = "select productname, ec_attachments.path, ec_attachments.attachmentsid, ec_attachments.name from ec_products left join ec_seattachmentsrel on ec_seattachmentsrel.crmid=ec_products.productid inner join ec_attachments on ec_attachments.attachmentsid=ec_seattachmentsrel.attachmentsid where (ec_attachments.type like '%image%' or ec_attachments.type like '%img%') and productid=" . $col_fields['record_id'];
$result_image = $adb->query($query);
for ($image_iter = 0; $image_iter < $adb->num_rows($result_image); $image_iter++) {
$image_id_array[] = $adb->query_result($result_image, $image_iter, 'attachmentsid');
$image_array[] = $adb->query_result($result_image, $image_iter, 'name');
$imagepath_array[] = $adb->query_result($result_image, $image_iter, 'path');
}
if (count($image_array) > 1) {
// if(count($image_array) < 4)
// $sides=count($image_array)*2;
// else
// $sides=8;
//
// $image_lists = '<div id="Carousel" style="position:relative;vertical-align: middle;">
// <img src="modules/Products/placeholder.gif" width="571" height="117" style="position:relative;">
// </div><script>var Car_NoOfSides='.$sides.'; Car_Image_Sources=new Array(';
//
// for($image_iter=0;$image_iter < count($image_array);$image_iter++)
// {
// $images[]='"'.$imagepath_array[$image_iter].$image_id_array[$image_iter]."_".base64_encode_filename($image_array[$image_iter]).'","'.$imagepath_array[$image_iter].$image_id_array[$image_iter]."_".base64_encode_filename($image_array[$image_iter]).'"';
// }
// $image_lists .=implode(',',$images).');
/**</script><script language="JavaScript" type="text/javascript" src="modules/Products/Productsslide.js"></script><script language="JavaScript" type="text/javascript">Carousel();</script>';**/
// $label_fld[] =$image_lists;
$num = count($image_array);
for ($image_iter = 0; $image_iter < count($image_array); $image_iter++) {
$images[] = $imagepath_array[$image_iter] . $image_id_array[$image_iter] . "_" . base64_encode_filename($image_array[$image_iter]);
}
for ($i = 0; $i < $num; $i++) {
$image_lists .= '<a href="' . $images[$i] . '" target="_blank"><img src="' . $images[$i] . '" border="0" width="150" height="150" ></a> ';
}
//end
$label_fld[] = $image_lists;
} elseif (count($image_array) == 1) {
$label_fld[] = '<a href="' . $imagepath_array[0] . $image_id_array[0] . "_" . base64_encode_filename($image_array[0]) . '" target="_blank" ><img src="' . $imagepath_array[0] . $image_id_array[0] . "_" . base64_encode_filename($image_array[0]) . '" border="0" width="150" height="150"></a>';
} else {
$label_fld[] = '';
}
}
if ($tabid == 4) {
//$imgpath = getModuleFileStoragePath('Contacts').$col_fields[$fieldname];
$sql = "select ec_attachments.* from ec_attachments inner join ec_seattachmentsrel on ec_seattachmentsrel.attachmentsid = ec_attachments.attachmentsid where (ec_attachments.type like '%image%' or ec_attachments.type like '%img%') and ec_seattachmentsrel.crmid='" . $col_fields['record_id'] . "'";
$image_res = $adb->query($sql);
$image_id = $adb->query_result($image_res, 0, 'attachmentsid');
$image_path = $adb->query_result($image_res, 0, 'path');
$image_name = $adb->query_result($image_res, 0, 'name');
$imgpath = $image_path . $image_id . "_" . base64_encode_filename($image_name);
$width = 160;
$height = get_scale_height($imgpath, $width);
if ($image_name != '') {
$label_fld[] = '<img src="' . $imgpath . '" width="' . $width . '" height="' . $height . '" class="reflect" alt="">';
} else {
$label_fld[] = '';
}
}
} elseif ($uitype == 63) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname] . 'h ' . $col_fields['duration_minutes'] . 'm';
} elseif ($uitype == 6) {
$label_fld[] = $mod_strings[$fieldlabel];
if ($col_fields[$fieldname] == '0') {
$col_fields[$fieldname] = '';
}
if ($col_fields['time_start'] != '') {
$start_time = $col_fields['time_start'];
}
if (!isValidDate($col_fields[$fieldname])) {
$displ_date = '';
} else {
$displ_date = getDisplayDate($col_fields[$fieldname]);
}
$label_fld[] = $displ_date . ' ' . $start_time;
} elseif ($uitype == 5 || $uitype == 23 || $uitype == 70) {
$label_fld[] = $mod_strings[$fieldlabel];
$cur_date_val = $col_fields[$fieldname];
$end_time = "";
if (isset($col_fields['time_end']) && $col_fields['time_end'] != '' && ($tabid == 9 || $tabid == 16) && $uitype == 23) {
$end_time = $col_fields['time_end'];
}
if (!isValidDate($cur_date_val)) {
$display_val = '';
} else {
$display_val = getDisplayDate($cur_date_val);
}
$label_fld[] = $display_val . ' ' . $end_time;
} elseif ($uitype == 1007) {
$label_fld[] = isset($mod_strings[$fieldlabel]) ? $mod_strings[$fieldlabel] : $fieldlabel;
$cur_approve_val = $col_fields[$fieldname];
$label_fld[] = getApproveStatusById($cur_approve_val);
} elseif ($uitype == 1008) {
if (isset($mod_strings[$fieldlabel])) {
$label_fld[] = $mod_strings[$fieldlabel];
} else {
$label_fld[] = $fieldlabel;
}
$value = $col_fields[$fieldname];
$label_fld[] = getUserName($value);
} elseif ($uitype == 71 || $uitype == 72) {
$label_fld[] = $mod_strings[$fieldlabel];
$display_val = $col_fields[$fieldname];
$label_fld[] = $display_val;
} elseif ($uitype == 75 || $uitype == 81) {
$vendor_name = "";
$label_fld[] = $mod_strings[$fieldlabel];
$vendor_id = $col_fields[$fieldname];
if ($vendor_id != '') {
$vendor_name = getVendorName($vendor_id);
}
$label_fld[] = $vendor_name;
$label_fld["secid"] = $vendor_id;
$label_fld["link"] = "index.php?module=Vendors&action=DetailView&record=" . $vendor_id;
//$label_fld[] = '<a href="index.php?module=Products&action=VendorDetailView&record='.$vendor_id.'">'.$vendor_name.'</a>';
} elseif ($uitype == 76) {
$label_fld[] = $mod_strings[$fieldlabel];
$potential_id = $col_fields[$fieldname];
if ($potential_id != '') {
$potential_name = getPotentialName($potential_id);
}
$label_fld[] = $potential_name;
$label_fld["secid"] = $potential_id;
$label_fld["link"] = "index.php?module=Potentials&action=DetailView&record=" . $potential_id;
} elseif ($uitype == 78) {
$label_fld[] = $mod_strings[$fieldlabel];
$quote_id = $col_fields[$fieldname];
if ($quote_id != '') {
$quote_name = getQuoteName($quote_id);
}
$label_fld[] = $quote_name;
$label_fld["secid"] = $quote_id;
$label_fld["link"] = "index.php?module=Quotes&action=DetailView&record=" . $quote_id;
} elseif ($uitype == 79) {
$label_fld[] = $mod_strings[$fieldlabel];
$purchaseorder_id = $col_fields[$fieldname];
if ($purchaseorder_id != '') {
$purchaseorder_name = getPoName($purchaseorder_id);
}
$label_fld[] = $purchaseorder_name;
$label_fld["secid"] = $purchaseorder_id;
$label_fld["link"] = "index.php?module=PurchaseOrder&action=DetailView&record=" . $purchaseorder_id;
} elseif ($uitype == 80) {
$label_fld[] = $mod_strings[$fieldlabel];
$salesorder_id = $col_fields[$fieldname];
if ($salesorder_id != '') {
$salesorder_name = getSoName($salesorder_id);
}
$label_fld[] = $salesorder_name;
$label_fld["secid"] = $salesorder_id;
$label_fld["link"] = "index.php?module=SalesOrder&action=DetailView&record=" . $salesorder_id;
} elseif ($uitype == 1010) {
$label_fld[] = $mod_strings[$fieldlabel];
$invoice_id = $col_fields[$fieldname];
$invoice_name = "";
if ($invoice_id != '') {
$invoice_name = getInvoiceName($invoice_id);
}
$label_fld[] = $invoice_name;
$label_fld["secid"] = $invoice_id;
$label_fld["link"] = "index.php?module=Invoice&action=DetailView&record=" . $invoice_id;
} elseif ($uitype == 30) {
$rem_days = 0;
$rem_hrs = 0;
$rem_min = 0;
$reminder_str = "";
$rem_days = floor($col_fields[$fieldname] / (24 * 60));
$rem_hrs = floor(($col_fields[$fieldname] - $rem_days * 24 * 60) / 60);
$rem_min = ($col_fields[$fieldname] - $rem_days * 24 * 60) % 60;
$label_fld[] = $mod_strings[$fieldlabel];
if ($col_fields[$fieldname]) {
$reminder_str = $rem_days . ' ' . $mod_strings['LBL_DAYS'] . ' ' . $rem_hrs . ' ' . $mod_strings['LBL_HOURS'] . ' ' . $rem_min . ' ' . $mod_strings['LBL_MINUTES'] . ' ' . $mod_strings['LBL_BEFORE_EVENT'];
}
$label_fld[] = ' ' . $reminder_str;
} elseif ($uitype == 85) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 86) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 87) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 88) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 89) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 1006) {
//added by dingjianting on 2007-1-27 for new module Exhibitions
$catalog_name = "";
$label_fld[] = $mod_strings[$fieldlabel];
$catalogid = $col_fields[$fieldname];
if ($catalogid != '') {
$catalog_name = getCatalogName($catalogid);
}
$label_fld[] = $catalog_name;
$label_fld["secid"] = $catalogid;
$label_fld["link"] = "index.php?module=Catalogs&action=CatalogDetailView&parenttab=Product&catalogid=" . $catalogid;
} elseif ($uitype == 1009) {
$vcontact_name = "";
$label_fld[] = $mod_strings[$fieldlabel];
$vcontactsid = $col_fields[$fieldname];
if ($vcontactsid != '') {
$vcontact_name = getVcontactName($vcontactsid);
}
$label_fld[] = $vcontact_name;
$label_fld["secid"] = $vcontactsid;
$label_fld["link"] = "index.php?module=Vcontacts&action=DetailView&record=" . $vcontactsid;
} elseif ($uitype == 1013) {
$faqcategory_name = "";
$label_fld[] = $mod_strings[$fieldlabel];
$faqcategoryid = $col_fields[$fieldname];
if ($faqcategoryid != '') {
$faqcategory_name = getFaqcategoryName($faqcategoryid);
}
$label_fld[] = $faqcategory_name;
$label_fld["secid"] = $faqcategoryid;
$label_fld["link"] = "index.php?module=Faqcategorys&action=FaqcategoryDetailView&faqcategoryid=" . $faqcategoryid;
} else {
$label_fld[] = $mod_strings[$fieldlabel];
if ($col_fields[$fieldname] == '0') {
$col_fields[$fieldname] = '';
}
$label_fld[] = $col_fields[$fieldname];
}
$label_fld[] = $uitype;
$log->debug("Exiting getDetailViewOutputHtml method ...");
return $label_fld;
}
function addData($name, $id)
{
$flag = "";
$caseId = "";
$username = "";
$des = "";
$description = "";
$caseid = "";
$name = "";
$age = "";
$sex = "";
$address1 = "";
$address2 = "";
$pincode = "";
$disease = "";
$fatal = "";
$district = "";
$reportedon = "";
$diedon = "";
$date = "";
$createdon = "";
$newpostoffice = "";
$caseDate = "";
$username = "";
$usertype = "";
if ($id == 'add') {
$username = trim($_SESSION['userName']);
$usertype = trim($_SESSION['userType']);
$hospitalid = trim($_POST['cmbHospital']);
$name = trim($_POST['txtName']);
$age = trim($_POST['txtAge']);
$sex = trim($_POST['rdoSex']);
$address1 = trim($_POST['txtAddress1']);
$address2 = trim($_POST['txtAddress2']);
$pincode = trim($_POST['txtPincode']);
$disease = trim($_POST['cmbDisease']);
$fatal = trim($_POST['cmbFatal']);
$district = trim($_POST['cmbDistrict']);
$reportedon = trim($_POST['txtReportedOn']);
$createdon = date("d/m/Y");
$date = trim($_POST['txtCaseDate']);
if (strlen($name) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($name)) {
$flag = 'phpValidError';
}
if (strlen($address1) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($address1)) {
$flag = 'phpValidError';
}
if (isInvalidAddress($address2)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($hospitalid)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($age)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($disease)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($district)) {
$flag = 'phpValidError';
}
if (strlen($pincode) > 0) {
if (strlen($pincode) != 6) {
$flag = 'phpValidError';
}
if (isInvalidNumber($pincode)) {
$flag = 'phpValidError';
}
}
if ($_POST['cmbPostOffice'] == 1 && $_POST['cmbNearPostOffice'] != "select") {
$postofficeid = trim($_POST['cmbNearPostOffice']);
} else {
$postofficeid = trim($_POST['cmbPostOffice']);
}
if ($_POST['txtDiedOn'] == "") {
$diedon = "";
} else {
$diedon = trim($_POST['txtDiedOn']);
if (!isValidDate($diedon)) {
$flag = 'phpValidError';
}
$diedon = getDateToDb($diedon);
}
if (isInvalidNumber($postofficeid)) {
$flag = 'phpValidError';
}
if (!isValidDate($date)) {
$flag = 'phpValidError';
}
if (!isValidDate($reportedon)) {
$flag = 'phpValidError';
}
$result = mysql_query("select * from casereport where name='" . $name . "' and age='" . $age . "'\n\t\t\t\tand sex='" . $sex . "' and fatal='" . $fatal . "' and casedate='" . getDateToDb($date) . "'\n\t\t\t\tand reportedon='" . getDateToDb($reportedon) . "'\t") or die(mysql_error());
$intnameExists = mysql_num_rows($result);
if ($intnameExists > 0) {
$flag = 'false';
} else {
if ($flag == 'phpValidError') {
} else {
mysql_query("insert into casereport\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\tusername,\n\t\t\t\t\t\t\t\t\tname,\n\t\t\t\t\t\t\t\t\tage,\n\t\t\t\t\t\t\t\t\tsex,\n\t\t\t\t\t\t\t\t\taddress1,\n\t\t\t\t\t\t\t\t\taddress2,\n\t\t\t\t\t\t\t\t\tdiseaseid,\n\t\t\t\t\t\t\t\t\tfatal,\n\t\t\t\t\t\t\t\t\tpincode,\n\t\t\t\t\t\t\t\t\tdistrictid,\n\t\t\t\t\t\t\t\t\thospitalid,\n\t\t\t\t\t\t\t\t\tpostofficeid,\n\t\t\t\t\t\t\t\t\treportedon,\n\t\t\t\t\t\t\t\t\tdiedon,\n\t\t\t\t\t\t\t\t\tcasedate,\n\t\t\t\t\t\t\t\t\tcreatedon\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t'" . preventInj($username) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($name) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($age) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($sex) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($address1) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($address2) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($disease) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($fatal) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($pincode) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($district) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($hospitalid) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($postofficeid) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj(getDateToDb($reportedon)) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($diedon) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj(getDateToDb($date)) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj(getDateToDb($createdon)) . "'\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t") or die(mysql_error());
mysql_query("update casereport set diedon=NULL where diedon=00-00-0000") or die(mysql_error());
if ($_POST['cmbPostOffice'] == 1) {
$newpostoffice = $_POST['txtNewPostOffice'];
if (strlen($newpostoffice) < 3) {
$flag = 'phpValidError';
}
if (isInvalidName($newpostoffice)) {
$flag = 'phpValidError';
}
if ($flag == 'phpValidError') {
} else {
mysql_query("insert into newpostoffice\n\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\tname,\n\t\t\t\t\t\t\t\t\t\t\tdistrictid,\n\t\t\t\t\t\t\t\t\t\t\tpincode\n\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj($newpostoffice) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj($district) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj($pincode) . "'\n\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t ") or die(mysql_error());
}
}
$username = $_SESSION['userName'];
$description = "New Case Report on patient " . $name . " is added";
insertEventData('Add_Case_Report', "New_Case_Reported", $username, $description);
$flag = 'true';
}
}
} else {
$hospitalid = $_POST['cmbHospital'];
$postofficeid = $_POST['cmbPostOffice'];
$name = trim($_POST['txtName']);
$age = trim($_POST['txtAge']);
$sex = trim($_POST['rdoSex']);
$address1 = trim($_POST['txtAddress1']);
$address2 = trim($_POST['txtAddress2']);
$pincode = trim($_POST['txtPincode']);
$disease = trim($_POST['cmbDisease']);
$fatal = trim($_POST['cmbFatal']);
$district = trim($_POST['cmbDistrict']);
$reportedon = trim($_POST['txtReportedOn']);
$caseId = trim($_POST['txtCaseId']);
$date = trim($_POST['txtCaseDate']);
if (trim($_POST['txtDiedOn']) == "") {
$diedon = "";
} else {
$diedon = trim($_POST['txtDiedOn']);
if (!isValidDate($diedon)) {
$flag = 'phpValidError';
}
$diedon = getDateToDb($diedon);
}
if (!isValidDate($reportedon)) {
$flag = 'phpValidError';
}
if (!isValidDate($date)) {
$flag = 'phpValidError';
}
if (strlen($name) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($name)) {
$flag = 'phpValidError';
}
if (strlen($address1) < 1) {
$flag = 'phpValidError';
}
if (isInvalidName($address1)) {
$flag = 'phpValidError';
}
if (isInvalidAddress($address2)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($hospitalid)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($age)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($disease)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($district)) {
$flag = 'phpValidError';
}
if (isInvalidNumber($caseId)) {
$flag = 'phpValidError';
}
if (strlen($pincode) > 0) {
if (strlen($pincode) != 6) {
$flag = 'phpValidError';
}
if (isInvalidNumber($pincode)) {
$flag = 'phpValidError';
}
}
if ($flag == 'phpValidError') {
} else {
mysql_query("update casereport\n\t\t\t\t\tset name='" . preventInj($name) . "',\n\t\t\t\t\t\tage='" . preventInj($age) . "',\n\t\t\t\t\t\tsex='" . preventInj($sex) . "',\n\t\t\t\t\t\taddress1='" . preventInj($address1) . "',\n\t\t\t\t\t\taddress2='" . preventInj($address2) . "',\n\t\t\t\t\t\tpincode='" . preventInj($pincode) . "',\n\t\t\t\t\t\tdiseaseid='" . preventInj($disease) . "',\n\t\t\t\t\t\tdistrictid='" . preventInj($district) . "',\n\t\t\t\t\t\thospitalid='" . preventInj($hospitalid) . "',\n\t\t\t\t\t\tpostofficeid='" . preventInj($postofficeid) . "',\n\t\t\t\t\t\treportedon='" . preventInj(getDateToDb($reportedon)) . "',\n\t\t\t\t\t\tdiedon='" . preventInj($diedon) . "',\n\t\t\t\t\t\tcasedate='" . preventInj(getDateToDb($date)) . "'\n\t\t\t\t\twhere casereportid='" . preventInj($caseId) . "' ") or die(mysql_error());
mysql_query("update casereport set diedon=NULL where diedon=00-00-0000") or die(mysql_error());
$username = $_SESSION['userName'];
$description = "Case Report with id " . $caseId . " is updated";
insertEventData('Update_Case_Report', "Case_Report_Updated", $username, $description);
$flag = 'success';
}
}
return $flag;
}
protected function process_bulk_revert_request()
{
if (isset($_POST['revert_name']) && !empty($_POST['revert_name'])) {
$revert_name = $_POST['revert_name'];
} else {
$revert_name = null;
}
if (isset($_POST['revert_ip']) && !empty($_POST['revert_ip'])) {
$revert_ip = filter_var($_POST['revert_ip'], FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE);
if ($revert_ip === false) {
// invalid ip given.
$this->theme->display_admin_block('Invalid IP');
return;
}
} else {
$revert_ip = null;
}
if (isset($_POST['revert_date']) && !empty($_POST['revert_date'])) {
if (isValidDate($_POST['revert_date'])) {
$revert_date = addslashes($_POST['revert_date']);
// addslashes is really unnecessary since we just checked if valid, but better safe.
} else {
$this->theme->display_admin_block('Invalid Date');
return;
}
} else {
$revert_date = null;
}
set_time_limit(0);
// reverting changes can take a long time, disable php's timelimit if possible.
// Call the revert function.
$this->process_revert_all_changes($revert_name, $revert_ip, $revert_date);
// output results
$this->theme->display_revert_ip_results();
}
function validate(&$key, &$value, $error_array = array(), $index = 0, $array_key = NULL)
{
// echo "Switch Test \$key: " . $key . " \$value: " . $value . " <br>\n" ;
switch ($key) {
case "numauthors":
case "numpages":
// echo "Switch Number \$key: " . $key . " \$value: " . $value . " <br>\n" ;
isIntegerMoreThanZero($value, &$error_array, &$index);
break;
case "email":
case "emailHome":
case "ConferenceContact":
// echo "Switch Email \$key: " . $key . " \$value: " . $value . " <br>\n" ;
valid_email($value, &$error_array, &$index);
break;
case "faxno":
case "phoneno":
// echo "Switch Phone \$key: " . $key . " \$value: " . $value . " <br>\n" ;
isValidPhoneNumber($value, &$error_array, &$index);
break;
case "phonenoHome":
// echo "Switch Phone \$key: " . $key . " \$value: " . $value . " <br>\n" ;
isValidPhoneNumber($value, &$error_array, &$index);
break;
case "userfile":
case "state":
case "commentfile":
// echo "Switch File \$key: " . $key . " \$value: " . $value . " <br>\n" ;
isValidFile($value, &$error_array, &$index, &$array_key);
break;
case "logofile":
isValidLogoFile($value, &$error_array, &$index, &$array_key);
break;
case "country":
isValidCountryCode($value, &$error_array, &$index);
break;
case "password":
case "newpwd":
isValidPassword($value, &$error_array, &$index);
break;
case "date":
case "ConferenceStartDate":
case "ConferenceEndDate":
case "arrStartDate":
case "arrEndDate":
if (isValidDate($value, &$error_array, &$index)) {
//is_date_expired( $value , date ( "j/m/Y" , time() ) , &$error_array , &$index ) ;
is_date_expired($value, date("Y-m-d", time()), &$error_array, &$index);
}
break;
default:
// echo "Default \$key: " . $key . " \$value: " . $value . " <br>\n" ;
break;
}
}
function UpdateEmployee($fields)
{
$statusMessage = "";
//-------------------------------------------------------------------------
// Validate Input parameters
//-------------------------------------------------------------------------
$inputIsValid = TRUE;
$validID = false;
$countOfFields = 0;
foreach ($fields as $key => $value) {
if ($key == EMP_ID) {
$record = RetrieveEmployeeByID($value);
if ($record != NULL) {
$validID = true;
$countOfFields++;
}
} else {
if ($key == EMP_NAME) {
$countOfFields++;
if (isNullOrEmptyString($value)) {
$statusMessage .= "Employee name can not be blank.</br>";
error_log("Invalid EMP_NAME passed to UpdateEmployee.");
$inputIsValid = FALSE;
}
} else {
if ($key == EMP_EMAIL) {
$countOfFields++;
if (!filter_var($value, FILTER_VALIDATE_EMAIL)) {
$statusMessage .= "Email address is not in a valid format.</br>";
error_log("Invalid email address passed to UpdateEmployee.");
$inputIsValid = FALSE;
}
} else {
if ($key == EMP_PASSWORD) {
//No validation on password, since this is an MD5 encoded string.
$countOfFields++;
} else {
if ($key == EMP_DATEJOINED) {
$countOfFields++;
if (!isValidDate($value)) {
$statusMessage .= "Date Joined value is not a valid date</br>";
error_log("Invalid EMP_DATEJOINED passed to UpdateEmployee.");
$inputIsValid = FALSE;
}
} else {
if ($key == EMP_LEAVE_ENTITLEMENT) {
$countOfFields++;
if (!is_numeric($value)) {
$statusMessage .= "Employee Leave Entitlement must be a numeric value.</br>";
error_log("Invalid EMP_LEAVE_ENTITLEMENT passed to UpdateEmployee.");
$inputIsValid = FALSE;
}
} else {
if ($key == EMP_MAIN_VACATION_REQ_ID) {
if ($value != NULL) {
$record = RetrieveMainVacationRequestByID($value);
if ($record == NULL) {
$statusMessage .= "Main Vacation Request ID not found in database.</br>";
error_log("Invalid EMP_MAIN_VACATION_REQ_ID passed to UpdateEmployee.");
$inputIsValid = FALSE;
}
}
} else {
if ($key == EMP_COMPANY_ROLE) {
$countOfFields++;
$record = RetrieveCompanyRoleByID($value);
if ($record == NULL) {
$statusMessage .= "Company Role ID not found in database.</br>";
error_log("Invalid EMP_COMPANY_ROLE passed to UpdateEmployee.");
$inputIsValid = FALSE;
}
} else {
if ($key == EMP_ADMIN_PERM) {
$countOfFields++;
} else {
if ($key == EMP_MANAGER_PERM) {
$countOfFields++;
} else {
$statusMessage .= "Unrecognised field of {$key} encountered.</br>";
error_log("Invalid field passed to UpdateEmployee. {$key}=" . $key);
$inputIsValid = FALSE;
}
}
}
}
}
}
}
}
}
}
}
if (!$validID) {
$statusMessage .= "No valid ID supplied.</br>";
error_log("No valid ID supplied in call to UpdateEmployee.");
$inputIsValid = FALSE;
}
if ($countOfFields < 2) {
$statusMessage .= "Insufficent fields supplied.</br>";
error_log("Insufficent fields supplied in call to UpdateEmployee.");
$inputIsValid = FALSE;
}
//-------------------------------------------------------------------------
// Only attempt to update a record in the database if the input parameters
// are ok.
//-------------------------------------------------------------------------
$success = false;
if ($inputIsValid) {
$success = performSQLUpdate(EMPLOYEE_TABLE, EMP_ID, $fields);
if ($success) {
$statusMessage .= "Record has been successfully updated.";
} else {
$inputIsValid = false;
$statusMessage .= "Unexpected Database error encountered. Please " . "contact your system administrator.";
}
}
GenerateStatus($inputIsValid, $statusMessage);
return $success;
}
/**
* getDataForNoticesReport
*/
public function getDataForNoticesReport($date_from, $date_to)
{
// set to last 7 days if no dates given
if (!isValidDate($date_from)) {
$date_from = date("Y-m-d", time() - 3600 * 24 * 7);
}
if (!isValidDate($date_to)) {
$date_to = date("Y-m-d", time());
}
// add quotes and escape
$date_from = $this->db->quote($date_from);
$date_to = $this->db->quote($date_to);
$sql = "SELECT \n\t\t\t\tnotice.id AS id,\n\t\t\t\tnotice.created AS created,\n\t\t\t\tnotice.modified AS modified,\n\t\t\t\tnotice.other_data AS other_data,\n\t\t\t\tnotice.publish AS publish,\n\t\t\t\tstore.id AS store_id,\n\t\t\t\tstore.code AS store_code,\n\t\t\t\tstore.title AS store_title,\n\t\t\t\tstore.manager_name AS store_manager_name,\n\t\t\t\tstore.email AS store_email\n\t\t\tFROM common_node AS notice\n\t\t\tLEFT JOIN common_node AS parent ON parent.id = notice.parent\n\t\t\tLEFT JOIN ecommerce_store AS store ON store.id = parent.content::int\n\t\t\tWHERE notice.node_controller = 'notice' AND notice.created BETWEEN {$date_from} AND {$date_to}\n\t\t";
$records = $this->executeSql($sql);
$result = array();
foreach ($records as $record) {
$item = array();
$data = unserialize($record['other_data']);
$item['Web Store Id'] = $record['store_id'];
$item['Store Code'] = $record['store_code'];
$item['Store Title'] = $record['store_title'];
$item['Store Manager'] = $record['store_manager_name'];
$item['Store Email'] = $record['store_email'];
$item['Notice Id'] = $record['id'];
$item['Notice Created'] = $record['created'];
$item['Is Published'] = $record['publish'] ? 'yes' : 'no';
$item['Notice Text'] = $data['text'];
$item['Visible From'] = $data['visible_from'];
$item['Visible To'] = $data['visible_to'];
$item['Image'] = $data['image'] ? 'yes' : 'no';
$result[] = $item;
}
return $result;
}
/** This function returns the detail view form ec_field and and its properties in array format.
* Param $uitype - UI type of the ec_field
* Param $fieldname - Form ec_field name
* Param $fieldlabel - Form ec_field label name
* Param $col_fields - array contains the ec_fieldname and values
* Param $generatedtype - Field generated type (default is 1)
* Param $tabid - ec_tab id to which the Field belongs to (default is "")
* Return type is an array
*/
function getDetailViewOutputHtml($uitype, $fieldname, $fieldlabel, $col_fields, $generatedtype, $tabid = '')
{
global $log;
$log->debug("Entering getDetailViewOutputHtml() method ...");
global $adb;
global $mod_strings;
global $app_strings;
global $current_user;
//$fieldlabel = from_html($fieldlabel);
$custfld = '';
$value = '';
$arr_data = array();
$label_fld = array();
$data_fld = array();
if ($generatedtype == 2) {
$mod_strings[$fieldlabel] = $fieldlabel;
}
if (!isset($mod_strings[$fieldlabel])) {
$mod_strings[$fieldlabel] = $fieldlabel;
}
if ($col_fields[$fieldname] == '--None--') {
$col_fields[$fieldname] = '';
}
if ($uitype == 116) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 13) {
$label_fld[] = $mod_strings[$fieldlabel];
$temp_val = $col_fields[$fieldname];
$label_fld[] = $temp_val;
$linkvalue = getComposeMailUrl($temp_val);
$label_fld["link"] = $linkvalue;
} elseif ($uitype == 5 || $uitype == 23 || $uitype == 70) {
$label_fld[] = $mod_strings[$fieldlabel];
$cur_date_val = $col_fields[$fieldname];
if (!isValidDate($cur_date_val)) {
$display_val = '';
} else {
$display_val = getDisplayDate($cur_date_val);
}
$label_fld[] = $display_val;
} elseif ($uitype == 15 || $uitype == 16 || $uitype == 115 || $uitype == 111) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 10) {
if (isset($app_strings[$fieldlabel])) {
$label_fld[] = $app_strings[$fieldlabel];
} elseif (isset($mod_strings[$fieldlabel])) {
$label_fld[] = $mod_strings[$fieldlabel];
} else {
$label_fld[] = $fieldlabel;
}
$value = $col_fields[$fieldname];
$module_entityname = "";
if ($value != '') {
$query = "SELECT ec_entityname.* FROM ec_crmentityrel inner join ec_entityname on ec_entityname.modulename=ec_crmentityrel.relmodule inner join ec_tab on ec_tab.name=ec_crmentityrel.module WHERE ec_tab.tabid='" . $tabid . "' and ec_entityname.entityidfield='" . $fieldname . "'";
$fldmod_result = $adb->query($query);
$rownum = $adb->num_rows($fldmod_result);
if ($rownum > 0) {
$rel_modulename = $adb->query_result($fldmod_result, 0, 'modulename');
$rel_tablename = $adb->query_result($fldmod_result, 0, 'tablename');
$rel_entityname = $adb->query_result($fldmod_result, 0, 'fieldname');
$rel_entityid = $adb->query_result($fldmod_result, 0, 'entityidfield');
$module_entityname = getEntityNameForTen($rel_tablename, $rel_entityname, $fieldname, $value);
}
}
$label_fld[] = $module_entityname;
$label_fld["secid"] = $value;
$label_fld["link"] = "index.php?module=" . $rel_modulename . "&action=DetailView&record=" . $value;
} elseif ($uitype == 33) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = str_ireplace(' |##| ', ', ', $col_fields[$fieldname]);
} elseif ($uitype == 17) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
//$label_fld[] = '<a href="http://'.$col_fields[$fieldname].'" target="_blank">'.$col_fields[$fieldname].'</a>';
} elseif ($uitype == 19) {
//$tmp_value = str_replace("<","<",nl2br($col_fields[$fieldname]));
//$tmp_value = str_replace(">",">",$tmp_value);
//$col_fields[$fieldname]= make_clickable($tmp_value);
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 20 || $uitype == 21 || $uitype == 22 || $uitype == 24) {
//$col_fields[$fieldname]=nl2br($col_fields[$fieldname]);
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 51 || $uitype == 50 || $uitype == 73) {
$account_id = $col_fields[$fieldname];
$account_name = "";
if ($account_id != '') {
$account_name = getAccountName($account_id);
}
//Account Name View
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $account_name;
$label_fld["secid"] = $account_id;
$label_fld["link"] = "index.php?module=Accounts&action=DetailView&record=" . $account_id;
} elseif ($uitype == 52 || $uitype == 77 || $uitype == 101) {
$label_fld[] = $mod_strings[$fieldlabel];
$user_id = $col_fields[$fieldname];
$user_name = getUserName($user_id);
$label_fld[] = $user_name;
} elseif ($uitype == 53) {
$user_id = $col_fields[$fieldname];
$user_name = getUserName($user_id);
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $user_name;
} elseif ($uitype == 1004) {
if (isset($mod_strings[$fieldlabel])) {
$label_fld[] = $mod_strings[$fieldlabel];
} else {
$label_fld[] = $fieldlabel;
}
$value = $col_fields[$fieldname];
$label_fld[] = getUserName($value);
} elseif ($uitype == 56) {
$label_fld[] = $mod_strings[$fieldlabel];
$value = $col_fields[$fieldname];
if ($value == 1) {
//Since "yes" is not been translated it is given as app strings here..
$display_val = $app_strings['yes'];
} else {
$display_val = '';
}
$label_fld[] = $display_val;
} elseif ($uitype == 57) {
$label_fld[] = $mod_strings[$fieldlabel];
$contact_id = $col_fields[$fieldname];
$contact_name = "";
if (trim($contact_id) != '') {
$contact_name = getContactName($contact_id);
}
$label_fld[] = $contact_name;
$label_fld["secid"] = $contact_id;
$label_fld["link"] = "index.php?module=Contacts&action=DetailView&record=" . $contact_id;
} elseif ($uitype == 59) {
$label_fld[] = $mod_strings[$fieldlabel];
$product_id = $col_fields[$fieldname];
if ($product_id != '') {
$product_name = getProductName($product_id);
}
//Account Name View
$label_fld[] = $product_name;
$label_fld["secid"] = $product_id;
$label_fld["link"] = "index.php?module=Products&action=DetailView&record=" . $product_id;
} elseif ($uitype == 71 || $uitype == 72) {
$label_fld[] = $mod_strings[$fieldlabel];
$display_val = $col_fields[$fieldname];
$label_fld[] = $display_val;
} elseif ($uitype == 76) {
$label_fld[] = $mod_strings[$fieldlabel];
$potential_id = $col_fields[$fieldname];
if ($potential_id != '') {
$potential_name = getPotentialName($potential_id);
}
$label_fld[] = $potential_name;
$label_fld["secid"] = $potential_id;
$label_fld["link"] = "index.php?module=Potentials&action=DetailView&record=" . $potential_id;
} elseif ($uitype == 80) {
$label_fld[] = $mod_strings[$fieldlabel];
$salesorder_id = $col_fields[$fieldname];
if ($salesorder_id != '') {
$salesorder_name = getSoName($salesorder_id);
}
$label_fld[] = $salesorder_name;
$label_fld["secid"] = $salesorder_id;
$label_fld["link"] = "index.php?module=SalesOrder&action=DetailView&record=" . $salesorder_id;
} elseif ($uitype == 85) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 86) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 87) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 88) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} elseif ($uitype == 89) {
$label_fld[] = $mod_strings[$fieldlabel];
$label_fld[] = $col_fields[$fieldname];
} else {
$label_fld[] = $mod_strings[$fieldlabel];
if ($col_fields[$fieldname] == '0') {
$col_fields[$fieldname] = '';
}
$label_fld[] = $col_fields[$fieldname];
}
$label_fld[] = $uitype;
$log->debug("Exiting getDetailViewOutputHtml method ...");
return $label_fld;
}
function UpdateDate($fields)
{
//--------------------------------------------------------------------------------
// Validate Input parameters
//--------------------------------------------------------------------------------
$inputIsValid = TRUE;
$validID = false;
$countOfFields = 0;
foreach ($fields as $key => $value) {
if ($key == DATE_TABLE_DATE_ID) {
$record = RetrieveDateByID($value);
if ($record != NULL) {
$validID = true;
$countOfFields++;
}
} else {
if ($key == DATE_TABLE_DATE) {
$countOfFields++;
if (!isValidDate($value)) {
error_log("Invalid DATE_TABLE_DATE passed to UpdateDate.");
$inputIsValid = FALSE;
}
} else {
if ($key == DATE_TABLE_PUBLIC_HOL_ID) {
$countOfFields++;
if ($value != NULL) {
$record = RetrievePublicHolidayByID($value);
if ($record == NULL) {
error_log("Invalid DATE_TABLE_PUBLIC_HOL_ID passed to UpdateDate.");
$inputIsValid = FALSE;
}
}
} else {
error_log("Invalid field passed to UpdateDate. {$key}=" . $key);
$inputIsValid = FALSE;
}
}
}
}
if (!$validID) {
error_log("No valid ID supplied in call to UpdateDate.");
$inputIsValid = FALSE;
}
if ($countOfFields < 2) {
error_log("Insufficent fields supplied in call to UpdateDate.");
$inputIsValid = FALSE;
}
//--------------------------------------------------------------------------------
// Only attempt to update a record in the database if the input parameters are ok.
//--------------------------------------------------------------------------------
$success = false;
if ($inputIsValid) {
$success = performSQLUpdate(DATE_TABLE, DATE_TABLE_DATE_ID, $fields);
}
return $success;
}
$nowDate = new DateTime();
if ($validDate > $nowDate || date_format($nowDate, "Y-m-d") === $valid_to) {
return TRUE;
}
return FALSE;
}
$servername = "localhost";
$username = "******";
$password = "******";
$db = "clingy_crush";
$conn = mysqli_connect($servername, $username, $password, $db);
!$conn && error("Connection failed: " . mysql_error());
//execute the SQL query and return records
$sql = "SELECT email, name, password, valid_to, active, last_login FROM Users WHERE email='" . $email . "'";
$result = mysqli_query($conn, $sql);
$isValid = FALSE;
$user = null;
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
if ($row["email"] === $email && $row["password"] === $pass) {
$user = $row;
if (isValidDate($row["valid_to"])) {
$isValid = TRUE;
}
}
// Free result set
mysqli_free_result($result);
$data = array('isPrime' => $isValid, 'user' => $user);
print json_encode($data);
//close the connection
mysql_close($conn);
////clingy_admin 89fVSlE$~9t}
function date_or_null($value)
{
$value = trim($value);
if (!isset($value) || empty($value) && !is_numeric($value)) {
return null;
}
if (!isValidDate($value)) {
return null;
}
return $value;
}
if (isset($_POST['reset_filter'])) {
unset($_POST);
}
if (!isset($_POST['student_type'])) {
$_POST['student_type'] = 'all';
}
if (isset($_POST["start_date"])) {
$start_date = trim($_POST["start_date"]);
}
if (isset($_POST["end_date"])) {
$end_date = trim($_POST["end_date"]);
}
if ($start_date != "" && !isValidDate($start_date)) {
$msg->addError('START_DATE_INVALID');
}
if ($end_date != "" && !isValidDate($end_date)) {
$msg->addError('END_DATE_INVALID');
}
$table_content = "";
$csv_content = "";
require AT_INCLUDE_PATH . '../mods/_standard/tests/lib/test_result_functions.inc.php';
$sql = "SELECT title, out_of, result_release, randomize_order, passscore, passpercent FROM " . TABLE_PREFIX . "tests WHERE test_id={$tid}";
$result = mysql_query($sql, $db);
$row = mysql_fetch_array($result);
$out_of = $row['out_of'];
$random = $row['randomize_order'];
$passscore = $row['passscore'];
$passpercent = $row['passpercent'];
$test_title = str_replace(' ', '_', str_replace(array('"', '<', '>'), '', $row['title']));
$table_content .= '<h3>' . $row['title'] . '</h3><br />';
$sql = "SELECT TQ.*, TQA.* FROM " . TABLE_PREFIX . "tests_questions TQ INNER JOIN " . TABLE_PREFIX . "tests_questions_assoc TQA USING (question_id) WHERE TQ.course_id={$_SESSION['course_id']} AND TQA.test_id={$tid} ORDER BY TQA.ordering, TQA.question_id";
/** Function to get related list entries in detailed array format
* @param $parentmodule -- parentmodulename:: Type string
* @param $query -- query:: Type string
* @param $id -- id:: Type string
* @returns $entries_list -- entries list:: Type string array
* ALTER TABLE `ec_attachments` ADD `setype` VARCHAR( 50 ) NOT NULL ,
ADD `smcreatorid` INT( 10 ) NOT NULL ,
ADD `createdtime` DATETIME NOT NULL ,
ADD `deleted` INT( 1 ) NULL DEFAULT '0';
*/
function getAttachments($parentmodule, $query, $id, $sid = '')
{
global $log;
global $app_strings;
$log->debug("Entering getAttachments() method ...");
global $theme;
$entries_list = array();
$return_data = array();
global $adb;
global $mod_strings;
global $app_strings;
global $current_user;
$result = $adb->query($query);
$noofrows = $adb->num_rows($result);
$header[] = $app_strings['LBL_CREATED_TIME'];
$header[] = $app_strings['LBL_ATTACHMENTS'];
$header[] = $app_strings['LBL_DESCRIPTION'];
$header[] = $app_strings['Assigned To'];
foreach ($result as $row) {
$entries = array();
$module = 'uploads';
$editaction = 'upload';
$deleteaction = 'deleteattachments';
if (isValidDate($row['createdtime'], '0000-00-00')) {
$created_arr = explode(" ", $row['createdtime']);
$created_date = $created_arr[0];
$created_time = substr($created_arr[1], 0, 5);
} else {
$created_date = '';
$created_time = '';
}
$entries[] = $created_date;
//$attachmentname = ltrim($row['filename'],$row['attachmentsid'].'_');//explode('_',$row['filename'],2);
//changed by dingjianting on 2008-09-16 for attachment with number name posted by pushi
$attachmentname = trim($row['name']);
//explode('_',$row['filename'],2);
$entries[] = '<a href="index.php?module=uploads&action=downloadfile&entityid=' . $id . '&fileid=' . $row['attachmentsid'] . '">' . $attachmentname . '</a>';
/*
if(strlen($row['description']) > 40)
{
$row['description'] = substr($row['description'],0,40).'...';
}
*/
$entries[] = nl2br($row['description']);
$entries[] = $row['user_name'];
$setype = $row['setype'];
if ($current_user->column_fields['user_name'] == $row['user_name']) {
$del_param = 'index.php?module=' . $module . '&action=' . $deleteaction . '&return_module=' . $setype . '&return_action=' . $_REQUEST['action'] . '&record=' . $row["attachmentsid"] . '&return_id=' . $_REQUEST["record"];
if ($setype == 'Maillists') {
$entries[] = '';
$header[] = '';
} else {
$header[] = $app_strings['LBL_ACTION'];
$entries[] = '<a href=\'javascript:confirmdelete("' . $del_param . '")\'>' . $app_strings['LNK_DELETE'] . '</a>';
}
} else {
$entries[] = ' ';
}
$entries_list[] = $entries;
}
if ($entries_list != '') {
$return_data = array('header' => $header, 'entries' => $entries_list);
}
$log->debug("Exiting getAttachments method ...");
return $return_data;
}
include 'sessionmanagement.php';
if (!$isManager) {
header('Location: index.php');
exit;
}
if (isset($_POST["submit"])) {
ClearStatus();
$statusMessage = "";
$inputIsValid = true;
$startDate = $_POST["startDate"];
$endDate = $_POST["endDate"];
if (!isValidDate($startDate)) {
$statusMessage .= "Start Date is not a valid Date.</br>";
$inputIsValid = false;
}
if (!isValidDate($endDate)) {
$statusMessage .= "Finish Date is not a valid Date.</br>";
$inputIsValid = false;
}
if (strtotime($endDate) < strtotime($startDate)) {
$statusMessage .= "End Date is before Start Date.</br>";
$inputIsValid = false;
}
if ($inputIsValid == false) {
GenerateStatus(false, $statusMessage);
}
}
function DisplaySearchTableBody($startDate, $endDate)
{
date_default_timezone_set('UTC');
$startDate = $_POST["startDate"];
/** This function returns the date in user specified format.
* param $cur_date_val - the default date format
*/
function getDisplayDate($cur_date_val)
{
global $log;
$log->debug("Entering getDisplayDate() method ...");
global $current_user;
$dat_fmt = $current_user->date_format;
if ($dat_fmt == '') {
//changed by dingjianting on 2006-12-4 for simplized chinese dateformat
$dat_fmt = 'yyyy-mm-dd';
}
$date_value = explode(' ', $cur_date_val);
if (!isValidDate($date_value[0])) {
return "";
}
list($y, $m, $d) = explode('-', $date_value[0]);
if ($dat_fmt == 'yyyy-mm-dd') {
$display_date = $y . '-' . $m . '-' . $d;
} elseif ($dat_fmt == 'dd-mm-yyyy') {
$display_date = $d . '-' . $m . '-' . $y;
} elseif ($dat_fmt == 'mm-dd-yyyy') {
$display_date = $m . '-' . $d . '-' . $y;
}
if (isset($date_value[1]) && $date_value[1] != "" && substr_count($date_value[1], '00:00:00') == 0) {
$display_date = $display_date . ' ' . $date_value[1];
}
$log->debug("Exiting getDisplayDate method ...");
return $display_date;
}
function UpdateAdHocAbsenceRequest($fields)
{
$statusMessage = "";
//-------------------------------------------------------------------------
// Validate Input parameters
//-------------------------------------------------------------------------
$inputIsValid = TRUE;
$validID = false;
$countOfFields = 0;
foreach ($fields as $key => $value) {
if ($key == AD_HOC_REQ_ID) {
$record = RetrieveAdHocAbsenceRequestByID($value);
if ($record != NULL) {
$validID = true;
$countOfFields++;
}
} else {
if ($key == AD_HOC_EMP_ID) {
$countOfFields++;
$record = RetrieveEmployeeByID($value);
if ($record == NULL) {
$statusMessage .= "Employee specified can not be found in the " . "database.</br>";
error_log("Invalid AD_HOC_EMP_ID passed to " . "UpdateAdHocAbsenceRequest." . " Value=" . $value);
$inputIsValid = FALSE;
}
} else {
if ($key == AD_HOC_START) {
$countOfFields++;
if (!isValidDate($value)) {
$statusMessage .= "Start date entered is not a valid date.</br>";
error_log("Invalid AD_HOC_START passed to UpdateAdHocAbsenceRequest." . " Value=" . $value);
$inputIsValid = FALSE;
}
} else {
if ($key == AD_HOC_END) {
$countOfFields++;
if (!isValidDate($value)) {
$statusMessage .= "End date entered is not a valid date.</br>";
error_log("Invalid AD_HOC_END passed to UpdateAdHocAbsenceRequest." . " Value=" . $value);
$inputIsValid = FALSE;
}
} else {
if ($key == AD_HOC_ABSENCE_TYPE_ID) {
$countOfFields++;
$record = RetrieveAbsenceTypeByID($value);
if ($record == NULL) {
$statusMessage .= "Absence Type selected can not be found in the " . "database.</br>";
error_log("Invalid AD_HOC_ABSENCE_TYPE_ID passed to " . "UpdateAdHocAbsenceRequest. Value=" . $value);
$inputIsValid = FALSE;
}
} else {
$statusMessage .= "Unknown field encountered.</br>";
error_log("Invalid field passed to UpdateAdHocAbsenceRequest." . " {$key}=" . $key);
$inputIsValid = FALSE;
}
}
}
}
}
}
$startDate = $fields[AD_HOC_START];
$endDate = $fields[AD_HOC_END];
if (strtotime($endDate) < strtotime($startDate)) {
$statusMessage .= "end Date is before start Date.</br>";
error_log("End Date is before Start Date.");
$inputIsValid = FALSE;
}
if (!$validID) {
$statusMessage .= "No valid record ID found.</br>";
error_log("No valid ID supplied in call to UpdateAbsenceType.");
$inputIsValid = FALSE;
}
if ($countOfFields < 2) {
$statusMessage .= "Insufficent fields supplied in call to UpdateAbsenceType.</br>";
error_log("Insufficent fields supplied in call to UpdateAbsenceType.");
$inputIsValid = FALSE;
}
//-------------------------------------------------------------------------
// Only attempt to update a record in the database if the input parameters
// are ok.
//-------------------------------------------------------------------------
$success = false;
if ($inputIsValid) {
$success = performSQLUpdate(ADHOC_ABSENCE_REQUEST_TABLE, AD_HOC_REQ_ID, $fields);
if ($success) {
$statusMessage .= "Record successfully updated.</br>";
} else {
$statusMessage .= "Unexpected error encountered when updating database." . "Contact your system administrator.</br>";
$inputIsValid = false;
}
}
GenerateStatus($inputIsValid, $statusMessage);
return $success;
}
function laterDate($d1, $d2)
{
if (!isValidDate($d1) && !isValidDate($d2)) {
return null;
}
if (!isValidDate($d1)) {
return new Date($d2);
}
if (!isValidDate($d2)) {
return new Date($d1);
}
if ($d1->after($d2)) {
return new Date($d1);
} else {
return new Date($d2);
}
}
/** to get the standard filter for the given Fenzu Id
* @param $cvid :: Type Integer
* @returns $stdfilterlist Array in the following format
* $stdfilterlist = Array( 'columnname' => $tablename:$columnname:$fieldname:$module_$fieldlabel,'stdfilter'=>$stdfilter,'startdate'=>$startdate,'enddate'=>$enddate)
*/
function getStdFilterByCvid($cvid)
{
global $log;
$log->debug("Entering getStdFilterByCvid() method ...");
global $current_user;
//changed by dingjianting on 2007-10-3 for cache HeaderArray
$key = "stdfilterlist_" . $cvid;
//$stdfilterlist = getSqlCacheData($key);
if (!$stdfilterlist) {
global $adb;
$sSQL = "select ec_cvstdfilterfenzu.* from ec_cvstdfilterfenzu inner join ec_fenzu on ec_fenzu.cvid = ec_cvstdfilterfenzu.cvid";
$sSQL .= " where ec_cvstdfilterfenzu.cvid=" . $cvid;
$result = $adb->query($sSQL);
$stdfilterrow = $adb->fetch_array($result);
$stdfilterlist["columnname"] = $stdfilterrow["columnname"];
$stdfilterlist["stdfilter"] = $stdfilterrow["stdfilter"];
if ($stdfilterrow["stdfilter"] == "custom") {
if (isValidDate($stdfilterrow["startdate"])) {
$stdfilterlist["startdate"] = $stdfilterrow["startdate"];
}
if (isValidDate($stdfilterrow["enddate"])) {
$stdfilterlist["enddate"] = $stdfilterrow["enddate"];
}
} else {
$datefilter = $this->getDateforStdFilterBytype($stdfilterrow["stdfilter"]);
$stdfilterlist["startdate"] = $datefilter[0];
$stdfilterlist["enddate"] = $datefilter[1];
}
setSqlCacheData($key, $stdfilterlist);
}
$log->debug("Exiting getStdFilterByCvid method ...");
return $stdfilterlist;
}
function UpdateApprovedAbsenceBooking($fields)
{
$statusMessage = "";
//--------------------------------------------------------------------------------
// Validate Input parameters
//--------------------------------------------------------------------------------
$inputIsValid = TRUE;
$validID = false;
$countOfFields = 0;
foreach ($fields as $key => $value) {
if ($key == APPR_ABS_BOOKING_ID) {
$record = RetrieveApprovedAbsenceBookingByID($value);
if ($record != NULL) {
$validID = true;
$countOfFields++;
}
} else {
if ($key == APPR_ABS_EMPLOYEE_ID) {
$countOfFields++;
$record = RetrieveEmployeeByID($value);
if ($record == NULL) {
$statusMessage .= "Unable to locate employee in database</br>";
error_log("Invalid EMP_ID passed to " . "UpdateApprovedAbsenceBooking. Value=" . $value);
$inputIsValid = FALSE;
}
} else {
if ($key == APPR_ABS_START_DATE) {
$countOfFields++;
if (!isValidDate($value)) {
$statusMessage .= "Start date is not a valid date.</br>";
error_log("Invalid APPR_ABS_START_DATE passed to " . "UpdateApprovedAbsenceBooking. Value=" . $value);
$inputIsValid = FALSE;
}
} else {
if ($key == APPR_ABS_END_DATE) {
$countOfFields++;
if (!isValidDate($value)) {
$statusMessage .= "End date is not a valid date.</br>";
error_log("Invalid APPR_ABS_END_DATE passed to " . "UpdateApprovedAbsenceBooking. Value=" . $value);
$inputIsValid = FALSE;
}
} else {
if ($key == APPR_ABS_ABS_TYPE_ID) {
$countOfFields++;
$record = RetrieveAbsenceTypeByID($value);
if ($record == NULL) {
$statusMessage .= "Unable to locate absence type in database</br>";
error_log("Invalid APPR_ABS_ABS_TYPE_ID passed to " . "UpdateApprovedAbsenceBooking. Value=" . $value);
$inputIsValid = FALSE;
}
} else {
$statusMessage .= "Unexpected field found in input</br>";
error_log("Invalid field passed to UpdateApprovedAbsenceBooking." . " {$key}=" . $key);
$inputIsValid = FALSE;
}
}
}
}
}
}
$absenceStartDate = $fields[APPR_ABS_START_DATE];
$absenceEndDate = $fields[APPR_ABS_END_DATE];
if (strtotime($absenceEndDate) < strtotime($absenceStartDate)) {
$statusMessage .= "end Date is before start Date.</br>";
error_log("End Date is before Start Date.");
$inputIsValid = FALSE;
}
if (!$validID) {
$statusMessage .= "No valid ID supplied</br>";
error_log("No valid ID supplied in call to UpdateApprovedAbsenceBooking.");
$inputIsValid = FALSE;
}
if ($countOfFields < 2) {
$statusMessage .= "Insufficent fields supplied</br>";
error_log("Insufficent fields supplied in call to UpdateApprovedAbsenceBooking.");
$inputIsValid = FALSE;
}
//--------------------------------------------------------------------------------
// Only attempt to update a record in the database if the input parameters are ok.
//--------------------------------------------------------------------------------
$success = false;
if ($inputIsValid) {
$success = performSQLUpdate(APPROVED_ABSENCE_BOOKING_TABLE, APPR_ABS_BOOKING_ID, $fields);
if ($success) {
$statusMessage .= "Record updated successfully.</br>";
} else {
$statusMessage .= "Unexpected error encountered when updating database.</br>";
$inputIsValid = false;
}
}
GenerateStatus($inputIsValid, $statusMessage);
return $success;
}
function getValue($uitype, $list_result, $fieldname, $focus, $module, $entity_id, $list_result_count, $mode, $popuptype, $returnset = '', $viewid = '')
{
global $log;
global $app_strings;
//changed by dingjianting on 2007-11-05 for php5.2.x
$log->debug("Entering getValue() method ...");
global $adb, $current_user;
if ($uitype == 10) {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
if ($temp_val != "") {
$value = "";
$module_entityname = "";
$modulename_lower = substr($fieldname, 0, -2);
$modulename = ucfirst($modulename_lower);
$modulesid = $modulename_lower . "id";
$tablename = "ec_" . $modulename_lower;
$entityname = substr($fieldname, 0, -3) . "name";
$query = "SELECT {$entityname} FROM {$tablename} WHERE {$modulesid}='" . $temp_val . "' and deleted=0";
$fldmod_result = $adb->query($query);
$rownum = $adb->num_rows($fldmod_result);
if ($rownum > 0) {
$value = $adb->query_result($fldmod_result, 0, $entityname);
}
} else {
$value = '';
}
} elseif ($uitype == 52 || $uitype == 53 || $uitype == 77) {
$value = $adb->query_result($list_result, $list_result_count, 'user_name');
} elseif ($uitype == 5 || $uitype == 6 || $uitype == 23 || $uitype == 70) {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
if (isValidDate($temp_val)) {
$value = getDisplayDate($temp_val);
} else {
$value = '';
}
} elseif ($uitype == 33) {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
$value = str_ireplace(' |##| ', ', ', $temp_val);
} elseif ($uitype == 17) {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
$value = '<a href="http://' . $temp_val . '" target="_blank">' . $temp_val . '</a>';
} elseif ($uitype == 13 || $uitype == 104) {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
$value = '<a href="' . getComposeMailUrl($temp_val) . '" target="_blank">' . $temp_val . '</a>';
} elseif ($uitype == 56) {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
if ($temp_val == 1) {
$value = 'yes';
} else {
$value = 'no';
}
//changed by dingjianting on 2006-10-15 for simplized chinese
if (isset($app_strings[$value])) {
$value = $app_strings[$value];
}
} elseif ($uitype == 51 || $uitype == 73 || $uitype == 50) {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
if ($temp_val != '') {
$value = getAccountName($temp_val);
} else {
$value = '';
}
} elseif ($uitype == 59) {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
if ($temp_val != '') {
$value = getProductName($temp_val);
} else {
$value = '';
}
} elseif ($uitype == 76) {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
if ($temp_val != '') {
$value = getPotentialName($temp_val);
} else {
$value = '';
}
} elseif ($uitype == 80) {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
if ($temp_val != '') {
$value = getSoName($temp_val);
} else {
$value = '';
}
} elseif ($uitype == 1004) {
$value = $adb->query_result($list_result, $list_result_count, 'smcreatorid');
$value = getUserName($value);
} elseif ($uitype == 1007) {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
$value = getApproveStatusById($temp_val);
} elseif ($uitype == 1008) {
$value = $adb->query_result($list_result, $list_result_count, 'approvedby');
$value = getUserName($value);
} elseif ($uitype == 1004) {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
$value = getUserName($temp_val);
} elseif ($uitype == 1007) {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
if ($temp_val == '1') {
$value = $app_strings["already_approved"];
} elseif ($temp_val == '-1') {
$value = $app_strings["unapproved"];
} elseif ($temp_val == '-2') {
$value = $app_strings["Rejected"];
} else {
$value = $app_strings["approving"];
}
} elseif ($uitype == 1008) {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
$value = getUserName($temp_val);
} else {
$temp_val = $adb->query_result($list_result, $list_result_count, $fieldname);
if ($fieldname != $focus->list_link_field) {
$value = $temp_val;
} else {
if ($mode == "list") {
$tabname = getParentTab();
$value = '<a href="index.php?action=DetailView&module=' . $module . '&record=' . $entity_id . '&parenttab=' . $tabname . '">' . $temp_val . '</a>';
} elseif ($mode == "search") {
if ($popuptype == "specific") {
$temp_val = str_replace("'", '\\"', $temp_val);
$temp_val = popup_from_html($temp_val);
//Added to avoid the error when select SO from Invoice through AjaxEdit
if ($module == 'Salesorders') {
$value = '<a href="javascript:window.close();" onclick=\'set_return_specific("' . $entity_id . '", "' . br2nl($temp_val) . '","' . $_REQUEST['form'] . '");\'>' . $temp_val . '</a>';
} else {
$value = '<a href="javascript:window.close();" onclick=\'set_return_specific("' . $entity_id . '", "' . br2nl($temp_val) . '");\'>' . $temp_val . '</a>';
}
} elseif ($popuptype == "detailview") {
$temp_val = popup_from_html($temp_val);
$focus->record_id = $_REQUEST['recordid'];
if ($_REQUEST['return_module'] == "Calendar") {
$value = '<a href="javascript:window.close();" id="calendarCont' . $entity_id . '" LANGUAGE=javascript onclick=\'add_data_to_relatedlist_incal("' . $entity_id . '","' . $temp_val . '");\'>' . $temp_val . '</a>';
} else {
$value = '<a href="javascript:window.close();" onclick=\'add_data_to_relatedlist("' . $entity_id . '","' . $focus->record_id . '","' . $module . '");\'>' . $temp_val . '</a>';
}
} elseif ($popuptype == "formname_specific") {
$temp_val = popup_from_html($temp_val);
$value = '<a href="javascript:window.close();" onclick=\'set_return_formname_specific("' . $_REQUEST['form'] . '", "' . $entity_id . '", "' . br2nl($temp_val) . '");\'>' . $temp_val . '</a>';
} elseif ($popuptype == "inventory_prod") {
$row_id = $_REQUEST['curr_row'];
//To get all the tax types and values and pass it to product details
$tax_str = '';
$unitprice = $adb->query_result($list_result, $list_result_count, 'unit_price');
$qty_stock = $adb->query_result($list_result, $list_result_count, 'qtyinstock');
$productcode = $adb->query_result($list_result, $list_result_count, 'productcode');
$temp_val = popup_from_html($temp_val);
$value = '<a href="javascript:window.close();" onclick=\'set_return_inventory("' . $entity_id . '", "' . br2nl($temp_val) . '", "' . $unitprice . '", "' . $qty_stock . '","' . $tax_str . '","' . $row_id . '","' . $productcode . '");\'>' . $temp_val . '</a>';
} elseif ($popuptype == "inventory_prods") {
$unitprice = $adb->query_result($list_result, $list_result_count, 'unit_price');
$qty_stock = $adb->query_result($list_result, $list_result_count, 'qtyinstock');
$productcode = $adb->query_result($list_result, $list_result_count, 'productcode');
$serialno = $adb->query_result($list_result, $list_result_count, 'serialno');
$temp_val = popup_from_html($temp_val);
$value = $temp_val . '<input type="hidden" name="productname_' . $entity_id . '" id="productname_' . $entity_id . '" value="' . $temp_val . '"><input type="hidden" name="listprice_' . $entity_id . '" id="listprice_' . $entity_id . '" value="' . $unitprice . '"><input type="hidden" name="qtyinstock_' . $entity_id . '" id="qtyinstock_' . $entity_id . '" value="' . $qty_stock . '"><input type="hidden" id="productcode_' . $entity_id . '" name="productcode_' . $entity_id . '" value="' . $productcode . '"><input type="hidden" id="serialno_' . $entity_id . '" name="serialno_' . $entity_id . '" value="' . $serialno . '">';
} elseif ($popuptype == "salesorder_prod") {
$row_id = $_REQUEST['curr_row'];
$unitprice = $adb->query_result($list_result, $list_result_count, 'unit_price');
$temp_val = popup_from_html($temp_val);
$producttype = $_REQUEST['producttype'];
$value = '<a href="javascript:window.close();" onclick=\'set_return_inventory_so("' . $entity_id . '", "' . br2nl($temp_val) . '", "' . $unitprice . '", "' . $row_id . '","' . $producttype . '");\'>' . $temp_val . '</a>';
} elseif ($popuptype == "inventory_prod_po") {
$row_id = $_REQUEST['curr_row'];
$unitprice = $adb->query_result($list_result, $list_result_count, 'unit_price');
$productcode = $adb->query_result($list_result, $list_result_count, 'productcode');
$temp_val = popup_from_html($temp_val);
$value = '<a href="javascript:window.close();" onclick=\'set_return_inventory_po("' . $entity_id . '", "' . br2nl($temp_val) . '", "' . $unitprice . '", "' . $productcode . '","' . $row_id . '"); \'>' . $temp_val . '</a>';
} elseif ($popuptype == "inventory_prod_noprice") {
$row_id = $_REQUEST['curr_row'];
$temp_val = popup_from_html($temp_val);
$qtyinstock = $adb->query_result($list_result, $list_result_count, 'qtyinstock');
$productcode = $adb->query_result($list_result, $list_result_count, 'productcode');
$value = '<a href="javascript:window.close();" onclick=\'set_return_inventory_noprice("' . $entity_id . '", "' . br2nl($temp_val) . '","' . $row_id . '","' . $qtyinstock . '","' . $productcode . '");\'>' . $temp_val . '</a>';
} elseif ($popuptype == "inventory_prod_check") {
$row_id = $_REQUEST['curr_row'];
$temp_val = popup_from_html($temp_val);
$productcode = $adb->query_result($list_result, $list_result_count, 'productcode');
$usageunit = $adb->query_result($list_result, $list_result_count, 'usageunit');
$qtyinstock = $adb->query_result($list_result, $list_result_count, 'qtyinstock');
$value = '<a href="javascript:window.close();" onclick=\'set_return_inventory_check("' . $entity_id . '", "' . br2nl($temp_val) . '","' . $row_id . '","' . $productcode . '","' . $usageunit . '","' . $qtyinstock . '"); \'>' . $temp_val . '</a>';
} elseif ($popuptype == "specific_account_address") {
require_once 'modules/Accounts/Accounts.php';
$acct_focus = new Accounts();
$acct_focus->retrieve_entity_info($entity_id, "Accounts");
$temp_val = popup_from_html($temp_val);
$value = '<a href="javascript:window.close();" onclick=\'set_return_address("' . $entity_id . '", "' . br2nl($temp_val) . '", "' . br2nl($acct_focus->column_fields['bill_street']) . '", "' . br2nl($acct_focus->column_fields['ship_street']) . '", "' . br2nl($acct_focus->column_fields['bill_city']) . '", "' . br2nl($acct_focus->column_fields['ship_city']) . '", "' . br2nl($acct_focus->column_fields['bill_state']) . '", "' . br2nl($acct_focus->column_fields['ship_state']) . '", "' . br2nl($acct_focus->column_fields['bill_code']) . '", "' . br2nl($acct_focus->column_fields['ship_code']) . '", "' . br2nl($acct_focus->column_fields['bill_country']) . '", "' . br2nl($acct_focus->column_fields['ship_country']) . '","' . br2nl($acct_focus->column_fields['bill_pobox']) . '", "' . br2nl($acct_focus->column_fields['ship_pobox']) . '");\'>' . $temp_val . '</a>';
} elseif ($popuptype == "specific_contact_account_address") {
require_once 'modules/Accounts/Accounts.php';
$acct_focus = new Accounts();
$acct_focus->retrieve_entity_info($entity_id, "Accounts");
$temp_val = popup_from_html($temp_val);
$value = '<a href="javascript:window.close();" onclick=\'set_return_contact_address("' . $entity_id . '", "' . br2nl($temp_val) . '", "' . br2nl($acct_focus->column_fields['bill_street']) . '", "' . br2nl($acct_focus->column_fields['ship_street']) . '", "' . br2nl($acct_focus->column_fields['bill_city']) . '", "' . br2nl($acct_focus->column_fields['ship_city']) . '", "' . br2nl($acct_focus->column_fields['bill_state']) . '", "' . br2nl($acct_focus->column_fields['ship_state']) . '", "' . br2nl($acct_focus->column_fields['bill_code']) . '", "' . br2nl($acct_focus->column_fields['ship_code']) . '", "' . br2nl($acct_focus->column_fields['bill_country']) . '", "' . br2nl($acct_focus->column_fields['ship_country']) . '","' . br2nl($acct_focus->column_fields['bill_pobox']) . '", "' . br2nl($acct_focus->column_fields['ship_pobox']) . '");\'>' . $temp_val . '</a>';
} elseif ($popuptype == "specific_potential_account_address") {
$acntid = $adb->query_result($list_result, $list_result_count, "accountid");
if ($acntid != "") {
//require_once('modules/Accounts/Accounts.php');
//$acct_focus = new Accounts();
//$acct_focus->retrieve_entity_info($acntid,"Accounts");
$account_name = getAccountName($acntid);
$temp_val = popup_from_html($temp_val);
$value = '<a href="javascript:window.close();" onclick=\'set_return_address("' . $entity_id . '", "' . br2nl($temp_val) . '", "' . $acntid . '", "' . br2nl($account_name) . '");\'>' . $temp_val . '</a>';
} else {
$temp_val = popup_from_html($temp_val);
$value = '<a href="javascript:window.close();" >' . $temp_val . '</a>';
}
} elseif ($popuptype == "set_return_emails") {
$name = $adb->query_result($list_result, $list_result_count, "lastname");
$emailaddress = $adb->query_result($list_result, $list_result_count, "email");
if ($emailaddress == '') {
$emailaddress = $adb->query_result($list_result, $list_result_count, "msn");
}
$where = isset($_REQUEST['where']) ? $_REQUEST['where'] : "";
$value = '<a href="javascript:;" onclick=\'return set_return_emails("' . $where . '","' . $name . '","' . $emailaddress . '"); \'>' . $name . '</a>';
} elseif ($popuptype == "set_return_mobiles") {
//$firstname=$adb->query_result($list_result,$list_result_count,"first_name");
$contactname = $adb->query_result($list_result, $list_result_count, "lastname");
$mobile = $adb->query_result($list_result, $list_result_count, "mobile");
//changed by dingjianting on 2006-11-9 for simplized chinese
$value = '<a href="#" onclick=\'return set_return_mobiles(' . $entity_id . ',"' . $contactname . '","' . $mobile . '"); \'>' . $contactname . '</a>';
} elseif ($popuptype == "set_return_usermobiles") {
//$firstname=$adb->query_result($list_result,$list_result_count,"first_name");
$lastname = $adb->query_result($list_result, $list_result_count, "last_name");
$mobile = $adb->query_result($list_result, $list_result_count, "phone_mobile");
//changed by dingjianting on 2006-11-9 for simplized chinese
$value = '<a href="#" onclick=\'return set_return_mobiles(' . $entity_id . ',"' . $lastname . '","' . $mobile . '"); \'>' . $lastname . '</a>';
} else {
$temp_val = str_replace("'", '\\"', $temp_val);
$temp_val = popup_from_html($temp_val);
$value = '<a href="javascript:window.close();" onclick=\'set_return("' . $entity_id . '", "' . br2nl($temp_val) . '");\'>' . $temp_val . '</a>';
}
}
}
}
$log->debug("Exiting getValue method ...");
return $value;
}
if ($tmp == "") {
$r_date = parseDate($r_date, "%d.%m.%Y");
//parsing date into mysql format
$r_released_date = parseDate($r_released_date, "%d.%m.%Y");
//parsing date into mysql format
$query = "insert into releases (r_name, r_date, r_released_date,r_global) values ('" . escapeChars($r_name) . "','" . escapeChars($r_date) . "','" . escapeChars($r_released_date) . "','" . escapeChars($r_global) . "')";
mysql_query($query) or die(mysql_error());
$r_id = mysql_insert_id();
header("Location:index.php?inc=manage_releases");
}
}
if ($action == "update" && $r_id != "") {
if (!isValidDate($r_date)) {
$tmp = $lng[14][13];
}
if ($r_released_date != "" && !isValidDate($r_released_date)) {
$tmp = $lng[14][14];
}
if ($tmp == "") {
$r_date = parseDate($r_date, "%d.%m.%Y");
//parsing date into mysql format
$r_released_date = parseDate($r_released_date, "%d.%m.%Y");
//parsing date into mysql format
$query = "update releases set r_name='" . escapeChars($r_name) . "', r_date='" . escapeChars($r_date) . "', r_released_date='" . escapeChars($r_released_date) . "', r_global='" . escapeChars($r_global) . "' where r_id=" . $r_id;
mysql_query($query) or die(mysql_error());
header("Location:index.php?inc=manage_releases");
}
}
if ($r_id != "") {
$query = "select *, date_format(r_date, '%d.%m.%Y') as d1, date_format(r_released_date, '%d.%m.%Y') as d2 from releases where r_id=" . $r_id;
$rs = mysql_query($query) or die(mysql_error());
function UpdateMainVacactionRequest($fields)
{
$success = false;
$statusMessage = "";
//-------------------------------------------------------------------------
// Validate Input parameters
//--------------------------------------------------------------------------
$inputIsValid = TRUE;
$validID = false;
$countOfFields = 0;
foreach ($fields as $key => $value) {
if ($key == MAIN_VACATION_REQ_ID) {
$record = RetrieveMainVacationRequestByID($value);
if ($record != NULL) {
$validID = true;
$countOfFields++;
}
} else {
if ($key == MAIN_VACATION_EMP_ID) {
$countOfFields++;
$record = RetrieveEmployeeByID($value);
if ($record == NULL) {
$statusMessage .= "Invalid Main Vacation Employee ID</br>";
error_log("Invalid MAIN_VACATION_EMP_ID passed to " . "UpdateMainVacationRequest.");
$inputIsValid = FALSE;
}
} else {
if ($key == MAIN_VACATION_1ST_START) {
$countOfFields++;
if (!isValidDate($value)) {
$statusMessage .= "Invalid 1st Choice Start Date</br>";
error_log("Invalid MAIN_VACATION_1ST_START passed to " . "UpdateMainVacationRequest.");
$inputIsValid = FALSE;
}
} else {
if ($key == MAIN_VACATION_1ST_END) {
$countOfFields++;
if (!isValidDate($value)) {
$statusMessage .= "Invalid 1st Choice Finish Date/br>";
error_log("Invalid MAIN_VACATION_1ST_END passed to " . "UpdateMainVacationRequest.");
$inputIsValid = FALSE;
}
} else {
if ($key == MAIN_VACATION_2ND_START) {
$countOfFields++;
if (!isValidDate($value)) {
$statusMessage .= "Invalid 2nd Choice Start Date/br>";
error_log("Invalid MAIN_VACATION_2ND_START passed to " . "UpdateMainVacationRequest.");
$inputIsValid = FALSE;
}
} else {
if ($key == MAIN_VACATION_2ND_END) {
$countOfFields++;
if (!isValidDate($value)) {
$statusMessage .= "Invalid 2nd Choice Finish Date/br>";
error_log("Invalid MAIN_VACATION_2ND_END passed to " . "UpdateMainVacationRequest.");
$inputIsValid = FALSE;
}
} else {
$statusMessage .= "Invalid Field encountered./br>";
error_log("Invalid field passed to " . "UpdateMainVacationRequest. {$key}=" . $key);
$inputIsValid = FALSE;
}
}
}
}
}
}
}
$firstChoiceStartDate = $fields[MAIN_VACATION_1ST_START];
$firstChoiceEndDate = $fields[MAIN_VACATION_1ST_END];
$secondChoiceStartDate = $fields[MAIN_VACATION_2ND_START];
$secondChoiceEndDate = $fields[MAIN_VACATION_2ND_END];
if (strtotime($firstChoiceEndDate) < strtotime($firstChoiceStartDate)) {
$statusMessage .= "1st Choice End Date is before 1st Choice Start Date.</br>";
error_log("First Choice End Date is before First Choice Start Date.");
$inputIsValid = FALSE;
}
if (strtotime($secondChoiceEndDate) < strtotime($secondChoiceStartDate)) {
$statusMessage .= "2nd Choice End Date is before 2nd Choice Start Date.</br>";
error_log("Second Choice End Date is before Second Choice Start Date.");
$inputIsValid = FALSE;
}
if (!$validID) {
$statusMessage .= "No valid record ID found/br>";
error_log("No valid ID supplied in call to UpdateMainVacationRequest.");
$inputIsValid = FALSE;
}
if ($countOfFields < 2) {
$statusMessage .= "You must modify at least one of the fields of the record./br>";
error_log("Insufficent fields supplied in call to UpdateMainVacationRequest.");
$inputIsValid = FALSE;
}
//--------------------------------------------------------------------------
// Only attempt to update a record in the database if the input parameters
// are ok.
//--------------------------------------------------------------------------
if ($inputIsValid) {
$success = performSQLUpdate(MAIN_VACATION_REQUEST_TABLE, MAIN_VACATION_REQ_ID, $fields);
if ($success) {
$statusMessage .= "Record successfully modified.";
} else {
$inputIsValid = false;
$statusMessage .= "Error encountered when updating the database. " . "Contact system administrator.</br>";
}
}
GenerateStatus($inputIsValid, $statusMessage);
return $success;
}
* Logic to edit and add a product to the database is here
*/
require 'database.php';
if (isset($_POST['btnAddProduct'])) {
//
//edit the data
//
//grabbing input and assigning to variables
$code = trim($_POST['txtCode']);
$name = trim($_POST['txtName']);
$version = trim($_POST['txtVersion']);
$releaseDate = trim($_POST['txtDate']);
//check to ensure product code is unique
$validCode = isValidCode($code, $db);
//check for required date format
$validDate = isValidDate($releaseDate);
//quick check that version is indeed a number
$validVersion = is_numeric($version);
//validate inputs as not empty and valid
if (!empty($name) && $validVersion && $validDate && $validCode) {
//try/catch for our db work
try {
//if data is ok add a product to the database
//construct a new query for insertion
$query = "insert into products(productCode, name, version, releaseDate) values('{$code}', '{$name}', '{$version}', '{$releaseDate}')";
//executing the query
$db->exec($query);
//we should get here only if data was ok and added to the database
//This will take you to the index.php for product_manager or the product list
//redirecting for display of results
include "AddProductForm.php";
if (empty($_POST['coHistory'])) {
$errors['coHistory'] = 'Company history is required.';
}
if (empty($_POST['webHistory'])) {
$errors['webHistory'] = 'Website history is required.';
}
if (empty($_POST['buildNow'])) {
$errors['buildNow'] = 'Build now is required.';
}
if (empty($_POST['constraintOptions'])) {
$errors['constraintOptions'] = 'A fixed resource selection is required.';
}
if (empty($_POST['startDate'])) {
$errors['startDate'] = 'Start date is required.';
} else {
if (!isValidDate($_POST['startDate'])) {
$errors['startDate'] = 'Please enter a valid date.';
}
}
// return a response ===========================================================
// if there are any errors in our errors array, return a success boolean of false
if (!empty($errors)) {
// if there are items in our errors array, return those errors
$data['success'] = false;
$data['errors'] = $errors;
$data['message'] = 'ALERT! Please check your data inputs below for valid data before submitting your profile.';
} else {
// Server side form validation passed - return success
$data['success'] = true;
}
// Return all our data to an AJAX call
function displayLiveMusic($indicator)
{
global $sitePhone;
global $liveMusicItemCount;
global $liveMusicItemData;
$monthSubstr = "";
$eventColor = 0;
if (getLiveMusicCount() > 0) {
if ($indicator == "all") {
echo "<ul id='liveMusic'>";
}
for ($i = 0; $i < $liveMusicItemCount; $i++) {
$isValidDate = false;
$eventName = "";
$eventTime = "";
$eventDate = "";
if (isset($liveMusicItemData[$i]["name"])) {
$eventName = $liveMusicItemData[$i]["name"];
}
if (isset($liveMusicItemData[$i]["time"])) {
$eventTime = $liveMusicItemData[$i]["time"];
}
if (isset($liveMusicItemData[$i]["date"])) {
$eventDate = $liveMusicItemData[$i]["date"];
}
if ($eventDate != "") {
$eventMonth = date('m', strtotime(substr($eventDate, 0, 3)));
$eventDay = trim(substr($eventDate, strpos($eventDate, ' '), strpos($eventDate, ',') - strpos($eventDate, ' ')));
$eventYear = trim(substr($eventDate, strpos($eventDate, ',') + 1));
$isValidDate = isValidDate($eventYear, $eventMonth, $eventDay);
}
if ($eventDate != "" && $isValidDate && $eventName != "" && $eventTime != "") {
if (isset($eventDate)) {
if ($eventMonth != $monthSubstr) {
$eventColor += 1;
$monthSubstr = $eventMonth;
}
$eventDate = $eventDate;
}
if ($indicator == "all") {
echo "<li class=''>";
}
echo "<dl>";
echo "<dd class='date'>" . $eventDate . "</dd>";
echo "<dt class='color" . $eventColor . "'>" . $eventName . "</dt>";
echo "<dd>" . $eventTime . "</dd>";
echo "</dl>";
if ($indicator == "all") {
echo "</li>";
}
if ($indicator == "next") {
return;
}
}
}
if ($indicator == "all") {
echo "</ul>";
}
} else {
echo "<p>Please call for the latest Live Music schedule.</p>";
echo "<p>" . $sitePhone . "</p>";
}
}
