function create_groups($keyword_groups)
{
foreach ($keyword_groups as $skwg) {
// Insert keyword group data into database table
$q = "INSERT INTO lcm_keyword_group \n\t\t\t\t(name, title, description, type, policy, quantity, suggest, ac_admin, ac_author) \n\t\t\tVALUES (" . "'" . addslashes($skwg['name']) . "', " . "'" . addslashes($skwg['title']) . "', " . "'" . addslashes($skwg['description']) . "', " . "'" . addslashes($skwg['type']) . "', " . "'" . addslashes($skwg['policy']) . "', " . "'" . addslashes($skwg['quantity']) . "', " . "'" . addslashes($skwg['suggest']) . "', " . "'" . addslashes($skwg['ac_admin']) . "', " . "'" . addslashes($skwg['ac_author']) . "')";
$result = lcm_query($q, true);
// Ignore if keyword exists (has unique key)
// Findout under what ID is this group stored
// Note: Do this instead of lcm_insert_id() because the keyword might not have been
// inserted, so using lcm_insert_id() would re-create ALL keywords using the latest kwg id...
$q = "SELECT id_group,name FROM lcm_keyword_group WHERE name='" . addslashes($skwg['name']) . "'";
$result = lcm_query($q);
$row = lcm_fetch_array($result);
$kwg_id = $row['id_group'];
// If group is not successfully created or its ID is not found, report error
// [ML] Failed SQL insert generates lcm_panic(), so this becomes useless.
if ($kwg_id < 1) {
lcm_log("create_groups: creation of keyword group seems to have failed. Aborting.");
lcm_log("-> Query was: " . $q);
return;
}
// Insert keywords data into database table
foreach ($skwg['keywords'] as $k) {
if (!isset($k['hasvalue'])) {
$k['hasvalue'] = 'N';
}
$q = "INSERT INTO lcm_keyword\n\t\t\t\t\t(id_group, name, title, description, hasvalue, ac_author)\n\t\t\t\tVALUES (" . $kwg_id . ", " . "'" . addslashes($k['name']) . "', " . "'" . addslashes($k['title']) . "', " . "'" . addslashes($k['description']) . "', " . "'" . addslashes($k['hasvalue']) . "', " . "'" . addslashes($k['ac_author']) . "')";
$result = lcm_query($q, true);
// Ignore if keyword exists (has unique key)
}
}
}
function read_author_data($id_author)
{
$q = "SELECT * FROM lcm_author WHERE id_author=" . $id_author;
$result = lcm_query($q);
if (!($usr = lcm_fetch_array($result))) {
lcm_panic("The user #{$id_author} does not exist in the database.");
}
return $usr;
}
function lcm_test_alter_table()
{
$log = "";
lcm_query("DROP TABLE lcm_test", true);
lcm_query("CREATE TABLE lcm_test (a INT)");
lcm_query("ALTER TABLE lcm_test ADD b INT");
lcm_query("INSERT INTO lcm_test (b) VALUES (1)");
$result = lcm_query("SELECT b FROM lcm_test");
lcm_query("ALTER TABLE lcm_test DROP b");
if (!$result) {
$log .= "User does not have the right to modify the database:";
if (lcm_sql_errno()) {
$log .= "<p>" . lcm_sql_error() . "</p>";
} else {
$log .= "<p>" . "No error message available." . "</p>";
}
}
lcm_query("DROP TABLE lcm_test", true);
return $log;
}
function create_repfields($rep_fields)
{
foreach ($rep_fields as $f) {
$q = "SELECT * \n\t\t\t\tFROM lcm_fields \n\t\t\t\tWHERE table_name = '" . $f['table_name'] . "'\n\t\t\t\t AND field_name = '" . $f['field_name'] . "'";
$result = lcm_query($q);
if ($row = lcm_fetch_array($result)) {
// check if update necessary
$needs_update = false;
foreach ($f as $key => $val) {
if ($row[$key] != $val) {
$needs_update = true;
}
}
if ($needs_update) {
$all_fields_tmp = array();
$all_fields = "";
foreach ($f as $key => $val) {
$all_fields_tmp[] = "{$key} = '{$val}'";
}
$all_fields = implode(", ", $all_fields_tmp);
$q2 = "UPDATE lcm_fields\n\t\t\t\t\t\tSET " . $all_fields . "\n\t\t\t\t\t\tWHERE table_name = '" . $f['table_name'] . "'\n\t\t\t\t\t\t AND field_name = '" . $f['field_name'] . "'";
lcm_query($q2);
}
} else {
// insert new field
$field_list = "";
$values_list = "";
foreach ($f as $key => $val) {
$field_list .= "{$key},";
$values_list .= "'{$val}',";
}
$field_list = preg_replace("/,\$/", "", $field_list);
$values_list = preg_replace("/,\$/", "", $values_list);
$q2 = "INSERT INTO lcm_fields ({$field_list})\n\t\t\t\t\t\tVALUES (" . $values_list . ")";
lcm_query($q2);
}
}
}
function spip_query($query)
{
return lcm_query($query);
}
function auth()
{
global $INSECURE, $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_COOKIE_VARS, $REMOTE_USER, $PHP_AUTH_USER, $PHP_AUTH_PW;
global $auth_can_disconnect;
global $connect_id_auteur, $connect_nom, $connect_bio, $connect_email;
global $connect_nom_site, $connect_url_site, $connect_login, $connect_pass;
global $connect_activer_imessage, $connect_activer_messagerie;
global $connect_status;
global $author_session, $prefs;
global $clean_link;
// This reloads $GLOBALS['db_ok'], just in case
include_config('inc_connect');
// If there is not SQL connection, quit.
if (!$GLOBALS['db_ok']) {
include_lcm('inc_presentation');
lcm_html_start("Technical problem", "install");
// annoy sql_errno()
echo "\n<!-- \n";
echo "\t* Flag connect: " . $GLOBALS['flag_connect'] . "\n\t";
lcm_query("SELECT count(*) from lcm_meta");
echo "\n-->\n\n";
echo "<div align='left' style='width: 600px;' class='box_error'>\n";
echo "\t<h3>" . _T('title_technical_problem') . "</h3>\n";
echo "\t<p>" . _T('info_technical_problem_database') . "</p>\n";
if (lcm_sql_errno()) {
echo "\t<p><tt>" . lcm_sql_errno() . " " . lcm_sql_error() . "</tt></p>\n";
} else {
echo "\t<p><tt>No error diagnostic was provided.</tt></p>\n";
}
echo "</div>\n";
lcm_html_end();
return false;
}
// Initialise variables (avoid URL hacks)
$auth_login = "";
$auth_pass = "";
$auth_pass_ok = false;
$auth_can_disconnect = false;
// Fetch identification data from authentication session
if (isset($_COOKIE['lcm_session'])) {
if (verifier_session($_COOKIE['lcm_session'])) {
if ($author_session['status'] == 'admin' or $author_session['status'] == 'normal') {
$auth_login = $author_session['username'];
$auth_pass_ok = true;
$auth_can_disconnect = true;
}
}
} else {
if ($_REQUEST['privet'] == 'yes') {
// Failed login attempt: cookie failed
$link = new Link("lcm_cookie.php?cookie_test_failed=yes");
$clean_link->delVar('privet');
$url = str_replace('/./', '/', $clean_link->getUrl());
$link->addVar('var_url', $url);
@header("Location: " . $link->getUrl());
exit;
}
}
// If not authenticated, ask for login / password
if (!$auth_login) {
$url = $clean_link->getUrl();
@header("Location: lcm_login.php?var_url=" . urlencode($url));
exit;
}
//
// Search for the login in the authors' table
//
$auth_login = addslashes($auth_login);
$query = "SELECT * FROM lcm_author WHERE username='******' AND status !='external' AND status !='6forum'";
$result = @lcm_query($query);
if ($row = lcm_fetch_array($result)) {
$connect_id_auteur = $row['id_author'];
$connect_nom = $row['name_first'];
$connect_login = $row['username'];
$connect_pass = $row['password'];
$connect_status = $row['status'];
$connect_activer_messagerie = "non";
//$row["messagerie"];
$connect_activer_imessage = "non ";
//$row["imessage"];
// Set the users' preferences
$prefs = unserialize(get_magic_quotes_runtime() ? stripslashes($row['prefs']) : $row['prefs']);
//
// Default values for some possibly unset preferences
//
if (!isset($prefs['page_rows']) || intval($prefs['page_rows']) < 1) {
$prefs['page_rows'] = 15;
}
if (!isset($prefs['theme']) || !$prefs['theme']) {
$prefs['theme'] = 'green';
}
if (!isset($prefs['screen']) || !$prefs['screen']) {
$prefs['screen'] = 'wide';
}
if (!isset($prefs['font_size']) || !$prefs['font_size']) {
$prefs['font_size'] = 'medium_font';
}
if (!isset($prefs['case_owner']) || !$prefs['case_owner']) {
$prefs['case_owner'] = 'my';
}
if (!isset($prefs['case_period']) || !$prefs['case_period']) {
$prefs['case_period'] = '91';
}
if (!isset($prefs['mode']) || !$prefs['mode']) {
$prefs['mode'] = 'simple';
}
if (!isset($prefs['time_intervals']) || !$prefs['time_intervals']) {
$prefs['time_intervals'] = 'relative';
$prefs['time_intervals_notation'] = 'hours_only';
}
} else {
// This case is a strange possibility: the author is authentified
// OK, but he does not exist in the authors table. Possible cause:
// the database was restaured and the author does not exist (and
// the user was authentified by another source, such as LDAP).
// Note: we use to show a strange error message which would advice
// to logout, but since it occurs only after db upgrade, just logout
// brutally (with cookie_admin=no to forget the username).
lcm_header('Location: lcm_cookie.php?cookie_admin=no&logout=' . $auth_login);
exit;
}
if (!$auth_pass_ok) {
@header("Location: lcm_login.php?var_erreur=pass");
exit;
}
// [ML] Again, not sure how this is used, but we can ignore it for now
// TODO (note: nouveau == new)
if ($connect_status == 'nouveau') {
$query = "UPDATE lcm_author SET status = 'normal' WHERE id_author = {$connect_id_auteur}";
$result = lcm_query($query);
$connect_status = 'normal';
}
// PHP sessions are started here, and stopped at logout
session_start();
return true;
}
function lcm_insert_id($table, $field)
{
// return mysql_insert_id();
$result = lcm_query("SELECT last_value FROM {$table}_{$field}_seq");
$seq_array = pg_fetch_row($result, 0);
return $seq_array[0];
}
function erase_meta($name)
{
lcm_query("DELETE FROM lcm_meta WHERE name='{$name}'");
}
function show_report_filters($id_report, $is_runtime = false)
{
// Get general report info
$q = "SELECT * FROM lcm_report WHERE id_report = " . intval($id_report);
$res = lcm_query($q);
$rep_info = lcm_fetch_array($res);
if (!$rep_info) {
lcm_panic("Report does not exist: {$id_report}");
}
// List filters attached to this report
$query = "SELECT *\n\t\tFROM lcm_rep_filter as v, lcm_fields as f\n\t\tWHERE id_report = " . $id_report . "\n\t\tAND f.id_field = v.id_field";
// If generating the report (as opposed to editing), show filters
// who have a filter type (eq, neq, in, ..), but no value.
if ($is_runtime) {
$query .= " AND v.type != '' AND v.value = '' ";
}
$result = lcm_query($query);
if (lcm_num_rows($result)) {
if ($is_runtime) {
// submit all at once (else submit on a per-filter basis)
echo '<form action="run_rep.php" name="frm_filters" method="get">' . "\n";
echo '<input name="rep" value="' . $id_report . '" type="hidden" />' . "\n";
if (isset($_REQUEST['export'])) {
echo '<input name="export" value="' . $_REQUEST['export'] . '" type="hidden" />' . "\n";
}
}
echo "<table border='0' class='tbl_usr_dtl' width='99%'>\n";
while ($filter = lcm_fetch_array($result)) {
if (!$is_runtime) {
echo "<form action='upd_rep_field.php' name='frm_line_additem' method='get'>\n";
echo "<input name='update' value='filter' type='hidden' />\n";
echo "<input name='rep' value='{$id_report}' type='hidden' />\n";
echo "<input name='id_filter' value='" . $filter['id_filter'] . "' type='hidden' />\n";
}
echo "<tr>\n";
echo "<td>" . _Th($filter['description']) . "</td>\n";
// Type of filter
echo "<td>";
$all_filters = array('number' => array('none', 'num_eq', 'num_neq', 'num_lt', 'num_le', 'num_gt', 'num_ge'), 'date' => array('none', 'date_eq', 'date_in', 'date_lt', 'date_le', 'date_gt', 'date_ge'), 'text' => array('none', 'text_eq', 'text_neq'));
if ($all_filters[$filter['filter']]) {
// At runtime, if a filter has been selected, do not allow select
if ($filter['type'] && $is_runtime) {
echo _T('rep_filter_' . $filter['type']);
} else {
echo "<select name='filter_type'>\n";
echo "<option value=''>...</option>\n";
foreach ($all_filters[$filter['filter']] as $f) {
$sel = $filter['type'] == $f ? ' selected="selected"' : '';
echo "<option value='" . $f . "'" . $sel . ">" . _T('rep_filter_' . $f) . "</option>\n";
}
echo "</select>\n";
}
} else {
// XXX Should happen only if a filter was removed in a future version, e.g. rarely
// or between development releases.
echo "Unknown filter";
}
echo "</td>\n";
// Value for filter
echo "<td>";
switch ($filter['type']) {
case 'num_eq':
case 'num_neq':
if ($filter['field_name'] == 'id_author') {
$name = $is_runtime ? "filter_val" . $filter['id_filter'] : 'filter_value';
// XXX make this a function
$q = "SELECT * FROM lcm_author WHERE status IN ('admin', 'normal', 'external')";
$result_author = lcm_query($q);
echo "<select name='{$name}'>\n";
echo "<option value=''>...</option>\n";
// TRAD
while ($author = lcm_fetch_array($result_author)) {
// Check for already submitted value
$sel = $filter['value'] == $author['id_author'] || $_REQUEST['filter_val' . $filter['id_filter']] == $author['id_author'] ? ' selected="selected"' : '';
echo "<option value='" . $author['id_author'] . "'" . $sel . ">" . $author['id_author'] . " : " . get_person_name($author) . "</option>\n";
}
echo "</select>\n";
break;
}
case 'num_lt':
case 'num_gt':
$name = $is_runtime ? "filter_val" . $filter['id_filter'] : 'filter_value';
echo '<input style="width: 99%;" type="text" name="' . $name . '" value="' . $filter['value'] . '" />';
break;
case 'date_eq':
case 'date_lt':
case 'date_le':
case 'date_gt':
case 'date_ge':
$name = $is_runtime ? "filter_val" . $filter['id_filter'] : 'date';
echo get_date_inputs($name, $filter['value']);
// FIXME
break;
case 'date_in':
// date_in has two values, stored ex: 2005-01-01 00:00:00;2006-02-02 00:00:00
$name = $is_runtime ? "filter_val" . $filter['id_filter'] : 'date';
$values = split(";", $filter['value']);
echo get_date_inputs($name . '_start', $values[0]);
echo "<br />\n";
echo get_date_inputs($name . '_end', $values[1]);
break;
case 'text_eq':
case 'text_neq':
$name = $is_runtime ? "filter_val" . $filter['id_filter'] : 'filter_value';
if ($filter['enum_type']) {
$enum = explode(":", $filter['enum_type']);
if ($enum[0] == 'keyword') {
if ($enum[1] == 'system_kwg') {
$all_kw = get_keywords_in_group_name($enum[2]);
echo '<select name="' . $name . '">' . "\n";
echo '<option value="">' . "..." . "</option>\n";
// TRAD
foreach ($all_kw as $kw) {
$sel = $filter['value'] == $kw['name'] || $_REQUEST['filter_val' . $filter['id_filter']] == $kw['name'] ? ' selected="selected" ' : '';
echo '<option value="' . $kw['name'] . '"' . $sel . '>' . _Tkw($enum[2], $kw['name']) . "</option>\n";
}
echo "</select>\n";
}
} elseif ($enum[0] == 'list') {
$items = split(",", $enum[1]);
echo '<select name="' . $name . '">' . "\n";
echo '<option value="">' . "..." . "</option>\n";
// TRAD
foreach ($items as $i) {
$tmp = $i;
if ($enum[2]) {
$tmp = _T($enum[2] . $tmp);
}
$sel = $filter['value'] == $i || $_REQUEST['filter_val' . $filter['id_filter']] == $i ? ' selected="selected" ' : '';
echo '<option value="' . $i . '"' . $sel . '>' . $tmp . "</option>\n";
}
echo "</select>\n";
}
} else {
echo '<input style="width: 99%;" type="text" name="' . $name . '" value="' . $filter['value'] . '" />';
}
break;
default:
echo "<!-- no type -->\n";
}
echo "</td>\n";
if (!$is_runtime) {
// Button to validate
echo "<td>";
echo "<button class='simple_form_btn' name='validate_filter_addfield'>" . _T('button_validate') . "</button>\n";
echo "</td>\n";
// Link for "Remove"
echo "<td><a class='content_link' href='upd_rep_field.php?rep=" . $id_report . "&" . "remove=filter" . "&" . "id_filter=" . $filter['id_filter'] . "'>" . "X" . "</a></td>\n";
}
echo "</tr>\n";
if (!$is_runtime) {
echo "</form>\n";
}
}
echo "</table>\n";
}
if ($is_runtime) {
echo "<p><button class='simple_form_btn' name='validate_filter_addfield'>" . _T('button_validate') . "</button></p>\n";
echo "</form>\n";
return;
}
// List all available fields in selected tables for report
$query = "SELECT *\n\t\tFROM lcm_fields\n\t\tWHERE ";
$sources = array();
if ($rep_info['line_src_name']) {
array_push($sources, "'lcm_" . $rep_info['line_src_name'] . "'");
}
// Fetch all tables available as rep colums
// (this is not like rep line, because the source is not always in
// lcm_report, but this should be 'fixed')
$q_tmp = "SELECT DISTINCT table_name \n\t\t\t\tFROM lcm_rep_col as rp, lcm_fields as f\n\t\t\t\tWHERE rp.id_field = f.id_field\n\t\t\t\t AND rp.id_report = " . $id_report;
$result_tmp = lcm_query($q_tmp);
while ($row = lcm_fetch_array($result_tmp)) {
array_push($sources, "'" . $row['table_name'] . "'");
}
// Fetch all keyword sources
if ($rep_info['col_src_type'] == 'keyword' && $rep_info['col_src_name']) {
$kwg = get_kwg_from_name($rep_info['col_src_name']);
if ($kwg['type'] == 'system') {
switch ($kwg['name']) {
}
} else {
if ($kwg['type'] == 'client_org') {
array_push($sources, "'lcm_client'");
array_push($sources, "'lcm_org'");
} else {
array_push($sources, "'lcm_" . $kwg['type'] . "'");
}
}
}
// If lcm_case in there, also add lcm_stage
$tmp = '';
foreach ($sources as $s) {
if ($s == "'lcm_case'") {
$tmp = "lcm_stage";
}
}
if ($tmp) {
array_push($sources, "'lcm_stage'");
}
// List only filters if table were selected as sources (line/col)
if (count($sources)) {
$query .= " table_name IN ( " . implode(" , ", $sources) . " ) AND ";
$query .= " filter != 'none'";
$query .= " ORDER BY table_name ";
echo "<!-- QUERY: {$query} -->\n";
$result = lcm_query($query);
if (lcm_num_rows($result)) {
echo "<form action='upd_rep_field.php' name='frm_line_additem' method='get'>\n";
echo "<input name='rep' value='" . $rep_info['id_report'] . "' type='hidden' />\n";
echo "<input name='add' value='filter' type='hidden' />\n";
echo "<p class='normal_text'>" . _Ti('rep_input_filter_add');
echo "<select name='id_field'>\n";
echo "<option value=''>...</option>\n";
while ($row = lcm_fetch_array($result)) {
echo "<option value='" . $row['id_field'] . "'>" . _Ti('rep_info_table_' . $row['table_name']) . _Th($row['description']) . "</option>\n";
}
echo "</select>\n";
echo "<button class='simple_form_btn' name='validate_filter_addfield'>" . _T('button_validate') . "</button>\n";
echo "</p>\n";
echo "</form>\n";
}
} else {
echo '<p class="normal_text">' . _T('rep_info_select_source_first') . "</p>\n";
}
}
}
$_SESSION['form_data']['id_org'] = intval(_session('id_org', 0));
$ref_upd_org = 'edit_org.php?org=' . _session('id_org');
if ($_SERVER['HTTP_REFERER']) {
$ref_upd_org = $_SERVER['HTTP_REFERER'];
}
//
// Update data
//
$obj_org = new LcmOrg(_session('id_org'));
$errs = $obj_org->save();
if (count($errs)) {
$_SESSION['errors'] = array_merge($_SESSION['errors'], $errs);
lcm_header("Location: " . $ref_upd_org);
exit;
}
//
// Attach to case
//
if (_session('attach_case')) {
lcm_query("INSERT INTO lcm_case_client_org\n\t\t\t\tSET id_case = " . _session('attach_case') . ",\n\t\t\t\t\tid_org = " . $obj_org->getDataInt('id_org'));
}
//
// Go to the 'view details' page of the organisation
//
// small reminder, if the client was created from the "add client to case" (Case details)
$attach = "";
if (_session('attach_case')) {
$attach = "&attach_case=" . _session('attach_case');
}
lcm_header('Location: org_det.php?org=' . $obj_org->getDataInt('id_org', '__ASSERT__') . $attach);
$q2 .= ',' . $row['id_client'];
}
$q2 .= ')';
// Add search criteria if any
$find_client_string = _request('find_client_string');
if (strlen($find_client_string) > 1) {
$q2 .= " AND ((name_first LIKE '%{$find_client_string}%')" . " OR (name_middle LIKE '%{$find_client_string}%')" . " OR (name_last LIKE '%{$find_client_string}%'))";
}
$q2 .= ")";
// Sort client by name_first
$order_name = 'ASC';
if (_request('order_name') == 'ASC' || _request('order_name') == 'DESC') {
$order_name = _request('order_name');
}
$q2 .= " ORDER BY name_first " . $order_name;
$result = lcm_query($q2);
lcm_page_start(_T('title_case_add_client'));
show_context_start();
show_context_case_title($case);
show_context_case_involving($case);
show_context_end();
// Get the number of rows in the result
$number_of_rows = lcm_num_rows($result);
// Check for correct start position of the list
$list_pos = intval(_request('list_pos', 0));
if ($list_pos >= $number_of_rows) {
$list_pos = 0;
}
// Position to the page info start
if ($list_pos > 0) {
if (!lcm_data_seek($result, $list_pos)) {
// Show the errors (if any)
echo show_all_errors();
if ($attach_client || $attach_org) {
show_context_start();
}
if ($attach_client) {
$query = "SELECT id_client, name_first, name_middle, name_last\n\t\t\t\tFROM lcm_client\n\t\t\t\tWHERE id_client = " . $attach_client;
$result = lcm_query($query);
while ($row = lcm_fetch_array($result)) {
// should be only once
echo '<li style="list-style-type: none;">' . _Ti('fu_input_involving_clients') . get_person_name($row) . "</li>\n";
}
}
if ($attach_org) {
$query = "SELECT id_org, name\n\t\t\t\tFROM lcm_org\n\t\t\t\tWHERE id_org = " . $attach_org;
$result = lcm_query($query);
while ($row = lcm_fetch_array($result)) {
// should be only once
echo '<li style="list-style-type: none;">' . _Ti('fu_input_involving_clients') . $row['name'] . "</li>\n";
}
}
if ($attach_client || $attach_org) {
show_context_end();
}
// Start edit case form
echo '<form action="upd_case.php" method="post">' . "\n";
if (!$id_case) {
if ($attach_org) {
show_page_subtitle(_Th('title_org_view'), 'clients_intro');
$org = new LcmOrgInfoUI($attach_org);
$org->printGeneral(false);
function save()
{
$errors = $this->validate();
if (count($errors)) {
return $errors;
}
//
// Update record in database
//
$cl = "name_first = '" . clean_input($this->getDataString('name_first')) . "',\n\t\t\t name_middle = '" . clean_input($this->getDataString('name_middle')) . "',\n\t\t\t name_last = '" . clean_input($this->getDataString('name_last')) . "',\n\t\t\t gender = '" . clean_input($this->getDataString('gender')) . "',\n\t\t\t notes = '" . clean_input($this->getDataString('notes')) . "'";
// ,
if ($this->getDataString('date_birth')) {
$cl .= ", date_birth = '" . $this->getDataString('date_birth') . "'";
}
$cl .= ", citizen_number = '" . clean_input($this->getDataString('citizen_number')) . "'";
$cl .= ", civil_status = '" . clean_input($this->getDataString('civil_status')) . "'";
$cl .= ", income = '" . clean_input($this->getDataString('income')) . "'";
if ($this->getDataInt('id_client') > 0) {
$q = "UPDATE lcm_client\n\t\t\t\tSET date_update = NOW(), \n\t\t\t\t\t{$cl} \n\t\t\t\tWHERE id_client = " . $this->getDataInt('id_client', '__ASSERT__');
lcm_query($q);
} else {
$q = "INSERT INTO lcm_client\n\t\t\t\t\tSET date_creation = NOW(),\n\t\t\t\t\t\tdate_update = NOW(),\n\t\t\t\t\t\t{$cl}";
$result = lcm_query($q);
$this->data['id_client'] = lcm_insert_id('lcm_client', 'id_client');
}
// Keywords
update_keywords_request('client', $this->getDataInt('id_client'));
if ($_SESSION['errors']) {
$errors = array_merge($_SESSION['errors'], $errors);
}
// Insert/update client contacts
include_lcm('inc_contacts');
update_contacts_request('client', $this->getDataInt('id_client'));
if ($_SESSION['errors']) {
$errors = array_merge($_SESSION['errors'], $errors);
}
return $errors;
}
function get_fu_description($item, $make_short = true)
{
if (!is_array($item)) {
lcm_debug("get_fu_description: parameter is not an array.");
return '';
}
global $prefs;
global $fu_desc_len;
// configure via my_options.php with $GLOBALS['fu_desc_len'] = NNN;
$short_description = '';
// Set the length of short followup title (was: wide = 48, narrow = 115)
$title_length = isset($fu_desc_len) && $fu_desc_len > 0 ? $fu_desc_len : 256;
if ($item['type'] == 'assignment' && is_numeric($item['description'])) {
$res1 = lcm_query("SELECT * FROM lcm_author WHERE id_author = " . $item['description']);
$author1 = lcm_fetch_array($res1);
$short_description = _T('case_info_author_assigned', array('name' => get_person_name($author1)));
} elseif ($item['type'] == 'unassignment' && is_numeric($item['description'])) {
$res1 = lcm_query("SELECT * FROM lcm_author WHERE id_author = " . $item['description']);
$author1 = lcm_fetch_array($res1);
$short_description = _T('case_info_author_unassigned', array('name' => get_person_name($author1)));
} elseif ($item['type'] == 'stage_change' || is_status_change($item['type'])) {
$tmp = lcm_unserialize($item['description']);
// for backward compatibility, make it optional
if ($item['case_stage']) {
$short_description = _Tkw('stage', $item['case_stage']);
}
if ($tmp['description']) {
$short_description .= " / " . $tmp['description'];
}
if ($tmp['result'] || $tmp['conclusion']) {
$short_description .= "\n" . _Ti('fu_input_conclusion');
}
if ($tmp['result']) {
$short_description .= _Tkw('_crimresults', $tmp['result']) . "/";
}
if ($tmp['conclusion']) {
$short_description .= _Tkw('conclusion', $tmp['conclusion']);
}
if ($tmp['sentence']) {
$short_description .= "\n" . _Ti('fu_input_sentence') . _Tkw('sentence', $tmp['sentence'], array('currency' => read_meta('currency')));
}
if ($tmp['sentence_val']) {
$short_description .= ": " . $tmp['sentence_val'];
}
} else {
if ($item['description']) {
if (!$make_short || strlen(lcm_utf8_decode($item['description'])) < $title_length) {
$short_description = $item['description'];
} else {
$short_description = substr($item['description'], 0, $title_length) . '...';
}
$short_description = clean_output($short_description);
} else {
$short_description = _T('fu_info_emptydesc');
}
}
$short_description = nl2br($short_description);
if (empty($short_description)) {
$short_description = _T('info_not_available');
}
return $short_description;
}
function is_existing_contact($type_person, $id = 0, $type_contact, $value)
{
// XXX FIXME TODO very temporary untill we solved this issue..
if ($type_contact == 'email') {
// $type_contact = 1;
// [AG] I assume that 'email' means any e-mail contact type
// If not, $type_contact should be set here to what 'email' means
$type_contact = array('email_main', 'email_alternate');
}
// else
// echo "Wrong get_contact_author type ($type_contact)";
$id = intval($id);
// $type_contact = intval($type_contact);
$value = clean_input($value);
$query = "SELECT id_contact\n\t\t\t\tFROM lcm_contact\n\t\t\t\tWHERE ((value = '{$value}')";
if ($type_person) {
$query .= " AND (type_person = '{$type_person}')";
}
if ($id) {
$query .= " AND (id_of_person = {$id})";
}
if ($type_contact) {
// [AG] Let's try this - we accept for $type_contact integer, string or array of integers or strings
// Thus we can specify more flexible searches
switch (gettype($type_contact)) {
case "string":
if ($type_contact[0] != '+') {
$type_contact = '+' . $type_contact;
}
$type_contact = get_contact_type_id($type_contact);
case "integer":
$query .= " AND (type_contact = {$type_contact})";
break;
case "array":
$qs = '';
foreach ($type_contact as $tc) {
if (gettype($tc) == 'string') {
if ($tc[0] != '+') {
$tc = '+' . $tc;
}
$tc = get_contact_type_id($tc);
}
$tc = intval($tc);
$qs .= ($qs ? ',' : '') . $tc;
}
$query .= " AND (type_contact IN ({$qs})";
break;
default:
lcm_panic("Wrong is_existing_contact type_contact ({$type_contact})");
}
}
$query .= ")";
$result = lcm_query($query);
return lcm_num_rows($result) > 0;
}
echo "<tr><td>";
echo get_person_name($row);
echo '</td><td align="right" valign="top">';
echo format_time_interval_prefs($row['time']);
echo "</td>\n";
if ($meta_sum_billed == 'yes') {
echo '<td align="right" valign="top">';
echo format_money($row['sumbilled']);
echo "</td>\n";
}
if ($show_more_times) {
$fu_types = get_keywords_in_group_name('followups', false);
$html = "";
foreach ($fu_types as $f) {
$q2 = "SELECT type,\n\t\t\t\t\t\t\t\t\tsum(IF(UNIX_TIMESTAMP(fu.date_end) > 0,\n\t\t\t\t\t\t\t\t\t\tUNIX_TIMESTAMP(fu.date_end)-UNIX_TIMESTAMP(fu.date_start), 0)) as time,\n\t\t\t\t\t\t\t\t\tsum(sumbilled) as sumbilled\n\t\t\t\t\t\t\t\tFROM lcm_followup as fu\n\t\t\t\t\t\t\t\tWHERE fu.id_case = {$case}\n\t\t\t\t\t\t\t\t AND fu.id_author = " . $row['id_author'] . "\n\t\t\t\t\t\t\t\t AND fu.hidden = 'N'\n\t\t\t\t\t\t\t\t AND fu.type = '" . $f['name'] . "'\n\t\t\t\t\t\t\t\tGROUP BY fu.type";
$r2 = lcm_query($q2);
// FIXME: css for "ul/li" is a bit weird, but without specifying the height,
// the text is displayed under the line...
// But we should probably scrap the whole table anyway
while ($row2 = lcm_fetch_array($r2)) {
// either: futype (70%) + length (15%) + sumbilled (15%)
// or only: futype (70%) + length (30%)
$html .= "<li style='clear: both; height: 1.4em; width: 100%;'>";
$html .= '<div style="float: left; text-align: left;">' . _Tkw('followups', $row2['type']) . ": " . '</div>';
if ($meta_sum_billed == 'yes') {
$html .= '<div style="width: 120px; float: right; text-align: right;">' . format_money($row2['sumbilled']) . '</div>';
}
$html .= '<div style="width: 120px; float: right; text-align: right;">' . format_time_interval_prefs($row2['time']) . '</div>';
$html .= "</li>\n";
}
}
if ($_REQUEST['sel_time_intervals'] == 'absolute' || $_REQUEST['sel_time_intervals'] == 'relative') {
$prefs['time_intervals'] = $_REQUEST['sel_time_intervals'];
$prefs_mod = true;
}
}
// Set intervals notation
if ($_REQUEST['sel_time_intervals_notation'] != $_REQUEST['old_time_intervals_notation']) {
if (in_array($_REQUEST['sel_time_intervals_notation'], array("hours_only", "floatdays_hours_minutes", "floatdays_floathours_minutes"))) {
$prefs['time_intervals_notation'] = $_REQUEST['sel_time_intervals_notation'];
$prefs_mod = true;
}
}
}
// Update user preferences if modified
if ($prefs_mod) {
lcm_query("UPDATE lcm_author\n\t\t\t\tSET prefs = '" . addslashes(serialize($prefs)) . "'\n\t\t\t\tWHERE id_author = " . $author_session['id_author']);
}
if (isset($lang) and $lang != $lcm_lang) {
// Boomerang via lcm_cookie to set a cookie and do all the dirty work
// The REQUEST_URI should always be set, and point to the current page
// we are being sent to (Ex: from config_author.php to listcases.php).
// [ML] I used $lcm_lang because there are rare cases where the cookie
// can disagree with $author_session['lang'] (e.g. login one user, set
// cookie, logout, login other user, conflict).
// [ML] Added $ref because some forms such as config_author.php expect it
$ref = isset($_REQUEST['referer']) ? '&referer=' . urlencode($_REQUEST['referer']) : '';
header("Location: lcm_cookie.php?var_lang_lcm=" . $lang . "&url=" . urlencode($_SERVER['REQUEST_URI']) . $ref);
exit;
}
//
// Database version management
function save()
{
$errors = $this->validate();
if (count($errors)) {
return $errors;
}
//
// Update
//
$fl = " date_start = '" . $this->getDataString('date_start') . "',\n\t\t\t\tdate_end = '" . $this->getDataString('date_end') . "',\n\t\t\t\ttype = '" . $this->getDataString('type') . "',\n\t\t\t\tsumbilled = " . $this->getDataFloat('sumbilled', 0.0);
if ($this->getDataString('type') == 'stage_change') {
// [ML] To be honest, we should "assert" most of the
// following values, but "new_stage" is the most important.
lcm_assert_value($this->getDataString('new_stage', '__ASSERT__'));
$desc = array('description' => $this->getDataString('description'), 'result' => $this->getDataString('result'), 'conclusion' => $this->getDataString('conclusion'), 'sentence' => $this->getDataString('sentence'), 'sentence_val' => $this->getDataString('sentence_val'), 'new_stage' => $this->getDataString('new_stage'));
$fl .= ", description = '" . serialize($desc) . "'";
} elseif (is_status_change($this->getDataString('type'))) {
$desc = array('description' => $this->getDataString('description'), 'result' => $this->getDataString('result'), 'conclusion' => $this->getDataString('conclusion'), 'sentence' => $this->getDataString('sentence'), 'sentence_val' => $this->getDataString('sentence_val'));
$fl .= ", description = '" . serialize($desc) . "'";
} else {
$fl .= ", description = '" . $this->getDataString('description') . "'";
}
if ($this->getDataInt('id_followup') > 0) {
// Edit of existing follow-up
$id_followup = $this->getDataInt('id_followup');
if (!allowed($this->getDataInt('id_case'), 'e')) {
lcm_panic("You don't have permission to modify this case's information. (" . $this->getDataInt('id_case') . ")");
}
// TODO: check if hiding this FU is allowed
if (allowed($this->getDataInt('id_case'), 'a') && !(is_status_change($this->getDataString('type')) || $this->getDataString('type') == 'assignment' || $this->getDataString('type') == 'unassignment')) {
if ($this->getDataString('delete')) {
$fl .= ", hidden = 'Y'";
} else {
$fl .= ", hidden = 'N'";
}
} else {
$fl .= ", hidden = 'N'";
}
$q = "UPDATE lcm_followup SET {$fl} WHERE id_followup = {$id_followup}";
$result = lcm_query($q);
// Get stage of the follow-up entry
$q = "SELECT id_stage, case_stage FROM lcm_followup WHERE id_followup = {$id_followup}";
$result = lcm_query($q);
if ($row = lcm_fetch_array($result)) {
$case_stage = lcm_assert_value($row['case_stage']);
} else {
lcm_panic("There is no such follow-up (" . $id_followup . ")");
}
// Update the related lcm_stage entry
$q = "UPDATE lcm_stage SET\n\t\t\t\t\tdate_conclusion = '" . $this->getDataString('date_end') . "',\n\t\t\t\t\tkw_result = '" . $this->getDataString('result') . "',\n\t\t\t\t\tkw_conclusion = '" . $this->getDataString('conclusion') . "',\n\t\t\t\t\tkw_sentence = '" . $this->getDataString('sentence') . "',\n\t\t\t\t\tsentence_val = '" . $this->getDataString('sentence_val') . "',\n\t\t\t\t\tdate_agreement = '" . $this->getDataString('date_end') . "'\n\t\t\t\tWHERE id_case = " . $this->getDataInt('id_case') . "\n\t\t\t\t AND kw_case_stage = '" . $case_stage . "'";
lcm_query($q);
} else {
// New follow-up
if (!allowed($this->getDataInt('id_case'), 'w')) {
lcm_panic("You don't have permission to add information to this case. (" . $this->getDataInt('id_case') . ")");
}
// Get the current case stage
$q = "SELECT id_stage, stage FROM lcm_case WHERE id_case=" . $this->getDataInt('id_case', '__ASSERT__');
$result = lcm_query($q);
if ($row = lcm_fetch_array($result)) {
$case_stage = lcm_assert_value($row['stage']);
$case_stage_id = lcm_assert_value($row['id_stage']);
} else {
lcm_panic("There is no such case (" . $this->getDataInt('id_case') . ")");
}
// Add the new follow-up
$q = "INSERT INTO lcm_followup\n\t\t\t\t\tSET id_case=" . $this->getDataInt('id_case') . ",\n\t\t\t\t\t\tid_author=" . $GLOBALS['author_session']['id_author'] . ",\n\t\t\t\t\t\t{$fl},\n\t\t\t\t\t\tid_stage = {$case_stage_id},\n\t\t\t\t\t\tcase_stage='{$case_stage}'";
lcm_query($q);
$this->data['id_followup'] = lcm_insert_id('lcm_followup', 'id_followup');
// Set relation to the parent appointment, if any
if ($this->getDataInt('id_app')) {
$q = "INSERT INTO lcm_app_fu \n\t\t\t\t\t\tSET id_app=" . $this->getDataInt('id_app') . ",\n\t\t\t\t\t\t\tid_followup=" . $this->getDataInt('id_followup', '__ASSERT__') . ",\n\t\t\t\t\t\t\trelation='child'";
$result = lcm_query($q);
}
// Update case status
$status = '';
$stage = '';
switch ($this->getDataString('type')) {
case 'conclusion':
$status = 'closed';
break;
case 'suspension':
$status = 'suspended';
break;
case 'opening':
case 'resumption':
case 'reopening':
$status = 'open';
break;
case 'merge':
$status = 'merged';
break;
case 'deletion':
$status = 'deleted';
break;
case 'stage_change':
$stage = lcm_assert_value($this->getDataString('new_stage'));
break;
}
if ($status || $stage) {
$q = "UPDATE lcm_case\n\t\t\t\t\t\tSET " . ($status ? "status='{$status}'" : '') . ($status && $stage ? ',' : '') . ($stage ? "stage='{$stage}'" : '') . "\n\t\t\t\t\t\tWHERE id_case=" . $this->getDataInt('id_case');
lcm_query($q);
// Close the lcm_stage
// XXX for now, date_agreement is not used
if ($status == 'open') {
// case is being re-opened, so erase previously entered info
$q = "UPDATE lcm_stage\n\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\tdate_conclusion = '0000-00-00 00:00:00',\n\t\t\t\t\t\t\t\tid_fu_conclusion = 0,\n\t\t\t\t\t\t\t\tkw_result = '',\n\t\t\t\t\t\t\t\tkw_conclusion = '',\n\t\t\t\t\t\t\t\tkw_sentence = '',\n\t\t\t\t\t\t\t\tsentence_val = '',\n\t\t\t\t\t\t\t\tdate_agreement = '0000-00-00 00:00:0'\n\t\t\t\t\t\t\tWHERE id_case = " . $this->getDataInt('id_case') . "\n\t\t\t\t\t\t\t AND kw_case_stage = '" . $case_stage . "'";
} else {
$q = "UPDATE lcm_stage\n\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\tdate_conclusion = '" . $this->getDataString('date_end') . "',\n\t\t\t\t\t\t\t\tid_fu_conclusion = " . $this->getDataInt('id_followup') . ",\n\t\t\t\t\t\t\t\tkw_result = '" . $this->getDataString('result') . "',\n\t\t\t\t\t\t\t\tkw_conclusion = '" . $this->getDataString('conclusion') . "',\n\t\t\t\t\t\t\t\tkw_sentence = '" . $this->getDataString('sentence') . "',\n\t\t\t\t\t\t\t\tsentence_val = '" . $this->getDataString('sentence_val') . "',\n\t\t\t\t\t\t\t\tdate_agreement = '" . $this->getDataString('date_end') . "'\n\t\t\t\t\t\t\tWHERE id_case = " . $this->getDataInt('id_case', '__ASSERT__') . "\n\t\t\t\t\t\t\t AND kw_case_stage = '" . $case_stage . "'";
}
lcm_query($q);
}
// If creating a new case stage, make new lcm_stage entry
if ($stage) {
$q = "INSERT INTO lcm_stage SET\n\t\t\t\t\t\t\tid_case = " . $this->getDataInt('id_case', '__ASSERT__') . ",\n\t\t\t\t\t\t\tkw_case_stage = '" . lcm_assert_value($stage) . "',\n\t\t\t\t\t\t\tdate_creation = NOW(),\n\t\t\t\t\t\t\tid_fu_creation = " . $this->getDataInt('id_followup');
lcm_query($q);
}
}
// Keywords
update_keywords_request('followup', $this->getDataInt('id_followup'));
return $errors;
}
// ignore errors
$_SESSION['errors']['client_added'] = "An client/organisation was added to the participants of this appointment.";
}
// Remove appointment participants (clients/organisations)
if (_session('rem_client')) {
$q = "DELETE FROM lcm_app_client_org WHERE id_app={$id_app} AND (0";
foreach ($_SESSION['form_data']['rem_client'] as $rem_cli) {
$client_org = explode(':', $rem_cli);
$co .= 'id_client=' . $client_org[0];
if ($client_org[1]) {
$co = "({$co} AND id_org=" . $client_org[1] . ')';
}
$q .= " OR {$co}";
}
$q .= ")";
if (($result = lcm_query($q)) && mysql_affected_rows() > 0) {
// XXX MySQL SPECIFIC
$_SESSION['errors']['client_added'] = "An client/organisation was added to the participants of this appointment.";
}
// Clean client removal list
unset($_SESSION['form_data']['rem_client']);
}
// Check if author or client/organisation was added
if (count($_SESSION['errors'])) {
$ref_url = parse_url($_SERVER['HTTP_REFERER']);
parse_str($ref_url['query'], $params);
$params['app'] = $id_app;
foreach ($params as $k => $v) {
$params[$k] = $k . '=' . urlencode($v);
}
lcm_header('Location: edit_app.php?' . join('&', $params));
function printList()
{
global $prefs;
// Select cases of which the current user is author
$q = "SELECT e.id_expense, e.id_case, e.id_author, e.status, e.type, \n\t\t\t\te.description, e.date_creation, e.date_update, e.pub_read,\n\t\t\t\te.pub_write, a.name_first, a.name_middle, a.name_last,\n\t\t\t\tcount(ec.id_expense) as nb_comments, c.title as case_title\n\t\t\tFROM lcm_expense as e\n\t\t\tLEFT JOIN lcm_expense_comment as ec ON (ec.id_expense = e.id_expense)\n\t\t\tLEFT JOIN lcm_author as a ON (a.id_author = e.id_author) \n\t\t\tLEFT JOIN lcm_case as c ON (c.id_case = e.id_case) ";
$q .= " WHERE (1=1 ";
if ($this->search) {
$q .= " AND (";
if (is_numeric($this->search)) {
$q .= " e.id_expense = " . $this->search . " OR ";
}
$q .= " e.description LIKE '%" . $this->search . "%' ";
$q .= " )";
}
if ($this->id_case) {
$q .= " AND e.id_case = " . $this->id_case;
}
$q .= ")";
//
// Apply filters to SQL
//
// Case owner TODO
// $q .= " AND " . $q_owner;
// Period (date_creation) to show
if ($prefs['case_period'] < 1900) {
// since X days
// $q .= " AND TO_DAYS(NOW()) - TO_DAYS(date_creation) < " . $prefs['case_period'];
$q .= " AND " . lcm_query_subst_time('e.date_creation', 'NOW()') . ' < ' . $prefs['case_period'] * 3600 * 24;
} else {
// for year X
$q .= " AND " . lcm_query_trunc_field('e.date_creation', 'year') . ' = ' . $prefs['case_period'];
}
$q .= " GROUP BY e.id_expense, e.id_case, e.id_author, e.status, e.type, e.description, e.date_creation, e.date_update, e.pub_read, e.pub_write, a.name_first, a.name_middle, a.name_last, c.title ";
//
// Sort
//
$sort_clauses = array();
$sort_allow = array('ASC' => 1, 'DESC' => 1);
// Sort by request type
if ($sort_allow[_request('type_order')]) {
$sort_clauses[] = "type " . _request('type_order');
}
if ($sort_allow[_request('status_order')]) {
$sort_clauses[] = "status " . _request('status_order');
}
// Sort cases by creation or update date
if ($sort_allow[_request('date_order')]) {
$sort_clauses[] = "date_creation " . _request('date_order');
} elseif ($sort_allow[_request('upddate_order')]) {
$sort_clauses[] = "date_update " . _request('upddate_order');
}
if (count($sort_clauses)) {
$q .= " ORDER BY " . implode(', ', $sort_clauses);
} else {
$q .= " ORDER BY date_creation DESC";
}
// default sort
$result = lcm_query($q);
// Check for correct start position of the list
$this->number_of_rows = lcm_num_rows($result);
if ($this->list_pos >= $this->number_of_rows) {
$this->list_pos = 0;
}
// Position to the page info start
if ($this->list_pos > 0) {
if (!lcm_data_seek($result, $this->list_pos)) {
lcm_panic("Error seeking position " . $this->list_pos . " in the result");
}
}
for ($i = 0; $i < $prefs['page_rows'] && ($row = lcm_fetch_array($result)); $i++) {
$css = $i % 2 ? "dark" : "light";
echo "<tr>\n";
// Expense ID
echo "<td class='tbl_cont_" . $css . "'>";
echo highlight_matches($row['id_expense'], $this->search);
echo "</td>\n";
// Author
echo "<td class='tbl_cont_" . $css . "'>";
echo get_person_initials($row);
echo "</td>\n";
// Attached to case..
echo "<td class='tbl_cont_" . $css . "'>";
if ($row['id_case']) {
echo '<abbr title="' . $row['case_title'] . '">' . $row['id_case'] . '</a>';
}
echo "</td>\n";
// Date creation
echo "<td class='tbl_cont_" . $css . "'>";
echo format_date($row['date_creation'], 'short');
echo "</td>\n";
// Type
echo "<td class='tbl_cont_" . $css . "'>";
echo _Tkw('_exptypes', $row['type']);
echo "</td>\n";
// Description
global $fu_desc_len;
// configure via my_options.php with $GLOBALS['fu_desc_len'] = NNN;
$more_desc = _request('more_desc', 0);
$desc_length = isset($fu_desc_len) && $fu_desc_len > 0 ? $fu_desc_len : 256;
$description = $row['description'];
if ($more_desc || strlen(lcm_utf8_decode($row['description'])) < $desc_length) {
$description = $row['description'];
} else {
$description = substr($row['description'], 0, $desc_length) . '...';
}
echo "<td class='tbl_cont_" . $css . "'>";
echo '<a class="content_link" href="exp_det.php?expense=' . $row['id_expense'] . '">';
echo nl2br(highlight_matches($description, $this->search));
echo "</a>";
echo "</td>\n";
// # Comments
echo "<td class='tbl_cont_" . $css . "'>";
echo $row['nb_comments'];
echo "</td>\n";
// Date update
echo "<td class='tbl_cont_" . $css . "'>";
if ($row['date_update'] != $row['date_creation']) {
echo format_date($row['date_update'], 'short');
}
echo "</td>\n";
// Status
echo "<td class='tbl_cont_" . $css . "'>";
echo _T('expense_status_option_' . $row['status']);
echo "</td>\n";
echo "</tr>\n";
}
}
function install_step_3()
{
$db_address = _request('db_address');
$db_login = _request('db_login');
$db_password = _request('db_password');
global $lcm_db_version;
$install_log = "";
$upgrade_log = "";
// Possible errors will get trapped in the output buffer and displayed later,
// so that they don't mess up with headers/html.
ob_start();
if (_request('db_choice') == "__manual__") {
$sel_db = _request('manual_db');
} else {
$sel_db = _request('db_choice');
}
$link = lcm_connect_db($db_address, 0, $db_login, $db_password, $sel_db);
$io_output = ob_get_contents();
ob_end_clean();
if (!$link) {
install_html_start('AUTO', '', 3);
lcm_panic("connection denied: " . lcm_sql_error());
}
//
// TEMPORARY (used by testing the installer)
/*
lcm_query("DROP TABLE lcm_case", true);
lcm_query("DROP TABLE lcm_case_attachment", true);
lcm_query("DROP TABLE lcm_stage", true);
lcm_query("DROP TABLE lcm_followup", true);
lcm_query("DROP TABLE lcm_author", true);
lcm_query("DROP TABLE lcm_client", true);
lcm_query("DROP TABLE lcm_client_attachment", true);
lcm_query("DROP TABLE lcm_org", true);
lcm_query("DROP TABLE lcm_org_attachment", true);
lcm_query("DROP TABLE lcm_contact", true);
lcm_query("DROP TABLE lcm_keyword", true);
lcm_query("DROP TABLE lcm_keyword_case", true);
lcm_query("DROP TABLE lcm_keyword_client", true);
lcm_query("DROP TABLE lcm_keyword_org", true);
lcm_query("DROP TABLE lcm_keyword_group", true);
lcm_query("DROP TABLE lcm_report", true);
lcm_query("DROP TABLE lcm_fields", true);
lcm_query("DROP TABLE lcm_filter", true);
lcm_query("DROP TABLE lcm_app", true);
lcm_query("DROP TABLE lcm_app_client_org", true);
lcm_query("DROP TABLE lcm_app_fu", true);
lcm_query("DROP TABLE lcm_author_app", true);
lcm_query("DROP TABLE lcm_case_client_org", true);
lcm_query("DROP TABLE lcm_case_author", true);
lcm_query("DROP TABLE lcm_client_org", true);
lcm_query("DROP TABLE lcm_rep_col", true);
lcm_query("DROP TABLE lcm_rep_line", true);
lcm_query("DROP TABLE lcm_rep_filters", true);
lcm_query("DROP TABLE lcm_filter_conds", true);
lcm_query("DROP TABLE lcm_rep_filter", true);
lcm_query("DROP TABLE lcm_meta", true);
*/
// Test if the software was already installed
$result = lcm_query("SELECT * FROM lcm_meta", true);
$already_installed = !lcm_sql_errno() && lcm_num_rows($result);
$old_lcm_version = 'NONE';
if ($already_installed) {
lcm_log("LCM already installed", 'install');
// Find the current database version
$old_lcm_db_version = 0;
$query = "SELECT value FROM lcm_meta WHERE name = 'lcm_db_version'";
$result = lcm_query_db($query);
while ($row = lcm_fetch_array($result)) {
$old_lcm_db_version = $row['value'];
}
lcm_log("LCM version installed is {$old_lcm_db_version}", 'install');
// Check if upgrade is needed
if ($old_lcm_db_version < $lcm_db_version) {
lcm_log("Calling the upgrade procedure (since < {$lcm_db_version})", 'install');
include_lcm('inc_db_upgrade');
$upgrade_log = upgrade_database($old_lcm_db_version);
} else {
lcm_log("Upgrade _not_ called, looks OK (= {$lcm_db_version})", 'install');
}
} else {
lcm_log("Creating the database from scratch", 'install');
include_lcm('inc_db_create');
$install_log .= create_database();
lcm_log("DB creation complete", 'install');
}
// Create default meta + keywords
include_lcm('inc_meta');
include_lcm('inc_keywords_default');
include_lcm('inc_meta_defaults');
init_default_config();
init_languages();
$skwg = get_default_keywords();
create_groups($skwg);
write_metas();
// regenerate inc/data/inc_meta_cache.php
// Test DB: not used for now..
include_lcm('inc_db_test');
$structure_ok = lcm_structure_test();
if (!empty($install_log)) {
install_html_start('AUTO', '', 3);
echo "<h3><small>" . _T('install_step_three') . "</small> " . _T('install_title_creating_database') . "</h3>\n";
echo "<div class='box_error'>\n";
echo "<p>";
echo "<b>" . _T('warning_operation_failed') . "</b> " . _T('install_database_install_failed');
echo " " . lcm_help("install_connection") . "</p>\n";
echo "</div>\n";
// Dump error listing
echo put_text_in_textbox($install_log);
install_html_end();
} else {
if (!empty($upgrade_log)) {
install_html_start('AUTO', '', 3);
echo "<h3><small>" . _T('install_step_three') . "</small> " . _T('install_title_creating_database') . "</h3>\n";
echo "<div class='box_error'>\n";
echo "<p>" . _T('install_warning_update_impossible', array('old_version' => $old_lcm_version, 'version' => $lcm_version)) . "</p>\n";
echo "</div>\n";
// Dump error listing
echo put_text_in_textbox($upgrade_log);
install_html_end();
} else {
if (!$structure_ok) {
install_html_start('AUTO', '', 3);
echo "<h3><small>" . _T('install_step_three') . "</small> " . _T('install_title_creating_database') . "</h3>\n";
echo "<div class='box_error'>\n";
echo "<p> STRUCTURE PROBLEM </p>\n";
// TRAD
echo "</div>\n";
install_html_end();
} else {
// Everything OK
$conn = '<' . '?php' . "\n";
$conn .= "if (defined('_CONFIG_INC_CONNECT')) return;\n";
$conn .= "define('_CONFIG_INC_CONNECT', '1');\n";
$conn .= "\$GLOBALS['lcm_connect_version'] = 0.1;\n";
$conn .= "include_lcm('inc_db');\n";
$conn .= "@lcm_connect_db('{$db_address}','','{$db_login}','{$db_password}','{$sel_db}');\n";
$conn .= "\$GLOBALS['db_ok'] = !!@lcm_num_rows(@lcm_query_db('SELECT COUNT(*) FROM lcm_meta'));\n";
$conn .= '?' . '>';
$lcm_config_prefix = isset($_SERVER['LcmConfigDir']) ? $_SERVER['LcmConfigDir'] : 'inc/config';
$myFile = fopen($lcm_config_prefix . '/inc_connect_install.php', 'wb');
fputs($myFile, $conn);
fclose($myFile);
install_step_4();
}
}
}
}
// Change the language of the private area (or login)
// [ML] I once wanted to put this in a function, and it did a hell
// of a mess because of the session handling stuff..
if (isset($_REQUEST['var_lang_lcm'])) {
// ex: bg, fr, en, en_uk, etc. nothing else is accepted
if (preg_match("/^[_A-Za-z]+[0-9]*\$/", $_REQUEST['var_lang_lcm'])) {
include_lcm('inc_lang');
include_lcm('inc_session');
$new_lang = clean_input($_REQUEST['var_lang_lcm']);
$valid_author = verifier_visiteur();
if (lcm_set_language($new_lang)) {
lcm_setcookie('lcm_lang', $new_lang, time() + 365 * 24 * 3600);
// Save language preference only if we are installed and if author connected
if ($valid_author && include_config_exists('inc_connect')) {
include_lcm('inc_admin');
lcm_query("UPDATE lcm_author \n\t\t\t\t\t\tSET lang = '" . $new_lang . "' \n\t\t\t\t\t\tWHERE id_author = " . $GLOBALS['author_session']['id_author']);
$author_session['lang'] = $new_lang;
lcm_add_session($author_session, $_COOKIE['lcm_session']);
} else {
lcm_log("Not valid_author ({$valid_author}) or not yet installed");
}
$cible->delvar('lang');
$cible->addvar('lang', $new_lang);
} else {
lcm_log("lcm_set_language() is not happy, wrong lang code?");
}
}
}
// Redirection
// Under Apache, cookies with a redirection work
// Else, we do a HTTP refresh
lcm_query($q);
}
} else {
lcm_panic("Query returned no results.");
}
///////////////////////////////////////////////////////////////////////
// Consequent appointment information update
///////////////////////////////////////////////////////////////////////
if (isset($_SESSION['form_data']['add_appointment'])) {
// No errors, proceed with database update
$fl = "\ttype\t\t= '" . clean_input($_SESSION['form_data']['app_type']) . "',\n\t\ttitle\t\t= '" . clean_input($_SESSION['form_data']['app_title']) . "',\n\t\tdescription\t= '" . clean_input($_SESSION['form_data']['app_description']) . "',\n\t\tstart_time\t= '" . $_SESSION['form_data']['app_start_time'] . "',\n\t\tend_time\t= '" . $_SESSION['form_data']['app_end_time'] . "',\n\t\treminder\t= '" . $_SESSION['form_data']['app_reminder'] . "'\n\t\t";
// Add the new appointment
$q = "INSERT INTO lcm_app SET ";
// Add case ID
$q .= 'id_case = ' . $_SESSION['form_data']['id_case'] . ',';
// Add ID of the creator
$q .= 'id_author = ' . $GLOBALS['author_session']['id_author'] . ',';
// Add the rest of the fields
$q .= "{$fl}, date_creation = NOW()";
$result = lcm_query($q);
// Get new appointment's ID
$id_app = lcm_insert_id('lcm_app', 'id_app');
$_SESSION['form_data']['id_app'] = $id_app;
// Add relationship with the creator
lcm_query("INSERT INTO lcm_author_app SET id_app={$id_app},id_author=" . $GLOBALS['author_session']['id_author']);
// Add followup relation
lcm_query("INSERT INTO lcm_app_fu SET id_app={$id_app},id_followup={$id_followup},relation='parent'");
}
// Send user back to add/edit page's referer or (default) to followup detail page
lcm_header('Location: fu_det.php?followup=' . $id_followup);
exit;
function lcm_db_40_refresh_case_update()
{
$server_info = lcm_sql_server_info();
// [ML] This won't work on MySQL 3.23 .. nor 4.0 (?!)
if (preg_match('/^MySQL/', $server_info) && !preg_match('/^MySQL 3\\./', $server_info) && !preg_match('/^MySQL 4\\.0/', $server_info)) {
lcm_query("UPDATE lcm_case \n\t\t\t\t\t\tSET date_update = (SELECT max(fu.date_start) \n\t\t\t\t\t\t\t\t\t\tFROM lcm_followup as fu \n\t\t\t\t\t\t\t\t\t\tWHERE lcm_case.id_case = fu.id_case\n\t\t\t\t\t\t\t\t\t\tGROUP BY fu.id_case)", true);
} else {
// [ML] Probably not the best idea.. but brain-dead mysql
// incompatibilities are driving me crazy..
//
// Note: using the join to exclude non-empty dates allows to
// continue/re-run the upgrade if it makes a time-out.
$result = lcm_query("SELECT c.id_case, MAX(fu.date_start) as date\n\t\t\t\t\t\t\t\tFROM lcm_followup as fu, lcm_case as c\n\t\t\t\t\t\t\t\tWHERE fu.id_case = c.id_case\n\t\t\t\t\t\t\t\t AND c.date_update != '0000-00-00 00:00:00'\n\t\t\t\t\t\t\t\tGROUP BY fu.id_case\n\t\t\t\t\t\t\t\tORDER BY fu.id_case ASC");
while ($row = lcm_fetch_array($result)) {
lcm_query("UPDATE lcm_case\n\t\t\t\t\t\t\tSET date_update = '" . $row['date'] . "'\n\t\t\t\t\t\t\tWHERE id_case = " . $row['id_case']);
}
}
}
$q .= ')';
// Add search criteria if any
$find_org_string = _request('find_org_string');
if ($find_org_string) {
// XXX add more criteria ? (id, tax num, etc.)
// should be centralised with function, i.e. get_sql_find_org($string)
$q .= " AND (name LIKE '%{$find_org_string}%')";
}
$q .= ")";
// Sort organisations by name
$order_name = 'ASC';
if (_request('order_name') == 'ASC' || _request('order_name') == 'DESC') {
$order_name = _request('order_name');
}
$q .= " ORDER BY name " . $order_name;
$result = lcm_query($q);
lcm_page_start(_T('title_case_add_org'));
show_context_start();
show_context_case_title($case);
show_context_case_involving($case);
show_context_end();
// Get the number of rows in the result
$number_of_rows = lcm_num_rows($result);
// Check for correct start position of the list
$list_pos = intval(_request('list_pos', 0));
if ($list_pos >= $number_of_rows) {
$list_pos = 0;
}
// Position to the page info start
if ($list_pos > 0) {
if (!lcm_data_seek($result, $list_pos)) {
if (_request('filecustom')) {
if (include_custom_report_exists(_request('filecustom'))) {
include_custom_report(_request('filecustom'));
$obj = new CustomReportSpecs();
$do_update = false;
$query = "UPDATE lcm_report SET ";
if ($info = $obj->getReportLine()) {
$query .= "line_src_type = '" . $info['type'] . "',\n\t\t\t\t\t\tline_src_name = '" . $info['name'] . "'";
$do_update = true;
}
if ($info = $obj->getReportCol()) {
if ($do_update) {
$query .= ", ";
}
$query .= " col_src_type = '" . $info['type'] . "'";
// Ignore if name not set, or name restricts the choice (ex: keyword that applies to 'case')
if (!$info['name'] || substr($info['name'], 0, 4) == 'FOR:') {
$query .= ", col_src_name = '' ";
} else {
$query .= ", col_src_name = '" . $info['name'] . "' ";
}
$do_update = true;
}
if ($do_update) {
lcm_query($query);
}
} else {
$_SESSION['errors']['filecustom'] = "Custom report file does not exist: " . htmlspecialchars(_request('filecustom'));
}
}
lcm_header("Location: rep_det.php?rep=" . $rep . $ref_tag);
if (count($values) > 0) {
// Prepare and do the query
$q = "INSERT INTO lcm_client_org (id_org,id_client) VALUES " . join(',', $values);
if (!($result = lcm_query($q))) {
die("{$q}<br>\n" . _T('title_error') . " " . lcm_errno() . ": " . lcm_error());
}
}
} else {
if (isset($_POST['rem_clients']) && count($_POST['rem_clients']) > 0) {
//
// Remove organization representatives
//
$values = array();
foreach ($_POST['rem_clients'] as $client) {
$client = intval($client);
if ($client > 0) {
$values[] = $client;
}
}
if (count($values) > 0) {
// Prepare and do the query
$q = "DELETE FROM lcm_client_org WHERE id_org={$org} AND id_client IN (" . join(',', $values) . ")";
if (!($result = lcm_query($q))) {
die("{$q}<br>\n" . _T('title_error') . " " . lcm_errno() . ": " . lcm_error());
}
}
}
}
}
//header("Location: $ref_sel_cli_org");
header("Location: org_det.php?org={$org}&tab=representatives");
function setupReportLines()
{
$this->addComment("setupReportLines() called.");
$q = "SELECT *\n\t\t\t\tFROM lcm_rep_line as l, lcm_fields as f\n\t\t\t\tWHERE id_report = " . $this->getId() . "\n\t\t\t\tAND l.id_field = f.id_field\n\t\t\t\tORDER BY col_order, id_line ASC";
$result = lcm_query($q);
while ($row = lcm_fetch_array($result)) {
$my_line_table = $row['table_name'];
$this->addLine(prefix_field($row['table_name'], $row['field_name']));
$this->addHeader(_Th($row['description']), $row['filter'], $row['enum_type'], '', $row['field_name']);
if ($row['field_name'] == 'count(*)') {
$this->setOption('do_grouping', 'yes');
}
// $do_grouping = true;
}
if (count($this->getLines())) {
return;
}
//
// No fields were specified: show them all (avoids errors)
//
if ($this->rep_info['line_src_type'] == 'table') {
$q = "SELECT * \n\t\t\t\t\tFROM lcm_fields \n\t\t\t\t\tWHERE table_name = 'lcm_" . $this->rep_info['line_src_name'] . "'\n\t\t\t\t\t AND field_name != 'count(*)'";
$result = lcm_query($q);
while ($row = lcm_fetch_array($result)) {
$this->addLine(prefix_field($row['table_name'], $row['field_name']));
$this->addHeader(_Th($row['description']), $row['filter'], $row['enum_type'], '', $row['field_name']);
}
} elseif ($this->rep_info['line_src_type'] == 'keyword') {
$kwg = get_kwg_from_name($this->rep_info['line_src_name']);
$this->addLine("k.title as 'TRAD'");
$this->addHeader(_Th(remove_number_prefix($kwg['title'])), $kwg['filter'], $kwg['enum_type'], '', 'k.id_keyword');
// XXX not sure about id_keyword
}
}
show_context_item(_Ti('fu_input_current_stage') . _Tkw('stage', $old_stage));
}
// Show stage information [ML] Not very efficient, I know, but I prefer to avoid spagetti
if ($_SESSION['form_data']['case_stage']) {
// if editing an existing followup..
$stage_info = get_kw_from_name('stage', $_SESSION['form_data']['case_stage']);
$id_stage = $stage_info['id_keyword'];
show_context_stage($case, $id_stage);
} elseif (isset($old_stage) && $old_stage) {
// setting new stage
$stage_info = get_kw_from_name('stage', $old_stage);
$id_stage = $stage_info['id_keyword'];
show_context_stage($case, $id_stage);
} else {
// Normal follow-up
$result = lcm_query("SELECT stage FROM lcm_case WHERE id_case = " . $case);
$row = lcm_fetch_array($result);
if ($row['stage']) {
$stage_info = get_kw_from_name('stage', $row['stage']);
$id_stage = $stage_info['id_keyword'];
show_context_stage($case, $id_stage);
}
}
show_context_end();
// Show the errors (if any)
echo show_all_errors($_SESSION['errors']);
// Disable inputs when edit is not allowed for the field
$dis = $admin || $edit ? '' : 'disabled="disabled"';
echo '<form action="upd_fu.php" method="post">' . "\n";
$obj_fu = new LcmFollowupInfoUI($_SESSION['follow']);
$obj_fu->printEdit();
function changer_typo($lang = '', $source = '')
{
global $lang_typo, $lang_dir, $dir_lang;
if (preg_match("/^(article|rubrique|breve|auteur)([0-9]+)/", $source, $regs)) {
$r = lcm_fetch_array(lcm_query("SELECT lang FROM spip_" . $regs[1] . "s WHERE id_" . $regs[1] . "=" . $regs[2]));
$lang = $r['lang'];
}
if (!$lang) {
$lang = read_meta('default_language');
}
$lang_typo = lang_typo($lang);
$lang_dir = lang_dir($lang);
$dir_lang = " dir='{$lang_dir}'";
}
