function create_groups($keyword_groups) { foreach ($keyword_groups as $skwg) { // Insert keyword group data into database table $q = "INSERT INTO lcm_keyword_group \n\t\t\t\t(name, title, description, type, policy, quantity, suggest, ac_admin, ac_author) \n\t\t\tVALUES (" . "'" . addslashes($skwg['name']) . "', " . "'" . addslashes($skwg['title']) . "', " . "'" . addslashes($skwg['description']) . "', " . "'" . addslashes($skwg['type']) . "', " . "'" . addslashes($skwg['policy']) . "', " . "'" . addslashes($skwg['quantity']) . "', " . "'" . addslashes($skwg['suggest']) . "', " . "'" . addslashes($skwg['ac_admin']) . "', " . "'" . addslashes($skwg['ac_author']) . "')"; $result = lcm_query($q, true); // Ignore if keyword exists (has unique key) // Findout under what ID is this group stored // Note: Do this instead of lcm_insert_id() because the keyword might not have been // inserted, so using lcm_insert_id() would re-create ALL keywords using the latest kwg id... $q = "SELECT id_group,name FROM lcm_keyword_group WHERE name='" . addslashes($skwg['name']) . "'"; $result = lcm_query($q); $row = lcm_fetch_array($result); $kwg_id = $row['id_group']; // If group is not successfully created or its ID is not found, report error // [ML] Failed SQL insert generates lcm_panic(), so this becomes useless. if ($kwg_id < 1) { lcm_log("create_groups: creation of keyword group seems to have failed. Aborting."); lcm_log("-> Query was: " . $q); return; } // Insert keywords data into database table foreach ($skwg['keywords'] as $k) { if (!isset($k['hasvalue'])) { $k['hasvalue'] = 'N'; } $q = "INSERT INTO lcm_keyword\n\t\t\t\t\t(id_group, name, title, description, hasvalue, ac_author)\n\t\t\t\tVALUES (" . $kwg_id . ", " . "'" . addslashes($k['name']) . "', " . "'" . addslashes($k['title']) . "', " . "'" . addslashes($k['description']) . "', " . "'" . addslashes($k['hasvalue']) . "', " . "'" . addslashes($k['ac_author']) . "')"; $result = lcm_query($q, true); // Ignore if keyword exists (has unique key) } } }
function read_author_data($id_author) { $q = "SELECT * FROM lcm_author WHERE id_author=" . $id_author; $result = lcm_query($q); if (!($usr = lcm_fetch_array($result))) { lcm_panic("The user #{$id_author} does not exist in the database."); } return $usr; }
function lcm_test_alter_table() { $log = ""; lcm_query("DROP TABLE lcm_test", true); lcm_query("CREATE TABLE lcm_test (a INT)"); lcm_query("ALTER TABLE lcm_test ADD b INT"); lcm_query("INSERT INTO lcm_test (b) VALUES (1)"); $result = lcm_query("SELECT b FROM lcm_test"); lcm_query("ALTER TABLE lcm_test DROP b"); if (!$result) { $log .= "User does not have the right to modify the database:"; if (lcm_sql_errno()) { $log .= "<p>" . lcm_sql_error() . "</p>"; } else { $log .= "<p>" . "No error message available." . "</p>"; } } lcm_query("DROP TABLE lcm_test", true); return $log; }
function create_repfields($rep_fields) { foreach ($rep_fields as $f) { $q = "SELECT * \n\t\t\t\tFROM lcm_fields \n\t\t\t\tWHERE table_name = '" . $f['table_name'] . "'\n\t\t\t\t AND field_name = '" . $f['field_name'] . "'"; $result = lcm_query($q); if ($row = lcm_fetch_array($result)) { // check if update necessary $needs_update = false; foreach ($f as $key => $val) { if ($row[$key] != $val) { $needs_update = true; } } if ($needs_update) { $all_fields_tmp = array(); $all_fields = ""; foreach ($f as $key => $val) { $all_fields_tmp[] = "{$key} = '{$val}'"; } $all_fields = implode(", ", $all_fields_tmp); $q2 = "UPDATE lcm_fields\n\t\t\t\t\t\tSET " . $all_fields . "\n\t\t\t\t\t\tWHERE table_name = '" . $f['table_name'] . "'\n\t\t\t\t\t\t AND field_name = '" . $f['field_name'] . "'"; lcm_query($q2); } } else { // insert new field $field_list = ""; $values_list = ""; foreach ($f as $key => $val) { $field_list .= "{$key},"; $values_list .= "'{$val}',"; } $field_list = preg_replace("/,\$/", "", $field_list); $values_list = preg_replace("/,\$/", "", $values_list); $q2 = "INSERT INTO lcm_fields ({$field_list})\n\t\t\t\t\t\tVALUES (" . $values_list . ")"; lcm_query($q2); } } }
function spip_query($query) { return lcm_query($query); }
function auth() { global $INSECURE, $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_COOKIE_VARS, $REMOTE_USER, $PHP_AUTH_USER, $PHP_AUTH_PW; global $auth_can_disconnect; global $connect_id_auteur, $connect_nom, $connect_bio, $connect_email; global $connect_nom_site, $connect_url_site, $connect_login, $connect_pass; global $connect_activer_imessage, $connect_activer_messagerie; global $connect_status; global $author_session, $prefs; global $clean_link; // This reloads $GLOBALS['db_ok'], just in case include_config('inc_connect'); // If there is not SQL connection, quit. if (!$GLOBALS['db_ok']) { include_lcm('inc_presentation'); lcm_html_start("Technical problem", "install"); // annoy sql_errno() echo "\n<!-- \n"; echo "\t* Flag connect: " . $GLOBALS['flag_connect'] . "\n\t"; lcm_query("SELECT count(*) from lcm_meta"); echo "\n-->\n\n"; echo "<div align='left' style='width: 600px;' class='box_error'>\n"; echo "\t<h3>" . _T('title_technical_problem') . "</h3>\n"; echo "\t<p>" . _T('info_technical_problem_database') . "</p>\n"; if (lcm_sql_errno()) { echo "\t<p><tt>" . lcm_sql_errno() . " " . lcm_sql_error() . "</tt></p>\n"; } else { echo "\t<p><tt>No error diagnostic was provided.</tt></p>\n"; } echo "</div>\n"; lcm_html_end(); return false; } // Initialise variables (avoid URL hacks) $auth_login = ""; $auth_pass = ""; $auth_pass_ok = false; $auth_can_disconnect = false; // Fetch identification data from authentication session if (isset($_COOKIE['lcm_session'])) { if (verifier_session($_COOKIE['lcm_session'])) { if ($author_session['status'] == 'admin' or $author_session['status'] == 'normal') { $auth_login = $author_session['username']; $auth_pass_ok = true; $auth_can_disconnect = true; } } } else { if ($_REQUEST['privet'] == 'yes') { // Failed login attempt: cookie failed $link = new Link("lcm_cookie.php?cookie_test_failed=yes"); $clean_link->delVar('privet'); $url = str_replace('/./', '/', $clean_link->getUrl()); $link->addVar('var_url', $url); @header("Location: " . $link->getUrl()); exit; } } // If not authenticated, ask for login / password if (!$auth_login) { $url = $clean_link->getUrl(); @header("Location: lcm_login.php?var_url=" . urlencode($url)); exit; } // // Search for the login in the authors' table // $auth_login = addslashes($auth_login); $query = "SELECT * FROM lcm_author WHERE username='******' AND status !='external' AND status !='6forum'"; $result = @lcm_query($query); if ($row = lcm_fetch_array($result)) { $connect_id_auteur = $row['id_author']; $connect_nom = $row['name_first']; $connect_login = $row['username']; $connect_pass = $row['password']; $connect_status = $row['status']; $connect_activer_messagerie = "non"; //$row["messagerie"]; $connect_activer_imessage = "non "; //$row["imessage"]; // Set the users' preferences $prefs = unserialize(get_magic_quotes_runtime() ? stripslashes($row['prefs']) : $row['prefs']); // // Default values for some possibly unset preferences // if (!isset($prefs['page_rows']) || intval($prefs['page_rows']) < 1) { $prefs['page_rows'] = 15; } if (!isset($prefs['theme']) || !$prefs['theme']) { $prefs['theme'] = 'green'; } if (!isset($prefs['screen']) || !$prefs['screen']) { $prefs['screen'] = 'wide'; } if (!isset($prefs['font_size']) || !$prefs['font_size']) { $prefs['font_size'] = 'medium_font'; } if (!isset($prefs['case_owner']) || !$prefs['case_owner']) { $prefs['case_owner'] = 'my'; } if (!isset($prefs['case_period']) || !$prefs['case_period']) { $prefs['case_period'] = '91'; } if (!isset($prefs['mode']) || !$prefs['mode']) { $prefs['mode'] = 'simple'; } if (!isset($prefs['time_intervals']) || !$prefs['time_intervals']) { $prefs['time_intervals'] = 'relative'; $prefs['time_intervals_notation'] = 'hours_only'; } } else { // This case is a strange possibility: the author is authentified // OK, but he does not exist in the authors table. Possible cause: // the database was restaured and the author does not exist (and // the user was authentified by another source, such as LDAP). // Note: we use to show a strange error message which would advice // to logout, but since it occurs only after db upgrade, just logout // brutally (with cookie_admin=no to forget the username). lcm_header('Location: lcm_cookie.php?cookie_admin=no&logout=' . $auth_login); exit; } if (!$auth_pass_ok) { @header("Location: lcm_login.php?var_erreur=pass"); exit; } // [ML] Again, not sure how this is used, but we can ignore it for now // TODO (note: nouveau == new) if ($connect_status == 'nouveau') { $query = "UPDATE lcm_author SET status = 'normal' WHERE id_author = {$connect_id_auteur}"; $result = lcm_query($query); $connect_status = 'normal'; } // PHP sessions are started here, and stopped at logout session_start(); return true; }
function lcm_insert_id($table, $field) { // return mysql_insert_id(); $result = lcm_query("SELECT last_value FROM {$table}_{$field}_seq"); $seq_array = pg_fetch_row($result, 0); return $seq_array[0]; }
function erase_meta($name) { lcm_query("DELETE FROM lcm_meta WHERE name='{$name}'"); }
function show_report_filters($id_report, $is_runtime = false) { // Get general report info $q = "SELECT * FROM lcm_report WHERE id_report = " . intval($id_report); $res = lcm_query($q); $rep_info = lcm_fetch_array($res); if (!$rep_info) { lcm_panic("Report does not exist: {$id_report}"); } // List filters attached to this report $query = "SELECT *\n\t\tFROM lcm_rep_filter as v, lcm_fields as f\n\t\tWHERE id_report = " . $id_report . "\n\t\tAND f.id_field = v.id_field"; // If generating the report (as opposed to editing), show filters // who have a filter type (eq, neq, in, ..), but no value. if ($is_runtime) { $query .= " AND v.type != '' AND v.value = '' "; } $result = lcm_query($query); if (lcm_num_rows($result)) { if ($is_runtime) { // submit all at once (else submit on a per-filter basis) echo '<form action="run_rep.php" name="frm_filters" method="get">' . "\n"; echo '<input name="rep" value="' . $id_report . '" type="hidden" />' . "\n"; if (isset($_REQUEST['export'])) { echo '<input name="export" value="' . $_REQUEST['export'] . '" type="hidden" />' . "\n"; } } echo "<table border='0' class='tbl_usr_dtl' width='99%'>\n"; while ($filter = lcm_fetch_array($result)) { if (!$is_runtime) { echo "<form action='upd_rep_field.php' name='frm_line_additem' method='get'>\n"; echo "<input name='update' value='filter' type='hidden' />\n"; echo "<input name='rep' value='{$id_report}' type='hidden' />\n"; echo "<input name='id_filter' value='" . $filter['id_filter'] . "' type='hidden' />\n"; } echo "<tr>\n"; echo "<td>" . _Th($filter['description']) . "</td>\n"; // Type of filter echo "<td>"; $all_filters = array('number' => array('none', 'num_eq', 'num_neq', 'num_lt', 'num_le', 'num_gt', 'num_ge'), 'date' => array('none', 'date_eq', 'date_in', 'date_lt', 'date_le', 'date_gt', 'date_ge'), 'text' => array('none', 'text_eq', 'text_neq')); if ($all_filters[$filter['filter']]) { // At runtime, if a filter has been selected, do not allow select if ($filter['type'] && $is_runtime) { echo _T('rep_filter_' . $filter['type']); } else { echo "<select name='filter_type'>\n"; echo "<option value=''>...</option>\n"; foreach ($all_filters[$filter['filter']] as $f) { $sel = $filter['type'] == $f ? ' selected="selected"' : ''; echo "<option value='" . $f . "'" . $sel . ">" . _T('rep_filter_' . $f) . "</option>\n"; } echo "</select>\n"; } } else { // XXX Should happen only if a filter was removed in a future version, e.g. rarely // or between development releases. echo "Unknown filter"; } echo "</td>\n"; // Value for filter echo "<td>"; switch ($filter['type']) { case 'num_eq': case 'num_neq': if ($filter['field_name'] == 'id_author') { $name = $is_runtime ? "filter_val" . $filter['id_filter'] : 'filter_value'; // XXX make this a function $q = "SELECT * FROM lcm_author WHERE status IN ('admin', 'normal', 'external')"; $result_author = lcm_query($q); echo "<select name='{$name}'>\n"; echo "<option value=''>...</option>\n"; // TRAD while ($author = lcm_fetch_array($result_author)) { // Check for already submitted value $sel = $filter['value'] == $author['id_author'] || $_REQUEST['filter_val' . $filter['id_filter']] == $author['id_author'] ? ' selected="selected"' : ''; echo "<option value='" . $author['id_author'] . "'" . $sel . ">" . $author['id_author'] . " : " . get_person_name($author) . "</option>\n"; } echo "</select>\n"; break; } case 'num_lt': case 'num_gt': $name = $is_runtime ? "filter_val" . $filter['id_filter'] : 'filter_value'; echo '<input style="width: 99%;" type="text" name="' . $name . '" value="' . $filter['value'] . '" />'; break; case 'date_eq': case 'date_lt': case 'date_le': case 'date_gt': case 'date_ge': $name = $is_runtime ? "filter_val" . $filter['id_filter'] : 'date'; echo get_date_inputs($name, $filter['value']); // FIXME break; case 'date_in': // date_in has two values, stored ex: 2005-01-01 00:00:00;2006-02-02 00:00:00 $name = $is_runtime ? "filter_val" . $filter['id_filter'] : 'date'; $values = split(";", $filter['value']); echo get_date_inputs($name . '_start', $values[0]); echo "<br />\n"; echo get_date_inputs($name . '_end', $values[1]); break; case 'text_eq': case 'text_neq': $name = $is_runtime ? "filter_val" . $filter['id_filter'] : 'filter_value'; if ($filter['enum_type']) { $enum = explode(":", $filter['enum_type']); if ($enum[0] == 'keyword') { if ($enum[1] == 'system_kwg') { $all_kw = get_keywords_in_group_name($enum[2]); echo '<select name="' . $name . '">' . "\n"; echo '<option value="">' . "..." . "</option>\n"; // TRAD foreach ($all_kw as $kw) { $sel = $filter['value'] == $kw['name'] || $_REQUEST['filter_val' . $filter['id_filter']] == $kw['name'] ? ' selected="selected" ' : ''; echo '<option value="' . $kw['name'] . '"' . $sel . '>' . _Tkw($enum[2], $kw['name']) . "</option>\n"; } echo "</select>\n"; } } elseif ($enum[0] == 'list') { $items = split(",", $enum[1]); echo '<select name="' . $name . '">' . "\n"; echo '<option value="">' . "..." . "</option>\n"; // TRAD foreach ($items as $i) { $tmp = $i; if ($enum[2]) { $tmp = _T($enum[2] . $tmp); } $sel = $filter['value'] == $i || $_REQUEST['filter_val' . $filter['id_filter']] == $i ? ' selected="selected" ' : ''; echo '<option value="' . $i . '"' . $sel . '>' . $tmp . "</option>\n"; } echo "</select>\n"; } } else { echo '<input style="width: 99%;" type="text" name="' . $name . '" value="' . $filter['value'] . '" />'; } break; default: echo "<!-- no type -->\n"; } echo "</td>\n"; if (!$is_runtime) { // Button to validate echo "<td>"; echo "<button class='simple_form_btn' name='validate_filter_addfield'>" . _T('button_validate') . "</button>\n"; echo "</td>\n"; // Link for "Remove" echo "<td><a class='content_link' href='upd_rep_field.php?rep=" . $id_report . "&" . "remove=filter" . "&" . "id_filter=" . $filter['id_filter'] . "'>" . "X" . "</a></td>\n"; } echo "</tr>\n"; if (!$is_runtime) { echo "</form>\n"; } } echo "</table>\n"; } if ($is_runtime) { echo "<p><button class='simple_form_btn' name='validate_filter_addfield'>" . _T('button_validate') . "</button></p>\n"; echo "</form>\n"; return; } // List all available fields in selected tables for report $query = "SELECT *\n\t\tFROM lcm_fields\n\t\tWHERE "; $sources = array(); if ($rep_info['line_src_name']) { array_push($sources, "'lcm_" . $rep_info['line_src_name'] . "'"); } // Fetch all tables available as rep colums // (this is not like rep line, because the source is not always in // lcm_report, but this should be 'fixed') $q_tmp = "SELECT DISTINCT table_name \n\t\t\t\tFROM lcm_rep_col as rp, lcm_fields as f\n\t\t\t\tWHERE rp.id_field = f.id_field\n\t\t\t\t AND rp.id_report = " . $id_report; $result_tmp = lcm_query($q_tmp); while ($row = lcm_fetch_array($result_tmp)) { array_push($sources, "'" . $row['table_name'] . "'"); } // Fetch all keyword sources if ($rep_info['col_src_type'] == 'keyword' && $rep_info['col_src_name']) { $kwg = get_kwg_from_name($rep_info['col_src_name']); if ($kwg['type'] == 'system') { switch ($kwg['name']) { } } else { if ($kwg['type'] == 'client_org') { array_push($sources, "'lcm_client'"); array_push($sources, "'lcm_org'"); } else { array_push($sources, "'lcm_" . $kwg['type'] . "'"); } } } // If lcm_case in there, also add lcm_stage $tmp = ''; foreach ($sources as $s) { if ($s == "'lcm_case'") { $tmp = "lcm_stage"; } } if ($tmp) { array_push($sources, "'lcm_stage'"); } // List only filters if table were selected as sources (line/col) if (count($sources)) { $query .= " table_name IN ( " . implode(" , ", $sources) . " ) AND "; $query .= " filter != 'none'"; $query .= " ORDER BY table_name "; echo "<!-- QUERY: {$query} -->\n"; $result = lcm_query($query); if (lcm_num_rows($result)) { echo "<form action='upd_rep_field.php' name='frm_line_additem' method='get'>\n"; echo "<input name='rep' value='" . $rep_info['id_report'] . "' type='hidden' />\n"; echo "<input name='add' value='filter' type='hidden' />\n"; echo "<p class='normal_text'>" . _Ti('rep_input_filter_add'); echo "<select name='id_field'>\n"; echo "<option value=''>...</option>\n"; while ($row = lcm_fetch_array($result)) { echo "<option value='" . $row['id_field'] . "'>" . _Ti('rep_info_table_' . $row['table_name']) . _Th($row['description']) . "</option>\n"; } echo "</select>\n"; echo "<button class='simple_form_btn' name='validate_filter_addfield'>" . _T('button_validate') . "</button>\n"; echo "</p>\n"; echo "</form>\n"; } } else { echo '<p class="normal_text">' . _T('rep_info_select_source_first') . "</p>\n"; } }
} $_SESSION['form_data']['id_org'] = intval(_session('id_org', 0)); $ref_upd_org = 'edit_org.php?org=' . _session('id_org'); if ($_SERVER['HTTP_REFERER']) { $ref_upd_org = $_SERVER['HTTP_REFERER']; } // // Update data // $obj_org = new LcmOrg(_session('id_org')); $errs = $obj_org->save(); if (count($errs)) { $_SESSION['errors'] = array_merge($_SESSION['errors'], $errs); lcm_header("Location: " . $ref_upd_org); exit; } // // Attach to case // if (_session('attach_case')) { lcm_query("INSERT INTO lcm_case_client_org\n\t\t\t\tSET id_case = " . _session('attach_case') . ",\n\t\t\t\t\tid_org = " . $obj_org->getDataInt('id_org')); } // // Go to the 'view details' page of the organisation // // small reminder, if the client was created from the "add client to case" (Case details) $attach = ""; if (_session('attach_case')) { $attach = "&attach_case=" . _session('attach_case'); } lcm_header('Location: org_det.php?org=' . $obj_org->getDataInt('id_org', '__ASSERT__') . $attach);
$q2 .= ',' . $row['id_client']; } $q2 .= ')'; // Add search criteria if any $find_client_string = _request('find_client_string'); if (strlen($find_client_string) > 1) { $q2 .= " AND ((name_first LIKE '%{$find_client_string}%')" . " OR (name_middle LIKE '%{$find_client_string}%')" . " OR (name_last LIKE '%{$find_client_string}%'))"; } $q2 .= ")"; // Sort client by name_first $order_name = 'ASC'; if (_request('order_name') == 'ASC' || _request('order_name') == 'DESC') { $order_name = _request('order_name'); } $q2 .= " ORDER BY name_first " . $order_name; $result = lcm_query($q2); lcm_page_start(_T('title_case_add_client')); show_context_start(); show_context_case_title($case); show_context_case_involving($case); show_context_end(); // Get the number of rows in the result $number_of_rows = lcm_num_rows($result); // Check for correct start position of the list $list_pos = intval(_request('list_pos', 0)); if ($list_pos >= $number_of_rows) { $list_pos = 0; } // Position to the page info start if ($list_pos > 0) { if (!lcm_data_seek($result, $list_pos)) {
// Show the errors (if any) echo show_all_errors(); if ($attach_client || $attach_org) { show_context_start(); } if ($attach_client) { $query = "SELECT id_client, name_first, name_middle, name_last\n\t\t\t\tFROM lcm_client\n\t\t\t\tWHERE id_client = " . $attach_client; $result = lcm_query($query); while ($row = lcm_fetch_array($result)) { // should be only once echo '<li style="list-style-type: none;">' . _Ti('fu_input_involving_clients') . get_person_name($row) . "</li>\n"; } } if ($attach_org) { $query = "SELECT id_org, name\n\t\t\t\tFROM lcm_org\n\t\t\t\tWHERE id_org = " . $attach_org; $result = lcm_query($query); while ($row = lcm_fetch_array($result)) { // should be only once echo '<li style="list-style-type: none;">' . _Ti('fu_input_involving_clients') . $row['name'] . "</li>\n"; } } if ($attach_client || $attach_org) { show_context_end(); } // Start edit case form echo '<form action="upd_case.php" method="post">' . "\n"; if (!$id_case) { if ($attach_org) { show_page_subtitle(_Th('title_org_view'), 'clients_intro'); $org = new LcmOrgInfoUI($attach_org); $org->printGeneral(false);
function save() { $errors = $this->validate(); if (count($errors)) { return $errors; } // // Update record in database // $cl = "name_first = '" . clean_input($this->getDataString('name_first')) . "',\n\t\t\t name_middle = '" . clean_input($this->getDataString('name_middle')) . "',\n\t\t\t name_last = '" . clean_input($this->getDataString('name_last')) . "',\n\t\t\t gender = '" . clean_input($this->getDataString('gender')) . "',\n\t\t\t notes = '" . clean_input($this->getDataString('notes')) . "'"; // , if ($this->getDataString('date_birth')) { $cl .= ", date_birth = '" . $this->getDataString('date_birth') . "'"; } $cl .= ", citizen_number = '" . clean_input($this->getDataString('citizen_number')) . "'"; $cl .= ", civil_status = '" . clean_input($this->getDataString('civil_status')) . "'"; $cl .= ", income = '" . clean_input($this->getDataString('income')) . "'"; if ($this->getDataInt('id_client') > 0) { $q = "UPDATE lcm_client\n\t\t\t\tSET date_update = NOW(), \n\t\t\t\t\t{$cl} \n\t\t\t\tWHERE id_client = " . $this->getDataInt('id_client', '__ASSERT__'); lcm_query($q); } else { $q = "INSERT INTO lcm_client\n\t\t\t\t\tSET date_creation = NOW(),\n\t\t\t\t\t\tdate_update = NOW(),\n\t\t\t\t\t\t{$cl}"; $result = lcm_query($q); $this->data['id_client'] = lcm_insert_id('lcm_client', 'id_client'); } // Keywords update_keywords_request('client', $this->getDataInt('id_client')); if ($_SESSION['errors']) { $errors = array_merge($_SESSION['errors'], $errors); } // Insert/update client contacts include_lcm('inc_contacts'); update_contacts_request('client', $this->getDataInt('id_client')); if ($_SESSION['errors']) { $errors = array_merge($_SESSION['errors'], $errors); } return $errors; }
function get_fu_description($item, $make_short = true) { if (!is_array($item)) { lcm_debug("get_fu_description: parameter is not an array."); return ''; } global $prefs; global $fu_desc_len; // configure via my_options.php with $GLOBALS['fu_desc_len'] = NNN; $short_description = ''; // Set the length of short followup title (was: wide = 48, narrow = 115) $title_length = isset($fu_desc_len) && $fu_desc_len > 0 ? $fu_desc_len : 256; if ($item['type'] == 'assignment' && is_numeric($item['description'])) { $res1 = lcm_query("SELECT * FROM lcm_author WHERE id_author = " . $item['description']); $author1 = lcm_fetch_array($res1); $short_description = _T('case_info_author_assigned', array('name' => get_person_name($author1))); } elseif ($item['type'] == 'unassignment' && is_numeric($item['description'])) { $res1 = lcm_query("SELECT * FROM lcm_author WHERE id_author = " . $item['description']); $author1 = lcm_fetch_array($res1); $short_description = _T('case_info_author_unassigned', array('name' => get_person_name($author1))); } elseif ($item['type'] == 'stage_change' || is_status_change($item['type'])) { $tmp = lcm_unserialize($item['description']); // for backward compatibility, make it optional if ($item['case_stage']) { $short_description = _Tkw('stage', $item['case_stage']); } if ($tmp['description']) { $short_description .= " / " . $tmp['description']; } if ($tmp['result'] || $tmp['conclusion']) { $short_description .= "\n" . _Ti('fu_input_conclusion'); } if ($tmp['result']) { $short_description .= _Tkw('_crimresults', $tmp['result']) . "/"; } if ($tmp['conclusion']) { $short_description .= _Tkw('conclusion', $tmp['conclusion']); } if ($tmp['sentence']) { $short_description .= "\n" . _Ti('fu_input_sentence') . _Tkw('sentence', $tmp['sentence'], array('currency' => read_meta('currency'))); } if ($tmp['sentence_val']) { $short_description .= ": " . $tmp['sentence_val']; } } else { if ($item['description']) { if (!$make_short || strlen(lcm_utf8_decode($item['description'])) < $title_length) { $short_description = $item['description']; } else { $short_description = substr($item['description'], 0, $title_length) . '...'; } $short_description = clean_output($short_description); } else { $short_description = _T('fu_info_emptydesc'); } } $short_description = nl2br($short_description); if (empty($short_description)) { $short_description = _T('info_not_available'); } return $short_description; }
function is_existing_contact($type_person, $id = 0, $type_contact, $value) { // XXX FIXME TODO very temporary untill we solved this issue.. if ($type_contact == 'email') { // $type_contact = 1; // [AG] I assume that 'email' means any e-mail contact type // If not, $type_contact should be set here to what 'email' means $type_contact = array('email_main', 'email_alternate'); } // else // echo "Wrong get_contact_author type ($type_contact)"; $id = intval($id); // $type_contact = intval($type_contact); $value = clean_input($value); $query = "SELECT id_contact\n\t\t\t\tFROM lcm_contact\n\t\t\t\tWHERE ((value = '{$value}')"; if ($type_person) { $query .= " AND (type_person = '{$type_person}')"; } if ($id) { $query .= " AND (id_of_person = {$id})"; } if ($type_contact) { // [AG] Let's try this - we accept for $type_contact integer, string or array of integers or strings // Thus we can specify more flexible searches switch (gettype($type_contact)) { case "string": if ($type_contact[0] != '+') { $type_contact = '+' . $type_contact; } $type_contact = get_contact_type_id($type_contact); case "integer": $query .= " AND (type_contact = {$type_contact})"; break; case "array": $qs = ''; foreach ($type_contact as $tc) { if (gettype($tc) == 'string') { if ($tc[0] != '+') { $tc = '+' . $tc; } $tc = get_contact_type_id($tc); } $tc = intval($tc); $qs .= ($qs ? ',' : '') . $tc; } $query .= " AND (type_contact IN ({$qs})"; break; default: lcm_panic("Wrong is_existing_contact type_contact ({$type_contact})"); } } $query .= ")"; $result = lcm_query($query); return lcm_num_rows($result) > 0; }
echo "<tr><td>"; echo get_person_name($row); echo '</td><td align="right" valign="top">'; echo format_time_interval_prefs($row['time']); echo "</td>\n"; if ($meta_sum_billed == 'yes') { echo '<td align="right" valign="top">'; echo format_money($row['sumbilled']); echo "</td>\n"; } if ($show_more_times) { $fu_types = get_keywords_in_group_name('followups', false); $html = ""; foreach ($fu_types as $f) { $q2 = "SELECT type,\n\t\t\t\t\t\t\t\t\tsum(IF(UNIX_TIMESTAMP(fu.date_end) > 0,\n\t\t\t\t\t\t\t\t\t\tUNIX_TIMESTAMP(fu.date_end)-UNIX_TIMESTAMP(fu.date_start), 0)) as time,\n\t\t\t\t\t\t\t\t\tsum(sumbilled) as sumbilled\n\t\t\t\t\t\t\t\tFROM lcm_followup as fu\n\t\t\t\t\t\t\t\tWHERE fu.id_case = {$case}\n\t\t\t\t\t\t\t\t AND fu.id_author = " . $row['id_author'] . "\n\t\t\t\t\t\t\t\t AND fu.hidden = 'N'\n\t\t\t\t\t\t\t\t AND fu.type = '" . $f['name'] . "'\n\t\t\t\t\t\t\t\tGROUP BY fu.type"; $r2 = lcm_query($q2); // FIXME: css for "ul/li" is a bit weird, but without specifying the height, // the text is displayed under the line... // But we should probably scrap the whole table anyway while ($row2 = lcm_fetch_array($r2)) { // either: futype (70%) + length (15%) + sumbilled (15%) // or only: futype (70%) + length (30%) $html .= "<li style='clear: both; height: 1.4em; width: 100%;'>"; $html .= '<div style="float: left; text-align: left;">' . _Tkw('followups', $row2['type']) . ": " . '</div>'; if ($meta_sum_billed == 'yes') { $html .= '<div style="width: 120px; float: right; text-align: right;">' . format_money($row2['sumbilled']) . '</div>'; } $html .= '<div style="width: 120px; float: right; text-align: right;">' . format_time_interval_prefs($row2['time']) . '</div>'; $html .= "</li>\n"; } }
if ($_REQUEST['sel_time_intervals'] == 'absolute' || $_REQUEST['sel_time_intervals'] == 'relative') { $prefs['time_intervals'] = $_REQUEST['sel_time_intervals']; $prefs_mod = true; } } // Set intervals notation if ($_REQUEST['sel_time_intervals_notation'] != $_REQUEST['old_time_intervals_notation']) { if (in_array($_REQUEST['sel_time_intervals_notation'], array("hours_only", "floatdays_hours_minutes", "floatdays_floathours_minutes"))) { $prefs['time_intervals_notation'] = $_REQUEST['sel_time_intervals_notation']; $prefs_mod = true; } } } // Update user preferences if modified if ($prefs_mod) { lcm_query("UPDATE lcm_author\n\t\t\t\tSET prefs = '" . addslashes(serialize($prefs)) . "'\n\t\t\t\tWHERE id_author = " . $author_session['id_author']); } if (isset($lang) and $lang != $lcm_lang) { // Boomerang via lcm_cookie to set a cookie and do all the dirty work // The REQUEST_URI should always be set, and point to the current page // we are being sent to (Ex: from config_author.php to listcases.php). // [ML] I used $lcm_lang because there are rare cases where the cookie // can disagree with $author_session['lang'] (e.g. login one user, set // cookie, logout, login other user, conflict). // [ML] Added $ref because some forms such as config_author.php expect it $ref = isset($_REQUEST['referer']) ? '&referer=' . urlencode($_REQUEST['referer']) : ''; header("Location: lcm_cookie.php?var_lang_lcm=" . $lang . "&url=" . urlencode($_SERVER['REQUEST_URI']) . $ref); exit; } // // Database version management
function save() { $errors = $this->validate(); if (count($errors)) { return $errors; } // // Update // $fl = " date_start = '" . $this->getDataString('date_start') . "',\n\t\t\t\tdate_end = '" . $this->getDataString('date_end') . "',\n\t\t\t\ttype = '" . $this->getDataString('type') . "',\n\t\t\t\tsumbilled = " . $this->getDataFloat('sumbilled', 0.0); if ($this->getDataString('type') == 'stage_change') { // [ML] To be honest, we should "assert" most of the // following values, but "new_stage" is the most important. lcm_assert_value($this->getDataString('new_stage', '__ASSERT__')); $desc = array('description' => $this->getDataString('description'), 'result' => $this->getDataString('result'), 'conclusion' => $this->getDataString('conclusion'), 'sentence' => $this->getDataString('sentence'), 'sentence_val' => $this->getDataString('sentence_val'), 'new_stage' => $this->getDataString('new_stage')); $fl .= ", description = '" . serialize($desc) . "'"; } elseif (is_status_change($this->getDataString('type'))) { $desc = array('description' => $this->getDataString('description'), 'result' => $this->getDataString('result'), 'conclusion' => $this->getDataString('conclusion'), 'sentence' => $this->getDataString('sentence'), 'sentence_val' => $this->getDataString('sentence_val')); $fl .= ", description = '" . serialize($desc) . "'"; } else { $fl .= ", description = '" . $this->getDataString('description') . "'"; } if ($this->getDataInt('id_followup') > 0) { // Edit of existing follow-up $id_followup = $this->getDataInt('id_followup'); if (!allowed($this->getDataInt('id_case'), 'e')) { lcm_panic("You don't have permission to modify this case's information. (" . $this->getDataInt('id_case') . ")"); } // TODO: check if hiding this FU is allowed if (allowed($this->getDataInt('id_case'), 'a') && !(is_status_change($this->getDataString('type')) || $this->getDataString('type') == 'assignment' || $this->getDataString('type') == 'unassignment')) { if ($this->getDataString('delete')) { $fl .= ", hidden = 'Y'"; } else { $fl .= ", hidden = 'N'"; } } else { $fl .= ", hidden = 'N'"; } $q = "UPDATE lcm_followup SET {$fl} WHERE id_followup = {$id_followup}"; $result = lcm_query($q); // Get stage of the follow-up entry $q = "SELECT id_stage, case_stage FROM lcm_followup WHERE id_followup = {$id_followup}"; $result = lcm_query($q); if ($row = lcm_fetch_array($result)) { $case_stage = lcm_assert_value($row['case_stage']); } else { lcm_panic("There is no such follow-up (" . $id_followup . ")"); } // Update the related lcm_stage entry $q = "UPDATE lcm_stage SET\n\t\t\t\t\tdate_conclusion = '" . $this->getDataString('date_end') . "',\n\t\t\t\t\tkw_result = '" . $this->getDataString('result') . "',\n\t\t\t\t\tkw_conclusion = '" . $this->getDataString('conclusion') . "',\n\t\t\t\t\tkw_sentence = '" . $this->getDataString('sentence') . "',\n\t\t\t\t\tsentence_val = '" . $this->getDataString('sentence_val') . "',\n\t\t\t\t\tdate_agreement = '" . $this->getDataString('date_end') . "'\n\t\t\t\tWHERE id_case = " . $this->getDataInt('id_case') . "\n\t\t\t\t AND kw_case_stage = '" . $case_stage . "'"; lcm_query($q); } else { // New follow-up if (!allowed($this->getDataInt('id_case'), 'w')) { lcm_panic("You don't have permission to add information to this case. (" . $this->getDataInt('id_case') . ")"); } // Get the current case stage $q = "SELECT id_stage, stage FROM lcm_case WHERE id_case=" . $this->getDataInt('id_case', '__ASSERT__'); $result = lcm_query($q); if ($row = lcm_fetch_array($result)) { $case_stage = lcm_assert_value($row['stage']); $case_stage_id = lcm_assert_value($row['id_stage']); } else { lcm_panic("There is no such case (" . $this->getDataInt('id_case') . ")"); } // Add the new follow-up $q = "INSERT INTO lcm_followup\n\t\t\t\t\tSET id_case=" . $this->getDataInt('id_case') . ",\n\t\t\t\t\t\tid_author=" . $GLOBALS['author_session']['id_author'] . ",\n\t\t\t\t\t\t{$fl},\n\t\t\t\t\t\tid_stage = {$case_stage_id},\n\t\t\t\t\t\tcase_stage='{$case_stage}'"; lcm_query($q); $this->data['id_followup'] = lcm_insert_id('lcm_followup', 'id_followup'); // Set relation to the parent appointment, if any if ($this->getDataInt('id_app')) { $q = "INSERT INTO lcm_app_fu \n\t\t\t\t\t\tSET id_app=" . $this->getDataInt('id_app') . ",\n\t\t\t\t\t\t\tid_followup=" . $this->getDataInt('id_followup', '__ASSERT__') . ",\n\t\t\t\t\t\t\trelation='child'"; $result = lcm_query($q); } // Update case status $status = ''; $stage = ''; switch ($this->getDataString('type')) { case 'conclusion': $status = 'closed'; break; case 'suspension': $status = 'suspended'; break; case 'opening': case 'resumption': case 'reopening': $status = 'open'; break; case 'merge': $status = 'merged'; break; case 'deletion': $status = 'deleted'; break; case 'stage_change': $stage = lcm_assert_value($this->getDataString('new_stage')); break; } if ($status || $stage) { $q = "UPDATE lcm_case\n\t\t\t\t\t\tSET " . ($status ? "status='{$status}'" : '') . ($status && $stage ? ',' : '') . ($stage ? "stage='{$stage}'" : '') . "\n\t\t\t\t\t\tWHERE id_case=" . $this->getDataInt('id_case'); lcm_query($q); // Close the lcm_stage // XXX for now, date_agreement is not used if ($status == 'open') { // case is being re-opened, so erase previously entered info $q = "UPDATE lcm_stage\n\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\tdate_conclusion = '0000-00-00 00:00:00',\n\t\t\t\t\t\t\t\tid_fu_conclusion = 0,\n\t\t\t\t\t\t\t\tkw_result = '',\n\t\t\t\t\t\t\t\tkw_conclusion = '',\n\t\t\t\t\t\t\t\tkw_sentence = '',\n\t\t\t\t\t\t\t\tsentence_val = '',\n\t\t\t\t\t\t\t\tdate_agreement = '0000-00-00 00:00:0'\n\t\t\t\t\t\t\tWHERE id_case = " . $this->getDataInt('id_case') . "\n\t\t\t\t\t\t\t AND kw_case_stage = '" . $case_stage . "'"; } else { $q = "UPDATE lcm_stage\n\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\tdate_conclusion = '" . $this->getDataString('date_end') . "',\n\t\t\t\t\t\t\t\tid_fu_conclusion = " . $this->getDataInt('id_followup') . ",\n\t\t\t\t\t\t\t\tkw_result = '" . $this->getDataString('result') . "',\n\t\t\t\t\t\t\t\tkw_conclusion = '" . $this->getDataString('conclusion') . "',\n\t\t\t\t\t\t\t\tkw_sentence = '" . $this->getDataString('sentence') . "',\n\t\t\t\t\t\t\t\tsentence_val = '" . $this->getDataString('sentence_val') . "',\n\t\t\t\t\t\t\t\tdate_agreement = '" . $this->getDataString('date_end') . "'\n\t\t\t\t\t\t\tWHERE id_case = " . $this->getDataInt('id_case', '__ASSERT__') . "\n\t\t\t\t\t\t\t AND kw_case_stage = '" . $case_stage . "'"; } lcm_query($q); } // If creating a new case stage, make new lcm_stage entry if ($stage) { $q = "INSERT INTO lcm_stage SET\n\t\t\t\t\t\t\tid_case = " . $this->getDataInt('id_case', '__ASSERT__') . ",\n\t\t\t\t\t\t\tkw_case_stage = '" . lcm_assert_value($stage) . "',\n\t\t\t\t\t\t\tdate_creation = NOW(),\n\t\t\t\t\t\t\tid_fu_creation = " . $this->getDataInt('id_followup'); lcm_query($q); } } // Keywords update_keywords_request('followup', $this->getDataInt('id_followup')); return $errors; }
// ignore errors $_SESSION['errors']['client_added'] = "An client/organisation was added to the participants of this appointment."; } // Remove appointment participants (clients/organisations) if (_session('rem_client')) { $q = "DELETE FROM lcm_app_client_org WHERE id_app={$id_app} AND (0"; foreach ($_SESSION['form_data']['rem_client'] as $rem_cli) { $client_org = explode(':', $rem_cli); $co .= 'id_client=' . $client_org[0]; if ($client_org[1]) { $co = "({$co} AND id_org=" . $client_org[1] . ')'; } $q .= " OR {$co}"; } $q .= ")"; if (($result = lcm_query($q)) && mysql_affected_rows() > 0) { // XXX MySQL SPECIFIC $_SESSION['errors']['client_added'] = "An client/organisation was added to the participants of this appointment."; } // Clean client removal list unset($_SESSION['form_data']['rem_client']); } // Check if author or client/organisation was added if (count($_SESSION['errors'])) { $ref_url = parse_url($_SERVER['HTTP_REFERER']); parse_str($ref_url['query'], $params); $params['app'] = $id_app; foreach ($params as $k => $v) { $params[$k] = $k . '=' . urlencode($v); } lcm_header('Location: edit_app.php?' . join('&', $params));
function printList() { global $prefs; // Select cases of which the current user is author $q = "SELECT e.id_expense, e.id_case, e.id_author, e.status, e.type, \n\t\t\t\te.description, e.date_creation, e.date_update, e.pub_read,\n\t\t\t\te.pub_write, a.name_first, a.name_middle, a.name_last,\n\t\t\t\tcount(ec.id_expense) as nb_comments, c.title as case_title\n\t\t\tFROM lcm_expense as e\n\t\t\tLEFT JOIN lcm_expense_comment as ec ON (ec.id_expense = e.id_expense)\n\t\t\tLEFT JOIN lcm_author as a ON (a.id_author = e.id_author) \n\t\t\tLEFT JOIN lcm_case as c ON (c.id_case = e.id_case) "; $q .= " WHERE (1=1 "; if ($this->search) { $q .= " AND ("; if (is_numeric($this->search)) { $q .= " e.id_expense = " . $this->search . " OR "; } $q .= " e.description LIKE '%" . $this->search . "%' "; $q .= " )"; } if ($this->id_case) { $q .= " AND e.id_case = " . $this->id_case; } $q .= ")"; // // Apply filters to SQL // // Case owner TODO // $q .= " AND " . $q_owner; // Period (date_creation) to show if ($prefs['case_period'] < 1900) { // since X days // $q .= " AND TO_DAYS(NOW()) - TO_DAYS(date_creation) < " . $prefs['case_period']; $q .= " AND " . lcm_query_subst_time('e.date_creation', 'NOW()') . ' < ' . $prefs['case_period'] * 3600 * 24; } else { // for year X $q .= " AND " . lcm_query_trunc_field('e.date_creation', 'year') . ' = ' . $prefs['case_period']; } $q .= " GROUP BY e.id_expense, e.id_case, e.id_author, e.status, e.type, e.description, e.date_creation, e.date_update, e.pub_read, e.pub_write, a.name_first, a.name_middle, a.name_last, c.title "; // // Sort // $sort_clauses = array(); $sort_allow = array('ASC' => 1, 'DESC' => 1); // Sort by request type if ($sort_allow[_request('type_order')]) { $sort_clauses[] = "type " . _request('type_order'); } if ($sort_allow[_request('status_order')]) { $sort_clauses[] = "status " . _request('status_order'); } // Sort cases by creation or update date if ($sort_allow[_request('date_order')]) { $sort_clauses[] = "date_creation " . _request('date_order'); } elseif ($sort_allow[_request('upddate_order')]) { $sort_clauses[] = "date_update " . _request('upddate_order'); } if (count($sort_clauses)) { $q .= " ORDER BY " . implode(', ', $sort_clauses); } else { $q .= " ORDER BY date_creation DESC"; } // default sort $result = lcm_query($q); // Check for correct start position of the list $this->number_of_rows = lcm_num_rows($result); if ($this->list_pos >= $this->number_of_rows) { $this->list_pos = 0; } // Position to the page info start if ($this->list_pos > 0) { if (!lcm_data_seek($result, $this->list_pos)) { lcm_panic("Error seeking position " . $this->list_pos . " in the result"); } } for ($i = 0; $i < $prefs['page_rows'] && ($row = lcm_fetch_array($result)); $i++) { $css = $i % 2 ? "dark" : "light"; echo "<tr>\n"; // Expense ID echo "<td class='tbl_cont_" . $css . "'>"; echo highlight_matches($row['id_expense'], $this->search); echo "</td>\n"; // Author echo "<td class='tbl_cont_" . $css . "'>"; echo get_person_initials($row); echo "</td>\n"; // Attached to case.. echo "<td class='tbl_cont_" . $css . "'>"; if ($row['id_case']) { echo '<abbr title="' . $row['case_title'] . '">' . $row['id_case'] . '</a>'; } echo "</td>\n"; // Date creation echo "<td class='tbl_cont_" . $css . "'>"; echo format_date($row['date_creation'], 'short'); echo "</td>\n"; // Type echo "<td class='tbl_cont_" . $css . "'>"; echo _Tkw('_exptypes', $row['type']); echo "</td>\n"; // Description global $fu_desc_len; // configure via my_options.php with $GLOBALS['fu_desc_len'] = NNN; $more_desc = _request('more_desc', 0); $desc_length = isset($fu_desc_len) && $fu_desc_len > 0 ? $fu_desc_len : 256; $description = $row['description']; if ($more_desc || strlen(lcm_utf8_decode($row['description'])) < $desc_length) { $description = $row['description']; } else { $description = substr($row['description'], 0, $desc_length) . '...'; } echo "<td class='tbl_cont_" . $css . "'>"; echo '<a class="content_link" href="exp_det.php?expense=' . $row['id_expense'] . '">'; echo nl2br(highlight_matches($description, $this->search)); echo "</a>"; echo "</td>\n"; // # Comments echo "<td class='tbl_cont_" . $css . "'>"; echo $row['nb_comments']; echo "</td>\n"; // Date update echo "<td class='tbl_cont_" . $css . "'>"; if ($row['date_update'] != $row['date_creation']) { echo format_date($row['date_update'], 'short'); } echo "</td>\n"; // Status echo "<td class='tbl_cont_" . $css . "'>"; echo _T('expense_status_option_' . $row['status']); echo "</td>\n"; echo "</tr>\n"; } }
function install_step_3() { $db_address = _request('db_address'); $db_login = _request('db_login'); $db_password = _request('db_password'); global $lcm_db_version; $install_log = ""; $upgrade_log = ""; // Possible errors will get trapped in the output buffer and displayed later, // so that they don't mess up with headers/html. ob_start(); if (_request('db_choice') == "__manual__") { $sel_db = _request('manual_db'); } else { $sel_db = _request('db_choice'); } $link = lcm_connect_db($db_address, 0, $db_login, $db_password, $sel_db); $io_output = ob_get_contents(); ob_end_clean(); if (!$link) { install_html_start('AUTO', '', 3); lcm_panic("connection denied: " . lcm_sql_error()); } // // TEMPORARY (used by testing the installer) /* lcm_query("DROP TABLE lcm_case", true); lcm_query("DROP TABLE lcm_case_attachment", true); lcm_query("DROP TABLE lcm_stage", true); lcm_query("DROP TABLE lcm_followup", true); lcm_query("DROP TABLE lcm_author", true); lcm_query("DROP TABLE lcm_client", true); lcm_query("DROP TABLE lcm_client_attachment", true); lcm_query("DROP TABLE lcm_org", true); lcm_query("DROP TABLE lcm_org_attachment", true); lcm_query("DROP TABLE lcm_contact", true); lcm_query("DROP TABLE lcm_keyword", true); lcm_query("DROP TABLE lcm_keyword_case", true); lcm_query("DROP TABLE lcm_keyword_client", true); lcm_query("DROP TABLE lcm_keyword_org", true); lcm_query("DROP TABLE lcm_keyword_group", true); lcm_query("DROP TABLE lcm_report", true); lcm_query("DROP TABLE lcm_fields", true); lcm_query("DROP TABLE lcm_filter", true); lcm_query("DROP TABLE lcm_app", true); lcm_query("DROP TABLE lcm_app_client_org", true); lcm_query("DROP TABLE lcm_app_fu", true); lcm_query("DROP TABLE lcm_author_app", true); lcm_query("DROP TABLE lcm_case_client_org", true); lcm_query("DROP TABLE lcm_case_author", true); lcm_query("DROP TABLE lcm_client_org", true); lcm_query("DROP TABLE lcm_rep_col", true); lcm_query("DROP TABLE lcm_rep_line", true); lcm_query("DROP TABLE lcm_rep_filters", true); lcm_query("DROP TABLE lcm_filter_conds", true); lcm_query("DROP TABLE lcm_rep_filter", true); lcm_query("DROP TABLE lcm_meta", true); */ // Test if the software was already installed $result = lcm_query("SELECT * FROM lcm_meta", true); $already_installed = !lcm_sql_errno() && lcm_num_rows($result); $old_lcm_version = 'NONE'; if ($already_installed) { lcm_log("LCM already installed", 'install'); // Find the current database version $old_lcm_db_version = 0; $query = "SELECT value FROM lcm_meta WHERE name = 'lcm_db_version'"; $result = lcm_query_db($query); while ($row = lcm_fetch_array($result)) { $old_lcm_db_version = $row['value']; } lcm_log("LCM version installed is {$old_lcm_db_version}", 'install'); // Check if upgrade is needed if ($old_lcm_db_version < $lcm_db_version) { lcm_log("Calling the upgrade procedure (since < {$lcm_db_version})", 'install'); include_lcm('inc_db_upgrade'); $upgrade_log = upgrade_database($old_lcm_db_version); } else { lcm_log("Upgrade _not_ called, looks OK (= {$lcm_db_version})", 'install'); } } else { lcm_log("Creating the database from scratch", 'install'); include_lcm('inc_db_create'); $install_log .= create_database(); lcm_log("DB creation complete", 'install'); } // Create default meta + keywords include_lcm('inc_meta'); include_lcm('inc_keywords_default'); include_lcm('inc_meta_defaults'); init_default_config(); init_languages(); $skwg = get_default_keywords(); create_groups($skwg); write_metas(); // regenerate inc/data/inc_meta_cache.php // Test DB: not used for now.. include_lcm('inc_db_test'); $structure_ok = lcm_structure_test(); if (!empty($install_log)) { install_html_start('AUTO', '', 3); echo "<h3><small>" . _T('install_step_three') . "</small> " . _T('install_title_creating_database') . "</h3>\n"; echo "<div class='box_error'>\n"; echo "<p>"; echo "<b>" . _T('warning_operation_failed') . "</b> " . _T('install_database_install_failed'); echo " " . lcm_help("install_connection") . "</p>\n"; echo "</div>\n"; // Dump error listing echo put_text_in_textbox($install_log); install_html_end(); } else { if (!empty($upgrade_log)) { install_html_start('AUTO', '', 3); echo "<h3><small>" . _T('install_step_three') . "</small> " . _T('install_title_creating_database') . "</h3>\n"; echo "<div class='box_error'>\n"; echo "<p>" . _T('install_warning_update_impossible', array('old_version' => $old_lcm_version, 'version' => $lcm_version)) . "</p>\n"; echo "</div>\n"; // Dump error listing echo put_text_in_textbox($upgrade_log); install_html_end(); } else { if (!$structure_ok) { install_html_start('AUTO', '', 3); echo "<h3><small>" . _T('install_step_three') . "</small> " . _T('install_title_creating_database') . "</h3>\n"; echo "<div class='box_error'>\n"; echo "<p> STRUCTURE PROBLEM </p>\n"; // TRAD echo "</div>\n"; install_html_end(); } else { // Everything OK $conn = '<' . '?php' . "\n"; $conn .= "if (defined('_CONFIG_INC_CONNECT')) return;\n"; $conn .= "define('_CONFIG_INC_CONNECT', '1');\n"; $conn .= "\$GLOBALS['lcm_connect_version'] = 0.1;\n"; $conn .= "include_lcm('inc_db');\n"; $conn .= "@lcm_connect_db('{$db_address}','','{$db_login}','{$db_password}','{$sel_db}');\n"; $conn .= "\$GLOBALS['db_ok'] = !!@lcm_num_rows(@lcm_query_db('SELECT COUNT(*) FROM lcm_meta'));\n"; $conn .= '?' . '>'; $lcm_config_prefix = isset($_SERVER['LcmConfigDir']) ? $_SERVER['LcmConfigDir'] : 'inc/config'; $myFile = fopen($lcm_config_prefix . '/inc_connect_install.php', 'wb'); fputs($myFile, $conn); fclose($myFile); install_step_4(); } } } }
// Change the language of the private area (or login) // [ML] I once wanted to put this in a function, and it did a hell // of a mess because of the session handling stuff.. if (isset($_REQUEST['var_lang_lcm'])) { // ex: bg, fr, en, en_uk, etc. nothing else is accepted if (preg_match("/^[_A-Za-z]+[0-9]*\$/", $_REQUEST['var_lang_lcm'])) { include_lcm('inc_lang'); include_lcm('inc_session'); $new_lang = clean_input($_REQUEST['var_lang_lcm']); $valid_author = verifier_visiteur(); if (lcm_set_language($new_lang)) { lcm_setcookie('lcm_lang', $new_lang, time() + 365 * 24 * 3600); // Save language preference only if we are installed and if author connected if ($valid_author && include_config_exists('inc_connect')) { include_lcm('inc_admin'); lcm_query("UPDATE lcm_author \n\t\t\t\t\t\tSET lang = '" . $new_lang . "' \n\t\t\t\t\t\tWHERE id_author = " . $GLOBALS['author_session']['id_author']); $author_session['lang'] = $new_lang; lcm_add_session($author_session, $_COOKIE['lcm_session']); } else { lcm_log("Not valid_author ({$valid_author}) or not yet installed"); } $cible->delvar('lang'); $cible->addvar('lang', $new_lang); } else { lcm_log("lcm_set_language() is not happy, wrong lang code?"); } } } // Redirection // Under Apache, cookies with a redirection work // Else, we do a HTTP refresh
lcm_query($q); } } else { lcm_panic("Query returned no results."); } /////////////////////////////////////////////////////////////////////// // Consequent appointment information update /////////////////////////////////////////////////////////////////////// if (isset($_SESSION['form_data']['add_appointment'])) { // No errors, proceed with database update $fl = "\ttype\t\t= '" . clean_input($_SESSION['form_data']['app_type']) . "',\n\t\ttitle\t\t= '" . clean_input($_SESSION['form_data']['app_title']) . "',\n\t\tdescription\t= '" . clean_input($_SESSION['form_data']['app_description']) . "',\n\t\tstart_time\t= '" . $_SESSION['form_data']['app_start_time'] . "',\n\t\tend_time\t= '" . $_SESSION['form_data']['app_end_time'] . "',\n\t\treminder\t= '" . $_SESSION['form_data']['app_reminder'] . "'\n\t\t"; // Add the new appointment $q = "INSERT INTO lcm_app SET "; // Add case ID $q .= 'id_case = ' . $_SESSION['form_data']['id_case'] . ','; // Add ID of the creator $q .= 'id_author = ' . $GLOBALS['author_session']['id_author'] . ','; // Add the rest of the fields $q .= "{$fl}, date_creation = NOW()"; $result = lcm_query($q); // Get new appointment's ID $id_app = lcm_insert_id('lcm_app', 'id_app'); $_SESSION['form_data']['id_app'] = $id_app; // Add relationship with the creator lcm_query("INSERT INTO lcm_author_app SET id_app={$id_app},id_author=" . $GLOBALS['author_session']['id_author']); // Add followup relation lcm_query("INSERT INTO lcm_app_fu SET id_app={$id_app},id_followup={$id_followup},relation='parent'"); } // Send user back to add/edit page's referer or (default) to followup detail page lcm_header('Location: fu_det.php?followup=' . $id_followup); exit;
function lcm_db_40_refresh_case_update() { $server_info = lcm_sql_server_info(); // [ML] This won't work on MySQL 3.23 .. nor 4.0 (?!) if (preg_match('/^MySQL/', $server_info) && !preg_match('/^MySQL 3\\./', $server_info) && !preg_match('/^MySQL 4\\.0/', $server_info)) { lcm_query("UPDATE lcm_case \n\t\t\t\t\t\tSET date_update = (SELECT max(fu.date_start) \n\t\t\t\t\t\t\t\t\t\tFROM lcm_followup as fu \n\t\t\t\t\t\t\t\t\t\tWHERE lcm_case.id_case = fu.id_case\n\t\t\t\t\t\t\t\t\t\tGROUP BY fu.id_case)", true); } else { // [ML] Probably not the best idea.. but brain-dead mysql // incompatibilities are driving me crazy.. // // Note: using the join to exclude non-empty dates allows to // continue/re-run the upgrade if it makes a time-out. $result = lcm_query("SELECT c.id_case, MAX(fu.date_start) as date\n\t\t\t\t\t\t\t\tFROM lcm_followup as fu, lcm_case as c\n\t\t\t\t\t\t\t\tWHERE fu.id_case = c.id_case\n\t\t\t\t\t\t\t\t AND c.date_update != '0000-00-00 00:00:00'\n\t\t\t\t\t\t\t\tGROUP BY fu.id_case\n\t\t\t\t\t\t\t\tORDER BY fu.id_case ASC"); while ($row = lcm_fetch_array($result)) { lcm_query("UPDATE lcm_case\n\t\t\t\t\t\t\tSET date_update = '" . $row['date'] . "'\n\t\t\t\t\t\t\tWHERE id_case = " . $row['id_case']); } } }
$q .= ')'; // Add search criteria if any $find_org_string = _request('find_org_string'); if ($find_org_string) { // XXX add more criteria ? (id, tax num, etc.) // should be centralised with function, i.e. get_sql_find_org($string) $q .= " AND (name LIKE '%{$find_org_string}%')"; } $q .= ")"; // Sort organisations by name $order_name = 'ASC'; if (_request('order_name') == 'ASC' || _request('order_name') == 'DESC') { $order_name = _request('order_name'); } $q .= " ORDER BY name " . $order_name; $result = lcm_query($q); lcm_page_start(_T('title_case_add_org')); show_context_start(); show_context_case_title($case); show_context_case_involving($case); show_context_end(); // Get the number of rows in the result $number_of_rows = lcm_num_rows($result); // Check for correct start position of the list $list_pos = intval(_request('list_pos', 0)); if ($list_pos >= $number_of_rows) { $list_pos = 0; } // Position to the page info start if ($list_pos > 0) { if (!lcm_data_seek($result, $list_pos)) {
if (_request('filecustom')) { if (include_custom_report_exists(_request('filecustom'))) { include_custom_report(_request('filecustom')); $obj = new CustomReportSpecs(); $do_update = false; $query = "UPDATE lcm_report SET "; if ($info = $obj->getReportLine()) { $query .= "line_src_type = '" . $info['type'] . "',\n\t\t\t\t\t\tline_src_name = '" . $info['name'] . "'"; $do_update = true; } if ($info = $obj->getReportCol()) { if ($do_update) { $query .= ", "; } $query .= " col_src_type = '" . $info['type'] . "'"; // Ignore if name not set, or name restricts the choice (ex: keyword that applies to 'case') if (!$info['name'] || substr($info['name'], 0, 4) == 'FOR:') { $query .= ", col_src_name = '' "; } else { $query .= ", col_src_name = '" . $info['name'] . "' "; } $do_update = true; } if ($do_update) { lcm_query($query); } } else { $_SESSION['errors']['filecustom'] = "Custom report file does not exist: " . htmlspecialchars(_request('filecustom')); } } lcm_header("Location: rep_det.php?rep=" . $rep . $ref_tag);
if (count($values) > 0) { // Prepare and do the query $q = "INSERT INTO lcm_client_org (id_org,id_client) VALUES " . join(',', $values); if (!($result = lcm_query($q))) { die("{$q}<br>\n" . _T('title_error') . " " . lcm_errno() . ": " . lcm_error()); } } } else { if (isset($_POST['rem_clients']) && count($_POST['rem_clients']) > 0) { // // Remove organization representatives // $values = array(); foreach ($_POST['rem_clients'] as $client) { $client = intval($client); if ($client > 0) { $values[] = $client; } } if (count($values) > 0) { // Prepare and do the query $q = "DELETE FROM lcm_client_org WHERE id_org={$org} AND id_client IN (" . join(',', $values) . ")"; if (!($result = lcm_query($q))) { die("{$q}<br>\n" . _T('title_error') . " " . lcm_errno() . ": " . lcm_error()); } } } } } //header("Location: $ref_sel_cli_org"); header("Location: org_det.php?org={$org}&tab=representatives");
function setupReportLines() { $this->addComment("setupReportLines() called."); $q = "SELECT *\n\t\t\t\tFROM lcm_rep_line as l, lcm_fields as f\n\t\t\t\tWHERE id_report = " . $this->getId() . "\n\t\t\t\tAND l.id_field = f.id_field\n\t\t\t\tORDER BY col_order, id_line ASC"; $result = lcm_query($q); while ($row = lcm_fetch_array($result)) { $my_line_table = $row['table_name']; $this->addLine(prefix_field($row['table_name'], $row['field_name'])); $this->addHeader(_Th($row['description']), $row['filter'], $row['enum_type'], '', $row['field_name']); if ($row['field_name'] == 'count(*)') { $this->setOption('do_grouping', 'yes'); } // $do_grouping = true; } if (count($this->getLines())) { return; } // // No fields were specified: show them all (avoids errors) // if ($this->rep_info['line_src_type'] == 'table') { $q = "SELECT * \n\t\t\t\t\tFROM lcm_fields \n\t\t\t\t\tWHERE table_name = 'lcm_" . $this->rep_info['line_src_name'] . "'\n\t\t\t\t\t AND field_name != 'count(*)'"; $result = lcm_query($q); while ($row = lcm_fetch_array($result)) { $this->addLine(prefix_field($row['table_name'], $row['field_name'])); $this->addHeader(_Th($row['description']), $row['filter'], $row['enum_type'], '', $row['field_name']); } } elseif ($this->rep_info['line_src_type'] == 'keyword') { $kwg = get_kwg_from_name($this->rep_info['line_src_name']); $this->addLine("k.title as 'TRAD'"); $this->addHeader(_Th(remove_number_prefix($kwg['title'])), $kwg['filter'], $kwg['enum_type'], '', 'k.id_keyword'); // XXX not sure about id_keyword } }
show_context_item(_Ti('fu_input_current_stage') . _Tkw('stage', $old_stage)); } // Show stage information [ML] Not very efficient, I know, but I prefer to avoid spagetti if ($_SESSION['form_data']['case_stage']) { // if editing an existing followup.. $stage_info = get_kw_from_name('stage', $_SESSION['form_data']['case_stage']); $id_stage = $stage_info['id_keyword']; show_context_stage($case, $id_stage); } elseif (isset($old_stage) && $old_stage) { // setting new stage $stage_info = get_kw_from_name('stage', $old_stage); $id_stage = $stage_info['id_keyword']; show_context_stage($case, $id_stage); } else { // Normal follow-up $result = lcm_query("SELECT stage FROM lcm_case WHERE id_case = " . $case); $row = lcm_fetch_array($result); if ($row['stage']) { $stage_info = get_kw_from_name('stage', $row['stage']); $id_stage = $stage_info['id_keyword']; show_context_stage($case, $id_stage); } } show_context_end(); // Show the errors (if any) echo show_all_errors($_SESSION['errors']); // Disable inputs when edit is not allowed for the field $dis = $admin || $edit ? '' : 'disabled="disabled"'; echo '<form action="upd_fu.php" method="post">' . "\n"; $obj_fu = new LcmFollowupInfoUI($_SESSION['follow']); $obj_fu->printEdit();
function changer_typo($lang = '', $source = '') { global $lang_typo, $lang_dir, $dir_lang; if (preg_match("/^(article|rubrique|breve|auteur)([0-9]+)/", $source, $regs)) { $r = lcm_fetch_array(lcm_query("SELECT lang FROM spip_" . $regs[1] . "s WHERE id_" . $regs[1] . "=" . $regs[2])); $lang = $r['lang']; } if (!$lang) { $lang = read_meta('default_language'); } $lang_typo = lang_typo($lang); $lang_dir = lang_dir($lang); $dir_lang = " dir='{$lang_dir}'"; }