function calendar_cron_appuntamenti($minutes)
{
global $CONF, $DB;
if (!is_numeric($minutes)) {
$minutes = 60;
}
$curtime = date('H:i:00');
$maxtime = date('H:i:00', mktime(date('H'), date('i') + $minutes, 0, date('n'), date('j'), date('Y')));
$where_conds = "type=1 AND day = CURDATE() AND time > '{$curtime}' AND time <= '{$maxtime}'";
$rs = $DB->Execute(perm_sql_read("SELECT * FROM calendar WHERE operator LIKE " . $_SESSION[fw_userid] . ",,%' AND {$where_conds} ORDER BY time ASC LIMIT 1", 'calendar'));
if ($rs) {
$app = $rs->GetArray();
if (count($app)) {
$info = $app[0];
$div_contents = '<b>' . $info['title'] . '</b> (ore ' . substr($info['time'], 0, 5) . ')';
return '
<script>
mydiv = window.parent.document.getElementById(\'appuntamenti_content_div\');
mytab = window.parent.document.getElementById(\'appuntamenti_table_div\');
mybut = window.parent.document.getElementById(\'calendario_button\');
mydiv.innerHTML = \'' . text_to_js($div_contents) . '\';
mytab.style.display = \'inline\';
mybut.className = \'opz-calendar-brillo\';
</script>
';
} else {
return '
<script>
mydiv = window.parent.document.getElementById(\'appuntamenti_content_div\');
mytab = window.parent.document.getElementById(\'appuntamenti_table_div\');
mybut = window.parent.document.getElementById(\'calendario_button\');
mydiv.innerHTML = \'\';
mytab.style.display = \'none\';
mybut.className = \'col-opz-link\';
</script>
';
}
}
}
function menage_search1($search, $target_res = 2, $format_res = 0)
{
global $DB, $CONF, $SEARCH_TEMPLATE;
//Init della ricerca
foreach ($search[fields] as $key => $field) {
list($type, $options) = explode("||", $field[content]);
unset($target);
foreach (explode("||", $field[search_field]) as $trg) {
$target[] = explode("-", $trg);
}
unset($cnt);
$cntt = array();
foreach ($target as $st) {
if (!isset($SQL_SEARCH[$st[0]])) {
if (!isset($search[tablesql][$st[0]])) {
$SQL_SEARCH[$st[0]] = "SELECT * FROM " . $st[0] . " WHERE %[PERM]% ";
} else {
$SQL_SEARCH[$st[0]] = $search[tablesql][$st[0]];
}
}
if ($cntt[$st[0]] == 0) {
$SQL_SEARCH[$st[0]] .= " AND ( ";
} else {
$SQL_SEARCH[$st[0]] .= " OR (";
}
$cntt[$st[0]]++;
// Create SQL Query according to search type
if (is_array($_GET[$key]) && isset($_GET[$key][realval]) && count($_GET[$key][realval]) > 1) {
$tcnt = count($_GET[$key][realval]);
$linarray = 1;
} elseif (is_array($_GET[$key]) && count($_GET[$key]) > 1 && !isset($_GET[$key][realval])) {
$tcnt = count($_GET[$key]);
$linarray = 1;
} else {
$tcnt = 1;
$linarray = 0;
}
$opened = 0;
for ($cnt = 0; $cnt < $tcnt; $cnt++) {
unset($this_round);
if (is_array($_GET[$key]) && is_array($_GET[$key][realval])) {
$curval = $_GET[$key][realval][$cnt];
} elseif (is_array($_GET[$key])) {
$curval = $_GET[$key][$cnt];
} else {
$curval = $_GET[$key];
}
if (strlen($curval) > 0) {
if ($cnt > 0) {
$SQL_SEARCH[$st[0]] .= " OR ";
}
if ($opened != 1 && $linarray == 1) {
$SQL_SEARCH[$st[0]] .= " ( ";
$opened = 1;
}
switch ($type) {
case "text":
$SQL_SEARCH[$st[0]] .= $st[1] . "='" . $curval . "' ";
if (strlen($curval) > 0) {
$SEARCH_FIELDS[$st[0]][$st[1]][] = $curval;
}
break;
case "text_like":
$SQL_SEARCH[$st[0]] .= $st[1] . " LIKE '%" . $curval . "%' ";
if (strlen($curval) > 0) {
$SEARCH_FIELDS[$st[0]][$st[1]][] = $curval;
}
break;
case "text_start":
$SQL_SEARCH[$st[0]] .= $st[1] . " LIKE '" . $curval . "%' ";
if (strlen($curval) > 0) {
$SEARCH_FIELDS[$st[0]][$st[1]][] = $curval;
}
break;
case "text_end":
$SQL_SEARCH[$st[0]] .= $st[1] . " LIKE '%" . $curval . "' ";
if (strlen($curval) > 0) {
$SEARCH_FIELDS[$st[0]][$st[1]][] = $curval;
}
break;
case "text_word":
$SQL_SEARCH[$st[0]] .= $st[1] . " LIKE '% " . $curval . " %' ";
if (strlen($curval) > 0) {
$SEARCH_FIELDS[$st[0]][$st[1]][] = $curval;
}
break;
case "text_ext":
$SQL_SEARCH[$st[0]] .= ext_search($st[1], $curval);
if (strlen($curval) > 0) {
$SEARCH_FIELDS[$st[0]][$st[1]][] = $curval;
}
break;
case "user_perm":
$SQL_SEARCH[$st[0]] .= $st[1] . " LIKE '%U" . $curval . "=33333%'";
if (strlen($curval) > 0) {
$SEARCH_FIELDS[$st[0]][$st[1]][] = " ";
}
break;
case "calendar_owner":
$SQL_SEARCH[$st[0]] .= $st[1] . " LIKE '" . $curval . ",,%' OR " . $st[1] . " LIKE '%,," . $curval . "' OR " . $st[1] . " LIKE '%,," . $curval . ",,%' OR " . $st[1] . " LIKE '" . $curval . "'";
if (strlen($curval) > 0) {
$SEARCH_FIELDS[$st[0]][$st[1]][] = " ";
}
break;
case "num_less":
$SQL_SEARCH[$st[0]] .= $st[1] . " <= '" . $curval . "' ";
if (strlen($curval) > 0) {
$SEARCH_FIELDS[$st[0]][$st[1]][] = $curval;
}
break;
case "num_more":
$SQL_SEARCH[$st[0]] .= $st[1] . " >= '" . $curval . "' ";
if (strlen($curval) > 0) {
$SEARCH_FIELDS[$st[0]][$st[1]][] = $curval;
}
break;
case "num_equal":
$SQL_SEARCH[$st[0]] .= $st[1] . " = '" . $curval . "' ";
if (strlen($curval) > 0) {
$SEARCH_FIELDS[$st[0]][$st[1]][] = $curval;
}
break;
}
$done_seart[$st[0]]++;
}
}
if ($linarray == 1 && $opened == 1) {
$SQL_SEARCH[$st[0]] .= " ) ";
}
$SQL_SEARCH[$st[0]] .= ')';
$SQL_SEARCH[$st[0]] = str_replace("AND ( )", "", $SQL_SEARCH[$st[0]]);
}
/* //Close sql )
foreach($SQL_SEARCH as $table => $sql)
{
$SQL_SEARCH[$table].=')';
$SQL_SEARCH[$table]=str_replace("AND ( )","",$SQL_SEARCH[$table]);
}
*/
}
foreach ($search[tables] as $table => $options) {
list($TABLES[$table][list_var], $TABLES[$table][title], $TABLES[$table][options], $TABLES[$table][permission]) = explode("||", $options);
//orig
//list($TABLES[$table][list_var],$TABLES[$table][title],,$TABLES[$table][permission])=explode("||",$options);//0k variante 1
//list($TABLES[$table][list_var],,$TABLES[$table][options],$TABLES[$table][permission])=explode("||",$options);//ok variante 2
//list($TABLES[$table][list_var],,$TABLES[$table][options],$TABLES[$table][permission])=explode("||",$options);
}
//CHECK FOR EMPTY SEARCH
if ($search[allow_empty] != 1) {
foreach ($SQL_SEARCH as $table => $sql) {
if ($done_seart[$table] == 0) {
unset($SQL_SEARCH[$table]);
}
}
}
//Check for result number
foreach ($SQL_SEARCH as $table => $sql) {
list($perm_type, $perm_parent) = explode(";;", $TABLES[$table][permission]);
if ($perm_type == 0) {
$sql = str_replace("%[PERM]%", "1=1", $sql);
}
//print perm_sql_read($sql,$table).'<br><br>';
$rs = @$DB->Execute(perm_sql_read($sql, $table));
$res = $rs->RecordCount();
$totr += $res;
$RESULTNUM[$table] = $res;
}
$RESULTNUM[total] = $totr;
if (isset($search[title])) {
$output = str_replace("%[TITLE]%", $search[title], $SEARCH_TEMPLATE[search_title]);
}
if (isset($search[result_txt])) {
$output .= str_replace("%[DESC]%", str_replace("%[FOUND]%", $RESULTNUM[total], $search[result_txt]), $SEARCH_TEMPLATE[search_desc]);
}
//Render tables results
$output .= '<table width="100%" border=0 cellpadding=5>';
foreach ($SQL_SEARCH as $table => $sql) {
foreach (explode(";;", $TABLES[$table][options]) as $vopt) {
list($opt, $optval) = explode("::", $vopt);
switch ($opt) {
case "exp":
if ($optval == 1) {
$start_vis = 1;
}
break;
case "lock":
if ($optval == 1) {
$noexp = 1;
$start_vis = 1;
}
break;
}
}
if (isset($_GET[$table . "_ordfield"]) || isset($_GET[$table . "_ordtype"]) || isset($_GET[$table . "_st"]) || isset($_GET[$table . "_exp"]) || isset($_GET[$table . "_imp"])) {
$start_vis = 1;
}
if ($start_vis == 1) {
$startpic = $SEARCH_TEMPLATE[group_icon_close];
$cur_vis = "";
} else {
$startpic = $SEARCH_TEMPLATE[group_icon_open];
$cur_vis = "style=\"display:none\"";
}
if ($noexp != 1) {
$more_tit = '<a href="javascript:rigaDOWN(Array(\'' . $table . '\'),\'ico_' . $table . '\',\'' . $table . '\',\'' . $SEARCH_TEMPLATE[group_icon_close] . '\',\'' . $SEARCH_TEMPLATE[group_icon_open] . '\')"><img src="' . $startpic . '" name="ico_' . $table . '" width="16" height="16" border="0" id="ico_' . $table . '"></a>';
} else {
$more_tit = "";
}
if ($TABLES[$table][title] != "") {
$output .= '<tr><td><h5>' . $TABLES[$table][title] . ' ' . $more_tit . '</h5></td></tr>';
}
require_once $CONF[path_base] . $CONF[dir_modules] . $table . "/lists.php";
$curlist = $LISTS[$table][$TABLES[$table][list_var]];
if (isset($SEARCH_FIELDS[$table])) {
foreach ($SEARCH_FIELDS[$table] as $fs => $sterm) {
if (isset($curlist[search_options])) {
$curlist[search_options] .= "||";
}
$curlist[search_options] .= "{$fs}::" . implode(";;", $sterm);
}
}
$curlist[sql_select] = $sql;
if (isset($curlist[search_options])) {
list($perm_type, $perm_parent) = explode(";;", $TABLES[$table][permission]);
if ($perm_type == 0) {
$sql = str_replace("%[PERM]%", "1=1", $sql);
}
$curlist[sql_select] = $sql;
$curlist[options] .= "||search::1";
}
//print $sql;
//PRINT
if ($target_res == 0) {
$curlist[box_title] = "";
unset($curlist[search_options]);
$output .= '<tr id="' . $table . '" ' . $cur_vis . '><td>' . draw_list($curlist, $table) . '</td></tr>';
} elseif ($target_res == 1) {
return draw_list_file($curlist, $table);
} elseif ($target_res == 2) {
if ($format_res == 1) {
$output .= '<tr id="' . $table . '" ' . $cur_vis . '><td>';
$rs = @$DB->Execute(perm_sql_read($sql, $table));
while (!$rs->EOF) {
$res = $rs->FetchRow();
$thisobj = load_fwobject("show", $table, 0);
$output .= draw_object($thisobj, $res[id], $table) . "<br>\n";
}
$output .= '</tr></td>';
} else {
$curlist[box_title] = "";
$output .= '<tr id="' . $table . '" ' . $cur_vis . '><td>' . draw_list($curlist, $table) . '</td></tr>';
}
}
}
$output .= '</table>';
return $output;
}
}
$res_del[title] = FW_DEL_OK;
print draw_response($res_del);
} else {
$res_del[title] = FW_DEL_KO;
print draw_response($res_del);
}
} else {
$res_del[title] = FW_ERROR_NO_PERM_DEL;
print draw_response($res_del);
}
}
if (check_perm_mod($module, "r") == 1) {
$thissearch = load_fwobject("search", "document", 0);
//Check for parent Perm
$perm_parent = perm_sql_read("%[PERM]%", "pratiche");
$perm_parent = str_replace("permessi", "p.permessi", $perm_parent);
$perm_parent = str_replace("id", "p.id", $perm_parent);
$true_sql = "SELECT m.* FROM document m, pratiche p WHERE {$perm_parent} AND p.id=m.ref_id ";
//Dati della pratica
$qP = "SELECT * FROM pratiche WHERE Id = " . $_GET[ref_prat][realval][0];
$rsP = $DB->Execute($qP);
$ThisPrat = $rsP->FetchRow();
$p = $ThisPrat[pr_ref_idcliente];
$titPrat = $ThisPrat[pr_codice];
//Dati del contatto
$qC = "SELECT * FROM contact WHERE Id = " . $p;
$rsC = $DB->Execute($qC);
$ThisCont = $rsC->FetchRow();
$c = $ThisCont[nome];
$St1 = $CONF[gmail_url];
function draw_list_file($list, $module)
{
global $DB, $LIST_TEMPLATE, $CONF, $curstn, $done_id, $search_fields;
$done_id = array();
$start = 0;
$subrow = 0;
// MAKE OPTION ARRAY AND SQL STATEMENT
foreach (explode("||", $list["options"]) as $opt) {
list($k, $v) = explode("::", $opt);
switch ($k) {
case "perpage":
$start = isset($_GET[$module . "_st"]) ? intval($_GET[$module . "_st"] * $v) : "0";
$sql_append2 = " LIMIT " . $_GET[$module . "_st"] * $v . "," . $v;
$perpage = $v;
break;
case "defordfield":
if (isset($_GET[$module . "_ordfield"])) {
$v = $_GET[$module . "_ordfield"];
}
$defield = $v;
$sql_append1 = " ORDER BY " . $v;
break;
case "defordtype":
if (isset($_GET[$module . "_ordtype"]) && ($_GET[$module . "_ordtype"] == "asc" || $_GET[$module . "_ordtype"] == "desc")) {
$v = $_GET[$module . "_ordtype"];
}
$deftype = $v;
$sql_append1 .= " " . $v;
break;
case "defordfield2":
if (isset($_GET[$module . "_ordfield"])) {
$v = $_GET[$module . "_ordfield"];
}
$defield = $v;
$sql_append1 .= " , " . $v;
break;
case "defordtype2":
if (isset($_GET[$module . "_ordtype"]) && ($_GET[$module . "_ordtype"] == "asc" || $_GET[$module . "_ordtype"] == "desc")) {
$v = $_GET[$module . "_ordtype"];
}
$deftype = $v;
$sql_append1 .= " " . $v;
break;
case "defordfield3":
if (isset($_GET[$module . "_ordfield"])) {
$v = $_GET[$module . "_ordfield"];
}
$defield = $v;
$sql_append1 .= " , " . $v;
break;
case "defordtype3":
if (isset($_GET[$module . "_ordtype"]) && ($_GET[$module . "_ordtype"] == "asc" || $_GET[$module . "_ordtype"] == "desc")) {
$v = $_GET[$module . "_ordtype"];
}
$deftype = $v;
$sql_append1 .= " " . $v;
break;
case "exp_sub":
$defexp_sub = $v == 1 ? 1 : 0;
break;
case "exp_child":
$defexp_child = $v == 1 ? 1 : 0;
break;
case "action_style":
$defact_style = $v;
break;
case "row_col":
$row_col = explode(",,", $v);
break;
case "search":
if ($v == 1) {
$is_search = 1;
}
break;
}
}
if (isset($list[search_options])) {
foreach (explode("||", $list["search_options"]) as $sopt) {
list($k, $v) = explode("::", $sopt);
$search_fields[$k] = explode(";;", $v);
}
}
// CHECK IF THERE ARE SUB-ROW
if (isset($list["multilevel"])) {
$subrow = 1;
list($main, $ref, $def) = explode("||", $list["multilevel"]);
if ($is_search != 1) {
if (eregi("where", $list["sql_select"])) {
$sql_where = " AND {$ref} = '{$def}' ";
$sql_where2 = " AND {$ref} = '%ID%' ";
} else {
$sql_where = " WHERE {$ref} = '{$def}' ";
$sql_where2 = " WHERE {$ref} = '%ID%' ";
}
$sql_ref = $list["sql_select"] . $sql_where2 . $sql_append1 . $sql_append2;
} else {
if (eregi("where", $list["sql_select"])) {
$sql_where2 = " AND {$ref} = '%ID%' ";
} else {
$sql_where2 = " WHERE {$ref} = '%ID%' ";
}
$sql_ref = "SELECT * FROM {$module} WHERE %[PERM]% AND {$ref}='%ID%'" . $sql_append1;
}
}
if (strlen($list[box_title]) > 0) {
$output .= str_replace("%[TITLE]%", $list[box_title], $LIST_TEMPLATE[list_title]);
}
$titles = explode("||", $list["titles"]);
$fields = explode("||", $list["fields"]);
//REMEMBER aggiungere trigger error.
if (count($titles) != count($fields)) {
return "Error, field number";
}
$rs = @$DB->Execute(perm_sql_read($list[sql_select] . $sql_where . $sql_append1 . $sql_append2, $module));
$rstot = @$DB->Execute(perm_sql_read($list[sql_select] . $sql_where . $sql_append1, $module));
//List head
$cnt = 0;
if ($subrow == 1) {
$titar[] = ' ';
}
foreach ($titles as $value) {
$cur = "";
list($val, $type) = explode("::", $value);
list($vf, $tf) = explode("::", $fields[$cnt]);
$titar[] = $value;
$cnt++;
}
$odd = 0;
$arcnt = 0;
while (!$rs->EOF) {
$row = $rs->FetchRow();
$cnt = 0;
$output2 = "";
//Fix for search lists (check if a object is a subitem
if ($subrow == 1 && $is_search == 1 && $row[$ref] != $def && !in_array($row[$ref], $done_id)) {
$rstmp = @$DB->Execute(perm_sql_read("SELECT * FROM {$module} WHERE %[PERM]% AND id=" . $row[$ref], $module));
$row = $rstmp->FetchRow();
//Explode this row if search result is in a subrow
if (!isset($_GET[$module . "_exp"])) {
$_GET[$module . "_exp"] = $row[id];
} else {
$_GET[$module . "_exp"] .= "," . $row[id];
}
}
if ($subrow == 1) {
$output2 = draw_subrow($row["id"], $sql_ref, 1, $fields, $list["action"], $defexp, $module);
if ($output2 == '') {
$output2 = "";
$resar[$arcnt][] = ' ';
} else {
$cnt = 1;
}
}
if (is_array($done_id)) {
if (in_array($row[id], $done_id)) {
continue;
} else {
$done_id[] = $row[id];
}
} else {
$done_id[] = $row[id];
}
foreach ($fields as $value) {
$cur = format_field($value, $row, $list["action"]);
if (isset($search_fields[$value])) {
foreach ($search_fields[$value] as $searcht) {
$cur = $cur;
}
}
$resar[$arcnt][] = quote_xml($cur);
}
$arcnt++;
}
$res[tit] = $titar;
$res[res] = $resar;
return $res;
}
<?php
$perm_parent = perm_sql_read("%[PERM]%", "prestazioni");
$SEARCHES[prestazioni][0][form][box_title] = PRESTAZIONI_SEARCH;
$SEARCHES[prestazioni][0][form][form_method] = "GET";
$SEARCHES[prestazioni][0][form][box_desc] = "";
$SEARCHES[prestazioni][0][form][name] = "listprestaz";
$SEARCHES[prestazioni][0][form][onpost] = "action::db||table::test||type::add||wf::id";
$SEARCHES[prestazioni][0][form][ignore] = "";
$SEARCHES[prestazioni][0][form][Fields]["ref_id"]["title"] = PRESTAZIONI_REF_PRATICA;
$SEARCHES[prestazioni][0][form][Fields]["ref_id"]["content"] = "tselect||||url::" . $CONF[url_base] . $CONF[dir_modules] . "pratiche/pages/pratiche_search_div.php?form_id=print_pres&form_page=1&pr_codice=";
$SEARCHES[prestazioni][0][form][Fields]["ref_id"]["from_sql"] = "SELECT * FROM pratiche p WHERE %[PERM]% AND pr_codice LIKE '%[VAL]%%' order by pr_codice asc||val::id;;text::pr_codice;;text2::pr_oggetto;;perm::1;;mod::pratiche;;mul::1";
$SEARCHES[prestazioni][0][form][Fields]["clie"]["title"] = PRESTAZIONI_CUSTOMER;
$SEARCHES[prestazioni][0][form][Fields]["clie"]["content"] = "tselect||||";
$SEARCHES[prestazioni][0][form][Fields]["clie"]["from_sql"] = "SELECT * FROM contact WHERE codice LIKE '%[VAL]%%' order by nome asc||val::id;;text::%codice%;;perm::0;;mod::contact;;mul::1";
$SEARCHES[prestazioni][0][form][Fields]["testo"]["title"] = FW_DESC;
$SEARCHES[prestazioni][0][form][Fields]["testo"]["content"] = "text||||";
$SEARCHES[prestazioni][0][form][Fields]["day_from"]["title"] = FW_FROM;
$SEARCHES[prestazioni][0][form][Fields]["day_from"]["content"] = "date||||";
$SEARCHES[prestazioni][0][form][Fields]["day_to"]["title"] = FW_TO;
$SEARCHES[prestazioni][0][form][Fields]["day_to"]["content"] = "date||||";
$SEARCHES[prestazioni][0][form][Fields]["codice"]["title"] = FW_CODE;
$SEARCHES[prestazioni][0][form][Fields]["codice"]["content"] = "tselect||||wid::8;;url::" . $CONF[url_base] . $CONF[dir_modules] . "admin/pages/ta_search_div.php?simple_ins=1&form_id=listpratiche&form_page=1&codice=";
$SEARCHES[prestazioni][0][form][Fields]["codice"]["from_sql"] = "SELECT * FROM INT_tariffe WHERE tatid LIKE '%[VAL]%%' order by tatid asc||val::tatid;;text2::tatid;;text::tat_desc;;perm::0;;mod::admin;;mul::1;;tab::INT_tariffe;;ids::tatid";
$SEARCHES[prestazioni][0][form][Fields]["operatore"]["title"] = PRESTAZIONI_USER;
$SEARCHES[prestazioni][0][form][Fields]["operatore"]["content"] = "tselect||" . $_SESSION[fw_userid] . "||url::" . $CONF[url_base] . $CONF[dir_modules] . "admin/pages/user_search_div.php?form_id=listpratiche&form_page=1&codice=";
$SEARCHES[prestazioni][0][form][Fields]["operatore"]["from_sql"] = "SELECT * FROM " . $CONF[auth_db_table] . " WHERE codice LIKE '%[VAL]%%' order by codice asc||val::id;;text::codice;;text2::nome;;perm::0;;mul::0;;tab::users";
$SEARCHES[prestazioni][0][form][Fields]["note"]["title"] = FW_NOTE;
$SEARCHES[prestazioni][0][form][Fields]["note"]["content"] = "text||||";
//$SEARCHES[prestazioni][0][form][Fields]["acconti"]["title"]=FW_ACCONTI;
//$SEARCHES[prestazioni][0][form][Fields]["acconti"]["content"]="text||||";
function check_form($Form, $post_result, $page = 1)
{
global $FORM_TEMPLATE, $CUR_LANG, $FORM_TYPE, $CONF, $DB;
$cur_page = 1;
foreach (explode("||", $Form["onpost"]) as $value) {
list($types, $val) = explode("::", $value);
switch ($types) {
case "action":
$faction = $val;
break;
case "table":
$ftable = $val;
break;
case "wf":
$fwheref = $val;
break;
}
}
unset($value);
unset($val);
foreach ($Form["Fields"] as $key => $value) {
list($InputType, $valuef, $options) = explode("||", $Form["Fields"][$key]["content"]);
//Let's check if there's a group starting or ending
if ($InputType == "group") {
$group_part = explode("_", $key);
if ($group_part[1] == "start") {
$cur_group = $key;
} elseif ($group_part[1] == "end") {
unset($cur_group);
}
}
$pre_err = $err;
//check if we're changing page
if ($InputType == "page" && $valuef != $cur_page) {
$cur_page = $valuef;
}
//CONVERT DATE FORMAT TO MYSQL
if ($InputType == "date" && strlen($post_result[$key]) > 0) {
//$mysql_date=$post_result[$key][year].'-'.$post_result[$key][month].'-'.$post_result[$key][day];
$mysql_date = substr($post_result[$key], 6, 4) . "-" . substr($post_result[$key], 3, 2) . "-" . substr($post_result[$key], 0, 2);
unset($post_result[$key]);
$post_result[$key] = $mysql_date;
$_POST[$key] = $mysql_date;
$_GET[$key] = $mysql_date;
}
//CONVERT MSELECT TO ARRAY
if ($InputType == "mselect") {
if (strlen(trim($post_result[$key])) > 0) {
$nr = explode(",,", $post_result[$key]);
unset($post_result[$key]);
$post_result[$key] = array($nr);
$_POST[$key] = $nr;
$_GET[$key] = $nr;
} else {
$_POST[$key] = " ";
unset($post_result[$key]);
}
}
//check for real result of a tselect
if ($InputType == "tselect" && strlen($post_result[$key][text]) > 0 && $post_result[$key][realval] == "") {
unset($rests);
unset($ids);
unset($perm);
unset($mod);
unset($mults);
list($tsql, $toption) = explode("||", $Form["Fields"][$key][from_sql]);
foreach (explode(";;", $toption) as $topt) {
list($tokey, $toval) = explode("::", $topt);
switch ($tokey) {
case "val":
$valsql = $toval;
break;
case "text":
$textsql = $toval;
break;
case "perm":
$perm = $toval;
break;
case "mod":
$module = $toval;
break;
case "mul":
$mults = $toval;
break;
case "ids":
$ids = $toval;
break;
}
}
if (!isset($ids)) {
$ids = "id";
}
//Check for permission
if ($perm == 1 && isset($module)) {
//print perm_sql_read(str_replace("%[VAL]%",$post_result[$key][text],$tsql),$module);
$rs = @$DB->Execute(perm_sql_read(str_replace("%[VAL]%", $post_result[$key][text], $tsql), $module));
} else {
$rs = @$DB->Execute(str_replace("%[VAL]%", $post_result[$key][text], $tsql));
}
unset($exactm);
//get Sql results
while (!$rs->EOF) {
$selec = "";
$row = $rs->FetchRow();
$rests[] = $row[$ids];
if (strlen($rests_error) > 0) {
$rests_error .= ", " . $row[$textsql];
} else {
$rests_error .= $row[$textsql];
}
if ($post_result[$key][text] == $row[$textsql]) {
$exactm = $row[$ids];
$exactt = $row[$textsql];
}
}
if (isset($exactm)) {
unset($rests);
$rests[] = $exactm;
}
//Check if query have more than 1 result and multi is set to 0
if (count($rests) > 1 && $mults == 0) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], str_replace("%VAL%", $rests_error, FW_ERRORFORM_TSELECT_MULTI)) . "<BR>\n";
$error[$key] = 1;
$_POST[$key][realval] = $rests;
$_GET[$key][realval] = $rests;
$post_result[$key][realval] = $rests;
} else {
$_POST[$key][realval] = $rests;
$_GET[$key][realval] = $rests;
$post_result[$key][realval] = $rests;
if ($mults == 0) {
if (isset($exactt)) {
$restext = $exactt;
} else {
$restext = $row[$textsql];
}
$_POST[$key][text] = $restext;
$_GET[$key][text] = $restext;
$post_result[$key][text] = $restext;
}
}
unset($rs);
unset($row);
}
if ($cur_page == $page && !in_array($InputType, $CONF[form_ignoretype])) {
//Check for specific Regular expression
if (isset($Form["Fields"][$key]["reg_check"])) {
if (!eregi($Form["Fields"][$key]["reg_check"], $post_result[$key])) {
$err++;
$error[$key] = 1;
if (isset($Form["Fields"][$key]["reg_resp"])) {
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], $Form["Fields"][$key]["reg_resp"]) . "<BR>\n";
} else {
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], FW_ERRORFORM_REGNOVALID) . "<BR>\n";
}
}
}
//Check for other error type
foreach (explode(";;", $Form["Fields"][$key]["er_check"]) as $value) {
if (!strstr($value, "::")) {
break;
}
list($type, $val) = explode("::", $value);
switch ($type) {
case "nodupe":
if ($val == 1) {
if (!isset($_GET[id])) {
$sql_cd = "SELECT * FROM {$ftable} WHERE {$key}='" . $post_result[$key] . "'";
} else {
$sql_cd = "SELECT * FROM {$ftable} WHERE {$key}='" . $post_result[$key] . "' AND id <> " . $_GET[id];
}
$rs_dupe = $DB->Execute($sql_cd);
if ($rs_dupe->RecordCount() > 0) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], str_replace("%VAL%", $val, FW_ERRORFORM_IS_DUPE)) . "<BR>\n";
$error[$key] = 1;
}
}
break;
case "min":
if (strlen($post_result[$key]) < $val && $InputType != "checkbox" && $InputType != "select" && $InputType != "mselect" && !isset($Form["Fields"][$key]["err_resp"])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], str_replace("%VAL%", $val, FW_ERRORFORM_MINSTR)) . "<BR>\n";
$error[$key] = 1;
}
if (count($post_result[$key]) < $val && ($InputType == "select" || $InputType == "checkbox" || $InputType == "mselect") && !isset($Form["Fields"][$key]["err_resp"])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], str_replace("%VAL%", $val, FW_ERRORFORM_MINSEL)) . "<BR>\n";
$error[$key] = 1;
}
if ((count($post_result[$key][realval]) < $val || $post_result[$key][realval] == "") && $InputType == "tselect" && !isset($Form["Fields"][$key]["err_resp"])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], str_replace("%VAL%", $val, FW_ERRORFORM_MINSEL)) . "<BR>\n";
$error[$key] = 1;
}
if ((strlen($post_result[$key]) < $val && !is_array($post_result[$key]) || count($post_result[$key]) < $val && is_array($post_result[$key])) && isset($Form["Fields"][$key]["err_resp"])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], str_replace("%VAL%", $val, $Form["Fields"][$key]["err_resp"])) . "<BR>\n";
$error[$key] = 1;
}
break;
case "max":
if (strlen($post_result[$key]) > $val && $InputType != "checkbox" && $InputType != "select" && !isset($Form["Fields"][$key]["err_resp"])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], str_replace("%VAL%", $val, FW_ERRORFORM_MAXSTR)) . "<BR>\n";
$error[$key] = 1;
}
if (count($post_result[$key]) > $val && ($InputType == "select" || $InputType == "checkbox" || $InputType == "mselect") && !isset($Form["Fields"][$key]["err_resp"])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], str_replace("%VAL%", $val, FW_ERRORFORM_MAXSEL)) . "<BR>\n";
$error[$key] = 1;
}
if ((strlen($post_result[$key]) > $val && !is_array($post_result[$key]) || count($post_result[$key]) > $val && is_array($post_result[$key])) && isset($Form["Fields"][$key]["err_resp"])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], str_replace("%VAL%", $val, $Form["Fields"][$key]["err_resp"])) . "<BR>\n";
$error[$key] = 1;
}
break;
case "chk":
if ($val == 1 && !isset($post_result[$key]) && !isset($Form["Fields"][$key]["err_resp"])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], FW_ERRORFORM_NOCHK) . "<BR>\n";
$error[$key] = 1;
} elseif ($val == 1 && !isset($post_result[$key]) && isset($Form["Fields"][$key]["err_resp"])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], $Form["Fields"][$key]["err_resp"]) . "<BR>\n";
$error[$key] = 1;
}
break;
case "type":
//type management, just Reg. Expression
switch ($val) {
case "crit":
if (!ereg('^(MIN\\*|MED\\.|MAX/)[1-9]{1}$', $post_result[$key])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], FW_ERRORFORM_TYPECRIT) . "<BR>\n";
$error[$key] = 1;
}
break;
case "float":
if (!ereg("^-?[0-9]+((,|\\.)[0-9]{1,})?\$", $post_result[$key]) && strlen($post_result[$key]) > 0) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], FW_ERRORFORM_TYPEFLOAT) . "<BR>\n";
$error[$key] = 1;
}
break;
case "email":
if (eregi("(@.*@)|(\\.\\.)|(@\\.)|(\\.@)|(^\\.)", $post_result[$key]) || !eregi("^.+\\@(\\[?)[-_a-zA-Z0-9\\.]+\\.([a-zA-Z]{2,3}|[0-9]{1,3})(\\]?)\$", $post_result[$key])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], FW_ERRORFORM_TYPEMAIL) . "<BR>\n";
$error[$key] = 1;
}
break;
case "url":
if (!eregi("^https?://[a-z0-9-]+(\\.[a-z0-9-]+)*\\.([0-9]{1,3}|[a-z]{2,4})", $post_result[$key])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], FW_ERRORFORM_TYPEURL) . "<BR>\n";
$error[$key] = 1;
}
break;
case "phone":
if (!eregi("^\\+?[0-9 ]{4}", $post_result[$key])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], FW_ERRORFORM_TYPEPHONE) . "<BR>\n";
$error[$key] = 1;
}
break;
//File Manager
//File Manager
case "fimgreq":
$arr = @getimagesize($_FILES[$key]['tmp_name']);
if (!$arr) {
$err++;
$resp_er .= "Il campo " . $Form["Fields"][$key]["title"] . "\tnon\tcontiene un\tfile riconosciuto\tcome immagine\tvalida.<BR>\n";
$error[$key] = 1;
}
break;
case "fimg":
$arr = @getimagesize($_FILES[$key]['tmp_name']);
if (!$arr && isset($_FILES[$key]['tmp_name']) && $_FILES[$key]['tmp_name'] != "") {
$err++;
$resp_er .= "Il\tcampo\t" . $Form["Fields"][$key]["title"] . " non contiene\tun file\triconosciuto come\timmagine valida.<BR>\n";
$error[$key] = 1;
}
break;
// Check for integer
// Check for integer
case "int":
if (!is_id($post_result[$key])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], FW_ERRORFORM_TYPEINT) . "<BR>\n";
$error[$key] = 1;
}
break;
case "alfanum":
if (!ereg("^[[:alnum:]]+\$", $post_result[$key])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], FW_ERRORFORM_ALFANUM) . "<BR>\n";
$error[$key] = 1;
}
break;
//Check for Module defined error type
//Check for Module defined error type
default:
if (isset($FORM_TYPE[$val])) {
if (!eregi($FORM_TYPE[$val][reg_exp], $post_result[$key])) {
$err++;
$resp_er .= str_replace("%FIELD%", $Form["Fields"][$key]["title"], $FORM_TYPE[$val][err_resp]) . "<BR>\n";
$error[$key] = 1;
}
} else {
//Load the form type definition from the corresponding module, error type name should be in format module_errortype
if (strstr($val, "_")) {
$type_part = explode("_", $val);
require_once $CONF[path_base] . $CONF[dir_modules] . $type_part[0] . "/form.php";
if (isset($FORM_TYPE[$val])) {
if (!eregi($FORM_TYPE[$val][reg_exp], $post_result[$key])) {
$err++;
$resp_er .= str_replace("%FIRLD%", $Form["Fields"][$key]["title"], $FORM_TYPE[$val][err_resp]) . "<BR>\n";
$error[$key] = 1;
}
} else {
trigger_error(str_replace("%ELEMENT%", $val, FW_ERROR_NOFORMERROR), E_USER_NOTICE);
}
} else {
trigger_error(str_replace("%ELEMENT%", $val, FW_ERROR_NOFORMERROR), E_USER_NOTICE);
}
}
break;
}
break;
default:
//If it's not a standard error check, lets check if it's a module defined function and run it
if (strstr($type, "_")) {
$func_name = str_replace("_", "_formerror_", $type);
if (!function_exists($func_name)) {
$function_part = explode("_", $type);
require_once $CONF[path_base] . $CONF[dir_modules] . $function_part[0] . "/form.php";
if (!function_exists($func_name)) {
trigger_error(str_replace("%ELEMENT%", $type, FW_ERROR_NOFORMERROR), E_USER_ERROR);
}
}
//Launch error managing function and get result, 1 for ok else resp
$res_func = $func_name($Form["Fields"][$key], $key, $post_result[$key], $val);
if ($res_func != 1) {
$err++;
$resp_er .= $res_func;
$error[$key] = 1;
}
unset($res_fun);
} else {
trigger_error(str_replace("%ELEMENT%", $InputType, FW_ERROR_NOFORMERROR), E_USER_ERROR);
}
break;
}
}
}
//Set group level error
if ($err > $pre_err && isset($cur_group)) {
$error[$cur_group] = 1;
}
}
if ($err == 0) {
return 1;
} else {
$error["resp"] = $resp_er;
return $error;
}
}
} else {
$curmonth = date("m");
}
if (isset($_GET[year]) && is_numeric($_GET[year])) {
$curyear = $_GET[year];
} else {
$curyear = date("Y");
}
if (isset($_GET[day]) && is_numeric($_GET[day])) {
$curday = $_GET[day];
} elseif ($curmonth == date("m") && $curyear == date("Y")) {
$curday = date("d");
}
$maxday = howmany_days($curmonth, $curyear);
//, pratiche p AND m.ref_prat=p.id type=0 AND
$rs = $DB->Execute(perm_sql_read("SELECT * FROM {$module} m WHERE day <= '{$curyear}-{$curmonth}-{$maxday}' AND day >= '{$curyear}-{$curmonth}-01' AND (operator LIKE '" . $_SESSION[fw_userid] . ",,%' OR operator ='" . $_SESSION[fw_userid] . "')", $module));
$cnt = 0;
while (!$rs->EOF) {
$app = $rs->FetchRow();
$day_app[$app[day]][$cnt] = $app;
$day_app[$app[day]][tot]++;
$cnt++;
}
$null = ob_get_contents();
ob_end_clean();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Calendar</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
$result[operatore] = $_SESSION[fw_userid];
$thisform[onpost] = str_replace("type::add", "type::upd", $thisform[onpost]);
$thisform[Fields][send][content] = "submit||" . PRESTAZIONI_ADD . "||";
$response[title] = PRESTAZIONI_ADD_DONE;
$response[text] = PRESTAZIONI_ADD_DONE_TXT . "<br><br>" . make_button($str_prima_nota, PRESTAZIONI_BACK_LIST);
} else {
$response[title] = FW_ERROR_NO_PERM;
$response[text] = FW_ERROR_NO_PERM_TXT;
$iserror = 1;
print draw_response($response);
}
} elseif (isset($_GET[app_id]) && $_POST[form_id] == $thisform["name"]) {
$PAGE[PAGE_INTITLE] = STUDIO_ADD_SPESA . " 2";
$PAGE[TXT_TITLE] = STUDIO_ADD_SPESA;
$ad = "add";
$rs = $DB->Execute(perm_sql_read("SELECT * FROM calendar m, pratiche p WHERE %[PERM]% AND p.id=m.ref_prat AND m.id=" . $_GET[app_id], "calendar"));
if ($result_cal = $rs->FetchRow()) {
insert_last_viewed($result_cal[ref_id], "pratiche");
$PAGE_ELEMENT[PAGE][1][0][param] = $result_cal[ref_prat];
//$result[ref_id]=$result_cal[ref_prat];
$rs2 = $DB->Execute("SELECT * FROM pratiche WHERE id=" . $result_cal[ref_prat]);
$result_prat = $rs2->FetchRow();
$thisform[Fields][title_pratica][title] = PRESTAZIONI_REF_PRATICA;
$thisform[Fields][title_pratica][content] = "text||" . $result_prat[pr_codice] . "||wid::40;;disab::1";
$thisform[Fields][ref_id][content] = "hidden||" . $result_prat[id] . "||";
$thisform[Fields][valore_pratica][content] = "hidden||" . $result_prat[pr_valore] . "||";
$thisform[Fields][tipo_pratica][content] = "hidden||" . $result_prat[pr_comp_cod] . "||";
//
////CONTINUA AD INSERIRE NUOVE PRESTAZIONI
//$thisform[Fields][continuaIns][title]=PRESTAZIONI_CONTINUA_INS_TIT;
//$thisform[Fields][continuaIns][content]="checkbox||||opt::".PRESTAZIONI_CONTINUA_INS."=>1;;size::1";
function draw_object($object, $id, $module, $real_obj = "")
{
global $DB, $CONF, $CUR_TEMPLATE;
foreach (explode("||", $object[options]) as $value) {
list($type, $val) = explode("::", $value);
switch ($type) {
case "perm":
$perm = $val;
break;
}
}
if ($real_obj == "") {
if ($perm == 0) {
$rs = @$DB->Execute(str_replace("%[ID]%", $id, $object[sql_select]));
} else {
$rs = @$DB->Execute(perm_sql_read(str_replace("%[ID]%", $id, $object[sql_select]), $module));
}
//print perm_sql_read(str_replace("%[ID]%",$id,$object[sql_select]),$module);
if (!$rs) {
return 0;
}
if ($rs->RecordCount() != 1) {
$response[title] = FW_ERROR_NO_OBJ;
$response[text] = FW_ERROR_NO_OBJ_FOUND;
return draw_response($response);
}
$this_object = $rs->FetchRow();
log_event("S", $module, $id);
} else {
$this_object = $real_obj;
}
$obj_template_content = file_get_contents($CONF[path_base] . $CONF[dir_modules] . $module . "/" . $CONF[dir_template] . $CUR_TEMPLATE[name] . '/' . $object[object_template]);
foreach ($object[Fields] as $fname => $ftitle) {
list($val, $type) = explode("::", $ftitle);
$cur = $this_object[$fname];
if (isset($type)) {
switch ($type) {
case "low":
$val = strtolower($val);
break;
case "up":
$val = strtoupper($val);
break;
case "date":
list($yy, $mm, $dd) = explode('-', $cur);
if ($yy != "0000" && $mm != "00" && $dd != "00") {
$cur = date($CONF[date_format], mktime(7, 0, 0, $mm, $dd, $yy));
} else {
$cur = "";
}
break;
}
}
if ($type[0] == "(") {
$type = str_replace("(", "", $type);
$type = str_replace(")", "", $type);
foreach (explode("||", $type) as $v) {
list($or, $re) = explode("=>", $v);
if ($cur == $or) {
$cur = $re;
}
}
}
if ($type[0] == "[") {
$type = str_replace("[", "", $type);
$type = str_replace("]", "", $type);
list($sql_q, $field_show) = explode(";;", $type);
if (!strstr($cur, ",,")) {
$sql_q = str_replace("%ID%", $cur, $sql_q);
$type_query = @$DB->Execute($sql_q);
$row_query = $type_query->FetchRow();
$cur = $row_query[$field_show];
} else {
$newcur = "";
foreach (explode(",,", $cur) as $curr) {
$sqln = str_replace("%ID%", $curr, $sql_q);
$type_query = @$DB->Execute($sqln);
$row_query = $type_query->FetchRow();
$newcur .= $row_query[$field_show] . ' ';
}
$cur = $newcur;
}
}
if ($type[0] == "{") {
$type = str_replace("{", "", $type);
$type = str_replace("}", "", $type);
list($sql_q, $field_show, $sep) = explode(";;", $type);
$sql_q = str_replace("%ID%", $cur, $sql_q);
$type_query = @$DB->Execute($sql_q);
$cur = "";
$cmul = 0;
while (!$type_query->EOF) {
if ($cmul > 0) {
$cur .= $sep;
}
$row_query = $type_query->FetchRow();
$cur .= $row_query[$field_show];
$cmul++;
}
}
if (substr($type, 0, 6) == "func=>") {
$type = str_replace("func=>", "", $type);
$cur = $type($this_object);
}
if (ereg("^[0-9]+(\\.|,)[0-9]*\$", $cur)) {
$cur = str_replace(".", ",", $cur);
}
$obj_template_content = str_replace("%[" . strtoupper($fname) . "-TITLE]%", $val, $obj_template_content);
$obj_template_content = str_replace("%[" . strtoupper($fname) . "]%", $cur, $obj_template_content);
}
return $obj_template_content;
}
$rs = $DB->Execute(perm_sql_read("SELECT * FROM pratiche p WHERE %[PERM]% AND (pr_ref_idcliente=" . $_GET[id] . " OR pr_ref_idavvr=" . $_GET[id] . " OR pr_ref_idbenefic=" . $_GET[id] . " OR pr_ref_idaltri=" . $_GET[id] . ")", "pratiche"));
if ($rs->RecordCount() > 0) {
$thisobj["Fields"]["button_sitcont"] = make_button_clean(PRATICHE_SITCONT, 'onClick="loadLayerWindow(\'' . $CONF[url_base] . $CONF[dir_modules] . 'contact/pages/contact_sitcont.php?id=' . $_GET[id] . '\');"');
$thislist = load_fwobject("lists", "pratiche", 0);
$thislist["sql_select"] = "SELECT * FROM pratiche p WHERE %[PERM]% AND (pr_ref_idcliente=" . $_GET[id] . " OR pr_ref_idavvr=" . $_GET[id] . " OR pr_ref_idbenefic=" . $_GET[id] . " OR pr_ref_idaltri=" . $_GET[id] . ")";
$thisobj["Fields"]["prat_col"] = ' <tr>
<th colspan="2" width="100%" align="center"> <b>' . CONTACT_PRAT_RELATED . '</b></th>
</tr>
<tr>
<td width="100%" colspan="2" onMouseOver="this.className=\'pratica-over-sub\'" onMouseOut="this.className=\'null\'">' . draw_list($thislist, "pratiche") . '</td>
</tr>';
} else {
$thisobj["Fields"]["prat_col"] = "";
$thisobj["Fields"]["button_sitcont"] = "";
}
$rs2 = $DB->Execute(perm_sql_read("SELECT * FROM calendar p WHERE %[PERM]% AND (ref_cont=" . $_GET[id] . ")", "calendar"));
if ($rs2->RecordCount() > 0) {
$restlist = load_fwobject("lists", "calendar", 6);
$restlist["sql_select"] = "SELECT * FROM calendar p WHERE %[PERM]% AND (ref_cont=" . $_GET[id] . ")";
$thisobj["Fields"]["pro_restr"] = ' <tr>
<th colspan="2" width="100%" align="center"> <b>' . CONTACT_PROVV_RESTR . '</b></th>
</tr>
<tr>
<td width="100%" colspan="2" onMouseOver="this.className=\'pratica-over-sub\'" onMouseOut="this.className=\'null\'">' . draw_list($restlist, "calendar") . '</td>
</tr>';
} else {
$thisobj["Fields"]["pro_restr"] = "";
}
print draw_object($thisobj, intval($_GET[id]), $module);
} else {
$response[title] = FW_ERROR_NO_PERM;