function initLookupParams() { global $cman; $this->parId = postvalue("parId"); $this->firstTime = postvalue("firsttime"); $this->mainField = postvalue("field"); $this->lookupControl = postvalue("control"); $this->lookupCategory = postvalue("category"); $this->mainTable = postvalue("table"); // convert into an array as parent ctrl can have multiple values if (!is_array($this->lookupCategory)) { $this->lookupCategory = strlen($this->lookupCategory) != 0 ? splitvalues($this->lookupCategory) : array(); } $arrCategory = array(); foreach ($this->lookupCategory as $categValue) { $arrCategory[] = "category[]=" . $categValue; } $lookCategory = implode("&", $arrCategory); if ($lookCategory) { $lookCategory = "&" . $lookCategory; } $this->lookupParams = "mode=lookup&id=" . $this->id . "&parId=" . $this->parId . "&field=" . rawurlencode($this->mainField) . "&control=" . rawurlencode($this->lookupControl) . $lookCategory . "&table=" . rawurlencode($this->mainTable) . "&editMode=" . postvalue('editMode'); $pageType = postvalue("pageType"); if ($pageType != PAGE_ADD && $pageType != PAGE_EDIT) { $pageType = PAGE_SEARCH; } $this->mainPSet = new ProjectSettings($this->mainTable, $pageType); $this->linkField = $this->mainPSet->getLinkField($this->mainField); $this->dispField = $this->mainPSet->getDisplayField($this->mainField); if ($this->mainPSet->getCustomDisplay($this->mainField)) { $this->dispFieldAlias = GetGlobalData("dispFieldAlias", "rrdf1"); $this->pSet->getSQLQuery()->AddCustomExpression($this->mainPSet->getDisplayField($this->mainField), $this->pSet, $this->mainTable, $this->mainField, $this->dispFieldAlias); $this->customField = $this->linkField; } $this->outputFieldValue($this->linkField, 2); $this->outputFieldValue($this->dispField, 2); if ($this->mainPSet->useCategory($this->mainField)) { $this->categoryField = $this->mainPSet->getCategoryFilter($this->mainField); } $this->strLookupWhere = GetLWWhere($this->mainField, $pageType, $this->mainTable); if ($this->dispFieldAlias && $this->pSet->appearOnListPage($this->dispField)) { $this->lookupSelectField = $this->dispField; } elseif ($this->pSet->appearOnListPage($this->dispField)) { $this->lookupSelectField = $this->dispField; } else { $this->lookupSelectField = $this->listFields[0]['fName']; } if (!$this->categoryField) { $this->lookupCategory = array(); } $orderByField = $this->mainPSet->getLookupOrderBy($this->mainField); if (strlen($orderByField)) { // adjust the ORDER BY clause according to the main lookup settings $this->gstrOrderBy = " ORDER BY " . $this->connection->addTableWrappers($this->tName) . "." . $this->connection->addFieldWrappers($orderByField); if ($this->mainPSet->isLookupDesc($this->mainField)) { $this->gstrOrderBy .= ' DESC'; } } }
} require_once "include/" . $table . "_variables.php"; $cipherer = new RunnerCipherer($strTableName); $gSettings = new ProjectSettings($strTableName, $pageType); $field = postvalue('searchField'); $value = postvalue('searchFor'); $output = ""; $response = array(); $category = postvalue('category'); $LookupSQL = ""; $lookupValue = postvalue('lookupValue'); $isExistParent = postvalue('isExistParent'); $searchByLinkField = postvalue('searchByLinkField'); $values = postvalue('multiselection') ? splitvalues($value) : array($value); // convert into an array as parent ctrl can have multiple values $lookupCategory = !$isExistParent ? array() : splitvalues($category); // if suggest for dashboard search if ($gSettings->getNType() == DASHBOARD_SEARCH) { $dashFields = $gSettings->getDashboardSearchFields(); $table = GoodFieldName($dashFields[$field][0]["table"]); $strTableName = GetTableByShort($table); $field = GoodFieldName($dashFields[$field][0]["field"]); if (!checkTableName($table)) { exit(0); } require_once "include/" . $table . "_variables.php"; $cipherer = new RunnerCipherer($strTableName); $gSettings = new ProjectSettings($strTableName, $pageType); } $hasWhere = false; $fieldsArr = $gSettings->getFieldsList();
function StrWhereAdv($strField, $SearchFor, $strSearchOption, $SearchFor2, $etype, $isSuggest) { global $strTableName; $pSet = new ProjectSettings($strTableName, PAGE_SEARCH); $cipherer = new RunnerCipherer($strTableName); $type = $pSet->getFieldType($strField); $isOracle = false; $ismssql = false; $isdb2 = false; $btexttype = IsTextType($type); $isMysql = false; if (IsBinaryType($type)) { return ""; } if ($strSearchOption == 'Empty') { if (IsCharType($type) && (!$ismssql || !$btexttype) && !$isOracle) { return "(" . GetFullFieldNameForInsert($pSet, $strField) . " is null or " . GetFullFieldNameForInsert($pSet, $strField) . "='')"; } elseif ($ismssql && $btexttype) { return "(" . GetFullFieldNameForInsert($pSet, $strField) . " is null or " . GetFullFieldNameForInsert($pSet, $strField) . " LIKE '')"; } else { return GetFullFieldNameForInsert($pSet, $strField) . " is null"; } } $like = "ilike"; if ($pSet->getEditFormat($strField) == EDIT_FORMAT_LOOKUP_WIZARD) { if ($pSet->multiSelect($strField)) { $SearchFor = splitvalues($SearchFor); } else { $SearchFor = array($SearchFor); } $ret = ""; foreach ($SearchFor as $value) { if (!($value == "null" || $value == "Null" || $value == "")) { if (strlen($ret)) { $ret .= " or "; } if ($strSearchOption == "Equals") { $value = make_db_value($strField, $value); if (!($value == "null" || $value == "Null")) { $ret .= GetFullFieldName($strField, "", false) . '=' . $value; } } elseif ($isSuggest) { $ret .= " " . GetFullFieldName($strField, "", false) . " " . $like . " " . db_prepare_string('%' . $value . '%'); } else { if (strpos($value, ",") !== false || strpos($value, '"') !== false) { $value = '"' . str_replace('"', '""', $value) . '"'; } if ($isMysql) { $value = str_replace('\\\\', '\\\\\\\\', $value); } //for search by multiply Lookup wizard field $ret .= GetFullFieldName($strField, "", false) . " = " . db_prepare_string($value); $ret .= " or " . GetFullFieldName($strField, "", false) . " " . $like . " " . db_prepare_string("%," . $value . ",%"); $ret .= " or " . GetFullFieldName($strField, "", false) . " " . $like . " " . db_prepare_string("%," . $value); $ret .= " or " . GetFullFieldName($strField, "", false) . " " . $like . " " . db_prepare_string($value . ",%"); } } } if (strlen($ret)) { $ret = "(" . $ret . ")"; } return $ret; } if ($pSet->GetEditFormat($strField) == EDIT_FORMAT_CHECKBOX) { if ($SearchFor == "none") { return ""; } if (NeedQuotes($type)) { $isOracle = false; if ($SearchFor == "on") { $whereStr = "(" . GetFullFieldName($strField) . "<>'0' "; if (!$isOracle) { $whereStr .= " and " . GetFullFieldName($strField) . "<>'' "; } $whereStr .= " and " . GetFullFieldName($strField) . " is not null)"; return $whereStr; } elseif ($SearchFor == "off") { $whereStr = "(" . GetFullFieldName($strField) . "='0' "; if (!$isOracle) { $whereStr .= " or " . GetFullFieldName($strField) . "='' "; } $whereStr .= " or " . GetFullFieldName($strField) . " is null)"; } } else { if ($SearchFor == "on") { return "(" . GetFullFieldName($strField) . "<>0 and " . GetFullFieldName($strField) . " is not null)"; } elseif ($SearchFor == "off") { return "(" . GetFullFieldName($strField) . "=0 or " . GetFullFieldName($strField) . " is null)"; } } } $value1 = $cipherer->MakeDBValue($strField, $SearchFor, $etype, "", true); $value2 = false; $cleanvalue2 = false; if ($strSearchOption == "Between") { $cleanvalue2 = prepare_for_db($strField, $SearchFor2, $etype); $value2 = make_db_value($strField, $SearchFor2, $etype); } if ($strSearchOption != "Contains" && $strSearchOption != "Starts with" && ($value1 === "null" || $value2 === "null") && !$cipherer->isFieldPHPEncrypted($strField)) { return ""; } if (IsCharType($type) && !$btexttype) { if (!$cipherer->isFieldPHPEncrypted($strField)) { $value1 = $pSet->isEnableUpper($value1); $value2 = $pSet->isEnableUpper($value2); $gstrField = $pSet->isEnableUpper(GetFullFieldName($strField, "", false)); } else { $gstrField = GetFullFieldName($strField, "", false); } } elseif ($strSearchOption == "Contains" || $strSearchOption == "Starts with") { $gstrField = db_field2char(GetFullFieldName($strField, "", false), $type); } elseif ($pSet->getViewFormat($strField) == FORMAT_TIME) { $gstrField = db_field2time(GetFullFieldName($strField, "", false), $type); } else { $gstrField = GetFullFieldName($strField, "", false); } $ret = ""; if ($strSearchOption == "Contains") { if ($isMysql) { $SearchFor = str_replace('\\\\', '\\\\\\\\', $SearchFor); } if ($cipherer->isFieldPHPEncrypted($strField)) { return $gstrField . "=" . $cipherer->MakeDBValue($strField, $SearchFor); } if (IsCharType($type) && !$btexttype) { return $gstrField . " " . $like . " " . $pSet->isEnableUpper(db_prepare_string("%" . $SearchFor . "%")); } else { return $gstrField . " " . $like . " " . db_prepare_string("%" . $SearchFor . "%"); } } else { if ($strSearchOption == "Equals") { return $gstrField . "=" . $value1; } else { if ($strSearchOption == "Starts with") { if ($isMysql) { $SearchFor = str_replace('\\\\', '\\\\\\\\', $SearchFor); } if (IsCharType($type) && !$btexttype) { return $gstrField . " " . $like . " " . $pSet->isEnableUpper(db_prepare_string($SearchFor . "%")); } else { return $gstrField . " " . $like . " " . db_prepare_string($SearchFor . "%"); } } else { if ($strSearchOption == "More than") { return $gstrField . ">" . $value1; } else { if ($strSearchOption == "Less than") { return $gstrField . "<" . $value1; } else { if ($strSearchOption == "Equal or more than") { return $gstrField . ">=" . $value1; } else { if ($strSearchOption == "Equal or less than") { return $gstrField . "<=" . $value1; } else { if ($strSearchOption == "Between") { $ret = $gstrField . ">=" . $value1 . " and "; if (IsDateFieldType($type)) { $timeArr = db2time($cleanvalue2); // for dates without time, add one day if ($timeArr[3] == 0 && $timeArr[4] == 0 && $timeArr[5] == 0) { $timeArr = adddays($timeArr, 1); $value2 = $timeArr[0] . "-" . $timeArr[1] . "-" . $timeArr[2]; $value2 = add_db_quotes($strField, $value2, $strTableName); $ret .= $gstrField . "<" . $value2; } else { $ret .= $gstrField . "<=" . $value2; } } else { $ret .= $gstrField . "<=" . $value2; } return $ret; } } } } } } } } return ""; }
function GenericStrWhereAdv($strTable, $strField, $SearchFor, $strSearchOption, $SearchFor2, $etype) { global $dal; $sfield = $strField; $stable = ""; if (is_wr_db()) { WRSplitFieldName($strField, $stable, $sfield); $type = WRGetFieldType($strField); } else { $type = WRCustomGetFieldType($strTable, $strField); } if (GetDatabaseType() != nDATABASE_MSSQLServer) { $ismssql = false; } else { $ismssql = true; } $btexttype = IsTextType($type); if (GetDatabaseType() == nDATABASE_MySQL) { $btexttype = false; } if (IsBinaryType($type)) { return ""; } if (GetDatabaseType() == nDATABASE_MSSQLServer) { if ($btexttype && $strSearchOption != "Contains" && $strSearchOption != "Starts with ...") { return ""; } } if ($strSearchOption == 'Empty') { if (IsCharType($type) && (!$ismssql || !$btexttype)) { return "(" . WRAddFieldWrappers($strField) . " is null or " . WRAddFieldWrappers($strField) . "='')"; } elseif ($ismssql && $btexttype) { return "(" . WRAddFieldWrappers($strField) . " is null or " . WRAddFieldWrappers($strField) . " LIKE '')"; } else { return WRAddFieldWrappers($strField) . " is null"; } } if (GetDatabaseType() == nDATABASE_PostgreSQL) { $like = "ilike"; } else { $like = "like"; } if (GetGenericEditFormat($strTable, $sfield) == EDIT_FORMAT_LOOKUP_WIZARD) { $pSet = new ProjectSettings($strTable); if ($pSet->multiSelect($sfield)) { $SearchFor = splitvalues($SearchFor); } else { $SearchFor = array($SearchFor); } $ret = ""; foreach ($SearchFor as $searchItem) { $value = $searchItem; if (!($value == "null" || $value == "Null" || $value == "")) { if (strlen($ret)) { $ret .= " or "; } if ($strSearchOption == "Equals") { $value = WRmake_db_value($sfield, $value, $strTable); if (!($value == "null" || $value == "Null")) { $ret .= WRAddFieldWrappers($strField) . '=' . $value; } } else { $connection = getWebreportConnection(); if (strpos($value, ",") !== false || strpos($value, '"') !== false) { $value = '"' . str_replace('"', '""', $value) . '"'; } $ret .= WRAddFieldWrappers($strField) . " = " . $connection->prepareString($value); $ret .= " or " . WRAddFieldWrappers($strField) . " " . $like . " " . $connection->prepareString("%," . $value . ",%"); $ret .= " or " . WRAddFieldWrappers($strField) . " " . $like . " " . $connection->prepareString("%," . $value); $ret .= " or " . WRAddFieldWrappers($strField) . " " . $like . " " . $connection->prepareString($value . ",%"); } } } if (strlen($ret)) { $ret = "(" . $ret . ")"; } return $ret; } if (GetGenericEditFormat($strTable, $sfield) == EDIT_FORMAT_CHECKBOX) { if ($SearchFor == "none") { return ""; } if (NeedQuotes($type)) { if ($SearchFor == "on") { return "(" . WRAddFieldWrappers($strField) . "<>'0' and " . WRAddFieldWrappers($strField) . "<>'' and " . WRAddFieldWrappers($strField) . " is not null)"; } else { return "(" . WRAddFieldWrappers($strField) . "='0' or " . WRAddFieldWrappers($strField) . "='' or " . WRAddFieldWrappers($strField) . " is null)"; } } else { if ($SearchFor == "on") { return "(" . WRAddFieldWrappers($strField) . "<>0 and " . WRAddFieldWrappers($strField) . " is not null)"; } else { return "(" . WRAddFieldWrappers($strField) . "=0 or " . WRAddFieldWrappers($strField) . " is null)"; } } } $value1 = WRmake_db_value($sfield, $SearchFor, $strTable); $value2 = false; if ($strSearchOption == "Between") { $value2 = WRmake_db_value($sfield, $SearchFor2, $strTable); } if ($strSearchOption != "Contains" && $strSearchOption != "Starts with ..." && ($value1 === "null" || $value2 === "null")) { return ""; } $connection = getWebreportConnection(); if (IsCharType($type) && !$btexttype) { $value1 = $connection->upper($value1); $value2 = $connection->upper($value2); $strField = $connection->upper(WRAddFieldWrappers($strField)); } elseif ($ismssql && !$btexttype && ($strSearchOption == "Contains" || $strSearchOption == "Starts with ...")) { $strField = "convert(varchar," . WRAddFieldWrappers($strField) . ")"; } elseif (GetDatabaseType() == nDATABASE_PostgreSQL && !$btexttype && ($strSearchOption == "Contains" || $strSearchOption == "Starts with ...")) { $strField = "CAST(" . WRAddFieldWrappers($strField) . " AS TEXT)"; } else { $strField = WRAddFieldWrappers($strField); } $ret = ""; if ($strSearchOption == "Contains") { if (IsCharType($type) && !$btexttype) { return $strField . " " . $like . " " . $connection->upper($connection->prepareString("%" . $SearchFor . "%")); } else { return $strField . " " . $like . " " . $connection->prepareString("%" . $SearchFor . "%"); } } else { if ($strSearchOption == "Equals") { return $strField . "=" . $value1; } else { if ($strSearchOption == "Starts with ...") { if (IsCharType($type) && !$btexttype) { return $strField . " " . $like . " " . $connection->upper($connection->prepareString($SearchFor . "%")); } else { return $strField . " " . $like . " " . $connection->prepareString($SearchFor . "%"); } } else { if ($strSearchOption == "More than ...") { return $strField . ">" . $value1; } else { if ($strSearchOption == "Less than ...") { return $strField . "<" . $value1; } else { if ($strSearchOption == "Equal or more than ...") { return $strField . ">=" . $value1; } else { if ($strSearchOption == "Equal or less than ...") { return $strField . "<=" . $value1; } else { if ($strSearchOption == "Between") { $ret = $strField . ">=" . $value1; $ret .= " and " . $strField . "<=" . $value2; return $ret; } } } } } } } } return ""; }
/** * Forms an array containing the search words and options * * @param String fname * @param Array lookupParams * @return array | false */ function getSearchToHighlight($fname, $lookupParams = array()) { // if not in search fields array if (!in_array($fname, $this->searchFieldsArr)) { return false; } $options = array(); //simple search processing $simpleSearch['fname'] = $this->_where[$this->sessionPrefix . "simpleSrchFieldsComboOpt"]; $opt = $this->_where[$this->sessionPrefix . "simpleSrchTypeComboOpt"]; if ($this->isShowSimpleSrchOpt) { $simpleSearch['value'] = array($this->_where[$this->sessionPrefix . "_simpleSrch"]); } else { $simpleSearch['value'] = $this->googleLikeParseString($this->_where[$this->sessionPrefix . "_simpleSrch"]); } if (isset($simpleSearch['value']) && count($simpleSearch['value']) && (!$simpleSearch['fname'] || $simpleSearch['fname'] == $fname)) { foreach ($simpleSearch['value'] as $simpleSearchValue) { if (strlen(trim($simpleSearchValue))) { $options[$opt][$fname][] = $simpleSearchValue; } } } //integrated search processing $srchFields = $this->_where[$this->sessionPrefix . "_srchFields"]; if (!$srchFields) { $srchFields = array(); } $multiselect = $lookupParams["multiselect"]; $needLookupProcessing = $lookupParams["needLookupProcessing"]; foreach ($srchFields as $srchFieldData) { if ($srchFieldData['fName'] != $fname || $srchFieldData['not']) { continue; } $opt = $srchFieldData['opt']; if ($opt != "Contains" && $opt != "Equals" && $opt != "Starts with") { continue; } if ($needLookupProcessing && $opt == "Equals") { $options[$opt][$srchFieldData['fName']][] = implode(",", splitvalues($srchFieldData['value1'])); continue; } if (!$multiselect || $opt != "Contains") { $options[$opt][$srchFieldData['fName']][] = $srchFieldData['value1']; continue; } $values = splitvalues($srchFieldData['value1']); foreach ($values as $value) { $options[$opt][$srchFieldData['fName']][] = $value; } } if ($options['Equals'][$fname]) { return array("searchWords" => $options['Equals'][$fname], "option" => 'Equals'); } if ($options['Starts with'][$fname]) { return array("searchWords" => $options['Starts with'][$fname], "option" => 'Starts with'); } if ($options['Contains'][$fname]) { return array("searchWords" => $options['Contains'][$fname], "option" => 'Contains'); } return false; }
/** * Return JS for preload dependent ctrl for search fields * * @param String fName field name * @param Array vals dependent and main fields' values * @param Object contorls * @return array * @intellisense */ function getSearchPreloadArr($fName, $vals, $controls) { if (is_null($controls)) { return false; } // if no parent in project settings if ($this->pSet->getEditFormat($fName) != EDIT_FORMAT_LOOKUP_WIZARD && !$this->pSet->useCategory($fName)) { return false; } $parentVal = $this->getParentVal($fName); $doFilter = $parentVal !== false && $parentVal !== ''; $output = $controls->getControl($fName)->loadLookupContent($parentVal, $vals[$fName], $doFilter); if (!count($output)) { return false; } $fVal = $vals[$fName]; if ($this->pSet->multiSelect($fName)) { $fVal = splitvalues($fVal); } return array("vals" => $output, "fVal" => $fVal); }
/** * Get a where condition basing on curren't lookup control's values * @param String childVal * @return String */ protected function getChildWhere($childVal) { if ($this->lookupType == LT_QUERY) { $childWhereField = $this->pageObject->pSetEdit->getLinkField($this->field); $fullLinkFieldName = RunnerPage::_getFieldSQLDecrypt($this->pageObject->pSetEdit->getLinkField($this->field), $this->lookupConnection, $this->lookupPSet, $this->ciphererDisplay); } else { $fullLinkFieldName = $this->lwLinkField; } $childValues = $this->multiselect ? splitvalues($childVal) : array($childVal); $childWheres = array(); foreach ($childValues as $childValue) { if ($this->lookupType == LT_QUERY) { $dbValue = $this->ciphererDisplay->MakeDBValue($childWhereField, $childValue, "", true); } else { $dbValue = make_db_value($this->field, $childValue, '', '', $this->tName); } $childWheres[] = $fullLinkFieldName . ($dbValue === "null" ? " is null" : "=" . $dbValue); } return implode(' OR ', $childWheres); }
/** * Return JS for preload dependent ctrl * * @param string $fName - field name * @param string $fval - value of field * @return array * @intellisense */ function getPreloadArr($fName, $value) { // category control field $strCategoryControl = $this->isDependOnField($fName); if ($strCategoryControl === false) { return false; } // Is field appear or not $fieldAppear = true; if ($this->pageType == PAGE_ADD) { if (!$this->pSet->AppearOnInlineAdd($fName)) { $fieldAppear = $this->mode != ADD_INLINE; } elseif (!$this->pSet->AppearOnAddPage($fName)) { $fieldAppear = $this->mode == ADD_INLINE; } // Is category control appear or not $categoryFieldAppear = $this->mode == ADD_INLINE ? $this->pSet->AppearOnInlineAdd($strCategoryControl) : $this->pSet->AppearOnAddPage($strCategoryControl); } elseif ($this->pageType == PAGE_EDIT) { if (!$this->pSet->AppearOnInlineEdit($fName)) { $fieldAppear = $this->mode != EDIT_INLINE; } elseif (!$this->pSet->AppearOnEditPage($fName)) { $fieldAppear = $this->mode == EDIT_INLINE; } $categoryFieldAppear = true; } else { if ($strCategoryControl) { $categoryFieldAppear = true; } else { $categoryFieldAppear = false; } } if (!$fieldAppear) { return false; } if ($this->pSet->isFreeInput($fName)) { $output = array(0 => @$value[$fName], 1 => @$value[$fName]); } else { $output = loadSelectContent($this->pageType, $fName, @$value[$strCategoryControl], $categoryFieldAppear, @$value[$fName]); } $valF = ""; if (count($value)) { $valF = $value[$fName]; } if ($this->pageType == PAGE_EDIT) { if ($this->pSet->SelectSize($fName) == 1 && $this->pSet->lookupControlType($fName) != LCT_CBLIST) { $fVal = $valF; } else { $fVal = splitvalues($valF); } } else { $fVal = $valF; } return array('vals' => $output, "fVal" => $fVal); }
function BuildSelectControl($field, $value, $fieldNum = 0, $mode, $id = "", $additionalCtrlParams, &$pageObj) { global $conn, $strTableName; // read control settings $table = $strTableName; $strLabel = Label($field); $is508 = isEnableSection508(); $alt = ""; if (($mode == MODE_INLINE_EDIT || $mode == MODE_INLINE_ADD) && $is508) { $alt = ' alt="' . htmlspecialchars($strLabel) . '" '; } $cfield = "value_" . GoodFieldName($field) . "_" . $id; $clookupfield = "display_value_" . GoodFieldName($field) . "_" . $id; $openlookup = "open_lookup_" . GoodFieldName($field) . "_" . $id; $ctype = "type_" . GoodFieldName($field) . "_" . $id; if ($fieldNum) { $cfield = "value" . $fieldNum . "_" . GoodFieldName($field) . "_" . $id; $ctype = "type" . $fieldNum . "_" . GoodFieldName($field) . "_" . $id; } $addnewitem = false; $advancedadd = false; $strCategoryControl = CategoryControl($field, $table); $categoryFieldId = GoodFieldName(CategoryControl($field, $table)); $bUseCategory = UseCategory($field, $table); $dependentLookups = GetFieldData($table, $field, "DependentLookups", array()); $lookupType = GetLookupType($field, $table); $LCType = LookupControlType($field, $table); $horizontalLookup = GetFieldData($table, $field, "HorizontalLookup", false); $inputStyle = $additionalCtrlParams['style'] ? 'style="' . $additionalCtrlParams['style'] . '"' : ''; $lookupTable = GetLookupTable($field, $table); $strLookupWhere = LookupWhere($field, $table); $lookupSize = SelectSize($field, $table); if ($LCType == LCT_CBLIST) { $lookupSize = 2; } // simply > 1 for CBLIST $add_page = GetTableURL($lookupTable) . "_add.php"; $list_page = GetTableURL($lookupTable) . "_list.php"; $strPerm = GetUserPermissions($lookupTable); // alter "add on the fly" settings if (strpos($strPerm, "A") !== false) { $addnewitem = GetFieldData($table, $field, "AllowToAdd", false); $advancedadd = !GetFieldData($table, $field, "SimpleAdd", false); if (!$advancedadd) { $addnewitem = false; } } // alter lookuptype settings if ($LCType == LCT_LIST && strpos($strPerm, "S") === false) { $LCType = LCT_DROPDOWN; } if ($LCType == LCT_LIST) { $addnewitem = false; } if ($mode == MODE_SEARCH) { $addnewitem = false; } // prepare multi-select attributes $multiple = ""; $postfix = ""; if ($lookupSize > 1) { $avalue = splitvalues($value); $multiple = " multiple"; $postfix = "[]"; } else { $avalue = array((string) $value); } // prepare JS code $className = "DropDownLookup"; if ($LCType == LCT_AJAX) { $className = "EditBoxLookup"; } elseif ($LCType == LCT_LIST) { $className = "ListPageLookup"; } elseif ($LCType == LCT_CBLIST) { $className = "CheckBoxLookup"; } // build the control /////////////////////////////////////////////////////////////////////////////////////////////////////////////////// // list of values /////////////////////////////////////////////////////////////////////////////////////////////////////////////////// if ($lookupType == LT_LISTOFVALUES) { // read lookup values $arr = GetFieldData($table, $field, "LookupValues", array()); // print Type control to allow selecting nothing if ($lookupSize > 1) { echo "<input id=\"" . $ctype . "\" type=hidden name=\"" . $ctype . "\" value=\"multiselect\">"; } // dropdown control if ($LCType == LCT_DROPDOWN) { $alt = ""; echo '<select id="' . $cfield . '" size = "' . $lookupSize . '" ' . $alt . 'name="' . $cfield . $postfix . '" ' . $multiple . '>'; if ($lookupSize < 2) { echo '<option value="">' . mlang_message("PLEASE_SELECT") . '</option>'; } else { if ($mode == MODE_SEARCH) { echo '<option value=""> </option>'; } } foreach ($arr as $opt) { $res = array_search((string) $opt, $avalue); if (!($res === NULL || $res === FALSE)) { echo '<option value="' . htmlspecialchars($opt) . '" selected>' . htmlspecialchars($opt) . '</option>'; } else { echo '<option value="' . htmlspecialchars($opt) . '">' . htmlspecialchars($opt) . '</option>'; } } echo "</select>"; } elseif ($LCType == LCT_CBLIST) { echo '<div align=\'left\'>'; $spacer = '<br/>'; if ($horizontalLookup) { $spacer = ' '; } $i = 0; foreach ($arr as $opt) { echo '<input id="' . $cfield . '_' . $i . '" type="checkbox" ' . $alt . ' name="' . $cfield . $postfix . '" value="' . htmlspecialchars($opt) . '"'; $res = array_search((string) $opt, $avalue); if (!($res === NULL || $res === FALSE)) { echo ' checked="checked" '; } echo '/>'; echo ' <b id="data_' . $cfield . '_' . $i . '">' . htmlspecialchars($opt) . '</b>' . $spacer; $i++; } echo '</div>'; } return; } // build table-based lookup //////////////////////////////////////////////////////////////////////////////////////////// // table-based ajax-lookup control //////////////////////////////////////////////////////////////////////////////////////////// if ($LCType == LCT_AJAX || $LCType == LCT_LIST) { //////////////////////////////////////////////////////////////////////////////////////////// // dependent ajax-lookup control //////////////////////////////////////////////////////////////////////////////////////////// if (UseCategory($field)) { // ajax dependent dropdown // get parent value $celementvalue = "var parVal = ''; var parCtrl = Runner.controls.ControlManager.getAt('" . jsreplace($strTableName) . "', " . $id . ", '" . jsreplace($field) . "', 0).parentCtrl; if (parCtrl){ parVal = parCtrl.getStringValue();};"; if ($LCType == LCT_AJAX) { echo '<input type="text" categoryId="' . $categoryFieldId . '" autocomplete="off" id="' . $clookupfield . '" name="' . $clookupfield . '" ' . $inputStyle . '>'; } elseif ($LCType == LCT_LIST) { echo '<input type="text" categoryId="' . $categoryFieldId . '" autocomplete="off" id="' . $clookupfield . '" name="' . $clookupfield . '" readonly ' . $inputStyle . '>'; echo " <a href=# id=" . $openlookup . ">" . mlang_message("SELECT_LIST") . "</a>"; } echo '<input type="hidden" id="' . $cfield . '" name="' . $cfield . '">'; // add new item link if ($addnewitem) { echo " <a href=# id='addnew_" . $cfield . "'>" . mlang_message("ADD_NEW") . "</a>"; } return; } //////////////////////////////////////////////////////////////////////////////////////////// // regular ajax-lookup control //////////////////////////////////////////////////////////////////////////////////////////// // get the initial value $lookup_value = ""; $lookupSQL = buildLookupSQL($field, $table, "", $value, false, true, false, true); $rs_lookup = db_query($lookupSQL, $conn); if ($data = db_fetch_numarray($rs_lookup)) { $lookup_value = $data[1]; } elseif (strlen($strLookupWhere)) { // try w/o WHERE expression $lookupSQL = buildLookupSQL($field, $table, "", $value, false, true, false, true); $rs_lookup = db_query($lookupSQL, $conn); if ($data = db_fetch_numarray($rs_lookup)) { $lookup_value = $data[1]; } } // build the control if ($LCType == LCT_AJAX) { if (!strlen($lookup_value) && GetFieldData($strTableName, $field, "freeInput", false)) { $lookup_value = $value; } echo '<input type="text" ' . $inputStyle . ' autocomplete="off" ' . (($mode == MODE_INLINE_EDIT || $mode == MODE_INLINE_ADD) && $is508 == true ? 'alt="' . $strLabel . '" ' : '') . 'id="' . $clookupfield . '" name="' . $clookupfield . '" value="' . htmlspecialchars($lookup_value) . '">'; } elseif ($LCType == LCT_LIST) { echo '<input type="text" autocomplete="off" ' . $inputStyle . ' id="' . $clookupfield . '" ' . (($mode == MODE_INLINE_EDIT || $mode == MODE_INLINE_ADD) && $is508 == true ? 'alt="' . $strLabel . '" ' : '') . 'name="' . $clookupfield . '" value="' . htmlspecialchars($lookup_value) . '" readonly >'; echo " <a href=# id=" . $openlookup . ">" . mlang_message("SELECT_LIST") . "</a>"; } echo '<input type="hidden" id="' . $cfield . '" name="' . $cfield . '" value="' . htmlspecialchars($value) . '">'; // add new item if ($addnewitem) { echo " <a href=# id='addnew_" . $cfield . "'>" . mlang_message("ADD_NEW") . "</a>"; } return; } //////////////////////////////////////////////////////////////////////////////////////////// // classic lookup - start //////////////////////////////////////////////////////////////////////////////////////////// $lookupSQL = buildLookupSQL($field, $table, "", "", false, false, false); $rs = db_query($lookupSQL, $conn); //////////////////////////////////////////////////////////////////////////////////////////// // dependent classic lookup //////////////////////////////////////////////////////////////////////////////////////////// if ($bUseCategory) { // print Type control to allow selecting nothing if ($lookupSize > 1) { echo "<input id=\"" . $ctype . "\" type=hidden name=\"" . $ctype . "\" value=\"multiselect\">"; } echo '<select size = "' . $lookupSize . '" id="' . $cfield . '" name="' . $cfield . $postfix . '"' . $multiple . '>'; echo '<option value="">' . mlang_message("PLEASE_SELECT") . '</option>'; echo "</select>"; if ($addnewitem) { echo " <a href=# id='addnew_" . $cfield . "'>" . mlang_message("ADD_NEW") . "</a>"; } return; } //////////////////////////////////////////////////////////////////////////////////////////// // simple classic lookup //////////////////////////////////////////////////////////////////////////////////////////// // print control header if ($lookupSize > 1) { echo "<input id=\"" . $ctype . "\" type=hidden name=\"" . $ctype . "\" value=\"multiselect\">"; } if ($LCType != LCT_CBLIST) { echo '<select size = "' . $lookupSize . '" id="' . $cfield . '" ' . (($mode == MODE_INLINE_EDIT || $mode == MODE_INLINE_ADD) && $is508 == true ? 'alt="' . $strLabel . '" ' : '') . 'name="' . $cfield . $postfix . '"' . $multiple . '>'; if ($lookupSize < 2) { echo '<option value="">' . mlang_message("PLEASE_SELECT") . '</option>'; } else { if ($mode == MODE_SEARCH) { echo '<option value=""> </option>'; } } } else { echo '<div align=\'left\'>'; $spacer = '<br/>'; if ($horizontalLookup) { $spacer = ' '; } } // print lookup data $found = false; $i = 0; while ($data = db_fetch_numarray($rs)) { $res = array_search((string) $data[0], $avalue); $checked = ""; if (!($res === NULL || $res === FALSE)) { $found = true; if ($LCType == LCT_CBLIST) { $checked = " checked=\"checked\""; } else { $checked = " selected"; } } if ($LCType == LCT_CBLIST) { echo '<input id="' . $cfield . '_' . $i . '" type="checkbox" ' . $alt . ' name="' . $cfield . $postfix . '" value="' . htmlspecialchars($data[0]) . '"' . $checked . '/>'; echo ' <b id="data_' . $cfield . '_' . $i . '">' . htmlspecialchars($data[1]) . '</b>' . $spacer; } else { echo '<option value="' . htmlspecialchars($data[0]) . '"' . $checked . '>' . htmlspecialchars($data[1]) . '</option>'; } $i++; } // try the same query w/o WHERE clause if current value not found if (!$found && strlen($value) && $mode == MODE_EDIT && strlen($strLookupWhere)) { $lookupSQL = buildLookupSQL($field, $table, "", $value, false, true, false, false, true); $rs = db_query($lookupSQL, $conn); if ($data = db_fetch_numarray($rs)) { if ($LCType == LCT_CBLIST) { echo '<input id="' . $cfield . '_' . $i . '" type="checkbox" ' . $alt . ' name="' . $cfield . $postfix . '" value="' . htmlspecialchars($data[0]) . '" checked="checked"/>'; echo ' <b id="data_' . $cfield . '_' . $i . '">' . htmlspecialchars($data[1]) . '</b>' . $spacer; } else { echo '<option value="' . htmlspecialchars($data[0]) . '" selected>' . htmlspecialchars($data[1]) . '</option>'; } } } // print footer if ($LCType != LCT_CBLIST) { echo "</select>"; } else { echo '</div>'; } // add new item if ($addnewitem) { echo " <a href=# id='addnew_" . $cfield . "'>" . mlang_message("ADD_NEW") . "</a>"; } }
/** * Remove excessive quotes for the multiselect lookup wizard field with * the same display and link field * @param string value * @return string */ protected function processMultiselectLWValue($value) { if (!$this->needLookupValueProcessing) { return $value; } return implode(",", splitvalues($value)); }
function SQLWhere($SearchFor, $strSearchOption, $SearchFor2, $etype, $isSuggest) { if ($this->lookupType == LT_LISTOFVALUES) { return parent::SQLWhere($SearchFor, $strSearchOption, $SearchFor2, $etype, $isSuggest); } $baseResult = $this->baseSQLWhere($strSearchOption); if ($baseResult === false) { return ""; } if ($baseResult != "") { return $baseResult; } $displayFieldType = $this->type; if ($this->lookupType == LT_QUERY) { $displayFieldType = $this->lookupPSet->getFieldType($this->field); $this->btexttype = IsTextType($displayFieldType); } if ($this->multiselect) { $SearchFor = splitvalues($SearchFor); } else { $SearchFor = array($SearchFor); } $ret = ""; if ($this->linkAndDisplaySame) { $gstrField = GetFullFieldName($this->field, "", false); } else { $gstrField = GetFullFieldName($this->displayFieldName, $this->lookupTable, false); } if ($this->customDisplay) { $gstrField = $this->lwDisplayFieldWrapped; } else { if (!$this->linkAndDisplaySame && $this->lookupType == LT_QUERY && IsCharType($displayFieldType) && !$this->btexttype && !$this->ciphererDisplay->isFieldPHPEncrypted($this->displayFieldName)) { $gstrField = $this->lookupPSet->isEnableUpper(GetFullFieldName($this->displayFieldName, $this->lookupTable, false)); } } foreach ($SearchFor as $value) { if (!($value == "null" || $value == "Null" || $value == "")) { if (strlen(trim($ret))) { $ret .= " or "; } if (!$this->multiselect) { if ($strSearchOption == "Starts with") { $value .= '%'; } if ($isSuggest || $strSearchOption == "Contains") { $value = '%' . $value . '%'; } if ($isSuggest || $strSearchOption == "Contains" || $strSearchOption == "Starts with" || $strSearchOption == "More than" || $strSearchOption == "Less than" || $strSearchOption == "Equal or more than" || $strSearchOption == "Equal or less than" || $strSearchOption == "Between" || $strSearchOption == "Equals" && $this->LCType == LCT_AJAX && !$this->linkAndDisplaySame) { $value = $this->escapeSearchValForMySQL($value); if ($this->lookupType == LT_QUERY && IsCharType($displayFieldType) && !$this->btexttype) { $value = $this->lookupPSet->isEnableUpper(db_prepare_string($value)); } else { $value = db_prepare_string($value); } } else { if ($strSearchOption == "Equals") { $value = make_db_value($this->field, $value); } } } if ($strSearchOption == "Equals") { if (!($value == "null" || $value == "Null")) { if ($this->LCType == LCT_AJAX && !$this->linkAndDisplaySame) { $condition = $gstrField . '=' . $value; } else { $condition = GetFullFieldName($this->field, "", false) . '=' . $value; } } } else { if ($strSearchOption == "Starts with" || $strSearchOption == "Contains" && !$this->multiselect) { $condition = $gstrField . " " . $this->like . " " . $value; } else { if ($strSearchOption == "More than") { $condition = $gstrField . " > " . $value; } else { if ($strSearchOption == "Less than") { $condition = $gstrField . "<" . $value; } else { if ($strSearchOption == "Equal or more than") { $condition = $gstrField . ">=" . $value1; } else { if ($strSearchOption == "Equal or less than") { $condition = $gstrField . "<=" . $value1; } else { if ($strSearchOption == "Between") { if ($this->lookupType == LT_QUERY && IsCharType($displayFieldType) && !$this->btexttype) { $value2 = $this->lookupPSet->isEnableUpper(db_prepare_string($SearchFor2)); } else { $value2 = db_prepare_string($SearchFor2); } $condition = $gstrField . ">=" . $value . " and "; if (IsDateFieldType($this->type)) { $timeArr = db2time($SearchFor2); // for dates without time, add one day if ($timeArr[3] == 0 && $timeArr[4] == 0 && $timeArr[5] == 0) { $timeArr = adddays($timeArr, 1); $SearchFor2 = $timeArr[0] . "-" . $timeArr[1] . "-" . $timeArr[2]; $SearchFor2 = add_db_quotes($this->field, $SearchFor2, $this->pageObject->tName); $condition .= $gstrField . "<" . $SearchFor2; } else { $condition .= $gstrField . "<=" . $value2; } } else { $condition .= $gstrField . "<=" . $value2; } } else { if (strpos($value, ",") !== false || strpos($value, '"') !== false) { $value = '"' . str_replace('"', '""', $value) . '"'; } $value = $this->escapeSearchValForMySQL($value); //for search by multiply Lookup wizard field $ret .= GetFullFieldName($this->field, "", false) . " = " . db_prepare_string($value); $ret .= " or " . GetFullFieldName($this->field, "", false) . " " . $this->like . " " . db_prepare_string("%," . $value . ",%"); $ret .= " or " . GetFullFieldName($this->field, "", false) . " " . $this->like . " " . db_prepare_string("%," . $value); $ret .= " or " . GetFullFieldName($this->field, "", false) . " " . $this->like . " " . db_prepare_string($value . ",%"); } } } } } } } if ($condition != "" && ($isSuggest || $strSearchOption == "Contains" || $strSearchOption == "Equals" || $strSearchOption == "Starts with" || $strSearchOption == "More than" || $strSearchOption == "Less than" || $strSearchOption == "Equal or more than" || $strSearchOption == "Equal or less than" || $strSearchOption == "Between")) { if ($this->linkAndDisplaySame || $strSearchOption == "Equals" && $this->LCType != LCT_AJAX) { $ret .= " " . $condition; } else { if ($this->lookupType == LT_QUERY) { $lookupQueryObj = $this->lookupPSet->getSQLQuery(); $ret .= " EXISTS (" . $lookupQueryObj->toSql($condition . " and " . GetFullFieldName($this->linkFieldName, $this->lookupTable, false) . " = " . AddTableWrappers($this->pageObject->pSetEdit->getStrOriginalTableName()) . "." . AddFieldWrappers($this->field), '', null, false) . ")"; } else { $ret .= " EXISTS (SELECT 1 as fld from " . AddTableWrappers($this->lookupTable) . " where " . $condition . " and " . $this->lwLinkField . " = " . AddTableWrappers($this->pageObject->pSetEdit->getStrOriginalTableName()) . "." . AddFieldWrappers($this->field) . ")"; } } } } } if (strlen(trim($ret))) { $ret = "(" . $ret . ")"; } else { $ret = trim($ret); } return $ret; }
/** * @param String value * @return String */ protected function getDbPreparedValuesList($value) { if (!$this->pSet->multiSelect($this->field)) { return ""; } $values = splitvalues($value); $type = $this->pSet->getLWLinkFieldType($this->field); $numeric = true; if (!$type) { foreach ($values as $val) { if (strlen($val) && !is_numeric($val)) { $numeric = false; break; } } } else { $numeric = !NeedQuotes($type); } $listValues = array(); foreach ($values as $val) { if ($numeric && !strlen($val)) { continue; } if ($numeric) { $listValues[] = $val + 0; } else { $fName = $this->nLookupType == LT_QUERY ? $this->linkFieldName : $this->field; $listValues[] = $this->lookupConnection->prepareString($this->cipherer->EncryptField($fName, $val)); } } return implode(",", $listValues); }
public function showDBValue(&$data, $keylink) { global $conn, $strTableName; $value = $data[$this->field]; if (!strlen($value)) { return ""; } $where = ""; $out = ""; $lookupvalue = $value; $iquery = "field=" . htmlspecialchars(rawurlencode($this->field)) . $keylink; $where = GetLWWhere($this->field, $this->container->pageType); if ($this->pSet->multiSelect($this->field)) { $arr = splitvalues($value); $numeric = true; $type = $this->pSet->getLWLinkFieldType($this->field); if (!$type) { foreach ($arr as $val) { if (strlen($val) && !is_numeric($val)) { $numeric = false; break; } } } else { $numeric = !NeedQuotes($type); } $in = ""; foreach ($arr as $val) { if ($numeric && !strlen($val)) { continue; } if (strlen($in)) { $in .= ","; } if ($numeric) { $in .= $val + 0; } else { $in .= db_prepare_string($this->cipherer->EncryptField($this->nLookupType == LT_QUERY ? $this->linkFieldName : $this->field, $val)); } } if (strlen($in)) { if ($this->nLookupType == LT_QUERY) { $inWhere = GetFullFieldName($this->linkFieldName, $this->lookupTable, false) . " in (" . $in . ")"; if (strlen($where)) { $inWhere .= " and (" . $where . ")"; } $LookupSQL = $this->lookupQueryObj->toSql(whereAdd($this->lookupQueryObj->m_where->toSql($this->lookupQueryObj), $inWhere)); } else { $LookupSQL = $this->LookupSQL . $this->pSet->getLWLinkField($this->field) . " in (" . $in . ")"; if (strlen($where)) { $LookupSQL .= " and (" . $where . ")"; } } LogInfo($LookupSQL); $rsLookup = db_query($LookupSQL, $conn); $found = false; $lookupArrTmp = array(); $lookupArr = array(); while ($lookuprow = db_fetch_numarray($rsLookup)) { $lookupArrTmp[] = $lookuprow[$this->displayFieldIndex]; } $lookupArr = array_unique($lookupArrTmp); $localData = $data; foreach ($lookupArr as $lookupvalue) { if ($found) { $out .= ","; } $found = true; if ($this->pSet->getViewFormat($this->field) != "Custom") { $localData[$this->field] = $lookupvalue; } $outVal = $this->localControlsContainer->showDBValue($this->field, $localData, $keylink, $lookupvalue); $out .= $this->nLookupType == LT_QUERY || $this->linkAndDisplaySame ? $this->cipherer->DecryptField($this->nLookupType == LT_QUERY ? $this->displayFieldName : $this->field, $outVal) : $outVal; } return $out; } } else { $found = false; $strdata = $this->cipherer->MakeDBValue($this->nLookupType == LT_QUERY ? $this->linkFieldName : $this->field, $value, "", "", true); if ($this->nLookupType == LT_QUERY) { $strWhere = GetFullFieldName($this->linkFieldName, $this->lookupTable, false) . " = " . $strdata; if (strlen($where)) { $strWhere .= " and (" . $where . ")"; } $LookupSQL = $this->lookupQueryObj->toSql(whereAdd($this->lookupQueryObj->m_where->toSql($this->lookupQueryObj), $strWhere)); } else { $strWhere = $this->pSet->getLWLinkField($this->field) . " = " . $strdata; if (strlen($where)) { $strWhere .= " and (" . $where . ")"; } $LookupSQL = $this->LookupSQL . $strWhere; } LogInfo($LookupSQL); $rsLookup = db_query($LookupSQL, $conn); if ($lookuprow = db_fetch_numarray($rsLookup)) { $lookupvalue = $lookuprow[$this->displayFieldIndex]; $found = true; } } if (!$out) { if ($found && ($this->nLookupType == LT_QUERY || $this->linkAndDisplaySame)) { $lookupvalue = $this->cipherer->DecryptField($this->nLookupType == LT_QUERY ? $this->displayFieldName : $this->field, $lookupvalue); } $localData = $data; if ($this->pSet->getViewFormat($this->field) != "Custom") { $localData[$this->field] = $lookupvalue; } $out = $this->localControlsContainer->showDBValue($this->field, $localData, $keylink, $lookupvalue); } return $out; }