function task_select(&$state, &$HTML, $rec = -1)
{
if ($rec < 0) {
//checking returned
if (!isset($_GET["row"])) {
return;
}
$rec = $_GET["row"];
//get row number
}
task_list($state);
//restore the record list
if (!array_key_exists($rec, $state->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid task id " . $rec, true);
}
$record = $state->records[$rec];
if ($record[1] != "") {
$inactive = new DateTime($record[1]);
$diff = date_diff($state->from_date, $inactive)->days;
if ($diff < $state->columns[COL_INACTIVE]) {
$state->columns[COL_INACTIVE] = $diff;
$state->columns[COL_AGENT] = "task";
}
$record[0] .= "<br>(inactive as of " . $record[1] . ")";
}
$state->task_id = $rec;
$state->msgStatus = "";
$HTML .= "cell = document.getElementById('TK_" . $state->row . "');\n";
$HTML .= "cell.innerHTML = '" . $record[0] . "';\n";
}
function entry_audit()
{
global $_DB, $_STATE;
init_setup();
//restore the list
if (!array_key_exists($_POST["selOrgs"], $_STATE->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid org id " . $_POST["selOrgs"]);
//we're being spoofed
}
init_setup();
//re-display the list
$_SESSION["organization_id"] = intval($_POST["selOrgs"]);
//Set theme for organization:
$sql = "SELECT theme FROM " . $_DB->prefix . "d10_preferences\n\t\t\tWHERE organization_idref=" . $_SESSION["organization_id"] . ";";
$stmt = $_DB->query($sql);
if ($row = $stmt->fetchObject()) {
$_SESSION["_SITE_CONF"]["THEME"] = $row->theme;
}
$stmt->closeCursor();
$_SESSION["org_TZO"] = $_STATE->records[$_POST["selOrgs"]][1];
$_SESSION["UserPermits"] = $GLOBALS["_PERMITS"]->get_permits($_SESSION["person_id"]);
//set the users's permissions
$_STATE->msgStatus = "Your organization has been changed";
return true;
}
function field_input_audit()
{
global $_STATE;
$errors = "";
foreach ($_STATE->fields as $name => $field) {
if (($msg = $field->audit()) === true) {
continue;
}
$errors .= "<br>" . $name . ": " . $msg;
}
if ($errors != "") {
$_STATE->msgStatus = "Error:" . $errors;
return false;
}
$diff = date_diff($_STATE->fields["Close Date"]->value, COM_NOW(), true);
if ($diff->m > 2) {
$_STATE->msgStatus = "The Close Date is suspect - proceeding anyway";
}
if (!array_key_exists(strval($_POST["selAccounting"]), $_STATE->accounting)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid accounting id " . $_POST["selAccounting"]);
//we're being spoofed
}
$_STATE->accounting_id = intval($_POST["selAccounting"]);
//Should check to see if inactive is greater than any timelogs?
foreach ($_STATE->fields as $name => $field) {
$field->disabled = true;
}
return TRUE;
}
function errorButler($errno, $errstr, $errfile, $errline)
{
if ($_SESSION["_SITE_CONF"]["RUNLEVEL"] == 1) {
return false;
}
error_log($errstr . " in " . $errfile . " on line " . $errline);
throw_the_bum_out("An error has occurred<br> please notify the system administrator", NULL);
return true;
}
function accounting_select()
{
global $_STATE;
accounting_list();
//restore the record list
if (!array_key_exists(strval($_POST["selAccounting"]), $_STATE->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid accounting id " . $_POST["selAccounting"]);
//we're being spoofed
}
$_STATE->record_id = intval($_POST["selAccounting"]);
}
function org_select()
{
global $_STATE;
list_setup();
//restore the org list
if (!array_key_exists(strval($_POST["selOrg"]), $_STATE->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid org id " . $_POST["selOrg"]);
//we're being spoofed
}
$_STATE->record_id = intval($_POST["selOrg"]);
}
function date_select(&$state, &$HTML)
{
$rec = strval($_GET["row"]);
if ($rec < $state->columns[COL_OPEN] || $rec >= $state->columns[COL_INACTIVE]) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid date " . $rec, true);
}
$state->logdate = clone $state->from_date;
$state->logdate->add(new DateInterval('P' . $rec . 'D'));
$state->msgStatus = "";
$HTML .= "cell = document.getElementById('DT_" . $state->row . "');\n";
$HTML .= "cell.innerHTML = '" . $state->logdate->format("Y-m-d") . "';\n";
}
function subtask_select($ID = -1)
{
global $_STATE;
if ($ID < 0) {
//not yet selected
subtask_list();
//restore the record list
if (!array_key_exists(strval($_POST["selSubtask"]), $_STATE->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid subtask id " . $_POST["selSubtask"]);
//we're being spoofed
}
$ID = intval($_POST["selSubtask"]);
}
$_STATE->record_id = $ID;
}
function entry_audit(&$permits)
{
global $_DB, $_STATE;
permit_list($permits);
//the allowable permits
if (isset($_POST["chkPermit"])) {
foreach ($_POST["chkPermit"] as $ID => $value) {
if (!array_key_exists($ID, $_STATE->fields)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid permit id " . $_POST["chkPermit"]);
}
if ($value == "on") {
$_STATE->fields[strval($ID)]->checked = TRUE;
}
}
}
foreach ($_STATE->fields as $ID => &$permit) {
$permit->disabled = true;
$sqlinsert = "INSERT INTO " . $_DB->prefix . "c20_person_permit (person_idref, permit_idref";
$sqlvalues = "VALUES (" . $_STATE->person_id . ", " . $ID;
if (!$permit->assigned && $permit->checked) {
//add permit
switch ($permit->grade) {
case PERMITS::GR_PRJ:
$sqlinsert .= ", project_idref";
$sqlvalues .= ", " . $_STATE->project_id;
//fall thru to also set org
//fall thru to also set org
case PERMITS::GR_ORG:
$sqlinsert .= ", organization_idref";
$sqlvalues .= ", " . $_SESSION["organization_id"];
//case PERMITS::GR_SYS doesn't set org or project idrefs
}
$sqlinsert .= ") ";
$sqlvalues .= ");";
$_DB->exec($sqlinsert . $sqlvalues);
$permit->assigned = true;
} else {
if ($permit->assigned && !$permit->checked) {
//delete permit
$sql = "DELETE FROM " . $_DB->prefix . "c20_person_permit\n\t\t\t\t\tWHERE person_permit_id=" . $permit->person_permit . ";";
$_DB->exec($sql);
$permit->assigned = false;
}
}
}
return TRUE;
}
function entry_audit()
{
global $_STATE;
init_setup();
//restore the list
if (!array_key_exists($_POST["selOrgs"], $_STATE->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid org id " . $_POST["selOrgs"]);
//we're being spoofed
}
init_setup();
//re-display the list
$_SESSION["organization_id"] = intval($_POST["selOrgs"]);
$_SESSION["org_TZO"] = $_STATE->records[$_POST["selOrgs"]][1];
$_SESSION["UserPermits"] = $GLOBALS["_PERMITS"]->get_permits($_SESSION["person_id"]);
//set the users's permissions
$_STATE->msgStatus = "Your organization has been changed";
return true;
}
function entry_audit()
{
global $_STATE;
if (!isset($_POST["chkTable"])) {
$_STATE->msgStatus = "No tables were saved";
return;
}
foreach ($_POST["chkTable"] as $ID => $value) {
if (!array_key_exists($ID, $_STATE->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid table name " . $_POST["chkTable"]);
}
if ($value == "on") {
$_STATE->msgStatus .= "<br>" . $ID;
if (!save($_STATE->records[$ID])) {
$_STATE->msgStatus .= ": attempted save failed";
}
}
}
return;
}
<?php
//copyright 2010,2014-2015 C.D.Price
$_TEMP_PERMIT = "_LEGAL_";
//a temp permission for the "are you logged in" gate (in prepend)
require_once "prepend.php";
require_once "common.php";
require_once "db_" . $_SESSION['_SITE_CONF']['DBMANAGER'] . ".php";
if (isset($_POST["btnSubmit"])) {
//logging out
throw_the_bum_out("Goodbye!", "Logout: by id=" . $_SESSION["person_id"]);
//let prepend take care of it (not really a bum)
}
$organization = "";
$person = "";
if (isset($_SESSION["person_id"])) {
//logged in
$db = new db_connect($_SESSION['_SITE_CONF']['DBEDITOR']);
$sql = "SELECT name FROM " . $db->prefix . "a00_organization WHERE organization_id=:org";
$stmt = $db->prepare($sql);
$stmt->bindValue(':org', $_SESSION["organization_id"], PDO::PARAM_INT);
$stmt->execute();
if (!($row = $stmt->fetchObject())) {
$organization = "--No Organization--";
} else {
$organization = COM_output_edit($row->name);
}
$stmt->closeCursor();
$sql = "SELECT firstname, lastname FROM " . $db->prefix . "c00_person WHERE person_id=:person";
$stmt = $db->prepare($sql);
$stmt->bindValue(':person', $_SESSION["person_id"], PDO::PARAM_INT);
break 2;
case STATE::UPDATE:
$_STATE->msgGreet = "";
$new_date = new DATE_FIELD("txtNew", "", TRUE, TRUE, TRUE, 0, FALSE, "now");
$msg = $new_date->audit();
if ($msg === true) {
upgrade($new_date);
} else {
$_STATE->msgStatus = $msg;
$_STATE->status = STATE::INIT;
break;
}
$_STATE->status = STATE::DONE;
break 2;
default:
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid state=" . $_STATE->status);
}
}
//while & switch
//End Main State Gate
function old_date()
{
global $_DB, $_STATE;
$sql = "SELECT MAX(logdate) as old_date FROM " . $_DB->prefix . "b00_timelog;";
$stmt = $_DB->query($sql);
$row = $stmt->fetchObject();
$old_date = new DateTime($row->old_date);
$stmt->closeCursor();
$days = array("Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat");
$_STATE->old_date = $days[$old_date->format("w")] . " " . $old_date->format("Y-m-d");
}
<?php
if ($_SESSION["person_id"] != 0 && $_SESSION["_SITE_CONF"]["RUNLEVEL"] != 1 || !$_PERMITS->can_pass(PERMITS::_SUPERUSER)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): no permit");
}
phpinfo();
public function set_state($ID = -1)
{
global $_DB, $_STATE;
if ($ID > 0) {
//either object construct sees only 1 rec or page has chosen another in list
$this->selected = true;
if (!array_key_exists($ID, $this->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid project id " . $selected);
}
$this->project_id = $ID;
if ($this->select_list[0] == -1) {
$this->select_list[0] = $ID;
}
} elseif (!$this->selected) {
//returned POST
if (isset($_POST["selProject"]) || isset($_POST["btnAll"])) {
if (isset($_POST["btnAll"])) {
$this->select_list = array();
foreach ($this->records as $key => $value) {
if ($value[self::INACTIVE] != '' && !$this->show_inactive) {
continue;
}
$this->select_list[] = $key;
}
} else {
$this->select_list = $_POST["selProject"];
//$_POST[""selProject"] is an array
}
$this->selected = true;
if ($this->select_list[0] == -1) {
//adding
if ($this->multiple) {
$_STATE->project_ids = $this->select_list;
}
$this->project_id = -1;
$_STATE->project_id = $this->project_id;
return;
}
$this->project_id = $this->select_list[0];
}
foreach ($this->select_list as $selected) {
if (!array_key_exists($selected, $this->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid project id " . $selected);
}
}
}
$_STATE->project_id = $this->project_id;
$_STATE->project_ids = $this->select_list;
$sql = "SELECT a10.close_date, a20.accounting_id, a20.name AS accounting\n\t\tFROM " . $_DB->prefix . "a10_project AS a10\n\t\tLEFT OUTER JOIN " . $_DB->prefix . "a20_accounting AS a20\n\t\tON a10.accounting_idref = a20.accounting_id\n\t\tWHERE project_id=" . $_STATE->project_id . ";";
$stmt = $_DB->query($sql);
$row = $stmt->fetchObject();
$_STATE->close_date = new DateTime($row->close_date);
$_STATE->accounting_id = $row->accounting_id;
$_STATE->accounting = $row->accounting;
$stmt->closeCursor();
}
function change_activity(&$state)
{
global $_DB;
if ($state->activity_id == 0) {
//creating a new one
add_activity($state);
} else {
activity_list($state);
//restore the record list
if (!array_key_exists($state->activity_id, $state->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid activity id " . $state->activity_id, true);
}
}
log_list($state, $state->row);
//find this row's records
$record = reset($state->records);
$old_activity = $record["activity_id"];
if ($state->activity_id == $old_activity) {
return;
}
foreach ($state->records as $ID => $record) {
if ($record["column"] < $state->columns[COL_OPEN]) {
continue;
}
$sql = "UPDATE " . $_DB->prefix . "b00_timelog\n\t\t\t\tSET activity_idref=" . $state->activity_id . " WHERE timelog_id=" . $ID . ";";
$_DB->exec($sql);
}
$sql = "SELECT COUNT(*) AS count FROM " . $_DB->prefix . "b00_timelog WHERE activity_idref=" . $old_activity . "";
$stmt = $_DB->query($sql);
if ($stmt->fetchObject()->count == 0) {
$sql = "DELETE FROM " . $_DB->prefix . "b02_activity WHERE activity_id=" . $old_activity . "";
$_DB->exec($sql);
}
$stmt->closeCursor();
}
function save_input()
{
global $_STATE;
$_STATE->new_rate = array("ID" => $_POST["ID"], "rate" => $_POST["rate"], "eff" => $_POST["eff"], "exp" => $_POST["exp"]);
person_list();
if (!array_key_exists($_STATE->record_id, $_STATE->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid person id");
}
//we're being spoofed
$rates = $_STATE->records[$_STATE->record_id]["rates"];
$ndx = 0;
if ($_POST["ID"] == 0) {
$rate_rec = array("ID" => 0);
array_unshift($rates, $rate_rec);
//add to beginning
} else {
$found = false;
foreach ($rates as $rate_rec) {
if ($rate_rec["ID"] == $_STATE->new_rate["ID"]) {
$found = true;
break;
}
++$ndx;
}
if (!$found) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid rate id");
}
}
$_STATE->rates = $rates;
//rates for this person
$_STATE->rate_ndx = $ndx;
}
function new_info(&$db, &$state)
{
if (!isset($_POST["recID"])) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid POST", true);
}
if (!audit_counts($db, $state)) {
return false;
}
$recID = $_POST["recID"];
if ($recID == 0) {
//adding
add_log($db, $state);
return true;
}
log_list($db, $state);
if (!array_key_exists(strval($recID), $state->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid recID " . $recID, true);
}
if ($state->records[$recID]["event_id"] != $_POST["event"]) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid record " . $recID, true);
}
if ($_POST["sessions"] == 0) {
delete_log($db, $state);
} else {
update_log($db, $state);
}
return true;
}
function record_select()
{
global $_DB, $_STATE;
list_setup();
//restore the record list
if (!array_key_exists(strval($_POST["selEvent"]), $_STATE->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid event id " . $_POST["selEvent"]);
//we're being spoofed
}
$_STATE->record_id = intval($_POST["selEvent"]);
$sql = "SELECT name, description FROM " . $_DB->prefix . "a30_event\n\t\t\tWHERE event_id=" . $_STATE->record_id . ";";
$row = $_DB->query($sql)->fetchObject();
$_STATE->forwho = $row->name . ": " . $row->description;
//PROPERTIES wants to see this
}
public function set_state($ID = -1)
{
global $_DB, $_STATE;
if ($ID > 0) {
//either object construct sees only 1 rec or page has chosen another in list
$this->selected = true;
if (!array_key_exists($ID, $this->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid person id " . $selected);
}
$this->person_id = $ID;
} elseif (!$this->selected) {
//returned POST or superduper user
if (isset($_POST["selPerson"]) || isset($_POST["btnAll"])) {
if (isset($_POST["btnAll"])) {
$this->select_list = array_keys($this->records);
} else {
$this->select_list = $_POST["selPerson"];
//$_POST[""selPerson"] is an array
}
$this->selected = true;
if ($this->select_list[0] == -1) {
//adding
if ($this->multiple) {
$_STATE->person_ids = $this->select_list;
}
$this->person_id = -1;
$_STATE->person_id = $this->person_id;
return;
}
$this->person_id = $this->select_list[0];
} else {
//it's the superduper user
if ($_SESSION["person_id"] != 0) {
//or is it
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid person id " . $this->selected);
}
$_STATE->person_id = 0;
$_STATE->person_organization_id = 0;
$sql = "SELECT lastname, firstname FROM " . $_DB->prefix . "c00_person WHERE person_id=0;";
$row = $_DB->query($sql)->fetchObject();
$_STATE->person_name = $row->firstname . " " . $row->lastname;
return;
}
foreach ($this->select_list as $selected) {
if (!array_key_exists($selected, $this->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid person id " . $selected);
}
}
}
$_STATE->person_id = $this->person_id;
if ($this->multiple) {
$_STATE->person_ids = $this->select_list;
}
$_STATE->person_name = $this->records[$this->person_id][1] . " " . $this->records[$this->person_id][0];
$sql = "SELECT person_organization_id FROM " . $_DB->prefix . "c10_person_organization\n\t\t\tWHERE organization_idref=" . $_SESSION["organization_id"] . " AND person_idref=" . $_STATE->person_id . ";";
$stmt = $_DB->query($sql);
$row = $stmt->fetchObject();
$_STATE->person_organization_id = $row->person_organization_id;
$stmt->closeCursor();
// $_STATE->person_organization_id = $_DB->query($sql)->fetchObject()->person_organization_id;
}
function change_event(&$state)
{
global $_DB;
event_list($state);
//restore the record list
if (!array_key_exists($state->event_id, $state->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid eventing id " . $state->event_id, true);
}
log_list($state, $state->row);
//find this row's records
$record = reset($state->records);
$old_event = $record["event_id"];
if ($state->event_id == $old_event) {
return;
}
foreach ($state->records as $ID => $record) {
if ($record["column"] < $state->columns[COL_OPEN]) {
continue;
}
$sql = "UPDATE " . $_DB->prefix . "b10_eventlog\n\t\t\t\tSET event_idref=" . $state->event_id . " WHERE eventlog_id=" . $ID . ";";
$_DB->exec($sql);
}
}
function entry_audit()
{
global $_STATE;
if (!isset($_POST["chkTable"])) {
$_STATE->msgStatus = "No tables were refreshed";
return;
}
if ($_POST["txtCount"] != "" && !is_numeric($_POST["txtCount"])) {
$_STATE->msgStatus = "Invalid 'Stop after' count";
return;
}
tables_list();
try {
//Use an unprintable char as the delimiter:
$db = new db_connect("\r" . $_POST["txtName"] . "\r" . $_POST["txtPswd"]);
} catch (PDOException $e) {
$_STATE->msgStatus = "Connection failed: " . $e->getMessage();
return;
}
foreach ($_POST["chkTable"] as $ID => $value) {
if (!array_key_exists($ID, $_STATE->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid table name " . $_POST["chkTable"]);
}
if ($value == "on") {
$_STATE->msgStatus .= $ID;
if (!refresh($db, $_STATE->records[$ID])) {
$_STATE->msgStatus .= ": attempted refresh failed";
}
$_STATE->msgStatus .= "<br>";
}
}
$db = NULL;
return;
}
if ($_STATE->backup < 0) {
$_STATE = $_STATE->goback(-$_STATE->backup);
} else {
$_STATE = $_STATE->loopback($_STATE->backup);
}
} else {
if (isset($_GET["servercall"]) || isset($_POST["servercall"])) {
$EX_servercall = true;
ob_clean();
//server_call wants a clean buffer
}
}
}
require_once "lib/staff.php";
if (!isset($EX_staff[$_STATE->ID])) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid process ID");
} else {
$EX_staffer = $EX_staff[$_STATE->ID];
eval($EX_staffer[PRE_EXEC]);
require_once "main/" . $EX_staffer[PAGE];
}
//called processes should not exit(); or, if they do, they must do their own STATE->push(), etc
$_STATE->push();
$_DB = NULL;
function EX_pageStart($scripts = array())
{
//The standardized HTML stuff at the top of the page:
global $_STATE, $EX_servercall, $_VERSION;
if ($EX_servercall) {
exit;
//server_call wants a clean buffer
<?php
require_once "lib/permits.php";
$_PERMITS = new PERMITS();
//Successful login sets a "_LEGAL_" permit so that subsequent modules can get through this gate;
//Publicly viewable pages, eg. login.php, will declare a $_TEMP_PERMIT = "_LEGAL_"
if (!$_PERMITS->can_pass("_LEGAL_")) {
//must be logged in; prevents specifying module in URL to bypass login
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): no permit; not _LEGAL_");
}
function audit_hours(&$state, &$logdate, &$status)
{
global $_DB;
$ID = 0;
if ($state->row > 0) {
//0 is add row
log_list($state);
foreach ($state->records as $ID => $record) {
//find this row's records
if ($record["row"] == $state->row) {
break;
}
array_shift($state->records);
}
if ($ID == 0) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid POST 1", true);
}
}
$day = clone $logdate;
for ($ndx = 0; $ndx < abs($state->columns); $ndx++, $day->add(new DateInterval('P1D'))) {
if (!isset($_POST["hours" . $ndx]) || $ndx < $state->closedCols || $_POST["hours" . $ndx] == "") {
$status[] = '';
//no change to this record
continue;
}
if (!isset($_POST["rec" . $ndx])) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid POST 2", true);
}
$hours = $_POST["hours" . $ndx];
$recID = $_POST["rec" . $ndx];
//from data-recid attribute
$state->msgStatus = "!Please enter valid hours (" . $ndx . ")";
if (!audit_hour($state, $recID, $hours, $day->format("Y-m-d"))) {
return false;
}
if ($recID == 0) {
//if adding hours, we're done
if ($hours == 0) {
$status[] = '';
} else {
$status[] = 'a';
}
continue;
}
foreach ($state->records as $ID => $record) {
//find our record
if ($record["row"] != $state->row) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid POST 3", true);
}
if ($record["column"] == $ndx) {
break;
}
array_shift($state->records);
}
if ($record["ID"] != $recID) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid POST 4", true);
}
if ($hours == 0) {
$status[] = 'd';
} elseif ($hours == $record["hours"]) {
$status[] = '';
} else {
$status[] = 'u';
}
}
if ($state->row > 0) {
//0 is add row
$state->task_id = intval($_POST["task"]);
$state->subtask_id = intval($_POST["subtask"]);
$state->account_id = intval($_POST["account"]);
$state->activity_id = intval($_POST["activity"]);
$sql = "SELECT COUNT(*) AS count FROM " . $_DB->prefix . "v00_timelog\n\t\t\t\tWHERE (person_id=" . $state->person_id . ") AND (project_id=" . $state->project_id . ")\n\t\t\t\tAND (logdate BETWEEN '" . $state->from_date->format('Y-m-d') . "' AND '" . $state->to_date->format('Y-m-d') . "')\n\t\t\t\tAND (task_id=" . $state->task_id . ") AND (subtask_id=" . $state->subtask_id . ")\n\t\t\t\tAND (account_id=" . $state->account_id . ") AND (activity_id=" . $state->activity_id . ");";
$stmt = $_DB->query($sql);
if ($stmt->fetchObject()->count == 0) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid POST 5", true);
}
}
$state->msgStatus = "-";
//tell server_call to reset page
return true;
}
public function set_state($ID = -1)
{
global $_DB, $_STATE;
if ($ID > 0) {
//either object construct sees only 1 rec or page has chosen another in list
$this->selected = true;
if (!array_key_exists($ID, $this->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid project id " . $selected);
}
$this->project_id = $ID;
} elseif (!$this->selected) {
//returned POST
if (isset($_POST["selProject"]) || isset($_POST["btnAll"])) {
if (isset($_POST["btnAll"])) {
$this->select_list = array_keys($this->records);
} else {
$this->select_list = $_POST["selProject"];
//$_POST[""selProject"] is an array
}
$this->selected = true;
if ($this->select_list[0] == -1) {
//adding
if ($this->multiple) {
$_STATE->project_ids = $this->select_list;
}
$this->project_id = -1;
$_STATE->project_id = $this->project_id;
return;
}
$this->project_id = $this->select_list[0];
}
foreach ($this->select_list as $selected) {
if (!array_key_exists($selected, $this->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid project id " . $selected);
}
}
}
$_STATE->project_id = $this->project_id;
if ($this->multiple) {
$_STATE->project_ids = $this->select_list;
}
// $record = $this->records[strval($_STATE->project_id)];
$sql = "SELECT a10.close_date, a20.accounting_id, a20.name AS accounting\n\t\tFROM " . $_DB->prefix . "a10_project AS a10\n\t\tLEFT OUTER JOIN " . $_DB->prefix . "a20_accounting AS a20\n\t\tON a10.accounting_idref = a20.accounting_id\n\t\tWHERE project_id=" . $_STATE->project_id . ";";
$stmt = $_DB->query($sql);
$row = $stmt->fetchObject();
$_STATE->close_date = new DateTime($row->close_date);
// if (count($_STATE->project_ids) == 1) {
// $record = $this->records[strval($_STATE->project_id)];
// $_STATE->heading .= "<br>Project: ".$record[0].": ".$record[1].
// "<br>close date=".$_STATE->close_date->format("Y-m-d");
// }
$_STATE->accounting_id = $row->accounting_id;
$_STATE->accounting = $row->accounting;
$stmt->closeCursor();
}
function subtask_select($ID = -1)
{
global $_DB, $_STATE;
if ($ID < 0) {
//not yet selected
subtask_list();
//restore the record list
if (!array_key_exists(strval($_POST["selSubtask"]), $_STATE->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid subtask id " . $_POST["selSubtask"]);
//we're being spoofed
}
$ID = intval($_POST["selSubtask"]);
}
$_STATE->record_id = $ID;
$sql = "SELECT name, description FROM " . $_DB->prefix . "a14_subtask\n\t\t\tWHERE subtask_id=" . $_STATE->record_id . ";";
$row = $_DB->query($sql)->fetchObject();
$_STATE->forwho = $row->name . ": " . $row->description;
//PROPERTIES wants to see this
}
function state_gate(&$state)
{
if ($state->PREFSETgoback == "y") {
return false;
}
//all done here
//State Gate: (the while (1==1) allows a loop back through the switch using a 'break 1')
while (1 == 1) {
switch ($this->status) {
case PREF_SET::PREF_INIT:
//All client interaction is via server_call which bypasses state maintenance in executive.php,
//hence, we must handle the state (fortunately, it's very simple):
$state->PREFSETgoback = "y";
$state->replace();
//put a new SSO on the state stack; we assume that we got here thru normal executive.php
//channels (ie. not via server_call) which will put yet another SSO on the stack; to get back
//to the SSO with PREFSETgoback="y", must now backup 2 entries:
$state->PREFSETgoback = "n";
$state->backup = -2;
//minus => goback 2 entries (positive => goback to status)
$state->push();
$state = STATE_pull();
$this->get_recs();
$this->status = PREF_SET::PREF_DISP;
break 2;
case PREF_SET::PREF_DISP:
$this->pref_name = $_GET["who"];
$this->status = PREF_SET::PREF_CHANGE;
echo $this->display_back();
break 2;
case PREF_SET::PREF_CHANGE:
if (isset($_GET["who"])) {
$this->status = PREF_SET::PREF_DISP;
break 1;
}
echo $this->new_pref();
break 2;
default:
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): PREF_SET error");
}
}
//while & switch
//End Main State Gate
return true;
}
function entry_audit()
{
global $_STATE;
if (!isset($_POST["chkTable"])) {
$_STATE->msgStatus = "No tables were loaded";
return;
}
tables_list();
try {
//Use an unprintable char as the delimiter:
$db = new db_connect("\r" . $_POST["txtName"] . "\r" . $_POST["txtPswd"]);
} catch (PDOException $e) {
$_STATE->msgStatus = "Connection failed: " . $e->getMessage();
return;
}
foreach ($_POST["chkTable"] as $ID => $value) {
if (!array_key_exists($ID, $_STATE->records)) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid table name " . $_POST["chkTable"]);
}
if ($value == "on") {
$_STATE->msgStatus .= $ID;
if ($_STATE->records[$ID]->MDBname == "") {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): non-loadable table " . $_POST["chkTable"]);
}
if (!load($db, $_STATE->records[$ID])) {
$_STATE->msgStatus .= "<br>attempted load of " . $GLOBALS["MDBload_path"] . $_STATE->records[$ID]->MDBname . ".csv" . " failed";
}
$_STATE->msgStatus .= "<br>";
}
}
$db = NULL;
return;
}
function new_info(&$state)
{
$state->recID = 0;
if ($state->row > 0) {
//0 is add row
log_list($state);
foreach ($state->records as $recID => $record) {
$state->recID = $recID;
if ($record["row"] == $state->row) {
break;
}
}
if ($state->recID == 0) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid POST", true);
}
}
if (!audit_counts($state)) {
return false;
}
if (substr($_POST["comments"], 0, 1) == "\n") {
$_POST["comments"] = "---";
}
$logdate = clone $state->from_date;
if ($state->recID == 0) {
//adding
if (!audit_date($state, $logdate)) {
return false;
}
add_log($state);
return;
}
if ($state->records[$state->recID]["event_id"] != $_POST["event"] || $state->records[$state->recID]["account_id"] != $_POST["account"]) {
throw_the_bum_out(NULL, "Evicted(" . __LINE__ . "): invalid record " . $recID, true);
}
if ($_POST["sessions"] == 0) {
delete_log($state);
} else {
update_log($state);
}
}
