function Pager($sql_count, $sql, $current_page)
{
global $g_rb_database_type, $g_rb_pagerLimit, $DB_LINK;
$this->page_limit = $g_rb_pagerLimit;
$this->page = $current_page;
$this->sql = $sql;
if ($g_rb_database_type == "postgres") {
$sql .= " LIMIT " . $this->page_limit;
if ($this->page > 0) {
$sql .= " OFFSET " . ($this->page - 1) * $this->page_limit;
}
} else {
if ($g_rb_database_type == "mysql") {
$sql .= " LIMIT ";
if ($this->page > 0) {
$sql .= ($this->page - 1) * $this->page_limit . ", ";
}
$sql .= $this->page_limit;
}
}
// Get the count
$rc = $DB_LINK->Execute($sql_count);
DBUtils::checkResult($rc, NULL, NULL, $sql_count);
$this->total_results = $rc->fields[0];
// Make the query and set the results
$this->dbResults = $DB_LINK->Execute($sql);
DBUtils::checkResult($this->dbResults, NULL, NULL, $sql);
// Compute the max number of pages
$this->max_pages = ceil($this->total_results / $this->page_limit);
}
/**
Gets a Column out of the database and returns them as a ADOdb type result
@param $table the table to query from
@param $valFld the first field to select
@param $keyFld The seconf field to select
@param $order how to order the result (should be either $valFld or $keyFld)
@return A ADOdb result
*/
public static function fetchColumn($table, $valFld, $keyFld = '', $order = '')
{
global $DB_LINK;
$table = $DB_LINK->addq($table, get_magic_quotes_gpc());
$valFld = $DB_LINK->addq($valFld, get_magic_quotes_gpc());
$keyFld = $DB_LINK->addq($keyFld, get_magic_quotes_gpc());
$order = $DB_LINK->addq($order, get_magic_quotes_gpc());
$sql = "SELECT {$valFld}" . ($keyFld ? ",{$keyFld}" : "") . " FROM {$table}" . ($order ? " ORDER BY {$order}" : "");
$rc = $DB_LINK->Execute($sql);
DBUtils::checkResult($rc, NULL, NULL, $sql);
return $rc;
}
/**
Loads all of the recipes we are going to export into the $exportRecipes
array.
@param $id The recipe id to be exported, if set to 0 then export all recipes
*/
function getData($id)
{
global $DB_LINK, $db_table_recipes;
if ($id == 0) {
$this->exportAll = true;
// recursively call for all the recipes in the database
$sql = "SELECT recipe_id FROM {$db_table_recipes}";
$rc = $DB_LINK->Execute($sql);
DBUtils::checkResult($rc, NULL, NULL, $sql);
while (!$rc->EOF) {
$this->getData($rc->fields['recipe_id']);
$rc->MoveNext();
}
} else {
$recipeObj = new Recipe($id);
$recipeObj->loadRecipe();
$this->exportRecipes[] = $recipeObj;
}
}
}
if ($ingredient_id && !$SMObj->checkAccessLevel("EDITOR")) {
// Figure out who the owner of this ingredient is, Editors can edit anyones recipes
// The owner of a ingredient does not change when someone edits it.
$sql = "SELECT ingredient_user FROM {$db_table_ingredients} WHERE ingredient_id = " . $DB_LINK->addq($ingredient_id, get_magic_quotes_gpc());
$rc = $DB_LINK->Execute($sql);
// If the recipe is owned by someone else then do not allow editing
if ($rc->fields['ingredient_user'] != "" && $rc->fields['ingredient_user'] != $SMObj->getUserID()) {
die($LangUI->_('You are not the owner of this ingredient, you are not allowed to edit it'));
}
}
// get the information about the Ingredient (empty query if new Ingredient)
if ($ingredient_id) {
$sql = "SELECT *\n\t\t\tFROM {$db_table_ingredients}\n\t\t\tLEFT JOIN {$db_table_units} ON ingredient_unit = unit_id\n\t\t\tWHERE ingredient_id = " . $DB_LINK->addq($ingredient_id, get_magic_quotes_gpc());
$ingredients = $DB_LINK->Execute($sql);
DBUtils::checkResult($ingredients, NULL, NULL, $sql);
}
?>
<script language="javascript">
$(document).ready(function() {
$('#ingredient_form').validate();
$("#ingredient_name").autocomplete({
source: "index.php?m=ingredients&a=get_core&format=no",
minLength: 1,
select: function(event, ui) {
if (ui.item.id)
{
console.log('set it');
$("#coreIngredient_id").val(ui.item.id);
/**
Loads the ingredient information if it is not already set
*/
function loadIngredient()
{
global $DB_LINK, $db_table_ingredients, $db_table_units, $db_table_locations, $db_table_core_ingredients, $LangUI;
// Only run this if we have not loaded the information yet
if ($this->name == NULL) {
$sql = "SELECT {$db_table_ingredients}.*, unit_desc, location_desc, unit_system, core.description FROM {$db_table_ingredients} " . "LEFT JOIN {$db_table_units} ON unit_id = ingredient_unit " . "LEFT JOIN {$db_table_locations} ON location_id = ingredient_location " . "LEFT JOIN {$db_table_core_ingredients} core ON core.id = ingredient_core " . "WHERE ingredient_id=" . $DB_LINK->addq($this->id, get_magic_quotes_gpc());
$rc = $DB_LINK->Execute($sql);
DBUtils::checkResult($rc, NULL, $LangUI->_('There was an error loading the ingredient'), $sql);
$this->name = $rc->fields['ingredient_name'];
$this->description = $rc->fields['ingredient_desc'];
$this->unit = $rc->fields['ingredient_unit'];
$this->unitDescription = $rc->fields['unit_desc'];
switch ($rc->fields['unit_system']) {
case "0":
$this->unitSystem = "static";
break;
case "1":
$this->unitSystem = "usa";
break;
case "2":
$this->unitSystem = "metric";
break;
}
$this->location = $rc->fields['ingredient_location'];
$this->locationDescription = $rc->fields['location_desc'];
$this->coreDescription = $rc->fields['description'];
if ($DB_LINK->true == $rc->fields['ingredient_solid']) {
$this->solid = true;
} else {
$this->solid = false;
}
$this->system = $rc->fields['ingredient_system'];
}
return TRUE;
}
<?php
require_once "classes/DBUtils.class.php";
$recipe_id = isValidID($_REQUEST['recipe_id']) ? $_REQUEST['recipe_id'] : 0;
$review = isset($_REQUEST['review']) ? htmlentities($_REQUEST['review'], ENT_QUOTES, $LangUI->getEncoding()) : '';
$rating = isset($_REQUEST['rating']) && is_numeric($_REQUEST['rating']) ? $_REQUEST['rating'] : 0;
$userId = $SMObj->getUserID();
$ip = $_SERVER['REMOTE_ADDR'];
if ($SMObj->IsUserLoggedIn() && $review != '') {
$sql = "INSERT INTO {$db_table_reviews} (review_recipe, review_comments, review_user) VALUES (?,?,?)";
$stmt = $DB_LINK->Prepare($sql);
$rc = $DB_LINK->Execute($stmt, array($recipe_id, $review, $userId));
DBUtils::checkResult($rc, $LangUI->_('Review submitted successfully'), $LangUI->_('Failed to save review!'), $sql);
}
if ($rating && $ip != '') {
$sql = "INSERT INTO {$db_table_ratings} (rating_recipe, rating_score, rating_ip) VALUES (?,?,?)";
$stmt = $DB_LINK->Prepare($sql);
$rc = $DB_LINK->Execute($stmt, array($recipe_id, $rating, $ip));
DBUtils::checkResult($rc, $LangUI->_('Rating submitted successfully'), $LangUI->_('You have already rated this recipe!'), NULL);
}
<?php
require_once "classes/DBUtils.class.php";
$source_id = isset($_REQUEST['source_id']) && isValidID($_REQUEST['source_id']) ? $_REQUEST['source_id'] : 0;
// We need to get the data now
$sql = "SELECT source_title,source_desc FROM {$db_table_sources}";
if ($source_id > 0) {
$sql .= " WHERE source_id = " . $DB_LINK->addq($source_id, get_magic_quotes_gpc());
}
$sources = $DB_LINK->Execute($sql);
DBUtils::checkResult($sources, NULL, NULL, $sql);
// Error check
?>
<table cellspacing="0" cellpadding="1" border="0" width="100%">
<tr>
<td align="center" class="title">
<?php
if ($source_id == 0) {
echo $LangUI->_('Sources');
} else {
echo $LangUI->_('Source');
}
?>
</td>
</tr>
</table>
<p>
<table cellspacing="5" cellpadding="2" border="0" class="ing" width="100%">
<?php
while (!$sources->EOF) {
require_once "classes/Restaurant.class.php";
require_once "classes/DBUtils.class.php";
$restaurant_id = isValidID($_GET['restaurant_id']) ? $_GET['restaurant_id'] : 0;
if ($restaurant_id && !$SMObj->checkAccessLevel("EDITOR")) {
// Figure out who the owner of this restaurant is, Editors can edit anyones items
$sql = "SELECT restaurant_user FROM {$db_table_restaurants} WHERE restaurant_id = " . $DB_LINK->addq($restaurant_id, get_magic_quotes_gpc());
$rc = $DB_LINK->Execute($sql);
// If the recipe is owned by someone else then do not allow editing
if ($rc->fields['restaurant_user'] != "" && $rc->fields['restaurant_user'] != $SMObj->getUserID()) {
die($LangUI->_('You are not the owner of this restaurant, you are not allowed to delete it'));
}
}
// clean up the old picture if we are suppose to
if ($g_rb_database_type == "postgres") {
$sql = "SELECT restaurant_picture FROM {$db_table_restaurants} WHERE restaurant_id=" . $DB_LINK->addq($restaurant_id, get_magic_quotes_gpc());
$rc = $DB_LINK->Execute($sql);
if (trim($rc->fields['restaurant_picture']) != "") {
$rc = $DB_LINK->BlobDelete($rc->fields['restaurant_picture']);
DBUtils::checkResult($rc, $LangUI->_('Picture successfully deleted'), NULL, $sql);
}
}
// In Postgres everything will be cleaned up with one delete
$RestaurantObj = new Restaurant($restaurant_id);
$RestaurantObj->delete();
?>
<I><?php
echo $LangUI->_('Restaurant Deleted');
?>
</I>
<P>
$query .= " ingredient_name LIKE '%" . $DB_LINK->addq($_REQUEST['name'], get_magic_quotes_gpc()) . "%' AND";
}
if (isValidID($_REQUEST['location_id'])) {
$query .= " ingredient_location=" . $DB_LINK->addq($_REQUEST['location_id'], get_magic_quotes_gpc());
}
$query = preg_replace("/AND\$/", "", $query);
// Put the order on the end
$query .= $query_order;
}
/* ----------------------
The Query has been made, format and output the values returned from the database
----------------------*/
if ($query != "") {
$counter = 0;
$rc = $DB_LINK->Execute($query);
DBUtils::checkResult($rc, NULL, NULL, $query);
// Error check
# exit if we did not find any matches
if ($rc->RecordCount() == 0) {
echo $LangUI->_('No values returned from search');
} else {
?>
<table cellspacing="1" cellpadding="2" border=0 width="80%" class="data">
<form name="searchForm" action="" method="post">
<input type="hidden" name="mode" value="add">
<tr valign="top">
<td colspan=6 align=left>
<input type="button" value="<?php
echo $LangUI->_('Add to shopping list');
?>
" class="button" onClick='submitForm("list")'>
*/
if (!$SMObj->checkAccessLevel("EDITOR") && ($recipe->fields['recipe_private'] == $DB_LINK->true && $SMObj->getUserID() != $recipe->fields['recipe_user'])) {
die($LangUI->_('This recipe is private and you do not have permission to view it!'));
}
# fetch the ingredients for the recipe
$sql = "SELECT {$db_table_ingredientmaps}.*,\n unit_desc,\n ingredient_name\nFROM {$db_table_ingredientmaps}\nLEFT JOIN {$db_table_units} ON unit_id = map_unit\nLEFT JOIN {$db_table_ingredients} ON ingredient_id = map_ingredient\nWHERE map_recipe = ? ORDER BY map_order";
$stmt = $DB_LINK->Prepare($sql);
$ingredients = $DB_LINK->Execute($stmt, array($recipe_id));
// Error check
DBUtils::checkResult($ingredients, NULL, NULL, $sql);
# fetch the related ingredients
$sql = "\nSELECT related_child, recipe_name, recipe_directions, related_required\nFROM {$db_table_related_recipes}\nLEFT JOIN {$db_table_recipes} ON recipe_id = related_child\nWHERE related_parent= ? ORDER BY related_order";
$stmt = $DB_LINK->Prepare($sql);
$related = $DB_LINK->Execute($stmt, array($recipe_id));
// Error check
DBUtils::checkResult($related, NULL, NULL, $sql);
// if no scale is set the read from the database
if (isset($_GET['recipe_scale']) && $recipe->fields['recipe_serving_size'] != NULL) {
$recipe_scale = $_GET['recipe_scale'];
$scale_by = $recipe_scale / $recipe->fields['recipe_serving_size'];
} else {
if ($recipe->fields['recipe_serving_size'] != NULL) {
$recipe_scale = $recipe->fields['recipe_serving_size'];
$scale_by = 1;
} else {
$recipe_scale = "";
$recipe->fields['recipe_serving_size'] = "";
$scale_by = 1;
}
}
$related_names = array();
/**
Imports all of the recipes currently loaded (do a parseDataFile first)
*/
function importData()
{
global $LangUI, $DB_LINK, $SMObj, $db_table_recipes, $db_table_ingredients, $db_table_related_recipes;
// Iterate through all the recipes and create them
foreach ($this->importRecipes as $item) {
$recipeObj = $item[0];
$recipeObj->user = $SMObj->getUserID();
$id = $recipeObj->insert();
$order = 0;
// order the ingredients
foreach ($item[1] as $ingObj) {
if ($ingObj != NULL) {
// See if the ingredient exists
$sql = "SELECT ingredient_id FROM {$db_table_ingredients} WHERE ingredient_name=? and ingredient_user=?";
$stmt = $DB_LINK->Prepare($sql);
$rc = $DB_LINK->Execute($stmt, array($ingObj->name, $SMObj->getUserID()));
// Error check
DBUtils::checkResult($rc, NULL, NULL, $sql);
if ($rc->RecordCount() == 0) {
// Note: lots of defaults are guessed if this option is taken
$ingObj->solid = $DB_LINK->true;
$ingObj->price = '0.00';
$ingObj->user = $SMObj->getUserID();
// Create the Ingredient and then set the ID
$ing_id = $ingObj->insert();
} else {
$ing_id = $rc->fields['ingredient_id'];
}
// Map the ingredient
$ingObj->id = $ing_id;
// We have an ID set it.
$ingObj->recipe_id = $id;
// Set the Recipe ID as well
$ingObj->order = $order;
// Set the order of the ingredient
// Insert the mapping
$ingObj->insertMap();
$order++;
}
}
}
// Now we can link in the related recipes...
$this->recipes = DBUtils::createList(DBUtils::fetchColumn($db_table_recipes, 'recipe_name', 'recipe_id', 'recipe_name'), 'recipe_name', 'recipe_id');
foreach ($this->relatedRecipes as $link) {
if ($this->recipes[$link[0]] != NULL && $this->recipes[$link[1]] != NULL) {
$sql = "INSERT INTO {$db_table_related_recipes} (related_parent, related_child, related_required) VALUES (?, ?, ?)";
$stmt = $DB_LINK->Prepare($sql);
$rc = $DB_LINK->Execute($stmt, array($this->recipes[$link[0]], $this->recipes[$link[1]], $link[2]));
DBUtils::checkResult($rc, NULL, NULL, $sql);
echo $LangUI->_('Linking') . ": '" . $link[0] . "' " . $LangUI->_('to') . " '" . $link[1] . "'<br />";
}
}
}
/**
Loads all of the ingredients and recipes saved in the database for this shopping
list into an instance of this shopping list.
@param $clear if true then the list is cleared before new items are added, if false then they are appended
*/
function loadItems($clear)
{
global $DB_LINK, $db_table_list_recipes, $db_table_list_ingredients;
if (isset($clear) && $clear) {
// clear out the items if we are told to
$this->recipes = array();
$this->ingredients = array();
}
// Add the recipes
$sql = "SELECT list_rp_recipe, list_rp_scale FROM {$db_table_list_recipes} WHERE list_rp_id=" . $DB_LINK->addq($this->id, get_magic_quotes_gpc());
$rc = $DB_LINK->Execute($sql);
DBUtils::checkResult($rc, NULL, NULL, $sql);
while (!$rc->EOF) {
$recipeObj = new Recipe($rc->fields['list_rp_recipe']);
$recipeObj->loadRecipe();
$this->addRecipe($recipeObj, $rc->fields['list_rp_scale']);
$rc->MoveNext();
}
// Add the ingredients
$sql = "SELECT list_ing_ingredient,list_ing_unit,list_ing_qualifier,list_ing_quantity FROM {$db_table_list_ingredients} WHERE list_ing_id=" . $DB_LINK->addq($this->id, get_magic_quotes_gpc()) . " ORDER BY list_ing_order";
$rc = $DB_LINK->Execute($sql);
DBUtils::checkResult($rc, NULL, NULL, $sql);
while (!$rc->EOF) {
$ingObj = new Ingredient();
$ingObj->setIngredientMap($rc->fields['list_ing_ingredient'], NULL, $rc->fields['list_ing_qualifier'], $rc->fields['list_ing_quantity'], $rc->fields['list_ing_unit']);
$ingObj->loadIngredient();
$this->addIngredient($ingObj);
$rc->MoveNext();
}
}
// create the user
$newUserId = $SMObj->addNewUser($sm_login, $sm_name, $sm_password, $sm_email, $sm_language, $sm_country, $sm_provider, $sm_identity, $new_access_level);
if ($newUserId > 0) {
// Handle the password emailing, if admin is not creating user
if (!$SMObj->getNewUserSetPasswd() && !$SMObj->checkAccessLevel($SMObj->getSuperUserLevel())) {
// mail out the password
$subject = $LangUI->_('PHPRecipeBook Password');
$message = $LangUI->_('Your password to login is included in this email below') . ":\n";
$message .= $LangUI->_('Login ID') . ":" . $sm_login . "\n";
$message .= $LangUI->_('Password') . ":" . $sm_password . "\n";
$SMObj->sendEmail($sm_email, $sm_name, $subject, $message);
}
if ($create_ingredients == "true") {
$sql = "INSERT INTO recipe_ingredients (ingredient_name, ingredient_desc, ingredient_location, ingredient_unit, ingredient_solid, ingredient_system, ingredient_user) \n\t\t\t\tSELECT ingredient_name, ingredient_desc, ingredient_location, ingredient_unit, ingredient_solid, ingredient_system, {$newUserId} \n\t\t\t\tFROM recipe_ingredients\n\t\t\t\tWHERE ingredient_user = 1";
$rc = $DB_LINK->Execute($sql);
DBUtils::checkResult($rc, NULL, $LangUI->_('There was an error copying the ingredients'), $sql);
}
}
} else {
if ($sm_mode == "edit") {
if ($sm_delete == "no") {
if (!$SMObj->checkAccessLevel($SMObj->getSuperUserLevel()) && $SMObj->getUserLoginID() != $sm_login) {
die($LangUI->_('You must be an administrator in order to edit other users!'));
}
// only the admin can change access levels and groups
if (!$SMObj->checkAccessLevel($SMObj->getSuperUserLevel())) {
$sm_access_level = "";
}
// If a user is changing the password, make sure the know the old one first
if ($sm_password != "" && ($SMObj->getUserPassword($sm_userId) != md5($sm_old_password) && !$SMObj->checkAccessLevel($SMObj->getSuperUserLevel()))) {
die($LangUI->_('Old password does not match currently set password!'));
function recipe_name_exists($recipe_name)
{
global $SMObj, $DB_LINK, $db_table_recipes;
$sql = "SELECT recipe_name from {$db_table_recipes} where recipe_name = ? AND recipe_user = ?";
$stmt = $DB_LINK->Prepare($sql);
$rc = $DB_LINK->Execute($stmt, array($recipe_name, $SMObj->getUserID()));
DBUtils::checkResult($rc, NULL, NULL, $sql);
if ($rc->RecordCount()) {
return true;
} else {
return false;
}
}
/**
Removes all of the meals currently saved for a day so that meals will only be added if they are wanted. This
function can be used in combination with insert(...) in order to remove unwanted recipes
@param $date The date to clear in ISO format (use DBUtils)
*/
function clearDay($date)
{
global $DB_LINK, $db_table_mealplans;
$date = $DB_LINK->addq($date, get_magic_quotes_gpc());
$sql = "DELETE FROM {$db_table_mealplans} WHERE mplan_date='{$date}'";
$rc = $DB_LINK->Execute($sql);
DBUtils::checkResult($rc, NULL, NULL, $sql);
}
</script>
<table cellspacing="0" cellpadding="1" border="0" width="100%">
<tr>
<td align="left" class="title"><?php
echo $LangUI->_('Add/Edit Sources');
?>
</td>
</tr>
</table>
<?php
$counter = 0;
$sql = "SELECT source_id,source_title,source_desc FROM {$db_table_sources} WHERE source_user=? ORDER BY source_title";
$stmt = $DB_LINK->Prepare($sql);
$rc = $DB_LINK->Execute($stmt, array($SMObj->getUserID()));
DBUtils::checkResult($rc, NULL, NULL, $sql);
?>
<form action="./index.php?m=admin&a=sources&dosql=update_sources" method="POST">
<input type="hidden" name="mode" value="update">
<table cellspacing="1" cellpadding="2" border="0" class="data">
<tr>
<th><?php
echo $LangUI->_('Delete');
?>
</th>
<th><?php
echo $LangUI->_('Title');
?>
</th>
<th><?php
echo $LangUI->_('Description');
/**
Gets the child/related recipes for this recipe
@param $req set to true then only the required recipes are returned, false all are returned
@return array of recipe objects
*/
function getRelated($req)
{
global $DB_LINK, $db_table_related_recipes;
$children = array();
$sql = "SELECT related_child,related_required FROM {$db_table_related_recipes} WHERE related_parent=" . $DB_LINK->addq($this->id, get_magic_quotes_gpc());
$rc = $DB_LINK->Execute($sql);
DBUtils::checkResult($rc, NULL, NULL, $sql);
while (!$rc->EOF) {
if ($req) {
// get all the required recipes
if ($rc->fields['related_required'] == $DB_LINK->true) {
$tmpObj = new Recipe($rc->fields['related_child']);
$tmpObj->loadRecipe();
$children[] = $tmpObj;
}
} else {
// get all the children
$tmpObj = new Recipe($rc->fields['related_child']);
$tmpObj->loadRecipe();
$children[] = $tmpObj;
}
$rc->MoveNext();
}
return $children;
}
/**
Returns an array with the index as the ID and the description and abbreviate as an array value, for all
the units in the database
@return array of units
*/
function getUnits()
{
global $DB_LINK, $db_table_units;
$units = array();
$sql = "SELECT unit_id, unit_desc, unit_abbr FROM {$db_table_units}";
$rc = $DB_LINK->Execute($sql);
DBUtils::checkResult($rc, NULL, NULL, $sql);
while (!$rc->EOF) {
$id = $rc->fields['unit_id'];
$units[$id] = array($rc->fields['unit_desc'], $rc->fields['unit_abbr']);
$rc->MoveNext();
}
return $units;
}
/**
Removes the currently set picture from the restaurant
*/
function deletePicture()
{
global $DB_LINK, $db_table_restaurants, $g_rb_database_type, $LangUI;
$sql = "UPDATE {$db_table_restaurants} SET restaurant_picture='', restaurant_picture_type='' WHERE restaurant_id=" . $DB_LINK->addq($this->id, get_magic_quotes_gpc());
$rc = $DB_LINK->Execute($sql);
DBUtils::checkResult($rc, NULL, $LangUI->_('There was an error removing the picture'), $sql);
// Do the postgres cleanup
if ($this->picture_oid && $g_rb_database_type == "postgres") {
$rc = $DB_LINK->BlobDelete($this->picture_oid);
$this->picture_oid = NULL;
DBUtils::checkResult($rc, NULL, $LangUI->_('There was an error removing the picture'), $sql);
}
return TRUE;
}
