} if (($form = forms::get($object['formID'])) === FALSE) { throw new Exception("Error retrieving form."); } if (mfcsPerms::isAdmin($object['formID']) === FALSE) { $permissions = FALSE; throw new Exception("Permission Denied to view objects created with this form."); } if (forms::isMetadataForm($object['formID']) === FALSE) { throw new Exception("Object provided (Only Metadata can be moved)."); } // handle submission $return = NULL; if (isset($engine->cleanPost['MYSQL']['moveMetadata'])) { } if (($compatibleForms = forms::compatibleForms($form['ID'])) === FALSE) { throw new Exception("Error getting compatible forms"); } $temp = '<option value="NULL">-- Select an Item --</option>'; foreach ($compatibleForms as $cform) { $temp .= sprintf('<option value="%s">%s</option>', $cform['ID'], forms::title($cform['ID'])); } localvars::add("originalFormTitle", forms::title($form['ID'])); localvars::add("compatibleForms", $temp); // handle submission if (isset($engine->cleanPost['MYSQL']['moveSubmit'])) { if (!isset($compatibleForms[$engine->cleanPost['MYSQL']['form']])) { throw new Exception("Selected form is not compatible with original form."); } // @TODO this logic shouldn't be here $sql = sprintf("UPDATE `objects` SET `formID`='%s' WHERE `ID`='%s' AND `formID`='%s' LIMIT 1", $engine->cleanPost['MYSQL']['form'], $engine->openDB->escape($engine->cleanPost['MYSQL']['objectID']), $engine->openDB->escape($form['ID']));