public function breakJSONObject()
{
try {
$queryCollection = "";
$shield = new Security();
$json_file = $_POST['jsonobject'];
$json_file = str_replace('{"dt_objectTable":[', '{"dt_objectTable":', $json_file);
$json_file = str_replace('{"dt_relatedTable":[', '{"dt_relatedTable":', $json_file);
$json_file = str_replace('}]}', '}}', $json_file);
if ($shield->shield($_POST['MODIFY_STATUS']) == "INS") {
$fieldtarget = '{"fieldName":"ROADOFSPK","fieldValue":"0","fieldType":"numeric","fieldKey":"0"}';
$additionalField = "";
if ($shield->shield($_POST['CARA_BAYAR']) == "KREDIT") {
$additionalField .= '{"fieldName":"SISA_BAYAR","fieldValue":"' . $_POST["DP_SYSTEM"] . '","fieldType":"numeric"}';
$additionalField .= ',{"fieldName":"STATUS_PO","fieldValue":"1. INDENT","fieldType":"string"}';
$additionalField .= ',{"fieldName":"AR_AMOUNT","fieldValue":"' . $_POST["DP_SYSTEM"] . '","fieldType":"numeric"}';
} else {
$additionalField .= '{"fieldName":"SISA_BAYAR","fieldValue":"' . $_POST["HARGA"] . '","fieldType":"numeric"}';
$additionalField .= ',{"fieldName":"AR_AMOUNT","fieldValue":"' . $_POST["HARGA"] . '","fieldType":"numeric"}';
}
$additionalField .= ',{"fieldName":"STATUS_SPK","fieldValue":"1","fieldType":"string"}';
$additionalField .= ',{"fieldName":"STATUS_JUAL","fieldValue":"1. SPK","fieldType":"string"}';
$additionalField .= ',{"fieldName":"STATUS_KIRIM","fieldValue":"N","fieldType":"string"}';
$additionalField .= ',{"fieldName":"STATUS_ARK","fieldValue":"N","fieldType":"string"}';
$additionalField .= ',{"fieldName":"CUSTOM_NO","fieldValue":"' . $shield->shield($_POST["NO_SPK"]) . '","fieldType":"string"}';
$additionalField .= ',{"fieldName":"ROADOFSPK","fieldValue":"0","fieldType":"numeric"}';
$json_file = str_replace($fieldtarget, $additionalField, $json_file);
}
//echo $json_file;
// convert the string to a json object
$jfo = json_decode($json_file);
$relField = "";
$relCount = 0;
$relTables = $jfo->dt_objectTable->dt_relatedTables;
foreach ($relTables as $relTbl) {
$myTable = $relTbl->dt_relatedTable;
$relTableName = $myTable->tableName;
$relautonumFormat = $myTable->autonumFormat;
$relModifyStatus = $myTable->modify_status;
$dt_relFields = $myTable->dt_relfieldCollection;
$queryCollection .= $this->generateQuery($dt_relFields, $relTableName, $relautonumFormat, $relModifyStatus, $relCount);
$relCount = $relCount + 1;
}
$tableName = $jfo->dt_objectTable->tableName;
$autonumFormat = $jfo->dt_objectTable->autonumFormat;
$modifystatus = $jfo->dt_objectTable->modify_status;
$dt_fields = $jfo->dt_objectTable->dt_fieldsCollection;
$queryCollection .= $this->generateQuery($dt_fields, $tableName, $autonumFormat, $modifystatus, 0);
//echo $queryCollection;
$model = new object_Model();
$result = $model->executeQuery($queryCollection);
$weblog = new objectupdate();
$result = $weblog->record_webaccess_log("DML : " . ${$modifystatus} . "-" . $tableName . "-" . $shield->shield($_POST["NO_SPK"]));
header("Location: entry-spk");
} catch (Exception $e) {
throw new Exception($e->getMessage());
}
}
function init()
{
$init = new boot();
if (isset($_GET['app'])) {
if (empty($_GET['app'])) {
header("Location: dashboard");
}
//$sr = $_GET['sr'];
if (!isset($_SESSION['user-id'])) {
$app_get = "login";
} else {
$security = new Security();
$app_get = $security->shield($_GET['app']);
$app_get_sub = $security->shield($_GET['sub_app']);
}
switch ($app_get) {
case $app_get:
if (file_exists(LOCAL_DIR . "/apps/" . $app_get . "/" . $app_get . "_Controller.php")) {
$ldr = new autoloader($app_get);
if ($app_get_sub) {
$dynamic = "ajax_" . $app_get . "_Controller";
} else {
$dynamic = $app_get . "_Controller";
$weblog = new objectupdate();
$result = $weblog->record_webaccess_log("module : " . $app_get);
}
$object = new $dynamic();
if ($app_get == "object") {
$object->breakJSONObject();
}
if ($app_get == "ob_update") {
$object->breakJSONObject();
}
} else {
if ($app_get == "logout") {
//unset($_SESSION["user-id"]);
session_destroy();
//setcookie("user-id","", time()-3600);
header("Location: login");
} else {
$weblog = new objectupdate();
$result = $weblog->record_webaccess_log("Accessing wrong module");
header("Location: page-not-found");
}
}
break;
}
} else {
$weblog = new objectupdate();
$result = $weblog->record_webaccess_log("Accessing wrong module");
header("Location: dashboard");
}
}
