Exemple #1
0
    case 'save':
        // 保存
        $retval = LIB_Save($pi_name, $edt_flg, $navbarMenu, $menuno);
        $information['pagetitle'] = $retval['title'];
        $display .= $retval['display'];
        break;
    case 'delete':
        // 削除
        $display .= LIB_delete($pi_name);
        break;
    case 'copy':
        //コピー
    //コピー
    case 'edit':
        // 編集
        if (!empty($id)) {
            $information['pagetitle'] = $LANG_DATABOX_ADMIN['piname'] . $LANG_DATABOX_ADMIN['edit'];
            $display .= LIB_Edit($pi_name, $id, $edt_flg, $msg, "", $mode);
        }
        break;
    default:
        // 初期表示、一覧表示
        $information['pagetitle'] = $LANG_DATABOX_ADMIN['piname'];
        if (isset($msg)) {
            $display .= COM_showMessage($msg, $pi_name);
        }
        $display .= LIB_List($pi_name);
}
$display = COM_startBlock($LANG_DATABOX_ADMIN['piname'], '', COM_getBlockTemplate('_admin_block', 'header')) . ppNavbarjp($navbarMenu, $LANG_DATABOX_admin_menu[$menuno]) . LIB_Menu($pi_name) . $display . COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
$display = DATABOX_displaypage($pi_name, '_admin', $display, $information);
COM_output($display);
function LIB_Save($pi_name, $edt_flg, $navbarMenu, $menuno)
{
    global $_CONF;
    global $_TABLES;
    global $_USER;
    $box_conf = "_" . strtoupper($pi_name) . "_CONF";
    global ${$box_conf};
    $box_conf = ${$box_conf};
    $lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN";
    global ${$lang_box_admin};
    $lang_box_admin = ${$lang_box_admin};
    $lang_box_admin_menu = "LANG_" . strtoupper($pi_name) . "_admin_menu";
    global ${$lang_box_admin_menu};
    $lang_box_admin_menu = ${$lang_box_admin_menu};
    $table = $_TABLES[strtoupper($pi_name) . '_def_field'];
    $table1 = $_TABLES[strtoupper($pi_name) . '_base'];
    $table2 = $_TABLES[strtoupper($pi_name) . '_addition'];
    $retval = '';
    // clean 'em up
    $id = COM_applyFilter($_POST['id'], true);
    if ($id == 0) {
        $new_flg = true;
    } else {
        $new_flg = false;
    }
    $name = COM_stripslashes($_POST['name']);
    $name = addslashes(COM_checkHTML(COM_checkWords($name)));
    $templatesetvar = COM_applyFilter($_POST['templatesetvar']);
    $templatesetvar = addslashes(COM_checkHTML(COM_checkWords($templatesetvar)));
    $description = COM_stripslashes($_POST['description']);
    $description = addslashes(COM_checkHTML(COM_checkWords($description)));
    $allow_display = COM_applyFilter($_POST['allow_display']);
    $allow_display = addslashes(COM_checkHTML(COM_checkWords($allow_display)));
    $allow_edit = COM_applyFilter($_POST['allow_edit']);
    $allow_edit = addslashes(COM_checkHTML(COM_checkWords($allow_edit)));
    $textcheck = COM_applyFilter($_POST['textcheck']);
    $textcheck = addslashes(COM_checkHTML(COM_checkWords($textcheck)));
    $textconv = COM_applyFilter($_POST['textconv']);
    $textconv = addslashes(COM_checkHTML(COM_checkWords($textconv)));
    $searchtarget = COM_applyFilter($_POST['searchtarget']);
    $searchtarget = addslashes(COM_checkHTML(COM_checkWords($searchtarget)));
    $initial_value = COM_applyFilter($_POST['initial_value']);
    $initial_value = addslashes(COM_checkHTML(COM_checkWords($initial_value)));
    $range_start = COM_applyFilter($_POST['range_start']);
    $range_start = addslashes(COM_checkHTML(COM_checkWords($range_start)));
    $range_end = COM_applyFilter($_POST['range_end']);
    $range_end = addslashes(COM_checkHTML(COM_checkWords($range_end)));
    $dfid = COM_applyFilter($_POST['dfid']);
    $dfid = addslashes(COM_checkHTML(COM_checkWords($dfid)));
    $type = COM_applyFilter($_POST['type']);
    $type = addslashes(COM_checkHTML(COM_checkWords($type)));
    $selection = COM_applyFilter($_POST['selection']);
    $selection = addslashes(COM_checkHTML(COM_checkWords($selection)));
    $selectlist = COM_applyFilter($_POST['selectlist']);
    $selectlist = addslashes(COM_checkHTML(COM_checkWords($selectlist)));
    $checkrequried = COM_applyFilter($_POST['checkrequried']);
    $checkrequried = addslashes(COM_checkHTML(COM_checkWords($checkrequried)));
    $size = COM_applyFilter($_POST['size'], true);
    $size = addslashes(COM_checkHTML(COM_checkWords($size)));
    $maxlength = COM_applyFilter($_POST['maxlength'], true);
    $maxlength = addslashes(COM_checkHTML(COM_checkWords($maxlength)));
    $rows = COM_applyFilter($_POST['rows'], true);
    $rows = addslashes(COM_checkHTML(COM_checkWords($rows)));
    $br = COM_applyFilter($_POST['br'], true);
    $br = addslashes(COM_checkHTML(COM_checkWords($br)));
    $orderno = mb_convert_kana($_POST['orderno'], "a");
    //全角英数字を半角英数字に変換する
    $orderno = COM_applyFilter($orderno, true);
    //$name = mb_convert_kana($name,"AKV");
    //A:半角英数字を全角英数字に変換する
    //K:半角カタカナを全角カタカナに変換する
    //V:濁点つきの文字を1文字に変換する (K、H と共に利用する)
    //$name = str_replace ("'", "’",$name);
    //$code = mb_convert_kana($code,"a");//全角英数字を半角英数字に変換する
    //-----
    $uuid = $_USER['uid'];
    // CHECK はじめ
    $err = "";
    //ID
    if ($id == 0) {
        //$err.=$lang_box_admin['err_id']."<br/>".LB;
    } else {
        if (!is_numeric($id)) {
            $err .= $lang_box_admin['err_id'] . "<br/>" . LB;
        }
    }
    //名称必須
    if (empty($name)) {
        $err .= $lang_box_admin['err_name'] . "<br/>" . LB;
    }
    //テーマ変数必須,二重チェック
    if (empty($templatesetvar)) {
        $err .= $lang_box_admin['err_templatesetvar'] . "<br/>" . LB;
    } else {
        $templatesetvar = rtrim(ltrim($templatesetvar));
        $newtemplatesetvar = COM_sanitizeID($templatesetvar, false);
        if ($templatesetvar != $newtemplatesetvar) {
            $err .= $lang_box_admin['err_templatesetvar'] . "<br/>" . LB;
        } else {
            $cntsql = "SELECT field_id FROM {$table} ";
            $cntsql .= " WHERE ";
            $cntsql .= " templatesetvar='{$templatesetvar}' ";
            $cntsql .= " AND field_id<>{$id}";
            $result = DB_query($cntsql);
            $numrows = DB_numRows($result);
            if ($numrows != 0) {
                $err .= $lang_box_admin['err_templatesetvar_w'] . "<br/>" . LB;
            }
        }
    }
    //7 = 'オプションリスト';
    //8 = 'ラジオボタンリスト';
    //14= 'マルチセレクトリスト';
    if ($type == 7 or $type == 8 or $type == 14) {
        if ($selection == "") {
            $err .= $lang_box_admin['err_selection'] . "<br/>" . LB;
        }
    }
    //errorのあるとき
    if ($err != "") {
        $retval['title'] = $lang_box_admin['piname'] . $lang_box_admin['edit'];
        $retval['display'] = LIB_Edit($pi_name, $id, $edt_flg, 3, $err);
        return $retval;
    }
    // CHECK おわり
    if ($id == 0) {
        $w = DB_getItem($table, "max(field_id)", "1=1");
        if ($w == "") {
            $w = 0;
        }
        $id = $w + 1;
    }
    $fields = "field_id";
    $values = "{$id}";
    $fields .= ",name";
    $values .= ",'{$name}'";
    $fields .= ",templatesetvar";
    $values .= ",'{$templatesetvar}'";
    $fields .= ",description";
    $values .= ",'{$description}'";
    $fields .= ",type";
    $values .= ",{$type}";
    $fields .= ",selection";
    $values .= ",'{$selection}'";
    $fields .= ",selectlist";
    $values .= ",'{$selectlist}'";
    $fields .= ",checkrequried";
    $values .= ",{$checkrequried}";
    $fields .= ",size";
    $values .= ",{$size}";
    $fields .= ",maxlength";
    $values .= ",{$maxlength}";
    $fields .= ",rows";
    $values .= ",{$rows}";
    $fields .= ",br";
    $values .= ",{$br}";
    $fields .= ",orderno";
    //
    $values .= ",'{$orderno}'";
    $fields .= ",allow_display";
    $values .= ",{$allow_display}";
    $fields .= ",allow_edit";
    $values .= ",{$allow_edit}";
    $fields .= ",textcheck";
    $values .= ",{$textcheck}";
    $fields .= ",textconv";
    $values .= ",{$textconv}";
    $fields .= ",searchtarget";
    $values .= ",{$searchtarget}";
    $fields .= ",initial_value";
    $values .= ",'{$initial_value}'";
    $fields .= ",range_start";
    $values .= ",'{$range_start}'";
    $fields .= ",range_end";
    $values .= ",'{$range_end}'";
    $fields .= ",dfid";
    $values .= ",{$dfid}";
    $fields .= ",uuid";
    $values .= ",{$uuid}";
    DB_save($table, $fields, $values);
    //    if ($new_flg){
    $sql = "INSERT INTO " . $table2 . LB;
    $sql .= " (`id`,`field_id`,`value`)" . LB;
    $sql .= " SELECT id";
    $sql .= " ," . $id;
    if ($initial_value != "") {
        $sql .= ",'" . $initial_value . "' ";
    } else {
        //7 = 'オプションリスト';
        //8 = 'ラジオボタンリスト';
        if (($type == 7 or $type == 8) and $selection != "") {
            $sql .= ",'0' ";
        } else {
            $sql .= ",NULL ";
        }
    }
    $sql .= " FROM " . $table1 . " AS t1" . LB;
    $sql .= " where  fieldset_id=0 AND id NOT IN (select id from " . $table2 . LB;
    $sql .= " where field_id=" . $id . ")" . LB;
    //COM_errorLog( "sql= " . $sql, 1 );
    DB_query($sql);
    //    }
    //    $rt=fncsendmail ($id);
    //    if ($edt_flg){
    //        $return_page=$_CONF['site_url'] . "/".THIS_SCRIPT;
    //        $return_page.="?id=".$id;
    //    }else{
    //        $return_page=$_CONF['site_admin_url'] . '/plugins/'.THIS_SCRIPT.'?msg=1';
    //    }
    //$return_page="";//@@@@@debug 用
    $message = "";
    if ($box_conf['aftersave_admin'] === 'no') {
        $retval['title'] = $lang_box_admin['piname'] . $lang_box_admin['edit'];
        $retval['display'] = LIB_Edit($pi_name, $id, $edt_flg, 1, "");
        return $retval;
    } else {
        if ($box_conf['aftersave_admin'] === 'list' or $box_conf['aftersave_admin'] === 'item') {
            $url = $_CONF['site_admin_url'] . "/plugins/{$pi_name}/field.php";
            $item_url = COM_buildURL($url);
            $target = 'item';
            $message = 1;
        } else {
            if ($box_conf['aftersave_admin'] === 'admin') {
                $target = $box_conf['aftersave_admin'];
                $message = 1;
            } else {
                $item_url = $_CONF['site_url'] . $box_conf['top'];
                $target = $box_conf['aftersave_admin'];
            }
        }
    }
    $return_page = PLG_afterSaveSwitch($target, $item_url, $pi_name, $message);
    echo $return_page;
    exit;
}
function LIB_Save($pi_name, $edt_flg, $navbarMenu, $menuno)
{
    global $_CONF;
    global $_TABLES;
    global $_USER;
    $box_conf = "_" . strtoupper($pi_name) . "_CONF";
    global ${$box_conf};
    $box_conf = ${$box_conf};
    $lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN";
    global ${$lang_box_admin};
    $lang_box_admin = ${$lang_box_admin};
    $lang_box_admin_menu = "LANG_" . strtoupper($pi_name) . "_admin_menu";
    global ${$lang_box_admin_menu};
    $lang_box_admin_menu = ${$lang_box_admin_menu};
    $lang_box_inputtype = "LANG_" . strtoupper($pi_name) . "_INPUTTYPE";
    global ${$lang_box_inputtype};
    $lang_box_inputtype = ${$lang_box_inputtype};
    $table = $_TABLES[strtoupper($pi_name) . '_def_group'];
    $retval = '';
    // clean 'em up
    $id = COM_applyFilter($_POST['id'], true);
    $code = COM_applyFilter($_POST['code']);
    $code = addslashes(COM_checkHTML(COM_checkWords($code)));
    $name = COM_applyFilter($_POST['name']);
    $name = addslashes(COM_checkHTML(COM_checkWords($name)));
    $description = $_POST['description'];
    //COM_applyFilter($_POST['description']);
    $description = addslashes(COM_checkHTML(COM_checkWords($description)));
    $parent_flg = COM_applyFilter($_POST['parent_flg'], true);
    $input_type = COM_applyFilter($_POST['input_type'], true);
    $orderno = mb_convert_kana($_POST['orderno'], "a");
    //全角英数字を半角英数字に変換する
    $orderno = COM_applyFilter($orderno, true);
    //$name = mb_convert_kana($name,"AKV");
    //A:半角英数字を全角英数字に変換する
    //K:半角カタカナを全角カタカナに変換する
    //V:濁点つきの文字を1文字に変換する (K、H と共に利用する)
    //$name = str_replace ("'", "’",$name);
    //$code = mb_convert_kana($code,"a");//全角英数字を半角英数字に変換する
    //-----
    $type = 1;
    $uuid = $_USER['uid'];
    // CHECK はじめ
    $err = "";
    //ID コード
    if ($id == 0) {
        //$err.=$lang_box_admin['err_uid']."<br/>".LB;
    } else {
        if (!is_numeric($id)) {
            $err .= $lang_box_admin['err_id'] . "<br/>" . LB;
        }
    }
    //コード
    if ($code != "") {
        $cntsql = "SELECT code FROM {$table} ";
        $cntsql .= " WHERE ";
        $cntsql .= " code='{$code}' ";
        $cntsql .= " AND group_id<>{$id}";
        $result = DB_query($cntsql);
        $numrows = DB_numRows($result);
        if ($numrows != 0) {
            $err .= $lang_box_admin['err_code_w'] . "<br/>" . LB;
        }
    }
    //タイトル必須
    if (empty($name)) {
        $err .= $lang_box_admin['err_name'] . "<br/>" . LB;
    }
    //errorのあるとき
    if ($err != "") {
        $retval['title'] = $lang_box_admin['piname'] . $lang_box_admin['edit'];
        $retval['display'] = LIB_Edit($pi_name, $id, $edt_flg, 3, $err);
        return $retval;
    }
    // CHECK おわり
    if ($id == 0) {
        $w = DB_getItem($table, "max(group_id)", "1=1");
        if ($w == "") {
            $w = 0;
        }
        $id = $w + 1;
    }
    $fields = "group_id";
    $values = "{$id}";
    $fields .= ",code";
    $values .= ",'{$code}'";
    $fields .= ",name";
    $values .= ",'{$name}'";
    $fields .= ",description";
    $values .= ",'{$description}'";
    $fields .= ",orderno";
    //
    $values .= ",{$orderno}";
    $fields .= ",parent_flg";
    //
    $values .= ",{$parent_flg}";
    $fields .= ",input_type";
    //
    $values .= ",{$input_type}";
    $fields .= ",uuid";
    $values .= ",{$uuid}";
    $fields .= ",udatetime";
    $values .= ",NOW( )";
    //
    //    if ($edt_flg){
    //        $return_page=$_CONF['site_url'] . "/".THIS_SCRIPT;
    //        $return_page.="?id=".$id;
    //    }else{
    //        $return_page=$_CONF['site_admin_url'] . '/plugins/'.THIS_SCRIPT.'?msg=1';
    //    }
    DB_save($table, $fields, $values, $return_page);
    //    $rt=fncsendmail ($id);
    $message = "";
    if ($box_conf['aftersave_admin'] === 'no') {
        $retval['title'] = $lang_box_admin['piname'] . $lang_box_admin['edit'];
        $retval['display'] = LIB_Edit($pi_name, $id, $edt_flg, 1, "");
        return $retval;
    } else {
        if ($box_conf['aftersave_admin'] === 'list' or $box_conf['aftersave_admin'] === 'item') {
            $url = $_CONF['site_admin_url'] . "/plugins/{$pi_name}/group.php";
            $item_url = COM_buildURL($url);
            $target = 'item';
            $message = 1;
        } else {
            if ($box_conf['aftersave_admin'] === 'admin') {
                $target = $box_conf['aftersave_admin'];
                $message = 1;
            } else {
                $item_url = $_CONF['site_url'] . $box_conf['top'];
                $target = $box_conf['aftersave_admin'];
            }
        }
    }
    $return_page = PLG_afterSaveSwitch($target, $item_url, $pi_name, $message);
    echo $return_page;
    exit;
}
Exemple #4
0
function LIB_Save($pi_name, $edt_flg, $navbarMenu, $menuno)
{
    global $_CONF;
    global $_TABLES;
    global $_USER;
    $box_conf = "_" . strtoupper($pi_name) . "_CONF";
    global ${$box_conf};
    $box_conf = ${$box_conf};
    $lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN";
    global ${$lang_box_admin};
    $lang_box_admin = ${$lang_box_admin};
    $lang_box_admin_menu = "LANG_" . strtoupper($pi_name) . "_admin_menu";
    global ${$lang_box_admin_menu};
    $lang_box_admin_menu = ${$lang_box_admin_menu};
    $table = $_TABLES[strtoupper($pi_name) . '_mst'];
    $retval = '';
    // clean 'em up
    $id = COM_applyFilter($_POST['id'], true);
    $kind = COM_applyFilter($_POST['kind']);
    $kind = addslashes(COM_checkHTML(COM_checkWords($kind)));
    $no = COM_applyFilter($_POST['no'], true);
    $no = addslashes(COM_checkHTML(COM_checkWords($no)));
    $value = COM_applyFilter($_POST['value']);
    $value = addslashes(COM_checkHTML(COM_checkWords($value)));
    $value2 = COM_applyFilter($_POST['value2']);
    $value2 = addslashes(COM_checkHTML(COM_checkWords($value2)));
    $disp = $_POST['disp'];
    $disp = addslashes(COM_checkHTML(COM_checkWords($disp)));
    $orderno = mb_convert_kana($_POST['orderno'], "a");
    //全角英数字を半角英数字に変換する
    $orderno = COM_applyFilter($orderno, true);
    $relno = COM_applyFilter($_POST['relno']);
    $relno = addslashes(COM_checkHTML(COM_checkWords($relno)));
    //$name = mb_convert_kana($name,"AKV");
    //A:半角英数字を全角英数字に変換する
    //K:半角カタカナを全角カタカナに変換する
    //V:濁点つきの文字を1文字に変換する (K、H と共に利用する)
    //$name = str_replace ("'", "’",$name);
    //$code = mb_convert_kana($code,"a");//全角英数字を半角英数字に変換する
    //-----
    $type = 1;
    $uuid = $_USER['uid'];
    // CHECK はじめ
    $err = "";
    //ID コード
    if ($id == 0) {
        //$err.=$lang_box_admin['err_uid']."<br/>".LB;
    } else {
        if (!is_numeric($id)) {
            $err .= $lang_box_admin['err_id'] . "<br/>" . LB;
        }
    }
    //kind必須
    if (empty($kind)) {
        $err .= $lang_box_admin['err_kind'] . "<br/>" . LB;
    }
    //no必須 二重チェック
    if ($no == "") {
        $err .= $lang_box_admin['err_no'] . "<br/>" . LB;
    } else {
        $cntsql = "SELECT id FROM {$table} ";
        $cntsql .= " WHERE ";
        $cntsql .= " no={$no} ";
        $cntsql .= " AND kind='{$kind}'";
        $cntsql .= " AND id<>{$id}";
        $result = DB_query($cntsql);
        $numrows = DB_numRows($result);
        if ($numrows != 0) {
            $err .= $lang_box_admin['err_no_w'] . "<br/>" . LB;
        }
    }
    //errorのあるとき
    if ($err != "") {
        $retval['title'] = $lang_box_admin['piname'] . $lang_box_admin['edit'];
        $retval['display'] = LIB_Edit($pi_name, $id, $edt_flg, 3, $err);
        return $retval;
    }
    // CHECK おわり
    if ($id == 0) {
        $w = DB_getItem($table, "max(id)", "1=1");
        if ($w == "") {
            $w = 0;
        }
        $id = $w + 1;
    }
    $fields = "id";
    $values = "{$id}";
    $fields .= ",kind";
    $values .= ",'{$kind}'";
    $fields .= ",no";
    $values .= ",{$no}";
    $fields .= ",value";
    $values .= ",'{$value}'";
    $fields .= ",value2";
    if ($value2 == "") {
        $values .= ",NULL";
    } else {
        $values .= ",'{$value2}'";
    }
    $fields .= ",disp";
    if ($disp == "") {
        $values .= ",NULL";
    } else {
        $values .= ",'{$disp}'";
    }
    $fields .= ",orderno";
    //
    if ($orderno == "") {
        $values .= ",NULL";
    } else {
        $values .= ",{$orderno}";
    }
    $fields .= ",relno";
    //
    if ($relno == "") {
        $values .= ",NULL";
    } else {
        $values .= ",{$relno}";
    }
    $fields .= ",uuid";
    $values .= ",{$uuid}";
    $fields .= ",udatetime";
    $values .= ",NOW( )";
    //
    DB_save($table, $fields, $values, $return_page);
    //    $rt=fncsendmail ($id);
    $message = "";
    if ($box_conf['aftersave_admin'] === 'no') {
        $retval['title'] = $lang_box_admin['piname'] . $lang_box_admin['edit'];
        $retval['display'] = LIB_Edit($pi_name, $id, $edt_flg, 1, "");
        return $retval;
    } else {
        if ($box_conf['aftersave_admin'] === 'list' or $box_conf['aftersave_admin'] === 'item') {
            $url = $_CONF['site_admin_url'] . "/plugins/{$pi_name}/mst.php";
            $item_url = COM_buildURL($url);
            $target = 'item';
            $message = 1;
        } else {
            if ($box_conf['aftersave_admin'] === 'admin') {
                $target = $box_conf['aftersave_admin'];
                $message = 1;
            } else {
                $item_url = $_CONF['site_url'] . $box_conf['top'];
                $target = $box_conf['aftersave_admin'];
            }
        }
    }
    $return_page = PLG_afterSaveSwitch($target, $item_url, $pi_name, $message);
    echo $return_page;
    exit;
}