Exemple #1
2
 /**
  * Static function for create list page
  * Read params from setting 
  * Create object of class in accordance with mode displaying page
  * @param String strTableName
  * @param Array options
  */
 static function &createListPage($strTableName, $options)
 {
     global $isGroupSecurity;
     $gSettings = new ProjectSettings($strTableName, $options['pageType']);
     $gQuery = $gSettings->getSQLQuery();
     $params = $options;
     $params['tName'] = $strTableName;
     $params['origTName'] = $gSettings->getOriginalTableName();
     $params['gPageSize'] = $gSettings->getInitialPageSize();
     $params['gOrderIndexes'] = $gSettings->getOrderIndexes();
     $params['gstrOrderBy'] = $gQuery->OrderByToSql();
     $params['gsqlHead'] = $gQuery->HeadToSql();
     $params['gsqlFrom'] = $gQuery->FromToSql();
     $params['gsqlWhereExpr'] = $gQuery->WhereToSql();
     $params['gsqlGroupBy'] = $gQuery->GroupByToSql();
     $params['gsqlHaving'] = $gQuery->Having()->toSql($gQuery);
     $params['nSecOptions'] = $gSettings->getAdvancedSecurityType();
     $params['nLoginMethod'] = GetGlobalData("nLoginMethod", 0);
     $params['recsPerRowList'] = isMobile() ? 1 : $gSettings->getRecordsPerRowList();
     $params['mainTableOwnerID'] = $gSettings->getTableOwnerIdField();
     $params['exportTo'] = $gSettings->hasExportPage();
     $params['printFriendly'] = $gSettings->hasPrintPage();
     $params['deleteRecs'] = $gSettings->hasDelete();
     $params["isGroupSecurity"] = $isGroupSecurity;
     $params['arrKeyFields'] = $gSettings->getTableKeys();
     $params["isUseInlineAdd"] = $gSettings->hasInlineAdd();
     $params["isUseInlineEdit"] = $gSettings->hasInlineEdit();
     $params["panelSearchFields"] = $gSettings->getPanelSearchFields();
     $params['listGridLayout'] = $gSettings->getListGridLayout();
     $params['createLoginPage'] = GetGlobalData("createLoginPage", false);
     $params['noRecordsFirstPage'] = $gSettings->noRecordsOnFirstPage();
     $params['totalsFields'] = $gSettings->getTotalsFields();
     $params['listAjax'] = $gSettings->ajaxBasedListPage();
     $params['arrRecsPerPage'] = $gSettings->getRecordsPerPageArray();
     $params['isScrollGridBody'] = $gSettings->getScrollGridBody();
     $params['viewPDF'] = $gSettings->isViewPagePDF() || $gSettings->isPrinterPagePDF();
     $params['audit'] = GetAuditObject($table);
     $params['listFields'] = array();
     $allfields = $gSettings->getListFields();
     foreach ($allfields as $f) {
         if (!$gSettings->appearOnListPage($f)) {
             continue;
         }
         $params['listFields'][] = array("fName" => $f, "goodFieldName" => GoodFieldName($f), "valueFieldName" => GoodFieldName($f) . "_value", "viewFormat" => $gSettings->getViewFormat($f), "editFormat" => $gSettings->getEditFormat($f));
     }
     // choose class by mode
     if ($params["mode"] == LIST_SIMPLE) {
         $pageObject = new ListPage_Simple($params);
     } else {
         if ($params["mode"] == LIST_AJAX) {
             $pageObject = new ListPage_Ajax($params);
         } else {
             if ($params["mode"] == LIST_LOOKUP) {
                 $pageObject = new ListPage_Lookup($params);
             } else {
                 if ($params["mode"] == LIST_DETAILS || $params["mode"] == LIST_DASHDETAILS) {
                     $pageObject = new ListPage_DPInline($params);
                 } else {
                     if ($params["mode"] == RIGHTS_PAGE) {
                         $pageObject = new RightsPage($params);
                     } else {
                         if ($params["mode"] == MEMBERS_PAGE) {
                             $pageObject = new MembersPage($params);
                         } else {
                             if ($params["mode"] == LIST_DASHBOARD) {
                                 $pageObject = new ListPage_Dashboard($params);
                             }
                         }
                     }
                 }
             }
         }
     }
     $pageObject->init();
     return $pageObject;
 }
Exemple #2
0
 /**
  * Static function for create list page
  * Read params from setting 
  * Create object of class in accordance with mode displaying page 
  */
 function &createListPage($table, $options)
 {
     global $bSubqueriesSupported, $strTableName, $conn, $locale_info, $isGroupSecurity;
     $gSettings = new ProjectSettings($strTableName, $options['pageType']);
     $gQuery = $gSettings->getSQLQuery();
     $params = array();
     $params = $options;
     $params['origTName'] = $gSettings->getOriginalTableName();
     $params['sessionPrefix'] = $strTableName;
     $params['tName'] = $table;
     $params['conn'] =& $conn;
     $params['gPageSize'] = $gSettings->getInitialPageSize();
     $params['gOrderIndexes'] = $gSettings->getOrderIndexes();
     $params['gstrOrderBy'] = $gQuery->OrderByToSql();
     $params['gsqlHead'] = $gQuery->HeadToSql();
     $params['gsqlFrom'] = $gQuery->FromToSql();
     $params['gsqlWhereExpr'] = $gQuery->WhereToSql();
     $params['gsqlGroupBy'] = $gQuery->GroupByToSql();
     $params['gsqlHaving'] = $gQuery->Having()->toSql($gQuery);
     $params['locale_info'] =& $locale_info;
     $params["subQueriesSupp"] = $bSubqueriesSupported;
     $params['nSecOptions'] = $gSettings->getAdvancedSecurityType();
     $params['nLoginMethod'] = GetGlobalData("nLoginMethod", 0);
     $params['recsPerRowList'] = $gSettings->getRecordsPerRowList();
     $params['dbType'] = GetGlobalData("dbType", 0);
     $params['mainTableOwnerID'] = $gSettings->getTableOwnerIdField();
     $params['moveNext'] = $gSettings->useMoveNext();
     $params['exportTo'] = $gSettings->hasExportPage();
     $params['printFriendly'] = $gSettings->hasPrintPage();
     $params['deleteRecs'] = $gSettings->hasDelete();
     $params['rowHighlite'] = $gSettings->highlightRows();
     $params["isGroupSecurity"] = $isGroupSecurity;
     $params['arrKeyFields'] = $gSettings->getTableKeys();
     $params["isUseInlineAdd"] = $gSettings->hasInlineAdd();
     $params["isUseInlineEdit"] = $gSettings->hasInlineEdit();
     $params["isUseInlineJs"] = $params["isUseInlineAdd"] || $params["isUseInlineEdit"];
     $params["panelSearchFields"] = $gSettings->getPanelSearchFields();
     $params['isVerLayout'] = $gSettings->isVerticalLayoutList();
     $params['isDisplayLoading'] = $gSettings->displayLoading();
     $params['createLoginPage'] = GetGlobalData("createLoginPage", false);
     $params['subQueriesSupAccess'] = $gSettings->tableSupportsSubqueries();
     $params['noRecordsFirstPage'] = $gSettings->noRecordsOnFirstPage();
     $params['totalsFields'] = $gSettings->getTotalsFields();
     $params['listIcons'] = $gSettings->iconsOnList();
     $params['edit'] = $gSettings->hasEditPage();
     $params['inlineEdit'] = $gSettings->hasInlineEdit();
     $params['iCopy'] = $gSettings->hasCopyPage();
     $params['iView'] = $gSettings->hasViewPage();
     $params['listAjax'] = $gSettings->ajaxBasedListPage();
     $params['arrRecsPerPage'] = $gSettings->getRecordsPerPageArray();
     $params['isScrollGridBody'] = $gSettings->getScrollGridBody();
     $params['audit'] = GetAuditObject($table);
     $params['listFields'] = array();
     $allfields = $gSettings->getListFields();
     foreach ($allfields as $f) {
         if (!$gSettings->appearOnListPage($f)) {
             continue;
         }
         $params['listFields'][] = array("fName" => $f, "goodFieldName" => GoodFieldName($f), "valueFieldName" => GoodFieldName($f) . "_value", "viewFormat" => $gSettings->getViewFormat($f), "editFormat" => $gSettings->getEditFormat($f));
     }
     // choose class by mode
     if ($params["mode"] == LIST_SIMPLE) {
         $pageObject = new ListPage_Simple($params);
     } else {
         if ($params["mode"] == LIST_AJAX) {
             $pageObject = new ListPage_Ajax($params);
         } else {
             if ($params["mode"] == LIST_LOOKUP) {
                 $pageObject = new ListPage_Lookup($params);
             } else {
                 if ($params["mode"] == LIST_DETAILS) {
                     $pageObject = new ListPage_DPInline($params);
                 } else {
                     if ($params["mode"] == RIGHTS_PAGE) {
                         $pageObject = new RightsPage($params);
                     } else {
                         if ($params["mode"] == MEMBERS_PAGE) {
                             $pageObject = new MembersPage($params);
                         }
                     }
                 }
             }
         }
     }
     return $pageObject;
 }
Exemple #3
0
    echo printJSON($returnJSON);
    return;
}
if (!$gQuery->HasGroupBy()) {
    // Do not select any fields except current (full text) field.
    // If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
    // Just don't do anything in that case.
    $gQuery->RemoveAllFieldsExcept($pSet->getFieldIndex($field));
}
$keysArr = $pSet->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
    $keys[$k] = postvalue("key" . ($ind + 1));
}
$where = KeyWhere($keys);
if ($pSet->getAdvancedSecurityType() == ADVSECURITY_VIEW_OWN) {
    $where = whereAdd($where, SecuritySQL("Search", $strTableName));
}
$sql = $gQuery->gSQLWhere($where);
$qResult = $_connection->query($sql);
if (!$qResult || !($data = $cipherer->DecryptFetchedArray($qResult->fetchAssoc()))) {
    $returnJSON = array("success" => false, "error" => 'Error: Wrong SQL query');
    echo printJSON($returnJSON);
    return;
}
$fieldValue = $data[$field];
$sessionPrefix = $pSet->getOriginalTableName();
if ($mode == LIST_DASHBOARD) {
    //set the session prefix for the dashboard list page
    $sessionPrefix = "Dashboard_" . $pSet->getOriginalTableName();
}
/**
 * @intellisense
 */
function GetImageFromDB($gQuery, $forPDF = false, $params = array())
{
	global $conn;
	if(!$forPDF)
	{
		$table = postvalue("table");
		$strTableName = GetTableByShort($table);
		$settings = new ProjectSettings($strTableName);
		
		if (!checkTableName($table))
		{
			return '';
		}
		
		//include("include/".$table."_variables.php");
		@ini_set("display_errors","1");
		@ini_set("display_startup_errors","1");
	
		if(!isLogged() || !CheckSecurity(@$_SESSION["_".$strTableName."_OwnerID"],"Search"))
		{ 
			HeaderRedirect("login"); 
			return;
		}
	
		$field = postvalue("field");
		if(!$settings->checkFieldPermissions($field))
			return DisplayNoImage();
	
		//	construct sql
		$keysArr = $settings->getTableKeys();
		$keys = array();
		foreach ($keysArr as $ind=>$k)
		{
			$keys[$k]=postvalue("key".($ind+1));
		}
	}
	else
	{
		$table = @$params["table"];
	
		$strTableName = GetTableByShort($table);
		
		if (!checkTableName($table))
		{
			exit(0);
		}
		$settings = new ProjectSettings($strTableName);
		$field = @$params["field"];
		//	construct sql
		$keysArr = $settings->getTableKeys();
		$keys = array();
		foreach ($keysArr as $ind=>$k)
		{
			$keys[$k]=@$params["key".($ind+1)];
		}
	}
	if(!$gQuery->HasGroupBy())
	{
		// Do not select any fields except current (image) field.
		// If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
		// Just don't do anything in that case.
		$gQuery->RemoveAllFieldsExcept($settings->getFieldIndex($field));
	}
	
	$where=KeyWhere($keys);
	
	$secOpt = $settings->getAdvancedSecurityType();
	if ($secOpt == ADVSECURITY_VIEW_OWN)
	{
		$where=whereAdd($where,SecuritySQL("Search"));
	}
	
	$sql = $gQuery->gSQLWhere($where);
	
	$rs = db_query($sql,$conn);
	
	if($forPDF)
	{
		if($rs)
		{	
			$data = db_fetch_array($rs);
			return $data[$field];
		}
	}
	else
	{
		if(!$rs)
			return DisplayNoImage();
			
		if(postvalue('src') == 1)
		{
			$value = myfile_get_contents('images/icons/jpg.png');
		}
		else
			$value = db_stripslashesbinary($data[$field]);
		if(!$value)
		{
			if(postvalue("alt"))
			{
				$value=db_stripslashesbinary($data[postvalue("alt")]);
				if(!$value)
					return DisplayNoImage();
			}
			else
				return DisplayNoImage();
		}
		
		$itype=SupposeImageType($value);
		
		if(!$itype)
		{
			return DisplayFile();
		}
		if(!isset($pdf))
		{
			header("Content-Type: ".$itype);
			header("Cache-Control: private");
			SendContentLength(strlen_bin($value));
		}
		echoBinary($value);
		return '';
	}
}