Exemple #1
0
 function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
 {
     $theid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
     if (isset($variables["userschanged"])) {
         if ($variables["userschanged"] == 1) {
             $this->assignUsers($theid, $variables["newusers"]);
         }
     }
     return $theid;
 }
Exemple #2
0
 function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
 {
     $newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
     //we need to create the some default supporting records
     //first a single column.
     $querystatement = "INSERT INTO `tablecolumns`\n\t\t\t(`tabledefid`, `name`, `column`, `align`, `footerquery`, `displayorder`, `sortorder`, `wrap`, `size`, `format`, `roleid`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','id','" . $variables["maintable"] . ".id','left','',0,'',0,'',NULL, '');";
     $this->db->query($querystatement);
     //next default button options
     $querystatement = "INSERT INTO `tableoptions` (`tabledefid`, `name`, `option`, `needselect`, `othercommand`, `roleid`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','new','1',0,0, '');";
     $this->db->query($querystatement);
     $querystatement = "INSERT INTO `tableoptions` (`tabledefid`, `name`, `option`, `needselect`, `othercommand`, `roleid`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','edit','1','1',0, '');";
     $this->db->query($querystatement);
     $querystatement = "INSERT INTO `tableoptions` (`tabledefid`, `name`, `option`, `needselect`, `othercommand`, `roleid`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','printex','1',0,0, '');";
     $this->db->query($querystatement);
     $querystatement = "INSERT INTO `tableoptions` (`tabledefid`, `name`, `option`, `needselect`, `othercommand`, `roleid`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','select','1',0,0,'');";
     $this->db->query($querystatement);
     $querystatement = "INSERT INTO `tableoptions` (`tabledefid`, `name`, `option`, `needselect`, `othercommand`, `roleid`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','import','0',0,0,'Admin');";
     $this->db->query($querystatement);
     //next quicksearch
     $querystatement = "INSERT INTO `tablefindoptions` (`tabledefid`, `name`, `search`, `displayorder`, `roleid`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','All Records','" . $variables["maintable"] . ".id!=-1',0, '');";
     $this->db->query($querystatement);
     //and last findfields
     $querystatement = "INSERT INTO `tablesearchablefields` (`tabledefid`, `field`, `name`, `displayorder`, `type`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','" . $variables["maintable"] . ".id','id',1,'field');";
     $this->db->query($querystatement);
     return $newid;
 }
Exemple #3
0
 function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
 {
     $newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
     if (isset($variables["completed"]) && isset($variables["repeating"])) {
         $this->repeatTask($newid);
     }
     return $newid;
 }
Exemple #4
0
 function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
 {
     $newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
     //restore the fields
     $this->getTableInfo();
     return $newid;
 }
Exemple #5
0
 function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
 {
     $newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
     if (is_array($newid)) {
         $newUuid = $newid["uuid"];
     } else {
         $newUuid = $variables["uuid"];
     }
     //need to create the address and addresstorecord id
     // make sure we are not setting extra info
     unset($this->address->fields["email"]);
     unset($this->address->fields["phone"]);
     unset($this->address->fields["notes"]);
     unset($variables["id"]);
     // This breaks the import otherwise...needs further testing and possibly a better solution
     $variables["title"] = "Main Address";
     $variables["tabledefid"] = "tbld:6d290174-8b73-e199-fe6c-bcf3d4b61083";
     $variables["recordid"] = $newUuid;
     $variables["uuid"] = "";
     $variables["defaultshipto"] = 1;
     $variables["primary"] = 1;
     if ($newUuid) {
         // temporary fix... may need to verify client id before hand... dunno
         $variables = $this->address->prepareVariables($variables);
         $errorArray = $this->address->verifyVariables($variables);
         if (!count($errorArray)) {
             /**
              *  If we are replacing the record, we need to cut the links
              *  from the client to the old address record.
              */
             if ($replace) {
                 $querystatement = "\n\t\t\t\t\t\t\tDELETE FROM\n\t\t\t\t\t\t\t\t`addresstorecord`\n\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t`recordid` = '" . $newUuid . "'\n\t\t\t\t\t\t";
                 $queryresult = $this->db->query($querystatement);
             }
             //end if
             $this->address->insertRecord($variables, $createdby);
         } else {
             foreach ($errorArray as $error) {
                 $logError = new appError(-910, $error, "Address Verification Error");
             }
         }
         //end if
     }
     //end if
     //restore the fields
     $this->address->getTableInfo();
     return $newid;
 }
Exemple #6
0
 /**
  * Overriden phpbmstable function
  */
 function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
 {
     if ($createdby === NULL) {
         $createdby = $_SESSION["userinfo"]["id"];
     }
     $newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
     if (is_array($newid)) {
         $uuid = $newid["uuid"];
     } else {
         $uuid = $variables["uuid"];
     }
     if ($variables["catschanged"]) {
         $this->updateCategories($uuid, $variables["addcats"]);
     }
     return $newid;
 }
Exemple #7
0
 function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
 {
     $newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
     if (ENCRYPT_PAYMENT_FIELDS && (isset($variables["ccnumber"]) || isset($variables["ccexpiration"]) || isset($variables["ccverification"]) || isset($variables["accountnumber"]) || isset($variables["routingnumber"]))) {
         if ($useUuid) {
             $whereclause = "`uuid` = '" . $newid["uuid"] . "'";
             $variables["uuid"] = $newid["uuid"];
         } else {
             $whereclause = "`id` = '" . $newid . "'";
         }
         $querystatement = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\t`receipts`\n\t\t\t\t\tSET ";
         $fieldlist = "";
         if (isset($variables["ccnumber"])) {
             $variables["ccnumber"] = mysql_real_escape_string($variables["ccnumber"]);
             $fieldlist .= ", `ccnumber` = " . $this->db->encrypt("'" . $variables["ccnumber"] . "'");
         }
         //end if
         if (isset($variables["ccexpiration"])) {
             $variables["ccexpiration"] = mysql_real_escape_string($variables["ccexpiration"]);
             $fieldlist .= ", `ccexpiration` = " . $this->db->encrypt("'" . $variables["ccexpiration"] . "'");
         }
         //end if
         if (isset($variables["ccverification"])) {
             $variables["ccverification"] = mysql_real_escape_string($variables["ccverification"]);
             $fieldlist .= ", `ccverification` = " . $this->db->encrypt("'" . $variables["ccverification"] . "'");
         }
         //end if
         if (isset($variables["accountnumber"])) {
             $variables["accountnumber"] = mysql_real_escape_string($variables["accountnumber"]);
             $fieldlist .= ", `accountnumber` = " . $this->db->encrypt("'" . $variables["accountnumber"] . "'");
         }
         //end if
         if (isset($variables["routingnumber"])) {
             $variables["routingnumber"] = mysql_real_escape_string($variables["routingnumber"]);
             $fieldlist .= ", `routingnumber` = " . $this->db->encrypt("'" . $variables["routingnumber"] . "'");
         }
         //end if
         $fieldlist = substr($fieldlist, 1);
         $querystatement .= $fieldlist . " WHERE `posted` = '0' AND " . $whereclause;
         $this->db->query($querystatement);
     }
     //end if
     if ($variables["itemschanged"] == 1) {
         if ($this->receiptitems === NULL) {
             $this->receiptitems = new receiptitems($this->db);
         }
         $this->receiptitems->set($variables["itemslist"], $variables["uuid"], $variables["clientid"], $createdby);
     }
     //end if
     return $newid;
 }
Exemple #8
0
 function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
 {
     $variables = $this->prepareVariables($variables);
     return parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
 }
Exemple #9
0
 function _createServiceCharge($arrecord, $percentage)
 {
     if ($arrecord["amount"] - $arrecord["paid"] <= 0) {
         return false;
     }
     $newAmount = round(($arrecord["amount"] - $arrecord["paid"]) * ($percentage / 100), CURRENCY_ACCURACY);
     if ($newAmount <= 0) {
         return false;
     }
     if (!class_exists("phpbmsTable")) {
         include "include/tables.php";
     }
     $aritems = new phpbmsTable($this->db, "tbld:c595dbe7-6c77-1e02-5e81-c2e215736e9c");
     $newarrecord = array();
     $newarrecord["uuid"] = uuid($aritems->prefix . ":");
     $newarrecord["type"] = "service charge";
     $newarrecord["status"] = "open";
     $newarrecord["posted"] = 1;
     $newarrecord["amount"] = $newAmount;
     $newarrecord["itemdate"] = dateToString($this->agingDate);
     $newarrecord["clientid"] = $arrecord["clientid"];
     $newarrecord["relatedid"] = $arrecord["relatedid"];
     $aritems->insertRecord($newarrecord, $this->userid);
     return true;
 }
Exemple #10
0
 function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
 {
     $newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
     $reportSettings = new reportSettings($this->db, $variables["uuid"]);
     $reportSettings->createFromDefaults($variables["reportfile"]);
     return $newid;
 }
Exemple #11
0
 /**
  * function process
  * Process request array posted to api
  *
  * The method process() loops through the request array, and attempts to
  * find a corresponding function to run for the request. It first looks for
  * a corresponding api class to load. If it does not find it, it next to
  * see if there is an overriden table class file, and finally if none of
  * these are present, it uses the standard table class.
  *
  */
 function process()
 {
     $i = 1;
     $tabledefid = null;
     if (!is_array($this->data)) {
         $this->sendError("Passed data malformed.  Was expecting an array.", $this->data, true);
     }
     foreach ($this->data as $request) {
         if (!is_array($request)) {
             $this->sendError("Malformed request number " . $i, $request);
         }
         if (!isset($request["tabledefid"]) || !isset($request["command"]) || !isset($request["data"])) {
             $this->sendError("Malformed request number " . $i, $request);
         }
         /**
          *  Process the options and populate the options object.
          */
         if (!isset($request["options"])) {
             $request["options"] = NULL;
         }
         $this->processOptions($request["options"]);
         if ((int) $request["tabledefid"] !== $tabledefid) {
             $tabledefid = mysql_real_escape_string($request["tabledefid"]);
             //First let's get the table information from the tabledef
             $querystatement = "\n                    SELECT\n                        `maintable`,\n                        `deletebutton`,\n                        `querytable`,\n                        `modules`.`name`,\n                        `apiaccessible`\n                    FROM\n                        `tabledefs` INNER JOIN `modules` ON tabledefs.moduleid = modules.uuid\n                    WHERE\n                        tabledefs.uuid = '" . $tabledefid . "'\n                ";
             $queryresult = $this->db->query($querystatement);
             if ($this->db->numRows($queryresult) == 0) {
                 if (!in_array($request["command"], array("procedure", "getsetting"))) {
                     $this->sendError("Invalid tabledefid (" . $tabledefid . ") from request number " . $i);
                     continue;
                 } else {
                     $deletebutton = "delete";
                     $maintable = "settings";
                     $modulename = "base";
                     $hasAPIOveride = false;
                     $hasTableClassOveride = false;
                 }
                 //endif
             } else {
                 $therecord = $this->db->fetchArray($queryresult);
                 if (!$therecord["apiaccessible"]) {
                     $this->sendError("Invalid tabledefid (" . $tabledefid . ") from request number " . $i . ": This table definition is inaccessible via api.");
                     continue;
                 }
                 //endif
                 $deletebutton = $therecord["deletebutton"];
                 $maintable = $therecord["maintable"];
                 $modulename = $therecord["name"];
                 //check for ovridding classes only once.
                 $hasAPIOveride = file_exists("../extendedapi/" . $maintable . ".php");
                 $hasTableClassOveride = file_exists("../" . $modulename . "/include/" . $maintable . ".php");
             }
             //endif
         }
         //endif
         /* Order in which to check for processors is as follows:
         
                        If the extendedAPI module is present, look for a file matching the main
                        table name of the table def.
                        Example: modules/extendedapi/clients.php
         
                        If a table class file exists in the module's include folder
                        use that.
                        Example: modules/bms/include/clients.php
         
                        Use the standard class module.
         
                     */
         $methodName = "";
         if ($hasAPIOveride) {
             // Found an API module table php
             @(include_once "modules/extendedapi/" . $maintable . ".php");
             $className = $className . "Api";
             if (class_exists($className)) {
                 $processor = new $className($this->db);
                 $processor->dateFormat = $this->options->dateFormat;
                 $processor->timeFormat = $this->options->timeFormat;
                 if (!method_exists($processor, $request["command"])) {
                     $methodName = $request["command"];
                     $this->response[] = $processor->{$methodName}($request["data"], $this->options->useUuid);
                 }
                 //endif
             }
             //end if
         }
         //endif
         /* If the command starts with api_, and there is a request overload, let's assume they
               are trying to call a homeade function in the ovveriden phpBMS table that they created.
            */
         if (!$methodName && substr($request["command"], 0, 4) == "api_" && $hasTableClassOveride) {
             include_once "include/tables.php";
             @(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
             if (class_exists($maintable)) {
                 $processor = new $maintable($this->db, $tabledefid);
                 $processor->dateFormat = $this->options->dateFormat;
                 $processor->timeFormat = $this->options->timeFormat;
             } else {
                 $processor = new phpbmsTable($this->db, $tabledefid);
                 $processor->dateFormat = $this->options->dateFormat;
                 $processor->timeFormat = $this->options->timeFormat;
             }
             if (method_exists($processor, $request["command"])) {
                 $methodName = $request["command"];
                 $this->response[] = $processor->{$methodName}($request["data"], $this->options->useUuid);
             }
             //endif
         }
         //endif
         if (!$methodName) {
             /* Either using the modules overriden table class or search
                                functions class or the standard one There are several
                                standard commands that can be passed:
             
                                * insert - calls the tabledefs insertRecord command, the
                                             same command that is called on standard
                                             phpBMS forms. a variable array should be
                                             passed in the request data.
             
                                * update - calls the tabledefs iupdateRecord command, the
                                             same command that is called on standard
                                             phpBMS forms. a variable array should be
                                             passed in the request data
             
                                * delete (or the corresponding delete button command)
                                         - calls the deleteRecord searchFunctions command
                                         data should be an array of ids
             
                                * procedure - This calls a stored MySQL stored procedure
                                              request data should pass an object with the
                                              (name) and optionally an array of any
                                              (parameters)
             
                                 In addition, you can pass a command that corresponds to
                                 any additional commands as defined in the table definition
                                 the request data passed should contain an array of ids
                             */
             switch ($request["command"]) {
                 case "ping":
                     //======================================================
                     $this->_addToResponse("message", "Everything is phpBMSy!");
                     break;
                 case "getDefaults":
                     include_once "include/tables.php";
                     if ($hasTableClassOveride) {
                         @(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
                         if (class_exists($maintable)) {
                             $processor = new $maintable($this->db, $tabledefid);
                             $processor->dateFormat = $this->options->dateFormat;
                             $processor->timeFormat = $this->options->timeFormat;
                         } else {
                             $processor = new phpbmsTable($this->db, $tabledefid);
                             $processor->dateFormat = $this->options->dateFormat;
                             $processor->timeFormat = $this->options->timeFormat;
                         }
                         //end if
                     } else {
                         $processor = new phpbmsTable($this->db, $tabledefid);
                         $processor->dateFormat = $this->options->dateFormat;
                         $processor->timeFormat = $this->options->timeFormat;
                     }
                     //end if
                     $therecord = $processor->getDefaults();
                     $this->_addToResponse("retrieved", "defaults retrieved in tabledef " . $tabledefid, $therecord);
                     break;
                 case "insert":
                     //======================================================
                     include_once "include/tables.php";
                     if ($hasTableClassOveride) {
                         @(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
                         if (class_exists($maintable)) {
                             $processor = new $maintable($this->db, $tabledefid);
                             $processor->dateFormat = $this->options->dateFormat;
                             $processor->timeFormat = $this->options->timeFormat;
                         } else {
                             $processor = new phpbmsTable($this->db, $tabledefid);
                             $processor->dateFormat = $this->options->dateFormat;
                             $processor->timeFormat = $this->options->timeFormat;
                         }
                         //end if
                     } else {
                         $processor = new phpbmsTable($this->db, $tabledefid);
                         $processor->dateFormat = $this->options->dateFormat;
                         $processor->timeFormat = $this->options->timeFormat;
                     }
                     //end if
                     $errorArray = $processor->verifyVariables((array) $request["data"]);
                     if (count($errorArray)) {
                         $this->sendError("Insert failed from request number " . $i, $errorArray);
                     } else {
                         $overrideID = false;
                         if (is_array($request["data"])) {
                             if (isset($request["data"]["id"])) {
                                 if ((int) $request["data"]["id"] !== 0) {
                                     $overrideID = true;
                                 }
                                 if ($this->options->keepDestId && isset($request["data"]["uuid"]) && $this->options->useUuid) {
                                     $request["data"]["id"] = getId($this->db, $processor->uuid, $request["data"]["uuid"]);
                                 }
                             } elseif ($this->options->keepDestId && isset($request["data"]["uuid"]) && $this->options->useUuid) {
                                 $request["data"]["id"] = getId($this->db, $processor->uuid, $request["data"]["uuid"]);
                             }
                         }
                         $createUuid = true;
                         if (is_array($request["data"])) {
                             if (isset($request["data"]["uuid"])) {
                                 if ((string) $request["data"]["uuid"] !== "") {
                                     $overrideID = true;
                                     $createUuid = false;
                                 }
                             }
                         }
                         //end if
                         if (!isset($processor->fields["uuid"])) {
                             $createUuid = false;
                         }
                         $newid = $processor->insertRecord($request["data"], NULL, $overrideID, true, $createUuid);
                         if ($newid) {
                             if ($createUuid) {
                                 $this->_addToResponse("added", "record added to tabledef " . $tabledefid, $newid["uuid"]);
                             } elseif (isset($processor->fields["uuid"])) {
                                 $this->_addToResponse("added", "record added to tabledef " . $tabledefid, $request["data"]["uuid"]);
                             } else {
                                 $this->_addToResponse("added", "record added to tabledef " . $tabledefid, $newid);
                             }
                             //end if
                         } else {
                             $this->sendError("Insert failed from request number " . $i);
                         }
                     }
                     //endif
                     break;
                 case "update":
                     //======================================================
                     include_once "include/tables.php";
                     if ($hasTableClassOveride) {
                         @(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
                         if (class_exists($maintable)) {
                             $processor = new $maintable($this->db, $tabledefid);
                             $processor->dateFormat = $this->options->dateFormat;
                             $processor->timeFormat = $this->options->timeFormat;
                         } else {
                             $processor = new phpbmsTable($this->db, $tabledefid);
                             $processor->dateFormat = $this->options->dateFormat;
                             $processor->timeFormat = $this->options->timeFormat;
                         }
                         //end if
                     } else {
                         $processor = new phpbmsTable($this->db, $tabledefid);
                         $processor->dateFormat = $this->options->dateFormat;
                         $processor->timeFormat = $this->options->timeFormat;
                     }
                     //end if
                     $errorArray = $processor->verifyVariables($request["data"]);
                     if ($this->options->useUuid) {
                         if (!isset($request["data"]["uuid"])) {
                             $errorArray[] = "The `uuid` field must be set.";
                         }
                     } else {
                         if (!isset($request["data"]["id"])) {
                             $errorArray[] = "The `id` field must be set.";
                         }
                     }
                     //end if
                     if (count($errorArray)) {
                         $this->sendError("Update failed from request number " . $i, $errorArray);
                     } else {
                         $processor->updateRecord($request["data"], NULL, (bool) $this->options->useUuid);
                         $this->_addToResponse("updated", "record updated in tabledef " . $tabledefid);
                     }
                     //endif
                     break;
                 case "get":
                     //======================================================
                     include_once "include/tables.php";
                     if ($hasTableClassOveride) {
                         @(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
                         if (class_exists($maintable)) {
                             $processor = new $maintable($this->db, $tabledefid);
                             $processor->dateFormat = $this->options->dateFormat;
                             $processor->timeFormat = $this->options->timeFormat;
                         } else {
                             $processor = new phpbmsTable($this->db, $tabledefid);
                             $processor->dateFormat = $this->options->dateFormat;
                             $processor->timeFormat = $this->options->timeFormat;
                         }
                         //end if
                     } else {
                         $processor = new phpbmsTable($this->db, $tabledefid);
                         $processor->dateFormat = $this->options->dateFormat;
                         $processor->timeFormat = $this->options->timeFormat;
                     }
                     //end if
                     $errorMessage = "";
                     if ($this->options->useUuid) {
                         if (!isset($request["data"]["uuid"])) {
                             $errorMessage = "The `uuid` field must be set.";
                         }
                     } else {
                         if (!isset($request["data"]["id"])) {
                             $errorMessage = "The `id` field must be set.";
                         }
                     }
                     //end if
                     if ($errorMessage) {
                         $this->sendError("Get failed from request number " . $i, $errorMessage);
                     } elseif (!$this->options->useUuid) {
                         $therecord = $processor->getRecord((int) $request["data"]["id"], $this->options->useUuid);
                         $thereturn = $therecord["id"];
                         $thevalue = (int) $request["data"]["id"];
                     } else {
                         $therecord = $processor->getRecord(mysql_real_escape_string($request["data"]["uuid"]), $this->options->useUuid);
                         $thereturn = $therecord["uuid"];
                         $thevalue = $request["data"]["uuid"];
                     }
                     if ($thereturn == $thevalue) {
                         $this->_addToResponse("retrieved", "record (" . htmlQuotes($thevalue) . ") retrieved in tabledef " . $tabledefid, $therecord);
                     } else {
                         $this->_addToResponse("retrieved", "no record found (" . htmlQuotes($thevalue) . ") in tabledef " . $tabledefid);
                     }
                     break;
                 case "delete":
                 case $deletebutton:
                     //======================================================
                     if (!is_array($request["data"])) {
                         $this->sendError("Passed data is not array in request number " . $i, $request["data"]);
                     } else {
                         include_once "include/search_class.php";
                         if ($hasTableClassOveride) {
                             @(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
                             $className = $maintable . "SearchFunctions";
                             if (class_exists($className)) {
                                 $processor = new $className($this->db, $tabledefid, $request["data"]);
                             } else {
                                 $processor = new searchFunctions($this->db, $tabledefid, $request["data"]);
                             }
                         } else {
                             $processor = new searchFunctions($this->db, $tabledefid, $request["data"]);
                         }
                         $result = $processor->delete_record($this->options->useUuid);
                         $this->_addToResponse($request["command"], $result);
                     }
                     //endif
                     break;
                 case "procedure":
                     //======================================================
                     if (!is_array($request["data"])) {
                         $this->sendError("Wrong passed procedure format, expected object in request number " . $i, $request["data"]);
                     } else {
                         if (!isset($request["data"]["name"])) {
                             $this->sendError("Wrong passed procedure format, name missing in request number " . $i, $request["data"]);
                         } else {
                             //check to see if stored procedure exists
                             $querystatement = "\n                                    SHOW PROCEDURE STATUS LIKE '" . mysql_real_escape_string($request["data"]["name"]) . "'\n                                ";
                             $queryresult = $this->db->query($querystatement);
                             if ($this->db->numRows($queryresult) === 0) {
                                 $this->sendError("Procedure '" . $request["data"]["name"] . "' does not exist in request number " . $i, $request["data"]);
                             } else {
                                 $parameterList = "";
                                 if (isset($request["data"]["parameters"])) {
                                     foreach ($request["data"]["parameters"] as $parameter) {
                                         $parameterList .= ", '" . mysql_real_escape_string($parameter) . "'";
                                     }
                                 }
                                 if ($parameterList) {
                                     $parameterList = substr(1, $parameterList);
                                 }
                                 $procedurestatement = "\n                                        CALL " . $request["data"]["name"] . "(" . $parameterList . ")";
                                 $queryresult = $this->db->query($procedurestatement);
                                 $result = array();
                                 while ($therecord = $this->db->fetchArray($queryresult)) {
                                     $result[] = $therecord;
                                 }
                                 $this->_addToResponse("result", "Procedure '" . $request["data"]["name"] . "' returned (" . $this->db->numRows($queryresult) . ") in request number " . $i, $result);
                             }
                             //endif
                         }
                         //endif
                     }
                     //endif
                     break;
                 case "getsetting":
                     //======================================================
                     if (!is_array($request["data"])) {
                         $this->sendError("Wrong passed data format, expected array in request number " . $i, $request["data"]);
                     } else {
                         $whereclause = "";
                         foreach ($request["data"] as $settingName) {
                             $whereclause = "OR `name` = '" . mysql_real_escape_string($settingName) . "' ";
                         }
                         if ($whereclause) {
                             $whereclause = "WHERE " . substr($whereclause, 2);
                         }
                         $querystatement = "\n                                SELECT\n                                    `name`,\n                                    `value`\n                                FROM\n                                    `settings`\n                                " . $whereclause;
                         $queryresult = $this->db->query($querystatement);
                         $settings = array();
                         while ($therecord = $this->db->fetchArray($queryresult)) {
                             $settings[$therecord["name"]] = $therecord["value"];
                         }
                         $this->_addToResponse("result", "GetSettings returned (" . count($settings) . ") in request number " . $i, $settings);
                     }
                     //endif
                     break;
                 default:
                     //======================================================
                     // a catch all for other requests.  This should correspond
                     // to an ovrriden search class function only. Calling
                     // some commands can cause response errors so be careful
                     if (!is_array($request["data"]) && !$hasTableClassOveride) {
                         $this->sendError("Passaed data is not array or function (" . $request["command"] . ") does not exist in request number " . $i, $request["data"]);
                     } else {
                         @(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
                         $className = $maintable . "SearchFunctions";
                         if (!class_exists($className)) {
                             $this->sendError("Function (" . $request["command"] . ") does not exist in request number " . $i, $request["data"]);
                         } else {
                             $processor = new $className($this->db, $tabledefid, $request["data"]);
                             $processor->dateFormat = $this->options->dateFormat;
                             $processor->timeFormat = $this->options->timeFormat;
                             $methodName = $request["command"];
                             if (!method_exists($processor, $methodName)) {
                                 $this->sendError("Function (" . $request["command"] . ") does not exist in request number " . $i, $request["data"]);
                             } else {
                                 $result = $processor->{$methodName}();
                                 $this->_addToResponse($request["command"], $result);
                             }
                             //endif method_exists
                         }
                         //endif $className
                     }
                     //endif
                     break;
             }
             //endswitch $request["command"]
         }
         //endif $modulename
         $i++;
     }
     //endforeach
     $this->displayResult();
 }
Exemple #12
0
 function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
 {
     if ($createdby === NULL) {
         $createdby = $_SESSION["userinfo"]["id"];
     }
     $newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
     $id = $newid;
     if (isset($newid["uuid"])) {
         $id = $newid["id"];
     }
     if (ENCRYPT_PAYMENT_FIELDS && (isset($variables["ccnumber"]) || isset($variables["ccexpiration"]) || isset($variables["ccverification"]) || isset($variables["accountnumber"]) || isset($variables["routingnumber"]))) {
         if ($useUuid) {
             $whereclause = "`uuid` = '" . $newid["uuid"] . "'";
         } else {
             $whereclause = "`id` = '" . $newid . "'";
         }
         $querystatement = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\t`invoices`\n\t\t\t\t\tSET ";
         $fieldlist = "";
         if (isset($variables["ccnumber"])) {
             $variables["ccnumber"] = mysql_real_escape_string($variables["ccnumber"]);
             $fieldlist .= ", `ccnumber` = " . $this->db->encrypt("'" . $variables["ccnumber"] . "'");
         }
         //end if
         if (isset($variables["ccexpiration"])) {
             $variables["ccexpiration"] = mysql_real_escape_string($variables["ccexpiration"]);
             $fieldlist .= ", `ccexpiration` = " . $this->db->encrypt("'" . $variables["ccexpiration"] . "'");
         }
         //end if
         if (isset($variables["ccverification"])) {
             $variables["ccverification"] = mysql_real_escape_string($variables["ccverification"]);
             $fieldlist .= ", `ccverification` = " . $this->db->encrypt("'" . $variables["ccverification"] . "'");
         }
         //end if
         if (isset($variables["accountnumber"])) {
             $variables["accountnumber"] = mysql_real_escape_string($variables["accountnumber"]);
             $fieldlist .= ", `accountnumber` = " . $this->db->encrypt("'" . $variables["accountnumber"] . "'");
         }
         //end if
         if (isset($variables["routingnumber"])) {
             $variables["routingnumber"] = mysql_real_escape_string($variables["routingnumber"]);
             $fieldlist .= ", `routingnumber` = " . $this->db->encrypt("'" . $variables["routingnumber"] . "'");
         }
         //end if
         $fieldlist = substr($fieldlist, 1);
         $querystatement .= $fieldlist . " WHERE `type` != 'Invoice' AND `type` != 'VOID' AND " . $whereclause;
         $this->db->query($querystatement);
     }
     //end if
     if (!isset($variables["billingsaveoptions"])) {
         $variables["billingsaveoptions"] = NULL;
     }
     if (!isset($variables["shiptosaveoptions"])) {
         $variables["shiptosaveoptions"] = NULL;
     }
     if ($variables["billingsaveoptions"] != "orderOnly" || $variables["shiptosaveoptions"] != "orderOnly") {
         require_once "addresses.php";
         require_once "addresstorecord.php";
         if (!isset($variables["uuid"])) {
             $variables["uuid"] = getUuid($this->db, $this->uuid, $newid);
         }
         $newuuid = mysql_real_escape_string($variables["uuid"]);
         $this->addressUpdate($variables, $newuuid, $createdby, "billing");
         $this->addressUpdate($variables, $newuuid, $createdby, "shipping");
     }
     //end if
     if (!isset($variables["lineitemschanged"])) {
         $variables["lineitemschanged"] = '';
     }
     if ($variables["lineitemschanged"] == 1) {
         if ($this->lineitems === NULL) {
             $this->lineitems = new lineitems($this->db, $id);
         } else {
             $this->lineitems->invoiceid = $id;
         }
         $this->lineitems->set($variables["thelineitems"], $createdby);
     }
     //end if
     if (!isset($variables["statusdate"])) {
         $variables["statusdate"] = '';
     }
     if (!isset($variables["assignedtoid"])) {
         $variables["assignedtoid"] = '';
     }
     //if($variables["statuschanged"]==1)
     $this->updateStatus($id, $variables["statusid"], $variables["statusdate"], $variables["assignedtoid"], $replace);
     if ($variables["clienttype"] == "prospect" && $variables["type"] == "Order") {
         $this->prospectToClient($variables["clientid"]);
     }
     return $newid;
 }
Exemple #13
0
 function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
 {
     $this->fields["password"]["type"] = "password";
     unset($this->fields["lastlogin"]);
     $theid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
     //reset field information
     $this->fields = $this->db->tableInfo($this->maintable);
     return $theid;
 }