function buildControl($value, $mode, $fieldNum = 0, $validate, $additionalCtrlParams, $data)
{
parent::buildControl($value, $mode, $fieldNum, $validate, $additionalCtrlParams, $data);
$disp = "";
$strfilename = "";
if ($mode == MODE_EDIT || $mode == MODE_INLINE_EDIT) {
$value = db_stripslashesbinary($value);
$itype = SupposeImageType($value);
if ($itype) {
if ($this->pageObject->pSetEdit->showThumbnail($this->field)) {
$disp = "<a target=_blank";
$disp .= " href=\"imager.php?table=" . GetTableURL($this->pageObject->tName) . "&" . $this->iquery . "&rndVal=" . rand(0, 32768) . "\" class='zoombox'>";
$disp .= "<img id=\"image_" . GoodFieldName($this->field) . "_" . $this->id . "\" name=\"" . $this->cfield . "\" border=0";
if ($this->is508) {
$disp .= " alt=\"Image from DB\"";
}
$disp .= " src=\"imager.php?table=" . GetTableURL($this->pageObject->tName) . "&field=" . rawurlencode($this->pageObject->pSetEdit->getStrThumbnail($this->field)) . "&alt=" . rawurlencode($this->field) . $this->keylink . "&rndVal=" . rand(0, 32768) . "\">";
$disp .= "</a>";
} else {
$disp = '<img id="image_' . GoodFieldName($this->field) . '_' . $this->id . '" name="' . $this->cfield . '"';
if ($this->is508) {
$disp .= ' alt="Image from DB"';
}
$disp .= ' border=0 src="imager.php?table=' . GetTableURL($this->pageObject->tName) . '&' . $this->iquery . "&src=1&rndVal=" . rand(0, 32768) . '">';
}
} else {
if (strlen($value)) {
$disp = '<img id="image_' . GoodFieldName($this->field) . '_' . $this->id . '" name="' . $this->cfield . '" border=0 ';
if ($this->is508) {
$disp .= ' alt="file"';
}
$disp .= ' src="images/file.gif">';
} else {
$disp = '<img id="image_' . GoodFieldName($this->field) . '_' . $this->id . '" name="' . $this->cfield . '" border="0"';
if ($this->is508) {
$disp .= ' alt=" "';
}
$disp .= ' src="images/no_image.gif">';
}
}
// filename
if ($this->format == EDIT_FORMAT_DATABASE_FILE && !$itype && strlen($value)) {
if (!($filename = @$data[$this->pageObject->pSetEdit->getFilenameField($this->field)])) {
$filename = "file.bin";
}
$disp = '<a href="getfile.php?table=' . GetTableURL($this->pageObject->tName) . '&filename=' . htmlspecialchars($filename) . '&' . $this->iquery . '".>' . $disp . '</a>';
}
// filename edit
if ($this->format == EDIT_FORMAT_DATABASE_FILE && $this->pageObject->pSetEdit->getFilenameField($this->field)) {
if (!($filename = @$data[$this->pageObject->pSetEdit->getFilenameField($this->field)])) {
$filename = "";
}
if ($mode == MODE_INLINE_EDIT) {
$strfilename = '<br><label for="filename_' . $this->cfieldname . '">' . "Filename" . '</label> <input type="text" ' . $this->inputStyle . ' id="filename_' . $this->cfieldname . '" name="filename_' . $this->cfieldname . '" size="20" maxlength="50" value="' . htmlspecialchars($filename) . '">';
} else {
$strfilename = '<br><label for="filename_' . $this->cfieldname . '">' . "Filename" . '</label> <input type="text" ' . $this->inputStyle . ' id="filename_' . $this->cfieldname . '" name="filename_' . $this->cfieldname . '" size="20" maxlength="50" value="' . htmlspecialchars($filename) . '">';
}
}
$strtype = '<br><input id="' . $this->ctype . '_keep" type="Radio" name="' . $this->ctype . '" value="file0" checked>' . "Keep";
if (strlen($value) && !$this->pageObject->pSetEdit->isRequired($this->field)) {
$strtype .= '<input id="' . $this->ctype . '_delete" type="Radio" name="' . $this->ctype . '" value="file1">' . "Delete";
}
$strtype .= '<input id="' . $this->ctype . '_update" type="Radio" name="' . $this->ctype . '" value="file2">' . "Update";
} else {
// if Add mode
$strtype = '<input id="' . $this->ctype . '" type="hidden" name="' . $this->ctype . '" value="file2">';
if ($this->format == EDIT_FORMAT_DATABASE_FILE && $this->pageObject->pSetEdit->getFilenameField($this->field)) {
$strfilename = '<br><label for="filename_' . $this->cfieldname . '">' . "Filename" . '</label> <input type="text" ' . $this->inputStyle . ' id="filename_' . $this->cfieldname . '" name="filename_' . $this->cfieldname . '" size="20" maxlength="50">';
}
}
if ($mode == MODE_INLINE_EDIT && $this->format == EDIT_FORMAT_DATABASE_FILE) {
$disp = "";
}
echo $disp . $strtype;
if ($mode == MODE_EDIT || $mode == MODE_INLINE_EDIT) {
echo '<br>';
}
echo '<input type="File" ' . $this->inputStyle . ' id="' . $this->cfield . '" ' . (($mode == MODE_INLINE_EDIT || $mode == MODE_INLINE_ADD) && $this->is508 ? 'alt="' . $this->strLabel . '" ' : '') . ' name="' . $this->cfield . '" >' . $strfilename;
echo '<input type="Hidden" id="notempty_' . $this->cfieldname . '" value="' . (strlen($value) ? 1 : 0) . '">';
$this->buildControlEnd($validate);
}
function GetImageFromDB($gQuery, $forPDF = false, $params = array())
{
global $conn;
if (!$forPDF) {
$table = postvalue("table");
$strTableName = GetTableByShort($table);
$settings = new ProjectSettings($strTableName);
if (!checkTableName($table)) {
return '';
}
//include("include/".$table."_variables.php");
@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
if (!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) {
header("Location: login.php");
return;
}
$field = postvalue("field");
if (!$settings->checkFieldPermissions($field)) {
return DisplayNoImage();
}
// construct sql
$keysArr = $settings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = postvalue("key" . ($ind + 1));
}
} else {
$table = @$params["table"];
$strTableName = GetTableByShort($table);
if (!checkTableName($table)) {
exit(0);
}
$settings = new ProjectSettings($strTableName);
$field = @$params["field"];
// construct sql
$keysArr = $settings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = @$params["key" . ($ind + 1)];
}
}
if (!$gQuery->HasGroupBy()) {
// Do not select any fields except current (image) field.
// If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
// Just don't do anything in that case.
$gQuery->RemoveAllFieldsExcept($settings->getFieldIndex($field));
}
$where = KeyWhere($keys);
$sql = $gQuery->gSQLWhere($where);
$rs = db_query($sql, $conn);
if ($forPDF) {
if ($rs && ($data = db_fetch_array($rs))) {
return $data[$field];
}
} else {
if (!$rs || !($data = db_fetch_array($rs))) {
return DisplayNoImage();
}
if (postvalue('src') == 1 && strlen($data[$field]) > 51200) {
$value = myfile_get_contents('images/icons/jpg.png');
} else {
$value = db_stripslashesbinary($data[$field]);
}
if (!$value) {
if (postvalue("alt")) {
$value = db_stripslashesbinary($data[postvalue("alt")]);
if (!$value) {
return DisplayNoImage();
}
} else {
return DisplayNoImage();
}
}
$itype = SupposeImageType($value);
if (!$itype) {
return DisplayFile();
}
if (!isset($pdf)) {
header("Content-Type: " . $itype);
header("Cache-Control: private");
SendContentLength(strlen_bin($value));
}
echoBinary($value);
return '';
}
}
} else {
$keys[$tKeys[$i]] = postvalue("key" . ($i + 1));
}
}
$strWhereClause = KeyWhere($keys);
$queryObj = $pSet->getQueryObject();
if ($queryObj->HasGroupBy()) {
// Do not select any fields except current (file) field.
// If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
// Just don't do anything in that case.
$queryObj->RemoveAllFieldsExcept($pSet->getFieldIndex($field));
}
$rs = db_query($queryObj->gSQLWhere($strWhereClause), $conn);
if ($isDBFile) {
if ($rs && ($data = db_fetch_array($rs))) {
$value = db_stripslashesbinary($data[$field]);
}
} else {
$cipherer = new RunnerCipherer($strTableName, $pSet);
$row = $cipherer->DecryptFetchedArray($rs);
if (!is_null($row)) {
$filesArray = my_json_decode($row[$field]);
if (!is_array($filesArray) || count($filesArray) == 0) {
if ($row[$field] == "") {
$filesArray = array();
} else {
$uploadedFile = $upload_handler->get_file_object($row[$field]);
if (is_null($uploadedFile)) {
$filesArray = array();
} else {
$filesArray = array(my_json_decode(my_json_encode($uploadedFile)));
else
$value=0;
$strkeywhere.=$value;
}
}
$strSQL = $rpt_array['sql'] . " WHERE ". $strkeywhere;
$rs = db_query($strSQL,$conn);
if(!$rs || !($data=db_fetch_array($rs)))
return DisplayNoImage();
$value=db_stripslashesbinary($data[GoodFieldName($table.".".$field)]);
if(!$value)
{
return DisplayNoImage();
}
$itype=SupposeImageType($value);
if($itype)
header("Content-Type: ".$itype);
else
return DisplayFile();
echoBinary($value);
return;
?>
function BuildEditControl($field, $value, $format, $edit, $fieldNum = 0, $id = "", $validate, $additionalCtrlParams, &$pageObj)
{
global $rs, $data, $strTableName, $filenamelist, $keys, $locale_info, $jscode;
$inputStyle = 'style="';
$inputStyle .= $additionalCtrlParams['style'] ? $additionalCtrlParams['style'] : '';
//$inputStyle .= ($additionalCtrlParams['hidden'] ? 'display: none;' : '');
$inputStyle .= '"';
$cfieldname = GoodFieldName($field) . "_" . $id;
$cfield = "value_" . GoodFieldName($field) . "_" . $id;
$ctype = "type_" . GoodFieldName($field) . "_" . $id;
$is508 = isEnableSection508();
$strLabel = Label($field);
if ($fieldNum) {
$cfield = "value" . $fieldNum . "_" . GoodFieldName($field) . "_" . $id;
$ctype = "type" . $fieldNum . "_" . GoodFieldName($field) . "_" . $id;
}
$type = GetFieldType($field);
$arr = "";
$iquery = "field=" . rawurlencode($field);
$keylink = "";
$arrKeys = GetTableKeys($strTableName);
for ($j = 0; $j < count($arrKeys); $j++) {
$keylink .= "&key" . ($j + 1) . "=" . rawurlencode($data[$arrKeys[$j]]);
}
$iquery .= $keylink;
$isHidden = isset($additionalCtrlParams['hidden']) && $additionalCtrlParams['hidden'];
echo '<span id="edit' . $id . '_' . GoodFieldName($field) . '_' . $fieldNum . '" class="runner-nowrap"' . ($isHidden ? ' style="display:none"' : '') . '">';
if ($format == EDIT_FORMAT_FILE && $edit == MODE_SEARCH) {
$format = "";
}
if ($format == EDIT_FORMAT_TEXT_FIELD) {
if (IsDateFieldType($type)) {
echo '<input id="' . $ctype . '" type="hidden" name="' . $ctype . '" value="date' . EDIT_DATE_SIMPLE . '">' . GetDateEdit($field, $value, 0, $fieldNum, $edit, $id, $pageObj);
} else {
if ($edit == MODE_SEARCH) {
echo '<input id="' . $cfield . '" ' . $inputStyle . ' type="text" autocomplete="off" ' . (($edit == MODE_INLINE_EDIT || $edit == MODE_INLINE_ADD) && $is508 == true ? 'alt="' . $strLabel . '" ' : '') . 'name="' . $cfield . '" ' . GetEditParams($field) . ' value="' . htmlspecialchars($value) . '">';
} else {
echo '<input id="' . $cfield . '" ' . $inputStyle . ' type="text" ' . (($edit == MODE_INLINE_EDIT || $edit == MODE_INLINE_ADD) && $is508 == true ? 'alt="' . $strLabel . '" ' : '') . 'name="' . $cfield . '" ' . GetEditParams($field) . ' value="' . htmlspecialchars($value) . '">';
}
}
} else {
if ($format == EDIT_FORMAT_TIME) {
echo '<input id="' . $ctype . '" ' . $inputStyle . ' type="hidden" name="' . $ctype . '" value="time">';
$arr_number = parsenumbers((string) $value);
if (count($arr_number) == 6) {
$value = mysprintf("%d:%02d:%02d", array($arr_number[3], $arr_number[4], $arr_number[5]));
}
$timeAttrs = GetFieldData($strTableName, $field, "FormatTimeAttrs", array());
if (count($timeAttrs)) {
if ($timeAttrs["useTimePicker"]) {
$convention = $timeAttrs["hours"];
$loc = getLacaleAmPmForTimePicker($convention, true);
$tpVal = getValForTimePicker($type, $value, $loc['locale']);
echo '<input type="text" ' . $inputStyle . ' name="' . $cfield . '" ' . (($edit == MODE_INLINE_EDIT || $edit == MODE_INLINE_ADD) && $is508 == true ? 'alt="' . $strLabel . '" ' : '') . 'id="' . $cfield . '" ' . GetEditParams($field) . ' value="' . htmlspecialchars($tpVal['val']) . '">';
echo ' ';
echo '<img class="runner-imgclock" src="images/clock.gif" alt="Time" border="0" style="margin:4px 0 0 6px; visibility: hidden;" id="trigger-test-' . $cfield . '" />';
} else {
echo '<input id="' . $cfield . '" ' . $inputStyle . ' type="text" ' . (($edit == MODE_INLINE_EDIT || $edit == MODE_INLINE_ADD) && $is508 == true ? 'alt="' . $strLabel . '" ' : '') . 'name="' . $cfield . '" ' . GetEditParams($field) . ' value="' . htmlspecialchars($value) . '">';
}
}
} else {
if ($format == EDIT_FORMAT_TEXT_AREA) {
$nWidth = GetNCols($field);
$nHeight = GetNRows($field);
if (UseRTE($field)) {
$value = RTESafe($value);
} else {
echo '<textarea id="' . $cfield . '" ' . (($edit == MODE_INLINE_EDIT || $edit == MODE_INLINE_ADD) && $is508 == true ? 'alt="' . $strLabel . '" ' : '') . 'name="' . $cfield . '" style="';
if (!isMobile()) {
echo "width: " . $nWidth . "px;";
}
echo 'height: ' . $nHeight . 'px;">' . htmlspecialchars($value) . '</textarea>';
}
} else {
if ($format == EDIT_FORMAT_PASSWORD) {
echo '<input ' . $inputStyle . ' id="' . $cfield . '" type="Password" ' . (($edit == MODE_INLINE_EDIT || $edit == MODE_INLINE_ADD) && $is508 == true ? 'alt="' . $strLabel . '" ' : '') . 'name="' . $cfield . '" ' . GetEditParams($field) . ' value="' . htmlspecialchars($value) . '">';
} else {
if ($format == EDIT_FORMAT_DATE) {
echo '<input id="' . $ctype . '" type="hidden" name="' . $ctype . '" value="date' . DateEditType($field) . '">' . GetDateEdit($field, $value, DateEditType($field), $fieldNum, $edit, $id, $pageObj);
} else {
if ($format == EDIT_FORMAT_RADIO) {
BuildRadioControl($field, $value, $fieldNum, $id, $edit);
} else {
if ($format == EDIT_FORMAT_CHECKBOX) {
if ($edit == MODE_ADD || $edit == MODE_INLINE_ADD || $edit == MODE_EDIT || $edit == MODE_INLINE_EDIT) {
$checked = "";
if ($value && $value != 0) {
$checked = " checked";
}
echo '<input id="' . $ctype . '" type="hidden" name="' . $ctype . '" value="checkbox">';
echo '<input id="' . $cfield . '" type="Checkbox" ' . (($edit == MODE_INLINE_EDIT || $edit == MODE_INLINE_ADD) && $is508 == true ? 'alt="' . $strLabel . '" ' : '') . 'name="' . $cfield . '" ' . $checked . '>';
} else {
echo '<input id="' . $ctype . '" type="hidden" name="' . $ctype . '" value="checkbox">';
echo '<select id="' . $cfield . '" ' . (($edit == MODE_INLINE_EDIT || $edit == MODE_INLINE_ADD) && $is508 == true ? 'alt="' . $strLabel . '" ' : '') . 'name="' . $cfield . '">';
$val = array("", "on", "off");
$show = array("", "True", "False");
foreach ($val as $i => $v) {
$sel = "";
if ($value === $v) {
$sel = " selected";
}
echo '<option value="' . $v . '"' . $sel . '>' . $show[$i] . '</option>';
}
echo "</select>";
}
} else {
if ($format == EDIT_FORMAT_DATABASE_IMAGE || $format == EDIT_FORMAT_DATABASE_FILE) {
$disp = "";
$strfilename = "";
//$onchangefile="";
if ($edit == MODE_EDIT || $edit == MODE_INLINE_EDIT) {
$value = db_stripslashesbinary($value);
$itype = SupposeImageType($value);
$thumbnailed = false;
$thumbfield = "";
if ($itype) {
if ($thumbnailed) {
$disp = "<a ";
if (IsUseiBox($field, $strTableName)) {
$disp .= " rel='ibox'";
} else {
$disp .= " target=_blank";
}
$disp .= " href=\"imager.php?table=" . GetTableURL($strTableName) . "&" . $iquery . "&rndVal=" . rand(0, 32768) . "\">";
$disp .= "<img id=\"image_" . GoodFieldName($field) . "_" . $id . "\" name=\"" . $cfield . "\" border=0";
if (isEnableSection508()) {
$disp .= " alt=\"Image from DB\"";
}
$disp .= " src=\"imager.php?table=" . GetTableURL($strTableName) . "&field=" . rawurlencode($thumbfield) . "&alt=" . rawurlencode($field) . $keylink . "&rndVal=" . rand(0, 32768) . "\">";
$disp .= "</a>";
} else {
$disp = '<img id="image_' . GoodFieldName($field) . '_' . $id . '" name="' . $cfield . '"';
if (isEnableSection508()) {
$disp .= ' alt="Image from DB"';
}
$disp .= ' border=0 src="imager.php?table=' . GetTableURL($strTableName) . '&' . $iquery . "&rndVal=" . rand(0, 32768) . '">';
}
} else {
if (strlen($value)) {
$disp = '<img id="image_' . GoodFieldName($field) . '_' . $id . '" name="' . $cfield . '" border=0 ';
if (isEnableSection508()) {
$disp .= ' alt="file"';
}
$disp .= ' src="images/file.gif">';
} else {
$disp = '<img id="image_' . GoodFieldName($field) . '_' . $id . '" name="' . $cfield . '" border="0"';
if (isEnableSection508()) {
$disp .= ' alt=" "';
}
$disp .= ' src="images/no_image.gif">';
}
}
// filename
if ($format == EDIT_FORMAT_DATABASE_FILE && !$itype && strlen($value)) {
if (!($filename = @$data[GetFilenameField($field)])) {
$filename = "file.bin";
}
$disp = '<a href="getfile.php?table=' . GetTableURL($strTableName) . '&filename=' . htmlspecialchars($filename) . '&' . $iquery . '".>' . $disp . '</a>';
}
// filename edit
if ($format == EDIT_FORMAT_DATABASE_FILE && GetFilenameField($field)) {
if (!($filename = @$data[GetFilenameField($field)])) {
$filename = "";
}
if ($edit == MODE_INLINE_EDIT) {
$strfilename = '<br><label for="filename_' . $cfieldname . '">' . mlang_message("FILENAME") . '</label> <input type="text" ' . $inputStyle . ' id="filename_' . $cfieldname . '" name="filename_' . $cfieldname . '" size="20" maxlength="50" value="' . htmlspecialchars($filename) . '">';
} else {
$strfilename = '<br><label for="filename_' . $cfieldname . '">' . mlang_message("FILENAME") . '</label> <input type="text" ' . $inputStyle . ' id="filename_' . $cfieldname . '" name="filename_' . $cfieldname . '" size="20" maxlength="50" value="' . htmlspecialchars($filename) . '">';
}
}
$strtype = '<br><input id="' . $ctype . '_keep" type="Radio" name="' . $ctype . '" value="file0" checked>' . mlang_message("KEEP");
if ((strlen($value) || $edit == MODE_INLINE_EDIT) && !IsRequired($field)) {
$strtype .= '<input id="' . $ctype . '_delete" type="Radio" name="' . $ctype . '" value="file1">' . mlang_message("DELETE");
}
$strtype .= '<input id="' . $ctype . '_update" type="Radio" name="' . $ctype . '" value="file2">' . mlang_message("UPDATE");
} else {
// if Add mode
$strtype = '<input id="' . $ctype . '" type="hidden" name="' . $ctype . '" value="file2">';
if ($format == EDIT_FORMAT_DATABASE_FILE && GetFilenameField($field)) {
$strfilename = '<br><label for="filename_' . $cfieldname . '">' . mlang_message("FILENAME") . '</label> <input type="text" ' . $inputStyle . ' id="filename_' . $cfieldname . '" name="filename_' . $cfieldname . '" size="20" maxlength="50">';
}
}
if ($edit == MODE_INLINE_EDIT && $format == EDIT_FORMAT_DATABASE_FILE) {
$disp = "";
}
echo $disp . $strtype;
if ($edit == MODE_EDIT || $edit == MODE_INLINE_EDIT) {
echo '<br>';
}
echo '<input type="File" ' . $inputStyle . ' id="' . $cfield . '" ' . (($edit == MODE_INLINE_EDIT || $edit == MODE_INLINE_ADD) && $is508 == true ? 'alt="' . $strLabel . '" ' : '') . ' name="' . $cfield . '" >' . $strfilename;
echo '<input type="Hidden" id="notempty_' . $cfieldname . '" value="' . (strlen($value) ? 1 : 0) . '">';
} else {
if ($format == EDIT_FORMAT_LOOKUP_WIZARD) {
BuildSelectControl($field, $value, $fieldNum, $edit, $id, $additionalCtrlParams, $pageObj);
} else {
if ($format == EDIT_FORMAT_HIDDEN) {
echo '<input id="' . $cfield . '" type="Hidden" name="' . $cfield . '" value="' . htmlspecialchars($value) . '">';
} else {
if ($format == EDIT_FORMAT_READONLY) {
echo '<input id="' . $cfield . '" type="Hidden" name="' . $cfield . '" value="' . htmlspecialchars($value) . '">';
} else {
if ($format == EDIT_FORMAT_FILE) {
$disp = "";
$strfilename = "";
$function = "";
if ($edit == MODE_EDIT || $edit == MODE_INLINE_EDIT) {
// show current file
if (ViewFormat($field) == FORMAT_FILE || ViewFormat($field) == FORMAT_FILE_IMAGE) {
$disp = GetData($data, $field, ViewFormat($field)) . "<br>";
}
$filename = $value;
// filename edit
$filename_size = 30;
if (UseTimestamp($field)) {
$filename_size = 50;
}
$strfilename = '<input type=hidden name="filenameHidden_' . $cfieldname . '" value="' . htmlspecialchars($filename) . '"><br>' . mlang_message("FILENAME") . ' <input type="text" style="background-color:gainsboro" disabled id="filename_' . $cfieldname . '" name="filename_' . $cfieldname . '" size="' . $filename_size . '" maxlength="100" value="' . htmlspecialchars($filename) . '">';
if ($edit == MODE_INLINE_EDIT) {
$strtype = '<br><input id="' . $ctype . '_keep" type="Radio" name="' . $ctype . '" value="upload0" checked class="runner-uploadtype">' . mlang_message("KEEP");
} else {
$strtype = '<br><input id="' . $ctype . '_keep" type="Radio" name="' . $ctype . '" value="upload0" checked class="runner-uploadtype">' . mlang_message("KEEP");
}
if ((strlen($value) || $edit == MODE_INLINE_EDIT) && !IsRequired($field)) {
$strtype .= '<input id="' . $ctype . '_delete" type="Radio" name="' . $ctype . '" value="upload1" class="runner-uploadtype">' . mlang_message("DELETE");
}
$strtype .= '<input id="' . $ctype . '_update" type="Radio" name="' . $ctype . '" value="upload2" class="runner-uploadtype">' . mlang_message("UPDATE");
} else {
// if Adding record
$filename_size = 30;
if (UseTimestamp($field)) {
$filename_size = 50;
}
$strtype = '<input id="' . $ctype . '" type="hidden" name="' . $ctype . '" value="upload2">';
$strfilename = '<br>' . mlang_message("FILENAME") . ' <input type="text" id="filename_' . $cfieldname . '" name="filename_' . $cfieldname . '" size="' . $filename_size . '" maxlength="100">';
}
echo $disp . $strtype . $function;
if ($edit == MODE_EDIT || $edit == MODE_INLINE_EDIT) {
echo '<br>';
}
echo '<input type="File" id="' . $cfield . '" ' . (($edit == MODE_INLINE_EDIT || $edit == MODE_INLINE_ADD) && $is508 == true ? 'alt="' . $strLabel . '" ' : '') . ' name="' . $cfield . '" >' . $strfilename;
echo '<input type="Hidden" id="notempty_' . $cfieldname . '" value="' . (strlen($value) ? 1 : 0) . '">';
}
}
}
}
}
}
}
}
}
}
}
}
if (count($validate['basicValidate']) && array_search('IsRequired', $validate['basicValidate']) !== false) {
echo ' <font color="red">*</font></span>';
} else {
echo '</span>';
}
}
public function get()
{
$file_name = isset($_REQUEST['file']) ? basename(db_stripslashesbinary($_REQUEST['file']), "") : null;
if ($file_name) {
$info = $this->get_file_object($file_name);
} else {
$info = $this->get_file_objects();
}
header('Content-type: application/json');
echo my_json_encode($info);
}
function trim_file_name($name, $type, $index, $obj)
{
// Remove path information and dots around the filename, to prevent uploading
// into different directories or replacing hidden system files.
// Also remove control characters and spaces (\x00..\x20) around the filename:
$file_name = trim(basename(db_stripslashesbinary($name), ""));
// Add missing file extension for known image types:
if (strpos($file_name, '.') === false && preg_match('/^image\\/(gif|jpe?g|png)/', $type, $matches)) {
$file_name .= '.' . $matches[1];
}
while (isset($_SESSION["mupload_" . $obj->formStamp][$file_name])) {
$file_name = upcount_name($file_name);
}
return $file_name;
}