Esempio n. 1
2
 function CurrentUserInfo($fldname)
 {
     global $UserTableConn;
     $info = NULL;
     if (defined("EW_USER_TABLE") && !$this->IsSysAdmin()) {
         $user = $this->CurrentUserName();
         if (strval($user) != "") {
             return ew_ExecuteScalar("SELECT " . ew_QuotedName($fldname, EW_USER_TABLE_DBID) . " FROM " . EW_USER_TABLE . " WHERE " . str_replace("%u", ew_AdjustSql($user, EW_USER_TABLE_DBID), EW_USER_NAME_FILTER), $UserTableConn);
         }
     }
     return $info;
 }
 function DeleteSQL(&$rs, $where = "", $curfilter = TRUE)
 {
     $sql = "DELETE FROM " . $this->UpdateTable . " WHERE ";
     if (is_array($where)) {
         $where = $this->ArrayToFilter($where);
     }
     if ($rs) {
         if (array_key_exists('CARD_TYPE_ID', $rs)) {
             ew_AddFilter($where, ew_QuotedName('CARD_TYPE_ID', $this->DBID) . '=' . ew_QuotedValue($rs['CARD_TYPE_ID'], $this->CARD_TYPE_ID->FldDataType, $this->DBID));
         }
     }
     $filter = $curfilter ? $this->CurrentFilter : "";
     ew_AddFilter($filter, $where);
     if ($filter != "") {
         $sql .= $filter;
     } else {
         $sql .= "0=1";
     }
     // Avoid delete
     return $sql;
 }
 function DeleteSQL(&$rs, $where = "")
 {
     $sql = "DELETE FROM " . $this->UpdateTable . " WHERE ";
     if ($rs) {
         $sql .= ew_QuotedName('subject_type_id') . '=' . ew_QuotedValue($rs['subject_type_id'], $this->subject_type_id->FldDataType) . ' AND ';
     }
     if (substr($sql, -5) == " AND ") {
         $sql = substr($sql, 0, -5);
     }
     $filter = $this->CurrentFilter;
     ew_AddFilter($filter, $where);
     if ($filter != "") {
         $sql .= " AND " . $filter;
     }
     return $sql;
 }
 function DeleteSQL(&$rs, $where = "")
 {
     $sql = "DELETE FROM " . $this->UpdateTable . " WHERE ";
     if ($rs) {
         if (array_key_exists('codigo', $rs)) {
             ew_AddFilter($where, ew_QuotedName('codigo') . '=' . ew_QuotedValue($rs['codigo'], $this->codigo->FldDataType));
         }
     }
     $filter = $this->CurrentFilter;
     ew_AddFilter($filter, $where);
     if ($filter != "") {
         $sql .= $filter;
     } else {
         $sql .= "0=1";
     }
     // Avoid delete
     return $sql;
 }
Esempio n. 5
0
 function DeleteSQL(&$rs)
 {
     $SQL = "DELETE FROM `tbl_rank_stat` WHERE ";
     $SQL .= ew_QuotedName('id_profile') . '=' . ew_QuotedValue($rs['id_profile'], $this->id_profile->FldDataType) . ' AND ';
     $SQL .= ew_QuotedName('stat_date') . '=' . ew_QuotedValue($rs['stat_date'], $this->stat_date->FldDataType) . ' AND ';
     if (substr($SQL, -5) == " AND ") {
         $SQL = substr($SQL, 0, strlen($SQL) - 5);
     }
     if ($this->CurrentFilter != "") {
         $SQL .= " AND " . $this->CurrentFilter;
     }
     return $SQL;
 }
Esempio n. 6
0
function CurrentUserInfo($fldname)
{
    global $Security;
    if (isset($Security)) {
        return $Security->CurrentUserInfo($fldname);
    } elseif (defined("EW_USER_TABLE") && !IsSysAdmin()) {
        $user = CurrentUserName();
        if (strval($user) != "") {
            return ew_ExecuteScalar("SELECT " . ew_QuotedName($fldname) . " FROM " . EW_USER_TABLE . " WHERE " . str_replace("%u", ew_AdjustSql($user), EW_USER_NAME_FILTER));
        }
    }
    return NULL;
}
Esempio n. 7
0
 function DeleteSQL(&$rs)
 {
     $SQL = "DELETE FROM `t_pays` WHERE ";
     $SQL .= ew_QuotedName('id') . '=' . ew_QuotedValue($rs['id'], $this->id->FldDataType) . ' AND ';
     if (substr($SQL, -5) == " AND ") {
         $SQL = substr($SQL, 0, strlen($SQL) - 5);
     }
     if ($this->CurrentFilter != "") {
         $SQL .= " AND " . $this->CurrentFilter;
     }
     return $SQL;
 }
function ew_WriteAuditTrail($pfx, $dt, $script, $usr, $action, $table, $field, $keyvalue, $oldvalue, $newvalue)
{
    $usrwrk = $usr;
    if ($usrwrk == "") {
        $usrwrk = "-1";
    }
    // Assume Administrator if no user
    if (EW_AUDIT_TRAIL_TO_DATABASE) {
        global $conn;
        $sAuditSql = "INSERT INTO " . ew_QuotedName(EW_AUDIT_TRAIL_TABLE_NAME) . " (" . ew_QuotedName(EW_AUDIT_TRAIL_FIELD_NAME_DATETIME) . ", " . ew_QuotedName(EW_AUDIT_TRAIL_FIELD_NAME_SCRIPT) . ", " . ew_QuotedName(EW_AUDIT_TRAIL_FIELD_NAME_USER) . ", " . ew_QuotedName(EW_AUDIT_TRAIL_FIELD_NAME_ACTION) . ", " . ew_QuotedName(EW_AUDIT_TRAIL_FIELD_NAME_TABLE) . ", " . ew_QuotedName(EW_AUDIT_TRAIL_FIELD_NAME_FIELD) . ", " . ew_QuotedName(EW_AUDIT_TRAIL_FIELD_NAME_KEYVALUE) . ", " . ew_QuotedName(EW_AUDIT_TRAIL_FIELD_NAME_OLDVALUE) . ", " . ew_QuotedName(EW_AUDIT_TRAIL_FIELD_NAME_NEWVALUE) . ") VALUES (" . ew_QuotedValue($dt, EW_DATATYPE_DATE) . ", " . ew_QuotedValue($script, EW_DATATYPE_STRING) . ", " . ew_QuotedValue($usrwrk, EW_DATATYPE_STRING) . ", " . ew_QuotedValue($action, EW_DATATYPE_STRING) . ", " . ew_QuotedValue($table, EW_DATATYPE_STRING) . ", " . ew_QuotedValue($field, EW_DATATYPE_STRING) . ", " . ew_QuotedValue($keyvalue, EW_DATATYPE_STRING) . ", " . ew_QuotedValue($oldvalue, EW_DATATYPE_STRING) . ", " . ew_QuotedValue($newvalue, EW_DATATYPE_STRING) . ")";
        $conn->Execute($sAuditSql);
    } else {
        $sTab = "\t";
        $sHeader = "date/time" . $sTab . "script" . $sTab . "user" . $sTab . "action" . $sTab . "table" . $sTab . "field" . $sTab . "key value" . $sTab . "old value" . $sTab . "new value";
        $sMsg = $dt . $sTab . $script . $sTab . $usrwrk . $sTab . $action . $sTab . $table . $sTab . $field . $sTab . $keyvalue . $sTab . $oldvalue . $sTab . $newvalue;
        $sFolder = EW_AUDIT_TRAIL_PATH;
        $sFn = $pfx . "_" . date("Ymd") . ".txt";
        $filename = ew_UploadPathEx(TRUE, $sFolder) . $sFn;
        if (file_exists($filename)) {
            $fileHandler = fopen($filename, "a+b");
        } else {
            $fileHandler = fopen($filename, "a+b");
            fwrite($fileHandler, $sHeader . "\r\n");
        }
        fwrite($fileHandler, $sMsg . "\r\n");
        fclose($fileHandler);
    }
}
 function DeleteSQL(&$rs)
 {
     $SQL = "DELETE FROM `tbl_user_level_permissions` WHERE ";
     $SQL .= ew_QuotedName('userlevelid') . '=' . ew_QuotedValue($rs['userlevelid'], $this->userlevelid->FldDataType) . ' AND ';
     $SQL .= ew_QuotedName('tablename') . '=' . ew_QuotedValue($rs['tablename'], $this->ztablename->FldDataType) . ' AND ';
     if (substr($SQL, -5) == " AND ") {
         $SQL = substr($SQL, 0, strlen($SQL) - 5);
     }
     if ($this->CurrentFilter != "") {
         $SQL .= " AND " . $this->CurrentFilter;
     }
     return $SQL;
 }
Esempio n. 10
0
 function DeleteSQL(&$rs)
 {
     $SQL = "DELETE FROM `tbl_target` WHERE ";
     $SQL .= ew_QuotedName('id_profile') . '=' . ew_QuotedValue($rs['id_profile'], $this->id_profile->FldDataType) . ' AND ';
     $SQL .= ew_QuotedName('year') . '=' . ew_QuotedValue($rs['year'], $this->year->FldDataType) . ' AND ';
     $SQL .= ew_QuotedName('month') . '=' . ew_QuotedValue($rs['month'], $this->month->FldDataType) . ' AND ';
     if (substr($SQL, -5) == " AND ") {
         $SQL = substr($SQL, 0, strlen($SQL) - 5);
     }
     if ($this->CurrentFilter != "") {
         $SQL .= " AND " . $this->CurrentFilter;
     }
     return $SQL;
 }
 function DeleteSQL(&$rs, $where = "")
 {
     $sql = "DELETE FROM " . $this->UpdateTable . " WHERE ";
     if ($rs) {
         $sql .= ew_QuotedName('accountId') . '=' . ew_QuotedValue($rs['accountId'], $this->accountId->FldDataType) . ' AND ';
         $sql .= ew_QuotedName('permissionId') . '=' . ew_QuotedValue($rs['permissionId'], $this->permissionId->FldDataType) . ' AND ';
         $sql .= ew_QuotedName('realmId') . '=' . ew_QuotedValue($rs['realmId'], $this->realmId->FldDataType) . ' AND ';
     }
     if (substr($sql, -5) == " AND ") {
         $sql = substr($sql, 0, -5);
     }
     $filter = $this->CurrentFilter;
     ew_AddFilter($filter, $where);
     if ($filter != "") {
         $sql .= " AND " . $filter;
     }
     return $sql;
 }