public function index($date = null, $u_id = null) { if (@$this->input->post('picking_date')) { return redirect(site_url('admin/picking-lists/' . str_replace('/', '-', $this->input->post('picking_date')))); } $this->load->model('order_model'); $this->layout->set_title('Picking Lists')->set_breadcrumb('Picking Lists', '/admin/picking-lists'); $this->load->helper('dates_helper'); if (isset($date) && isValidDate($date, '_')) { $this->data['date'] = strtotime(str_replace('_', '-', $date)); //get relevant confirmed orders $search = array('oi_delivery_date' => date('Y-m-d', $this->data['date']), 'oi_status' => 'Confirmed', 'order' => array('bg_name', 'u_sname', 'u_fname')); $notes_where = " AND on_delivery_date = '" . date('Y-m-d', $this->data['date']) . "' "; if (isset($u_id)) { $this->data['search_u_id'] = $u_id; $search['oi_u_id'] = $u_id; $notes_where .= " AND on_u_id = '" . $u_id . "' "; } //permission override? if (!$this->auth->is_allowed_to('view_picking_lists', 'all')) { if ($this->auth->is_allowed_to('view_picking_lists', 'bg', $this->session->userdata('u_bg_id'))) { $search['u_bg_id'] = $this->session->userdata('u_bg_id'); } if ($this->auth->is_allowed_to('view_picking_lists', 's', $this->session->userdata('u_s_id'))) { $search['oi_s_id'] = $this->session->userdata('u_s_id'); } } //get them... $this->data['orders'] = $this->order_model->get_orders($search); $this->data['search'] = $search; //for displaying what we've filtered on. $this->data['order_notes'] = $this->order_model->get_notes($notes_where); $date_str = date('jS M Y', $this->data['date']); $this->layout->set_title($date_str)->set_breadcrumb($date_str, 'admin/picking-lists/' . $date); if (isset($u_id)) { if (isset($this->data['orders'][0])) { $title = $this->data['orders'][0]['u_title'] . ' ' . $this->data['orders'][0]['u_fname'] . ' ' . $this->data['orders'][0]['u_sname']; $this->layout->set_title($title)->set_breadcrumb($title); } else { //oh crumbs, we don't have the user's name to put in the breadcrumb $this->load->model('users_model'); $member = $this->users_model->get_user($u_id); $title = $member['u_title'] . ' ' . $member['u_fname'] . ' ' . $member['u_sname']; $this->layout->set_title($title)->set_breadcrumb($title); } } $this->load->vars($this->data); $this->view = 'admin/picking_lists/view'; } else { if (isset($date) && !isValidDate($date, '_')) { $this->data['error_message'] = "Not a valid date"; } $this->layout->set_js(array('views/admin/picking_lists/index', 'plugins/jquery.validate')); $this->load->vars($this->data); $this->view = 'admin/picking_lists/index'; } }
function check_fieldsFormatting_partyRegistrationAsGraduate($data_form) { $error = ""; // Überprüfe, ob die Anzahl Gäste nur aus einer Zahl besteht if (!preg_match("/^[0-9]+\$/iu", $data_form['anzahl_gaeste'])) { $error = $error . "Als Anzahl an Gästen sind nur Ziffern erlaubt.<br>\n"; } // Überprüfe das Abschlussdatum auf korrektes Format if (!isValidDate($data_form['studienabschluss'])) { $error = $error . "Das eingegebene Abschlussdatum ist kein korrektes Datum. Die Eingabe muss die Form TT.MM.JJJJ haben.<br>\n"; } return $error; }
function check_fields_format_register($data_form) { $error = ""; // Überprüfe ob die Namensfelder nur Buchstaben enthalten if (!preg_match("/^[a-zäöüß]+\$/iu", $data_form['vorname'])) { $error = $error . "Als Vorname sind nur Buchstaben erlaubt.<br>\n"; } if (!preg_match("/^[a-zäöüß]+\$/iu", $data_form['nachname'])) { $error = $error . "Als Nachname sind nur Buchstaben erlaubt.<br>\n"; } // Überprüfe das Geburtsdatum auf korrektes Format if (!isValidDate($data_form['geburtstag'])) { $error = $error . "Das eingegebene Geburtsdatum ist kein korrektes Datum. Die Eingabe muss die Form TT.MM.JJJJ haben.<br>\n"; } // Überprüfe die Email-Adresse auf korrektes Format if (!filter_var($data_form['email'], FILTER_VALIDATE_EMAIL)) { $error = $error . "Die eingegebene Email-Adresse ist ungültig.<br>\n"; } // Überprüfe die IBAN if (!checkIBAN($data_form['iban'])) { $error = $error . "Die eingegebene IBAN ist ungültig.<br>\n"; } // Überprüfe die BIC if (!checkBIC($data_form['bic'])) { $error = $error . "Die eingegebene BIC ist ungültig.<br>\n"; } // falls die Checkbox "newsletter" nicht(!) ausgewählt wurde, muss eine Adresse eingegeben werden if (!isset($data_form['newsletter'])) { //Straße und Hausnummer überprüfen macht keinen Sinn (Zu viele Ausnahmefälle) if (!preg_match("/^[0-9]+\$/", $data_form['plz'])) { $error = $error . "Als PLZ sind nur Ziffern erlaubt.<br>\n"; } if ($data_form['land'] === 'Deutschland') { if (!preg_match("/^[0-9]{5}\$/", $data_form['plz'])) { $error = $error . "Keine korrekte deutsche PLZ.<br>\n"; } } if ($data_form['land'] === 'Deutschland') { if (!preg_match("/^[a-zäöüß]+\$/iu", $data_form['ort'])) { $error = $error . "Als Ort sind nur Buchstaben erlaubt.<br>\n"; } } if (!preg_match("/^[a-zäöüß]+\$/iu", $data_form['land'])) { $error = $error . "Als Land sind nur Buchstaben erlaubt.<br>\n"; } } // Gib die Fehlermeldungen zurück, leer falls alles ok. return $error; }
public static function remove($product_id) { DB::transaction(function () use($product_id) { $product = static::findOrFail($product_id); if (isValidDate($product->billed_till)) { $billed_till = new Carbon\Carbon($product->billed_till); $today = new Carbon\Carbon(); if ($billed_till > $today) { return; } } $history = ['user_id' => $product->user_id, 'name' => $product->name, 'start_date' => isValidDate($product->billed_till) ? $product->billed_till : $product->assigned_on, 'stop_date' => date('Y-m-d H:i:s'), 'price' => $product->price, 'taxable' => $product->taxable, 'tax_rate' => $product->tax_rate, 'billed_every' => $product->billing_cycle . $product->billing_unit]; if (!APUserRecurringProductHistory::create($history)) { throw new Exception("Could not add to history"); } if (!$product->delete()) { throw new Exception("Could not delete product."); } }); }
function getData() { parent::getData(); $param =& $this->param; $user = $this->site->username(); if (empty($user)) { $user = "******"; } $error = false; // echo "<pre>"; print_r ($_POST); echo "</pre>"; if (isset($_GET['key'])) { $data_src = 'key'; $data_key = $_GET['key']; } else { $data_src = $_POST['datasrc']; } $data_source_is_dates = $data_src == "dates"; if ($data_source_is_dates) { $start_date = $_POST['startdate']; $end_date = $_POST['enddate']; $error = !isValidDate($start_date) or !empty($end_date) and !isValidDate($end_date); } elseif ($data_src == 'key') { $commitsfiles = array($data_key); } else { @($commitsmonthfiles = $_POST['commitsmonthfiles']); if (isset($commitsmonthfiles)) { $commitsfiles = array(); while (list($y, $v_yfiles) = each($commitsmonthfiles)) { while (list($m, $v_mfiles) = each($v_yfiles)) { while (list($d, $v_file) = each($v_mfiles)) { $commitsfiles[] = $v_file; } } } } $error = count($commitsfiles) == 0; } // @$commitsfiles = $_POST['commitsfiles']; $param['DIS_GET_SelectedYear'] = ""; if (isset($_POST['selected_years'])) { $selected_years = $_POST['selected_years']; while (list($k, $y) = each($selected_years)) { $param['DIS_GET_SelectedYear'] .= "{$y}:"; } } if (!isset($commitsfiles)) { $commitsfiles = array(); } // if (isset ($_GET['key'])) { $commitsfiles[] = $_GET['key']; }; $param['DIS_Application'] = "show"; $param['DIS_Command'] = "cmd"; $param['DIS_Result'] = "Result"; if (!$error) { @($operation = $_POST['show']); if (!isset($operation)) { $operation = 'ShowLogs'; } $param['DIS_Parameters'] = "Login used = {$user} <BR>"; @($filter = $_POST['filter']); if (!isset($filter) or strlen($filter) == 0) { $filter = 'profil'; } else { $param['DIS_Parameters'] .= "Filter used = {$filter} <BR>"; if ($filter == 'text') { @($filter_text = $_POST['textfilters']); $filter_text = cleanedTextModule($filter_text); $filter_file_tempo_name = tempnam($SCMLOGS['tmpdir'], "FILTER_TEMPO_"); $filter_file_tempo = fopen($filter_file_tempo_name, "w"); fwrite($filter_file_tempo, $filter_text); fclose($filter_file_tempo); $param['DIS_Parameters'] .= "Filter text = {$filter_text} <BR>"; } } @($format = $_POST['format']); if (!isset($format) or strlen($format) == 0) { $format = 'html'; } else { $param['DIS_Parameters'] .= "Formating used = {$format} <BR>"; } @($type = $_POST['type']); if (!isset($type) or strlen($type) == 0) { $type = 'filtered'; } else { $param['DIS_Parameters'] .= "Output type used = {$type} <BR>"; } @($only_user = $_POST['only_user']); if (!isset($only_user) or strlen($only_user) == 0) { $only_user = ''; } else { $param['DIS_Parameters'] .= "Only commits from user = {$only_user} <BR>"; } @($only_tag = $_POST['only_tag']); if (!isset($only_tag) or strlen($only_tag) == 0) { $only_tag = ''; } else { $param['DIS_Parameters'] .= "Only commits about TAG = {$only_tag} <BR>"; } $is_mail_operation = FALSE; switch ($operation) { case 'EmailLogs': $is_mail_operation = TRUE; $param['DIS_Message'] = "Email {$user} all the logs <BR>(in the selected files)<BR>\n"; $processing_fct = "EmailLogsAction"; break; case 'ShowRawLogs': $param['DIS_Message'] = "Show the RAW logs file (selected files)<BR>\n"; $processing_fct = "ShowRawLogsAction"; break; case 'EmailMyLogs': $is_mail_operation = TRUE; $only_user = $user; $param['DIS_Message'] = "Email {$user} all the logs (in the selected files) \n"; $param['DIS_Message'] .= " from <STRONG>{$user}</STRONG><BR>"; $processing_fct = "EmailMyLogsAction"; break; case 'ShowMyLogs': $only_user = $user; $param['DIS_Message'] = "Show {$user} all the logs (in the selected files) \n"; $param['DIS_Message'] .= " from <STRONG>{$user}</STRONG><BR>\n"; $processing_fct = "ShowMyLogsAction"; break; case 'EmailOnlyLogsFor': $is_mail_operation = TRUE; $param['DIS_Message'] = "Email {$user} all the logs (in the selected files)\n"; $param['DIS_Message'] .= " from user : <STRONG>{$only_user}</STRONG>\n"; $param['DIS_Message'] .= " with tag : <STRONG>{$only_tag}</STRONG><BR>\n"; $processing_fct = "EmailOnlyLogsForAction"; break; case 'ShowOnlyLogsFor': $param['DIS_Message'] = "Show {$user} all the logs (in the selected files)\n"; $param['DIS_Message'] .= " from user : <STRONG>{$only_user}</STRONG>\n"; $param['DIS_Message'] .= " with tag : <STRONG>{$only_tag}</STRONG><BR>\n"; $processing_fct = "ShowOnlyLogsForAction"; break; case 'ShowLogs': default: $param['DIS_Message'] = "Show {$user} all the logs (in the selected files)<BR>\n"; $processing_fct = "ShowLogsAction"; break; } if ($is_mail_operation and $user == 'none') { $error = TRUE; $param['DIS_Message'] = "Operation not allowed"; $param['DIS_Result'] = "Email operation is only for authentified users."; } } if (!$error) { $file_tempo_name = tempnam($SCMLOGS['tmpdir'], "TEMPO_"); $file_tempo = fopen($file_tempo_name, "w"); $param['DIS_Data'] = ""; $repo = SCMLogs_repository(); if ($data_source_is_dates) { $datesforsvn = "{" . $start_date . "}"; $param['DIS_Data'] .= "from " . $start_date . " "; if (empty($end_date)) { $datesforsvn .= ":HEAD"; $param['DIS_Data'] .= " to HEAD"; } elseif (isValidDate($end_date)) { $datesforsvn .= ":{" . $end_date . "}"; $param['DIS_Data'] .= " to " . $end_date . " "; } else { $datesforsvn .= ":HEAD"; $param['DIS_Data'] .= " to HEAD"; } $datesforsvn = str_replace("/", "-", $datesforsvn); $ccmd = $SCMLOGS['svn_bin_path'] . 'svn log --config-dir . -v -r "' . $datesforsvn . '" ' . $repo->svnfile_root(); ob_start(); $res = system($ccmd); $logs = ob_get_contents(); fwrite($file_tempo, $logs); ob_end_clean(); } else { $logsdir = $repo->logsdir; while (list($k, $v_file) = each($commitsfiles)) { $param['DIS_Data'] .= "<li>{$v_file}"; if (preg_match("/^([0-9][0-9][0-9][0-9])-([0-9][0-9])-([0-9][0-9])\$/", $v_file, $matches)) { $v_file = $logsdir . '/' . $matches[1] . '/' . $matches[2] . '/' . $v_file; } if (preg_match("/^(" . SCMLogs_CurrentCommitFile() . ")\$/", $v_file, $matches)) { $v_file = $logsdir . '/' . $v_file; } //$param['DIS_Data'] .= " :: <em>$v_file</em>"; $param['DIS_Data'] .= "</li>\n"; fwrite($file_tempo, ContentOfFile($v_file)); } } fclose($file_tempo); if ($processing_fct != '') { ob_start(); $param['DIS_Format'] = $format; $param['DIS_Type'] = $type; if ($filter == 'text') { $param_filter = $filter_file_tempo_name; } else { $param_filter = $filter; } set_time_limit(150); $param['DIS_Command'] = $processing_fct($file_tempo_name, $user, $param_filter, $only_user, $only_tag, $format, $type); $param['DIS_Result'] = ob_get_contents(); ob_end_clean(); } else { $param['DIS_Format'] = ''; $param['DIS_Command'] = "Not Yet Implemented"; } if (isset($filter_file_tempo_name)) { RemoveFile($filter_file_tempo_name); } RemoveFile($file_tempo_name); } else { $param['DIS_Format'] = ''; $param['DIS_Parameters'] = "..."; $param['DIS_Command'] = "..."; if (empty($param['DIS_Message'])) { $param['DIS_Message'] = "Please select at least one file or valid dates!!!"; } if (empty($param['DIS_Data'])) { $param['DIS_Data'] = "no file or valid dates selected"; } if (empty($param['DIS_Result'])) { $param['DIS_Result'] = "..."; } } $param['only_user'] =& $only_user; $param['only_tag'] =& $only_tag; $param['commitsfiles'] =& $commitsfiles; }
function ajax_insertHandler($auth) { if (!isset($_POST['insert'])) { return; } $request = $_POST['insert']; $response; if ($request['what'] == 'duration') { $values = $request['values']; //TODO: More thorough validation and sanitisation(make sure id is valid, etc) if (!isset($values['content_id']) || $values['content_id'] < 1) { json_die_error('Bad or missing content id'); } //TODO: confirm content is real and visible to user if (!isset($values['player_id']) || $values['player_id'] < 1) { json_die_error('Bad or missing player id'); } //TODO: confirm player is real if (!isset($values['date_start']) || $values['date_start'] == -1 || !isValidDate($values['date_start'])) { json_die_error('Bad or missing date'); } if (!isset($values['date_end']) || $values['date_end'] == -1 || !isValidDate($values['date_end'])) { json_die_error('Bad or missing date'); } //TODO: enforce positive datespan if (!isset($values['duration_name']) || empty($values['duration_name'])) { $values['duration_name'] = 'Untitled duration'; } else { $values['duration_name'] = sanitise_string($values['duration_name']); } $values['user_id'] = $auth['user']['user_id']; //TODO: also check that user can see that content? if (!APP_CAN_WRITE_INVISIBLE && account_getDurationVisibility($auth, $values) < PRIV_MINE) { json_die_error('You need permission to view content in order to schedule content on this player!'); } if (account_getDurationWriteability($auth, $values) < PRIV_MINE) { json_die_error('You do not have permission to schedule content on this player!'); } $dbh = db_connect(); $result = db_insertDuration($dbh, $values); $response['result'] = $result; $response['error'] = false; if ($result == -1) { $response['error'] = true; } } $json = json_encode($response); die($json); }
/** This function returns the detail view form ec_field and and its properties in array format. * Param $uitype - UI type of the ec_field * Param $fieldname - Form ec_field name * Param $fieldlabel - Form ec_field label name * Param $col_fields - array contains the ec_fieldname and values * Param $generatedtype - Field generated type (default is 1) * Param $tabid - ec_tab id to which the Field belongs to (default is "") * Return type is an array */ function getDetailViewOutputHtml($uitype, $fieldname, $fieldlabel, $col_fields, $generatedtype, $tabid = '') { global $log; $log->debug("Entering getDetailViewOutputHtml() method ..."); global $adb; global $mod_strings; global $app_strings; global $current_user; //$fieldlabel = from_html($fieldlabel); $custfld = ''; $value = ''; $arr_data = array(); $label_fld = array(); $data_fld = array(); if ($generatedtype == 2) { $mod_strings[$fieldlabel] = $fieldlabel; } if (!isset($mod_strings[$fieldlabel])) { $mod_strings[$fieldlabel] = $fieldlabel; } if ($col_fields[$fieldname] == '--None--') { $col_fields[$fieldname] = ''; } if ($uitype == 116) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 13) { $label_fld[] = $mod_strings[$fieldlabel]; $temp_val = $col_fields[$fieldname]; $label_fld[] = $temp_val; $linkvalue = getComposeMailUrl($temp_val); $label_fld["link"] = $linkvalue; } elseif ($uitype == 15 || $uitype == 16 || $uitype == 115 || $uitype == 111) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 10) { if (isset($app_strings[$fieldlabel])) { $label_fld[] = $app_strings[$fieldlabel]; } elseif (isset($mod_strings[$fieldlabel])) { $label_fld[] = $mod_strings[$fieldlabel]; } else { $label_fld[] = $fieldlabel; } $value = $col_fields[$fieldname]; $module_entityname = ""; if ($value != '') { $query = "SELECT ec_entityname.* FROM ec_crmentityrel inner join ec_entityname on ec_entityname.modulename=ec_crmentityrel.relmodule inner join ec_tab on ec_tab.name=ec_crmentityrel.module WHERE ec_tab.tabid='" . $tabid . "' and ec_entityname.entityidfield='" . $fieldname . "'"; $fldmod_result = $adb->query($query); $rownum = $adb->num_rows($fldmod_result); if ($rownum > 0) { $rel_modulename = $adb->query_result($fldmod_result, 0, 'modulename'); $rel_tablename = $adb->query_result($fldmod_result, 0, 'tablename'); $rel_entityname = $adb->query_result($fldmod_result, 0, 'fieldname'); $rel_entityid = $adb->query_result($fldmod_result, 0, 'entityidfield'); $module_entityname = getEntityNameForTen($rel_tablename, $rel_entityname, $fieldname, $value); } } $label_fld[] = $module_entityname; $label_fld["secid"] = $value; $label_fld["link"] = "index.php?module=" . $rel_modulename . "&action=DetailView&record=" . $value; } elseif ($uitype == 33) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = str_ireplace(' |##| ', ', ', $col_fields[$fieldname]); } elseif ($uitype == 17) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; //$label_fld[] = '<a href="http://'.$col_fields[$fieldname].'" target="_blank">'.$col_fields[$fieldname].'</a>'; } elseif ($uitype == 19) { //$tmp_value = str_replace("<","<",nl2br($col_fields[$fieldname])); //$tmp_value = str_replace(">",">",$tmp_value); //$col_fields[$fieldname]= make_clickable($tmp_value); $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 20 || $uitype == 21 || $uitype == 22 || $uitype == 24) { //$col_fields[$fieldname]=nl2br($col_fields[$fieldname]); $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 51 || $uitype == 50 || $uitype == 73) { $account_id = $col_fields[$fieldname]; $account_name = ""; if ($account_id != '') { $account_name = getAccountName($account_id); } //Account Name View $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $account_name; $label_fld["secid"] = $account_id; $label_fld["link"] = "index.php?module=Accounts&action=DetailView&record=" . $account_id; } elseif ($uitype == 52 || $uitype == 77 || $uitype == 101) { $label_fld[] = $mod_strings[$fieldlabel]; $user_id = $col_fields[$fieldname]; $user_name = getUserName($user_id); $label_fld[] = $user_name; } elseif ($uitype == 53) { $user_id = $col_fields[$fieldname]; $user_name = getUserName($user_id); $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $user_name; } elseif ($uitype == 1004) { if (isset($mod_strings[$fieldlabel])) { $label_fld[] = $mod_strings[$fieldlabel]; } else { $label_fld[] = $fieldlabel; } $value = $col_fields[$fieldname]; $label_fld[] = getUserName($value); } elseif ($uitype == 55) { if ($tabid == 4) { $query = "select ec_contactdetails.imagename from ec_contactdetails where contactid=" . $col_fields['record_id']; $result = $adb->query($query); $imagename = $adb->query_result($result, 0, 'imagename'); if ($imagename != '') { $imgpath = "test/contact/" . $imagename; $label_fld[] = $mod_strings[$fieldlabel]; //This is used to show the contact image as a thumbnail near First Name field //$label_fld["cntimage"] ='<div style="position:absolute;height=100px"><img class="thumbnail" src="'.$imgpath.'" width="60" height="60" border="0"></div> '.$mod_strings[$fieldlabel]; } else { $label_fld[] = $mod_strings[$fieldlabel]; } } else { $label_fld[] = $mod_strings[$fieldlabel]; } $value = $col_fields[$fieldname]; $sal_value = $col_fields["salutationtype"]; if ($sal_value == '--None--') { $sal_value = ''; } $label_fld["salut"] = $sal_value; $label_fld[] = $value; //$label_fld[] =$sal_value.' '.$value; } elseif ($uitype == 56) { $label_fld[] = $mod_strings[$fieldlabel]; $value = $col_fields[$fieldname]; if ($value == 1) { //Since "yes" is not been translated it is given as app strings here.. $display_val = $app_strings['yes']; } else { $display_val = ''; } $label_fld[] = $display_val; } elseif ($uitype == 57) { $label_fld[] = $mod_strings[$fieldlabel]; $contact_id = $col_fields[$fieldname]; $contact_name = ""; if (trim($contact_id) != '') { $contact_name = getContactName($contact_id); } $label_fld[] = $contact_name; $label_fld["secid"] = $contact_id; $label_fld["link"] = "index.php?module=Contacts&action=DetailView&record=" . $contact_id; } elseif ($uitype == 154) { $label_fld[] = $mod_strings[$fieldlabel]; $cangkusid = $col_fields[$fieldname]; $cangkuname = ""; if (trim($cangkusid) != '') { $cangkuname = getCangkuName($cangkusid); } $label_fld[] = $cangkuname; $label_fld["secid"] = $cangkusid; $label_fld["link"] = "index.php?module=Cangkus&action=DetailView&record=" . $cangkusid; } elseif ($uitype == 155) { $label_fld[] = $mod_strings[$fieldlabel]; $cangkusid = $col_fields[$fieldname]; $cangkuname = ""; if (trim($cangkusid) != '') { $cangkuname = getCangkuName($cangkusid); } $label_fld[] = $cangkuname; $label_fld["secid"] = $cangkusid; // $label_fld["link"] = "index.php?module=Cangkus&action=DetailView&record=".$cangkusid; } elseif ($uitype == 58) { $label_fld[] = $mod_strings[$fieldlabel]; $campaign_id = $col_fields[$fieldname]; if ($campaign_id != '') { $campaign_name = getCampaignName($campaign_id); } $label_fld[] = $campaign_name; $label_fld["secid"] = $campaign_id; $label_fld["link"] = "index.php?module=Campaigns&action=DetailView&record=" . $campaign_id; } elseif ($uitype == 59) { $label_fld[] = $mod_strings[$fieldlabel]; $product_id = $col_fields[$fieldname]; if ($product_id != '') { $product_name = getProductName($product_id); } //Account Name View $label_fld[] = $product_name; $label_fld["secid"] = $product_id; $label_fld["link"] = "index.php?module=Products&action=DetailView&record=" . $product_id; } elseif ($uitype == 61) { global $adb; $label_fld[] = $mod_strings[$fieldlabel]; if ($tabid == 10) { $attach_result = $adb->query("select * from ec_seattachmentsrel where crmid = " . $col_fields['record_id']); for ($ii = 0; $ii < $adb->num_rows($attach_result); $ii++) { $attachmentid = $adb->query_result($attach_result, $ii, 'attachmentsid'); if ($attachmentid != '') { $attachquery = "select * from ec_attachments where attachmentsid=" . $attachmentid; $result = $adb->query($attachquery); $attachmentsname = $adb->query_result($result, 0, 'name'); if ($attachmentsname != '') { $custfldval = '<a href = "index.php?module=uploads&action=downloadfile&return_module=' . $col_fields['record_module'] . '&fileid=' . $attachmentid . '&entityid=' . $col_fields['record_id'] . '">' . $attachmentsname . '</a>'; } else { $custfldval = ''; } } $label_fld['options'][] = $custfldval; } } else { $result = $adb->query("select * from ec_seattachmentsrel where crmid = " . $col_fields['record_id']); $attachmentid = $adb->query_result($result, 0, 'attachmentsid'); if ($col_fields[$fieldname] == '' && $attachmentid != '') { $attachquery = "select * from ec_attachments where attachmentsid=" . $attachmentid; $result = $adb->query($attachquery); $col_fields[$fieldname] = $adb->query_result($result, 0, 'name'); } //This is added to strip the crmid and _ from the file name and show the original filename $org_filename = ltrim($col_fields[$fieldname], $col_fields['record_id'] . '_'); if ($org_filename != '') { $custfldval = '<a href = "index.php?module=uploads&action=downloadfile&return_module=' . $col_fields['record_module'] . '&fileid=' . $attachmentid . '&entityid=' . $col_fields['record_id'] . '">' . $org_filename . '</a>'; } else { $custfldval = ''; } } $label_fld[] = $custfldval; } elseif ($uitype == 69) { $label_fld[] = $mod_strings[$fieldlabel]; if ($tabid == 14) { $images = array(); $image_array = array(); $imagepath_array = array(); $query = "select productname, ec_attachments.path, ec_attachments.attachmentsid, ec_attachments.name from ec_products left join ec_seattachmentsrel on ec_seattachmentsrel.crmid=ec_products.productid inner join ec_attachments on ec_attachments.attachmentsid=ec_seattachmentsrel.attachmentsid where (ec_attachments.type like '%image%' or ec_attachments.type like '%img%') and productid=" . $col_fields['record_id']; $result_image = $adb->query($query); for ($image_iter = 0; $image_iter < $adb->num_rows($result_image); $image_iter++) { $image_id_array[] = $adb->query_result($result_image, $image_iter, 'attachmentsid'); $image_array[] = $adb->query_result($result_image, $image_iter, 'name'); $imagepath_array[] = $adb->query_result($result_image, $image_iter, 'path'); } if (count($image_array) > 1) { // if(count($image_array) < 4) // $sides=count($image_array)*2; // else // $sides=8; // // $image_lists = '<div id="Carousel" style="position:relative;vertical-align: middle;"> // <img src="modules/Products/placeholder.gif" width="571" height="117" style="position:relative;"> // </div><script>var Car_NoOfSides='.$sides.'; Car_Image_Sources=new Array('; // // for($image_iter=0;$image_iter < count($image_array);$image_iter++) // { // $images[]='"'.$imagepath_array[$image_iter].$image_id_array[$image_iter]."_".base64_encode_filename($image_array[$image_iter]).'","'.$imagepath_array[$image_iter].$image_id_array[$image_iter]."_".base64_encode_filename($image_array[$image_iter]).'"'; // } // $image_lists .=implode(',',$images).'); /**</script><script language="JavaScript" type="text/javascript" src="modules/Products/Productsslide.js"></script><script language="JavaScript" type="text/javascript">Carousel();</script>';**/ // $label_fld[] =$image_lists; $num = count($image_array); for ($image_iter = 0; $image_iter < count($image_array); $image_iter++) { $images[] = $imagepath_array[$image_iter] . $image_id_array[$image_iter] . "_" . base64_encode_filename($image_array[$image_iter]); } for ($i = 0; $i < $num; $i++) { $image_lists .= '<a href="' . $images[$i] . '" target="_blank"><img src="' . $images[$i] . '" border="0" width="150" height="150" ></a> '; } //end $label_fld[] = $image_lists; } elseif (count($image_array) == 1) { $label_fld[] = '<a href="' . $imagepath_array[0] . $image_id_array[0] . "_" . base64_encode_filename($image_array[0]) . '" target="_blank" ><img src="' . $imagepath_array[0] . $image_id_array[0] . "_" . base64_encode_filename($image_array[0]) . '" border="0" width="150" height="150"></a>'; } else { $label_fld[] = ''; } } if ($tabid == 4) { //$imgpath = getModuleFileStoragePath('Contacts').$col_fields[$fieldname]; $sql = "select ec_attachments.* from ec_attachments inner join ec_seattachmentsrel on ec_seattachmentsrel.attachmentsid = ec_attachments.attachmentsid where (ec_attachments.type like '%image%' or ec_attachments.type like '%img%') and ec_seattachmentsrel.crmid='" . $col_fields['record_id'] . "'"; $image_res = $adb->query($sql); $image_id = $adb->query_result($image_res, 0, 'attachmentsid'); $image_path = $adb->query_result($image_res, 0, 'path'); $image_name = $adb->query_result($image_res, 0, 'name'); $imgpath = $image_path . $image_id . "_" . base64_encode_filename($image_name); $width = 160; $height = get_scale_height($imgpath, $width); if ($image_name != '') { $label_fld[] = '<img src="' . $imgpath . '" width="' . $width . '" height="' . $height . '" class="reflect" alt="">'; } else { $label_fld[] = ''; } } } elseif ($uitype == 63) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname] . 'h ' . $col_fields['duration_minutes'] . 'm'; } elseif ($uitype == 6) { $label_fld[] = $mod_strings[$fieldlabel]; if ($col_fields[$fieldname] == '0') { $col_fields[$fieldname] = ''; } if ($col_fields['time_start'] != '') { $start_time = $col_fields['time_start']; } if (!isValidDate($col_fields[$fieldname])) { $displ_date = ''; } else { $displ_date = getDisplayDate($col_fields[$fieldname]); } $label_fld[] = $displ_date . ' ' . $start_time; } elseif ($uitype == 5 || $uitype == 23 || $uitype == 70) { $label_fld[] = $mod_strings[$fieldlabel]; $cur_date_val = $col_fields[$fieldname]; $end_time = ""; if (isset($col_fields['time_end']) && $col_fields['time_end'] != '' && ($tabid == 9 || $tabid == 16) && $uitype == 23) { $end_time = $col_fields['time_end']; } if (!isValidDate($cur_date_val)) { $display_val = ''; } else { $display_val = getDisplayDate($cur_date_val); } $label_fld[] = $display_val . ' ' . $end_time; } elseif ($uitype == 1007) { $label_fld[] = isset($mod_strings[$fieldlabel]) ? $mod_strings[$fieldlabel] : $fieldlabel; $cur_approve_val = $col_fields[$fieldname]; $label_fld[] = getApproveStatusById($cur_approve_val); } elseif ($uitype == 1008) { if (isset($mod_strings[$fieldlabel])) { $label_fld[] = $mod_strings[$fieldlabel]; } else { $label_fld[] = $fieldlabel; } $value = $col_fields[$fieldname]; $label_fld[] = getUserName($value); } elseif ($uitype == 71 || $uitype == 72) { $label_fld[] = $mod_strings[$fieldlabel]; $display_val = $col_fields[$fieldname]; $label_fld[] = $display_val; } elseif ($uitype == 75 || $uitype == 81) { $vendor_name = ""; $label_fld[] = $mod_strings[$fieldlabel]; $vendor_id = $col_fields[$fieldname]; if ($vendor_id != '') { $vendor_name = getVendorName($vendor_id); } $label_fld[] = $vendor_name; $label_fld["secid"] = $vendor_id; $label_fld["link"] = "index.php?module=Vendors&action=DetailView&record=" . $vendor_id; //$label_fld[] = '<a href="index.php?module=Products&action=VendorDetailView&record='.$vendor_id.'">'.$vendor_name.'</a>'; } elseif ($uitype == 76) { $label_fld[] = $mod_strings[$fieldlabel]; $potential_id = $col_fields[$fieldname]; if ($potential_id != '') { $potential_name = getPotentialName($potential_id); } $label_fld[] = $potential_name; $label_fld["secid"] = $potential_id; $label_fld["link"] = "index.php?module=Potentials&action=DetailView&record=" . $potential_id; } elseif ($uitype == 78) { $label_fld[] = $mod_strings[$fieldlabel]; $quote_id = $col_fields[$fieldname]; if ($quote_id != '') { $quote_name = getQuoteName($quote_id); } $label_fld[] = $quote_name; $label_fld["secid"] = $quote_id; $label_fld["link"] = "index.php?module=Quotes&action=DetailView&record=" . $quote_id; } elseif ($uitype == 79) { $label_fld[] = $mod_strings[$fieldlabel]; $purchaseorder_id = $col_fields[$fieldname]; if ($purchaseorder_id != '') { $purchaseorder_name = getPoName($purchaseorder_id); } $label_fld[] = $purchaseorder_name; $label_fld["secid"] = $purchaseorder_id; $label_fld["link"] = "index.php?module=PurchaseOrder&action=DetailView&record=" . $purchaseorder_id; } elseif ($uitype == 80) { $label_fld[] = $mod_strings[$fieldlabel]; $salesorder_id = $col_fields[$fieldname]; if ($salesorder_id != '') { $salesorder_name = getSoName($salesorder_id); } $label_fld[] = $salesorder_name; $label_fld["secid"] = $salesorder_id; $label_fld["link"] = "index.php?module=SalesOrder&action=DetailView&record=" . $salesorder_id; } elseif ($uitype == 1010) { $label_fld[] = $mod_strings[$fieldlabel]; $invoice_id = $col_fields[$fieldname]; $invoice_name = ""; if ($invoice_id != '') { $invoice_name = getInvoiceName($invoice_id); } $label_fld[] = $invoice_name; $label_fld["secid"] = $invoice_id; $label_fld["link"] = "index.php?module=Invoice&action=DetailView&record=" . $invoice_id; } elseif ($uitype == 30) { $rem_days = 0; $rem_hrs = 0; $rem_min = 0; $reminder_str = ""; $rem_days = floor($col_fields[$fieldname] / (24 * 60)); $rem_hrs = floor(($col_fields[$fieldname] - $rem_days * 24 * 60) / 60); $rem_min = ($col_fields[$fieldname] - $rem_days * 24 * 60) % 60; $label_fld[] = $mod_strings[$fieldlabel]; if ($col_fields[$fieldname]) { $reminder_str = $rem_days . ' ' . $mod_strings['LBL_DAYS'] . ' ' . $rem_hrs . ' ' . $mod_strings['LBL_HOURS'] . ' ' . $rem_min . ' ' . $mod_strings['LBL_MINUTES'] . ' ' . $mod_strings['LBL_BEFORE_EVENT']; } $label_fld[] = ' ' . $reminder_str; } elseif ($uitype == 85) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 86) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 87) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 88) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 89) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 1006) { //added by dingjianting on 2007-1-27 for new module Exhibitions $catalog_name = ""; $label_fld[] = $mod_strings[$fieldlabel]; $catalogid = $col_fields[$fieldname]; if ($catalogid != '') { $catalog_name = getCatalogName($catalogid); } $label_fld[] = $catalog_name; $label_fld["secid"] = $catalogid; $label_fld["link"] = "index.php?module=Catalogs&action=CatalogDetailView&parenttab=Product&catalogid=" . $catalogid; } elseif ($uitype == 1009) { $vcontact_name = ""; $label_fld[] = $mod_strings[$fieldlabel]; $vcontactsid = $col_fields[$fieldname]; if ($vcontactsid != '') { $vcontact_name = getVcontactName($vcontactsid); } $label_fld[] = $vcontact_name; $label_fld["secid"] = $vcontactsid; $label_fld["link"] = "index.php?module=Vcontacts&action=DetailView&record=" . $vcontactsid; } elseif ($uitype == 1013) { $faqcategory_name = ""; $label_fld[] = $mod_strings[$fieldlabel]; $faqcategoryid = $col_fields[$fieldname]; if ($faqcategoryid != '') { $faqcategory_name = getFaqcategoryName($faqcategoryid); } $label_fld[] = $faqcategory_name; $label_fld["secid"] = $faqcategoryid; $label_fld["link"] = "index.php?module=Faqcategorys&action=FaqcategoryDetailView&faqcategoryid=" . $faqcategoryid; } else { $label_fld[] = $mod_strings[$fieldlabel]; if ($col_fields[$fieldname] == '0') { $col_fields[$fieldname] = ''; } $label_fld[] = $col_fields[$fieldname]; } $label_fld[] = $uitype; $log->debug("Exiting getDetailViewOutputHtml method ..."); return $label_fld; }
function addData($name, $id) { $flag = ""; $caseId = ""; $username = ""; $des = ""; $description = ""; $caseid = ""; $name = ""; $age = ""; $sex = ""; $address1 = ""; $address2 = ""; $pincode = ""; $disease = ""; $fatal = ""; $district = ""; $reportedon = ""; $diedon = ""; $date = ""; $createdon = ""; $newpostoffice = ""; $caseDate = ""; $username = ""; $usertype = ""; if ($id == 'add') { $username = trim($_SESSION['userName']); $usertype = trim($_SESSION['userType']); $hospitalid = trim($_POST['cmbHospital']); $name = trim($_POST['txtName']); $age = trim($_POST['txtAge']); $sex = trim($_POST['rdoSex']); $address1 = trim($_POST['txtAddress1']); $address2 = trim($_POST['txtAddress2']); $pincode = trim($_POST['txtPincode']); $disease = trim($_POST['cmbDisease']); $fatal = trim($_POST['cmbFatal']); $district = trim($_POST['cmbDistrict']); $reportedon = trim($_POST['txtReportedOn']); $createdon = date("d/m/Y"); $date = trim($_POST['txtCaseDate']); if (strlen($name) < 1) { $flag = 'phpValidError'; } if (isInvalidName($name)) { $flag = 'phpValidError'; } if (strlen($address1) < 1) { $flag = 'phpValidError'; } if (isInvalidName($address1)) { $flag = 'phpValidError'; } if (isInvalidAddress($address2)) { $flag = 'phpValidError'; } if (isInvalidNumber($hospitalid)) { $flag = 'phpValidError'; } if (isInvalidNumber($age)) { $flag = 'phpValidError'; } if (isInvalidNumber($disease)) { $flag = 'phpValidError'; } if (isInvalidNumber($district)) { $flag = 'phpValidError'; } if (strlen($pincode) > 0) { if (strlen($pincode) != 6) { $flag = 'phpValidError'; } if (isInvalidNumber($pincode)) { $flag = 'phpValidError'; } } if ($_POST['cmbPostOffice'] == 1 && $_POST['cmbNearPostOffice'] != "select") { $postofficeid = trim($_POST['cmbNearPostOffice']); } else { $postofficeid = trim($_POST['cmbPostOffice']); } if ($_POST['txtDiedOn'] == "") { $diedon = ""; } else { $diedon = trim($_POST['txtDiedOn']); if (!isValidDate($diedon)) { $flag = 'phpValidError'; } $diedon = getDateToDb($diedon); } if (isInvalidNumber($postofficeid)) { $flag = 'phpValidError'; } if (!isValidDate($date)) { $flag = 'phpValidError'; } if (!isValidDate($reportedon)) { $flag = 'phpValidError'; } $result = mysql_query("select * from casereport where name='" . $name . "' and age='" . $age . "'\n\t\t\t\tand sex='" . $sex . "' and fatal='" . $fatal . "' and casedate='" . getDateToDb($date) . "'\n\t\t\t\tand reportedon='" . getDateToDb($reportedon) . "'\t") or die(mysql_error()); $intnameExists = mysql_num_rows($result); if ($intnameExists > 0) { $flag = 'false'; } else { if ($flag == 'phpValidError') { } else { mysql_query("insert into casereport\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\tusername,\n\t\t\t\t\t\t\t\t\tname,\n\t\t\t\t\t\t\t\t\tage,\n\t\t\t\t\t\t\t\t\tsex,\n\t\t\t\t\t\t\t\t\taddress1,\n\t\t\t\t\t\t\t\t\taddress2,\n\t\t\t\t\t\t\t\t\tdiseaseid,\n\t\t\t\t\t\t\t\t\tfatal,\n\t\t\t\t\t\t\t\t\tpincode,\n\t\t\t\t\t\t\t\t\tdistrictid,\n\t\t\t\t\t\t\t\t\thospitalid,\n\t\t\t\t\t\t\t\t\tpostofficeid,\n\t\t\t\t\t\t\t\t\treportedon,\n\t\t\t\t\t\t\t\t\tdiedon,\n\t\t\t\t\t\t\t\t\tcasedate,\n\t\t\t\t\t\t\t\t\tcreatedon\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t'" . preventInj($username) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($name) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($age) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($sex) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($address1) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($address2) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($disease) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($fatal) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($pincode) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($district) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($hospitalid) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($postofficeid) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj(getDateToDb($reportedon)) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj($diedon) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj(getDateToDb($date)) . "',\n\t\t\t\t\t\t\t\t\t'" . preventInj(getDateToDb($createdon)) . "'\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t") or die(mysql_error()); mysql_query("update casereport set diedon=NULL where diedon=00-00-0000") or die(mysql_error()); if ($_POST['cmbPostOffice'] == 1) { $newpostoffice = $_POST['txtNewPostOffice']; if (strlen($newpostoffice) < 3) { $flag = 'phpValidError'; } if (isInvalidName($newpostoffice)) { $flag = 'phpValidError'; } if ($flag == 'phpValidError') { } else { mysql_query("insert into newpostoffice\n\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\tname,\n\t\t\t\t\t\t\t\t\t\t\tdistrictid,\n\t\t\t\t\t\t\t\t\t\t\tpincode\n\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj($newpostoffice) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj($district) . "',\n\t\t\t\t\t\t\t\t\t\t\t'" . preventInj($pincode) . "'\n\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t ") or die(mysql_error()); } } $username = $_SESSION['userName']; $description = "New Case Report on patient " . $name . " is added"; insertEventData('Add_Case_Report', "New_Case_Reported", $username, $description); $flag = 'true'; } } } else { $hospitalid = $_POST['cmbHospital']; $postofficeid = $_POST['cmbPostOffice']; $name = trim($_POST['txtName']); $age = trim($_POST['txtAge']); $sex = trim($_POST['rdoSex']); $address1 = trim($_POST['txtAddress1']); $address2 = trim($_POST['txtAddress2']); $pincode = trim($_POST['txtPincode']); $disease = trim($_POST['cmbDisease']); $fatal = trim($_POST['cmbFatal']); $district = trim($_POST['cmbDistrict']); $reportedon = trim($_POST['txtReportedOn']); $caseId = trim($_POST['txtCaseId']); $date = trim($_POST['txtCaseDate']); if (trim($_POST['txtDiedOn']) == "") { $diedon = ""; } else { $diedon = trim($_POST['txtDiedOn']); if (!isValidDate($diedon)) { $flag = 'phpValidError'; } $diedon = getDateToDb($diedon); } if (!isValidDate($reportedon)) { $flag = 'phpValidError'; } if (!isValidDate($date)) { $flag = 'phpValidError'; } if (strlen($name) < 1) { $flag = 'phpValidError'; } if (isInvalidName($name)) { $flag = 'phpValidError'; } if (strlen($address1) < 1) { $flag = 'phpValidError'; } if (isInvalidName($address1)) { $flag = 'phpValidError'; } if (isInvalidAddress($address2)) { $flag = 'phpValidError'; } if (isInvalidNumber($hospitalid)) { $flag = 'phpValidError'; } if (isInvalidNumber($age)) { $flag = 'phpValidError'; } if (isInvalidNumber($disease)) { $flag = 'phpValidError'; } if (isInvalidNumber($district)) { $flag = 'phpValidError'; } if (isInvalidNumber($caseId)) { $flag = 'phpValidError'; } if (strlen($pincode) > 0) { if (strlen($pincode) != 6) { $flag = 'phpValidError'; } if (isInvalidNumber($pincode)) { $flag = 'phpValidError'; } } if ($flag == 'phpValidError') { } else { mysql_query("update casereport\n\t\t\t\t\tset name='" . preventInj($name) . "',\n\t\t\t\t\t\tage='" . preventInj($age) . "',\n\t\t\t\t\t\tsex='" . preventInj($sex) . "',\n\t\t\t\t\t\taddress1='" . preventInj($address1) . "',\n\t\t\t\t\t\taddress2='" . preventInj($address2) . "',\n\t\t\t\t\t\tpincode='" . preventInj($pincode) . "',\n\t\t\t\t\t\tdiseaseid='" . preventInj($disease) . "',\n\t\t\t\t\t\tdistrictid='" . preventInj($district) . "',\n\t\t\t\t\t\thospitalid='" . preventInj($hospitalid) . "',\n\t\t\t\t\t\tpostofficeid='" . preventInj($postofficeid) . "',\n\t\t\t\t\t\treportedon='" . preventInj(getDateToDb($reportedon)) . "',\n\t\t\t\t\t\tdiedon='" . preventInj($diedon) . "',\n\t\t\t\t\t\tcasedate='" . preventInj(getDateToDb($date)) . "'\n\t\t\t\t\twhere casereportid='" . preventInj($caseId) . "' ") or die(mysql_error()); mysql_query("update casereport set diedon=NULL where diedon=00-00-0000") or die(mysql_error()); $username = $_SESSION['userName']; $description = "Case Report with id " . $caseId . " is updated"; insertEventData('Update_Case_Report', "Case_Report_Updated", $username, $description); $flag = 'success'; } } return $flag; }
protected function process_bulk_revert_request() { if (isset($_POST['revert_name']) && !empty($_POST['revert_name'])) { $revert_name = $_POST['revert_name']; } else { $revert_name = null; } if (isset($_POST['revert_ip']) && !empty($_POST['revert_ip'])) { $revert_ip = filter_var($_POST['revert_ip'], FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE); if ($revert_ip === false) { // invalid ip given. $this->theme->display_admin_block('Invalid IP'); return; } } else { $revert_ip = null; } if (isset($_POST['revert_date']) && !empty($_POST['revert_date'])) { if (isValidDate($_POST['revert_date'])) { $revert_date = addslashes($_POST['revert_date']); // addslashes is really unnecessary since we just checked if valid, but better safe. } else { $this->theme->display_admin_block('Invalid Date'); return; } } else { $revert_date = null; } set_time_limit(0); // reverting changes can take a long time, disable php's timelimit if possible. // Call the revert function. $this->process_revert_all_changes($revert_name, $revert_ip, $revert_date); // output results $this->theme->display_revert_ip_results(); }
function validate(&$key, &$value, $error_array = array(), $index = 0, $array_key = NULL) { // echo "Switch Test \$key: " . $key . " \$value: " . $value . " <br>\n" ; switch ($key) { case "numauthors": case "numpages": // echo "Switch Number \$key: " . $key . " \$value: " . $value . " <br>\n" ; isIntegerMoreThanZero($value, &$error_array, &$index); break; case "email": case "emailHome": case "ConferenceContact": // echo "Switch Email \$key: " . $key . " \$value: " . $value . " <br>\n" ; valid_email($value, &$error_array, &$index); break; case "faxno": case "phoneno": // echo "Switch Phone \$key: " . $key . " \$value: " . $value . " <br>\n" ; isValidPhoneNumber($value, &$error_array, &$index); break; case "phonenoHome": // echo "Switch Phone \$key: " . $key . " \$value: " . $value . " <br>\n" ; isValidPhoneNumber($value, &$error_array, &$index); break; case "userfile": case "state": case "commentfile": // echo "Switch File \$key: " . $key . " \$value: " . $value . " <br>\n" ; isValidFile($value, &$error_array, &$index, &$array_key); break; case "logofile": isValidLogoFile($value, &$error_array, &$index, &$array_key); break; case "country": isValidCountryCode($value, &$error_array, &$index); break; case "password": case "newpwd": isValidPassword($value, &$error_array, &$index); break; case "date": case "ConferenceStartDate": case "ConferenceEndDate": case "arrStartDate": case "arrEndDate": if (isValidDate($value, &$error_array, &$index)) { //is_date_expired( $value , date ( "j/m/Y" , time() ) , &$error_array , &$index ) ; is_date_expired($value, date("Y-m-d", time()), &$error_array, &$index); } break; default: // echo "Default \$key: " . $key . " \$value: " . $value . " <br>\n" ; break; } }
function UpdateEmployee($fields) { $statusMessage = ""; //------------------------------------------------------------------------- // Validate Input parameters //------------------------------------------------------------------------- $inputIsValid = TRUE; $validID = false; $countOfFields = 0; foreach ($fields as $key => $value) { if ($key == EMP_ID) { $record = RetrieveEmployeeByID($value); if ($record != NULL) { $validID = true; $countOfFields++; } } else { if ($key == EMP_NAME) { $countOfFields++; if (isNullOrEmptyString($value)) { $statusMessage .= "Employee name can not be blank.</br>"; error_log("Invalid EMP_NAME passed to UpdateEmployee."); $inputIsValid = FALSE; } } else { if ($key == EMP_EMAIL) { $countOfFields++; if (!filter_var($value, FILTER_VALIDATE_EMAIL)) { $statusMessage .= "Email address is not in a valid format.</br>"; error_log("Invalid email address passed to UpdateEmployee."); $inputIsValid = FALSE; } } else { if ($key == EMP_PASSWORD) { //No validation on password, since this is an MD5 encoded string. $countOfFields++; } else { if ($key == EMP_DATEJOINED) { $countOfFields++; if (!isValidDate($value)) { $statusMessage .= "Date Joined value is not a valid date</br>"; error_log("Invalid EMP_DATEJOINED passed to UpdateEmployee."); $inputIsValid = FALSE; } } else { if ($key == EMP_LEAVE_ENTITLEMENT) { $countOfFields++; if (!is_numeric($value)) { $statusMessage .= "Employee Leave Entitlement must be a numeric value.</br>"; error_log("Invalid EMP_LEAVE_ENTITLEMENT passed to UpdateEmployee."); $inputIsValid = FALSE; } } else { if ($key == EMP_MAIN_VACATION_REQ_ID) { if ($value != NULL) { $record = RetrieveMainVacationRequestByID($value); if ($record == NULL) { $statusMessage .= "Main Vacation Request ID not found in database.</br>"; error_log("Invalid EMP_MAIN_VACATION_REQ_ID passed to UpdateEmployee."); $inputIsValid = FALSE; } } } else { if ($key == EMP_COMPANY_ROLE) { $countOfFields++; $record = RetrieveCompanyRoleByID($value); if ($record == NULL) { $statusMessage .= "Company Role ID not found in database.</br>"; error_log("Invalid EMP_COMPANY_ROLE passed to UpdateEmployee."); $inputIsValid = FALSE; } } else { if ($key == EMP_ADMIN_PERM) { $countOfFields++; } else { if ($key == EMP_MANAGER_PERM) { $countOfFields++; } else { $statusMessage .= "Unrecognised field of {$key} encountered.</br>"; error_log("Invalid field passed to UpdateEmployee. {$key}=" . $key); $inputIsValid = FALSE; } } } } } } } } } } } if (!$validID) { $statusMessage .= "No valid ID supplied.</br>"; error_log("No valid ID supplied in call to UpdateEmployee."); $inputIsValid = FALSE; } if ($countOfFields < 2) { $statusMessage .= "Insufficent fields supplied.</br>"; error_log("Insufficent fields supplied in call to UpdateEmployee."); $inputIsValid = FALSE; } //------------------------------------------------------------------------- // Only attempt to update a record in the database if the input parameters // are ok. //------------------------------------------------------------------------- $success = false; if ($inputIsValid) { $success = performSQLUpdate(EMPLOYEE_TABLE, EMP_ID, $fields); if ($success) { $statusMessage .= "Record has been successfully updated."; } else { $inputIsValid = false; $statusMessage .= "Unexpected Database error encountered. Please " . "contact your system administrator."; } } GenerateStatus($inputIsValid, $statusMessage); return $success; }
/** * getDataForNoticesReport */ public function getDataForNoticesReport($date_from, $date_to) { // set to last 7 days if no dates given if (!isValidDate($date_from)) { $date_from = date("Y-m-d", time() - 3600 * 24 * 7); } if (!isValidDate($date_to)) { $date_to = date("Y-m-d", time()); } // add quotes and escape $date_from = $this->db->quote($date_from); $date_to = $this->db->quote($date_to); $sql = "SELECT \n\t\t\t\tnotice.id AS id,\n\t\t\t\tnotice.created AS created,\n\t\t\t\tnotice.modified AS modified,\n\t\t\t\tnotice.other_data AS other_data,\n\t\t\t\tnotice.publish AS publish,\n\t\t\t\tstore.id AS store_id,\n\t\t\t\tstore.code AS store_code,\n\t\t\t\tstore.title AS store_title,\n\t\t\t\tstore.manager_name AS store_manager_name,\n\t\t\t\tstore.email AS store_email\n\t\t\tFROM common_node AS notice\n\t\t\tLEFT JOIN common_node AS parent ON parent.id = notice.parent\n\t\t\tLEFT JOIN ecommerce_store AS store ON store.id = parent.content::int\n\t\t\tWHERE notice.node_controller = 'notice' AND notice.created BETWEEN {$date_from} AND {$date_to}\n\t\t"; $records = $this->executeSql($sql); $result = array(); foreach ($records as $record) { $item = array(); $data = unserialize($record['other_data']); $item['Web Store Id'] = $record['store_id']; $item['Store Code'] = $record['store_code']; $item['Store Title'] = $record['store_title']; $item['Store Manager'] = $record['store_manager_name']; $item['Store Email'] = $record['store_email']; $item['Notice Id'] = $record['id']; $item['Notice Created'] = $record['created']; $item['Is Published'] = $record['publish'] ? 'yes' : 'no'; $item['Notice Text'] = $data['text']; $item['Visible From'] = $data['visible_from']; $item['Visible To'] = $data['visible_to']; $item['Image'] = $data['image'] ? 'yes' : 'no'; $result[] = $item; } return $result; }
/** This function returns the detail view form ec_field and and its properties in array format. * Param $uitype - UI type of the ec_field * Param $fieldname - Form ec_field name * Param $fieldlabel - Form ec_field label name * Param $col_fields - array contains the ec_fieldname and values * Param $generatedtype - Field generated type (default is 1) * Param $tabid - ec_tab id to which the Field belongs to (default is "") * Return type is an array */ function getDetailViewOutputHtml($uitype, $fieldname, $fieldlabel, $col_fields, $generatedtype, $tabid = '') { global $log; $log->debug("Entering getDetailViewOutputHtml() method ..."); global $adb; global $mod_strings; global $app_strings; global $current_user; //$fieldlabel = from_html($fieldlabel); $custfld = ''; $value = ''; $arr_data = array(); $label_fld = array(); $data_fld = array(); if ($generatedtype == 2) { $mod_strings[$fieldlabel] = $fieldlabel; } if (!isset($mod_strings[$fieldlabel])) { $mod_strings[$fieldlabel] = $fieldlabel; } if ($col_fields[$fieldname] == '--None--') { $col_fields[$fieldname] = ''; } if ($uitype == 116) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 13) { $label_fld[] = $mod_strings[$fieldlabel]; $temp_val = $col_fields[$fieldname]; $label_fld[] = $temp_val; $linkvalue = getComposeMailUrl($temp_val); $label_fld["link"] = $linkvalue; } elseif ($uitype == 5 || $uitype == 23 || $uitype == 70) { $label_fld[] = $mod_strings[$fieldlabel]; $cur_date_val = $col_fields[$fieldname]; if (!isValidDate($cur_date_val)) { $display_val = ''; } else { $display_val = getDisplayDate($cur_date_val); } $label_fld[] = $display_val; } elseif ($uitype == 15 || $uitype == 16 || $uitype == 115 || $uitype == 111) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 10) { if (isset($app_strings[$fieldlabel])) { $label_fld[] = $app_strings[$fieldlabel]; } elseif (isset($mod_strings[$fieldlabel])) { $label_fld[] = $mod_strings[$fieldlabel]; } else { $label_fld[] = $fieldlabel; } $value = $col_fields[$fieldname]; $module_entityname = ""; if ($value != '') { $query = "SELECT ec_entityname.* FROM ec_crmentityrel inner join ec_entityname on ec_entityname.modulename=ec_crmentityrel.relmodule inner join ec_tab on ec_tab.name=ec_crmentityrel.module WHERE ec_tab.tabid='" . $tabid . "' and ec_entityname.entityidfield='" . $fieldname . "'"; $fldmod_result = $adb->query($query); $rownum = $adb->num_rows($fldmod_result); if ($rownum > 0) { $rel_modulename = $adb->query_result($fldmod_result, 0, 'modulename'); $rel_tablename = $adb->query_result($fldmod_result, 0, 'tablename'); $rel_entityname = $adb->query_result($fldmod_result, 0, 'fieldname'); $rel_entityid = $adb->query_result($fldmod_result, 0, 'entityidfield'); $module_entityname = getEntityNameForTen($rel_tablename, $rel_entityname, $fieldname, $value); } } $label_fld[] = $module_entityname; $label_fld["secid"] = $value; $label_fld["link"] = "index.php?module=" . $rel_modulename . "&action=DetailView&record=" . $value; } elseif ($uitype == 33) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = str_ireplace(' |##| ', ', ', $col_fields[$fieldname]); } elseif ($uitype == 17) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; //$label_fld[] = '<a href="http://'.$col_fields[$fieldname].'" target="_blank">'.$col_fields[$fieldname].'</a>'; } elseif ($uitype == 19) { //$tmp_value = str_replace("<","<",nl2br($col_fields[$fieldname])); //$tmp_value = str_replace(">",">",$tmp_value); //$col_fields[$fieldname]= make_clickable($tmp_value); $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 20 || $uitype == 21 || $uitype == 22 || $uitype == 24) { //$col_fields[$fieldname]=nl2br($col_fields[$fieldname]); $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 51 || $uitype == 50 || $uitype == 73) { $account_id = $col_fields[$fieldname]; $account_name = ""; if ($account_id != '') { $account_name = getAccountName($account_id); } //Account Name View $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $account_name; $label_fld["secid"] = $account_id; $label_fld["link"] = "index.php?module=Accounts&action=DetailView&record=" . $account_id; } elseif ($uitype == 52 || $uitype == 77 || $uitype == 101) { $label_fld[] = $mod_strings[$fieldlabel]; $user_id = $col_fields[$fieldname]; $user_name = getUserName($user_id); $label_fld[] = $user_name; } elseif ($uitype == 53) { $user_id = $col_fields[$fieldname]; $user_name = getUserName($user_id); $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $user_name; } elseif ($uitype == 1004) { if (isset($mod_strings[$fieldlabel])) { $label_fld[] = $mod_strings[$fieldlabel]; } else { $label_fld[] = $fieldlabel; } $value = $col_fields[$fieldname]; $label_fld[] = getUserName($value); } elseif ($uitype == 56) { $label_fld[] = $mod_strings[$fieldlabel]; $value = $col_fields[$fieldname]; if ($value == 1) { //Since "yes" is not been translated it is given as app strings here.. $display_val = $app_strings['yes']; } else { $display_val = ''; } $label_fld[] = $display_val; } elseif ($uitype == 57) { $label_fld[] = $mod_strings[$fieldlabel]; $contact_id = $col_fields[$fieldname]; $contact_name = ""; if (trim($contact_id) != '') { $contact_name = getContactName($contact_id); } $label_fld[] = $contact_name; $label_fld["secid"] = $contact_id; $label_fld["link"] = "index.php?module=Contacts&action=DetailView&record=" . $contact_id; } elseif ($uitype == 59) { $label_fld[] = $mod_strings[$fieldlabel]; $product_id = $col_fields[$fieldname]; if ($product_id != '') { $product_name = getProductName($product_id); } //Account Name View $label_fld[] = $product_name; $label_fld["secid"] = $product_id; $label_fld["link"] = "index.php?module=Products&action=DetailView&record=" . $product_id; } elseif ($uitype == 71 || $uitype == 72) { $label_fld[] = $mod_strings[$fieldlabel]; $display_val = $col_fields[$fieldname]; $label_fld[] = $display_val; } elseif ($uitype == 76) { $label_fld[] = $mod_strings[$fieldlabel]; $potential_id = $col_fields[$fieldname]; if ($potential_id != '') { $potential_name = getPotentialName($potential_id); } $label_fld[] = $potential_name; $label_fld["secid"] = $potential_id; $label_fld["link"] = "index.php?module=Potentials&action=DetailView&record=" . $potential_id; } elseif ($uitype == 80) { $label_fld[] = $mod_strings[$fieldlabel]; $salesorder_id = $col_fields[$fieldname]; if ($salesorder_id != '') { $salesorder_name = getSoName($salesorder_id); } $label_fld[] = $salesorder_name; $label_fld["secid"] = $salesorder_id; $label_fld["link"] = "index.php?module=SalesOrder&action=DetailView&record=" . $salesorder_id; } elseif ($uitype == 85) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 86) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 87) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 88) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } elseif ($uitype == 89) { $label_fld[] = $mod_strings[$fieldlabel]; $label_fld[] = $col_fields[$fieldname]; } else { $label_fld[] = $mod_strings[$fieldlabel]; if ($col_fields[$fieldname] == '0') { $col_fields[$fieldname] = ''; } $label_fld[] = $col_fields[$fieldname]; } $label_fld[] = $uitype; $log->debug("Exiting getDetailViewOutputHtml method ..."); return $label_fld; }
function UpdateDate($fields) { //-------------------------------------------------------------------------------- // Validate Input parameters //-------------------------------------------------------------------------------- $inputIsValid = TRUE; $validID = false; $countOfFields = 0; foreach ($fields as $key => $value) { if ($key == DATE_TABLE_DATE_ID) { $record = RetrieveDateByID($value); if ($record != NULL) { $validID = true; $countOfFields++; } } else { if ($key == DATE_TABLE_DATE) { $countOfFields++; if (!isValidDate($value)) { error_log("Invalid DATE_TABLE_DATE passed to UpdateDate."); $inputIsValid = FALSE; } } else { if ($key == DATE_TABLE_PUBLIC_HOL_ID) { $countOfFields++; if ($value != NULL) { $record = RetrievePublicHolidayByID($value); if ($record == NULL) { error_log("Invalid DATE_TABLE_PUBLIC_HOL_ID passed to UpdateDate."); $inputIsValid = FALSE; } } } else { error_log("Invalid field passed to UpdateDate. {$key}=" . $key); $inputIsValid = FALSE; } } } } if (!$validID) { error_log("No valid ID supplied in call to UpdateDate."); $inputIsValid = FALSE; } if ($countOfFields < 2) { error_log("Insufficent fields supplied in call to UpdateDate."); $inputIsValid = FALSE; } //-------------------------------------------------------------------------------- // Only attempt to update a record in the database if the input parameters are ok. //-------------------------------------------------------------------------------- $success = false; if ($inputIsValid) { $success = performSQLUpdate(DATE_TABLE, DATE_TABLE_DATE_ID, $fields); } return $success; }
$nowDate = new DateTime(); if ($validDate > $nowDate || date_format($nowDate, "Y-m-d") === $valid_to) { return TRUE; } return FALSE; } $servername = "localhost"; $username = "******"; $password = "******"; $db = "clingy_crush"; $conn = mysqli_connect($servername, $username, $password, $db); !$conn && error("Connection failed: " . mysql_error()); //execute the SQL query and return records $sql = "SELECT email, name, password, valid_to, active, last_login FROM Users WHERE email='" . $email . "'"; $result = mysqli_query($conn, $sql); $isValid = FALSE; $user = null; $row = mysqli_fetch_array($result, MYSQLI_ASSOC); if ($row["email"] === $email && $row["password"] === $pass) { $user = $row; if (isValidDate($row["valid_to"])) { $isValid = TRUE; } } // Free result set mysqli_free_result($result); $data = array('isPrime' => $isValid, 'user' => $user); print json_encode($data); //close the connection mysql_close($conn); ////clingy_admin 89fVSlE$~9t}
function date_or_null($value) { $value = trim($value); if (!isset($value) || empty($value) && !is_numeric($value)) { return null; } if (!isValidDate($value)) { return null; } return $value; }
if (isset($_POST['reset_filter'])) { unset($_POST); } if (!isset($_POST['student_type'])) { $_POST['student_type'] = 'all'; } if (isset($_POST["start_date"])) { $start_date = trim($_POST["start_date"]); } if (isset($_POST["end_date"])) { $end_date = trim($_POST["end_date"]); } if ($start_date != "" && !isValidDate($start_date)) { $msg->addError('START_DATE_INVALID'); } if ($end_date != "" && !isValidDate($end_date)) { $msg->addError('END_DATE_INVALID'); } $table_content = ""; $csv_content = ""; require AT_INCLUDE_PATH . '../mods/_standard/tests/lib/test_result_functions.inc.php'; $sql = "SELECT title, out_of, result_release, randomize_order, passscore, passpercent FROM " . TABLE_PREFIX . "tests WHERE test_id={$tid}"; $result = mysql_query($sql, $db); $row = mysql_fetch_array($result); $out_of = $row['out_of']; $random = $row['randomize_order']; $passscore = $row['passscore']; $passpercent = $row['passpercent']; $test_title = str_replace(' ', '_', str_replace(array('"', '<', '>'), '', $row['title'])); $table_content .= '<h3>' . $row['title'] . '</h3><br />'; $sql = "SELECT TQ.*, TQA.* FROM " . TABLE_PREFIX . "tests_questions TQ INNER JOIN " . TABLE_PREFIX . "tests_questions_assoc TQA USING (question_id) WHERE TQ.course_id={$_SESSION['course_id']} AND TQA.test_id={$tid} ORDER BY TQA.ordering, TQA.question_id";
/** Function to get related list entries in detailed array format * @param $parentmodule -- parentmodulename:: Type string * @param $query -- query:: Type string * @param $id -- id:: Type string * @returns $entries_list -- entries list:: Type string array * ALTER TABLE `ec_attachments` ADD `setype` VARCHAR( 50 ) NOT NULL , ADD `smcreatorid` INT( 10 ) NOT NULL , ADD `createdtime` DATETIME NOT NULL , ADD `deleted` INT( 1 ) NULL DEFAULT '0'; */ function getAttachments($parentmodule, $query, $id, $sid = '') { global $log; global $app_strings; $log->debug("Entering getAttachments() method ..."); global $theme; $entries_list = array(); $return_data = array(); global $adb; global $mod_strings; global $app_strings; global $current_user; $result = $adb->query($query); $noofrows = $adb->num_rows($result); $header[] = $app_strings['LBL_CREATED_TIME']; $header[] = $app_strings['LBL_ATTACHMENTS']; $header[] = $app_strings['LBL_DESCRIPTION']; $header[] = $app_strings['Assigned To']; foreach ($result as $row) { $entries = array(); $module = 'uploads'; $editaction = 'upload'; $deleteaction = 'deleteattachments'; if (isValidDate($row['createdtime'], '0000-00-00')) { $created_arr = explode(" ", $row['createdtime']); $created_date = $created_arr[0]; $created_time = substr($created_arr[1], 0, 5); } else { $created_date = ''; $created_time = ''; } $entries[] = $created_date; //$attachmentname = ltrim($row['filename'],$row['attachmentsid'].'_');//explode('_',$row['filename'],2); //changed by dingjianting on 2008-09-16 for attachment with number name posted by pushi $attachmentname = trim($row['name']); //explode('_',$row['filename'],2); $entries[] = '<a href="index.php?module=uploads&action=downloadfile&entityid=' . $id . '&fileid=' . $row['attachmentsid'] . '">' . $attachmentname . '</a>'; /* if(strlen($row['description']) > 40) { $row['description'] = substr($row['description'],0,40).'...'; } */ $entries[] = nl2br($row['description']); $entries[] = $row['user_name']; $setype = $row['setype']; if ($current_user->column_fields['user_name'] == $row['user_name']) { $del_param = 'index.php?module=' . $module . '&action=' . $deleteaction . '&return_module=' . $setype . '&return_action=' . $_REQUEST['action'] . '&record=' . $row["attachmentsid"] . '&return_id=' . $_REQUEST["record"]; if ($setype == 'Maillists') { $entries[] = ''; $header[] = ''; } else { $header[] = $app_strings['LBL_ACTION']; $entries[] = '<a href=\'javascript:confirmdelete("' . $del_param . '")\'>' . $app_strings['LNK_DELETE'] . '</a>'; } } else { $entries[] = ' '; } $entries_list[] = $entries; } if ($entries_list != '') { $return_data = array('header' => $header, 'entries' => $entries_list); } $log->debug("Exiting getAttachments method ..."); return $return_data; }
include 'sessionmanagement.php'; if (!$isManager) { header('Location: index.php'); exit; } if (isset($_POST["submit"])) { ClearStatus(); $statusMessage = ""; $inputIsValid = true; $startDate = $_POST["startDate"]; $endDate = $_POST["endDate"]; if (!isValidDate($startDate)) { $statusMessage .= "Start Date is not a valid Date.</br>"; $inputIsValid = false; } if (!isValidDate($endDate)) { $statusMessage .= "Finish Date is not a valid Date.</br>"; $inputIsValid = false; } if (strtotime($endDate) < strtotime($startDate)) { $statusMessage .= "End Date is before Start Date.</br>"; $inputIsValid = false; } if ($inputIsValid == false) { GenerateStatus(false, $statusMessage); } } function DisplaySearchTableBody($startDate, $endDate) { date_default_timezone_set('UTC'); $startDate = $_POST["startDate"];
/** This function returns the date in user specified format. * param $cur_date_val - the default date format */ function getDisplayDate($cur_date_val) { global $log; $log->debug("Entering getDisplayDate() method ..."); global $current_user; $dat_fmt = $current_user->date_format; if ($dat_fmt == '') { //changed by dingjianting on 2006-12-4 for simplized chinese dateformat $dat_fmt = 'yyyy-mm-dd'; } $date_value = explode(' ', $cur_date_val); if (!isValidDate($date_value[0])) { return ""; } list($y, $m, $d) = explode('-', $date_value[0]); if ($dat_fmt == 'yyyy-mm-dd') { $display_date = $y . '-' . $m . '-' . $d; } elseif ($dat_fmt == 'dd-mm-yyyy') { $display_date = $d . '-' . $m . '-' . $y; } elseif ($dat_fmt == 'mm-dd-yyyy') { $display_date = $m . '-' . $d . '-' . $y; } if (isset($date_value[1]) && $date_value[1] != "" && substr_count($date_value[1], '00:00:00') == 0) { $display_date = $display_date . ' ' . $date_value[1]; } $log->debug("Exiting getDisplayDate method ..."); return $display_date; }
function UpdateAdHocAbsenceRequest($fields) { $statusMessage = ""; //------------------------------------------------------------------------- // Validate Input parameters //------------------------------------------------------------------------- $inputIsValid = TRUE; $validID = false; $countOfFields = 0; foreach ($fields as $key => $value) { if ($key == AD_HOC_REQ_ID) { $record = RetrieveAdHocAbsenceRequestByID($value); if ($record != NULL) { $validID = true; $countOfFields++; } } else { if ($key == AD_HOC_EMP_ID) { $countOfFields++; $record = RetrieveEmployeeByID($value); if ($record == NULL) { $statusMessage .= "Employee specified can not be found in the " . "database.</br>"; error_log("Invalid AD_HOC_EMP_ID passed to " . "UpdateAdHocAbsenceRequest." . " Value=" . $value); $inputIsValid = FALSE; } } else { if ($key == AD_HOC_START) { $countOfFields++; if (!isValidDate($value)) { $statusMessage .= "Start date entered is not a valid date.</br>"; error_log("Invalid AD_HOC_START passed to UpdateAdHocAbsenceRequest." . " Value=" . $value); $inputIsValid = FALSE; } } else { if ($key == AD_HOC_END) { $countOfFields++; if (!isValidDate($value)) { $statusMessage .= "End date entered is not a valid date.</br>"; error_log("Invalid AD_HOC_END passed to UpdateAdHocAbsenceRequest." . " Value=" . $value); $inputIsValid = FALSE; } } else { if ($key == AD_HOC_ABSENCE_TYPE_ID) { $countOfFields++; $record = RetrieveAbsenceTypeByID($value); if ($record == NULL) { $statusMessage .= "Absence Type selected can not be found in the " . "database.</br>"; error_log("Invalid AD_HOC_ABSENCE_TYPE_ID passed to " . "UpdateAdHocAbsenceRequest. Value=" . $value); $inputIsValid = FALSE; } } else { $statusMessage .= "Unknown field encountered.</br>"; error_log("Invalid field passed to UpdateAdHocAbsenceRequest." . " {$key}=" . $key); $inputIsValid = FALSE; } } } } } } $startDate = $fields[AD_HOC_START]; $endDate = $fields[AD_HOC_END]; if (strtotime($endDate) < strtotime($startDate)) { $statusMessage .= "end Date is before start Date.</br>"; error_log("End Date is before Start Date."); $inputIsValid = FALSE; } if (!$validID) { $statusMessage .= "No valid record ID found.</br>"; error_log("No valid ID supplied in call to UpdateAbsenceType."); $inputIsValid = FALSE; } if ($countOfFields < 2) { $statusMessage .= "Insufficent fields supplied in call to UpdateAbsenceType.</br>"; error_log("Insufficent fields supplied in call to UpdateAbsenceType."); $inputIsValid = FALSE; } //------------------------------------------------------------------------- // Only attempt to update a record in the database if the input parameters // are ok. //------------------------------------------------------------------------- $success = false; if ($inputIsValid) { $success = performSQLUpdate(ADHOC_ABSENCE_REQUEST_TABLE, AD_HOC_REQ_ID, $fields); if ($success) { $statusMessage .= "Record successfully updated.</br>"; } else { $statusMessage .= "Unexpected error encountered when updating database." . "Contact your system administrator.</br>"; $inputIsValid = false; } } GenerateStatus($inputIsValid, $statusMessage); return $success; }
function laterDate($d1, $d2) { if (!isValidDate($d1) && !isValidDate($d2)) { return null; } if (!isValidDate($d1)) { return new Date($d2); } if (!isValidDate($d2)) { return new Date($d1); } if ($d1->after($d2)) { return new Date($d1); } else { return new Date($d2); } }
/** to get the standard filter for the given Fenzu Id * @param $cvid :: Type Integer * @returns $stdfilterlist Array in the following format * $stdfilterlist = Array( 'columnname' => $tablename:$columnname:$fieldname:$module_$fieldlabel,'stdfilter'=>$stdfilter,'startdate'=>$startdate,'enddate'=>$enddate) */ function getStdFilterByCvid($cvid) { global $log; $log->debug("Entering getStdFilterByCvid() method ..."); global $current_user; //changed by dingjianting on 2007-10-3 for cache HeaderArray $key = "stdfilterlist_" . $cvid; //$stdfilterlist = getSqlCacheData($key); if (!$stdfilterlist) { global $adb; $sSQL = "select ec_cvstdfilterfenzu.* from ec_cvstdfilterfenzu inner join ec_fenzu on ec_fenzu.cvid = ec_cvstdfilterfenzu.cvid"; $sSQL .= " where ec_cvstdfilterfenzu.cvid=" . $cvid; $result = $adb->query($sSQL); $stdfilterrow = $adb->fetch_array($result); $stdfilterlist["columnname"] = $stdfilterrow["columnname"]; $stdfilterlist["stdfilter"] = $stdfilterrow["stdfilter"]; if ($stdfilterrow["stdfilter"] == "custom") { if (isValidDate($stdfilterrow["startdate"])) { $stdfilterlist["startdate"] = $stdfilterrow["startdate"]; } if (isValidDate($stdfilterrow["enddate"])) { $stdfilterlist["enddate"] = $stdfilterrow["enddate"]; } } else { $datefilter = $this->getDateforStdFilterBytype($stdfilterrow["stdfilter"]); $stdfilterlist["startdate"] = $datefilter[0]; $stdfilterlist["enddate"] = $datefilter[1]; } setSqlCacheData($key, $stdfilterlist); } $log->debug("Exiting getStdFilterByCvid method ..."); return $stdfilterlist; }
function UpdateApprovedAbsenceBooking($fields) { $statusMessage = ""; //-------------------------------------------------------------------------------- // Validate Input parameters //-------------------------------------------------------------------------------- $inputIsValid = TRUE; $validID = false; $countOfFields = 0; foreach ($fields as $key => $value) { if ($key == APPR_ABS_BOOKING_ID) { $record = RetrieveApprovedAbsenceBookingByID($value); if ($record != NULL) { $validID = true; $countOfFields++; } } else { if ($key == APPR_ABS_EMPLOYEE_ID) { $countOfFields++; $record = RetrieveEmployeeByID($value); if ($record == NULL) { $statusMessage .= "Unable to locate employee in database</br>"; error_log("Invalid EMP_ID passed to " . "UpdateApprovedAbsenceBooking. Value=" . $value); $inputIsValid = FALSE; } } else { if ($key == APPR_ABS_START_DATE) { $countOfFields++; if (!isValidDate($value)) { $statusMessage .= "Start date is not a valid date.</br>"; error_log("Invalid APPR_ABS_START_DATE passed to " . "UpdateApprovedAbsenceBooking. Value=" . $value); $inputIsValid = FALSE; } } else { if ($key == APPR_ABS_END_DATE) { $countOfFields++; if (!isValidDate($value)) { $statusMessage .= "End date is not a valid date.</br>"; error_log("Invalid APPR_ABS_END_DATE passed to " . "UpdateApprovedAbsenceBooking. Value=" . $value); $inputIsValid = FALSE; } } else { if ($key == APPR_ABS_ABS_TYPE_ID) { $countOfFields++; $record = RetrieveAbsenceTypeByID($value); if ($record == NULL) { $statusMessage .= "Unable to locate absence type in database</br>"; error_log("Invalid APPR_ABS_ABS_TYPE_ID passed to " . "UpdateApprovedAbsenceBooking. Value=" . $value); $inputIsValid = FALSE; } } else { $statusMessage .= "Unexpected field found in input</br>"; error_log("Invalid field passed to UpdateApprovedAbsenceBooking." . " {$key}=" . $key); $inputIsValid = FALSE; } } } } } } $absenceStartDate = $fields[APPR_ABS_START_DATE]; $absenceEndDate = $fields[APPR_ABS_END_DATE]; if (strtotime($absenceEndDate) < strtotime($absenceStartDate)) { $statusMessage .= "end Date is before start Date.</br>"; error_log("End Date is before Start Date."); $inputIsValid = FALSE; } if (!$validID) { $statusMessage .= "No valid ID supplied</br>"; error_log("No valid ID supplied in call to UpdateApprovedAbsenceBooking."); $inputIsValid = FALSE; } if ($countOfFields < 2) { $statusMessage .= "Insufficent fields supplied</br>"; error_log("Insufficent fields supplied in call to UpdateApprovedAbsenceBooking."); $inputIsValid = FALSE; } //-------------------------------------------------------------------------------- // Only attempt to update a record in the database if the input parameters are ok. //-------------------------------------------------------------------------------- $success = false; if ($inputIsValid) { $success = performSQLUpdate(APPROVED_ABSENCE_BOOKING_TABLE, APPR_ABS_BOOKING_ID, $fields); if ($success) { $statusMessage .= "Record updated successfully.</br>"; } else { $statusMessage .= "Unexpected error encountered when updating database.</br>"; $inputIsValid = false; } } GenerateStatus($inputIsValid, $statusMessage); return $success; }
function getValue($uitype, $list_result, $fieldname, $focus, $module, $entity_id, $list_result_count, $mode, $popuptype, $returnset = '', $viewid = '') { global $log; global $app_strings; //changed by dingjianting on 2007-11-05 for php5.2.x $log->debug("Entering getValue() method ..."); global $adb, $current_user; if ($uitype == 10) { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); if ($temp_val != "") { $value = ""; $module_entityname = ""; $modulename_lower = substr($fieldname, 0, -2); $modulename = ucfirst($modulename_lower); $modulesid = $modulename_lower . "id"; $tablename = "ec_" . $modulename_lower; $entityname = substr($fieldname, 0, -3) . "name"; $query = "SELECT {$entityname} FROM {$tablename} WHERE {$modulesid}='" . $temp_val . "' and deleted=0"; $fldmod_result = $adb->query($query); $rownum = $adb->num_rows($fldmod_result); if ($rownum > 0) { $value = $adb->query_result($fldmod_result, 0, $entityname); } } else { $value = ''; } } elseif ($uitype == 52 || $uitype == 53 || $uitype == 77) { $value = $adb->query_result($list_result, $list_result_count, 'user_name'); } elseif ($uitype == 5 || $uitype == 6 || $uitype == 23 || $uitype == 70) { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); if (isValidDate($temp_val)) { $value = getDisplayDate($temp_val); } else { $value = ''; } } elseif ($uitype == 33) { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); $value = str_ireplace(' |##| ', ', ', $temp_val); } elseif ($uitype == 17) { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); $value = '<a href="http://' . $temp_val . '" target="_blank">' . $temp_val . '</a>'; } elseif ($uitype == 13 || $uitype == 104) { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); $value = '<a href="' . getComposeMailUrl($temp_val) . '" target="_blank">' . $temp_val . '</a>'; } elseif ($uitype == 56) { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); if ($temp_val == 1) { $value = 'yes'; } else { $value = 'no'; } //changed by dingjianting on 2006-10-15 for simplized chinese if (isset($app_strings[$value])) { $value = $app_strings[$value]; } } elseif ($uitype == 51 || $uitype == 73 || $uitype == 50) { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); if ($temp_val != '') { $value = getAccountName($temp_val); } else { $value = ''; } } elseif ($uitype == 59) { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); if ($temp_val != '') { $value = getProductName($temp_val); } else { $value = ''; } } elseif ($uitype == 76) { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); if ($temp_val != '') { $value = getPotentialName($temp_val); } else { $value = ''; } } elseif ($uitype == 80) { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); if ($temp_val != '') { $value = getSoName($temp_val); } else { $value = ''; } } elseif ($uitype == 1004) { $value = $adb->query_result($list_result, $list_result_count, 'smcreatorid'); $value = getUserName($value); } elseif ($uitype == 1007) { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); $value = getApproveStatusById($temp_val); } elseif ($uitype == 1008) { $value = $adb->query_result($list_result, $list_result_count, 'approvedby'); $value = getUserName($value); } elseif ($uitype == 1004) { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); $value = getUserName($temp_val); } elseif ($uitype == 1007) { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); if ($temp_val == '1') { $value = $app_strings["already_approved"]; } elseif ($temp_val == '-1') { $value = $app_strings["unapproved"]; } elseif ($temp_val == '-2') { $value = $app_strings["Rejected"]; } else { $value = $app_strings["approving"]; } } elseif ($uitype == 1008) { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); $value = getUserName($temp_val); } else { $temp_val = $adb->query_result($list_result, $list_result_count, $fieldname); if ($fieldname != $focus->list_link_field) { $value = $temp_val; } else { if ($mode == "list") { $tabname = getParentTab(); $value = '<a href="index.php?action=DetailView&module=' . $module . '&record=' . $entity_id . '&parenttab=' . $tabname . '">' . $temp_val . '</a>'; } elseif ($mode == "search") { if ($popuptype == "specific") { $temp_val = str_replace("'", '\\"', $temp_val); $temp_val = popup_from_html($temp_val); //Added to avoid the error when select SO from Invoice through AjaxEdit if ($module == 'Salesorders') { $value = '<a href="javascript:window.close();" onclick=\'set_return_specific("' . $entity_id . '", "' . br2nl($temp_val) . '","' . $_REQUEST['form'] . '");\'>' . $temp_val . '</a>'; } else { $value = '<a href="javascript:window.close();" onclick=\'set_return_specific("' . $entity_id . '", "' . br2nl($temp_val) . '");\'>' . $temp_val . '</a>'; } } elseif ($popuptype == "detailview") { $temp_val = popup_from_html($temp_val); $focus->record_id = $_REQUEST['recordid']; if ($_REQUEST['return_module'] == "Calendar") { $value = '<a href="javascript:window.close();" id="calendarCont' . $entity_id . '" LANGUAGE=javascript onclick=\'add_data_to_relatedlist_incal("' . $entity_id . '","' . $temp_val . '");\'>' . $temp_val . '</a>'; } else { $value = '<a href="javascript:window.close();" onclick=\'add_data_to_relatedlist("' . $entity_id . '","' . $focus->record_id . '","' . $module . '");\'>' . $temp_val . '</a>'; } } elseif ($popuptype == "formname_specific") { $temp_val = popup_from_html($temp_val); $value = '<a href="javascript:window.close();" onclick=\'set_return_formname_specific("' . $_REQUEST['form'] . '", "' . $entity_id . '", "' . br2nl($temp_val) . '");\'>' . $temp_val . '</a>'; } elseif ($popuptype == "inventory_prod") { $row_id = $_REQUEST['curr_row']; //To get all the tax types and values and pass it to product details $tax_str = ''; $unitprice = $adb->query_result($list_result, $list_result_count, 'unit_price'); $qty_stock = $adb->query_result($list_result, $list_result_count, 'qtyinstock'); $productcode = $adb->query_result($list_result, $list_result_count, 'productcode'); $temp_val = popup_from_html($temp_val); $value = '<a href="javascript:window.close();" onclick=\'set_return_inventory("' . $entity_id . '", "' . br2nl($temp_val) . '", "' . $unitprice . '", "' . $qty_stock . '","' . $tax_str . '","' . $row_id . '","' . $productcode . '");\'>' . $temp_val . '</a>'; } elseif ($popuptype == "inventory_prods") { $unitprice = $adb->query_result($list_result, $list_result_count, 'unit_price'); $qty_stock = $adb->query_result($list_result, $list_result_count, 'qtyinstock'); $productcode = $adb->query_result($list_result, $list_result_count, 'productcode'); $serialno = $adb->query_result($list_result, $list_result_count, 'serialno'); $temp_val = popup_from_html($temp_val); $value = $temp_val . '<input type="hidden" name="productname_' . $entity_id . '" id="productname_' . $entity_id . '" value="' . $temp_val . '"><input type="hidden" name="listprice_' . $entity_id . '" id="listprice_' . $entity_id . '" value="' . $unitprice . '"><input type="hidden" name="qtyinstock_' . $entity_id . '" id="qtyinstock_' . $entity_id . '" value="' . $qty_stock . '"><input type="hidden" id="productcode_' . $entity_id . '" name="productcode_' . $entity_id . '" value="' . $productcode . '"><input type="hidden" id="serialno_' . $entity_id . '" name="serialno_' . $entity_id . '" value="' . $serialno . '">'; } elseif ($popuptype == "salesorder_prod") { $row_id = $_REQUEST['curr_row']; $unitprice = $adb->query_result($list_result, $list_result_count, 'unit_price'); $temp_val = popup_from_html($temp_val); $producttype = $_REQUEST['producttype']; $value = '<a href="javascript:window.close();" onclick=\'set_return_inventory_so("' . $entity_id . '", "' . br2nl($temp_val) . '", "' . $unitprice . '", "' . $row_id . '","' . $producttype . '");\'>' . $temp_val . '</a>'; } elseif ($popuptype == "inventory_prod_po") { $row_id = $_REQUEST['curr_row']; $unitprice = $adb->query_result($list_result, $list_result_count, 'unit_price'); $productcode = $adb->query_result($list_result, $list_result_count, 'productcode'); $temp_val = popup_from_html($temp_val); $value = '<a href="javascript:window.close();" onclick=\'set_return_inventory_po("' . $entity_id . '", "' . br2nl($temp_val) . '", "' . $unitprice . '", "' . $productcode . '","' . $row_id . '"); \'>' . $temp_val . '</a>'; } elseif ($popuptype == "inventory_prod_noprice") { $row_id = $_REQUEST['curr_row']; $temp_val = popup_from_html($temp_val); $qtyinstock = $adb->query_result($list_result, $list_result_count, 'qtyinstock'); $productcode = $adb->query_result($list_result, $list_result_count, 'productcode'); $value = '<a href="javascript:window.close();" onclick=\'set_return_inventory_noprice("' . $entity_id . '", "' . br2nl($temp_val) . '","' . $row_id . '","' . $qtyinstock . '","' . $productcode . '");\'>' . $temp_val . '</a>'; } elseif ($popuptype == "inventory_prod_check") { $row_id = $_REQUEST['curr_row']; $temp_val = popup_from_html($temp_val); $productcode = $adb->query_result($list_result, $list_result_count, 'productcode'); $usageunit = $adb->query_result($list_result, $list_result_count, 'usageunit'); $qtyinstock = $adb->query_result($list_result, $list_result_count, 'qtyinstock'); $value = '<a href="javascript:window.close();" onclick=\'set_return_inventory_check("' . $entity_id . '", "' . br2nl($temp_val) . '","' . $row_id . '","' . $productcode . '","' . $usageunit . '","' . $qtyinstock . '"); \'>' . $temp_val . '</a>'; } elseif ($popuptype == "specific_account_address") { require_once 'modules/Accounts/Accounts.php'; $acct_focus = new Accounts(); $acct_focus->retrieve_entity_info($entity_id, "Accounts"); $temp_val = popup_from_html($temp_val); $value = '<a href="javascript:window.close();" onclick=\'set_return_address("' . $entity_id . '", "' . br2nl($temp_val) . '", "' . br2nl($acct_focus->column_fields['bill_street']) . '", "' . br2nl($acct_focus->column_fields['ship_street']) . '", "' . br2nl($acct_focus->column_fields['bill_city']) . '", "' . br2nl($acct_focus->column_fields['ship_city']) . '", "' . br2nl($acct_focus->column_fields['bill_state']) . '", "' . br2nl($acct_focus->column_fields['ship_state']) . '", "' . br2nl($acct_focus->column_fields['bill_code']) . '", "' . br2nl($acct_focus->column_fields['ship_code']) . '", "' . br2nl($acct_focus->column_fields['bill_country']) . '", "' . br2nl($acct_focus->column_fields['ship_country']) . '","' . br2nl($acct_focus->column_fields['bill_pobox']) . '", "' . br2nl($acct_focus->column_fields['ship_pobox']) . '");\'>' . $temp_val . '</a>'; } elseif ($popuptype == "specific_contact_account_address") { require_once 'modules/Accounts/Accounts.php'; $acct_focus = new Accounts(); $acct_focus->retrieve_entity_info($entity_id, "Accounts"); $temp_val = popup_from_html($temp_val); $value = '<a href="javascript:window.close();" onclick=\'set_return_contact_address("' . $entity_id . '", "' . br2nl($temp_val) . '", "' . br2nl($acct_focus->column_fields['bill_street']) . '", "' . br2nl($acct_focus->column_fields['ship_street']) . '", "' . br2nl($acct_focus->column_fields['bill_city']) . '", "' . br2nl($acct_focus->column_fields['ship_city']) . '", "' . br2nl($acct_focus->column_fields['bill_state']) . '", "' . br2nl($acct_focus->column_fields['ship_state']) . '", "' . br2nl($acct_focus->column_fields['bill_code']) . '", "' . br2nl($acct_focus->column_fields['ship_code']) . '", "' . br2nl($acct_focus->column_fields['bill_country']) . '", "' . br2nl($acct_focus->column_fields['ship_country']) . '","' . br2nl($acct_focus->column_fields['bill_pobox']) . '", "' . br2nl($acct_focus->column_fields['ship_pobox']) . '");\'>' . $temp_val . '</a>'; } elseif ($popuptype == "specific_potential_account_address") { $acntid = $adb->query_result($list_result, $list_result_count, "accountid"); if ($acntid != "") { //require_once('modules/Accounts/Accounts.php'); //$acct_focus = new Accounts(); //$acct_focus->retrieve_entity_info($acntid,"Accounts"); $account_name = getAccountName($acntid); $temp_val = popup_from_html($temp_val); $value = '<a href="javascript:window.close();" onclick=\'set_return_address("' . $entity_id . '", "' . br2nl($temp_val) . '", "' . $acntid . '", "' . br2nl($account_name) . '");\'>' . $temp_val . '</a>'; } else { $temp_val = popup_from_html($temp_val); $value = '<a href="javascript:window.close();" >' . $temp_val . '</a>'; } } elseif ($popuptype == "set_return_emails") { $name = $adb->query_result($list_result, $list_result_count, "lastname"); $emailaddress = $adb->query_result($list_result, $list_result_count, "email"); if ($emailaddress == '') { $emailaddress = $adb->query_result($list_result, $list_result_count, "msn"); } $where = isset($_REQUEST['where']) ? $_REQUEST['where'] : ""; $value = '<a href="javascript:;" onclick=\'return set_return_emails("' . $where . '","' . $name . '","' . $emailaddress . '"); \'>' . $name . '</a>'; } elseif ($popuptype == "set_return_mobiles") { //$firstname=$adb->query_result($list_result,$list_result_count,"first_name"); $contactname = $adb->query_result($list_result, $list_result_count, "lastname"); $mobile = $adb->query_result($list_result, $list_result_count, "mobile"); //changed by dingjianting on 2006-11-9 for simplized chinese $value = '<a href="#" onclick=\'return set_return_mobiles(' . $entity_id . ',"' . $contactname . '","' . $mobile . '"); \'>' . $contactname . '</a>'; } elseif ($popuptype == "set_return_usermobiles") { //$firstname=$adb->query_result($list_result,$list_result_count,"first_name"); $lastname = $adb->query_result($list_result, $list_result_count, "last_name"); $mobile = $adb->query_result($list_result, $list_result_count, "phone_mobile"); //changed by dingjianting on 2006-11-9 for simplized chinese $value = '<a href="#" onclick=\'return set_return_mobiles(' . $entity_id . ',"' . $lastname . '","' . $mobile . '"); \'>' . $lastname . '</a>'; } else { $temp_val = str_replace("'", '\\"', $temp_val); $temp_val = popup_from_html($temp_val); $value = '<a href="javascript:window.close();" onclick=\'set_return("' . $entity_id . '", "' . br2nl($temp_val) . '");\'>' . $temp_val . '</a>'; } } } } $log->debug("Exiting getValue method ..."); return $value; }
if ($tmp == "") { $r_date = parseDate($r_date, "%d.%m.%Y"); //parsing date into mysql format $r_released_date = parseDate($r_released_date, "%d.%m.%Y"); //parsing date into mysql format $query = "insert into releases (r_name, r_date, r_released_date,r_global) values ('" . escapeChars($r_name) . "','" . escapeChars($r_date) . "','" . escapeChars($r_released_date) . "','" . escapeChars($r_global) . "')"; mysql_query($query) or die(mysql_error()); $r_id = mysql_insert_id(); header("Location:index.php?inc=manage_releases"); } } if ($action == "update" && $r_id != "") { if (!isValidDate($r_date)) { $tmp = $lng[14][13]; } if ($r_released_date != "" && !isValidDate($r_released_date)) { $tmp = $lng[14][14]; } if ($tmp == "") { $r_date = parseDate($r_date, "%d.%m.%Y"); //parsing date into mysql format $r_released_date = parseDate($r_released_date, "%d.%m.%Y"); //parsing date into mysql format $query = "update releases set r_name='" . escapeChars($r_name) . "', r_date='" . escapeChars($r_date) . "', r_released_date='" . escapeChars($r_released_date) . "', r_global='" . escapeChars($r_global) . "' where r_id=" . $r_id; mysql_query($query) or die(mysql_error()); header("Location:index.php?inc=manage_releases"); } } if ($r_id != "") { $query = "select *, date_format(r_date, '%d.%m.%Y') as d1, date_format(r_released_date, '%d.%m.%Y') as d2 from releases where r_id=" . $r_id; $rs = mysql_query($query) or die(mysql_error());
function UpdateMainVacactionRequest($fields) { $success = false; $statusMessage = ""; //------------------------------------------------------------------------- // Validate Input parameters //-------------------------------------------------------------------------- $inputIsValid = TRUE; $validID = false; $countOfFields = 0; foreach ($fields as $key => $value) { if ($key == MAIN_VACATION_REQ_ID) { $record = RetrieveMainVacationRequestByID($value); if ($record != NULL) { $validID = true; $countOfFields++; } } else { if ($key == MAIN_VACATION_EMP_ID) { $countOfFields++; $record = RetrieveEmployeeByID($value); if ($record == NULL) { $statusMessage .= "Invalid Main Vacation Employee ID</br>"; error_log("Invalid MAIN_VACATION_EMP_ID passed to " . "UpdateMainVacationRequest."); $inputIsValid = FALSE; } } else { if ($key == MAIN_VACATION_1ST_START) { $countOfFields++; if (!isValidDate($value)) { $statusMessage .= "Invalid 1st Choice Start Date</br>"; error_log("Invalid MAIN_VACATION_1ST_START passed to " . "UpdateMainVacationRequest."); $inputIsValid = FALSE; } } else { if ($key == MAIN_VACATION_1ST_END) { $countOfFields++; if (!isValidDate($value)) { $statusMessage .= "Invalid 1st Choice Finish Date/br>"; error_log("Invalid MAIN_VACATION_1ST_END passed to " . "UpdateMainVacationRequest."); $inputIsValid = FALSE; } } else { if ($key == MAIN_VACATION_2ND_START) { $countOfFields++; if (!isValidDate($value)) { $statusMessage .= "Invalid 2nd Choice Start Date/br>"; error_log("Invalid MAIN_VACATION_2ND_START passed to " . "UpdateMainVacationRequest."); $inputIsValid = FALSE; } } else { if ($key == MAIN_VACATION_2ND_END) { $countOfFields++; if (!isValidDate($value)) { $statusMessage .= "Invalid 2nd Choice Finish Date/br>"; error_log("Invalid MAIN_VACATION_2ND_END passed to " . "UpdateMainVacationRequest."); $inputIsValid = FALSE; } } else { $statusMessage .= "Invalid Field encountered./br>"; error_log("Invalid field passed to " . "UpdateMainVacationRequest. {$key}=" . $key); $inputIsValid = FALSE; } } } } } } } $firstChoiceStartDate = $fields[MAIN_VACATION_1ST_START]; $firstChoiceEndDate = $fields[MAIN_VACATION_1ST_END]; $secondChoiceStartDate = $fields[MAIN_VACATION_2ND_START]; $secondChoiceEndDate = $fields[MAIN_VACATION_2ND_END]; if (strtotime($firstChoiceEndDate) < strtotime($firstChoiceStartDate)) { $statusMessage .= "1st Choice End Date is before 1st Choice Start Date.</br>"; error_log("First Choice End Date is before First Choice Start Date."); $inputIsValid = FALSE; } if (strtotime($secondChoiceEndDate) < strtotime($secondChoiceStartDate)) { $statusMessage .= "2nd Choice End Date is before 2nd Choice Start Date.</br>"; error_log("Second Choice End Date is before Second Choice Start Date."); $inputIsValid = FALSE; } if (!$validID) { $statusMessage .= "No valid record ID found/br>"; error_log("No valid ID supplied in call to UpdateMainVacationRequest."); $inputIsValid = FALSE; } if ($countOfFields < 2) { $statusMessage .= "You must modify at least one of the fields of the record./br>"; error_log("Insufficent fields supplied in call to UpdateMainVacationRequest."); $inputIsValid = FALSE; } //-------------------------------------------------------------------------- // Only attempt to update a record in the database if the input parameters // are ok. //-------------------------------------------------------------------------- if ($inputIsValid) { $success = performSQLUpdate(MAIN_VACATION_REQUEST_TABLE, MAIN_VACATION_REQ_ID, $fields); if ($success) { $statusMessage .= "Record successfully modified."; } else { $inputIsValid = false; $statusMessage .= "Error encountered when updating the database. " . "Contact system administrator.</br>"; } } GenerateStatus($inputIsValid, $statusMessage); return $success; }
* Logic to edit and add a product to the database is here */ require 'database.php'; if (isset($_POST['btnAddProduct'])) { // //edit the data // //grabbing input and assigning to variables $code = trim($_POST['txtCode']); $name = trim($_POST['txtName']); $version = trim($_POST['txtVersion']); $releaseDate = trim($_POST['txtDate']); //check to ensure product code is unique $validCode = isValidCode($code, $db); //check for required date format $validDate = isValidDate($releaseDate); //quick check that version is indeed a number $validVersion = is_numeric($version); //validate inputs as not empty and valid if (!empty($name) && $validVersion && $validDate && $validCode) { //try/catch for our db work try { //if data is ok add a product to the database //construct a new query for insertion $query = "insert into products(productCode, name, version, releaseDate) values('{$code}', '{$name}', '{$version}', '{$releaseDate}')"; //executing the query $db->exec($query); //we should get here only if data was ok and added to the database //This will take you to the index.php for product_manager or the product list //redirecting for display of results include "AddProductForm.php";
if (empty($_POST['coHistory'])) { $errors['coHistory'] = 'Company history is required.'; } if (empty($_POST['webHistory'])) { $errors['webHistory'] = 'Website history is required.'; } if (empty($_POST['buildNow'])) { $errors['buildNow'] = 'Build now is required.'; } if (empty($_POST['constraintOptions'])) { $errors['constraintOptions'] = 'A fixed resource selection is required.'; } if (empty($_POST['startDate'])) { $errors['startDate'] = 'Start date is required.'; } else { if (!isValidDate($_POST['startDate'])) { $errors['startDate'] = 'Please enter a valid date.'; } } // return a response =========================================================== // if there are any errors in our errors array, return a success boolean of false if (!empty($errors)) { // if there are items in our errors array, return those errors $data['success'] = false; $data['errors'] = $errors; $data['message'] = 'ALERT! Please check your data inputs below for valid data before submitting your profile.'; } else { // Server side form validation passed - return success $data['success'] = true; } // Return all our data to an AJAX call
function displayLiveMusic($indicator) { global $sitePhone; global $liveMusicItemCount; global $liveMusicItemData; $monthSubstr = ""; $eventColor = 0; if (getLiveMusicCount() > 0) { if ($indicator == "all") { echo "<ul id='liveMusic'>"; } for ($i = 0; $i < $liveMusicItemCount; $i++) { $isValidDate = false; $eventName = ""; $eventTime = ""; $eventDate = ""; if (isset($liveMusicItemData[$i]["name"])) { $eventName = $liveMusicItemData[$i]["name"]; } if (isset($liveMusicItemData[$i]["time"])) { $eventTime = $liveMusicItemData[$i]["time"]; } if (isset($liveMusicItemData[$i]["date"])) { $eventDate = $liveMusicItemData[$i]["date"]; } if ($eventDate != "") { $eventMonth = date('m', strtotime(substr($eventDate, 0, 3))); $eventDay = trim(substr($eventDate, strpos($eventDate, ' '), strpos($eventDate, ',') - strpos($eventDate, ' '))); $eventYear = trim(substr($eventDate, strpos($eventDate, ',') + 1)); $isValidDate = isValidDate($eventYear, $eventMonth, $eventDay); } if ($eventDate != "" && $isValidDate && $eventName != "" && $eventTime != "") { if (isset($eventDate)) { if ($eventMonth != $monthSubstr) { $eventColor += 1; $monthSubstr = $eventMonth; } $eventDate = $eventDate; } if ($indicator == "all") { echo "<li class=''>"; } echo "<dl>"; echo "<dd class='date'>" . $eventDate . "</dd>"; echo "<dt class='color" . $eventColor . "'>" . $eventName . "</dt>"; echo "<dd>" . $eventTime . "</dd>"; echo "</dl>"; if ($indicator == "all") { echo "</li>"; } if ($indicator == "next") { return; } } } if ($indicator == "all") { echo "</ul>"; } } else { echo "<p>Please call for the latest Live Music schedule.</p>"; echo "<p>" . $sitePhone . "</p>"; } }