Esempio n. 1
0
 * datatype
 */
// main includes
require './include.php';
require './includes/db_inc.php';
$tableinfo = new tableinfo($db, false, $_POST['tableid']);
// don't have these fields changed:
$forbidden_fields = array('id', 'ownerid');
if (in_array($_POST['field'], $forbidden_fields)) {
    return false;
}
if ($_POST['datatype'] == 'date') {
    $_POST['newvalue'] = strtotime($_POST['newvalue']);
}
//$db->debug=true;
if (may_see_table($db, $USER, $tableinfo->id) && may_write($db, $tableinfo->id, $_post['recordid'], $USER)) {
    if ($_POST['datatype'] == 'mpulldown') {
        // $newvalue is a comma separated list with ids of the selected items
        // remove the last (extra) comma)
        $_POST['newvalue'] = substr($_POST['newvalue'], 0, -1);
        $valueArray = explode(',', $_POST['newvalue']);
        // figure out name of keytable
        $keytable = get_cell($db, $tableinfo->desname, 'key_table', 'columnname', $_POST['field']);
        if ($keytable) {
            update_mpulldown($db, $keytable, $_POST['recordid'], $valueArray);
        }
    } else {
        // if the value is really empty, set to NULL, this is essential for numeric fields
        if ($_POST['newvalue'] == '') {
            $result = $db->Execute("UPDATE {$tableinfo->realname} SET {$_POST['field']}=NULL WHERE id={$_POST['recordid']}");
        } else {
Esempio n. 2
0
if (is_numeric($_GET['viewid'])) {
    $viewid = $_GET['viewid'];
}
if ($viewid) {
    $Fieldscomma = viewlist($db, $tableinfo, $viewid);
} else {
    $Fieldscomma = comma_array_SQL($db, $tableinfo->desname, columnname, "WHERE display_table='Y'");
}
if (!($reportid && ($recordid || $tableview))) {
    printheader($httptitle);
    navbar($USER['permissions']);
    echo "<h3 align='center'>Not enough information to generate the report.</h3>";
    printfooter();
    exit;
}
if (!may_see_table($db, $USER, $tableinfo->id)) {
    printheader($httptitle);
    navbar($USER['permissions']);
    echo "<h3 align='center'>This information is not intended to be seen by you.</h3>";
    printfooter();
    exit;
}
if ($reportid > 0) {
    $reportname = get_cell($db, 'reports', 'label', 'id', $reportid);
    $tp = @fopen($system_settings['templatedir'] . "/{$reportid}.tpl", 'r');
    if ($tp) {
        while (!feof($tp)) {
            $line = fgets($tp);
            if (stristr($line, "<!--fields-->")) {
                $header = $template;
                unset($template);