public function delete($id)
{
if ($this->checkExistedInBills($id)) {
return 1;
}
$ps = new PreparedStatement("DELETE FROM stocks WHERE id = ?");
$ps->setInt(1, $id);
return $this->ds->execute($ps->getSql()) ? 0 : 2;
}
function delete($id)
{
$sql = 'DELETE FROM carts WHERE id = ?';
$ps = new PreparedStatement($sql);
$ps->setInt(1, $id);
$this->ds->execute($ps->getSql());
$cartItemDAO = new CartItemDAO($this->ds);
$cartItemDAO->deleteInCart($id);
}
public function delete($id)
{
$ps = new PreparedStatement("DELETE FROM cities WHERE id = ?");
$ps->setInt(1, $id);
if ($this->ds->execute($ps->getSql())) {
$customerDAO = new CustomerDAO($this->ds);
$customerDAO->updateCity($id, 'NULL');
return TRUE;
}
return FALSE;
}
public function delete($id)
{
$ps = new PreparedStatement("DELETE FROM categories WHERE id = ?");
$ps->setInt(1, $id);
if ($this->ds->execute($ps->getSql())) {
$productDAO = new ProductDAO($this->ds);
$productDAO->updateCat($id, 'NULL');
return TRUE;
}
return FALSE;
}
public function checkExisted($stock_id)
{
$ps = new PreparedStatement('SELECT id FROM export_bills WHERE stock_id = ?');
$ps->setInt(1, $stock_id);
$rs = $this->ds->execute($ps->getSql());
$ret = FALSE;
if (mysql_fetch_array($rs)) {
$ret = TRUE;
}
mysql_free_result($rs);
return $ret;
}
public function checkLogin($username, $password)
{
$ps = new PreparedStatement('SELECT group_id FROM members WHERE username = ? AND password = ?');
$ps->setString(1, $username);
$ps->setString(2, $password);
$rs = $this->ds->execute($ps->getSql());
$ret = 0;
if ($row = mysql_fetch_array($rs)) {
$ret = (int) $row['group_id'];
}
mysql_free_result($rs);
return $ret;
}
function deleteCheckHook()
{
global $db, $id, $result, $RESERVED_PERM_NAMES;
$apppermDAO = new ApppermDAO($db);
if (!($perm = $apppermDAO->load($id))) {
$result->errorMsg .= "This Permission cannot be deleted because it does not exist.\n";
return;
}
if (in_array($perm->perm_name, $RESERVED_PERM_NAMES)) {
$result->errorMsg .= "This is a reserved Permission, and cannot be deleted.\n";
return;
}
$ps = new PreparedStatement('select * from apppageuriperm where perm_name = ?', 0, 1);
$ps->setString($perm->perm_name);
if ($db->fetchObject($db->executeQuery($ps), true)) {
$result->errorMsg .= "This Permission cannot be deleted because it is referenced by one or more Page URIs.\n";
}
$ps = new PreparedStatement('select * from approleperm where perm_name = ?', 0, 1);
$ps->setString($perm->perm_name);
if ($db->fetchObject($db->executeQuery($ps), true)) {
$result->errorMsg .= "This Permission cannot be deleted because it is referenced by one or more Roles.\n";
}
}
public function validate($db, &$row)
{
$sql = sprintf('select %s from %s', $this->foreignKeyMapping[0]->foreign, $this->foreignTable);
$sep = ' where ';
foreach ($this->foreignKeyMapping as $fkm) {
$sql .= sprintf('%s%s = ?', $sep, $fkm->foreign);
if ($sep != ' and ') {
$sep = ' and ';
}
}
$ps = new PreparedStatement($sql, 0, 1);
foreach ($this->foreignKeyMapping as $fkm) {
$vn = $fkm->local;
$val = property_exists($row, $vn) ? $row->{$vn} : '';
// If we're set to allow nulls and any value is null, don't validate.
if ($this->allowNULL && $val === null) {
return '';
}
switch ($fkm->type) {
case 'int':
$ps->setInt($val);
break;
case 'float':
$ps->setFloat($val);
break;
case 'double':
$ps->setDouble($val);
break;
case 'boolean':
$ps->setBoolean($val);
break;
case 'string':
$ps->setString($val);
break;
case 'binary':
$ps->setBinary($val);
break;
default:
throw new Exception(sprintf('Unexpected PreparedStatement data type: %s', $fkm->type));
}
}
if (!$db->fetchObject($db->executeQuery($ps), true)) {
if ($this->errorMsg != '') {
return $this->errorMsg;
}
return _t('ForeignKeyValidator.class.errorMsg.mustMatchAnExistingEntry');
}
return '';
}
<?php
// DO NOT EDIT THIS FILE.
// This file was generated by searchgen.
// If you need to customize this file, please edit the corresponding
// yaml file in the gencfg directory, and then re-generate this file
// by running searchgen, passing in the table name.
if (isset($command) && $command == 'loadPosting') {
header('Content-Type: application/json');
$db = ConnectionFactory::getConnection();
$postingDAO = new PostingDAO($db);
$id = isset($params['id']) ? (int) trim($params['id']) : 0;
if ($id <= 0) {
$rows = array(Posting::createDefault());
} else {
$sql = <<<EOF
select * from posting pri where pri.id = ?
EOF;
$ps = new PreparedStatement($sql, 0, 1);
$ps->setInt($id);
$rows = $postingDAO->findWithPreparedStatement($ps);
}
echo json_encode($rows);
$db->close();
exit;
}
<?php
// DO NOT EDIT THIS FILE.
// This file was generated by searchgen.
// If you need to customize this file, please edit the corresponding
// yaml file in the gencfg directory, and then re-generate this file
// by running searchgen, passing in the table name.
if (isset($command) && $command == 'loadIncomeexpense') {
header('Content-Type: application/json');
$db = ConnectionFactory::getConnection();
$incomeexpenseDAO = new IncomeexpenseDAO($db);
$id = isset($params['id']) ? (int) trim($params['id']) : 0;
if ($id <= 0) {
$rows = array(Incomeexpense::createDefault());
} else {
$sql = <<<EOF
select * from incomeexpense pri where pri.id = ?
EOF;
$ps = new PreparedStatement($sql, 0, 1);
$ps->setInt($id);
$rows = $incomeexpenseDAO->findWithPreparedStatement($ps);
}
echo json_encode($rows);
$db->close();
exit;
}
private function findMaxOrderInCat($cat_id)
{
$sql = 'SELECT MAX(order_in_cat) AS max_order FROM products WHERE category_id = ?';
$ps = new PreparedStatement($sql);
$ps->setInt(1, $cat_id);
$rs = $this->ds->execute($ps->getSql());
$max_order = 0;
if ($row = mysql_fetch_array($rs)) {
$max_order = (int) $row['max_order'];
}
mysql_free_result($rs);
return $max_order;
}
public static function inScriptPermissionsCheck($user_id, $showMenuIfFailed)
{
$pageURI = $_SERVER['REQUEST_URI'];
if (!Permissions::hasPermissionsForScript($user_id, $pageURI)) {
if ($showMenuIfFailed) {
include dirname(dirname(__FILE__)) . '/include/header.include.php';
} else {
echo '<html><head></head><body>';
}
echo '<h3>You need the following permissions to use this page:</h3>';
echo '<ul>';
$fileCache = self::createFileCache();
$db = null;
$ps = new PreparedStatement('select description from appperm where perm_name = ?');
foreach (Permissions::getRequiredPermissionsForScript($pageURI) as $p) {
$cacheKey = sprintf('apppermDesc%s', $p);
if (($desc = $fileCache->get($cacheKey)) === false) {
if ($db === null) {
$db = ConnectionFactory::getConnection();
}
$ps->clearParams();
$ps->setString($p);
if (($row = $db->fetchObject($db->executeQuery($ps), true)) !== false) {
$desc = $row->description;
} else {
$desc = $p;
}
$fileCache->set($cacheKey, $desc);
}
echo '<li>';
echo htmlspecialchars($desc);
echo '</li>';
}
if ($db !== null) {
$db->close();
}
echo '</ul>';
if ($showMenuIfFailed) {
include dirname(dirname(__FILE__)) . '/include/footer.include.php';
} else {
echo '</body></html>';
}
exit;
}
}
public function findByHas_sharesPS($has_shares, $queryOperator = '=', $orderBy = null, $offset = 0, $limit = 0)
{
if (!in_array($queryOperator, self::$ALLOWED_NUMERIC_QUERY_OPERATORS)) {
$queryOperator = self::$ALLOWED_NUMERIC_QUERY_OPERATORS[0];
}
$ps = new PreparedStatement("select * from accttype where has_shares {$queryOperator} ?" . ($orderBy !== null && $orderBy != '' ? ' order by ' . $orderBy : ''), $offset, $limit);
$ps->setInt($has_shares);
return $ps;
}
public function findByDescriptionPS($description, $queryOperator = '=', $orderBy = null, $offset = 0, $limit = 0)
{
if (!in_array($queryOperator, self::$ALLOWED_STRING_QUERY_OPERATORS)) {
$queryOperator = self::$ALLOWED_STRING_QUERY_OPERATORS[0];
}
if ($queryOperator == 'beginsWith' || $queryOperator == 'endsWith' || $queryOperator == 'contains') {
$sqlQueryOperator = $this->connection->likeOperator;
$needLower = !$this->connection->hasCaseInsensitiveLike;
} else {
$sqlQueryOperator = $queryOperator;
$needLower = false;
}
$ps = new PreparedStatement("select * from appperm where " . ($needLower ? 'lower(description)' : 'description') . ' ' . $sqlQueryOperator . ' ' . ($needLower ? 'lower(?)' : '?') . ($orderBy !== null && $orderBy != '' ? ' order by ' . $orderBy : ''), $offset, $limit);
if ($queryOperator == 'beginsWith') {
$ps->setString($description . '%');
} else {
if ($queryOperator == 'endsWith') {
$ps->setString('%' . $description);
} else {
if ($queryOperator == 'contains') {
$ps->setString('%' . $description . '%');
} else {
$ps->setString($description);
}
}
}
return $ps;
}
function delete($id)
{
$sql = 'DELETE FROM promos WHERE id = ?';
$ps = new PreparedStatement($sql);
$ps->setInt(1, $id);
return $this->ds->execute($ps->getSql()) ? TRUE : FALSE;
}
// by running searchgen, passing in the table name.
if (isset($command) && $command == 'loadApprole') {
header('Content-Type: application/json');
$db = ConnectionFactory::getConnection();
$approleDAO = new ApproleDAO($db);
$apppermDAO = new ApppermDAO($db);
$id = isset($params['id']) ? (int) trim($params['id']) : 0;
if ($id <= 0) {
$rows = array(Approle::createDefault());
} else {
$sql = <<<EOF
select * from approle pri where pri.id = ?
EOF;
$ps = new PreparedStatement($sql, 0, 1);
$ps->setInt($id);
$rows = $approleDAO->findWithPreparedStatement($ps);
}
$ps1 = new PreparedStatement(<<<EOF
select distinct p.* from approleperm r_p inner join appperm p on p.perm_name = r_p.perm_name where r_p.role_name = ? order by p.perm_name
EOF
, 0, 0);
foreach ($rows as &$row) {
$ps1->clearParams();
$ps1->setString($row->role_name);
$row->perms = $id <= 0 ? array() : $apppermDAO->findWithPreparedStatement($ps1);
}
unset($row);
echo json_encode($rows);
$db->close();
exit;
}
} else {
$ps->setString('%' . $query . '%');
}
$ps->setInt($queryCol == '' || $queryCol == 'pri.last_name' ? 1 : 0);
if ($canDoFulltextSearch) {
$ps->setString($ftquery);
$ps->setString($ftquery);
} else {
$ps->setString('%' . $query . '%');
}
$row = $db->fetchObject($db->executeQuery($ps), true);
$rowCount = isset($row->rowCount) ? (int) $row->rowCount : 0;
printf('{"sEcho": %d, "iTotalRecords": %d, "iTotalDisplayRecords": %d, "aaData": [', $sEcho, $rowCount, $rowCount);
// Get actual rows.
$ps = new PreparedStatement(<<<EOF
select pri.*
EOF
. $sqlTail . $orderBy, $offset, $limit);
$ps->setInt($queryCol == '' || $queryCol == 'pri.id' ? 1 : 0);
$ps->setInt($query);
$ps->setInt($queryCol == '' || $queryCol == 'pri.user_name' ? 1 : 0);
$ps->setString($query . '%');
$ps->setInt($queryCol == '' || $queryCol == 'pri.email_addr' ? 1 : 0);
$ps->setString($query . '%');
$ps->setInt($queryCol == '' || $queryCol == 'pri.first_name' ? 1 : 0);
if ($canDoFulltextSearch) {
$ps->setString($ftquery);
$ps->setString($ftquery);
} else {
$ps->setString('%' . $query . '%');
}
$ps->setInt($queryCol == '' || $queryCol == 'pri.last_name' ? 1 : 0);
public function findBySort_orderPS($sort_order, $queryOperator = '=', $orderBy = null, $offset = 0, $limit = 0)
{
if (!in_array($queryOperator, self::$ALLOWED_NUMERIC_QUERY_OPERATORS)) {
$queryOperator = self::$ALLOWED_NUMERIC_QUERY_OPERATORS[0];
}
$ps = new PreparedStatement("select * from incomeexpense where sort_order {$queryOperator} ?" . ($orderBy !== null && $orderBy != '' ? ' order by ' . $orderBy : ''), $offset, $limit);
$ps->setInt($sort_order);
return $ps;
}
public function update($col, $content)
{
$ps = new PreparedStatement('UPDATE global SET ' . $col . ' = ?');
$ps->setString(1, $this->ds->escape($content));
return $this->ds->execute($ps->getSql());
}
public function deleteInCart($cart_id)
{
$ps = new PreparedStatement('DELETE FROM cart_items WHERE cart_id = ?');
$ps->setInt(1, $cart_id);
return $this->ds->execute($ps->getSql());
}
public static function isView($db, $tableName, $dbName = '')
{
switch ($db->getDialect()) {
case 'mysql':
$dbNamePlaceholder = $dbName != '' ? '?' : 'database()';
$ps = new PreparedStatement("select TABLE_NAME from information_schema.VIEWS where TABLE_SCHEMA = {$dbNamePlaceholder} and TABLE_NAME = ?");
if ($dbName != '') {
$ps->setString($dbName);
}
$ps->setString($tableName);
return $db->fetchObject($db->executeQuery($ps), true) !== false;
case 'pgsql':
$dbNamePlaceholder = $dbName != '' ? '?' : 'current_schema()';
$ps = new PreparedStatement("select viewname from pg_views where schemaname = {$dbNamePlaceholder} and viewname = ?");
if ($dbName != '') {
$ps->setString($dbName);
}
$ps->setString($tableName);
return $db->fetchObject($db->executeQuery($ps), true) !== false;
}
}
/**
* Populates values in a prepared statement.
*
* @param PreparedStatement $stmt
* @param array $params array('column' => ..., 'table' => ..., 'value' => ...)
* @param DatabaseMap $dbMap
* @return int The number of params replaced.
*/
private static function populateStmtValues($stmt, $params, DatabaseMap $dbMap)
{
$i = 1;
foreach ($params as $param) {
$tableName = $param['table'];
$columnName = $param['column'];
$value = $param['value'];
if ($value === null) {
$stmt->setNull($i++);
} else {
$cMap = $dbMap->getTable($tableName)->getColumn($columnName);
$setter = 'set' . CreoleTypes::getAffix($cMap->getCreoleType());
$stmt->{$setter}($i++, $value);
}
}
// foreach
}
public function validate($db, &$row)
{
$sql = sprintf('select %s from %s', $this->fields[0]->field, $this->table);
$sep = ' where ';
foreach ($this->fields as $fld) {
$qo = $fld->queryOperator;
if ($qo == 'beginsWith' || $qo == 'contains' || $qo == 'endsWith') {
$qo = 'like';
}
$sql .= sprintf('%s%s %s ?', $sep, $fld->field, $qo);
if ($sep != ' and ') {
$sep = ' and ';
}
}
$ps = new PreparedStatement($sql, 0, 1);
foreach ($this->fields as $fld) {
$vn = $fld->field;
$val = property_exists($row, $vn) ? $row->{$vn} : '';
// If we're set to allow nulls and any value is null, don't validate.
if ($this->allowNULL && $val === null) {
return '';
}
switch ($fld->type) {
case 'int':
$ps->setInt($val);
break;
case 'float':
$ps->setFloat($val);
break;
case 'double':
$ps->setDouble($val);
break;
case 'boolean':
$ps->setBoolean($val);
break;
case 'string':
switch ($fld->queryOperator) {
case 'beginsWith':
$ps->setString($val . '%');
break;
case 'contains':
$ps->setString('%' . $val . '%');
break;
case 'endsWith':
$ps->setString('%' . $val);
break;
default:
$ps->setString($val);
break;
}
break;
case 'binary':
$ps->setBinary($val);
break;
default:
throw new Exception(sprintf('Unexpected PreparedStatement data type: %s', $fld->type));
}
}
if ($db->fetchObject($db->executeQuery($ps), true)) {
if ($this->errorMsg != '') {
return $this->errorMsg;
}
return _t('NoDuplicatesValidator.class.errorMsg.anEntryAlreadyExistsWithThisValue');
}
return '';
}
public function updateCity($old_city_id, $new_city_id)
{
$sql = 'UPDATE customers SET city_id = ? WHERE city_id = ?';
$ps = new PreparedStatement($sql);
if ($new_city_id == 'NULL') {
$ps->setNull(1);
} else {
$ps->setInt(1, $new_city_id);
}
$ps->setInt(2, $old_city_id);
$this->ds->execute($ps->getSql());
}
$limit = isset($params['limit']) ? (int) $params['limit'] : 0;
if ($limit < 1 || $limit > 100) {
$limit = 100;
}
} else {
$id = isset($params['id']) ? (int) trim($params['id']) : 0;
$sqlTail = <<<EOF
from appuser pri
where pri.id = ?
EOF;
$offset = 0;
$limit = 1;
}
$ps = new PreparedStatement(<<<EOF
select pri.*
EOF
. $sqlTail, $offset, $limit);
if ($query !== null) {
$ps->setString($query . '%');
if ($canDoFulltextSearch) {
$ps->setString($ftquery);
$ps->setString($ftquery);
} else {
$ps->setString('%' . $query . '%');
}
if ($canDoFulltextSearch) {
$ps->setString($ftquery);
$ps->setString($ftquery);
} else {
$ps->setString('%' . $query . '%');
}
EOF;
// Get row count.
$ps = new PreparedStatement('select count(*) as rowCount' . $sqlTail);
$ps->setInt($queryCol == '' || $queryCol == 'pri.id' ? 1 : 0);
$ps->setInt($query);
$ps->setInt($queryCol == '' || $queryCol == 'pri.description' ? 1 : 0);
$ps->setString('%' . $query . '%');
$ps->setInt($queryCol == '' || $queryCol == 'pri.normal_sign' ? 1 : 0);
$ps->setString('%' . $query . '%');
$row = $db->fetchObject($db->executeQuery($ps), true);
$rowCount = isset($row->rowCount) ? (int) $row->rowCount : 0;
printf('{"sEcho": %d, "iTotalRecords": %d, "iTotalDisplayRecords": %d, "aaData": [', $sEcho, $rowCount, $rowCount);
// Get actual rows.
$ps = new PreparedStatement(<<<EOF
select pri.*
EOF
. $sqlTail . $orderBy, $offset, $limit);
$ps->setInt($queryCol == '' || $queryCol == 'pri.id' ? 1 : 0);
$ps->setInt($query);
$ps->setInt($queryCol == '' || $queryCol == 'pri.description' ? 1 : 0);
$ps->setString('%' . $query . '%');
$ps->setInt($queryCol == '' || $queryCol == 'pri.normal_sign' ? 1 : 0);
$ps->setString('%' . $query . '%');
$rows = $db->fetchAllObjects($db->executeQuery($ps), true);
$sep = '';
foreach ($rows as $row) {
$arr = array();
foreach ($returnColumns as $dc) {
$arr[] = isset($row->{$dc}) ? $row->{$dc} : '';
}
echo $sep;
// by running searchgen, passing in the table name.
if (isset($command) && $command == 'loadAppuser') {
header('Content-Type: application/json');
$db = ConnectionFactory::getConnection();
$appuserDAO = new AppuserDAO($db);
$approleDAO = new ApproleDAO($db);
$id = isset($params['id']) ? (int) trim($params['id']) : 0;
if ($id <= 0) {
$rows = array(Appuser::createDefault());
} else {
$sql = <<<EOF
select * from appuser pri where pri.id = ?
EOF;
$ps = new PreparedStatement($sql, 0, 1);
$ps->setInt($id);
$rows = $appuserDAO->findWithPreparedStatement($ps);
}
$ps1 = new PreparedStatement(<<<EOF
select distinct r.* from appuserrole u_r inner join approle r on r.role_name = u_r.role_name where u_r.user_id = ? order by r.sort_order, r.role_name
EOF
, 0, 0);
foreach ($rows as &$row) {
$ps1->clearParams();
$ps1->setInt($row->id);
$row->roles = $id <= 0 ? array() : $approleDAO->findWithPreparedStatement($ps1);
}
unset($row);
echo json_encode($rows);
$db->close();
exit;
}
<?php
// DO NOT EDIT THIS FILE.
// This file was generated by searchgen.
// If you need to customize this file, please edit the corresponding
// yaml file in the gencfg directory, and then re-generate this file
// by running searchgen, passing in the table name.
if (isset($command) && $command == 'loadAcct') {
header('Content-Type: application/json');
$db = ConnectionFactory::getConnection();
$acctDAO = new AcctDAO($db);
$id = isset($params['id']) ? (int) trim($params['id']) : 0;
if ($id <= 0) {
$rows = array(Acct::createDefault());
} else {
$sql = <<<EOF
select * from acct pri where pri.id = ?
EOF;
$ps = new PreparedStatement($sql, 0, 1);
$ps->setInt($id);
$rows = $acctDAO->findWithPreparedStatement($ps);
}
echo json_encode($rows);
$db->close();
exit;
}
// Get row count.
$ps = new PreparedStatement('select count(*) as rowCount' . $sqlTail);
$ps->setInt($queryCol == '' || $queryCol == 'pri.id' ? 1 : 0);
$ps->setInt($query);
$ps->setInt($queryCol == '' || $queryCol == 'pri.description' ? 1 : 0);
$ps->setString('%' . $query . '%');
$ps->setInt($queryCol == '' || $queryCol == 'pri.acct_no' ? 1 : 0);
$ps->setString('%' . $query . '%');
$ps->setInt($queryCol == '' || $queryCol == 'pri.ticker_symbol' ? 1 : 0);
$ps->setString('%' . $query . '%');
$row = $db->fetchObject($db->executeQuery($ps), true);
$rowCount = isset($row->rowCount) ? (int) $row->rowCount : 0;
printf('{"sEcho": %d, "iTotalRecords": %d, "iTotalDisplayRecords": %d, "aaData": [', $sEcho, $rowCount, $rowCount);
// Get actual rows.
$ps = new PreparedStatement(<<<EOF
select pri.*
EOF
. $sqlTail . $orderBy, $offset, $limit);
$ps->setInt($queryCol == '' || $queryCol == 'pri.id' ? 1 : 0);
$ps->setInt($query);
$ps->setInt($queryCol == '' || $queryCol == 'pri.description' ? 1 : 0);
$ps->setString('%' . $query . '%');
$ps->setInt($queryCol == '' || $queryCol == 'pri.acct_no' ? 1 : 0);
$ps->setString('%' . $query . '%');
$ps->setInt($queryCol == '' || $queryCol == 'pri.ticker_symbol' ? 1 : 0);
$ps->setString('%' . $query . '%');
$rows = $db->fetchAllObjects($db->executeQuery($ps), true);
$sep = '';
foreach ($rows as $row) {
$arr = array();
foreach ($returnColumns as $dc) {
$arr[] = isset($row->{$dc}) ? $row->{$dc} : '';
