/**
* @param Array keys
* @param Boolean forLookup
* @param String _table
* @param String _field
* @param String pageType
* @return Array
*/
public function GetAddedDataLookupQuery($keys, $forLookup, $_table, $_field, $pageType)
{
$lookupMainSettings = getLookupMainTableSettings($this->tName, $_table, $_field, $pageType);
if(!$lookupMainSettings)
return array();
global $conn;
$LookupSQL = "";
$mainField = $_field;
$mainTable = $lookupMainSettings->getTableName();
$linkFieldName = $lookupMainSettings->getLinkField($mainField);
$dispfield = $lookupMainSettings->getDisplayField($mainField);
$nLookupType = $lookupMainSettings->getLookupType($mainField);
if($nLookupType == LT_QUERY)
{
if($lookupMainSettings->getCustomDisplay($mainField))
$this->pSet->getSQLQuery()->AddCustomExpression($dispfield, $this->pSet, $mainTable, $mainField);
$lookupQueryObj = $this->pSet->getSQLQuery()->CloneObject();
}
else
{
$LookupSQL = "select ";
$LookupSQL .= GetFullFieldName($linkFieldName, $this->tName, true);
if($linkFieldName != $dispfield)
$LookupSQL .= "," . $this->pSet->getLWDisplayField($mainField, true);
$LookupSQL.=" from ".AddTableWrappers($this->strOriginalTableName);
}
$data = 0;
$lookupIndexes = array("linkFieldIndex" => 0, "displayFieldIndex" => 0);
if(count($keys))
{
$where = KeyWhere($keys);
if($nLookupType == LT_QUERY)
$LookupSQL = $lookupQueryObj->toSql(whereAdd($lookupQueryObj->m_where->toSql($lookupQueryObj), $where));
else
$LookupSQL.=" where ".$where;
$lookupIndexes = GetLookupFieldsIndexes($lookupMainSettings, $mainField);
LogInfo($LookupSQL);
if($forLookup)
{
$rs=db_query($LookupSQL,$conn);
$data = $this->cipherer->DecryptFetchedArray($rs);
}
else if($LookupSQL)
{
$rs = db_query($LookupSQL,$conn);
$data = db_fetch_numarray($rs);
$data[$lookupIndexes["linkFieldIndex"]] = $this->cipherer->DecryptField($linkFieldName, $data[$lookupIndexes["linkFieldIndex"]]);
if($nLookupType == LT_QUERY)
$data[$lookupIndexes["displayFieldIndex"]] = $this->cipherer->DecryptField($dispfield, $data[$lookupIndexes["displayFieldIndex"]]);
}
}
return array($data, array("linkField" => $linkFieldName, "displayField" => $dispfield
, "linkFieldIndex" => $lookupIndexes["linkFieldIndex"], "displayFieldIndex" => $lookupIndexes["displayFieldIndex"]));
}
/**
* Read current values from the database
*
* @return {array} array of current record data
*/
function getCurrentRecordInternal()
{
if (!is_null($this->data)) {
return $this->data;
}
global $conn;
$query = $this->gQuery->Copy();
$strWhereClause = KeyWhere($this->keys);
$strSQL = $this->gQuery->gSQLWhere($strWhereClause);
$strSQLbak = $strSQL;
// Before Query event
if ($this->eventsObject->exists("BeforeQueryEdit")) {
$this->eventsObject->BeforeQueryEdit($strSQL, $strWhereClause, $this);
}
if ($strSQLbak == $strSQL) {
$strSQL = $this->gQuery->gSQLWhere($strWhereClause);
}
LogInfo($strSQL);
$rs = db_query($strSQL, $conn);
$this->data = $this->cipherer->DecryptFetchedArray($rs);
if (!$this->data && $this->mode == EDIT_SIMPLE) {
return $this->data;
}
foreach ($this->editFields as $fName) {
if (@$_POST["a"] != "edited" && $this->pSet->isAutoUpdate($fName) && $this->pSet->getDefaultValue($fName) !== "") {
$this->data[$fName] = $this->pSet->getDefaultValue($fName);
}
}
if ($this->readEditValues) {
foreach ($this->editFields as $fName) {
$editFormat = $this->pSet->getEditFormat($fName);
if ($editFormat == EDIT_FORMAT_DATABASE_FILE && $editFormat != EDIT_FORMAT_DATABASE_IMAGE && $editFormat != EDIT_FORMAT_FILE && !$this->pSet->isReadonly($fName)) {
$this->data[$fName] = $this->editValues[$fName];
}
}
}
if ($this->eventsObject->exists("ProcessValuesEdit")) {
$this->eventsObject->ProcessValuesEdit($this->data, $this);
}
return $this->data;
}
if ($pageObject->isShowDetailTables && !isMobile()) {
$ids = $id;
$pageObject->jsSettings['tableSettings'][$strTableName]['dpParams'] = array();
}
// Before Process event
if ($eventObj->exists("BeforeProcessView")) {
$eventObj->BeforeProcessView($conn);
}
$strWhereClause = '';
$strHavingClause = '';
if (!$all) {
// show one record only
$keys = array();
$strWhereClause = "";
$keys["Record ID"] = postvalue("editid1");
$strWhereClause = KeyWhere($keys);
$strSQL = gSQLWhere($strWhereClause);
} else {
if ($_SESSION[$strTableName . "_SelectedSQL"] != "" && @$_REQUEST["records"] == "") {
$strSQL = $_SESSION[$strTableName . "_SelectedSQL"];
$strWhereClause = @$_SESSION[$strTableName . "_SelectedWhere"];
} else {
$strWhereClause = @$_SESSION[$strTableName . "_where"];
$strHavingClause = @$_SESSION[$strTableName . "_having"];
$strSQL = gSQLWhere($strWhereClause, $strHavingClause);
}
// order by
$strOrderBy = $_SESSION[$strTableName . "_order"];
if (!$strOrderBy) {
$strOrderBy = $gstrOrderBy;
}
$returnJSON = array("success" => false, "error" => 'Error: You have not permission for read this text');
echo printJSON($returnJSON);
return;
}
if (!$gQuery->HasGroupBy()) {
// Do not select any fields except current (full text) field.
// If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
// Just don't do anything in that case.
$gQuery->RemoveAllFieldsExcept($pSet->getFieldIndex($field));
}
$keysArr = $pSet->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = postvalue("key" . ($ind + 1));
}
$where = KeyWhere($keys);
$sql = $gQuery->gSQLWhere($where);
$qResult = $_connection->query($sql);
if (!$qResult || !($data = $cipherer->DecryptFetchedArray($qResult->fetchAssoc()))) {
$returnJSON = array("success" => false, "error" => 'Error: Wrong SQL query');
echo printJSON($returnJSON);
return;
}
$fieldValue = $data[$field];
$sessionPrefix = $pSet->getOriginalTableName();
if ($mode == LIST_DASHBOARD) {
//set the session prefix for the dashboard list page
$sessionPrefix = "Dashboard_" . $pSet->getOriginalTableName();
}
if ($lookup) {
//set the session prefix for the lookup list page
/**
* Read current values from the database
*
* @return {array} array of current record data
*/
function getCurrentRecordInternal()
{
if (!is_null($this->data))
return $this->data;
global $gstrOrderBy, $conn;
$strWhereClause = '';
$strHavingClause = '';
if(!$this->all)
{
$strWhereClause = KeyWhere($this->keys);
if($this->pSet->getAdvancedSecurityType()!=ADVSECURITY_ALL)
$strWhereClause = whereAdd($strWhereClause, SecuritySQL("Search"));
$strSQL = $this->gQuery->gSQLWhere($strWhereClause);
}
else
{
if ($_SESSION[$this->tName."_SelectedSQL"]!="" && @$_REQUEST["records"]=="")
{
$strSQL = $_SESSION[$this->tName."_SelectedSQL"];
$strWhereClause=@$_SESSION[$this->tName."_SelectedWhere"];
}
else
{
$strWhereClause = @$_SESSION[$this->tName."_where"];
$strHavingClause = @$_SESSION[$this->tName."_having"];
$strSearchCriteria = @$_SESSION[$this->tName."_criteria"];
$joinFromPart = @$_SESSION[$this->tName."_joinFromPart"];
if($this->pSet->getAdvancedSecurityType()==ADVSECURITY_VIEW_OWN && $strWhereClause=="")
$strWhereClause = whereAdd($strWhereClause, SecuritySQL("Search"));
//$strSQL = $this->gQuery->gSQLWhere($strWhereClause, $strHavingClause, $strSearchCriteria);
$strSQL = SQLQuery::gSQLWhere_having($this->gQuery->HeadToSql(), $this->gQuery->FromToSql().$joinFromPart, $this->gQuery->WhereToSql(),
$this->gQuery->GroupByToSql(), $this->gQuery->Having()->toSql($this->gQuery), $strWhereClause, $strHavingClause, $strSearchCriteria);
}
// order by
$strOrderBy = $_SESSION[$this->tName."_order"];
if(!$strOrderBy)
$strOrderBy = $gstrOrderBy;
$strSQL.=" ".trim($strOrderBy);
}
$strSQLbak = $strSQL;
if($this->eventsObject->exists("BeforeQueryView"))
$this->eventsObject->BeforeQueryView($strSQL, $strWhereClause, $this);
if($strSQLbak == $strSQL)
{
//$strSQL = $this->gQuery->gSQLWhere($strWhereClause, $strHavingClause);
$strSQL = SQLQuery::gSQLWhere_having($this->gQuery->HeadToSql(), $this->gQuery->FromToSql().$joinFromPart, $this->gQuery->WhereToSql(),
$this->gQuery->GroupByToSql(), $this->gQuery->Having()->toSql($this->gQuery), $strWhereClause, $strHavingClause, $strSearchCriteria);
if($this->all)
{
$numrows = $this->gQuery->gSQLRowCount($strWhereClause, $strHavingClause, $strSearchCriteria);
$strSQL.=" ".trim($strOrderBy);
}
}
else
{ // changed $strSQL - old style
if($this->all)
$numrows = GetRowCount($strSQL);
}
if(!$this->all)
{
LogInfo($strSQL);
$rs = db_query($strSQL, $conn);
}
else
{
// Pagination:
$nPageSize = 0;
if(@$_REQUEST["records"]=="page" && $numrows)
{
$mypage = (integer)@$_SESSION[$this->tName."_pagenumber"];
$nPageSize = (integer)@$_SESSION[$this->tName."_pagesize"];
if($numrows <= ($mypage-1)*$nPageSize)
$mypage = ceil($numrows/$nPageSize);
if(!$nPageSize)
$nPageSize = $gPageSize;
if(!$mypage)
$mypage = 1;
$strSQL.=" limit ".(($mypage-1)*$nPageSize).",".$nPageSize;
}
$rs = db_query($strSQL,$conn);
}
$this->data = $this->cipherer->DecryptFetchedArray($rs);
if(sizeof($this->data) && $this->eventsObject->exists("ProcessValuesView"))
$this->eventsObject->ProcessValuesView($this->data, $this);
return $this->data;
}
/**
* @param Boolean forLookup
* @param String mainTableShortName
* @param String mainField
* @param String pageType
* @return Array
*/
protected function GetAddedDataLookupQuery($forLookup, $mainTableShortName, $mainField, $pageType)
{
$lookupMainSettings = getLookupMainTableSettings($this->tName, $mainTableShortName, $mainField, $pageType);
if (!$lookupMainSettings) {
return array();
}
$LookupSQL = "";
$mainTable = $lookupMainSettings->getTableName();
$linkFieldName = $lookupMainSettings->getLinkField($mainField);
$dispfield = $lookupMainSettings->getDisplayField($mainField);
if ($lookupMainSettings->getCustomDisplay($mainField)) {
$this->pSet->getSQLQuery()->AddCustomExpression($dispfield, $this->pSet, $mainTable, $mainField);
}
$lookupQueryObj = $this->pSet->getSQLQuery()->CloneObject();
$data = array();
$lookupIndexes = array("linkFieldIndex" => 0, "displayFieldIndex" => 0);
if (count($this->keys)) {
$where = KeyWhere($this->keys);
$LookupSQL = $lookupQueryObj->toSql(whereAdd($lookupQueryObj->m_where->toSql($lookupQueryObj), $where));
$lookupIndexes = GetLookupFieldsIndexes($lookupMainSettings, $mainField);
LogInfo($LookupSQL);
if ($forLookup) {
$data = $this->cipherer->DecryptFetchedArray($this->connection->query($LookupSQL)->fetchAssoc());
} else {
if ($LookupSQL) {
$data = $this->connection->query($LookupSQL)->fetchNumeric();
$data[$lookupIndexes["linkFieldIndex"]] = $this->cipherer->DecryptField($linkFieldName, $data[$lookupIndexes["linkFieldIndex"]]);
$data[$lookupIndexes["displayFieldIndex"]] = $this->cipherer->DecryptField($dispfield, $data[$lookupIndexes["displayFieldIndex"]]);
}
}
}
return array($data, array("linkField" => $linkFieldName, "displayField" => $dispfield, "linkFieldIndex" => $lookupIndexes["linkFieldIndex"], "displayFieldIndex" => $lookupIndexes["displayFieldIndex"]));
}
/**
* Delete selected records
*/
function deleteRecords()
{
global $globalEvents;
$this->deleteMessage = "";
if (@$_REQUEST["mdelete"]) {
foreach (@$_REQUEST["mdelete"] as $ind) {
for ($i = 0; $i < count($this->arrKeyFields); $i++) {
$keys[$this->arrKeyFields[$i]] = refine($_REQUEST["mdelete" . ($i + 1)][mdeleteIndex($ind)]);
}
$this->selectedRecs[] = $keys;
}
} elseif (@$_REQUEST["selection"]) {
foreach (@$_REQUEST["selection"] as $keyblock) {
$arr = explode("&", refine($keyblock));
if (count($arr) < count($this->arrKeyFields)) {
continue;
}
for ($i = 0; $i < count($this->arrKeyFields); $i++) {
$keys[$this->arrKeyFields[$i]] = urldecode(@$arr[$i]);
}
$this->selectedRecs[] = $keys;
}
}
$this->recordsDeleted = 0;
$this->lockDelRec = array();
foreach ($this->selectedRecs as $keys) {
$where = KeyWhere($keys);
// delete only owned records
if ($this->nSecOptions != ADVSECURITY_ALL && $this->nLoginMethod == SECURITY_TABLE && $this->createLoginPage) {
$where = whereAdd($where, SecuritySQL("Delete"));
}
$strSQl = "delete from " . AddTableWrappers($this->origTName) . " where " . $where;
$retval = true;
$deletedrs = db_query(SQLQuery::gSQLWhere_having($this->gsqlHead, $this->gsqlFrom, $this->gsqlWhereExpr, $this->gsqlGroupBy, $this->gsqlHaving, $where), $this->conn);
$deleted_values = $this->cipherer->DecryptFetchedArray($deletedrs);
if ($globalEvents->exists("IsRecordEditable", $this->tName)) {
if (!$globalEvents->IsRecordEditable($deleted_values, true, $this->tName)) {
continue;
}
}
if ($this->eventExists("BeforeDelete")) {
$tdeleteMessage = $this->deleteMessage;
$retval = $this->eventsObject->BeforeDelete($where, $deleted_values, $tdeleteMessage, $this);
$this->deleteMessage = $tdeleteMessage;
}
$lockRecord = false;
if ($this->lockingObj) {
$lockWhere = "";
foreach ($keys as $keysvalue) {
$lockWhere .= rawurlencode($keysvalue) . "&";
}
$lockWhere = substr($lockWhere, 0, -1);
$lockSQL = "select * from " . AddTableWrappers("") . " where " . AddFieldWrappers("keys") . "=" . db_prepare_string($lockWhere) . " and " . AddFieldWrappers("table") . "=" . db_prepare_string($this->origTName) . " and " . AddFieldWrappers("action") . "=1";
$lockSet = db_query($lockSQL, $this->conn);
if ($data = db_fetch_array($lockSet)) {
$lockRecord = true;
$this->lockDelRec[] = $keys;
}
if ($this->mode == LIST_SIMPLE) {
$_SESSION[$this->sessionPrefix . "_lockDelRec"] = $this->lockDelRec;
}
}
if (!$lockRecord && @$_REQUEST["a"] == "delete" && $retval) {
$this->recordsDeleted++;
// delete associated uploaded files if any
DeleteUploadedFiles($this->pSet, $deleted_values);
LogInfo($strSQl);
db_exec($strSQl, $this->conn);
if ($this->audit && $deleted_values) {
$fieldsList = $this->pSet->getFieldsList();
$i = 0;
foreach ($deleted_values as $key => $value) {
if (IsBinaryType($this->pSet->getFieldType($fieldsList[$i]))) {
$deleted_audit_values[$fieldsList[$i]] = $value;
} else {
$deleted_audit_values[$key] = $value;
}
$i++;
}
$this->audit->LogDelete($this->tName, $deleted_audit_values, $keys);
}
if ($this->eventExists("AfterDelete")) {
$tdeleteMessage = $this->deleteMessage;
$this->eventsObject->AfterDelete($where, $deleted_values, $tdeleteMessage, $this);
$this->deleteMessage = $tdeleteMessage;
}
}
if (strlen($this->deleteMessage)) {
$this->xt->assignbyref("message", $this->deleteMessage);
$this->xt->assign("message_block", true);
}
}
if (count($this->selectedRecs) && $this->eventExists("AfterMassDelete")) {
$this->eventsObject->AfterMassDelete($this->recordsDeleted, $this);
}
}
/**
* Read values from the database by keys
*
* @return {mixed} array of current record data or false
*/
function getRecordData()
{
global $conn, $gSettings, $gQuery, $cipherer;
if ($this->location != PAGE_EDIT && $this->location != PAGE_VIEW && $this->location != PAGE_LIST && $this->location != 'grid' && !$next) {
return false;
}
if ($this->isGetNext) {
$this->isGetNext = false;
$keys = $this->selectedKeys[$this->nextInd];
$this->nextInd = $this->nextInd + 1;
} else {
$keys = $this->currentKeys;
}
$strWhereClause = KeyWhere($keys);
$strSQL = $gQuery->gSQLWhere($strWhereClause);
$strSQLbak = $strSQL;
if ($strSQLbak == $strSQL) {
$strSQL = $gQuery->gSQLWhere($strWhereClause);
}
LogInfo($strSQL);
$rs = db_query($strSQL, $conn);
$data = $cipherer->DecryptFetchedArray($rs);
foreach ($data as $fName => $val) {
$isBlobField = false;
if ($this->location == PAGE_EDIT) {
$editFormat = $gSettings->getEditFormat($fName);
if ($editFormat == EDIT_FORMAT_DATABASE_FILE || $editFormat == EDIT_FORMAT_DATABASE_IMAGE) {
$isBlobField = true;
}
if (@$_POST["a"] != "edited" && $gSettings->isAutoUpdate($fName) && $gSettings->getDefaultValue($fName)) {
$data[$fName] = $gSettings->getDefaultValue($fName);
}
} else {
$viewFormat = $gSettings->getViewFormat($fName);
if ($viewFormat == FORMAT_DATABASE_FILE || $viewFormat == FORMAT_DATABASE_IMAGE || $viewFormat == FORMAT_FILE_IMAGE) {
$isBlobField = true;
}
}
if ($isBlobField) {
if ($data[$fName]) {
$data[$fName] = true;
} else {
$data[$fName] = false;
}
}
}
return $data;
}
function GetAddedDataLookupQuery($pageObject, $keys, $forLookup)
{
global $conn, $strTableName, $strOriginalTableName;
$LookupSQL = "";
$linkfield = "";
$dispfield = "";
$noBlobReplace = false;
$lookupFieldName = "";
if ($LookupSQL && $nLookupType != LT_QUERY) {
$LookupSQL .= " from " . AddTableWrappers($strOriginalTableName);
}
$data = 0;
$lookupIndexes = array("linkFieldIndex" => 0, "displayFieldIndex" => 0);
if (count($keys)) {
$where = KeyWhere($keys);
if ($nLookupType == LT_QUERY) {
$LookupSQL = $lookupQueryObj->toSql(whereAdd($lookupQueryObj->m_where->toSql($lookupQueryObj), $where));
} else {
$LookupSQL .= " where " . $where;
}
$lookupIndexes = GetLookupFieldsIndexes($lookupPSet, $lookupFieldName);
LogInfo($LookupSQL);
if ($forLookup) {
$rs = db_query($LookupSQL, $conn);
$data = $pageObject->cipherer->DecryptFetchedArray($rs);
} else {
if ($LookupSQL) {
$rs = db_query($LookupSQL, $conn);
$data = db_fetch_numarray($rs);
$data[$lookupIndexes["linkFieldIndex"]] = $pageObject->cipherer->DecryptField($linkFieldName, $data[$lookupIndexes["linkFieldIndex"]]);
if ($nLookupType == LT_QUERY) {
$data[$lookupIndexes["displayFieldIndex"]] = $pageObject->cipherer->DecryptField($dispfield, $data[$lookupIndexes["displayFieldIndex"]]);
}
}
}
}
return array($data, array("linkField" => $linkFieldName, "displayField" => $dispfield, "linkFieldIndex" => $lookupIndexes["linkFieldIndex"], "displayFieldIndex" => $lookupIndexes["displayFieldIndex"]));
}
/**
* @intellisense
*/
function GetImageFromDB($gQuery, $forPDF = false, $params = array())
{
global $cman;
if (!$forPDF) {
$table = postvalue("table");
$strTableName = GetTableByShort($table);
$settings = new ProjectSettings($strTableName);
if (!checkTableName($table)) {
return '';
}
@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
$field = postvalue("field");
if (!$settings->checkFieldPermissions($field)) {
return DisplayNoImage();
}
// construct sql
$keysArr = $settings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = postvalue("key" . ($ind + 1));
}
} else {
$table = @$params["table"];
$strTableName = GetTableByShort($table);
if (!checkTableName($table)) {
exit(0);
}
$settings = new ProjectSettings($strTableName);
$field = @$params["field"];
// construct sql
$keysArr = $settings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = @$params["key" . ($ind + 1)];
}
}
$connection = $cman->byTable($strTableName);
if (!$gQuery->HasGroupBy()) {
// Do not select any fields except current (image) field.
// If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
// Just don't do anything in that case.
$gQuery->RemoveAllFieldsExcept($settings->getFieldIndex($field));
}
$where = KeyWhere($keys);
$sql = $gQuery->gSQLWhere($where);
$data = $connection->query($sql)->fetchAssoc();
if ($forPDF) {
if ($data) {
return $data[$field];
}
} else {
if (!$data) {
return DisplayNoImage();
}
if (postvalue('src') == 1) {
$value = myfile_get_contents('images/icons/jpg.png');
} else {
$value = $connection->stripSlashesBinary($data[$field]);
}
if (!$value) {
if (postvalue("alt")) {
$value = $connection->stripSlashesBinary($data[postvalue("alt")]);
if (!$value) {
return DisplayNoImage();
}
} else {
return DisplayNoImage();
}
}
$itype = SupposeImageType($value);
if (!$itype) {
return DisplayFile();
}
if (!isset($pdf)) {
header("Content-Type: " . $itype);
header("Cache-Control: private");
SendContentLength(strlen_bin($value));
}
echoBinary($value);
return '';
}
}
/**
* Read values from the database by keys
*
* @return {mixed} array of current record data or false
*/
function getRecordData()
{
global $gSettings, $gQuery, $cipherer, $strTableName, $cman;
if ($this->location != PAGE_EDIT && $this->location != PAGE_VIEW && $this->location != PAGE_LIST && $this->location != 'grid' && !$next) {
return false;
}
$connection = $cman->byTable($strTableName);
if ($this->isGetNext) {
$this->isGetNext = false;
$keys = $this->selectedKeys[$this->nextInd];
$this->nextInd = $this->nextInd + 1;
} else {
$keys = $this->currentKeys;
}
$strWhereClause = KeyWhere($keys);
if ($gSettings->getAdvancedSecurityType() != ADVSECURITY_ALL) {
if ($this->location == PAGE_EDIT) {
$strWhereClause = whereAdd($strWhereClause, SecuritySQL("Edit"));
} else {
$strWhereClause = whereAdd($strWhereClause, SecuritySQL("Search"));
}
}
$strSQL = $gQuery->gSQLWhere($strWhereClause);
$strSQLbak = $strSQL;
if ($strSQLbak == $strSQL) {
$strSQL = $gQuery->gSQLWhere($strWhereClause);
}
LogInfo($strSQL);
$data = $cipherer->DecryptFetchedArray($connection->query($strSQL)->fetchAssoc());
$res = array();
// .net compatibility
foreach ($data as $fName => $val) {
$res[$fName] = $val;
$isBlobField = false;
if ($this->location == PAGE_EDIT) {
$editFormat = $gSettings->getEditFormat($fName);
if ($editFormat == EDIT_FORMAT_DATABASE_FILE || $editFormat == EDIT_FORMAT_DATABASE_IMAGE) {
$isBlobField = true;
}
if (@$_POST["a"] != "edited" && $gSettings->getAutoUpdateValue($fName)) {
$res[$fName] = $gSettings->getAutoUpdateValue($fName);
}
} else {
$viewFormat = $gSettings->getViewFormat($fName);
if ($viewFormat == FORMAT_DATABASE_FILE || $viewFormat == FORMAT_DATABASE_IMAGE || $viewFormat == FORMAT_FILE_IMAGE) {
$isBlobField = true;
}
}
if ($isBlobField) {
if ($data[$fName]) {
$res[$fName] = true;
} else {
$res[$fName] = false;
}
}
}
return $res;
}
/**
* Read current values from the database
*
* @return {array} array of current record data
*/
function getCurrentRecordInternal()
{
if (!is_null($this->data))
return $this->data;
global $conn;
$query = $this->gQuery->Copy();
$strWhereClause = KeyWhere($this->keys);
if($this->pSet->getAdvancedSecurityType()!=ADVSECURITY_ALL)
// select only owned records
$strWhereClause = whereAdd($strWhereClause, SecuritySQL("Edit"));
$strSQL = $this->gQuery->gSQLWhere($strWhereClause);
$strSQLbak = $strSQL;
// Before Query event
if($this->eventsObject->exists("BeforeQueryEdit"))
$this->eventsObject->BeforeQueryEdit($strSQL, $strWhereClause, $this);
if($strSQLbak == $strSQL)
$strSQL = $this->gQuery->gSQLWhere($strWhereClause);
LogInfo($strSQL);
$rs = db_query($strSQL, $conn);
$this->data = $this->cipherer->DecryptFetchedArray($rs);
if(!$this->data && $this->mode == EDIT_SIMPLE)
return $this->data;
foreach($this->editFields as $fName)
{
if(@$_POST["a"]!= "edited" && $this->pSet->getAutoUpdateValue($fName) !== "")
$this->data[$fName] = $this->pSet->getAutoUpdateValue($fName);
}
if($this->readEditValues)
{
foreach($this->editFields as $fName)
{
$editFormat = $this->pSet->getEditFormat($fName);
if($editFormat == EDIT_FORMAT_DATABASE_FILE && $editFormat!=EDIT_FORMAT_DATABASE_IMAGE && $editFormat!=EDIT_FORMAT_FILE && !$this->pSet->isReadonly($fName))
$this->data[$fName] = $this->editValues[$fName];
}
}
if($this->eventsObject->exists("ProcessValuesEdit"))
$this->eventsObject->ProcessValuesEdit($this->data, $this);
return $this->data;
}
/**
* @param Boolean useOldKeys
* @return String
*/
public function getWhereClause($useOldKeys)
{
$strWhereClause = "";
if ($useOldKeys) {
$strWhereClause = KeyWhere($this->oldKeys);
} else {
if ($this->checkKeysSet()) {
$strWhereClause = KeyWhere($this->keys);
} elseif ($this->mode == EDIT_DASHBOARD) {
$whereComponents = $this->getWhereComponents();
$strWhereClause = $whereComponents["searchWhere"];
} else {
$strWhereClause = $_SESSION[$this->sessionPrefix . "_where"];
}
}
if ($this->pSet->getAdvancedSecurityType() != ADVSECURITY_ALL) {
// select only owned records
$strWhereClause = whereAdd($strWhereClause, SecuritySQL("Edit", $this->tName));
}
return $strWhereClause;
}
$selected_recs[] = $keys;
}
} elseif (@$_REQUEST["selection"]) {
foreach (@$_REQUEST["selection"] as $keyblock) {
$arr = explode("&", refine($keyblock));
if (count($arr) < 1) {
continue;
}
$keys = array();
$keys["id"] = urldecode($arr[0]);
$selected_recs[] = $keys;
}
}
foreach ($selected_recs as $keys) {
$sWhere = $sWhere . " or ";
$sWhere .= KeyWhere($keys);
}
$strSQL = $gQuery->gSQLWhere($sWhere);
$strWhereClause = $sWhere;
} else {
$strWhereClause = @$_SESSION[$strTableName . "_where"];
$strHavingClause = @$_SESSION[$strTableName . "_having"];
$strSearchCriteria = @$_SESSION[$strTableName . "_criteria"];
$strSQL = $gQuery->gSQLWhere($strWhereClause, $strHavingClause, $strSearchCriteria);
}
if (postvalue("pdf")) {
$strWhereClause = @$_SESSION[$strTableName . "_pdfwhere"];
}
$_SESSION[$strTableName . "_pdfwhere"] = $strWhereClause;
$strOrderBy = $_SESSION[$strTableName . "_order"];
if (!$strOrderBy) {
/**
* Read current values from the database
* @return Array The current record data
*/
public function getCurrentRecordInternal()
{
if (!is_null($this->data)) {
return $this->data;
}
$strWhereClause = "";
$orderClause = "";
$keysSet = $this->checkKeysSet();
if ($keysSet) {
$strWhereClause = KeyWhere($this->keys);
} elseif ($this->mode == VIEW_DASHBOARD) {
$whereComponents = $this->getWhereComponents();
$strWhereClause = $whereComponents["searchWhere"];
} else {
$orderClause = $this->getOrderByClause();
$strWhereClause = $_SESSION[$this->sessionPrefix . "_where"];
}
if ($this->pSet->getAdvancedSecurityType() != ADVSECURITY_ALL) {
$strWhereClause = whereAdd($strWhereClause, SecuritySQL("Search", $this->tName));
}
$strSQL = $this->gQuery->gSQLWhere($strWhereClause);
if (!$keysSet) {
$strSQL = applyDBrecordLimit($strSQL . $orderClause, 1, $this->connection->dbType);
}
$strSQLbak = $strSQL;
$strWhereClauseBak = $strWhereClause;
if ($this->eventsObject->exists("BeforeQueryView")) {
$this->eventsObject->BeforeQueryView($strSQL, $strWhereClause, $this);
}
if ($strSQLbak == $strSQL && $strWhereClauseBak != $strWhereClause) {
// user didn't change the query string but changed $strWhereClause
$strSQL = $this->gQuery->gSQLWhere($strWhereClause);
if (!$keysSet) {
$strSQL = applyDBrecordLimit($strSQL . $orderClause, 1, $this->connection->dbType);
}
}
LogInfo($strSQL);
$fetchedArray = $this->connection->query($strSQL)->fetchAssoc();
$this->data = $this->cipherer->DecryptFetchedArray($fetchedArray);
if (!$keysSet) {
$this->keys = $this->getKeysFromData($this->data);
$this->setKeysForJs();
}
if (sizeof($this->data) && $this->eventsObject->exists("ProcessValuesView")) {
$this->eventsObject->ProcessValuesView($this->data, $this);
}
return $this->data;
}
// after edit event
if ($pageObject->lockingObj && $inlineedit == EDIT_INLINE) {
$pageObject->lockingObj->UnlockRecord($strTableName, $savedKeys, "");
}
if ($auditObj || $eventObj->exists("AfterEdit")) {
foreach ($dataold as $idx => $val) {
if (!array_key_exists($idx, $evalues)) {
$evalues[$idx] = $val;
}
}
}
if ($auditObj) {
$auditObj->LogEdit($strTableName, $evalues, $dataold, $keys);
}
if ($eventObj->exists("AfterEdit")) {
$eventObj->AfterEdit($evalues, KeyWhere($keys), $dataold, $keys, (bool) $inlineedit, $pageObject);
}
$mesClass = "mes_ok";
} elseif ($inlineedit != EDIT_INLINE) {
$mesClass = "mes_not";
}
} else {
$message = $usermessage;
$readevalues = true;
$status = "DECLINED";
}
}
if ($readevalues) {
$keys = $savedKeys;
}
}
function GetImageFromDB($gQuery, $forPDF = false, $params = array())
{
global $conn;
if (!$forPDF) {
$table = postvalue("table");
$strTableName = GetTableByShort($table);
$settings = new ProjectSettings($strTableName);
if (!checkTableName($table)) {
return '';
}
//include("include/".$table."_variables.php");
@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
if (!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) {
header("Location: login.php");
return;
}
$field = postvalue("field");
if (!$settings->checkFieldPermissions($field)) {
return DisplayNoImage();
}
// construct sql
$keysArr = $settings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = postvalue("key" . ($ind + 1));
}
} else {
$table = @$params["table"];
$strTableName = GetTableByShort($table);
if (!checkTableName($table)) {
exit(0);
}
$settings = new ProjectSettings($strTableName);
$field = @$params["field"];
// construct sql
$keysArr = $settings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = @$params["key" . ($ind + 1)];
}
}
if (!$gQuery->HasGroupBy()) {
// Do not select any fields except current (image) field.
// If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
// Just don't do anything in that case.
$gQuery->RemoveAllFieldsExcept($settings->getFieldIndex($field));
}
$where = KeyWhere($keys);
$sql = $gQuery->gSQLWhere($where);
$rs = db_query($sql, $conn);
if ($forPDF) {
if ($rs && ($data = db_fetch_array($rs))) {
return $data[$field];
}
} else {
if (!$rs || !($data = db_fetch_array($rs))) {
return DisplayNoImage();
}
if (postvalue('src') == 1 && strlen($data[$field]) > 51200) {
$value = myfile_get_contents('images/icons/jpg.png');
} else {
$value = db_stripslashesbinary($data[$field]);
}
if (!$value) {
if (postvalue("alt")) {
$value = db_stripslashesbinary($data[postvalue("alt")]);
if (!$value) {
return DisplayNoImage();
}
} else {
return DisplayNoImage();
}
}
$itype = SupposeImageType($value);
if (!$itype) {
return DisplayFile();
}
if (!isset($pdf)) {
header("Content-Type: " . $itype);
header("Cache-Control: private");
SendContentLength(strlen_bin($value));
}
echoBinary($value);
return '';
}
}
/**
* Read current values from the database
*
* @return {array} array of current record data
*/
function getCurrentRecordInternal()
{
if (!is_null($this->data)) {
return $this->data;
}
global $gstrOrderBy, $conn;
$strWhereClause = '';
$strHavingClause = '';
if (!$this->all) {
// show one record only
$this->setKeys();
$strWhereClause = KeyWhere($this->keys);
$strSQL = $this->gQuery->gSQLWhere($strWhereClause);
} else {
if ($_SESSION[$this->tName . "_SelectedSQL"] != "" && @$_REQUEST["records"] == "") {
$strSQL = $_SESSION[$this->tName . "_SelectedSQL"];
$strWhereClause = @$_SESSION[$this->tName . "_SelectedWhere"];
} else {
$strWhereClause = @$_SESSION[$this->tName . "_where"];
$strHavingClause = @$_SESSION[$this->tName . "_having"];
$strSearchCriteria = @$_SESSION[$this->tName . "_criteria"];
$strSQL = $this->gQuery->gSQLWhere($strWhereClause, $strHavingClause, $strSearchCriteria);
}
// order by
$strOrderBy = $_SESSION[$this->tName . "_order"];
if (!$strOrderBy) {
$strOrderBy = $gstrOrderBy;
}
$strSQL .= " " . trim($strOrderBy);
}
$strSQLbak = $strSQL;
if ($this->eventsObject->exists("BeforeQueryView")) {
$this->eventsObject->BeforeQueryView($strSQL, $strWhereClause, $this);
}
if ($strSQLbak == $strSQL) {
$strSQL = $this->gQuery->gSQLWhere($strWhereClause, $strHavingClause);
if ($this->all) {
$numrows = $this->gQuery->gSQLRowCount($strWhereClause, $strHavingClause, $strSearchCriteria);
$strSQL .= " " . trim($strOrderBy);
}
} else {
// changed $strSQL - old style
if ($this->all) {
$numrows = GetRowCount($strSQL);
}
}
if (!$this->all) {
LogInfo($strSQL);
$rs = db_query($strSQL, $conn);
} else {
// Pagination:
$nPageSize = 0;
if (@$_REQUEST["records"] == "page" && $numrows) {
$mypage = (int) @$_SESSION[$this->tName . "_pagenumber"];
$nPageSize = (int) @$_SESSION[$this->tName . "_pagesize"];
if ($numrows <= ($mypage - 1) * $nPageSize) {
$mypage = ceil($numrows / $nPageSize);
}
if (!$nPageSize) {
$nPageSize = $gPageSize;
}
if (!$mypage) {
$mypage = 1;
}
$maxrecs = $nPageSize;
$strSQL .= " limit " . $nPageSize . " offset " . ($mypage - 1) * $nPageSize;
}
$rs = db_query($strSQL, $conn);
}
$this->data = $this->cipherer->DecryptFetchedArray($rs);
if (sizeof($this->data) && $this->eventsObject->exists("ProcessValuesView")) {
$this->eventsObject->ProcessValuesView($this->data, $this);
}
return $this->data;
}
/**
* @param Boolean useOldKeys
* @return String
*/
public function getWhereClause($useOldKeys)
{
$strWhereClause = "";
if ($useOldKeys) {
$strWhereClause = KeyWhere($this->oldKeys);
} else {
if ($this->checkKeysSet()) {
$strWhereClause = KeyWhere($this->keys);
} elseif ($this->mode == EDIT_DASHBOARD) {
$whereComponents = $this->getWhereComponents();
$strWhereClause = $whereComponents["searchWhere"];
} else {
$strWhereClause = $_SESSION[$this->sessionPrefix . "_where"];
}
}
return $strWhereClause;
}
