function save_resource_data($ref,$multi) { # Save all submitted data for resource $ref. # Also re-index all keywords from indexable fields. global $auto_order_checkbox,$userresourcedefaults,$multilingual_text_fields,$languages,$language; hook("befsaveresourcedata", "", array($ref)); # save resource defaults # (do this here so that user can override them if the fields are visible.) set_resource_defaults($ref); # Loop through the field data and save (if necessary) $errors=array(); $fields=get_resource_field_data($ref,$multi); $expiry_field_edited=false; $resource_data=get_resource_data($ref); for ($n=0;$n<count($fields);$n++) { if (!( # Not if field has write access denied checkperm("F" . $fields[$n]["ref"]) || (checkperm("F*") && !checkperm("F-" . $fields[$n]["ref"])) )) { if ($fields[$n]["type"]==2) { # construct the value from the ticked boxes $val=","; # Note: it seems wrong to start with a comma, but this ensures it is treated as a comma separated list by split_keywords(), so if just one item is selected it still does individual word adding, so 'South Asia' is split to 'South Asia','South','Asia'. $options=trim_array(explode(",",$fields[$n]["options"])); for ($m=0;$m<count($options);$m++) { $name=$fields[$n]["ref"] . "_" . md5($options[$m]); if (getval($name,"")=="yes") { if ($val!=",") {$val.=",";} $val.=$options[$m]; } } } elseif ($fields[$n]["type"]==4 || $fields[$n]["type"]==6 || $fields[$n]["type"]==10) { # date type, construct the value from the date/time dropdowns $val=sprintf("%04d", getvalescaped("field_" . $fields[$n]["ref"] . "-y","")); if ((int)$val<=0) { $val=""; } elseif (($field=getvalescaped("field_" . $fields[$n]["ref"] . "-m",""))!="") { $val.="-" . $field; if (($field=getvalescaped("field_" . $fields[$n]["ref"] . "-d",""))!="") { $val.="-" . $field; if (($field=getval("field_" . $fields[$n]["ref"] . "-h",""))!="") { $val.=" " . $field . ":"; if (($field=getvalescaped("field_" . $fields[$n]["ref"] . "-i",""))!="") { $val.=$field; } else { $val.="00"; } } } } } elseif ($multilingual_text_fields && ($fields[$n]["type"]==0 || $fields[$n]["type"]==1 || $fields[$n]["type"]==5)) { # Construct a multilingual string from the submitted translations $val=getvalescaped("field_" . $fields[$n]["ref"],""); $val="~" . $language . ":" . $val; reset ($languages); foreach ($languages as $langkey => $langname) { if ($language!=$langkey) { $val.="~" . $langkey . ":" . getvalescaped("multilingual_" . $n . "_" . $langkey,""); } } } elseif ($fields[$n]["type"] == 3) { $val=getvalescaped("field_" . $fields[$n]["ref"],""); // if it doesn't already start with a comma, add one if (substr($val,0,1) != ',') { $val = ','.$val; } } else { # Set the value exactly as sent. $val=getvalescaped("field_" . $fields[$n]["ref"],""); } # Check for regular expression match if (trim(strlen($fields[$n]["regexp_filter"]))>=1 && strlen($val)>0) { if(preg_match("#^" . $fields[$n]["regexp_filter"] . "$#",$val,$matches)<=0) { global $lang; debug($lang["information-regexp_fail"] . ": -" . "reg exp: " . $fields[$n]["regexp_filter"] . ". Value passed: " . $val); if (getval("autosave","")!="") { exit(); } $errors[$fields[$n]["ref"]]=$lang["information-regexp_fail"] . " : " . $val; continue; } } if (str_replace("\r\n","\n",$fields[$n]["value"])!== str_replace("\r\n","\n",unescape($val))) { //$testvalue=$fields[$n]["value"];var_dump($testvalue);$val=unescape($val);var_dump($val); //echo "FIELD:".$fields[$n]["value"]."!==ORIG:".unescape($val); # This value is different from the value we have on record. # Write this edit to the log (including the diff) (unescaped is safe because the diff is processed later) resource_log($ref,'e',$fields[$n]["ref"],"",$fields[$n]["value"],unescape($val)); # Expiry field? Set that expiry date(s) have changed so the expiry notification flag will be reset later in this function. if ($fields[$n]["type"]==6) {$expiry_field_edited=true;} # If 'resource_column' is set, then we need to add this to a query to back-update # the related columns on the resource table $resource_column=$fields[$n]["resource_column"]; # Purge existing data and keyword mappings, decrease keyword hitcounts. sql_query("delete from resource_data where resource='$ref' and resource_type_field='" . $fields[$n]["ref"] . "'"); # Insert new data and keyword mappings, increase keyword hitcounts. sql_query("insert into resource_data(resource,resource_type_field,value) values('$ref','" . $fields[$n]["ref"] . "','" . escape_check($val) ."')"); $oldval=$fields[$n]["value"]; if ($fields[$n]["type"]==3 && substr($oldval,0,1) != ',') { # Prepend a comma when indexing dropdowns $oldval="," . $oldval; } if ($fields[$n]["keywords_index"]==1) { # Date field? These need indexing differently. $is_date=($fields[$n]["type"]==4 || $fields[$n]["type"]==6); remove_keyword_mappings($ref, i18n_get_indexable($oldval), $fields[$n]["ref"], $fields[$n]["partial_index"],$is_date); add_keyword_mappings($ref, i18n_get_indexable($val), $fields[$n]["ref"], $fields[$n]["partial_index"],$is_date); } # If this is a 'joined' field we need to add it to the resource column $joins=get_resource_table_joins(); if (in_array($fields[$n]["ref"],$joins)){ $val=strip_leading_comma($val); sql_query("update resource set field".$fields[$n]["ref"]."='".escape_check($val)."' where ref='$ref'"); } } # Check required fields have been entered. $exemptfields = getvalescaped("exemptfields",""); $exemptfields = explode(",",$exemptfields); if ($fields[$n]["required"]==1 && ($val=="" || $val==",") && !in_array($fields[$n]["ref"],$exemptfields)) { global $lang; $errors[$fields[$n]["ref"]]=i18n_get_translated($fields[$n]["title"]).": ".$lang["requiredfield"]; } } } //die(); # Always index the resource ID as a keyword remove_keyword_mappings($ref, $ref, -1); add_keyword_mappings($ref, $ref, -1); # Autocomplete any blank fields. autocomplete_blank_fields($ref); # Also save related resources field sql_query("delete from resource_related where resource='$ref' or related='$ref'"); # remove existing related items $related=explode(",",getvalescaped("related","")); # Make sure all submitted values are numeric $ok=array();for ($n=0;$n<count($related);$n++) {if (is_numeric(trim($related[$n]))) {$ok[]=trim($related[$n]);}} if (count($ok)>0) {sql_query("insert into resource_related(resource,related) values ($ref," . join("),(" . $ref . ",",$ok) . ")");} // Notify the resources team ($email_notify) if moving from pending review->submission. $archive=getvalescaped("archive",0,true); $oldarchive=sql_value("select archive value from resource where ref='$ref'",0); if ($oldarchive==-2 && $archive==-1 && $ref>0) { notify_user_contributed_submitted(array($ref)); } if ($oldarchive==-1 && $archive==-2 && $ref>0) { notify_user_contributed_unsubmitted(array($ref)); } # Expiry field(s) edited? Reset the notification flag so that warnings are sent again when the date is reached. $expirysql=""; if ($expiry_field_edited) {$expirysql=",expiry_notification_sent=0";} # Also update archive status and access level $oldaccess=sql_value("select access value from resource where ref='$ref'",0); $access=getvalescaped("access",$oldaccess,true); if (getvalescaped("archive","")!="") # Only if archive has been sent { sql_query("update resource set archive='" . $archive . "',access='" . $access . "' $expirysql where ref='$ref'"); if ($archive!=$oldarchive) { resource_log($ref,"s",0,"",$oldarchive,$archive); } if ($access!=$oldaccess) { resource_log($ref,"a",0,"",$oldaccess,$access); } } # For access level 3 (custom) - also save custom permissions if (getvalescaped("access",0)==3) {save_resource_custom_access($ref);} # Update XML metadata dump file update_xml_metadump($ref); hook("aftersaveresourcedata"); if (count($errors)==0) {return true;} else {return $errors;} }
function save_resource_data_multi($collection) { # Save all submitted data for collection $collection, this is for the 'edit multiple resources' feature # Loop through the field data and save (if necessary) $list = get_collection_resources($collection); $errors = array(); $tmp = hook("altercollist", "", array("save_resource_data_multi", $list)); if (is_array($tmp)) { if (count($tmp) > 0) { $list = $tmp; } else { return true; } } // alter the collection list to spare some when saving multiple, if you need $ref = $list[0]; $fields = get_resource_field_data($ref, true); global $auto_order_checkbox, $auto_order_checkbox_case_insensitive; $expiry_field_edited = false; for ($n = 0; $n < count($fields); $n++) { if (getval("editthis_field_" . $fields[$n]["ref"], "") != "" || hook("save_resource_data_multi_field_decision", "", array($fields[$n]["ref"]))) { if ($fields[$n]["type"] == 2) { # construct the value from the ticked boxes $val = ","; # Note: it seems wrong to start with a comma, but this ensures it is treated as a comma separated list by split_keywords(), so if just one item is selected it still does individual word adding, so 'South Asia' is split to 'South Asia','South','Asia'. $options = trim_array(explode(",", $fields[$n]["options"])); if ($auto_order_checkbox) { if ($auto_order_checkbox_case_insensitive) { natcasesort($options); } else { sort($options); } } for ($m = 0; $m < count($options); $m++) { $name = $fields[$n]["ref"] . "_" . md5($options[$m]); if (getval($name, "") == "yes") { if ($val != ",") { $val .= ","; } $val .= $options[$m]; } } } elseif ($fields[$n]["type"] == 4 || $fields[$n]["type"] == 6 || $fields[$n]["type"] == 10) { # date/expiry date type, construct the value from the date dropdowns $val = sprintf("%04d", getvalescaped("field_" . $fields[$n]["ref"] . "-y", "")); if ((int) $val <= 0) { $val = ""; } elseif (($field = getvalescaped("field_" . $fields[$n]["ref"] . "-m", "")) != "") { $val .= "-" . $field; if (($field = getvalescaped("field_" . $fields[$n]["ref"] . "-d", "")) != "") { $val .= "-" . $field; if (($field = getval("field_" . $fields[$n]["ref"] . "-h", "")) != "") { $val .= " " . $field . ":"; if (($field = getvalescaped("field_" . $fields[$n]["ref"] . "-i", "")) != "") { $val .= $field; } else { $val .= "00"; } } } } } elseif ($fields[$n]["type"] == 3) { $val = getvalescaped("field_" . $fields[$n]["ref"], ""); // if it doesn't already start with a comma, add one if (substr($val, 0, 1) != ',') { $val = ',' . $val; } } else { $val = getvalescaped("field_" . $fields[$n]["ref"], ""); } $origval = $val; # Loop through all the resources and save. for ($m = 0; $m < count($list); $m++) { $ref = $list[$m]; $resource_sql = ""; # Work out existing field value. $existing = escape_check(sql_value("select value from resource_data where resource='{$ref}' and resource_type_field='" . $fields[$n]["ref"] . "'", "")); # Find and replace mode? Perform the find and replace. if (getval("modeselect_" . $fields[$n]["ref"], "") == "FR") { $val = str_replace(getvalescaped("find_" . $fields[$n]["ref"], ""), getvalescaped("replace_" . $fields[$n]["ref"], ""), $existing); } # Append text/option(s) mode? if (getval("modeselect_" . $fields[$n]["ref"], "") == "AP") { $val = append_field_value($fields[$n], $origval, $existing); } # Prepend text/option(s) mode? if (getval("modeselect_" . $fields[$n]["ref"], "") == "PP") { global $filename_field; if ($fields[$n]["ref"] == $filename_field) { $val = rtrim($origval, "_") . "_" . trim($existing); // use an underscore if editing filename. } else { # Automatically append a space when appending text types. $val = $origval . " " . $existing; } } # Remove text/option(s) mode? if (getval("modeselect_" . $fields[$n]["ref"], "") == "RM") { $val = str_replace($origval, "", $existing); } # Possibility to hook in and alter the value - additional mode support $hookval = hook("save_resource_data_multi_extra_modes", "", array($ref, $fields[$n])); if ($hookval !== false) { $val = $hookval; } $val = strip_leading_comma($val); #echo "<li>existing=$existing, new=$val"; if ($existing !== str_replace("\\", "", $val)) { # This value is different from the value we have on record. # Write this edit to the log. resource_log($ref, 'm', $fields[$n]["ref"], "", $existing, $val); # Expiry field? Set that expiry date(s) have changed so the expiry notification flag will be reset later in this function. if ($fields[$n]["type"] == 6) { $expiry_field_edited = true; } # If this is a 'joined' field we need to add it to the resource column $joins = get_resource_table_joins(); if (in_array($fields[$n]["ref"], $joins)) { sql_query("update resource set field" . $fields[$n]["ref"] . "='" . escape_check($val) . "' where ref='{$ref}'"); } # Purge existing data and keyword mappings, decrease keyword hitcounts. sql_query("delete from resource_data where resource='{$ref}' and resource_type_field='" . $fields[$n]["ref"] . "'"); # Insert new data and keyword mappings, increase keyword hitcounts. sql_query("insert into resource_data(resource,resource_type_field,value) values('{$ref}','" . $fields[$n]["ref"] . "','" . escape_check($val) . "')"); $oldval = $existing; $newval = $val; if ($fields[$n]["type"] == 3) { # Prepend a comma when indexing dropdowns $newval = "," . $val; $oldval = "," . $oldval; } if ($fields[$n]["keywords_index"] == 1) { # Date field? These need indexing differently. $is_date = $fields[$n]["type"] == 4 || $fields[$n]["type"] == 6; $is_html = $fields[$n]["type"] == 8; remove_keyword_mappings($ref, i18n_get_indexable($oldval), $fields[$n]["ref"], $fields[$n]["partial_index"], $is_date, '', '', $is_html); add_keyword_mappings($ref, i18n_get_indexable($newval), $fields[$n]["ref"], $fields[$n]["partial_index"], $is_date, '', '', $is_html); } # Add any onchange code if ($fields[$n]["onchange_macro"] != "") { eval($fields[$n]["onchange_macro"]); } } } } } # Also save related resources field if (getval("editthis_related", "") != "") { $related = explode(",", getvalescaped("related", "")); # Make sure all submitted values are numeric $ok = array(); for ($n = 0; $n < count($related); $n++) { if (is_numeric(trim($related[$n]))) { $ok[] = trim($related[$n]); } } for ($m = 0; $m < count($list); $m++) { $ref = $list[$m]; sql_query("delete from resource_related where resource='{$ref}' or related='{$ref}'"); # remove existing related items if (count($ok) > 0) { sql_query("insert into resource_related(resource,related) values ({$ref}," . join("),(" . $ref . ",", $ok) . ")"); } } } # Also update archive status global $user_resources_approved_email, $email_notify; if (getval("editthis_status", "") != "") { $notifyrefs = array(); $usernotifyrefs = array(); for ($m = 0; $m < count($list); $m++) { $ref = $list[$m]; if (!hook('forbidsavearchive', '', array($errors))) { # Also update archive status $oldarchive = sql_value("select archive value from resource where ref='{$ref}'", ""); $setarchivestate = getvalescaped("status", $oldarchive, true); // We used to get the 'archive' value but this conflicts with the archiveused for searching if ($setarchivestate != $oldarchive && !checkperm("e" . $setarchivestate)) { $setarchivestate = $oldarchive; } if ($setarchivestate != $oldarchive) { sql_query("update resource set archive='" . $setarchivestate . "' where ref='{$ref}'"); if ($setarchivestate != $oldarchive && $ref > 0) { resource_log($ref, "s", 0, "", $oldarchive, $setarchivestate); } # Check states to see if notifications are necessary if ($oldarchive == -2 && $setarchivestate == -1 || $oldarchive == -1 && $setarchivestate == -2 || $user_resources_approved_email && ($oldarchive == -2 || $oldarchive == -1) && $setarchivestate == 0) { $notifyrefs[] = $ref; } } } } if (count($notifyrefs) > 0) { if ($user_resources_approved_email && ($oldarchive == -2 || $oldarchive == -1) && $setarchivestate == 0) { debug("Emailing approval notification for submitted resources to users"); notify_user_resources_approved($notifyrefs); } if ($oldarchive == -2 && $setarchivestate == -1) { debug("Emailing notification of submitted resources to " . $email_notify); notify_user_contributed_submitted($notifyrefs); } if ($oldarchive == -1 && $setarchivestate == -2) { debug("Emailing notification of unsubmitted resources to " . $email_notify); notify_user_contributed_unsubmitted($notifyrefs); } } } # Expiry field(s) edited? Reset the notification flag so that warnings are sent again when the date is reached. if ($expiry_field_edited) { if (count($list) > 0) { sql_query("update resource set expiry_notification_sent=0 where ref in (" . join(",", $list) . ")"); } } # Also update access level if (getval("editthis_access", "") != "") { for ($m = 0; $m < count($list); $m++) { $ref = $list[$m]; $access = getvalescaped("access", 0); $oldaccess = sql_value("select access value from resource where ref='{$ref}'", ""); if ($access != $oldaccess) { sql_query("update resource set access='{$access}' where ref='{$ref}'"); if ($oldaccess == 3) { # Moving out of custom access - delete custom usergroup access. delete_resource_custom_access_usergroups($ref); } resource_log($ref, "a", 0, "", $oldaccess, $access); } # For access level 3 (custom) - also save custom permissions if ($access == 3) { save_resource_custom_access($ref); } } } # Update resource type? if (getval("editresourcetype", "") != "") { for ($m = 0; $m < count($list); $m++) { $ref = $list[$m]; update_resource_type($ref, getvalescaped("resource_type", "")); } } # Update location? if (getval("editlocation", "") != "") { $location = explode(",", getvalescaped("location", "")); if (count($list) > 0) { if (count($location) == 2) { $geo_lat = (double) $location[0]; $geo_long = (double) $location[1]; sql_query("update resource set geo_lat={$geo_lat},geo_long={$geo_long} where ref in (" . join(",", $list) . ")"); } elseif (getvalescaped("location", "") == "") { sql_query("update resource set geo_lat=null,geo_long=null where ref in (" . join(",", $list) . ")"); } } } # Update mapzoom? if (getval("editmapzoom", "") != "") { $mapzoom = getvalescaped("mapzoom", ""); if (count($list) > 0) { if ($mapzoom != "") { sql_query("update resource set mapzoom={$mapzoom} where ref in (" . join(",", $list) . ")"); } else { sql_query("update resource set mapzoom=null where ref in (" . join(",", $list) . ")"); } } } hook("saveextraresourcedata", "", array($list)); # Update XML metadata dump file for all edited resources. for ($m = 0; $m < count($list); $m++) { update_xml_metadump($list[$m]); } hook("aftersaveresourcedata"); }