function Output($params)
{
global $db;
// load the report security tokens
$rr_security = array();
$result = $db->Execute("select reportid, params from " . TABLE_REPORT_FIELDS . " where entrytype = 'security'");
while (!$result->EOF) {
$rr_security[$result->fields['reportid']] = $result->fields['params'];
$result->MoveNext();
}
// load the report list
$query_raw = "select id, reporttype, description from " . TABLE_REPORTS . " order by description";
$reports = $db->Execute($query_raw);
$data_array = array(array('id' => '', 'text' => GEN_HEADING_PLEASE_SELECT));
$type_array = array();
while (!$reports->EOF) {
$type_array[$reports->fields['id']] = $reports->fields['reporttype'];
if (security_check($rr_security[$reports->fields['id']])) {
$data_array[] = array('id' => $reports->fields['id'], 'text' => $reports->fields['description']);
}
$reports->MoveNext();
}
// Build control box form data
$control = '<div class="row">';
$control .= '<div style="white-space:nowrap">';
$control .= TEXT_REPORT . ' ' . html_pull_down_menu('report_id', $data_array);
$control .= ' ';
$control .= html_submit_field('my_favorite_reports', TEXT_ADD);
$control .= html_hidden_field($this->module_id . '_rId', '');
$control .= '</div></div>';
// Build content box
$contents = '';
if (is_array($params)) {
$index = 1;
foreach ($params as $id => $description) {
$contents .= '<div style="float:right; height:16px;">';
$contents .= html_icon('phreebooks/dashboard-remove.png', TEXT_REMOVE, 'small', 'onclick="return del_index(\'' . $this->module_id . '\', ' . $index . ')"');
$contents .= '</div>';
$contents .= '<div style="height:16px;">';
$contents .= ' <a href="index.php?cat=reportwriter&module=' . ($type_array[$id] == 'frm' ? 'form_gen' : 'rpt_gen') . '&ReportID=' . $id . '&todo=open" target="_blank">' . $description . '</a>' . chr(10);
$contents .= '</div>';
$index++;
}
} else {
$contents = CP_FAVORITE_REPORTS_NO_RESULTS;
}
return $this->build_div($this->title, $contents, $control);
}
function Output($params)
{
global $db;
$contents = '';
$control = '';
// load the report list
$result = $db->Execute("select id, security, doc_title from " . TABLE_PHREEFORM . " \n\t\t where doc_ext in ('rpt','frm') order by doc_title");
$data_array = array(array('id' => '', 'text' => GEN_HEADING_PLEASE_SELECT));
$type_array = array();
while (!$result->EOF) {
if (security_check($result->fields['security'])) {
$data_array[] = array('id' => $result->fields['id'], 'text' => $result->fields['doc_title']);
}
$result->MoveNext();
}
// Build control box form data
$control = '<div class="row">';
$control .= '<div style="white-space:nowrap">';
$control .= TEXT_REPORT . ' ' . html_pull_down_menu('report_id', $data_array);
$control .= ' ';
$control .= html_submit_field('sub_favorite_reports', TEXT_ADD);
$control .= html_hidden_field('favorite_reports_rId', '');
$control .= '</div></div>';
// Build content box
$contents = '';
if (is_array($params)) {
$index = 1;
foreach ($params as $id => $description) {
$contents .= '<div style="float:right; height:16px;">';
$contents .= html_icon('phreebooks/dashboard-remove.png', TEXT_REMOVE, 'small', 'onclick="return del_index(\'' . $this->dashboard_id . '\', ' . $index . ')"');
$contents .= '</div>';
$contents .= '<div style="height:16px;">';
$contents .= ' <a href="index.php?module=phreeform&page=popup_gen&rID=' . $id . '" target="_blank">' . $description . '</a>' . chr(10);
$contents .= '</div>';
$index++;
}
} else {
$contents = ACT_NO_RESULTS;
}
return $this->build_div('', $contents, $control);
}
function _get_children($id, $recursive = false)
{
$children = array();
if ($recursive) {
$node = $this->_get_node($id);
$this->db->query("SELECT `" . implode("` , `", $this->fields) . "` FROM `" . $this->table . "` WHERE `" . $this->fields["left"] . "` >= " . (int) $node[$this->fields["left"]] . " AND `" . $this->fields["right"] . "` <= " . (int) $node[$this->fields["right"]] . " ORDER BY `" . $this->fields["left"] . "` ASC");
} else {
$this->db->query("SELECT `" . implode("` , `", $this->fields) . "` FROM `" . $this->table . "` WHERE `" . $this->fields["parent_id"] . "` = " . (int) $id . " ORDER BY `" . $this->fields["position"] . "` ASC");
}
while ($this->db->nextr()) {
$row = $this->db->get_row("assoc");
// check security
if (!$row['security']) {
$row['security'] = 'u:0;g:0';
}
// allow all
if (security_check($row['security'])) {
$children[$this->db->f($this->fields["id"])] = $row;
}
}
return $children;
}
$fid = "";
if (!($fid = $_GET['fid'])) {
$fid = intval($_POST['fid']);
}
$frid = "";
$frid = isset($_GET['frid']) ? intval($_GET['frid']) : "";
$frid = isset($_POST['frid']) ? intval($_POST['frid']) : $frid;
/*if(!$frid = $_GET['frid']) {
$frid = $_POST['frid'];
}*/
$gperm_handler =& xoops_gethandler('groupperm');
$member_handler =& xoops_gethandler('member');
$groups = $xoopsUser ? $xoopsUser->getGroups() : array(0 => XOOPS_GROUP_ANONYMOUS);
$uid = $xoopsUser->getVar('uid');
// additional check to see if the user has import_data permission for this form
if (!($scheck = security_check($fid, "", $uid, "", $groups, $mid, $gperm_handler)) or !($import_data = $gperm_handler->checkRight("import_data", $fid, $groups, $mid))) {
print "<p>" . _NO_PERM . "</p>";
exit;
}
// main body of page and logic goes here...
// basic premise is that we have the $fid, and that is the form that we are importing data into.
// We need a browse box that the user can use to select the .csv they have prepared, and then when
// they click the submit button to upload that file, presto, the import process begins. If there
// are parse errors on the file, the import process communicates them. If the parse is successful,
// the import begins and the user gets a message, maybe a report of the number of records entered into
// the DB, or whatever seems appropriate. Then there is a button to close the window.
// This popup window can be reloaded and receive form submissions in it just like any other window, of
// course. It's essentially a compartmentalized extension of the main "list of entries" UI.
print "<HTML>";
print "<head>";
print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=" . _CHARSET . "\" />";
function compileElements($fid, $form, $formulize_mgr, $prevEntry, $entry, $go_back, $parentLinks, $owner_groups, $groups, $overrideValue = "", $elements_allowed = "", $profileForm = "", $frid = "", $mid, $sub_entries, $sub_fids, $member_handler, $gperm_handler, $title, $screen = null, $printViewPages = "", $printViewPageTitles = "")
{
include_once XOOPS_ROOT_PATH . '/modules/formulize/include/elementdisplay.php';
$entryForDEElements = is_numeric($entry) ? $entry : "new";
// if there is no entry, ie: a new entry, then $entry is "" so when writing the entry value into decue_ and other elements that go out to the HTML form, we need to use the keyword "new"
global $xoopsDB, $xoopsUser;
$elementsAvailableToUser = array();
// set criteria for matching on display
// set the basics that everything has to match
$criteriaBase = new CriteriaCompo();
$criteriaBase->add(new Criteria('ele_display', 1), 'OR');
foreach ($groups as $thisgroup) {
$criteriaBase->add(new Criteria('ele_display', '%,' . $thisgroup . ',%', 'LIKE'), 'OR');
}
if (is_array($elements_allowed) and count($elements_allowed) > 0) {
// if we're limiting the elements, then add a criteria for that (multiple criteria are joined by AND unless you specify OR manually when adding them (as in the base above))
$criteria = new CriteriaCompo();
$criteria->add(new Criteria('ele_id', "(" . implode(",", $elements_allowed) . ")", "IN"));
$criteria->add($criteriaBase);
} else {
$criteria = $criteriaBase;
// otherwise, just use the base
}
$criteria->setSort('ele_order');
$criteria->setOrder('ASC');
$elements =& $formulize_mgr->getObjects($criteria, $fid, true);
// true makes the keys of the returned array be the element ids
$count = 0;
global $gridCounter;
$gridCounter = array();
$inGrid = 0;
formulize_benchmark("Ready to loop elements.");
// set the array to be used as the structure of the loop, either the passed in elements in order, or the elements as gathered from the DB
// ignore passed in element order if there's a screen in effect, since we assume that official element order is authoritative when screens are involved
// API should still allow arbitrary ordering, so $element_allowed can still be set manually as part of a displayForm call, and the order will be respected then
if (!is_array($elements_allowed) or $screen) {
$element_order_array = $elements;
} else {
$element_order_array = $elements_allowed;
}
// if this is a printview page,
foreach ($element_order_array as $thisElement) {
if (is_numeric($thisElement)) {
// if we're doing the order based on passed in element ids...
if (isset($elements[$thisElement])) {
$i = $elements[$thisElement];
// set the element object for this iteration of the loop
} else {
continue;
// do not try to render elements that don't exist in the form!! (they might have been deleted from a multipage definition, or who knows what)
}
$this_ele_id = $thisElement;
// set the element ID number
} else {
// else...we're just looping through the elements directly from the DB
$i = $thisElement;
// set the element object
$this_ele_id = $i->getVar('ele_id');
// get the element ID number
}
// check if we're at the start of a page, when doing a printable view of all pages (only situation when printViewPageTitles and printViewPages will be present), and if we are, then put in a break for the page titles
if ($printViewPages) {
if (!$currentPrintViewPage) {
$currentPrintViewPage = 1;
}
while (!in_array($this_ele_id, $printViewPages[$currentPrintViewPage]) and $currentPrintViewPage <= count($printViewPages)) {
$currentPrintViewPage++;
}
if ($this_ele_id == $printViewPages[$currentPrintViewPage][0]) {
$form->insertBreak("<div id=\"formulize-printpreview-pagetitle\">" . $printViewPageTitles[$currentPrintViewPage] . "</div>", "head");
}
}
// check if this element is included in a grid, and if so, skip it
// $inGrid will be a number indicating how many times we have to skip things
if ($inGrid or isset($gridCounter[$this_ele_id])) {
if (!$inGrid) {
$inGrid = $gridCounter[$this_ele_id];
}
$inGrid--;
continue;
}
$uid = is_object($xoopsUser) ? $xoopsUser->getVar('uid') : 0;
$owner = getEntryOwner($entry, $fid);
$ele_type = $i->getVar('ele_type');
$ele_value = $i->getVar('ele_value');
if ($go_back['form']) {
// if there's a parent form...
// check here to see if we need to initialize the value of a linked selectbox when it is the key field for a subform
// although this is setup as a loop through all found parentLinks, only the last one will be used, since ele_value[2] is overwritten each time.
// assumption is there will only be one parent link for this form
for ($z = 0; $z < count($parentLinks['source']); $z++) {
if ($this_ele_id == $parentLinks['self'][$z]) {
// this is the element
$ele_value[2] = $go_back['entry'];
// 3.0 datastructure...needs to be tested!! -- now updated for 5.0
}
}
} elseif ($overrideValue) {
// used to force a default setting in a form element, other than the normal default
if (!is_array($overrideValue)) {
//convert a string to an array so that strings don't screw up logic below (which is designed for arrays)
$temp = $overrideValue;
unset($overrideValue);
$overrideValue[0] = $temp;
}
// currently only operative for select boxes
switch ($ele_type) {
case "select":
foreach ($overrideValue as $ov) {
if (array_key_exists($ov, $ele_value[2])) {
$ele_value[2][$ov] = 1;
}
}
break;
case "date":
// debug
//var_dump($overrideValue);
foreach ($overrideValue as $ov) {
//if(ereg ("([0-9]{4})-([0-9]{2})-([0-9]{2})", $ov, $regs)) {
if (ereg("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2})", $ov, $regs)) {
$ele_value[0] = $ov;
}
}
break;
}
}
if ($ele_type != "subform" and $ele_type != 'grid') {
// "" is framework, ie: not applicable
// $i is element object
// $entry is entry_id
// false is "nosave" param...only used to force element to not be picked up by readelements.php after saving
// $screen is the screen object
// false means don't print it out to screen, return it here
$GLOBALS['formulize_sub_fids'] = $sub_fids;
// set here so we can pick it up in the render method of elements, if necessary (only necessary for subforms?);
$deReturnValue = displayElement("", $i, $entry, false, $screen, $prevEntry, false, $profileForm, $groups);
if (is_array($deReturnValue)) {
$form_ele = $deReturnValue[0];
$isDisabled = $deReturnValue[1];
} else {
$form_ele = $deReturnValue;
$isDisabled = false;
}
$elementsAvailableToUser[$this_ele_id] = true;
if ($form_ele == "not_allowed" or $form_ele == "hidden") {
if (isset($GLOBALS['formulize_renderedElementHasConditions']["de_" . $fid . "_" . $entryForDEElements . "_" . $this_ele_id])) {
// need to add a tr container for elements that are not allowed, since if it was a condition that caused them to not show up, they might appear later on asynchronously, and we'll need the row to attach them to
if ($ele_type == "ib" and $form_ele == "not_allowed") {
$rowHTML = "<tr style='display: none' id='formulize-de_" . $fid . "_" . $entryForDEElements . "_" . $this_ele_id . "'></tr>";
} elseif ($form_ele == "not_allowed") {
$rowHTML = "<tr style='display: none' id='formulize-de_" . $fid . "_" . $entryForDEElements . "_" . $this_ele_id . "' valign='top' align='" . _GLOBAL_LEFT . "'></tr>";
}
// need to also get the validation code for this element, wrap it in a check for the table row being visible, and assign that to the global array that contains all the validation javascript that we need to add to the form
// following code follows the pattern set in elementdisplay.php for actually creating rendered element objects
if ($ele_type != "ib") {
$conditionalValidationRenderer = new formulizeElementRenderer($i);
if ($prevEntry or $profileForm === "new") {
$data_handler = new formulizeDataHandler($i->getVar('id_form'));
$ele_value = loadValue($prevEntry, $i, $ele_value, $data_handler->getEntryOwnerGroups($entry), $groups, $entry, $profileForm);
// get the value of this element for this entry as stored in the DB -- and unset any defaults if we are looking at an existing entry
}
$conditionalElementForValidiationCode = $conditionalValidationRenderer->constructElement("de_" . $fid . "_" . $entryForDEElements . "_" . $this_ele_id, $ele_value, $entry, $isDisabled, $screen);
if ($js = $conditionalElementForValidiationCode->renderValidationJS()) {
$GLOBALS['formulize_renderedElementsValidationJS'][$GLOBALS['formulize_thisRendering']][$conditionalElementForValidiationCode->getName()] = "if(window.document.getElementById('formulize-" . $conditionalElementForValidiationCode->getName() . "').style.display != 'none') {\n" . $js . "\n}\n";
}
unset($conditionalElementForValidiationCode);
unset($conditionalValidationRenderer);
}
$form->addElement($rowHTML);
// since it was treated as a conditional element, and the user might interact with it, then we don't consider it a not-available-to-user element
unset($elementsAvailableToUser[$this_ele_id]);
}
continue;
}
}
$req = !$isDisabled ? intval($i->getVar('ele_req')) : 0;
$GLOBALS['sub_entries'] = $sub_entries;
if ($ele_type == "subform") {
$thissfid = $ele_value[0];
if (!$thissfid) {
continue;
}
// can't display non-specified subforms!
$deReturnValue = displayElement("", $i, $entry, false, $screen, $prevEntry, false, $profileForm, $groups);
// do this just to evaluate any conditions...it won't actually render anything, but will return "" for the first key in the array, if the element is allowed
if (is_array($deReturnValue)) {
$form_ele = $deReturnValue[0];
$isDisabled = $deReturnValue[1];
} else {
$form_ele = $deReturnValue;
$isDisabled = false;
}
if ($passed = security_check($thissfid) and $form_ele == "") {
$GLOBALS['sfidsDrawn'][] = $thissfid;
$customCaption = $i->getVar('ele_caption');
$customElements = $ele_value[1] ? explode(",", $ele_value[1]) : "";
if (isset($GLOBALS['formulize_inlineSubformFrid'])) {
$newLinkResults = checkForLinks($GLOBALS['formulize_inlineSubformFrid'][0], array($fid), $fid, array($fid => array($entry)), null, $owner_groups, $mid, null, $owner, true);
// final true means only include entries from unified display linkages
$sub_entries = $newLinkResults['sub_entries'];
}
// 2 is the number of default blanks, 3 is whether to show the view button or not, 4 is whether to use captions as headings or not, 5 is override owner of entry, $owner is mainform entry owner, 6 is hide the add button, 7 is the conditions settings for the subform element, 8 is the setting for showing just a row or the full form, 9 is text for the add entries button
$subUICols = drawSubLinks($thissfid, $sub_entries, $uid, $groups, $frid, $mid, $fid, $entry, $customCaption, $customElements, intval($ele_value[2]), $ele_value[3], $ele_value[4], $ele_value[5], $owner, $ele_value[6], $ele_value[7], $this_ele_id, $ele_value[8], $ele_value[9], $thisElement);
if (isset($subUICols['single'])) {
$form->insertBreak($subUICols['single'], "even");
} else {
$subLinkUI = new XoopsFormLabel($subUICols['c1'], $subUICols['c2']);
$form->addElement($subLinkUI);
}
unset($subLinkUI);
}
} elseif ($ele_type == "grid") {
// we are going to have to store some kind of flag/counter with the id number of the starting element in the table, and the number of times we need to ignore things
// we need to then listen for this up above and skip those elements as they come up. This is why grids must come before their elements in the form definition
include_once XOOPS_ROOT_PATH . "/modules/formulize/include/griddisplay.php";
list($grid_title, $grid_row_caps, $grid_col_caps, $grid_background, $grid_start, $grid_count) = compileGrid($ele_value, $title, $i);
$headingAtSide = ($ele_value[5] and $grid_title) ? true : false;
// if there is a value for ele_value[5], then the heading should be at the side, otherwise, grid spans form width as it's own chunk of HTML
$gridCounter[$grid_start] = $grid_count;
$gridContents = displayGrid($fid, $entry, $grid_row_caps, $grid_col_caps, $grid_title, $grid_background, $grid_start, "", "", true, $screen, $headingAtSide);
if ($headingAtSide) {
// grid contents is the two bits for the xoopsformlabel when heading is at side, otherwise, it's just the contents for the break
$form->addElement(new XoopsFormLabel($gridContents[0], $gridContents[1]));
} else {
$form->insertBreak($gridContents, "head");
// head is the css class of the cell
}
} elseif ($ele_type == "ib" or is_array($form_ele)) {
// if it's a break, handle it differently...$form_ele may be an array if it's a non-interactive element such as a grid
if (is_object($thisElement)) {
// final param is used as id name in the table row where this element exists, so we can interact with it for showing and hiding
$form->insertBreakFormulize("<div class=\"formulize-subform-heading\">" . trans(stripslashes($form_ele[0])) . "</div>", $form_ele[1], 'de_' . $fid . '_' . $entryForDEElements . '_' . $this_ele_id, $thisElement->getVar("ele_handle"));
}
} else {
$form->addElement($form_ele, $req);
}
$count++;
unset($hidden);
unset($form_ele);
// apparently necessary for compatibility with PHP 4.4.0 -- suggested by retspoox, sept 25, 2005
}
formulize_benchmark("Done looping elements.");
// find any hidden elements in the form, that aren't available to the user in this rendering of the form...
unset($criteria);
$notAllowedCriteria = new CriteriaCompo();
$notAllowedCriteria->add(new Criteria('ele_forcehidden', 1));
foreach ($elementsAvailableToUser as $availElementId => $boolean) {
$notAllowedCriteria->add(new Criteria('ele_id', $availElementId, '!='));
}
$notAllowedCriteria->setSort('ele_order');
$notAllowedCriteria->setOrder('ASC');
$notAllowedElements =& $formulize_mgr->getObjects($notAllowedCriteria, $fid);
$hiddenElements = generateHiddenElements($notAllowedElements, $entryForDEElements);
// in functions.php, keys in returned array will be the element ids
foreach ($hiddenElements as $element_id => $thisHiddenElement) {
$form->addElement(new xoopsFormHidden("decue_" . $fid . "_" . $entryForDEElements . "_" . $element_id, 1));
if (is_array($thisHiddenElement)) {
// could happen for checkboxes
foreach ($thisHiddenElement as $thisIndividualHiddenElement) {
$form->addElement($thisIndividualHiddenElement);
}
} else {
$form->addElement($thisHiddenElement);
}
unset($thisHiddenElement);
// some odd reference thing going on here...$thisHiddenElement is being added by reference or something like that, so that when $thisHiddenElement changes in the next run through, every previous element that was created by adding it is updated to point to the next element. So if you unset at the end of the loop, it forces each element to be added as you would expect.
}
if ($entry and !is_a($form, 'formulize_elementsOnlyForm')) {
// two hidden fields encode the main entry id, the first difficult-to-use format is a legacy thing
// the 'lastentry' format is more sensible, but is only available when there was a real entry, not 'new' (also a legacy convention)
$form->addElement(new XoopsFormHidden('entry' . $fid, $entry));
if (is_numeric($entry)) {
$form->addElement(new XoopsFormHidden('lastentry', $entry));
}
}
if ($_POST['parent_form']) {
// if we just came back from a parent form, then if they click save, we DO NOT want an override condition, even though we are now technically editing an entry that was previously saved when we went to the subform in the first place. So the override logic looks for this hidden value as an exception.
$form->addElement(new XoopsFormHidden('back_from_sub', 1));
}
// add a hidden element to carry all the validation javascript that might be associated with elements rendered with elementdisplay.php...only relevant for elements rendered inside subforms or grids...the validation code comes straight from the element, doesn't have a check around it for the conditional table row id, like the custom form classes at the top of the file use, since those elements won't render as hidden and show/hide in the same way
if (isset($GLOBALS['formulize_renderedElementsValidationJS'][$GLOBALS['formulize_thisRendering']])) {
$formulizeHiddenValidation = new XoopsFormHidden('validation', '');
foreach ($GLOBALS['formulize_renderedElementsValidationJS'][$GLOBALS['formulize_thisRendering']] as $thisValidation) {
// grab all the validation code we stored in the elementdisplay.php file and attach it to this element
foreach (explode("\n", $thisValidation) as $thisValidationLine) {
$formulizeHiddenValidation->customValidationCode[] = $thisValidationLine;
}
}
$form->addElement($formulizeHiddenValidation, 1);
}
if (get_class($form) == "formulize_elementsOnlyForm") {
// forms of this class are ones that we're rendering just the HTML for the elements, and we need to preserve any validation javascript to stick in the final, parent form when it's finished
$validationJS = $form->renderValidationJS();
if (trim($validationJS) != "") {
$GLOBALS['formulize_elementsOnlyForm_validationCode'][] = $validationJS . "\n\n";
}
} elseif (count($GLOBALS['formulize_elementsOnlyForm_validationCode']) > 0) {
$elementsonlyvalidation = new XoopsFormHidden('elementsonlyforms', '');
$elementsonlyvalidation->customValidationCode = $GLOBALS['formulize_elementsOnlyForm_validationCode'];
$form->addElement($elementsonlyvalidation, 1);
}
return $form;
}
break;
case 'search':
case 'search_reset':
case 'go_page':
$_REQUEST['action'] = 'search';
break;
default:
}
/***************** prepare to display templates *************************/
$result = $db->Execute('select id, parent_id, doc_type, doc_title, doc_group, security from ' . TABLE_PHREEFORM . '
order by doc_title, id, parent_id');
$toc_array = array();
$toc_array[-1][] = array('id' => 0, 'doc_type' => '0', 'doc_title' => TEXT_HOME);
// home dir
while (!$result->EOF) {
if (security_check($result->fields['security'])) {
$toc_array[$result->fields['parent_id']][] = array('id' => $result->fields['id'], 'doc_type' => $result->fields['doc_type'], 'doc_title' => $result->fields['doc_title'], 'show' => $result->fields['doc_group'] == $tab ? true : false);
}
$result->MoveNext();
}
$toggle_list = false;
if ($group) {
$result = $db->Execute("select id from " . TABLE_PHREEFORM . " where doc_group = '" . $group . "'");
if ($result->RecordCount() > 0) {
$toggle_list = buildToggleList($result->fields['id']);
}
}
switch ($_REQUEST['action']) {
// figure which detail page to load
case 'search':
case 'view':
## Project: Formulize ##
###############################################################################
// this file checks the entry id and form element id passed to it, and also the current user's permissions,
// and if they have access to the entry and element, then it queues up a download for the user
include "../../mainfile.php";
$groups = $xoopsUser ? $xoopsUser->getGroups() : array(0 => XOOPS_GROUP_ANONYMOUS);
$uid = $xoopsUser ? $xoopsUser->getVar('uid') : 0;
$entry_id = intval($_GET['entry_id']);
$element_id = intval($_GET['element']);
include_once XOOPS_ROOT_PATH . "/modules/formulize/class/elements.php";
// fileUploadElement extends this so needs it included before we instantiate the handler
$element_handler = xoops_getmodulehandler('fileUploadElement', 'formulize');
$elementObject = $element_handler->get($element_id);
$fid = $elementObject->getVar('id_form');
include_once XOOPS_ROOT_PATH . "/modules/formulize/include/functions.php";
if (security_check($fid, $entry_id, $uid)) {
// USER IS ALLOWED TO SEE THIS ENTRY IN THIS FORM
// check if the user is allowed to see this element in the form
$ele_display = $elementObject->getVar('ele_display');
$userCanAccessElement = false;
if ($ele_display == 1) {
$userCanAccessElement = true;
} elseif (strstr($ele_display, ",")) {
// comma separated list of groups
$allowedGroups = explode(",", trim($ele_display, ","));
if (array_intersect($groups, $allowedGroups)) {
$userCanAccessElement = true;
}
}
if ($userCanAccessElement) {
// USER IS ALLOWED TO SEE THIS ELEMENT
function displayCalendar($formframes, $mainforms = "", $viewHandles, $dateHandles, $filters, $viewPrefixes, $scopes, $hidden, $type = "month", $start = "", $multiPageData = "")
{
global $xoopsDB, $xoopsUser;
global $xoopsTpl;
// Set some required variables
$mid = getFormulizeModId();
for ($i = 0; $i < count($formframes); $i++) {
unset($fid);
unset($frid);
if ($mainforms[$i]) {
list($fid, $frid) = getFormFramework($formframes[$i], $mainforms[$i]);
} else {
list($fid, $frid) = getFormFramework($formframes[$i]);
}
$fids[] = $fid;
$frids[] = $frid;
}
$gperm_handler =& xoops_gethandler('groupperm');
$member_handler =& xoops_gethandler('member');
$groups = $xoopsUser ? $xoopsUser->getGroups() : array(0 => XOOPS_GROUP_ANONYMOUS);
$uid = $xoopsUser ? $xoopsUser->getVar('uid') : 0;
foreach ($fids as $thisFid) {
// check that the user is allowed to see all the fids
if (!($scheck = security_check($thisFid, "", $uid, "", $groups, $mid, $gperm_handler))) {
print "<p>" . _NO_PERM . "</p>";
return;
}
}
$currentURL = getCurrentURL();
// get the current view, ie: the month
if ($_POST['calview']) {
// if we're recieving a view from a form submission...
$settings['calview'] = $_POST['calview'];
} else {
if (!$start) {
// nothing passed from form, and no default value specified, so use current date
$today = getDate();
if ($today['mon'] < 10) {
$today['mon'] = "0" . $today['mon'];
}
$settings['calview'] = $today['year'] . "-" . $today['mon'];
} else {
$settings['calview'] = $start;
}
}
$settings['calfrid'] = $_POST['calfrid'];
$settings['calfid'] = $_POST['calfid'];
$settings['calhidden'] = $hidden;
// check to see if a switch to a form has been requested
$settings['ventry'] = $_POST['ventry'];
if ($settings['ventry']) {
if ($_POST['ventry'] == "addnew") {
$this_ent = "";
$dateOverride = $_POST['adddate'];
} elseif ($_POST['ventry'] == "proxy") {
// support for proxies not currently written
$this_ent = "proxy";
} else {
$this_ent = $_POST['ventry'];
}
if ($_POST['calfrid']) {
if (isset($multiPageData[$_POST['calfid']])) {
if (is_numeric($multiPageData[$_POST['calfid']])) {
// numeric value indicates a screen id
$screenData = readScreenId($multiPageData[$_POST['calfid']], $_POST['calfid']);
if (is_array($screenData)) {
$multiPageData = $screenData;
}
}
include_once XOOPS_ROOT_PATH . "/modules/formulize/include/formdisplaypages.php";
displayFormPages($_POST['calfrid'], $this_ent, $_POST['calfid'], $multiPageData[$_POST['calfid']]['pages'], $multiPageData[$_POST['calfid']]['conditions'], $multiPageData[$_POST['calfid']]['introtext'], $multiPageData[$_POST['calfid']]['thankstext'], $currentURL, _formulize_CAL_RETURNFROMMULTI, $settings, $dateOverride, $multiPageData[$_POST['calfid']]['printall']);
} else {
displayForm($_POST['calfrid'], $this_ent, $_POST['calfid'], $currentURL, "", $settings, "", $dateOverride, 1, 1);
// first "" is the done text, second is the onetoonetitles, last two 1s are the overrides for multi form behaviour
}
return;
} else {
if (isset($multiPageData[$_POST['calfid']])) {
if (is_numeric($multiPageData[$_POST['calfid']])) {
// numeric value indicates a screen id
$screenData = readScreenId($multiPageData[$_POST['calfid']], $_POST['calfid']);
if (is_array($screenData)) {
$multiPageData = $screenData;
}
}
include_once XOOPS_ROOT_PATH . "/modules/formulize/include/formdisplaypages.php";
displayFormPages($_POST['calfid'], $this_ent, "", $multiPageData[$_POST['calfid']]['pages'], $multiPageData[$_POST['calfid']]['conditions'], $multiPageData[$_POST['calfid']]['introtext'], $multiPageData[$_POST['calfid']]['thankstext'], $currentURL, _formulize_CAL_RETURNFROMMULTI, $settings, $dateOverride, $multiPageData[$_POST['calfid']]['printall']);
} else {
displayForm($_POST['calfid'], $this_ent, "", $currentURL, "", $settings, "", $dateOverride, 1, 1);
// "" is the done text
}
return;
}
}
// handle deletion if requested, added sept 18 2005
if ($_POST['delentry']) {
deleteEntry($_POST['delentry'], $_POST['delfrid'], $_POST['delfid'], $gperm_handler, $member_handler, $mid);
}
// get the data for all the fids
// 1. convert the scopes for each one
// 2. do the extraction (filter by calview)
include_once XOOPS_ROOT_PATH . "/modules/formulize/include/extract.php";
for ($i = 0; $i < count($fids); $i++) {
$scope = "";
if ($scopes[$i]) {
list($scope, $throwAwayCurrentView) = buildScope($scopes[$i], $member_handler, $gperm_handler, $uid, $groups, $fids[$i], $mid);
}
if (is_array($dateHandles[$i])) {
$dateField = $dateHandles[$i][0];
$dateField2 = $dateHandles[$i][1];
} else {
$dateField = $dateHandles[$i];
$dateField2 = "";
}
if (!$frids[$i]) {
$filterDH = $dateField;
$filterDH2 = $dateField2;
} else {
$filterDH = $dateField;
$filterDH2 = $dateField2;
}
// new, complex filter format is:
// $filter[0][0] -- andor setting for filter 0
// $filter[0][1] -- filter for filter 0
$filter = array();
$filter[0][0] = "OR";
$filter[0][1] = $filterDH . "/**/" . $settings['calview'];
if ($filterDH2) {
$filter[0][1] .= "][" . $filterDH2 . "/**/" . $settings['calview'];
}
if ($filters[$i]) {
$filter[1][0] = "AND";
$filter[1][1] = $filters[$i];
}
$data[$i] = getData($frids[$i], $fids[$i], $filter, "AND", $scope);
$data[$i] = resultSort($data[$i], $dateField);
}
// need the formatting magic to go here, to whip it all into a nice calendar
// basic display of data is below
// demonstrates linking to a form for updating/viewing that entry
// demonstrates altering the calview setting to change months
// need to do something a little more complex for adding a new entry, since we have to know for which fid/frid pair the add operation is being requested.
// probably best to leave out adding for now and leave it as a future feature. It can always be custom added within a pageworks page if necessary for a particular calendar
$rights = $gperm_handler->checkRight("add_own_entry", $fid, $groups, $mid);
// information to pass to the template
global $calendarData;
// initialize language constants
global $arrayMonthNames;
global $arrayWeekNames;
global $dateMonthStartDay;
$arrayMonthNames = array(_formulize_CAL_MONTH_01, _formulize_CAL_MONTH_02, _formulize_CAL_MONTH_03, _formulize_CAL_MONTH_04, _formulize_CAL_MONTH_05, _formulize_CAL_MONTH_06, _formulize_CAL_MONTH_07, _formulize_CAL_MONTH_08, _formulize_CAL_MONTH_09, _formulize_CAL_MONTH_10, _formulize_CAL_MONTH_11, _formulize_CAL_MONTH_12);
if ($type == "mini_month") {
$arrayWeekNames = array(_formulize_CAL_WEEK_1_3ABRV, _formulize_CAL_WEEK_2_3ABRV, _formulize_CAL_WEEK_3_3ABRV, _formulize_CAL_WEEK_4_3ABRV, _formulize_CAL_WEEK_5_3ABRV, _formulize_CAL_WEEK_6_3ABRV, _formulize_CAL_WEEK_7_3ABRV);
} else {
$arrayWeekNames = array(_formulize_CAL_WEEK_1, _formulize_CAL_WEEK_2, _formulize_CAL_WEEK_3, _formulize_CAL_WEEK_4, _formulize_CAL_WEEK_5, _formulize_CAL_WEEK_6, _formulize_CAL_WEEK_7);
}
// convert string date into parts
$arrayDate = getdate(strtotime($settings['calview'] . "-01"));
$dateMonth = $arrayDate["mon"];
$dateDay = $arrayDate["mday"];
$dateYear = $arrayDate["year"];
// get the number of days in the month.
$dateMonthDays = days_in_month($dateMonth, $dateYear);
// get the month's first week start day.
$dateMonthStartDay = $arrayDate["wday"];
// get the number of weeks.
$dateMonthWeeks = week_in_month($dateMonthDays) + 1;
// intialize MONTH template information
// each cell is an array:
// [0] - is control information, where each entry is an array:
// [0] - day number
// [1] - send date
// [1] - is an array containing all items, where each item is also an array:
// [0] - $ids[0]
// [1] - $frids[$i]
// [2] - $fids[$i]
// [3] - $textToDisplay
// [4] - true/false based on user's right to delete this item (based on either delete own, or delete others permission)
if ($type == "month" || $type == "mini_month" || $type == "micro_month") {
// initialize grid: convert the data set into a grid of 7 columns for
// days and a row for each week
$displayDay = "";
for ($intWeeks = 0; $intWeeks < $dateMonthWeeks; $intWeeks++) {
$calendarData[$intWeeks] = array();
for ($intDays = 0; $intDays < 7; $intDays++) {
// check to see if the processing day is the start day.
if ($intWeeks == 0 && $displayDay == "") {
if ($intDays == $dateMonthStartDay) {
$displayDay = 1;
}
} else {
if ($displayDay != "") {
$displayDay++;
if ($displayDay > $dateMonthDays) {
$displayDay = "";
}
}
}
$calendarData[$intWeeks][$intDays] = array();
$calendarData[$intWeeks][$intDays][0][0] = $displayDay;
$calendarData[$intWeeks][$intDays][0][1] = $dateYear . "-" . $dateMonth . "-" . ($displayDay < 10 ? "0" . $displayDay : $displayDay);
//$calendarData[$intWeeks][$intDays][1] = array();
}
}
// Initialize template variables
$xoopsTpl->assign('previousMonth', $dateMonth - 1 < 1 ? $dateYear - 1 . "-12" : $dateYear . "-" . ($dateMonth - 1 < 10 ? "0" . ($dateMonth - 1) : $dateMonth - 1));
$xoopsTpl->assign('nextMonth', $dateMonth + 1 > 12 ? $dateYear + 1 . "-01" : $dateYear . "-" . ($dateMonth + 1 < 10 ? "0" . ($dateMonth + 1) : $dateMonth + 1));
$monthSelector = array();
$numberOfMonths = count($arrayMonthNames);
for ($intMonth = 0; $intMonth < $numberOfMonths; $intMonth++) {
$monthName = $arrayMonthNames[$intMonth];
$monthSelector[$intMonth + 1 < 10 ? "0" . ($intMonth + 1) : $intMonth + 1] = $monthName;
}
$xoopsTpl->assign('monthSelector', $monthSelector);
$yearSelector = array();
$startYear = $dateYear - 4;
$endYear = $dateYear + 3;
for ($intYear = $startYear; $intYear <= $endYear; $intYear++) {
$yearSelector[] = $intYear;
}
$xoopsTpl->assign('yearSelector', $yearSelector);
}
// process data set(s)
for ($i = 0; $i < count($data); $i++) {
foreach ($data[$i] as $id => $entry) {
if (!$frids[$i]) {
if (is_array($viewHandles[$i])) {
$formhandle = getFormHandleFromEntry($entry, $viewHandles[$i][0]);
} else {
$formhandle = getFormHandleFromEntry($entry, $viewHandles[$i]);
}
} else {
$formhandle = $mainforms[$i];
}
$ids = internalRecordIds($entry, $formhandle);
if (is_array($viewHandles[$i])) {
$needsep = 0;
// make sure that no data is keep from previous processing
$textToDisplay = "";
foreach ($viewHandles[$i] as $thisVH) {
if ($needsep) {
$textToDisplay .= ", ";
}
$needsep = 1;
$textToDisplay .= display($entry, $thisVH);
}
} else {
$textToDisplay = display($entry, $viewHandles[$i]);
}
if ($viewPrefixes[$i]) {
$textToDisplay = $viewPrefixes[$i] . $textToDisplay;
}
$calendarDataItem = array();
$calendarDataItem[0] = $ids[0];
$calendarDataItem[1] = $frids[$i];
$calendarDataItem[2] = $fids[$i];
$calendarDataItem[3] = $textToDisplay;
$calendarDataItem[4] = ($i == 0 and formulizePermHandler::user_can_delete_entry($fids[$i], display($entry, "uid"), $ids[0]));
if ($type == "month" || $type == "mini_month" || $type == "micro_month") {
if (is_array($dateHandles[$i])) {
$startValue = display($entry, $dateHandles[$i][0]);
$endValue = display($entry, $dateHandles[$i][1]);
if ($startValue && $endValue) {
$startDate = strtotime($startValue);
$endDate = strtotime($endValue);
for ($x = $startDate; $x <= $endDate; $x = $x + 86400) {
$arrayDate = getdate($x);
if ($arrayDate["mon"] == $dateMonth) {
$calendarData = assignItem($arrayDate, $calendarDataItem, $calendarData);
}
}
} else {
if ($startValue) {
$startDate = strtotime($startValue);
$arrayDate = getdate($startDate);
$calendarData = assignItem($arrayDate, $calendarDataItem, $calendarData);
} else {
$endDate = strtotime($endValue);
$arrayDate = getdate($endDate);
$calendarData = assignItem($arrayDate, $calendarDataItem, $calendarData);
}
}
} else {
$currentDate = display($entry, $dateHandles[$i]);
$arrayDate = getdate(strtotime($currentDate));
$calendarData = assignItem($arrayDate, $calendarDataItem, $calendarData);
}
}
}
}
// Initialize common template variables
$xoopsTpl->assign('cal_type', $type);
$xoopsTpl->assign('rights', $rights);
$xoopsTpl->assign('frids', $frids[0]);
$xoopsTpl->assign('fids', $fids[0]);
$xoopsTpl->assign('addItem', _formulize_CAL_ADD_ITEM);
$xoopsTpl->assign('rowStyleEven', true);
$xoopsTpl->assign('MonthNames', $arrayMonthNames);
$xoopsTpl->assign('WeekNames', $arrayWeekNames);
$xoopsTpl->assign('dateMonthZeroIndex', $dateMonth - 1);
$xoopsTpl->assign('dateMonth', $dateMonth);
$xoopsTpl->assign('dateYear', $dateYear);
$xoopsTpl->assign('currentURL', $currentURL);
$xoopsTpl->assign('hidden', $hidden);
$xoopsTpl->assign('calview', $settings['calview']);
$xoopsTpl->assign('calendarData', $calendarData);
$xoopsTpl->assign('delete', _formulize_DELETE);
$xoopsTpl->assign('delconf', _formulize_DELCONF);
// force template to be drawn
$xoopsTpl->display("db:calendar_" . $type . ".html");
}
function getDefaultCols($fid, $frid = "")
{
global $xoopsDB, $xoopsUser;
if ($frid) {
// expand the headerlist to include the other forms
$fids[0] = $fid;
$check_results = checkForLinks($frid, $fids, $fid, "", "", "", "", "", "", "0");
$fids = $check_results['fids'];
$sub_fids = $check_results['sub_fids'];
$gperm_handler =& xoops_gethandler('groupperm');
$groups = $xoopsUser ? $xoopsUser->getGroups() : array(0 => XOOPS_GROUP_ANONYMOUS);
$uid = $xoopsUser ? $xoopsUser->getVar('uid') : "0";
$mid = getFormulizeModId();
$ele_handles = array();
$processedFids = array();
foreach ($fids as $this_fid) {
if (security_check($this_fid, "", $uid, "", $groups, $mid, $gperm_handler) and !isset($processedFids[$this_fid])) {
$ele_handles = array_merge($ele_handles, getHeaderList($this_fid, true, true));
$processedFids[$this_fid] = true;
}
}
foreach ($sub_fids as $this_fid) {
if (security_check($this_fid, "", $uid, "", $groups, $mid, $gperm_handler) and !isset($processedFids[$this_fid])) {
$ele_handles = array_merge($ele_handles, getHeaderList($this_fid, true, true));
$processedFids[$this_fid] = true;
}
}
return $ele_handles;
} else {
$ele_handles = getHeaderList($fid, true, true);
// third param causes element handles to be returned instead of IDs
return $ele_handles;
}
}
** Author: nuSoftware
** Created: 2007/04/26
** Last modified: 2009/07/15
**
** Copyright 2004, 2005, 2006, 2007, 2008, 2009 nuSoftware
**
** This file is part of the nuBuilder source package and is licensed under the
** GPLv3. For support on developing in nuBuilder, please visit the nuBuilder
** wiki and forums. For details on contributing a patch for nuBuilder, please
** visit the `Project Contributions' forum.
**
** Website: http://www.nubuilder.com
** Wiki: http://wiki.nubuilder.com
** Forums: http://forums.nubuilder.com
*/
setcookie("security_check", security_check());
$dir = $_GET['d'];
//--a parameter passed that can be accessed by #session_parameter#
$parameter = $_GET['p'];
require_once "../{$dir}/database.php";
require_once "config.php";
include 'common.php';
$small = iif($_GET['small'] == '', '0', $_GET['small']);
$user = mysql_real_escape_string($_POST["u"]);
$pass = mysql_real_escape_string($_POST["p"]);
$sessionid = uniqid(1);
$twodaysago = nuDateAddDays(Today(), -2);
nuRunQuery("DELETE FROM zzsys_variable WHERE sva_expiry_date < '{$twodaysago}'");
nuRunQuery("DELETE FROM zzsys_trap WHERE sys_added is null OR sys_added < '{$twodaysago}'");
nuRunQuery("DELETE FROM zzsys_duplicate WHERE sdu_date < '{$twodaysago}'");
nuRunQuery("DELETE FROM zzsys_session WHERE sss_session_date < '{$twodaysago}'");
function render($ele_value, $caption, $markupName, $isDisabled, $element, $entry_id, $screen)
{
$fid = $element->getVar('id_form');
$this_ele_id = $element->getVar('ele_id');
global $xoopsUser;
$uid = $xoopsUser ? $xoopsUser->getVar('uid') : 0;
$groups = $xoopsUser->getGroups();
$sub_fids = $GLOBALS['formulize_sub_fids'];
// set in compileElements, right before the displayElement function is called
$mid = getFormulizeModId();
$frid = $GLOBALS['framework'];
$sub_entries = $GLOBALS['sub_entries'];
//set in compileElements
$owner = getEntryOwner($entry_id, $fid);
$thissfid = $ele_value[0];
if (!$thissfid) {
continue;
}
// can't display non-specified subforms!
if ($passed = security_check($thissfid) and in_array($thissfid, $sub_fids)) {
$GLOBALS['sfidsDrawn'][] = $thissfid;
$customCaption = $element->getVar('ele_caption');
$customElements = $ele_value[1] ? explode(",", $ele_value[1]) : "";
$subUICols = drawSubLinks($thissfid, $sub_entries, $uid, $groups, $frid, $mid, $fid, $entry_id, $caption, $customElements, intval($ele_value[2]), $ele_value[3], $ele_value[4], $ele_value[5], $owner, $ele_value[6], $ele_value[7], $this_ele_id, $ele_value[8], $ele_value[9]);
// 2 is the number of default blanks, 3 is whether to show the view button or not, 4 is whether to use captions as headings or not, 5 is override owner of entry, $owner is mainform entry owner, 6 is hide the add button, 7 is the conditions settings for the subform element, 8 is the setting for showing just a row or the full form, 9 is text for the add entries button
if (isset($subUICols['single'])) {
$form_ele = array($subUICols['single'], "even");
} else {
$subLinkUI = new XoopsFormLabel($subUICols['c1'], $subUICols['c2']);
$form_ele = $subLinkUI;
}
unset($subLinkUI);
}
return $form_ele;
}
include_once XOOPS_ROOT_PATH . '/modules/formulize/include/functions.php';
// Set some required variables
$mid = getFormulizeModId();
$fid = "";
if (!($fid = $_GET['fid'])) {
$fid = intval($_POST['fid']);
}
$frid = "";
if (!($frid = $_GET['frid'])) {
$frid = intval($_POST['frid']);
}
$gperm_handler =& xoops_gethandler('groupperm');
$member_handler =& xoops_gethandler('member');
$groups = $xoopsUser ? $xoopsUser->getGroups() : array(0 => XOOPS_GROUP_ANONYMOUS);
$uid = $xoopsUser ? $xoopsUser->getVar('uid') : 0;
if (!($scheck = security_check($fid, "", $uid, "", $groups, $mid, $gperm_handler))) {
print "<p>" . _NO_PERM . "</p>";
exit;
}
// main body of page goes here...
/* desired calculations:
sum
min
max
average (mean, median, mode)
counts (blank, non-blank)
percentage breakdowns
Need subtotalling/grouping capability, ie: show intermediate totals for the sum of all students in activity logs for each student, or show percentage breakdown of 1-5 ratings of all activities for each volunteer
--premise is that subtotalling/grouping can be done by any value in another column, or by any metadata for entries.
echo '<td align="center" width="40%">' . TEXT_FORMS . '<br /><a href="javascript:Expand(\'' . $key . '\');">' . TEXT_EXPAND_ALL . '</a> - <a href="javascript:Collapse(\'' . $key . '\');">' . TEXT_COLLAPSE_ALL . '</a></td>' . chr(10);
echo '<td align="center" width="20%"> <br /> </td>' . chr(10);
echo '</tr>';
echo '<tr><td valign="top">';
$report_types_heading = array('0' => RW_RPT_MYRPT, '1' => RW_RPT_DEFRPT);
foreach ($report_types_heading as $standard => $fieldset_title) {
echo '<fieldset><legend>' . $fieldset_title . '</legend>';
$definitions->Move(0);
$definitions->MoveNext();
while (!$definitions->EOF) {
$report_id = $definitions->fields['id'];
if (!isset($rr_security[$report_id])) {
$rr_security[$report_id] = 'u:0;e:0;d:0';
// enable everyone if security not set
}
if (security_check($rr_security[$report_id])) {
if ($definitions->fields['groupname'] == $key && $definitions->fields['standard_report'] == $standard) {
echo html_radio_field('id', 'r' . $report_id, false);
echo ' ' . stripslashes($definitions->fields['description']) . '<br />' . chr(10);
}
}
$definitions->MoveNext();
}
echo '</fieldset>' . chr(10);
}
echo '</td>' . chr(10);
// show form list
$temp = build_form_href($form_array[$key]['children'], 'rpt_' . $key);
if ($temp) {
echo '<td valign="top"><fieldset>' . $temp . '</fieldset></td>' . chr(10);
} else {
function displayEntries($formframe, $mainform = "", $loadview = "", $loadOnlyView = 0, $viewallforms = 0, $screen = null)
{
formulize_benchmark("start of drawing list");
global $xoopsDB, $xoopsUser;
// Set some required variables
$mid = getFormulizeModId();
list($fid, $frid) = getFormFramework($formframe, $mainform);
$gperm_handler =& xoops_gethandler('groupperm');
$member_handler =& xoops_gethandler('member');
$groups = $xoopsUser ? $xoopsUser->getGroups() : array(0 => XOOPS_GROUP_ANONYMOUS);
$uid = $xoopsUser ? $xoopsUser->getVar('uid') : "0";
if (!($scheck = security_check($fid, "", $uid, "", $groups, $mid, $gperm_handler))) {
print "<p>" . _NO_PERM . "</p>";
return;
}
// must wrap security check in only the conditions in which it is needed, so we don't interfere with saving data in a form (which independently checks the security token)
$formulize_LOESecurityPassed = (isset($GLOBALS['formulize_securityCheckPassed']) and $GLOBALS['formulize_securityCheckPassed']) ? true : false;
if (($_POST['delconfirmed'] or $_POST['cloneconfirmed'] or $_POST['delviewid_formulize'] or $_POST['saveid_formulize'] or is_numeric($_POST['caid'])) and !$formulize_LOESecurityPassed) {
$module_handler =& xoops_gethandler('module');
$config_handler =& xoops_gethandler('config');
$formulizeModule =& $module_handler->getByDirname("formulize");
$formulizeConfig =& $config_handler->getConfigsByCat(0, $formulizeModule->getVar('mid'));
$modulePrefUseToken = $formulizeConfig['useToken'];
$useToken = $screen ? $screen->getVar('useToken') : $modulePrefUseToken;
if (isset($GLOBALS['xoopsSecurity']) and $useToken) {
$formulize_LOESecurityPassed = $GLOBALS['xoopsSecurity']->check();
} else {
// if there is no security token, then assume true -- necessary for old versions of XOOPS.
$formulize_LOESecurityPassed = true;
}
}
// check for all necessary permissions
$add_own_entry = $gperm_handler->checkRight("add_own_entry", $fid, $groups, $mid);
$delete_own_reports = $gperm_handler->checkRight("delete_own_reports", $fid, $groups, $mid);
$delete_other_reports = $gperm_handler->checkRight("delete_other_reports", $fid, $groups, $mid);
$update_other_reports = $gperm_handler->checkRight("update_other_reports", $fid, $groups, $mid);
$update_own_reports = $gperm_handler->checkRight("update_own_reports", $fid, $groups, $mid);
$view_globalscope = $gperm_handler->checkRight("view_globalscope", $fid, $groups, $mid);
$view_groupscope = $gperm_handler->checkRight("view_groupscope", $fid, $groups, $mid);
// Question: do we need to add check here to make sure that $loadview is an available report (move function call from the generateViews function) and if it is not, then nullify
// we may want to be able to pass in any old report, it's kind of like a way to override the publishing process. Problem is unpublished reports or reports that aren't actually published to the user won't show up in the list of views.
// [update: loaded views do not include the list of views, they have no interface at all except quick searches and quick sorts. Since the intention is clearly for them to be accessed through pageworks, we will leave the permission control up to the application designer for now]
$currentURL = getCurrentURL();
// get title
$displaytitle = getFormTitle($fid);
// get default info and info passed to page....
// clear any default search text that has been passed (because the user didn't actually search for anything)
foreach ($_POST as $k => $v) {
if (substr($k, 0, 7) == "search_" and $v == _formulize_DE_SEARCH_HELP) {
unset($_POST[$k]);
break;
// assume this is only sent once, since the help text only appears in the first column
}
}
// check for deletion request (set by 'delete selected' button)
if ($_POST['delconfirmed'] and $formulize_LOESecurityPassed) {
foreach ($_POST as $k => $v) {
if (substr($k, 0, 7) == "delete_" and $v != "") {
$delete_entry_id = substr($k, 7);
// confirm user has permission to delete this entry
if (formulizePermHandler::user_can_delete_entry($fid, $uid, $delete_entry_id)) {
$GLOBALS['formulize_deletionRequested'] = true;
// new syntax for deleteEntry, Sept 18 2005 -- used to handle deleting all unified display entries that are linked to this entry.
if ($frid) {
deleteEntry($delete_entry_id, $frid, $fid, $gperm_handler, $member_handler, $mid);
} else {
deleteEntry($delete_entry_id, "", $fid);
}
}
}
}
}
// check for cloning request and if present then clone entries
if ($_POST['cloneconfirmed'] and $formulize_LOESecurityPassed and $add_own_entry) {
foreach ($_POST as $k => $v) {
if (substr($k, 0, 7) == "delete_" and $v != "") {
$thisentry = substr($k, 7);
cloneEntry($thisentry, $frid, $fid, $_POST['cloneconfirmed']);
// cloneconfirmed is the number of copies required
}
}
}
// handle deletion of view...reset currentView
if ($_POST['delview'] and $formulize_LOESecurityPassed and ($delete_other_reports or $delete_own_reports)) {
if (substr($_POST['delviewid_formulize'], 1, 4) == "old_") {
$delviewid_formulize = substr($_POST['delviewid_formulize'], 5);
} else {
$delviewid_formulize = substr($_POST['delviewid_formulize'], 1);
}
if ($delete_other_reports or $xoopsUser->getVar('uid') == getSavedViewOwner($delviewid_formulize)) {
// "get saved view owner" only works with new saved view format in 2.0 or greater, but since that is 2.5 years old now, should be good to go!
if (substr($_POST['delviewid_formulize'], 1, 4) == "old_") {
$sql = "DELETE FROM " . $xoopsDB->prefix("formulize_reports") . " WHERE report_id='" . $delviewid_formulize . "'";
} else {
$sql = "DELETE FROM " . $xoopsDB->prefix("formulize_saved_views") . " WHERE sv_id='" . $delviewid_formulize . "'";
}
if (!($res = $xoopsDB->query($sql))) {
exit("Error deleting report: " . $_POST['delviewid_formulize']);
}
unset($_POST['currentview']);
$_POST['resetview'] = 1;
}
}
// if resetview is set, then unset POST and then set currentview to resetview
// intended for when a user switches from a locked view back to a basic view. In that case we want all settings to be cleared and everything to work like the basic view, rather than remembering, for instance, that the previous view had a calculation or a search of something.
// users who view reports (views) that aren't locked can switch back to a basic view and retain settings. This is so they can make changes to a view and then save the updates. It is also a little confusing to switch from a predefined view to a basic one but have the predefined view's settings still hanging around.
// recommendation to users should be to lock the controls for all published views.
// (this routine also invoked when a view has been deleted)
$resetview = false;
if ($_POST['resetview']) {
$resetview = $_POST['currentview'];
foreach ($_POST as $k => $v) {
unset($_POST[$k]);
}
$_POST['currentview'] = $resetview;
}
// handle saving of the view if that has been requested
// only do this if there's a saveid_formulize and they passed the security check, and any one of these: they can update other reports, or this is a "new" view, or this is not a new view, and it belongs to them and they have update own reports permission
if ($_POST['saveid_formulize'] and $formulize_LOESecurityPassed and ($update_other_reports or (is_numeric($_POST['saveid_formulize']) and ($update_own_reports and $xoopsUser->getVar('uid') == getSavedViewOwner($_POST['saveid_formulize'])) or $_POST['saveid_formulize'] == "new"))) {
// gather all values
//$_POST['currentview'] -- from save (they might have updated/changed the scope)
//possible situations:
// user replaced a report, so we need to set that report as the name of the dropdown, value is currentview
// user made a new report, so we need to set that report as the name and the value is currentview
// so name of the report gets sent to $loadedView, which also gets assigned to settings array
// report is either newid or newname if newid is "new"
// newscope goes to $_POST['currentview']
//$_POST['oldcols'] -- from page
//$_POST['asearch'] -- from page
//$_POST['calc_cols'] -- from page
//$_POST['calc_calcs'] -- from page
//$_POST['calc_blanks'] -- from page
//$_POST['calc_grouping'] -- from page
//$_POST['sort'] -- from page
//$_POST['order'] -- from page
//$_POST['hlist'] -- passed from page
//$_POST['hcalc'] -- passed from page
//$_POST['lockcontrols'] -- passed from save
//and quicksearches -- passed with the page
// pubgroups -- passed from save
$_POST['currentview'] = $_POST['savescope'];
$saveid_formulize = $_POST['saveid_formulize'];
$_POST['lockcontrols'] = $_POST['savelock'];
$savegroups = $_POST['savegroups'];
// put name into loadview
if ($saveid_formulize != "new") {
if (!strstr($saveid_formulize, "old_")) {
// if it's not a legacy report...
$sname = q("SELECT sv_name, sv_owner_uid FROM " . $xoopsDB->prefix("formulize_saved_views") . " WHERE sv_id = \"" . substr($saveid_formulize, 1) . "\"");
if ($sname[0]['sv_owner_uid'] == $uid) {
$loadedView = $saveid_formulize;
} else {
$loadedView = "p" . substr($saveid_formulize, 1);
}
}
}
$savename = $_POST['savename'];
if (get_magic_quotes_gpc()) {
$savename = stripslashes($savename);
}
// flatten quicksearches -- one value in the array for every column in the view
$allcols = explode(",", $_POST['oldcols']);
foreach ($allcols as $thiscol) {
$allquicksearches[] = $_POST['search_' . $thiscol];
}
// need to grab all hidden quick searches and then add any hidden columns to the column list...need to reverse this process when loading views
foreach ($_POST as $k => $v) {
if (substr($k, 0, 7) == "search_" and $v != "") {
if (!in_array(substr($k, 7), $allcols) and substr($v, 0, 1) == "!" and substr($v, -1) == "!") {
$_POST['oldcols'] .= ",hiddencolumn_" . substr($k, 7);
$allquicksearches[] = $v;
}
}
}
$qsearches = implode("&*=%4#", $allquicksearches);
$savename = formulize_db_escape($savename);
$savesearches = formulize_db_escape($_POST['asearch']);
//print $_POST['asearch'] . "<br>";
//print "$savesearches<br>";
$qsearches = formulize_db_escape($qsearches);
if ($frid) {
$saveformframe = $frid;
$savemainform = $fid;
} else {
$saveformframe = $fid;
$savemainform = "";
}
if ($saveid_formulize == "new" or strstr($saveid_formulize, "old_")) {
if ($saveid_formulize == "new") {
$owneruid = $uid;
$moduid = $uid;
} else {
// get existing uid
$olduid = q("SELECT report_uid FROM " . $xoopsDB->prefix("formulize_reports") . " WHERE report_id = '" . substr($saveid_formulize, 5) . "'");
$owneruid = $olduid[0]['report_uid'];
$moduid = $uid;
}
$savesql = "INSERT INTO " . $xoopsDB->prefix("formulize_saved_views") . " (" . "sv_name, " . "sv_pubgroups, " . "sv_owner_uid, " . "sv_mod_uid, " . "sv_formframe, " . "sv_mainform, " . "sv_lockcontrols, " . "sv_hidelist, " . "sv_hidecalc, " . "sv_asearch, " . "sv_sort, " . "sv_order, " . "sv_oldcols, " . "sv_currentview, " . "sv_calc_cols, " . "sv_calc_calcs, " . "sv_calc_blanks, " . "sv_calc_grouping, " . "sv_quicksearches, " . "sv_global_search" . ") VALUES (" . "\"" . formulize_db_escape($savename) . "\", " . "\"" . formulize_db_escape($savegroups) . "\", " . "\"" . formulize_db_escape($owneruid) . "\", " . "\"" . formulize_db_escape($moduid) . "\", " . "\"" . formulize_db_escape($saveformframe) . "\", " . "\"" . formulize_db_escape($savemainform) . "\", " . "\"" . formulize_db_escape($_POST['savelock']) . "\", " . "\"" . formulize_db_escape($_POST['hlist']) . "\", " . "\"" . formulize_db_escape($_POST['hcalc']) . "\", " . "\"" . formulize_db_escape($savesearches) . "\", " . "\"" . formulize_db_escape($_POST['sort']) . "\", " . "\"" . formulize_db_escape($_POST['order']) . "\", " . "\"" . formulize_db_escape($_POST['oldcols']) . "\", " . "\"" . formulize_db_escape($_POST['savescope']) . "\", " . "\"" . formulize_db_escape($_POST['calc_cols']) . "\", " . "\"" . formulize_db_escape($_POST['calc_calcs']) . "\", " . "\"" . formulize_db_escape($_POST['calc_blanks']) . "\", " . "\"" . formulize_db_escape($_POST['calc_grouping']) . "\", " . "\"" . formulize_db_escape($qsearches) . "\", " . "\"" . formulize_db_escape($_POST['global_search']) . "\" " . ")";
} else {
// print "UPDATE " . $xoopsDB->prefix("formulize_saved_views") . " SET sv_pubgroups=\"$savegroups\", sv_mod_uid=\"$uid\", sv_lockcontrols=\"{$_POST['savelock']}\", sv_hidelist=\"{$_POST['hlist']}\", sv_hidecalc=\"{$_POST['hcalc']}\", sv_asearch=\"$savesearches\", sv_sort=\"{$_POST['sort']}\", sv_order=\"{$_POST['order']}\", sv_oldcols=\"{$_POST['oldcols']}\", sv_currentview=\"{$_POST['savescope']}\", sv_calc_cols=\"{$_POST['calc_cols']}\", sv_calc_calcs=\"{$_POST['calc_calcs']}\", sv_calc_blanks=\"{$_POST['calc_blanks']}\", sv_calc_grouping=\"{$_POST['calc_grouping']}\", sv_quicksearches=\"$qsearches\" WHERE sv_id = \"" . substr($saveid_formulize, 1) . "\"";
$savesql = "UPDATE " . $xoopsDB->prefix("formulize_saved_views") . " SET " . "sv_name \t\t\t= \"" . formulize_db_escape($savename) . "\", " . "sv_pubgroups \t\t= \"" . formulize_db_escape($savegroups) . "\", " . "sv_mod_uid \t\t= \"" . formulize_db_escape($uid) . "\", " . "sv_lockcontrols \t= \"" . formulize_db_escape($_POST['savelock']) . "\", " . "sv_hidelist \t\t= \"" . formulize_db_escape($_POST['hlist']) . "\", " . "sv_hidecalc \t\t= \"" . formulize_db_escape($_POST['hcalc']) . "\", " . "sv_asearch \t\t= \"" . formulize_db_escape($savesearches) . "\", " . "sv_sort \t\t\t= \"" . formulize_db_escape($_POST['sort']) . "\", " . "sv_order \t\t\t= \"" . formulize_db_escape($_POST['order']) . "\", " . "sv_oldcols \t\t= \"" . formulize_db_escape($_POST['oldcols']) . "\", " . "sv_currentview \t= \"" . formulize_db_escape($_POST['savescope']) . "\", " . "sv_calc_cols \t\t= \"" . formulize_db_escape($_POST['calc_cols']) . "\", " . "sv_calc_calcs \t\t= \"" . formulize_db_escape($_POST['calc_calcs']) . "\", " . "sv_calc_blanks \t= \"" . formulize_db_escape($_POST['calc_blanks']) . "\", " . "sv_calc_grouping \t= \"" . formulize_db_escape($_POST['calc_grouping']) . "\", " . "sv_quicksearches \t= \"" . formulize_db_escape($qsearches) . "\", " . "sv_global_search = \"" . formulize_db_escape($_POST['global_search']) . "\" " . " WHERE " . "sv_id = \"" . substr($saveid_formulize, 1) . "\"";
}
// save the report
if (!($result = $xoopsDB->query($savesql))) {
exit("Error: unable to save the current view settings. SQL dump: {$savesql}");
}
if ($saveid_formulize == "new" or strstr($saveid_formulize, "old_")) {
if ($owneruid == $uid) {
$loadedView = "s" . $xoopsDB->getInsertId();
} else {
$loadedView = "p" . $xoopsDB->getInsertId();
}
}
$settings['loadedview'] = $loadedView;
// delete legacy report if necessary
if (strstr($saveid_formulize, "old_")) {
$dellegacysql = "DELETE FROM " . $xoopsDB->prefix("formulize_reports") . " WHERE report_id=\"" . substr($saveid_formulize, 5) . "\"";
if (!($result = $xoopsDB->query($dellegacysql))) {
exit("Error: unable to delete legacy report: " . substr($saveid_formulize, 5));
}
}
}
$forceLoadView = false;
if ($screen) {
$loadview = is_numeric($loadview) ? $loadview : $screen->getVar('defaultview');
// flag the screen default for loading if no specific view has been requested
if ($loadview == "mine" or $loadview == "group" or $loadview == "all" or $loadview == "blank" and (!isset($_POST['hlist']) and !isset($_POST['hcalc']))) {
// only pay attention to the "blank" default list if we are on an initial page load, ie: no hcalc or hlist is set yet, and one of those is set on each page load hereafter
$currentView = $loadview;
// if the default is a standard view, then use that instead and don't load anything
unset($loadview);
} elseif ($_POST['userClickedReset']) {
// only set if the user actually clicked that button, and in that case, we want to be sure we load the default as specified for the screen
$forceLoadView = true;
}
}
// set currentView to group if they have groupscope permission (overridden below by value sent from form)
// override with loadview if that is specified
if ($loadview and (!$_POST['currentview'] and $_POST['advscope'] == "" or $forceLoadView)) {
if (substr($loadview, 0, 4) == "old_") {
// this is a legacy view
$loadview = "p" . $loadview;
} elseif (is_numeric($loadview)) {
// new view id
$loadview = "p" . $loadview;
} else {
// new view name -- loading view by name -- note if two reports have the same name, then the first one created will be returned
$viewnameq = q("SELECT sv_id FROM " . $xoopsDB->prefix("formulize_saved_views") . " WHERE sv_name='{$loadview}' ORDER BY sv_id");
$loadview = "p" . $viewnameq[0]['sv_id'];
}
$_POST['currentview'] = $loadview;
$_POST['loadreport'] = 1;
} elseif ($view_globalscope and !$currentView) {
$currentView = "all";
} elseif ($view_groupscope and !$currentView) {
$currentView = "group";
} elseif (!$currentView) {
$currentView = "mine";
}
// debug block to show key settings being passed back to the page
/*
if($uid == 1) {
print "delview: " . $_POST['delview'] . "<br>";
print "advscope: " . $_POST['advscope'] . "<br>";
print "asearch: " . $_POST['asearch'] . "<br>";
print "Hidelist: " . $_POST['hlist'] . "<br>";
print "Hidecalc: " . $_POST['hcalc'] . "<br>";
print "Lock Controls: " . $_POST['lockcontrols'] . "<br>";
print "Sort: " . $_POST['sort'] . "<br>";
print "Order: " . $_POST['order'] . "<br>";
print "Cols: " . $_POST['oldcols'] . "<br>";
print "Curview: " . $_POST['currentview'] . "<br>";
print "Calculation columns: " . $_POST['calc_cols'] . "<br>";
print "Calculation calcs: " . $_POST['calc_calcs'] . "<br>";
print "Calculation blanks: " . $_POST['calc_blanks'] . "<br>";
print "Calculation grouping: " . $_POST['calc_grouping'] . "<br>";
foreach($_POST as $k=>$v) {
if(substr($k, 0, 7) == "search_" AND $v != "") {
print "$k: $v<br>";
}
}
}*/
// set flag to indicate whether we let the user's scope setting expand beyond their normal permission level (happens when unlocked published views are in effect)
$currentViewCanExpand = false;
// handling change in view, and loading reports/saved views if necessary
if ($_POST['loadreport']) {
if (substr($_POST['currentview'], 1, 4) == "old_") {
// legacy report
// load old report values and then assign them to the correct $_POST keys in order to present the view
$loadedView = $_POST['currentview'];
$settings['loadedview'] = $loadedView;
// kill the quicksearches
foreach ($_POST as $k => $v) {
if (substr($k, 0, 7) == "search_" and $v != "") {
unset($_POST[$k]);
}
}
list($_POST['currentview'], $_POST['oldcols'], $_POST['asearch'], $_POST['calc_cols'], $_POST['calc_calcs'], $_POST['calc_blanks'], $_POST['calc_grouping'], $_POST['sort'], $_POST['order'], $_POST['hlist'], $_POST['hcalc'], $_POST['lockcontrols']) = loadOldReport(substr($_POST['currentview'], 5), $fid, $view_groupscope);
} elseif (is_numeric(substr($_POST['currentview'], 1))) {
// saved or published view
$loadedView = $_POST['currentview'];
$settings['loadedview'] = $loadedView;
// kill the quicksearches, unless we've found a special flag that will cause them to be preserved
if (!isset($_POST['formulize_preserveQuickSearches']) and !isset($_GET['formulize_preserveQuickSearches'])) {
foreach ($_POST as $k => $v) {
if (substr($k, 0, 7) == "search_" and $v != "") {
unset($_POST[$k]);
}
}
}
list($_POST['currentview'], $_POST['oldcols'], $_POST['asearch'], $_POST['calc_cols'], $_POST['calc_calcs'], $_POST['calc_blanks'], $_POST['calc_grouping'], $_POST['sort'], $_POST['order'], $savedViewHList, $savedViewHCalc, $_POST['lockcontrols'], $quicksearches, $_POST['global_search']) = loadReport(substr($_POST['currentview'], 1), $fid, $frid);
if (!isset($_POST['formulize_preserveListCalcPage']) and !isset($_GET['formulize_preserveListCalcPage'])) {
$_POST['hlist'] = $savedViewHList;
$_POST['hcalc'] = $savedViewHCalc;
}
// explode quicksearches into the search_ values
$allqsearches = explode("&*=%4#", $quicksearches);
$colsforsearches = explode(",", $_POST['oldcols']);
for ($i = 0; $i < count($allqsearches); $i++) {
if ($allqsearches[$i] != "") {
$_POST["search_" . str_replace("hiddencolumn_", "", dealWithDeprecatedFrameworkHandles($colsforsearches[$i], $frid))] = $allqsearches[$i];
// need to remove the hiddencolumn indicator if it is present
if (strstr($colsforsearches[$i], "hiddencolumn_")) {
unset($colsforsearches[$i]);
// remove columns that were added to the column list just so we would know the name of the hidden searches
}
}
}
$_POST['oldcols'] = implode(",", $colsforsearches);
// need to reconstruct this in case any columns were removed because of persistent searches on a hidden column
}
$currentView = $_POST['currentview'];
// need to check that the user is allowed to have this scope, unless the view is unlocked
// only works for the default levels of views, not specific group selections that a view might have...that would be more complicated and could be built in later
if ($_POST['lockcontrols']) {
if ($currentView == "all" and !$view_globalscope) {
$currentView = "group";
}
if ($currentView == "group" and !$view_groupscope and !$view_globalscope) {
$currentView = "mine";
}
}
// must check for this and set it here, inside this section, where we know for sure that $_POST['lockcontrols'] has been set based on the database value for the saved view, and not anything else sent from the user!!! Otherwise the user might be injecting a greater scope for themselves than they should have!
$currentViewCanExpand = $_POST['lockcontrols'] ? false : true;
// if the controls are not locked, then we can expand the view for the user so they can see things they wouldn't normally see
// if there is a screen with a top template in effect, then do not lock the controls even if the saved view says we should. Assume that the screen author has compensated for any permission issues.
// we need to do this after rachetting down the visibility controls. Fact is, controlling UI for users is one thing that we can trust the screen author to do, so we don't need to indicate that the controls are locked. But we don't want the visibility to override what people can normally see, so we rachet that down above.
if ($screen and $_POST['lockcontrols']) {
if ($screen->getTemplate('toptemplate') != "") {
$_POST['lockcontrols'] = 0;
}
}
} elseif ($_POST['advscope'] and strstr($_POST['advscope'], ",")) {
// looking for comma sort of means that we're checking that a valid advanced scope is being sent
$currentView = $_POST['advscope'];
} elseif ($_POST['currentview']) {
// could have been unset by deletion of a view or something else, so we must check to make sure it exists before we override the default that was determined above
if (is_numeric(substr($_POST['currentview'], 1))) {
// a saved view was requested as the current view, but we don't want to load the entire thing....this means that we just want to use the view to generate the scope, we don't want to load all settings. So we have to load the view, but discard everything but the view's currentview value
// if we were supposed to load the whole thing, loadreport would have been set in post and the above code would have kicked in
$loadedViewSettings = loadReport(substr($_POST['currentview'], 1), $fid, $frid);
$currentview = $loadedViewSettings[0];
} else {
$currentView = $_POST['currentview'];
}
} elseif ($loadview) {
$currentView = $loadview;
}
// get columns for this form/framework or use columns sent from interface
// ele_handles for a form, handles for a framework, includes handles of all unified display forms
if ($_POST['oldcols']) {
$showcols = explode(",", $_POST['oldcols']);
} else {
// or use the defaults
$showcols = getDefaultCols($fid, $frid);
}
if ($_POST['newcols']) {
$temp_showcols = $_POST['newcols'];
$showcols = explode(",", $temp_showcols);
}
// convert framework handles to element handles if necessary
$showcols = dealWithDeprecatedFrameworkHandles($showcols, $frid);
$showcols = removeNotAllowedCols($fid, $frid, $showcols, $groups);
// converts old format metadata fields to new ones too if necessary
// Create settings array to pass to form page or to other functions
$settings['title'] = $displaytitle;
// get export options
if ($_POST['xport']) {
$settings['xport'] = $_POST['xport'];
if ($_POST['xport'] == "custom") {
$settings['xport_cust'] = $_POST['xport_cust'];
}
}
list($scope, $currentView) = buildScope($currentView, $member_handler, $gperm_handler, $uid, $groups, $fid, $mid, $currentViewCanExpand);
// generate the available views
// pubstart used to indicate to the delete button where the list of published views begins in the current view drop down (since you cannot delete published views)
list($settings['viewoptions'], $settings['pubstart'], $settings['endstandard'], $settings['pickgroups'], $settings['loadviewname'], $settings['curviewid'], $settings['publishedviewnames']) = generateViews($fid, $uid, $groups, $frid, $currentView, $loadedView, $view_groupscope, $view_globalscope, $_POST['curviewid'], $loadOnlyView, $screen, $_POST['lastloaded']);
// this param only used in case of loading of reports via passing in the report id or name through $loadview
if ($_POST['loadviewname']) {
$settings['loadviewname'] = $_POST['loadviewname'];
}
// if a view was loaded, then update the lastloaded value, otherwise preserve the previous value
if ($settings['curviewid']) {
$settings['lastloaded'] = $settings['curviewid'];
} else {
$settings['lastloaded'] = $_POST['lastloaded'];
}
// clear quick searches for any columns not included now
// also, convert any { } terms to literal values for users who can't update other reports, if the last loaded report doesn't belong to them (they're presumably just report consumers, so they don't need to preserve the abstract terms)
$hiddenQuickSearches = array();
// array used to indicate quick searches that should be present even if the column is not displayed to the user
foreach ($_POST as $k => $v) {
if (substr($k, 0, 7) == "search_" and !in_array(substr($k, 7), $showcols)) {
if (substr($v, 0, 1) == "!" and substr($v, -1) == "!") {
// don't strip searches that have ! at front and back
$hiddenQuickSearches[] = substr($k, 7);
continue;
// since the { } replacement is meant for the ease of use of non-admin users, and hiddenQuickSearches never show up to users on screen, we can skip the potentially expensive operations below in this loop
} else {
unset($_POST[$k]);
}
}
// if this is not a report/view that was created by the user, and they don't have update permission, then convert any { } terms to literals
// remove any { } terms that don't have a passed in value (so they appear as "" to users)
// only deal with terms that start and end with { } and not ones where the { } terms is not the entire term
if (is_string($v) and substr($v, 0, 1) == "{" and substr($v, -1) == "}" and substr($k, 0, 7) == "search_" and in_array(substr($k, 7), $showcols)) {
$requestKeyToUse = substr($v, 1, -1);
if (!strstr($requestKeyToUse, "}") and !strstr($requestKeyToUse, "{")) {
// double check that there's no other { } in the term!
$activeViewId = substr($settings['lastloaded'], 1);
// will have a p in front of the number, to show it's a published view (or an s, but that's unlikely to ever happen in this case)
$ownerOfLastLoadedViewData = q("SELECT sv_owner_uid FROM " . $xoopsDB->prefix("formulize_saved_views") . " WHERE sv_id=" . intval($activeViewId));
$ownerOfLastLoadedView = $ownerOfLastLoadedViewData[0]['sv_owner_uid'];
if (!$update_other_reports and $uid != $ownerOfLastLoadedView) {
if (isset($_POST[$requestKeyToUse])) {
$_POST[$k] = htmlspecialchars(strip_tags(trim($_POST[$requestKeyToUse])));
} elseif (isset($_GET[$requestKeyToUse])) {
$_POST[$k] = htmlspecialchars(strip_tags(trim($_GET[$requestKeyToUse])));
} elseif ($v == "{USER}" and $xoopsUser) {
$_POST[$k] = $xoopsUser->getVar('name') ? $xoopsUser->getVar('name') : $xoopsUser->getVar('uname');
} elseif (!strstr($v, "{BLANK}") and !strstr($v, "{TODAY") and !strstr($v, "{PERGROUPFILTER}") and !strstr($v, "{USER")) {
unset($_POST[$k]);
// clear terms where no match was found, because this term is not active on the current page, so don't confuse users by showing it
}
}
}
}
}
$settings['currentview'] = $currentView;
$settings['currentURL'] = $currentURL;
// no need for both these values now, since framework handles are deprecated
$settings['columns'] = $showcols;
$settings['columnhandles'] = $showcols;
$settings['hlist'] = $_POST['hlist'];
$settings['hcalc'] = $_POST['hcalc'];
// determine if the controls should really be locked...
if ($_POST['lockcontrols']) {
// if a view locks the controls
// only lock the controls when the user is not a member of the currentview groups AND has no globalscope
// OR if they are a member of the currentview groups AND has no groupscope or no globalscope
switch ($currentView) {
case "mine":
$settings['lockcontrols'] = "";
break;
case "all":
if ($view_globalscope) {
$settings['lockcontrols'] = "";
} else {
$settings['lockcontrols'] = "1";
}
break;
case "group":
if ($view_groupscope or $view_globalscope) {
$settings['lockcontrols'] = "";
} else {
$settings['lockcontrols'] = "1";
}
break;
default:
$viewgroups = explode(",", trim($currentView, ","));
// get the groups that the current user has specified scope for, and if none, then look at view form
$formulize_permHandler = new formulizePermHandler($fid);
$groupsWithAccess = $formulize_permHandler->getGroupScopeGroupIds($groups);
if ($groupsWithAccess === false) {
$groupsWithAccess = $gperm_handler->getGroupIds("view_form", $fid, $mid);
$groupsWithAccess = array_intersect($groups, $groupsWithAccess);
// limit to just the user's own groups that have this permission, since what we're checking of below is whether the user's groups with view form meet the condition or not
}
$diff = array_diff($viewgroups, $groupsWithAccess);
if (!isset($diff[0]) and $view_groupscope) {
// if the scopegroups are completely included in the user's groups that have access to the form, and they have groupscope (ie: they would be allowed to see all these entries anyway)
$settings['lockcontrols'] = "";
} elseif ($view_globalscope) {
// if they have global scope
$settings['lockcontrols'] = "";
} else {
// no globalscope and even if they're a member of the scope for this view, they don't have groupscope
$settings['lockcontrols'] = "1";
}
}
} else {
$settings['lockcontrols'] = "";
}
$settings['asearch'] = $_POST['asearch'];
if ($_POST['asearch']) {
$as_array = explode("/,%^&2", $_POST['asearch']);
foreach ($as_array as $k => $one_as) {
$settings['as_' . $k] = $one_as;
}
}
$settings['oldcols'] = implode(",", $showcols);
$settings['ventry'] = $_POST['ventry'];
// get sort and order options
$_POST['sort'] = dealWithDeprecatedFrameworkHandles($_POST['sort'], $frid);
$settings['sort'] = $_POST['sort'];
$settings['order'] = $_POST['order'];
//get all submitted search text
foreach ($_POST as $k => $v) {
if (substr($k, 0, 7) == "search_" and $v != "") {
$thiscol = substr($k, 7);
$searches[$thiscol] = $v;
$temp_key = "search_" . $thiscol;
$settings[$temp_key] = $v;
}
}
// get the submitted global search text
$settings['global_search'] = $_POST['global_search'];
// get all requested calculations...assign to settings array.
$settings['calc_cols'] = $_POST['calc_cols'];
$settings['calc_calcs'] = $_POST['calc_calcs'];
$settings['calc_blanks'] = $_POST['calc_blanks'];
$settings['calc_grouping'] = $_POST['calc_grouping'];
// grab all the locked columns so we can persist them
if (strstr($_POST['formulize_lockedColumns'], ",")) {
$settings['lockedColumns'] = array_unique(explode(",", trim($_POST['formulize_lockedColumns'], ",")));
} elseif (strlen($_POST['formulize_lockedColumns']) > 0) {
$settings['lockedColumns'] = array(intval($_POST['formulize_lockedColumns']));
} else {
$settings['lockedColumns'] = array();
}
// set the requested procedure, if any
$settings['advcalc_acid'] = strip_tags(htmlspecialchars($_POST['advcalc_acid']));
formulize_addProcedureChoicesToPost($settings['advcalc_acid']);
// gather id of the cached data, if any
$settings['formulize_cacheddata'] = strip_tags($_POST['formulize_cacheddata']);
// process a clicked custom button
// must do this before gathering the data!
$messageText = "";
if (isset($_POST['caid']) and $screen and $formulize_LOESecurityPassed) {
$customButtonDetails = $screen->getVar('customactions');
if (is_numeric($_POST['caid']) and isset($customButtonDetails[$_POST['caid']])) {
list($caCode, $caElements, $caActions, $caValues, $caMessageText, $caApplyTo, $caPHP, $caInline) = processCustomButton($_POST['caid'], $customButtonDetails[$_POST['caid']]);
// just processing to get the info so we can process the click. Actual output of this button happens lower down
$messageText = processClickedCustomButton($caElements, $caValues, $caActions, $caMessageText, $caApplyTo, $caPHP, $caInline);
}
}
if ($_POST['ventry']) {
// user clicked on a view this entry link
include_once XOOPS_ROOT_PATH . '/modules/formulize/include/formdisplay.php';
if ($_POST['ventry'] == "addnew" or $_POST['ventry'] == "single") {
$this_ent = "";
} elseif ($_POST['ventry'] == "proxy") {
$this_ent = "proxy";
} else {
$this_ent = $_POST['ventry'];
}
if ($screen and $screen->getVar("viewentryscreen") != "none" and $screen->getVar("viewentryscreen") or $_POST['overridescreen']) {
if (strstr($screen->getVar("viewentryscreen"), "p")) {
// if there's a p in the specified viewentryscreen, then it's a pageworks page -- added April 16 2009 by jwe
$page = intval(substr($screen->getVar("viewentryscreen"), 1));
include XOOPS_ROOT_PATH . "/modules/pageworks/index.php";
return;
} else {
$screen_handler = xoops_getmodulehandler('screen', 'formulize');
if ($_POST['overridescreen']) {
$screenToLoad = intval($_POST['overridescreen']);
} else {
$screenToLoad = intval($screen->getVar('viewentryscreen'));
}
$viewEntryScreenObject = $screen_handler->get($screenToLoad);
if ($viewEntryScreenObject->getVar('type') == "listOfEntries") {
exit("You're sending the user to a list of entries screen instead of some kind of form screen, when they're editing an entry. Check what screen is defined as the screen to use for editing an entry, or what screen id you're using in the viewEntryLink or viewEntryButton functions in the template.");
}
$viewEntryScreen_handler = xoops_getmodulehandler($viewEntryScreenObject->getVar('type') . 'Screen', 'formulize');
$displayScreen = $viewEntryScreen_handler->get($viewEntryScreenObject->getVar('sid'));
if ($displayScreen->getVar('type') == "form") {
if ($_POST['ventry'] != "single") {
$displayScreen->setVar('reloadblank', 1);
// if the user clicked the add multiple button, then specifically override that screen setting so they can make multiple entries
} else {
$displayScreen->setVar('reloadblank', 0);
// otherwise, if they did click the single button, make sure the form reloads with their entry
}
}
$viewEntryScreen_handler->render($displayScreen, $this_ent, $settings);
global $renderedFormulizeScreen;
// picked up at the end of initialize.php so we set the right info in the template when the whole page is rendered
$renderedFormulizeScreen = $displayScreen;
return;
}
} else {
if ($_POST['ventry'] != "single") {
if ($frid) {
displayForm($frid, $this_ent, $fid, $currentURL, "", $settings, "", "", "", "", $viewallforms);
// "" is the done text
return;
} else {
displayForm($fid, $this_ent, "", $currentURL, "", $settings, "", "", "", "", $viewallforms);
// "" is the done text
return;
}
} else {
// if a single entry was requested for a form that can have multiple entries, then specifically override the multiple entry UI (which causes a blank form to appear on save)
if ($frid) {
displayForm($frid, $this_ent, $fid, $currentURL, "", $settings, "", "", "1", "", $viewallforms);
// "" is the done text
return;
} else {
displayForm($fid, $this_ent, "", $currentURL, "", $settings, "", "", "1", "", $viewallforms);
// "" is the done text
return;
}
}
}
// end of "if there's a viewentryscreen, then show that"
}
// check if we're coming back from a page where a form entry was saved, and if so, synch any subform blanks that might have been written on this page load, synch them with the mainform entry that was written
$formToSynch = isset($_POST['primaryfid']) ? intval($_POST['primaryfid']) : 0;
if ($formToSynch) {
if (isset($_POST['entry' . $formToSynch]) and $enryToSynch = $_POST['entry' . $formToSynch]) {
synchSubformBlankDefaults($formToSynch, $entryToSynch);
}
}
include_once XOOPS_ROOT_PATH . "/modules/formulize/include/extract.php";
// create $data and $wq (writable query)
formulize_benchmark("before gathering dataset");
list($data, $wq, $regeneratePageNumbers) = formulize_gatherDataSet($settings, $searches, strip_tags($_POST['sort']), strip_tags($_POST['order']), $frid, $fid, $scope, $screen, $currentURL, intval($_POST['forcequery']));
formulize_benchmark("after gathering dataset/before generating calcs");
if ($settings['calc_cols'] and !$settings['hcalc']) {
//formulize_benchmark("before performing calcs");
$ccols = explode("/", $settings['calc_cols']);
$ccalcs = explode("/", $settings['calc_calcs']);
$cblanks = explode("/", $settings['calc_blanks']);
$cgrouping = explode("/", $settings['calc_grouping']);
$cResults = performCalcs($ccols, $ccalcs, $cblanks, $cgrouping, $frid, $fid);
}
//formulize_benchmark("after performing calcs");
formulize_benchmark("after generating calcs/before creating pagenav");
$formulize_LOEPageNav = formulize_LOEbuildPageNav($data, $screen, $regeneratePageNumbers);
formulize_benchmark("after nav/before interface");
$formulize_buttonCodeArray = array();
list($formulize_buttonCodeArray) = drawInterface($settings, $fid, $frid, $groups, $mid, $gperm_handler, $loadview, $loadOnlyView, $screen, $searches, $formulize_LOEPageNav, $messageText, $hiddenQuickSearches);
// if there is messageText and no custom top template, and no messageText variable in the bottom template, then we have to output the message text here
if ($screen and $messageText) {
if (trim($screen->getTemplate('toptemplate')) == "" and !strstr($screen->getTemplate('bottomtemplate'), 'messageText')) {
print "<p><center><b>{$messageText}</b></center></p>\n";
}
}
formulize_benchmark("before entries");
drawEntries($fid, $showcols, $searches, $frid, $scope, "", $currentURL, $gperm_handler, $uid, $mid, $groups, $settings, $member_handler, $screen, $data, $wq, $regeneratePageNumbers, $hiddenQuickSearches, $cResults);
// , $loadview); // -- loadview not passed any longer since the lockcontrols indicator is used to handle whether things should appear or not.
formulize_benchmark("after entries");
if ($screen) {
formulize_screenLOETemplate($screen, "bottom", $formulize_buttonCodeArray, $settings);
} else {
print $formulize_LOEPageNav;
// redraw page numbers if there is no screen in effect
}
if (isset($formulize_buttonCodeArray['submitButton'])) {
// if a custom top template was in effect, this will have been sent back, so now we display it at the very bottom of the form so it doesn't take up a visible amount of space above (the submitButton is invisible, but does take up space)
print "<p class=\"formulize_customTemplateSubmitButton\">" . $formulize_buttonCodeArray['submitButton'] . "</p>";
}
print "</form>\n";
// end of the form started in drawInterface
print "</div>\n";
// end of the listofentries div, used to call up the working message when the page is reloading, started in drawInterface
}
function do_update($object, $subaction, $list)
{
global $gbl, $sgbl, $login, $ghtml;
$class = lget_class($object);
$param = $ghtml->createCurrentParam($class);
if ($list) {
$param['_accountselect'] = $list;
}
$oldvlist = $object->updateform($subaction, $param);
if ($class !== 'lxbackup') {
security_check($oldvlist, $param);
}
return do_desc_update($object, $subaction, $param);
}
function displayGrid($fid, $entry = "", $rowcaps, $colcaps, $title = "", $orientation = "horizontal", $startID = "first", $finalCell = "", $finalRow = "", $calledInternal = false, $screen = null, $headingAtSide = "")
{
include_once XOOPS_ROOT_PATH . '/modules/formulize/include/functions.php';
include_once XOOPS_ROOT_PATH . '/modules/formulize/include/elementdisplay.php';
include_once XOOPS_ROOT_PATH . '/modules/formulize/class/data.php';
global $xoopsUser, $xoopsDB;
$numcols = count($colcaps);
if (is_array($finalCell)) {
$numcols = $numcols + 2;
} else {
$numcols = $numcols + 1;
}
$numrows = count($rowcaps);
$actual_numrows = count(array_filter($rowcaps));
# count non-null row captions
if ($title == "{FORMTITLE}") {
$title = trans(getFormTitle($fid));
} else {
$title = trans($title);
}
$currentURL = getCurrentURL();
$uid = $xoopsUser ? $xoopsUser->getVar('uid') : '0';
$mid = getFormulizeModId();
$gperm_handler =& xoops_gethandler('groupperm');
$owner = getEntryOwner($entry, $fid);
$member_handler =& xoops_gethandler('member');
//$owner_groups = $owner ? $member_handler->getGroupsByUser($owner, FALSE) : array(0=>XOOPS_GROUP_ANONYMOUS);
$data_handler = new formulizeDataHandler($fid);
$owner_groups = $owner ? $data_handler->getEntryOwnerGroups($entry) : array(0 => XOOPS_GROUP_ANONYMOUS);
$groups = $xoopsUser ? $xoopsUser->getGroups() : array(0 => XOOPS_GROUP_ANONYMOUS);
if (!$calledInternal) {
if (!($scheck = security_check($fid, $entry, $uid, $owner, $groups, $mid, $gperm_handler))) {
print "<p>" . _NO_PERM . "</p>";
return;
}
}
// determine if the form is a single entry form and so whether an entry already exists for this form...
$single_result = getSingle($fid, $uid, $groups, $member_handler, $gperm_handler, $mid);
$single = $single_result['flag'];
if ($single and !$entry) {
$entry = $single_result['entry'];
}
if (!$entry) {
$entry = "new";
}
// figure out where we are supposed to start in the form
if (!is_numeric($startID) and $startID !== "first") {
$order_query = q("SELECT ele_order FROM " . $xoopsDB->prefix("formulize") . " WHERE ele_caption = \"{$startID}\" AND id_form=\"{$fid}\"");
} elseif ($startID === "first") {
// get the ele_id of the element with the lowest weight
$order_query = q("SELECT ele_order FROM " . $xoopsDB->prefix("formulize") . " WHERE id_form=\"{$fid}\" ORDER BY ele_order LIMIT 0,1");
} else {
$order_query = q("SELECT ele_order FROM " . $xoopsDB->prefix("formulize") . " WHERE id_form=\"{$fid}\" AND ele_id =\"{$startID}\"");
}
$starting_order = $order_query[0]['ele_order'];
// gather the element IDs that are to be displayed, in order (include to the end of the form, whereas we actually only will display until we run out of cells)
$element_ids_query = q("SELECT ele_id FROM " . $xoopsDB->prefix("formulize") . " WHERE ele_order >= '{$starting_order}' AND id_form='{$fid}' AND ele_type != 'subform' ORDER BY ele_order");
// initialize form
if (!$calledInternal) {
print $GLOBALS['xoopsSecurity']->getTokenHTML();
}
// start buffering the output
ob_start();
// set the title row
if ($headingAtSide) {
$gridContents[0] = $title;
$class = "even";
print "<table class='outer'>\n<tr>";
if ($actual_numrows > 0) {
echo "<td class=head></td>";
}
} else {
print "<table class=outer>\n";
$class = "head";
if ($title) {
print "<tr><th colspan='{$numcols}'>{$title}</th></tr>\n";
}
print "<tr>\n<td class=\"head\"> </td>\n";
}
// draw top row
foreach ($colcaps as $thiscap) {
if ($headingAtSide) {
print "<td class=head>{$thiscap}</td>\n";
} else {
if ($orientation == "vertical" and $class == "even" and !$headingAtSide) {
// only alternate rows
$class = "odd";
} elseif ($orientation == "vertical") {
$class = "even";
}
print "<td class={$class}>{$thiscap}</td>\n";
}
}
if (is_array($finalCell)) {
// draw blank header for last column if there is such a thing
print "<td class=head> </td>\n";
}
print "</tr>\n";
// draw regular rows
$class = "head";
$row_index = 0;
$ele_index = 0;
foreach ($rowcaps as $thiscap) {
if ($orientation == "horizontal" and $class == "even") {
$class = "odd";
} elseif ($orientation == "horizontal") {
$class = "even";
} else {
$class = "head";
}
print "<tr>\n";
if ($headingAtSide) {
if ($actual_numrows > 0) {
print "<td class=\"head\">{$thiscap}</td>\n";
}
} else {
print "<td class={$class}>{$thiscap}</td>\n";
}
foreach ($colcaps as $thiscolcap) {
if ($orientation == "vertical" and $class == "even") {
$class = "odd";
} elseif ($orientation == "vertical") {
$class = "even";
}
print "<td class={$class}>\n";
// display the element starting with the initial one. Keep trying to display something until we're successful (displaying the element might fail if the user does not have permission to view (based on which groups are allowed to view this element)
$rendered = "start";
while ($rendered != "rendered" and $rendered != "rendered-disabled" and isset($element_ids_query[$ele_index])) {
$rendered = displayElement("", $element_ids_query[$ele_index]['ele_id'], $entry, false, $screen);
$ele_index++;
}
if ($rendered != "rendered" and $rendered != "rendered-disabled") {
print " ";
}
print "</td>\n";
}
if (is_array($finalCell)) {
// draw final cell values if they exist
if ($orientation == "vertical") {
$class = "head";
}
if ($finalCell[$row_index]) {
print "<td class={$class}>" . $finalCell[$row_index] . "</td>\n";
} else {
print "<td class={$class}> </td>\n";
}
}
print "</tr>\n";
$row_index++;
}
// draw final row if necessary
if ($finalRow) {
print "<tr>{$finalRow}</tr>\n";
}
print "</table>";
$gridContents[1] = trans(ob_get_clean());
if ($headingAtSide === "") {
// if $headingAtSide is "" (not false) then we print out the grid contents here. Only pass back contents if $headingAtSide is specified as true or false (presumably by the formdisplay.php file), since otherwise for backwards compatibility we need to printout contents here because that's what the behaviour used to be.
print $gridContents[1];
} elseif ($headingAtSide) {
return $gridContents;
} else {
return $gridContents[1];
}
}
// take the single value if there's only one, same as display function does
}
$GLOBALS['formulize_asynchronousFormDataInAPIFormat'][$passedEntryId][$handle] = $apiFormatValue;
}
}
$elementObject = $element_handler->get($elementId);
$html = "";
if ($onetoonekey) {
// the onetoonekey is what changed, not a regular conditional element, so in that case, we need to re-determine the entryId that we should be displaying
// rebuild entries and fids so it only has the main form entry in it, since we want to get the correct other one-to-one entries back
$onetooneentries = array($onetoonefid => array($onetooneentries[$onetoonefid][0]));
$onetoonefids = array($onetoonefid);
$checkForLinksResults = checkForLinks($onetoonefrid, $onetoonefids, $onetoonefid, $onetooneentries);
$entryId = $checkForLinksResults['entries'][$elementObject->getVar('id_form')][0];
}
if (security_check($fid, $entryId)) {
// "" is framework, ie: not applicable
$deReturnValue = displayElement("", $elementObject, $entryId, false, null, null, false);
// false, null, null, false means it's not a noSave element, no screen, no prevEntry data passed in, and do not render the element on screen
if (is_array($deReturnValue)) {
$form_ele = $deReturnValue[0];
$isDisabled = $deReturnValue[1];
$label_class = " formulize-label-" . $elementObject->getVar("ele_handle");
$input_class = " formulize-input-" . $elementObject->getVar("ele_handle");
// rendered HTML code below is taken from the formulize classes at the top of include/formdisplay.php
if ($elementObject->getVar('ele_type') == "ib") {
// if it's a break, handle it differently...
$class = $form_ele[1] != '' ? " class='" . $form_ele[1] . "'" : '';
if ($form_ele[0]) {
$html = "<td colspan='2' {$class}><div style=\"font-weight: normal;\">" . trans(stripslashes($form_ele[0])) . "</div></td>";
} else {
} else {
$docbar->icon_list['delete']['show'] = false;
}
if ($id) {
$docbar->icon_list['go_up'] = array('show' => true, 'icon' => 'actions/go-up.png', 'params' => 'onclick="dirAction(\'go_up\')"', 'text' => 'Up', 'order' => 2);
}
if ($_REQUEST['action'] != 'search') {
$fieldset_content .= $docbar->build_toolbar() . chr(10);
}
// build the table contents
$doc_cnt = 0;
$fieldset_content .= '<table class="ui-widget" style="border-collapse:collapse;width:100%"><tbody class="ui-widget-content">' . chr(10);
$fieldset_content .= ' <tr>' . $list_header . '</tr>' . chr(10);
$odd = true;
while (!$query_result->EOF) {
if (security_check($query_result->fields['security'])) {
$folder = $query_result->fields['doc_type'] == '0' ? true : false;
$fieldset_content .= ' <tr class="' . ($odd ? 'odd' : 'even') . '" style="cursor:pointer">' . chr(10);
$fieldset_content .= ' <td onclick="fetch_doc(' . $query_result->fields['id'] . ')">' . html_icon(get_mime_image($query_result->fields['doc_ext'], $folder), '', 'small') . '</td>' . chr(10);
$fieldset_content .= ' <td onclick="fetch_doc(' . $query_result->fields['id'] . ')">' . $query_result->fields['doc_title'] . '</td>' . chr(10);
$fieldset_content .= ' <td align="right"> ' . ' ' . '</td>' . chr(10);
// action space
$fieldset_content .= ' </tr>' . chr(10);
$doc_cnt++;
$odd = !$odd;
}
$query_result->MoveNext();
}
if ($doc_cnt > 0) {
$fieldset_content .= '</tbody></table>' . chr(10);
$fieldset_content .= '<div style="height:19px">' . $query_split->display_count(TEXT_DISPLAY_NUMBER . TEXT_FILES) . chr(10);
function displayFormPages($formframe, $entry = "", $mainform = "", $pages, $conditions = "", $introtext = "", $thankstext = "", $done_dest = "", $button_text = "", $settings = "", $overrideValue = "", $printall = 0, $screen = null, $saveAndContinueButtonText = null)
{
// nmc 2007.03.24 - added 'printall'
formulize_benchmark("Start of displayFormPages.");
// extract the optional page titles from the $pages array for use in the jump to box
// NOTE: pageTitles array must start with key 1, not 0. Page 1 is the first page of the form
$pageTitles = array();
if (isset($pages['titles'])) {
$pageTitles = $pages['titles'];
unset($pages['titles']);
}
if (!$saveAndContinueButtonText and isset($_POST['formulize_saveAndContinueButtonText'])) {
$saveAndContinueButtonText = unserialize($_POST['formulize_saveAndContinueButtonText']);
}
if (!$done_dest and $_POST['formulize_doneDest']) {
$done_dest = $_POST['formulize_doneDest'];
}
if (!$button_text and $_POST['formulize_buttonText']) {
$button_text = $_POST['formulize_buttonText'];
}
list($fid, $frid) = getFormFramework($formframe, $mainform);
$thankstext = $thankstext ? $thankstext : _formulize_DMULTI_THANKS;
$introtext = $introtext ? $introtext : "";
global $xoopsUser;
$mid = getFormulizeModId();
$groups = $xoopsUser ? $xoopsUser->getGroups() : array(0 => XOOPS_GROUP_ANONYMOUS);
$uid = $xoopsUser ? $xoopsUser->getVar('uid') : 0;
$gperm_handler =& xoops_gethandler('groupperm');
$member_handler =& xoops_gethandler('member');
$single_result = getSingle($fid, $uid, $groups, $member_handler, $gperm_handler, $mid);
// if this function was called without an entry specified, then assume the identity of the entry we're editing (unless this is a new save, in which case no entry has been made yet)
// no handling of cookies here, so anonymous multi-page surveys will not benefit from that feature
// this emphasizes how we need to standardize a lot of these interfaces with a real class system
if (!$entry and $_POST['entry' . $fid]) {
$entry = $_POST['entry' . $fid];
} elseif (!$entry) {
// or check getSingle to see what the real entry is
$entry = $single_result['flag'] ? $single_result['entry'] : 0;
}
// formulize_newEntryIds is set when saving data
if (!$entry and isset($GLOBALS['formulize_newEntryIds'][$fid])) {
$entry = $GLOBALS['formulize_newEntryIds'][$fid][0];
}
$owner = getEntryOwner($entry, $fid);
$prevPage = isset($_POST['formulize_prevPage']) ? $_POST['formulize_prevPage'] : 1;
// last page that the user was on, not necessarily the previous page numerically
$currentPage = isset($_POST['formulize_currentPage']) ? $_POST['formulize_currentPage'] : 1;
$thanksPage = count($pages) + 1;
// debug control:
$currentPage = (isset($_GET['debugpage']) and is_numeric($_GET['debugpage'])) ? $_GET['debugpage'] : $currentPage;
$usersCanSave = formulizePermHandler::user_can_edit_entry($fid, $uid, $entry);
if ($pages[$prevPage][0] !== "HTML" and $pages[$prevPage][0] !== "PHP") {
// remember prevPage is the last page the user was on, not the previous page numerically
if (isset($_POST['form_submitted']) and $usersCanSave) {
include_once XOOPS_ROOT_PATH . "/modules/formulize/include/formread.php";
include_once XOOPS_ROOT_PATH . "/modules/formulize/include/functions.php";
include_once XOOPS_ROOT_PATH . "/modules/formulize/class/data.php";
//$owner_groups =& $member_handler->getGroupsByUser($owner, FALSE);
$data_handler = new formulizeDataHandler($fid);
$owner_groups = $data_handler->getEntryOwnerGroups($entry);
$entries[$fid][0] = $entry;
if ($frid) {
$linkResults = checkForLinks($frid, array(0 => $fid), $fid, $entries, $gperm_handler, $owner_groups, $mid, $member_handler, $owner);
unset($entries);
$entries = $linkResults['entries'];
}
$entries = $GLOBALS['formulize_allWrittenEntryIds'];
// set in readelements.php
// if there has been no specific entry specified yet, then assume the identity of the entry that was just saved -- assumption is it will be a new save
// from this point forward in time, this is the only entry that should be involved, since the 'entry'.$fid condition above will put this value into $entry even if this function was called with a blank entry value
if (!$entry) {
$entry = $entries[$fid][0];
}
synchSubformBlankDefaults($fid, $entry);
}
}
// there are several points above where $entry is set, and now that we have a final value, store in ventry
if ($entry > 0) {
$settings['ventry'] = $entry;
}
// check to see if there are conditions on this page, and if so are they met
// if the conditions are not met, move on to the next page and repeat the condition check
// conditions only checked once there is an entry!
$pagesSkipped = false;
if (is_array($conditions) and $entry) {
$conditionsMet = false;
while (!$conditionsMet) {
if (isset($conditions[$currentPage]) and count($conditions[$currentPage][0]) > 0) {
// conditions on the current page
$thesecons = $conditions[$currentPage];
$elements = $thesecons[0];
$ops = $thesecons[1];
$terms = $thesecons[2];
$types = $thesecons[3];
// indicates if the term is part of a must or may set, ie: boolean and or or
$filter = "";
$oomfilter = "";
$blankORSearch = "";
foreach ($elements as $i => $thisElement) {
if ($ops[$i] == "NOT") {
$ops[$i] = "!=";
}
if ($terms[$i] == "{BLANK}") {
// NOTE...USE OF BLANKS WON'T WORK CLEANLY IN ALL CASES DEPENDING WHAT OTHER TERMS HAVE BEEN SPECIFIED!!
if ($ops[$i] == "!=" or $ops[$i] == "NOT LIKE") {
if ($types[$i] != "oom") {
// add to the main filter, ie: entry id = 1 AND x=5 AND y IS NOT "" AND y IS NOT NULL
if (!$filter) {
$filter = $entry . "][" . $elements[$i] . "/**//**/!=][" . $elements[$i] . "/**//**/IS NOT NULL";
} else {
$filter .= "][" . $elements[$i] . "/**//**/!=][" . $elements[$i] . "/**//**/IS NOT NULL";
}
} else {
// Add to the OOM filter, ie: entry id = 1 AND (x=5 OR y IS NOT "" OR y IS NOT NULL)
if (!$oomfilter) {
$oomfilter = $elements[$i] . "/**//**/=][" . $elements[$i] . "/**//**/IS NULL";
} else {
$oomfilter .= "][" . $elements[$i] . "/**//**/=][" . $elements[$i] . "/**//**/IS NULL";
}
}
} else {
if ($types[$i] != "oom") {
// add to its own OR filter, since we MUST match this condition, but we don't care if it's "" OR NULL
// ie: entry id = 1 AND (x=5 OR y=10) AND (z = "" OR z IS NULL)
if (!$blankORSearch) {
$blankORSearch = $elements[$i] . "/**//**/=][" . $elements[$i] . "/**//**/IS NULL";
} else {
$blankORSearch .= "][" . $elements[$i] . "/**//**/=][" . $elements[$i] . "/**//**/IS NULL";
}
} else {
// it's part of the oom filters anyway, so we put it there, because we don't care if it's null or "" or neither
if (!$oomfilter) {
$oomfilter = $elements[$i] . "/**//**/=][" . $elements[$i] . "/**//**/IS NULL";
} else {
$oomfilter .= "][" . $elements[$i] . "/**//**/=][" . $elements[$i] . "/**//**/IS NULL";
}
}
}
} elseif ($types[$i] == "oom") {
if (!$oomfilter) {
$oomfilter = $elements[$i] . "/**/" . trans($terms[$i]) . "/**/" . $ops[$i];
} else {
$oomfilter .= "][" . $elements[$i] . "/**/" . trans($terms[$i]) . "/**/" . $ops[$i];
}
} else {
if (!$filter) {
$filter = $entry . "][" . $elements[$i] . "/**/" . trans($terms[$i]) . "/**/" . $ops[$i];
} else {
$filter .= "][" . $elements[$i] . "/**/" . trans($terms[$i]) . "/**/" . $ops[$i];
}
}
}
if ($oomfilter and $filter) {
$finalFilter = array();
$finalFilter[0][0] = "AND";
$finalFilter[0][1] = $filter;
$finalFilter[1][0] = "OR";
$finalFilter[1][1] = $oomfilter;
if ($blankORSearch) {
$finalFilter[2][0] = "OR";
$finalFilter[2][1] = $blankORSearch;
}
} elseif ($oomfilter) {
// need to add the $entry as a separate filter from the oom, so the entry and oom get an AND in between them
$finalFilter = array();
$finalFilter[0][0] = "AND";
$finalFilter[0][1] = $entry;
$finalFilter[1][0] = "OR";
$finalFilter[1][1] = $oomfilter;
if ($blankORSearch) {
$finalFilter[2][0] = "OR";
$finalFilter[2][1] = $blankORSearch;
}
} else {
if ($blankORSearch) {
$finalFilter[0][0] = "AND";
$finalFilter[0][1] = $filter ? $filter : $entry;
$finalFilter[1][0] = "OR";
$finalFilter[1][1] = $blankORSearch;
} else {
$finalFilter = $filter;
}
}
$masterBoolean = "AND";
include_once XOOPS_ROOT_PATH . "/modules/formulize/include/extract.php";
$data = getData($frid, $fid, $finalFilter, $masterBoolean, "", "", "", "", "", false, 0, false, "", false, true);
if (!$data) {
if ($prevPage <= $currentPage) {
$currentPage++;
} else {
$currentPage--;
}
$pagesSkipped = true;
} else {
$conditionsMet = true;
}
} else {
// no conditions on the current page
$conditionsMet = true;
}
}
}
if ($currentPage > 1) {
$previousPage = $currentPage - 1;
// previous page numerically
} else {
$previousPage = "none";
}
$nextPage = $currentPage + 1;
$done_dest = $done_dest ? $done_dest : getCurrentURL();
$done_dest = substr($done_dest, 0, 4) == "http" ? $done_dest : "http://" . $done_dest;
// Set up the javascript that we need for the form-submit functionality to work
// note that validateAndSubmit calls the form validation function again, but obviously it will pass if it passed here. The validation needs to be called prior to setting the pages, or else you can end up on the wrong page after clicking an ADD button in a subform when you've missed a required field.
// savedPage and savedPrevPage are used to pick up the page and prevpage only when a two step validation, such as checking for uniqueness, returns and calls validateAndSubmit again
?>
<script type='text/javascript'>
var savedPage;
var savedPrevPage;
function submitForm(page, prevpage) {
var validate = xoopsFormValidate_formulize();
if(validate) {
savedPage = 0;
savedPrevPage = 0;
multipageSetHiddenFields(page, prevpage);
if (formulizechanged) {
validateAndSubmit();
} else {
jQuery("#formulizeform").animate({opacity:0.4}, 200, "linear");
jQuery("input[name^='decue_']").remove();
// 'rewritePage' will trigger the page to change after the locks have been removed
removeEntryLocks('rewritePage');
}
} else {
savedPage = page;
savedPrevPage = prevpage;
}
}
function multipageSetHiddenFields(page, prevpage) {
<?php
// neuter the ventry which is the key thing that keeps us on the form page,
// if in fact we just came from a list screen of some kind.
// need to use an unusual selector, because something about selecting by id wasn't working,
// apparently may be related to setting actions on forms with certain versions of jQuery?
print "\r\n\t\t\tif(page == {$thanksPage}) {\r\n\t\t\t\twindow.document.formulize.ventry.value = '';\r\n\t\t\t\tjQuery('form[name=formulize]').attr('action', '{$done_dest}');\r\n }\r\n";
?>
window.document.formulize.formulize_currentPage.value = page;
window.document.formulize.formulize_prevPage.value = prevpage;
window.document.formulize.formulize_doneDest.value = '<?php
print $done_dest;
?>
';
window.document.formulize.formulize_buttonText.value = '<?php
print $button_text;
?>
';
}
function pageJump(options, prevpage) {
for (var i=0; i < options.length; i++) {
if (options[i].selected) {
submitForm(options[i].value, prevpage);
return false;
}
}
}
</script><noscript>
<h1>You do not have javascript enabled in your web browser. This form will not work with your web browser. Please contact the webmaster for assistance.</h1>
</noscript>
<?php
if ($currentPage == $thanksPage) {
if ($screen and $screen->getVar('finishisdone')) {
print "<script type='text/javascript'>location = '{$done_dest}';</script>";
return;
// if we've ended up on the thanks page via conditions (last page was not shown) then we should just bail if there is not supposed to be a thanks page
}
if (is_array($thankstext)) {
if ($thankstext[0] === "PHP") {
eval($thankstext[1]);
} else {
print $thankstext[1];
}
} else {
// HTML
print html_entity_decode($thankstext);
}
print "<br><hr><br><div id=\"thankYouNavigation\"><p><center>\n";
if ($pagesSkipped) {
print _formulize_DMULTI_SKIP . "</p><p>\n";
}
$button_text = $button_text ? $button_text : _formulize_DMULTI_ALLDONE;
if ($button_text != "{NOBUTTON}") {
print "<a href='{$done_dest}'";
if (is_array($settings)) {
print " onclick=\"javascript:window.document.calreturnform.submit();return false;\"";
}
print ">" . $button_text . "</a>\n";
}
print "</center></p></div>";
if (is_array($settings)) {
print "<form name=calreturnform action=\"{$done_dest}\" method=post>\n";
writeHiddenSettings($settings);
print "</form>";
}
}
if ($currentPage == 1 and $pages[1][0] !== "HTML" and $pages[1][0] !== "PHP" and !$_POST['goto_sfid']) {
// only show intro text on first page if there's actually a form there
print html_entity_decode(html_entity_decode($introtext));
}
unset($_POST['form_submitted']);
// display an HTML or PHP page if that's what this page is...
if ($currentPage != $thanksPage and ($pages[$currentPage][0] === "HTML" or $pages[$currentPage][0] === "PHP")) {
// PHP
if ($pages[$currentPage][0] === "PHP") {
eval($pages[$currentPage][1]);
// HTML
} else {
print $pages[$currentPage][1];
}
// put in the form that passes the entry, page we're going to and page we were on
include_once XOOPS_ROOT_PATH . "/modules/formulize/include/functions.php";
?>
<form name=formulize id=formulize action=<?php
print getCurrentURL();
?>
method=post>
<input type=hidden name=entry<?php
print $fid;
?>
id=entry<?php
print $fid;
?>
value=<?php
print $entry;
?>
>
<input type=hidden name=formulize_currentPage id=formulize_currentPage value="">
<input type=hidden name=formulize_prevPage id=formulize_prevPage value="">
writeHiddenSettings($settings);
</form>
<script type="text/javascript">
function validateAndSubmit() {
window.document.formulize.submit();
}
</script>
<?php
}
// display a form if that's what this page is...
if ($currentPage != $thanksPage and $pages[$currentPage][0] !== "HTML" and $pages[$currentPage][0] !== "PHP") {
$buttonArray = array(0 => "{NOBUTTON}", 1 => "{NOBUTTON}");
foreach ($pages[$currentPage] as $element) {
$elements_allowed[] = $element;
}
$forminfo['elements'] = $elements_allowed;
$forminfo['formframe'] = $formframe;
$titleOverride = isset($pageTitles[$currentPage]) ? trans($pageTitles[$currentPage]) : "all";
// we can pass in any text value as the titleOverride, and it will have the same effect as "all", but the alternate text will be used as the title for the form
$GLOBALS['nosubforms'] = true;
// subforms cannot have a view button on multipage forms, since moving to a sub causes total confusion of which entry and fid you are looking at
$settings['formulize_currentPage'] = $currentPage;
$settings['formulize_prevPage'] = $currentPage;
// now that we're done everything else, we can send the current page as the previous page when initializing the form. Javascript will set the true value prior to submission.
formulize_benchmark("Before drawing nav.");
$previousButtonText = (is_array($saveAndContinueButtonText) and isset($saveAndContinueButtonText['previousButtonText'])) ? $saveAndContinueButtonText['previousButtonText'] : _formulize_DMULTI_PREV;
if ($usersCanSave and $nextPage == $thanksPage) {
$nextButtonText = (is_array($saveAndContinueButtonText) and $saveAndContinueButtonText['saveButtonText']) ? $saveAndContinueButtonText['saveButtonText'] : _formulize_DMULTI_SAVE;
} else {
$nextButtonText = (is_array($saveAndContinueButtonText) and $saveAndContinueButtonText['nextButtonText']) ? $saveAndContinueButtonText['nextButtonText'] : _formulize_DMULTI_NEXT;
}
$previousPageButton = generatePrevNextButtonMarkup("prev", $previousButtonText, $usersCanSave, $nextPage, $previousPage, $thanksPage);
$nextPageButton = generatePrevNextButtonMarkup("next", $nextButtonText, $usersCanSave, $nextPage, $previousPage, $thanksPage);
$savePageButton = generatePrevNextButtonMarkup("save", _formulize_SAVE, $usersCanSave, $nextPage, $previousPage, $thanksPage);
$totalPages = count($pages);
$skippedPageMessage = $pagesSkipped ? _formulize_DMULTI_SKIP : "";
$pageSelectionList = pageSelectionList($currentPage, $totalPages, $pageTitles, "above");
// calling for the 'above' drawPageNav
// setting up the basic templateVars for all templates
$templateVariables = array('previousPageButton' => $previousPageButton, 'nextPageButton' => $nextPageButton, 'savePageButton' => $savePageButton, 'totalPages' => $totalPages, 'currentPage' => $currentPage, 'skippedPageMessage' => $skippedPageMessage, 'pageSelectionList' => $pageSelectionList, 'pageTitles' => $pageTitles, 'entry_id' => $entry, 'form_id' => $fid, 'owner' => $owner);
print "<form name=\"pageNavOptions_above\" id=\"pageNavOptions_above\">\n";
if ($screen and $toptemplate = $screen->getTemplate('toptemplate')) {
formulize_renderTemplate('toptemplate', $templateVariables, $screen->getVar('sid'));
} else {
drawPageNav($usersCanSave, $currentPage, $totalPages, "above", $nextPageButton, $previousPageButton, $skippedPageMessage, $pageSelectionList);
}
print "</form>";
formulize_benchmark("After drawing nav/before displayForm.");
// need to check for the existence of an elementtemplate property in the screen, like we did with the top and bottom templates
// if there's an eleemnt template, then do this loop, otherwise, do the displayForm call like normal
if ($screen and $elementtemplate = $screen->getTemplate('elementtemplate')) {
// Code added by Julian 2012-09-04 and Gordon Woodmansey 2012-09-05 to render the elementtemplate
if (!security_check($fid, $entry)) {
exit;
}
// start the form manually...
$formObjectForRequiredJS = new formulize_themeForm('form object for required js', 'formulize', getCurrentURL(), "post", true);
$element_handler = xoops_getmodulehandler('elements', 'formulize');
print "<div id='formulizeform'><form id='formulize' name='formulize' action='" . getCurrentURL() . "' method='post' onsubmit='return xoopsFormValidate_formulize();' enctype='multipart/form-data'>";
foreach ($elements_allowed as $thisElement) {
// entry is a recordid, $thisElement is the element id
// to get the conditional logic to be captured, we should buffer the drawing of the displayElement, and then output that later, because when displayElement does NOT return an object, then we get conditional logic -- subform rendering does it this way
unset($form_ele);
// previously set elements may linger when added to the form object, due to assignment of objects by reference or something odd like that...legacy of old code in the form class I think
$deReturnValue = displayElement("", $thisElement, $entry, false, $screen, null, false);
if (is_array($deReturnValue)) {
$form_ele = $deReturnValue[0];
$isDisabled = $deReturnValue[1];
if (isset($deReturnValue[2])) {
$hiddenElements = $deReturnValue[2];
}
} else {
$form_ele = $deReturnValue;
$isDisabled = false;
}
if ($form_ele == "not_allowed") {
continue;
} elseif ($form_ele == "hidden") {
$cueEntryValue = $entry ? $entry : "new";
$cueElement = new xoopsFormHidden("decue_" . $fid . "_" . $cueEntryValue . "_" . $thisElement, 1);
print $cueElement->render();
if (is_array($hiddenElements)) {
foreach ($hiddenElements as $thisHiddenElement) {
if ($is_object($thisHiddenElement)) {
print $thisHiddenElement->render() . "\n";
}
}
} elseif (is_object($hiddenElements)) {
print $hiddenElements->render() . "\n";
}
continue;
} else {
$thisElementObject = $element_handler->get($thisElement);
$req = !$isDisabled ? intval($thisElementObject->getVar('ele_req')) : 0;
$formObjectForRequiredJS->addElement($form_ele, $req);
$elementMarkup = $form_ele->render();
$elementCaption = displayCaption("", $thisElement);
$elementDescription = displayDescription("", $thisElement);
$templateVariables['elementObjectForRendering'] = $form_ele;
$templateVariables['elementCaption'] = $elementCaption;
// here we can assume that the $previousPageButton etc has not be changed before rendering
$templateVariables['elementMarkup'] = $elementMarkup;
$templateVariables['elementDescription'] = $elementDescription;
$templateVariables['element_id'] = $thisElement;
formulize_renderTemplate('elementtemplate', $templateVariables, $screen->getVar('sid'));
}
}
// now we also need to add in some bits that are necessary for the form submission logic to work...borrowed from parts of formdisplay.php mostly...this should be put together into a more distinct rendering system for forms, so we can call the pieces as needed
print "<input type=hidden name=formulize_currentPage value='" . $settings['formulize_currentPage'] . "'>";
print "<input type=hidden name=formulize_prevPage value='" . $settings['formulize_prevPage'] . "'>";
print "<input type=hidden name=formulize_doneDest value='" . $settings['formulize_doneDest'] . "'>";
print "<input type=hidden name=formulize_buttonText value='" . $settings['formulize_buttonText'] . "'>";
print "<input type=hidden name=ventry value='" . $settings['ventry'] . "'>";
print $GLOBALS['xoopsSecurity']->getTokenHTML();
if ($entry) {
print "<input type=hidden name=entry" . $fid . " value=" . intval($entry) . ">";
// need this to persist the entry that the user is
}
print "</form></div>";
print "<div id=savingmessage style=\"display: none; position: absolute; width: 100%; right: 0px; text-align: center; padding-top: 50px;\">\n";
if (file_exists(XOOPS_ROOT_PATH . "/modules/formulize/images/saving-" . $xoopsConfig['language'] . ".gif")) {
print "<img src=\"" . XOOPS_URL . "/modules/formulize/images/saving-" . $xoopsConfig['language'] . ".gif\">\n";
} else {
print "<img src=\"" . XOOPS_URL . "/modules/formulize/images/saving-english.gif\">\n";
}
print "</div>\n";
drawJavascript();
// need to create the form object, and add all the rendered elements to it, and then we'll have working required elements if we render the validation logic for the form
print $formObjectForRequiredJS->renderValidationJS(true, true);
// with tags, true, skip the extra js that checks for the formulize theme form divs around the elements so that conditional animation works, true
// print "<script type=\"text/javascript\">function xoopsFormValidate_formulize(){return true;}</script>"; // shim for the validation javascript that is created by the xoopsThemeForms, and which our saving logic currently references...saving won't work without this...we should actually render the proper validation logic at some point, but not today.
} else {
displayForm($forminfo, $entry, $mainform, "", $buttonArray, $settings, $titleOverride, $overrideValue, "", "", 0, 0, $printall, $screen);
// nmc 2007.03.24 - added empty params & '$printall'
}
formulize_benchmark("After displayForm.");
}
if ($currentPage != $thanksPage and !$_POST['goto_sfid']) {
// have to get the new value for $pageSelection list if the user requires it on the users view.
$pageSelectionList = pageSelectionList($currentPage, $totalPages, $pageTitles, "below");
print "<form name=\"pageNavOptions_below\" id=\"pageNavOptions_below\">\n";
if ($screen and $bottomtemplate = $screen->getTemplate('bottomtemplate')) {
$templateVariables['pageSelectionList'] = $pageSelectionList;
// assign the new pageSelectionList, since it was redone for the bottom section
formulize_renderTemplate('bottomtemplate', $templateVariables, $screen->getVar('sid'));
} else {
drawPageNav($usersCanSave, $currentPage, $totalPages, "below", $nextPageButton, $previousPageButton, $skippedPageMessage, $pageSelectionList);
}
print "</form>";
}
formulize_benchmark("End of displayFormPages.");
}
