function update_role_permissions($role_name, $permissions_r) { $role_name = addslashes($role_name); db_query("DELETE FROM s_role_permission WHERE role_name = '{$role_name}'"); if (strlen($role_name) > 0 && is_array($permissions_r)) { reset($permissions_r); while (list($permission_name, $permission_r) = each($permissions_r)) { $enabled_ind = validate_ind_column($permission_r['enabled_ind']); $remember_me_ind = validate_ind_column($permission_r['remember_me_ind']); if ($enabled_ind == 'Y') { $query = "INSERT INTO s_role_permission(role_name, permission_name, remember_me_ind) \n\t\t\t\t\tVALUES('{$role_name}', '{$permission_name}', '" . $remember_me_ind . "')"; $insert = db_query($query); if ($insert && db_affected_rows() > 0) { opendb_logger(OPENDB_LOG_ERROR, __FILE__, __FUNCTION__, NULL, array($role_name, $permission_name, $remember_me_ind)); } else { opendb_logger(OPENDB_LOG_ERROR, __FILE__, __FUNCTION__, db_error(), array($role_name, $permission_name, $remember_me_ind)); } } } } }
function update_s_status_type($s_status_type, $description, $img, $delete_ind, $change_owner_ind, $borrow_ind, $status_comment_ind, $hidden_ind, $default_ind, $closed_ind) { $s_status_type = strtoupper($s_status_type); $description = addslashes(trim(strip_tags($description))); // do this one first, as we need to validate the data for the others based on this one. $change_owner_ind = validate_ind_column($change_owner_ind); $delete_ind = validate_ind_column($delete_ind); $borrow_ind = validate_ind_column($borrow_ind); $status_comment_ind = validate_ind_column($status_comment_ind); $default_ind = validate_ind_column($default_ind); $closed_ind = validate_ind_column($closed_ind); $hidden_ind = validate_ind_column($hidden_ind); $query = "UPDATE s_status_type " . "SET description = '{$description}', " . "img = '{$img}', " . "delete_ind = '{$delete_ind}', " . "change_owner_ind = '{$change_owner_ind}', " . "borrow_ind = '{$borrow_ind}', " . "status_comment_ind = '{$status_comment_ind}', " . "default_ind = '{$default_ind}', " . "closed_ind = '{$closed_ind}', " . "hidden_ind = '{$hidden_ind}'" . " WHERE s_status_type = '{$s_status_type}'"; $update = db_query($query); // We should not treat updates that were not actually updated because value did not change as failures. $rows_affected = db_affected_rows(); if ($update && $rows_affected !== -1) { if ($rows_affected > 0) { opendb_logger(OPENDB_LOG_INFO, __FILE__, __FUNCTION__, NULL, array($s_status_type, $description, $img, $delete_ind, $change_owner_ind, $borrow_ind, $status_comment_ind, $hidden_ind, $default_ind, $closed_ind)); if ($default_ind == 'Y') { // clear any other s_status_type's records that currently have default_ind = Y update_default_status_type($s_status_type); } } return TRUE; } else { opendb_logger(OPENDB_LOG_ERROR, __FILE__, __FUNCTION__, db_error(), array($s_status_type, $description, $img, $delete_ind, $change_owner_ind, $borrow_ind, $status_comment_ind, $hidden_ind, $default_ind, $closed_ind)); return FALSE; } }
function validate_s_attribute_type($s_attribute_type, &$description, &$prompt, &$input_type, &$input_type_arg1, &$input_type_arg2, &$input_type_arg3, &$input_type_arg4, &$input_type_arg5, &$display_type, &$display_type_arg1, &$display_type_arg2, &$display_type_arg3, &$display_type_arg4, &$display_type_arg5, &$s_field_type, &$site_type, &$listing_link_ind, &$file_attribute_ind, &$lookup_attribute_ind, &$multi_attribute_ind, &$view_perm) { $description = addslashes(trim(strip_tags($description))); $prompt = addslashes(trim(strip_tags($prompt))); if ($display_type !== FALSE) { $display_type = validate_display_type($display_type); if (strlen($display_type) > 0) { $display_type_arg1 = addslashes(trim(strip_tags($display_type_arg1))); $display_type_arg2 = addslashes(trim(strip_tags($display_type_arg2))); $display_type_arg3 = addslashes(trim(strip_tags($display_type_arg3))); $display_type_arg4 = addslashes(trim(strip_tags($display_type_arg4))); $display_type_arg5 = addslashes(trim(strip_tags($display_type_arg5))); } else { $display_type_arg1 = NULL; $display_type_arg2 = NULL; $display_type_arg3 = NULL; $display_type_arg4 = NULL; $display_type_arg5 = NULL; } } if ($input_type !== FALSE) { $input_type = validate_input_type($input_type); if (strlen($input_type) > 0) { $input_type_arg1 = addslashes(trim(strip_tags($input_type_arg1))); $input_type_arg2 = addslashes(trim(strip_tags($input_type_arg2))); $input_type_arg3 = addslashes(trim(strip_tags($input_type_arg3))); $input_type_arg4 = addslashes(trim(strip_tags($input_type_arg4))); $input_type_arg5 = addslashes(trim(strip_tags($input_type_arg5))); } else { $input_type_arg1 = NULL; $input_type_arg2 = NULL; $input_type_arg3 = NULL; $input_type_arg4 = NULL; $input_type_arg5 = NULL; } } if ($s_field_type !== FALSE) { $s_field_type = validate_s_field_type($s_field_type); } if ($site_type !== FALSE) { $site_type = strtolower(trim($site_type)); } if ($multi_attribute_ind !== FALSE) { $multi_attribute_ind = validate_ind_column($multi_attribute_ind); } if ($lookup_attribute_ind !== FALSE) { $lookup_attribute_ind = validate_ind_column($lookup_attribute_ind); } if ($file_attribute_ind !== FALSE) { $file_attribute_ind = validate_ind_column($file_attribute_ind); } if ($listing_link_ind !== FALSE) { $listing_link_ind = validate_ind_column($listing_link_ind); } // only one of these indicators can be Y if ($lookup_attribute_ind == 'Y') { $multi_attribute_ind = 'N'; $file_attribute_ind = 'N'; // cannot have a lookup type that is also a file_resources } else { if ($file_attribute_ind == 'Y') { $multi_attribute_ind = 'N'; $lookup_attribute_ind = 'N'; } else { if ($multi_attribute_ind == 'Y') { $file_attribute_ind = 'N'; // cannot have a lookup type that is also a file_resources $lookup_attribute_ind = 'N'; } } } if ($view_perm !== FALSE) { $view_perm = strtoupper(trim($view_perm)); } }
function validate_item_column_conf(&$column_no, &$column_type, &$s_field_type, &$s_attribute_type, &$override_prompt, &$printable_support_ind, &$orderby_support_ind, &$orderby_datatype, &$orderby_default_ind, &$orderby_sort_order, &$error) { $column_type = validate_column_type($column_type); if ($column_type !== FALSE) { if ($column_type == 'borrow_status' || $column_type == 'action_links') { $s_field_type = NULL; $s_attribute_type = NULL; $orderby_support_ind = 'N'; $orderby_default_ind = 'N'; $orderby_datatype = NULL; $orderby_sort_order = NULL; } else { if ($column_type == 's_field_type') { $s_field_type = validate_s_field_type($s_field_type); if ($s_field_type === FALSE) { $error = 'Invalid System Field Type'; return FALSE; } if ($s_field_type == 'STATUSCMNT' || $s_field_type == 'RATING') { $orderby_support_ind = 'N'; } } else { $s_field_type = NULL; } if ($column_type == 's_attribute_type') { $s_attribute_type = validate_s_attribute_type($s_attribute_type); if ($s_attribute_type === FALSE) { $error = 'Invalid System Attribute Type'; return FALSE; } } else { $s_attribute_type = NULL; } $orderby_support_ind = validate_ind_column($orderby_support_ind); if ($orderby_support_ind == 'Y') { $orderby_datatype = validate_orderby_datatype($orderby_datatype); } else { $orderby_datatype = NULL; } $orderby_default_ind = validate_ind_column($orderby_default_ind); if ($orderby_default_ind == 'Y') { $orderby_sort_order = validate_orderby_sort_order($orderby_sort_order); } else { $orderby_sort_order = NULL; } $printable_support_ind = validate_ind_column($printable_support_ind); } //else return TRUE; } else { $error = 'Invalid Column Type'; return FALSE; } }
/** * this function is only here to get a new sequence number record for allocation of unique filename, otherwise * it does little useful. * * @param unknown_type $cache_type * @param unknown_type $file_upload_ind * @return unknown */ function insert_file_cache($cache_type, $file_upload_ind, $url, $location, $content_type) { $file_upload_ind = validate_ind_column($file_upload_ind); // do not want location to have a copy of url if (strcasecmp($url, $location) === 0) { $location = NULL; } $url = addslashes(trim(substr($url, 0, 2083))); if ($location != NULL) { $location = addslashes(trim(substr($location, 0, 2083))); } $query = "INSERT INTO file_cache (cache_type, upload_file_ind, url, location, content_type, cache_date)" . " VALUES ('{$cache_type}', '{$file_upload_ind}', '{$url}', " . (strlen($location) > 0 ? "'{$location}'" : "NULL") . ", '{$content_type}', NOW())"; $insert = db_query($query); if ($insert && db_affected_rows() > 0) { $sequence_number = db_insert_id(); opendb_logger(OPENDB_LOG_INFO, __FILE__, __FUNCTION__, NULL, array($cache_type, $file_upload_ind, $url, $location, $content_type)); return $sequence_number; } else { opendb_logger(OPENDB_LOG_ERROR, __FILE__, __FUNCTION__, db_error(), array($cache_type, $file_upload_ind, $url, $location, $content_type)); return FALSE; } }
function update_user_address($sequence_number, $public_address_ind, $borrow_address_ind) { if (is_numeric($sequence_number)) { $public_address_ind = validate_ind_column($public_address_ind); $borrow_address_ind = validate_ind_column($borrow_address_ind); $query = "UPDATE user_address SET " . "public_address_ind = '" . $public_address_ind . "'" . ", borrow_address_ind = '" . $borrow_address_ind . "'" . " WHERE sequence_number = {$sequence_number}"; $update = db_query($query); // We should not treat updates that were not actually updated because value did not change as failures. $rows_affected = db_affected_rows(); if ($update && $rows_affected !== -1) { if ($rows_affected > 0) { opendb_logger(OPENDB_LOG_INFO, __FILE__, __FUNCTION__, NULL, array($sequence_number, $public_address_ind, $borrow_address_ind)); } return TRUE; } else { opendb_logger(OPENDB_LOG_ERROR, __FILE__, __FUNCTION__, db_error(), array($sequence_number, $public_address_ind, $borrow_address_ind)); return FALSE; } } else { return FALSE; } }
function update_s_file_type($content_type, $content_group, $extension, $alt_extensions_r, $description, $image, $thumbnail_support_ind) { $content_type = validate_content_type($content_type); if (is_exists_file_type($content_type)) { $content_group = strtoupper($content_group); if (is_exists_file_type_content_group($content_group)) { $description = addslashes(trim(strip_tags($description))); $thumbnail_support_ind = validate_ind_column($thumbnail_support_ind); $query = "UPDATE s_file_type " . "SET description = '{$description}', " . "content_group = '{$content_group}', " . "image = '{$image}', " . "thumbnail_support_ind = '{$thumbnail_support_ind}' " . " WHERE content_type = '{$content_type}'"; $update = db_query($query); // We should not treat updates that were not actually updated because value did not change as failures. $rows_affected = db_affected_rows(); if ($update && $rows_affected !== -1) { if ($rows_affected > 0) { opendb_logger(OPENDB_LOG_INFO, __FILE__, __FUNCTION__, NULL, array($content_type, $content_group, $extension, $alt_extensions_r, $description, $image, $thumbnail_support_ind)); } insert_s_file_type_extensions($content_type, $extension, $alt_extensions_r); return TRUE; } else { opendb_logger(OPENDB_LOG_ERROR, __FILE__, __FUNCTION__, db_error(), array($content_type, $content_group, $extension, $alt_extensions_r, $description, $image, $thumbnail_support_ind)); return FALSE; } } else { return FALSE; } } else { return FALSE; } }