public function insertPreProcess($data = null) { $data =& $this->_objData; // sort column $data['sortname'] = $data['fname'] . ' ' . $data['lname']; $data['sortcompany'] = $data['company']; // same $data['date'] = time(); // convert custom date type and numeric values // get the custom fields $cus_where = ""; $cus_sort = "cus_pos ASC"; $cus_Array = new AddressBook_DBObject_CustomfieldArray(); $customfields = $cus_Array->get($cus_where, $cus_sort); foreach ($customfields as $cus) { $cusfield = "custom_" . $cus['id']; if (!empty($data[$cusfield])) { if ($cus['type'] == 'date default NULL') { $data[$cusfield] = DateUtil::parseUIDate($data[$cusfield]); $data[$cusfield] = DateUtil::transformInternalDate($data[$cusfield]); } if ($cus['type'] == 'decimal(10,2) default NULL') { $check_format = ereg_replace(",", ".", $data[$cusfield]); $split_format = explode(".", $check_format); $count_array = count($split_format); // example 1000 if ($count_array == 1) { if (ereg("^[+|-]{0,1}[0-9]{1,}\$", $check_format)) { $num = "{$split_format['0']}"; } } // example 1000,20 or 1.000 if ($count_array == 2) { if (ereg("^[+|-]{0,1}[0-9]{1,}.[0-9]{0,2}\$", $check_format)) { $num = "{$split_format['0']}.{$split_format['1']}"; } } // example 1,000.20 or 1.000,20 if ($count_array == 3) { if (ereg("^[+|-]{0,1}[0-9]{1,}.[0-9]{3}.[0-9]{0,2}\$", $check_format)) { $num = "{$split_format['0']}{$split_format['1']}.{$split_format['2']}"; } } $data[$cusfield] = $num; } } } return $data; }
function simpledisplay($args) { // security check if (!SecurityUtil::checkPermission('AddressBook::', '::', ACCESS_READ)) { return LogUtil::registerPermissionError(); } $ot = FormUtil::getPassedValue('ot', isset($args['ot']) ? $args['ot'] : 'address', 'GET'); $id = (int) FormUtil::getPassedValue('id', isset($args['id']) ? $args['id'] : null, 'GET'); $category = FormUtil::getPassedValue('category', 0); $private = FormUtil::getPassedValue('private', 0); unset($args); $lang = ZLanguage::getLanguageCode(); if (!$id) { return z_exit($this->__f('Error! Invalid id [%s] received.', $id)); } // get the details $object = new AddressBook_DBObject_Address(); $data = $object->get($id); // get the custom fields $cus_where = ""; $cus_sort = "cus_pos ASC"; $cus_Array = new AddressBook_DBObject_CustomfieldArray(); $customfields = $cus_Array->get($cus_where, $cus_sort); foreach ($customfields as $key => $customfield) { if (isset($customfield['name1']) && $customfield['name1'] && $lang != 'en') { $customfields[$key]['name'] = $customfield['name1']; } } // Labels $addressbook_labels = DBUtil::selectObjectArray('addressbook_labels'); $ablabels = array(); foreach ($addressbook_labels as $addressbook_label) { if (isset($addressbook_label['name1']) && $addressbook_label['name1'] && $lang != 'en') { $addressbook_label['name'] = $addressbook_label['name1']; } $ablabels[$addressbook_label['id']] = $addressbook_label; } $this->view->assign('address', $data); $this->view->assign('customfields', $customfields); $this->view->assign('ot', $ot); $this->view->assign('category', $category); $this->view->assign('private', $private); $this->view->assign('preferences', ModUtil::getVar('AddressBook')); $this->view->assign('lang', $lang); $this->view->assign('ablabels', $ablabels); return $this->view->fetch('user_simpledisplay.tpl'); }
function search($args) { // Private Address Book mode, for users only if (!UserUtil::isLoggedIn() && ModUtil::getVar('AddressBook', 'globalprotect') == 1) { return LogUtil::registerError($this->__f('This website require it\'s users to be registered to use the address book.<br />Register for free <a href="%1$s">here</a>, or <a href=\\"%1$s\\">log in</a> if you are already registered.', array(ModUtil::url('Users', 'user', 'view')))); } // security check if (!SecurityUtil::checkPermission('AddressBook::', '::', ACCESS_READ)) { return LogUtil::registerPermissionError(); } $search = isset($args['search']) ? $args['search'] : ''; if (ModUtil::getVar('AddressBook', 'addressbooktype') == 1) { $sort = "sortname ASC"; } else { $sort = "sortcompany ASC"; } $ot = "address"; // Get user id if (UserUtil::isLoggedIn()) { $user_id = UserUtil::getVar('uid'); } else { $user_id = 0; } // build the where clause $where = ''; $ztable = DBUtil::getTables(); $address_table = $ztable['addressbook_address']; $address_column =& $ztable['addressbook_address_column']; // admin always sees all records but favourites if (SecurityUtil::checkPermission('AddressBook::', '::', ACCESS_ADMIN)) { $where .= "({$address_column['user_id']} IS NOT NULL)"; } else { // global protect - users see only their own records (admin sees all) if (ModUtil::getVar('AddressBook', 'globalprotect') == 1 && !SecurityUtil::checkPermission('AddressBook::', '::', ACCESS_ADMIN)) { $where = "({$address_column['user_id']}={$user_id})"; } else { // if private = 1, show only private records if ($private == 1) { $where = "({$address_column['user_id']}={$user_id} AND {$address_column['private']} = 1)"; } else { // if private = 0, show all records $where = "(({$address_column['private']} = 0) OR ({$address_column['user_id']}={$user_id} AND {$address_column['private']} = 1))"; } } } // typecasting / security if (is_string($search)) { $where .= " AND ({$address_column['lname']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['fname']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['company']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['title']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['city']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['address1']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['address2']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['zip']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['country']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['state']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['note']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['contact_1']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['contact_2']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['contact_3']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['contact_4']} LIKE '%" . DataUtil::formatForStore($search) . "%'\n OR {$address_column['contact_5']} LIKE '%" . DataUtil::formatForStore($search) . "%')"; } // and now the custom fields $cus_where = ""; $cus_sort = "cus_pos ASC"; $cus_Array = new AddressBook_DBObject_CustomfieldArray(); $customfields = $cus_Array->get($cus_where, $cus_sort); foreach ($customfields as $cus) { if (!strstr($cus['type'], 'tinyint') && !strstr($cus['type'], 'smallint')) { $the_name = 'adr_custom_' . $cus['id']; if (strstr($cus['type'], 'varchar') || strstr($cus['type'], 'text') || strstr($cus['type'], 'dropdown')) { // typecasting / security if (is_string($search)) { $where .= " OR {$the_name} LIKE '%" . DataUtil::formatForStore($search) . "%'"; } } if (strstr($cus['type'], 'int')) { // typecasting / security if (is_int($search)) { $where .= " OR {$the_name} = {$search}"; } } if (strstr($cus['type'], 'decimal')) { // typecasting / security if (is_numeric($search)) { $where .= " OR {$the_name} = {$search}"; } } } } // get the result $class = 'AddressBook_DBObject_' . ucfirst($ot) . 'Array'; if (!class_exists($class)) { return z_exit($this->__f('Error! Unable to load class [%s]', $ot)); } $objectArray = new $class(); $data = $objectArray->get($where, $sort, $startnum - 1, $pagesize); return $data; }