public function validateCustomSql($sql_query, $type = "check")
{
$adb = PearDatabase::getInstance();
if ($sql_query != "") {
global $default_charset;
$sql_query = html_entity_decode($sql_query, ENT_QUOTES, $default_charset);
$sql_count_test = explode(";", $sql_query);
if (ITS4YouReports::querySpecialControl($sql_query) == true) {
ITS4YouReports::DieDuePermission("LBL_WRONG_QUERY_STRINGS_SQL");
exit;
} elseif (count($sql_count_test) > 1) {
ITS4YouReports::DieDuePermission("LBL_TOO_MANY_SQL");
exit;
}
if ($type == 'run') {
$sql_query = str_replace("\n", "", $sql_query);
//$sql_query = $adb->sql_escape_string($sql_query);
}
}
return $sql_query;
}
<?php
/*+********************************************************************************
* The content of this file is subject to the Reports 4 You license.
* ("License"); You may not use this file except in compliance with the License
* The Initial Developer of the Original Code is IT-Solutions4You s.r.o.
* Portions created by IT-Solutions4You s.r.o. are Copyright(C) IT-Solutions4You s.r.o.
* All Rights Reserved.
********************************************************************************/
require_once 'modules/ITS4YouReports/ITS4YouReports.php';
$ITS4YouReports = new ITS4YouReports();
if (isset($_REQUEST['idlist']) && $_REQUEST['idlist'] != "") {
if ($ITS4YouReports->CheckPermissions("DELETE") == false) {
$ITS4YouReports->DieDuePermission();
}
$id_array = array();
$idlist = trim($_REQUEST['idlist'], ";");
$id_array = explode(";", $idlist);
for ($i = 0; $i < count($id_array); $i++) {
$ITS4YouReports->deleteReports4You($id_array[$i]);
}
} elseif (isset($_REQUEST['record']) && $_REQUEST['record'] != "") {
$recordid = vtlib_purify($_REQUEST['record']);
$r_permitted = $ITS4YouReports->CheckReportPermissions($ITS4YouReports->primarymodule, $ITS4YouReports->record);
$ITS4YouReports->deleteSingleReports4You();
}
header("Location:index.php?module=ITS4YouReports&action=index&parenttab=Tools");
exit;
function editReport(Vtiger_Request $request)
{
$viewer = $this->getViewer($request);
//ITS4YouReports::define_rt_vars(true,true);
//ITS4YouReports::getR4UDifTime(1);
$moduleName = $request->getModule();
$record = $request->get('record');
$reportModel = ITS4YouReports_Record_Model::getCleanInstance($record);
if (!$reportModel->has('folderid')) {
$reportModel->set('folderid', $request->get('folder'));
}
$data = $request->getAll();
foreach ($data as $name => $value) {
$reportModel->set($name, $value);
}
if ($request->has("reporttype") && !$request->isEmpty("reporttype")) {
$reportModel->set('reporttype', $request->get('reporttype'));
}
if ($record != "") {
$viewer->assign('MODE', 'edit');
$reporttype = $reportModel->getReportType();
} else {
$viewer->assign('MODE', 'create');
$reporttype = $request->get('reporttype');
}
$viewer->assign('REPORTTYPE', $reporttype);
global $current_user;
$is_admin_user = is_admin($current_user);
$viewer->assign('IS_ADMIN_USER', $is_admin_user);
$viewer->assign("steps_display", "reportTab hide");
//$viewer->assign("steps_display","reportTab");
/* global $current_user;if($current_user->id=="1"){
$viewer->assign("steps_display","reportTab");
//ITS4YouReports::sshow($ReportColumnsTotal);
} */
$viewer->assign("cancel_btn_url", $reportModel->getCancelViewUrl());
//ITS4YouReports::getR4UDifTime(2);
if ($reporttype == "") {
$viewer->view('ITS4YouReportsType.tpl', $moduleName);
} else {
$reportModuleModel = $reportModel->getModule();
$viewer->assign("REPORTNAME", $reportModel->getName());
$viewer->assign("REPORTDESC", $reportModel->getDesc());
$viewer->assign("REP_FOLDERS", $reportModel->getReportFolders());
$ReportSharing = ITS4YouReports_EditView_Model::ReportSharing($request, $viewer);
$viewer->assign("REPORT_SHARING", $ReportSharing);
$ReportScheduler = ITS4YouReports_EditView_Model::ReportScheduler($request, $viewer);
$viewer->assign("REPORT_SCHEDULER", $ReportScheduler);
//ITS4YouReports::getR4UDifTime(3);
if ($reporttype == "custom_report") {
if ($is_admin_user != 1) {
ITS4YouReports::DieDuePermission();
}
// ITS4YouReports::sshow($reporttype);
$ReportCustomSQL = ITS4YouReports_EditView_Model::ReportCustomSql($request, $viewer);
$viewer->assign("REPORT_CUSTOMSQL", $ReportCustomSQL);
$viewer->view('EditCustom.tpl', $moduleName);
} else {
if ($request->get('isDuplicate')) {
$viewer->assign('isDuplicate', 'true');
}
$viewer->assign("PRIMARYMODULES", $reportModel->getPrimaryModules());
//ITS4YouReports::getR4UDifTime(4);
$ReportGrouping = ITS4YouReports_EditView_Model::ReportGrouping($request, $viewer);
$viewer->assign("REPORT_GROUPING", $ReportGrouping);
//ITS4YouReports::getR4UDifTime(5);
$ReportColumns = ITS4YouReports_EditView_Model::ReportColumns($request, $viewer);
$viewer->assign("REPORT_COLUMNS", $ReportColumns);
//ITS4YouReports::getR4UDifTime(6);
$ReportColumnsTotal = ITS4YouReports_EditView_Model::ReportColumnsTotal($request, $viewer);
$viewer->assign("REPORT_COLUMNS_TOTAL", $ReportColumnsTotal);
//ITS4YouReports::getR4UDifTime(7);
$ReportLabels = ITS4YouReports_EditView_Model::ReportLabels($request, $viewer);
$viewer->assign("REPORT_LABELS", $ReportLabels);
//ITS4YouReports::getR4UDifTime(8);
$ReportFilters = ITS4YouReports_EditView_Model::ReportFilters($request, $viewer);
$viewer->assign("REPORT_FILTERS", $ReportFilters);
//ITS4YouReports::getR4UDifTime(9);
$ReportGraphs = ITS4YouReports_EditView_Model::ReportGraphs($request, $viewer);
$viewer->assign("REPORT_GRAPHS", $ReportGraphs);
//ITS4YouReports::getR4UDifTime(10);
//exit;
$viewer->view('Edit.tpl', $moduleName);
}
}
}
