public function update($args = NULL, $update_modifier = true, $log_changes = true) { global $auth; global $g_item_fields; $dbh = new DB_Mysql(); $update_fields = NULL; ### build hash to fast access ## if ($args) { $update_fields = array(); foreach ($args as $a) { $update_fields[$a] = true; } } if (!$this->id) { trigger_error("User object without id can't be updated", E_USER_WARNING); } if (!sizeof($this->field_states)) { trigger_error("need members to update to database. e.g. 'firstname,lastname,data'", E_USER_WARNING); } /** * @@@ WE NEED AN AUTHORISATION-CHECK HERE @@@ * * we also should lock those to into ONE transaction * * */ if ($update_modifier && $auth->cur_user) { $this->modified_by = $auth->cur_user->id; $this->modified = getGMTString(); if ($update_fields) { $update_fields['modified_by'] = true; $update_fields['modified'] = true; } } $log_changed_fields = array(); $t_pairs = array(); foreach ($g_item_fields as $f) { $name = $f->name; if ($update_fields && !isset($update_fields[$name])) { continue; } if (isset($this->_values_org[$name])) { if (!isset($this->{$name}) && $this->{$name} != NULL) { trigger_error("{$name} is not a member of {$this} and can't be passed to db", E_USER_WARNING); } if ($this->_values_org[$name] == $this->{$name}) { continue; } else { if ($this->fields[$name]->log_changes) { $log_changed_fields[] = $name; } } } $t_pairs[] = $name . "='" . asSecureString($this->{$name}) . "'"; } $prefix = confGet('DB_TABLE_PREFIX'); if (count($t_pairs)) { $str_query = 'UPDATE ' . $prefix . 'item ' . 'SET ' . join(', ', $t_pairs) . ' WHERE id=' . $this->id; $dbh = new DB_Mysql(); $sth = $dbh->prepare($str_query); $sth->execute("", 1); } #--- now write non item-fields --- # #--- build query-string like "update users SET firstname=:1, lastname=:2 where id=:3" -- # if ($this->_type && $this->_type != 'dbprojectitem') { $t_pairs = array(); # the 'id' field is skipped later, because it's defined as project-item-field. so we have to add it here foreach ($this->fields as $f) { $name = $f->name; ### selective updates ### if ($update_fields && !isset($update_fields[$name])) { continue; } ### skip project-item fields ### if (isset($this->fields[$name]) && isset($this->fields[$name]->in_db_object) || !isset($g_item_fields[$name])) { if (!isset($this->{$name}) && $this->{$name} != NULL) { trigger_error("{$name} is not a member of {$this} and can't be passed to db", E_USER_WARNING); continue; } if (isset($this->_values_org[$name])) { if ($this->_values_org[$name] == $this->{$name}) { continue; } else { if ($this->fields[$name]->log_changes) { $log_changed_fields[] = $name; } } } global $sql_obj; $t_pairs[] = $name . '=' . "'" . asSecureString($this->{$name}) . "'"; } } if (count($t_pairs)) { $str_query = 'UPDATE ' . $prefix . $this->_type . ' SET ' . join(', ', $t_pairs) . ' WHERE id=' . $this->id; $sth = $dbh->prepare($str_query); $sth->execute("", 1); } if ($log_changes && $log_changed_fields) { require_once confGet('DIR_STREBER') . "db/db_itemchange.inc.php"; foreach ($log_changed_fields as $name) { /** * keep changes in itemchange table */ $c = new ItemChange(array('item' => $this->id, 'field' => $name, 'value_old' => $this->_values_org[$name])); $c->insert(); } } } return true; }