function db_insert($update = 0) { if (isset($_POST['cancel'])) { return; } if ($update) { $update_array = array(); } $insert_sql = 'REPLACE INTO `' . $this->table . '` ('; $field_names = array(); foreach ($this->cols_array as $key => $col) { $field_name = $key; $field_names[] = '`' . $field_name . '`'; } $insert_sql .= implode(', ', $field_names); $insert_sql .= ") VALUES ("; $field_values = array(); foreach ($_POST as $key => $value) { if ($key != rawurldecode($key)) { $_POST[rawurldecode($key)] = $value; unset($_POST[$key]); } } foreach ($_FILES as $key => $value) { if ($key != rawurldecode($key)) { $_POST[rawurldecode($key)] = $value; unset($_POST[$key]); } } foreach ($this->cols_array as $key => $col) { $field_value = $_POST[$key] ? $_POST[$key] : $col['value']; if ($col['type'] == 'select' && strstr($field_value, '--')) { $field_value = ''; } if ($col['type'] == 'check') { $t = array(); $c = count($field_value); for ($i = 0; $i < $c; ++$i) { // was bedeutet das hier wohl? ah ja, sonsiges feld mit komma getrennt wird gesplitted und einzeln behandelt if (strstr($field_value[$i], ',')) { $t = explode(',', $field_value[$i]); unset($field_value[$i]); } } foreach ($t as $v) { $field_value[] = trim($v); } $field_value = is_array($field_value) ? implode('&delim;', General::trim_array($field_value)) : $field_value; if (!$fieldvalue) { $_POST[$key] = ''; } } if ($col['type'] == 'timestamp') { $t = Date::unify_timestamp($_POST[$key . '_jahr'] . $_POST[$key . '_monat'] . $_POST[$key . '_tag'] . $_POST[$key . '_stunde'] . $_POST[$key . '_minute'] . '00'); $field_value = $t; } if ($col['type'] == 'email') { $field_value = $_POST[$key . '_name']; if ($_POST[$key . '_mail']) { $field_value .= ' <' . $_POST[$key . '_mail'] . '>'; } } if ($col['type'] == 'changed') { $field_value .= $_POST[$key] ? "\n" : ''; $field_value .= Date::timestamp2datum(Date::now()); } if ($col['type'] == 'upload') { if ($col['upload_extensions']) { $upload_extensions = array(); foreach ($col['upload_extensions'] as $ext) { $upload_extensions[] = '\\.' . $ext . '$'; } $upload_extensions = implode('|', $upload_extensions); } if ($col['upload_size']) { $max_upload = $col['upload_size'] * 1024; } $field_value = $_POST[$key] ? $_POST[$key] : array(); $_POST[$key] = isset($_POST[$key]) ? $_POST[$key] : true; if ($this->upload_folder) { $upload_folder = ''; if (is_string($this->upload_folder)) { $this->upload_folder = array($this->upload_folder); } foreach ($this->upload_folder as $col_name) { $upload_folder .= $_POST[$col_name]; } if (!RheinaufFile::is_dir($folder = $this->upload_path . $upload_folder)) { RheinaufFile::mkdir($folder); RheinaufFile::chmod($folder, '777'); } $upload_folder = $upload_folder . "/"; } if ($_FILES[$key . '_upload']['name']) { if (is_array($_FILES[$key . '_upload']['name'])) { $c = count($_FILES[$key . '_upload']['name']); for ($i = 0; $i < $c; ++$i) { $f_name = preg_replace("/[^0-9a-z.]/i", '_', $_FILES[$key . '_upload']['name'][$i]); if ($f_name && $upload_extensions && !preg_match("/{$upload_extensions}/i", $f_name)) { $GLOBALS['scripts'] .= Html::script('onLoad.push(function() {alert("Dieses Dateiformat ist nicht erlaubt.")})'); continue; } if ($f_name && $max_upload && $_FILES[$key . '_upload']['size'][$i] > $max_upload) { $GLOBALS['scripts'] .= Html::script('onLoad.push(function() {alert("Die Dateigröße übersteigt das erlaubte Maximum")})'); continue; } $file = $this->upload_path . $upload_folder . $f_name; $uploaded_file = $_FILES[$key . '_upload']['tmp_name'][$i]; RheinaufFile::move_uploaded_file($uploaded_file, $file); RheinaufFile::chmod($file, '777'); $max_scale = $col['max_scale'] ? $col['max_scale'] : $this->max_scale; $this->max_scale_image($file, $max_scale); $field_value[] = $f_name; } //$field_value = (is_array($field_value)) ? implode('&delim;',General::trim_array( $field_value )) : $field_value; } else { $f_name = preg_replace("/[^0-9a-z.]/i", '_', $_FILES[$key . '_upload']['name']); if ($f_name && $upload_extensions && !preg_match("/{$upload_extensions}/", $f_name)) { $GLOBALS['scripts'] .= Html::script('onLoad.push(function() {alert("Dieses Dateiformat ist nicht erlaubt.")})'); continue; } if ($f_name && $max_upload && $_FILES[$key . '_upload']['size'] > $max_upload) { $GLOBALS['scripts'] .= Html::script('onLoad.push(function() {alert("Die Dateigröße übersteigt das erlaubte Maximum")})'); continue; } $file = $this->upload_path . $upload_folder . $f_name; $uploaded_file = $_FILES[$key . '_upload']['tmp_name']; RheinaufFile::move_uploaded_file($uploaded_file, $file); RheinaufFile::chmod($file, '777'); $max_scale = $col['max_scale'] ? $col['max_scale'] : $this->max_scale; $this->max_scale_image($file, $max_scale); $field_value[] = $f_name; } } if (is_array($_POST[$key . "_delfile"])) { $field_value = array_diff($field_value, $_POST[$key . "_delfile"]); foreach ($_POST[$key . "_delfile"] as $file) { RheinaufFile::delete($this->upload_path . $upload_folder . $file); } } } if (is_array($field_value)) { $field_value = implode('&delim;', General::trim_array($field_value)); } if ($key == 'id') { $field_value = $_POST['edit_id'] !== '' ? $_POST['edit_id'] : ''; } $field_value = General::input_clean($field_value, true); $field_values[] = "'" . $field_value . "'"; if ($update && isset($_POST[$key])) { $update_array[$key] = $field_value; } } if ($update) { $this->connection->db_update($this->table, $update_array, "`id` = {$update}"); } else { $insert_sql .= implode(', ', $field_values) . ')'; $this->connection->db_query($insert_sql); $this->last_insert_id = $this->connection->db_last_insert_id(); } }