コード例 #1
0
ファイル: attachments.php プロジェクト: Jacquesvw/phpBMS
 function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
 {
     if ($createdby == NULL) {
         $createdby = $_SESSION["userinfo"]["id"];
     }
     if ($variables["newexisting"] == "new") {
         //we need to add a new file record before adding a new
         //attachment record
         $variables["fileid"] = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
     }
     //next we create the attachment record
     $querystatement = "\n\t\t\t\tSELECT\n\t\t\t\t\t`maintable`\n\t\t\t\tFROM\n\t\t\t\t\t`tabledefs`\n\t\t\t\tWHERE\n\t\t\t\t\t`uuid` = '" . mysql_real_escape_string($variables["tabledefid"]) . "'\n\t\t\t\t";
     $queryresult = $this->db->query($querystatement);
     $therecord = $this->db->fetchArray($queryresult);
     $tabldefid = mysql_real_escape_string($variables["tabledefid"]);
     $maintable = mysql_real_escape_string($therecord["maintable"]);
     $querystatement = "\n\t\t\t\tSELECT\n\t\t\t\t\t`uuid`\n\t\t\t\tFROM\n\t\t\t\t\t`" . $maintable . "`\n\t\t\t\tWHERE\n\t\t\t\t\t`id` = '" . $variables["recordid"] . "'\n\t\t\t\t";
     $queryresult = $this->db->query($querystatement);
     $therecord = $this->db->fetchArray($queryresult);
     $recordid = mysql_real_escape_string($therecord["uuid"]);
     $querystatement = "\n\t\t\t\tSELECT\n\t\t\t\t\t`uuid`\n\t\t\t\tFROM\n\t\t\t\t\t`files`\n\t\t\t\tWHERE\n\t\t\t\t\t`id` = '" . $variables["fileid"] . "'\n\t\t\t\t";
     $queryresult = $this->db->query($querystatement);
     $therecord = $this->db->fetchArray($queryresult);
     $fileid = mysql_real_escape_string($therecord["uuid"]);
     $querystatement = "INSERT INTO attachments ";
     $querystatement .= "(fileid,tabledefid,recordid,\n\t\t\t\t\t\t\t\tcreatedby,creationdate,modifiedby) VALUES (";
     $querystatement .= "'" . $fileid . "', ";
     $querystatement .= "'" . $tabldefid . "', ";
     $querystatement .= "'" . $recordid . "', ";
     $querystatement .= $createdby . ", ";
     $querystatement .= "Now(), ";
     $querystatement .= $createdby . ")";
     $queryresult = $this->db->query($querystatement);
     if ($queryresult) {
         return $this->db->insertId();
     } else {
         return false;
     }
 }