예제 #1
0
         // deletion of a record from a table, after the deletion we need to redirect to the show results mode
         $location_url = $site_url . $dadabik_main_file . '?table_name=' . urlencode($table_name) . '&function=search&where_clause=' . urlencode($where_clause);
         if ($enable_authentication === 0 || $enable_delete_authorization === 0 || current_user_is_owner($where_field, $where_value, $table_name, $fields_labels_ar)) {
             delete_record($table_name, $where_field, $where_value);
         } else {
             $location_url .= '&just_delete_no_authorization=1';
         }
         // end else
         header('Location: ' . $location_url);
         exit;
     }
     // end if
     break;
 case "delete_all":
     if ($enable_delete == "1" && $enable_delete_all_feature === 1) {
         $ID_user_field_name = get_ID_user_field_name($fields_labels_ar);
         delete_multiple_records($table_name, $where_clause, $ID_user_field_name);
         $location_url = $site_url . $dadabik_main_file . '?table_name=' . urlencode($table_name) . "&function=search&where_clause=&page=0";
         if ($enable_browse_authorization === 0 && $ID_user_field_name !== false) {
             // if the user see just his owns records the message doesn't make sense
             $location_url .= '&just_delete_all_authorizated=1';
         }
         // end if
         header('Location: ' . $location_url);
         exit;
     }
     // end if
     break;
 case "show_insert_form":
     if ($enable_insert == "1") {
         txt_out("<h3>" . $normal_messages_ar["insert_record"] . "</h3>");
예제 #2
0
function build_select_duplicated_query($table_name, $fields_labels_ar, &$string1_similar_ar, &$string2_similar_ar)
{
    global $percentage_similarity, $number_duplicated_records, $db, $enable_authentication, $enable_browse_authorization, $current_user, $null_checkbox_prefix;
    // get the unique key of the table
    $unique_field_name = $db->get_primary_key($table_name);
    if ($unique_field_name != "" && $unique_field_name != NULL) {
        // a unique key exists, ok, otherwise I'm not able to select the similar record, which field should I use to indicate it?
        $sql = "";
        $sql_select_all = "";
        $sql_select_all = "SELECT `{$unique_field_name}`, ";
        // this is used to select the records to check similiarity
        //$select = "SELECT * FROM `$table_name`";
        $select = build_select_part($fields_labels_ar, $table_name);
        $where_clause = "";
        // build the sql_select_all clause
        $j = 0;
        // build the $fields_to_check_ar array, containing the field to check for similiarity
        $fields_to_check_ar = array();
        $count_temp = count($fields_labels_ar);
        for ($i = 0; $i < $count_temp; $i++) {
            if ($fields_labels_ar[$i]["check_duplicated_insert_field"] == "1") {
                if (!empty(${$fields_labels_ar[$i]["name_field"]})) {
                    $fields_to_check_ar[$j] = $fields_labels_ar[$i]["name_field"];
                    // I put in the array only if the field is non empty, otherwise I'll check it even if I don't need it
                }
                // end if
                $sql_select_all .= "`" . $fields_labels_ar[$i]["name_field"] . "`, ";
                $j++;
            }
            // end if
        }
        // end for
        $sql_select_all = substr($sql_select_all, 0, -2);
        // delete the last ", "
        $sql_select_all .= " FROM `{$table_name}`";
        if ($enable_authentication === 1 && $enable_browse_authorization === 1) {
            // $ID_user_field_name = '$current_user' where clause part in order to select only the records the current user owns
            $ID_user_field_name = get_ID_user_field_name($fields_labels_ar);
            if ($ID_user_field_name !== false) {
                // no ID_user fields available, don't use authorization
                if ($where_clause === '') {
                    $sql_select_all .= " WHERE `{$table_name}`.`{$ID_user_field_name}` = '" . $db->escape_string($current_user) . "'";
                }
                // end if
            }
            // end if
        }
        // end if
        // end build the sql_select_all clause
        // at the end of the above procedure I'll have, for example, "select ID, name, email from table" if ID is the unique key, name and email are field to check
        // execute the select query
        $res_contacts = $db->send_query($sql_select_all);
        if ($db->db_num_rows($res_contacts) > 0) {
            while ($contacts_row = $db->db_fetch_row($res_contacts)) {
                // *A* for each record in the table
                $count_temp = count($fields_to_check_ar);
                for ($i = 0; $i < $count_temp; $i++) {
                    // *B* and for each field the user has inserted
                    if (!isset($_POST[$null_checkbox_prefix . $fields_to_check_ar[$i]]) || $_POST[$null_checkbox_prefix . $fields_to_check_ar[$i]] !== '1') {
                        // NULL checkbox  is not selected
                        $z = 0;
                        $found_similarity = 0;
                        // set to 1 when a similarity is found, so that it's possible to exit the loop (if I found that a record is similar it doesn't make sense to procede with other fields of the same record)
                        // *C* check if the field inserted are similiar to the other fields to be checked in this record (*A*)
                        $count_temp_2 = count($fields_to_check_ar);
                        while ($z < $count_temp_2 and $found_similarity == 0) {
                            $string1_temp = $_POST[$fields_to_check_ar[$i]];
                            // the field the user has inserted
                            $string2_temp = $contacts_row[$z + 1];
                            // the field of this record (*A*); I start with 1 because 0 is alwais the unique field (e.g. ID, name, email)
                            similar_text(strtolower($string1_temp), strtolower($string2_temp), $percentage);
                            if ($percentage >= $percentage_similarity) {
                                // the two strings are similar
                                $where_clause .= "`{$unique_field_name}` = '" . $contacts_row[0] . "' OR ";
                                $found_similarity = 1;
                                $string1_similar_ar[] = $string1_temp;
                                $string2_similar_ar[] = $string2_temp;
                            }
                            // end if the two strings are similar
                            $z++;
                        }
                        // end while
                    }
                    // end if
                }
                // end for loop for each field to check
            }
            // end while loop for each record
        }
        // end if ($db->db_num_rows($res_contacts) > 0)
        $db->free_result($res_contacts);
        $where_clause = substr($where_clause, 0, -4);
        // delete the last " OR "
        if ($where_clause != "") {
            $sql = $select . " WHERE " . $where_clause;
        } else {
            // no duplication
            $sql = "";
        }
        // end else*
    } else {
        // no unique keys
        $sql = "";
    }
    // end else
    return $sql;
}