function update_record($id, $data)
{
$old = load_record($id);
$omit = array('lat', 'lon', 'fullname', 'id', 'updated', 'created', 'ts');
foreach ($old as $k => $v) {
if (in_array($k, $omit)) {
continue;
}
if (@$data[$k] != $v) {
@log_update($id, $k, $v, $data[$k]);
}
}
$data = _prepare_data($data);
if (!isset($data['firstname'])) {
$data['firstname'] = '';
}
if (!isset($data['lastname'])) {
$data['lastname'] = '';
}
if (!isset($data['fullname'])) {
$data['fullname'] = '';
}
if (!isset($data['age'])) {
$data['age'] = '';
}
if (!isset($data['gender'])) {
$data['gender'] = '';
}
if (!isset($data['city'])) {
$data['city'] = '';
}
if (!isset($data['department'])) {
$data['department'] = '';
}
if (!isset($data['status'])) {
$data['status'] = '';
}
if (!isset($data['current_location'])) {
$data['current_location'] = '';
}
if (!isset($data['address'])) {
$data['address'] = '';
}
if (!isset($data['lat'])) {
$data['lat'] = '';
}
if (!isset($data['lon'])) {
$data['lon'] = '';
}
if (!isset($data['current_contact_information'])) {
$data['current_contact_information'] = '';
}
if (!isset($data['aid_type'])) {
$data['aid_type'] = '';
}
if (!isset($data['notes'])) {
$data['notes'] = '';
}
if (!isset($data['url_link_back'])) {
$data['url_link_back'] = '';
}
if (!isset($data['fromsms'])) {
$data['fromsms'] = '';
}
mysql_query(sprintf("UPDATE person SET firstname = '%s', lastname = '%s', fullname = '%s', age = %d, gender = '%s', city = '%s', department = '%s',\n\t\t\tstatus = '%s', current_location = '%s', address = '%s', lat = %d, lon = %d, current_contact_information = '%s', \n\t\t\tupdated = %d, aid_type = '%s', notes = '%s'\n\t\t\tWHERE id = %d", $data['firstname'], $data['lastname'], $data['fullname'], $data['age'], $data['gender'], $data['city'], $data['department'], $data['status'], $data['current_location'], $data['address'], $data['lat'], $data['lon'], $data['current_contact_information'], time(), mysql_real_escape_string($id), $data['aid_type'], $data['notes']));
broadcast_raw($data, $id);
if (!empty($data['my_phone'])) {
handle_searcher($id, $data);
}
}
require_once 'db.php';
// this is a person.
if (count($_POST) != 0) {
if (isset($_POST['action']) && $_POST['action'] == 'comment') {
add_comment($_GET['id'], $_POST);
} elseif (isset($_POST['action']) && $_POST['action'] == 'photo') {
handle_upload($_GET['id']);
} else {
update_record($_GET['id'], $_POST);
}
}
if (!isset($_GET['id'])) {
header('Location: /');
exit;
}
$person = load_record($_GET['id']);
if (empty($person)) {
header('Location: /');
exit;
}
$updates = get_updates($_GET['id']);
$comments = get_comments($_GET['id']);
$photos = get_photos($_GET['id']);
$searcher = get_searcher($_GET['id']);
$title = $person['fullname'];
//$title = msg('People');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>