$fundingObj->FundingSourceID = sqlEscapeString($FundingSourceID);
$fundingObj->FundingTypeID = sqlEscapeString($FundingTypeID);
$fundingObj->AwardDate = sqlEscapeString($AwdDate);
$fundingObj->AwardAmount = sqlEscapeString($AwardAmount);
$fundingObj->Comment = sqlEscapeString($Comment);
$fundingObj->CompanyID = sqlEscapeString($CompanyID);
//Financing
$financingObj->CompanyID = sqlEscapeString($CompanyID);
$financingObj->Date = sqlEscapeString($Date);
$financingObj->Amount = sqlEscapeString($Amount);
$financingObj->FinancingType = sqlEscapeString($FinancingType);
$financingObj->FinancingProvider1 = sqlEscapeString($FinancingProvider1);
$financingObj->FinancingProvider2 = sqlEscapeString($FinancingProvider2);
$financingObj->FinancingProvider3 = sqlEscapeString($FinancingProvider3);
$financingObj->FinancingProvider4 = sqlEscapeString($FinancingProvider4);
$financingObj->DataSource = sqlEscapeString($DataSource);
//error_log(print_r($companyObj));
//error_log(print_r($fundingObj));
//error_log(print_r($financingObj));
// include the data access class
include_once "SQLUtils.php";
// init the return code
$retVal = array(false, "Data not inserted");
// insert/update the data
$retVal = updateObjectReturnID($fundingObj);
//error_log("Funding: " .$retVal);
$validated = $retVal[0];
// set the return codes and messages
if ($retVal[0]) {
// init the return code
$retVal = array(false, "Data not inserted");
// validate that the education data is good
if (isset($Number) && !empty($Number) || isset($WorkHisDetail) && !empty($WorkHisDetail) || isset($PositionHeld) && !empty($PositionHeld) || $W_From != "-1" && $W_To != "-1" || isset($Seniority) && !empty($Seniority) || isset($Position_Domain) && !empty($Position_Domain) || isset($Industry) && !empty($Industry) || isset($Sector) && !empty($Sector)) {
// create a new founderEdu object
$founderWorkHisObj = new FounderWorkHis();
//load the FounderEdu object with the page parameters
//$founderWorkHisObj->Number = sqlEscapeString($Number);
//$founderWorkHisObj->WorkHisID = sqlEscapeString($WorkHisID);
$founderWorkHisObj->FounderID = sqlEscapeString($FounderID);
$founderWorkHisObj->WorkHisDetail = sqlEscapeString($WorkHisDetail);
$founderWorkHisObj->PositionHeld = sqlEscapeString($PositionHeld);
$founderWorkHisObj->Seniority = sqlEscapeString($Seniority);
$founderWorkHisObj->Position_Domain = sqlEscapeString($Position_Domain);
$founderWorkHisObj->W_From = sqlEscapeString($W_From);
$founderWorkHisObj->W_To = $W_To;
$founderWorkHisObj->Industry = sqlEscapeString($Industry);
$founderWorkHisObj->Sector = sqlEscapeString($Sector);
$founderWorkHisObj->LastUpdated = date('Y-m-d H:i:s');
$founderWorkHisObj->LastUpdatedBy = $userInfo->ID;
// include the data access class
include_once "SQLUtils.php";
// init the return code
$retVal = array(false, "Data not inserted");
//insert/update data
$retVal = updateObject($founderWorkHisObj);
// set the informational message from the update
$validated = $retVal[0];
$validationMessage = $retVal[1];
// if succeeded clear out the fields
if ($retVal[0]) {
//$Number = '';
$WorkHisDetail = '';
} else {
//
$validated = false;
$validationMessage = 'The founder "' . $FirstName . ' ' . $MidInitial . ' ' . $LastName . '" is in our database. Please select your founder below.';
$duplicatedFounder = $retVal[1];
}
} else {
$validated = false;
$validationMessage = "Please enter the first and last name.";
}
}
// is this a post to add a selected founder
if (isset($AddSelectedFounder)) {
// validation
if (isset($dupeSelect) && !empty($dupeSelect)) {
$retVal = checkForDuplicateRelationshipFounderName(sqlEscapeString($dupeSelect), sqlEscapeString($CompanyID));
if ($retVal[0] == false) {
// get the conpany object definition loaded
include_once "FounderToCompanyJoin.cls.php";
// create a new company object
$founderToCompany = new FounderToCompanyJoin();
// load the join object
$founderToCompany->FounderID = $dupeSelect;
$founderToCompany->CompanyID = $CompanyID;
// include the data access class
include_once "SQLUtils.php";
// init the return code
$retVal = array(false, "Data not inserted");
// insert the data
$retVal = updateObject($founderToCompany);
// set the return codes and messages
$FirstName = htmlspecialchars($FirstName, ENT_QUOTES);
$LastName = htmlspecialchars($LastName, ENT_QUOTES);
$MidInitial = htmlspecialchars($MidInitial, ENT_QUOTES);
// check for a duplucate name or prev/other name
$retVal = checkForDuplicateFounderName($FirstName, $LastName, $MidInitial);
// was this a new founder
if ($retVal[0] == false) {
// get the founder object definition loaded
include_once "Founder.cls.php";
// create a new founder object
$founder = new Founder();
// load the founder object
$founder->FirstName = sqlEscapeString($FirstName);
$founder->LastName = sqlEscapeString($LastName);
$founder->MidInitial = sqlEscapeString($MidInitial);
$founder->CompanyName = sqlEscapeString($CompanyName);
$founder->LastUpdatedBy = $userInfo->ID;
// include the data access class
include_once "SQLUtils.php";
// init the return code
$retVal = array(false, "Data not inserted");
// insert the data
$retVal = updateObjectReturnID($founder);
// set the return codes and messages
$validated = $retVal[0];
$validationMessage = $retVal[1];
// clear out for the next run
$FirstName = '';
$LastName = '';
$MidInitial = '';
// redirect to the company detail page
function generateCSVData($selectedCol)
{
// include the data access class
include_once "SQLUtils.php";
$out = "";
// init the return code
$retVal = array(false, "No data.");
// create sql statement
$sql = "EXEC dbo.GetCompanies";
// get the data
$companyObjs = query($sql, "Company");
$colcount = 0;
// did we get valid data back
if (isset($companyObjs) && !empty($companyObjs) && count($companyObjs) > 0) {
// loop through the selected cols for the file header
foreach ($selectedCol as $Col) {
if ($Col == "UserName") {
$out .= '"Last Updated By",';
} else {
$out .= '"' . $Col . '",';
}
}
$out = substr($out, 0, strlen($out) - 1);
// put in a line feed/carriage return
$out .= PHP_EOL;
// loop through the data which are company ojbjects
foreach ($companyObjs as $companyObj) {
// loop trhough the selected cols for the output
foreach ($selectedCol as $Col) {
if (is_numeric($companyObj->{$Col})) {
$out .= sqlEscapeString($companyObj->{$Col}) . ',';
} else {
$out .= '"' . sqlEscapeString($companyObj->{$Col}) . '",';
}
// put in a line feed/carriage return
}
$out = substr($out, 0, strlen($out) - 1);
$out .= PHP_EOL;
}
return $out;
}
}
$companyObj->Fax = sqlEscapeString($Fax);
$companyObj->Inc_DE = nullpulldown($Inc_DE);
$companyObj->RTP = nullpulldown($RTP);
$companyObj->MoveoutNC = nullpulldown($MoveoutNC);
$companyObj->MoveoutDate = sqlEscapeString($MoveoutDate);
$companyObj->DUNS = sqlEscapeString($DUNS);
$companyObj->AffiliationID = nullpulldown($AffiliationID);
$companyObj->EntryType = sqlEscapeString($EntryType);
$companyObj->TLOSource = sqlEscapeString($TLOSource);
$companyObj->TLOAffiliation = sqlEscapeString($TLOAffiliation);
$companyObj->IFUniAffiliation = sqlEscapeString($IFUniAffiliation);
$companyObj->RTPAnchor = sqlEscapeString($RTPAnchor);
$companyObj->EstaEntryLoc = sqlEscapeString($EstaEntryLoc);
$companyObj->EntryTypeSource = sqlEscapeString($EntryTypeSource);
$companyObj->EstEntryLocationSource = sqlEscapeString($EstEntryLocationSource);
$companyObj->CompanyAddressSource = sqlEscapeString($CompanyAddressSource);
// include the data access class
include_once "SQLUtils.php";
// init the return code
$retVal = array(false, "Data not inserted");
// insert/update the data
$retVal = updateObjectReturnID($companyObj);
// set the return codes and messages
$validated = $retVal[0];
$validationMessage = "Update successful.";
}
// if we camne in with a company ID
if (isset($CompanyID) && !empty($CompanyID)) {
// get the data
$company = doGetCompany($CompanyID);
// did we get a company back
$founderObj = new Founder();
// load the founder object with the page parameters
$founderObj->FounderID = $FounderID;
$founderObj->CompanyID = $CompanyID;
$founderObj->LastName = sqlEscapeString($LastName);
$founderObj->MidInitial = sqlEscapeString($MidInitial);
$founderObj->FirstName = sqlEscapeString($FirstName);
$founderObj->Suffix = sqlEscapeString($Suffix);
$founderObj->NameSource = sqlEscapeString($NameSource);
$founderObj->ContactInfoSource = sqlEscapeString($ContactInfoSource);
$founderObj->HomepageSource = sqlEscapeString($HomepageSource);
$founderObj->PhoneNumber = $PhoneNumber;
$founderObj->Email = sqlEscapeString($Email);
$founderObj->Homepage = sqlEscapeString($Homepage);
$founderObj->Other_Name = sqlEscapeString($Other_Name);
$founderObj->F_Remark = sqlEscapeString($F_Remark);
$founderObj->LastUpdated = date('Y-m-d H:i:s');
$founderObj->LastUpdatedBy = $userInfo->ID;
// if the user added a suffix save it
if ($Suffix != "-1") {
$founderObj->Suffix = $Suffix;
}
// include the data access class
include_once "SQLUtils.php";
// init the return code
$retVal = array(false, "Data not inserted");
// insert/update the data
$retVal = updateObjectReturnID($founderObj);
// set the return codes and messages
$validated = $retVal[0];
// updateObjectReturnID returns an id. so set update successful text if so
getExtraParams(array("CompanyID", "FundingID", "AcquisitionID", "Refresh", "Update", "AddAcquisition", "Source", "State", "Amount", "Date", "Source", "Remove"));
// set the title name to be displayed in the header
$title = "Acquisition Detail Information";
$scripts = "<script type=\"text/javascript\" src=\"AcquisitionDetails.js\" />";
// add flag to detect pages that need update messages
$DirtyPageEnabled = true;
// the update button was hit
if (isset($Update)) {
// create a new founder object
$acquisitionObj = new Acquisition();
// load the founder object with the page parameters
$acquisitionObj->AcquisitionID = sqlEscapeString($AcquisitionID);
$acquisitionObj->CompanyID = sqlEscapeString($CompanyID);
$acquisitionObj->Date = sqlEscapeString($Date);
$acquisitionObj->Amount = sqlEscapeString($Amount);
$acquisitionObj->Source = sqlEscapeString($Source);
// if the user added a suffix save it
//if($Suffix != "-1")
//$founderObj->Suffix = $Suffix;
// include the data access class
include_once "SQLUtils.php";
// init the return code
$retVal = array(false, "Data not inserted");
// insert/update the data
$retVal = updateObjectReturnID($acquisitionObj);
//error_log(print_r($retVal));
// set the return codes and messages
$validated = $retVal[0];
// updateObjectReturnID returns an id. so set update successful text if so
if ($validated) {
$validationMessage = "Update successful";
$title = "Founder Education Information";
$scripts = "<script type=\"text/javascript\" src=\"FounderEdu.js\" />";
// add flag to detect pages that need update messages
$DirtyPageEnabled = true;
// the update button was hit
if (isset($Update)) {
// validate that the education data is good
if (1) {
// create a new founderEdu object
$founderEduObj = new FounderEdu();
//load the FounderEdu object with the page parameters
//$founderEduObj->FounderEduID = NULL;
$founderEduObj->FounderID = $FounderID;
$founderEduObj->DegreeFrom = sqlEscapeString($NewDegreeFrom);
$founderEduObj->GraduatedYr = $NewGraduatedYr;
$founderEduObj->Major = sqlEscapeString($NewMajor);
$founderEduObj->LastUpdated = date('Y-m-d H:i:s');
$founderEduObj->LastUpdatedBy = $userInfo->ID;
$founderEduObj->DegreeLookupID = $NewDegreeType;
// include the data access class
include_once "SQLUtils.php";
// init the return code
$retVal = array(false, "Data not inserted");
//insert/update data
$retVal = updateObject($founderEduObj);
// set the informational message from the update
$validated = $retVal[0];
$validationMessage = $retVal[1];
// if succeeded clear out the fields
if ($retVal[0]) {
$NewMajor = '';
}
}
// is this a post to add a new founder
if (isset($AddFundingType)) {
// validation
if (isset($TypeName) && !empty($TypeName)) {
// check for a duplucate name or prev/other name
$retVal = checkForDuplicateTypeName($TypeName);
// was this a new founder
if ($retVal[0] == false) {
// get the founder object definition loaded
include_once "FundingType.cls.php";
// create a new founder object
$type = new FundingType();
// load the founder object
$type->Name = sqlEscapeString($TypeName);
// include the data access class
include_once "SQLUtils.php";
// init the return code
$retVal = array(false, "Data not inserted");
// insert the data
$retVal = updateObject($type);
// set the return codes and messages
$validated = $retVal[0];
$validationMessage = "Insert new type successful.";
// clear out for the next run
$TypeName = '';
} else {
// set the return codes and messages
$validated = false;
$validationMessage = 'Insertion of type "' . $TypeName . '" was not successful because duplicates were detected.</br></br>';
/**
name:sqlFormat
parm:string type
parm:any Value
parm:int Clip_Length
returns:string
Takes any input value and type and formats it for direct substitution
into a SQL string. So for instance character values are escaped for
quotes and then surrounded by single quotes. Numerics are returned
as-is, dates are formatted and so forth.
The optional third parameter specifies a maximum length for character
and varchar fields. If it is non-zero, the value will be clipped to
that length.
If you use this command for every value received from the browser when
you build SQL queries, then your code will be safe from SQL Injection
attacks. All framework commands that build queries use this command for
all literals provided to them.
*/
function sqlFormat($t, $v, $clip = 0)
{
global $AG;
switch ($t) {
case 'mime-x':
return "'" . base64_encode($v) . "'";
break;
case "char":
case "vchar":
case "text":
case "url":
case "obj":
case "cbool":
case 'ssn':
case 'ph12':
case "gender":
if ($clip > 0 && strlen($v) > $clip) {
$v = substr($v, 0, $clip);
}
return "'" . sqlEscapeString($v) . "'";
case "mime-h":
if ($clip > 0 && strlen($v) > $clip) {
$v = substr($v, 0, $clip);
}
return "'" . base64_encode($v) . "'";
break;
case "dtime":
if ($v == "") {
return "null";
} else {
return "'" . date('r', tsFromAny($v)) . "'";
}
break;
case "date":
case "rdate":
// A blank is sent as null to server
if ($v == "") {
return "null";
}
if ($v == '0') {
return 'null';
}
// Try to detect case like 060507
if (strlen($v) == 6 && strpos($v, '/') === false && strpos($v, '-') === false) {
$year = substr($v, 4);
$year = $year < 20 ? '20' . $year : '19' . $year;
$v = substr($v, 0, 2) . '/' . substr($v, 2, 2) . '/' . $year;
$v = strtotime($v);
} elseif (strlen($v) == 8 && strpos($v, '/') === false && strpos($v, '-') === false) {
if (substr($v, 0, 2) == '19' || substr($v, 0, 2) == '20') {
$v = substr($v, 0, 2) . '/' . substr($v, 2, 2) . '/' . substr($v, 4);
} else {
$v = substr($v, 4, 2) . '/' . substr($v, 6, 2) . '/' . substr($v, 0, 4);
}
$v = strtotime($v);
} elseif (!is_numeric($v)) {
// A USA prejudice, assume they will always enter m-d-y, and
// convert dashes to slashes so they can use dashes if they want
$v = str_replace('-', '/', $v);
$parts = explode('/', $v);
if (count($parts) == 2) {
$parts = array($parts[0], 1, $parts[1]);
}
if (strlen($parts[0]) == 4) {
$parts = array($parts[1], $parts[2], $parts[0]);
} elseif (strlen($parts[2]) == 2) {
$parts[2] = $parts[2] < 20 ? '20' . $parts[2] : '19' . $parts[2];
}
$v = implode('/', $parts);
$v = strtotime($v);
}
// Any case not handled above we conclude was a unix timestamp
// already. So by now we are confident we have a unix timestamp
return "'" . date('Y-m-d', $v) . "'";
break;
case "money":
case "numb":
case "int":
if ($v == "") {
return "0";
} else {
return sqlEscapeString(trim($v));
}
case "rtime":
case "time":
// Originally we were making users type this in, and here we tried
// to convert it. Now we use time drop-downs, which are nifty because
// the display times while having values of numbers, so we don't need
// this in some cases.
//if (strpos($v,":")===false) { return $v; }
if ($v == '') {
return 'null';
}
return $v;
//$arr = explode(":",$v);
//return ($arr[0]*60) + $arr[1];
}
}
// include the dump utils
include_once 'DumpUtils.php';
// include the pulldown helpers
include_once "Pulldown.php";
// get the user info object from the session
$userInfo = getUserSessionObj();
// get whether they clicked proceed and a possible RBP database ID
getExtraParams(array("validationMessage", "CompanyData", "FoundersData", "FundingData", "NoteData", "ProductData", "ExecutiveData", "EventData", "SearchCompanyName", "SearchCompany", "companySelect", "ViewSelectedCompany", "CompanySearchResult"));
// set the title name to be displayed in the header
$title = "Enter Company ID";
$scripts = "<script type=\"text/javascript\" src=\"EnterCompanyID.js\" />";
if (isset($SearchCompany)) {
// validation
if (isset($SearchCompanyName) && !empty($SearchCompanyName)) {
// search for company names
$retVal = searchForCompanyName(sqlEscapeString($SearchCompanyName));
// companies found
if ($retVal[0]) {
// set the validation error flag
$validated = false;
// reset the validation error message
$validationMessage = '';
// save the search results
$CompanySearchResult = $retVal[1];
} else {
// set the validation error flag
$validated = false;
// set the validation error message
$validationMessage = 'No Match Company was found.</br>';
// save the search results
$duplicatedFounder = $retVal[1];
$validationMessage = 'No Match Company was found.</br>';
// save the search results
$duplicatedFounder = $retVal[1];
}
} else {
// set the validation error flag
$validated = false;
// set the validation error message
$validationMessage = "Please enter the first and last name.";
}
}
// was the add selected company button hit
if (isset($AddSelectedCompany)) {
// is there a selected company
if (isset($companySelect) && !empty($companySelect) && is_numeric($companySelect)) {
$retVal = checkForDuplicateRelationship(sqlEscapeString($companySelect), sqlEscapeString($FounderID));
if ($retVal[0] == false) {
// get the conpany object definition loaded
include_once "FounderToCompanyJoin.cls.php";
// create a new company object
$founderToCompany = new FounderToCompanyJoin();
// load the join object
$founderToCompany->FounderID = $FounderID;
$founderToCompany->CompanyID = $companySelect;
// include the data access class
include_once "SQLUtils.php";
// init the return code
$retVal = array(false, "Data not inserted");
// insert the data
$retVal = updateObject($founderToCompany);
// set the return codes and messages
// set the title name to be displayed in the header
$title = "Merger Detail Information";
$scripts = "<script type=\"text/javascript\" src=\"MergerDetails.js\" />";
// add flag to detect pages that need update messages
$DirtyPageEnabled = true;
// the update button was hit
if (isset($Update)) {
// create a new founder object
$mergerObj = new Merger();
// load the founder object with the page parameters
$mergerObj->MergerID = sqlEscapeString($MergerID);
$mergerObj->CompanyID = sqlEscapeString($CompanyID);
$mergerObj->StateID = sqlEscapeString($StateID);
$mergerObj->Date = sqlEscapeString($Date);
$mergerObj->Amount = sqlEscapeString($Amount);
$mergerObj->Source = sqlEscapeString($Source);
// if the user added a suffix save it
//if($Suffix != "-1")
//$founderObj->Suffix = $Suffix;
// include the data access class
include_once "SQLUtils.php";
// init the return code
$retVal = array(false, "Data not inserted");
// insert/update the data
$retVal = updateObjectReturnID($mergerObj);
// set the return codes and messages
$validated = $retVal[0];
// updateObjectReturnID returns an id. so set update successful text if so
if ($validated) {
$validationMessage = "Update successful";
} else {
$eventObj->ProductType = sqlEscapeString($ProductType);
$eventObj->ECSource = sqlEscapeString($ECSource);
$eventObj->S1 = sqlEscapeString($S1);
$eventObj->S2 = sqlEscapeString($S2);
$eventObj->S3 = sqlEscapeString($S3);
$eventObj->S4 = sqlEscapeString($S4);
$eventObj->S5 = sqlEscapeString($S5);
$eventObj->S6 = sqlEscapeString($S6);
$eventObj->S7 = sqlEscapeString($S7);
$eventObj->S8 = sqlEscapeString($S8);
$eventObj->S9 = sqlEscapeString($S9);
$eventObj->S10 = sqlEscapeString($S10);
$eventObj->S11 = sqlEscapeString($S11);
$eventObj->S12 = sqlEscapeString($S12);
$eventObj->S13 = sqlEscapeString($S13);
$eventObj->S14 = sqlEscapeString($S14);
// if the user added a suffix save it
//if($Suffix != "-1")
//$founderObj->Suffix = $Suffix;
// include the data access class
include_once "SQLUtils.php";
// init the return code
$retVal = array(false, "Data not inserted");
// insert/update the data
$retVal = updateObjectReturnID($eventObj);
//error_log(print_r($retVal));
// set the return codes and messages
$validated = $retVal[0];
// updateObjectReturnID returns an id. so set update successful text if so
if ($validated) {
$validationMessage = "Update successful";