function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
{
$theid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
if (isset($variables["userschanged"])) {
if ($variables["userschanged"] == 1) {
$this->assignUsers($theid, $variables["newusers"]);
}
}
return $theid;
}
function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
{
$newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
//we need to create the some default supporting records
//first a single column.
$querystatement = "INSERT INTO `tablecolumns`\n\t\t\t(`tabledefid`, `name`, `column`, `align`, `footerquery`, `displayorder`, `sortorder`, `wrap`, `size`, `format`, `roleid`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','id','" . $variables["maintable"] . ".id','left','',0,'',0,'',NULL, '');";
$this->db->query($querystatement);
//next default button options
$querystatement = "INSERT INTO `tableoptions` (`tabledefid`, `name`, `option`, `needselect`, `othercommand`, `roleid`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','new','1',0,0, '');";
$this->db->query($querystatement);
$querystatement = "INSERT INTO `tableoptions` (`tabledefid`, `name`, `option`, `needselect`, `othercommand`, `roleid`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','edit','1','1',0, '');";
$this->db->query($querystatement);
$querystatement = "INSERT INTO `tableoptions` (`tabledefid`, `name`, `option`, `needselect`, `othercommand`, `roleid`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','printex','1',0,0, '');";
$this->db->query($querystatement);
$querystatement = "INSERT INTO `tableoptions` (`tabledefid`, `name`, `option`, `needselect`, `othercommand`, `roleid`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','select','1',0,0,'');";
$this->db->query($querystatement);
$querystatement = "INSERT INTO `tableoptions` (`tabledefid`, `name`, `option`, `needselect`, `othercommand`, `roleid`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','import','0',0,0,'Admin');";
$this->db->query($querystatement);
//next quicksearch
$querystatement = "INSERT INTO `tablefindoptions` (`tabledefid`, `name`, `search`, `displayorder`, `roleid`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','All Records','" . $variables["maintable"] . ".id!=-1',0, '');";
$this->db->query($querystatement);
//and last findfields
$querystatement = "INSERT INTO `tablesearchablefields` (`tabledefid`, `field`, `name`, `displayorder`, `type`)\n\t\t\tVALUES ('" . $variables["uuid"] . "','" . $variables["maintable"] . ".id','id',1,'field');";
$this->db->query($querystatement);
return $newid;
}
function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
{
$newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
if (isset($variables["completed"]) && isset($variables["repeating"])) {
$this->repeatTask($newid);
}
return $newid;
}
function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
{
$newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
//restore the fields
$this->getTableInfo();
return $newid;
}
function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
{
$newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
if (is_array($newid)) {
$newUuid = $newid["uuid"];
} else {
$newUuid = $variables["uuid"];
}
//need to create the address and addresstorecord id
// make sure we are not setting extra info
unset($this->address->fields["email"]);
unset($this->address->fields["phone"]);
unset($this->address->fields["notes"]);
unset($variables["id"]);
// This breaks the import otherwise...needs further testing and possibly a better solution
$variables["title"] = "Main Address";
$variables["tabledefid"] = "tbld:6d290174-8b73-e199-fe6c-bcf3d4b61083";
$variables["recordid"] = $newUuid;
$variables["uuid"] = "";
$variables["defaultshipto"] = 1;
$variables["primary"] = 1;
if ($newUuid) {
// temporary fix... may need to verify client id before hand... dunno
$variables = $this->address->prepareVariables($variables);
$errorArray = $this->address->verifyVariables($variables);
if (!count($errorArray)) {
/**
* If we are replacing the record, we need to cut the links
* from the client to the old address record.
*/
if ($replace) {
$querystatement = "\n\t\t\t\t\t\t\tDELETE FROM\n\t\t\t\t\t\t\t\t`addresstorecord`\n\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t`recordid` = '" . $newUuid . "'\n\t\t\t\t\t\t";
$queryresult = $this->db->query($querystatement);
}
//end if
$this->address->insertRecord($variables, $createdby);
} else {
foreach ($errorArray as $error) {
$logError = new appError(-910, $error, "Address Verification Error");
}
}
//end if
}
//end if
//restore the fields
$this->address->getTableInfo();
return $newid;
}
/**
* Overriden phpbmstable function
*/
function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
{
if ($createdby === NULL) {
$createdby = $_SESSION["userinfo"]["id"];
}
$newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
if (is_array($newid)) {
$uuid = $newid["uuid"];
} else {
$uuid = $variables["uuid"];
}
if ($variables["catschanged"]) {
$this->updateCategories($uuid, $variables["addcats"]);
}
return $newid;
}
function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
{
$newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
if (ENCRYPT_PAYMENT_FIELDS && (isset($variables["ccnumber"]) || isset($variables["ccexpiration"]) || isset($variables["ccverification"]) || isset($variables["accountnumber"]) || isset($variables["routingnumber"]))) {
if ($useUuid) {
$whereclause = "`uuid` = '" . $newid["uuid"] . "'";
$variables["uuid"] = $newid["uuid"];
} else {
$whereclause = "`id` = '" . $newid . "'";
}
$querystatement = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\t`receipts`\n\t\t\t\t\tSET ";
$fieldlist = "";
if (isset($variables["ccnumber"])) {
$variables["ccnumber"] = mysql_real_escape_string($variables["ccnumber"]);
$fieldlist .= ", `ccnumber` = " . $this->db->encrypt("'" . $variables["ccnumber"] . "'");
}
//end if
if (isset($variables["ccexpiration"])) {
$variables["ccexpiration"] = mysql_real_escape_string($variables["ccexpiration"]);
$fieldlist .= ", `ccexpiration` = " . $this->db->encrypt("'" . $variables["ccexpiration"] . "'");
}
//end if
if (isset($variables["ccverification"])) {
$variables["ccverification"] = mysql_real_escape_string($variables["ccverification"]);
$fieldlist .= ", `ccverification` = " . $this->db->encrypt("'" . $variables["ccverification"] . "'");
}
//end if
if (isset($variables["accountnumber"])) {
$variables["accountnumber"] = mysql_real_escape_string($variables["accountnumber"]);
$fieldlist .= ", `accountnumber` = " . $this->db->encrypt("'" . $variables["accountnumber"] . "'");
}
//end if
if (isset($variables["routingnumber"])) {
$variables["routingnumber"] = mysql_real_escape_string($variables["routingnumber"]);
$fieldlist .= ", `routingnumber` = " . $this->db->encrypt("'" . $variables["routingnumber"] . "'");
}
//end if
$fieldlist = substr($fieldlist, 1);
$querystatement .= $fieldlist . " WHERE `posted` = '0' AND " . $whereclause;
$this->db->query($querystatement);
}
//end if
if ($variables["itemschanged"] == 1) {
if ($this->receiptitems === NULL) {
$this->receiptitems = new receiptitems($this->db);
}
$this->receiptitems->set($variables["itemslist"], $variables["uuid"], $variables["clientid"], $createdby);
}
//end if
return $newid;
}
function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
{
$variables = $this->prepareVariables($variables);
return parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
}
function _createServiceCharge($arrecord, $percentage)
{
if ($arrecord["amount"] - $arrecord["paid"] <= 0) {
return false;
}
$newAmount = round(($arrecord["amount"] - $arrecord["paid"]) * ($percentage / 100), CURRENCY_ACCURACY);
if ($newAmount <= 0) {
return false;
}
if (!class_exists("phpbmsTable")) {
include "include/tables.php";
}
$aritems = new phpbmsTable($this->db, "tbld:c595dbe7-6c77-1e02-5e81-c2e215736e9c");
$newarrecord = array();
$newarrecord["uuid"] = uuid($aritems->prefix . ":");
$newarrecord["type"] = "service charge";
$newarrecord["status"] = "open";
$newarrecord["posted"] = 1;
$newarrecord["amount"] = $newAmount;
$newarrecord["itemdate"] = dateToString($this->agingDate);
$newarrecord["clientid"] = $arrecord["clientid"];
$newarrecord["relatedid"] = $arrecord["relatedid"];
$aritems->insertRecord($newarrecord, $this->userid);
return true;
}
function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
{
$newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
$reportSettings = new reportSettings($this->db, $variables["uuid"]);
$reportSettings->createFromDefaults($variables["reportfile"]);
return $newid;
}
/**
* function process
* Process request array posted to api
*
* The method process() loops through the request array, and attempts to
* find a corresponding function to run for the request. It first looks for
* a corresponding api class to load. If it does not find it, it next to
* see if there is an overriden table class file, and finally if none of
* these are present, it uses the standard table class.
*
*/
function process()
{
$i = 1;
$tabledefid = null;
if (!is_array($this->data)) {
$this->sendError("Passed data malformed. Was expecting an array.", $this->data, true);
}
foreach ($this->data as $request) {
if (!is_array($request)) {
$this->sendError("Malformed request number " . $i, $request);
}
if (!isset($request["tabledefid"]) || !isset($request["command"]) || !isset($request["data"])) {
$this->sendError("Malformed request number " . $i, $request);
}
/**
* Process the options and populate the options object.
*/
if (!isset($request["options"])) {
$request["options"] = NULL;
}
$this->processOptions($request["options"]);
if ((int) $request["tabledefid"] !== $tabledefid) {
$tabledefid = mysql_real_escape_string($request["tabledefid"]);
//First let's get the table information from the tabledef
$querystatement = "\n SELECT\n `maintable`,\n `deletebutton`,\n `querytable`,\n `modules`.`name`,\n `apiaccessible`\n FROM\n `tabledefs` INNER JOIN `modules` ON tabledefs.moduleid = modules.uuid\n WHERE\n tabledefs.uuid = '" . $tabledefid . "'\n ";
$queryresult = $this->db->query($querystatement);
if ($this->db->numRows($queryresult) == 0) {
if (!in_array($request["command"], array("procedure", "getsetting"))) {
$this->sendError("Invalid tabledefid (" . $tabledefid . ") from request number " . $i);
continue;
} else {
$deletebutton = "delete";
$maintable = "settings";
$modulename = "base";
$hasAPIOveride = false;
$hasTableClassOveride = false;
}
//endif
} else {
$therecord = $this->db->fetchArray($queryresult);
if (!$therecord["apiaccessible"]) {
$this->sendError("Invalid tabledefid (" . $tabledefid . ") from request number " . $i . ": This table definition is inaccessible via api.");
continue;
}
//endif
$deletebutton = $therecord["deletebutton"];
$maintable = $therecord["maintable"];
$modulename = $therecord["name"];
//check for ovridding classes only once.
$hasAPIOveride = file_exists("../extendedapi/" . $maintable . ".php");
$hasTableClassOveride = file_exists("../" . $modulename . "/include/" . $maintable . ".php");
}
//endif
}
//endif
/* Order in which to check for processors is as follows:
If the extendedAPI module is present, look for a file matching the main
table name of the table def.
Example: modules/extendedapi/clients.php
If a table class file exists in the module's include folder
use that.
Example: modules/bms/include/clients.php
Use the standard class module.
*/
$methodName = "";
if ($hasAPIOveride) {
// Found an API module table php
@(include_once "modules/extendedapi/" . $maintable . ".php");
$className = $className . "Api";
if (class_exists($className)) {
$processor = new $className($this->db);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
if (!method_exists($processor, $request["command"])) {
$methodName = $request["command"];
$this->response[] = $processor->{$methodName}($request["data"], $this->options->useUuid);
}
//endif
}
//end if
}
//endif
/* If the command starts with api_, and there is a request overload, let's assume they
are trying to call a homeade function in the ovveriden phpBMS table that they created.
*/
if (!$methodName && substr($request["command"], 0, 4) == "api_" && $hasTableClassOveride) {
include_once "include/tables.php";
@(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
if (class_exists($maintable)) {
$processor = new $maintable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
if (method_exists($processor, $request["command"])) {
$methodName = $request["command"];
$this->response[] = $processor->{$methodName}($request["data"], $this->options->useUuid);
}
//endif
}
//endif
if (!$methodName) {
/* Either using the modules overriden table class or search
functions class or the standard one There are several
standard commands that can be passed:
* insert - calls the tabledefs insertRecord command, the
same command that is called on standard
phpBMS forms. a variable array should be
passed in the request data.
* update - calls the tabledefs iupdateRecord command, the
same command that is called on standard
phpBMS forms. a variable array should be
passed in the request data
* delete (or the corresponding delete button command)
- calls the deleteRecord searchFunctions command
data should be an array of ids
* procedure - This calls a stored MySQL stored procedure
request data should pass an object with the
(name) and optionally an array of any
(parameters)
In addition, you can pass a command that corresponds to
any additional commands as defined in the table definition
the request data passed should contain an array of ids
*/
switch ($request["command"]) {
case "ping":
//======================================================
$this->_addToResponse("message", "Everything is phpBMSy!");
break;
case "getDefaults":
include_once "include/tables.php";
if ($hasTableClassOveride) {
@(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
if (class_exists($maintable)) {
$processor = new $maintable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
$therecord = $processor->getDefaults();
$this->_addToResponse("retrieved", "defaults retrieved in tabledef " . $tabledefid, $therecord);
break;
case "insert":
//======================================================
include_once "include/tables.php";
if ($hasTableClassOveride) {
@(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
if (class_exists($maintable)) {
$processor = new $maintable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
$errorArray = $processor->verifyVariables((array) $request["data"]);
if (count($errorArray)) {
$this->sendError("Insert failed from request number " . $i, $errorArray);
} else {
$overrideID = false;
if (is_array($request["data"])) {
if (isset($request["data"]["id"])) {
if ((int) $request["data"]["id"] !== 0) {
$overrideID = true;
}
if ($this->options->keepDestId && isset($request["data"]["uuid"]) && $this->options->useUuid) {
$request["data"]["id"] = getId($this->db, $processor->uuid, $request["data"]["uuid"]);
}
} elseif ($this->options->keepDestId && isset($request["data"]["uuid"]) && $this->options->useUuid) {
$request["data"]["id"] = getId($this->db, $processor->uuid, $request["data"]["uuid"]);
}
}
$createUuid = true;
if (is_array($request["data"])) {
if (isset($request["data"]["uuid"])) {
if ((string) $request["data"]["uuid"] !== "") {
$overrideID = true;
$createUuid = false;
}
}
}
//end if
if (!isset($processor->fields["uuid"])) {
$createUuid = false;
}
$newid = $processor->insertRecord($request["data"], NULL, $overrideID, true, $createUuid);
if ($newid) {
if ($createUuid) {
$this->_addToResponse("added", "record added to tabledef " . $tabledefid, $newid["uuid"]);
} elseif (isset($processor->fields["uuid"])) {
$this->_addToResponse("added", "record added to tabledef " . $tabledefid, $request["data"]["uuid"]);
} else {
$this->_addToResponse("added", "record added to tabledef " . $tabledefid, $newid);
}
//end if
} else {
$this->sendError("Insert failed from request number " . $i);
}
}
//endif
break;
case "update":
//======================================================
include_once "include/tables.php";
if ($hasTableClassOveride) {
@(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
if (class_exists($maintable)) {
$processor = new $maintable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
$errorArray = $processor->verifyVariables($request["data"]);
if ($this->options->useUuid) {
if (!isset($request["data"]["uuid"])) {
$errorArray[] = "The `uuid` field must be set.";
}
} else {
if (!isset($request["data"]["id"])) {
$errorArray[] = "The `id` field must be set.";
}
}
//end if
if (count($errorArray)) {
$this->sendError("Update failed from request number " . $i, $errorArray);
} else {
$processor->updateRecord($request["data"], NULL, (bool) $this->options->useUuid);
$this->_addToResponse("updated", "record updated in tabledef " . $tabledefid);
}
//endif
break;
case "get":
//======================================================
include_once "include/tables.php";
if ($hasTableClassOveride) {
@(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
if (class_exists($maintable)) {
$processor = new $maintable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
$errorMessage = "";
if ($this->options->useUuid) {
if (!isset($request["data"]["uuid"])) {
$errorMessage = "The `uuid` field must be set.";
}
} else {
if (!isset($request["data"]["id"])) {
$errorMessage = "The `id` field must be set.";
}
}
//end if
if ($errorMessage) {
$this->sendError("Get failed from request number " . $i, $errorMessage);
} elseif (!$this->options->useUuid) {
$therecord = $processor->getRecord((int) $request["data"]["id"], $this->options->useUuid);
$thereturn = $therecord["id"];
$thevalue = (int) $request["data"]["id"];
} else {
$therecord = $processor->getRecord(mysql_real_escape_string($request["data"]["uuid"]), $this->options->useUuid);
$thereturn = $therecord["uuid"];
$thevalue = $request["data"]["uuid"];
}
if ($thereturn == $thevalue) {
$this->_addToResponse("retrieved", "record (" . htmlQuotes($thevalue) . ") retrieved in tabledef " . $tabledefid, $therecord);
} else {
$this->_addToResponse("retrieved", "no record found (" . htmlQuotes($thevalue) . ") in tabledef " . $tabledefid);
}
break;
case "delete":
case $deletebutton:
//======================================================
if (!is_array($request["data"])) {
$this->sendError("Passed data is not array in request number " . $i, $request["data"]);
} else {
include_once "include/search_class.php";
if ($hasTableClassOveride) {
@(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
$className = $maintable . "SearchFunctions";
if (class_exists($className)) {
$processor = new $className($this->db, $tabledefid, $request["data"]);
} else {
$processor = new searchFunctions($this->db, $tabledefid, $request["data"]);
}
} else {
$processor = new searchFunctions($this->db, $tabledefid, $request["data"]);
}
$result = $processor->delete_record($this->options->useUuid);
$this->_addToResponse($request["command"], $result);
}
//endif
break;
case "procedure":
//======================================================
if (!is_array($request["data"])) {
$this->sendError("Wrong passed procedure format, expected object in request number " . $i, $request["data"]);
} else {
if (!isset($request["data"]["name"])) {
$this->sendError("Wrong passed procedure format, name missing in request number " . $i, $request["data"]);
} else {
//check to see if stored procedure exists
$querystatement = "\n SHOW PROCEDURE STATUS LIKE '" . mysql_real_escape_string($request["data"]["name"]) . "'\n ";
$queryresult = $this->db->query($querystatement);
if ($this->db->numRows($queryresult) === 0) {
$this->sendError("Procedure '" . $request["data"]["name"] . "' does not exist in request number " . $i, $request["data"]);
} else {
$parameterList = "";
if (isset($request["data"]["parameters"])) {
foreach ($request["data"]["parameters"] as $parameter) {
$parameterList .= ", '" . mysql_real_escape_string($parameter) . "'";
}
}
if ($parameterList) {
$parameterList = substr(1, $parameterList);
}
$procedurestatement = "\n CALL " . $request["data"]["name"] . "(" . $parameterList . ")";
$queryresult = $this->db->query($procedurestatement);
$result = array();
while ($therecord = $this->db->fetchArray($queryresult)) {
$result[] = $therecord;
}
$this->_addToResponse("result", "Procedure '" . $request["data"]["name"] . "' returned (" . $this->db->numRows($queryresult) . ") in request number " . $i, $result);
}
//endif
}
//endif
}
//endif
break;
case "getsetting":
//======================================================
if (!is_array($request["data"])) {
$this->sendError("Wrong passed data format, expected array in request number " . $i, $request["data"]);
} else {
$whereclause = "";
foreach ($request["data"] as $settingName) {
$whereclause = "OR `name` = '" . mysql_real_escape_string($settingName) . "' ";
}
if ($whereclause) {
$whereclause = "WHERE " . substr($whereclause, 2);
}
$querystatement = "\n SELECT\n `name`,\n `value`\n FROM\n `settings`\n " . $whereclause;
$queryresult = $this->db->query($querystatement);
$settings = array();
while ($therecord = $this->db->fetchArray($queryresult)) {
$settings[$therecord["name"]] = $therecord["value"];
}
$this->_addToResponse("result", "GetSettings returned (" . count($settings) . ") in request number " . $i, $settings);
}
//endif
break;
default:
//======================================================
// a catch all for other requests. This should correspond
// to an ovrriden search class function only. Calling
// some commands can cause response errors so be careful
if (!is_array($request["data"]) && !$hasTableClassOveride) {
$this->sendError("Passaed data is not array or function (" . $request["command"] . ") does not exist in request number " . $i, $request["data"]);
} else {
@(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
$className = $maintable . "SearchFunctions";
if (!class_exists($className)) {
$this->sendError("Function (" . $request["command"] . ") does not exist in request number " . $i, $request["data"]);
} else {
$processor = new $className($this->db, $tabledefid, $request["data"]);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
$methodName = $request["command"];
if (!method_exists($processor, $methodName)) {
$this->sendError("Function (" . $request["command"] . ") does not exist in request number " . $i, $request["data"]);
} else {
$result = $processor->{$methodName}();
$this->_addToResponse($request["command"], $result);
}
//endif method_exists
}
//endif $className
}
//endif
break;
}
//endswitch $request["command"]
}
//endif $modulename
$i++;
}
//endforeach
$this->displayResult();
}
function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
{
if ($createdby === NULL) {
$createdby = $_SESSION["userinfo"]["id"];
}
$newid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
$id = $newid;
if (isset($newid["uuid"])) {
$id = $newid["id"];
}
if (ENCRYPT_PAYMENT_FIELDS && (isset($variables["ccnumber"]) || isset($variables["ccexpiration"]) || isset($variables["ccverification"]) || isset($variables["accountnumber"]) || isset($variables["routingnumber"]))) {
if ($useUuid) {
$whereclause = "`uuid` = '" . $newid["uuid"] . "'";
} else {
$whereclause = "`id` = '" . $newid . "'";
}
$querystatement = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\t`invoices`\n\t\t\t\t\tSET ";
$fieldlist = "";
if (isset($variables["ccnumber"])) {
$variables["ccnumber"] = mysql_real_escape_string($variables["ccnumber"]);
$fieldlist .= ", `ccnumber` = " . $this->db->encrypt("'" . $variables["ccnumber"] . "'");
}
//end if
if (isset($variables["ccexpiration"])) {
$variables["ccexpiration"] = mysql_real_escape_string($variables["ccexpiration"]);
$fieldlist .= ", `ccexpiration` = " . $this->db->encrypt("'" . $variables["ccexpiration"] . "'");
}
//end if
if (isset($variables["ccverification"])) {
$variables["ccverification"] = mysql_real_escape_string($variables["ccverification"]);
$fieldlist .= ", `ccverification` = " . $this->db->encrypt("'" . $variables["ccverification"] . "'");
}
//end if
if (isset($variables["accountnumber"])) {
$variables["accountnumber"] = mysql_real_escape_string($variables["accountnumber"]);
$fieldlist .= ", `accountnumber` = " . $this->db->encrypt("'" . $variables["accountnumber"] . "'");
}
//end if
if (isset($variables["routingnumber"])) {
$variables["routingnumber"] = mysql_real_escape_string($variables["routingnumber"]);
$fieldlist .= ", `routingnumber` = " . $this->db->encrypt("'" . $variables["routingnumber"] . "'");
}
//end if
$fieldlist = substr($fieldlist, 1);
$querystatement .= $fieldlist . " WHERE `type` != 'Invoice' AND `type` != 'VOID' AND " . $whereclause;
$this->db->query($querystatement);
}
//end if
if (!isset($variables["billingsaveoptions"])) {
$variables["billingsaveoptions"] = NULL;
}
if (!isset($variables["shiptosaveoptions"])) {
$variables["shiptosaveoptions"] = NULL;
}
if ($variables["billingsaveoptions"] != "orderOnly" || $variables["shiptosaveoptions"] != "orderOnly") {
require_once "addresses.php";
require_once "addresstorecord.php";
if (!isset($variables["uuid"])) {
$variables["uuid"] = getUuid($this->db, $this->uuid, $newid);
}
$newuuid = mysql_real_escape_string($variables["uuid"]);
$this->addressUpdate($variables, $newuuid, $createdby, "billing");
$this->addressUpdate($variables, $newuuid, $createdby, "shipping");
}
//end if
if (!isset($variables["lineitemschanged"])) {
$variables["lineitemschanged"] = '';
}
if ($variables["lineitemschanged"] == 1) {
if ($this->lineitems === NULL) {
$this->lineitems = new lineitems($this->db, $id);
} else {
$this->lineitems->invoiceid = $id;
}
$this->lineitems->set($variables["thelineitems"], $createdby);
}
//end if
if (!isset($variables["statusdate"])) {
$variables["statusdate"] = '';
}
if (!isset($variables["assignedtoid"])) {
$variables["assignedtoid"] = '';
}
//if($variables["statuschanged"]==1)
$this->updateStatus($id, $variables["statusid"], $variables["statusdate"], $variables["assignedtoid"], $replace);
if ($variables["clienttype"] == "prospect" && $variables["type"] == "Order") {
$this->prospectToClient($variables["clientid"]);
}
return $newid;
}
function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false)
{
$this->fields["password"]["type"] = "password";
unset($this->fields["lastlogin"]);
$theid = parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
//reset field information
$this->fields = $this->db->tableInfo($this->maintable);
return $theid;
}
