function updateRecord($variables, $modifiedby = NULL, $useUuid = false)
{
parent::updateRecord($variables, $modifiedby, $useUuid);
if ($variables["userschanged"] == 1) {
$this->assignUsers($variables["uuid"], $variables["newusers"]);
}
}
function updateRecord($variables, $modifiedby = NULL, $useUuid = false)
{
if (isset($variables["invoicedefault"])) {
$this->updateInvoiceDefault();
}
parent::updateRecord($variables, $modifiedby, $useUuid);
}
function updateRecord($variables, $modifiedby = NULL, $useUuid = false)
{
if (isset($variables["makeglobal"])) {
$variables["userid"] = '';
}
parent::updateRecord($variables, $modifiedby, $useUuid);
}
function updateRecord($variables, $modifiedby = NULL, $useUuid = false)
{
$thereturn = parent::updateRecord($variables, $modifiedby, $useUuid);
//restore the fields
$this->getTableInfo();
return $thereturn;
}
function updateRecord($variables, $modifiedby = NULL, $useUuid = false)
{
$thereturn = parent::updateRecord($variables, $modifiedby, $useUuid);
$this->getTableInfo();
if ($variables["typeCheck"] == "TS" && isset($variables["completed"]) && $variables["completedChange"] == 0) {
if ($variables["parentid"]) {
if (!$this->newerRepeats($variables["parentid"], $variables["id"])) {
$this->repeatTask($variables["parentid"]);
}
} elseif (isset($variables["repeating"])) {
if (!$this->newerRepeats($variables["id"], $variables["id"])) {
$this->repeatTask($variables["id"]);
}
}
//endif elseif
}
//endif
return $thereturn;
}
/**
* Overriden phpbmstable function
*/
function updateRecord($variables, $modifiedby = NULL, $useUuid = false)
{
parent::updateRecord($variables, $modifiedby, $useUuid);
if ($variables["catschanged"]) {
$this->updateCategories($variables["uuid"], $variables["addcats"]);
}
//need to reset the field information. If they did not have rights
// we temporarilly removed the fields to be updated.
$this->getTableInfo();
}
function updateRecord($variables, $modifiedby = NULL, $useUuid = false)
{
$thereturn = parent::updateRecord($variables, $modifiedby, $useUuid);
$variables["recordid"] = $variables["uuid"];
//here to pass addresstorecord validation
$variables["tabledefid"] = "tbld:6d290174-8b73-e199-fe6c-bcf3d4b61083";
//here to pass addresstorecord validation
//need to update the address
$variables["id"] = $variables["addressid"];
// don't want to blank out extra address information
// if it was added later.
unset($this->address->fields["email"]);
unset($this->address->fields["phone"]);
unset($this->address->fields["notes"]);
unset($this->address->fields["title"]);
unset($this->address->fields["createdby"]);
unset($this->address->fields["creationdate"]);
unset($this->address->fields["uuid"]);
$variables = $this->address->prepareVariables($variables);
$errorArray = $this->address->verifyVariables($variables);
if (!count($errorArray)) {
$this->address->updateRecord($variables, $modifiedby);
} else {
foreach ($errorArray as $error) {
$logError = new appError(-910, $error, "Address Verification Error");
}
}
//end if
//restore the fields
$this->address->getTableInfo();
return $thereturn;
}
function updateRecord($variables, $modifiedby = NULL, $useUuid = false)
{
$variables = $this->prepareVariables($variables);
return parent::updateRecord($variables, $modifiedby, $useUuid);
}
function updateRecord($variables, $modifiedby = NULL, $useUuid = false)
{
if (parent::updateRecord($variables, $modifiedby, $useUuid)) {
if (ENCRYPT_PAYMENT_FIELDS && (isset($variables["ccnumber"]) || isset($variables["ccexpiration"]) || isset($variables["ccverification"]) || isset($variables["accountnumber"]) || isset($variables["routingnumber"]))) {
if ($useUuid) {
$whereclause = "`uuid` = '" . mysql_real_escape_string($variables["uuid"]) . "'";
} else {
$whereclause = "`id` = '" . (int) $variables["id"] . "'";
}
$querystatement = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\t`receipts`\n\t\t\t\t\tSET ";
$fieldlist = "";
if (isset($variables["ccnumber"])) {
$variables["ccnumber"] = mysql_real_escape_string($variables["ccnumber"]);
$fieldlist .= ", `ccnumber` = " . $this->db->encrypt("'" . $variables["ccnumber"] . "'");
}
//end if
if (isset($variables["ccexpiration"])) {
$variables["ccexpiration"] = mysql_real_escape_string($variables["ccexpiration"]);
$fieldlist .= ", `ccexpiration` = " . $this->db->encrypt("'" . $variables["ccexpiration"] . "'");
}
//end if
if (isset($variables["ccverification"])) {
$variables["ccverification"] = mysql_real_escape_string($variables["ccverification"]);
$fieldlist .= ", `ccverification` = " . $this->db->encrypt("'" . $variables["ccverification"] . "'");
}
//end if
if (isset($variables["accountnumber"])) {
$variables["accountnumber"] = mysql_real_escape_string($variables["accountnumber"]);
$fieldlist .= ", `accountnumber` = " . $this->db->encrypt("'" . $variables["accountnumber"] . "'");
}
//end if
if (isset($variables["routingnumber"])) {
$variables["routingnumber"] = mysql_real_escape_string($variables["routingnumber"]);
$fieldlist .= ", `routingnumber` = " . $this->db->encrypt("'" . $variables["routingnumber"] . "'");
}
//end if
$fieldlist = substr($fieldlist, 1);
$querystatement .= $fieldlist . " WHERE `posted` = '0' AND " . $whereclause;
$this->db->query($querystatement);
}
//end if
if ($variables["itemschanged"] == 1) {
if ($this->receiptitems === NULL) {
$this->receiptitems = new receiptitems($this->db);
}
$this->receiptitems->set($variables["itemslist"], $variables["uuid"], $variables["clientid"], $modifiedby);
}
//end if
}
//end if
}
function updateRecord($variables, $modifiedby = NULL, $useUuid = false)
{
parent::updateRecord($variables, $modifiedby, $useUuid);
$reportSettings = new reportSettings($this->db, $variables["uuid"]);
$reportSettings->save($variables["rsDelList"], $variables["rsUpdates"], $variables["rsAdds"]);
}
/**
* function process
* Process request array posted to api
*
* The method process() loops through the request array, and attempts to
* find a corresponding function to run for the request. It first looks for
* a corresponding api class to load. If it does not find it, it next to
* see if there is an overriden table class file, and finally if none of
* these are present, it uses the standard table class.
*
*/
function process()
{
$i = 1;
$tabledefid = null;
if (!is_array($this->data)) {
$this->sendError("Passed data malformed. Was expecting an array.", $this->data, true);
}
foreach ($this->data as $request) {
if (!is_array($request)) {
$this->sendError("Malformed request number " . $i, $request);
}
if (!isset($request["tabledefid"]) || !isset($request["command"]) || !isset($request["data"])) {
$this->sendError("Malformed request number " . $i, $request);
}
/**
* Process the options and populate the options object.
*/
if (!isset($request["options"])) {
$request["options"] = NULL;
}
$this->processOptions($request["options"]);
if ((int) $request["tabledefid"] !== $tabledefid) {
$tabledefid = mysql_real_escape_string($request["tabledefid"]);
//First let's get the table information from the tabledef
$querystatement = "\n SELECT\n `maintable`,\n `deletebutton`,\n `querytable`,\n `modules`.`name`,\n `apiaccessible`\n FROM\n `tabledefs` INNER JOIN `modules` ON tabledefs.moduleid = modules.uuid\n WHERE\n tabledefs.uuid = '" . $tabledefid . "'\n ";
$queryresult = $this->db->query($querystatement);
if ($this->db->numRows($queryresult) == 0) {
if (!in_array($request["command"], array("procedure", "getsetting"))) {
$this->sendError("Invalid tabledefid (" . $tabledefid . ") from request number " . $i);
continue;
} else {
$deletebutton = "delete";
$maintable = "settings";
$modulename = "base";
$hasAPIOveride = false;
$hasTableClassOveride = false;
}
//endif
} else {
$therecord = $this->db->fetchArray($queryresult);
if (!$therecord["apiaccessible"]) {
$this->sendError("Invalid tabledefid (" . $tabledefid . ") from request number " . $i . ": This table definition is inaccessible via api.");
continue;
}
//endif
$deletebutton = $therecord["deletebutton"];
$maintable = $therecord["maintable"];
$modulename = $therecord["name"];
//check for ovridding classes only once.
$hasAPIOveride = file_exists("../extendedapi/" . $maintable . ".php");
$hasTableClassOveride = file_exists("../" . $modulename . "/include/" . $maintable . ".php");
}
//endif
}
//endif
/* Order in which to check for processors is as follows:
If the extendedAPI module is present, look for a file matching the main
table name of the table def.
Example: modules/extendedapi/clients.php
If a table class file exists in the module's include folder
use that.
Example: modules/bms/include/clients.php
Use the standard class module.
*/
$methodName = "";
if ($hasAPIOveride) {
// Found an API module table php
@(include_once "modules/extendedapi/" . $maintable . ".php");
$className = $className . "Api";
if (class_exists($className)) {
$processor = new $className($this->db);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
if (!method_exists($processor, $request["command"])) {
$methodName = $request["command"];
$this->response[] = $processor->{$methodName}($request["data"], $this->options->useUuid);
}
//endif
}
//end if
}
//endif
/* If the command starts with api_, and there is a request overload, let's assume they
are trying to call a homeade function in the ovveriden phpBMS table that they created.
*/
if (!$methodName && substr($request["command"], 0, 4) == "api_" && $hasTableClassOveride) {
include_once "include/tables.php";
@(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
if (class_exists($maintable)) {
$processor = new $maintable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
if (method_exists($processor, $request["command"])) {
$methodName = $request["command"];
$this->response[] = $processor->{$methodName}($request["data"], $this->options->useUuid);
}
//endif
}
//endif
if (!$methodName) {
/* Either using the modules overriden table class or search
functions class or the standard one There are several
standard commands that can be passed:
* insert - calls the tabledefs insertRecord command, the
same command that is called on standard
phpBMS forms. a variable array should be
passed in the request data.
* update - calls the tabledefs iupdateRecord command, the
same command that is called on standard
phpBMS forms. a variable array should be
passed in the request data
* delete (or the corresponding delete button command)
- calls the deleteRecord searchFunctions command
data should be an array of ids
* procedure - This calls a stored MySQL stored procedure
request data should pass an object with the
(name) and optionally an array of any
(parameters)
In addition, you can pass a command that corresponds to
any additional commands as defined in the table definition
the request data passed should contain an array of ids
*/
switch ($request["command"]) {
case "ping":
//======================================================
$this->_addToResponse("message", "Everything is phpBMSy!");
break;
case "getDefaults":
include_once "include/tables.php";
if ($hasTableClassOveride) {
@(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
if (class_exists($maintable)) {
$processor = new $maintable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
$therecord = $processor->getDefaults();
$this->_addToResponse("retrieved", "defaults retrieved in tabledef " . $tabledefid, $therecord);
break;
case "insert":
//======================================================
include_once "include/tables.php";
if ($hasTableClassOveride) {
@(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
if (class_exists($maintable)) {
$processor = new $maintable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
$errorArray = $processor->verifyVariables((array) $request["data"]);
if (count($errorArray)) {
$this->sendError("Insert failed from request number " . $i, $errorArray);
} else {
$overrideID = false;
if (is_array($request["data"])) {
if (isset($request["data"]["id"])) {
if ((int) $request["data"]["id"] !== 0) {
$overrideID = true;
}
if ($this->options->keepDestId && isset($request["data"]["uuid"]) && $this->options->useUuid) {
$request["data"]["id"] = getId($this->db, $processor->uuid, $request["data"]["uuid"]);
}
} elseif ($this->options->keepDestId && isset($request["data"]["uuid"]) && $this->options->useUuid) {
$request["data"]["id"] = getId($this->db, $processor->uuid, $request["data"]["uuid"]);
}
}
$createUuid = true;
if (is_array($request["data"])) {
if (isset($request["data"]["uuid"])) {
if ((string) $request["data"]["uuid"] !== "") {
$overrideID = true;
$createUuid = false;
}
}
}
//end if
if (!isset($processor->fields["uuid"])) {
$createUuid = false;
}
$newid = $processor->insertRecord($request["data"], NULL, $overrideID, true, $createUuid);
if ($newid) {
if ($createUuid) {
$this->_addToResponse("added", "record added to tabledef " . $tabledefid, $newid["uuid"]);
} elseif (isset($processor->fields["uuid"])) {
$this->_addToResponse("added", "record added to tabledef " . $tabledefid, $request["data"]["uuid"]);
} else {
$this->_addToResponse("added", "record added to tabledef " . $tabledefid, $newid);
}
//end if
} else {
$this->sendError("Insert failed from request number " . $i);
}
}
//endif
break;
case "update":
//======================================================
include_once "include/tables.php";
if ($hasTableClassOveride) {
@(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
if (class_exists($maintable)) {
$processor = new $maintable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
$errorArray = $processor->verifyVariables($request["data"]);
if ($this->options->useUuid) {
if (!isset($request["data"]["uuid"])) {
$errorArray[] = "The `uuid` field must be set.";
}
} else {
if (!isset($request["data"]["id"])) {
$errorArray[] = "The `id` field must be set.";
}
}
//end if
if (count($errorArray)) {
$this->sendError("Update failed from request number " . $i, $errorArray);
} else {
$processor->updateRecord($request["data"], NULL, (bool) $this->options->useUuid);
$this->_addToResponse("updated", "record updated in tabledef " . $tabledefid);
}
//endif
break;
case "get":
//======================================================
include_once "include/tables.php";
if ($hasTableClassOveride) {
@(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
if (class_exists($maintable)) {
$processor = new $maintable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
} else {
$processor = new phpbmsTable($this->db, $tabledefid);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
}
//end if
$errorMessage = "";
if ($this->options->useUuid) {
if (!isset($request["data"]["uuid"])) {
$errorMessage = "The `uuid` field must be set.";
}
} else {
if (!isset($request["data"]["id"])) {
$errorMessage = "The `id` field must be set.";
}
}
//end if
if ($errorMessage) {
$this->sendError("Get failed from request number " . $i, $errorMessage);
} elseif (!$this->options->useUuid) {
$therecord = $processor->getRecord((int) $request["data"]["id"], $this->options->useUuid);
$thereturn = $therecord["id"];
$thevalue = (int) $request["data"]["id"];
} else {
$therecord = $processor->getRecord(mysql_real_escape_string($request["data"]["uuid"]), $this->options->useUuid);
$thereturn = $therecord["uuid"];
$thevalue = $request["data"]["uuid"];
}
if ($thereturn == $thevalue) {
$this->_addToResponse("retrieved", "record (" . htmlQuotes($thevalue) . ") retrieved in tabledef " . $tabledefid, $therecord);
} else {
$this->_addToResponse("retrieved", "no record found (" . htmlQuotes($thevalue) . ") in tabledef " . $tabledefid);
}
break;
case "delete":
case $deletebutton:
//======================================================
if (!is_array($request["data"])) {
$this->sendError("Passed data is not array in request number " . $i, $request["data"]);
} else {
include_once "include/search_class.php";
if ($hasTableClassOveride) {
@(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
$className = $maintable . "SearchFunctions";
if (class_exists($className)) {
$processor = new $className($this->db, $tabledefid, $request["data"]);
} else {
$processor = new searchFunctions($this->db, $tabledefid, $request["data"]);
}
} else {
$processor = new searchFunctions($this->db, $tabledefid, $request["data"]);
}
$result = $processor->delete_record($this->options->useUuid);
$this->_addToResponse($request["command"], $result);
}
//endif
break;
case "procedure":
//======================================================
if (!is_array($request["data"])) {
$this->sendError("Wrong passed procedure format, expected object in request number " . $i, $request["data"]);
} else {
if (!isset($request["data"]["name"])) {
$this->sendError("Wrong passed procedure format, name missing in request number " . $i, $request["data"]);
} else {
//check to see if stored procedure exists
$querystatement = "\n SHOW PROCEDURE STATUS LIKE '" . mysql_real_escape_string($request["data"]["name"]) . "'\n ";
$queryresult = $this->db->query($querystatement);
if ($this->db->numRows($queryresult) === 0) {
$this->sendError("Procedure '" . $request["data"]["name"] . "' does not exist in request number " . $i, $request["data"]);
} else {
$parameterList = "";
if (isset($request["data"]["parameters"])) {
foreach ($request["data"]["parameters"] as $parameter) {
$parameterList .= ", '" . mysql_real_escape_string($parameter) . "'";
}
}
if ($parameterList) {
$parameterList = substr(1, $parameterList);
}
$procedurestatement = "\n CALL " . $request["data"]["name"] . "(" . $parameterList . ")";
$queryresult = $this->db->query($procedurestatement);
$result = array();
while ($therecord = $this->db->fetchArray($queryresult)) {
$result[] = $therecord;
}
$this->_addToResponse("result", "Procedure '" . $request["data"]["name"] . "' returned (" . $this->db->numRows($queryresult) . ") in request number " . $i, $result);
}
//endif
}
//endif
}
//endif
break;
case "getsetting":
//======================================================
if (!is_array($request["data"])) {
$this->sendError("Wrong passed data format, expected array in request number " . $i, $request["data"]);
} else {
$whereclause = "";
foreach ($request["data"] as $settingName) {
$whereclause = "OR `name` = '" . mysql_real_escape_string($settingName) . "' ";
}
if ($whereclause) {
$whereclause = "WHERE " . substr($whereclause, 2);
}
$querystatement = "\n SELECT\n `name`,\n `value`\n FROM\n `settings`\n " . $whereclause;
$queryresult = $this->db->query($querystatement);
$settings = array();
while ($therecord = $this->db->fetchArray($queryresult)) {
$settings[$therecord["name"]] = $therecord["value"];
}
$this->_addToResponse("result", "GetSettings returned (" . count($settings) . ") in request number " . $i, $settings);
}
//endif
break;
default:
//======================================================
// a catch all for other requests. This should correspond
// to an ovrriden search class function only. Calling
// some commands can cause response errors so be careful
if (!is_array($request["data"]) && !$hasTableClassOveride) {
$this->sendError("Passaed data is not array or function (" . $request["command"] . ") does not exist in request number " . $i, $request["data"]);
} else {
@(include_once "modules/" . $modulename . "/include/" . $maintable . ".php");
$className = $maintable . "SearchFunctions";
if (!class_exists($className)) {
$this->sendError("Function (" . $request["command"] . ") does not exist in request number " . $i, $request["data"]);
} else {
$processor = new $className($this->db, $tabledefid, $request["data"]);
$processor->dateFormat = $this->options->dateFormat;
$processor->timeFormat = $this->options->timeFormat;
$methodName = $request["command"];
if (!method_exists($processor, $methodName)) {
$this->sendError("Function (" . $request["command"] . ") does not exist in request number " . $i, $request["data"]);
} else {
$result = $processor->{$methodName}();
$this->_addToResponse($request["command"], $result);
}
//endif method_exists
}
//endif $className
}
//endif
break;
}
//endswitch $request["command"]
}
//endif $modulename
$i++;
}
//endforeach
$this->displayResult();
}
function updateRecord($variables, $modifiedby = NULL, $useUuid = false)
{
//can't modify an invoice
if (isset($variables["oldType"])) {
if ($variables["oldType"] == "Invoice") {
return false;
}
}
//can't modify payment information if you do not have sales rights
if (!hasRights("role:de7e6679-8bb2-29ee-4883-2fcd756fb120")) {
unset($this->fields["paymentmethodid"]);
unset($this->fields["checkno"]);
unset($this->fields["bankname"]);
unset($this->fields["ccnumber"]);
unset($this->fields["ccexpiration"]);
unset($this->fields["accountnumber"]);
unset($this->fields["routingnumber"]);
unset($this->fields["transactionid"]);
} else {
if (ENCRYPT_PAYMENT_FIELDS && (isset($variables["ccnumber"]) || isset($variables["ccexpiration"]) || isset($variables["ccverification"]) || isset($variables["accountnumber"]) || isset($variables["routingnumber"]))) {
if ($useUuid) {
$whereclause = "`uuid` = '" . mysql_real_escape_string($variables["uuid"]) . "'";
} else {
$whereclause = "`id` = '" . (int) $variables["id"] . "'";
}
$querystatement = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\t`invoices`\n\t\t\t\t\tSET ";
$fieldlist = "";
if (isset($variables["ccnumber"])) {
$variables["ccnumber"] = mysql_real_escape_string($variables["ccnumber"]);
$fieldlist .= ", `ccnumber` = " . $this->db->encrypt("'" . $variables["ccnumber"] . "'");
}
//end if
if (isset($variables["ccexpiration"])) {
$variables["ccexpiration"] = mysql_real_escape_string($variables["ccexpiration"]);
$fieldlist .= ", `ccexpiration` = " . $this->db->encrypt("'" . $variables["ccexpiration"] . "'");
}
//end if
if (isset($variables["ccverification"])) {
$variables["ccverification"] = mysql_real_escape_string($variables["ccverification"]);
$fieldlist .= ", `ccverification` = " . $this->db->encrypt("'" . $variables["ccverification"] . "'");
}
//end if
if (isset($variables["accountnumber"])) {
$variables["accountnumber"] = mysql_real_escape_string($variables["accountnumber"]);
$fieldlist .= ", `accountnumber` = " . $this->db->encrypt("'" . $variables["accountnumber"] . "'");
}
//end if
if (isset($variables["routingnumber"])) {
$variables["routingnumber"] = mysql_real_escape_string($variables["routingnumber"]);
$fieldlist .= ", `routingnumber` = " . $this->db->encrypt("'" . $variables["routingnumber"] . "'");
}
//end if
$fieldlist = substr($fieldlist, 1);
$querystatement .= $fieldlist . " WHERE `type` != 'Invoice' AND `type` != 'VOID' AND " . $whereclause;
$this->db->query($querystatement);
}
//end if
}
//end if
if (parent::updateRecord($variables, $modifiedby, $useUuid)) {
if (!isset($variables["id"])) {
$variables["id"] = getId($this->db, $this->uuid, $variables["uuid"]);
}
if ($variables["lineitemschanged"] == 1) {
if ($this->lineitems === NULL) {
$this->lineitems = new lineitems($this->db, $variables["id"]);
} else {
$this->lineitems->invoiceid = $variables["id"];
}
$this->lineitems->set($variables["thelineitems"], $modifiedby);
}
//endif
if ($variables["statuschanged"] == 1) {
$this->updateStatus($variables["id"], $variables["statusid"], $variables["statusdate"], $variables["assignedtoid"]);
}
// Check to see if we need to update/create the client addresses from the
// billing address
if (!isset($variables["billingsaveoptions"])) {
$variables["billingsaveoptions"] = NULL;
}
if (!isset($variables["shiptosaveoptions"])) {
$variables["shiptosaveoptions"] = NULL;
}
if ($variables["billingsaveoptions"] != "orderOnly" || $variables["shiptosaveoptions"] != "orderOnly") {
require_once "addresses.php";
require_once "addresstorecord.php";
$this->addressUpdate($variables, $variables["id"], $modifiedby, "billing");
$this->addressUpdate($variables, $variables["id"], $modifiedby, "shipping");
}
//end if
}
//end if
if ($variables["clienttype"] == "prospect" && $variables["type"] == "Order") {
$this->prospectToClient($variables["clientid"]);
}
//reset field after updating (if unset by rights management)
$this->getTableInfo();
}
function updateRecord($variables, $modifiedby = NULL, $useUuid = false)
{
if ($variables["password"]) {
$this->fields["password"]["type"] = "password";
} else {
unset($this->fields["password"]);
}
unset($this->fields["lastlogin"]);
parent::updateRecord($variables, $modifiedby, $useUuid);
if ($variables["roleschanged"] == 1) {
$this->assignRoles($variables["uuid"], $variables["newroles"]);
}
//reset field information
$this->fields = $this->db->tableInfo($this->maintable);
}
