@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
session_cache_limiter("none");
include "include/dbcommon.php";
header("Expires: Thu, 01 Jan 1970 00:00:01 GMT");
set_time_limit(600);
include "include/pad_pad_spt_type_variables.php";
include "include/import_functions.php";
$strOriginalTableName = "\"pad\".\"pad_spt_type\"";
if (!isLogged()) {
$_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"];
header("Location: login.php?message=expired");
return;
}
if (CheckPermissionsEvent($strTableName, 'I') && !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Import")) {
echo "<p>" . "You don't have permissions to access this table" . "<a href=\"login.php\">" . "Back to login page" . "</a></p>";
return;
}
$cipherer = new RunnerCipherer($strTableName);
// keys array
$keys[] = AddFieldWrappers("id");
$keys_present = 1;
$total_records = 0;
$goodlines = 0;
// Create audit object
$auditObj = GetAuditObject($strTableName);
function getFieldNamesByHeaders($fields)
{
global $strTableName, $conn, $strOriginalTableName, $ext, $gSettings;
// check fields in column headers
<?php
@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
include "include/dbcommon.php";
header("Expires: Thu, 01 Jan 1970 00:00:01 GMT");
include "include/pad_pad_customer_variables.php";
$mode = postvalue("mode");
if (!isLogged()) {
return;
}
if (!CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) {
return;
}
$cipherer = new RunnerCipherer($strTableName);
include 'include/xtempl.php';
$xt = new Xtempl();
$layout = new TLayout("detailspreview", "RoundedGreen", "MobileGreen");
$layout->blocks["bare"] = array();
$layout->containers["dcount"] = array();
$layout->containers["dcount"][] = array("name" => "detailspreviewheader", "block" => "", "substyle" => 1);
$layout->containers["dcount"][] = array("name" => "detailspreviewdetailsfount", "block" => "", "substyle" => 1);
$layout->containers["dcount"][] = array("name" => "detailspreviewdispfirst", "block" => "display_first", "substyle" => 1);
$layout->skins["dcount"] = "empty";
$layout->blocks["bare"][] = "dcount";
$layout->containers["detailspreviewgrid"] = array();
$layout->containers["detailspreviewgrid"][] = array("name" => "detailspreviewfields", "block" => "details_data", "substyle" => 1);
$layout->skins["detailspreviewgrid"] = "grid";
$layout->blocks["bare"][] = "detailspreviewgrid";
$page_layouts["pad_pad_customer_detailspreview"] = $layout;
$recordsCounter = 0;
include "include/public_tmp_bank_2013_variables.php";
include 'classes/runnerpage.php';
include 'classes/listpage.php';
include "classes/searchpanel.php";
include "classes/searchcontrol.php";
include "classes/searchclause.php";
include "classes/panelsearchcontrol.php";
if (!isLogged()) {
$_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"];
header("Location: login.php?message=expired");
return;
}
if (isLoggedAsGuest()) {
$_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"];
}
if (CheckPermissionsEvent($strTableName, 'S') && !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search") && !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Add")) {
if (IsAdmin()) {
echo "<p>" . "You don't have permissions to access this table" . "<br><a href=\"admin_rights_list.php\">" . "Proceed to Admin Area" . "</a> " . "to set up user permissions" . "</p>";
} else {
echo "<p>" . "You don't have permissions to access this table" . " <a href=\"login.php\">" . "Back to login page" . "</a></p>";
}
exit;
}
$layout = new TLayout("list2", "RoundedGreen", "MobileGreen");
$layout->blocks["center"] = array();
$layout->skins["recordcontrols"] = "1";
$layout->blocks["center"][] = "recordcontrols";
$layout->containers["message"] = array();
$layout->containers["message"][] = array("name" => "message", "block" => "message_block", "substyle" => 1);
$layout->skins["message"] = "2";
$layout->blocks["center"][] = "message";
$returnJSON['settings'] = $pageObject->jsSettings;
}
$xt->assign("style_block", true);
$xt->assign("stylefiles_block", true);
$editlink = "";
$editkeys = array();
$editkeys["editid1"] = postvalue("editid1");
foreach ($editkeys as $key => $val) {
if ($editlink) {
$editlink .= "&";
}
$editlink .= $key . "=" . $val;
}
$xt->assign("editlink_attrs", "id=\"editLink" . $id . "\" name=\"editLink" . $id . "\" onclick=\"window.location.href='pad_pad_customer_edit.php?" . $editlink . "'\"");
$strPerm = GetUserPermissions($strTableName);
if (CheckSecurity($ownerIdValue, "Edit") && !$inlineview && strpos($strPerm, "E") !== false) {
$xt->assign("edit_button", true);
} else {
$xt->assign("edit_button", false);
}
if (!$pdf && !$all && !$inlineview) {
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
//Begin show Next Prev button
$nextlink = $prevlink = "";
if (count($next)) {
$xt->assign("next_button", true);
$nextlink .= "editid1=" . htmlspecialchars(rawurlencode($next[1 - 1]));
$xt->assign("nextbutton_attrs", "id=\"nextButton" . $id . "\"");
} else {
$xt->assign("next_button", false);
}
/**
* @intellisense
*/
function GetImageFromDB($gQuery, $forPDF = false, $params = array())
{
global $cman;
if (!$forPDF) {
$table = postvalue("table");
$strTableName = GetTableByShort($table);
$settings = new ProjectSettings($strTableName);
if (!checkTableName($table)) {
return '';
}
@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
if (!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) {
HeaderRedirect("login");
return;
}
$field = postvalue("field");
if (!$settings->checkFieldPermissions($field)) {
return DisplayNoImage();
}
// construct sql
$keysArr = $settings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = postvalue("key" . ($ind + 1));
}
} else {
$table = @$params["table"];
$strTableName = GetTableByShort($table);
if (!checkTableName($table)) {
exit(0);
}
$settings = new ProjectSettings($strTableName);
$field = @$params["field"];
// construct sql
$keysArr = $settings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = @$params["key" . ($ind + 1)];
}
}
$connection = $cman->byTable($strTableName);
if (!$gQuery->HasGroupBy()) {
// Do not select any fields except current (image) field.
// If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
// Just don't do anything in that case.
$gQuery->RemoveAllFieldsExcept($settings->getFieldIndex($field));
}
$where = KeyWhere($keys);
$secOpt = $settings->getAdvancedSecurityType();
if ($secOpt == ADVSECURITY_VIEW_OWN) {
$where = whereAdd($where, SecuritySQL("Search"));
}
$sql = $gQuery->gSQLWhere($where);
$data = $connection->query($sql)->fetchAssoc();
if ($forPDF) {
if ($data) {
return $data[$field];
}
} else {
if (!$data) {
return DisplayNoImage();
}
if (postvalue('src') == 1) {
$value = myfile_get_contents('images/icons/jpg.png');
} else {
$value = $connection->stripSlashesBinary($data[$field]);
}
if (!$value) {
if (postvalue("alt")) {
$value = $connection->stripSlashesBinary($data[postvalue("alt")]);
if (!$value) {
return DisplayNoImage();
}
} else {
return DisplayNoImage();
}
}
$itype = SupposeImageType($value);
if (!$itype) {
return DisplayFile();
}
if (!isset($pdf)) {
header("Content-Type: " . $itype);
header("Cache-Control: private");
SendContentLength(strlen_bin($value));
}
echoBinary($value);
return '';
}
}
include "include/dbcommon.php";
add_nocache_headers();
include "include/Electricity_Rates_variables.php";
include "classes/searchcontrol.php";
include "classes/advancedsearchcontrol.php";
include "classes/panelsearchcontrol.php";
include "classes/searchclause.php";
$sessionPrefix = $strTableName;
//Basic includes js files
$includes = "";
// predefined fields num
$predefFieldNum = 0;
$chrt_array = array();
$rpt_array = array();
// check if logged in
if (!@$_SESSION["UserID"] || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search") && !@$chrt_array['status'] && !@$rpt_array['status'] || @$rpt_array['status'] == "private" && @$rpt_array['owner'] != @$_SESSION["UserID"] || @$chrt_array['status'] == "private" && @$chrt_array['owner'] != @$_SESSION["UserID"]) {
$_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"];
header("Location: login.php?message=expired");
return;
}
$layout = new TLayout("search2", "BoldOrange", "MobileOrange");
$layout->blocks["top"] = array();
$layout->containers["search"] = array();
$layout->containers["search"][] = array("name" => "srchheader", "block" => "", "substyle" => 2);
$layout->containers["search"][] = array("name" => "srchconditions", "block" => "conditions_block", "substyle" => 1);
$layout->containers["search"][] = array("name" => "wrapper", "block" => "", "substyle" => 1);
$layout->containers["fields"] = array();
$layout->containers["fields"][] = array("name" => "srchfields", "block" => "", "substyle" => 1);
$layout->containers["fields"][] = array("name" => "srchbuttons", "block" => "", "substyle" => 2);
$layout->skins["fields"] = "fields";
$layout->skins["search"] = "1";
/**
* Fills list grid.This method use many other methods
*
*/
function fillGridData()
{
global $globalEvents;
$totals = array();
// fill $rowinfo array
$rowinfo = array();
$this->fillGridShowInfo($rowinfo);
// add grid data
$rowClass = false;
$data = $this->beforeProccessRow();
$lockRecIds = array();
$this->googleMapCfg['viewLinkBase'] = $this->shortTableName . "_view.php?";
$tKeys = $this->pSet->getTableKeys();
$this->controlsMap['gridRows'] = array();
for ($i = 0; $i < count($this->listFields); $i++) {
$this->recordFieldTypes[$this->listFields[$i]['fName']] = $this->pSet->getFieldType($this->listFields[$i]["fName"]);
}
while ($data && ($this->recNo <= $this->pageSize || $this->pageSize == -1)) {
$row = array();
if (!$this->isVerLayout) {
$row["rowclass"] = "";
if (!$rowClass) {
$row["rowclass"] .= "interlaced";
$rowClass = true;
} else {
$rowClass = false;
}
}
$row["grid_record"] = array();
$row["grid_record"]["data"] = array();
$this->rowId++;
for ($col = 1; $data && ($this->recNo <= $this->pageSize || $this->pageSize == -1) && $col <= $this->colsOnPage; $col++) {
$this->countTotals($totals, $data);
$record = array();
$this->genId();
$row["rowattrs"] = " id=\"gridRow" . $this->recId . "\"";
$gridRowInd = count($this->controlsMap['gridRows']);
$this->controlsMap['gridRows'][$gridRowInd]['id'] = $this->recId;
$this->controlsMap['gridRows'][$gridRowInd]['rowInd'] = $gridRowInd;
$isEditable = $this->permis[$this->tName]['edit'] && CheckSecurity($data[$this->mainTableOwnerID], "Edit");
if ($globalEvents->exists("IsRecordEditable", $this->tName)) {
$isEditable = $globalEvents->IsRecordEditable($data, $isEditable, $this->tName);
}
$this->controlsMap['gridRows'][$gridRowInd]['isEditOwnRow'] = $isEditable;
for ($i = 0; $i < count($tKeys); $i++) {
$this->controlsMap['gridRows'][$gridRowInd]['keyFields'][$i] = $tKeys[$i];
$this->controlsMap['gridRows'][$gridRowInd]['keys'][$i] = $data[$tKeys[$i]];
}
$record["edit_link"] = $isEditable;
$record["inlineedit_link"] = $isEditable;
$record["view_link"] = $this->permis[$this->tName]['search'];
$record["copy_link"] = $this->permis[$this->tName]['add'];
//for list icons instead of list links
if ($col == 1) {
$this->countWidthListIcons('');
}
//get record id for locking record
if ($this->lockingObj) {
if ($this->mode == LIST_SIMPLE && !count($this->lockDelRec) && isset($_SESSION[$this->sessionPrefix . "_lockDelRec"])) {
$this->lockDelRec = $_SESSION[$this->sessionPrefix . "_lockDelRec"];
unset($_SESSION[$this->sessionPrefix . "_lockDelRec"]);
}
for ($i = 0; $i < count($this->lockDelRec); $i++) {
$lockDelRec = true;
foreach ($this->lockDelRec[$i] as $key => $val) {
if ($data[$key] != $val) {
$lockDelRec = false;
break;
}
}
if ($lockDelRec) {
$lockRecIds[] = $this->recId;
break;
}
}
}
// detail tables
$this->proccessDetailGridInfo($record, $data, $gridRowInd);
// key fields
$keyblock = "";
$editlink = "";
$copylink = "";
$keylink = "";
$keys = array();
//to open view pages in popup clicking on markers
for ($i = 0; $i < count($tKeys); $i++) {
if ($i != 0) {
$keyblock .= "&";
$editlink .= "&";
$copylink .= "&";
}
$keyblock .= rawurlencode($data[$tKeys[$i]]);
$editlink .= "editid" . ($i + 1) . "=" . htmlspecialchars(rawurlencode($data[$tKeys[$i]]));
$copylink .= "copyid" . ($i + 1) . "=" . htmlspecialchars(rawurlencode($data[$tKeys[$i]]));
$keylink .= "&key" . ($i + 1) . "=" . htmlspecialchars(rawurlencode(@$data[$tKeys[$i]]));
$keys[$i] = $data[$tKeys[$i]];
}
$record["editlink_attrs"] = "id=\"editLink" . $this->recId . "\" name=\"editLink" . $this->recId . "\" href='" . $this->shortTableName . "_edit.php?" . $editlink . "'";
$record["inlineeditlink_attrs"] = "id=\"iEditLink" . $this->recId . "\" name=\"iEditLink" . $this->recId . "\" href='" . $this->shortTableName . "_edit.php?" . $editlink . "'";
$record["copylink_attrs"] = "id=\"copyLink" . $this->recId . "\" name=\"copyLink" . $this->recId . "\" href='" . $this->shortTableName . "_add.php?" . $copylink . "'";
$record["viewlink_attrs"] = "id=\"viewLink" . $this->recId . "\" name=\"viewLink" . $this->recId . "\" href='" . $this->shortTableName . "_view.php?" . $editlink . "'";
$viewLink = $this->shortTableName . "_view.php?" . $editlink;
$this->fillCheckAttr($record, $data, $keyblock);
if ($this->googleMapCfg['isUseMainMaps']) {
$this->addBigGoogleMapMarkers($data, $keys, $viewLink);
}
for ($i = 0; $i < count($this->listFields); $i++) {
// call addGoogleMapData before call proccessRecordValue!!!
if (in_array($i, $this->gMapFields)) {
$this->addGoogleMapData($this->listFields[$i]['fName'], $data, $keys, $viewLink);
}
$record[$this->listFields[$i]['valueFieldName']] = $this->proccessRecordValue($data, $keylink, $this->listFields[$i]);
}
if ($this->eventExists("BeforeMoveNextList")) {
$this->eventsObject->BeforeMoveNextList($data, $row, $record, $this);
}
$this->spreadRowStyle($data, $row, $record);
$this->recIds[] = $this->recId;
$this->addSpansForGridCells('edit', $record, $data);
for ($i = 0; $i < count($this->listFields); $i++) {
$record[GoodFieldName($this->listFields[$i]['fName']) . "_class"] .= $this->fieldClass($this->listFields[$i]['fName']);
}
if ($col < $this->colsOnPage) {
$record["endrecord_block"] = true;
}
$record["grid_recordheader"] = true;
$record["grid_vrecord"] = true;
$row["grid_record"]["data"][] = $record;
$data = $this->beforeProccessRow();
$this->recNo++;
}
while ($col <= $this->colsOnPage) {
$record = array();
if ($col < $this->colsOnPage) {
$record["endrecord_block"] = true;
}
$row["grid_record"]["data"][] = $record;
$col++;
}
// assign row spacings for vertical layout
$row["grid_rowspace"] = true;
$row["grid_recordspace"] = array("data" => array());
for ($i = 0; $i < $this->colsOnPage * 2 - 1; $i++) {
$row["grid_recordspace"]["data"][] = true;
}
$rowinfo["data"][] = $row;
}
if ($this->lockingObj) {
$this->jsSettings['tableSettings'][$this->tName]['lockRecIds'] = $lockRecIds;
}
if (count($rowinfo["data"])) {
$rowinfo["data"][count($rowinfo["data"]) - 1]["grid_rowspace"] = false;
if ($this->isVerLayout && $this->is508) {
$rowinfo["begin"] = "<caption style=\"display:none\">Table data</caption>";
}
$this->xt->assignbyref("grid_row", $rowinfo);
}
$this->buildTotals($totals);
}
include "include/dbcommon.php";
add_nocache_headers();
include "include/public_tmp_bank2_variables.php";
include "classes/searchcontrol.php";
include "classes/advancedsearchcontrol.php";
include "classes/panelsearchcontrol.php";
include "classes/searchclause.php";
$sessionPrefix = $strTableName;
//Basic includes js files
$includes = "";
// predefined fields num
$predefFieldNum = 0;
$chrt_array = array();
$rpt_array = array();
// check if logged in
if (!isLogged() || CheckPermissionsEvent($strTableName, 'S') && !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search") && !@$chrt_array['status'] && !@$rpt_array['status'] || @$rpt_array['status'] == "private" && @$rpt_array['owner'] != @$_SESSION["UserID"] || @$chrt_array['status'] == "private" && @$chrt_array['owner'] != @$_SESSION["UserID"]) {
$_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"];
header("Location: login.php?message=expired");
return;
}
$layout = new TLayout("search2", "RoundedGreen", "MobileGreen");
$layout->blocks["top"] = array();
$layout->containers["search"] = array();
$layout->containers["search"][] = array("name" => "srchheader", "block" => "", "substyle" => 2);
$layout->containers["search"][] = array("name" => "srchconditions", "block" => "conditions_block", "substyle" => 1);
$layout->containers["search"][] = array("name" => "wrapper", "block" => "", "substyle" => 1, "container" => "fields");
$layout->containers["fields"] = array();
$layout->containers["fields"][] = array("name" => "srchfields", "block" => "", "substyle" => 1);
$layout->skins["fields"] = "fields";
$layout->containers["search"][] = array("name" => "srchbuttons", "block" => "", "substyle" => 2);
$layout->skins["search"] = "1";
/**
* Assign buttons xt variables
*/
protected function prepareButtons()
{
global $globalEvents;
if ($this->pdfMode) {
return;
}
$this->prepareNextPrevButtons();
if ($this->mode == VIEW_DASHBOARD) {
return;
}
if ($this->mode == VIEW_SIMPLE) {
// back to list/menu buttons
if ($this->pSet->hasListPage()) {
$this->xt->assign("back_button", true);
$this->xt->assign("backbutton_attrs", "id=\"backButton" . $this->id . "\"");
$this->xt->assign("mbackbutton_attrs", "id=\"extraBackButton" . $this->id . "\"");
} else {
if ($this->isShowMenu()) {
$this->xt->assign("back_button", true);
$this->xt->assign("backbutton_attrs", "id=\"backToMenuButton" . $this->id . "\"");
}
}
}
if ($this->mode == VIEW_POPUP) {
$this->xt->assign("close_button", true);
$this->xt->assign("closebutton_attrs", "id=\"closeButton" . $this->id . "\"");
}
if ($this->pSet->hasEditPage() && $this->permis[$this->tName]['edit']) {
$data = $this->getCurrentRecordInternal();
$editable = $this->permis[$this->tName]['edit'] && CheckSecurity($data[$this->pSet->getTableOwnerID()], "Edit");
if ($globalEvents->exists("IsRecordEditable", $this->tName)) {
$editable = $globalEvents->IsRecordEditable($this->getCurrentRecordInternal(), $editable, $this->tName);
}
if ($editable) {
$this->xt->assign("edit_page_button", true);
$this->xt->assign("edit_page_button_attrs", "id=\"editPageButton" . $this->id . "\"");
}
}
}
function GetImageFromDB($gQuery, $forPDF = false, $params = array())
{
global $conn;
if (!$forPDF) {
$table = postvalue("table");
$strTableName = GetTableByShort($table);
$settings = new ProjectSettings($strTableName);
if (!checkTableName($table)) {
return '';
}
//include("include/".$table."_variables.php");
@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
if (!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) {
header("Location: login.php");
return;
}
$field = postvalue("field");
if (!$settings->checkFieldPermissions($field)) {
return DisplayNoImage();
}
// construct sql
$keysArr = $settings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = postvalue("key" . ($ind + 1));
}
} else {
$table = @$params["table"];
$strTableName = GetTableByShort($table);
if (!checkTableName($table)) {
exit(0);
}
$settings = new ProjectSettings($strTableName);
$field = @$params["field"];
// construct sql
$keysArr = $settings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = @$params["key" . ($ind + 1)];
}
}
if (!$gQuery->HasGroupBy()) {
// Do not select any fields except current (image) field.
// If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
// Just don't do anything in that case.
$gQuery->RemoveAllFieldsExcept($settings->getFieldIndex($field));
}
$where = KeyWhere($keys);
$sql = $gQuery->gSQLWhere($where);
$rs = db_query($sql, $conn);
if ($forPDF) {
if ($rs && ($data = db_fetch_array($rs))) {
return $data[$field];
}
} else {
if (!$rs || !($data = db_fetch_array($rs))) {
return DisplayNoImage();
}
if (postvalue('src') == 1 && strlen($data[$field]) > 51200) {
$value = myfile_get_contents('images/icons/jpg.png');
} else {
$value = db_stripslashesbinary($data[$field]);
}
if (!$value) {
if (postvalue("alt")) {
$value = db_stripslashesbinary($data[postvalue("alt")]);
if (!$value) {
return DisplayNoImage();
}
} else {
return DisplayNoImage();
}
}
$itype = SupposeImageType($value);
if (!$itype) {
return DisplayFile();
}
if (!isset($pdf)) {
header("Content-Type: " . $itype);
header("Cache-Control: private");
SendContentLength(strlen_bin($value));
}
echoBinary($value);
return '';
}
}
exit("You have no permissions for this action");
}
} else {
if (!$pSet->checkFieldPermissions($field) && ($pageType != PAGE_ADD || !$pSet->appearOnAddPage($field) && !$pSet->appearOnInlineAdd($field))) {
exit("You have no permissions for this action");
}
}
if (!$isPDF) {
add_nocache_headers();
}
include_once "include/" . GetTableURL($strTableName) . "_variables.php";
// check if logged in
if ($requestAction == 'POST') {
$havePermission = CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Add") || CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Edit");
} else {
$havePermission = CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search");
}
if (!isLogged() && $pageType != PAGE_REGISTER || !$havePermission) {
header("Location: login.php");
return;
}
require_once getabspath('classes/uploadhandler.php');
$upload_handler = new UploadHandler(getOptionsForMultiUpload($pSet, $field));
$upload_handler->pSet = $pSet;
$upload_handler->field = $field;
$upload_handler->table = $strTableName;
$upload_handler->pageType = $pageType;
switch ($requestAction) {
case 'DELETE':
printHeaders();
$formStamp = postvalue("formStamp");
$lookup = false;
if ($mainTable && $mainField) {
$lookup = true;
}
if (!checkTableName($table)) {
exit(0);
}
require_once "include/" . $table . "_variables.php";
$pSet = new ProjectSettings(GetTableByShort($table), $pageType);
$cipherer = new RunnerCipherer(GetTableByShort($table), $pSet);
$_connection = $cman->byTable($strTableName);
$lookupInRegisterPage = false;
if (!in_array($field, $pSet->getListFields())) {
$lookupInRegisterPage = false;
}
if ((!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) && !$lookupInRegisterPage) {
$returnJSON = array("success" => false, "error" => '');
echo printJSON($returnJSON);
return;
}
if (!$pSet->checkFieldPermissions($field)) {
$returnJSON = array("success" => false, "error" => 'Error: You have not permission for read this text');
echo printJSON($returnJSON);
return;
}
if (!$gQuery->HasGroupBy()) {
// Do not select any fields except current (full text) field.
// If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
// Just don't do anything in that case.
$gQuery->RemoveAllFieldsExcept($pSet->getFieldIndex($field));
}
/**
* Fills list grid. This method use many other methods
*/
function fillGridData()
{
global $globalEvents;
$totals = array();
// fill $rowinfo array
$rowinfo = array();
$this->fillGridShowInfo($rowinfo);
// add grid data
$data = $this->beforeProccessRow();
$lockRecIds = array();
$tKeys = $this->pSet->getTableKeys();
$this->controlsMap['gridRows'] = array();
for ($i = 0; $i < count($this->listFields); $i++) {
$this->recordFieldTypes[$this->listFields[$i]['fName']] = $this->pSet->getFieldType($this->listFields[$i]["fName"]);
}
while ($data && ($this->recNo <= $this->pageSize || $this->pageSize == -1)) {
$row = array();
$row["grid_record"] = array();
$row["grid_record"]["data"] = array();
$this->rowId++;
for ($col = 1; $data && ($this->recNo <= $this->pageSize || $this->pageSize == -1) && $col <= $this->colsOnPage; $col++) {
$this->countTotals($totals, $data);
$record = array();
$this->genId();
$row["rowattrs"] = " id=\"gridRow" . $this->recId . "\"";
$gridRowInd = count($this->controlsMap['gridRows']);
$this->controlsMap['gridRows'][$gridRowInd] = array();
$this->controlsMap['gridRows'][$gridRowInd]['id'] = $this->recId;
$this->controlsMap['gridRows'][$gridRowInd]['rowInd'] = $gridRowInd;
//Add the connection with containing row. It's important for vertical layout's multiple records per row mode
$this->controlsMap['gridRows'][$gridRowInd]['contextRowId'] = $this->recId + $this->colsOnPage - $col;
$isEditable = $this->permis[$this->tName]['edit'] && CheckSecurity($data[$this->mainTableOwnerID], "Edit", $this->tName) || $this->permis[$this->tName]['delete'] && CheckSecurity($data[$this->mainTableOwnerID], "Delete", $this->tName);
if ($globalEvents->exists("IsRecordEditable", $this->tName)) {
$isEditable = $globalEvents->IsRecordEditable($data, $isEditable, $this->tName);
}
$this->controlsMap['gridRows'][$gridRowInd]['isEditOwnRow'] = $isEditable;
$this->controlsMap['gridRows'][$gridRowInd]['keyFields'] = array();
$this->controlsMap['gridRows'][$gridRowInd]['keys'] = array();
for ($i = 0; $i < count($tKeys); $i++) {
$this->controlsMap['gridRows'][$gridRowInd]['keyFields'][$i] = $tKeys[$i];
$this->controlsMap['gridRows'][$gridRowInd]['keys'][$i] = $data[$tKeys[$i]];
}
$record["edit_link"] = $isEditable;
$record["inlineedit_link"] = $isEditable;
$record["view_link"] = $this->permis[$this->tName]['search'];
$record["copy_link"] = $this->permis[$this->tName]['add'];
//get record id for locking record
if ($this->lockingObj) {
if ($this->mode == LIST_SIMPLE && !count($this->lockDelRec) && isset($_SESSION[$this->sessionPrefix . "_lockDelRec"])) {
$this->lockDelRec = $_SESSION[$this->sessionPrefix . "_lockDelRec"];
unset($_SESSION[$this->sessionPrefix . "_lockDelRec"]);
}
for ($i = 0; $i < count($this->lockDelRec); $i++) {
$lockDelRec = true;
foreach ($this->lockDelRec[$i] as $key => $val) {
if ($data[$key] != $val) {
$lockDelRec = false;
break;
}
}
if ($lockDelRec) {
$lockRecIds[] = $this->recId;
break;
}
}
}
// detail tables
$this->proccessDetailGridInfo($record, $data, $gridRowInd);
// key fields
$keyblock = "";
$editlink = "";
$copylink = "";
$keylink = "";
$keys = array();
//to open view pages in popup clicking on markers
for ($i = 0; $i < count($tKeys); $i++) {
if ($i != 0) {
$keyblock .= "&";
$editlink .= "&";
$copylink .= "&";
}
$keyblock .= rawurlencode($data[$tKeys[$i]]);
$editlink .= "editid" . ($i + 1) . "=" . runner_htmlspecialchars(rawurlencode($data[$tKeys[$i]]));
$copylink .= "copyid" . ($i + 1) . "=" . runner_htmlspecialchars(rawurlencode($data[$tKeys[$i]]));
$keylink .= "&key" . ($i + 1) . "=" . runner_htmlspecialchars(rawurlencode(@$data[$tKeys[$i]]));
$keys[$i] = $data[$tKeys[$i]];
}
$this->recIds[] = $this->recId;
$record["recordattrs"] = "data-record-id=\"" . $this->recId . "\"";
$record["editlink_attrs"] = "id=\"editLink" . $this->recId . "\" name=\"editLink" . $this->recId . "\" href='" . GetTableLink($this->shortTableName, "edit", $editlink) . "'";
$record["copylink_attrs"] = "id=\"copyLink" . $this->recId . "\" name=\"copyLink" . $this->recId . "\" href='" . GetTableLink($this->shortTableName, "add", $copylink) . "'";
$record["viewlink_attrs"] = "id=\"viewLink" . $this->recId . "\" name=\"viewLink" . $this->recId . "\" href='" . GetTableLink($this->shortTableName, "view", $editlink) . "'";
$record["inlineeditlink_attrs"] = "id=\"iEditLink" . $this->recId . "\" name=\"iEditLink" . $this->recId . "\" href='" . GetTableLink($this->shortTableName, "edit", $editlink) . "'";
$this->fillCheckAttr($record, $data, $keyblock);
if ($this->googleMapCfg['isUseMainMaps']) {
$this->addBigGoogleMapMarkers($data, $keys, $editlink);
}
for ($i = 0; $i < count($this->listFields); $i++) {
// call addGoogleMapData before call proccessRecordValue!!!
if (in_array($i, $this->gMapFields)) {
$this->addGoogleMapData($this->listFields[$i]['fName'], $data, $keys, $editlink);
}
$record[$this->listFields[$i]['valueFieldName']] = $this->proccessRecordValue($data, $keylink, $this->listFields[$i]);
}
$this->addSpansForGridCells('edit', $record, $data);
if ($this->eventExists("BeforeMoveNextList")) {
$this->eventsObject->BeforeMoveNextList($data, $row, $record, $this);
}
$this->spreadRowStyles($data, $row, $record);
$this->setRowCssRules($record);
for ($i = 0; $i < count($this->listFields); $i++) {
$field = $this->listFields[$i]['fName'];
$this->setRowClassNames($record, $field);
$this->addHiddenColumnClasses($record, $field);
}
if ($col < $this->colsOnPage) {
$record["endrecord_block"] = true;
}
$record["grid_recordheader"] = true;
$record["grid_vrecord"] = true;
//set the $row["grid_record"] value
$this->setRowsGridRecord($row, $record);
$data = $this->beforeProccessRow();
$this->recNo++;
}
if ($col <= $this->colsOnPage) {
for ($gInd = 0; $gInd < $col - 1; $gInd++) {
$this->controlsMap['gridRows'][$gridRowInd - $gInd]['contextRowId'] = $this->recId;
}
}
while ($col <= $this->colsOnPage) {
$record = array();
if ($col < $this->colsOnPage) {
$record["endrecord_block"] = true;
}
if ($row["grid_record"]["data"]) {
$row["grid_record"]["data"][] = $record;
}
$col++;
}
// assign row spacings for vertical layout
$row["grid_rowspace"] = true;
$row["grid_recordspace"] = array("data" => array());
for ($i = 0; $i < $this->colsOnPage * 2 - 1; $i++) {
$row["grid_recordspace"]["data"][] = true;
}
$rowinfo["data"][] = $row;
}
if ($this->lockingObj) {
$this->jsSettings['tableSettings'][$this->tName]['lockRecIds'] = $lockRecIds;
}
if (count($rowinfo["data"])) {
$rowinfo["data"][count($rowinfo["data"]) - 1]["grid_rowspace"] = false;
if ($this->listGridLayout == gltVERTICAL && $this->is508) {
$rowinfo["begin"] = "<caption style=\"display:none\">Table data</caption>";
}
$this->xt->assignbyref("grid_row", $rowinfo);
}
$this->buildTotals($totals);
}
$xt->assign("header", false);
$xt->assign("body", $pageObject->body);
}
$xt->assign("style_block", true);
$pageObject->xt->assign("legend", true);
$viewlink = "";
$viewkeys = array();
$viewkeys["editid1"] = postvalue("editid1");
foreach ($viewkeys as $key => $val) {
if ($viewlink) {
$viewlink .= "&";
}
$viewlink .= $key . "=" . $val;
}
$xt->assign("viewlink_attrs", "id=\"viewButton" . $id . "\" name=\"viewButton" . $id . "\" onclick=\"window.location.href='app_modules_view.php?" . $viewlink . "'\"");
if (CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search") && $inlineedit == EDIT_SIMPLE) {
$xt->assign("view_button", true);
} else {
$xt->assign("view_button", false);
}
/////////////////////////////////////////////////////////////
//display the page
/////////////////////////////////////////////////////////////
if ($eventObj->exists("BeforeShowEdit")) {
$eventObj->BeforeShowEdit($xt, $templatefile, $data, $pageObject);
}
if ($inlineedit != EDIT_SIMPLE) {
$returnJSON['controlsMap'] = $pageObject->controlsHTMLMap;
$returnJSON['viewControlsMap'] = $pageObject->viewControlsHTMLMap;
$returnJSON['settings'] = $pageObject->jsSettings;
}
<?php
@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
require_once "include/dbcommon.php";
$tableName = postvalue("tableName");
$pageType = postvalue("pageType");
$fieldName = postvalue("fieldName");
$fieldControlType = postvalue("fieldControlType");
$value = postvalue("value");
if (!checkTableName($tableName)) {
exit(0);
}
require_once "include/" . $tableName . "_variables.php";
if ($pageType != PAGE_REGISTER && (!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search"))) {
$returnJSON = array("success" => false, "error" => "Error: You have not permissions to read the " . $tableName . " table's data");
echo printJSON($returnJSON);
return;
}
// set db connection
$_connection = $cman->byTable($strTableName);
$pSet = new ProjectSettings($strTableName, $pageType);
$denyChecking = $pSet->allowDuplicateValues($fieldName);
$denyChecking = $denyChecking && ($strTableName != "DashboardUsers" || $fieldName != $cUserNameField && $fieldName != $cEmailField);
if ($denyChecking) {
$returnJSON = array("success" => false, "error" => "Duplicated values are allowed");
echo printJSON($returnJSON);
return;
}
$cipherer = new RunnerCipherer($strTableName, $pSet);
if ($cipherer->isFieldEncrypted($fieldName)) {
@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
session_cache_limiter("none");
include "include/dbcommon.php";
header("Expires: Thu, 01 Jan 1970 00:00:01 GMT");
set_time_limit(600);
include "include/Readings_variables.php";
include "include/import_functions.php";
$strOriginalTableName = "[dbo].[Readings]";
if (!@$_SESSION["UserID"]) {
$_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"];
header("Location: login.php?message=expired");
return;
}
if (!CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Import")) {
echo "<p>" . mlang_message("NO_PERMISSIONS") . "<a href=\"login.php\">" . mlang_message("BACK_TO_LOGIN") . "</a></p>";
return;
}
// keys array
$keys[] = AddFieldWrappers("Record ID");
$keys_present = 1;
$total_records = 0;
$goodlines = 0;
// Create audit object
$auditObj = GetAuditObject($strTableName);
function getFieldNamesByHeaders($fields)
{
global $strTableName, $conn, $strOriginalTableName, $ext;
// check fields in column headers
// check that we have labes in column headers
<?php
include "include/dbcommon.php";
@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
add_nocache_headers();
include "include/Month_Billings_variables.php";
include 'include/xtempl.php';
include 'classes/addpage.php';
// check if logged in
if (!@$_SESSION["UserID"] || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Add")) {
$_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"];
header("Location: login.php?message=expired");
return;
}
if (sizeof($_POST) == 0 && postvalue('ferror')) {
if (postvalue("inline")) {
$returnJSON['success'] = false;
$returnJSON['message'] = mlang_message("INLINE_ERROR");
$returnJSON['fatalError'] = true;
echo "<textarea>" . htmlspecialchars(my_json_encode($returnJSON)) . "</textarea>";
exit;
} else {
if (postvalue("fly")) {
echo -1;
exit;
} else {
$_SESSION["message_add"] = "<< " . "Error occurred" . " >>";
}
}
}
<?php
include "include/dbcommon.php";
@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
add_nocache_headers();
include "include/pad_pad_customer_variables.php";
include 'include/xtempl.php';
include 'classes/addpage.php';
global $globalEvents;
// check if logged in
if (!isLogged() || CheckPermissionsEvent($strTableName, 'A') && !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Add")) {
$_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"];
header("Location: login.php?message=expired");
return;
}
if (sizeof($_POST) == 0 && postvalue('ferror')) {
if (postvalue("inline")) {
$returnJSON['success'] = false;
$returnJSON['message'] = "Error occurred";
$returnJSON['fatalError'] = true;
echo "<textarea>" . htmlspecialchars(my_json_encode($returnJSON)) . "</textarea>";
exit;
} else {
if (postvalue("fly")) {
echo -1;
exit;
} else {
$_SESSION["message_add"] = "<< " . "Error occurred" . " >>";
}
}
/**
* Prepare the detail preview data, fille coresssponding controls maps and
* assign all required xt variables
* @param String dpType
* @param String dpTableName
* @param Number dpId
* @param &Array data
*/
public function setDetailPreview($dpType, $dpTableName, $dpId, &$data)
{
if ($this->pageType != PAGE_EDIT && $this->pageType != PAGE_VIEW && $this->pageType != PAGE_ADD || !CheckSecurity(@$_SESSION["_" . $dpTableName . "_OwnerID"], "Search")) {
return;
}
if ($dpType == PAGE_CHART) {
$this->setDetailChartOnEditView($dpTableName, $dpId, $data);
} elseif ($dpType == PAGE_REPORT) {
$this->setDetailReportOnEditView($dpTableName, $dpId, $data);
} else {
// $dpType == PAGE_LIST
$this->setDetailList($dpTableName, $dpId, $data);
}
}
