if ($_SESSION[history] == 0) { $thisobj["Fields"]["button_dopres"] = make_button($CONF[url_base] . $CONF[dir_modules] . "prestazioni/pages/new_prestazione.php?app_id=" . $_GET[id] . "&Tipo=" . $result[type_app] . "&dataimpegno=" . $result[day] . "&contr_unif=" . $c_un . "&storico=" . $CONF[storico_impegni] . "&curiaimpegno=" . $result[cal_comp_desc] . "&tipoimpegno=" . $result[type_app] . "&curiapratica=" . $curia, CALENDAR_DOPRES); } else { $thisobj["Fields"]["button_dopres"] = CALENDAR_DOPRES; } $thisobj["Fields"]["button_prat"] = make_button($CONF[url_base] . $CONF[dir_modules] . "pratiche/pages/pratiche_show.php?id=" . $result[ref_prat], PRATICHE_PRAT); $thisobj["Fields"]["button_pres"] = make_button($CONF[url_base] . $CONF[dir_modules] . "prestazioni/pages/prestazioni_view.php?form_id=listprestaz&form_page=1&ref_id[text]=&ref_id[realval][]=" . $result[ref_prat], PRESTAZIONI_TITLE); $thisobj["Fields"]["button_scad"] = make_button($CONF[url_base] . $CONF[dir_modules] . "calendar/pages/app_view.php?form_id=listcont&form_page=1&ref_prat[text]=&ref_prat[realval][]=" . $result[ref_prat], PRATICHE_IMPEGN); $thisobj["Fields"]["button_doc"] = make_button($CONF[url_base] . $CONF[dir_modules] . "document/pages/documents_view.php?form_id=listdoc&form_page=1&ref_prat[text]=&ref_prat[realval][]=" . $result[ref_prat], DOCUMENT_TITLE); $thisobj["Fields"]["button_dbox"] = make_button($CONF[url_base] . $CONF[dir_modules] . "document/pages/dropbox_view.php?form_id=listdoc&form_page=1&ref_prat[text]=&ref_prat[realval][]=" . $result[ref_prat], DOCUMENT_TITLE_DROPBOX); $keymap[54] = $CONF[url_base] . $CONF[dir_modules] . "/pratiche/pages/pratiche_show.php?id=" . $result[ref_prat]; $keymap[55] = $CONF[url_base] . $CONF[dir_modules] . "/prestazioni/pages/prestazioni_view.php?form_id=listprestaz&form_page=1&ref_id[text]=&ref_id[realval][]=" . $result[ref_prat]; $keymap[56] = $CONF[url_base] . $CONF[dir_modules] . "/calendar/pages/app_view.php?form_id=listcont&form_page=1&ref_prat[text]=&ref_prat[realval][]=" . $result[ref_prat]; $keymap[57] = $CONF[url_base] . $CONF[dir_modules] . "document/pages/documents_view.php?form_id=listdoc&form_page=1&ref_prat[text]=&ref_prat[realval][]=" . $result[ref_prat]; print set_js_keyhandler($keymap); print draw_object($thisobj, intval($_GET[id]), $module); } else { $response[title] = FW_ERROR_NO_PERM; $response[text] = FW_ERROR_NO_PERM_TXT; $iserror = 1; print draw_response($response); } } $PAGE[PAGE_CONTENT] = ob_get_contents(); ob_end_clean(); template_define_elements(); final_render(); function fatto() { echo "pippo"; }
$cnt = 0; $rs3 = $DB->Execute("SELECT DISTINCT nota1,nota2 FROM prestazioni m, pratiche p WHERE m.ref_id=p.id AND p.pr_ref_idcliente=" . $_GET[id] . " AND nota1 <> '' AND nota2 <> ''"); while (!$rs3->EOF) { if ($cnt > 0) { $billem .= ", "; } $nota_emessa = $rs3->FetchRow(); $billem .= $nota_emessa[nota1] . '/' . $nota_emessa[nota2]; $cnt++; } //Search for fatture done $cnt = 0; $rs2 = $DB->Execute("SELECT * FROM contact WHERE id=" . $_GET[id]); $cont = $rs2->FetchRow(); $tot[billem] = $billem; $tot[fattem] = $fattem; $tot[codice] = $cont[codice]; $tot[nome] = $cont[nome]; $tot[pr_oggetto] = $prat[pr_oggetto]; $tot[pr_valore] = $prat[pr_valore]; $tot[pr_fido] = $prat[pr_fido]; $tot[subt1] = $tot[onor] + $tot["dir"]; $tot[subt2] = $tot[simp] + $tot[snimp]; $tot[subt3] = $tot[subt1] + $tot[subt2]; $tot[subm] = $tot[acco] + $tot[anti]; $tot[subf] = $tot[subt3] - $tot[subm]; $thisobj = load_fwobject("show", "contact", 1); print draw_object($thisobj, "", $module, $tot); $PAGE[PAGE_CONTENT] = ob_get_contents(); ob_end_clean(); final_render();
function menage_search1($search, $target_res = 2, $format_res = 0) { global $DB, $CONF, $SEARCH_TEMPLATE; //Init della ricerca foreach ($search[fields] as $key => $field) { list($type, $options) = explode("||", $field[content]); unset($target); foreach (explode("||", $field[search_field]) as $trg) { $target[] = explode("-", $trg); } unset($cnt); $cntt = array(); foreach ($target as $st) { if (!isset($SQL_SEARCH[$st[0]])) { if (!isset($search[tablesql][$st[0]])) { $SQL_SEARCH[$st[0]] = "SELECT * FROM " . $st[0] . " WHERE %[PERM]% "; } else { $SQL_SEARCH[$st[0]] = $search[tablesql][$st[0]]; } } if ($cntt[$st[0]] == 0) { $SQL_SEARCH[$st[0]] .= " AND ( "; } else { $SQL_SEARCH[$st[0]] .= " OR ("; } $cntt[$st[0]]++; // Create SQL Query according to search type if (is_array($_GET[$key]) && isset($_GET[$key][realval]) && count($_GET[$key][realval]) > 1) { $tcnt = count($_GET[$key][realval]); $linarray = 1; } elseif (is_array($_GET[$key]) && count($_GET[$key]) > 1 && !isset($_GET[$key][realval])) { $tcnt = count($_GET[$key]); $linarray = 1; } else { $tcnt = 1; $linarray = 0; } $opened = 0; for ($cnt = 0; $cnt < $tcnt; $cnt++) { unset($this_round); if (is_array($_GET[$key]) && is_array($_GET[$key][realval])) { $curval = $_GET[$key][realval][$cnt]; } elseif (is_array($_GET[$key])) { $curval = $_GET[$key][$cnt]; } else { $curval = $_GET[$key]; } if (strlen($curval) > 0) { if ($cnt > 0) { $SQL_SEARCH[$st[0]] .= " OR "; } if ($opened != 1 && $linarray == 1) { $SQL_SEARCH[$st[0]] .= " ( "; $opened = 1; } switch ($type) { case "text": $SQL_SEARCH[$st[0]] .= $st[1] . "='" . $curval . "' "; if (strlen($curval) > 0) { $SEARCH_FIELDS[$st[0]][$st[1]][] = $curval; } break; case "text_like": $SQL_SEARCH[$st[0]] .= $st[1] . " LIKE '%" . $curval . "%' "; if (strlen($curval) > 0) { $SEARCH_FIELDS[$st[0]][$st[1]][] = $curval; } break; case "text_start": $SQL_SEARCH[$st[0]] .= $st[1] . " LIKE '" . $curval . "%' "; if (strlen($curval) > 0) { $SEARCH_FIELDS[$st[0]][$st[1]][] = $curval; } break; case "text_end": $SQL_SEARCH[$st[0]] .= $st[1] . " LIKE '%" . $curval . "' "; if (strlen($curval) > 0) { $SEARCH_FIELDS[$st[0]][$st[1]][] = $curval; } break; case "text_word": $SQL_SEARCH[$st[0]] .= $st[1] . " LIKE '% " . $curval . " %' "; if (strlen($curval) > 0) { $SEARCH_FIELDS[$st[0]][$st[1]][] = $curval; } break; case "text_ext": $SQL_SEARCH[$st[0]] .= ext_search($st[1], $curval); if (strlen($curval) > 0) { $SEARCH_FIELDS[$st[0]][$st[1]][] = $curval; } break; case "user_perm": $SQL_SEARCH[$st[0]] .= $st[1] . " LIKE '%U" . $curval . "=33333%'"; if (strlen($curval) > 0) { $SEARCH_FIELDS[$st[0]][$st[1]][] = " "; } break; case "calendar_owner": $SQL_SEARCH[$st[0]] .= $st[1] . " LIKE '" . $curval . ",,%' OR " . $st[1] . " LIKE '%,," . $curval . "' OR " . $st[1] . " LIKE '%,," . $curval . ",,%' OR " . $st[1] . " LIKE '" . $curval . "'"; if (strlen($curval) > 0) { $SEARCH_FIELDS[$st[0]][$st[1]][] = " "; } break; case "num_less": $SQL_SEARCH[$st[0]] .= $st[1] . " <= '" . $curval . "' "; if (strlen($curval) > 0) { $SEARCH_FIELDS[$st[0]][$st[1]][] = $curval; } break; case "num_more": $SQL_SEARCH[$st[0]] .= $st[1] . " >= '" . $curval . "' "; if (strlen($curval) > 0) { $SEARCH_FIELDS[$st[0]][$st[1]][] = $curval; } break; case "num_equal": $SQL_SEARCH[$st[0]] .= $st[1] . " = '" . $curval . "' "; if (strlen($curval) > 0) { $SEARCH_FIELDS[$st[0]][$st[1]][] = $curval; } break; } $done_seart[$st[0]]++; } } if ($linarray == 1 && $opened == 1) { $SQL_SEARCH[$st[0]] .= " ) "; } $SQL_SEARCH[$st[0]] .= ')'; $SQL_SEARCH[$st[0]] = str_replace("AND ( )", "", $SQL_SEARCH[$st[0]]); } /* //Close sql ) foreach($SQL_SEARCH as $table => $sql) { $SQL_SEARCH[$table].=')'; $SQL_SEARCH[$table]=str_replace("AND ( )","",$SQL_SEARCH[$table]); } */ } foreach ($search[tables] as $table => $options) { list($TABLES[$table][list_var], $TABLES[$table][title], $TABLES[$table][options], $TABLES[$table][permission]) = explode("||", $options); //orig //list($TABLES[$table][list_var],$TABLES[$table][title],,$TABLES[$table][permission])=explode("||",$options);//0k variante 1 //list($TABLES[$table][list_var],,$TABLES[$table][options],$TABLES[$table][permission])=explode("||",$options);//ok variante 2 //list($TABLES[$table][list_var],,$TABLES[$table][options],$TABLES[$table][permission])=explode("||",$options); } //CHECK FOR EMPTY SEARCH if ($search[allow_empty] != 1) { foreach ($SQL_SEARCH as $table => $sql) { if ($done_seart[$table] == 0) { unset($SQL_SEARCH[$table]); } } } //Check for result number foreach ($SQL_SEARCH as $table => $sql) { list($perm_type, $perm_parent) = explode(";;", $TABLES[$table][permission]); if ($perm_type == 0) { $sql = str_replace("%[PERM]%", "1=1", $sql); } //print perm_sql_read($sql,$table).'<br><br>'; $rs = @$DB->Execute(perm_sql_read($sql, $table)); $res = $rs->RecordCount(); $totr += $res; $RESULTNUM[$table] = $res; } $RESULTNUM[total] = $totr; if (isset($search[title])) { $output = str_replace("%[TITLE]%", $search[title], $SEARCH_TEMPLATE[search_title]); } if (isset($search[result_txt])) { $output .= str_replace("%[DESC]%", str_replace("%[FOUND]%", $RESULTNUM[total], $search[result_txt]), $SEARCH_TEMPLATE[search_desc]); } //Render tables results $output .= '<table width="100%" border=0 cellpadding=5>'; foreach ($SQL_SEARCH as $table => $sql) { foreach (explode(";;", $TABLES[$table][options]) as $vopt) { list($opt, $optval) = explode("::", $vopt); switch ($opt) { case "exp": if ($optval == 1) { $start_vis = 1; } break; case "lock": if ($optval == 1) { $noexp = 1; $start_vis = 1; } break; } } if (isset($_GET[$table . "_ordfield"]) || isset($_GET[$table . "_ordtype"]) || isset($_GET[$table . "_st"]) || isset($_GET[$table . "_exp"]) || isset($_GET[$table . "_imp"])) { $start_vis = 1; } if ($start_vis == 1) { $startpic = $SEARCH_TEMPLATE[group_icon_close]; $cur_vis = ""; } else { $startpic = $SEARCH_TEMPLATE[group_icon_open]; $cur_vis = "style=\"display:none\""; } if ($noexp != 1) { $more_tit = '<a href="javascript:rigaDOWN(Array(\'' . $table . '\'),\'ico_' . $table . '\',\'' . $table . '\',\'' . $SEARCH_TEMPLATE[group_icon_close] . '\',\'' . $SEARCH_TEMPLATE[group_icon_open] . '\')"><img src="' . $startpic . '" name="ico_' . $table . '" width="16" height="16" border="0" id="ico_' . $table . '"></a>'; } else { $more_tit = ""; } if ($TABLES[$table][title] != "") { $output .= '<tr><td><h5>' . $TABLES[$table][title] . ' ' . $more_tit . '</h5></td></tr>'; } require_once $CONF[path_base] . $CONF[dir_modules] . $table . "/lists.php"; $curlist = $LISTS[$table][$TABLES[$table][list_var]]; if (isset($SEARCH_FIELDS[$table])) { foreach ($SEARCH_FIELDS[$table] as $fs => $sterm) { if (isset($curlist[search_options])) { $curlist[search_options] .= "||"; } $curlist[search_options] .= "{$fs}::" . implode(";;", $sterm); } } $curlist[sql_select] = $sql; if (isset($curlist[search_options])) { list($perm_type, $perm_parent) = explode(";;", $TABLES[$table][permission]); if ($perm_type == 0) { $sql = str_replace("%[PERM]%", "1=1", $sql); } $curlist[sql_select] = $sql; $curlist[options] .= "||search::1"; } //print $sql; //PRINT if ($target_res == 0) { $curlist[box_title] = ""; unset($curlist[search_options]); $output .= '<tr id="' . $table . '" ' . $cur_vis . '><td>' . draw_list($curlist, $table) . '</td></tr>'; } elseif ($target_res == 1) { return draw_list_file($curlist, $table); } elseif ($target_res == 2) { if ($format_res == 1) { $output .= '<tr id="' . $table . '" ' . $cur_vis . '><td>'; $rs = @$DB->Execute(perm_sql_read($sql, $table)); while (!$rs->EOF) { $res = $rs->FetchRow(); $thisobj = load_fwobject("show", $table, 0); $output .= draw_object($thisobj, $res[id], $table) . "<br>\n"; } $output .= '</tr></td>'; } else { $curlist[box_title] = ""; $output .= '<tr id="' . $table . '" ' . $cur_vis . '><td>' . draw_list($curlist, $table) . '</td></tr>'; } } } $output .= '</table>'; return $output; }
$thisobj["Fields"]["button_w"] = make_button("mod_document.php?id=" . $_GET[id], FW_MODIFY); } else { $thisobj["Fields"]["button_w"] = FW_MODIFY; } if ($_SESSION["user"][admin] == 1) { $thisobj["Fields"]["button_d"] = make_button_del($CONF[url_base] . $CONF[dir_modules] . "document/pages/documents_view.php?form_id=listdoc&form_page=1&ref_prat[text]=&ref_prat[realval][]=" . $result[ref_prat] . "&id=" . $_GET[id] . "&action=del", FW_DELETE); } else { $thisobj["Fields"]["button_d"] = FW_DELETE; } if ($rs_tmp->RecordCount() > 0) { $thisobj["Fields"]["history"] = draw_list($thislist, $module); } else { $thisobj["Fields"]["history"] = '<b><center>' . DOCUMENT_NOHIST . '</center></b>'; } } else { $rs_user = $DB->Execute("SELECT * FROM " . $CONF[auth_db_table] . " WHERE id=" . $result[user_lock]); $thisuser = $rs_user->FetchRow(); $thisobj["Fields"]["history"] = '<b><center>' . DOCUMENT_LOCKED . ' ' . $thisuser[nome] . '</center></b>'; } print draw_object($thisobj, $myid, $module); } else { $response[title] = FW_ERROR_NO_PERM; $response[text] = FW_ERROR_NO_PERM_TXT; $iserror = 1; print draw_response($response); } } $PAGE[PAGE_CONTENT] = ob_get_contents(); ob_end_clean(); template_define_elements(); final_render();