function categories_update($selected_id)
{
global $Translation;
if ($_GET['update_x'] != '') {
$_POST = $_GET;
}
// mm: can member edit record?
$arrPerm = getTablePermissions('categories');
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='categories' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='categories' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
// allow update?
// update allowed, so continue ...
} else {
return false;
}
$data['CategoryName'] = makeSafe($_POST['CategoryName']);
if ($data['CategoryName'] == empty_lookup_value) {
$data['CategoryName'] = '';
}
$data['Description'] = makeSafe($_POST['Description']);
if ($data['Description'] == empty_lookup_value) {
$data['Description'] = '';
}
$data['selectedID'] = makeSafe($selected_id);
if ($_POST['Picture_remove'] == 1) {
$data['Picture'] = '';
// delete file from server
$res = sql("select `Picture` from `categories` where `CategoryID`='" . makeSafe($selected_id) . "'", $eo);
if ($row = @db_fetch_row($res)) {
if ($row[0] != '') {
@unlink(getUploadDir('') . $row[0]);
preg_match('/^[a-z0-9_]+\\.(gif|png|jpg|jpeg|jpe)$/i', $row[0], $m);
$thumbDV = str_replace(".{$m['1']}ffffgggg", "_dv.{$m['1']}", $row[0] . 'ffffgggg');
$thumbTV = str_replace(".{$m['1']}ffffgggg", "_tv.{$m['1']}", $row[0] . 'ffffgggg');
@unlink(getUploadDir('') . $thumbTV);
@unlink(getUploadDir('') . $thumbDV);
}
}
} else {
$data['Picture'] = PrepareUploadedFile('Picture', 204800, 'jpg|jpeg|gif|png', false, "");
if ($data['Picture']) {
createThumbnail($data['Picture'], getThumbnailSpecs('categories', 'Picture', 'tv'));
}
if ($data['Picture']) {
createThumbnail($data['Picture'], getThumbnailSpecs('categories', 'Picture', 'dv'));
}
// delete file from server
if ($data['Picture'] != '') {
$res = sql("select `Picture` from `categories` where `CategoryID`='" . makeSafe($selected_id) . "'", $eo);
if ($row = @db_fetch_row($res)) {
if ($row[0] != '') {
@unlink(getUploadDir('') . $row[0]);
preg_match('/^[a-z0-9_]+\\.(gif|png|jpg|jpeg|jpe)$/i', $row[0], $m);
$thumbDV = str_replace(".{$m['1']}ffffgggg", "_dv.{$m['1']}", $row[0] . 'ffffgggg');
$thumbTV = str_replace(".{$m['1']}ffffgggg", "_tv.{$m['1']}", $row[0] . 'ffffgggg');
@unlink(getUploadDir('') . $thumbTV);
@unlink(getUploadDir('') . $thumbDV);
}
}
}
}
// hook: categories_before_update
if (function_exists('categories_before_update')) {
$args = array();
if (!categories_before_update($data, getMemberInfo(), $args)) {
return false;
}
}
$o = array('silentErrors' => true);
sql('update `categories` set ' . ($data['Picture'] != '' ? "`Picture`='{$data['Picture']}'" : ($_POST['Picture_remove'] != 1 ? '`Picture`=`Picture`' : '`Picture`=NULL')) . ', `CategoryName`=' . ($data['CategoryName'] !== '' && $data['CategoryName'] !== NULL ? "'{$data['CategoryName']}'" : 'NULL') . ', `Description`=' . ($data['Description'] !== '' && $data['Description'] !== NULL ? "'{$data['Description']}'" : 'NULL') . " where `CategoryID`='" . makeSafe($selected_id) . "'", $o);
if ($o['error'] != '') {
echo $o['error'];
echo '<a href="categories_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>";
exit;
}
// hook: categories_after_update
if (function_exists('categories_after_update')) {
$res = sql("SELECT * FROM `categories` WHERE `CategoryID`='{$data['selectedID']}' LIMIT 1", $eo);
if ($row = db_fetch_assoc($res)) {
$data = array_map('makeSafe', $row);
}
$data['selectedID'] = $data['CategoryID'];
$args = array();
if (!categories_after_update($data, getMemberInfo(), $args)) {
return;
}
}
// mm: update ownership data
sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='categories' and pkValue='" . makeSafe($selected_id) . "'", $eo);
}
getImage();
}
if (!preg_match('/^[a-z0-9_]+\\.(gif|png|jpg|jpeg|jpe)$/i', $i, $m)) {
getImage();
}
if ($v != 'tv' && $v != 'dv') {
getImage();
}
$img = $p[$t][$f] . $i;
$thumb = str_replace(".{$m['1']}ffffgggg", "_{$v}.{$m['1']}", $img . 'ffffgggg');
// if thumbnail exists and the user is not admin, output it without rebuilding the thumbnail
if (getImage($thumb) && !getLoggedAdmin()) {
exit;
}
// otherwise, try to create the thumbnail and output it
if (!createThumbnail($img, getThumbnailSpecs($t, $f, $v))) {
getImage();
}
if (!getImage($thumb)) {
getImage();
}
function getImage($img = '')
{
if (!$img) {
// default image to return
$img = './photo.gif';
$exit = TRUE;
}
$thumbInfo = @getimagesize($img);
$fp = @fopen($img, 'rb');
if ($thumbInfo && $fp) {
function properties_update($selected_id)
{
global $Translation;
if ($_GET['update_x'] != '') {
$_POST = $_GET;
}
// mm: can member edit record?
$arrPerm = getTablePermissions('properties');
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='properties' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='properties' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
// allow update?
// update allowed, so continue ...
} else {
return false;
}
$data['property_name'] = makeSafe($_POST['property_name']);
if ($data['property_name'] == empty_lookup_value) {
$data['property_name'] = '';
}
if ($data['property_name'] == '') {
echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Property Name': {$Translation['field not null']}<br><br>";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['type'] = makeSafe($_POST['type']);
if ($data['type'] == empty_lookup_value) {
$data['type'] = '';
}
if ($data['type'] == '') {
echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Type': {$Translation['field not null']}<br><br>";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['number_of_units'] = makeSafe($_POST['number_of_units']);
if ($data['number_of_units'] == empty_lookup_value) {
$data['number_of_units'] = '';
}
$data['owner'] = makeSafe($_POST['owner']);
if ($data['owner'] == empty_lookup_value) {
$data['owner'] = '';
}
$data['operating_account'] = makeSafe($_POST['operating_account']);
if ($data['operating_account'] == empty_lookup_value) {
$data['operating_account'] = '';
}
$data['property_reserve'] = makeSafe($_POST['property_reserve']);
if ($data['property_reserve'] == empty_lookup_value) {
$data['property_reserve'] = '';
}
$data['lease_term'] = makeSafe($_POST['lease_term']);
if ($data['lease_term'] == empty_lookup_value) {
$data['lease_term'] = '';
}
$data['country'] = makeSafe($_POST['country']);
if ($data['country'] == empty_lookup_value) {
$data['country'] = '';
}
$data['street'] = makeSafe($_POST['street']);
if ($data['street'] == empty_lookup_value) {
$data['street'] = '';
}
$data['City'] = makeSafe($_POST['City']);
if ($data['City'] == empty_lookup_value) {
$data['City'] = '';
}
$data['State'] = makeSafe($_POST['State']);
if ($data['State'] == empty_lookup_value) {
$data['State'] = '';
}
$data['ZIP'] = makeSafe($_POST['ZIP']);
if ($data['ZIP'] == empty_lookup_value) {
$data['ZIP'] = '';
}
$data['selectedID'] = makeSafe($selected_id);
if ($_POST['photo_remove'] == 1) {
$data['photo'] = '';
} else {
$data['photo'] = PrepareUploadedFile('photo', 1024000, 'jpg|jpeg|gif|png', false, "");
if ($data['photo']) {
createThumbnail($data['photo'], getThumbnailSpecs('properties', 'photo', 'tv'));
}
if ($data['photo']) {
createThumbnail($data['photo'], getThumbnailSpecs('properties', 'photo', 'dv'));
}
}
// hook: properties_before_update
if (function_exists('properties_before_update')) {
$args = array();
if (!properties_before_update($data, getMemberInfo(), $args)) {
return false;
}
}
$o = array('silentErrors' => true);
sql('update `properties` set `property_name`=' . ($data['property_name'] !== '' && $data['property_name'] !== NULL ? "'{$data['property_name']}'" : 'NULL') . ', `type`=' . ($data['type'] !== '' && $data['type'] !== NULL ? "'{$data['type']}'" : 'NULL') . ', `number_of_units`=' . ($data['number_of_units'] !== '' && $data['number_of_units'] !== NULL ? "'{$data['number_of_units']}'" : 'NULL') . ', ' . ($data['photo'] != '' ? "`photo`='{$data['photo']}'" : ($_POST['photo_remove'] != 1 ? '`photo`=`photo`' : '`photo`=NULL')) . ', `owner`=' . ($data['owner'] !== '' && $data['owner'] !== NULL ? "'{$data['owner']}'" : 'NULL') . ', `country`=' . ($data['country'] !== '' && $data['country'] !== NULL ? "'{$data['country']}'" : 'NULL') . ', `street`=' . ($data['street'] !== '' && $data['street'] !== NULL ? "'{$data['street']}'" : 'NULL') . ', `City`=' . ($data['City'] !== '' && $data['City'] !== NULL ? "'{$data['City']}'" : 'NULL') . ', `State`=' . ($data['State'] !== '' && $data['State'] !== NULL ? "'{$data['State']}'" : 'NULL') . ', `ZIP`=' . ($data['ZIP'] !== '' && $data['ZIP'] !== NULL ? "'{$data['ZIP']}'" : 'NULL') . " where `id`='" . makeSafe($selected_id) . "'", $o);
if ($o['error'] != '') {
echo $o['error'];
echo '<a href="properties_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>";
exit;
}
// hook: properties_after_update
if (function_exists('properties_after_update')) {
$res = sql("SELECT * FROM `properties` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
if ($row = db_fetch_assoc($res)) {
$data = array_map('makeSafe', $row);
}
$data['selectedID'] = $data['id'];
$args = array();
if (!properties_after_update($data, getMemberInfo(), $args)) {
return;
}
}
// mm: update ownership data
sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='properties' and pkValue='" . makeSafe($selected_id) . "'", $eo);
}
function employees_update($selected_id)
{
global $Translation;
if ($_GET['update_x'] != '') {
$_POST = $_GET;
}
// mm: can member edit record?
$arrPerm = getTablePermissions('employees');
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='employees' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='employees' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
// allow update?
// update allowed, so continue ...
} else {
return false;
}
$data['TitleOfCourtesy'] = makeSafe($_POST['TitleOfCourtesy']);
if ($data['TitleOfCourtesy'] == empty_lookup_value) {
$data['TitleOfCourtesy'] = '';
}
$data['LastName'] = makeSafe($_POST['LastName']);
if ($data['LastName'] == empty_lookup_value) {
$data['LastName'] = '';
}
$data['FirstName'] = makeSafe($_POST['FirstName']);
if ($data['FirstName'] == empty_lookup_value) {
$data['FirstName'] = '';
}
$data['Title'] = makeSafe($_POST['Title']);
if ($data['Title'] == empty_lookup_value) {
$data['Title'] = '';
}
$data['BirthDate'] = intval($_POST['BirthDateYear']) . '-' . intval($_POST['BirthDateMonth']) . '-' . intval($_POST['BirthDateDay']);
$data['BirthDate'] = parseMySQLDate($data['BirthDate'], '');
$data['HireDate'] = intval($_POST['HireDateYear']) . '-' . intval($_POST['HireDateMonth']) . '-' . intval($_POST['HireDateDay']);
$data['HireDate'] = parseMySQLDate($data['HireDate'], '1');
$data['Address'] = br2nl(makeSafe($_POST['Address']));
$data['City'] = makeSafe($_POST['City']);
if ($data['City'] == empty_lookup_value) {
$data['City'] = '';
}
$data['Region'] = makeSafe($_POST['Region']);
if ($data['Region'] == empty_lookup_value) {
$data['Region'] = '';
}
$data['PostalCode'] = makeSafe($_POST['PostalCode']);
if ($data['PostalCode'] == empty_lookup_value) {
$data['PostalCode'] = '';
}
$data['Country'] = makeSafe($_POST['Country']);
if ($data['Country'] == empty_lookup_value) {
$data['Country'] = '';
}
$data['HomePhone'] = makeSafe($_POST['HomePhone']);
if ($data['HomePhone'] == empty_lookup_value) {
$data['HomePhone'] = '';
}
$data['Extension'] = makeSafe($_POST['Extension']);
if ($data['Extension'] == empty_lookup_value) {
$data['Extension'] = '';
}
$data['Notes'] = makeSafe($_POST['Notes']);
if ($data['Notes'] == empty_lookup_value) {
$data['Notes'] = '';
}
$data['ReportsTo'] = makeSafe($_POST['ReportsTo']);
if ($data['ReportsTo'] == empty_lookup_value) {
$data['ReportsTo'] = '';
}
$data['selectedID'] = makeSafe($selected_id);
if ($_POST['Photo_remove'] == 1) {
$data['Photo'] = '';
// delete file from server
$res = sql("select `Photo` from `employees` where `EmployeeID`='" . makeSafe($selected_id) . "'", $eo);
if ($row = @db_fetch_row($res)) {
if ($row[0] != '') {
@unlink(getUploadDir('') . $row[0]);
preg_match('/^[a-z0-9_]+\\.(gif|png|jpg|jpeg|jpe)$/i', $row[0], $m);
$thumbDV = str_replace(".{$m['1']}ffffgggg", "_dv.{$m['1']}", $row[0] . 'ffffgggg');
$thumbTV = str_replace(".{$m['1']}ffffgggg", "_tv.{$m['1']}", $row[0] . 'ffffgggg');
@unlink(getUploadDir('') . $thumbTV);
@unlink(getUploadDir('') . $thumbDV);
}
}
} else {
$data['Photo'] = PrepareUploadedFile('Photo', 153600, 'jpg|jpeg|gif|png', false, "");
if ($data['Photo']) {
createThumbnail($data['Photo'], getThumbnailSpecs('employees', 'Photo', 'tv'));
}
// delete file from server
if ($data['Photo'] != '') {
$res = sql("select `Photo` from `employees` where `EmployeeID`='" . makeSafe($selected_id) . "'", $eo);
if ($row = @db_fetch_row($res)) {
if ($row[0] != '') {
@unlink(getUploadDir('') . $row[0]);
preg_match('/^[a-z0-9_]+\\.(gif|png|jpg|jpeg|jpe)$/i', $row[0], $m);
$thumbDV = str_replace(".{$m['1']}ffffgggg", "_dv.{$m['1']}", $row[0] . 'ffffgggg');
$thumbTV = str_replace(".{$m['1']}ffffgggg", "_tv.{$m['1']}", $row[0] . 'ffffgggg');
@unlink(getUploadDir('') . $thumbTV);
@unlink(getUploadDir('') . $thumbDV);
}
}
}
}
// hook: employees_before_update
if (function_exists('employees_before_update')) {
$args = array();
if (!employees_before_update($data, getMemberInfo(), $args)) {
return false;
}
}
$o = array('silentErrors' => true);
sql('update `employees` set `TitleOfCourtesy`=' . ($data['TitleOfCourtesy'] !== '' && $data['TitleOfCourtesy'] !== NULL ? "'{$data['TitleOfCourtesy']}'" : 'NULL') . ', ' . ($data['Photo'] != '' ? "`Photo`='{$data['Photo']}'" : ($_POST['Photo_remove'] != 1 ? '`Photo`=`Photo`' : '`Photo`=NULL')) . ', `LastName`=' . ($data['LastName'] !== '' && $data['LastName'] !== NULL ? "'{$data['LastName']}'" : 'NULL') . ', `FirstName`=' . ($data['FirstName'] !== '' && $data['FirstName'] !== NULL ? "'{$data['FirstName']}'" : 'NULL') . ', `Title`=' . ($data['Title'] !== '' && $data['Title'] !== NULL ? "'{$data['Title']}'" : 'NULL') . ', `BirthDate`=' . ($data['BirthDate'] !== '' && $data['BirthDate'] !== NULL ? "'{$data['BirthDate']}'" : 'NULL') . ', `HireDate`=' . ($data['HireDate'] !== '' && $data['HireDate'] !== NULL ? "'{$data['HireDate']}'" : 'NULL') . ', `Address`=' . ($data['Address'] !== '' && $data['Address'] !== NULL ? "'{$data['Address']}'" : 'NULL') . ', `City`=' . ($data['City'] !== '' && $data['City'] !== NULL ? "'{$data['City']}'" : 'NULL') . ', `Region`=' . ($data['Region'] !== '' && $data['Region'] !== NULL ? "'{$data['Region']}'" : 'NULL') . ', `PostalCode`=' . ($data['PostalCode'] !== '' && $data['PostalCode'] !== NULL ? "'{$data['PostalCode']}'" : 'NULL') . ', `Country`=' . ($data['Country'] !== '' && $data['Country'] !== NULL ? "'{$data['Country']}'" : 'NULL') . ', `HomePhone`=' . ($data['HomePhone'] !== '' && $data['HomePhone'] !== NULL ? "'{$data['HomePhone']}'" : 'NULL') . ', `Extension`=' . ($data['Extension'] !== '' && $data['Extension'] !== NULL ? "'{$data['Extension']}'" : 'NULL') . ', `Notes`=' . ($data['Notes'] !== '' && $data['Notes'] !== NULL ? "'{$data['Notes']}'" : 'NULL') . ', `ReportsTo`=' . ($data['ReportsTo'] !== '' && $data['ReportsTo'] !== NULL ? "'{$data['ReportsTo']}'" : 'NULL') . " where `EmployeeID`='" . makeSafe($selected_id) . "'", $o);
if ($o['error'] != '') {
echo $o['error'];
echo '<a href="employees_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>";
exit;
}
// hook: employees_after_update
if (function_exists('employees_after_update')) {
$res = sql("SELECT * FROM `employees` WHERE `EmployeeID`='{$data['selectedID']}' LIMIT 1", $eo);
if ($row = db_fetch_assoc($res)) {
$data = array_map('makeSafe', $row);
}
$data['selectedID'] = $data['EmployeeID'];
$args = array();
if (!employees_after_update($data, getMemberInfo(), $args)) {
return;
}
}
// mm: update ownership data
sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='employees' and pkValue='" . makeSafe($selected_id) . "'", $eo);
}
function units_update($selected_id)
{
global $Translation;
if ($_GET['update_x'] != '') {
$_POST = $_GET;
}
// mm: can member edit record?
$arrPerm = getTablePermissions('units');
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='units' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='units' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
// allow update?
// update allowed, so continue ...
} else {
return false;
}
$data['property'] = makeSafe($_POST['property']);
if ($data['property'] == empty_lookup_value) {
$data['property'] = '';
}
$data['unit_number'] = makeSafe($_POST['unit_number']);
if ($data['unit_number'] == empty_lookup_value) {
$data['unit_number'] = '';
}
$data['status'] = makeSafe($_POST['status']);
if ($data['status'] == empty_lookup_value) {
$data['status'] = '';
}
if ($data['status'] == '') {
echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Status': {$Translation['field not null']}<br><br>";
echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>';
exit;
}
$data['size'] = makeSafe($_POST['size']);
if ($data['size'] == empty_lookup_value) {
$data['size'] = '';
}
$data['country'] = makeSafe($_POST['property']);
if ($data['country'] == empty_lookup_value) {
$data['country'] = '';
}
$data['street'] = makeSafe($_POST['property']);
if ($data['street'] == empty_lookup_value) {
$data['street'] = '';
}
$data['city'] = makeSafe($_POST['property']);
if ($data['city'] == empty_lookup_value) {
$data['city'] = '';
}
$data['state'] = makeSafe($_POST['property']);
if ($data['state'] == empty_lookup_value) {
$data['state'] = '';
}
$data['postal_code'] = makeSafe($_POST['property']);
if ($data['postal_code'] == empty_lookup_value) {
$data['postal_code'] = '';
}
$data['rooms'] = makeSafe($_POST['rooms']);
if ($data['rooms'] == empty_lookup_value) {
$data['rooms'] = '';
}
$data['bathroom'] = makeSafe($_POST['bathroom']);
if ($data['bathroom'] == empty_lookup_value) {
$data['bathroom'] = '';
}
if (is_array($_POST['features'])) {
$MultipleSeparator = ', ';
foreach ($_POST['features'] as $k => $v) {
$data['features'] .= makeSafe($v) . $MultipleSeparator;
}
$data['features'] = substr($data['features'], 0, -1 * strlen($MultipleSeparator));
} else {
$data['features'] = '';
}
$data['market_rent'] = makeSafe($_POST['market_rent']);
if ($data['market_rent'] == empty_lookup_value) {
$data['market_rent'] = '';
}
$data['rental_amount'] = makeSafe($_POST['rental_amount']);
if ($data['rental_amount'] == empty_lookup_value) {
$data['rental_amount'] = '';
}
$data['deposit_amount'] = makeSafe($_POST['deposit_amount']);
if ($data['deposit_amount'] == empty_lookup_value) {
$data['deposit_amount'] = '';
}
$data['description'] = makeSafe($_POST['description']);
if ($data['description'] == empty_lookup_value) {
$data['description'] = '';
}
$data['selectedID'] = makeSafe($selected_id);
if ($_POST['photo_remove'] == 1) {
$data['photo'] = '';
} else {
$data['photo'] = PrepareUploadedFile('photo', 1024000, 'jpg|jpeg|gif|png', false, "");
if ($data['photo']) {
createThumbnail($data['photo'], getThumbnailSpecs('units', 'photo', 'tv'));
}
if ($data['photo']) {
createThumbnail($data['photo'], getThumbnailSpecs('units', 'photo', 'dv'));
}
}
// hook: units_before_update
if (function_exists('units_before_update')) {
$args = array();
if (!units_before_update($data, getMemberInfo(), $args)) {
return false;
}
}
$o = array('silentErrors' => true);
sql('update `units` set `property`=' . ($data['property'] !== '' && $data['property'] !== NULL ? "'{$data['property']}'" : 'NULL') . ', `unit_number`=' . ($data['unit_number'] !== '' && $data['unit_number'] !== NULL ? "'{$data['unit_number']}'" : 'NULL') . ', ' . ($data['photo'] != '' ? "`photo`='{$data['photo']}'" : ($_POST['photo_remove'] != 1 ? '`photo`=`photo`' : '`photo`=NULL')) . ', `status`=' . ($data['status'] !== '' && $data['status'] !== NULL ? "'{$data['status']}'" : 'NULL') . ', `size`=' . ($data['size'] !== '' && $data['size'] !== NULL ? "'{$data['size']}'" : 'NULL') . ', `country`=' . ($data['country'] !== '' && $data['country'] !== NULL ? "'{$data['country']}'" : 'NULL') . ', `street`=' . ($data['street'] !== '' && $data['street'] !== NULL ? "'{$data['street']}'" : 'NULL') . ', `city`=' . ($data['city'] !== '' && $data['city'] !== NULL ? "'{$data['city']}'" : 'NULL') . ', `state`=' . ($data['state'] !== '' && $data['state'] !== NULL ? "'{$data['state']}'" : 'NULL') . ', `postal_code`=' . ($data['postal_code'] !== '' && $data['postal_code'] !== NULL ? "'{$data['postal_code']}'" : 'NULL') . ', `rooms`=' . ($data['rooms'] !== '' && $data['rooms'] !== NULL ? "'{$data['rooms']}'" : 'NULL') . ', `bathroom`=' . ($data['bathroom'] !== '' && $data['bathroom'] !== NULL ? "'{$data['bathroom']}'" : 'NULL') . ', `features`=' . ($data['features'] !== '' && $data['features'] !== NULL ? "'{$data['features']}'" : 'NULL') . ', `rental_amount`=' . ($data['rental_amount'] !== '' && $data['rental_amount'] !== NULL ? "'{$data['rental_amount']}'" : 'NULL') . ', `description`=' . ($data['description'] !== '' && $data['description'] !== NULL ? "'{$data['description']}'" : 'NULL') . " where `id`='" . makeSafe($selected_id) . "'", $o);
if ($o['error'] != '') {
echo $o['error'];
echo '<a href="units_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>";
exit;
}
// hook: units_after_update
if (function_exists('units_after_update')) {
$res = sql("SELECT * FROM `units` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
if ($row = db_fetch_assoc($res)) {
$data = array_map('makeSafe', $row);
}
$data['selectedID'] = $data['id'];
$args = array();
if (!units_after_update($data, getMemberInfo(), $args)) {
return;
}
}
// mm: update ownership data
sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='units' and pkValue='" . makeSafe($selected_id) . "'", $eo);
}
