function Render() { global $Translation; $eo['silentErrors'] = true; $result = sql($this->Query . ' limit ' . datalist_auto_complete_size, $eo); if ($eo['error'] != '') { $this->HTML = error_message(htmlspecialchars($eo['error']) . "\n\n<!--\n{$Translation['query:']}\n {$this->Query}\n-->\n\n"); return; } $this->ItemCount = db_num_rows($result); $combo = new Combo(); $combo->Class = $this->Class; $combo->Style = $this->Style; $combo->SelectName = $this->SelectName; $combo->SelectedData = $this->SelectedData; $combo->SelectedText = $this->SelectedText; $combo->SelectedClass = 'SelectedOption'; $combo->ListType = $this->ListType; $combo->ListBoxHeight = $this->ListBoxHeight; $combo->RadiosPerLine = $this->RadiosPerLine; $combo->AllowNull = $this->ListType == 2 ? 0 : $this->AllowNull; while ($row = db_fetch_row($result)) { $combo->ListData[] = htmlspecialchars($row[0], ENT_QUOTES, 'iso-8859-1'); $combo->ListItem[] = $row[1]; } $combo->Render(); $this->MatchText = $combo->MatchText; $this->SelectedText = $combo->SelectedText; $this->SelectedData = $combo->SelectedData; if ($this->ListType == 2) { $rnd = rand(100, 999); $SelectedID = htmlspecialchars(urlencode($this->SelectedData)); $pt_perm = getTablePermissions($this->parent_table); if ($pt_perm['view'] || $pt_perm['edit']) { $this->HTML = str_replace(">{$this->MatchText}</label>", ">{$this->MatchText}</label> <button type=\"button\" class=\"btn btn-default view_parent hspacer-lg\" id=\"{$this->parent_table}_view_parent\" title=" . htmlspecialchars($Translation['View']) . "><i class=\"glyphicon glyphicon-eye-open\"></i></button>", $combo->HTML); } $this->HTML = str_replace(' type="radio" ', ' type="radio" onclick="' . $this->SelectName . '_changed();" ', $this->HTML); } else { $this->HTML = $combo->HTML; } }
function Render() { global $Translation; $eo['silentErrors'] = true; $result = sql($this->Query . ' limit ' . datalist_auto_complete_size, $eo); if ($eo['error'] != '') { $this->HTML = error_message(htmlspecialchars($eo['error']) . "\n\n<!--\n{$Translation['query:']}\n {$this->Query}\n-->\n\n"); return; } $this->ItemCount = db_num_rows($result); $combo = new Combo(); $combo->Class = $this->Class; $combo->Style = $this->Style; $combo->SelectName = $this->SelectName; $combo->SelectedData = $this->SelectedData; $combo->SelectedText = $this->SelectedText; $combo->SelectedClass = 'SelectedOption'; $combo->ListType = $this->ListType; $combo->ListBoxHeight = $this->ListBoxHeight; $combo->RadiosPerLine = $this->RadiosPerLine; $combo->AllowNull = $this->ListType == 2 ? 0 : $this->AllowNull; while ($row = db_fetch_row($result)) { $combo->ListData[] = htmlspecialchars($row[0], ENT_QUOTES); $combo->ListItem[] = $row[1]; } $combo->Render(); $this->MatchText = $combo->MatchText; $this->SelectedText = $combo->SelectedText; $this->SelectedData = $combo->SelectedData; if ($this->ListType == 2) { $rnd = rand(100, 999); $SelectedID = htmlspecialchars(urlencode($this->SelectedData)); $this->HTML = str_replace(">{$this->MatchText}</label>", ">{$this->MatchText}</label> <span id=\"{$this->parent_table}_plink{$rnd}\"><a href=\"{$this->parent_table}_view.php?SelectedID={$SelectedID}\" class=\"btn btn-default btn-sm\"><i class=\"glyphicon glyphicon-search\"></i></a></span>", $combo->HTML); $this->HTML = str_replace(' type="radio" ', ' type="radio" onclick="' . $this->SelectName . '_changed();" ', $this->HTML); } else { $this->HTML = $combo->HTML; } }
<td>Apellido</td> <td><input type="text" name="lastname" id="lastname" /></td> </tr> <tr> <td>ID Usuario</td> <td><input type="text" name="login" id="login" /></td> </tr> <tr> <td>Password</td> <td><input type="password" name="password" id="password" /></td> </tr> <tr> <td>Rol</td> <td> <?php $sql = "SELECT idroles,name FROM roles"; $cmb = new Combo(); $cmb->AddItem(0, "Selecciona"); $cmb->FillDB($sql); $cmb->Render("idroles"); ?> </td> </tr> <tr> <td colspan="2"><div align="center"><input type="submit" value="Guardar" name="Guardar" /></div></td> </tr> </table> </form> </body> </html>
function Render() { // get post and get variables global $Translation; $adminConfig = config('adminConfig'); $FiltersPerGroup = 4; $buttonWholeWidth = 136; $current_view = ''; /* TV, DV, TVDV, TVP, DVP, Filters */ $Embedded = intval($_REQUEST['Embedded']); if ($_SERVER['REQUEST_METHOD'] == 'GET') { $SortField = $_GET["SortField"]; $SortDirection = $_GET["SortDirection"]; $FirstRecord = $_GET["FirstRecord"]; $ScrollUp_y = $_GET["ScrollUp_y"]; $ScrollDn_y = $_GET["ScrollDn_y"]; $Previous_x = $_GET["Previous_x"]; $Next_x = $_GET["Next_x"]; $Filter_x = $_GET["Filter_x"]; $SaveFilter_x = $_GET["SaveFilter_x"]; $NoFilter_x = $_GET["NoFilter_x"]; $CancelFilter = $_GET["CancelFilter"]; $ApplyFilter = $_GET["ApplyFilter"]; $Search_x = $_GET["Search_x"]; $SearchString = get_magic_quotes_gpc() ? stripslashes($_GET['SearchString']) : $_GET['SearchString']; $CSV_x = $_GET["CSV_x"]; $FilterAnd = $_GET["FilterAnd"]; $FilterField = $_GET["FilterField"]; $FilterOperator = $_GET["FilterOperator"]; if (is_array($_GET['FilterValue'])) { foreach ($_GET['FilterValue'] as $fvi => $fv) { $FilterValue[$fvi] = get_magic_quotes_gpc() ? stripslashes($fv) : $fv; } } $Print_x = $_GET['Print_x']; $PrintTV = $_GET['PrintTV']; $PrintDV = $_GET['PrintDV']; $SelectedID = get_magic_quotes_gpc() ? stripslashes($_GET['SelectedID']) : $_GET['SelectedID']; $insert_x = $_GET['insert_x']; $update_x = $_GET['update_x']; $delete_x = $_GET['delete_x']; $SkipChecks = $_GET['confirmed']; $deselect_x = $_GET['deselect_x']; $addNew_x = $_GET['addNew_x']; $dvprint_x = $_GET['dvprint_x']; $DisplayRecords = in_array($_GET['DisplayRecords'], array('user', 'group')) ? $_GET['DisplayRecords'] : 'all'; } else { $SortField = $_POST['SortField']; $SortDirection = $_POST['SortDirection']; $FirstRecord = $_POST['FirstRecord']; $ScrollUp_y = $_POST['ScrollUp_y']; $ScrollDn_y = $_POST['ScrollDn_y']; $Previous_x = $_POST['Previous_x']; $Next_x = $_POST['Next_x']; $Filter_x = $_POST['Filter_x']; $SaveFilter_x = $_POST['SaveFilter_x']; $NoFilter_x = $_POST['NoFilter_x']; $CancelFilter = $_POST['CancelFilter']; $ApplyFilter = $_POST['ApplyFilter']; $Search_x = $_POST['Search_x']; $SearchString = get_magic_quotes_gpc() ? stripslashes($_POST['SearchString']) : $_POST['SearchString']; $CSV_x = $_POST['CSV_x']; $FilterAnd = $_POST['FilterAnd']; $FilterField = $_POST['FilterField']; $FilterOperator = $_POST['FilterOperator']; if (is_array($_POST['FilterValue'])) { foreach ($_POST['FilterValue'] as $fvi => $fv) { $FilterValue[$fvi] = get_magic_quotes_gpc() ? stripslashes($fv) : $fv; } } $Print_x = $_POST['Print_x']; $PrintTV = $_POST['PrintTV']; $PrintDV = $_POST['PrintDV']; $SelectedID = get_magic_quotes_gpc() ? stripslashes($_POST['SelectedID']) : $_POST['SelectedID']; $insert_x = $_POST['insert_x']; $update_x = $_POST['update_x']; $delete_x = $_POST['delete_x']; $SkipChecks = $_POST['confirmed']; $deselect_x = $_POST['deselect_x']; $addNew_x = $_POST['addNew_x']; $dvprint_x = $_POST['dvprint_x']; $DisplayRecords = in_array($_POST['DisplayRecords'], array('user', 'group')) ? $_POST['DisplayRecords'] : 'all'; } $mi = getMemberInfo(); // insure authenticity of user inputs: if (is_array($FilterAnd)) { foreach ($FilterAnd as $i => $f) { if ($f && !preg_match('/^(and|or)$/i', trim($f))) { $FilterAnd[$i] = 'and'; } } } if (is_array($FilterOperator)) { foreach ($FilterOperator as $i => $f) { if ($f && !in_array(trim($f), array_keys($GLOBALS['filter_operators']))) { $FilterOperator[$i] = ''; } } } if (!preg_match('/^\\s*[1-9][0-9]*\\s*(asc|desc)?(\\s*,\\s*[1-9][0-9]*\\s*(asc|desc)?)*$/i', $SortField)) { $SortField = ''; } if (!preg_match('/^(asc|desc)$/i', $SortDirection)) { $SortDirection = ''; } if (!$this->AllowDelete) { $delete_x = ''; } if (!$this->AllowDeleteOfParents) { $SkipChecks = ''; } if (!$this->AllowInsert) { $insert_x = ''; $addNew_x = ''; } if (!$this->AllowUpdate) { $update_x = ''; } if (!$this->AllowFilters) { $Filter_x = ''; } if (!$this->AllowPrinting) { $Print_x = ''; $PrintTV = ''; } if (!$this->QuickSearch) { $SearchString = ''; } if (!$this->AllowCSV) { $CSV_x = ''; } // enforce record selection if user has edit/delete permissions on the current table $AllowPrintDV = 1; $this->Permissions = getTablePermissions($this->TableName); if ($this->Permissions[3] || $this->Permissions[4]) { // current user can edit or delete? $this->AllowSelection = 1; } elseif (!$this->AllowSelection) { $SelectedID = ''; $AllowPrintDV = 0; $PrintDV = ''; } if (!$this->AllowSelection || !$SelectedID) { $dvprint_x = ''; } $this->QueryFieldsIndexed = reIndex($this->QueryFieldsFilters); // determine type of current view: TV, DV, TVDV, TVP, DVP or Filters? if ($this->SeparateDV) { $current_view = 'TV'; if ($Print_x != '' || $PrintTV != '') { $current_view = 'TVP'; } elseif ($dvprint_x != '' || $PrintDV != '') { $current_view = 'DVP'; } elseif ($Filter_x != '') { $current_view = 'Filters'; } elseif ($SelectedID && !$deselect_x && !$delete_x || $addNew_x != '') { $current_view = 'DV'; } } else { $current_view = 'TVDV'; if ($Print_x != '' || $PrintTV != '') { $current_view = 'TVP'; } elseif ($dvprint_x != '' || $PrintDV != '') { $current_view = 'DVP'; } elseif ($Filter_x != '') { $current_view = 'Filters'; } } $this->HTML .= '<div class="row"><div class="col-xs-11 col-md-12">'; $this->HTML .= '<form ' . (datalist_image_uploads_exist ? 'enctype="multipart/form-data" ' : '') . 'method="post" name="myform" action="' . $this->ScriptFileName . '">'; if ($Embedded) { $this->HTML .= '<input name="Embedded" value="1" type="hidden" />'; } $this->HTML .= '<script>'; $this->HTML .= 'function enterAction(){'; $this->HTML .= ' if($$("input[name=SearchString]:focus")[0] != undefined){ $("Search").click(); }'; $this->HTML .= ' return false;'; $this->HTML .= '}'; $this->HTML .= '</script>'; $this->HTML .= '<input id="EnterAction" type="submit" style="position: absolute; left: 0px; top: -250px;" onclick="return enterAction();">'; $this->ContentType = 'tableview'; // default content type if ($PrintTV != '') { $Print_x = 1; $_POST['Print_x'] = 1; } // handle user commands ... if ($deselect_x != '') { $SelectedID = ''; $this->showTV(); } elseif ($insert_x != '') { $SelectedID = call_user_func($this->TableName . '_insert'); // redirect to a safe url to avoid refreshing and thus // insertion of duplicate records. $url = $this->RedirectAfterInsert; $insert_status = 'record-added-ok=' . rand(); if (!$SelectedID) { $insert_status = 'record-added-error=' . rand(); } // compose filters and sorting foreach ($this->filterers as $filterer => $caption) { if ($_REQUEST['filterer_' . $filterer] != '') { $filtersGET .= '&filterer_' . $filterer . '=' . urlencode($_REQUEST['filterer_' . $filterer]); } } for ($i = 1; $i <= 20 * $FiltersPerGroup; $i++) { // Number of filters allowed if ($FilterField[$i] != '' && $FilterOperator[$i] != '' && ($FilterValue[$i] != '' || strpos($FilterOperator[$i], 'empty'))) { $filtersGET .= "&FilterAnd[{$i}]={$FilterAnd[$i]}&FilterField[{$i}]={$FilterField[$i]}&FilterOperator[{$i}]={$FilterOperator[$i]}&FilterValue[{$i}]=" . urlencode($FilterValue[$i]); } } if ($Embedded) { $filtersGET .= '&Embedded=1&SelectedID=' . urlencode($SelectedID); } $filtersGET .= "&SortField={$SortField}&SortDirection={$SortDirection}&FirstRecord={$FirstRecord}"; $filtersGET .= "&DisplayRecords={$DisplayRecords}"; $filtersGET .= '&SearchString=' . urlencode($SearchString); $filtersGET = substr($filtersGET, 1); // remove initial & if ($url) { /* if designer specified a redirect-after-insert url */ $url .= (strpos($url, '?') !== false ? '&' : '?') . $insert_status; $url .= strpos($url, $this->ScriptFileName) !== false ? "&{$filtersGET}" : ''; $url = str_replace("#ID#", urlencode($SelectedID), $url); } else { /* if no redirect-after-insert url, use default */ $url = "{$this->ScriptFileName}?{$insert_status}&{$filtersGET}"; /* if DV and TV in same page, select new record */ if (!$this->SeparateDV) { $url .= '&SelectedID=' . urlencode($SelectedID); } } @header('Location: ' . $url); $this->HTML .= "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"0;url=" . $url . "\">"; return; } elseif ($delete_x != '') { $d = call_user_func($this->TableName . '_delete', $SelectedID, $this->AllowDeleteOfParents, $SkipChecks); // handle ajax delete requests if (is_ajax()) { die($d ? $d : 'OK'); } if ($d) { //$_REQUEST['record-deleted-error'] = 1; $this->HTML .= error_message($d); } else { $_REQUEST['record-deleted-ok'] = 1; $SelectedID = ''; $this->showTV(); } } elseif ($update_x != '') { $updated = call_user_func($this->TableName . '_update', $SelectedID); $update_status = 'record-updated-ok=' . rand(); if ($updated === false) { $update_status = 'record-updated-error=' . rand(); } // compose filters and sorting foreach ($this->filterers as $filterer => $caption) { if ($_REQUEST['filterer_' . $filterer] != '') { $filtersGET .= '&filterer_' . $filterer . '=' . urlencode($_REQUEST['filterer_' . $filterer]); } } for ($i = 1; $i <= 20 * $FiltersPerGroup; $i++) { // Number of filters allowed if ($FilterField[$i] != '' && $FilterOperator[$i] != '' && ($FilterValue[$i] != '' || strpos($FilterOperator[$i], 'empty'))) { $filtersGET .= "&FilterAnd[{$i}]={$FilterAnd[$i]}&FilterField[{$i}]={$FilterField[$i]}&FilterOperator[{$i}]={$FilterOperator[$i]}&FilterValue[{$i}]=" . urlencode($FilterValue[$i]); } } $filtersGET .= "&SortField={$SortField}&SortDirection={$SortDirection}&FirstRecord={$FirstRecord}&Embedded={$Embedded}"; $filtersGET .= "&DisplayRecords={$DisplayRecords}"; $filtersGET .= '&SearchString=' . urlencode($SearchString); $filtersGET = substr($filtersGET, 1); // remove initial & $redirectUrl = $this->ScriptFileName . '?SelectedID=' . urlencode($SelectedID) . '&' . $filtersGET . '&' . $update_status; @header("Location: {$redirectUrl}"); $this->HTML .= '<META HTTP-EQUIV="Refresh" CONTENT="0;url=' . $redirectUrl . '">'; return; } elseif ($addNew_x != '') { $SelectedID = ''; $this->hideTV(); } elseif ($Print_x != '') { // print code here .... $this->AllowNavigation = 0; $this->AllowSelection = 0; } elseif ($SaveFilter_x != '' && $this->AllowSavingFilters) { $filter_link = $_SERVER['HTTP_REFERER'] . '?SortField=' . urlencode($SortField) . '&SortDirection=' . $SortDirection . '&'; for ($i = 1; $i <= 20 * $FiltersPerGroup; $i++) { // Number of filters allowed if (($FilterField[$i] != '' || $i == 1) && $FilterOperator[$i] != '' && ($FilterValue[$i] != '' || strpos($FilterOperator[$i], 'empty'))) { $filter_link .= urlencode("FilterAnd[{$i}]") . '=' . urlencode($FilterAnd[$i]) . '&'; $filter_link .= urlencode("FilterField[{$i}]") . '=' . urlencode($FilterField[$i]) . '&'; $filter_link .= urlencode("FilterOperator[{$i}]") . '=' . urlencode($FilterOperator[$i]) . '&'; $filter_link .= urlencode("FilterValue[{$i}]") . '=' . urlencode($FilterValue[$i]) . '&'; } } $filter_link = substr($filter_link, 0, -1); /* trim last '&' */ $this->HTML .= '<div id="saved_filter_source_code" class="row"><div class="col-md-6 col-md-offset-3">'; $this->HTML .= '<div class="panel panel-info">'; $this->HTML .= '<div class="panel-heading"><h3 class="panel-title">' . $Translation["saved filters title"] . "</h3></div>"; $this->HTML .= '<div class="panel-body">'; $this->HTML .= $Translation["saved filters instructions"]; $this->HTML .= '<textarea rows="4" class="form-control vspacer-lg" style="width: 100%;" onfocus="$j(this).select();">' . "<a href=\"{$filter_link}\">Saved filter link<a>" . '</textarea>'; $this->HTML .= "<div><a href=\"{$filter_link}\" title=\"" . htmlspecialchars($filter_link) . "\">{$Translation['permalink']}</a></div>"; $this->HTML .= '<button type="button" class="btn btn-default btn-block vspacer-lg" onclick="$j(\'#saved_filter_source_code\').remove();"><i class="glyphicon glyphicon-remove"></i> ' . $Translation['hide code'] . '</button>'; $this->HTML .= '</div>'; $this->HTML .= '</div>'; $this->HTML .= '</div></div>'; } elseif ($Filter_x != '') { $orderBy = array(); if ($SortField) { $sortFields = explode(',', $SortField); $i = 0; foreach ($sortFields as $sf) { $tob = preg_split('/\\s+/', $sf, 2); $orderBy[] = array(trim($tob[0]) => strtolower(trim($tob[1])) == 'desc' ? 'desc' : 'asc'); $i++; } $orderBy[$i - 1][$tob[0]] = strtolower(trim($SortDirection)) == 'desc' ? 'desc' : 'asc'; } $currDir = dirname(__FILE__) . '/hooks'; // path to hooks folder $uff = "{$currDir}/{$this->TableName}.filters.{$mi['username']}.php"; // user-specific filter file $gff = "{$currDir}/{$this->TableName}.filters.{$mi['group']}.php"; // group-specific filter file $tff = "{$currDir}/{$this->TableName}.filters.php"; // table-specific filter file /* if no explicit filter file exists, look for filter files in the hooks folder in this order: 1. tablename.filters.username.php ($uff) 2. tablename.filters.groupname.php ($gff) 3. tablename.filters.php ($tff) */ if (!is_file($this->FilterPage)) { $this->FilterPage = 'defaultFilters.php'; if (is_file($uff)) { $this->FilterPage = $uff; } elseif (is_file($gff)) { $this->FilterPage = $gff; } elseif (is_file($tff)) { $this->FilterPage = $tff; } } if ($this->FilterPage != '') { ob_start(); @(include $this->FilterPage); $out = ob_get_contents(); ob_end_clean(); $this->HTML .= $out; } // hidden variables .... $this->HTML .= '<input name="SortField" value="' . $SortField . '" type="hidden" />'; $this->HTML .= '<input name="SortDirection" type="hidden" value="' . $SortDirection . '" />'; $this->HTML .= '<input name="FirstRecord" type="hidden" value="1" />'; $this->ContentType = 'filters'; return; } elseif ($NoFilter_x != '') { // clear all filters ... for ($i = 1; $i <= datalist_filters_count * $FiltersPerGroup; $i++) { // Number of filters allowed $FilterField[$i] = ''; $FilterOperator[$i] = ''; $FilterValue[$i] = ''; } $DisplayRecords = 'all'; $SearchString = ''; $FirstRecord = 1; // clear filterers foreach ($this->filterers as $filterer => $caption) { $_REQUEST['filterer_' . $filterer] = ''; } } elseif ($SelectedID) { $this->hideTV(); } // apply lookup filterers to the query foreach ($this->filterers as $filterer => $caption) { if ($_REQUEST['filterer_' . $filterer] != '') { if ($this->QueryWhere == '') { $this->QueryWhere = "where "; } else { $this->QueryWhere .= " and "; } $this->QueryWhere .= "`{$this->TableName}`.`{$filterer}`='" . makeSafe($_REQUEST['filterer_' . $filterer]) . "' "; break; // currently, only one filterer can be applied at a time } } // apply quick search to the query if ($SearchString != '') { if ($Search_x != '') { $FirstRecord = 1; } if ($this->QueryWhere == '') { $this->QueryWhere = "where "; } else { $this->QueryWhere .= " and "; } foreach ($this->QueryFieldsQS as $fName => $fCaption) { if (strpos($fName, '<img') === False) { $this->QuerySearchableFields[$fName] = $fCaption; } } $this->QueryWhere .= '(' . implode(" LIKE '%" . makeSafe($SearchString) . "%' or ", array_keys($this->QuerySearchableFields)) . " LIKE '%" . makeSafe($SearchString) . "%')"; } // set query filters $QueryHasWhere = 0; if (strpos($this->QueryWhere, 'where ') !== FALSE) { $QueryHasWhere = 1; } $WhereNeedsClosing = 0; for ($i = 1; $i <= datalist_filters_count * $FiltersPerGroup; $i += $FiltersPerGroup) { // Number of filters allowed // test current filter group $GroupHasFilters = 0; for ($j = 0; $j < $FiltersPerGroup; $j++) { if ($FilterField[$i + $j] != '' && $this->QueryFieldsIndexed[$FilterField[$i + $j]] != '' && $FilterOperator[$i + $j] != '' && ($FilterValue[$i + $j] != '' || strpos($FilterOperator[$i + $j], 'empty'))) { $GroupHasFilters = 1; break; } } if ($GroupHasFilters) { if (!stristr($this->QueryWhere, "where ")) { $this->QueryWhere = "where ("; } elseif ($QueryHasWhere) { $this->QueryWhere .= " and ("; $QueryHasWhere = 0; } $this->QueryWhere .= " <FilterGroup> " . $FilterAnd[$i] . " ("; for ($j = 0; $j < $FiltersPerGroup; $j++) { if ($FilterField[$i + $j] != '' && $this->QueryFieldsIndexed[$FilterField[$i + $j]] != '' && $FilterOperator[$i + $j] != '' && ($FilterValue[$i + $j] != '' || strpos($FilterOperator[$i + $j], 'empty'))) { if ($FilterAnd[$i + $j] == '') { $FilterAnd[$i + $j] = 'and'; } // test for date/time fields $tries = 0; $isDateTime = FALSE; $isDate = FALSE; $fieldName = str_replace('`', '', $this->QueryFieldsIndexed[$FilterField[$i + $j]]); list($tn, $fn) = explode('.', $fieldName); while (!($res = sql("show columns from `{$tn}` like '{$fn}'", $eo)) && $tries < 2) { $tn = substr($tn, 0, -1); $tries++; } if ($row = @db_fetch_array($res)) { if ($row['Type'] == 'date' || $row['Type'] == 'time') { $isDateTime = TRUE; if ($row['Type'] == 'date') { $isDate = True; } } } // end of test if ($FilterOperator[$i + $j] == 'is-empty' && !$isDateTime) { $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " (" . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "='' or " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " is NULL) </FilterItem>"; } elseif ($FilterOperator[$i + $j] == 'is-not-empty' && !$isDateTime) { $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "!='' </FilterItem>"; } elseif ($FilterOperator[$i + $j] == 'is-empty' && $isDateTime) { $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " (" . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "=0 or " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " is NULL) </FilterItem>"; } elseif ($FilterOperator[$i + $j] == 'is-not-empty' && $isDateTime) { $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "!=0 </FilterItem>"; } elseif ($FilterOperator[$i + $j] == 'like' && !strstr($FilterValue[$i + $j], "%") && !strstr($FilterValue[$i + $j], "_")) { $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " like '%" . makeSafe($FilterValue[$i + $j]) . "%' </FilterItem>"; } elseif ($FilterOperator[$i + $j] == 'not-like' && !strstr($FilterValue[$i + $j], "%") && !strstr($FilterValue[$i + $j], "_")) { $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " not like '%" . makeSafe($FilterValue[$i + $j]) . "%' </FilterItem>"; } elseif ($isDate) { $dateValue = toMySQLDate($FilterValue[$i + $j]); $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " " . $GLOBALS['filter_operators'][$FilterOperator[$i + $j]] . " '{$dateValue}' </FilterItem>"; } else { $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " " . $GLOBALS['filter_operators'][$FilterOperator[$i + $j]] . " '" . makeSafe($FilterValue[$i + $j]) . "' </FilterItem>"; } } } $this->QueryWhere .= ") </FilterGroup>"; $WhereNeedsClosing = 1; } } if ($WhereNeedsClosing) { $this->QueryWhere .= ")"; } // set query sort if (!stristr($this->QueryOrder, "order by ") && $SortField != '' && $this->AllowSorting) { $actualSortField = $SortField; foreach ($this->SortFields as $fieldNum => $fieldSort) { $actualSortField = str_replace(" {$fieldNum} ", " {$fieldSort} ", " {$actualSortField} "); $actualSortField = str_replace(",{$fieldNum} ", ",{$fieldSort} ", " {$actualSortField} "); } $this->QueryOrder = "order by {$actualSortField} {$SortDirection}"; } // clean up query $this->QueryWhere = str_replace('( <FilterGroup> and ', '( ', $this->QueryWhere); $this->QueryWhere = str_replace('( <FilterGroup> or ', '( ', $this->QueryWhere); $this->QueryWhere = str_replace('( <FilterItem> and ', '( ', $this->QueryWhere); $this->QueryWhere = str_replace('( <FilterItem> or ', '( ', $this->QueryWhere); $this->QueryWhere = str_replace('<FilterGroup>', '', $this->QueryWhere); $this->QueryWhere = str_replace('</FilterGroup>', '', $this->QueryWhere); $this->QueryWhere = str_replace('<FilterItem>', '', $this->QueryWhere); $this->QueryWhere = str_replace('</FilterItem>', '', $this->QueryWhere); // if no 'order by' clause found, apply default sorting if specified if ($this->DefaultSortField != '' && $this->QueryOrder == '') { $this->QueryOrder = "order by " . $this->DefaultSortField . " " . $this->DefaultSortDirection; } // get count of matching records ... $TempQuery = 'SELECT count(1) from ' . $this->QueryFrom . ' ' . $this->QueryWhere; $RecordCount = sqlValue($TempQuery); $FieldCountTV = count($this->QueryFieldsTV); $FieldCountCSV = count($this->QueryFieldsCSV); $FieldCountFilters = count($this->QueryFieldsFilters); if (!$RecordCount) { $FirstRecord = 1; } // Output CSV on request if ($CSV_x != '') { $this->HTML = ''; if (datalist_db_encoding == 'UTF-8') { $this->HTML = ""; } // BOM characters for UTF-8 output // execute query for CSV output $fieldList = ''; foreach ($this->QueryFieldsCSV as $fn => $fc) { $fieldList .= "{$fn} as `{$fc}`, "; } $fieldList = substr($fieldList, 0, -2); $csvQuery = 'SELECT ' . $fieldList . ' from ' . $this->QueryFrom . ' ' . $this->QueryWhere . ' ' . $this->QueryOrder; // hook: table_csv if (function_exists($this->TableName . '_csv')) { $args = array(); $mq = call_user_func_array($this->TableName . '_csv', array($csvQuery, $mi, &$args)); $csvQuery = $mq ? $mq : $csvQuery; } $result = sql($csvQuery, $eo); // output CSV field names for ($i = 0; $i < $FieldCountCSV; $i++) { $this->HTML .= "\"" . db_field_name($result, $i) . "\"" . $this->CSVSeparator; } $this->HTML .= "\n\n"; // output CSV data while ($row = db_fetch_row($result)) { for ($i = 0; $i < $FieldCountCSV; $i++) { $this->HTML .= "\"" . str_replace(array("\r\n", "\r", "\n", '"'), array(' ', ' ', ' ', '""'), strip_tags($row[$i])) . "\"" . $this->CSVSeparator; } $this->HTML .= "\n\n"; } $this->HTML = str_replace($this->CSVSeparator . "\n\n", "\n", $this->HTML); $this->HTML = substr($this->HTML, 0, -1); // clean any output buffers while (@ob_end_clean()) { } // output CSV HTTP headers ... header('HTTP/1.1 200 OK'); header('Date: ' . @date("D M j G:i:s T Y")); header('Last-Modified: ' . @date("D M j G:i:s T Y")); header("Content-Type: application/force-download"); header("Content-Length: " . (string) strlen($this->HTML)); header("Content-Transfer-Encoding: Binary"); header("Content-Disposition: attachment; filename={$this->TableName}.csv"); // send output and quit script echo $this->HTML; exit; } $t = time(); // just a random number for any purpose ... // should SelectedID be reset on clicking TV buttons? $resetSelection = $this->SeparateDV ? "document.myform.SelectedID.value = '';" : "document.myform.writeAttribute('novalidate', 'novalidate');"; if ($current_view == 'DV' && !$Embedded) { $this->HTML .= '<div class="page-header">'; $this->HTML .= '<h1>'; $this->HTML .= '<a style="text-decoration: none; color: inherit;" href="' . $this->TableName . '_view.php"><img src="' . $this->TableIcon . '"> ' . $this->TableTitle . '</a>'; $this->HTML .= '</h1>'; $this->HTML .= '</div>'; } // quick search and TV action buttons if (!$this->HideTableView && !($dvprint_x && $this->AllowSelection && $SelectedID) && !$PrintDV) { $buttons_all = $quick_search_html = ''; if ($Print_x == '') { // display 'Add New' icon if ($this->Permissions[1] && $this->SeparateDV) { $buttons_all .= '<button type="submit" id="addNew" name="addNew_x" value="1" class="btn btn-success"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Add New'] . '</button>'; $buttonsCount++; } // display Print icon if ($this->AllowPrinting) { $buttons_all .= '<button onClick="document.myform.NoDV.value=1; ' . $resetSelection . ' return true;" type="submit" name="Print_x" id="Print" value="1" class="btn btn-default"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>'; $buttonsCount++; } // display CSV icon if ($this->AllowCSV) { $buttons_all .= '<button onClick="document.myform.NoDV.value=1; ' . $resetSelection . ' return true;" type="submit" name="CSV_x" id="CSV" value="1" class="btn btn-default"><i class="glyphicon glyphicon-download-alt"></i> ' . $Translation['CSV'] . '</button>'; $buttonsCount++; } // display Filter icon if ($this->AllowFilters) { $buttons_all .= '<button onClick="document.myform.NoDV.value=1; ' . $resetSelection . ' return true;" type="submit" name="Filter_x" id="Filter" value="1" class="btn btn-default"><i class="glyphicon glyphicon-filter"></i> ' . $Translation['filter'] . '</button>'; $buttonsCount++; } // display Show All icon if ($this->AllowFilters) { $buttons_all .= '<button onClick="document.myform.NoDV.value=1; ' . $resetSelection . ' return true;" type="submit" name="NoFilter_x" id="NoFilter" value="1" class="btn btn-default"><i class="glyphicon glyphicon-remove-circle"></i> ' . $Translation['Reset Filters'] . '</button>'; $buttonsCount++; } $quick_search_html .= '<div class="input-group" id="quick-search">'; $quick_search_html .= '<input type="text" name="SearchString" value="' . htmlspecialchars($SearchString, ENT_QUOTES, 'iso-8859-1') . '" class="form-control" placeholder="' . htmlspecialchars($this->QuickSearchText) . '">'; $quick_search_html .= '<span class="input-group-btn">'; $quick_search_html .= '<button name="Search_x" value="1" id="Search" type="submit" onClick="' . $resetSelection . ' document.myform.NoDV.value=1; return true;" class="btn btn-default" title="' . htmlspecialchars($this->QuickSearchText) . '"><i class="glyphicon glyphicon-search"></i></button>'; $quick_search_html .= '<button name="NoFilter_x" value="1" id="NoFilter_x" type="submit" onClick="' . $resetSelection . ' document.myform.NoDV.value=1; return true;" class="btn btn-default" title="' . htmlspecialchars($Translation['Reset Filters']) . '"><i class="glyphicon glyphicon-remove-circle"></i></button>'; $quick_search_html .= '</span>'; $quick_search_html .= '</div>'; } else { $buttons_all .= '<button class="btn btn-primary" type="button" id="sendToPrinter" onClick="window.print();"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print'] . '</button>'; $buttons_all .= '<button class="btn btn-default" type="submit"><i class="glyphicon glyphicon-remove-circle"></i> ' . $Translation['Cancel Printing'] . '</button>'; } /* if user can print DV, add action to 'More' menu */ $selected_records_more = array(); if ($AllowPrintDV) { $selected_records_more[] = array('function' => $this->SeparateDV ? 'print_multiple_dv_sdv' : 'print_multiple_dv_tvdv', 'title' => $Translation['Print Preview Detail View'], 'icon' => 'print'); } /* if user can mass-delete selected records, add action to 'More' menu */ if ($this->AllowMassDelete && $this->AllowDelete) { $selected_records_more[] = array('function' => 'mass_delete', 'title' => $Translation['Delete'], 'icon' => 'trash', 'class' => 'text-danger'); } /* if user is admin, add 'Change owner' action to 'More' menu */ /* also, add help link for adding more actions */ if ($mi['admin']) { $selected_records_more[] = array('function' => 'mass_change_owner', 'title' => $Translation['Change owner'], 'icon' => 'user'); $selected_records_more[] = array('function' => 'add_more_actions_link', 'title' => $Translation['Add more actions'], 'icon' => 'question-sign', 'class' => 'text-info'); } /* user-defined actions ... should be set in the {tablename}_batch_actions() function in hooks/{tablename}.php */ $user_actions = array(); if (function_exists($this->TableName . '_batch_actions')) { $args = array(); $user_actions = call_user_func_array($this->TableName . '_batch_actions', array(&$args)); if (is_array($user_actions) && count($user_actions)) { $selected_records_more = array_merge($selected_records_more, $user_actions); } } $actual_more_count = 0; $more_menu = $more_menu_js = ''; if (count($selected_records_more)) { $more_menu .= '<button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown" id="selected_records_more"><i class="glyphicon glyphicon-check"></i> ' . $Translation['More'] . ' <span class="caret"></span></button>'; $more_menu .= '<ul class="dropdown-menu" role="menu">'; foreach ($selected_records_more as $action) { if (!$action['function'] || !$action['title']) { continue; } $action['class'] = !isset($action['class']) ? '' : $action['class']; $action['icon'] = !isset($action['icon']) ? '' : $action['icon']; $actual_more_count++; $more_menu .= '<li>' . '<a href="#" id="selected_records_' . $action['function'] . '">' . '<span class="' . $action['class'] . '">' . ($action['icon'] ? '<i class="glyphicon glyphicon-' . $action['icon'] . '"></i> ' : '') . $action['title'] . '</span>' . '</a>' . '</li>'; // on clicking an action, call its js handler function, passing the current table name and an array of selected IDs to it $more_menu_js .= "jQuery('[id=selected_records_{$action['function']}]').click(function(){ {$action['function']}('{$this->TableName}', get_selected_records_ids()); return false; });"; } $more_menu .= '</ul>'; } if ($Embedded) { $this->HTML .= '<script>$j(function(){ $j(\'[id^=notification-]\').parent().css({\'margin-top\': \'15px\', \'margin-bottom\': \'0\'}); })</script>'; } else { $this->HTML .= '<div class="page-header">'; $this->HTML .= '<h1>'; $this->HTML .= '<div class="row">'; $this->HTML .= '<div class="col-sm-8">'; $this->HTML .= '<a style="text-decoration: none; color: inherit;" href="' . $this->TableName . '_view.php"><img src="' . $this->TableIcon . '"> ' . $this->TableTitle . '</a>'; $this->HTML .= '</div>'; if ($this->QuickSearch) { $this->HTML .= '<div class="col-sm-4">'; $this->HTML .= $quick_search_html; $this->HTML .= '</div>'; } $this->HTML .= '</div>'; $this->HTML .= '</h1>'; $this->HTML .= '</div>'; $this->HTML .= '<div id="top_buttons" class="hidden-print">'; /* .all_records: container for buttons that don't need a selection */ /* .selected_records: container for buttons that need a selection */ $this->HTML .= '<div class="btn-group btn-group-lg visible-md visible-lg all_records pull-left">' . $buttons_all . '</div>'; $this->HTML .= '<div class="btn-group btn-group-lg visible-md visible-lg selected_records hidden pull-left hspacer-lg">' . $buttons_selected . ($actual_more_count ? $more_menu : '') . '</div>'; $this->HTML .= '<div class="btn-group-vertical btn-group-lg visible-xs visible-sm all_records">' . $buttons_all . '</div>'; $this->HTML .= '<div class="btn-group-vertical btn-group-lg visible-xs visible-sm selected_records hidden vspacer-lg">' . $buttons_selected . ($actual_more_count ? $more_menu : '') . '</div>'; $this->HTML .= '<div class="clearfix"></div><p></p>'; $this->HTML .= '</div>'; } if ($Print_x != '') { /* fix top margin for print-preview */ $this->HTML .= '<style>body{ padding-top: 0 !important; }</style>'; /* disable links inside table body to prevent printing their href */ $this->HTML .= '<script>jQuery(function(){ jQuery("tbody a").removeAttr("href").removeAttr("rel"); });</script>'; } // script for focusing into the search box on loading the page // and for declaring record action handlers $this->HTML .= '<script>jQuery(function(){ jQuery("input[name=SearchString]").focus(); ' . $more_menu_js . ' });</script>'; } // begin table and display table title if (!$this->HideTableView && !($dvprint_x && $this->AllowSelection && $SelectedID) && !$PrintDV && !$Embedded) { $this->HTML .= '<div class="table-responsive"><table class="table table-striped table-bordered table-hover">'; $this->HTML .= '<thead><tr>'; if (!$Print_x) { $this->HTML .= '<th style="width: 18px;" class="text-center"><input class="hidden-print" type="checkbox" title="' . htmlspecialchars($Translation['Select all records']) . '" id="select_all_records"></th>'; } // Templates if ($this->Template != '') { $rowTemplate = @implode('', @file('./' . $this->Template)); if (!$rowTemplate) { $rowTemplate = ''; $selrowTemplate = ''; } else { if ($this->SelectedTemplate != '') { $selrowTemplate = @implode('', @file('./' . $this->SelectedTemplate)); if (!$selrowTemplate) { $selrowTemplate = ''; } } else { $selrowTemplate = ''; } } } else { $rowTemplate = ''; $selrowTemplate = ''; } // process translations if ($rowTemplate) { foreach ($Translation as $symbol => $trans) { $rowTemplate = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $rowTemplate); } } if ($selrowTemplate) { foreach ($Translation as $symbol => $trans) { $selrowTemplate = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $selrowTemplate); } } // End of templates // $this->ccffv: map $FilterField values to field captions as stored in ColCaption $this->ccffv = array(); foreach ($this->ColCaption as $captionIndex => $caption) { $ffv = 1; foreach ($this->QueryFieldsFilters as $uselessKey => $filterCaption) { if ($caption == $filterCaption) { $this->ccffv[$captionIndex] = $ffv; } $ffv++; } } // display table headers $totalColWidth = array_sum($this->ColWidth); $forceHeaderWidth = false; if ($rowTemplate == '' || $this->ShowTableHeader) { for ($i = 0; $i < count($this->ColCaption); $i++) { /* Sorting icon and link */ $sort1 = $sort2 = $filterHint = ''; if ($this->AllowSorting == 1) { if ($current_view != 'TVP') { $sort1 = "<a href=\"{$this->ScriptFileName}?SortDirection=asc&SortField=" . $this->ColNumber[$i] . "\" onClick=\"{$resetSelection} document.myform.NoDV.value=1; document.myform.SortDirection.value='asc'; document.myform.SortField.value = '" . $this->ColNumber[$i] . "'; document.myform.submit(); return false;\" class=\"TableHeader\">"; $sort2 = "</a>"; } if ($this->ColNumber[$i] == $SortField) { $SortDirection = $SortDirection == "asc" ? "desc" : "asc"; if ($current_view != 'TVP') { $sort1 = "<a href=\"{$this->ScriptFileName}?SortDirection={$SortDirection}&SortField=" . $this->ColNumber[$i] . "\" onClick=\"{$resetSelection} document.myform.NoDV.value=1; document.myform.SortDirection.value='{$SortDirection}'; document.myform.SortField.value = " . $this->ColNumber[$i] . "; document.myform.submit(); return false;\" class=\"TableHeader\">"; } $sort2 = " <i class=\"text-warning glyphicon glyphicon-sort-by-attributes" . ($SortDirection == 'desc' ? '' : '-alt') . "\"></i>{$sort2}"; $SortDirection = $SortDirection == "asc" ? "desc" : "asc"; } } else { $sort1 = ''; $sort2 = ''; } /* Filtering icon and hint */ if ($this->AllowFilters && is_array($FilterField)) { // check to see if there is any filter applied on the current field if (isset($this->ccffv[$i]) && in_array($this->ccffv[$i], $FilterField)) { // render filter icon $filterHint = ' <button type="submit" class="btn btn-default btn-xs' . ($current_view == 'TVP' ? ' disabled' : '') . '" name="Filter_x" value="1" title="' . htmlspecialchars($Translation['filtered field']) . '"><i class="glyphicon glyphicon-filter"></i></button>'; } } $this->HTML .= "\t<th class=\"{$this->TableName}-{$this->ColFieldName[$i]}\" " . ($forceHeaderWidth ? ' style="width: ' . ($this->ColWidth[$i] ? $this->ColWidth[$i] : 100) . 'px;"' : '') . ">{$sort1}{$this->ColCaption[$i]}{$sort2}{$filterHint}</th>\n"; } } else { // Display a Sort by drop down $this->HTML .= "\t<th><td colspan=" . (count($this->ColCaption) + 1) . ">"; if ($this->AllowSorting == 1) { $sortCombo = new Combo(); for ($i = 0; $i < count($this->ColCaption); $i++) { $sortCombo->ListItem[] = $this->ColCaption[$i]; $sortCombo->ListData[] = $this->ColNumber[$i]; } $sortCombo->SelectName = "FieldsList"; $sortCombo->SelectedData = $SortField; $sortCombo->Class = 'TableBody'; $sortCombo->SelectedClass = 'TableBodySelected'; $sortCombo->Render(); $d = $sortCombo->HTML; $d = str_replace('<select ', "<select onChange=\"document.myform.SortDirection.value='{$SortDirection}'; document.myform.SortField.value=document.myform.FieldsList.value; document.myform.NoDV.value=1; document.myform.submit();\" ", $d); if ($SortField) { $SortDirection = $SortDirection == "desc" ? "asc" : "desc"; $sort = "<a href=\"javascript: document.myform.NoDV.value=1; document.myform.SortDirection.value='{$SortDirection}'; document.myform.SortField.value='{$SortField}'; document.myform.submit();\" class=TableHeader><img src={$SortDirection}.gif border=0 width=11 height=11 hspace=3></a>"; $SortDirection = $SortDirection == "desc" ? "asc" : "desc"; } else { $sort = ''; } $this->HTML .= $Translation['order by'] . " {$d} {$sort}"; } $this->HTML .= "</td></th>\n"; } // table view navigation code ... if ($RecordCount && $this->AllowNavigation && $RecordCount > $this->RecordsPerPage) { while ($FirstRecord > $RecordCount) { $FirstRecord -= $this->RecordsPerPage; } if ($FirstRecord == '' || $FirstRecord < 1) { $FirstRecord = 1; } if ($Previous_x != '') { $FirstRecord -= $this->RecordsPerPage; if ($FirstRecord <= 0) { $FirstRecord = 1; } } elseif ($Next_x != '') { $FirstRecord += $this->RecordsPerPage; if ($FirstRecord > $RecordCount) { $FirstRecord = $RecordCount - $RecordCount % $this->RecordsPerPage + 1; } if ($FirstRecord > $RecordCount) { $FirstRecord = $RecordCount - $this->RecordsPerPage + 1; } if ($FirstRecord <= 0) { $FirstRecord = 1; } } } elseif ($RecordCount) { $FirstRecord = 1; $this->RecordsPerPage = 2000; // a limit on max records in print preview to avoid performance drops } // end of table view navigation code $this->HTML .= "\n\t</tr>\n\n</thead>\n\n<tbody><!-- tv data below -->\n"; $i = 0; $hc = new CI_Input(); $hc->charset = datalist_db_encoding; if ($RecordCount) { $i = $FirstRecord; // execute query for table view $fieldList = ''; foreach ($this->QueryFieldsTV as $fn => $fc) { $fieldList .= "{$fn} as `{$fc}`, "; } $fieldList = substr($fieldList, 0, -2); if ($this->PrimaryKey) { $fieldList .= ", {$this->PrimaryKey} as '" . str_replace('`', '', $this->PrimaryKey) . "'"; } $tvQuery = 'SELECT ' . $fieldList . ' from ' . $this->QueryFrom . ' ' . $this->QueryWhere . ' ' . $this->QueryOrder; $result = sql($tvQuery . " limit " . ($i - 1) . ",{$this->RecordsPerPage}", $eo); while (($row = db_fetch_array($result)) && $i < $FirstRecord + $this->RecordsPerPage) { $attr_id = htmlspecialchars($row[$FieldCountTV], ENT_QUOTES, 'iso-8859-1'); /* pk value suitable for inserting into html tag attributes */ $js_id = addslashes($row[$FieldCountTV]); /* pk value suitable for inserting into js strings */ $alt = ($i - $FirstRecord) % 2; if (($PrintTV || $Print_x) && count($_POST['record_selector']) && !in_array($row[$FieldCountTV], $_POST['record_selector'])) { continue; } $class = "TableBody" . ($alt ? 'Selected' : '') . ($fNumeric ? 'Numeric' : ''); if ($Print_x != '') { $this->HTML .= '<tr>'; } if (!$Print_x) { $this->HTML .= $SelectedID == $row[$FieldCountTV] ? '<tr class="active">' : '<tr>'; $checked = is_array($_POST['record_selector']) && in_array($row[$FieldCountTV], $_POST['record_selector']) ? ' checked' : ''; $this->HTML .= "<td class=\"text-center\"><input class=\"hidden-print record_selector\" type=\"checkbox\" id=\"record_selector_{$attr_id}\" name=\"record_selector[]\" value=\"{$attr_id}\"{$checked}></td>"; } // templates if ($rowTemplate != '') { if ($this->AllowSelection == 1 && $SelectedID == $row[$FieldCountTV] && $selrowTemplate != '') { $rowTemp = $selrowTemplate; } else { $rowTemp = $rowTemplate; } if ($this->AllowSelection == 1 && $SelectedID != $row[$FieldCountTV]) { $rowTemp = str_replace('<%%SELECT%%>', "<a onclick=\"document.myform.SelectedField.value=this.parentNode.cellIndex; document.myform.SelectedID.value='" . addslashes($row[$FieldCountTV]) . "'; document.myform.submit(); return false;\" href=\"{$this->ScriptFileName}?SelectedID=" . htmlspecialchars($row[$FieldCountTV], ENT_QUOTES) . "\" class=\"{$class}\" style=\"display: block; padding:0px;\">", $rowTemp); $rowTemp = str_replace('<%%ENDSELECT%%>', '</a>', $rowTemp); } else { $rowTemp = str_replace('<%%SELECT%%>', '', $rowTemp); $rowTemp = str_replace('<%%ENDSELECT%%>', '', $rowTemp); } for ($j = 0; $j < $FieldCountTV; $j++) { $fieldTVCaption = current(array_slice($this->QueryFieldsTV, $j, 1)); $fd = $hc->xss_clean(nl2br($row[$j])); /* Sanitize output against XSS attacks */ /* the TV template could contain field placeholders in the format <%%FIELD_n%%> or <%%VALUE(Field name)%%> */ $rowTemp = str_replace("<%%FIELD_{$j}%%>", thisOr($fd), $rowTemp); $rowTemp = str_replace("<%%VALUE({$fieldTVCaption})%%>", thisOr($fd), $rowTemp); if (strpos($rowTemp, "<%%YOUTUBETHUMB({$fieldTVCaption})%%>") !== false) { $rowTemp = str_replace("<%%YOUTUBETHUMB({$fieldTVCaption})%%>", thisOr(get_embed('youtube', $fd, '', '', 'thumbnail_url'), 'blank.gif'), $rowTemp); } if (strpos($rowTemp, "<%%GOOGLEMAPTHUMB({$fieldTVCaption})%%>") !== false) { $rowTemp = str_replace("<%%GOOGLEMAPTHUMB({$fieldTVCaption})%%>", thisOr(get_embed('googlemap', $fd, '', '', 'thumbnail_url'), 'blank.gif'), $rowTemp); } if (thisOr($fd) == ' ' && preg_match('/<a href=".*? .*?<\\/a>/i', $rowTemp, $m)) { $rowTemp = str_replace($m[0], '', $rowTemp); } } if ($alt && $SelectedID != $row[$FieldCountTV]) { $rowTemp = str_replace("TableBody", "TableBodySelected", $rowTemp); $rowTemp = str_replace("TableBodyNumeric", "TableBodySelectedNumeric", $rowTemp); $rowTemp = str_replace("SelectedSelected", "Selected", $rowTemp); } if ($SearchString != '') { $rowTemp = highlight($SearchString, $rowTemp); } $this->HTML .= $rowTemp; $rowTemp = ''; } else { // end of templates for ($j = 0; $j < $FieldCountTV; $j++) { $fType = db_field_type($result, $j); $fNumeric = stristr($fType, 'int') || stristr($fType, 'float') || stristr($fType, 'decimal') || stristr($fType, 'numeric') || stristr($fType, 'real') || stristr($fType, 'double') ? true : false; if ($this->AllowSelection == 1) { $sel1 = "<a href=\"{$this->ScriptFileName}?SelectedID=" . htmlspecialchars($row[$FieldCountTV], ENT_QUOTES) . "\" onclick=\"document.myform.SelectedID.value='" . addslashes($row[$FieldCountTV]) . "'; document.myform.submit(); return false;\" class=\"{$class}\" style=\"padding:0px;\">"; $sel2 = "</a>"; } else { $sel1 = ''; $sel2 = ''; } $this->HTML .= "<td valign=top class={$class}><div class={$class}> {$sel1}" . $row[$j] . "{$sel2} </div></td>"; } } $this->HTML .= "</tr>\n"; $i++; } $i--; } $this->HTML = preg_replace("/<a href=\"(mailto:)? [^\n]*title=\" \"><\\/a>/", ' ', $this->HTML); $this->HTML = preg_replace("/<a [^>]*>( )*<\\/a>/", ' ', $this->HTML); $this->HTML = preg_replace("/<%%.*%%>/U", ' ', $this->HTML); // end of data $this->HTML .= '<!-- tv data above -->'; $this->HTML .= "\n</tbody>"; if ($Print_x == '') { // TV $pagesMenu = ''; if ($RecordCount > $this->RecordsPerPage) { $pagesMenuId = "{$this->TableName}_pagesMenu"; $pagesMenu = $Translation['go to page'] . ' <select class="input-sm" id="' . $pagesMenuId . '" onChange="document.myform.writeAttribute(\'novalidate\', \'novalidate\'); document.myform.NoDV.value=1; document.myform.FirstRecord.value=(this.value * ' . $this->RecordsPerPage . '+1); document.myform.submit();">'; $pagesMenu .= '</select>'; $pagesMenu .= '<script>'; $pagesMenu .= 'var lastPage = ' . (ceil($RecordCount / $this->RecordsPerPage) - 1) . ';'; $pagesMenu .= 'var currentPage = ' . ($FirstRecord - 1) / $this->RecordsPerPage . ';'; $pagesMenu .= 'var pagesMenu = document.getElementById("' . $pagesMenuId . '");'; $pagesMenu .= 'var lump = ' . datalist_max_page_lump . ';'; $pagesMenu .= 'if(lastPage <= lump * 3){'; $pagesMenu .= ' addPageNumbers(0, lastPage);'; $pagesMenu .= '}else{'; $pagesMenu .= ' addPageNumbers(0, lump - 1);'; $pagesMenu .= ' if(currentPage < lump) addPageNumbers(lump, currentPage + lump / 2);'; $pagesMenu .= ' if(currentPage >= lump && currentPage < (lastPage - lump)){'; $pagesMenu .= ' addPageNumbers('; $pagesMenu .= ' Math.max(currentPage - lump / 2, lump),'; $pagesMenu .= ' Math.min(currentPage + lump / 2, lastPage - lump - 1)'; $pagesMenu .= ' );'; $pagesMenu .= ' }'; $pagesMenu .= ' if(currentPage >= (lastPage - lump)) addPageNumbers(currentPage - lump / 2, lastPage - lump - 1);'; $pagesMenu .= ' addPageNumbers(lastPage - lump, lastPage);'; $pagesMenu .= '}'; $pagesMenu .= 'function addPageNumbers(fromPage, toPage){'; $pagesMenu .= ' var ellipsesIndex = 0;'; $pagesMenu .= ' if(fromPage > toPage) return;'; $pagesMenu .= ' if(fromPage > 0){'; $pagesMenu .= ' if(pagesMenu.options[pagesMenu.options.length - 1].text != fromPage){'; $pagesMenu .= ' ellipsesIndex = pagesMenu.options.length;'; $pagesMenu .= ' fromPage--;'; $pagesMenu .= ' }'; $pagesMenu .= ' }'; $pagesMenu .= ' for(i = fromPage; i <= toPage; i++){'; $pagesMenu .= ' var option = document.createElement("option");'; $pagesMenu .= ' option.text = (i + 1);'; $pagesMenu .= ' option.value = i;'; $pagesMenu .= ' if(i == currentPage){ option.selected = "selected"; }'; $pagesMenu .= ' try{'; $pagesMenu .= ' /* for IE earlier than version 8 */'; $pagesMenu .= ' pagesMenu.add(option, pagesMenu.options[null]);'; $pagesMenu .= ' }catch(e){'; $pagesMenu .= ' pagesMenu.add(option, null);'; $pagesMenu .= ' }'; $pagesMenu .= ' }'; $pagesMenu .= ' if(ellipsesIndex > 0){'; $pagesMenu .= ' pagesMenu.options[ellipsesIndex].text = " ... ";'; $pagesMenu .= ' }'; $pagesMenu .= '}'; $pagesMenu .= '</script>'; } $this->HTML .= "\n\t"; if ($i) { // 1 or more records found $this->HTML .= "<tfoot><tr><td colspan=" . (count($this->ColCaption) + 1) . '>'; $this->HTML .= $Translation['records x to y of z']; $this->HTML .= '</td></tr></tfoot>'; } if (!$i) { // no records found $this->HTML .= "<tfoot><tr><td colspan=" . (count($this->ColCaption) + 1) . '>'; $this->HTML .= '<div class="alert alert-warning">'; $this->HTML .= '<i class="glyphicon glyphicon-warning-sign"></i> '; $this->HTML .= $Translation['No matches found!']; $this->HTML .= '</div>'; $this->HTML .= '</td></tr></tfoot>'; } } else { // TVP if ($i) { $this->HTML .= "\n\t<tfoot><tr><td colspan=" . (count($this->ColCaption) + 1) . '>' . $Translation['records x to y of z'] . '</td></tr></tfoot>'; } if (!$i) { $this->HTML .= "\n\t<tfoot><tr><td colspan=" . (count($this->ColCaption) + 1) . '>' . $Translation['No matches found!'] . '</td></tr></tfoot>'; } } $this->HTML = str_replace("<FirstRecord>", number_format($FirstRecord), $this->HTML); $this->HTML = str_replace("<LastRecord>", number_format($i), $this->HTML); $this->HTML = str_replace("<RecordCount>", number_format($RecordCount), $this->HTML); $tvShown = true; $this->HTML .= "</table></div>\n"; if ($Print_x == '' && $i) { // TV $this->HTML .= '<div class="row">'; $this->HTML .= '<div class="col-sm-4 col-md-3 col-lg-2 vspacer-lg">'; $this->HTML .= '<button onClick="' . $resetSelection . ' document.myform.NoDV.value = 1; return true;" type="submit" name="Previous_x" id="Previous" value="1" class="btn btn-default btn-block"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Previous'] . '</button>'; $this->HTML .= '</div>'; $this->HTML .= '<div class="col-sm-4 col-md-4 col-lg-2 col-md-offset-1 col-lg-offset-3 text-center vspacer-lg">'; $this->HTML .= $pagesMenu; $this->HTML .= '</div>'; $this->HTML .= '<div class="col-sm-4 col-md-3 col-lg-2 col-md-offset-1 col-lg-offset-3 text-right vspacer-lg">'; $this->HTML .= '<button onClick="' . $resetSelection . ' document.myform.NoDV.value=1; return true;" type="submit" name="Next_x" id="Next" value="1" class="btn btn-default btn-block">' . $Translation['Next'] . ' <i class="glyphicon glyphicon-chevron-right"></i></button>'; $this->HTML .= '</div>'; $this->HTML .= '</div>'; } } /* that marks the end of the TV table */ // hidden variables .... foreach ($this->filterers as $filterer => $caption) { if ($_REQUEST['filterer_' . $filterer] != '') { $this->HTML .= "<input name=\"filterer_{$filterer}\" value=\"" . htmlspecialchars($_REQUEST['filterer_' . $filterer], ENT_QUOTES, 'iso-8859-1') . "\" type=\"hidden\" />"; break; // currently, only one filterer can be applied at a time } } $this->HTML .= '<input name="SortField" value="' . $SortField . '" type="hidden">'; $this->HTML .= '<input name="SelectedID" value="' . htmlspecialchars($SelectedID, ENT_QUOTES, 'iso-8859-1') . '" type="hidden">'; $this->HTML .= '<input name="SelectedField" value="" type="hidden">'; $this->HTML .= '<input name="SortDirection" type="hidden" value="' . $SortDirection . '">'; $this->HTML .= '<input name="FirstRecord" type="hidden" value="' . $FirstRecord . '">'; $this->HTML .= '<input name="NoDV" type="hidden" value="">'; $this->HTML .= '<input name="PrintDV" type="hidden" value="">'; if ($this->QuickSearch && !strpos($this->HTML, 'SearchString')) { $this->HTML .= '<input name="SearchString" type="hidden" value="' . htmlspecialchars($SearchString, ENT_QUOTES, 'iso-8859-1') . '">'; } // hidden variables: filters ... $FiltersCode = ''; for ($i = 1; $i <= datalist_filters_count * $FiltersPerGroup; $i++) { // Number of filters allowed if ($i % $FiltersPerGroup == 1 && $i != 1 && $FilterAnd[$i] != '') { $FiltersCode .= "<input name=\"FilterAnd[{$i}]\" value=\"{$FilterAnd[$i]}\" type=\"hidden\">\n"; } if ($FilterField[$i] != '' && $FilterOperator[$i] != '' && ($FilterValue[$i] != '' || strpos($FilterOperator[$i], 'empty'))) { if (!strstr($FiltersCode, "<input name=\"FilterAnd[{$i}]\" value=")) { $FiltersCode .= "<input name=\"FilterAnd[{$i}]\" value=\"{$FilterAnd[$i]}\" type=\"hidden\">\n"; } $FiltersCode .= "<input name=\"FilterField[{$i}]\" value=\"{$FilterField[$i]}\" type=\"hidden\">\n"; $FiltersCode .= "<input name=\"FilterOperator[{$i}]\" value=\"{$FilterOperator[$i]}\" type=\"hidden\">\n"; $FiltersCode .= "<input name=\"FilterValue[{$i}]\" value=\"" . htmlspecialchars($FilterValue[$i], ENT_QUOTES, 'iso-8859-1') . "\" type=\"hidden\">\n"; } } $FiltersCode .= "<input name=\"DisplayRecords\" value=\"{$DisplayRecords}\" type=\"hidden\" />"; $this->HTML .= $FiltersCode; // display details form ... if (($this->AllowSelection || $this->AllowInsert || $this->AllowUpdate || $this->AllowDelete) && $Print_x == '' && !$PrintDV) { if ($this->SeparateDV && $this->HideTableView || !$this->SeparateDV) { $dvCode = call_user_func("{$this->TableName}_form", $SelectedID, $this->AllowUpdate, $this->HideTableView && $SelectedID ? 0 : $this->AllowInsert, $this->AllowDelete, $this->SeparateDV); $this->HTML .= "\n\t<div class=\"panel panel-default detail_view\">{$dvCode}</div>"; $this->HTML .= $this->SeparateDV ? '<input name="SearchString" value="' . htmlspecialchars($SearchString, ENT_QUOTES, 'iso-8859-1') . '" type="hidden">' : ''; if ($dvCode) { $this->ContentType = 'detailview'; $dvShown = true; } } } // display multiple printable detail views if ($PrintDV) { $dvCode = ''; $_POST['dvprint_x'] = $_GET['dvprint_x'] = $_REQUEST['dvprint_x'] = 1; // hidden vars foreach ($this->filterers as $filterer => $caption) { if ($_REQUEST['filterer_' . $filterer] != '') { $this->HTML .= "<input name=\"filterer_{$filterer}\" value=\"" . htmlspecialchars($_REQUEST['filterer_' . $filterer], ENT_QUOTES, 'iso-8859-1') . "\" type=\"hidden\" />"; break; // currently, only one filterer can be applied at a time } } // count selected records $selectedRecords = 0; if (is_array($_POST['record_selector'])) { foreach ($_POST['record_selector'] as $id) { $selectedRecords++; $this->HTML .= '<input type="hidden" name="record_selector[]" value="' . htmlspecialchars($id, ENT_QUOTES, 'iso-8859-1') . '">' . "\n"; } } if ($selectedRecords && $selectedRecords <= datalist_max_records_dv_print) { // if records selected > {datalist_max_records_dv_print} don't show DV preview to avoid db performance issues. foreach ($_POST['record_selector'] as $id) { $dvCode .= call_user_func($this->TableName . '_form', $id, 0, 0, 0, 1); } if ($dvCode != '') { $dvCode = preg_replace('/<input .*?type="?image"?.*?>/', '', $dvCode); $this->HTML .= $dvCode; } } else { $this->HTML .= error_message($Translation['Maximum records allowed to enable this feature is'] . ' ' . datalist_max_records_dv_print); $this->HTML .= '<input type="submit" class="print-button" value="' . $Translation['Print Preview Table View'] . '">'; } } $this->HTML .= "</form>"; $this->HTML .= '</div><div class="col-xs-1 md-hidden lg-hidden"></div></div>'; // $this->HTML .= '<font face="garamond">'.htmlspecialchars($tvQuery).'</font>'; // uncomment this line for debugging the table view query if ($dvShown && $tvShown) { $this->ContentType = 'tableview+detailview'; } if ($dvprint_x != '') { $this->ContentType = 'print-detailview'; } if ($Print_x != '') { $this->ContentType = 'print-tableview'; } if ($PrintDV != '') { $this->ContentType = 'print-detailview'; } // call detail view javascript hook file if found $dvJSHooksFile = dirname(__FILE__) . '/hooks/' . $this->TableName . '-dv.js'; if (is_file($dvJSHooksFile) && ($this->ContentType == 'detailview' || $this->ContentType == 'tableview+detailview')) { $this->HTML .= "\n<script src=\"hooks/{$this->TableName}-dv.js\"></script>\n"; } }
function patients_form($selected_id = "", $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0) { // function to return an editable form for a table records // and fill it with data of record whose ID is $selected_id. If $selected_id // is empty, an empty form is shown, with only an 'Add New' // button displayed. global $Translation; // mm: get table permissions $arrPerm = getTablePermissions('patients'); if (!$arrPerm[1] && $selected_id == "") { return ""; } // combobox: gender $combo_gender = new Combo(); $combo_gender->ListType = 2; $combo_gender->MultipleSeparator = ', '; $combo_gender->ListBoxHeight = 10; $combo_gender->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/patients.gender.csv')) { $gender_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/patients.gender.csv'))); $combo_gender->ListItem = explode(";;", $gender_data); $combo_gender->ListData = explode(";;", $gender_data); } else { $combo_gender->ListItem = explode(";;", "Male;;Female;;Other;;Unknown"); $combo_gender->ListData = explode(";;", "Male;;Female;;Other;;Unknown"); } $combo_gender->SelectName = "gender"; $combo_gender->AllowNull = false; // combobox: birth_date $combo_birth_date = new DateCombo(); $combo_birth_date->DateFormat = "mdy"; $combo_birth_date->MinYear = 1900; $combo_birth_date->MaxYear = 2100; $combo_birth_date->DefaultDate = parseMySQLDate('', ''); $combo_birth_date->MonthNames = $Translation['month names']; $combo_birth_date->CSSOptionClass = 'Option'; $combo_birth_date->CSSSelectedClass = 'SelectedOption'; $combo_birth_date->NamePrefix = 'birth_date'; // combobox: state $combo_state = new Combo(); $combo_state->ListType = 0; $combo_state->MultipleSeparator = ', '; $combo_state->ListBoxHeight = 10; $combo_state->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/patients.state.csv')) { $state_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/patients.state.csv'))); $combo_state->ListItem = explode(";;", $state_data); $combo_state->ListData = explode(";;", $state_data); } else { $combo_state->ListItem = explode(";;", "AL;;AK;;AS;;AZ;;AR;;CA;;CO;;CT;;DE;;DC;;FM;;FL;;GA;;GU;;HI;;ID;;IL;;IN;;IA;;KS;;KY;;LA;;ME;;MH;;MD;;MA;;MI;;MN;;MS;;MO;;MT;;NE;;NV;;NH;;NJ;;NM;;NY;;NC;;ND;;MP;;OH;;OK;;OR;;PW;;PA;;PR;;RI;;SC;;SD;;TN;;TX;;UT;;VT;;VI;;VA;;WA;;WV;;WI;;WY"); $combo_state->ListData = explode(";;", "AL;;AK;;AS;;AZ;;AR;;CA;;CO;;CT;;DE;;DC;;FM;;FL;;GA;;GU;;HI;;ID;;IL;;IN;;IA;;KS;;KY;;LA;;ME;;MH;;MD;;MA;;MI;;MN;;MS;;MO;;MT;;NE;;NV;;NH;;NJ;;NM;;NY;;NC;;ND;;MP;;OH;;OK;;OR;;PW;;PA;;PR;;RI;;SC;;SD;;TN;;TX;;UT;;VT;;VI;;VA;;WA;;WV;;WI;;WY"); } $combo_state->SelectName = "state"; if ($selected_id) { // mm: check member permissions if (!$arrPerm[2]) { return ""; } // mm: who is the owner? $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='patients' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='patients' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) { return ""; } if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) { return ""; } // can edit? if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { $AllowUpdate = 1; } else { $AllowUpdate = 0; } $res = sql("select * from `patients` where `id`='" . makeSafe($selected_id) . "'"); $row = mysql_fetch_array($res); $combo_gender->SelectedData = $row["gender"]; $combo_birth_date->DefaultDate = $row["birth_date"]; $combo_state->SelectedData = $row["state"]; $row['filed'] = sqlValue("select DATE_FORMAT(`filed`, '%c/%e/%Y %l:%i%p') from `patients` where `id`='" . makeSafe($selected_id) . "'"); $row['last_modified'] = sqlValue("select DATE_FORMAT(`last_modified`, '%c/%e/%Y %l:%i%p') from `patients` where `id`='" . makeSafe($selected_id) . "'"); } else { $combo_gender->SelectedText = $_REQUEST['FilterField'][1] == '4' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "Unknown"; $combo_state->SelectedText = $_REQUEST['FilterField'][1] == '9' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; } $combo_gender->Render(); $combo_state->Render(); // code for template based detail view forms // open the detail view template if (($_POST['dvprint_x'] != '' || $_GET['dvprint_x'] != '') && $selected_id) { $templateCode = @implode('', @file('./templates/patients_templateDVP.html')); $dvprint = true; } else { $templateCode = @implode('', @file('./templates/patients_templateDV.html')); $dvprint = false; } // process form title $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Patient details', $templateCode); // unique random identifier $rnd1 = $dvprint ? rand(1000000, 9999999) : ''; $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode); // process buttons if ($arrPerm[1] && !$selected_id) { // allow insert and no record selected? $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<input type="image" src="insert.gif" name="insert" alt="' . $Translation['add new record'] . '" onclick="return validateData();">', $templateCode); } else { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode); } if ($selected_id) { $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<input type="image" src="print.gif" vspace="1" name="dvprint" id="dvprint" alt="' . $Translation['printer friendly view'] . '" onclick="document.myform.reset(); return true;" style="margin-bottom: 20px;">', $templateCode); if ($AllowUpdate) { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<input type="image" src="update.gif" vspace="1" name="update" alt="' . $Translation['update record'] . '" onclick="return validateData();">', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); // set records to read only if user can't insert new records if (!$arrPerm[1]) { $jsReadOnly .= "\n\n\tif(document.getElementsByName('id').length){ document.getElementsByName('id')[0].readOnly=true; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('last_name').length){ document.getElementsByName('last_name')[0].readOnly=true; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('first_name').length){ document.getElementsByName('first_name')[0].readOnly=true; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('gender').length){ var gender=document.getElementsByName('gender'); for(var i=0; i<gender.length; i++){ gender[i].disabled=true; } }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('birth_date').length){ document.getElementsByName('birth_date')[0].readOnly=true; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('birth_dateDay').length){ var birth_dateDay=document.getElementsByName('birth_dateDay')[0]; birth_dateDay.disabled=true; birth_dateDay.style.backgroundColor='white'; birth_dateDay.style.color='black'; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('birth_dateMonth').length){ var birth_dateMonth=document.getElementsByName('birth_dateMonth')[0]; birth_dateMonth.disabled=true; birth_dateMonth.style.backgroundColor='white'; birth_dateMonth.style.color='black'; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('birth_dateYear').length){ var birth_dateYear=document.getElementsByName('birth_dateYear')[0]; birth_dateYear.disabled=true; birth_dateYear.style.backgroundColor='white'; birth_dateYear.style.color='black'; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('age').length){ document.getElementsByName('age')[0].readOnly=true; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('address').length){ document.getElementsByName('address')[0].readOnly=true; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('city').length){ document.getElementsByName('city')[0].readOnly=true; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('state').length){ var state=document.getElementsByName('state')[0]; state.disabled=true; state.style.backgroundColor='white'; state.style.color='black'; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('zip').length){ document.getElementsByName('zip')[0].readOnly=true; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('home_phone').length){ document.getElementsByName('home_phone')[0].readOnly=true; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('work_phone').length){ document.getElementsByName('work_phone')[0].readOnly=true; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('mobile').length){ document.getElementsByName('mobile')[0].readOnly=true; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('filed').length){ document.getElementsByName('filed')[0].readOnly=true; }\n"; $jsReadOnly .= "\n\n\tif(document.getElementsByName('last_modified').length){ document.getElementsByName('last_modified')[0].readOnly=true; }\n"; $noUploads = true; } } if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) { // allow delete? $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<input type="image" src="delete.gif" vspace="1" name="delete" alt="' . $Translation['delete record'] . '" onClick="return confirm(\'' . $Translation['are you sure?'] . '\');">', $templateCode); } else { $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); } $templateCode = str_replace('<%%DESELECT_BUTTON%%>', "<input type=image src=deselect.gif vspace=1 name=deselect alt=\"" . $Translation['deselect record'] . "\" onclick=\"document.myform.reset(); return true;\">", $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? "<input type=image src=cancel.gif vspace=1 name=deselect alt=\"" . $Translation['deselect record'] . "\" onclick=\"document.myform.reset(); return true;\">" : '', $templateCode); } // process combos $templateCode = str_replace('<%%COMBO(gender)%%>', $combo_gender->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(gender)%%>', $combo_gender->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(birth_date)%%>', $combo_birth_date->GetHTML(), $templateCode); $templateCode = str_replace('<%%COMBOTEXT(birth_date)%%>', $combo_birth_date->GetHTML(true), $templateCode); $templateCode = str_replace('<%%COMBO(state)%%>', $combo_state->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(state)%%>', $combo_state->SelectedData, $templateCode); // process foreign key links if ($selected_id) { } // process images $templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(last_name)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(first_name)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(gender)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(birth_date)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(age)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(address)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(city)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(state)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(zip)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(home_phone)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(work_phone)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(mobile)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(other_details)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(comments)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(filed)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(last_modified)%%>', '', $templateCode); // process values if ($selected_id) { $templateCode = str_replace('<%%VALUE(id)%%>', htmlspecialchars($row['id'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%VALUE(last_name)%%>', htmlspecialchars($row['last_name'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%VALUE(first_name)%%>', htmlspecialchars($row['first_name'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%VALUE(gender)%%>', htmlspecialchars($row['gender'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%VALUE(birth_date)%%>', @date('n/j/Y', @strtotime(htmlspecialchars($row['birth_date'], ENT_QUOTES))), $templateCode); $templateCode = str_replace('<%%VALUE(age)%%>', htmlspecialchars($row['age'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%VALUE(address)%%>', htmlspecialchars($row['address'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%VALUE(city)%%>', htmlspecialchars($row['city'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%VALUE(state)%%>', htmlspecialchars($row['state'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%VALUE(zip)%%>', htmlspecialchars($row['zip'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%VALUE(home_phone)%%>', htmlspecialchars($row['home_phone'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%VALUE(work_phone)%%>', htmlspecialchars($row['work_phone'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%VALUE(mobile)%%>', htmlspecialchars($row['mobile'], ENT_QUOTES), $templateCode); if ($AllowUpdate || $AllowInsert) { $templateCode = str_replace('<%%HTMLAREA(other_details)%%>', '<textarea name="other_details" id="other_details" cols="50" rows="5" class="TextBox">' . htmlspecialchars($row['other_details'], ENT_QUOTES) . '</textarea>', $templateCode); } else { $templateCode = str_replace('<%%HTMLAREA(other_details)%%>', $row['other_details'], $templateCode); } $templateCode = str_replace('<%%VALUE(other_details)%%>', $row['other_details'], $templateCode); if ($AllowUpdate || $AllowInsert) { $templateCode = str_replace('<%%HTMLAREA(comments)%%>', '<textarea name="comments" id="comments" cols="50" rows="5" class="TextBox">' . htmlspecialchars($row['comments'], ENT_QUOTES) . '</textarea>', $templateCode); } else { $templateCode = str_replace('<%%HTMLAREA(comments)%%>', $row['comments'], $templateCode); } $templateCode = str_replace('<%%VALUE(comments)%%>', $row['comments'], $templateCode); $templateCode = str_replace('<%%VALUE(filed)%%>', htmlspecialchars($row['filed'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%VALUE(last_modified)%%>', htmlspecialchars($row['last_modified'], ENT_QUOTES), $templateCode); } else { $templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode); $templateCode = str_replace('<%%VALUE(last_name)%%>', '', $templateCode); $templateCode = str_replace('<%%VALUE(first_name)%%>', '', $templateCode); $templateCode = str_replace('<%%VALUE(gender)%%>', 'Unknown', $templateCode); $templateCode = str_replace('<%%VALUE(birth_date)%%>', '', $templateCode); $templateCode = str_replace('<%%VALUE(age)%%>', '', $templateCode); $templateCode = str_replace('<%%VALUE(address)%%>', '', $templateCode); $templateCode = str_replace('<%%VALUE(city)%%>', '', $templateCode); $templateCode = str_replace('<%%VALUE(state)%%>', '', $templateCode); $templateCode = str_replace('<%%VALUE(zip)%%>', '', $templateCode); $templateCode = str_replace('<%%VALUE(home_phone)%%>', '', $templateCode); $templateCode = str_replace('<%%VALUE(work_phone)%%>', '', $templateCode); $templateCode = str_replace('<%%VALUE(mobile)%%>', '', $templateCode); $templateCode = str_replace('<%%HTMLAREA(other_details)%%>', '<textarea name="other_details" id="other_details" cols="50" rows="5" class="TextBox"></textarea>', $templateCode); $templateCode = str_replace('<%%HTMLAREA(comments)%%>', '<textarea name="comments" id="comments" cols="50" rows="5" class="TextBox"></textarea>', $templateCode); $templateCode = str_replace('<%%VALUE(filed)%%>', '<%%creationDateTime%%>', $templateCode); $templateCode = str_replace('<%%VALUE(last_modified)%%>', '<%%editingDateTime%%>', $templateCode); } // process translations foreach ($Translation as $symbol => $trans) { $templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode); } // clear scrap $templateCode = str_replace('<%%', '<!--', $templateCode); $templateCode = str_replace('%%>', '-->', $templateCode); // hide links to inaccessible tables if ($_POST['dvprint_x'] == '') { $templateCode .= "\n\n<script>\n"; $arrTables = getTableList(); foreach ($arrTables as $name => $caption) { $templateCode .= "\tif(document.getElementById('" . $name . "_link')!=undefined){\n"; $templateCode .= "\t\tdocument.getElementById('" . $name . "_link').style.visibility='visible';\n"; $templateCode .= "\t}\n"; for ($i = 1; $i < 10; $i++) { $templateCode .= "\tif(document.getElementById('" . $name . "_plink{$i}')!=undefined){\n"; $templateCode .= "\t\tdocument.getElementById('" . $name . "_plink{$i}').style.visibility='visible';\n"; $templateCode .= "\t}\n"; } } $templateCode .= $jsReadOnly; if (!$selected_id) { } $templateCode .= "\n\tfunction validateData(){"; $templateCode .= "\n\t\tif(\$F('last_name')==''){ alert('" . addslashes($Translation['error:']) . ' "Last name": ' . addslashes($Translation['field not null']) . "'); \$('last_name').focus(); return false; }"; $templateCode .= "\n\t\tif(\$F('first_name')==''){ alert('" . addslashes($Translation['error:']) . ' "First name": ' . addslashes($Translation['field not null']) . "'); \$('first_name').focus(); return false; }"; $templateCode .= "\n\t\tif(\$F('gender')==''){ alert('" . addslashes($Translation['error:']) . ' "Gender": ' . addslashes($Translation['field not null']) . "'); \$('gender').focus(); return false; }"; $templateCode .= "\n\t\treturn true;"; $templateCode .= "\n\t}"; $templateCode .= "\n</script>\n"; } // ajaxed auto-fill fields $templateCode .= "<script>"; $templateCode .= "document.observe('dom:loaded', function() {"; $templateCode .= "});"; $templateCode .= "</script>"; // handle enforced parent values for read-only lookup fields // don't include blank images in lightbox gallery $templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode); // don't display empty email links $templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode); // hook: patients_dv if (function_exists('patients_dv')) { $args = array(); patients_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args); } return $templateCode; }
function outcomes_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0) { // function to return an editable form for a table records // and fill it with data of record whose ID is $selected_id. If $selected_id // is empty, an empty form is shown, with only an 'Add New' // button displayed. global $Translation; // mm: get table permissions $arrPerm = getTablePermissions('outcomes'); if (!$arrPerm[1] && $selected_id == '') { return ''; } // print preview? $dvprint = false; if ($selected_id && $_REQUEST['dvprint_x'] != '') { $dvprint = true; } $filterer_outcome_area = thisOr(undo_magic_quotes($_REQUEST['filterer_outcome_area']), ''); // populate filterers, starting from children to grand-parents // unique random identifier $rnd1 = $dvprint ? rand(1000000, 9999999) : ''; // combobox: outcome_area $combo_outcome_area = new DataCombo(); // combobox: strata $combo_strata = new Combo(); $combo_strata->ListType = 0; $combo_strata->MultipleSeparator = ', '; $combo_strata->ListBoxHeight = 10; $combo_strata->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/outcomes.strata.csv')) { $strata_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/outcomes.strata.csv'))); $combo_strata->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($strata_data))); $combo_strata->ListData = $combo_strata->ListItem; } else { $combo_strata->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Individuals;;Community, Sector & Society"))); $combo_strata->ListData = $combo_strata->ListItem; } $combo_strata->SelectName = 'strata'; if ($selected_id) { // mm: check member permissions if (!$arrPerm[2]) { return ""; } // mm: who is the owner? $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='outcomes' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='outcomes' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) { return ""; } if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) { return ""; } // can edit? if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { $AllowUpdate = 1; } else { $AllowUpdate = 0; } $res = sql("select * from `outcomes` where `outcome_id`='" . makeSafe($selected_id) . "'", $eo); $row = mysql_fetch_array($res); $urow = $row; /* unsanitized data */ $hc = new CI_Input(); $row = $hc->xss_clean($row); /* sanitize data */ $combo_outcome_area->SelectedData = $row['outcome_area']; $combo_strata->SelectedData = $row['strata']; } else { $combo_outcome_area->SelectedData = $filterer_outcome_area; $combo_strata->SelectedText = $_REQUEST['FilterField'][1] == '4' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; } $combo_outcome_area->HTML = $combo_outcome_area->MatchText = '<span id="outcome_area-container' . $rnd1 . '"></span><input type="hidden" name="outcome_area" id="outcome_area' . $rnd1 . '">'; $combo_strata->Render(); ob_start(); ?> <script> // initial lookup values var current_outcome_area__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['outcome_area'] : $filterer_outcome_area); ?> "}; jQuery(function() { outcome_area_reload__RAND__(); }); function outcome_area_reload__RAND__(){ <?php if (($AllowUpdate || $AllowInsert) && !$dvprint) { ?> jQuery("#outcome_area-container__RAND__").select2({ /* initial default value */ initSelection: function(e, c){ jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_outcome_area__RAND__.value, t: 'outcomes', f: 'outcome_area' } }).done(function(resp){ c({ id: resp.results[0].id, text: resp.results[0].text }); jQuery('[name="outcome_area"]').val(resp.results[0].id); if(typeof(outcome_area_update_autofills__RAND__) == 'function') outcome_area_update_autofills__RAND__(); }); }, width: '100%', formatNoMatches: function(term){ return '<?php echo addslashes($Translation['No matches found!']); ?> '; }, minimumResultsForSearch: 10, loadMorePadding: 200, ajax: { url: 'ajax_combo.php', dataType: 'json', cache: true, data: function(term, page){ return { s: term, p: page, t: 'outcomes', f: 'outcome_area' }; }, results: function(resp, page){ return resp; } } }).on('change', function(e){ current_outcome_area__RAND__.value = e.added.id; current_outcome_area__RAND__.text = e.added.text; jQuery('[name="outcome_area"]').val(e.added.id); if(typeof(outcome_area_update_autofills__RAND__) == 'function') outcome_area_update_autofills__RAND__(); }); <?php } else { ?> jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_outcome_area__RAND__.value, t: 'outcomes', f: 'outcome_area' } }).done(function(resp){ jQuery('#outcome_area-container__RAND__').html('<span id="outcome_area-match-text">' + resp.results[0].text + '</span>'); if(typeof(outcome_area_update_autofills__RAND__) == 'function') outcome_area_update_autofills__RAND__(); }); <?php } ?> } </script> <?php $lookups = str_replace('__RAND__', $rnd1, ob_get_contents()); ob_end_clean(); // code for template based detail view forms // open the detail view template if ($dvprint) { $templateCode = @file_get_contents('./templates/outcomes_templateDVP.html'); } else { $templateCode = @file_get_contents('./templates/outcomes_templateDV.html'); } // process form title $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Outcome details', $templateCode); $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode); // process buttons if ($arrPerm[1]) { // allow insert? if (!$selected_id) { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return outcomes_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode); } $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return outcomes_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode); } // 'Back' button action if ($_REQUEST['Embedded']) { $backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;'; } else { $backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;'; } if ($selected_id) { if (!$_REQUEST['Embedded']) { $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode); } if ($AllowUpdate) { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return outcomes_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); } if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) { // allow delete? $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); } $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button tabindex="2" type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode); } // set records to read only if user can't insert new records and can't edit current record if ($selected_id && !$AllowUpdate && !$arrPerm[1] || !$selected_id && !$arrPerm[1]) { $jsReadOnly .= "\tjQuery('#outcome_area').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#outcome_area_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n"; $jsReadOnly .= "\tjQuery('#description').replaceWith('<p class=\"form-control-static\" id=\"description\">' + (jQuery('#description').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#strata').replaceWith('<p class=\"form-control-static\" id=\"strata\">' + (jQuery('#strata').val() || '') + '</p>'); jQuery('#strata-multi-selection-help').hide();\n"; $noUploads = true; } // process combos $templateCode = str_replace('<%%COMBO(outcome_area)%%>', $combo_outcome_area->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(outcome_area)%%>', $combo_outcome_area->MatchText, $templateCode); $templateCode = str_replace('<%%URLCOMBOTEXT(outcome_area)%%>', urlencode($combo_outcome_area->MatchText), $templateCode); $templateCode = str_replace('<%%COMBO(strata)%%>', $combo_strata->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(strata)%%>', $combo_strata->SelectedData, $templateCode); // process foreign key links if ($selected_id) { $templateCode = str_replace('<%%PLINK(outcome_area)%%>', $combo_outcome_area->SelectedData ? "<span id=\"outcome_areas_plink1\" class=\"hidden\"><a class=\"btn btn-default\" href=\"outcome_areas_view.php?SelectedID=" . urlencode($combo_outcome_area->SelectedData) . "\"><i class=\"glyphicon glyphicon-search\"></i></a></span>" : '', $templateCode); } // process images $templateCode = str_replace('<%%UPLOADFILE(outcome_id)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(outcome_area)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(description)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(strata)%%>', '', $templateCode); // process values if ($selected_id) { $templateCode = str_replace('<%%VALUE(outcome_id)%%>', htmlspecialchars($row['outcome_id'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(outcome_id)%%>', urlencode($urow['outcome_id']), $templateCode); $templateCode = str_replace('<%%VALUE(outcome_area)%%>', htmlspecialchars($row['outcome_area'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(outcome_area)%%>', urlencode($urow['outcome_area']), $templateCode); if ($dvprint) { $templateCode = str_replace('<%%VALUE(description)%%>', nl2br(htmlspecialchars($row['description'], ENT_QUOTES)), $templateCode); } else { $templateCode = str_replace('<%%VALUE(description)%%>', htmlspecialchars($row['description'], ENT_QUOTES), $templateCode); } $templateCode = str_replace('<%%URLVALUE(description)%%>', urlencode($urow['description']), $templateCode); $templateCode = str_replace('<%%VALUE(strata)%%>', htmlspecialchars($row['strata'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(strata)%%>', urlencode($urow['strata']), $templateCode); } else { $templateCode = str_replace('<%%VALUE(outcome_id)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(outcome_id)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(outcome_area)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(outcome_area)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(description)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(description)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(strata)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(strata)%%>', urlencode(''), $templateCode); } // process translations foreach ($Translation as $symbol => $trans) { $templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode); } // clear scrap $templateCode = str_replace('<%%', '<!-- ', $templateCode); $templateCode = str_replace('%%>', ' -->', $templateCode); // hide links to inaccessible tables if ($_POST['dvprint_x'] == '') { $templateCode .= "\n\n<script>jQuery(function(){\n"; $arrTables = getTableList(); foreach ($arrTables as $name => $caption) { $templateCode .= "\tjQuery('#{$name}_link').removeClass('hidden');\n"; $templateCode .= "\tjQuery('#xs_{$name}_link').removeClass('hidden');\n"; $templateCode .= "\tjQuery('[id^=\"{$name}_plink\"]').removeClass('hidden');\n"; } $templateCode .= $jsReadOnly; if (!$selected_id) { } $templateCode .= "\n});</script>\n"; } // ajaxed auto-fill fields $templateCode .= "<script>"; $templateCode .= "document.observe('dom:loaded', function() {"; $templateCode .= "});"; $templateCode .= "</script>"; $templateCode .= $lookups; // handle enforced parent values for read-only lookup fields // don't include blank images in lightbox gallery $templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode); // don't display empty email links $templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode); // hook: outcomes_dv if (function_exists('outcomes_dv')) { $args = array(); outcomes_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args); } return $templateCode; }
function paddata_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0) { // function to return an editable form for a table records // and fill it with data of record whose ID is $selected_id. If $selected_id // is empty, an empty form is shown, with only an 'Add New' // button displayed. global $Translation; // mm: get table permissions $arrPerm = getTablePermissions('paddata'); if (!$arrPerm[1] && $selected_id == '') { return ''; } $AllowInsert = $arrPerm[1] ? true : false; // print preview? $dvprint = false; if ($selected_id && $_REQUEST['dvprint_x'] != '') { $dvprint = true; } // populate filterers, starting from children to grand-parents // unique random identifier $rnd1 = $dvprint ? rand(1000000, 9999999) : ''; // combobox: pdate $combo_pdate = new DateCombo(); $combo_pdate->DateFormat = "mdy"; $combo_pdate->MinYear = 1900; $combo_pdate->MaxYear = 2100; $combo_pdate->DefaultDate = parseMySQLDate('', ''); $combo_pdate->MonthNames = $Translation['month names']; $combo_pdate->NamePrefix = 'pdate'; // combobox: status $combo_status = new Combo(); $combo_status->ListType = 2; $combo_status->MultipleSeparator = ', '; $combo_status->ListBoxHeight = 10; $combo_status->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/paddata.status.csv')) { $status_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/paddata.status.csv'))); $combo_status->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($status_data))); $combo_status->ListData = $combo_status->ListItem; } else { $combo_status->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("0;1"))); $combo_status->ListData = $combo_status->ListItem; } $combo_status->SelectName = 'status'; // combobox: affiliate $combo_affiliate = new Combo(); $combo_affiliate->ListType = 0; $combo_affiliate->MultipleSeparator = ', '; $combo_affiliate->ListBoxHeight = 10; $combo_affiliate->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/paddata.affiliate.csv')) { $affiliate_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/paddata.affiliate.csv'))); $combo_affiliate->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($affiliate_data))); $combo_affiliate->ListData = $combo_affiliate->ListItem; } else { $combo_affiliate->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("RegNow;Share-It;eSellerate;Plimus;Avangate"))); $combo_affiliate->ListData = $combo_affiliate->ListItem; } $combo_affiliate->SelectName = 'affiliate'; // combobox: clean $combo_clean = new Combo(); $combo_clean->ListType = 2; $combo_clean->MultipleSeparator = ', '; $combo_clean->ListBoxHeight = 10; $combo_clean->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/paddata.clean.csv')) { $clean_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/paddata.clean.csv'))); $combo_clean->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($clean_data))); $combo_clean->ListData = $combo_clean->ListItem; } else { $combo_clean->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("0;1"))); $combo_clean->ListData = $combo_clean->ListItem; } $combo_clean->SelectName = 'clean'; if ($selected_id) { // mm: check member permissions if (!$arrPerm[2]) { return ""; } // mm: who is the owner? $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='paddata' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='paddata' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) { return ""; } if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) { return ""; } // can edit? if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { $AllowUpdate = 1; } else { $AllowUpdate = 0; } $res = sql("select * from `paddata` where `progid`='" . makeSafe($selected_id) . "'", $eo); if (!($row = db_fetch_array($res))) { return error_message($Translation['No records found']); } $urow = $row; /* unsanitized data */ $hc = new CI_Input(); $row = $hc->xss_clean($row); /* sanitize data */ $combo_pdate->DefaultDate = $row['pdate']; $combo_status->SelectedData = $row['status']; $combo_affiliate->SelectedData = $row['affiliate']; $combo_clean->SelectedData = $row['clean']; } else { $combo_status->SelectedText = $_REQUEST['FilterField'][1] == '12' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "0"; $combo_affiliate->SelectedText = $_REQUEST['FilterField'][1] == '31' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; $combo_clean->SelectedText = $_REQUEST['FilterField'][1] == '34' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "0"; } $combo_status->Render(); $combo_affiliate->Render(); $combo_clean->Render(); // code for template based detail view forms // open the detail view template if ($dvprint) { $templateCode = @file_get_contents('./templates/paddata_templateDVP.html'); } else { $templateCode = @file_get_contents('./templates/paddata_templateDV.html'); } // process form title $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'PAD Data', $templateCode); $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode); $templateCode = str_replace('<%%EMBEDDED%%>', $_REQUEST['Embedded'] ? 'Embedded=1' : '', $templateCode); // process buttons if ($AllowInsert) { if (!$selected_id) { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return paddata_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode); } $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return paddata_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode); } // 'Back' button action if ($_REQUEST['Embedded']) { $backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;'; } else { $backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;'; } if ($selected_id) { if (!$_REQUEST['Embedded']) { $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode); } if ($AllowUpdate) { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return paddata_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); } if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) { // allow delete? $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); } $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode); } // set records to read only if user can't insert new records and can't edit current record if ($selected_id && !$AllowUpdate && !$AllowInsert || !$selected_id && !$AllowInsert) { $jsReadOnly .= "\tjQuery('#company').replaceWith('<div class=\"form-control-static\" id=\"company\">' + (jQuery('#company').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#country').replaceWith('<div class=\"form-control-static\" id=\"country\">' + (jQuery('#country').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#website').replaceWith('<div class=\"form-control-static\" id=\"website\">' + (jQuery('#website').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#contactname').replaceWith('<div class=\"form-control-static\" id=\"contactname\">' + (jQuery('#contactname').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#email').replaceWith('<div class=\"form-control-static\" id=\"email\">' + (jQuery('#email').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#title').replaceWith('<div class=\"form-control-static\" id=\"title\">' + (jQuery('#title').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#version').replaceWith('<div class=\"form-control-static\" id=\"version\">' + (jQuery('#version').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#pdate').prop('readonly', true);\n"; $jsReadOnly .= "\tjQuery('#pdateDay, #pdateMonth, #pdateYear').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#cost').replaceWith('<div class=\"form-control-static\" id=\"cost\">' + (jQuery('#cost').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#ptype').replaceWith('<div class=\"form-control-static\" id=\"ptype\">' + (jQuery('#ptype').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('input[name=status]').parent().html('<div class=\"form-control-static\">' + jQuery('input[name=status]:checked').next().text() + '</div>')\n"; $jsReadOnly .= "\tjQuery('#install').replaceWith('<div class=\"form-control-static\" id=\"install\">' + (jQuery('#install').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#os').replaceWith('<div class=\"form-control-static\" id=\"os\">' + (jQuery('#os').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#languages').replaceWith('<div class=\"form-control-static\" id=\"languages\">' + (jQuery('#languages').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#changeinfo').replaceWith('<div class=\"form-control-static\" id=\"changeinfo\">' + (jQuery('#changeinfo').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#category').replaceWith('<div class=\"form-control-static\" id=\"category\">' + (jQuery('#category').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#requirements').replaceWith('<div class=\"form-control-static\" id=\"requirements\">' + (jQuery('#requirements').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#ksize').replaceWith('<div class=\"form-control-static\" id=\"ksize\">' + (jQuery('#ksize').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#keywords').replaceWith('<div class=\"form-control-static\" id=\"keywords\">' + (jQuery('#keywords').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#description').replaceWith('<div class=\"form-control-static\" id=\"description\">' + (jQuery('#description').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#descrlarge').replaceWith('<div class=\"form-control-static\" id=\"descrlarge\">' + (jQuery('#descrlarge').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#homepage').replaceWith('<div class=\"form-control-static\" id=\"homepage\">' + (jQuery('#homepage').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#screenshot').replaceWith('<div class=\"form-control-static\" id=\"screenshot\">' + (jQuery('#screenshot').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#icon').replaceWith('<div class=\"form-control-static\" id=\"icon\">' + (jQuery('#icon').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#padfile').replaceWith('<div class=\"form-control-static\" id=\"padfile\">' + (jQuery('#padfile').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#download').replaceWith('<div class=\"form-control-static\" id=\"download\">' + (jQuery('#download').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#dlcount').replaceWith('<div class=\"form-control-static\" id=\"dlcount\">' + (jQuery('#dlcount').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#dlipaddr').replaceWith('<div class=\"form-control-static\" id=\"dlipaddr\">' + (jQuery('#dlipaddr').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#aspnumber').replaceWith('<div class=\"form-control-static\" id=\"aspnumber\">' + (jQuery('#aspnumber').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#affiliate').replaceWith('<div class=\"form-control-static\" id=\"affiliate\">' + (jQuery('#affiliate').val() || '') + '</div>'); jQuery('#affiliate-multi-selection-help').hide();\n"; $jsReadOnly .= "\tjQuery('#affiliateid').replaceWith('<div class=\"form-control-static\" id=\"affiliateid\">' + (jQuery('#affiliateid').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#siterating').replaceWith('<div class=\"form-control-static\" id=\"siterating\">' + (jQuery('#siterating').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('input[name=clean]').parent().html('<div class=\"form-control-static\">' + jQuery('input[name=clean]:checked').next().text() + '</div>')\n"; $jsReadOnly .= "\tjQuery('#paderrcount').replaceWith('<div class=\"form-control-static\" id=\"paderrcount\">' + (jQuery('#paderrcount').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('.select2-container').hide();\n"; $noUploads = true; } elseif ($AllowInsert) { $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler } // process combos $templateCode = str_replace('<%%COMBO(pdate)%%>', $selected_id && !$arrPerm[3] ? '<div class="form-control-static">' . $combo_pdate->GetHTML(true) . '</div>' : $combo_pdate->GetHTML(), $templateCode); $templateCode = str_replace('<%%COMBOTEXT(pdate)%%>', $combo_pdate->GetHTML(true), $templateCode); $templateCode = str_replace('<%%COMBO(status)%%>', $combo_status->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(status)%%>', $combo_status->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(affiliate)%%>', $combo_affiliate->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(affiliate)%%>', $combo_affiliate->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(clean)%%>', $combo_clean->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(clean)%%>', $combo_clean->SelectedData, $templateCode); /* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */ $lookup_fields = array(); foreach ($lookup_fields as $luf => $ptfc) { $pt_perm = getTablePermissions($ptfc[0]); // process foreign key links if ($pt_perm['view'] || $pt_perm['edit']) { $templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-lg" id="' . $ptfc[0] . '_view_parent" title="' . htmlspecialchars($Translation['View'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode); } // if user has insert permission to parent table of a lookup field, put an add new button if ($pt_perm['insert'] && !$_REQUEST['Embedded']) { $templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent" id="' . $ptfc[0] . '_add_new" title="' . htmlspecialchars($Translation['Add New'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode); } } // process images $templateCode = str_replace('<%%UPLOADFILE(progid)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(company)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(country)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(website)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(contactname)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(email)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(title)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(version)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(pdate)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(cost)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(ptype)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(status)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(install)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(os)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(languages)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(changeinfo)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(category)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(requirements)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(ksize)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(keywords)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(description)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(descrlarge)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(homepage)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(screenshot)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(icon)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(padfile)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(download)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(dlcount)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(dlipaddr)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(aspnumber)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(affiliate)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(affiliateid)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(siterating)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(clean)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(paderrcount)%%>', '', $templateCode); // process values if ($selected_id) { $templateCode = str_replace('<%%VALUE(progid)%%>', htmlspecialchars($row['progid'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(progid)%%>', urlencode($urow['progid']), $templateCode); $templateCode = str_replace('<%%VALUE(company)%%>', htmlspecialchars($row['company'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(company)%%>', urlencode($urow['company']), $templateCode); $templateCode = str_replace('<%%VALUE(country)%%>', htmlspecialchars($row['country'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(country)%%>', urlencode($urow['country']), $templateCode); $templateCode = str_replace('<%%VALUE(website)%%>', htmlspecialchars($row['website'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(website)%%>', urlencode($urow['website']), $templateCode); $templateCode = str_replace('<%%VALUE(contactname)%%>', htmlspecialchars($row['contactname'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(contactname)%%>', urlencode($urow['contactname']), $templateCode); $templateCode = str_replace('<%%VALUE(email)%%>', htmlspecialchars($row['email'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(email)%%>', urlencode($urow['email']), $templateCode); $templateCode = str_replace('<%%VALUE(title)%%>', htmlspecialchars($row['title'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(title)%%>', urlencode($urow['title']), $templateCode); $templateCode = str_replace('<%%VALUE(version)%%>', htmlspecialchars($row['version'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(version)%%>', urlencode($urow['version']), $templateCode); $templateCode = str_replace('<%%VALUE(pdate)%%>', @date('m/d/Y', @strtotime(htmlspecialchars($row['pdate'], ENT_QUOTES, 'iso-8859-1'))), $templateCode); $templateCode = str_replace('<%%URLVALUE(pdate)%%>', urlencode(@date('m/d/Y', @strtotime(htmlspecialchars($urow['pdate'], ENT_QUOTES, 'iso-8859-1')))), $templateCode); $templateCode = str_replace('<%%VALUE(cost)%%>', htmlspecialchars($row['cost'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(cost)%%>', urlencode($urow['cost']), $templateCode); $templateCode = str_replace('<%%VALUE(ptype)%%>', htmlspecialchars($row['ptype'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(ptype)%%>', urlencode($urow['ptype']), $templateCode); $templateCode = str_replace('<%%VALUE(status)%%>', htmlspecialchars($row['status'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(status)%%>', urlencode($urow['status']), $templateCode); $templateCode = str_replace('<%%VALUE(install)%%>', htmlspecialchars($row['install'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(install)%%>', urlencode($urow['install']), $templateCode); $templateCode = str_replace('<%%VALUE(os)%%>', htmlspecialchars($row['os'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(os)%%>', urlencode($urow['os']), $templateCode); $templateCode = str_replace('<%%VALUE(languages)%%>', htmlspecialchars($row['languages'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(languages)%%>', urlencode($urow['languages']), $templateCode); $templateCode = str_replace('<%%VALUE(changeinfo)%%>', htmlspecialchars($row['changeinfo'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(changeinfo)%%>', urlencode($urow['changeinfo']), $templateCode); $templateCode = str_replace('<%%VALUE(category)%%>', htmlspecialchars($row['category'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(category)%%>', urlencode($urow['category']), $templateCode); $templateCode = str_replace('<%%VALUE(requirements)%%>', htmlspecialchars($row['requirements'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(requirements)%%>', urlencode($urow['requirements']), $templateCode); $templateCode = str_replace('<%%VALUE(ksize)%%>', htmlspecialchars($row['ksize'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(ksize)%%>', urlencode($urow['ksize']), $templateCode); $templateCode = str_replace('<%%VALUE(keywords)%%>', htmlspecialchars($row['keywords'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(keywords)%%>', urlencode($urow['keywords']), $templateCode); $templateCode = str_replace('<%%VALUE(description)%%>', htmlspecialchars($row['description'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(description)%%>', urlencode($urow['description']), $templateCode); $templateCode = str_replace('<%%VALUE(descrlarge)%%>', htmlspecialchars($row['descrlarge'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(descrlarge)%%>', urlencode($urow['descrlarge']), $templateCode); $templateCode = str_replace('<%%VALUE(homepage)%%>', htmlspecialchars($row['homepage'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(homepage)%%>', urlencode($urow['homepage']), $templateCode); $templateCode = str_replace('<%%VALUE(screenshot)%%>', htmlspecialchars($row['screenshot'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(screenshot)%%>', urlencode($urow['screenshot']), $templateCode); $templateCode = str_replace('<%%VALUE(icon)%%>', htmlspecialchars($row['icon'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(icon)%%>', urlencode($urow['icon']), $templateCode); $templateCode = str_replace('<%%VALUE(padfile)%%>', htmlspecialchars($row['padfile'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(padfile)%%>', urlencode($urow['padfile']), $templateCode); $templateCode = str_replace('<%%VALUE(download)%%>', htmlspecialchars($row['download'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(download)%%>', urlencode($urow['download']), $templateCode); $templateCode = str_replace('<%%VALUE(dlcount)%%>', htmlspecialchars($row['dlcount'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(dlcount)%%>', urlencode($urow['dlcount']), $templateCode); $templateCode = str_replace('<%%VALUE(dlipaddr)%%>', htmlspecialchars($row['dlipaddr'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(dlipaddr)%%>', urlencode($urow['dlipaddr']), $templateCode); $templateCode = str_replace('<%%VALUE(aspnumber)%%>', htmlspecialchars($row['aspnumber'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(aspnumber)%%>', urlencode($urow['aspnumber']), $templateCode); $templateCode = str_replace('<%%VALUE(affiliate)%%>', htmlspecialchars($row['affiliate'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(affiliate)%%>', urlencode($urow['affiliate']), $templateCode); $templateCode = str_replace('<%%VALUE(affiliateid)%%>', htmlspecialchars($row['affiliateid'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(affiliateid)%%>', urlencode($urow['affiliateid']), $templateCode); $templateCode = str_replace('<%%VALUE(siterating)%%>', htmlspecialchars($row['siterating'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(siterating)%%>', urlencode($urow['siterating']), $templateCode); $templateCode = str_replace('<%%VALUE(clean)%%>', htmlspecialchars($row['clean'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(clean)%%>', urlencode($urow['clean']), $templateCode); $templateCode = str_replace('<%%VALUE(paderrcount)%%>', htmlspecialchars($row['paderrcount'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(paderrcount)%%>', urlencode($urow['paderrcount']), $templateCode); } else { $templateCode = str_replace('<%%VALUE(progid)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(progid)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(company)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(company)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(country)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(country)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(website)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(website)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(contactname)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(contactname)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(email)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(email)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(title)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(title)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(version)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(version)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(pdate)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(pdate)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(cost)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(cost)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(ptype)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(ptype)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(status)%%>', '0', $templateCode); $templateCode = str_replace('<%%URLVALUE(status)%%>', urlencode('0'), $templateCode); $templateCode = str_replace('<%%VALUE(install)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(install)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(os)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(os)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(languages)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(languages)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(changeinfo)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(changeinfo)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(category)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(category)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(requirements)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(requirements)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(ksize)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(ksize)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(keywords)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(keywords)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(description)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(description)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(descrlarge)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(descrlarge)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(homepage)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(homepage)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(screenshot)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(screenshot)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(icon)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(icon)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(padfile)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(padfile)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(download)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(download)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(dlcount)%%>', '0', $templateCode); $templateCode = str_replace('<%%URLVALUE(dlcount)%%>', urlencode('0'), $templateCode); $templateCode = str_replace('<%%VALUE(dlipaddr)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(dlipaddr)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(aspnumber)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(aspnumber)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(affiliate)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(affiliate)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(affiliateid)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(affiliateid)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(siterating)%%>', '0', $templateCode); $templateCode = str_replace('<%%URLVALUE(siterating)%%>', urlencode('0'), $templateCode); $templateCode = str_replace('<%%VALUE(clean)%%>', '0', $templateCode); $templateCode = str_replace('<%%URLVALUE(clean)%%>', urlencode('0'), $templateCode); $templateCode = str_replace('<%%VALUE(paderrcount)%%>', '0', $templateCode); $templateCode = str_replace('<%%URLVALUE(paderrcount)%%>', urlencode('0'), $templateCode); } // process translations foreach ($Translation as $symbol => $trans) { $templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode); } // clear scrap $templateCode = str_replace('<%%', '<!-- ', $templateCode); $templateCode = str_replace('%%>', ' -->', $templateCode); // hide links to inaccessible tables if ($_REQUEST['dvprint_x'] == '') { $templateCode .= "\n\n<script>\$j(function(){\n"; $arrTables = getTableList(); foreach ($arrTables as $name => $caption) { $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n"; $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n"; } $templateCode .= $jsReadOnly; $templateCode .= $jsEditable; if (!$selected_id) { } $templateCode .= "\n});</script>\n"; } // ajaxed auto-fill fields $templateCode .= '<script>'; $templateCode .= '$j(function() {'; $templateCode .= "});"; $templateCode .= "</script>"; $templateCode .= $lookups; // handle enforced parent values for read-only lookup fields // don't include blank images in lightbox gallery $templateCode = preg_replace('/blank.gif" data-lightbox=".*?"/', 'blank.gif"', $templateCode); // don't display empty email links $templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode); // hook: paddata_dv if (function_exists('paddata_dv')) { $args = array(); paddata_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args); } return $templateCode; }
function companies_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0) { // function to return an editable form for a table records // and fill it with data of record whose ID is $selected_id. If $selected_id // is empty, an empty form is shown, with only an 'Add New' // button displayed. global $Translation; // mm: get table permissions $arrPerm = getTablePermissions('companies'); if (!$arrPerm[1] && $selected_id == '') { return ''; } // print preview? $dvprint = false; if ($selected_id && $_REQUEST['dvprint_x'] != '') { $dvprint = true; } $filterer_client = thisOr(undo_magic_quotes($_REQUEST['filterer_client']), ''); $filterer_sic_code = thisOr(undo_magic_quotes($_REQUEST['filterer_sic_code']), ''); // populate filterers, starting from children to grand-parents // unique random identifier $rnd1 = $dvprint ? rand(1000000, 9999999) : ''; // combobox: client $combo_client = new DataCombo(); // combobox: industry $combo_industry = new Combo(); $combo_industry->ListType = 0; $combo_industry->MultipleSeparator = ', '; $combo_industry->ListBoxHeight = 10; $combo_industry->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/companies.industry.csv')) { $industry_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/companies.industry.csv'))); $combo_industry->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($industry_data))); $combo_industry->ListData = $combo_industry->ListItem; } else { $combo_industry->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Automobiles and parts;;Business services;;Carbon offsetting and trading;;Charitable services and fundraising;;Chemicals;;Clothing retail;;Construction;;Consulting;;Consumer electronics;;Consumer goods and services (other);;Eating and drinking places;;Education;;Energy and Water;;Financial services;;Food and beverages retail;;Food producers;;Forestry and paper;;Health;;Household goods;;Internet platforms;;Leisure goods;;Media;;Other;;Personal goods;;Recycling and waste management;;Residential and commercial property;;Retail (general);;Telecoms;;Training and employment;;Transport;;Travel, tourism and leisure"))); $combo_industry->ListData = $combo_industry->ListItem; } $combo_industry->SelectName = 'industry'; // combobox: country_hq $combo_country_hq = new Combo(); $combo_country_hq->ListType = 0; $combo_country_hq->MultipleSeparator = ', '; $combo_country_hq->ListBoxHeight = 10; $combo_country_hq->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/companies.country_hq.csv')) { $country_hq_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/companies.country_hq.csv'))); $combo_country_hq->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($country_hq_data))); $combo_country_hq->ListData = $combo_country_hq->ListItem; } else { $combo_country_hq->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Afghanistan;;Albania;;Algeria;;American Samoa;;Andorra;;Angola;;Anguilla;;Antarctica;;Antigua, Barbuda;;Argentina;;Armenia;;Aruba;;Australia;;Austria;;Azerbaijan;;Bahamas;;Bahrain;;Bangladesh;;Barbados;;Belarus;;Belgium;;Belize;;Benin;;Bermuda;;Bhutan;;Bolivia;;Bosnia, Herzegovina;;Botswana;;Bouvet Is.;;Brazil;;Brunei Darussalam;;Bulgaria;;Burkina Faso;;Burundi;;Cambodia;;Cameroon;;Canada;;Canary Is.;;Cape Verde;;Cayman Is.;;Central African Rep.;;Chad;;Channel Islands;;Chile;;China;;Christmas Is.;;Cocos Is.;;Colombia;;Comoros;;Congo, D.R. Of;;Congo;;Cook Is.;;Costa Rica;;Croatia;;Cuba;;Cyprus;;Czech Republic;;Denmark;;Djibouti;;Dominica;;Dominican Republic;;Ecuador;;Egypt;;El Salvador;;Equatorial Guinea;;Eritrea;;Estonia;;Ethiopia;;Falkland Is.;;Faroe Is.;;Fiji;;Finland;;France;;French Guiana;;French Polynesia;;French Territories;;Gabon;;Gambia;;Georgia;;Germany;;Ghana;;Gibraltar;;Greece;;Greenland;;Grenada;;Guadeloupe;;Guam;;Guatemala;;Guernsey;;Guinea-bissau;;Guinea;;Guyana;;Haiti;;Heard, Mcdonald Is.;;Honduras;;Hong Kong;;Hungary;;Iceland;;India;;Indonesia;;Iran;;Iraq;;Ireland;;Israel;;Italy;;Ivory Coast;;Jamaica;;Japan;;Jersey;;Jordan;;Kazakhstan;;Kenya;;Kiribati;;Korea, D.P.R Of;;Korea, Rep. Of;;Kuwait;;Kyrgyzstan;;Lao Peoples D.R.;;Latvia;;Lebanon;;Lesotho;;Liberia;;Libyan Arab Jamahiriya;;Liechtenstein;;Lithuania;;Luxembourg;;Macao;;Macedonia, F.Y.R Of;;Madagascar;;Malawi;;Malaysia;;Maldives;;Mali;;Malta;;Mariana Islands;;Marshall Islands;;Martinique;;Mauritania;;Mauritius;;Mayotte;;Mexico;;Micronesia;;Moldova;;Monaco;;Mongolia;;Montserrat;;Morocco;;Mozambique;;Myanmar;;Namibia;;Nauru;;Nepal;;Netherlands Antilles;;Netherlands;;New Caledonia;;New Zealand;;Nicaragua;;Niger;;Nigeria;;Niue;;Norfolk Island;;Norway;;Oman;;Pakistan;;Palau;;Palestinian Terr.;;Panama;;Papua New Guinea;;Paraguay;;Peru;;Philippines;;Pitcairn;;Poland;;Portugal;;Puerto Rico;;Qatar;;Reunion;;Romania;;Russian Federation;;Rwanda;;Samoa;;San Marino;;Sao Tome, Principe;;Saudi Arabia;;Senegal;;Seychelles;;Sierra Leone;;Singapore;;Slovakia;;Slovenia;;Solomon Is.;;Somalia;;South Africa;;South Georgia;;South Sandwich Is.;;Spain;;Sri Lanka;;St. Helena;;St. Kitts, Nevis;;St. Lucia;;St. Pierre, Miquelon;;St. Vincent, Grenadines;;Sudan;;Suriname;;Svalbard, Jan Mayen;;Swaziland;;Sweden;;Switzerland;;Syrian Arab Republic;;Taiwan;;Tajikistan;;Tanzania;;Thailand;;Timor-leste;;Togo;;Tokelau;;Tonga;;Trinidad, Tobago;;Tunisia;;Turkey;;Turkmenistan;;Turks, Caicoss;;Tuvalu;;Uganda;;Ukraine;;United Arab Emirates;;United Kingdom;;United States;;Uruguay;;Uzbekistan;;Vanuatu;;Vatican City;;Venezuela;;Viet Nam;;Virgin Is. British;;Virgin Is. U.S.;;Wallis, Futuna;;Western Sahara;;Yemen;;Yugoslavia;;Zambia;;Zimbabwe"))); $combo_country_hq->ListData = $combo_country_hq->ListItem; } $combo_country_hq->SelectName = 'country_hq'; // combobox: country_operations $combo_country_operations = new Combo(); $combo_country_operations->ListType = 3; $combo_country_operations->MultipleSeparator = ', '; $combo_country_operations->ListBoxHeight = 10; $combo_country_operations->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/companies.country_operations.csv')) { $country_operations_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/companies.country_operations.csv'))); $combo_country_operations->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($country_operations_data))); $combo_country_operations->ListData = $combo_country_operations->ListItem; } else { $combo_country_operations->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Afghanistan;;Albania;;Algeria;;American Samoa;;Andorra;;Angola;;Anguilla;;Antarctica;;Antigua, Barbuda;;Argentina;;Armenia;;Aruba;;Australia;;Austria;;Azerbaijan;;Bahamas;;Bahrain;;Bangladesh;;Barbados;;Belarus;;Belgium;;Belize;;Benin;;Bermuda;;Bhutan;;Bolivia;;Bosnia, Herzegovina;;Botswana;;Bouvet Is.;;Brazil;;Brunei Darussalam;;Bulgaria;;Burkina Faso;;Burundi;;Cambodia;;Cameroon;;Canada;;Canary Is.;;Cape Verde;;Cayman Is.;;Central African Rep.;;Chad;;Channel Islands;;Chile;;China;;Christmas Is.;;Cocos Is.;;Colombia;;Comoros;;Congo, D.R. Of;;Congo;;Cook Is.;;Costa Rica;;Croatia;;Cuba;;Cyprus;;Czech Republic;;Denmark;;Djibouti;;Dominica;;Dominican Republic;;Ecuador;;Egypt;;El Salvador;;Equatorial Guinea;;Eritrea;;Estonia;;Ethiopia;;Falkland Is.;;Faroe Is.;;Fiji;;Finland;;France;;French Guiana;;French Polynesia;;French Territories;;Gabon;;Gambia;;Georgia;;Germany;;Ghana;;Gibraltar;;Greece;;Greenland;;Grenada;;Guadeloupe;;Guam;;Guatemala;;Guernsey;;Guinea-bissau;;Guinea;;Guyana;;Haiti;;Heard, Mcdonald Is.;;Honduras;;Hong Kong;;Hungary;;Iceland;;India;;Indonesia;;Iran;;Iraq;;Ireland;;Israel;;Italy;;Ivory Coast;;Jamaica;;Japan;;Jersey;;Jordan;;Kazakhstan;;Kenya;;Kiribati;;Korea, D.P.R Of;;Korea, Rep. Of;;Kuwait;;Kyrgyzstan;;Lao Peoples D.R.;;Latvia;;Lebanon;;Lesotho;;Liberia;;Libyan Arab Jamahiriya;;Liechtenstein;;Lithuania;;Luxembourg;;Macao;;Macedonia, F.Y.R Of;;Madagascar;;Malawi;;Malaysia;;Maldives;;Mali;;Malta;;Mariana Islands;;Marshall Islands;;Martinique;;Mauritania;;Mauritius;;Mayotte;;Mexico;;Micronesia;;Moldova;;Monaco;;Mongolia;;Montserrat;;Morocco;;Mozambique;;Myanmar;;Namibia;;Nauru;;Nepal;;Netherlands Antilles;;Netherlands;;New Caledonia;;New Zealand;;Nicaragua;;Niger;;Nigeria;;Niue;;Norfolk Island;;Norway;;Oman;;Pakistan;;Palau;;Palestinian Terr.;;Panama;;Papua New Guinea;;Paraguay;;Peru;;Philippines;;Pitcairn;;Poland;;Portugal;;Puerto Rico;;Qatar;;Reunion;;Romania;;Russian Federation;;Rwanda;;Samoa;;San Marino;;Sao Tome, Principe;;Saudi Arabia;;Senegal;;Seychelles;;Sierra Leone;;Singapore;;Slovakia;;Slovenia;;Solomon Is.;;Somalia;;South Africa;;South Georgia;;South Sandwich Is.;;Spain;;Sri Lanka;;St. Helena;;St. Kitts, Nevis;;St. Lucia;;St. Pierre, Miquelon;;St. Vincent, Grenadines;;Sudan;;Suriname;;Svalbard, Jan Mayen;;Swaziland;;Sweden;;Switzerland;;Syrian Arab Republic;;Taiwan;;Tajikistan;;Tanzania;;Thailand;;Timor-leste;;Togo;;Tokelau;;Tonga;;Trinidad, Tobago;;Tunisia;;Turkey;;Turkmenistan;;Turks, Caicoss;;Tuvalu;;Uganda;;Ukraine;;United Arab Emirates;;United Kingdom;;United States;;Uruguay;;Uzbekistan;;Vanuatu;;Vatican City;;Venezuela;;Viet Nam;;Virgin Is. British;;Virgin Is. U.S.;;Wallis, Futuna;;Western Sahara;;Yemen;;Yugoslavia;;Zambia;;Zimbabwe"))); $combo_country_operations->ListData = $combo_country_operations->ListItem; } $combo_country_operations->SelectName = 'country_operations'; // combobox: company_type $combo_company_type = new Combo(); $combo_company_type->ListType = 0; $combo_company_type->MultipleSeparator = ', '; $combo_company_type->ListBoxHeight = 10; $combo_company_type->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/companies.company_type.csv')) { $company_type_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/companies.company_type.csv'))); $combo_company_type->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($company_type_data))); $combo_company_type->ListData = $combo_company_type->ListItem; } else { $combo_company_type->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("501(c);;AG;;BV;;CIC;;Company limited by guarantee;;Cooperative;;GmbH;;Inc;;IPS;;L3C;;LLP;;LP;;Ltd;;Ltda;;Non-incorporated partnership;;Not stated;;NV;;PLC;;Private company limited by shares;;Royal Charter;;SA;;SARL;;Societas Europaea;;Sole trader;;Subsidiary;;Unincorporated;;Unlimited"))); $combo_company_type->ListData = $combo_company_type->ListItem; } $combo_company_type->SelectName = 'company_type'; // combobox: sic_code $combo_sic_code = new DataCombo(); // combobox: created $combo_created = new DateCombo(); $combo_created->DateFormat = "dmy"; $combo_created->MinYear = 1900; $combo_created->MaxYear = 2100; $combo_created->DefaultDate = parseMySQLDate('<%%creationDate%%>', '<%%creationDate%%>'); $combo_created->MonthNames = $Translation['month names']; $combo_created->NamePrefix = 'created'; if ($selected_id) { // mm: check member permissions if (!$arrPerm[2]) { return ""; } // mm: who is the owner? $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='companies' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='companies' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) { return ""; } if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) { return ""; } // can edit? if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { $AllowUpdate = 1; } else { $AllowUpdate = 0; } $res = sql("select * from `companies` where `company_id`='" . makeSafe($selected_id) . "'", $eo); $row = mysql_fetch_array($res); $urow = $row; /* unsanitized data */ $hc = new CI_Input(); $row = $hc->xss_clean($row); /* sanitize data */ $combo_client->SelectedData = $row['client']; $combo_industry->SelectedData = $row['industry']; $combo_country_hq->SelectedData = $row['country_hq']; $combo_country_operations->SelectedData = $row['country_operations']; $combo_company_type->SelectedData = $row['company_type']; $combo_sic_code->SelectedData = $row['sic_code']; $combo_created->DefaultDate = $row['created']; } else { $combo_client->SelectedData = $filterer_client; $combo_industry->SelectedText = $_REQUEST['FilterField'][1] == '7' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; $combo_country_hq->SelectedText = $_REQUEST['FilterField'][1] == '9' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "United Kingdom"; $combo_company_type->SelectedText = $_REQUEST['FilterField'][1] == '12' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; $combo_sic_code->SelectedData = $filterer_sic_code; } $combo_client->HTML = $combo_client->MatchText = '<span id="client-container' . $rnd1 . '"></span><input type="hidden" name="client" id="client' . $rnd1 . '">'; $combo_industry->Render(); $combo_country_hq->Render(); $combo_country_operations->Render(); $combo_company_type->Render(); $combo_sic_code->HTML = $combo_sic_code->MatchText = '<span id="sic_code-container' . $rnd1 . '"></span><input type="hidden" name="sic_code" id="sic_code' . $rnd1 . '">'; ob_start(); ?> <script> // initial lookup values var current_client__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['client'] : $filterer_client); ?> "}; var current_sic_code__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['sic_code'] : $filterer_sic_code); ?> "}; jQuery(function() { client_reload__RAND__(); sic_code_reload__RAND__(); }); function client_reload__RAND__(){ <?php if (($AllowUpdate || $AllowInsert) && !$dvprint) { ?> jQuery("#client-container__RAND__").select2({ /* initial default value */ initSelection: function(e, c){ jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_client__RAND__.value, t: 'companies', f: 'client' } }).done(function(resp){ c({ id: resp.results[0].id, text: resp.results[0].text }); jQuery('[name="client"]').val(resp.results[0].id); if(typeof(client_update_autofills__RAND__) == 'function') client_update_autofills__RAND__(); }); }, width: '100%', formatNoMatches: function(term){ return '<?php echo addslashes($Translation['No matches found!']); ?> '; }, minimumResultsForSearch: 10, loadMorePadding: 200, ajax: { url: 'ajax_combo.php', dataType: 'json', cache: true, data: function(term, page){ return { s: term, p: page, t: 'companies', f: 'client' }; }, results: function(resp, page){ return resp; } } }).on('change', function(e){ current_client__RAND__.value = e.added.id; current_client__RAND__.text = e.added.text; jQuery('[name="client"]').val(e.added.id); if(typeof(client_update_autofills__RAND__) == 'function') client_update_autofills__RAND__(); }); <?php } else { ?> jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_client__RAND__.value, t: 'companies', f: 'client' } }).done(function(resp){ jQuery('#client-container__RAND__').html('<span id="client-match-text">' + resp.results[0].text + '</span>'); if(typeof(client_update_autofills__RAND__) == 'function') client_update_autofills__RAND__(); }); <?php } ?> } function sic_code_reload__RAND__(){ <?php if (($AllowUpdate || $AllowInsert) && !$dvprint) { ?> jQuery("#sic_code-container__RAND__").select2({ /* initial default value */ initSelection: function(e, c){ jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_sic_code__RAND__.value, t: 'companies', f: 'sic_code' } }).done(function(resp){ c({ id: resp.results[0].id, text: resp.results[0].text }); jQuery('[name="sic_code"]').val(resp.results[0].id); if(typeof(sic_code_update_autofills__RAND__) == 'function') sic_code_update_autofills__RAND__(); }); }, width: '100%', formatNoMatches: function(term){ return '<?php echo addslashes($Translation['No matches found!']); ?> '; }, minimumResultsForSearch: 10, loadMorePadding: 200, ajax: { url: 'ajax_combo.php', dataType: 'json', cache: true, data: function(term, page){ return { s: term, p: page, t: 'companies', f: 'sic_code' }; }, results: function(resp, page){ return resp; } } }).on('change', function(e){ current_sic_code__RAND__.value = e.added.id; current_sic_code__RAND__.text = e.added.text; jQuery('[name="sic_code"]').val(e.added.id); if(typeof(sic_code_update_autofills__RAND__) == 'function') sic_code_update_autofills__RAND__(); }); <?php } else { ?> jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_sic_code__RAND__.value, t: 'companies', f: 'sic_code' } }).done(function(resp){ jQuery('#sic_code-container__RAND__').html('<span id="sic_code-match-text">' + resp.results[0].text + '</span>'); if(typeof(sic_code_update_autofills__RAND__) == 'function') sic_code_update_autofills__RAND__(); }); <?php } ?> } </script> <?php $lookups = str_replace('__RAND__', $rnd1, ob_get_contents()); ob_end_clean(); // code for template based detail view forms // open the detail view template if ($dvprint) { $templateCode = @file_get_contents('./templates/companies_templateDVP.html'); } else { $templateCode = @file_get_contents('./templates/companies_templateDV.html'); } // process form title $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Company details', $templateCode); $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode); // process buttons if ($arrPerm[1]) { // allow insert? if (!$selected_id) { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return companies_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode); } $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return companies_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode); } // 'Back' button action if ($_REQUEST['Embedded']) { $backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;'; } else { $backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;'; } if ($selected_id) { if (!$_REQUEST['Embedded']) { $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode); } if ($AllowUpdate) { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return companies_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); } if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) { // allow delete? $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); } $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button tabindex="2" type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode); } // set records to read only if user can't insert new records and can't edit current record if ($selected_id && !$AllowUpdate && !$arrPerm[1] || !$selected_id && !$arrPerm[1]) { $jsReadOnly .= "\tjQuery('#name').replaceWith('<p class=\"form-control-static\" id=\"name\">' + (jQuery('#name').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#client').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#client_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n"; $jsReadOnly .= "\tjQuery('#website').replaceWith('<p class=\"form-control-static\" id=\"website\">' + (jQuery('#website').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#website, #website-edit-link').hide();\n"; $jsReadOnly .= "\tjQuery('#description').replaceWith('<p class=\"form-control-static\" id=\"description\">' + (jQuery('#description').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#founded').replaceWith('<p class=\"form-control-static\" id=\"founded\">' + (jQuery('#founded').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#industry').replaceWith('<p class=\"form-control-static\" id=\"industry\">' + (jQuery('#industry').val() || '') + '</p>'); jQuery('#industry-multi-selection-help').hide();\n"; $jsReadOnly .= "\tjQuery('#company_number').replaceWith('<p class=\"form-control-static\" id=\"company_number\">' + (jQuery('#company_number').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#country_hq').replaceWith('<p class=\"form-control-static\" id=\"country_hq\">' + (jQuery('#country_hq').val() || '') + '</p>'); jQuery('#country_hq-multi-selection-help').hide();\n"; $jsReadOnly .= "\tjQuery('#country_operations').replaceWith('<p class=\"form-control-static\" id=\"country_operations\">' + (jQuery('#country_operations').val() || '') + '</p>'); jQuery('#country_operations-multi-selection-help').hide();\n"; $jsReadOnly .= "\tjQuery('#s2id_country_operations').remove();\n"; $jsReadOnly .= "\tjQuery('#num_employees').replaceWith('<p class=\"form-control-static\" id=\"num_employees\">' + (jQuery('#num_employees').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#company_type').replaceWith('<p class=\"form-control-static\" id=\"company_type\">' + (jQuery('#company_type').val() || '') + '</p>'); jQuery('#company_type-multi-selection-help').hide();\n"; $jsReadOnly .= "\tjQuery('#sic_code').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#sic_code_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n"; $noUploads = true; } // process combos $templateCode = str_replace('<%%COMBO(client)%%>', $combo_client->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(client)%%>', $combo_client->MatchText, $templateCode); $templateCode = str_replace('<%%URLCOMBOTEXT(client)%%>', urlencode($combo_client->MatchText), $templateCode); $templateCode = str_replace('<%%COMBO(industry)%%>', $combo_industry->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(industry)%%>', $combo_industry->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(country_hq)%%>', $combo_country_hq->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(country_hq)%%>', $combo_country_hq->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(country_operations)%%>', $combo_country_operations->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(country_operations)%%>', $combo_country_operations->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(company_type)%%>', $combo_company_type->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(company_type)%%>', $combo_company_type->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(sic_code)%%>', $combo_sic_code->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(sic_code)%%>', $combo_sic_code->MatchText, $templateCode); $templateCode = str_replace('<%%URLCOMBOTEXT(sic_code)%%>', urlencode($combo_sic_code->MatchText), $templateCode); $templateCode = str_replace('<%%COMBO(created)%%>', $selected_id && !$arrPerm[3] ? '<p class="form-control-static">' . $combo_created->GetHTML(true) . '</p>' : $combo_created->GetHTML(), $templateCode); $templateCode = str_replace('<%%COMBOTEXT(created)%%>', $combo_created->GetHTML(true), $templateCode); // process foreign key links if ($selected_id) { $templateCode = str_replace('<%%PLINK(client)%%>', $combo_client->SelectedData ? "<span id=\"clients_plink1\" class=\"hidden\"><a class=\"btn btn-default\" href=\"clients_view.php?SelectedID=" . urlencode($combo_client->SelectedData) . "\"><i class=\"glyphicon glyphicon-search\"></i></a></span>" : '', $templateCode); $templateCode = str_replace('<%%PLINK(sic_code)%%>', $combo_sic_code->SelectedData ? "<span id=\"sic_plink2\" class=\"hidden\"><a class=\"btn btn-default\" href=\"sic_view.php?SelectedID=" . urlencode($combo_sic_code->SelectedData) . "\"><i class=\"glyphicon glyphicon-search\"></i></a></span>" : '', $templateCode); } // process images $templateCode = str_replace('<%%UPLOADFILE(company_id)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(name)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(client)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(website)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(description)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(founded)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(industry)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(company_number)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(country_hq)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(country_operations)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(num_employees)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(company_type)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(sic_code)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(created)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(created_by)%%>', '', $templateCode); // process values if ($selected_id) { $templateCode = str_replace('<%%VALUE(company_id)%%>', htmlspecialchars($row['company_id'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(company_id)%%>', urlencode($urow['company_id']), $templateCode); $templateCode = str_replace('<%%VALUE(name)%%>', htmlspecialchars($row['name'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(name)%%>', urlencode($urow['name']), $templateCode); $templateCode = str_replace('<%%VALUE(client)%%>', htmlspecialchars($row['client'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(client)%%>', urlencode($urow['client']), $templateCode); $templateCode = str_replace('<%%VALUE(website)%%>', htmlspecialchars($row['website'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(website)%%>', urlencode($urow['website']), $templateCode); $templateCode = str_replace('<%%VALUE(description)%%>', htmlspecialchars($row['description'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(description)%%>', urlencode($urow['description']), $templateCode); $templateCode = str_replace('<%%VALUE(founded)%%>', htmlspecialchars($row['founded'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(founded)%%>', urlencode($urow['founded']), $templateCode); $templateCode = str_replace('<%%VALUE(industry)%%>', htmlspecialchars($row['industry'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(industry)%%>', urlencode($urow['industry']), $templateCode); $templateCode = str_replace('<%%VALUE(company_number)%%>', htmlspecialchars($row['company_number'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(company_number)%%>', urlencode($urow['company_number']), $templateCode); $templateCode = str_replace('<%%VALUE(country_hq)%%>', htmlspecialchars($row['country_hq'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(country_hq)%%>', urlencode($urow['country_hq']), $templateCode); $templateCode = str_replace('<%%VALUE(country_operations)%%>', htmlspecialchars($row['country_operations'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(country_operations)%%>', urlencode($urow['country_operations']), $templateCode); $templateCode = str_replace('<%%VALUE(num_employees)%%>', htmlspecialchars($row['num_employees'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(num_employees)%%>', urlencode($urow['num_employees']), $templateCode); $templateCode = str_replace('<%%VALUE(company_type)%%>', htmlspecialchars($row['company_type'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(company_type)%%>', urlencode($urow['company_type']), $templateCode); $templateCode = str_replace('<%%VALUE(sic_code)%%>', htmlspecialchars($row['sic_code'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(sic_code)%%>', urlencode($urow['sic_code']), $templateCode); $templateCode = str_replace('<%%VALUE(created)%%>', @date('d/m/Y', @strtotime(htmlspecialchars($row['created'], ENT_QUOTES))), $templateCode); $templateCode = str_replace('<%%URLVALUE(created)%%>', urlencode(@date('d/m/Y', @strtotime(htmlspecialchars($urow['created'], ENT_QUOTES)))), $templateCode); $templateCode = str_replace('<%%VALUE(created_by)%%>', htmlspecialchars($row['created_by'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(created_by)%%>', urlencode($urow['created_by']), $templateCode); } else { $templateCode = str_replace('<%%VALUE(company_id)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(company_id)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(name)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(name)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(client)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(client)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(website)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(website)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(description)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(description)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(founded)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(founded)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(industry)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(industry)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(company_number)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(company_number)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(country_hq)%%>', 'United Kingdom', $templateCode); $templateCode = str_replace('<%%URLVALUE(country_hq)%%>', urlencode('United Kingdom'), $templateCode); $templateCode = str_replace('<%%VALUE(country_operations)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(country_operations)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(num_employees)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(num_employees)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(company_type)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(company_type)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(sic_code)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(sic_code)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(created)%%>', '<%%creationDate%%>', $templateCode); $templateCode = str_replace('<%%URLVALUE(created)%%>', urlencode('<%%creationDate%%>'), $templateCode); $templateCode = str_replace('<%%VALUE(created_by)%%>', '<%%creatorUsername%%>', $templateCode); $templateCode = str_replace('<%%URLVALUE(created_by)%%>', urlencode('<%%creatorUsername%%>'), $templateCode); } // process translations foreach ($Translation as $symbol => $trans) { $templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode); } // clear scrap $templateCode = str_replace('<%%', '<!-- ', $templateCode); $templateCode = str_replace('%%>', ' -->', $templateCode); // hide links to inaccessible tables if ($_POST['dvprint_x'] == '') { $templateCode .= "\n\n<script>jQuery(function(){\n"; $arrTables = getTableList(); foreach ($arrTables as $name => $caption) { $templateCode .= "\tjQuery('#{$name}_link').removeClass('hidden');\n"; $templateCode .= "\tjQuery('#xs_{$name}_link').removeClass('hidden');\n"; $templateCode .= "\tjQuery('[id^=\"{$name}_plink\"]').removeClass('hidden');\n"; } $templateCode .= $jsReadOnly; if (!$selected_id) { $templateCode .= "\n\tif(document.getElementById('websiteEdit')){ document.getElementById('websiteEdit').style.display='inline'; }"; $templateCode .= "\n\tif(document.getElementById('websiteEditLink')){ document.getElementById('websiteEditLink').style.display='none'; }"; } $templateCode .= "\n});</script>\n"; } // ajaxed auto-fill fields $templateCode .= "<script>"; $templateCode .= "document.observe('dom:loaded', function() {"; $templateCode .= "});"; $templateCode .= "</script>"; $templateCode .= $lookups; // handle enforced parent values for read-only lookup fields // don't include blank images in lightbox gallery $templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode); // don't display empty email links $templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode); // hook: companies_dv if (function_exists('companies_dv')) { $args = array(); companies_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args); } return $templateCode; }
function GetHTML($readOnly = false) { list($xy, $xm, $xd) = explode('-', $this->DefaultDate); //$y : render years combo $years = new Combo(); for ($i = $this->MinYear; $i <= $this->MaxYear; $i++) { $years->ListItem[] = $i; $years->ListData[] = $i; } $years->SelectName = $this->NamePrefix . 'Year'; $years->SelectID = $this->NamePrefix; $years->SelectedData = $xy; $years->Class = "{$this->CSSOptionClass} split-date"; $years->SelectedClass = $this->CSSSelectedClass; $years->ApplySelect2 = false; $years->Render(); $y = $readOnly ? substr($this->DefaultDate, 0, 4) : $years->HTML; //$m : render months combo $months = new Combo(); for ($i = 1; $i <= 12; $i++) { $months->ListData[] = $i; } $months->ListItem = explode(",", $this->MonthNames); $months->SelectName = $this->NamePrefix . 'Month'; $months->SelectID = $this->NamePrefix . '-mm'; $months->SelectedData = intval($xm); $months->Class = $this->CSSOptionClass; $months->SelectedClass = $this->CSSSelectedClass; $months->ApplySelect2 = false; $months->Render(); $m = $readOnly ? $xm : $months->HTML; //$d : render days combo $days = new Combo(); for ($i = 1; $i <= 31; $i++) { $days->ListItem[] = $i; $days->ListData[] = $i; } $days->SelectName = $this->NamePrefix . 'Day'; $days->SelectID = $this->NamePrefix . '-dd'; $days->SelectedData = intval($xd); $days->Class = $this->CSSOptionClass; $days->SelectedClass = $this->CSSSelectedClass; $days->ApplySelect2 = false; $days->Render(); $d = $readOnly ? $xd : $days->HTML; $df = $this->DateFormat; // contains date order 'myd', 'dmy' ... etc $read_only_date = ${$df[0]} . datalist_date_separator . ${$df[1]} . datalist_date_separator . ${$df[2]}; if ($read_only_date == datalist_date_separator . datalist_date_separator) { $read_only_date = ''; } //$read_only_date = '<p class="form-control-static">' . $read_only_date . '</p>'; $editable_date = '<div class="row">'; for ($i = 0; $i < 3; $i++) { switch ($df[$i]) { case 'd': $editable_date .= '<div class="col-xs-3 date_combo">' . $d . '</div>'; break; case 'm': $editable_date .= '<div class="col-xs-4 date_combo">' . $m . '</div>'; break; case 'y': $editable_date .= '<div class="col-xs-3 date_combo">' . $y . '</div>'; break; } if ($i == 2) { $editable_date .= '<div class="col-xs-2"><button class="btn btn-default" id="fd-but-' . $this->NamePrefix . '"><i class="glyphicon glyphicon-th"></i></button></div>'; } } $editable_date .= '</div>'; return $readOnly ? $read_only_date : $editable_date; }
function properties_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0) { // function to return an editable form for a table records // and fill it with data of record whose ID is $selected_id. If $selected_id // is empty, an empty form is shown, with only an 'Add New' // button displayed. global $Translation; // mm: get table permissions $arrPerm = getTablePermissions('properties'); if (!$arrPerm[1] && $selected_id == '') { return ''; } $AllowInsert = $arrPerm[1] ? true : false; // print preview? $dvprint = false; if ($selected_id && $_REQUEST['dvprint_x'] != '') { $dvprint = true; } $filterer_owner = thisOr(undo_magic_quotes($_REQUEST['filterer_owner']), ''); // populate filterers, starting from children to grand-parents // unique random identifier $rnd1 = $dvprint ? rand(1000000, 9999999) : ''; // combobox: type $combo_type = new Combo(); $combo_type->ListType = 2; $combo_type->MultipleSeparator = ', '; $combo_type->ListBoxHeight = 10; $combo_type->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/properties.type.csv')) { $type_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/properties.type.csv'))); $combo_type->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($type_data))); $combo_type->ListData = $combo_type->ListItem; } else { $combo_type->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Residential;;Commercial;;Condo/Townhome;;Multi-Family;;Single-Family;;stores;;office;;shops"))); $combo_type->ListData = $combo_type->ListItem; } $combo_type->SelectName = 'type'; $combo_type->AllowNull = false; // combobox: owner $combo_owner = new DataCombo(); // combobox: operating_account $combo_operating_account = new Combo(); $combo_operating_account->ListType = 0; $combo_operating_account->MultipleSeparator = ', '; $combo_operating_account->ListBoxHeight = 10; $combo_operating_account->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/properties.operating_account.csv')) { $operating_account_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/properties.operating_account.csv'))); $combo_operating_account->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($operating_account_data))); $combo_operating_account->ListData = $combo_operating_account->ListItem; } else { $combo_operating_account->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Operating bank account;;Security deposit bank account"))); $combo_operating_account->ListData = $combo_operating_account->ListItem; } $combo_operating_account->SelectName = 'operating_account'; // combobox: country $combo_country = new Combo(); $combo_country->ListType = 0; $combo_country->MultipleSeparator = ', '; $combo_country->ListBoxHeight = 10; $combo_country->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/properties.country.csv')) { $country_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/properties.country.csv'))); $combo_country->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($country_data))); $combo_country->ListData = $combo_country->ListItem; } else { $combo_country->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Afghanistan;;Albania;;Algeria;;American Samoa;;Andorra;;Angola;;Anguilla;;Antarctica;;Antigua, Barbuda;;Argentina;;Armenia;;Aruba;;Australia;;Austria;;Azerbaijan;;Bahamas;;Bahrain;;Bangladesh;;Barbados;;Belarus;;Belgium;;Belize;;Benin;;Bermuda;;Bhutan;;Bolivia;;Bosnia, Herzegovina;;Botswana;;Bouvet Is.;;Brazil;;Brunei Darussalam;;Bulgaria;;Burkina Faso;;Burundi;;Cambodia;;Cameroon;;Canada;;Canary Is.;;Cape Verde;;Cayman Is.;;Central African Rep.;;Chad;;Channel Islands;;Chile;;China;;Christmas Is.;;Cocos Is.;;Colombia;;Comoros;;Congo, D.R. Of;;Congo;;Cook Is.;;Costa Rica;;Croatia;;Cuba;;Cyprus;;Czech Republic;;Denmark;;Djibouti;;Dominica;;Dominican Republic;;Ecuador;;Egypt;;El Salvador;;Equatorial Guinea;;Eritrea;;Estonia;;Ethiopia;;Falkland Is.;;Faroe Is.;;Fiji;;Finland;;France;;French Guiana;;French Polynesia;;French Territories;;Gabon;;Gambia;;Georgia;;Germany;;Ghana;;Gibraltar;;Greece;;Greenland;;Grenada;;Guadeloupe;;Guam;;Guatemala;;Guernsey;;Guinea-bissau;;Guinea;;Guyana;;Haiti;;Heard, Mcdonald Is.;;Honduras;;Hong Kong;;Hungary;;Iceland;;India;;Indonesia;;Iran;;Iraq;;Ireland;;Israel;;Italy;;Ivory Coast;;Jamaica;;Japan;;Jersey;;Jordan;;Kazakhstan;;Kenya;;Kiribati;;Korea, D.P.R Of;;Korea, Rep. Of;;Kuwait;;Kyrgyzstan;;Lao Peoples D.R.;;Latvia;;Lebanon;;Lesotho;;Liberia;;Libyan Arab Jamahiriya;;Liechtenstein;;Lithuania;;Luxembourg;;Macao;;Macedonia, F.Y.R Of;;Madagascar;;Malawi;;Malaysia;;Maldives;;Mali;;Malta;;Mariana Islands;;Marshall Islands;;Martinique;;Mauritania;;Mauritius;;Mayotte;;Mexico;;Micronesia;;Moldova;;Monaco;;Mongolia;;Montserrat;;Morocco;;Mozambique;;Myanmar;;Namibia;;Nauru;;Nepal;;Netherlands Antilles;;Netherlands;;New Caledonia;;New Zealand;;Nicaragua;;Niger;;Nigeria;;Niue;;Norfolk Island;;Norway;;Oman;;Pakistan;;Palau;;Palestinian Terr.;;Panama;;Papua New Guinea;;Paraguay;;Peru;;Philippines;;Pitcairn;;Poland;;Portugal;;Puerto Rico;;Qatar;;Reunion;;Romania;;Russian Federation;;Rwanda;;Samoa;;San Marino;;Sao Tome, Principe;;Saudi Arabia;;Senegal;;Seychelles;;Sierra Leone;;Singapore;;Slovakia;;Slovenia;;Solomon Is.;;Somalia;;South Africa;;South Georgia;;South Sandwich Is.;;Spain;;Sri Lanka;;St. Helena;;St. Kitts, Nevis;;St. Lucia;;St. Pierre, Miquelon;;St. Vincent, Grenadines;;Sudan;;Suriname;;Svalbard, Jan Mayen;;Swaziland;;Sweden;;Switzerland;;Syrian Arab Republic;;Taiwan;;Tajikistan;;Tanzania;;Thailand;;Timor-leste;;Togo;;Tokelau;;Tonga;;Trinidad, Tobago;;Tunisia;;Turkey;;Turkmenistan;;Turks, Caicoss;;Tuvalu;;Uganda;;Ukraine;;United Arab Emirates;;United Kingdom;;United States;;Uruguay;;Uzbekistan;;Vanuatu;;Vatican City;;Venezuela;;Viet Nam;;Virgin Is. British;;Virgin Is. U.S.;;Wallis, Futuna;;Western Sahara;;Yemen;;Yugoslavia;;Zambia;;Zimbabwe"))); $combo_country->ListData = $combo_country->ListItem; } $combo_country->SelectName = 'country'; // combobox: State $combo_State = new Combo(); $combo_State->ListType = 0; $combo_State->MultipleSeparator = ', '; $combo_State->ListBoxHeight = 10; $combo_State->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/properties.State.csv')) { $State_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/properties.State.csv'))); $combo_State->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($State_data))); $combo_State->ListData = $combo_State->ListItem; } else { $combo_State->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("AL;;AK;;AS;;AZ;;AR;;CA;;CO;;CT;;DE;;DC;;FM;;FL;;GA;;GU;;HI;;ID;;IL;;IN;;IA;;KS;;KY;;LA;;ME;;MH;;MD;;MA;;MI;;MN;;MS;;MO;;MT;;NE;;NV;;NH;;NJ;;NM;;NY;;NC;;ND;;MP;;OH;;OK;;OR;;PW;;PA;;PR;;RI;;SC;;SD;;TN;;TX;;UT;;VT;;VI;;VA;;WA;;WV;;WI;;WY"))); $combo_State->ListData = $combo_State->ListItem; } $combo_State->SelectName = 'State'; if ($selected_id) { // mm: check member permissions if (!$arrPerm[2]) { return ""; } // mm: who is the owner? $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='properties' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='properties' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) { return ""; } if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) { return ""; } // can edit? if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { $AllowUpdate = 1; } else { $AllowUpdate = 0; } $res = sql("select * from `properties` where `id`='" . makeSafe($selected_id) . "'", $eo); if (!($row = db_fetch_array($res))) { return error_message($Translation['No records found']); } $urow = $row; /* unsanitized data */ $hc = new CI_Input(); $row = $hc->xss_clean($row); /* sanitize data */ $combo_type->SelectedData = $row['type']; $combo_owner->SelectedData = $row['owner']; $combo_operating_account->SelectedData = $row['operating_account']; $combo_country->SelectedData = $row['country']; $combo_State->SelectedData = $row['State']; } else { $combo_type->SelectedText = $_REQUEST['FilterField'][1] == '3' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; $combo_owner->SelectedData = $filterer_owner; $combo_operating_account->SelectedText = $_REQUEST['FilterField'][1] == '7' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; $combo_country->SelectedText = $_REQUEST['FilterField'][1] == '10' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; $combo_State->SelectedText = $_REQUEST['FilterField'][1] == '13' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; } $combo_type->Render(); $combo_owner->HTML = '<span id="owner-container' . $rnd1 . '"></span><input type="hidden" name="owner" id="owner' . $rnd1 . '">'; $combo_owner->MatchText = '<span id="owner-container-readonly' . $rnd1 . '"></span><input type="hidden" name="owner" id="owner' . $rnd1 . '">'; $combo_operating_account->Render(); $combo_country->Render(); $combo_State->Render(); ob_start(); ?> <script> // initial lookup values var current_owner__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['owner'] : $filterer_owner); ?> "}; jQuery(function() { owner_reload__RAND__(); }); function owner_reload__RAND__(){ <?php if (($AllowUpdate || $AllowInsert) && !$dvprint) { ?> jQuery("#owner-container__RAND__").select2({ /* initial default value */ initSelection: function(e, c){ jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_owner__RAND__.value, t: 'properties', f: 'owner' } }).done(function(resp){ c({ id: resp.results[0].id, text: resp.results[0].text }); jQuery('[name="owner"]').val(resp.results[0].id); jQuery('[id=owner-container-readonly__RAND__]').html('<span id="owner-match-text">' + resp.results[0].text + '</span>'); if(typeof(owner_update_autofills__RAND__) == 'function') owner_update_autofills__RAND__(); }); }, width: '100%', formatNoMatches: function(term){ return '<?php echo addslashes($Translation['No matches found!']); ?> '; }, minimumResultsForSearch: 10, loadMorePadding: 200, ajax: { url: 'ajax_combo.php', dataType: 'json', cache: true, data: function(term, page){ return { s: term, p: page, t: 'properties', f: 'owner' }; }, results: function(resp, page){ return resp; } } }).on('change', function(e){ current_owner__RAND__.value = e.added.id; current_owner__RAND__.text = e.added.text; jQuery('[name="owner"]').val(e.added.id); if(typeof(owner_update_autofills__RAND__) == 'function') owner_update_autofills__RAND__(); }); <?php } else { ?> jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_owner__RAND__.value, t: 'properties', f: 'owner' } }).done(function(resp){ jQuery('[id=owner-container__RAND__], [id=owner-container-readonly__RAND__]').html('<span id="owner-match-text">' + resp.results[0].text + '</span>'); if(typeof(owner_update_autofills__RAND__) == 'function') owner_update_autofills__RAND__(); }); <?php } ?> } </script> <?php $lookups = str_replace('__RAND__', $rnd1, ob_get_contents()); ob_end_clean(); // code for template based detail view forms // open the detail view template if ($dvprint) { $templateCode = @file_get_contents('./templates/properties_templateDVP.html'); } else { $templateCode = @file_get_contents('./templates/properties_templateDV.html'); } // process form title $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Property details', $templateCode); $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode); $templateCode = str_replace('<%%EMBEDDED%%>', $_REQUEST['Embedded'] ? 'Embedded=1' : '', $templateCode); // process buttons if ($AllowInsert) { if (!$selected_id) { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return properties_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode); } $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return properties_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode); } // 'Back' button action if ($_REQUEST['Embedded']) { $backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;'; } else { $backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;'; } if ($selected_id) { if (!$_REQUEST['Embedded']) { $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode); } if ($AllowUpdate) { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return properties_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); } if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) { // allow delete? $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); } $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode); } // set records to read only if user can't insert new records and can't edit current record if ($selected_id && !$AllowUpdate && !$AllowInsert || !$selected_id && !$AllowInsert) { $jsReadOnly .= "\tjQuery('#property_name').replaceWith('<p class=\"form-control-static\" id=\"property_name\">' + (jQuery('#property_name').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('input[name=type]').parent().html('<p class=\"form-control-static\">' + jQuery('input[name=type]:checked').next().text() + '</p>')\n"; $jsReadOnly .= "\tjQuery('#number_of_units').replaceWith('<p class=\"form-control-static\" id=\"number_of_units\">' + (jQuery('#number_of_units').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#photo').replaceWith('<p class=\"form-control-static\" id=\"photo\">' + (jQuery('#photo').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#owner').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#owner_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n"; $jsReadOnly .= "\tjQuery('#country').replaceWith('<p class=\"form-control-static\" id=\"country\">' + (jQuery('#country').val() || '') + '</p>'); jQuery('#country-multi-selection-help').hide();\n"; $jsReadOnly .= "\tjQuery('#street').replaceWith('<p class=\"form-control-static\" id=\"street\">' + (jQuery('#street').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#City').replaceWith('<p class=\"form-control-static\" id=\"City\">' + (jQuery('#City').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#State').replaceWith('<p class=\"form-control-static\" id=\"State\">' + (jQuery('#State').val() || '') + '</p>'); jQuery('#State-multi-selection-help').hide();\n"; $jsReadOnly .= "\tjQuery('#ZIP').replaceWith('<p class=\"form-control-static\" id=\"ZIP\">' + (jQuery('#ZIP').val() || '') + '</p>');\n"; $noUploads = true; } elseif ($AllowInsert) { $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler } // process combos $templateCode = str_replace('<%%COMBO(type)%%>', $combo_type->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(type)%%>', $combo_type->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(owner)%%>', $combo_owner->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(owner)%%>', $combo_owner->MatchText, $templateCode); $templateCode = str_replace('<%%URLCOMBOTEXT(owner)%%>', urlencode($combo_owner->MatchText), $templateCode); $templateCode = str_replace('<%%COMBO(operating_account)%%>', $combo_operating_account->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(operating_account)%%>', $combo_operating_account->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(country)%%>', $combo_country->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(country)%%>', $combo_country->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(State)%%>', $combo_State->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(State)%%>', $combo_State->SelectedData, $templateCode); // process foreign key links if ($selected_id) { $templateCode = str_replace('<%%PLINK(owner)%%>', $combo_owner->SelectedData ? "<span id=\"rental_owners_plink1\" class=\"hidden\"><a class=\"btn btn-default\" href=\"rental_owners_view.php?SelectedID=" . urlencode($combo_owner->SelectedData) . "\"><i class=\"glyphicon glyphicon-search\"></i></a></span>" : '', $templateCode); } // process images $templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(property_name)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(type)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(number_of_units)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(photo)%%>', $noUploads ? '' : '<br><input type=hidden name=MAX_FILE_SIZE value=1024000>' . $Translation['upload image'] . ' <input type="file" name="photo">', $templateCode); if ($AllowUpdate && $row['photo'] != '') { $templateCode = str_replace('<%%REMOVEFILE(photo)%%>', '<br><input type="checkbox" name="photo_remove" id="photo_remove" value="1"> <label for="photo_remove" style="color: red; font-weight: bold;">' . $Translation['remove image'] . '</label>', $templateCode); } else { $templateCode = str_replace('<%%REMOVEFILE(photo)%%>', '', $templateCode); } $templateCode = str_replace('<%%UPLOADFILE(owner)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(operating_account)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(property_reserve)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(lease_term)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(country)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(street)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(City)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(State)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(ZIP)%%>', '', $templateCode); // process values if ($selected_id) { $templateCode = str_replace('<%%VALUE(id)%%>', htmlspecialchars($row['id'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode); $templateCode = str_replace('<%%VALUE(property_name)%%>', htmlspecialchars($row['property_name'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(property_name)%%>', urlencode($urow['property_name']), $templateCode); $templateCode = str_replace('<%%VALUE(type)%%>', htmlspecialchars($row['type'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(type)%%>', urlencode($urow['type']), $templateCode); $templateCode = str_replace('<%%VALUE(number_of_units)%%>', htmlspecialchars($row['number_of_units'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(number_of_units)%%>', urlencode($urow['number_of_units']), $templateCode); $row['photo'] = $row['photo'] != '' ? $row['photo'] : 'blank.gif'; $templateCode = str_replace('<%%VALUE(photo)%%>', htmlspecialchars($row['photo'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(photo)%%>', urlencode($urow['photo']), $templateCode); $templateCode = str_replace('<%%VALUE(owner)%%>', htmlspecialchars($row['owner'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(owner)%%>', urlencode($urow['owner']), $templateCode); $templateCode = str_replace('<%%VALUE(operating_account)%%>', htmlspecialchars($row['operating_account'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(operating_account)%%>', urlencode($urow['operating_account']), $templateCode); $templateCode = str_replace('<%%VALUE(property_reserve)%%>', htmlspecialchars($row['property_reserve'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(property_reserve)%%>', urlencode($urow['property_reserve']), $templateCode); $templateCode = str_replace('<%%VALUE(lease_term)%%>', htmlspecialchars($row['lease_term'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(lease_term)%%>', urlencode($urow['lease_term']), $templateCode); $templateCode = str_replace('<%%VALUE(country)%%>', htmlspecialchars($row['country'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(country)%%>', urlencode($urow['country']), $templateCode); $templateCode = str_replace('<%%VALUE(street)%%>', htmlspecialchars($row['street'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(street)%%>', urlencode($urow['street']), $templateCode); $templateCode = str_replace('<%%VALUE(City)%%>', htmlspecialchars($row['City'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(City)%%>', urlencode($urow['City']), $templateCode); $templateCode = str_replace('<%%VALUE(State)%%>', htmlspecialchars($row['State'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(State)%%>', urlencode($urow['State']), $templateCode); $templateCode = str_replace('<%%VALUE(ZIP)%%>', htmlspecialchars($row['ZIP'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(ZIP)%%>', urlencode($urow['ZIP']), $templateCode); } else { $templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(property_name)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(property_name)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(type)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(type)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(number_of_units)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(number_of_units)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(photo)%%>', 'blank.gif', $templateCode); $templateCode = str_replace('<%%VALUE(owner)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(owner)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(operating_account)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(operating_account)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(property_reserve)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(property_reserve)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(lease_term)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(lease_term)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(country)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(country)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(street)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(street)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(City)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(City)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(State)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(State)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(ZIP)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(ZIP)%%>', urlencode(''), $templateCode); } // process translations foreach ($Translation as $symbol => $trans) { $templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode); } // clear scrap $templateCode = str_replace('<%%', '<!-- ', $templateCode); $templateCode = str_replace('%%>', ' -->', $templateCode); // hide links to inaccessible tables if ($_POST['dvprint_x'] == '') { $templateCode .= "\n\n<script>\$j(function(){\n"; $arrTables = getTableList(); foreach ($arrTables as $name => $caption) { $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n"; $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n"; $templateCode .= "\t\$j('[id^=\"{$name}_plink\"]').removeClass('hidden');\n"; } $templateCode .= $jsReadOnly; $templateCode .= $jsEditable; if (!$selected_id) { } $templateCode .= "\n});</script>\n"; } // ajaxed auto-fill fields $templateCode .= '<script>'; $templateCode .= '$j(function() {'; $templateCode .= "});"; $templateCode .= "</script>"; $templateCode .= $lookups; // handle enforced parent values for read-only lookup fields // don't include blank images in lightbox gallery $templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode); // don't display empty email links $templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode); // hook: properties_dv if (function_exists('properties_dv')) { $args = array(); properties_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args); } return $templateCode; }
function entries_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0) { // function to return an editable form for a table records // and fill it with data of record whose ID is $selected_id. If $selected_id // is empty, an empty form is shown, with only an 'Add New' // button displayed. global $Translation; // mm: get table permissions $arrPerm = getTablePermissions('entries'); if (!$arrPerm[1] && $selected_id == '') { return ''; } // print preview? $dvprint = false; if ($selected_id && $_REQUEST['dvprint_x'] != '') { $dvprint = true; } $filterer_report = thisOr(undo_magic_quotes($_REQUEST['filterer_report']), ''); $filterer_outcome = thisOr(undo_magic_quotes($_REQUEST['filterer_outcome']), ''); $filterer_indicator = thisOr(undo_magic_quotes($_REQUEST['filterer_indicator']), ''); $filterer_beneficiary_group = thisOr(undo_magic_quotes($_REQUEST['filterer_beneficiary_group']), ''); // populate filterers, starting from children to grand-parents if ($filterer_indicator && !$filterer_outcome) { $filterer_outcome = sqlValue("select outcome from indicators where indicator_id='" . makeSafe($filterer_indicator) . "'"); } // unique random identifier $rnd1 = $dvprint ? rand(1000000, 9999999) : ''; // combobox: created $combo_created = new DateCombo(); $combo_created->DateFormat = "dmy"; $combo_created->MinYear = 1900; $combo_created->MaxYear = 2100; $combo_created->DefaultDate = parseMySQLDate('<%%creationDate%%>', '<%%creationDate%%>'); $combo_created->MonthNames = $Translation['month names']; $combo_created->NamePrefix = 'created'; // combobox: report $combo_report = new DataCombo(); // combobox: outcome $combo_outcome = new DataCombo(); // combobox: indicator, filterable by: outcome $combo_indicator = new DataCombo(); // combobox: beneficiary_group $combo_beneficiary_group = new DataCombo(); // combobox: beneficiary_group_relevance $combo_beneficiary_group_relevance = new Combo(); $combo_beneficiary_group_relevance->ListType = 0; $combo_beneficiary_group_relevance->MultipleSeparator = ', '; $combo_beneficiary_group_relevance->ListBoxHeight = 10; $combo_beneficiary_group_relevance->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/entries.beneficiary_group_relevance.csv')) { $beneficiary_group_relevance_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/entries.beneficiary_group_relevance.csv'))); $combo_beneficiary_group_relevance->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($beneficiary_group_relevance_data))); $combo_beneficiary_group_relevance->ListData = $combo_beneficiary_group_relevance->ListItem; } else { $combo_beneficiary_group_relevance->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("1;;2;;3;;4;;5"))); $combo_beneficiary_group_relevance->ListData = $combo_beneficiary_group_relevance->ListItem; } $combo_beneficiary_group_relevance->SelectName = 'beneficiary_group_relevance'; // combobox: reliability $combo_reliability = new Combo(); $combo_reliability->ListType = 0; $combo_reliability->MultipleSeparator = ', '; $combo_reliability->ListBoxHeight = 10; $combo_reliability->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/entries.reliability.csv')) { $reliability_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/entries.reliability.csv'))); $combo_reliability->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($reliability_data))); $combo_reliability->ListData = $combo_reliability->ListItem; } else { $combo_reliability->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("1;;2;;3;;4;;5"))); $combo_reliability->ListData = $combo_reliability->ListItem; } $combo_reliability->SelectName = 'reliability'; // combobox: intentionality $combo_intentionality = new Combo(); $combo_intentionality->ListType = 0; $combo_intentionality->MultipleSeparator = ', '; $combo_intentionality->ListBoxHeight = 10; $combo_intentionality->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/entries.intentionality.csv')) { $intentionality_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/entries.intentionality.csv'))); $combo_intentionality->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($intentionality_data))); $combo_intentionality->ListData = $combo_intentionality->ListItem; } else { $combo_intentionality->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("1;;2;;3;;4;;5"))); $combo_intentionality->ListData = $combo_intentionality->ListItem; } $combo_intentionality->SelectName = 'intentionality'; // combobox: equivalence $combo_equivalence = new Combo(); $combo_equivalence->ListType = 0; $combo_equivalence->MultipleSeparator = ', '; $combo_equivalence->ListBoxHeight = 10; $combo_equivalence->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/entries.equivalence.csv')) { $equivalence_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/entries.equivalence.csv'))); $combo_equivalence->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($equivalence_data))); $combo_equivalence->ListData = $combo_equivalence->ListItem; } else { $combo_equivalence->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("1;;2;;3;;4;;5"))); $combo_equivalence->ListData = $combo_equivalence->ListItem; } $combo_equivalence->SelectName = 'equivalence'; if ($selected_id) { // mm: check member permissions if (!$arrPerm[2]) { return ""; } // mm: who is the owner? $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='entries' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='entries' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) { return ""; } if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) { return ""; } // can edit? if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { $AllowUpdate = 1; } else { $AllowUpdate = 0; } $res = sql("select * from `entries` where `entry_id`='" . makeSafe($selected_id) . "'", $eo); $row = mysql_fetch_array($res); $urow = $row; /* unsanitized data */ $hc = new CI_Input(); $row = $hc->xss_clean($row); /* sanitize data */ $combo_created->DefaultDate = $row['created']; $combo_report->SelectedData = $row['report']; $combo_outcome->SelectedData = $row['outcome']; $combo_indicator->SelectedData = $row['indicator']; $combo_beneficiary_group->SelectedData = $row['beneficiary_group']; $combo_beneficiary_group_relevance->SelectedData = $row['beneficiary_group_relevance']; $combo_reliability->SelectedData = $row['reliability']; $combo_intentionality->SelectedData = $row['intentionality']; $combo_equivalence->SelectedData = $row['equivalence']; } else { $combo_report->SelectedData = $filterer_report; $combo_outcome->SelectedData = $filterer_outcome; $combo_indicator->SelectedData = $filterer_indicator; $combo_beneficiary_group->SelectedData = $filterer_beneficiary_group; $combo_beneficiary_group_relevance->SelectedText = $_REQUEST['FilterField'][1] == '10' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; $combo_reliability->SelectedText = $_REQUEST['FilterField'][1] == '13' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; $combo_intentionality->SelectedText = $_REQUEST['FilterField'][1] == '14' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; $combo_equivalence->SelectedText = $_REQUEST['FilterField'][1] == '15' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; } $combo_report->HTML = $combo_report->MatchText = '<span id="report-container' . $rnd1 . '"></span><input type="hidden" name="report" id="report' . $rnd1 . '">'; $combo_outcome->HTML = $combo_outcome->MatchText = '<span id="outcome-container' . $rnd1 . '"></span><input type="hidden" name="outcome" id="outcome' . $rnd1 . '">'; $combo_indicator->HTML = $combo_indicator->MatchText = '<span id="indicator-container' . $rnd1 . '"></span><input type="hidden" name="indicator" id="indicator' . $rnd1 . '">'; $combo_beneficiary_group->HTML = $combo_beneficiary_group->MatchText = '<span id="beneficiary_group-container' . $rnd1 . '"></span><input type="hidden" name="beneficiary_group" id="beneficiary_group' . $rnd1 . '">'; $combo_beneficiary_group_relevance->Render(); $combo_reliability->Render(); $combo_intentionality->Render(); $combo_equivalence->Render(); ob_start(); ?> <script> // initial lookup values var current_report__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['report'] : $filterer_report); ?> "}; var current_outcome__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['outcome'] : $filterer_outcome); ?> "}; var current_indicator__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['indicator'] : $filterer_indicator); ?> "}; var current_beneficiary_group__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['beneficiary_group'] : $filterer_beneficiary_group); ?> "}; jQuery(function() { report_reload__RAND__(); outcome_reload__RAND__(); <?php echo !$AllowUpdate || $dvprint ? 'indicator_reload__RAND__(current_outcome__RAND__.value);' : ''; ?> beneficiary_group_reload__RAND__(); }); function report_reload__RAND__(){ <?php if (($AllowUpdate || $AllowInsert) && !$dvprint) { ?> jQuery("#report-container__RAND__").select2({ /* initial default value */ initSelection: function(e, c){ jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_report__RAND__.value, t: 'entries', f: 'report' } }).done(function(resp){ c({ id: resp.results[0].id, text: resp.results[0].text }); jQuery('[name="report"]').val(resp.results[0].id); if(typeof(report_update_autofills__RAND__) == 'function') report_update_autofills__RAND__(); }); }, width: '100%', formatNoMatches: function(term){ return '<?php echo addslashes($Translation['No matches found!']); ?> '; }, minimumResultsForSearch: 10, loadMorePadding: 200, ajax: { url: 'ajax_combo.php', dataType: 'json', cache: true, data: function(term, page){ return { s: term, p: page, t: 'entries', f: 'report' }; }, results: function(resp, page){ return resp; } } }).on('change', function(e){ current_report__RAND__.value = e.added.id; current_report__RAND__.text = e.added.text; jQuery('[name="report"]').val(e.added.id); if(typeof(report_update_autofills__RAND__) == 'function') report_update_autofills__RAND__(); }); <?php } else { ?> jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_report__RAND__.value, t: 'entries', f: 'report' } }).done(function(resp){ jQuery('#report-container__RAND__').html('<span id="report-match-text">' + resp.results[0].text + '</span>'); if(typeof(report_update_autofills__RAND__) == 'function') report_update_autofills__RAND__(); }); <?php } ?> } function outcome_reload__RAND__(){ <?php if (($AllowUpdate || $AllowInsert) && !$dvprint) { ?> jQuery("#outcome-container__RAND__").select2({ /* initial default value */ initSelection: function(e, c){ jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_outcome__RAND__.value, t: 'entries', f: 'outcome' } }).done(function(resp){ c({ id: resp.results[0].id, text: resp.results[0].text }); jQuery('[name="outcome"]').val(resp.results[0].id); indicator_reload__RAND__(current_outcome__RAND__.value); if(typeof(outcome_update_autofills__RAND__) == 'function') outcome_update_autofills__RAND__(); }); }, width: '100%', formatNoMatches: function(term){ return '<?php echo addslashes($Translation['No matches found!']); ?> '; }, minimumResultsForSearch: 10, loadMorePadding: 200, ajax: { url: 'ajax_combo.php', dataType: 'json', cache: true, data: function(term, page){ return { s: term, p: page, t: 'entries', f: 'outcome' }; }, results: function(resp, page){ return resp; } } }).on('change', function(e){ current_outcome__RAND__.value = e.added.id; current_outcome__RAND__.text = e.added.text; jQuery('[name="outcome"]').val(e.added.id); indicator_reload__RAND__(current_outcome__RAND__.value); if(typeof(outcome_update_autofills__RAND__) == 'function') outcome_update_autofills__RAND__(); }); <?php } else { ?> jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_outcome__RAND__.value, t: 'entries', f: 'outcome' } }).done(function(resp){ jQuery('#outcome-container__RAND__').html('<span id="outcome-match-text">' + resp.results[0].text + '</span>'); if(typeof(outcome_update_autofills__RAND__) == 'function') outcome_update_autofills__RAND__(); }); <?php } ?> } function indicator_reload__RAND__(filterer_outcome){ <?php if (($AllowUpdate || $AllowInsert) && !$dvprint) { ?> jQuery("#indicator-container__RAND__").select2({ /* initial default value */ initSelection: function(e, c){ jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { filterer_outcome: filterer_outcome, id: current_indicator__RAND__.value, t: 'entries', f: 'indicator' } }).done(function(resp){ c({ id: resp.results[0].id, text: resp.results[0].text }); jQuery('[name="indicator"]').val(resp.results[0].id); if(typeof(indicator_update_autofills__RAND__) == 'function') indicator_update_autofills__RAND__(); }); }, width: '100%', formatNoMatches: function(term){ return '<?php echo addslashes($Translation['No matches found!']); ?> '; }, minimumResultsForSearch: 10, loadMorePadding: 200, ajax: { url: 'ajax_combo.php', dataType: 'json', cache: true, data: function(term, page){ return { filterer_outcome: filterer_outcome, s: term, p: page, t: 'entries', f: 'indicator' }; }, results: function(resp, page){ return resp; } } }).on('change', function(e){ current_indicator__RAND__.value = e.added.id; current_indicator__RAND__.text = e.added.text; jQuery('[name="indicator"]').val(e.added.id); if(typeof(indicator_update_autofills__RAND__) == 'function') indicator_update_autofills__RAND__(); }); <?php } else { ?> jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_indicator__RAND__.value, t: 'entries', f: 'indicator' } }).done(function(resp){ jQuery('#indicator-container__RAND__').html('<span id="indicator-match-text">' + resp.results[0].text + '</span>'); if(typeof(indicator_update_autofills__RAND__) == 'function') indicator_update_autofills__RAND__(); }); <?php } ?> } function beneficiary_group_reload__RAND__(){ <?php if (($AllowUpdate || $AllowInsert) && !$dvprint) { ?> jQuery("#beneficiary_group-container__RAND__").select2({ /* initial default value */ initSelection: function(e, c){ jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_beneficiary_group__RAND__.value, t: 'entries', f: 'beneficiary_group' } }).done(function(resp){ c({ id: resp.results[0].id, text: resp.results[0].text }); jQuery('[name="beneficiary_group"]').val(resp.results[0].id); if(typeof(beneficiary_group_update_autofills__RAND__) == 'function') beneficiary_group_update_autofills__RAND__(); }); }, width: '100%', formatNoMatches: function(term){ return '<?php echo addslashes($Translation['No matches found!']); ?> '; }, minimumResultsForSearch: 10, loadMorePadding: 200, ajax: { url: 'ajax_combo.php', dataType: 'json', cache: true, data: function(term, page){ return { s: term, p: page, t: 'entries', f: 'beneficiary_group' }; }, results: function(resp, page){ return resp; } } }).on('change', function(e){ current_beneficiary_group__RAND__.value = e.added.id; current_beneficiary_group__RAND__.text = e.added.text; jQuery('[name="beneficiary_group"]').val(e.added.id); if(typeof(beneficiary_group_update_autofills__RAND__) == 'function') beneficiary_group_update_autofills__RAND__(); }); <?php } else { ?> jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_beneficiary_group__RAND__.value, t: 'entries', f: 'beneficiary_group' } }).done(function(resp){ jQuery('#beneficiary_group-container__RAND__').html('<span id="beneficiary_group-match-text">' + resp.results[0].text + '</span>'); if(typeof(beneficiary_group_update_autofills__RAND__) == 'function') beneficiary_group_update_autofills__RAND__(); }); <?php } ?> } </script> <?php $lookups = str_replace('__RAND__', $rnd1, ob_get_contents()); ob_end_clean(); // code for template based detail view forms // open the detail view template if ($dvprint) { $templateCode = @file_get_contents('./templates/entries_templateDVP.html'); } else { $templateCode = @file_get_contents('./templates/entries_templateDV.html'); } // process form title $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Entry details', $templateCode); $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode); // process buttons if ($arrPerm[1]) { // allow insert? if (!$selected_id) { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return entries_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode); } $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return entries_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode); } // 'Back' button action if ($_REQUEST['Embedded']) { $backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;'; } else { $backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;'; } if ($selected_id) { if (!$_REQUEST['Embedded']) { $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode); } if ($AllowUpdate) { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return entries_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); } if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) { // allow delete? $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); } $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button tabindex="2" type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode); } // set records to read only if user can't insert new records and can't edit current record if ($selected_id && !$AllowUpdate && !$arrPerm[1] || !$selected_id && !$arrPerm[1]) { $jsReadOnly .= "\tjQuery('#report').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#report_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n"; $jsReadOnly .= "\tjQuery('#outcome').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#outcome_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n"; $jsReadOnly .= "\tjQuery('#indicator').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#indicator_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n"; $jsReadOnly .= "\tjQuery('#score').replaceWith('<p class=\"form-control-static\" id=\"score\">' + (jQuery('#score').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#beneficiary_group').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#beneficiary_group_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n"; $jsReadOnly .= "\tjQuery('#beneficiary_group_relevance').replaceWith('<p class=\"form-control-static\" id=\"beneficiary_group_relevance\">' + (jQuery('#beneficiary_group_relevance').val() || '') + '</p>'); jQuery('#beneficiary_group_relevance-multi-selection-help').hide();\n"; $jsReadOnly .= "\tjQuery('#comment').replaceWith('<p class=\"form-control-static\" id=\"comment\">' + (jQuery('#comment').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#reference').replaceWith('<p class=\"form-control-static\" id=\"reference\">' + (jQuery('#reference').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#reliability').replaceWith('<p class=\"form-control-static\" id=\"reliability\">' + (jQuery('#reliability').val() || '') + '</p>'); jQuery('#reliability-multi-selection-help').hide();\n"; $jsReadOnly .= "\tjQuery('#intentionality').replaceWith('<p class=\"form-control-static\" id=\"intentionality\">' + (jQuery('#intentionality').val() || '') + '</p>'); jQuery('#intentionality-multi-selection-help').hide();\n"; $jsReadOnly .= "\tjQuery('#equivalence').replaceWith('<p class=\"form-control-static\" id=\"equivalence\">' + (jQuery('#equivalence').val() || '') + '</p>'); jQuery('#equivalence-multi-selection-help').hide();\n"; $noUploads = true; } // process combos $templateCode = str_replace('<%%COMBO(created)%%>', $selected_id && !$arrPerm[3] ? '<p class="form-control-static">' . $combo_created->GetHTML(true) . '</p>' : $combo_created->GetHTML(), $templateCode); $templateCode = str_replace('<%%COMBOTEXT(created)%%>', $combo_created->GetHTML(true), $templateCode); $templateCode = str_replace('<%%COMBO(report)%%>', $combo_report->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(report)%%>', $combo_report->MatchText, $templateCode); $templateCode = str_replace('<%%URLCOMBOTEXT(report)%%>', urlencode($combo_report->MatchText), $templateCode); $templateCode = str_replace('<%%COMBO(outcome)%%>', $combo_outcome->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(outcome)%%>', $combo_outcome->MatchText, $templateCode); $templateCode = str_replace('<%%URLCOMBOTEXT(outcome)%%>', urlencode($combo_outcome->MatchText), $templateCode); $templateCode = str_replace('<%%COMBO(indicator)%%>', $combo_indicator->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(indicator)%%>', $combo_indicator->MatchText, $templateCode); $templateCode = str_replace('<%%URLCOMBOTEXT(indicator)%%>', urlencode($combo_indicator->MatchText), $templateCode); $templateCode = str_replace('<%%COMBO(beneficiary_group)%%>', $combo_beneficiary_group->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(beneficiary_group)%%>', $combo_beneficiary_group->MatchText, $templateCode); $templateCode = str_replace('<%%URLCOMBOTEXT(beneficiary_group)%%>', urlencode($combo_beneficiary_group->MatchText), $templateCode); $templateCode = str_replace('<%%COMBO(beneficiary_group_relevance)%%>', $combo_beneficiary_group_relevance->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(beneficiary_group_relevance)%%>', $combo_beneficiary_group_relevance->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(reliability)%%>', $combo_reliability->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(reliability)%%>', $combo_reliability->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(intentionality)%%>', $combo_intentionality->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(intentionality)%%>', $combo_intentionality->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(equivalence)%%>', $combo_equivalence->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(equivalence)%%>', $combo_equivalence->SelectedData, $templateCode); // process foreign key links if ($selected_id) { $templateCode = str_replace('<%%PLINK(report)%%>', $combo_report->SelectedData ? "<span id=\"reports_plink1\" class=\"hidden\"><a class=\"btn btn-default\" href=\"reports_view.php?SelectedID=" . urlencode($combo_report->SelectedData) . "\"><i class=\"glyphicon glyphicon-search\"></i></a></span>" : '', $templateCode); $templateCode = str_replace('<%%PLINK(outcome)%%>', $combo_outcome->SelectedData ? "<span id=\"outcomes_plink2\" class=\"hidden\"><a class=\"btn btn-default\" href=\"outcomes_view.php?SelectedID=" . urlencode($combo_outcome->SelectedData) . "\"><i class=\"glyphicon glyphicon-search\"></i></a></span>" : '', $templateCode); $templateCode = str_replace('<%%PLINK(indicator)%%>', $combo_indicator->SelectedData ? "<span id=\"indicators_plink3\" class=\"hidden\"><a class=\"btn btn-default\" href=\"indicators_view.php?SelectedID=" . urlencode($combo_indicator->SelectedData) . "\"><i class=\"glyphicon glyphicon-search\"></i></a></span>" : '', $templateCode); $templateCode = str_replace('<%%PLINK(beneficiary_group)%%>', $combo_beneficiary_group->SelectedData ? "<span id=\"beneficiary_groups_plink4\" class=\"hidden\"><a class=\"btn btn-default\" href=\"beneficiary_groups_view.php?SelectedID=" . urlencode($combo_beneficiary_group->SelectedData) . "\"><i class=\"glyphicon glyphicon-search\"></i></a></span>" : '', $templateCode); } // process images $templateCode = str_replace('<%%UPLOADFILE(entry_id)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(created)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(created_by)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(report)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(outcome)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(indicator)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(score)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(beneficiary_group)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(beneficiary_group_relevance)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(comment)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(reference)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(reliability)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(intentionality)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(equivalence)%%>', '', $templateCode); // process values if ($selected_id) { $templateCode = str_replace('<%%VALUE(entry_id)%%>', htmlspecialchars($row['entry_id'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(entry_id)%%>', urlencode($urow['entry_id']), $templateCode); $templateCode = str_replace('<%%VALUE(created)%%>', @date('d/m/Y', @strtotime(htmlspecialchars($row['created'], ENT_QUOTES))), $templateCode); $templateCode = str_replace('<%%URLVALUE(created)%%>', urlencode(@date('d/m/Y', @strtotime(htmlspecialchars($urow['created'], ENT_QUOTES)))), $templateCode); $templateCode = str_replace('<%%VALUE(created_by)%%>', htmlspecialchars($row['created_by'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(created_by)%%>', urlencode($urow['created_by']), $templateCode); $templateCode = str_replace('<%%VALUE(report)%%>', htmlspecialchars($row['report'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(report)%%>', urlencode($urow['report']), $templateCode); $templateCode = str_replace('<%%VALUE(outcome)%%>', htmlspecialchars($row['outcome'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(outcome)%%>', urlencode($urow['outcome']), $templateCode); $templateCode = str_replace('<%%VALUE(indicator)%%>', htmlspecialchars($row['indicator'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(indicator)%%>', urlencode($urow['indicator']), $templateCode); $templateCode = str_replace('<%%VALUE(score)%%>', htmlspecialchars($row['score'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(score)%%>', urlencode($urow['score']), $templateCode); $templateCode = str_replace('<%%VALUE(beneficiary_group)%%>', htmlspecialchars($row['beneficiary_group'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(beneficiary_group)%%>', urlencode($urow['beneficiary_group']), $templateCode); $templateCode = str_replace('<%%VALUE(beneficiary_group_relevance)%%>', htmlspecialchars($row['beneficiary_group_relevance'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(beneficiary_group_relevance)%%>', urlencode($urow['beneficiary_group_relevance']), $templateCode); if ($dvprint) { $templateCode = str_replace('<%%VALUE(comment)%%>', nl2br(htmlspecialchars($row['comment'], ENT_QUOTES)), $templateCode); } else { $templateCode = str_replace('<%%VALUE(comment)%%>', htmlspecialchars($row['comment'], ENT_QUOTES), $templateCode); } $templateCode = str_replace('<%%URLVALUE(comment)%%>', urlencode($urow['comment']), $templateCode); $templateCode = str_replace('<%%VALUE(reference)%%>', htmlspecialchars($row['reference'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(reference)%%>', urlencode($urow['reference']), $templateCode); $templateCode = str_replace('<%%VALUE(reliability)%%>', htmlspecialchars($row['reliability'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(reliability)%%>', urlencode($urow['reliability']), $templateCode); $templateCode = str_replace('<%%VALUE(intentionality)%%>', htmlspecialchars($row['intentionality'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(intentionality)%%>', urlencode($urow['intentionality']), $templateCode); $templateCode = str_replace('<%%VALUE(equivalence)%%>', htmlspecialchars($row['equivalence'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(equivalence)%%>', urlencode($urow['equivalence']), $templateCode); } else { $templateCode = str_replace('<%%VALUE(entry_id)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(entry_id)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(created)%%>', '<%%creationDate%%>', $templateCode); $templateCode = str_replace('<%%URLVALUE(created)%%>', urlencode('<%%creationDate%%>'), $templateCode); $templateCode = str_replace('<%%VALUE(created_by)%%>', '<%%creatorUsername%%>', $templateCode); $templateCode = str_replace('<%%URLVALUE(created_by)%%>', urlencode('<%%creatorUsername%%>'), $templateCode); $templateCode = str_replace('<%%VALUE(report)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(report)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(outcome)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(outcome)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(indicator)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(indicator)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(score)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(score)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(beneficiary_group)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(beneficiary_group)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(beneficiary_group_relevance)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(beneficiary_group_relevance)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(comment)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(comment)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(reference)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(reference)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(reliability)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(reliability)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(intentionality)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(intentionality)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(equivalence)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(equivalence)%%>', urlencode(''), $templateCode); } // process translations foreach ($Translation as $symbol => $trans) { $templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode); } // clear scrap $templateCode = str_replace('<%%', '<!-- ', $templateCode); $templateCode = str_replace('%%>', ' -->', $templateCode); // hide links to inaccessible tables if ($_POST['dvprint_x'] == '') { $templateCode .= "\n\n<script>jQuery(function(){\n"; $arrTables = getTableList(); foreach ($arrTables as $name => $caption) { $templateCode .= "\tjQuery('#{$name}_link').removeClass('hidden');\n"; $templateCode .= "\tjQuery('#xs_{$name}_link').removeClass('hidden');\n"; $templateCode .= "\tjQuery('[id^=\"{$name}_plink\"]').removeClass('hidden');\n"; } $templateCode .= $jsReadOnly; if (!$selected_id) { } $templateCode .= "\n});</script>\n"; } // ajaxed auto-fill fields $templateCode .= "<script>"; $templateCode .= "document.observe('dom:loaded', function() {"; $templateCode .= "\toutcome_update_autofills{$rnd1} = function(){\n"; $templateCode .= "\t\tnew Ajax.Request(\n"; if ($dvprint) { $templateCode .= "\t\t\t'entries_autofill.php?rnd1={$rnd1}&mfk=outcome&id='+encodeURIComponent('" . addslashes($row['outcome']) . "'),\n"; $templateCode .= "\t\t\t{encoding: 'UTF-8', method: 'get'}\n"; } else { $templateCode .= "\t\t\t'entries_autofill.php?rnd1={$rnd1}&mfk=outcome&id=' + encodeURIComponent(current_outcome{$rnd1}.value),\n"; $templateCode .= "\t\t\t{encoding: 'UTF-8', method: 'get', onCreate: function(){ \$('outcome{$rnd1}').disable(); \$('outcomeLoading').innerHTML='<img src=loading.gif align=top>'; }, onComplete: function(){" . ($arrPerm[1] || ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) ? "\$('outcome{$rnd1}').enable(); " : "\$('outcome{$rnd1}').disable(); ") . "\$('outcomeLoading').innerHTML='';}}\n"; } $templateCode .= "\t\t);\n"; $templateCode .= "\t};\n"; if (!$dvprint) { $templateCode .= "\tif(\$('outcome_caption') != undefined) \$('outcome_caption').onchange=outcome_update_autofills{$rnd1};\n"; } $templateCode .= "});"; $templateCode .= "</script>"; $templateCode .= $lookups; // handle enforced parent values for read-only lookup fields // don't include blank images in lightbox gallery $templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode); // don't display empty email links $templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode); // hook: entries_dv if (function_exists('entries_dv')) { $args = array(); entries_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args); } return $templateCode; }
function units_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0) { // function to return an editable form for a table records // and fill it with data of record whose ID is $selected_id. If $selected_id // is empty, an empty form is shown, with only an 'Add New' // button displayed. global $Translation; // mm: get table permissions $arrPerm = getTablePermissions('units'); if (!$arrPerm[1] && $selected_id == '') { return ''; } $AllowInsert = $arrPerm[1] ? true : false; // print preview? $dvprint = false; if ($selected_id && $_REQUEST['dvprint_x'] != '') { $dvprint = true; } $filterer_property = thisOr(undo_magic_quotes($_REQUEST['filterer_property']), ''); // populate filterers, starting from children to grand-parents // unique random identifier $rnd1 = $dvprint ? rand(1000000, 9999999) : ''; // combobox: property $combo_property = new DataCombo(); // combobox: status $combo_status = new Combo(); $combo_status->ListType = 2; $combo_status->MultipleSeparator = ', '; $combo_status->ListBoxHeight = 10; $combo_status->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/units.status.csv')) { $status_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/units.status.csv'))); $combo_status->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($status_data))); $combo_status->ListData = $combo_status->ListItem; } else { $combo_status->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Occupied;;Listed;;Unlisted"))); $combo_status->ListData = $combo_status->ListItem; } $combo_status->SelectName = 'status'; $combo_status->AllowNull = false; // combobox: features $combo_features = new Combo(); $combo_features->ListType = 3; $combo_features->MultipleSeparator = ', '; $combo_features->ListBoxHeight = 10; $combo_features->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/units.features.csv')) { $features_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/units.features.csv'))); $combo_features->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($features_data))); $combo_features->ListData = $combo_features->ListItem; } else { $combo_features->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Cable ready;; Micorwave;;Hardwood floors;; High speed internet;;Air conditioning;;Refrigerator;;Dishwasher;;Walk-in closets;;Balcony;;Deck;;Patio;;Garage parking;;Carport;;Fenced yard;;Laundry room / hookups;; Fireplace;;Oven / range;;Heat - electric;; Heat - gas;; Heat - oil"))); $combo_features->ListData = $combo_features->ListItem; } $combo_features->SelectName = 'features'; if ($selected_id) { // mm: check member permissions if (!$arrPerm[2]) { return ""; } // mm: who is the owner? $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='units' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='units' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) { return ""; } if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) { return ""; } // can edit? if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { $AllowUpdate = 1; } else { $AllowUpdate = 0; } $res = sql("select * from `units` where `id`='" . makeSafe($selected_id) . "'", $eo); if (!($row = db_fetch_array($res))) { return error_message($Translation['No records found']); } $urow = $row; /* unsanitized data */ $hc = new CI_Input(); $row = $hc->xss_clean($row); /* sanitize data */ $combo_property->SelectedData = $row['property']; $combo_status->SelectedData = $row['status']; $combo_features->SelectedData = $row['features']; } else { $combo_property->SelectedData = $filterer_property; $combo_status->SelectedText = $_REQUEST['FilterField'][1] == '5' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; } $combo_property->HTML = '<span id="property-container' . $rnd1 . '"></span><input type="hidden" name="property" id="property' . $rnd1 . '">'; $combo_property->MatchText = '<span id="property-container-readonly' . $rnd1 . '"></span><input type="hidden" name="property" id="property' . $rnd1 . '">'; $combo_status->Render(); $combo_features->Render(); ob_start(); ?> <script> // initial lookup values var current_property__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['property'] : $filterer_property); ?> "}; jQuery(function() { property_reload__RAND__(); }); function property_reload__RAND__(){ <?php if (($AllowUpdate || $AllowInsert) && !$dvprint) { ?> jQuery("#property-container__RAND__").select2({ /* initial default value */ initSelection: function(e, c){ jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_property__RAND__.value, t: 'units', f: 'property' } }).done(function(resp){ c({ id: resp.results[0].id, text: resp.results[0].text }); jQuery('[name="property"]').val(resp.results[0].id); jQuery('[id=property-container-readonly__RAND__]').html('<span id="property-match-text">' + resp.results[0].text + '</span>'); if(typeof(property_update_autofills__RAND__) == 'function') property_update_autofills__RAND__(); }); }, width: '100%', formatNoMatches: function(term){ return '<?php echo addslashes($Translation['No matches found!']); ?> '; }, minimumResultsForSearch: 10, loadMorePadding: 200, ajax: { url: 'ajax_combo.php', dataType: 'json', cache: true, data: function(term, page){ return { s: term, p: page, t: 'units', f: 'property' }; }, results: function(resp, page){ return resp; } } }).on('change', function(e){ current_property__RAND__.value = e.added.id; current_property__RAND__.text = e.added.text; jQuery('[name="property"]').val(e.added.id); if(typeof(property_update_autofills__RAND__) == 'function') property_update_autofills__RAND__(); }); <?php } else { ?> jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_property__RAND__.value, t: 'units', f: 'property' } }).done(function(resp){ jQuery('[id=property-container__RAND__], [id=property-container-readonly__RAND__]').html('<span id="property-match-text">' + resp.results[0].text + '</span>'); if(typeof(property_update_autofills__RAND__) == 'function') property_update_autofills__RAND__(); }); <?php } ?> } </script> <?php $lookups = str_replace('__RAND__', $rnd1, ob_get_contents()); ob_end_clean(); // code for template based detail view forms // open the detail view template if ($dvprint) { $templateCode = @file_get_contents('./templates/units_templateDVP.html'); } else { $templateCode = @file_get_contents('./templates/units_templateDV.html'); } // process form title $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Unit details', $templateCode); $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode); $templateCode = str_replace('<%%EMBEDDED%%>', $_REQUEST['Embedded'] ? 'Embedded=1' : '', $templateCode); // process buttons if ($AllowInsert) { if (!$selected_id) { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return units_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode); } $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return units_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode); } // 'Back' button action if ($_REQUEST['Embedded']) { $backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;'; } else { $backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;'; } if ($selected_id) { if (!$_REQUEST['Embedded']) { $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode); } if ($AllowUpdate) { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return units_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); } if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) { // allow delete? $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); } $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode); } // set records to read only if user can't insert new records and can't edit current record if ($selected_id && !$AllowUpdate && !$AllowInsert || !$selected_id && !$AllowInsert) { $jsReadOnly .= "\tjQuery('#property').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#property_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n"; $jsReadOnly .= "\tjQuery('#unit_number').replaceWith('<p class=\"form-control-static\" id=\"unit_number\">' + (jQuery('#unit_number').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#photo').replaceWith('<p class=\"form-control-static\" id=\"photo\">' + (jQuery('#photo').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('input[name=status]').parent().html('<p class=\"form-control-static\">' + jQuery('input[name=status]:checked').next().text() + '</p>')\n"; $jsReadOnly .= "\tjQuery('#size').replaceWith('<p class=\"form-control-static\" id=\"size\">' + (jQuery('#size').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#rooms').replaceWith('<p class=\"form-control-static\" id=\"rooms\">' + (jQuery('#rooms').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#bathroom').replaceWith('<p class=\"form-control-static\" id=\"bathroom\">' + (jQuery('#bathroom').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#features').replaceWith('<p class=\"form-control-static\" id=\"features\">' + (jQuery('#features').val() || '') + '</p>'); jQuery('#features-multi-selection-help').hide();\n"; $jsReadOnly .= "\tjQuery('#s2id_features').remove();\n"; $jsReadOnly .= "\tjQuery('#rental_amount').replaceWith('<p class=\"form-control-static\" id=\"rental_amount\">' + (jQuery('#rental_amount').val() || '') + '</p>');\n"; $noUploads = true; } elseif ($AllowInsert) { $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler } // process combos $templateCode = str_replace('<%%COMBO(property)%%>', $combo_property->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(property)%%>', $combo_property->MatchText, $templateCode); $templateCode = str_replace('<%%URLCOMBOTEXT(property)%%>', urlencode($combo_property->MatchText), $templateCode); $templateCode = str_replace('<%%COMBO(status)%%>', $combo_status->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(status)%%>', $combo_status->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(features)%%>', $combo_features->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(features)%%>', $combo_features->SelectedData, $templateCode); // process foreign key links if ($selected_id) { $templateCode = str_replace('<%%PLINK(property)%%>', $combo_property->SelectedData ? "<span id=\"properties_plink1\" class=\"hidden\"><a class=\"btn btn-default\" href=\"properties_view.php?SelectedID=" . urlencode($combo_property->SelectedData) . "\"><i class=\"glyphicon glyphicon-search\"></i></a></span>" : '', $templateCode); } // process images $templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(property)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(unit_number)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(photo)%%>', $noUploads ? '' : '<br><input type=hidden name=MAX_FILE_SIZE value=1024000>' . $Translation['upload image'] . ' <input type="file" name="photo">', $templateCode); if ($AllowUpdate && $row['photo'] != '') { $templateCode = str_replace('<%%REMOVEFILE(photo)%%>', '<br><input type="checkbox" name="photo_remove" id="photo_remove" value="1"> <label for="photo_remove" style="color: red; font-weight: bold;">' . $Translation['remove image'] . '</label>', $templateCode); } else { $templateCode = str_replace('<%%REMOVEFILE(photo)%%>', '', $templateCode); } $templateCode = str_replace('<%%UPLOADFILE(status)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(size)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(rooms)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(bathroom)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(features)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(market_rent)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(rental_amount)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(deposit_amount)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(description)%%>', '', $templateCode); // process values if ($selected_id) { $templateCode = str_replace('<%%VALUE(id)%%>', htmlspecialchars($row['id'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode); $templateCode = str_replace('<%%VALUE(property)%%>', htmlspecialchars($row['property'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(property)%%>', urlencode($urow['property']), $templateCode); $templateCode = str_replace('<%%VALUE(unit_number)%%>', htmlspecialchars($row['unit_number'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(unit_number)%%>', urlencode($urow['unit_number']), $templateCode); $row['photo'] = $row['photo'] != '' ? $row['photo'] : 'blank.gif'; $templateCode = str_replace('<%%VALUE(photo)%%>', htmlspecialchars($row['photo'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(photo)%%>', urlencode($urow['photo']), $templateCode); $templateCode = str_replace('<%%VALUE(status)%%>', htmlspecialchars($row['status'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(status)%%>', urlencode($urow['status']), $templateCode); $templateCode = str_replace('<%%VALUE(size)%%>', htmlspecialchars($row['size'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(size)%%>', urlencode($urow['size']), $templateCode); $templateCode = str_replace('<%%VALUE(rooms)%%>', htmlspecialchars($row['rooms'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(rooms)%%>', urlencode($urow['rooms']), $templateCode); $templateCode = str_replace('<%%VALUE(bathroom)%%>', htmlspecialchars($row['bathroom'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(bathroom)%%>', urlencode($urow['bathroom']), $templateCode); $templateCode = str_replace('<%%VALUE(features)%%>', htmlspecialchars($row['features'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(features)%%>', urlencode($urow['features']), $templateCode); $templateCode = str_replace('<%%VALUE(market_rent)%%>', htmlspecialchars($row['market_rent'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(market_rent)%%>', urlencode($urow['market_rent']), $templateCode); $templateCode = str_replace('<%%VALUE(rental_amount)%%>', htmlspecialchars($row['rental_amount'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(rental_amount)%%>', urlencode($urow['rental_amount']), $templateCode); $templateCode = str_replace('<%%VALUE(deposit_amount)%%>', htmlspecialchars($row['deposit_amount'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(deposit_amount)%%>', urlencode($urow['deposit_amount']), $templateCode); if ($AllowUpdate || $AllowInsert) { $templateCode = str_replace('<%%HTMLAREA(description)%%>', '<textarea name="description" id="description" rows="5">' . htmlspecialchars($row['description'], ENT_QUOTES) . '</textarea>', $templateCode); } else { $templateCode = str_replace('<%%HTMLAREA(description)%%>', $row['description'], $templateCode); } $templateCode = str_replace('<%%VALUE(description)%%>', nl2br($row['description']), $templateCode); $templateCode = str_replace('<%%URLVALUE(description)%%>', urlencode($urow['description']), $templateCode); } else { $templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(property)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(property)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(unit_number)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(unit_number)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(photo)%%>', 'blank.gif', $templateCode); $templateCode = str_replace('<%%VALUE(status)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(status)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(size)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(size)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(rooms)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(rooms)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(bathroom)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(bathroom)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(features)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(features)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(market_rent)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(market_rent)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(rental_amount)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(rental_amount)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(deposit_amount)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(deposit_amount)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%HTMLAREA(description)%%>', '<textarea name="description" id="description" rows="5"></textarea>', $templateCode); } // process translations foreach ($Translation as $symbol => $trans) { $templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode); } // clear scrap $templateCode = str_replace('<%%', '<!-- ', $templateCode); $templateCode = str_replace('%%>', ' -->', $templateCode); // hide links to inaccessible tables if ($_POST['dvprint_x'] == '') { $templateCode .= "\n\n<script>\$j(function(){\n"; $arrTables = getTableList(); foreach ($arrTables as $name => $caption) { $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n"; $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n"; $templateCode .= "\t\$j('[id^=\"{$name}_plink\"]').removeClass('hidden');\n"; } $templateCode .= $jsReadOnly; $templateCode .= $jsEditable; if (!$selected_id) { } $templateCode .= "\n});</script>\n"; } // ajaxed auto-fill fields $templateCode .= '<script>'; $templateCode .= '$j(function() {'; $templateCode .= "\tproperty_update_autofills{$rnd1} = function(){\n"; $templateCode .= "\t\tnew Ajax.Request(\n"; if ($dvprint) { $templateCode .= "\t\t\t'units_autofill.php?rnd1={$rnd1}&mfk=property&id='+encodeURIComponent('" . addslashes($row['property']) . "'),\n"; $templateCode .= "\t\t\t{encoding: 'UTF-8', method: 'get'}\n"; } else { $templateCode .= "\t\t\t'units_autofill.php?rnd1={$rnd1}&mfk=property&id=' + encodeURIComponent(current_property{$rnd1}.value),\n"; $templateCode .= "\t\t\t{encoding: 'UTF-8', method: 'get', onCreate: function(){ \$('property{$rnd1}').disable(); \$('propertyLoading').innerHTML='<img src=loading.gif align=top>'; }, onComplete: function(){" . ($arrPerm[1] || ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) ? "\$('property{$rnd1}').enable(); " : "\$('property{$rnd1}').disable(); ") . "\$('propertyLoading').innerHTML='';}}\n"; } $templateCode .= "\t\t);\n"; $templateCode .= "\t};\n"; if (!$dvprint) { $templateCode .= "\tif(\$('property_caption') != undefined) \$('property_caption').onchange=property_update_autofills{$rnd1};\n"; } $templateCode .= "});"; $templateCode .= "</script>"; $templateCode .= $lookups; // handle enforced parent values for read-only lookup fields // don't include blank images in lightbox gallery $templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode); // don't display empty email links $templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode); // hook: units_dv if (function_exists('units_dv')) { $args = array(); units_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args); } return $templateCode; }
<tr> <td>Contenido <textarea cols="80" id="contents" name="contents" rows="10"></textarea></td> <script> CKEDITOR.replace( 'contents' ); </script> </tr> <tr> <td> Tipo <?php $cmb = new Combo(); $cmb->AddItem("0", "Selecciona.."); $cmb->FillDB("SELECT * FROM ambits", "idambits"); $cmb->Render("ambit"); ?> </td> </tr> <tr> <td> Fecha <input id="fddate" name="fddate" type="text" value="mm/dd/aaaa" /></td> <script> datepick("fddate","option|dateFormat|yyyy-mm-dd"); </script> </tr> <tr> <td align="center" > <input name="enviar" type="button" onclick="setContentValue(); post('insert/noticias.php?a=ins', 'mensajes','miform'); get('select/noticias.php','content'); $('#mensajes').empty(); $('#mensajes').show(); desaparece('mensajes');" value="Guardar" /> <input name="cancelar" onclick="get('select/noticias.php','content');" type="button" value="Cancelar" /></td>
function applicants_and_tenants_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0) { // function to return an editable form for a table records // and fill it with data of record whose ID is $selected_id. If $selected_id // is empty, an empty form is shown, with only an 'Add New' // button displayed. global $Translation; // mm: get table permissions $arrPerm = getTablePermissions('applicants_and_tenants'); if (!$arrPerm[1] && $selected_id == '') { return ''; } $AllowInsert = $arrPerm[1] ? true : false; // print preview? $dvprint = false; if ($selected_id && $_REQUEST['dvprint_x'] != '') { $dvprint = true; } // populate filterers, starting from children to grand-parents // unique random identifier $rnd1 = $dvprint ? rand(1000000, 9999999) : ''; // combobox: birth_date $combo_birth_date = new DateCombo(); $combo_birth_date->DateFormat = "mdy"; $combo_birth_date->MinYear = 1900; $combo_birth_date->MaxYear = 2100; $combo_birth_date->DefaultDate = parseMySQLDate('', ''); $combo_birth_date->MonthNames = $Translation['month names']; $combo_birth_date->NamePrefix = 'birth_date'; // combobox: driver_license_state $combo_driver_license_state = new Combo(); $combo_driver_license_state->ListType = 0; $combo_driver_license_state->MultipleSeparator = ', '; $combo_driver_license_state->ListBoxHeight = 10; $combo_driver_license_state->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/applicants_and_tenants.driver_license_state.csv')) { $driver_license_state_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/applicants_and_tenants.driver_license_state.csv'))); $combo_driver_license_state->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($driver_license_state_data))); $combo_driver_license_state->ListData = $combo_driver_license_state->ListItem; } else { $combo_driver_license_state->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("AL;;AK;;AS;;AZ;;AR;;CA;;CO;;CT;;DE;;DC;;FM;;FL;;GA;;GU;;HI;;ID;;IL;;IN;;IA;;KS;;KY;;LA;;ME;;MH;;MD;;MA;;MI;;MN;;MS;;MO;;MT;;NE;;NV;;NH;;NJ;;NM;;NY;;NC;;ND;;MP;;OH;;OK;;OR;;PW;;PA;;PR;;RI;;SC;;SD;;TN;;TX;;UT;;VT;;VI;;VA;;WA;;WV;;WI;;WY"))); $combo_driver_license_state->ListData = $combo_driver_license_state->ListItem; } $combo_driver_license_state->SelectName = 'driver_license_state'; // combobox: status $combo_status = new Combo(); $combo_status->ListType = 2; $combo_status->MultipleSeparator = ', '; $combo_status->ListBoxHeight = 10; $combo_status->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/applicants_and_tenants.status.csv')) { $status_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/applicants_and_tenants.status.csv'))); $combo_status->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($status_data))); $combo_status->ListData = $combo_status->ListItem; } else { $combo_status->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Applicant;;Tenant;;Previous tenant"))); $combo_status->ListData = $combo_status->ListItem; } $combo_status->SelectName = 'status'; $combo_status->AllowNull = false; if ($selected_id) { // mm: check member permissions if (!$arrPerm[2]) { return ""; } // mm: who is the owner? $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='applicants_and_tenants' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='applicants_and_tenants' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) { return ""; } if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) { return ""; } // can edit? if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { $AllowUpdate = 1; } else { $AllowUpdate = 0; } $res = sql("select * from `applicants_and_tenants` where `id`='" . makeSafe($selected_id) . "'", $eo); if (!($row = db_fetch_array($res))) { return error_message($Translation['No records found']); } $urow = $row; /* unsanitized data */ $hc = new CI_Input(); $row = $hc->xss_clean($row); /* sanitize data */ $combo_birth_date->DefaultDate = $row['birth_date']; $combo_driver_license_state->SelectedData = $row['driver_license_state']; $combo_status->SelectedData = $row['status']; } else { $combo_driver_license_state->SelectedText = $_REQUEST['FilterField'][1] == '8' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; $combo_status->SelectedText = $_REQUEST['FilterField'][1] == '13' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "Applicant"; } $combo_driver_license_state->Render(); $combo_status->Render(); ob_start(); ?> <script> // initial lookup values jQuery(function() { }); </script> <?php $lookups = str_replace('__RAND__', $rnd1, ob_get_contents()); ob_end_clean(); // code for template based detail view forms // open the detail view template if ($dvprint) { $templateCode = @file_get_contents('./templates/applicants_and_tenants_templateDVP.html'); } else { $templateCode = @file_get_contents('./templates/applicants_and_tenants_templateDV.html'); } // process form title $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Tenant details', $templateCode); $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode); $templateCode = str_replace('<%%EMBEDDED%%>', $_REQUEST['Embedded'] ? 'Embedded=1' : '', $templateCode); // process buttons if ($AllowInsert) { if (!$selected_id) { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return applicants_and_tenants_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode); } $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return applicants_and_tenants_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode); } // 'Back' button action if ($_REQUEST['Embedded']) { $backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;'; } else { $backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;'; } if ($selected_id) { if (!$_REQUEST['Embedded']) { $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode); } if ($AllowUpdate) { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return applicants_and_tenants_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); } if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) { // allow delete? $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); } $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode); } // set records to read only if user can't insert new records and can't edit current record if ($selected_id && !$AllowUpdate && !$AllowInsert || !$selected_id && !$AllowInsert) { $jsReadOnly .= "\tjQuery('#last_name').replaceWith('<p class=\"form-control-static\" id=\"last_name\">' + (jQuery('#last_name').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#first_name').replaceWith('<p class=\"form-control-static\" id=\"first_name\">' + (jQuery('#first_name').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#email').replaceWith('<p class=\"form-control-static\" id=\"email\">' + (jQuery('#email').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#email, #email-edit-link').hide();\n"; $jsReadOnly .= "\tjQuery('#phone').replaceWith('<p class=\"form-control-static\" id=\"phone\">' + (jQuery('#phone').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#birth_date').prop('readonly', true);\n"; $jsReadOnly .= "\tjQuery('#birth_dateDay, #birth_dateMonth, #birth_dateYear').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#driver_license_number').replaceWith('<p class=\"form-control-static\" id=\"driver_license_number\">' + (jQuery('#driver_license_number').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#monthly_gross_pay').replaceWith('<p class=\"form-control-static\" id=\"monthly_gross_pay\">' + (jQuery('#monthly_gross_pay').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#additional_income').replaceWith('<p class=\"form-control-static\" id=\"additional_income\">' + (jQuery('#additional_income').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#assets').replaceWith('<p class=\"form-control-static\" id=\"assets\">' + (jQuery('#assets').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('input[name=status]').parent().html('<p class=\"form-control-static\">' + jQuery('input[name=status]:checked').next().text() + '</p>')\n"; $noUploads = true; } elseif ($AllowInsert) { $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler } // process combos $templateCode = str_replace('<%%COMBO(birth_date)%%>', $selected_id && !$arrPerm[3] ? '<p class="form-control-static">' . $combo_birth_date->GetHTML(true) . '</p>' : $combo_birth_date->GetHTML(), $templateCode); $templateCode = str_replace('<%%COMBOTEXT(birth_date)%%>', $combo_birth_date->GetHTML(true), $templateCode); $templateCode = str_replace('<%%COMBO(driver_license_state)%%>', $combo_driver_license_state->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(driver_license_state)%%>', $combo_driver_license_state->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(status)%%>', $combo_status->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(status)%%>', $combo_status->SelectedData, $templateCode); // process foreign key links if ($selected_id) { } // process images $templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(last_name)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(first_name)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(email)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(phone)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(birth_date)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(driver_license_number)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(driver_license_state)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(requested_lease_term)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(monthly_gross_pay)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(additional_income)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(assets)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(status)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(notes)%%>', '', $templateCode); // process values if ($selected_id) { $templateCode = str_replace('<%%VALUE(id)%%>', htmlspecialchars($row['id'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode); $templateCode = str_replace('<%%VALUE(last_name)%%>', htmlspecialchars($row['last_name'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(last_name)%%>', urlencode($urow['last_name']), $templateCode); $templateCode = str_replace('<%%VALUE(first_name)%%>', htmlspecialchars($row['first_name'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(first_name)%%>', urlencode($urow['first_name']), $templateCode); $templateCode = str_replace('<%%VALUE(email)%%>', htmlspecialchars($row['email'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(email)%%>', urlencode($urow['email']), $templateCode); $templateCode = str_replace('<%%VALUE(phone)%%>', htmlspecialchars($row['phone'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(phone)%%>', urlencode($urow['phone']), $templateCode); $templateCode = str_replace('<%%VALUE(birth_date)%%>', @date('m/d/Y', @strtotime(htmlspecialchars($row['birth_date'], ENT_QUOTES))), $templateCode); $templateCode = str_replace('<%%URLVALUE(birth_date)%%>', urlencode(@date('m/d/Y', @strtotime(htmlspecialchars($urow['birth_date'], ENT_QUOTES)))), $templateCode); $templateCode = str_replace('<%%VALUE(driver_license_number)%%>', htmlspecialchars($row['driver_license_number'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(driver_license_number)%%>', urlencode($urow['driver_license_number']), $templateCode); $templateCode = str_replace('<%%VALUE(driver_license_state)%%>', htmlspecialchars($row['driver_license_state'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(driver_license_state)%%>', urlencode($urow['driver_license_state']), $templateCode); $templateCode = str_replace('<%%VALUE(requested_lease_term)%%>', htmlspecialchars($row['requested_lease_term'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(requested_lease_term)%%>', urlencode($urow['requested_lease_term']), $templateCode); $templateCode = str_replace('<%%VALUE(monthly_gross_pay)%%>', htmlspecialchars($row['monthly_gross_pay'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(monthly_gross_pay)%%>', urlencode($urow['monthly_gross_pay']), $templateCode); $templateCode = str_replace('<%%VALUE(additional_income)%%>', htmlspecialchars($row['additional_income'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(additional_income)%%>', urlencode($urow['additional_income']), $templateCode); $templateCode = str_replace('<%%VALUE(assets)%%>', htmlspecialchars($row['assets'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(assets)%%>', urlencode($urow['assets']), $templateCode); $templateCode = str_replace('<%%VALUE(status)%%>', htmlspecialchars($row['status'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(status)%%>', urlencode($urow['status']), $templateCode); if ($AllowUpdate || $AllowInsert) { $templateCode = str_replace('<%%HTMLAREA(notes)%%>', '<textarea name="notes" id="notes" rows="5">' . htmlspecialchars($row['notes'], ENT_QUOTES) . '</textarea>', $templateCode); } else { $templateCode = str_replace('<%%HTMLAREA(notes)%%>', $row['notes'], $templateCode); } $templateCode = str_replace('<%%VALUE(notes)%%>', nl2br($row['notes']), $templateCode); $templateCode = str_replace('<%%URLVALUE(notes)%%>', urlencode($urow['notes']), $templateCode); } else { $templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(last_name)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(last_name)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(first_name)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(first_name)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(email)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(email)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(phone)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(phone)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(birth_date)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(birth_date)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(driver_license_number)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(driver_license_number)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(driver_license_state)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(driver_license_state)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(requested_lease_term)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(requested_lease_term)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(monthly_gross_pay)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(monthly_gross_pay)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(additional_income)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(additional_income)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(assets)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(assets)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(status)%%>', 'Applicant', $templateCode); $templateCode = str_replace('<%%URLVALUE(status)%%>', urlencode('Applicant'), $templateCode); $templateCode = str_replace('<%%HTMLAREA(notes)%%>', '<textarea name="notes" id="notes" rows="5"></textarea>', $templateCode); } // process translations foreach ($Translation as $symbol => $trans) { $templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode); } // clear scrap $templateCode = str_replace('<%%', '<!-- ', $templateCode); $templateCode = str_replace('%%>', ' -->', $templateCode); // hide links to inaccessible tables if ($_POST['dvprint_x'] == '') { $templateCode .= "\n\n<script>\$j(function(){\n"; $arrTables = getTableList(); foreach ($arrTables as $name => $caption) { $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n"; $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n"; $templateCode .= "\t\$j('[id^=\"{$name}_plink\"]').removeClass('hidden');\n"; } $templateCode .= $jsReadOnly; $templateCode .= $jsEditable; if (!$selected_id) { $templateCode .= "\n\tif(document.getElementById('emailEdit')){ document.getElementById('emailEdit').style.display='inline'; }"; $templateCode .= "\n\tif(document.getElementById('emailEditLink')){ document.getElementById('emailEditLink').style.display='none'; }"; } $templateCode .= "\n});</script>\n"; } // ajaxed auto-fill fields $templateCode .= '<script>'; $templateCode .= '$j(function() {'; $templateCode .= "});"; $templateCode .= "</script>"; $templateCode .= $lookups; // handle enforced parent values for read-only lookup fields // don't include blank images in lightbox gallery $templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode); // don't display empty email links $templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode); // hook: applicants_and_tenants_dv if (function_exists('applicants_and_tenants_dv')) { $args = array(); applicants_and_tenants_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args); } return $templateCode; }
?> </td> </tr> <tr> <td>Usuario</td> <td><input type="text" name="usuario" id="usuario" /></td> </tr> <tr> <td>Password</td> <td><input type="text" name="password" id="password" /></td> </tr> <tr> <td>Nivel</td> <td> <?php $cmb = new Combo(); $cmb->AddItem(0, "Selecciona"); $cmb->AddItem(1, "Administrador"); $cmb->AddItem(2, "Usuario"); $cmb->Render("nivel"); ?> </td> </tr> <tr> <td colspan="2"><div align="center"><input type="submit" value="Guardar" name="Guardar" /></div></td> </tr> </table> </form> </body> </html>
<script> CKEDITOR.replace('contents', { filebrowserBrowseUrl : 'filebrowser.php', filebrowserUploadUrl : 'upload.php' } ); </script> </tr> <tr> <td> Tipo <?php $cmb = new Combo(); $cmb->AddItem("0", "Selecciona.."); $cmb->FillDB("SELECT * FROM ambits", "idambits"); $cmb->Render("ambit", $rs->ambit); ?> </td> </tr> <tr> <td> Fecha <input id="fddate" name="fddate" type="text" value="<?php echo substr($rs->fddate, 5, 2) . "/" . substr($rs->fddate, 8, 2) . "/" . substr($rs->fddate, 0, 4); ?> " /></td> <script> datepick("fddate","option|dateFormat|yyyy-mm-dd"); </script> </tr> <tr>
for ($i = 0; $i < $num_rules; $i++) { $sfi = $sd = ""; if (isset($orderBy[$i])) { foreach ($orderBy[$i] as $sfi => $sd) { } } $sortFields->SelectName = "OrderByField{$i}"; $sortFields->SelectID = "OrderByField{$i}"; $sortFields->SelectedData = $sfi; $sortFields->SelectedText = ""; $sortFields->Render(); $sortDirs->SelectName = "OrderDir{$i}"; $sortDirs->SelectID = "OrderDir{$i}"; $sortDirs->SelectedData = $sd; $sortDirs->SelectedText = ""; $sortDirs->Render(); $border_style = $i == $num_rules - 1 ? "solid 2px #DDD" : "dotted 1px #DDD"; ?> <!-- sorting rule --> <div class="row" style="border-bottom: <?php echo $border_style; ?> ;"> <div class="col-xs-2 vspacer-md hidden-md hidden-lg"><strong><?php echo $i ? "then by" : "order by"; ?> </strong></div> <div class="col-md-2 col-md-offset-2 vspacer-md hidden-xs hidden-sm text-right"><strong><?php echo $i ? "then by" : "order by"; ?> </strong></div>
function GetHTML($readOnly = false) { list($xy, $xm, $xd) = explode('-', $this->DefaultDate); //$y : render years combo $years = new Combo(); for ($i = $this->MinYear; $i <= $this->MaxYear; $i++) { $years->ListItem[] = $i; $years->ListData[] = $i; } $years->SelectName = $this->NamePrefix . 'Year'; $years->SelectID = $this->NamePrefix; $years->SelectedData = $xy; $years->Class = $this->CSSOptionClass; $years->SelectedClass = $this->CSSSelectedClass; $years->Render(); $y = $readOnly ? substr($this->DefaultDate, 0, 4) : $years->HTML; //$m : render months combo $months = new Combo(); for ($i = 1; $i <= 12; $i++) { $months->ListData[] = $i; } $months->ListItem = explode(",", $this->MonthNames); $months->SelectName = $this->NamePrefix . 'Month'; $months->SelectID = $this->NamePrefix . '-mm'; $months->SelectedData = intval($xm); $months->Class = $this->CSSOptionClass; $months->SelectedClass = $this->CSSSelectedClass; $months->Render(); $m = $readOnly ? $xm : $months->HTML; //$d : render days combo $days = new Combo(); for ($i = 1; $i <= 31; $i++) { $days->ListItem[] = $i; $days->ListData[] = $i; } $days->SelectName = $this->NamePrefix . 'Day'; $days->SelectID = $this->NamePrefix . '-dd'; $days->SelectedData = intval($xd); $days->Class = $this->CSSOptionClass; $days->SelectedClass = $this->CSSSelectedClass; $days->Render(); $d = $readOnly ? $xd : $days->HTML; $p1 = substr($this->DateFormat, 0, 1); $p2 = substr($this->DateFormat, 1, 1); $p3 = substr($this->DateFormat, 2, 1); return $readOnly ? "{${$p1}}/{${$p2}}/{${$p3}}" : "{${$p1}} / {${$p2}} / {${$p3}}"; }
function customers_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0) { // function to return an editable form for a table records // and fill it with data of record whose ID is $selected_id. If $selected_id // is empty, an empty form is shown, with only an 'Add New' // button displayed. global $Translation; // mm: get table permissions $arrPerm = getTablePermissions('customers'); if (!$arrPerm[1] && $selected_id == '') { return ''; } $AllowInsert = $arrPerm[1] ? true : false; // print preview? $dvprint = false; if ($selected_id && $_REQUEST['dvprint_x'] != '') { $dvprint = true; } // populate filterers, starting from children to grand-parents // unique random identifier $rnd1 = $dvprint ? rand(1000000, 9999999) : ''; // combobox: Country $combo_Country = new Combo(); $combo_Country->ListType = 0; $combo_Country->MultipleSeparator = ', '; $combo_Country->ListBoxHeight = 10; $combo_Country->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/customers.Country.csv')) { $Country_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/customers.Country.csv'))); $combo_Country->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($Country_data))); $combo_Country->ListData = $combo_Country->ListItem; } else { $combo_Country->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Afghanistan;;Albania;;Algeria;;American Samoa;;Andorra;;Angola;;Anguilla;;Antarctica;;Antigua, Barbuda;;Argentina;;Armenia;;Aruba;;Australia;;Austria;;Azerbaijan;;Bahamas;;Bahrain;;Bangladesh;;Barbados;;Belarus;;Belgium;;Belize;;Benin;;Bermuda;;Bhutan;;Bolivia;;Bosnia, Herzegovina;;Botswana;;Bouvet Is.;;Brazil;;Brunei Darussalam;;Bulgaria;;Burkina Faso;;Burundi;;Cambodia;;Cameroon;;Canada;;Canary Is.;;Cape Verde;;Cayman Is.;;Central African Rep.;;Chad;;Channel Islands;;Chile;;China;;Christmas Is.;;Cocos Is.;;Colombia;;Comoros;;Congo, D.R. Of;;Congo;;Cook Is.;;Costa Rica;;Croatia;;Cuba;;Cyprus;;Czech Republic;;Denmark;;Djibouti;;Dominica;;Dominican Republic;;Ecuador;;Egypt;;El Salvador;;Equatorial Guinea;;Eritrea;;Estonia;;Ethiopia;;Falkland Is.;;Faroe Is.;;Fiji;;Finland;;France;;French Guiana;;French Polynesia;;French Territories;;Gabon;;Gambia;;Georgia;;Germany;;Ghana;;Gibraltar;;Greece;;Greenland;;Grenada;;Guadeloupe;;Guam;;Guatemala;;Guernsey;;Guinea-bissau;;Guinea;;Guyana;;Haiti;;Heard, Mcdonald Is.;;Honduras;;Hong Kong;;Hungary;;Iceland;;India;;Indonesia;;Iran;;Iraq;;Ireland;;Israel;;Italy;;Ivory Coast;;Jamaica;;Japan;;Jersey;;Jordan;;Kazakhstan;;Kenya;;Kiribati;;Korea, D.P.R Of;;Korea, Rep. Of;;Kuwait;;Kyrgyzstan;;Lao Peoples D.R.;;Latvia;;Lebanon;;Lesotho;;Liberia;;Libyan Arab Jamahiriya;;Liechtenstein;;Lithuania;;Luxembourg;;Macao;;Macedonia, F.Y.R Of;;Madagascar;;Malawi;;Malaysia;;Maldives;;Mali;;Malta;;Mariana Islands;;Marshall Islands;;Martinique;;Mauritania;;Mauritius;;Mayotte;;Mexico;;Micronesia;;Moldova;;Monaco;;Mongolia;;Montserrat;;Morocco;;Mozambique;;Myanmar;;Namibia;;Nauru;;Nepal;;Netherlands Antilles;;Netherlands;;New Caledonia;;New Zealand;;Nicaragua;;Niger;;Nigeria;;Niue;;Norfolk Island;;Norway;;Oman;;Pakistan;;Palau;;Palestinian Terr.;;Panama;;Papua New Guinea;;Paraguay;;Peru;;Philippines;;Pitcairn;;Poland;;Portugal;;Puerto Rico;;Qatar;;Reunion;;Romania;;Russian Federation;;Rwanda;;Samoa;;San Marino;;Sao Tome, Principe;;Saudi Arabia;;Senegal;;Seychelles;;Sierra Leone;;Singapore;;Slovakia;;Slovenia;;Solomon Is.;;Somalia;;South Africa;;South Georgia;;South Sandwich Is.;;Spain;;Sri Lanka;;St. Helena;;St. Kitts, Nevis;;St. Lucia;;St. Pierre, Miquelon;;St. Vincent, Grenadines;;Sudan;;Suriname;;Svalbard, Jan Mayen;;Swaziland;;Sweden;;Switzerland;;Syrian Arab Republic;;Taiwan;;Tajikistan;;Tanzania;;Thailand;;Timor-leste;;Togo;;Tokelau;;Tonga;;Trinidad, Tobago;;Tunisia;;Turkey;;Turkmenistan;;Turks, Caicoss;;Tuvalu;;Uganda;;Ukraine;;United Arab Emirates;;United Kingdom;;United States;;Uruguay;;Uzbekistan;;Vanuatu;;Vatican City;;Venezuela;;Viet Nam;;Virgin Is. British;;Virgin Is. U.S.;;Wallis, Futuna;;Western Sahara;;Yemen;;Yugoslavia;;Zambia;;Zimbabwe"))); $combo_Country->ListData = $combo_Country->ListItem; } $combo_Country->SelectName = 'Country'; if ($selected_id) { // mm: check member permissions if (!$arrPerm[2]) { return ""; } // mm: who is the owner? $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='customers' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='customers' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) { return ""; } if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) { return ""; } // can edit? if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { $AllowUpdate = 1; } else { $AllowUpdate = 0; } $res = sql("select * from `customers` where `CustomerID`='" . makeSafe($selected_id) . "'", $eo); if (!($row = db_fetch_array($res))) { return error_message($Translation['No records found']); } $urow = $row; /* unsanitized data */ $hc = new CI_Input(); $row = $hc->xss_clean($row); /* sanitize data */ $combo_Country->SelectedData = $row['Country']; } else { $combo_Country->SelectedText = $_REQUEST['FilterField'][1] == '9' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : ""; } $combo_Country->Render(); // code for template based detail view forms // open the detail view template if ($dvprint) { $templateCode = @file_get_contents('./templates/customers_templateDVP.html'); } else { $templateCode = @file_get_contents('./templates/customers_templateDV.html'); } // process form title $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Detail View', $templateCode); $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode); $templateCode = str_replace('<%%EMBEDDED%%>', $_REQUEST['Embedded'] ? 'Embedded=1' : '', $templateCode); // process buttons if ($arrPerm[1] && !$selected_id) { // allow insert and no record selected? if (!$selected_id) { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return customers_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode); } $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return customers_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode); } // 'Back' button action if ($_REQUEST['Embedded']) { $backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;'; } else { $backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;'; } if ($selected_id) { if (!$_REQUEST['Embedded']) { $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode); } if ($AllowUpdate) { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return customers_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); } if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) { // allow delete? $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); } $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode); } // set records to read only if user can't insert new records and can't edit current record if ($selected_id && !$AllowUpdate || !$selected_id && !$AllowInsert) { $jsReadOnly .= "\tjQuery('#CustomerID').replaceWith('<div class=\"form-control-static\" id=\"CustomerID\">' + (jQuery('#CustomerID').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#CompanyName').replaceWith('<div class=\"form-control-static\" id=\"CompanyName\">' + (jQuery('#CompanyName').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#ContactName').replaceWith('<div class=\"form-control-static\" id=\"ContactName\">' + (jQuery('#ContactName').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#ContactTitle').replaceWith('<div class=\"form-control-static\" id=\"ContactTitle\">' + (jQuery('#ContactTitle').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#Address').replaceWith('<div class=\"form-control-static\" id=\"Address\">' + (jQuery('#Address').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#City').replaceWith('<div class=\"form-control-static\" id=\"City\">' + (jQuery('#City').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#Region').replaceWith('<div class=\"form-control-static\" id=\"Region\">' + (jQuery('#Region').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#PostalCode').replaceWith('<div class=\"form-control-static\" id=\"PostalCode\">' + (jQuery('#PostalCode').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#Country').replaceWith('<div class=\"form-control-static\" id=\"Country\">' + (jQuery('#Country').val() || '') + '</div>'); jQuery('#Country-multi-selection-help').hide();\n"; $jsReadOnly .= "\tjQuery('#Phone').replaceWith('<div class=\"form-control-static\" id=\"Phone\">' + (jQuery('#Phone').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('#Fax').replaceWith('<div class=\"form-control-static\" id=\"Fax\">' + (jQuery('#Fax').val() || '') + '</div>');\n"; $jsReadOnly .= "\tjQuery('.select2-container').hide();\n"; $noUploads = true; } elseif ($AllowInsert && !$selected_id || $AllowUpdate && $selected_id) { $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler } // process combos $templateCode = str_replace('<%%COMBO(Country)%%>', $combo_Country->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(Country)%%>', $combo_Country->SelectedData, $templateCode); /* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */ $lookup_fields = array(); foreach ($lookup_fields as $luf => $ptfc) { $pt_perm = getTablePermissions($ptfc[0]); // process foreign key links if ($pt_perm['view'] || $pt_perm['edit']) { $templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-lg" id="' . $ptfc[0] . '_view_parent" title="' . htmlspecialchars($Translation['View'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode); } // if user has insert permission to parent table of a lookup field, put an add new button if ($pt_perm['insert'] && !$_REQUEST['Embedded']) { $templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent" id="' . $ptfc[0] . '_add_new" title="' . htmlspecialchars($Translation['Add New'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode); } } // process images $templateCode = str_replace('<%%UPLOADFILE(CustomerID)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(CompanyName)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(ContactName)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(ContactTitle)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(Address)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(City)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(Region)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(PostalCode)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(Country)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(Phone)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(Fax)%%>', '', $templateCode); // process values if ($selected_id) { $templateCode = str_replace('<%%VALUE(CustomerID)%%>', htmlspecialchars($row['CustomerID'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(CustomerID)%%>', urlencode($urow['CustomerID']), $templateCode); $templateCode = str_replace('<%%VALUE(CompanyName)%%>', htmlspecialchars($row['CompanyName'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(CompanyName)%%>', urlencode($urow['CompanyName']), $templateCode); $templateCode = str_replace('<%%VALUE(ContactName)%%>', htmlspecialchars($row['ContactName'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(ContactName)%%>', urlencode($urow['ContactName']), $templateCode); $templateCode = str_replace('<%%VALUE(ContactTitle)%%>', htmlspecialchars($row['ContactTitle'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(ContactTitle)%%>', urlencode($urow['ContactTitle']), $templateCode); if ($dvprint) { $templateCode = str_replace('<%%VALUE(Address)%%>', nl2br(htmlspecialchars($row['Address'], ENT_QUOTES, 'iso-8859-1')), $templateCode); } else { $templateCode = str_replace('<%%VALUE(Address)%%>', htmlspecialchars($row['Address'], ENT_QUOTES, 'iso-8859-1'), $templateCode); } $templateCode = str_replace('<%%URLVALUE(Address)%%>', urlencode($urow['Address']), $templateCode); $templateCode = str_replace('<%%VALUE(City)%%>', htmlspecialchars($row['City'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(City)%%>', urlencode($urow['City']), $templateCode); $templateCode = str_replace('<%%VALUE(Region)%%>', htmlspecialchars($row['Region'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(Region)%%>', urlencode($urow['Region']), $templateCode); $templateCode = str_replace('<%%VALUE(PostalCode)%%>', htmlspecialchars($row['PostalCode'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(PostalCode)%%>', urlencode($urow['PostalCode']), $templateCode); $templateCode = str_replace('<%%VALUE(Country)%%>', htmlspecialchars($row['Country'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(Country)%%>', urlencode($urow['Country']), $templateCode); $templateCode = str_replace('<%%VALUE(Phone)%%>', htmlspecialchars($row['Phone'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(Phone)%%>', urlencode($urow['Phone']), $templateCode); $templateCode = str_replace('<%%VALUE(Fax)%%>', htmlspecialchars($row['Fax'], ENT_QUOTES, 'iso-8859-1'), $templateCode); $templateCode = str_replace('<%%URLVALUE(Fax)%%>', urlencode($urow['Fax']), $templateCode); } else { $templateCode = str_replace('<%%VALUE(CustomerID)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(CustomerID)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(CompanyName)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(CompanyName)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(ContactName)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(ContactName)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(ContactTitle)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(ContactTitle)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(Address)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(Address)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(City)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(City)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(Region)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(Region)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(PostalCode)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(PostalCode)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(Country)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(Country)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(Phone)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(Phone)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(Fax)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(Fax)%%>', urlencode(''), $templateCode); } // process translations foreach ($Translation as $symbol => $trans) { $templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode); } // clear scrap $templateCode = str_replace('<%%', '<!-- ', $templateCode); $templateCode = str_replace('%%>', ' -->', $templateCode); // hide links to inaccessible tables if ($_POST['dvprint_x'] == '') { $templateCode .= "\n\n<script>\$j(function(){\n"; $arrTables = getTableList(); foreach ($arrTables as $name => $caption) { $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n"; $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n"; } $templateCode .= $jsReadOnly; $templateCode .= $jsEditable; if (!$selected_id) { } $templateCode .= "\n});</script>\n"; } // ajaxed auto-fill fields $templateCode .= '<script>'; $templateCode .= '$j(function() {'; $templateCode .= "});"; $templateCode .= "</script>"; $templateCode .= $lookups; // handle enforced parent values for read-only lookup fields // don't include blank images in lightbox gallery $templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode); // don't display empty email links $templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode); // hook: customers_dv if (function_exists('customers_dv')) { $args = array(); customers_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args); } return $templateCode; }
function applications_leases_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0) { // function to return an editable form for a table records // and fill it with data of record whose ID is $selected_id. If $selected_id // is empty, an empty form is shown, with only an 'Add New' // button displayed. global $Translation; // mm: get table permissions $arrPerm = getTablePermissions('applications_leases'); if (!$arrPerm[1] && $selected_id == '') { return ''; } $AllowInsert = $arrPerm[1] ? true : false; // print preview? $dvprint = false; if ($selected_id && $_REQUEST['dvprint_x'] != '') { $dvprint = true; } $filterer_tenants = thisOr(undo_magic_quotes($_REQUEST['filterer_tenants']), ''); $filterer_property = thisOr(undo_magic_quotes($_REQUEST['filterer_property']), ''); $filterer_unit = thisOr(undo_magic_quotes($_REQUEST['filterer_unit']), ''); // populate filterers, starting from children to grand-parents if ($filterer_unit && !$filterer_property) { $filterer_property = sqlValue("select property from units where id='" . makeSafe($filterer_unit) . "'"); } // unique random identifier $rnd1 = $dvprint ? rand(1000000, 9999999) : ''; // combobox: tenants $combo_tenants = new DataCombo(); // combobox: status $combo_status = new Combo(); $combo_status->ListType = 2; $combo_status->MultipleSeparator = ', '; $combo_status->ListBoxHeight = 10; $combo_status->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/applications_leases.status.csv')) { $status_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/applications_leases.status.csv'))); $combo_status->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($status_data))); $combo_status->ListData = $combo_status->ListItem; } else { $combo_status->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Application;;Lease;;Historical lease"))); $combo_status->ListData = $combo_status->ListItem; } $combo_status->SelectName = 'status'; $combo_status->AllowNull = false; // combobox: property $combo_property = new DataCombo(); // combobox: unit, filterable by: property $combo_unit = new DataCombo(); // combobox: type $combo_type = new Combo(); $combo_type->ListType = 2; $combo_type->MultipleSeparator = ', '; $combo_type->ListBoxHeight = 10; $combo_type->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/applications_leases.type.csv')) { $type_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/applications_leases.type.csv'))); $combo_type->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($type_data))); $combo_type->ListData = $combo_type->ListItem; } else { $combo_type->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Fixed;;Fixed with rollover;;At-will"))); $combo_type->ListData = $combo_type->ListItem; } $combo_type->SelectName = 'type'; $combo_type->AllowNull = false; // combobox: start_date $combo_start_date = new DateCombo(); $combo_start_date->DateFormat = "mdy"; $combo_start_date->MinYear = 1900; $combo_start_date->MaxYear = 2100; $combo_start_date->DefaultDate = parseMySQLDate('1', '1'); $combo_start_date->MonthNames = $Translation['month names']; $combo_start_date->NamePrefix = 'start_date'; // combobox: end_date $combo_end_date = new DateCombo(); $combo_end_date->DateFormat = "mdy"; $combo_end_date->MinYear = 1900; $combo_end_date->MaxYear = 2100; $combo_end_date->DefaultDate = parseMySQLDate('1', '1'); $combo_end_date->MonthNames = $Translation['month names']; $combo_end_date->NamePrefix = 'end_date'; // combobox: recurring_charges_frequency $combo_recurring_charges_frequency = new Combo(); $combo_recurring_charges_frequency->ListType = 0; $combo_recurring_charges_frequency->MultipleSeparator = ', '; $combo_recurring_charges_frequency->ListBoxHeight = 10; $combo_recurring_charges_frequency->RadiosPerLine = 1; if (is_file(dirname(__FILE__) . '/hooks/applications_leases.recurring_charges_frequency.csv')) { $recurring_charges_frequency_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/applications_leases.recurring_charges_frequency.csv'))); $combo_recurring_charges_frequency->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($recurring_charges_frequency_data))); $combo_recurring_charges_frequency->ListData = $combo_recurring_charges_frequency->ListItem; } else { $combo_recurring_charges_frequency->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Daily;;Weekly;;Every two weeks;;Monthly;;Every two months;;Quarterly;;Every six months;;Yearly;;One time"))); $combo_recurring_charges_frequency->ListData = $combo_recurring_charges_frequency->ListItem; } $combo_recurring_charges_frequency->SelectName = 'recurring_charges_frequency'; $combo_recurring_charges_frequency->AllowNull = false; // combobox: next_due_date $combo_next_due_date = new DateCombo(); $combo_next_due_date->DateFormat = "mdy"; $combo_next_due_date->MinYear = 1900; $combo_next_due_date->MaxYear = 2100; $combo_next_due_date->DefaultDate = parseMySQLDate('1', '1'); $combo_next_due_date->MonthNames = $Translation['month names']; $combo_next_due_date->NamePrefix = 'next_due_date'; // combobox: security_deposit_date $combo_security_deposit_date = new DateCombo(); $combo_security_deposit_date->DateFormat = "mdy"; $combo_security_deposit_date->MinYear = 1900; $combo_security_deposit_date->MaxYear = 2100; $combo_security_deposit_date->DefaultDate = parseMySQLDate('', ''); $combo_security_deposit_date->MonthNames = $Translation['month names']; $combo_security_deposit_date->NamePrefix = 'security_deposit_date'; if ($selected_id) { // mm: check member permissions if (!$arrPerm[2]) { return ""; } // mm: who is the owner? $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='applications_leases' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='applications_leases' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) { return ""; } if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) { return ""; } // can edit? if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { $AllowUpdate = 1; } else { $AllowUpdate = 0; } $res = sql("select * from `applications_leases` where `id`='" . makeSafe($selected_id) . "'", $eo); if (!($row = db_fetch_array($res))) { return error_message($Translation['No records found']); } $urow = $row; /* unsanitized data */ $hc = new CI_Input(); $row = $hc->xss_clean($row); /* sanitize data */ $combo_tenants->SelectedData = $row['tenants']; $combo_status->SelectedData = $row['status']; $combo_property->SelectedData = $row['property']; $combo_unit->SelectedData = $row['unit']; $combo_type->SelectedData = $row['type']; $combo_start_date->DefaultDate = $row['start_date']; $combo_end_date->DefaultDate = $row['end_date']; $combo_recurring_charges_frequency->SelectedData = $row['recurring_charges_frequency']; $combo_next_due_date->DefaultDate = $row['next_due_date']; $combo_security_deposit_date->DefaultDate = $row['security_deposit_date']; } else { $combo_tenants->SelectedData = $filterer_tenants; $combo_status->SelectedText = $_REQUEST['FilterField'][1] == '3' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "Application"; $combo_property->SelectedData = $filterer_property; $combo_unit->SelectedData = $filterer_unit; $combo_type->SelectedText = $_REQUEST['FilterField'][1] == '6' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "Fixed"; $combo_recurring_charges_frequency->SelectedText = $_REQUEST['FilterField'][1] == '10' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "Monthly"; } $combo_tenants->HTML = '<span id="tenants-container' . $rnd1 . '"></span><input type="hidden" name="tenants" id="tenants' . $rnd1 . '">'; $combo_tenants->MatchText = '<span id="tenants-container-readonly' . $rnd1 . '"></span><input type="hidden" name="tenants" id="tenants' . $rnd1 . '">'; $combo_status->Render(); $combo_property->HTML = '<span id="property-container' . $rnd1 . '"></span><input type="hidden" name="property" id="property' . $rnd1 . '">'; $combo_property->MatchText = '<span id="property-container-readonly' . $rnd1 . '"></span><input type="hidden" name="property" id="property' . $rnd1 . '">'; $combo_unit->HTML = '<span id="unit-container' . $rnd1 . '"></span><input type="hidden" name="unit" id="unit' . $rnd1 . '">'; $combo_unit->MatchText = '<span id="unit-container-readonly' . $rnd1 . '"></span><input type="hidden" name="unit" id="unit' . $rnd1 . '">'; $combo_type->Render(); $combo_recurring_charges_frequency->Render(); ob_start(); ?> <script> // initial lookup values var current_tenants__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['tenants'] : $filterer_tenants); ?> "}; var current_property__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['property'] : $filterer_property); ?> "}; var current_unit__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['unit'] : $filterer_unit); ?> "}; jQuery(function() { tenants_reload__RAND__(); property_reload__RAND__(); <?php echo !$AllowUpdate || $dvprint ? 'unit_reload__RAND__(current_property__RAND__.value);' : ''; ?> }); function tenants_reload__RAND__(){ <?php if (($AllowUpdate || $AllowInsert) && !$dvprint) { ?> jQuery("#tenants-container__RAND__").select2({ /* initial default value */ initSelection: function(e, c){ jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_tenants__RAND__.value, t: 'applications_leases', f: 'tenants' } }).done(function(resp){ c({ id: resp.results[0].id, text: resp.results[0].text }); jQuery('[name="tenants"]').val(resp.results[0].id); jQuery('[id=tenants-container-readonly__RAND__]').html('<span id="tenants-match-text">' + resp.results[0].text + '</span>'); if(typeof(tenants_update_autofills__RAND__) == 'function') tenants_update_autofills__RAND__(); }); }, width: '100%', formatNoMatches: function(term){ return '<?php echo addslashes($Translation['No matches found!']); ?> '; }, minimumResultsForSearch: 10, loadMorePadding: 200, ajax: { url: 'ajax_combo.php', dataType: 'json', cache: true, data: function(term, page){ return { s: term, p: page, t: 'applications_leases', f: 'tenants' }; }, results: function(resp, page){ return resp; } } }).on('change', function(e){ current_tenants__RAND__.value = e.added.id; current_tenants__RAND__.text = e.added.text; jQuery('[name="tenants"]').val(e.added.id); if(typeof(tenants_update_autofills__RAND__) == 'function') tenants_update_autofills__RAND__(); }); <?php } else { ?> jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_tenants__RAND__.value, t: 'applications_leases', f: 'tenants' } }).done(function(resp){ jQuery('[id=tenants-container__RAND__], [id=tenants-container-readonly__RAND__]').html('<span id="tenants-match-text">' + resp.results[0].text + '</span>'); if(typeof(tenants_update_autofills__RAND__) == 'function') tenants_update_autofills__RAND__(); }); <?php } ?> } function property_reload__RAND__(){ <?php if (($AllowUpdate || $AllowInsert) && !$dvprint) { ?> jQuery("#property-container__RAND__").select2({ /* initial default value */ initSelection: function(e, c){ jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_property__RAND__.value, t: 'applications_leases', f: 'property' } }).done(function(resp){ c({ id: resp.results[0].id, text: resp.results[0].text }); jQuery('[name="property"]').val(resp.results[0].id); jQuery('[id=property-container-readonly__RAND__]').html('<span id="property-match-text">' + resp.results[0].text + '</span>'); unit_reload__RAND__(current_property__RAND__.value); if(typeof(property_update_autofills__RAND__) == 'function') property_update_autofills__RAND__(); }); }, width: '100%', formatNoMatches: function(term){ return '<?php echo addslashes($Translation['No matches found!']); ?> '; }, minimumResultsForSearch: 10, loadMorePadding: 200, ajax: { url: 'ajax_combo.php', dataType: 'json', cache: true, data: function(term, page){ return { s: term, p: page, t: 'applications_leases', f: 'property' }; }, results: function(resp, page){ return resp; } } }).on('change', function(e){ current_property__RAND__.value = e.added.id; current_property__RAND__.text = e.added.text; jQuery('[name="property"]').val(e.added.id); unit_reload__RAND__(current_property__RAND__.value); if(typeof(property_update_autofills__RAND__) == 'function') property_update_autofills__RAND__(); }); <?php } else { ?> jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_property__RAND__.value, t: 'applications_leases', f: 'property' } }).done(function(resp){ jQuery('[id=property-container__RAND__], [id=property-container-readonly__RAND__]').html('<span id="property-match-text">' + resp.results[0].text + '</span>'); if(typeof(property_update_autofills__RAND__) == 'function') property_update_autofills__RAND__(); }); <?php } ?> } function unit_reload__RAND__(filterer_property){ <?php if (($AllowUpdate || $AllowInsert) && !$dvprint) { ?> jQuery("#unit-container__RAND__").select2({ /* initial default value */ initSelection: function(e, c){ jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { filterer_property: filterer_property, id: current_unit__RAND__.value, t: 'applications_leases', f: 'unit' } }).done(function(resp){ c({ id: resp.results[0].id, text: resp.results[0].text }); jQuery('[name="unit"]').val(resp.results[0].id); jQuery('[id=unit-container-readonly__RAND__]').html('<span id="unit-match-text">' + resp.results[0].text + '</span>'); if(typeof(unit_update_autofills__RAND__) == 'function') unit_update_autofills__RAND__(); }); }, width: '100%', formatNoMatches: function(term){ return '<?php echo addslashes($Translation['No matches found!']); ?> '; }, minimumResultsForSearch: 10, loadMorePadding: 200, ajax: { url: 'ajax_combo.php', dataType: 'json', cache: true, data: function(term, page){ return { filterer_property: filterer_property, s: term, p: page, t: 'applications_leases', f: 'unit' }; }, results: function(resp, page){ return resp; } } }).on('change', function(e){ current_unit__RAND__.value = e.added.id; current_unit__RAND__.text = e.added.text; jQuery('[name="unit"]').val(e.added.id); if(typeof(unit_update_autofills__RAND__) == 'function') unit_update_autofills__RAND__(); }); <?php } else { ?> jQuery.ajax({ url: 'ajax_combo.php', dataType: 'json', data: { id: current_unit__RAND__.value, t: 'applications_leases', f: 'unit' } }).done(function(resp){ jQuery('[id=unit-container__RAND__], [id=unit-container-readonly__RAND__]').html('<span id="unit-match-text">' + resp.results[0].text + '</span>'); if(typeof(unit_update_autofills__RAND__) == 'function') unit_update_autofills__RAND__(); }); <?php } ?> } </script> <?php $lookups = str_replace('__RAND__', $rnd1, ob_get_contents()); ob_end_clean(); // code for template based detail view forms // open the detail view template if ($dvprint) { $templateCode = @file_get_contents('./templates/applications_leases_templateDVP.html'); } else { $templateCode = @file_get_contents('./templates/applications_leases_templateDV.html'); } // process form title $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Lease details', $templateCode); $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode); $templateCode = str_replace('<%%EMBEDDED%%>', $_REQUEST['Embedded'] ? 'Embedded=1' : '', $templateCode); // process buttons if ($AllowInsert) { if (!$selected_id) { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return applications_leases_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode); } $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return applications_leases_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode); } // 'Back' button action if ($_REQUEST['Embedded']) { $backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;'; } else { $backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;'; } if ($selected_id) { if (!$_REQUEST['Embedded']) { $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode); } if ($AllowUpdate) { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return applications_leases_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); } if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) { // allow delete? $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); } $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode); } else { $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode); $templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode); } // set records to read only if user can't insert new records and can't edit current record if ($selected_id && !$AllowUpdate && !$AllowInsert || !$selected_id && !$AllowInsert) { $jsReadOnly .= "\tjQuery('#tenants').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#tenants_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n"; $jsReadOnly .= "\tjQuery('input[name=status]').parent().html('<p class=\"form-control-static\">' + jQuery('input[name=status]:checked').next().text() + '</p>')\n"; $jsReadOnly .= "\tjQuery('#property').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#property_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n"; $jsReadOnly .= "\tjQuery('#unit').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#unit_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n"; $jsReadOnly .= "\tjQuery('input[name=type]').parent().html('<p class=\"form-control-static\">' + jQuery('input[name=type]:checked').next().text() + '</p>')\n"; $jsReadOnly .= "\tjQuery('#total_number_of_occupants').replaceWith('<p class=\"form-control-static\" id=\"total_number_of_occupants\">' + (jQuery('#total_number_of_occupants').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#start_date').prop('readonly', true);\n"; $jsReadOnly .= "\tjQuery('#start_dateDay, #start_dateMonth, #start_dateYear').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#end_date').prop('readonly', true);\n"; $jsReadOnly .= "\tjQuery('#end_dateDay, #end_dateMonth, #end_dateYear').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#recurring_charges_frequency').replaceWith('<p class=\"form-control-static\" id=\"recurring_charges_frequency\">' + (jQuery('#recurring_charges_frequency').val() || '') + '</p>'); jQuery('#recurring_charges_frequency-multi-selection-help').hide();\n"; $jsReadOnly .= "\tjQuery('#next_due_date').prop('readonly', true);\n"; $jsReadOnly .= "\tjQuery('#next_due_dateDay, #next_due_dateMonth, #next_due_dateYear').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#rent').replaceWith('<p class=\"form-control-static\" id=\"rent\">' + (jQuery('#rent').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#security_deposit').replaceWith('<p class=\"form-control-static\" id=\"security_deposit\">' + (jQuery('#security_deposit').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#security_deposit_date').prop('readonly', true);\n"; $jsReadOnly .= "\tjQuery('#security_deposit_dateDay, #security_deposit_dateMonth, #security_deposit_dateYear').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n"; $jsReadOnly .= "\tjQuery('#emergency_contact').replaceWith('<p class=\"form-control-static\" id=\"emergency_contact\">' + (jQuery('#emergency_contact').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#co_signer_details').replaceWith('<p class=\"form-control-static\" id=\"co_signer_details\">' + (jQuery('#co_signer_details').val() || '') + '</p>');\n"; $jsReadOnly .= "\tjQuery('#agreement').prop('disabled', true);\n"; $noUploads = true; } elseif ($AllowInsert) { $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler } // process combos $templateCode = str_replace('<%%COMBO(tenants)%%>', $combo_tenants->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(tenants)%%>', $combo_tenants->MatchText, $templateCode); $templateCode = str_replace('<%%URLCOMBOTEXT(tenants)%%>', urlencode($combo_tenants->MatchText), $templateCode); $templateCode = str_replace('<%%COMBO(status)%%>', $combo_status->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(status)%%>', $combo_status->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(property)%%>', $combo_property->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(property)%%>', $combo_property->MatchText, $templateCode); $templateCode = str_replace('<%%URLCOMBOTEXT(property)%%>', urlencode($combo_property->MatchText), $templateCode); $templateCode = str_replace('<%%COMBO(unit)%%>', $combo_unit->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(unit)%%>', $combo_unit->MatchText, $templateCode); $templateCode = str_replace('<%%URLCOMBOTEXT(unit)%%>', urlencode($combo_unit->MatchText), $templateCode); $templateCode = str_replace('<%%COMBO(type)%%>', $combo_type->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(type)%%>', $combo_type->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(start_date)%%>', $selected_id && !$arrPerm[3] ? '<p class="form-control-static">' . $combo_start_date->GetHTML(true) . '</p>' : $combo_start_date->GetHTML(), $templateCode); $templateCode = str_replace('<%%COMBOTEXT(start_date)%%>', $combo_start_date->GetHTML(true), $templateCode); $templateCode = str_replace('<%%COMBO(end_date)%%>', $selected_id && !$arrPerm[3] ? '<p class="form-control-static">' . $combo_end_date->GetHTML(true) . '</p>' : $combo_end_date->GetHTML(), $templateCode); $templateCode = str_replace('<%%COMBOTEXT(end_date)%%>', $combo_end_date->GetHTML(true), $templateCode); $templateCode = str_replace('<%%COMBO(recurring_charges_frequency)%%>', $combo_recurring_charges_frequency->HTML, $templateCode); $templateCode = str_replace('<%%COMBOTEXT(recurring_charges_frequency)%%>', $combo_recurring_charges_frequency->SelectedData, $templateCode); $templateCode = str_replace('<%%COMBO(next_due_date)%%>', $selected_id && !$arrPerm[3] ? '<p class="form-control-static">' . $combo_next_due_date->GetHTML(true) . '</p>' : $combo_next_due_date->GetHTML(), $templateCode); $templateCode = str_replace('<%%COMBOTEXT(next_due_date)%%>', $combo_next_due_date->GetHTML(true), $templateCode); $templateCode = str_replace('<%%COMBO(security_deposit_date)%%>', $selected_id && !$arrPerm[3] ? '<p class="form-control-static">' . $combo_security_deposit_date->GetHTML(true) . '</p>' : $combo_security_deposit_date->GetHTML(), $templateCode); $templateCode = str_replace('<%%COMBOTEXT(security_deposit_date)%%>', $combo_security_deposit_date->GetHTML(true), $templateCode); // process foreign key links if ($selected_id) { $templateCode = str_replace('<%%PLINK(tenants)%%>', $combo_tenants->SelectedData ? "<span id=\"applicants_and_tenants_plink1\" class=\"hidden\"><a class=\"btn btn-default\" href=\"applicants_and_tenants_view.php?SelectedID=" . urlencode($combo_tenants->SelectedData) . "\"><i class=\"glyphicon glyphicon-search\"></i></a></span>" : '', $templateCode); $templateCode = str_replace('<%%PLINK(property)%%>', $combo_property->SelectedData ? "<span id=\"properties_plink2\" class=\"hidden\"><a class=\"btn btn-default\" href=\"properties_view.php?SelectedID=" . urlencode($combo_property->SelectedData) . "\"><i class=\"glyphicon glyphicon-search\"></i></a></span>" : '', $templateCode); $templateCode = str_replace('<%%PLINK(unit)%%>', $combo_unit->SelectedData ? "<span id=\"units_plink3\" class=\"hidden\"><a class=\"btn btn-default\" href=\"units_view.php?SelectedID=" . urlencode($combo_unit->SelectedData) . "\"><i class=\"glyphicon glyphicon-search\"></i></a></span>" : '', $templateCode); } // process images $templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(tenants)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(status)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(property)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(unit)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(type)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(total_number_of_occupants)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(start_date)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(end_date)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(recurring_charges_frequency)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(next_due_date)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(rent)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(security_deposit)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(security_deposit_date)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(emergency_contact)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(co_signer_details)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(notes)%%>', '', $templateCode); $templateCode = str_replace('<%%UPLOADFILE(agreement)%%>', '', $templateCode); // process values if ($selected_id) { $templateCode = str_replace('<%%VALUE(id)%%>', htmlspecialchars($row['id'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode); $templateCode = str_replace('<%%VALUE(tenants)%%>', htmlspecialchars($row['tenants'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(tenants)%%>', urlencode($urow['tenants']), $templateCode); $templateCode = str_replace('<%%VALUE(status)%%>', htmlspecialchars($row['status'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(status)%%>', urlencode($urow['status']), $templateCode); $templateCode = str_replace('<%%VALUE(property)%%>', htmlspecialchars($row['property'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(property)%%>', urlencode($urow['property']), $templateCode); $templateCode = str_replace('<%%VALUE(unit)%%>', htmlspecialchars($row['unit'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(unit)%%>', urlencode($urow['unit']), $templateCode); $templateCode = str_replace('<%%VALUE(type)%%>', htmlspecialchars($row['type'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(type)%%>', urlencode($urow['type']), $templateCode); $templateCode = str_replace('<%%VALUE(total_number_of_occupants)%%>', htmlspecialchars($row['total_number_of_occupants'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(total_number_of_occupants)%%>', urlencode($urow['total_number_of_occupants']), $templateCode); $templateCode = str_replace('<%%VALUE(start_date)%%>', @date('m/d/Y', @strtotime(htmlspecialchars($row['start_date'], ENT_QUOTES))), $templateCode); $templateCode = str_replace('<%%URLVALUE(start_date)%%>', urlencode(@date('m/d/Y', @strtotime(htmlspecialchars($urow['start_date'], ENT_QUOTES)))), $templateCode); $templateCode = str_replace('<%%VALUE(end_date)%%>', @date('m/d/Y', @strtotime(htmlspecialchars($row['end_date'], ENT_QUOTES))), $templateCode); $templateCode = str_replace('<%%URLVALUE(end_date)%%>', urlencode(@date('m/d/Y', @strtotime(htmlspecialchars($urow['end_date'], ENT_QUOTES)))), $templateCode); $templateCode = str_replace('<%%VALUE(recurring_charges_frequency)%%>', htmlspecialchars($row['recurring_charges_frequency'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(recurring_charges_frequency)%%>', urlencode($urow['recurring_charges_frequency']), $templateCode); $templateCode = str_replace('<%%VALUE(next_due_date)%%>', @date('m/d/Y', @strtotime(htmlspecialchars($row['next_due_date'], ENT_QUOTES))), $templateCode); $templateCode = str_replace('<%%URLVALUE(next_due_date)%%>', urlencode(@date('m/d/Y', @strtotime(htmlspecialchars($urow['next_due_date'], ENT_QUOTES)))), $templateCode); $templateCode = str_replace('<%%VALUE(rent)%%>', htmlspecialchars($row['rent'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(rent)%%>', urlencode($urow['rent']), $templateCode); $templateCode = str_replace('<%%VALUE(security_deposit)%%>', htmlspecialchars($row['security_deposit'], ENT_QUOTES), $templateCode); $templateCode = str_replace('<%%URLVALUE(security_deposit)%%>', urlencode($urow['security_deposit']), $templateCode); $templateCode = str_replace('<%%VALUE(security_deposit_date)%%>', @date('m/d/Y', @strtotime(htmlspecialchars($row['security_deposit_date'], ENT_QUOTES))), $templateCode); $templateCode = str_replace('<%%URLVALUE(security_deposit_date)%%>', urlencode(@date('m/d/Y', @strtotime(htmlspecialchars($urow['security_deposit_date'], ENT_QUOTES)))), $templateCode); if ($dvprint) { $templateCode = str_replace('<%%VALUE(emergency_contact)%%>', nl2br(htmlspecialchars($row['emergency_contact'], ENT_QUOTES)), $templateCode); } else { $templateCode = str_replace('<%%VALUE(emergency_contact)%%>', htmlspecialchars($row['emergency_contact'], ENT_QUOTES), $templateCode); } $templateCode = str_replace('<%%URLVALUE(emergency_contact)%%>', urlencode($urow['emergency_contact']), $templateCode); if ($dvprint) { $templateCode = str_replace('<%%VALUE(co_signer_details)%%>', nl2br(htmlspecialchars($row['co_signer_details'], ENT_QUOTES)), $templateCode); } else { $templateCode = str_replace('<%%VALUE(co_signer_details)%%>', htmlspecialchars($row['co_signer_details'], ENT_QUOTES), $templateCode); } $templateCode = str_replace('<%%URLVALUE(co_signer_details)%%>', urlencode($urow['co_signer_details']), $templateCode); if ($AllowUpdate || $AllowInsert) { $templateCode = str_replace('<%%HTMLAREA(notes)%%>', '<textarea name="notes" id="notes" rows="5">' . htmlspecialchars($row['notes'], ENT_QUOTES) . '</textarea>', $templateCode); } else { $templateCode = str_replace('<%%HTMLAREA(notes)%%>', $row['notes'], $templateCode); } $templateCode = str_replace('<%%VALUE(notes)%%>', nl2br($row['notes']), $templateCode); $templateCode = str_replace('<%%URLVALUE(notes)%%>', urlencode($urow['notes']), $templateCode); $templateCode = str_replace('<%%CHECKED(agreement)%%>', $row['agreement'] ? "checked" : "", $templateCode); } else { $templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(tenants)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(tenants)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(status)%%>', 'Application', $templateCode); $templateCode = str_replace('<%%URLVALUE(status)%%>', urlencode('Application'), $templateCode); $templateCode = str_replace('<%%VALUE(property)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(property)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(unit)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(unit)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(type)%%>', 'Fixed', $templateCode); $templateCode = str_replace('<%%URLVALUE(type)%%>', urlencode('Fixed'), $templateCode); $templateCode = str_replace('<%%VALUE(total_number_of_occupants)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(total_number_of_occupants)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(start_date)%%>', '1', $templateCode); $templateCode = str_replace('<%%URLVALUE(start_date)%%>', urlencode('1'), $templateCode); $templateCode = str_replace('<%%VALUE(end_date)%%>', '1', $templateCode); $templateCode = str_replace('<%%URLVALUE(end_date)%%>', urlencode('1'), $templateCode); $templateCode = str_replace('<%%VALUE(recurring_charges_frequency)%%>', 'Monthly', $templateCode); $templateCode = str_replace('<%%URLVALUE(recurring_charges_frequency)%%>', urlencode('Monthly'), $templateCode); $templateCode = str_replace('<%%VALUE(next_due_date)%%>', '1', $templateCode); $templateCode = str_replace('<%%URLVALUE(next_due_date)%%>', urlencode('1'), $templateCode); $templateCode = str_replace('<%%VALUE(rent)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(rent)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(security_deposit)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(security_deposit)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(security_deposit_date)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(security_deposit_date)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(emergency_contact)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(emergency_contact)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%VALUE(co_signer_details)%%>', '', $templateCode); $templateCode = str_replace('<%%URLVALUE(co_signer_details)%%>', urlencode(''), $templateCode); $templateCode = str_replace('<%%HTMLAREA(notes)%%>', '<textarea name="notes" id="notes" rows="5"></textarea>', $templateCode); $templateCode = str_replace('<%%CHECKED(agreement)%%>', '', $templateCode); } // process translations foreach ($Translation as $symbol => $trans) { $templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode); } // clear scrap $templateCode = str_replace('<%%', '<!-- ', $templateCode); $templateCode = str_replace('%%>', ' -->', $templateCode); // hide links to inaccessible tables if ($_POST['dvprint_x'] == '') { $templateCode .= "\n\n<script>\$j(function(){\n"; $arrTables = getTableList(); foreach ($arrTables as $name => $caption) { $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n"; $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n"; $templateCode .= "\t\$j('[id^=\"{$name}_plink\"]').removeClass('hidden');\n"; } $templateCode .= $jsReadOnly; $templateCode .= $jsEditable; if (!$selected_id) { } $templateCode .= "\n});</script>\n"; } // ajaxed auto-fill fields $templateCode .= '<script>'; $templateCode .= '$j(function() {'; $templateCode .= "});"; $templateCode .= "</script>"; $templateCode .= $lookups; // handle enforced parent values for read-only lookup fields // don't include blank images in lightbox gallery $templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode); // don't display empty email links $templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode); // hook: applications_leases_dv if (function_exists('applications_leases_dv')) { $args = array(); applications_leases_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args); } return $templateCode; }