@ini_set("display_errors", "1"); @ini_set("display_startup_errors", "1"); session_cache_limiter("none"); include "include/dbcommon.php"; header("Expires: Thu, 01 Jan 1970 00:00:01 GMT"); set_time_limit(600); include "include/pad_pad_spt_type_variables.php"; include "include/import_functions.php"; $strOriginalTableName = "\"pad\".\"pad_spt_type\""; if (!isLogged()) { $_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"]; header("Location: login.php?message=expired"); return; } if (CheckPermissionsEvent($strTableName, 'I') && !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Import")) { echo "<p>" . "You don't have permissions to access this table" . "<a href=\"login.php\">" . "Back to login page" . "</a></p>"; return; } $cipherer = new RunnerCipherer($strTableName); // keys array $keys[] = AddFieldWrappers("id"); $keys_present = 1; $total_records = 0; $goodlines = 0; // Create audit object $auditObj = GetAuditObject($strTableName); function getFieldNamesByHeaders($fields) { global $strTableName, $conn, $strOriginalTableName, $ext, $gSettings; // check fields in column headers
<?php @ini_set("display_errors", "1"); @ini_set("display_startup_errors", "1"); include "include/dbcommon.php"; header("Expires: Thu, 01 Jan 1970 00:00:01 GMT"); include "include/pad_pad_customer_variables.php"; $mode = postvalue("mode"); if (!isLogged()) { return; } if (!CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) { return; } $cipherer = new RunnerCipherer($strTableName); include 'include/xtempl.php'; $xt = new Xtempl(); $layout = new TLayout("detailspreview", "RoundedGreen", "MobileGreen"); $layout->blocks["bare"] = array(); $layout->containers["dcount"] = array(); $layout->containers["dcount"][] = array("name" => "detailspreviewheader", "block" => "", "substyle" => 1); $layout->containers["dcount"][] = array("name" => "detailspreviewdetailsfount", "block" => "", "substyle" => 1); $layout->containers["dcount"][] = array("name" => "detailspreviewdispfirst", "block" => "display_first", "substyle" => 1); $layout->skins["dcount"] = "empty"; $layout->blocks["bare"][] = "dcount"; $layout->containers["detailspreviewgrid"] = array(); $layout->containers["detailspreviewgrid"][] = array("name" => "detailspreviewfields", "block" => "details_data", "substyle" => 1); $layout->skins["detailspreviewgrid"] = "grid"; $layout->blocks["bare"][] = "detailspreviewgrid"; $page_layouts["pad_pad_customer_detailspreview"] = $layout; $recordsCounter = 0;
include "include/public_tmp_bank_2013_variables.php"; include 'classes/runnerpage.php'; include 'classes/listpage.php'; include "classes/searchpanel.php"; include "classes/searchcontrol.php"; include "classes/searchclause.php"; include "classes/panelsearchcontrol.php"; if (!isLogged()) { $_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"]; header("Location: login.php?message=expired"); return; } if (isLoggedAsGuest()) { $_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"]; } if (CheckPermissionsEvent($strTableName, 'S') && !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search") && !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Add")) { if (IsAdmin()) { echo "<p>" . "You don't have permissions to access this table" . "<br><a href=\"admin_rights_list.php\">" . "Proceed to Admin Area" . "</a> " . "to set up user permissions" . "</p>"; } else { echo "<p>" . "You don't have permissions to access this table" . " <a href=\"login.php\">" . "Back to login page" . "</a></p>"; } exit; } $layout = new TLayout("list2", "RoundedGreen", "MobileGreen"); $layout->blocks["center"] = array(); $layout->skins["recordcontrols"] = "1"; $layout->blocks["center"][] = "recordcontrols"; $layout->containers["message"] = array(); $layout->containers["message"][] = array("name" => "message", "block" => "message_block", "substyle" => 1); $layout->skins["message"] = "2"; $layout->blocks["center"][] = "message";
$returnJSON['settings'] = $pageObject->jsSettings; } $xt->assign("style_block", true); $xt->assign("stylefiles_block", true); $editlink = ""; $editkeys = array(); $editkeys["editid1"] = postvalue("editid1"); foreach ($editkeys as $key => $val) { if ($editlink) { $editlink .= "&"; } $editlink .= $key . "=" . $val; } $xt->assign("editlink_attrs", "id=\"editLink" . $id . "\" name=\"editLink" . $id . "\" onclick=\"window.location.href='pad_pad_customer_edit.php?" . $editlink . "'\""); $strPerm = GetUserPermissions($strTableName); if (CheckSecurity($ownerIdValue, "Edit") && !$inlineview && strpos($strPerm, "E") !== false) { $xt->assign("edit_button", true); } else { $xt->assign("edit_button", false); } if (!$pdf && !$all && !$inlineview) { ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// //Begin show Next Prev button $nextlink = $prevlink = ""; if (count($next)) { $xt->assign("next_button", true); $nextlink .= "editid1=" . htmlspecialchars(rawurlencode($next[1 - 1])); $xt->assign("nextbutton_attrs", "id=\"nextButton" . $id . "\""); } else { $xt->assign("next_button", false); }
/** * @intellisense */ function GetImageFromDB($gQuery, $forPDF = false, $params = array()) { global $cman; if (!$forPDF) { $table = postvalue("table"); $strTableName = GetTableByShort($table); $settings = new ProjectSettings($strTableName); if (!checkTableName($table)) { return ''; } @ini_set("display_errors", "1"); @ini_set("display_startup_errors", "1"); if (!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) { HeaderRedirect("login"); return; } $field = postvalue("field"); if (!$settings->checkFieldPermissions($field)) { return DisplayNoImage(); } // construct sql $keysArr = $settings->getTableKeys(); $keys = array(); foreach ($keysArr as $ind => $k) { $keys[$k] = postvalue("key" . ($ind + 1)); } } else { $table = @$params["table"]; $strTableName = GetTableByShort($table); if (!checkTableName($table)) { exit(0); } $settings = new ProjectSettings($strTableName); $field = @$params["field"]; // construct sql $keysArr = $settings->getTableKeys(); $keys = array(); foreach ($keysArr as $ind => $k) { $keys[$k] = @$params["key" . ($ind + 1)]; } } $connection = $cman->byTable($strTableName); if (!$gQuery->HasGroupBy()) { // Do not select any fields except current (image) field. // If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off. // Just don't do anything in that case. $gQuery->RemoveAllFieldsExcept($settings->getFieldIndex($field)); } $where = KeyWhere($keys); $secOpt = $settings->getAdvancedSecurityType(); if ($secOpt == ADVSECURITY_VIEW_OWN) { $where = whereAdd($where, SecuritySQL("Search")); } $sql = $gQuery->gSQLWhere($where); $data = $connection->query($sql)->fetchAssoc(); if ($forPDF) { if ($data) { return $data[$field]; } } else { if (!$data) { return DisplayNoImage(); } if (postvalue('src') == 1) { $value = myfile_get_contents('images/icons/jpg.png'); } else { $value = $connection->stripSlashesBinary($data[$field]); } if (!$value) { if (postvalue("alt")) { $value = $connection->stripSlashesBinary($data[postvalue("alt")]); if (!$value) { return DisplayNoImage(); } } else { return DisplayNoImage(); } } $itype = SupposeImageType($value); if (!$itype) { return DisplayFile(); } if (!isset($pdf)) { header("Content-Type: " . $itype); header("Cache-Control: private"); SendContentLength(strlen_bin($value)); } echoBinary($value); return ''; } }
include "include/dbcommon.php"; add_nocache_headers(); include "include/Electricity_Rates_variables.php"; include "classes/searchcontrol.php"; include "classes/advancedsearchcontrol.php"; include "classes/panelsearchcontrol.php"; include "classes/searchclause.php"; $sessionPrefix = $strTableName; //Basic includes js files $includes = ""; // predefined fields num $predefFieldNum = 0; $chrt_array = array(); $rpt_array = array(); // check if logged in if (!@$_SESSION["UserID"] || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search") && !@$chrt_array['status'] && !@$rpt_array['status'] || @$rpt_array['status'] == "private" && @$rpt_array['owner'] != @$_SESSION["UserID"] || @$chrt_array['status'] == "private" && @$chrt_array['owner'] != @$_SESSION["UserID"]) { $_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"]; header("Location: login.php?message=expired"); return; } $layout = new TLayout("search2", "BoldOrange", "MobileOrange"); $layout->blocks["top"] = array(); $layout->containers["search"] = array(); $layout->containers["search"][] = array("name" => "srchheader", "block" => "", "substyle" => 2); $layout->containers["search"][] = array("name" => "srchconditions", "block" => "conditions_block", "substyle" => 1); $layout->containers["search"][] = array("name" => "wrapper", "block" => "", "substyle" => 1); $layout->containers["fields"] = array(); $layout->containers["fields"][] = array("name" => "srchfields", "block" => "", "substyle" => 1); $layout->containers["fields"][] = array("name" => "srchbuttons", "block" => "", "substyle" => 2); $layout->skins["fields"] = "fields"; $layout->skins["search"] = "1";
/** * Fills list grid.This method use many other methods * */ function fillGridData() { global $globalEvents; $totals = array(); // fill $rowinfo array $rowinfo = array(); $this->fillGridShowInfo($rowinfo); // add grid data $rowClass = false; $data = $this->beforeProccessRow(); $lockRecIds = array(); $this->googleMapCfg['viewLinkBase'] = $this->shortTableName . "_view.php?"; $tKeys = $this->pSet->getTableKeys(); $this->controlsMap['gridRows'] = array(); for ($i = 0; $i < count($this->listFields); $i++) { $this->recordFieldTypes[$this->listFields[$i]['fName']] = $this->pSet->getFieldType($this->listFields[$i]["fName"]); } while ($data && ($this->recNo <= $this->pageSize || $this->pageSize == -1)) { $row = array(); if (!$this->isVerLayout) { $row["rowclass"] = ""; if (!$rowClass) { $row["rowclass"] .= "interlaced"; $rowClass = true; } else { $rowClass = false; } } $row["grid_record"] = array(); $row["grid_record"]["data"] = array(); $this->rowId++; for ($col = 1; $data && ($this->recNo <= $this->pageSize || $this->pageSize == -1) && $col <= $this->colsOnPage; $col++) { $this->countTotals($totals, $data); $record = array(); $this->genId(); $row["rowattrs"] = " id=\"gridRow" . $this->recId . "\""; $gridRowInd = count($this->controlsMap['gridRows']); $this->controlsMap['gridRows'][$gridRowInd]['id'] = $this->recId; $this->controlsMap['gridRows'][$gridRowInd]['rowInd'] = $gridRowInd; $isEditable = $this->permis[$this->tName]['edit'] && CheckSecurity($data[$this->mainTableOwnerID], "Edit"); if ($globalEvents->exists("IsRecordEditable", $this->tName)) { $isEditable = $globalEvents->IsRecordEditable($data, $isEditable, $this->tName); } $this->controlsMap['gridRows'][$gridRowInd]['isEditOwnRow'] = $isEditable; for ($i = 0; $i < count($tKeys); $i++) { $this->controlsMap['gridRows'][$gridRowInd]['keyFields'][$i] = $tKeys[$i]; $this->controlsMap['gridRows'][$gridRowInd]['keys'][$i] = $data[$tKeys[$i]]; } $record["edit_link"] = $isEditable; $record["inlineedit_link"] = $isEditable; $record["view_link"] = $this->permis[$this->tName]['search']; $record["copy_link"] = $this->permis[$this->tName]['add']; //for list icons instead of list links if ($col == 1) { $this->countWidthListIcons(''); } //get record id for locking record if ($this->lockingObj) { if ($this->mode == LIST_SIMPLE && !count($this->lockDelRec) && isset($_SESSION[$this->sessionPrefix . "_lockDelRec"])) { $this->lockDelRec = $_SESSION[$this->sessionPrefix . "_lockDelRec"]; unset($_SESSION[$this->sessionPrefix . "_lockDelRec"]); } for ($i = 0; $i < count($this->lockDelRec); $i++) { $lockDelRec = true; foreach ($this->lockDelRec[$i] as $key => $val) { if ($data[$key] != $val) { $lockDelRec = false; break; } } if ($lockDelRec) { $lockRecIds[] = $this->recId; break; } } } // detail tables $this->proccessDetailGridInfo($record, $data, $gridRowInd); // key fields $keyblock = ""; $editlink = ""; $copylink = ""; $keylink = ""; $keys = array(); //to open view pages in popup clicking on markers for ($i = 0; $i < count($tKeys); $i++) { if ($i != 0) { $keyblock .= "&"; $editlink .= "&"; $copylink .= "&"; } $keyblock .= rawurlencode($data[$tKeys[$i]]); $editlink .= "editid" . ($i + 1) . "=" . htmlspecialchars(rawurlencode($data[$tKeys[$i]])); $copylink .= "copyid" . ($i + 1) . "=" . htmlspecialchars(rawurlencode($data[$tKeys[$i]])); $keylink .= "&key" . ($i + 1) . "=" . htmlspecialchars(rawurlencode(@$data[$tKeys[$i]])); $keys[$i] = $data[$tKeys[$i]]; } $record["editlink_attrs"] = "id=\"editLink" . $this->recId . "\" name=\"editLink" . $this->recId . "\" href='" . $this->shortTableName . "_edit.php?" . $editlink . "'"; $record["inlineeditlink_attrs"] = "id=\"iEditLink" . $this->recId . "\" name=\"iEditLink" . $this->recId . "\" href='" . $this->shortTableName . "_edit.php?" . $editlink . "'"; $record["copylink_attrs"] = "id=\"copyLink" . $this->recId . "\" name=\"copyLink" . $this->recId . "\" href='" . $this->shortTableName . "_add.php?" . $copylink . "'"; $record["viewlink_attrs"] = "id=\"viewLink" . $this->recId . "\" name=\"viewLink" . $this->recId . "\" href='" . $this->shortTableName . "_view.php?" . $editlink . "'"; $viewLink = $this->shortTableName . "_view.php?" . $editlink; $this->fillCheckAttr($record, $data, $keyblock); if ($this->googleMapCfg['isUseMainMaps']) { $this->addBigGoogleMapMarkers($data, $keys, $viewLink); } for ($i = 0; $i < count($this->listFields); $i++) { // call addGoogleMapData before call proccessRecordValue!!! if (in_array($i, $this->gMapFields)) { $this->addGoogleMapData($this->listFields[$i]['fName'], $data, $keys, $viewLink); } $record[$this->listFields[$i]['valueFieldName']] = $this->proccessRecordValue($data, $keylink, $this->listFields[$i]); } if ($this->eventExists("BeforeMoveNextList")) { $this->eventsObject->BeforeMoveNextList($data, $row, $record, $this); } $this->spreadRowStyle($data, $row, $record); $this->recIds[] = $this->recId; $this->addSpansForGridCells('edit', $record, $data); for ($i = 0; $i < count($this->listFields); $i++) { $record[GoodFieldName($this->listFields[$i]['fName']) . "_class"] .= $this->fieldClass($this->listFields[$i]['fName']); } if ($col < $this->colsOnPage) { $record["endrecord_block"] = true; } $record["grid_recordheader"] = true; $record["grid_vrecord"] = true; $row["grid_record"]["data"][] = $record; $data = $this->beforeProccessRow(); $this->recNo++; } while ($col <= $this->colsOnPage) { $record = array(); if ($col < $this->colsOnPage) { $record["endrecord_block"] = true; } $row["grid_record"]["data"][] = $record; $col++; } // assign row spacings for vertical layout $row["grid_rowspace"] = true; $row["grid_recordspace"] = array("data" => array()); for ($i = 0; $i < $this->colsOnPage * 2 - 1; $i++) { $row["grid_recordspace"]["data"][] = true; } $rowinfo["data"][] = $row; } if ($this->lockingObj) { $this->jsSettings['tableSettings'][$this->tName]['lockRecIds'] = $lockRecIds; } if (count($rowinfo["data"])) { $rowinfo["data"][count($rowinfo["data"]) - 1]["grid_rowspace"] = false; if ($this->isVerLayout && $this->is508) { $rowinfo["begin"] = "<caption style=\"display:none\">Table data</caption>"; } $this->xt->assignbyref("grid_row", $rowinfo); } $this->buildTotals($totals); }
include "include/dbcommon.php"; add_nocache_headers(); include "include/public_tmp_bank2_variables.php"; include "classes/searchcontrol.php"; include "classes/advancedsearchcontrol.php"; include "classes/panelsearchcontrol.php"; include "classes/searchclause.php"; $sessionPrefix = $strTableName; //Basic includes js files $includes = ""; // predefined fields num $predefFieldNum = 0; $chrt_array = array(); $rpt_array = array(); // check if logged in if (!isLogged() || CheckPermissionsEvent($strTableName, 'S') && !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search") && !@$chrt_array['status'] && !@$rpt_array['status'] || @$rpt_array['status'] == "private" && @$rpt_array['owner'] != @$_SESSION["UserID"] || @$chrt_array['status'] == "private" && @$chrt_array['owner'] != @$_SESSION["UserID"]) { $_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"]; header("Location: login.php?message=expired"); return; } $layout = new TLayout("search2", "RoundedGreen", "MobileGreen"); $layout->blocks["top"] = array(); $layout->containers["search"] = array(); $layout->containers["search"][] = array("name" => "srchheader", "block" => "", "substyle" => 2); $layout->containers["search"][] = array("name" => "srchconditions", "block" => "conditions_block", "substyle" => 1); $layout->containers["search"][] = array("name" => "wrapper", "block" => "", "substyle" => 1, "container" => "fields"); $layout->containers["fields"] = array(); $layout->containers["fields"][] = array("name" => "srchfields", "block" => "", "substyle" => 1); $layout->skins["fields"] = "fields"; $layout->containers["search"][] = array("name" => "srchbuttons", "block" => "", "substyle" => 2); $layout->skins["search"] = "1";
/** * Assign buttons xt variables */ protected function prepareButtons() { global $globalEvents; if ($this->pdfMode) { return; } $this->prepareNextPrevButtons(); if ($this->mode == VIEW_DASHBOARD) { return; } if ($this->mode == VIEW_SIMPLE) { // back to list/menu buttons if ($this->pSet->hasListPage()) { $this->xt->assign("back_button", true); $this->xt->assign("backbutton_attrs", "id=\"backButton" . $this->id . "\""); $this->xt->assign("mbackbutton_attrs", "id=\"extraBackButton" . $this->id . "\""); } else { if ($this->isShowMenu()) { $this->xt->assign("back_button", true); $this->xt->assign("backbutton_attrs", "id=\"backToMenuButton" . $this->id . "\""); } } } if ($this->mode == VIEW_POPUP) { $this->xt->assign("close_button", true); $this->xt->assign("closebutton_attrs", "id=\"closeButton" . $this->id . "\""); } if ($this->pSet->hasEditPage() && $this->permis[$this->tName]['edit']) { $data = $this->getCurrentRecordInternal(); $editable = $this->permis[$this->tName]['edit'] && CheckSecurity($data[$this->pSet->getTableOwnerID()], "Edit"); if ($globalEvents->exists("IsRecordEditable", $this->tName)) { $editable = $globalEvents->IsRecordEditable($this->getCurrentRecordInternal(), $editable, $this->tName); } if ($editable) { $this->xt->assign("edit_page_button", true); $this->xt->assign("edit_page_button_attrs", "id=\"editPageButton" . $this->id . "\""); } } }
function GetImageFromDB($gQuery, $forPDF = false, $params = array()) { global $conn; if (!$forPDF) { $table = postvalue("table"); $strTableName = GetTableByShort($table); $settings = new ProjectSettings($strTableName); if (!checkTableName($table)) { return ''; } //include("include/".$table."_variables.php"); @ini_set("display_errors", "1"); @ini_set("display_startup_errors", "1"); if (!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) { header("Location: login.php"); return; } $field = postvalue("field"); if (!$settings->checkFieldPermissions($field)) { return DisplayNoImage(); } // construct sql $keysArr = $settings->getTableKeys(); $keys = array(); foreach ($keysArr as $ind => $k) { $keys[$k] = postvalue("key" . ($ind + 1)); } } else { $table = @$params["table"]; $strTableName = GetTableByShort($table); if (!checkTableName($table)) { exit(0); } $settings = new ProjectSettings($strTableName); $field = @$params["field"]; // construct sql $keysArr = $settings->getTableKeys(); $keys = array(); foreach ($keysArr as $ind => $k) { $keys[$k] = @$params["key" . ($ind + 1)]; } } if (!$gQuery->HasGroupBy()) { // Do not select any fields except current (image) field. // If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off. // Just don't do anything in that case. $gQuery->RemoveAllFieldsExcept($settings->getFieldIndex($field)); } $where = KeyWhere($keys); $sql = $gQuery->gSQLWhere($where); $rs = db_query($sql, $conn); if ($forPDF) { if ($rs && ($data = db_fetch_array($rs))) { return $data[$field]; } } else { if (!$rs || !($data = db_fetch_array($rs))) { return DisplayNoImage(); } if (postvalue('src') == 1 && strlen($data[$field]) > 51200) { $value = myfile_get_contents('images/icons/jpg.png'); } else { $value = db_stripslashesbinary($data[$field]); } if (!$value) { if (postvalue("alt")) { $value = db_stripslashesbinary($data[postvalue("alt")]); if (!$value) { return DisplayNoImage(); } } else { return DisplayNoImage(); } } $itype = SupposeImageType($value); if (!$itype) { return DisplayFile(); } if (!isset($pdf)) { header("Content-Type: " . $itype); header("Cache-Control: private"); SendContentLength(strlen_bin($value)); } echoBinary($value); return ''; } }
exit("You have no permissions for this action"); } } else { if (!$pSet->checkFieldPermissions($field) && ($pageType != PAGE_ADD || !$pSet->appearOnAddPage($field) && !$pSet->appearOnInlineAdd($field))) { exit("You have no permissions for this action"); } } if (!$isPDF) { add_nocache_headers(); } include_once "include/" . GetTableURL($strTableName) . "_variables.php"; // check if logged in if ($requestAction == 'POST') { $havePermission = CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Add") || CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Edit"); } else { $havePermission = CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search"); } if (!isLogged() && $pageType != PAGE_REGISTER || !$havePermission) { header("Location: login.php"); return; } require_once getabspath('classes/uploadhandler.php'); $upload_handler = new UploadHandler(getOptionsForMultiUpload($pSet, $field)); $upload_handler->pSet = $pSet; $upload_handler->field = $field; $upload_handler->table = $strTableName; $upload_handler->pageType = $pageType; switch ($requestAction) { case 'DELETE': printHeaders(); $formStamp = postvalue("formStamp");
$lookup = false; if ($mainTable && $mainField) { $lookup = true; } if (!checkTableName($table)) { exit(0); } require_once "include/" . $table . "_variables.php"; $pSet = new ProjectSettings(GetTableByShort($table), $pageType); $cipherer = new RunnerCipherer(GetTableByShort($table), $pSet); $_connection = $cman->byTable($strTableName); $lookupInRegisterPage = false; if (!in_array($field, $pSet->getListFields())) { $lookupInRegisterPage = false; } if ((!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) && !$lookupInRegisterPage) { $returnJSON = array("success" => false, "error" => ''); echo printJSON($returnJSON); return; } if (!$pSet->checkFieldPermissions($field)) { $returnJSON = array("success" => false, "error" => 'Error: You have not permission for read this text'); echo printJSON($returnJSON); return; } if (!$gQuery->HasGroupBy()) { // Do not select any fields except current (full text) field. // If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off. // Just don't do anything in that case. $gQuery->RemoveAllFieldsExcept($pSet->getFieldIndex($field)); }
/** * Fills list grid. This method use many other methods */ function fillGridData() { global $globalEvents; $totals = array(); // fill $rowinfo array $rowinfo = array(); $this->fillGridShowInfo($rowinfo); // add grid data $data = $this->beforeProccessRow(); $lockRecIds = array(); $tKeys = $this->pSet->getTableKeys(); $this->controlsMap['gridRows'] = array(); for ($i = 0; $i < count($this->listFields); $i++) { $this->recordFieldTypes[$this->listFields[$i]['fName']] = $this->pSet->getFieldType($this->listFields[$i]["fName"]); } while ($data && ($this->recNo <= $this->pageSize || $this->pageSize == -1)) { $row = array(); $row["grid_record"] = array(); $row["grid_record"]["data"] = array(); $this->rowId++; for ($col = 1; $data && ($this->recNo <= $this->pageSize || $this->pageSize == -1) && $col <= $this->colsOnPage; $col++) { $this->countTotals($totals, $data); $record = array(); $this->genId(); $row["rowattrs"] = " id=\"gridRow" . $this->recId . "\""; $gridRowInd = count($this->controlsMap['gridRows']); $this->controlsMap['gridRows'][$gridRowInd] = array(); $this->controlsMap['gridRows'][$gridRowInd]['id'] = $this->recId; $this->controlsMap['gridRows'][$gridRowInd]['rowInd'] = $gridRowInd; //Add the connection with containing row. It's important for vertical layout's multiple records per row mode $this->controlsMap['gridRows'][$gridRowInd]['contextRowId'] = $this->recId + $this->colsOnPage - $col; $isEditable = $this->permis[$this->tName]['edit'] && CheckSecurity($data[$this->mainTableOwnerID], "Edit", $this->tName) || $this->permis[$this->tName]['delete'] && CheckSecurity($data[$this->mainTableOwnerID], "Delete", $this->tName); if ($globalEvents->exists("IsRecordEditable", $this->tName)) { $isEditable = $globalEvents->IsRecordEditable($data, $isEditable, $this->tName); } $this->controlsMap['gridRows'][$gridRowInd]['isEditOwnRow'] = $isEditable; $this->controlsMap['gridRows'][$gridRowInd]['keyFields'] = array(); $this->controlsMap['gridRows'][$gridRowInd]['keys'] = array(); for ($i = 0; $i < count($tKeys); $i++) { $this->controlsMap['gridRows'][$gridRowInd]['keyFields'][$i] = $tKeys[$i]; $this->controlsMap['gridRows'][$gridRowInd]['keys'][$i] = $data[$tKeys[$i]]; } $record["edit_link"] = $isEditable; $record["inlineedit_link"] = $isEditable; $record["view_link"] = $this->permis[$this->tName]['search']; $record["copy_link"] = $this->permis[$this->tName]['add']; //get record id for locking record if ($this->lockingObj) { if ($this->mode == LIST_SIMPLE && !count($this->lockDelRec) && isset($_SESSION[$this->sessionPrefix . "_lockDelRec"])) { $this->lockDelRec = $_SESSION[$this->sessionPrefix . "_lockDelRec"]; unset($_SESSION[$this->sessionPrefix . "_lockDelRec"]); } for ($i = 0; $i < count($this->lockDelRec); $i++) { $lockDelRec = true; foreach ($this->lockDelRec[$i] as $key => $val) { if ($data[$key] != $val) { $lockDelRec = false; break; } } if ($lockDelRec) { $lockRecIds[] = $this->recId; break; } } } // detail tables $this->proccessDetailGridInfo($record, $data, $gridRowInd); // key fields $keyblock = ""; $editlink = ""; $copylink = ""; $keylink = ""; $keys = array(); //to open view pages in popup clicking on markers for ($i = 0; $i < count($tKeys); $i++) { if ($i != 0) { $keyblock .= "&"; $editlink .= "&"; $copylink .= "&"; } $keyblock .= rawurlencode($data[$tKeys[$i]]); $editlink .= "editid" . ($i + 1) . "=" . runner_htmlspecialchars(rawurlencode($data[$tKeys[$i]])); $copylink .= "copyid" . ($i + 1) . "=" . runner_htmlspecialchars(rawurlencode($data[$tKeys[$i]])); $keylink .= "&key" . ($i + 1) . "=" . runner_htmlspecialchars(rawurlencode(@$data[$tKeys[$i]])); $keys[$i] = $data[$tKeys[$i]]; } $this->recIds[] = $this->recId; $record["recordattrs"] = "data-record-id=\"" . $this->recId . "\""; $record["editlink_attrs"] = "id=\"editLink" . $this->recId . "\" name=\"editLink" . $this->recId . "\" href='" . GetTableLink($this->shortTableName, "edit", $editlink) . "'"; $record["copylink_attrs"] = "id=\"copyLink" . $this->recId . "\" name=\"copyLink" . $this->recId . "\" href='" . GetTableLink($this->shortTableName, "add", $copylink) . "'"; $record["viewlink_attrs"] = "id=\"viewLink" . $this->recId . "\" name=\"viewLink" . $this->recId . "\" href='" . GetTableLink($this->shortTableName, "view", $editlink) . "'"; $record["inlineeditlink_attrs"] = "id=\"iEditLink" . $this->recId . "\" name=\"iEditLink" . $this->recId . "\" href='" . GetTableLink($this->shortTableName, "edit", $editlink) . "'"; $this->fillCheckAttr($record, $data, $keyblock); if ($this->googleMapCfg['isUseMainMaps']) { $this->addBigGoogleMapMarkers($data, $keys, $editlink); } for ($i = 0; $i < count($this->listFields); $i++) { // call addGoogleMapData before call proccessRecordValue!!! if (in_array($i, $this->gMapFields)) { $this->addGoogleMapData($this->listFields[$i]['fName'], $data, $keys, $editlink); } $record[$this->listFields[$i]['valueFieldName']] = $this->proccessRecordValue($data, $keylink, $this->listFields[$i]); } $this->addSpansForGridCells('edit', $record, $data); if ($this->eventExists("BeforeMoveNextList")) { $this->eventsObject->BeforeMoveNextList($data, $row, $record, $this); } $this->spreadRowStyles($data, $row, $record); $this->setRowCssRules($record); for ($i = 0; $i < count($this->listFields); $i++) { $field = $this->listFields[$i]['fName']; $this->setRowClassNames($record, $field); $this->addHiddenColumnClasses($record, $field); } if ($col < $this->colsOnPage) { $record["endrecord_block"] = true; } $record["grid_recordheader"] = true; $record["grid_vrecord"] = true; //set the $row["grid_record"] value $this->setRowsGridRecord($row, $record); $data = $this->beforeProccessRow(); $this->recNo++; } if ($col <= $this->colsOnPage) { for ($gInd = 0; $gInd < $col - 1; $gInd++) { $this->controlsMap['gridRows'][$gridRowInd - $gInd]['contextRowId'] = $this->recId; } } while ($col <= $this->colsOnPage) { $record = array(); if ($col < $this->colsOnPage) { $record["endrecord_block"] = true; } if ($row["grid_record"]["data"]) { $row["grid_record"]["data"][] = $record; } $col++; } // assign row spacings for vertical layout $row["grid_rowspace"] = true; $row["grid_recordspace"] = array("data" => array()); for ($i = 0; $i < $this->colsOnPage * 2 - 1; $i++) { $row["grid_recordspace"]["data"][] = true; } $rowinfo["data"][] = $row; } if ($this->lockingObj) { $this->jsSettings['tableSettings'][$this->tName]['lockRecIds'] = $lockRecIds; } if (count($rowinfo["data"])) { $rowinfo["data"][count($rowinfo["data"]) - 1]["grid_rowspace"] = false; if ($this->listGridLayout == gltVERTICAL && $this->is508) { $rowinfo["begin"] = "<caption style=\"display:none\">Table data</caption>"; } $this->xt->assignbyref("grid_row", $rowinfo); } $this->buildTotals($totals); }
$xt->assign("header", false); $xt->assign("body", $pageObject->body); } $xt->assign("style_block", true); $pageObject->xt->assign("legend", true); $viewlink = ""; $viewkeys = array(); $viewkeys["editid1"] = postvalue("editid1"); foreach ($viewkeys as $key => $val) { if ($viewlink) { $viewlink .= "&"; } $viewlink .= $key . "=" . $val; } $xt->assign("viewlink_attrs", "id=\"viewButton" . $id . "\" name=\"viewButton" . $id . "\" onclick=\"window.location.href='app_modules_view.php?" . $viewlink . "'\""); if (CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search") && $inlineedit == EDIT_SIMPLE) { $xt->assign("view_button", true); } else { $xt->assign("view_button", false); } ///////////////////////////////////////////////////////////// //display the page ///////////////////////////////////////////////////////////// if ($eventObj->exists("BeforeShowEdit")) { $eventObj->BeforeShowEdit($xt, $templatefile, $data, $pageObject); } if ($inlineedit != EDIT_SIMPLE) { $returnJSON['controlsMap'] = $pageObject->controlsHTMLMap; $returnJSON['viewControlsMap'] = $pageObject->viewControlsHTMLMap; $returnJSON['settings'] = $pageObject->jsSettings; }
<?php @ini_set("display_errors", "1"); @ini_set("display_startup_errors", "1"); require_once "include/dbcommon.php"; $tableName = postvalue("tableName"); $pageType = postvalue("pageType"); $fieldName = postvalue("fieldName"); $fieldControlType = postvalue("fieldControlType"); $value = postvalue("value"); if (!checkTableName($tableName)) { exit(0); } require_once "include/" . $tableName . "_variables.php"; if ($pageType != PAGE_REGISTER && (!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search"))) { $returnJSON = array("success" => false, "error" => "Error: You have not permissions to read the " . $tableName . " table's data"); echo printJSON($returnJSON); return; } // set db connection $_connection = $cman->byTable($strTableName); $pSet = new ProjectSettings($strTableName, $pageType); $denyChecking = $pSet->allowDuplicateValues($fieldName); $denyChecking = $denyChecking && ($strTableName != "DashboardUsers" || $fieldName != $cUserNameField && $fieldName != $cEmailField); if ($denyChecking) { $returnJSON = array("success" => false, "error" => "Duplicated values are allowed"); echo printJSON($returnJSON); return; } $cipherer = new RunnerCipherer($strTableName, $pSet); if ($cipherer->isFieldEncrypted($fieldName)) {
@ini_set("display_errors", "1"); @ini_set("display_startup_errors", "1"); session_cache_limiter("none"); include "include/dbcommon.php"; header("Expires: Thu, 01 Jan 1970 00:00:01 GMT"); set_time_limit(600); include "include/Readings_variables.php"; include "include/import_functions.php"; $strOriginalTableName = "[dbo].[Readings]"; if (!@$_SESSION["UserID"]) { $_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"]; header("Location: login.php?message=expired"); return; } if (!CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Import")) { echo "<p>" . mlang_message("NO_PERMISSIONS") . "<a href=\"login.php\">" . mlang_message("BACK_TO_LOGIN") . "</a></p>"; return; } // keys array $keys[] = AddFieldWrappers("Record ID"); $keys_present = 1; $total_records = 0; $goodlines = 0; // Create audit object $auditObj = GetAuditObject($strTableName); function getFieldNamesByHeaders($fields) { global $strTableName, $conn, $strOriginalTableName, $ext; // check fields in column headers // check that we have labes in column headers
<?php include "include/dbcommon.php"; @ini_set("display_errors", "1"); @ini_set("display_startup_errors", "1"); add_nocache_headers(); include "include/Month_Billings_variables.php"; include 'include/xtempl.php'; include 'classes/addpage.php'; // check if logged in if (!@$_SESSION["UserID"] || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Add")) { $_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"]; header("Location: login.php?message=expired"); return; } if (sizeof($_POST) == 0 && postvalue('ferror')) { if (postvalue("inline")) { $returnJSON['success'] = false; $returnJSON['message'] = mlang_message("INLINE_ERROR"); $returnJSON['fatalError'] = true; echo "<textarea>" . htmlspecialchars(my_json_encode($returnJSON)) . "</textarea>"; exit; } else { if (postvalue("fly")) { echo -1; exit; } else { $_SESSION["message_add"] = "<< " . "Error occurred" . " >>"; } } }
<?php include "include/dbcommon.php"; @ini_set("display_errors", "1"); @ini_set("display_startup_errors", "1"); add_nocache_headers(); include "include/pad_pad_customer_variables.php"; include 'include/xtempl.php'; include 'classes/addpage.php'; global $globalEvents; // check if logged in if (!isLogged() || CheckPermissionsEvent($strTableName, 'A') && !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Add")) { $_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"]; header("Location: login.php?message=expired"); return; } if (sizeof($_POST) == 0 && postvalue('ferror')) { if (postvalue("inline")) { $returnJSON['success'] = false; $returnJSON['message'] = "Error occurred"; $returnJSON['fatalError'] = true; echo "<textarea>" . htmlspecialchars(my_json_encode($returnJSON)) . "</textarea>"; exit; } else { if (postvalue("fly")) { echo -1; exit; } else { $_SESSION["message_add"] = "<< " . "Error occurred" . " >>"; } }
/** * Prepare the detail preview data, fille coresssponding controls maps and * assign all required xt variables * @param String dpType * @param String dpTableName * @param Number dpId * @param &Array data */ public function setDetailPreview($dpType, $dpTableName, $dpId, &$data) { if ($this->pageType != PAGE_EDIT && $this->pageType != PAGE_VIEW && $this->pageType != PAGE_ADD || !CheckSecurity(@$_SESSION["_" . $dpTableName . "_OwnerID"], "Search")) { return; } if ($dpType == PAGE_CHART) { $this->setDetailChartOnEditView($dpTableName, $dpId, $data); } elseif ($dpType == PAGE_REPORT) { $this->setDetailReportOnEditView($dpTableName, $dpId, $data); } else { // $dpType == PAGE_LIST $this->setDetailList($dpTableName, $dpId, $data); } }