function customers_insert() { global $Translation; if ($_GET['insert_x'] != '') { $_POST = $_GET; } // mm: can member insert record? $arrPerm = getTablePermissions('customers'); if (!$arrPerm[1]) { return false; } $data['CustomerID'] = makeSafe($_POST['CustomerID']); if ($data['CustomerID'] == empty_lookup_value) { $data['CustomerID'] = ''; } $data['CompanyName'] = makeSafe($_POST['CompanyName']); if ($data['CompanyName'] == empty_lookup_value) { $data['CompanyName'] = ''; } $data['ContactName'] = makeSafe($_POST['ContactName']); if ($data['ContactName'] == empty_lookup_value) { $data['ContactName'] = ''; } $data['ContactTitle'] = makeSafe($_POST['ContactTitle']); if ($data['ContactTitle'] == empty_lookup_value) { $data['ContactTitle'] = ''; } $data['Address'] = br2nl(makeSafe($_POST['Address'])); $data['City'] = makeSafe($_POST['City']); if ($data['City'] == empty_lookup_value) { $data['City'] = ''; } $data['Region'] = makeSafe($_POST['Region']); if ($data['Region'] == empty_lookup_value) { $data['Region'] = ''; } $data['PostalCode'] = makeSafe($_POST['PostalCode']); if ($data['PostalCode'] == empty_lookup_value) { $data['PostalCode'] = ''; } $data['Country'] = makeSafe($_POST['Country']); if ($data['Country'] == empty_lookup_value) { $data['Country'] = ''; } $data['Phone'] = makeSafe($_POST['Phone']); if ($data['Phone'] == empty_lookup_value) { $data['Phone'] = ''; } $data['Fax'] = makeSafe($_POST['Fax']); if ($data['Fax'] == empty_lookup_value) { $data['Fax'] = ''; } if ($data['CustomerID'] == '') { echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Customer ID': " . $Translation['pkfield empty'] . '</div>'; exit; } // hook: customers_before_insert if (function_exists('customers_before_insert')) { $args = array(); if (!customers_before_insert($data, getMemberInfo(), $args)) { return false; } } $o = array('silentErrors' => true); sql('insert into `customers` set `CustomerID`=' . ($data['CustomerID'] !== '' && $data['CustomerID'] !== NULL ? "'{$data['CustomerID']}'" : 'NULL') . ', `CompanyName`=' . ($data['CompanyName'] !== '' && $data['CompanyName'] !== NULL ? "'{$data['CompanyName']}'" : 'NULL') . ', `ContactName`=' . ($data['ContactName'] !== '' && $data['ContactName'] !== NULL ? "'{$data['ContactName']}'" : 'NULL') . ', `ContactTitle`=' . ($data['ContactTitle'] !== '' && $data['ContactTitle'] !== NULL ? "'{$data['ContactTitle']}'" : 'NULL') . ', `Address`=' . ($data['Address'] !== '' && $data['Address'] !== NULL ? "'{$data['Address']}'" : 'NULL') . ', `City`=' . ($data['City'] !== '' && $data['City'] !== NULL ? "'{$data['City']}'" : 'NULL') . ', `Region`=' . ($data['Region'] !== '' && $data['Region'] !== NULL ? "'{$data['Region']}'" : 'NULL') . ', `PostalCode`=' . ($data['PostalCode'] !== '' && $data['PostalCode'] !== NULL ? "'{$data['PostalCode']}'" : 'NULL') . ', `Country`=' . ($data['Country'] !== '' && $data['Country'] !== NULL ? "'{$data['Country']}'" : 'NULL') . ', `Phone`=' . ($data['Phone'] !== '' && $data['Phone'] !== NULL ? "'{$data['Phone']}'" : 'NULL') . ', `Fax`=' . ($data['Fax'] !== '' && $data['Fax'] !== NULL ? "'{$data['Fax']}'" : 'NULL'), $o); if ($o['error'] != '') { echo $o['error']; echo "<a href=\"customers_view.php?addNew_x=1\">{$Translation['< back']}</a>"; exit; } $recID = $data['CustomerID']; // hook: customers_after_insert if (function_exists('customers_after_insert')) { $res = sql("select * from `customers` where `CustomerID`='" . makeSafe($recID) . "' limit 1", $eo); if ($row = db_fetch_assoc($res)) { $data = array_map('makeSafe', $row); } $data['selectedID'] = makeSafe($recID); $args = array(); if (!customers_after_insert($data, getMemberInfo(), $args)) { return get_magic_quotes_gpc() ? stripslashes($recID) : $recID; } } // mm: save ownership data sql("insert into membership_userrecords set tableName='customers', pkValue='{$recID}', memberID='" . getLoggedMemberID() . "', dateAdded='" . time() . "', dateUpdated='" . time() . "', groupID='" . getLoggedGroupID() . "'", $eo); return get_magic_quotes_gpc() ? stripslashes($recID) : $recID; }
function patients_update($selected_id) { global $Translation; if ($_GET['update_x'] != '') { $_POST = $_GET; } // mm: can member edit record? $arrPerm = getTablePermissions('patients'); $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='patients' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='patients' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { // allow update? // update allowed, so continue ... } else { return; } $data['last_name'] = makeSafe($_POST['last_name']); if ($data['last_name'] == '') { echo StyleSheet() . "\n\n<div class=\"Error\">{$Translation['error:']} 'Last name': {$Translation['field not null']}<br /><br />"; echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>'; exit; } $data['first_name'] = makeSafe($_POST['first_name']); if ($data['first_name'] == '') { echo StyleSheet() . "\n\n<div class=\"Error\">{$Translation['error:']} 'First name': {$Translation['field not null']}<br /><br />"; echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>'; exit; } $data['gender'] = makeSafe($_POST['gender']); if ($data['gender'] == '') { echo StyleSheet() . "\n\n<div class=\"Error\">{$Translation['error:']} 'Gender': {$Translation['field not null']}<br /><br />"; echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>'; exit; } $data['birth_date'] = makeSafe($_POST['birth_dateYear']) . '-' . makeSafe($_POST['birth_dateMonth']) . '-' . makeSafe($_POST['birth_dateDay']); $data['birth_date'] = parseMySQLDate($data['birth_date'], ''); $data['age'] = makeSafe($_POST['age']); $data['address'] = makeSafe($_POST['address']); $data['city'] = makeSafe($_POST['city']); $data['state'] = makeSafe($_POST['state']); $data['zip'] = makeSafe($_POST['zip']); $data['home_phone'] = makeSafe($_POST['home_phone']); $data['work_phone'] = makeSafe($_POST['work_phone']); $data['mobile'] = makeSafe($_POST['mobile']); $data['other_details'] = makeSafe($_POST['other_details']); $data['comments'] = makeSafe($_POST['comments']); $data['last_modified'] = parseCode('<%%editingDateTime%%>', false); $data['selectedID'] = makeSafe($selected_id); // hook: patients_before_update if (function_exists('patients_before_update')) { $args = array(); if (!patients_before_update($data, getMemberInfo(), $args)) { return FALSE; } } sql('update `patients` set `last_name`=' . ($data['last_name'] != '' ? "'{$data['last_name']}'" : 'NULL') . ', `first_name`=' . ($data['first_name'] != '' ? "'{$data['first_name']}'" : 'NULL') . ', `gender`=' . ($data['gender'] != '' ? "'{$data['gender']}'" : 'NULL') . ', `birth_date`=' . ($data['birth_date'] != '' ? "'{$data['birth_date']}'" : 'NULL') . ', `age`=' . ($data['age'] != '' ? "'{$data['age']}'" : 'NULL') . ', `address`=' . ($data['address'] != '' ? "'{$data['address']}'" : 'NULL') . ', `city`=' . ($data['city'] != '' ? "'{$data['city']}'" : 'NULL') . ', `state`=' . ($data['state'] != '' ? "'{$data['state']}'" : 'NULL') . ', `zip`=' . ($data['zip'] != '' ? "'{$data['zip']}'" : 'NULL') . ', `home_phone`=' . ($data['home_phone'] != '' ? "'{$data['home_phone']}'" : 'NULL') . ', `work_phone`=' . ($data['work_phone'] != '' ? "'{$data['work_phone']}'" : 'NULL') . ', `mobile`=' . ($data['mobile'] != '' ? "'{$data['mobile']}'" : 'NULL') . ', `other_details`=' . ($data['other_details'] != '' ? "'{$data['other_details']}'" : 'NULL') . ', `comments`=' . ($data['comments'] != '' ? "'{$data['comments']}'" : 'NULL') . ', `last_modified`=' . "'{$data['last_modified']}'" . " where `id`='" . makeSafe($selected_id) . "'"); // hook: patients_after_update if (function_exists('patients_after_update')) { $args = array(); if (!patients_after_update($data, getMemberInfo(), $args)) { return FALSE; } } // mm: update ownership data sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='patients' and pkValue='" . makeSafe($selected_id) . "'"); }
// display confirmation ?> <div style="width:500px; margin:0px auto; text-align:left;"> <div class="TableTitle"> <?php echo $Translation['password reset ready']; ?> </div> </div> <?php exit; } #_______________________________________________________________________________ # Step 1: get the username or email of the member who wants to reset his password #_______________________________________________________________________________ echo StyleSheet(); if ($_GET['emptyData']) { $highlight = "style=\"color: red;\""; } ?> <div align="center"> <form method="post" action="membership_passwordReset.php"> <table border="0" cellspacing="1" cellpadding="4" align="center" width="500"> <tr> <td colspan="2" class="TableHeader"> <div class="TableTitle"><?php echo $Translation['password reset']; ?> </div>
function shippers_update($selected_id) { global $Translation; if ($_GET['update_x'] != '') { $_POST = $_GET; } // mm: can member edit record? $arrPerm = getTablePermissions('shippers'); $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='shippers' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='shippers' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { // allow update? // update allowed, so continue ... } else { return false; } $data['CompanyName'] = makeSafe($_POST['CompanyName']); if ($data['CompanyName'] == empty_lookup_value) { $data['CompanyName'] = ''; } if ($data['CompanyName'] == '') { echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Company Name': {$Translation['field not null']}<br><br>"; echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>'; exit; } $data['Phone'] = makeSafe($_POST['Phone']); if ($data['Phone'] == empty_lookup_value) { $data['Phone'] = ''; } $data['selectedID'] = makeSafe($selected_id); // hook: shippers_before_update if (function_exists('shippers_before_update')) { $args = array(); if (!shippers_before_update($data, getMemberInfo(), $args)) { return false; } } $o = array('silentErrors' => true); sql('update `shippers` set `CompanyName`=' . ($data['CompanyName'] !== '' && $data['CompanyName'] !== NULL ? "'{$data['CompanyName']}'" : 'NULL') . ', `Phone`=' . ($data['Phone'] !== '' && $data['Phone'] !== NULL ? "'{$data['Phone']}'" : 'NULL') . " where `ShipperID`='" . makeSafe($selected_id) . "'", $o); if ($o['error'] != '') { echo $o['error']; echo '<a href="shippers_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>"; exit; } // hook: shippers_after_update if (function_exists('shippers_after_update')) { $res = sql("SELECT * FROM `shippers` WHERE `ShipperID`='{$data['selectedID']}' LIMIT 1", $eo); if ($row = db_fetch_assoc($res)) { $data = array_map('makeSafe', $row); } $data['selectedID'] = $data['ShipperID']; $args = array(); if (!shippers_after_update($data, getMemberInfo(), $args)) { return; } } // mm: update ownership data sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='shippers' and pkValue='" . makeSafe($selected_id) . "'", $eo); }
function symptoms_update($selected_id) { global $Translation; if ($_GET['update_x'] != '') { $_POST = $_GET; } // mm: can member edit record? $arrPerm = getTablePermissions('symptoms'); $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='symptoms' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='symptoms' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { // allow update? // update allowed, so continue ... } else { return; } $data['name'] = makeSafe($_POST['name']); if ($data['name'] == '') { echo StyleSheet() . "\n\n<div class=\"Error\">{$Translation['error:']} 'Name': {$Translation['field not null']}<br /><br />"; echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>'; exit; } $data['description'] = makeSafe($_POST['description']); $data['comments'] = makeSafe($_POST['comments']); $data['selectedID'] = makeSafe($selected_id); // hook: symptoms_before_update if (function_exists('symptoms_before_update')) { $args = array(); if (!symptoms_before_update($data, getMemberInfo(), $args)) { return FALSE; } } sql('update `symptoms` set `name`=' . ($data['name'] != '' ? "'{$data['name']}'" : 'NULL') . ', `description`=' . ($data['description'] != '' ? "'{$data['description']}'" : 'NULL') . ', `comments`=' . ($data['comments'] != '' ? "'{$data['comments']}'" : 'NULL') . " where `id`='" . makeSafe($selected_id) . "'"); // hook: symptoms_after_update if (function_exists('symptoms_after_update')) { $args = array(); if (!symptoms_after_update($data, getMemberInfo(), $args)) { return FALSE; } } // mm: update ownership data sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='symptoms' and pkValue='" . makeSafe($selected_id) . "'"); }
function entries_update($selected_id) { global $Translation; if ($_GET['update_x'] != '') { $_POST = $_GET; } // mm: can member edit record? $arrPerm = getTablePermissions('entries'); $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='entries' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='entries' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { // allow update? // update allowed, so continue ... } else { return false; } $data['created'] = parseMySQLDate('', '<%%creationDate%%>'); $data['report'] = makeSafe($_POST['report']); if ($data['report'] == empty_lookup_value) { $data['report'] = ''; } if ($data['report'] == '') { echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Report': {$Translation['field not null']}<br /><br />"; echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>'; exit; } $data['outcome_area'] = makeSafe($_POST['outcome']); if ($data['outcome_area'] == empty_lookup_value) { $data['outcome_area'] = ''; } $data['outcome'] = makeSafe($_POST['outcome']); if ($data['outcome'] == empty_lookup_value) { $data['outcome'] = ''; } $data['indicator'] = makeSafe($_POST['indicator']); if ($data['indicator'] == empty_lookup_value) { $data['indicator'] = ''; } $data['score'] = makeSafe($_POST['score']); if ($data['score'] == empty_lookup_value) { $data['score'] = ''; } $data['beneficiary_group'] = makeSafe($_POST['beneficiary_group']); if ($data['beneficiary_group'] == empty_lookup_value) { $data['beneficiary_group'] = ''; } $data['beneficiary_group_relevance'] = makeSafe($_POST['beneficiary_group_relevance']); if ($data['beneficiary_group_relevance'] == empty_lookup_value) { $data['beneficiary_group_relevance'] = ''; } $data['comment'] = br2nl(makeSafe($_POST['comment'])); $data['reference'] = makeSafe($_POST['reference']); if ($data['reference'] == empty_lookup_value) { $data['reference'] = ''; } $data['reliability'] = makeSafe($_POST['reliability']); if ($data['reliability'] == empty_lookup_value) { $data['reliability'] = ''; } $data['intentionality'] = makeSafe($_POST['intentionality']); if ($data['intentionality'] == empty_lookup_value) { $data['intentionality'] = ''; } $data['equivalence'] = makeSafe($_POST['equivalence']); if ($data['equivalence'] == empty_lookup_value) { $data['equivalence'] = ''; } $data['selectedID'] = makeSafe($selected_id); // hook: entries_before_update if (function_exists('entries_before_update')) { $args = array(); if (!entries_before_update($data, getMemberInfo(), $args)) { return false; } } $o = array('silentErrors' => true); sql('update `entries` set `created`=' . ($data['created'] != '' ? "'{$data['created']}'" : 'NULL') . ', `report`=' . ($data['report'] !== '' && $data['report'] !== NULL ? "'{$data['report']}'" : 'NULL') . ', `outcome_area`=' . ($data['outcome_area'] !== '' && $data['outcome_area'] !== NULL ? "'{$data['outcome_area']}'" : 'NULL') . ', `outcome`=' . ($data['outcome'] !== '' && $data['outcome'] !== NULL ? "'{$data['outcome']}'" : 'NULL') . ', `indicator`=' . ($data['indicator'] !== '' && $data['indicator'] !== NULL ? "'{$data['indicator']}'" : 'NULL') . ', `score`=' . ($data['score'] !== '' && $data['score'] !== NULL ? "'{$data['score']}'" : 'NULL') . ', `beneficiary_group`=' . ($data['beneficiary_group'] !== '' && $data['beneficiary_group'] !== NULL ? "'{$data['beneficiary_group']}'" : 'NULL') . ', `beneficiary_group_relevance`=' . ($data['beneficiary_group_relevance'] !== '' && $data['beneficiary_group_relevance'] !== NULL ? "'{$data['beneficiary_group_relevance']}'" : 'NULL') . ', `comment`=' . ($data['comment'] !== '' && $data['comment'] !== NULL ? "'{$data['comment']}'" : 'NULL') . ', `reference`=' . ($data['reference'] !== '' && $data['reference'] !== NULL ? "'{$data['reference']}'" : 'NULL') . ', `reliability`=' . ($data['reliability'] !== '' && $data['reliability'] !== NULL ? "'{$data['reliability']}'" : 'NULL') . ', `intentionality`=' . ($data['intentionality'] !== '' && $data['intentionality'] !== NULL ? "'{$data['intentionality']}'" : 'NULL') . ', `equivalence`=' . ($data['equivalence'] !== '' && $data['equivalence'] !== NULL ? "'{$data['equivalence']}'" : 'NULL') . " where `entry_id`='" . makeSafe($selected_id) . "'", $o); if ($o['error'] != '') { echo $o['error']; echo '<a href="entries_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>"; exit; } // hook: entries_after_update if (function_exists('entries_after_update')) { $res = sql("SELECT * FROM `entries` WHERE `entry_id`='{$data['selectedID']}' LIMIT 1", $eo); if ($row = mysql_fetch_assoc($res)) { $data = array_map('makeSafe', $row); } $data['selectedID'] = $data['entry_id']; $args = array(); if (!entries_after_update($data, getMemberInfo(), $args)) { return; } } // mm: update ownership data sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='entries' and pkValue='" . makeSafe($selected_id) . "'", $eo); }
function properties_update($selected_id) { global $Translation; if ($_GET['update_x'] != '') { $_POST = $_GET; } // mm: can member edit record? $arrPerm = getTablePermissions('properties'); $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='properties' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='properties' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { // allow update? // update allowed, so continue ... } else { return false; } $data['property_name'] = makeSafe($_POST['property_name']); if ($data['property_name'] == empty_lookup_value) { $data['property_name'] = ''; } if ($data['property_name'] == '') { echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Property Name': {$Translation['field not null']}<br><br>"; echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>'; exit; } $data['type'] = makeSafe($_POST['type']); if ($data['type'] == empty_lookup_value) { $data['type'] = ''; } if ($data['type'] == '') { echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Type': {$Translation['field not null']}<br><br>"; echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>'; exit; } $data['number_of_units'] = makeSafe($_POST['number_of_units']); if ($data['number_of_units'] == empty_lookup_value) { $data['number_of_units'] = ''; } $data['owner'] = makeSafe($_POST['owner']); if ($data['owner'] == empty_lookup_value) { $data['owner'] = ''; } $data['operating_account'] = makeSafe($_POST['operating_account']); if ($data['operating_account'] == empty_lookup_value) { $data['operating_account'] = ''; } $data['property_reserve'] = makeSafe($_POST['property_reserve']); if ($data['property_reserve'] == empty_lookup_value) { $data['property_reserve'] = ''; } $data['lease_term'] = makeSafe($_POST['lease_term']); if ($data['lease_term'] == empty_lookup_value) { $data['lease_term'] = ''; } $data['country'] = makeSafe($_POST['country']); if ($data['country'] == empty_lookup_value) { $data['country'] = ''; } $data['street'] = makeSafe($_POST['street']); if ($data['street'] == empty_lookup_value) { $data['street'] = ''; } $data['City'] = makeSafe($_POST['City']); if ($data['City'] == empty_lookup_value) { $data['City'] = ''; } $data['State'] = makeSafe($_POST['State']); if ($data['State'] == empty_lookup_value) { $data['State'] = ''; } $data['ZIP'] = makeSafe($_POST['ZIP']); if ($data['ZIP'] == empty_lookup_value) { $data['ZIP'] = ''; } $data['selectedID'] = makeSafe($selected_id); if ($_POST['photo_remove'] == 1) { $data['photo'] = ''; } else { $data['photo'] = PrepareUploadedFile('photo', 1024000, 'jpg|jpeg|gif|png', false, ""); if ($data['photo']) { createThumbnail($data['photo'], getThumbnailSpecs('properties', 'photo', 'tv')); } if ($data['photo']) { createThumbnail($data['photo'], getThumbnailSpecs('properties', 'photo', 'dv')); } } // hook: properties_before_update if (function_exists('properties_before_update')) { $args = array(); if (!properties_before_update($data, getMemberInfo(), $args)) { return false; } } $o = array('silentErrors' => true); sql('update `properties` set `property_name`=' . ($data['property_name'] !== '' && $data['property_name'] !== NULL ? "'{$data['property_name']}'" : 'NULL') . ', `type`=' . ($data['type'] !== '' && $data['type'] !== NULL ? "'{$data['type']}'" : 'NULL') . ', `number_of_units`=' . ($data['number_of_units'] !== '' && $data['number_of_units'] !== NULL ? "'{$data['number_of_units']}'" : 'NULL') . ', ' . ($data['photo'] != '' ? "`photo`='{$data['photo']}'" : ($_POST['photo_remove'] != 1 ? '`photo`=`photo`' : '`photo`=NULL')) . ', `owner`=' . ($data['owner'] !== '' && $data['owner'] !== NULL ? "'{$data['owner']}'" : 'NULL') . ', `country`=' . ($data['country'] !== '' && $data['country'] !== NULL ? "'{$data['country']}'" : 'NULL') . ', `street`=' . ($data['street'] !== '' && $data['street'] !== NULL ? "'{$data['street']}'" : 'NULL') . ', `City`=' . ($data['City'] !== '' && $data['City'] !== NULL ? "'{$data['City']}'" : 'NULL') . ', `State`=' . ($data['State'] !== '' && $data['State'] !== NULL ? "'{$data['State']}'" : 'NULL') . ', `ZIP`=' . ($data['ZIP'] !== '' && $data['ZIP'] !== NULL ? "'{$data['ZIP']}'" : 'NULL') . " where `id`='" . makeSafe($selected_id) . "'", $o); if ($o['error'] != '') { echo $o['error']; echo '<a href="properties_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>"; exit; } // hook: properties_after_update if (function_exists('properties_after_update')) { $res = sql("SELECT * FROM `properties` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo); if ($row = db_fetch_assoc($res)) { $data = array_map('makeSafe', $row); } $data['selectedID'] = $data['id']; $args = array(); if (!properties_after_update($data, getMemberInfo(), $args)) { return; } } // mm: update ownership data sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='properties' and pkValue='" . makeSafe($selected_id) . "'", $eo); }
function units_update($selected_id) { global $Translation; if ($_GET['update_x'] != '') { $_POST = $_GET; } // mm: can member edit record? $arrPerm = getTablePermissions('units'); $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='units' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='units' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { // allow update? // update allowed, so continue ... } else { return false; } $data['property'] = makeSafe($_POST['property']); if ($data['property'] == empty_lookup_value) { $data['property'] = ''; } $data['unit_number'] = makeSafe($_POST['unit_number']); if ($data['unit_number'] == empty_lookup_value) { $data['unit_number'] = ''; } $data['status'] = makeSafe($_POST['status']); if ($data['status'] == empty_lookup_value) { $data['status'] = ''; } if ($data['status'] == '') { echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Status': {$Translation['field not null']}<br><br>"; echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>'; exit; } $data['size'] = makeSafe($_POST['size']); if ($data['size'] == empty_lookup_value) { $data['size'] = ''; } $data['country'] = makeSafe($_POST['property']); if ($data['country'] == empty_lookup_value) { $data['country'] = ''; } $data['street'] = makeSafe($_POST['property']); if ($data['street'] == empty_lookup_value) { $data['street'] = ''; } $data['city'] = makeSafe($_POST['property']); if ($data['city'] == empty_lookup_value) { $data['city'] = ''; } $data['state'] = makeSafe($_POST['property']); if ($data['state'] == empty_lookup_value) { $data['state'] = ''; } $data['postal_code'] = makeSafe($_POST['property']); if ($data['postal_code'] == empty_lookup_value) { $data['postal_code'] = ''; } $data['rooms'] = makeSafe($_POST['rooms']); if ($data['rooms'] == empty_lookup_value) { $data['rooms'] = ''; } $data['bathroom'] = makeSafe($_POST['bathroom']); if ($data['bathroom'] == empty_lookup_value) { $data['bathroom'] = ''; } if (is_array($_POST['features'])) { $MultipleSeparator = ', '; foreach ($_POST['features'] as $k => $v) { $data['features'] .= makeSafe($v) . $MultipleSeparator; } $data['features'] = substr($data['features'], 0, -1 * strlen($MultipleSeparator)); } else { $data['features'] = ''; } $data['market_rent'] = makeSafe($_POST['market_rent']); if ($data['market_rent'] == empty_lookup_value) { $data['market_rent'] = ''; } $data['rental_amount'] = makeSafe($_POST['rental_amount']); if ($data['rental_amount'] == empty_lookup_value) { $data['rental_amount'] = ''; } $data['deposit_amount'] = makeSafe($_POST['deposit_amount']); if ($data['deposit_amount'] == empty_lookup_value) { $data['deposit_amount'] = ''; } $data['description'] = makeSafe($_POST['description']); if ($data['description'] == empty_lookup_value) { $data['description'] = ''; } $data['selectedID'] = makeSafe($selected_id); if ($_POST['photo_remove'] == 1) { $data['photo'] = ''; } else { $data['photo'] = PrepareUploadedFile('photo', 1024000, 'jpg|jpeg|gif|png', false, ""); if ($data['photo']) { createThumbnail($data['photo'], getThumbnailSpecs('units', 'photo', 'tv')); } if ($data['photo']) { createThumbnail($data['photo'], getThumbnailSpecs('units', 'photo', 'dv')); } } // hook: units_before_update if (function_exists('units_before_update')) { $args = array(); if (!units_before_update($data, getMemberInfo(), $args)) { return false; } } $o = array('silentErrors' => true); sql('update `units` set `property`=' . ($data['property'] !== '' && $data['property'] !== NULL ? "'{$data['property']}'" : 'NULL') . ', `unit_number`=' . ($data['unit_number'] !== '' && $data['unit_number'] !== NULL ? "'{$data['unit_number']}'" : 'NULL') . ', ' . ($data['photo'] != '' ? "`photo`='{$data['photo']}'" : ($_POST['photo_remove'] != 1 ? '`photo`=`photo`' : '`photo`=NULL')) . ', `status`=' . ($data['status'] !== '' && $data['status'] !== NULL ? "'{$data['status']}'" : 'NULL') . ', `size`=' . ($data['size'] !== '' && $data['size'] !== NULL ? "'{$data['size']}'" : 'NULL') . ', `country`=' . ($data['country'] !== '' && $data['country'] !== NULL ? "'{$data['country']}'" : 'NULL') . ', `street`=' . ($data['street'] !== '' && $data['street'] !== NULL ? "'{$data['street']}'" : 'NULL') . ', `city`=' . ($data['city'] !== '' && $data['city'] !== NULL ? "'{$data['city']}'" : 'NULL') . ', `state`=' . ($data['state'] !== '' && $data['state'] !== NULL ? "'{$data['state']}'" : 'NULL') . ', `postal_code`=' . ($data['postal_code'] !== '' && $data['postal_code'] !== NULL ? "'{$data['postal_code']}'" : 'NULL') . ', `rooms`=' . ($data['rooms'] !== '' && $data['rooms'] !== NULL ? "'{$data['rooms']}'" : 'NULL') . ', `bathroom`=' . ($data['bathroom'] !== '' && $data['bathroom'] !== NULL ? "'{$data['bathroom']}'" : 'NULL') . ', `features`=' . ($data['features'] !== '' && $data['features'] !== NULL ? "'{$data['features']}'" : 'NULL') . ', `rental_amount`=' . ($data['rental_amount'] !== '' && $data['rental_amount'] !== NULL ? "'{$data['rental_amount']}'" : 'NULL') . ', `description`=' . ($data['description'] !== '' && $data['description'] !== NULL ? "'{$data['description']}'" : 'NULL') . " where `id`='" . makeSafe($selected_id) . "'", $o); if ($o['error'] != '') { echo $o['error']; echo '<a href="units_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>"; exit; } // hook: units_after_update if (function_exists('units_after_update')) { $res = sql("SELECT * FROM `units` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo); if ($row = db_fetch_assoc($res)) { $data = array_map('makeSafe', $row); } $data['selectedID'] = $data['id']; $args = array(); if (!units_after_update($data, getMemberInfo(), $args)) { return; } } // mm: update ownership data sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='units' and pkValue='" . makeSafe($selected_id) . "'", $eo); }
function applicants_and_tenants_update($selected_id) { global $Translation; if ($_GET['update_x'] != '') { $_POST = $_GET; } // mm: can member edit record? $arrPerm = getTablePermissions('applicants_and_tenants'); $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='applicants_and_tenants' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='applicants_and_tenants' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { // allow update? // update allowed, so continue ... } else { return false; } $data['last_name'] = makeSafe($_POST['last_name']); if ($data['last_name'] == empty_lookup_value) { $data['last_name'] = ''; } $data['first_name'] = makeSafe($_POST['first_name']); if ($data['first_name'] == empty_lookup_value) { $data['first_name'] = ''; } $data['email'] = makeSafe($_POST['email']); if ($data['email'] == empty_lookup_value) { $data['email'] = ''; } $data['phone'] = makeSafe($_POST['phone']); if ($data['phone'] == empty_lookup_value) { $data['phone'] = ''; } $data['birth_date'] = intval($_POST['birth_dateYear']) . '-' . intval($_POST['birth_dateMonth']) . '-' . intval($_POST['birth_dateDay']); $data['birth_date'] = parseMySQLDate($data['birth_date'], ''); $data['driver_license_number'] = makeSafe($_POST['driver_license_number']); if ($data['driver_license_number'] == empty_lookup_value) { $data['driver_license_number'] = ''; } $data['driver_license_state'] = makeSafe($_POST['driver_license_state']); if ($data['driver_license_state'] == empty_lookup_value) { $data['driver_license_state'] = ''; } $data['requested_lease_term'] = makeSafe($_POST['requested_lease_term']); if ($data['requested_lease_term'] == empty_lookup_value) { $data['requested_lease_term'] = ''; } $data['monthly_gross_pay'] = makeSafe($_POST['monthly_gross_pay']); if ($data['monthly_gross_pay'] == empty_lookup_value) { $data['monthly_gross_pay'] = ''; } $data['additional_income'] = makeSafe($_POST['additional_income']); if ($data['additional_income'] == empty_lookup_value) { $data['additional_income'] = ''; } $data['assets'] = makeSafe($_POST['assets']); if ($data['assets'] == empty_lookup_value) { $data['assets'] = ''; } $data['status'] = makeSafe($_POST['status']); if ($data['status'] == empty_lookup_value) { $data['status'] = ''; } if ($data['status'] == '') { echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Status': {$Translation['field not null']}<br><br>"; echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>'; exit; } $data['notes'] = makeSafe($_POST['notes']); if ($data['notes'] == empty_lookup_value) { $data['notes'] = ''; } $data['selectedID'] = makeSafe($selected_id); // hook: applicants_and_tenants_before_update if (function_exists('applicants_and_tenants_before_update')) { $args = array(); if (!applicants_and_tenants_before_update($data, getMemberInfo(), $args)) { return false; } } $o = array('silentErrors' => true); sql('update `applicants_and_tenants` set `last_name`=' . ($data['last_name'] !== '' && $data['last_name'] !== NULL ? "'{$data['last_name']}'" : 'NULL') . ', `first_name`=' . ($data['first_name'] !== '' && $data['first_name'] !== NULL ? "'{$data['first_name']}'" : 'NULL') . ', `email`=' . ($data['email'] !== '' && $data['email'] !== NULL ? "'{$data['email']}'" : 'NULL') . ', `phone`=' . ($data['phone'] !== '' && $data['phone'] !== NULL ? "'{$data['phone']}'" : 'NULL') . ', `birth_date`=' . ($data['birth_date'] !== '' && $data['birth_date'] !== NULL ? "'{$data['birth_date']}'" : 'NULL') . ', `driver_license_number`=' . ($data['driver_license_number'] !== '' && $data['driver_license_number'] !== NULL ? "'{$data['driver_license_number']}'" : 'NULL') . ', `monthly_gross_pay`=' . ($data['monthly_gross_pay'] !== '' && $data['monthly_gross_pay'] !== NULL ? "'{$data['monthly_gross_pay']}'" : 'NULL') . ', `additional_income`=' . ($data['additional_income'] !== '' && $data['additional_income'] !== NULL ? "'{$data['additional_income']}'" : 'NULL') . ', `assets`=' . ($data['assets'] !== '' && $data['assets'] !== NULL ? "'{$data['assets']}'" : 'NULL') . ', `status`=' . ($data['status'] !== '' && $data['status'] !== NULL ? "'{$data['status']}'" : 'NULL') . " where `id`='" . makeSafe($selected_id) . "'", $o); if ($o['error'] != '') { echo $o['error']; echo '<a href="applicants_and_tenants_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>"; exit; } // hook: applicants_and_tenants_after_update if (function_exists('applicants_and_tenants_after_update')) { $res = sql("SELECT * FROM `applicants_and_tenants` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo); if ($row = db_fetch_assoc($res)) { $data = array_map('makeSafe', $row); } $data['selectedID'] = $data['id']; $args = array(); if (!applicants_and_tenants_after_update($data, getMemberInfo(), $args)) { return; } } // mm: update ownership data sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='applicants_and_tenants' and pkValue='" . makeSafe($selected_id) . "'", $eo); }
function tax_entry_update($selected_id) { global $Translation; if ($_GET['update_x'] != '') { $_POST = $_GET; } // mm: can member edit record? $arrPerm = getTablePermissions('tax_entry'); $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='tax_entry' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='tax_entry' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { // allow update? // update allowed, so continue ... } else { return false; } $data['created'] = parseMySQLDate('', '<%%creationDate%%>'); $data['report'] = makeSafe($_POST['report']); if ($data['report'] == empty_lookup_value) { $data['report'] = ''; } if ($data['report'] == '') { echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Report': {$Translation['field not null']}<br /><br />"; echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>'; exit; } $data['turnover'] = makeSafe($_POST['turnover']); if ($data['turnover'] == empty_lookup_value) { $data['turnover'] = ''; } $data['payroll_tax'] = makeSafe($_POST['payroll_tax']); if ($data['payroll_tax'] == empty_lookup_value) { $data['payroll_tax'] = ''; } $data['ni_contribution'] = makeSafe($_POST['ni_contribution']); if ($data['ni_contribution'] == empty_lookup_value) { $data['ni_contribution'] = ''; } $data['business_rates'] = makeSafe($_POST['business_rates']); if ($data['business_rates'] == empty_lookup_value) { $data['business_rates'] = ''; } $data['corporation_tax'] = makeSafe($_POST['corporation_tax']); if ($data['corporation_tax'] == empty_lookup_value) { $data['corporation_tax'] = ''; } $data['other_tax'] = makeSafe($_POST['other_tax']); if ($data['other_tax'] == empty_lookup_value) { $data['other_tax'] = ''; } $data['sum'] = makeSafe($_POST['sum']); if ($data['sum'] == empty_lookup_value) { $data['sum'] = ''; } $data['ratio'] = makeSafe($_POST['ratio']); if ($data['ratio'] == empty_lookup_value) { $data['ratio'] = ''; } $data['selectedID'] = makeSafe($selected_id); // hook: tax_entry_before_update if (function_exists('tax_entry_before_update')) { $args = array(); if (!tax_entry_before_update($data, getMemberInfo(), $args)) { return false; } } $o = array('silentErrors' => true); sql('update `tax_entry` set `created`=' . ($data['created'] != '' ? "'{$data['created']}'" : 'NULL') . ', `report`=' . ($data['report'] !== '' && $data['report'] !== NULL ? "'{$data['report']}'" : 'NULL') . ', `turnover`=' . ($data['turnover'] !== '' && $data['turnover'] !== NULL ? "'{$data['turnover']}'" : 'NULL') . ', `payroll_tax`=' . ($data['payroll_tax'] !== '' && $data['payroll_tax'] !== NULL ? "'{$data['payroll_tax']}'" : 'NULL') . ', `ni_contribution`=' . ($data['ni_contribution'] !== '' && $data['ni_contribution'] !== NULL ? "'{$data['ni_contribution']}'" : 'NULL') . ', `business_rates`=' . ($data['business_rates'] !== '' && $data['business_rates'] !== NULL ? "'{$data['business_rates']}'" : 'NULL') . ', `corporation_tax`=' . ($data['corporation_tax'] !== '' && $data['corporation_tax'] !== NULL ? "'{$data['corporation_tax']}'" : 'NULL') . ', `other_tax`=' . ($data['other_tax'] !== '' && $data['other_tax'] !== NULL ? "'{$data['other_tax']}'" : 'NULL') . ', `sum`=' . ($data['sum'] !== '' && $data['sum'] !== NULL ? "'{$data['sum']}'" : 'NULL') . ', `ratio`=' . ($data['ratio'] !== '' && $data['ratio'] !== NULL ? "'{$data['ratio']}'" : 'NULL') . " where `tax_entry_id`='" . makeSafe($selected_id) . "'", $o); if ($o['error'] != '') { echo $o['error']; echo '<a href="tax_entry_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>"; exit; } // hook: tax_entry_after_update if (function_exists('tax_entry_after_update')) { $res = sql("SELECT * FROM `tax_entry` WHERE `tax_entry_id`='{$data['selectedID']}' LIMIT 1", $eo); if ($row = mysql_fetch_assoc($res)) { $data = array_map('makeSafe', $row); } $data['selectedID'] = $data['tax_entry_id']; $args = array(); if (!tax_entry_after_update($data, getMemberInfo(), $args)) { return; } } // mm: update ownership data sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='tax_entry' and pkValue='" . makeSafe($selected_id) . "'", $eo); }
function PrepareUploadedFile($FieldName, $MaxSize, $FileTypes = 'jpg|jpeg|gif|png', $NoRename = false, $dir = "") { global $Translation; $f = $_FILES[$FieldName]; $dir = getUploadDir($dir); if ($f['error'] != 4 && $f['name'] != '') { if ($f['size'] > $MaxSize || $f['error']) { echo StyleSheet() . "<div class=Error>" . str_replace("<MaxSize>", intval($MaxSize / 1024), $Translation['file too large']) . ". <a href=" . $_SERVER['HTTP_REFERER'] . ">" . $Translation["< back"] . "</a>.</div>"; exit; } if (!preg_match('/\\.(' . $FileTypes . ')$/i', $f['name'], $ft)) { echo StyleSheet() . "<div class=Error>" . str_replace("<FileTypes>", str_replace('|', ', ', $FileTypes), $Translation['invalid file type']) . ". <a href=" . $_SERVER['HTTP_REFERER'] . ">" . $Translation["< back"] . "</a>.</div>"; exit; } if ($NoRename) { $n = str_replace(' ', '_', $f['name']); } else { $n = microtime(); $n = str_replace(' ', '_', $n); $n = str_replace('0.', '', $n); $n .= $ft[0]; } if (!file_exists($dir)) { @mkdir($dir, 0777); } if (!@move_uploaded_file($f['tmp_name'], $dir . $n)) { echo StyleSheet() . "<div class=Error>Error: Couldn't save the uploaded file. Try chmoding the upload folder '" . $dir . "' to 777. <a href=" . $_SERVER['HTTP_REFERER'] . ">" . $Translation["< back"] . "</a>.</div>"; exit; } else { @chmod($dir . $n, 0666); return $n; } } return ""; }
function applications_leases_update($selected_id) { global $Translation; if ($_GET['update_x'] != '') { $_POST = $_GET; } // mm: can member edit record? $arrPerm = getTablePermissions('applications_leases'); $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='applications_leases' and pkValue='" . makeSafe($selected_id) . "'"); $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='applications_leases' and pkValue='" . makeSafe($selected_id) . "'"); if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) { // allow update? // update allowed, so continue ... } else { return false; } $data['tenants'] = makeSafe($_POST['tenants']); if ($data['tenants'] == empty_lookup_value) { $data['tenants'] = ''; } $data['status'] = makeSafe($_POST['status']); if ($data['status'] == empty_lookup_value) { $data['status'] = ''; } if ($data['status'] == '') { echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Application status': {$Translation['field not null']}<br><br>"; echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>'; exit; } $data['property'] = makeSafe($_POST['property']); if ($data['property'] == empty_lookup_value) { $data['property'] = ''; } $data['unit'] = makeSafe($_POST['unit']); if ($data['unit'] == empty_lookup_value) { $data['unit'] = ''; } $data['type'] = makeSafe($_POST['type']); if ($data['type'] == empty_lookup_value) { $data['type'] = ''; } if ($data['type'] == '') { echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Lease type': {$Translation['field not null']}<br><br>"; echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>'; exit; } $data['total_number_of_occupants'] = makeSafe($_POST['total_number_of_occupants']); if ($data['total_number_of_occupants'] == empty_lookup_value) { $data['total_number_of_occupants'] = ''; } $data['start_date'] = intval($_POST['start_dateYear']) . '-' . intval($_POST['start_dateMonth']) . '-' . intval($_POST['start_dateDay']); $data['start_date'] = parseMySQLDate($data['start_date'], '1'); $data['end_date'] = intval($_POST['end_dateYear']) . '-' . intval($_POST['end_dateMonth']) . '-' . intval($_POST['end_dateDay']); $data['end_date'] = parseMySQLDate($data['end_date'], '1'); $data['recurring_charges_frequency'] = makeSafe($_POST['recurring_charges_frequency']); if ($data['recurring_charges_frequency'] == empty_lookup_value) { $data['recurring_charges_frequency'] = ''; } if ($data['recurring_charges_frequency'] == '') { echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Recurring charges frequency': {$Translation['field not null']}<br><br>"; echo '<a href="" onclick="history.go(-1); return false;">' . $Translation['< back'] . '</a></div>'; exit; } $data['next_due_date'] = intval($_POST['next_due_dateYear']) . '-' . intval($_POST['next_due_dateMonth']) . '-' . intval($_POST['next_due_dateDay']); $data['next_due_date'] = parseMySQLDate($data['next_due_date'], '1'); $data['rent'] = makeSafe($_POST['rent']); if ($data['rent'] == empty_lookup_value) { $data['rent'] = ''; } $data['security_deposit'] = makeSafe($_POST['security_deposit']); if ($data['security_deposit'] == empty_lookup_value) { $data['security_deposit'] = ''; } $data['security_deposit_date'] = intval($_POST['security_deposit_dateYear']) . '-' . intval($_POST['security_deposit_dateMonth']) . '-' . intval($_POST['security_deposit_dateDay']); $data['security_deposit_date'] = parseMySQLDate($data['security_deposit_date'], ''); $data['emergency_contact'] = br2nl(makeSafe($_POST['emergency_contact'])); $data['co_signer_details'] = br2nl(makeSafe($_POST['co_signer_details'])); $data['notes'] = makeSafe($_POST['notes']); if ($data['notes'] == empty_lookup_value) { $data['notes'] = ''; } $data['agreement'] = makeSafe($_POST['agreement']); if ($data['agreement'] == empty_lookup_value) { $data['agreement'] = ''; } $data['selectedID'] = makeSafe($selected_id); // hook: applications_leases_before_update if (function_exists('applications_leases_before_update')) { $args = array(); if (!applications_leases_before_update($data, getMemberInfo(), $args)) { return false; } } $o = array('silentErrors' => true); sql('update `applications_leases` set `tenants`=' . ($data['tenants'] !== '' && $data['tenants'] !== NULL ? "'{$data['tenants']}'" : 'NULL') . ', `status`=' . ($data['status'] !== '' && $data['status'] !== NULL ? "'{$data['status']}'" : 'NULL') . ', `property`=' . ($data['property'] !== '' && $data['property'] !== NULL ? "'{$data['property']}'" : 'NULL') . ', `unit`=' . ($data['unit'] !== '' && $data['unit'] !== NULL ? "'{$data['unit']}'" : 'NULL') . ', `type`=' . ($data['type'] !== '' && $data['type'] !== NULL ? "'{$data['type']}'" : 'NULL') . ', `total_number_of_occupants`=' . ($data['total_number_of_occupants'] !== '' && $data['total_number_of_occupants'] !== NULL ? "'{$data['total_number_of_occupants']}'" : 'NULL') . ', `start_date`=' . ($data['start_date'] !== '' && $data['start_date'] !== NULL ? "'{$data['start_date']}'" : 'NULL') . ', `end_date`=' . ($data['end_date'] !== '' && $data['end_date'] !== NULL ? "'{$data['end_date']}'" : 'NULL') . ', `recurring_charges_frequency`=' . ($data['recurring_charges_frequency'] !== '' && $data['recurring_charges_frequency'] !== NULL ? "'{$data['recurring_charges_frequency']}'" : 'NULL') . ', `next_due_date`=' . ($data['next_due_date'] !== '' && $data['next_due_date'] !== NULL ? "'{$data['next_due_date']}'" : 'NULL') . ', `rent`=' . ($data['rent'] !== '' && $data['rent'] !== NULL ? "'{$data['rent']}'" : 'NULL') . ', `security_deposit`=' . ($data['security_deposit'] !== '' && $data['security_deposit'] !== NULL ? "'{$data['security_deposit']}'" : 'NULL') . ', `security_deposit_date`=' . ($data['security_deposit_date'] !== '' && $data['security_deposit_date'] !== NULL ? "'{$data['security_deposit_date']}'" : 'NULL') . ', `emergency_contact`=' . ($data['emergency_contact'] !== '' && $data['emergency_contact'] !== NULL ? "'{$data['emergency_contact']}'" : 'NULL') . ', `co_signer_details`=' . ($data['co_signer_details'] !== '' && $data['co_signer_details'] !== NULL ? "'{$data['co_signer_details']}'" : 'NULL') . ', `notes`=' . ($data['notes'] !== '' && $data['notes'] !== NULL ? "'{$data['notes']}'" : 'NULL') . ', `agreement`=' . ($data['agreement'] !== '' && $data['agreement'] !== NULL ? "'{$data['agreement']}'" : 'NULL') . " where `id`='" . makeSafe($selected_id) . "'", $o); if ($o['error'] != '') { echo $o['error']; echo '<a href="applications_leases_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>"; exit; } // hook: applications_leases_after_update if (function_exists('applications_leases_after_update')) { $res = sql("SELECT * FROM `applications_leases` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo); if ($row = db_fetch_assoc($res)) { $data = array_map('makeSafe', $row); } $data['selectedID'] = $data['id']; $args = array(); if (!applications_leases_after_update($data, getMemberInfo(), $args)) { return; } } // mm: update ownership data sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='applications_leases' and pkValue='" . makeSafe($selected_id) . "'", $eo); }