function user_blacklisted($user_id) { global $userdata; if (in_array('user_blacklist', fieldgenerator(DB_USERS))) { $user_blacklist = explode('.', $userdata['user_blacklist']); if (in_array($user_id, $user_blacklist)) { return TRUE; } else { return FALSE; } } }
function dbquery_insert($db, $inputdata, $mode, $options = false) { require_once OVERDRIVE . "notify/notify.inc.php"; // php-fusion 8 sql_insert - enhance automation of sql insert dynamically. // This function is a prototype function which eases the painful counting one by one, pair to pair everytime we code. // consider this an automatic calculator, and automatic sanitization on the fourth time! //print_p($inputdata); if (defined("ADMIN_PANEL")) { global $aidlink; } else { $aidlink = '?'; } if (is_array($options)) { $redirect = array_key_exists("noredirect", $options) && $options['noredirect'] == "1" ? "0" : "1"; $url = array_key_exists("url", $options) ? $options['url'] : ""; } else { $redirect = "1"; $url = ""; } if (!defined("FUSION_NULL")) { $columns = fieldgenerator($db); $col_rows = count($columns); $col_names = array(); $sanitized_input = array(); // for save, status=success // for update, status=updated // for delete, status=del // Prime Module foreach ($columns as $arr => $v) { if ($arr !== 0) { if ($mode == "save") { $col_names[] = $arr == $col_rows - 1 ? "{$v}" : "{$v},"; // with or without comma } elseif ($mode == "update") { $col_names[] = $arr == $col_rows - 1 ? "{$v}" : "{$v}"; // all with no comma } if (array_key_exists($v, $inputdata)) { $values = $inputdata[$v]; // go through the super sanitizer first. if (isset($error) && $values == $error) { redirect(FUSION_SELF . $aidlink . "&status=error" . ($error ? "&error={$error}" : "")); } if ($mode == "save") { $sanitized_input[] = $arr == $col_rows - 1 ? "'{$values}'" : "'{$values}',"; } elseif ($mode == "update") { $sanitized_input[] = $arr == $col_rows - 1 ? "{$v}='{$values}'" : "{$v}='{$values}',"; } } else { if ($mode == "save") { $sanitized_input[] = $arr == $col_rows - 1 ? "''" : "'',"; } elseif ($mode == "update") { $sanitized_input[] = $arr == $col_rows - 1 ? "{$v}=''" : "{$v}='',"; } } } // skips 1st id array. } if ($mode == "save") { // counter to make sure it's the same. $the_column = ""; $the_value = ""; foreach ($col_names as $arr => $v) { $the_column .= "{$v}"; } foreach ($sanitized_input as $arr => $v) { $the_value .= "{$v}"; } //print_p($col_names); //print_p($sanitized_input); if (count($col_names) !== count($sanitized_input)) { die; } else { //$result = "INSERT INTO ".$db." ($the_column) VALUES ($the_value)"; //print_p($result); $result = dbquery("INSERT INTO " . $db . " ({$the_column}) VALUES ({$the_value})"); if ($redirect == "1") { if ($url !== "") { redirect($url); } else { redirect(FUSION_SELF . $aidlink . "&status=success"); } } } } elseif ($mode == "update") { $the_value = ""; foreach ($sanitized_input as $arr => $v) { $the_value .= "{$v}"; } // settings to use which field as the core for update. $key = 0; // <----- the key $update_core = "" . $columns[$key] . "='" . $inputdata[$columns[$key]] . "'"; //print_p($update_core); //print_p($the_value); if (count($col_names) !== count($sanitized_input)) { die; } else { //$result = "UPDATE ".$db." SET $the_value WHERE $update_core"; //print_p($result); $result = dbquery("UPDATE " . $db . " SET {$the_value} WHERE {$update_core}"); // equals to if ($redirect == "1") { if ($url !== "") { redirect($url); } else { redirect(FUSION_SELF . $aidlink . "&status=updated"); } } } } elseif ($mode == "delete") { if ($aidlink !== "") { // since only admin can launch deletion? $col = $columns['0']; $values = $inputdata[$col]; //print_p($col); //print_p($values); if ($values !== $error) { $result = dbquery("DELETE FROM " . $db . " WHERE {$col}='{$values}'"); //$result = "DELETE FROM ".$db." WHERE $col='$values'"; //print_p($result); //redirect(FUSION_SELF.$aidlink."&status=deleted"); if ($redirect == "1") { if ($url !== "") { redirect($url); } else { redirect(FUSION_SELF . $aidlink . "&status=del"); } } } } } else { die; } } else { notify('Script stopped as an illegal operation is found.', 'Fusion Defender stopped SQL, auto exit before execution.'); } }
function debonair_banner_widget() { global $locale; $acceptedMode = array("edit", "new", "del"); echo "<a class='btn btn-default m-t-10 m-b-20' href='" . clean_request("slides=new", array(), false) . "'>" . $locale['debonair_0203'] . "</a>\n"; echo "<div class='alert alert-info'>" . $locale['debonair_0700'] . "</div>\n"; if (isset($_GET['slides']) && in_array($_GET['slides'], $acceptedMode)) { $_GET['id'] = isset($_GET['id']) && isnum($_GET['id']) ? $_GET['id'] : 0; $data = array(); $db_keys = fieldgenerator(DB_DEBONAIR); foreach ($db_keys as $keys) { $value = ""; if ($keys == "banner_id") { $value = 0; } if ($keys == "banner_language") { $value = LANGUAGE; } if ($keys == "banner_visibility") { $value = iGUEST; } if ($keys == "banner_datestamp") { $value = time(); } if ($keys == "banner_order") { $value = dbcount("(banner_id)", DB_DEBONAIR, "banner_language='" . LANGUAGE . "'") + 1; } $data[$keys] = $value; } if ($_GET['slides'] == "edit" || $_GET['slides'] == "del") { $data = dbarray(dbquery("select * from " . DB_DEBONAIR . " WHERE banner_id='" . intval($_GET['id']) . "'")); if ($_GET['slides'] == "del" && !empty($data)) { // process deletion if ($data['banner_image']) { unlink(THEME . "upload/" . $data['banner_image']); unlink(THEME . "upload/" . $data['banner_thumb']); } dbquery_insert(DB_DEBONAIR, $data, "delete"); addNotice("success", $locale['debonair_0217']); redirect(clean_request("", array("slides"), false)); } } if (isset($_POST['save_slide'])) { $data = array("banner_id" => form_sanitizer($_POST['banner_id'], 0, "banner_id"), "banner_subject" => form_sanitizer($_POST['banner_subject'], "", "banner_subject"), "banner_description" => form_sanitizer($_POST['banner_description'], "", "banner_description"), "banner_link" => form_sanitizer($_POST['banner_link'], "", "banner_link"), "banner_language" => form_sanitizer($_POST['banner_language'], LANGUAGE, "banner_language"), "banner_visibility" => form_sanitizer($_POST['banner_visibility'], iGUEST, "banner_visibility"), "banner_datestamp" => time()); if (defender::safe()) { $upload = form_sanitizer($_FILES['banner_image'], "", "banner_image"); if (isset($upload['error']) && !$upload['error']) { $data['banner_image'] = $upload['image_name']; $data['banner_thumb'] = $upload['thumb1']; } if ($data['banner_id'] > 0 && dbcount("(banner_id)", DB_DEBONAIR, "banner_id='" . $data['banner_id'] . "'")) { // get old data. do ordering $old_data = dbquery("select banner_image, banner_thumb, banner_order from " . DB_DEBONAIR . " where banner_id='" . $data['banner_id'] . "'"); if ($old_data['banner_image']) { unlink(THEME . "upload/" . $old_data['banner_image']); unlink(THEME . "upload/" . $old_data['banner_thumb']); } dbquery_insert(DB_DEBONAIR, $data, "update"); } else { dbquery_insert(DB_DEBONAIR, $data, "save"); } addNotice("success", $locale['debonair_0212']); redirect(clean_request("", array("slides"), false)); } } echo "<h3>" . $locale['debonair_0203'] . "</h3>\n"; echo openform("debonair_banner", "post", FUSION_REQUEST, array("enctype" => true)); echo "<div class='row'>\n"; echo "<div class='col-xs-12 col-sm-8'>\n"; openside(""); echo form_hidden("banner_id", "", $data['banner_id']); echo form_text("banner_subject", $locale['debonair_0205'], $data['banner_subject'], array("required" => true, "inline" => true, "placeholder" => $locale['debonair_0206'])); echo form_textarea("banner_description", $locale['debonair_0207'], $data['banner_subject'], array("required" => true, "inline" => true, "placeholder" => $locale['debonair_0208'], "bbcode" => true)); echo form_text("banner_link", $locale['debonair_0209'], $data['banner_subject'], array("required" => true, "inline" => true, "placeholder" => "ie. news.php?readmore=1")); closeside(); openside(""); echo form_fileinput("banner_image", $locale['debonair_0210'], $data['banner_image'] ? THEME . "upload/" . $data['banner_image'] : "", array("upload_path" => THEME . "upload/", "inline" => true, "placeholder" => $locale['debonair_0210'], "template" => "modern")); closeside(); echo "</div>\n<div class='col-xs-12 col-sm-4'>\n"; openside(""); echo form_select("banner_language", $locale['debonair_0214'], $data['banner_language'], array("options" => fusion_get_enabled_languages(), "inline" => true, "placeholder" => $locale['debonair_0206'])); echo form_select("banner_visibility", $locale['debonair_0215'], $data['banner_visibility'], array("options" => fusion_get_groups(), "inline" => true, "placeholder" => $locale['debonair_0206'])); closeside(); echo form_button("save_slide", $locale['save_changes'], "save_slide", array("class" => "btn-primary")); echo "<a class='btn btn-default m-l-10' href='" . clean_request("", array("slides"), false) . "'>" . $locale['cancel'] . "</a>\n"; echo "</div>\n</div>\n"; echo closeform(); } else { if (isset($_GET['move']) && isset($_GET['id']) && isnum($_GET['id'])) { $data = dbarray(dbquery("select banner_id, banner_order FROM " . DB_DEBONAIR . " where banner_id='" . intval($_GET['id']) . "' AND banner_language='" . LANGUAGE . "'")); if ($_GET['move'] == "md") { dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order-1 WHERE banner_order= '" . ($data['banner_order'] + 1) . "' AND banner_language='" . LANGUAGE . "'"); dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order+1 WHERE banner_id='" . $data['banner_id'] . "' AND banner_language='" . LANGUAGE . "'"); } if ($_GET['move'] == "mup") { dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order+1 WHERE banner_order= '" . ($data['banner_order'] - 1) . "' AND banner_language='" . LANGUAGE . "'"); dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order-1 WHERE banner_id='" . $data['banner_id'] . "' AND banner_language='" . LANGUAGE . "'"); } addNotice("success", $locale['debonair_0220']); redirect(clean_request("", array("move", "id"), false)); } $result = dbquery("SELECT * FROM " . DB_DEBONAIR . " WHERE banner_language='" . LANGUAGE . "' order by banner_order ASC"); if (dbrows($result) > 0) { echo "<table class='table table-striped'>\n"; echo "<tr>\n\n\t\t<th>" . $locale['debonair_0205'] . "</th>\n\t\t<th>" . $locale['debonair_0210'] . "</th>\n\t\t<th>" . $locale['debonair_0214'] . "</th>\n<th>" . $locale['debonair_0215'] . "</th>\n\t\t<th>" . $locale['debonair_0211'] . "</th>\n\t\t<th>" . $locale['debonair_0216'] . "</th></tr>"; while ($data = dbarray($result)) { echo "\n\t\t\t<tr>\n\n\t\t\t<td><a href='" . clean_request("slides=edit&id=" . $data['banner_id'], array(), false) . "'>" . $data['banner_subject'] . "</a></td>\n\n\t\t\t<td>" . ($data['banner_image'] ? $locale['yes'] : $locale['no']) . "</td>\n\n\t\t\t<td>" . $data['banner_language'] . "</td>\n\n\t\t\t<td>" . getgroupname($data['banner_visibility']) . "</td>\n"; echo "<td>\n"; if ($data['banner_order'] == 1) { echo "<a href='" . clean_request("move=md&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0219'] . "</a>"; } elseif ($data['banner_order'] == dbrows($result)) { echo "<a href='" . clean_request("move=mup&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0218'] . "</a>"; } else { echo "<a href='" . clean_request("move=mup&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0218'] . "</a> - "; echo "<a href='" . clean_request("move=md&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0219'] . "</a>"; } echo "</td>\n\n\t\t\t<td>\n\t\t\t<a href='" . clean_request("slides=edit&id=" . $data['banner_id'], array(), false) . "'>" . $locale['edit'] . "</a>\n\t\t\t- <a href='" . clean_request("slides=del&id=" . $data['banner_id'], array(), false) . "'>" . $locale['delete'] . "</a>\n\t\t\t</td>\n\t\t\t</tr>\n\n\t\t\t"; } echo "</table>\n"; } else { echo "<div class='well text-center'>" . $locale['debonair_0213'] . "</div>\n"; } } }
/** * check if user was blacklisted by a member * @global string[] $userdata * @param int $user_id * @return boolean */ function user_blacklisted($user_id) { global $userdata; return in_array('user_blacklist', fieldgenerator(DB_USERS)) and in_array($user_id, explode('.', $userdata['user_blacklist'])); }
} } if (!empty($inf['delfiles']) && is_array($inf['delfiles'])) { foreach ($inf['delfiles'] as $folder) { $files = makefilelist($folder, ".|..|index.php", TRUE); if (!empty($files)) { foreach ($files as $filename) { unlink($folder . $filename); } } } } if (isset($inf['dropcol']) && is_array($inf['dropcol'])) { foreach ($inf['dropcol'] as $dropCol) { if (is_array($dropCol) && !empty($dropCol['table']) && !empty($dropCol['column'])) { $columns = fieldgenerator($dropCol['table']); if (in_array($dropCol['column'], $columns)) { dbquery("ALTER TABLE " . $dropCol['table'] . " DROP COLUMN " . $dropCol['column']); } } } } if ($inf['droptable'] && is_array($inf['droptable'])) { foreach ($inf['droptable'] as $droptable) { dbquery("DROP TABLE IF EXISTS " . $droptable); } } dbquery("DELETE FROM " . DB_INFUSIONS . " WHERE inf_folder=:folder", array(':folder' => $folder)); //redirect(FUSION_SELF); } add_to_jquery("\n \$('.defuse').bind('click', function() {return confirm('" . $locale['412'] . "');});\n ");
function upgrade_private_message() { $schema = array_flip(fieldgenerator(DB_PREFIX . "messages")); if (!isset($schema['message_user'])) { dbquery("ALTER TABLE " . DB_PREFIX . "messages ADD message_user MEDIUMINT(8) UNSIGNED NOT NULL DEFAULT '0' AFTER message_from"); } // Alter user table to support a more global wide pm support. $user_schema = array_flip(fieldgenerator(DB_PREFIX . "users")); if (!isset($user_schema['user_inbox'])) { dbquery("ALTER TABLE " . DB_PREFIX . "users ADD user_inbox SMALLINT(6) unsigned not null default '0' AFTER user_status"); } if (!isset($user_schema['user_outbox'])) { dbquery("ALTER TABLE " . DB_PREFIX . "users ADD user_outbox SMALLINT(6) unsigned not null default '0' AFTER user_inbox"); } if (!isset($user_schema['user_archive'])) { dbquery("ALTER TABLE " . DB_PREFIX . "users ADD user_archive SMALLINT(6) unsigned not null default '0' AFTER user_outbox"); } if (!isset($user_schema['user_pm_email_notify'])) { dbquery("ALTER TABLE " . DB_PREFIX . "users ADD user_pm_email_notify TINYINT(1) not null default '0' AFTER user_archive"); } if (!isset($user_schema['user_pm_save_sent'])) { dbquery("ALTER TABLE " . DB_PREFIX . "users ADD user_pm_save_sent TINYINT(1) not null default '0' AFTER user_pm_email_notify"); } // Drop if exists message options dbquery("DROP TABLE IF EXISTS " . DB_PREFIX . "messages_options"); $result = dbquery("SELECT * FROM " . DB_MESSAGES); if (dbrows($result) > 0) { // Perform data tally from 7.02.07 while ($data = dbarray($result)) { dbquery("UPDATE " . DB_MESSAGES . " SET message_user = "******" WHERE message_id = " . $data['message_id']); } } }
private function _delete_fields() { global $aidlink; if (isset($_GET['action']) && $_GET['action'] == 'field_delete' && isset($_GET['field_id']) && self::validate_field($_GET['field_id'])) { $result = dbquery("SELECT field.field_id, field.field_cat, field.field_order, field.field_name, u.field_cat_id, u.field_parent, root.field_cat_db\n\t\t\tFROM " . $this->field_db . " field\n\t\t\tLEFT JOIN " . $this->category_db . " u ON (field.field_cat=u.field_cat_id)\n\t\t\tLEFT JOIN " . $this->category_db . " root on (u.field_parent = root.field_cat_id)\n\t\t\tWHERE field_id='" . intval($_GET['field_id']) . "'\n\t\t\t"); if (dbrows($result) > 0) { $data = dbarray($result); $target_database = $data['field_cat_db'] ? DB_PREFIX . $data['field_cat_db'] : DB_USERS; $field_list = fieldgenerator($target_database); if (in_array($data['field_name'], $field_list)) { // drop database if (!$this->debug && !empty($target_database)) { $result = dbquery("ALTER TABLE " . $target_database . " DROP " . $data['field_name']); // reorder the rest of the same cat minus 1 $result = dbquery("UPDATE " . $this->field_db . " SET field_order=field_order-1 WHERE field_order > '" . $data['field_order'] . "' AND field_cat='" . $data['field_cat'] . "'"); $result = dbquery("DELETE FROM " . $this->field_db . " WHERE field_id='" . $data['field_id'] . "'"); } } else { // just delete the field if (!$this->debug) { $result = dbquery("DELETE FROM " . $this->field_db . " WHERE field_id='" . $data['field_id'] . "'"); } else { print_p("DELETE " . $data['field_id'] . " FROM " . $this->field_db); } } if (!$this->debug) { addNotice('success', $this->locale['field_0201']); redirect(FUSION_SELF . $aidlink); } } else { if (!$this->debug) { addNotice('warning', $this->locale['field_0202']); redirect(FUSION_SELF . $aidlink); } else { print_p($this->locale['field_0202']); } } } }
/** * Lighter version of dbtree() with only id and child key * @param bool $db * @param $id_col * @param $cat_col * @param bool $cat_value * @return array */ function dbtree_index($db = FALSE, $id_col, $cat_col, $cat_value = FALSE) { $refs = array(); $list = array(); $result = dbquery("SELECT * FROM " . $db . ""); $col_names = fieldgenerator($db); $i = 1; while ($data = dbarray($result)) { foreach ($col_names as $arr => $v) { if ($v == $id_col) { $thisref =& $refs[$data[$id_col]]; } $thisref[$v] = $data[$v]; } if ($data[$cat_col] == $cat_value) { $list[$data[$id_col]] =& $thisref; } else { $refs[$data[$cat_col]]['child'][$data[$id_col]] =& $thisref; } $i++; } return (array) $list; }
function upgrade_private_message() { $schema = array_flip(fieldgenerator(DB_PREFIX . "messages")); if (!isset($schema['message_user'])) { dbquery("ALTER TABLE " . DB_PREFIX . "messages ADD message_user MEDIUMINT(8) UNSIGNED NOT NULL DEFAULT '0' AFTER message_from"); } // Alter user table to support a more global wide pm support. // Each user logs in once. We do not need to worry whether user have a DB_MESSAGE_OPTIONS config or not. // Set 0 for for iMEMBER to use core settings. And you can offer premium user upgrade solution easily by altering the table. // drop if exist DB_MESSAGE_OPTIONS. This table is a resource hog. $user_schema = array_flip(fieldgenerator(DB_PREFIX . "users")); if (!isset($user_schema['user_inbox'])) { dbquery("ALTER TABLE " . DB_PREFIX . "users ADD user_inbox SMALLINT(6) unsigned not null default '0' AFTER user_status"); } if (!isset($user_schema['user_outbox'])) { dbquery("ALTER TABLE " . DB_PREFIX . "users ADD user_outbox SMALLINT(6) unsigned not null default '0' AFTER user_inbox"); } if (!isset($user_schema['user_archive'])) { dbquery("ALTER TABLE " . DB_PREFIX . "users ADD user_archive SMALLINT(6) unsigned not null default '0' AFTER user_outbox"); } if (!isset($user_schema['user_pm_email_notify'])) { dbquery("ALTER TABLE " . DB_PREFIX . "users ADD user_pm_email_notify TINYINT(1) not null default '0' AFTER user_archive"); } if (!isset($user_schema['user_pm_save_sent'])) { dbquery("ALTER TABLE " . DB_PREFIX . "users ADD user_pm_save_sent TINYINT(1) not null default '0' AFTER user_pm_email_notify"); } // Drop if exists dbquery("DROP TABLE IF EXISTS " . DB_PREFIX . "messages_options"); $result = dbquery("SELECT * FROM " . DB_MESSAGES); if (dbrows($result) > 0) { // perform data tally from 7.02.07 while ($data = dbarray($result)) { $data['message_user'] = $data['message_to']; dbquery_insert(DB_MESSAGES, $data, "update"); } } }
/** Field Creation */ private function create_fields($data, $type = 'dynamics') { global $aidlink, $defender, $locale; $this->debug = FALSE; // Build a field Attr $field_attr = ''; if ($type == 'dynamics') { $field_attr = $this->dynamics_fieldinfo($data['field_type'], $data['field_default']); } elseif ($type == 'module') { $field_attr = $this->user_field_dbinfo; } $max_order = dbresult(dbquery("SELECT MAX(field_order) FROM " . $this->field_db . " WHERE field_cat='" . $data['field_cat'] . "'"), 0) + 1; if ($data['field_order'] == 0 or $data['field_order'] > $max_order) { $data['field_order'] = $max_order; } if (self::validate_field($data['field_id'])) { if ($this->debug) { print_p('Update mode'); } // update // Alter $this->field_db table - change and modify column. $old_record = dbquery("SELECT uf.*, cat.field_cat_id, cat.field_parent, cat.field_cat_order, root.field_cat_db, root.field_cat_index\n\t\t\t\t\t\t\t\t\tFROM " . $this->field_db . " uf\n\t\t\t\t\t\t\t\t\tLEFT JOIN " . $this->category_db . " cat ON (cat.field_cat_id = uf.field_cat)\n\t\t\t\t\t\t\t\t\tLEFT JOIN " . $this->category_db . " root ON (cat.field_parent = root.field_cat_id)\n\t\t\t\t\t\t\t\t\tWHERE uf.field_id='" . $data['field_id'] . "'"); // old database. if (dbrows($old_record) > 0) { // got old field cat $oldRows = dbarray($old_record); $old_table = $oldRows['field_cat_db'] ? DB_PREFIX . $oldRows['field_cat_db'] : DB_USERS; // this was old database $old_table_columns = fieldgenerator($old_table); // Get current updated field_cat - to compare new cat_db and old cat_db $new_result = dbquery("\n\t\t\t\tSELECT cat.field_cat_id, cat.field_cat_name, cat.field_parent, cat.field_cat_order,\n\t\t\t\troot.field_cat_db, root.field_cat_index\n\t\t\t\t\t\tFROM " . $this->category_db . " cat\n\t\t\t\tLEFT JOIN " . $this->category_db . " root on cat.field_parent = root.field_cat_id\n\t\t\t\tWHERE cat.field_cat_id='" . intval($data['field_cat']) . "'\n\t\t\t\t"); $newRows = array(); if (dbrows($new_result) > 0) { $newRows = dbarray($new_result); $new_table = $newRows['field_cat_db'] ? DB_PREFIX . $newRows['field_cat_db'] : DB_USERS; } else { $new_table = DB_USERS; } if ($this->debug) { print_p("Old table information -"); print_p($oldRows); print_p("New table information -"); print_p($newRows); } if ($data['field_cat'] !== $oldRows['field_cat']) { // old and new mismatch - move to another category if ($this->debug) { print_p("Fork No.1 - Update Field on a different table"); } // drop the old one if target database aren't the same. // @todo: Improvements: need to move the whole column along with data instead of just dropping and creating new if ($new_table !== $old_table) { print_p($old_table); $new_table_columns = fieldgenerator($new_table); if (!$this->debug) { if (!in_array($data['field_name'], $new_table_columns)) { // this is new database check, if not exist, then add the column //self::add_column($new_table, $data['field_name'], $field_attr); self::move_single_column($old_table, $new_table, $data['field_name']); self::drop_column($old_table, $oldRows['field_name']); if ($defender->safe()) { // sort the fields. if 2, greater than 2 all +1 on the new category dbquery("UPDATE " . $this->field_db . " SET field_order=field_order+1 WHERE field_order >= '" . $data['field_order'] . "' AND field_cat='" . $data['field_cat'] . "'"); // since change table. fix all which is greater than link order. dbquery("UPDATE " . $this->field_db . " SET field_order=field_order-1 WHERE field_order >= '" . $oldRows['field_order'] . "' AND field_cat='" . $oldRows['field_cat'] . "'"); } } else { $defender->stop(); addNotice("danger", "Column conflict. There are columns on " . $old_table . " existed in " . $new_table); } } else { // DEBUG MODE if (!in_array($data['field_name'], $new_table_columns)) { print_p("Move " . $data['field_name'] . " from " . $old_table . " to " . $new_table); print_p("Dropping column " . $oldRows['field_name'] . " on " . $old_table); print_p("UPDATE " . $this->field_db . " SET field_order=field_order+1 WHERE field_order >= '" . $data['field_order'] . "' AND field_cat='" . $data['field_cat'] . "'"); // since change table. fix all which is greater than link order. print_p("UPDATE " . $this->field_db . " SET field_order=field_order-1 WHERE field_order >= '" . $oldRows['field_order'] . "' AND field_cat='" . $oldRows['field_cat'] . "'"); } else { print_p("Column conflict. There are columns on " . $old_table . " existed in " . $new_table); } } } else { if ($defender->safe()) { dbquery("UPDATE " . $this->field_db . " SET field_order=field_order+1 WHERE field_order >= '" . $data['field_order'] . "' AND field_cat='" . $data['field_cat'] . "'"); dbquery("UPDATE " . $this->field_db . " SET field_order=field_order-1 WHERE field_order >= '" . $oldRows['field_order'] . "' AND field_cat='" . $oldRows['field_cat'] . "'"); } } } else { // same table. // check if same title. // if not same, change column name. if ($this->debug) { print_p("Fork No.2 - Update Field on the same table"); } if ($data['field_name'] !== $oldRows['field_name']) { // not same as old record on dbcolumn // Check for possible duplicates in the new field name if (!in_array($data['field_name'], $old_table_columns)) { if (!$this->debug) { self::rename_column($old_table, $oldRows['field_name'], $data['field_name'], $field_attr); } else { print_p("Renaming column " . $oldRows['field_name'] . " on " . $old_table . " to " . $data['field_name'] . " with attributes of " . $field_attr); } } else { $defender->stop(); addNotice('danger', sprintf($locale['fields_0104'], "({$new_table})")); } } if (!$this->debug) { if ($defender->safe()) { // make ordering of the same table. if ($data['field_order'] > $oldRows['field_order']) { dbquery("UPDATE " . $this->field_db . " SET field_order=field_order-1 WHERE field_order > " . $oldRows['field_order'] . " AND field_order <= '" . $data['field_order'] . "' AND field_cat='" . $data['field_cat'] . "'"); } elseif ($data['field_order'] < $oldRows['field_order']) { dbquery("UPDATE " . $this->field_db . " SET field_order=field_order+1 WHERE field_order < " . $oldRows['field_order'] . " AND field_order >= '" . $data['field_order'] . "' AND field_cat='" . $data['field_cat'] . "'"); } } } else { print_p("Old field order is " . $oldRows['field_order']); print_p("New field order is " . $data['field_order']); if ($data['field_order'] > $oldRows['field_order']) { print_p("UPDATE " . $this->field_db . " SET field_order=field_order-1 WHERE field_order > '" . $oldRows['field_order'] . "' AND field_order <= '" . $data['field_order'] . "' AND field_cat='" . $data['field_cat'] . "'"); } else { print_p("UPDATE " . $this->field_db . " SET field_order=field_order+1 WHERE field_order < '" . $oldRows['field_order'] . "' AND field_order >= '" . $data['field_order'] . "' AND field_cat='" . $data['field_cat'] . "'"); } } } if (!$this->debug) { if ($defender->safe()) { dbquery_insert($this->field_db, $data, 'update'); addNotice('success', $locale['field_0203']); redirect(FUSION_SELF . $aidlink); } } else { print_p($data); } } else { $defender->stop(); addNotice('danger', $locale['fields_0105']); } } else { if ($this->debug) { print_p('Save Mode'); } // Alter $this->field_db table - add column. $cresult = dbquery("SELECT cat.field_cat_id, cat.field_parent, cat.field_cat_order, root.field_cat_db, root.field_cat_index\n\t\t\t\t\t\t\t\tFROM " . $this->category_db . " cat\n\t\t\t\t\t\t\t\tLEFT JOIN " . $this->category_db . " root ON (cat.field_parent = root.field_cat_id)\n\t\t\t\t\t\t\t\tWHERE cat.field_cat_id='" . $data['field_cat'] . "'"); if (dbrows($cresult) > 0) { $cat_data = dbarray($cresult); $new_table = $cat_data['field_cat_db'] ? DB_PREFIX . $cat_data['field_cat_db'] : DB_USERS; $field_arrays = fieldgenerator($new_table); if (!in_array($data['field_name'], $field_arrays)) { // safe to execute alter. if (!$this->debug) { self::add_column($new_table, $data['field_name'], $field_attr); } else { print_p("Alter DB_" . $new_table . " with " . $data['field_name'] . " on " . $field_attr); } } else { $defender->stop(); addNotice('danger', $locale['fields_0106']); } // ordering if (!$this->debug) { if ($defender->safe()) { dbquery("UPDATE " . $this->field_db . " SET field_order=field_order+1 WHERE field_order > '" . $data['field_order'] . "' AND field_cat='" . $data['field_cat'] . "'"); dbquery_insert($this->field_db, $data, 'save'); addNotice('success', $locale['field_0204']); redirect(FUSION_SELF . $aidlink); } } else { print_p($data); } } else { $defender->stop(); addNotice('danger', $locale['fields_0107']); } } }