function add_user($data_user, $list_profil = '')
{
global $l;
if (isset($data_user['PASSWORD'])) {
$password = $data_user['PASSWORD'];
}
$data_user = strip_tags_array($data_user);
if (trim($data_user['ID']) == "") {
$ERROR = $l->g(997);
}
if (is_array($list_profil)) {
if (!array_key_exists($data_user['ACCESSLVL'], $list_profil)) {
$ERROR = $l->g(998);
}
}
if (!isset($ERROR)) {
$sql = "select id from operators where id= '%s'";
$arg = $data_user['ID'];
$res = mysql2_query_secure($sql, $_SESSION['OCS']["readServer"], $arg);
$row = mysqli_fetch_object($res);
if (isset($row->id)) {
if ($data_user['MODIF'] != $row->id) {
return $l->g(999);
} else {
$sql_update = "update operators \n\t\t\t\t\t\t\t\tset firstname = '%s',\n\t\t\t\t\t\t\t\t\tlastname='%s',\n\t\t\t\t\t\t\t\t\tnew_accesslvl='%s',\n\t\t\t\t\t\t\t\t\temail='%s',\n\t\t\t\t\t\t\t\t\tcomments='%s',\n\t\t\t\t\t\t\t\t\tuser_group='%s'";
$arg_update = array($data_user['FIRSTNAME'], $data_user['LASTNAME'], $data_user['ACCESSLVL'], $data_user['EMAIL'], $data_user['COMMENTS'], $data_user['USER_GROUP']);
if (isset($data_user['PASSWORD']) and $data_user['PASSWORD'] != '') {
$sql_update .= ",passwd ='%s' , password_version ='%s' ";
$arg_update[] = password_hash($password, constant($_SESSION['OCS']['PASSWORD_ENCRYPTION']));
$arg_update[] = $_SESSION['OCS']['PASSWORD_VERSION'];
}
$sql_update .= "\t where ID='%s'";
$arg_update[] = $row->id;
mysql2_query_secure($sql_update, $_SESSION['OCS']["writeServer"], $arg_update);
return $l->g(374);
}
} else {
$sql = " insert into operators (id,firstname,lastname,new_accesslvl,email,comments,user_group";
if (isset($password)) {
$sql .= ",passwd";
$sql .= ",password_version";
}
$sql .= ") value ('%s','%s','%s','%s','%s','%s','%s'";
$arg = array($data_user['ID'], $data_user['FIRSTNAME'], $data_user['LASTNAME'], $data_user['ACCESSLVL'], $data_user['EMAIL'], $data_user['COMMENTS'], $data_user['USER_GROUP']);
if (isset($password)) {
$sql .= ",'%s','%s'";
$arg[] = password_hash($password, constant($_SESSION['OCS']['PASSWORD_ENCRYPTION']));
$arg[] = $_SESSION['OCS']['PASSWORD_VERSION'];
}
$sql .= ")";
mysql2_query_secure($sql, $_SESSION['OCS']["writeServer"], $arg);
return $l->g(373);
}
} else {
return $ERROR;
}
}
function testStripTagsArray()
{
$testArray = array("jason<pell>", array("Jason S<thingtag> </tag again>", "Something else no tags"));
$new_array = strip_tags_array($testArray);
$this->assertEquals(2, count($new_array));
$this->assertEquals(2, count($new_array[1]));
$this->assertEquals("jason", $new_array[0]);
$this->assertEquals("Jason S ", $new_array[1][0]);
$this->assertEquals("Something else no tags", $new_array[1][1]);
}
function find_lbl($id)
{
global $l;
if (substr($id, 0, 2) == 'g(') {
$lbl = ucfirst($l->g(substr(substr($id, 2), 0, -1)));
} else {
$lbl = $id;
}
return strip_tags_array($lbl);
}
function strip_tags_array($params)
{
$rs = array();
while (list($key, $val) = @each($params)) {
if (is_array($val)) {
$rs[$key] = strip_tags_array($val);
} else {
$rs[$key] = strip_tags($val);
}
}
return $rs;
}
function print_r_V2($array)
{
$array = strip_tags_array($array);
print "<table border='1'>";
if (is_array($array)) {
foreach ($array as $key => $val) {
print "<tr><td><font size=2>" . $key . "</td><td><font size=2>";
if (is_array($array[$key])) {
print_r_V2($array[$key]);
print "</td></tr>";
} else {
print $val . "</td></tr>";
}
}
print "</table>";
} else {
print_r($array);
}
}
function bandeau($data, $lbl, $link = array())
{
global $protectedGet, $pages_refs;
if (!is_array($link)) {
$link = array();
}
$data = data_encode_utf8($data);
$nb_col = 2;
echo "<table ALIGN = 'Center' class='mlt_bordure' border=0 width:100%><tr><td align =center>";
echo "\t\t<table align=center border='0' width='100%' ><tr>";
$i = 0;
foreach ($data as $name => $value) {
if (trim($value) != '') {
if ($i == $nb_col) {
echo "</tr><tr>";
$i = 0;
}
if (!array_key_exists($name, $link)) {
//$value=htmlentities($value,ENT_COMPAT,'UTF-8');
$value = strip_tags_array($value);
}
if ($name == "IPADDR") {
$value = preg_replace('/([x0-9])\\//', '$1 / ', $value);
}
echo "<td> <b>" . $lbl[$name] . ": </b></td><td >" . $value . "</td>";
$i++;
}
}
echo "</tr></table></td>";
echo "</tr></table>";
}
// OpenDb will not work with this on!!!
if (get_magic_quotes_runtime()) {
set_magic_quotes_runtime(false);
}
// Only if $PHP_SELF is not already defined.
if (!isset($PHP_SELF)) {
// get_http_env is a OpenDb function!
$PHP_SELF = get_http_env('PHP_SELF');
}
// We want all the HTTP variables into the $HTTP_VARS array, so
// we can reference everything from the one place.
// any upload files will be in new post php 4.1 $_FILES array
if (!empty($_GET)) {
// fixes for XSS vulnerabilities reported in OpenDb 1.0.6
// http://secunia.com/advisories/31719
$HTTP_VARS = strip_tags_array($_GET);
} else {
if (!empty($_POST)) {
$HTTP_VARS = $_POST;
}
}
// Strip all slashes from this array.
if (get_magic_quotes_gpc()) {
$HTTP_VARS = stripslashes_array($HTTP_VARS);
}
//define a global browser sniffer object for use by theme and elsewhere
$_OpendbBrowserSniffer = new OpenDbBrowserSniffer();
// if the mysql[i] extension has been loaded, the db_connect function should exist
if (function_exists('db_connect')) {
// defaults where no database access
$_OPENDB_THEME = 'default';
if ($_SESSION['OCS']['SQL_BASE_VERS'] < 7006) {
unset($_SESSION['OCS']['SQL_BASE_VERS']);
require 'install.php';
} else {
require 'update.php';
}
die;
}
if (!defined("SERVER_READ")) {
$fromdbconfig_out = true;
require 'install.php';
die;
}
//SECURITY
$protectedPost = strip_tags_array($_POST);
$protectedGet = strip_tags_array($_GET);
@set_time_limit(0);
//Don't take care of error identify
//For the fuser, $no_error = 'YES'
if (!isset($no_error)) {
$no_error = 'NO';
}
/****************************************************SQL TABLE & FIELDS***********************************************/
if (!isset($_SESSION['OCS']['SQL_TABLE'])) {
$sql = "show tables from %s";
$arg = DB_NAME;
$res = mysql2_query_secure($sql, $_SESSION['OCS']["readServer"], $arg);
while ($item = mysqli_fetch_row($res)) {
$sql = "SHOW COLUMNS FROM %s";
$arg = $item[0];
$res_column = mysql2_query_secure($sql, $_SESSION['OCS']["readServer"], $arg);
// part of orsee. see orsee.org
$debug__script_started = microtime();
include "../config/settings.php";
include "../config/system.php";
include "../config/requires.php";
require_once "../utils/general.php";
require_once "../utils/connections.php";
$proceed = true;
if ($proceed) {
site__database_config();
$settings = load_settings();
$settings['style'] = $settings['orsee_public_style'];
$color = load_colors();
session_set_save_handler("orsee_session_open", "orsee_session_close", "orsee_session_read", "orsee_session_write", "orsee_session_destroy", "orsee_session_gc");
session_start();
$_REQUEST = strip_tags_array($_REQUEST);
}
if ($proceed) {
if ($settings['stop_public_site'] == "y" && !isset($expadmindata['adminname']) && !(thisdoc() == "disabled.php")) {
redirect("public/disabled.php");
}
}
if ($proceed) {
// with token-only, do not allow access to these pages
$token_exclude = array("participant_reset_pw.php", "participant_change_pw.php", "participant_login.php", "participant_login_mob.php");
if ($settings['subject_authentication'] == 'token' && in_array(thisdoc(), $token_exclude)) {
redirect("public/");
}
}
if ($proceed) {
// if we work with tokens or do the migration, check for token on any page
protected function translateLabel($label)
{
global $l;
if (substr($label, 0, 2) == 'g(') {
$label = ucfirst($l->g(substr(substr($label, 2), 0, -1)));
}
return strip_tags_array($label);
}
function show_summary($data, $labels, $cat_labels, $links = array())
{
global $protectedGet, $pages_refs;
$data = data_encode_utf8($data);
$nb_col = 2;
$i = 0;
echo '<table class="summary">';
foreach ($labels as $cat_key => $cat) {
if ($i % $nb_col == 0) {
echo '<tr class="summary-row">';
}
echo '<td class="summary-cell">';
echo '<h5>' . mb_strtoupper($cat_labels[$cat_key]) . '</h5>';
foreach ($cat as $name => $label) {
$value = $data[$name];
if (trim($value) != '') {
if (!array_key_exists($name, $links)) {
$value = strip_tags_array($value);
}
if ($name == "IPADDR") {
$value = preg_replace('/([x0-9])\\//', '$1 / ', $value);
}
echo '<div class="summary-header">' . $label . ' :</div>';
echo '<div class="summary-value">' . $value . '</div>';
}
}
echo '</td>';
$i++;
if ($i % $nb_col == 0) {
echo '</tr>';
}
}
if ($i % $nb_col != 0) {
echo '</tr>';
}
echo '</table>';
}
function gestion_donnees($sql_data, $list_fields, $tab_options, $form_name, $default_fields, $list_col_cant_del, $queryDetails, $table_name)
{
global $l, $protectedPost, $pages_refs;
//p($tab_options['REPLACE_VALUE_ALL_TIME']);
$_SESSION['OCS']['list_fields'][$table_name] = $list_fields;
//requete de condition d'affichage
//attention: la requete doit etre du style:
//select champ1 AS FIRST from table where...
if (isset($tab_options['REQUEST'])) {
foreach ($tab_options['REQUEST'] as $field_name => $value) {
$tab_condition[$field_name] = array();
$resultDetails = mysql2_query_secure($value, $_SESSION['OCS']["readServer"], $tab_options['ARG'][$field_name]);
while ($item = mysqli_fetch_object($resultDetails)) {
$tab_condition[$field_name][$item->FIRST] = $item->FIRST;
}
}
}
if (isset($sql_data)) {
foreach ($sql_data as $i => $donnees) {
foreach ($list_fields as $key => $value) {
$htmlentities = true;
$truelabel = $key;
// p($tab_options);
//gestion des as de colonne
if (isset($tab_options['AS'][$value])) {
$value = $tab_options['AS'][$value];
}
//echo $value."<br>";
$num_col = $key;
if ($default_fields[$key]) {
$correct_list_fields[$num_col] = $num_col;
}
if ($list_col_cant_del[$key]) {
$correct_list_col_cant_del[$num_col] = $num_col;
}
$alias = explode('.', $value);
if (isset($alias[1])) {
$no_alias_value = $alias[1];
} else {
$no_alias_value = $value;
}
//echo $no_alias_value;
//si aucune valeur, on affiche un espace
if ($donnees[$no_alias_value] == "") {
$value_of_field = " ";
$htmlentities = false;
} else {
$value_of_field = $donnees[$no_alias_value];
}
//utf8 or not?
$value_of_field = data_encode_utf8($value_of_field);
$col[$i] = $key;
if ($protectedPost['sens_' . $table_name] == "ASC") {
$sens = "DESC";
} else {
$sens = "ASC";
}
$affich = 'OK';
//on n'affiche pas de lien sur les colonnes non présentes dans la requete
if (isset($tab_options['NO_TRI'][$key])) {
$lien = 'KO';
} else {
$lien = 'OK';
}
if (isset($tab_options['REPLACE_VALUE_ALL_TIME'][$key])) {
if (isset($tab_options['FIELD_REPLACE_VALUE_ALL_TIME'])) {
$value_of_field = $tab_options['REPLACE_VALUE_ALL_TIME'][$key][$donnees[$tab_options['FIELD_REPLACE_VALUE_ALL_TIME']]];
} else {
$value_of_field = $tab_options['REPLACE_VALUE_ALL_TIME'][$key][$donnees['ID']];
}
}
if (isset($tab_options['REPLACE_VALUE'][$key])) {
//if multi value, $temp_val[1] isset
$temp_val = explode('&&&', $value_of_field);
$multi_value = 0;
$temp_value_of_field = "";
while (isset($temp_val[$multi_value])) {
$temp_value_of_field .= $tab_options['REPLACE_VALUE'][$key][$temp_val[$multi_value]] . "<br>";
$multi_value++;
}
$temp_value_of_field = substr($temp_value_of_field, 0, -4);
$value_of_field = $temp_value_of_field;
}
if (isset($tab_options['REPLACE_WITH_CONDITION'][$key][$value_of_field])) {
if (!is_array($tab_options['REPLACE_WITH_CONDITION'][$key][$value_of_field])) {
$value_of_field = $tab_options['REPLACE_WITH_CONDITION'][$key][$value_of_field];
} else {
foreach ($tab_options['REPLACE_WITH_CONDITION'][$key][$value_of_field] as $condition => $condition_value) {
if ($donnees[$condition] == '' or is_null($donnees[$condition])) {
$value_of_field = $condition_value;
}
}
}
}
if (isset($tab_options['REPLACE_WITH_LIMIT']['UP'][$key])) {
if ($value_of_field > $tab_options['REPLACE_WITH_LIMIT']['UP'][$key]) {
$value_of_field = $tab_options['REPLACE_WITH_LIMIT']['UPVALUE'][$key];
}
}
if (isset($tab_options['REPLACE_WITH_LIMIT']['DOWN'][$key])) {
if ($value_of_field < $tab_options['REPLACE_WITH_LIMIT']['DOWN'][$key]) {
$value_of_field = $tab_options['REPLACE_WITH_LIMIT']['DOWNVALUE'][$key];
}
}
unset($key2);
if (isset($tab_condition[$key])) {
if (!$tab_condition[$key][$donnees[$tab_options['FIELD'][$key]]] and !$tab_options['EXIST'][$key] or $tab_condition[$key][$donnees[$tab_options['FIELD'][$key]]] and $tab_options['EXIST'][$key]) {
if ($key == "STAT" or $key == "SUP" or $key == "CHECK") {
$key2 = "NULL";
} else {
$data[$i][$num_col] = $value_of_field;
$affich = "KO";
}
}
}
//if (!isset($entete[$num_col])){
if (!isset($tab_options['LBL'][$key])) {
$entete[$num_col] = $key;
} else {
$entete[$num_col] = $tab_options['LBL'][$key];
}
//}
if (isset($tab_options['NO_LIEN_CHAMP']['SQL'][$key])) {
$exit = false;
foreach ($tab_options['NO_LIEN_CHAMP']['SQL'][$key] as $id => $sql_rest) {
$sql = $sql_rest;
if (isset($tab_options['NO_LIEN_CHAMP']['ARG'][$id][$key])) {
$arg = $donnees[$tab_options['NO_LIEN_CHAMP']['ARG'][$id][$key]];
} else {
$arg = "";
}
$result_lien = mysql2_query_secure($sql, $_SESSION['OCS']["readServer"], $arg);
if ($item = mysqli_fetch_object($result_lien)) {
$data[$i][$num_col] = "<a href='" . $tab_options['LIEN_LBL'][$key][$id] . $donnees[$tab_options['LIEN_CHAMP'][$key][$id]] . "' target='_blank'>" . $value_of_field . "</a>";
// $exit=true;
break;
} else {
echo 'toto';
}
}
}
//si un lien doit être mis sur le champ
//l'option $tab_options['NO_LIEN_CHAMP'] empêche de mettre un lien sur certaines
//valeurs du champs
//exemple, si vous ne voulez pas mettre un lien si le champ est 0,
//$tab_options['NO_LIEN_CHAMP'][$key] = array(0);
if (isset($tab_options['LIEN_LBL'][$key]) and !is_array($tab_options['LIEN_LBL'][$key]) and (!isset($tab_options['NO_LIEN_CHAMP'][$key]) or !in_array($value_of_field, $tab_options['NO_LIEN_CHAMP'][$key]))) {
$affich = "KO";
if (!isset($tab_options['LIEN_TYPE'][$key])) {
$data[$i][$num_col] = "<a href='" . $tab_options['LIEN_LBL'][$key] . $donnees[$tab_options['LIEN_CHAMP'][$key]] . "' target='_blank'>" . $value_of_field . "</a>";
} else {
if (!isset($tab_options['POPUP_SIZE'][$key])) {
$size = "width=550,height=350";
} else {
$size = $tab_options['POPUP_SIZE'][$key];
}
$data[$i][$num_col] = "<a href=\"" . $tab_options['LIEN_LBL'][$key] . $donnees[$tab_options['LIEN_CHAMP'][$key]] . "\")>" . $value_of_field . "</a>";
}
}
if (isset($tab_options['JAVA']['CHECK'])) {
$javascript = "OnClick='confirme(\"" . htmlspecialchars($donnees[$tab_options['JAVA']['CHECK']['NAME']], ENT_QUOTES) . "\"," . $value_of_field . ",\"" . $form_name . "\",\"CONFIRM_CHECK\",\"" . htmlspecialchars($tab_options['JAVA']['CHECK']['QUESTION'], ENT_QUOTES) . " \")'";
} else {
$javascript = "";
}
//si on a demander un affichage que sur certaine ID
if (is_array($tab_options) and !$tab_options['SHOW_ONLY'][$key][$value_of_field] and $tab_options['SHOW_ONLY'][$key]) {
$key = "NULL";
}
if (isset($tab_options['COLOR'][$key])) {
$value_of_field = "<font color=" . $tab_options['COLOR'][$key] . ">" . $value_of_field . "</font>";
$htmlentities = false;
}
if ($affich == 'OK') {
$lbl_column = array("SUP" => $l->g(122), "MODIF" => $l->g(115), "CHECK" => $l->g(1119) . "<input type='checkbox' name='ALL' id='ALL' Onclick='checkall();'>");
if (!isset($tab_options['NO_NAME']['NAME'])) {
$lbl_column["NAME"] = $l->g(23);
}
//modify lbl of column
if (!isset($entete[$num_col]) or $entete[$num_col] == $key and !isset($tab_options['LBL'][$key])) {
if (array_key_exists($key, $lbl_column)) {
$entete[$num_col] = $lbl_column[$key];
} else {
$entete[$num_col] = $truelabel;
}
}
if ($key == "NULL" or isset($key2)) {
$data[$i][$num_col] = " ";
$lien = 'KO';
} elseif ($key == "GROUP_NAME") {
$data[$i][$num_col] = "<a href='index.php?" . PAG_INDEX . "=" . $pages_refs['ms_group_show'] . "&head=1&systemid=" . $donnees['ID'] . "' target='_blank'>" . $value_of_field . "</a>";
} elseif ($key == "SUP" and $value_of_field != ' ') {
if (isset($tab_options['LBL_POPUP'][$key])) {
if (isset($donnees[$tab_options['LBL_POPUP'][$key]])) {
$lbl_msg = $l->g(640) . " " . $donnees[$tab_options['LBL_POPUP'][$key]];
} else {
$lbl_msg = $tab_options['LBL_POPUP'][$key];
}
} else {
$lbl_msg = $l->g(640) . " " . $value_of_field;
}
$data[$i][$num_col] = "<a href=# OnClick='confirme(\"\",\"" . htmlspecialchars($value_of_field, ENT_QUOTES) . "\",\"" . $form_name . "\",\"SUP_PROF\",\"" . htmlspecialchars($lbl_msg, ENT_QUOTES) . "\");'><img src=image/delete-small.png></a>";
$lien = 'KO';
} elseif ($key == "MODIF") {
if (!isset($tab_options['MODIF']['IMG'])) {
$image = "image/modif_tab.png";
} else {
$image = $tab_options['MODIF']['IMG'];
}
$data[$i][$num_col] = "<a href=# OnClick='pag(\"" . htmlspecialchars($value_of_field, ENT_QUOTES) . "\",\"MODIF\",\"" . $form_name . "\");'><img src=" . $image . "></a>";
$lien = 'KO';
} elseif ($key == "SELECT") {
$data[$i][$num_col] = "<a href=# OnClick='confirme(\"\",\"" . htmlspecialchars($value_of_field, ENT_QUOTES) . "\",\"" . $form_name . "\",\"SELECT\",\"" . htmlspecialchars($tab_options['QUESTION']['SELECT'], ENT_QUOTES) . "\");'><img src=image/prec16.png></a>";
$lien = 'KO';
} elseif ($key == "OTHER") {
$data[$i][$num_col] = "<a href=# OnClick='pag(\"" . htmlspecialchars($value_of_field, ENT_QUOTES) . "\",\"OTHER\",\"" . $form_name . "\");'><img src=image/red.png></a>";
$lien = 'KO';
} elseif ($key == "ZIP") {
$data[$i][$num_col] = "<a href=\"index.php?" . PAG_INDEX . "=" . $pages_refs['ms_tele_compress'] . "&no_header=1×tamp=" . $value_of_field . "&type=" . $tab_options['TYPE']['ZIP'] . "\"><img src=image/archives.png></a>";
$lien = 'KO';
} elseif ($key == "STAT") {
$data[$i][$num_col] = "<a href=\"index.php?" . PAG_INDEX . "=" . $pages_refs['ms_tele_stats'] . "&head=1&stat=" . $value_of_field . "\"><img src='image/stat.png'></a>";
$lien = 'KO';
} elseif ($key == "ACTIVE") {
$data[$i][$num_col] = "<a href=\"index.php?" . PAG_INDEX . "=" . $pages_refs['ms_tele_popup_active'] . "&head=1&active=" . $value_of_field . "\"><img src='image/activer.png' ></a>";
$lien = 'KO';
} elseif ($key == "SHOWACTIVE") {
$data[$i][$num_col] = "<a href='index.php?" . PAG_INDEX . "=" . $pages_refs['ms_tele_actives'] . "&head=1×tamp=" . $donnees['FILEID'] . "' target=_blank>" . $value_of_field . "</a>";
} elseif ($key == "CHECK" and $value_of_field != ' ') {
$data[$i][$num_col] = "<input type='checkbox' name='check" . $value_of_field . "' id='check" . $value_of_field . "' " . $javascript . " " . (isset($protectedPost['check' . $value_of_field]) ? " checked " : "") . ">";
$lien = 'KO';
} elseif ($key == "NAME" and !isset($tab_options['NO_NAME']['NAME'])) {
$link_computer = "index.php?" . PAG_INDEX . "=" . $pages_refs['ms_computer'] . "&head=1";
if ($donnees['ID']) {
$link_computer .= "&systemid=" . $donnees['ID'];
}
if ($donnees['MD5_DEVICEID']) {
$link_computer .= "&crypt=" . $donnees['MD5_DEVICEID'];
}
$data[$i][$num_col] = "<a href='" . $link_computer . "' target='_blank'>" . $value_of_field . "</a>";
} elseif ($key == "MAC") {
//echo substr($value_of_field,0,8);
//echo $_SESSION['OCS']["mac"][substr($value_of_field,0,8)];
if (isset($_SESSION['OCS']["mac"][mb_strtoupper(substr($value_of_field, 0, 8))])) {
$constr = $_SESSION['OCS']["mac"][mb_strtoupper(substr($value_of_field, 0, 8))];
} else {
$constr = "<font color=red>" . $l->g(885) . "</font>";
}
//echo "=>".$constr."<br>";
$data[$i][$num_col] = $value_of_field . " (<small>" . $constr . "</small>)";
} elseif (substr($key, 0, 11) == "PERCENT_BAR") {
require_once "function_graphic.php";
$data[$i][$num_col] = "<CENTER>" . percent_bar($value_of_field) . "</CENTER>";
//$lien = 'KO';
} else {
if (isset($tab_options['OTHER'][$key][$value_of_field])) {
$end = "<a href=# OnClick='pag(\"" . htmlspecialchars($value_of_field, ENT_QUOTES) . "\",\"OTHER\",\"" . $form_name . "\");'><img src=" . $tab_options['OTHER']['IMG'] . "></a>";
} elseif (isset($tab_options['OTHER_BIS'][$key][$value_of_field])) {
$end = "<a href=# OnClick='pag(\"" . htmlspecialchars($value_of_field, ENT_QUOTES) . "\",\"OTHER_BIS\",\"" . $form_name . "\");'><img src=" . $tab_options['OTHER_BIS']['IMG'] . "></a>";
} elseif (isset($tab_options['OTHER_TER'][$key][$value_of_field])) {
$end = "<a href=# OnClick='pag(\"" . htmlspecialchars($value_of_field, ENT_QUOTES) . "\",\"OTHER_TER\",\"" . $form_name . "\");'><img src=" . $tab_options['OTHER_TER']['IMG'] . "></a>";
} else {
$end = "";
}
if ($htmlentities) {
//$value_of_field=htmlentities($value_of_field,ENT_COMPAT,'UTF-8');
$value_of_field = strip_tags_array($value_of_field);
}
$data[$i][$num_col] = $value_of_field . $end;
}
}
if ($lien == 'OK') {
$deb = "<a onclick='return tri(\"" . $value . "\",\"tri_" . $table_name . "\",\"" . $sens . "\",\"sens_" . $table_name . "\",\"" . $form_name . "\");' >";
$fin = "</a>";
$entete[$num_col] = $deb . $entete[$num_col] . $fin;
if ($protectedPost['tri_' . $table_name] == $value) {
if ($protectedPost['sens_' . $table_name] == 'ASC') {
$img = "<img src='image/down.png'>";
} else {
$img = "<img src='image/up.png'>";
}
$entete[$num_col] = $img . $entete[$num_col];
}
}
}
}
if ($tab_options['UP']) {
$i = 0;
while ($data[$i]) {
foreach ($tab_options['UP'] as $key => $value) {
if ($data[$i][$key] == $value) {
$value_temp = $data[$i];
unset($data[$i]);
}
}
$i++;
}
array_unshift($data, $value_temp);
}
// echo $protectedPost['tri_'.$table_name];
// echo "<br><hr>";
//p($tab_options['REPLACE_VALUE']);
if (isset($tab_options['REPLACE_VALUE'][$protectedPost['tri_' . $table_name]])) {
//p($data);
//echo "<br><hr><br>";
if ($protectedPost['sens_repart_tag'] == 'ASC') {
asort($data);
} else {
arsort($data);
}
// p($data);
}
return array('ENTETE' => $entete, 'DATA' => $data, 'correct_list_fields' => $correct_list_fields, 'correct_list_col_cant_del' => $correct_list_col_cant_del);
} else {
return false;
}
}
function strip_tags_array($var, $exempt = array())
{
if (is_array($var)) {
foreach ($var as $k => $v) {
if (!in_array($k, $exempt)) {
$var[$k] = strip_tags_array($v);
}
}
} else {
$var = strip_tags($var);
$var = str_replace(array('&', '<', '>', '"', "'", '/'), array('&', '<', '>', '"', ''', ' /'), $var);
}
return $var;
}
