Пример #1
0
    if ($inherit['where']) {
        $wheres[] = $inherit['where'];
    }
    if ($inherit['from']) {
        $field['parent_from'] .= ", {$inherit['from']}";
    }
}
// single value?
if ($field['list_type'] != 2 && $search_id) {
    $wheres[] = "`{$field['parent_table']}`.`{$field['parent_pk_field']}`='{$search_id}'";
}
if (count($wheres)) {
    $where = 'WHERE ' . implode(' AND ', $wheres);
}
// define the combo and return the code
$combo = new DataCombo();
if ($field['custom_query']) {
    $qm = array();
    $custom_where = '';
    $custom_order_by = '2';
    $combo->Query = $field['custom_query'];
    if (preg_match('/ order by (.*)$/i', $combo->Query, $qm)) {
        $custom_order_by = $qm[1];
        $combo->Query = preg_replace('/ order by .*$/i', '', $combo->Query);
    }
    if (preg_match('/ where (.*)$/i', $combo->Query, $qm)) {
        $custom_where = $qm[1];
        $combo->Query = preg_replace('/ where .*$/i', '', $combo->Query);
    }
    if ($where && $custom_where) {
        $combo->Query .= " {$where} AND ({$custom_where}) ORDER BY {$custom_order_by}";
function disease_symptoms_form($selected_id = "", $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0)
{
    // function to return an editable form for a table records
    // and fill it with data of record whose ID is $selected_id. If $selected_id
    // is empty, an empty form is shown, with only an 'Add New'
    // button displayed.
    global $Translation;
    // mm: get table permissions
    $arrPerm = getTablePermissions('disease_symptoms');
    if (!$arrPerm[1] && $selected_id == "") {
        return "";
    }
    // combobox: disease
    $combo_disease = new DataCombo();
    $combo_disease->Query = "select `id`, `short_name` from `diseases` order by 2";
    $combo_disease->SelectName = 'disease';
    $combo_disease->ListType = 0;
    // combobox: symptom
    $combo_symptom = new DataCombo();
    $combo_symptom->Query = "select `id`, `name` from `symptoms` order by 2";
    $combo_symptom->SelectName = 'symptom';
    $combo_symptom->ListType = 0;
    if ($selected_id) {
        // mm: check member permissions
        if (!$arrPerm[2]) {
            return "";
        }
        // mm: who is the owner?
        $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='disease_symptoms' and pkValue='" . makeSafe($selected_id) . "'");
        $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='disease_symptoms' and pkValue='" . makeSafe($selected_id) . "'");
        if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) {
            return "";
        }
        if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) {
            return "";
        }
        // can edit?
        if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
            $AllowUpdate = 1;
        } else {
            $AllowUpdate = 0;
        }
        $res = sql("select * from `disease_symptoms` where `id`='" . makeSafe($selected_id) . "'");
        $row = mysql_fetch_array($res);
        $combo_disease->SelectedData = $row["disease"];
        $combo_symptom->SelectedData = $row["symptom"];
    } else {
        $combo_disease->SelectedText = $_REQUEST['FilterField'][1] == '2' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "";
        $combo_symptom->SelectedText = $_REQUEST['FilterField'][1] == '3' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "";
    }
    $combo_disease->Render();
    $combo_symptom->Render();
    // code for template based detail view forms
    // open the detail view template
    if (($_POST['dvprint_x'] != '' || $_GET['dvprint_x'] != '') && $selected_id) {
        $templateCode = @implode('', @file('./templates/disease_symptoms_templateDVP.html'));
        $dvprint = true;
    } else {
        $templateCode = @implode('', @file('./templates/disease_symptoms_templateDV.html'));
        $dvprint = false;
    }
    // process form title
    $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Disease symptom details', $templateCode);
    // unique random identifier
    $rnd1 = $dvprint ? rand(1000000, 9999999) : '';
    $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
    // process buttons
    if ($arrPerm[1] && !$selected_id) {
        // allow insert and no record selected?
        $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<input type="image" src="insert.gif" name="insert" alt="' . $Translation['add new record'] . '" onclick="return validateData();">', $templateCode);
    } else {
        $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
    }
    if ($selected_id) {
        $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<input type="image" src="print.gif" vspace="1" name="dvprint" id="dvprint" alt="' . $Translation['printer friendly view'] . '" onclick="document.myform.reset(); return true;" style="margin-bottom: 20px;">', $templateCode);
        if ($AllowUpdate) {
            $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<input type="image" src="update.gif" vspace="1" name="update" alt="' . $Translation['update record'] . '" onclick="return validateData();">', $templateCode);
        } else {
            $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
            // set records to read only if user can't insert new records
            if (!$arrPerm[1]) {
                $jsReadOnly .= "\n\n\tif(document.getElementsByName('id').length){ document.getElementsByName('id')[0].readOnly=true; }\n";
                $jsReadOnly .= "\n\n\tif(document.getElementsByName('disease').length){ var disease=document.getElementsByName('disease')[0]; disease.disabled=true; disease.style.backgroundColor='white'; disease.style.color='black'; }\n";
                $jsReadOnly .= "\n\n\tif(document.getElementsByName('symptom').length){ var symptom=document.getElementsByName('symptom')[0]; symptom.disabled=true; symptom.style.backgroundColor='white'; symptom.style.color='black'; }\n";
                $jsReadOnly .= "\n\n\tif(document.getElementsByName('expected_probability').length){ document.getElementsByName('expected_probability')[0].readOnly=true; }\n";
                $jsReadOnly .= "\n\n\tif(document.getElementsByName('minimum').length){ document.getElementsByName('minimum')[0].readOnly=true; }\n";
                $jsReadOnly .= "\n\n\tif(document.getElementsByName('maximum').length){ document.getElementsByName('maximum')[0].readOnly=true; }\n";
                $jsReadOnly .= "\n\n\tif(document.getElementsByName('reading_other_value').length){ document.getElementsByName('reading_other_value')[0].readOnly=true; }\n";
                $noUploads = true;
            }
        }
        if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) {
            // allow delete?
            $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<input type="image" src="delete.gif" vspace="1" name="delete" alt="' . $Translation['delete record'] . '" onClick="return confirm(\'' . $Translation['are you sure?'] . '\');">', $templateCode);
        } else {
            $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
        }
        $templateCode = str_replace('<%%DESELECT_BUTTON%%>', "<input type=image src=deselect.gif vspace=1 name=deselect alt=\"" . $Translation['deselect record'] . "\" onclick=\"document.myform.reset(); return true;\">", $templateCode);
    } else {
        $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
        $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
        $templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? "<input type=image src=cancel.gif vspace=1 name=deselect alt=\"" . $Translation['deselect record'] . "\" onclick=\"document.myform.reset(); return true;\">" : '', $templateCode);
    }
    // process combos
    $templateCode = str_replace('<%%COMBO(disease)%%>', $combo_disease->HTML, $templateCode);
    $templateCode = str_replace('<%%COMBOTEXT(disease)%%>', $combo_disease->MatchText, $templateCode);
    $templateCode = str_replace('<%%COMBO(symptom)%%>', $combo_symptom->HTML, $templateCode);
    $templateCode = str_replace('<%%COMBOTEXT(symptom)%%>', $combo_symptom->MatchText, $templateCode);
    // process foreign key links
    if ($selected_id) {
        $templateCode = str_replace('<%%PLINK(disease)%%>', $combo_disease->SelectedData ? "<span id=diseases_plink1 style=\"visibility: hidden;\"><a href=diseases_view.php?SelectedID=" . $combo_disease->SelectedData . "><img border=0 src=lookup.gif></a></span>" : '', $templateCode);
        $templateCode = str_replace('<%%PLINK(symptom)%%>', $combo_symptom->SelectedData ? "<span id=symptoms_plink2 style=\"visibility: hidden;\"><a href=symptoms_view.php?SelectedID=" . $combo_symptom->SelectedData . "><img border=0 src=lookup.gif></a></span>" : '', $templateCode);
    }
    // process images
    $templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
    $templateCode = str_replace('<%%UPLOADFILE(disease)%%>', '', $templateCode);
    $templateCode = str_replace('<%%UPLOADFILE(symptom)%%>', '', $templateCode);
    $templateCode = str_replace('<%%UPLOADFILE(expected_probability)%%>', '', $templateCode);
    $templateCode = str_replace('<%%UPLOADFILE(minimum)%%>', '', $templateCode);
    $templateCode = str_replace('<%%UPLOADFILE(maximum)%%>', '', $templateCode);
    $templateCode = str_replace('<%%UPLOADFILE(reading_other_value)%%>', '', $templateCode);
    $templateCode = str_replace('<%%UPLOADFILE(comments)%%>', '', $templateCode);
    // process values
    if ($selected_id) {
        $templateCode = str_replace('<%%VALUE(id)%%>', htmlspecialchars($row['id'], ENT_QUOTES), $templateCode);
        $templateCode = str_replace('<%%VALUE(disease)%%>', htmlspecialchars($row['disease'], ENT_QUOTES), $templateCode);
        $templateCode = str_replace('<%%VALUE(symptom)%%>', htmlspecialchars($row['symptom'], ENT_QUOTES), $templateCode);
        $templateCode = str_replace('<%%VALUE(expected_probability)%%>', htmlspecialchars($row['expected_probability'], ENT_QUOTES), $templateCode);
        $templateCode = str_replace('<%%VALUE(minimum)%%>', htmlspecialchars($row['minimum'], ENT_QUOTES), $templateCode);
        $templateCode = str_replace('<%%VALUE(maximum)%%>', htmlspecialchars($row['maximum'], ENT_QUOTES), $templateCode);
        $templateCode = str_replace('<%%VALUE(reading_other_value)%%>', htmlspecialchars($row['reading_other_value'], ENT_QUOTES), $templateCode);
        if ($AllowUpdate || $AllowInsert) {
            $templateCode = str_replace('<%%HTMLAREA(comments)%%>', '<textarea name="comments" id="comments" cols="50" rows="5" class="TextBox">' . htmlspecialchars($row['comments'], ENT_QUOTES) . '</textarea>', $templateCode);
        } else {
            $templateCode = str_replace('<%%HTMLAREA(comments)%%>', $row['comments'], $templateCode);
        }
        $templateCode = str_replace('<%%VALUE(comments)%%>', $row['comments'], $templateCode);
    } else {
        $templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode);
        $templateCode = str_replace('<%%VALUE(disease)%%>', '', $templateCode);
        $templateCode = str_replace('<%%VALUE(symptom)%%>', '', $templateCode);
        $templateCode = str_replace('<%%VALUE(expected_probability)%%>', '', $templateCode);
        $templateCode = str_replace('<%%VALUE(minimum)%%>', '', $templateCode);
        $templateCode = str_replace('<%%VALUE(maximum)%%>', '', $templateCode);
        $templateCode = str_replace('<%%VALUE(reading_other_value)%%>', '', $templateCode);
        $templateCode = str_replace('<%%HTMLAREA(comments)%%>', '<textarea name="comments" id="comments" cols="50" rows="5" class="TextBox"></textarea>', $templateCode);
    }
    // process translations
    foreach ($Translation as $symbol => $trans) {
        $templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode);
    }
    // clear scrap
    $templateCode = str_replace('<%%', '<!--', $templateCode);
    $templateCode = str_replace('%%>', '-->', $templateCode);
    // hide links to inaccessible tables
    if ($_POST['dvprint_x'] == '') {
        $templateCode .= "\n\n<script>\n";
        $arrTables = getTableList();
        foreach ($arrTables as $name => $caption) {
            $templateCode .= "\tif(document.getElementById('" . $name . "_link')!=undefined){\n";
            $templateCode .= "\t\tdocument.getElementById('" . $name . "_link').style.visibility='visible';\n";
            $templateCode .= "\t}\n";
            for ($i = 1; $i < 10; $i++) {
                $templateCode .= "\tif(document.getElementById('" . $name . "_plink{$i}')!=undefined){\n";
                $templateCode .= "\t\tdocument.getElementById('" . $name . "_plink{$i}').style.visibility='visible';\n";
                $templateCode .= "\t}\n";
            }
        }
        $templateCode .= $jsReadOnly;
        if (!$selected_id) {
        }
        $templateCode .= "\n\tfunction validateData(){";
        $templateCode .= "\n\t\tif(\$F('disease')==''){ alert('" . addslashes($Translation['error:']) . ' "Disease": ' . addslashes($Translation['field not null']) . "'); \$('disease').focus(); return false; }";
        $templateCode .= "\n\t\tif(\$F('symptom')==''){ alert('" . addslashes($Translation['error:']) . ' "Symptom": ' . addslashes($Translation['field not null']) . "'); \$('symptom').focus(); return false; }";
        $templateCode .= "\n\t\treturn true;";
        $templateCode .= "\n\t}";
        $templateCode .= "\n</script>\n";
    }
    // ajaxed auto-fill fields
    $templateCode .= "<script>";
    $templateCode .= "document.observe('dom:loaded', function() {";
    $templateCode .= "});";
    $templateCode .= "</script>";
    // handle enforced parent values for read-only lookup fields
    // don't include blank images in lightbox gallery
    $templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode);
    // don't display empty email links
    $templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode);
    // hook: disease_symptoms_dv
    if (function_exists('disease_symptoms_dv')) {
        $args = array();
        disease_symptoms_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args);
    }
    return $templateCode;
}