/** * Fetches the appropriate Userdata neede to Display all of them * * This function gets invoked by an Javascript-Script. It parses the data * and fetches userdata in one Query. It sends JSON-encoded data back. * * @uses $_POST['pagenumber'] The pagenumber to be displayed * @uses $_POST['usersPerPage'] How many Users are displayed per Page * @uses $_POST['sortFor'] What column should be sorted * @uses $_POST['filterForCol'] What Column should be filtered * @uses $_POST['filterForVal'] The value to filter for */ public function fetchUsersOrganized() { $pagenumber = $_POST['pagenumber']; $usersPerPage = $_POST['usersPerPage']; $sortFor = $_POST['sortFor']; $filterForVal = $_POST['filterForVal']; $toEscape = array(&$pagenumber, &$usersPerPage, &$sortFor, &$filterForVal); TableMng::sqlEscapeByArray($toEscape); $userToStart = ($pagenumber - 1) * $usersPerPage; if (empty($_POST['columnsToFetch'])) { $columnsToFetch = array(); } else { $columnsToFetch = $_POST['columnsToFetch']; foreach ($columnsToFetch as &$col) { TableMng::sqlEscape($col); } } $filterForColumns = array(); if (!empty($_POST['filterForColumns'])) { foreach ($_POST['filterForColumns'] as &$col) { TableMng::sqlEscape($col); } $filterForColumns = $_POST['filterForColumns']; } //When joining multiple tables, we have multiple IDs if ($filterForVal == 'ID') { $filterForVal = 'u.ID'; } //When user didnt select anything to sort For, default to Id if (empty($sortFor)) { $sortFor = 'ID'; } //Set the method of sorting $sortMethod = $_POST['sortMethod'] == 'ASC' ? 'ASC' : 'DESC'; try { $queryCreator = new UserDisplayAllQueryCreator($this->_pdo, $filterForColumns, $sortFor, $sortMethod, $userToStart, $usersPerPage); $query = $queryCreator->createQuery($columnsToFetch, $sortFor, $filterForVal); $countQuery = $queryCreator->createCountOfQuery($columnsToFetch, $sortFor, $filterForVal); // var_dump($query); // die(); //Fetch the Userdata TableMng::query('SET @activeSy := (SELECT ID FROM SystemSchoolyears WHERE active = "1");'); $data = TableMng::query($query); $usercount = TableMng::query($countQuery); // No division by zero, never show zero sites if ($usersPerPage != 0 && $usercount[0]['count'] > 0) { $pagecount = ceil((int) $usercount[0]['count'] / (int) $usersPerPage); } else { $pagecount = 1; } $data = $this->fetchedDataToReadable($data, $columnsToFetch); } catch (Exception $e) { $this->_logger->log('Error processing the data', 'Error', Null, json_encode(array('msg' => $e->getMessage()))); die(json_encode(array('value' => 'error', 'message' => 'Ein Fehler ist bei der Datenverarbeitung ' . 'aufgetreten.'))); } die(json_encode(array('value' => 'data', 'users' => $data, 'pagecount' => $pagecount))); }
public function execute($dataContainer) { $this->entryPoint($dataContainer); TableMng::sqlEscape($_GET['id']); $this->orderdataLoad($_GET['id']); if ($this->ordercancelLegalCheck()) { $this->orderCancel(); } $this->_interface->dieSuccess('Die Mahlzeit wurde erfolgreich gelöscht.'); }
public function execute($dataContainer) { $this->entryPoint($dataContainer); //hotfix, to be reworked if (isset($_GET['showPdfOfDeletedUser'])) { TableMng::sqlEscape($_GET['pdfId']); $fileId = $_GET['pdfId']; $deleter = new UserDelete(); $deleter->showPdfOfDeletedUser($fileId); die; } else { if (isset($_GET['getAllSpecialCourses'])) { $this->getAllSpecialCourses(); die; } else { if (isset($_GET['setSpecialCourse'])) { $this->setSpecialCourse(); die; } else { if (isset($_GET['getAllForeignLanguages'])) { $this->getAllForeignLanguages(); die; } else { if (isset($_GET['setForeignLanguage'])) { $this->setForeignLanguage(); die; } else { if (isset($_GET['getAllReligions'])) { $this->getAllReligions(); die; } else { if (isset($_GET['setReligion'])) { $this->setReligion(); die; } } } } } } } $execReq = $dataContainer->getExecutionCommand()->pathGet(); if ($this->submoduleCountGet($execReq)) { $this->submoduleExecuteAsMethod($execReq); } else { // $this->actionSwitch(); $this->userInterface->ShowSelectionFunctionality(); } }
/** * Escapes the string for MySQL * * Usage: '<index>' => 'sql_escape' * * @access protected * @author Pascal Ernst <*****@*****.**> * @param string $value * @param array $params * @return string */ protected function filter_sql_escape($value, $params = NULL) { $locValue = $value; if (class_exists('TableMng')) { TableMng::sqlEscape($locValue); } else { trigger_error('TableMng not existing in gump!'); } return $locValue; }
/** * Escapes and transfers the Request-Data */ protected function mealOrderValuesInit() { TableMng::sqlEscape($_GET['order']); $this->_meal = $this->mealGet($_GET['order'], $_SESSION['uid']); $this->_hasValidCoupon = $this->userHasValidCoupon($this->_meal['ID']); }
/** * Changes the Right of a Module */ protected function modulerightStatusChange() { if (!empty($_POST['moduleId']) && !empty($_POST['grouppath'])) { $moduleId = $_POST['moduleId']; $grouppath = $_POST['grouppath']; TableMng::sqlEscape($moduleId); TableMng::sqlEscape($grouppath); $group = $this->_acl->getGrouproot()->groupByPathGet($grouppath); $module = $this->modulerightStatusChangeModuleGet($group, $moduleId); if ($module->isEnabled()) { // Reverse the state of the module since the User wants // it changed $desiredState = !$module->userHasAccess(); $this->modulerightStatusChangeUpload($desiredState, $moduleId, $group); } else { die(json_encode(array('value' => 'error', 'message' => _g('The Module is deactivated! You need to activate it first in the ModuleSettings.')))); } die(json_encode(array('value' => 'success', 'message' => 'Die Rechte wurden erfolgreich verändert'))); } else { die(json_encode(array('value' => 'error', 'message' => 'Zu wenig Daten gegeben!'))); } }
protected function csvDelimiterCheck() { if (isset($_POST['csvDelimiter'])) { $del = $_POST['csvDelimiter']; TableMng::sqlEscape($del); if (!empty($del)) { $this->_delimiter = $del; } } }
protected function changeInputEscape() { TableMng::sqlEscape($_POST['id']); TableMng::sqlEscape($_POST['name']); TableMng::sqlEscape($_POST['isEnabled']); TableMng::sqlEscape($_POST['displayInMenu']); TableMng::sqlEscape($_POST['executablePath']); }
public static function groupAdd($name, $parentName) { TableMng::sqlEscape($name); TableMng::sqlEscape($parentName); try { $parent = TableMng::query("SELECT lft, rgt FROM SystemGroups\n\t\t\t\tWHERE `name` = '{$parentName}'"); if ($parent[0]['rgt'] == $parent[0]['lft'] + 1) { //No Children existing self::groupAddToNodeWithoutChildren($name, $parentName); } else { self::groupAddToNodeWithChildren($name, $parentName); } } catch (Exception $e) { die('Could not add Group ' . $e->getMessage()); } }
/** * Deletes the Grade and all Linked Tableentrys from the Database */ protected function submoduleDeleteGradeExecute() { TableMng::sqlEscape($_GET['ID']); TableMng::getDb()->autocommit(false); $this->deleteGradeFromDatabase(); $this->deleteLinkedItems($_GET['ID']); TableMng::getDb()->autocommit(true); $this->_interface->dieMsg(_g('The Grade was successfully deleted')); }
/** * Gets and escapes the Schoolyear-ID the User selected * * Dies with an Error if the Variable was not found * * @return string The SchoolyearId */ protected function schoolyearInputVarGet() { if (isset($_POST['schoolyearId'])) { TableMng::sqlEscape($_POST['schoolyearId']); } else { $this->_interface->dieError(_g('No schoolyear selected!')); } return $_POST['schoolyearId']; }