public function breakJSONObject() { try { $queryCollection = ""; $shield = new Security(); $json_file = $_POST['jsonobject']; $json_file = str_replace('{"dt_objectTable":[', '{"dt_objectTable":', $json_file); $json_file = str_replace('{"dt_relatedTable":[', '{"dt_relatedTable":', $json_file); $json_file = str_replace('}]}', '}}', $json_file); if ($shield->shield($_POST['MODIFY_STATUS']) == "INS") { $fieldtarget = '{"fieldName":"ROADOFSPK","fieldValue":"0","fieldType":"numeric","fieldKey":"0"}'; $additionalField = ""; if ($shield->shield($_POST['CARA_BAYAR']) == "KREDIT") { $additionalField .= '{"fieldName":"SISA_BAYAR","fieldValue":"' . $_POST["DP_SYSTEM"] . '","fieldType":"numeric"}'; $additionalField .= ',{"fieldName":"STATUS_PO","fieldValue":"1. INDENT","fieldType":"string"}'; $additionalField .= ',{"fieldName":"AR_AMOUNT","fieldValue":"' . $_POST["DP_SYSTEM"] . '","fieldType":"numeric"}'; } else { $additionalField .= '{"fieldName":"SISA_BAYAR","fieldValue":"' . $_POST["HARGA"] . '","fieldType":"numeric"}'; $additionalField .= ',{"fieldName":"AR_AMOUNT","fieldValue":"' . $_POST["HARGA"] . '","fieldType":"numeric"}'; } $additionalField .= ',{"fieldName":"STATUS_SPK","fieldValue":"1","fieldType":"string"}'; $additionalField .= ',{"fieldName":"STATUS_JUAL","fieldValue":"1. SPK","fieldType":"string"}'; $additionalField .= ',{"fieldName":"STATUS_KIRIM","fieldValue":"N","fieldType":"string"}'; $additionalField .= ',{"fieldName":"STATUS_ARK","fieldValue":"N","fieldType":"string"}'; $additionalField .= ',{"fieldName":"CUSTOM_NO","fieldValue":"' . $shield->shield($_POST["NO_SPK"]) . '","fieldType":"string"}'; $additionalField .= ',{"fieldName":"ROADOFSPK","fieldValue":"0","fieldType":"numeric"}'; $json_file = str_replace($fieldtarget, $additionalField, $json_file); } //echo $json_file; // convert the string to a json object $jfo = json_decode($json_file); $relField = ""; $relCount = 0; $relTables = $jfo->dt_objectTable->dt_relatedTables; foreach ($relTables as $relTbl) { $myTable = $relTbl->dt_relatedTable; $relTableName = $myTable->tableName; $relautonumFormat = $myTable->autonumFormat; $relModifyStatus = $myTable->modify_status; $dt_relFields = $myTable->dt_relfieldCollection; $queryCollection .= $this->generateQuery($dt_relFields, $relTableName, $relautonumFormat, $relModifyStatus, $relCount); $relCount = $relCount + 1; } $tableName = $jfo->dt_objectTable->tableName; $autonumFormat = $jfo->dt_objectTable->autonumFormat; $modifystatus = $jfo->dt_objectTable->modify_status; $dt_fields = $jfo->dt_objectTable->dt_fieldsCollection; $queryCollection .= $this->generateQuery($dt_fields, $tableName, $autonumFormat, $modifystatus, 0); //echo $queryCollection; $model = new object_Model(); $result = $model->executeQuery($queryCollection); $weblog = new objectupdate(); $result = $weblog->record_webaccess_log("DML : " . ${$modifystatus} . "-" . $tableName . "-" . $shield->shield($_POST["NO_SPK"])); header("Location: entry-spk"); } catch (Exception $e) { throw new Exception($e->getMessage()); } }
function init() { $init = new boot(); if (isset($_GET['app'])) { if (empty($_GET['app'])) { header("Location: dashboard"); } //$sr = $_GET['sr']; if (!isset($_SESSION['user-id'])) { $app_get = "login"; } else { $security = new Security(); $app_get = $security->shield($_GET['app']); $app_get_sub = $security->shield($_GET['sub_app']); } switch ($app_get) { case $app_get: if (file_exists(LOCAL_DIR . "/apps/" . $app_get . "/" . $app_get . "_Controller.php")) { $ldr = new autoloader($app_get); if ($app_get_sub) { $dynamic = "ajax_" . $app_get . "_Controller"; } else { $dynamic = $app_get . "_Controller"; $weblog = new objectupdate(); $result = $weblog->record_webaccess_log("module : " . $app_get); } $object = new $dynamic(); if ($app_get == "object") { $object->breakJSONObject(); } if ($app_get == "ob_update") { $object->breakJSONObject(); } } else { if ($app_get == "logout") { //unset($_SESSION["user-id"]); session_destroy(); //setcookie("user-id","", time()-3600); header("Location: login"); } else { $weblog = new objectupdate(); $result = $weblog->record_webaccess_log("Accessing wrong module"); header("Location: page-not-found"); } } break; } } else { $weblog = new objectupdate(); $result = $weblog->record_webaccess_log("Accessing wrong module"); header("Location: dashboard"); } }