/**
* called by $this->store() after storing $this->values in the database
* can be used to update additional tables, call scripts etc.
*/
protected function storemore()
{
# store list of allowed domains in the domain_admins table
if (isset($this->values['domains'])) {
if (is_array($this->values['domains'])) {
$domains = $this->values['domains'];
} elseif ($this->values['domains'] == '') {
$domains = array();
} else {
$domains = explode(',', $this->values['domains']);
}
db_delete('domain_admins', 'username', $this->id, "AND domain != 'ALL'");
foreach ($domains as $domain) {
$values = array('username' => $this->id, 'domain' => $domain);
db_insert('domain_admins', $values, array('created'));
# TODO: check for errors
}
}
# Temporary workaround to keep the database compatible with 2.3.x
if (isset($this->values['superadmin'])) {
if ($this->values['superadmin'] == 1) {
$values = array('username' => $this->id, 'domain' => 'ALL');
$where = db_where_clause(array('username' => $this->id, 'domain' => 'ALL'), $this->struct);
$result = db_query("SELECT username from " . table_by_key('domain_admins') . " " . $where);
if ($result['rows'] == 0) {
db_insert('domain_admins', $values, array('created'));
# TODO: check for errors
}
} else {
db_delete('domain_admins', 'username', $this->id, "AND domain = 'ALL'");
}
}
return true;
# TODO: don't hardcode
}
/**
* build_select_query
*
* helper function to build the inner part of the select query
* can be used by read_from_db() and for generating the pagebrowser
*
* @param array or string - condition (an array will be AND'ed using db_where_clause, a string will be directly used)
* (if you use a string, make sure it is correctly escaped!)
* - WARNING: will be changed to array only in the future, with an option to include a raw string inside the array
* @param array searchmode - operators to use (=, <, >) if $condition is an array. Defaults to = if not specified for a field.
* @return array - contains query parts
*/
protected function build_select_query($condition, $searchmode)
{
$select_cols = array();
$yes = escape_string(Config::lang('YES'));
$no = escape_string(Config::lang('NO'));
if (db_pgsql()) {
$formatted_date = "TO_DATE(text(###KEY###), '" . escape_string(Config::Lang('dateformat_pgsql')) . "')";
$base64_decode = "DECODE(###KEY###, 'base64')";
} elseif (db_sqlite()) {
$formatted_date = "strftime(###KEY###, '" . escape_string(Config::Lang('dateformat_mysql')) . "')";
$base64_decode = "base64_decode(###KEY###)";
} else {
$formatted_date = "DATE_FORMAT(###KEY###, '" . escape_string(Config::Lang('dateformat_mysql')) . "')";
$base64_decode = "FROM_BASE64(###KEY###)";
}
$colformat = array('ts' => "{$formatted_date} AS ###KEY###, ###KEY### AS _###KEY###", 'bool' => "CASE ###KEY### WHEN '" . db_get_boolean(true) . "' THEN '1' WHEN '" . db_get_boolean(false) . "' THEN '0' END as ###KEY###," . "CASE ###KEY### WHEN '" . db_get_boolean(true) . "' THEN '{$yes}' WHEN '" . db_get_boolean(false) . "' THEN '{$no}' END as _###KEY###", 'b64p' => "{$base64_decode} AS ###KEY###");
# get list of fields to display
$extrafrom = "";
foreach ($this->struct as $key => $row) {
if (($row['display_in_list'] != 0 || $row['display_in_form'] != 0) && $row['not_in_db'] == 0) {
if ($row['select'] != '') {
$key = $row['select'];
}
if ($row['extrafrom'] != '') {
$extrafrom = $extrafrom . " " . $row['extrafrom'] . "\n";
}
if (isset($colformat[$row['type']])) {
$select_cols[] = str_replace('###KEY###', $key, $colformat[$row['type']]);
} else {
$select_cols[] = $key;
}
}
}
$cols = join(',', $select_cols);
$table = table_by_key($this->db_table);
$additional_where = '';
if ($this->domain_field != "") {
$additional_where .= " AND " . db_in_clause($this->domain_field, $this->allowed_domains);
}
# if logged in as user, restrict to the items the user is allowed to see
if (!$this->is_admin && $this->user_field != '') {
$additional_where .= " AND " . $this->user_field . " = '" . escape_string($this->username) . "' ";
}
if (is_array($condition)) {
if (isset($condition['_']) && count($this->searchfields) > 0) {
$simple_search = array();
foreach ($this->searchfields as $field) {
$simple_search[] = "{$field} LIKE '%" . escape_string($condition['_']) . "%'";
}
$additional_where .= " AND ( " . join(" OR ", $simple_search) . " ) ";
unset($condition['_']);
}
$where = db_where_clause($condition, $this->struct, $additional_where, $searchmode);
} else {
if ($condition == "") {
$condition = '1=1';
}
$where = " WHERE ( {$condition} ) {$additional_where}";
}
return array('select_cols' => " SELECT {$cols} ", 'from_where_order' => " FROM {$table} {$extrafrom} {$where} ORDER BY " . $this->order_by);
}
/** generate SQL to delete zero or more rows in a table
*
* @param string the name of the table to delete from (without prefix)
* @param mixed a single clause or an array with fieldnames => values ((without the WHERE keyword)
* @return string the constructed SQL statement
*/
function db_delete_sql($tablename, $where = '')
{
global $DB;
$sql = 'DELETE FROM ' . $DB->prefix . $tablename;
$where_clause = db_where_clause($where);
return $sql . $where_clause;
}
