function UpdateSQL(&$rs, $where = "")
{
$sql = "UPDATE " . $this->UpdateTable . " SET ";
foreach ($rs as $name => $value) {
if (!isset($this->fields[$name])) {
continue;
}
if (EW_ENCRYPTED_PASSWORD && $name == 'pass') {
$value = EW_CASE_SENSITIVE_PASSWORD ? ew_EncryptPassword($value) : ew_EncryptPassword(strtolower($value));
}
$sql .= $this->fields[$name]->FldExpression . "=";
$sql .= ew_QuotedValue($value, $this->fields[$name]->FldDataType) . ",";
}
while (substr($sql, -1) == ",") {
$sql = substr($sql, 0, -1);
}
$filter = $this->CurrentFilter;
ew_AddFilter($filter, $where);
if ($filter != "") {
$sql .= " WHERE " . $filter;
}
return $sql;
}
function ew_ComparePassword($pwd, $input)
{
@(list($crypt, $salt) = explode(":", $pwd, 2));
if (EW_CASE_SENSITIVE_PASSWORD) {
if (EW_ENCRYPTED_PASSWORD) {
return $pwd == ew_EncryptPassword($input, @$salt);
} else {
return $pwd == $input;
}
} else {
if (EW_ENCRYPTED_PASSWORD) {
return $pwd == ew_EncryptPassword(strtolower($input), @$salt);
} else {
return strtolower($pwd) == strtolower($input);
}
}
}
function ew_ComparePassword($pwd, $input, $encrypted = FALSE)
{
if ($encrypted) {
return $pwd == $input;
}
if (preg_match('/^\\$[HP]\\$/', $pwd)) {
// phpass
include "passwordhash.php";
$ar = json_decode(EW_PHPASS_ITERATION_COUNT_LOG2);
if (is_array($ar)) {
foreach ($ar as $i) {
$hasher = new PasswordHash($i, TRUE);
if ($hasher->CheckPassword($input, $pwd)) {
return TRUE;
}
}
return FALSE;
}
} elseif (strpos($pwd, ':') !== FALSE) {
// <hashedstring>:<salt>
@(list($crypt, $salt) = explode(":", $pwd, 2));
return $pwd == ew_EncryptPassword($input, $salt);
} else {
if (EW_CASE_SENSITIVE_PASSWORD) {
if (EW_ENCRYPTED_PASSWORD) {
return $pwd == ew_EncryptPassword($input);
} else {
return $pwd == $input;
}
} else {
if (EW_ENCRYPTED_PASSWORD) {
return $pwd == ew_EncryptPassword(strtolower($input));
} else {
return strtolower($pwd) == strtolower($input);
}
}
}
}
function ew_ComparePassword($pwd, $input)
{
if (preg_match('/^\\$[HP]\\$/', $pwd)) {
// phpass
include "passwordhash.php";
$hasher = new PasswordHash(10, TRUE);
return $hasher->CheckPassword($input, $pwd);
} elseif (strpos($pwd, ':') !== FALSE) {
// <hashedstring>:<salt>
@(list($crypt, $salt) = explode(":", $pwd, 2));
return $pwd == ew_EncryptPassword($input, $salt);
} else {
if (EW_CASE_SENSITIVE_PASSWORD) {
if (EW_ENCRYPTED_PASSWORD) {
return $pwd == ew_EncryptPassword($input);
} else {
return $pwd == $input;
}
} else {
if (EW_ENCRYPTED_PASSWORD) {
return $pwd == ew_EncryptPassword(strtolower($input));
} else {
return strtolower($pwd) == strtolower($input);
}
}
}
}
function WriteAuditTrailOnEdit(&$rsold, &$rsnew)
{
if (!$this->AuditTrailOnEdit) {
return;
}
$table = 'usuario';
// Get key value
$key = "";
if ($key != "") {
$key .= $GLOBALS["EW_COMPOSITE_KEY_SEPARATOR"];
}
$key .= $rsold['id'];
// Write Audit Trail
$dt = ew_StdCurrentDateTime();
$id = ew_ScriptName();
$usr = CurrentUserID();
foreach (array_keys($rsnew) as $fldname) {
if ($this->fields[$fldname]->FldDataType != EW_DATATYPE_BLOB) {
// Ignore BLOB fields
if ($this->fields[$fldname]->FldDataType == EW_DATATYPE_DATE) {
// DateTime field
$modified = ew_FormatDateTime($rsold[$fldname], 0) != ew_FormatDateTime($rsnew[$fldname], 0);
} else {
$modified = !ew_CompareValue($rsold[$fldname], $rsnew[$fldname]);
}
if ($modified) {
if ($this->fields[$fldname]->FldDataType == EW_DATATYPE_MEMO) {
// Memo field
if (EW_AUDIT_TRAIL_TO_DATABASE) {
$oldvalue = $rsold[$fldname];
$newvalue = $rsnew[$fldname];
} else {
$oldvalue = "[MEMO]";
$newvalue = "[MEMO]";
}
} elseif ($this->fields[$fldname]->FldDataType == EW_DATATYPE_XML) {
// XML field
$oldvalue = "[XML]";
$newvalue = "[XML]";
} else {
$oldvalue = $rsold[$fldname];
$newvalue = $rsnew[$fldname];
}
if (!EW_ENCRYPTED_PASSWORD && $fldname == 'contrasenia') {
$oldvalue = ew_EncryptPassword($oldvalue);
$newvalue = ew_EncryptPassword($newvalue);
}
ew_WriteAuditTrail("log", $dt, $id, $usr, "U", $table, $fldname, $key, $oldvalue, $newvalue);
}
}
}
}
function WriteAuditTrailOnAdd(&$rs)
{
if (!$this->AuditTrailOnAdd) {
return;
}
$table = 'usuario';
// Get key value
$key = "";
if ($key != "") {
$key .= $GLOBALS["EW_COMPOSITE_KEY_SEPARATOR"];
}
$key .= $rs['id'];
// Write Audit Trail
$dt = ew_StdCurrentDateTime();
$id = ew_ScriptName();
$usr = CurrentUserID();
foreach (array_keys($rs) as $fldname) {
if ($this->fields[$fldname]->FldDataType != EW_DATATYPE_BLOB) {
// Ignore BLOB fields
if ($this->fields[$fldname]->FldDataType == EW_DATATYPE_MEMO) {
if (EW_AUDIT_TRAIL_TO_DATABASE) {
$newvalue = $rs[$fldname];
} else {
$newvalue = "[MEMO]";
}
// Memo Field
} elseif ($this->fields[$fldname]->FldDataType == EW_DATATYPE_XML) {
$newvalue = "[XML]";
// XML Field
} else {
$newvalue = $rs[$fldname];
}
if (!EW_ENCRYPTED_PASSWORD && $fldname == 'contrasenia') {
$newvalue = ew_EncryptPassword($newvalue);
}
ew_WriteAuditTrail("log", $dt, $id, $usr, "A", $table, $fldname, $key, "", $newvalue);
}
}
}
