/** * AgileBill - Open Billing Software * * This body of work is free software; you can redistribute it and/or * modify it under the terms of the Open AgileBill License * License as published at http://www.agileco.com/agilebill/license1-4.txt * * For questions, help, comments, discussion, etc., please join the * Agileco community forums at http://forum.agileco.com/ * * @link http://www.agileco.com/ * @copyright 2004-2008 Agileco, LLC. * @license http://www.agileco.com/agilebill/license1-4.txt * @author Tony Landis <*****@*****.**> * @package AgileBill * @version 1.4.93 */ function CORE_database_delete($VAR, &$construct, $type) { global $C_debug, $C_translate; # set the id $id = $construct->table . '_id'; # generate the full query $q = "DELETE FROM\n\t\t\t" . AGILE_DB_PREFIX . "{$construct->table}\n\t\t\tWHERE\n\t\t\tid \t\t= '" . $db->qstr($VAR["id"], get_magic_quotes_gpc()) . "'\n\t\t\tAND\n\t\t\tsite_id = '" . DEFAULT_SITE . "'"; # execute the query $db =& DB(); $result = $db->Execute($q); # Alert $C_debug->value["id"] = $VAR[$id]; $C_debug->value["module_name"] = $C_translate->translate('menu', $construct->module, ""); $alert = $C_translate->translate('alert_delete_id', "", ""); $C_debug->alert($alert); # error reporting if ($result === false) { global $C_debug; $C_debug->error('database.inc.php', 'delete', $db->ErrorMsg()); if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 0, $VAR); } } else { if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 0, $VAR); } } }
function search_show($VAR) { $this->charge_construct(); $type = "search"; $this->method["{$type}"] = explode(",", $this->method["{$type}"]); # set the field list for this method: $arr = $this->method[$type]; $field_list = ''; $i = 0; while (list($key, $value) = each($arr)) { if ($i == 0) { $field_var = $this->table . '_' . $value; $field_list .= AGILE_DB_PREFIX . "charge" . "." . $value; // determine if this record is linked to another table/field if ($this->field[$value]["asso_table"] != "") { $this->linked[] = array('field' => $value, 'link_table' => $this->field[$value]["asso_table"], 'link_field' => $this->field[$value]["asso_field"]); } } else { $field_var = $this->table . '_' . $value; $field_list .= "," . AGILE_DB_PREFIX . "charge" . "." . $value; // determine if this record is linked to another table/field if ($this->field[$value]["asso_table"] != "") { $this->linked[] = array('field' => $value, 'link_table' => $this->field[$value]["asso_table"], 'link_field' => $this->field[$value]["asso_field"]); } } $i++; } # get the search details: if (isset($VAR['search_id'])) { include_once PATH_CORE . 'search.inc.php'; $search = new CORE_search(); $search->get($VAR['search_id']); } else { # invalid search! echo '<BR> The search terms submitted were invalid!'; # translate... # alert if (isset($this->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($this->trigger["{$type}"], 0, $VAR); } } # get the sort order details: if (isset($VAR['order_by']) && $VAR['order_by'] != "") { $order_by = ' ORDER BY ' . $VAR['order_by']; $smarty_order = $VAR['order_by']; } else { $order_by = ' ORDER BY ' . $this->order_by; $smarty_order = $search->order_by; } # determine the sort order if (isset($VAR['desc'])) { $order_by .= ' DESC'; $smarty_sort = 'desc='; } else { if (isset($VAR['asc'])) { $order_by .= ' ASC'; $smarty_sort = 'asc='; } else { if (!eregi('date', $smarty_order)) { $order_by .= ' ASC'; $smarty_sort = 'asc='; } else { $order_by .= ' DESC'; $smarty_sort = 'desc='; } } } # generate the full query $db =& DB(); $q = eregi_replace("%%fieldList%%", $field_list, $search->sql); $q = eregi_replace("%%tableList%%", AGILE_DB_PREFIX . $construct->table, $q); $q = eregi_replace("%%whereList%%", "", $q); $q .= " site_id = " . $db->qstr(DEFAULT_SITE); $q .= $order_by; ////////////////// # echo "<BR> $q <BR>"; $current_page = 1; $offset = -1; if (!empty($VAR['page'])) { $current_page = $VAR['page']; } if (empty($search->limit)) { $search->limit = 25; } if ($current_page > 1) { $offset = $current_page * $search->limit - $search->limit; } $result = $db->SelectLimit($q, $search->limit, $offset); # error reporting if ($result === false) { global $C_debug; $C_debug->error('charge.inc.php', 'search', $db->ErrorMsg()); if (isset($this->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($this->trigger["{$type}"], 0, $VAR); } return; } # put the results into a smarty accessable array $i = 0; $class_name = TRUE; while (!$result->EOF) { $smart[$i] = $result->fields; if ($class_name) { $smart[$i]['_C'] = 'row1'; $class_name = FALSE; } else { $smart[$i]['_C'] = 'row2'; $class_name = TRUE; } $result->MoveNext(); $i++; } # get any linked fields if ($i > 0) { $db_join = new CORE_database(); $this->result = $db_join->join_fields($smart, $this->linked); } else { $this->result = $smart; } # get the result count: $results = $result->RecordCount(); # define the DB vars as a Smarty accessible block global $smarty; # define the results $smarty->assign($this->table, $this->result); $smarty->assign('page', $VAR['page']); $smarty->assign('order', $smarty_order); $smarty->assign('sort', $smarty_sort); $smarty->assign('limit', $search->limit); $smarty->assign('search_id', $search->id); $smarty->assign('results', $search->results); # get the total pages for this search: if (empty($search->limit)) { $this->pages = 1; } else { $this->pages = intval($search->results / $search->limit); } if ($search->results % $search->limit) { $this->pages++; } # total pages $smarty->assign('pages', $this->pages); # current page $smarty->assign('page', $current_page); $page_arr = ''; for ($i = 0; $i <= $this->pages; $i++) { if ($this->page != $i) { $page_arr[] = $i; } } # page array for menu $smarty->assign('page_arr', $page_arr); }
/** * AgileBill - Open Billing Software * * This body of work is free software; you can redistribute it and/or * modify it under the terms of the Open AgileBill License * License as published at http://www.agileco.com/agilebill/license1-4.txt * * For questions, help, comments, discussion, etc., please join the * Agileco community forums at http://forum.agileco.com/ * * @link http://www.agileco.com/ * @copyright 2004-2008 Agileco, LLC. * @license http://www.agileco.com/agilebill/license1-4.txt * @author Tony Landis <*****@*****.**> * @package AgileBill * @version 1.4.93 */ function CORE_database_add($VAR, $construct, $type) { global $C_translate; # set the field list for this method: $arr = $construct->method["{$type}"]; # define the validation class include_once PATH_CORE . 'validate.inc.php'; $validate = new CORE_validate(); $construct->validated = true; #################################################################### # loop through the field list to validate the required fields #################################################################### while (list($key, $value) = each($arr)) { # get the field value $field_var = $construct->module . '_' . $value; $field_name = $value; $construct->validate = true; #################################################################### # perform any field validation... #################################################################### # check if this value is unique if (isset($construct->field["{$value}"]["unique"]) && isset($VAR["{$field_var}"])) { if (!$validate->validate_unique($construct->table, $field_name, "record_id", $VAR["{$field_var}"])) { $construct->validated = false; $construct->val_error[] = array('field' => $construct->table . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $C_translate->translate('validate_unique', "", "")); } } # check if the submitted value meets the specifed requirements if (isset($construct->field["{$value}"]["validate"])) { if (isset($VAR["{$field_var}"])) { if ($VAR["{$field_var}"] != '') { if (!$validate->validate($field_name, $construct->field["{$value}"], $VAR["{$field_var}"], $construct->field["{$value}"]["validate"])) { $construct->validated = false; $construct->val_error[] = array('field' => $construct->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $validate->error["{$field_name}"]); } } else { $construct->validated = false; $construct->val_error[] = array('field' => $construct->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $C_translate->translate('validate_any', "", "")); } } else { $construct->validated = false; $construct->val_error[] = array('field' => $construct->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $C_translate->translate('validate_any', "", "")); } } } #################################################################### # If validation was failed, skip the db insert & # set the errors & origonal fields as Smarty objects, # and change the page to be loaded. #################################################################### if (!$construct->validated) { global $smarty; # set the errors as a Smarty Object $smarty->assign('form_validation', $construct->val_error); # set the page to be loaded if (!defined("FORCE_PAGE")) { define('FORCE_PAGE', $VAR['_page_current']); } # define any triggers if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 0, $VAR); } # strip slashes global $C_vars; $C_vars->strip_slashes_all(); return false; } else { # begin the new database class: $db =& DB(); # loop through the field list to create the sql queries $field_list = ''; $i = 0; reset($arr); while (list($key, $value) = each($arr)) { # get the field value $field_var = $construct->module . '_' . $value; $field_name = $value; if (isset($VAR["{$field_var}"])) { # check if html allowed: if (@$construct->field["{$value}"]["html"] != 1 && !is_array($VAR["{$field_var}"])) { $insert_value = htmlspecialchars($VAR["{$field_var}"]); } else { $insert_value = $VAR["{$field_var}"]; } # perform data conversions if (isset($construct->field["{$value}"]["convert"])) { $insert_value = $validate->convert($field_name, $insert_value, $construct->field["{$value}"]["convert"]); } # create the sql statement if (!empty($insert_value)) { $field_list .= ", " . $value . "=" . $db->qstr($insert_value, get_magic_quotes_gpc()); } } } # add a comma before the site_id if needed if ($field_list != '') { $field_list .= ','; } # determine the record id: $construct->record_id = $db->GenID(AGILE_DB_PREFIX . "" . $construct->table . '_id'); # define the new ID as a constant define(strtoupper('NEW_RECORD_' . $construct->table . '_ID'), $construct->record_id); # generate the full query $q = "INSERT INTO " . AGILE_DB_PREFIX . "{$construct->table}\n\t\t\t\tSET\n\t\t\t\tid = " . $db->qstr($construct->record_id) . "\n\t\t\t\t{$field_list}\n\t\t\t\tsite_id = " . $db->qstr(DEFAULT_SITE); # execute the query $result = $db->Execute($q); ## echo $q; # error reporting: if ($result === false) { global $C_debug; $C_debug->error('database.inc.php', 'add', $db->ErrorMsg()); if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 0, $VAR); return false; } } # define any triggers: if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 1, $VAR); } global $VAR; $VAR["id"] = $construct->record_id; @($redirect_page = $VAR['_page']); if (isset($VAR["_escape"]) || isset($VAR["_escape_next"])) { $_escape = '&_escape=1&_escape_next=1'; } define('REDIRECT_PAGE', '?_page=' . $redirect_page . '&id=' . $construct->record_id . '' . @$_escape); return $construct->record_id; } }
/** * AgileBill - Open Billing Software * * This body of work is free software; you can redistribute it and/or * modify it under the terms of the Open AgileBill License * License as published at http://www.agileco.com/agilebill/license1-4.txt * * For questions, help, comments, discussion, etc., please join the * Agileco community forums at http://forum.agileco.com/ * * @link http://www.agileco.com/ * @copyright 2004-2008 Agileco, LLC. * @license http://www.agileco.com/agilebill/license1-4.txt * @author Tony Landis <*****@*****.**> * @package AgileBill * @version 1.4.93 */ function CORE_database_search($VAR, &$construct, $type) { $db =& DB(); include_once PATH_CORE . 'validate.inc.php'; $validate = new CORE_validate(); # set the search criteria array $arr = $VAR; # loop through the submitted field_names to get the WHERE statement $where_list = ''; $i = 0; while (list($key, $value) = each($arr)) { if ($i == 0) { if ($value != '') { $pat = "^" . $construct->module . "_"; if (preg_match('/' . $pat . '/i', $key)) { $field = preg_replace('/' . $pat . '/i', "", $key); if (preg_match('/%/', $value)) { # do any data conversion for this field (date, encrypt, etc...) if (isset($construct->field["{$field}"]["convert"])) { $value = $validate->convert($field, $value, $construct->field["{$field}"]["convert"]); } $where_list .= " WHERE " . $field . " LIKE " . $db->qstr($value, get_magic_quotes_gpc()); $i++; } else { # check if array if (is_array($value)) { for ($i_arr = 0; $i_arr < count($value); $i_arr++) { if ($value["{$i_arr}"] != '') { # determine any field options (=, >, <, etc...) $f_opt = '='; $pat_field = $construct->module . '_' . $field; $VAR['field_option']["{$pat_field}"]["{$i_arr}"]; if (isset($VAR['field_option']["{$pat_field}"]["{$i_arr}"])) { $f_opt = $VAR['field_option']["{$pat_field}"]["{$i_arr}"]; # error checking, safety precaution if ($f_opt != '=' && $f_opt != '>' && $f_opt != '<' && $f_opt != '>=' && $f_opt != '<=' && $f_opt != '!=') { $f_opt = '='; } } # do any data conversion for this field (date, encrypt, etc...) if (isset($construct->field["{$field}"]["convert"])) { $value["{$i_arr}"] = $validate->convert($field, $value["{$i_arr}"], $construct->field["{$field}"]["convert"]); } if ($i_arr == 0) { $where_list .= " WHERE " . $field . " {$f_opt} " . $db->qstr($value["{$i_arr}"], get_magic_quotes_gpc()); $i++; } else { $where_list .= " AND " . $field . " {$f_opt} " . $db->qstr($value["{$i_arr}"], get_magic_quotes_gpc()); $i++; } } } } else { $where_list .= " WHERE " . $field . " = " . $db->qstr($value, get_magic_quotes_gpc()); $i++; } } } } } else { if ($value != '') { $pat = "^" . $construct->module . "_"; if (preg_match('/' . $pat . '/', $key)) { $field = preg_replace('/' . $pat . '/i', "", $key); if (preg_match('/%/', $value)) { # do any data conversion for this field (date, encrypt, etc...) if (isset($construct->field["{$field}"]["convert"])) { $value = $validate->convert($field, $value, $construct->field["{$field}"]["convert"]); } $where_list .= " AND " . $field . " LIKE " . $db->qstr($value, get_magic_quotes_gpc()); $i++; } else { # check if array if (is_array($value)) { for ($i_arr = 0; $i_arr < count($value); $i_arr++) { if ($value["{$i_arr}"] != '') { # determine any field options (=, >, <, etc...) $f_opt = '='; $pat_field = $construct->module . '_' . $field; if (isset($VAR['field_option']["{$pat_field}"]["{$i_arr}"])) { $f_opt = $VAR['field_option']["{$pat_field}"]["{$i_arr}"]; # error checking, safety precaution if ($f_opt != '=' && $f_opt != '>' && $f_opt != '<' && $f_opt != '>=' && $f_opt != '<=' && $f_opt != '!=') { $f_opt = '='; } } # do any data conversion for this field (date, encrypt, etc...) if (isset($construct->field["{$field}"]["convert"])) { $value["{$i_arr}"] = $validate->convert($field, $value["{$i_arr}"], $construct->field["{$field}"]["convert"]); } $where_list .= " AND " . $field . " {$f_opt} " . $db->qstr($value["{$i_arr}"], get_magic_quotes_gpc()); $i++; } } } else { $where_list .= " AND " . $field . " = " . $db->qstr($value, get_magic_quotes_gpc()); $i++; } } } } } } #### finalize the WHERE statement if ($where_list == '') { $where_list .= ' WHERE '; } else { $where_list .= ' AND '; } # get limit type if (isset($VAR['limit'])) { $limit = $VAR['limit']; } else { $limit = $construct->limit; } # get order by if (isset($VAR['order_by'])) { $order_by = $VAR['order_by']; } else { $order_by = $construct->order_by; } ### Get any addition fields to select: if (isset($construct->custom_EXP)) { for ($ei = 0; $ei < count($construct->custom_EXP); $ei++) { if ($ei == 0) { $field_list = "," . $construct->custom_EXP[$ei]['field']; } } } # generate the full query $q = "SELECT id" . $field_list . " FROM\n\t\t " . AGILE_DB_PREFIX . "{$construct->table}\n\t\t {$where_list}\n\t\t site_id = '" . DEFAULT_SITE . "'"; $q_save = "SELECT %%fieldList%% FROM %%tableList%% " . $where_list . " %%whereList%% "; $result = $db->Execute($q); //////////////// DEBUG //// #echo "<PRE>$q</PRE>"; #exit; # error reporting if ($result === false) { global $C_debug; $C_debug->error('database.inc.php', 'search', $db->ErrorMsg()); if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 0, $VAR); } return; } # get the result count: $results = $result->RecordCount(); # get the first record id: if ($results == 1) { $record_id = $result->fields['id']; } ### Run any custom validation on this result for ### this module if (isset($construct->custom_EXP)) { $results = 0; while (!$result->EOF) { for ($ei = 0; $ei < count($construct->custom_EXP); $ei++) { $field = $construct->custom_EXP[$ei]["field"]; $value = $construct->custom_EXP[$ei]["value"]; if ($result->fields["{$field}"] == $value) { //$result->MoveNext(); $ei = count($construct->custom_EXP); $results++; } } $result->MoveNext(); } } # define the DB vars as a Smarty accessible block global $smarty; # Create the definition for fast-forwarding to a single record: if ($results == 1 && !isset($construct->fast_forward)) { $smarty->assign('record_id', $record_id); } # create the search record: if ($results > 0) { # create the search record include_once PATH_CORE . 'search.inc.php'; $search = new CORE_search(); $arr['module'] = $construct->module; $arr['sql'] = $q_save; $arr['limit'] = $limit; $arr['order_by'] = $order_by; $arr['results'] = $results; $search->add($arr); # define the search id and other parameters for Smarty $smarty->assign('search_id', $search->id); # page: $smarty->assign('page', '1'); # limit: $smarty->assign('limit', $limit); # order_by: $smarty->assign('order_by', $order_by); } # define the result count $smarty->assign('results', $results); if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 1, $VAR); } }
/** * AgileBill - Open Billing Software * * This body of work is free software; you can redistribute it and/or * modify it under the terms of the Open AgileBill License * License as published at http://www.agileco.com/agilebill/license1-4.txt * * For questions, help, comments, discussion, etc., please join the * Agileco community forums at http://forum.agileco.com/ * * @link http://www.agileco.com/ * @copyright 2004-2008 Agileco, LLC. * @license http://www.agileco.com/agilebill/license1-4.txt * @author Tony Landis <*****@*****.**> * @package AgileBill * @version 1.4.93 */ function CORE_database_mass_delete($VAR, &$construct, $type) { $db =& DB(); # set the id $id = $construct->table . '_id'; # generate the list of ID's $id_list = ''; $ii = 0; if (isset($VAR["delete_id"])) { $id = split(',', $VAR["delete_id"]); } elseif (isset($VAR["id"])) { $id = split(',', $VAR["id"]); } for ($i = 0; $i < count($id); $i++) { if ($id[$i] != '') { if ($i == 0) { $id_list .= " id = " . $db->qstr($id[$i], get_magic_quotes_gpc()) . " "; $ii++; } else { $id_list .= " OR id = " . $db->qstr($id[$i], get_magic_quotes_gpc()) . " "; $ii++; } } } if ($ii > 0) { # generate the full query $q = "DELETE FROM\n\t\t\t\t" . AGILE_DB_PREFIX . "{$construct->table}\n\t\t\t\tWHERE\n\t\t\t\t{$id_list}\n\t\t\t\tAND\n\t\t\t\tsite_id = '" . DEFAULT_SITE . "'"; # execute the query $result = $db->Execute($q); # error reporting if ($result === false) { global $C_debug; $C_debug->error('database.inc.php', 'mass_delete', $db->ErrorMsg()); if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 0, $VAR); } } else { ### Delete any associated records: if (isset($construct->associated_DELETE)) { for ($ii = 0; $ii < count($construct->associated_DELETE); $ii++) { $id_list = ''; for ($i = 0; $i < count($id); $i++) { if ($id[$i] != '') { if ($i == 0) { $id_list .= $construct->associated_DELETE[$ii]["field"] . " = " . $db->qstr($id[$i], get_magic_quotes_gpc()) . " "; } else { $id_list .= " OR " . $construct->associated_DELETE[$ii]["field"] . " = " . $db->qstr($id[$i], get_magic_quotes_gpc()) . " "; } } } # generate the full query $q = "DELETE FROM\n\t\t\t\t\t\t\t" . AGILE_DB_PREFIX . "" . $construct->associated_DELETE[$ii]["table"] . "\n\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t{$id_list}\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\t\tsite_id = '" . DEFAULT_SITE . "'"; # execute the query $result = $db->Execute($q); } } # Alert delete message if (!defined('AJAX')) { global $C_debug, $C_translate; $C_translate->value["CORE"]["module_name"] = $C_translate->translate('name', $construct->module, ""); $message = $C_translate->translate('alert_delete_ids', "CORE", ""); $message = ereg_replace('%%module_name%%', '', $message); $C_debug->alert($message); } if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 1, $VAR); } } } }
/** * AgileBill - Open Billing Software * * This body of work is free software; you can redistribute it and/or * modify it under the terms of the Open AgileBill License * License as published at http://www.agileco.com/agilebill/license1-4.txt * * For questions, help, comments, discussion, etc., please join the * Agileco community forums at http://forum.agileco.com/ * * @link http://www.agileco.com/ * @copyright 2004-2008 Agileco, LLC. * @license http://www.agileco.com/agilebill/license1-4.txt * @author Tony Landis <*****@*****.**> * @package AgileBill * @version 1.4.93 */ function CORE_database_search_show($VAR, &$construct, $type) { # set the field list for this method: $arr = $construct->method[$type]; $field_list = ''; $i = 0; while (list($key, $value) = each($arr)) { if ($i == 0) { $field_var = $construct->table . '_' . $value; $field_list .= AGILE_DB_PREFIX . $construct->table . "." . $value; // determine if this record is linked to another table/field if ($construct->field[$value]["asso_table"] != "") { $construct->linked[] = array('field' => $value, 'link_table' => $construct->field[$value]["asso_table"], 'link_field' => $construct->field[$value]["asso_field"]); } } else { $field_var = $construct->table . '_' . $value; $field_list .= "," . AGILE_DB_PREFIX . $construct->table . "." . $value; // determine if this record is linked to another table/field if ($construct->field[$value]["asso_table"] != "") { $construct->linked[] = array('field' => $value, 'link_table' => $construct->field[$value]["asso_table"], 'link_field' => $construct->field[$value]["asso_field"]); } } $i++; } # get the search details: if (isset($VAR['search_id'])) { include_once PATH_CORE . 'search.inc.php'; $search = new CORE_search(); $search->get($VAR['search_id']); } else { # invalid search! echo '<BR> The search terms submitted were invalid!<BR>'; # translate... # alert if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 0, $VAR); } } # Check that this search has not been taken over by another account if ($search->session != SESS && $search->account != SESS_ACCOUNT) { global $C_debug; $C_debug->alert('You are not authorized to view this search!'); return false; } # get the sort order details: if (isset($VAR['order_by']) && $VAR['order_by'] != "") { $order_by = ' ORDER BY ' . $VAR['order_by']; $smarty_order = $VAR['order_by']; } else { $order_by = ' ORDER BY ' . $construct->order_by; $smarty_order = $search->order_by; } # determine the sort order if (isset($VAR['desc'])) { $order_by .= ' DESC'; $smarty_sort = 'desc='; } else { if (isset($VAR['asc'])) { $order_by .= ' ASC'; $smarty_sort = 'asc='; } else { if (!preg_match('/date/i', $smarty_order)) { $order_by .= ' ASC'; $smarty_sort = 'asc='; } else { $order_by .= ' DESC'; $smarty_sort = 'desc='; } } } # generate the full query $db =& DB(); $q = preg_replace("/%%fieldList%%/i", $field_list, $search->sql); $q = preg_replace("/%%tableList%%/i", AGILE_DB_PREFIX . $construct->table, $q); $q = preg_replace("/%%whereList%%/i", "", $q); $q .= " site_id = '" . DEFAULT_SITE . "'"; $q .= $order_by; /////////////////////// # determine the offset & limit $current_page = 1; $offset = -1; if (!empty($VAR['page'])) { $current_page = $VAR['page']; } if (empty($search->limit)) { $search->limit = 25; } if ($current_page > 1) { $offset = $current_page * $search->limit - $search->limit; } $result = $db->SelectLimit($q, $search->limit, $offset); # error reporting if ($result === false) { global $C_debug; $C_debug->error('database.inc.php', 'search', $db->ErrorMsg()); if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 0, $VAR); } return; } ### Put the results into a smarty accessable array ### Run any custom validation on this result for ### this module if (isset($construct->custom_EXP)) { $i = 0; $class_name = TRUE; $results = 0; while (!$result->EOF) { for ($ei = 0; $ei < count($construct->custom_EXP); $ei++) { $field = $construct->custom_EXP[$ei]["field"]; $value = $construct->custom_EXP[$ei]["value"]; if ($result->fields["{$field}"] == $value) { $smart[$i] = $result->fields; if ($class_name) { $smart[$i]['_C'] = 'row1'; $class_name = FALSE; } else { $smart[$i]['_C'] = 'row2'; $class_name = TRUE; } $i++; $ei = count($construct->custom_EXP); $results++; } } $result->MoveNext(); } } else { $i = 0; $class_name = TRUE; while (!$result->EOF) { $smart[$i] = $result->fields; if ($class_name) { $smart[$i]['_C'] = 'row1'; $class_name = FALSE; } else { $smart[$i]['_C'] = 'row2'; $class_name = TRUE; } $result->MoveNext(); $i++; } } # get any linked fields if ($i > 0) { $db_join = new CORE_database(); $construct->result = $db_join->join_fields($smart, $construct->linked); } else { $construct->result = $smart; } # get the result count: $results = $result->RecordCount(); # define the DB vars as a Smarty accessible block global $smarty; # define the results $smarty->assign($construct->table, $construct->result); $smarty->assign('page', $VAR['page']); $smarty->assign('order', $smarty_order); $smarty->assign('sort', $smarty_sort); $smarty->assign('limit', $search->limit); $smarty->assign('search_id', $search->id); $smarty->assign('results', $search->results); # get the total pages for this search: if (empty($search->limit)) { $construct->pages = 1; } else { $construct->pages = intval($search->results / $search->limit); } if ($search->results % $search->limit) { $construct->pages++; } # total pages $smarty->assign('pages', $construct->pages); # current page $smarty->assign('page', $current_page); $page_arr = ''; for ($i = 0; $i <= $construct->pages; $i++) { if ($construct->page != $i) { $page_arr[] = $i; } } # page array for menu $smarty->assign('page_arr', $page_arr); if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 1, $VAR); } return $construct->result; }
/** * AgileBill - Open Billing Software * * This body of work is free software; you can redistribute it and/or * modify it under the terms of the Open AgileBill License * License as published at http://www.agileco.com/agilebill/license1-4.txt * * For questions, help, comments, discussion, etc., please join the * Agileco community forums at http://forum.agileco.com/ * * @link http://www.agileco.com/ * @copyright 2004-2008 Agileco, LLC. * @license http://www.agileco.com/agilebill/license1-4.txt * @author Tony Landis <*****@*****.**> * @package AgileBill * @version 1.4.93 */ function CORE_database_view($VAR, &$construct, $type) { $db =& DB(); # set the field list for this method: $arr = $construct->method[$type]; # loop through the field list to create the sql queries $field_list = ''; $i = 0; while (list($key, $value) = each($arr)) { if ($i == 0) { $field_var = $construct->table . '_' . $value; $field_list .= $value; } else { $field_var = $construct->table . '_' . $value; $field_list .= "," . $value; } $i++; } if (isset($VAR["id"])) { $id = explode(',', $VAR["id"]); for ($i = 0; $i < count($id); $i++) { if ($id[$i] != '') { if ($i == 0) { $id_list .= " id = " . $db->qstr($id[$i]) . " "; $ii++; } else { $id_list .= " OR id = " . $db->qstr($id[$i]) . " "; $ii++; } } } } if ($ii > 0) { # generate the full query $q = "SELECT\n\t\t\t {$field_list}\n\t\t\t FROM\n\t\t\t " . AGILE_DB_PREFIX . "{$construct->table}\n\t\t\t WHERE\n\t\t\t {$id_list}\n\t\t\t AND site_id = '" . DEFAULT_SITE . "'\n\t\t\t ORDER BY {$construct->order_by} "; $result = $db->Execute($q); /////////////////////// # echo $q; # echo "<BR>" . $db->ErrorMsg(); # error reporting if ($result === false) { global $C_debug; $C_debug->error('database.inc.php', 'view', $db->ErrorMsg()); if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 0, $VAR); } return; } # put the results into a smarty accessable array $i = 0; $class_name = TRUE; while (!$result->EOF) { ### Run any custom validation on this result for ### this module if (isset($construct->custom_EXP)) { for ($ei = 0; $ei < count($construct->custom_EXP); $ei++) { $field = $construct->custom_EXP[$ei]["field"]; $value = $construct->custom_EXP[$ei]["value"]; if ($result->fields["{$field}"] == $value) { $smart[$i] = $result->fields; if ($class_name) { $smart[$i]["i"] = $i; } else { $smart[$i]["i"] = $i; } $result->MoveNext(); $ei = count($construct->custom_EXP); $i++; } } $result->MoveNext(); } else { $smart[$i] = $result->fields; if ($class_name) { $smart[$i]["i"] = $i; } else { $smart[$i]["i"] = $i; } $result->MoveNext(); $i++; } } # get the result count: $results = $i; ### No results: if ($i == 0) { global $C_debug; $C_debug->error("CORE:database.inc.php", "view()", "The selected record does not\n\t\t\t\t\t\t\t exist any longer, or your account is not authorized to view it"); return; } # define the results global $smarty; $smarty->assign($construct->table, $smart); $smarty->assign('results', $search->results); if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 1, $VAR); } return $smart; } }
function add($VAR) { if (!$this->checkLimits()) { return false; } // check account limits $this->account_construct(); global $C_list, $C_translate, $C_debug, $VAR, $smarty; $this->validated = true; ### Set the hidden values: $VAR['account_date_orig'] = time(); $VAR['account_date_last'] = time(); if (defined("SESS_LANGUAGE")) { @($VAR['account_language_id'] = SESS_LANGUAGE); } else { @($VAR['account_language_id'] = DEFAULT_LANGUAGE); } if (defined("SESS_AFFILIATE")) { @($VAR['account_affiliate_id'] = SESS_AFFILIATE); } else { @($VAR['account_affiliate_id'] = DEFAULT_AFFILIATE); } if (defined("SESS_RESELLER")) { @($VAR['account_reseller_id'] = SESS_RESELLER); } else { @($VAR['account_reseller_id'] = DEFAULT_RESELLER); } if (defined("SESS_CURRENCY")) { @($VAR['account_currency_id'] = SESS_CURRENCY); } else { @($VAR['account_currency_id'] = DEFAULT_CURRENCY); } if (defined("SESS_THEME")) { @($VAR['account_theme_id'] = SESS_THEME); } else { @($VAR['account_theme_id'] = DEFAULT_THEME); } if (defined("SESS_CAMPAIGN")) { @($VAR['account_campaign_id'] = SESS_CAMPAIGN); } else { @($VAR['account_campaign_id'] = 0); } if (!isset($VAR['account_email_type']) && @$VAR['account_email_type'] != "1") { @($VAR['account_email_type'] = '0'); } ### Determine the proper account status: if (DEFAULT_ACCOUNT_STATUS != '1') { $status = '1'; } else { $status = '0'; } ## Single field login: if (defined('SINGLE_FIELD_LOGIN') && SINGLE_FIELD_LOGIN == true && empty($VAR['account_password'])) { $VAR['account_password'] = '******'; $VAR['confirm_password'] = '******'; } #################################################################### ### loop through the field list to validate the required fields #################################################################### $type = 'add'; $this->method["{$type}"] = split(",", $this->method["{$type}"]); $arr = $this->method["{$type}"]; include_once PATH_CORE . 'validate.inc.php'; $validate = new CORE_validate(); $this->validated = true; while (list($key, $value) = each($arr)) { # get the field value $field_var = $this->module . '_' . $value; $field_name = $value; #################################################################### ### perform any field validation... #################################################################### # check if this value is unique if (isset($this->field["{$value}"]["unique"]) && isset($VAR["{$field_var}"])) { if (!$validate->validate_unique($this->table, $field_name, "record_id", $VAR["{$field_var}"])) { $this->validated = false; $this->val_error[] = array('field' => $this->table . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_unique', "", "")); } } # check if the submitted value meets the specifed requirements if (isset($this->field["{$value}"]["validate"])) { if (isset($VAR["{$field_var}"])) { if ($VAR["{$field_var}"] != '') { if (!$validate->validate($field_name, $this->field["{$value}"], $VAR["{$field_var}"], $this->field["{$value}"]["validate"])) { $this->validated = false; $this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $validate->error["{$field_name}"]); } } else { $this->validated = false; $this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_any', "", "")); } } else { $this->validated = false; $this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_any', "", "")); } } } #################################################################### ### Validate the password #################################################################### if (isset($VAR['account_password']) && $VAR['account_password'] != "") { if (isset($VAR['confirm_password']) && $VAR['account_password'] == $VAR['confirm_password']) { $password = $VAR['account_password']; $smarty->assign('confirm_account_password', $VAR["account_password"]); } else { ### ERROR: The passwords provided do not match! $smarty->assign('confirm_account_password', ''); $this->validated = false; $this->val_error[] = array('field' => 'account_confirm_password', 'field_trans' => $C_translate->translate('field_confirm_password', $this->module, ""), 'error' => $C_translate->translate('password_change_match', "account", "")); } } else { $smarty->assign('confirm_account_password', ''); } #################################################################### ### Validate that the user's IP & E-mail are not banned! #################################################################### if ($this->validated) { require_once PATH_MODULES . 'blocked_email/blocked_email.inc.php'; $blocked_email = new blocked_email(); if (!$blocked_email->is_blocked($VAR['account_email'])) { $this->val_error[] = array('field' => 'account_email', 'field_trans' => $C_translate->translate('field_email', $this->module, ""), 'error' => $C_translate->translate('validate_banned_email', "", "")); } require_once PATH_MODULES . 'blocked_ip/blocked_ip.inc.php'; $blocked_ip = new blocked_ip(); if (!$blocked_ip->is_blocked(USER_IP)) { $this->val_error[] = array('field' => 'IP Address', 'field_trans' => $C_translate->translate('ip_address', $this->module, ""), 'error' => $C_translate->translate('validate_banned_ip', "", "")); } } // validate the tax_id require_once PATH_MODULES . 'tax/tax.inc.php'; $taxObj = new tax(); $tax_arr = @$VAR['account_tax_id']; if (is_array($tax_arr)) { foreach ($tax_arr as $country_id => $tax_id) { if ($country_id == $VAR['account_country_id']) { $exempt = @$VAR["account_tax_id_exempt"][$country_id]; if (!$taxObj->TaxIdsValidate($country_id, $tax_id, $exempt)) { $this->validated = false; $this->val_error[] = array('field' => 'account_tax_id', 'field_trans' => $taxObj->errField, 'error' => $C_translate->translate('validate_general', "", "")); } if ($exempt) { $VAR['account_tax_id'] = false; } else { $VAR['account_tax_id'] = $tax_id; } } } } #################################################################### ### Get required static_Vars and validate them... return an array ### w/ ALL errors... #################################################################### require_once PATH_CORE . 'static_var.inc.php'; $static_var = new CORE_static_var(); if (!isset($this->val_error)) { $this->val_error = false; } $all_error = $static_var->validate_form($this->module, $this->val_error); if ($all_error != false && gettype($all_error) == 'array') { $this->validated = false; } else { $this->validated = true; } #################################################################### ### If validation was failed, skip the db insert & ### set the errors & origonal fields as Smarty objects, ### and change the page to be loaded. #################################################################### if (!$this->validated) { global $smarty; # set the errors as a Smarty Object $smarty->assign('form_validation', $all_error); # set the page to be loaded if (!defined("FORCE_PAGE")) { define('FORCE_PAGE', $VAR['_page_current']); } # Stripslashes global $C_vars; $C_vars->strip_slashes_all(); return; } # Get default invoice options $db =& DB(); $invopt = $db->Execute(sqlSelect($db, "setup_invoice", "*", "")); if ($invopt && $invopt->RecordCount()) { $invoice_delivery = $invopt->fields['invoice_delivery']; $invoice_format = $invopt->fields['invoice_show_itemized']; } /* hash the password */ if (defined('PASSWORD_ENCODING_SHA')) { $password_encoded = sha1($password); } else { $password_encoded = md5($password); } #################################################################### ### Insert the account record #################################################################### $this->account_id = $db->GenID(AGILE_DB_PREFIX . 'account_id'); $validation_str = time(); /** get parent id */ $this->account_id; if (empty($this->parent_id)) { $this->parent_id = $this->account_id; } $sql = ' INSERT INTO ' . AGILE_DB_PREFIX . 'account SET id = ' . $db->qstr($this->account_id) . ', site_id = ' . $db->qstr(DEFAULT_SITE) . ', date_orig = ' . $db->qstr($validation_str) . ', date_last = ' . $db->qstr(time()) . ', language_id = ' . $db->qstr($VAR["account_language_id"]) . ', country_id = ' . $db->qstr($VAR["account_country_id"]) . ', parent_id = ' . $db->qstr($this->parent_id) . ', affiliate_id = ' . $db->qstr(@$VAR["account_affiliate_id"]) . ', campaign_id = ' . $db->qstr(@$VAR["account_campaign_id"]) . ', reseller_id = ' . $db->qstr(@$VAR["account_reseller_id"]) . ', currency_id = ' . $db->qstr($VAR["account_currency_id"]) . ', theme_id = ' . $db->qstr($VAR["account_theme_id"]) . ', username = '******', password = '******', status = ' . $db->qstr($status) . ', first_name = ' . $db->qstr($VAR["account_first_name"], get_magic_quotes_gpc()) . ', middle_name = ' . $db->qstr($VAR["account_middle_name"], get_magic_quotes_gpc()) . ', last_name = ' . $db->qstr($VAR["account_last_name"], get_magic_quotes_gpc()) . ', company = ' . $db->qstr($VAR["account_company"], get_magic_quotes_gpc()) . ', title = ' . $db->qstr($VAR["account_title"], get_magic_quotes_gpc()) . ', email = ' . $db->qstr($VAR["account_email"], get_magic_quotes_gpc()) . ', address1 = ' . $db->qstr($VAR["account_address1"], get_magic_quotes_gpc()) . ', address2 = ' . $db->qstr($VAR["account_address2"], get_magic_quotes_gpc()) . ', city = ' . $db->qstr($VAR["account_city"], get_magic_quotes_gpc()) . ', state = ' . $db->qstr($VAR["account_state"], get_magic_quotes_gpc()) . ', zip = ' . $db->qstr($VAR["account_zip"], get_magic_quotes_gpc()) . ', email_type = ' . $db->qstr($VAR["account_email_type"], get_magic_quotes_gpc()) . ', invoice_delivery= ' . $db->qstr(@$invoice_delivery) . ', invoice_show_itemized=' . $db->qstr(@$invoice_format) . ', invoice_advance_gen = ' . $db->qstr(MAX_INV_GEN_PERIOD) . ', invoice_grace = ' . $db->qstr(GRACE_PERIOD) . ', tax_id = ' . $db->qstr(@$VAR['account_tax_id']); $result = $db->Execute($sql); #################################################################### ### error reporting: #################################################################### if ($result === false) { global $C_debug; $C_debug->error('account.inc.php', 'add', $db->ErrorMsg()); if (isset($this->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($this->trigger["{$type}"], 0, $VAR); } return; } /* password logging class */ if ($C_list->is_installed('account_password_history')) { include_once PATH_MODULES . 'account_password_history/account_password_history.inc.php'; $accountHistory = new account_password_history(); $accountHistory->setNewPassword($this->account_id, $password_encoded); } #################################################################### ### Add the account to the default group: #################################################################### $group_id = $db->GenID(AGILE_DB_PREFIX . 'account_group_id'); $sql = ' INSERT INTO ' . AGILE_DB_PREFIX . 'account_group SET id = ' . $db->qstr($group_id) . ', site_id = ' . $db->qstr(DEFAULT_SITE) . ', date_orig = ' . $db->qstr(time()) . ', group_id = ' . $db->qstr(DEFAULT_GROUP) . ', account_id = ' . $db->qstr($this->account_id) . ', active = ' . $db->qstr('1'); $db->Execute($sql); #################################################################### ### Insert the static vars: #################################################################### $static_var->add($VAR, $this->module, $this->account_id); #################################################################### ### Mail the user the new_account email template #################################################################### require_once PATH_MODULES . 'email_template/email_template.inc.php'; $my = new email_template(); if ($status == "1") { $my->send('account_registration_active', $this->account_id, $this->account_id, '', ''); } else { $validation_str = strtoupper($validation_str . ':' . $this->account_id); $my->send('account_registration_inactive', $this->account_id, '', '', $validation_str); } #################################################################### ### Add the newsletters #################################################################### if (NEWSLETTER_REGISTRATION == "1") { @($VAR['newsletter_html'] = $VAR['account_email_type']); $VAR['newsletter_email'] = $VAR['account_email']; $VAR['newsletter_first_name'] = $VAR['account_first_name']; $VAR['newsletter_last_name'] = $VAR['account_last_name']; require_once PATH_MODULES . '/newsletter/newsletter.inc.php'; $newsletter = new newsletter(); $newsletter->subscribe($VAR, $this); } #################################################################### ### Log in the user & display the welcome message #################################################################### if ($status == "1") { if ($this->parent_id == $this->account_id || empty($this->parent_id)) { $C_debug->alert($C_translate->translate("user_add_active_welcome", "account", "")); if (SESSION_EXPIRE == 0) { $exp = 99999; } else { $exp = SESSION_EXPIRE; } $date_expire = time() + SESSION_EXPIRE * 60; # update the session $db =& DB(); $q = "UPDATE " . AGILE_DB_PREFIX . "session\n\t\t\t\t\t\tSET\n\t\t\t\t\t\tip= " . $db->qstr(USER_IP) . ",\n\t\t\t\t\t\tdate_expire = " . $db->qstr($date_expire) . ",\n\t\t\t\t\t\tlogged = " . $db->qstr('1') . ",\n\t\t\t\t\t\taccount_id = " . $db->qstr($this->account_id) . "\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\tid = " . $db->qstr(SESS) . "\n\t\t\t\t\t\tAND\n\t\t\t\t\t\tsite_id = " . $db->qstr(DEFAULT_SITE); $result = $db->Execute($q); ### constants define('FORCE_SESS_ACCOUNT', $this->account_id); define('FORCE_SESS_LOGGED', 1); ### Reload the session auth cache if (CACHE_SESSIONS == '1') { $force = true; $C_auth = new CORE_auth($force); global $C_auth2; $C_auth2 = $C_auth; } if (isset($VAR['_page_next'])) { define('REDIRECT_PAGE', '?_page=' . $VAR['_page_next']); } elseif (isset($VAR['_page'])) { define('REDIRECT_PAGE', '?_page=' . $VAR['_page']); } } #################################################################### ### Do any db_mapping #################################################################### if ($C_list->is_installed('db_mapping')) { include_once PATH_MODULES . 'db_mapping/db_mapping.inc.php'; $db_map = new db_mapping(); if (!empty($password)) { $db_map->plaintext_password = $password; } else { $db_map->plaintext_password = false; } $db_map->account_add($this->account_id); $db_map = new db_mapping(); $db_map->login($this->account_id); } #################################################################### ### Affiliate Auto Creation #################################################################### if (AUTO_AFFILIATE == 1 && $C_list->is_installed("affiliate")) { $VAR['affiliate_account_id'] = $this->account_id; $VAR['affiliate_template_id'] = DEFAULT_AFFILIATE_TEMPLATE; include_once PATH_MODULES . 'affiliate/affiliate.inc.php'; $affiliate = new affiliate(); $affiliate->add($VAR, $affiliate); } } else { $C_debug->alert($C_translate->translate("user_add_inactive_welcome", "account", "")); define('FORCE_PAGE', 'core:blank'); } }
function add($VAR) { $this->construct(); global $C_translate; $type = "add"; $this->method["{$type}"] = split(",", $this->method["{$type}"]); # set the field list for this method: $arr = $this->method["{$type}"]; # define the validation class include_once PATH_CORE . 'validate.inc.php'; $validate = new CORE_validate(); $this->validated = true; #################################################################### # loop through the field list to validate the required fields #################################################################### while (list($key, $value) = each($arr)) { # get the field value $field_var = $this->module . '_' . $value; $field_name = $value; $this->validate = true; #################################################################### # perform any field validation... #################################################################### # check if this value is unique if (isset($this->field["{$value}"]["unique"]) && isset($VAR["{$field_var}"])) { if (!$validate->validate_unique($this->table, $field_name, "record_id", $VAR["{$field_var}"])) { $this->validated = false; $this->val_error[] = array('field' => $this->table . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_unique', "", "")); } } # check if the submitted value meets the specifed requirements if (isset($this->field["{$value}"]["validate"])) { if (isset($VAR["{$field_var}"])) { if ($VAR["{$field_var}"] != '') { if (!$validate->validate($field_name, $this->field["{$value}"], $VAR["{$field_var}"], $this->field["{$value}"]["validate"])) { $this->validated = false; $this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $validate->error["{$field_name}"]); } } else { $this->validated = false; $this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_any', "", "")); } } else { $this->validated = false; $this->val_error[] = array('field' => $this->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $this->module, ""), 'error' => $C_translate->translate('validate_any', "", "")); } } } #################################################################### # If validation was failed, skip the db insert & # set the errors & origonal fields as Smarty objects, # and change the page to be loaded. #################################################################### if (!$this->validated) { global $smarty; # set the errors as a Smarty Object $smarty->assign('form_validation', $this->val_error); # set the page to be loaded if (!defined("FORCE_PAGE")) { define('FORCE_PAGE', $VAR['_page_current']); } # define any triggers if (isset($this->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($this->trigger["{$type}"], 0, $VAR); } return; } else { # begin the new database class: $db =& DB(); # loop through the field list to create the sql queries $field_list = ''; $i = 0; reset($arr); while (list($key, $value) = each($arr)) { # get the field value $field_var = $this->module . '_' . $value; $field_name = $value; #################################################################### # perform any special actions #################################################################### # md5, rc5, pgp, gpg, time, date, date-time if (isset($this->field["{$value}"]["convert"]) && isset($VAR["{$field_var}"])) { # do the conversion... $VAR["{$field_var}"] = $validate->convert($field_name, $VAR["{$field_var}"], $this->field["{$value}"]["convert"]); } if (isset($VAR["{$field_var}"])) { $field_list .= ", " . $value . "=" . $db->qstr($VAR["{$field_var}"]); } } # add a comma before the site_id if needed if ($field_list != '') { $field_list .= ','; } # determine the record id: $this->record_id = $db->GenID(AGILE_DB_PREFIX . "" . $this->table . '_id'); # determine the record id, if it is an ACCOUNT record if ($this->table == 'account') { $this->record_id = md5($this->record_id . '' . microtime()); } # define the new ID as a constant define(strtoupper('NEW_RECORD_' . $this->table . '_ID'), $this->record_id); # generate the full query $q = "INSERT INTO " . AGILE_DB_PREFIX . "{$this->table}\n\t\t\t\t\tSET\n\t\t\t\t\tid = " . $db->qstr($this->record_id) . "\n\t\t\t\t\t{$field_list}\n\t\t\t\t\tsite_id = " . $db->qstr(DEFAULT_SITE); # execute the query $result = $db->Execute($q); # error reporting: if ($result === false) { global $C_debug; $C_debug->error('database.inc.php', 'add', $db->ErrorMsg()); if (isset($this->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($this->trigger["{$type}"], 0, $VAR); } } $VAR["id"] = $this->record_id; @($redirect_page = $VAR['_page']); define('REDIRECT_PAGE', '?_page=' . $redirect_page . '&id=' . $this->record_id . '&s=' . SESS); # RUN ANY INSTALL SCRIPT! $file = $VAR['db_mapping_map_file']; if ($file != '') { include_once PATH_PLUGINS . 'db_mapping/' . $file . '.php'; eval('$_MAP = new map_' . strtoupper($file) . ';'); if (isset($_MAP->map['install']) && $_MAP->map['install'] == true) { $_MAP->install(); } } } }
/** * AgileBill - Open Billing Software * * This body of work is free software; you can redistribute it and/or * modify it under the terms of the Open AgileBill License * License as published at http://www.agileco.com/agilebill/license1-4.txt * * For questions, help, comments, discussion, etc., please join the * Agileco community forums at http://forum.agileco.com/ * * @link http://www.agileco.com/ * @copyright 2004-2008 Agileco, LLC. * @license http://www.agileco.com/agilebill/license1-4.txt * @author Tony Landis <*****@*****.**> * @package AgileBill * @version 1.4.93 */ function CORE_database_update($VAR, &$construct, $type) { global $C_translate; # set the field list for this method: $arr = $construct->method["{$type}"]; # define the validation class include_once PATH_CORE . 'validate.inc.php'; $validate = new CORE_validate(); $construct->validated = true; # define this record id $id = $VAR[$construct->module . '_id']; #################################################################### # loop through the field list to validate the required fields #################################################################### while (list($key, $value) = each($arr)) { # get the field value $field_var = $construct->module . '_' . $value; $field_name = $value; $construct->validate = true; #################################################################### # perform any field validation... #################################################################### # check if the conversion type required is not one ignored on updates: $ignore_con = false; $ignore_convert = array('sha', 'md5', 'rc5', 'crypt'); for ($ic = 0; $ic < count($ignore_convert); $ic++) { if (isset($construct->field["{$value}"]["convert"])) { if ($construct->field["{$value}"]["convert"] == $ignore_convert[$ic]) { $ignore_con = true; } } } if (!$ignore_con) { # check if this value is unique if (isset($construct->field["{$value}"]["unique"])) { if (isset($VAR["{$field_var}"])) { if (!$validate->validate_unique($construct->table, $field_name, $id, $VAR["{$field_var}"])) { $construct->validated = false; $construct->val_error[] = array('field' => $construct->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $C_translate->translate('validate_unique', "", "")); } } } # check if the submitted value meets the specifed requirements if (isset($construct->field["{$value}"]["validate"])) { if (isset($VAR["{$field_var}"])) { if ($VAR["{$field_var}"] != '') { if (!$validate->validate($field_name, $construct->field["{$value}"], $VAR["{$field_var}"], $construct->field["{$value}"]["validate"])) { $construct->validated = false; $construct->val_error[] = array('field' => $construct->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $validate->error["{$field_name}"]); } } else { $construct->validated = false; $construct->val_error[] = array('field' => $construct->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $C_translate->translate('validate_any', "", "")); } } else { $construct->validated = false; $construct->val_error[] = array('field' => $construct->module . '_' . $field_name, 'field_trans' => $C_translate->translate('field_' . $field_name, $construct->module, ""), 'error' => $C_translate->translate('validate_any', "", "")); } } } } #################################################################### # If validation was failed, skip the db insert & # set the errors & origonal fields as Smarty objects, # and change the page to be loaded. #################################################################### if (!$construct->validated) { global $smarty; # set the errors as a Smarty Object $smarty->assign('form_validation', $construct->val_error); # change the page to be loaded global $VAR; $VAR['_page'] = $construct->module . ':view'; if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 0, $VAR); } # strip slashes global $C_vars; $C_vars->strip_slashes_all(); return false; } else { $db =& DB(); $field_list = ''; $i = 0; reset($arr); while (list($key, $value) = each($arr)) { # get the field value $field_var = $construct->module . '_' . $value; $field_name = $value; if (isset($VAR["{$field_var}"]) && $VAR["{$field_var}"] != 'IGNORE-ARRAY-VALUE') { # check if html allowed: if (@$construct->field["{$value}"]["html"] != 1 && !is_array($VAR["{$field_var}"])) { $insert_value = htmlspecialchars($VAR["{$field_var}"]); } else { $insert_value = $VAR["{$field_var}"]; } # perform data conversions if (isset($construct->field["{$value}"]["convert"])) { $insert_value = $validate->convert($field_name, $insert_value, $construct->field["{$value}"]["convert"]); } if ($i == 0) { $field_list .= $value . "=" . $db->qstr($insert_value, get_magic_quotes_gpc()); } else { $field_list .= ", " . $value . "=" . $db->qstr($insert_value, get_magic_quotes_gpc()); } $i++; } elseif (@$construct->field["{$value}"]["convert"] == "array" && @$VAR["{$field_var}"] != 'IGNORE-ARRAY-VALUE') { # Handle blank array string... $insert_value = serialize(array("")); if ($i == 0) { $field_list .= $value . "=" . $db->qstr($insert_value, get_magic_quotes_gpc()); } else { $field_list .= ", " . $value . "=" . $db->qstr($insert_value, get_magic_quotes_gpc()); } $i++; } } # generate the full query $q = "UPDATE " . AGILE_DB_PREFIX . "{$construct->table} SET\n\t\t\t\t{$field_list}\n\t\t\t\tWHERE\n\t\t\t\tid \t\t= " . $db->qstr($id) . "\n\t\t\t\tAND\n\t\t\t\tsite_id = " . $db->qstr(DEFAULT_SITE); # execute the query $db =& DB(); $result = $db->Execute($q); # echo "<PRE>$q</PRE>"; # error reporting if ($result === false) { global $C_debug; $C_debug->error('database.inc.php', 'update', $db->ErrorMsg()); if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 0, $VAR); } return false; } else { if (isset($construct->trigger["{$type}"])) { include_once PATH_CORE . 'trigger.inc.php'; $trigger = new CORE_trigger(); $trigger->trigger($construct->trigger["{$type}"], 1, $VAR); } return true; } } }