function Pager($sql_count, $sql, $current_page) { global $g_rb_database_type, $g_rb_pagerLimit, $DB_LINK; $this->page_limit = $g_rb_pagerLimit; $this->page = $current_page; $this->sql = $sql; if ($g_rb_database_type == "postgres") { $sql .= " LIMIT " . $this->page_limit; if ($this->page > 0) { $sql .= " OFFSET " . ($this->page - 1) * $this->page_limit; } } else { if ($g_rb_database_type == "mysql") { $sql .= " LIMIT "; if ($this->page > 0) { $sql .= ($this->page - 1) * $this->page_limit . ", "; } $sql .= $this->page_limit; } } // Get the count $rc = $DB_LINK->Execute($sql_count); DBUtils::checkResult($rc, NULL, NULL, $sql_count); $this->total_results = $rc->fields[0]; // Make the query and set the results $this->dbResults = $DB_LINK->Execute($sql); DBUtils::checkResult($this->dbResults, NULL, NULL, $sql); // Compute the max number of pages $this->max_pages = ceil($this->total_results / $this->page_limit); }
/** Gets a Column out of the database and returns them as a ADOdb type result @param $table the table to query from @param $valFld the first field to select @param $keyFld The seconf field to select @param $order how to order the result (should be either $valFld or $keyFld) @return A ADOdb result */ public static function fetchColumn($table, $valFld, $keyFld = '', $order = '') { global $DB_LINK; $table = $DB_LINK->addq($table, get_magic_quotes_gpc()); $valFld = $DB_LINK->addq($valFld, get_magic_quotes_gpc()); $keyFld = $DB_LINK->addq($keyFld, get_magic_quotes_gpc()); $order = $DB_LINK->addq($order, get_magic_quotes_gpc()); $sql = "SELECT {$valFld}" . ($keyFld ? ",{$keyFld}" : "") . " FROM {$table}" . ($order ? " ORDER BY {$order}" : ""); $rc = $DB_LINK->Execute($sql); DBUtils::checkResult($rc, NULL, NULL, $sql); return $rc; }
/** Loads all of the recipes we are going to export into the $exportRecipes array. @param $id The recipe id to be exported, if set to 0 then export all recipes */ function getData($id) { global $DB_LINK, $db_table_recipes; if ($id == 0) { $this->exportAll = true; // recursively call for all the recipes in the database $sql = "SELECT recipe_id FROM {$db_table_recipes}"; $rc = $DB_LINK->Execute($sql); DBUtils::checkResult($rc, NULL, NULL, $sql); while (!$rc->EOF) { $this->getData($rc->fields['recipe_id']); $rc->MoveNext(); } } else { $recipeObj = new Recipe($id); $recipeObj->loadRecipe(); $this->exportRecipes[] = $recipeObj; } }
} if ($ingredient_id && !$SMObj->checkAccessLevel("EDITOR")) { // Figure out who the owner of this ingredient is, Editors can edit anyones recipes // The owner of a ingredient does not change when someone edits it. $sql = "SELECT ingredient_user FROM {$db_table_ingredients} WHERE ingredient_id = " . $DB_LINK->addq($ingredient_id, get_magic_quotes_gpc()); $rc = $DB_LINK->Execute($sql); // If the recipe is owned by someone else then do not allow editing if ($rc->fields['ingredient_user'] != "" && $rc->fields['ingredient_user'] != $SMObj->getUserID()) { die($LangUI->_('You are not the owner of this ingredient, you are not allowed to edit it')); } } // get the information about the Ingredient (empty query if new Ingredient) if ($ingredient_id) { $sql = "SELECT *\n\t\t\tFROM {$db_table_ingredients}\n\t\t\tLEFT JOIN {$db_table_units} ON ingredient_unit = unit_id\n\t\t\tWHERE ingredient_id = " . $DB_LINK->addq($ingredient_id, get_magic_quotes_gpc()); $ingredients = $DB_LINK->Execute($sql); DBUtils::checkResult($ingredients, NULL, NULL, $sql); } ?> <script language="javascript"> $(document).ready(function() { $('#ingredient_form').validate(); $("#ingredient_name").autocomplete({ source: "index.php?m=ingredients&a=get_core&format=no", minLength: 1, select: function(event, ui) { if (ui.item.id) { console.log('set it'); $("#coreIngredient_id").val(ui.item.id);
/** Loads the ingredient information if it is not already set */ function loadIngredient() { global $DB_LINK, $db_table_ingredients, $db_table_units, $db_table_locations, $db_table_core_ingredients, $LangUI; // Only run this if we have not loaded the information yet if ($this->name == NULL) { $sql = "SELECT {$db_table_ingredients}.*, unit_desc, location_desc, unit_system, core.description FROM {$db_table_ingredients} " . "LEFT JOIN {$db_table_units} ON unit_id = ingredient_unit " . "LEFT JOIN {$db_table_locations} ON location_id = ingredient_location " . "LEFT JOIN {$db_table_core_ingredients} core ON core.id = ingredient_core " . "WHERE ingredient_id=" . $DB_LINK->addq($this->id, get_magic_quotes_gpc()); $rc = $DB_LINK->Execute($sql); DBUtils::checkResult($rc, NULL, $LangUI->_('There was an error loading the ingredient'), $sql); $this->name = $rc->fields['ingredient_name']; $this->description = $rc->fields['ingredient_desc']; $this->unit = $rc->fields['ingredient_unit']; $this->unitDescription = $rc->fields['unit_desc']; switch ($rc->fields['unit_system']) { case "0": $this->unitSystem = "static"; break; case "1": $this->unitSystem = "usa"; break; case "2": $this->unitSystem = "metric"; break; } $this->location = $rc->fields['ingredient_location']; $this->locationDescription = $rc->fields['location_desc']; $this->coreDescription = $rc->fields['description']; if ($DB_LINK->true == $rc->fields['ingredient_solid']) { $this->solid = true; } else { $this->solid = false; } $this->system = $rc->fields['ingredient_system']; } return TRUE; }
<?php require_once "classes/DBUtils.class.php"; $recipe_id = isValidID($_REQUEST['recipe_id']) ? $_REQUEST['recipe_id'] : 0; $review = isset($_REQUEST['review']) ? htmlentities($_REQUEST['review'], ENT_QUOTES, $LangUI->getEncoding()) : ''; $rating = isset($_REQUEST['rating']) && is_numeric($_REQUEST['rating']) ? $_REQUEST['rating'] : 0; $userId = $SMObj->getUserID(); $ip = $_SERVER['REMOTE_ADDR']; if ($SMObj->IsUserLoggedIn() && $review != '') { $sql = "INSERT INTO {$db_table_reviews} (review_recipe, review_comments, review_user) VALUES (?,?,?)"; $stmt = $DB_LINK->Prepare($sql); $rc = $DB_LINK->Execute($stmt, array($recipe_id, $review, $userId)); DBUtils::checkResult($rc, $LangUI->_('Review submitted successfully'), $LangUI->_('Failed to save review!'), $sql); } if ($rating && $ip != '') { $sql = "INSERT INTO {$db_table_ratings} (rating_recipe, rating_score, rating_ip) VALUES (?,?,?)"; $stmt = $DB_LINK->Prepare($sql); $rc = $DB_LINK->Execute($stmt, array($recipe_id, $rating, $ip)); DBUtils::checkResult($rc, $LangUI->_('Rating submitted successfully'), $LangUI->_('You have already rated this recipe!'), NULL); }
<?php require_once "classes/DBUtils.class.php"; $source_id = isset($_REQUEST['source_id']) && isValidID($_REQUEST['source_id']) ? $_REQUEST['source_id'] : 0; // We need to get the data now $sql = "SELECT source_title,source_desc FROM {$db_table_sources}"; if ($source_id > 0) { $sql .= " WHERE source_id = " . $DB_LINK->addq($source_id, get_magic_quotes_gpc()); } $sources = $DB_LINK->Execute($sql); DBUtils::checkResult($sources, NULL, NULL, $sql); // Error check ?> <table cellspacing="0" cellpadding="1" border="0" width="100%"> <tr> <td align="center" class="title"> <?php if ($source_id == 0) { echo $LangUI->_('Sources'); } else { echo $LangUI->_('Source'); } ?> </td> </tr> </table> <p> <table cellspacing="5" cellpadding="2" border="0" class="ing" width="100%"> <?php while (!$sources->EOF) {
require_once "classes/Restaurant.class.php"; require_once "classes/DBUtils.class.php"; $restaurant_id = isValidID($_GET['restaurant_id']) ? $_GET['restaurant_id'] : 0; if ($restaurant_id && !$SMObj->checkAccessLevel("EDITOR")) { // Figure out who the owner of this restaurant is, Editors can edit anyones items $sql = "SELECT restaurant_user FROM {$db_table_restaurants} WHERE restaurant_id = " . $DB_LINK->addq($restaurant_id, get_magic_quotes_gpc()); $rc = $DB_LINK->Execute($sql); // If the recipe is owned by someone else then do not allow editing if ($rc->fields['restaurant_user'] != "" && $rc->fields['restaurant_user'] != $SMObj->getUserID()) { die($LangUI->_('You are not the owner of this restaurant, you are not allowed to delete it')); } } // clean up the old picture if we are suppose to if ($g_rb_database_type == "postgres") { $sql = "SELECT restaurant_picture FROM {$db_table_restaurants} WHERE restaurant_id=" . $DB_LINK->addq($restaurant_id, get_magic_quotes_gpc()); $rc = $DB_LINK->Execute($sql); if (trim($rc->fields['restaurant_picture']) != "") { $rc = $DB_LINK->BlobDelete($rc->fields['restaurant_picture']); DBUtils::checkResult($rc, $LangUI->_('Picture successfully deleted'), NULL, $sql); } } // In Postgres everything will be cleaned up with one delete $RestaurantObj = new Restaurant($restaurant_id); $RestaurantObj->delete(); ?> <I><?php echo $LangUI->_('Restaurant Deleted'); ?> </I> <P>
$query .= " ingredient_name LIKE '%" . $DB_LINK->addq($_REQUEST['name'], get_magic_quotes_gpc()) . "%' AND"; } if (isValidID($_REQUEST['location_id'])) { $query .= " ingredient_location=" . $DB_LINK->addq($_REQUEST['location_id'], get_magic_quotes_gpc()); } $query = preg_replace("/AND\$/", "", $query); // Put the order on the end $query .= $query_order; } /* ---------------------- The Query has been made, format and output the values returned from the database ----------------------*/ if ($query != "") { $counter = 0; $rc = $DB_LINK->Execute($query); DBUtils::checkResult($rc, NULL, NULL, $query); // Error check # exit if we did not find any matches if ($rc->RecordCount() == 0) { echo $LangUI->_('No values returned from search'); } else { ?> <table cellspacing="1" cellpadding="2" border=0 width="80%" class="data"> <form name="searchForm" action="" method="post"> <input type="hidden" name="mode" value="add"> <tr valign="top"> <td colspan=6 align=left> <input type="button" value="<?php echo $LangUI->_('Add to shopping list'); ?> " class="button" onClick='submitForm("list")'>
*/ if (!$SMObj->checkAccessLevel("EDITOR") && ($recipe->fields['recipe_private'] == $DB_LINK->true && $SMObj->getUserID() != $recipe->fields['recipe_user'])) { die($LangUI->_('This recipe is private and you do not have permission to view it!')); } # fetch the ingredients for the recipe $sql = "SELECT {$db_table_ingredientmaps}.*,\n unit_desc,\n ingredient_name\nFROM {$db_table_ingredientmaps}\nLEFT JOIN {$db_table_units} ON unit_id = map_unit\nLEFT JOIN {$db_table_ingredients} ON ingredient_id = map_ingredient\nWHERE map_recipe = ? ORDER BY map_order"; $stmt = $DB_LINK->Prepare($sql); $ingredients = $DB_LINK->Execute($stmt, array($recipe_id)); // Error check DBUtils::checkResult($ingredients, NULL, NULL, $sql); # fetch the related ingredients $sql = "\nSELECT related_child, recipe_name, recipe_directions, related_required\nFROM {$db_table_related_recipes}\nLEFT JOIN {$db_table_recipes} ON recipe_id = related_child\nWHERE related_parent= ? ORDER BY related_order"; $stmt = $DB_LINK->Prepare($sql); $related = $DB_LINK->Execute($stmt, array($recipe_id)); // Error check DBUtils::checkResult($related, NULL, NULL, $sql); // if no scale is set the read from the database if (isset($_GET['recipe_scale']) && $recipe->fields['recipe_serving_size'] != NULL) { $recipe_scale = $_GET['recipe_scale']; $scale_by = $recipe_scale / $recipe->fields['recipe_serving_size']; } else { if ($recipe->fields['recipe_serving_size'] != NULL) { $recipe_scale = $recipe->fields['recipe_serving_size']; $scale_by = 1; } else { $recipe_scale = ""; $recipe->fields['recipe_serving_size'] = ""; $scale_by = 1; } } $related_names = array();
/** Imports all of the recipes currently loaded (do a parseDataFile first) */ function importData() { global $LangUI, $DB_LINK, $SMObj, $db_table_recipes, $db_table_ingredients, $db_table_related_recipes; // Iterate through all the recipes and create them foreach ($this->importRecipes as $item) { $recipeObj = $item[0]; $recipeObj->user = $SMObj->getUserID(); $id = $recipeObj->insert(); $order = 0; // order the ingredients foreach ($item[1] as $ingObj) { if ($ingObj != NULL) { // See if the ingredient exists $sql = "SELECT ingredient_id FROM {$db_table_ingredients} WHERE ingredient_name=? and ingredient_user=?"; $stmt = $DB_LINK->Prepare($sql); $rc = $DB_LINK->Execute($stmt, array($ingObj->name, $SMObj->getUserID())); // Error check DBUtils::checkResult($rc, NULL, NULL, $sql); if ($rc->RecordCount() == 0) { // Note: lots of defaults are guessed if this option is taken $ingObj->solid = $DB_LINK->true; $ingObj->price = '0.00'; $ingObj->user = $SMObj->getUserID(); // Create the Ingredient and then set the ID $ing_id = $ingObj->insert(); } else { $ing_id = $rc->fields['ingredient_id']; } // Map the ingredient $ingObj->id = $ing_id; // We have an ID set it. $ingObj->recipe_id = $id; // Set the Recipe ID as well $ingObj->order = $order; // Set the order of the ingredient // Insert the mapping $ingObj->insertMap(); $order++; } } } // Now we can link in the related recipes... $this->recipes = DBUtils::createList(DBUtils::fetchColumn($db_table_recipes, 'recipe_name', 'recipe_id', 'recipe_name'), 'recipe_name', 'recipe_id'); foreach ($this->relatedRecipes as $link) { if ($this->recipes[$link[0]] != NULL && $this->recipes[$link[1]] != NULL) { $sql = "INSERT INTO {$db_table_related_recipes} (related_parent, related_child, related_required) VALUES (?, ?, ?)"; $stmt = $DB_LINK->Prepare($sql); $rc = $DB_LINK->Execute($stmt, array($this->recipes[$link[0]], $this->recipes[$link[1]], $link[2])); DBUtils::checkResult($rc, NULL, NULL, $sql); echo $LangUI->_('Linking') . ": '" . $link[0] . "' " . $LangUI->_('to') . " '" . $link[1] . "'<br />"; } } }
/** Loads all of the ingredients and recipes saved in the database for this shopping list into an instance of this shopping list. @param $clear if true then the list is cleared before new items are added, if false then they are appended */ function loadItems($clear) { global $DB_LINK, $db_table_list_recipes, $db_table_list_ingredients; if (isset($clear) && $clear) { // clear out the items if we are told to $this->recipes = array(); $this->ingredients = array(); } // Add the recipes $sql = "SELECT list_rp_recipe, list_rp_scale FROM {$db_table_list_recipes} WHERE list_rp_id=" . $DB_LINK->addq($this->id, get_magic_quotes_gpc()); $rc = $DB_LINK->Execute($sql); DBUtils::checkResult($rc, NULL, NULL, $sql); while (!$rc->EOF) { $recipeObj = new Recipe($rc->fields['list_rp_recipe']); $recipeObj->loadRecipe(); $this->addRecipe($recipeObj, $rc->fields['list_rp_scale']); $rc->MoveNext(); } // Add the ingredients $sql = "SELECT list_ing_ingredient,list_ing_unit,list_ing_qualifier,list_ing_quantity FROM {$db_table_list_ingredients} WHERE list_ing_id=" . $DB_LINK->addq($this->id, get_magic_quotes_gpc()) . " ORDER BY list_ing_order"; $rc = $DB_LINK->Execute($sql); DBUtils::checkResult($rc, NULL, NULL, $sql); while (!$rc->EOF) { $ingObj = new Ingredient(); $ingObj->setIngredientMap($rc->fields['list_ing_ingredient'], NULL, $rc->fields['list_ing_qualifier'], $rc->fields['list_ing_quantity'], $rc->fields['list_ing_unit']); $ingObj->loadIngredient(); $this->addIngredient($ingObj); $rc->MoveNext(); } }
// create the user $newUserId = $SMObj->addNewUser($sm_login, $sm_name, $sm_password, $sm_email, $sm_language, $sm_country, $sm_provider, $sm_identity, $new_access_level); if ($newUserId > 0) { // Handle the password emailing, if admin is not creating user if (!$SMObj->getNewUserSetPasswd() && !$SMObj->checkAccessLevel($SMObj->getSuperUserLevel())) { // mail out the password $subject = $LangUI->_('PHPRecipeBook Password'); $message = $LangUI->_('Your password to login is included in this email below') . ":\n"; $message .= $LangUI->_('Login ID') . ":" . $sm_login . "\n"; $message .= $LangUI->_('Password') . ":" . $sm_password . "\n"; $SMObj->sendEmail($sm_email, $sm_name, $subject, $message); } if ($create_ingredients == "true") { $sql = "INSERT INTO recipe_ingredients (ingredient_name, ingredient_desc, ingredient_location, ingredient_unit, ingredient_solid, ingredient_system, ingredient_user) \n\t\t\t\tSELECT ingredient_name, ingredient_desc, ingredient_location, ingredient_unit, ingredient_solid, ingredient_system, {$newUserId} \n\t\t\t\tFROM recipe_ingredients\n\t\t\t\tWHERE ingredient_user = 1"; $rc = $DB_LINK->Execute($sql); DBUtils::checkResult($rc, NULL, $LangUI->_('There was an error copying the ingredients'), $sql); } } } else { if ($sm_mode == "edit") { if ($sm_delete == "no") { if (!$SMObj->checkAccessLevel($SMObj->getSuperUserLevel()) && $SMObj->getUserLoginID() != $sm_login) { die($LangUI->_('You must be an administrator in order to edit other users!')); } // only the admin can change access levels and groups if (!$SMObj->checkAccessLevel($SMObj->getSuperUserLevel())) { $sm_access_level = ""; } // If a user is changing the password, make sure the know the old one first if ($sm_password != "" && ($SMObj->getUserPassword($sm_userId) != md5($sm_old_password) && !$SMObj->checkAccessLevel($SMObj->getSuperUserLevel()))) { die($LangUI->_('Old password does not match currently set password!'));
function recipe_name_exists($recipe_name) { global $SMObj, $DB_LINK, $db_table_recipes; $sql = "SELECT recipe_name from {$db_table_recipes} where recipe_name = ? AND recipe_user = ?"; $stmt = $DB_LINK->Prepare($sql); $rc = $DB_LINK->Execute($stmt, array($recipe_name, $SMObj->getUserID())); DBUtils::checkResult($rc, NULL, NULL, $sql); if ($rc->RecordCount()) { return true; } else { return false; } }
/** Removes all of the meals currently saved for a day so that meals will only be added if they are wanted. This function can be used in combination with insert(...) in order to remove unwanted recipes @param $date The date to clear in ISO format (use DBUtils) */ function clearDay($date) { global $DB_LINK, $db_table_mealplans; $date = $DB_LINK->addq($date, get_magic_quotes_gpc()); $sql = "DELETE FROM {$db_table_mealplans} WHERE mplan_date='{$date}'"; $rc = $DB_LINK->Execute($sql); DBUtils::checkResult($rc, NULL, NULL, $sql); }
</script> <table cellspacing="0" cellpadding="1" border="0" width="100%"> <tr> <td align="left" class="title"><?php echo $LangUI->_('Add/Edit Sources'); ?> </td> </tr> </table> <?php $counter = 0; $sql = "SELECT source_id,source_title,source_desc FROM {$db_table_sources} WHERE source_user=? ORDER BY source_title"; $stmt = $DB_LINK->Prepare($sql); $rc = $DB_LINK->Execute($stmt, array($SMObj->getUserID())); DBUtils::checkResult($rc, NULL, NULL, $sql); ?> <form action="./index.php?m=admin&a=sources&dosql=update_sources" method="POST"> <input type="hidden" name="mode" value="update"> <table cellspacing="1" cellpadding="2" border="0" class="data"> <tr> <th><?php echo $LangUI->_('Delete'); ?> </th> <th><?php echo $LangUI->_('Title'); ?> </th> <th><?php echo $LangUI->_('Description');
/** Gets the child/related recipes for this recipe @param $req set to true then only the required recipes are returned, false all are returned @return array of recipe objects */ function getRelated($req) { global $DB_LINK, $db_table_related_recipes; $children = array(); $sql = "SELECT related_child,related_required FROM {$db_table_related_recipes} WHERE related_parent=" . $DB_LINK->addq($this->id, get_magic_quotes_gpc()); $rc = $DB_LINK->Execute($sql); DBUtils::checkResult($rc, NULL, NULL, $sql); while (!$rc->EOF) { if ($req) { // get all the required recipes if ($rc->fields['related_required'] == $DB_LINK->true) { $tmpObj = new Recipe($rc->fields['related_child']); $tmpObj->loadRecipe(); $children[] = $tmpObj; } } else { // get all the children $tmpObj = new Recipe($rc->fields['related_child']); $tmpObj->loadRecipe(); $children[] = $tmpObj; } $rc->MoveNext(); } return $children; }
/** Returns an array with the index as the ID and the description and abbreviate as an array value, for all the units in the database @return array of units */ function getUnits() { global $DB_LINK, $db_table_units; $units = array(); $sql = "SELECT unit_id, unit_desc, unit_abbr FROM {$db_table_units}"; $rc = $DB_LINK->Execute($sql); DBUtils::checkResult($rc, NULL, NULL, $sql); while (!$rc->EOF) { $id = $rc->fields['unit_id']; $units[$id] = array($rc->fields['unit_desc'], $rc->fields['unit_abbr']); $rc->MoveNext(); } return $units; }
/** Removes the currently set picture from the restaurant */ function deletePicture() { global $DB_LINK, $db_table_restaurants, $g_rb_database_type, $LangUI; $sql = "UPDATE {$db_table_restaurants} SET restaurant_picture='', restaurant_picture_type='' WHERE restaurant_id=" . $DB_LINK->addq($this->id, get_magic_quotes_gpc()); $rc = $DB_LINK->Execute($sql); DBUtils::checkResult($rc, NULL, $LangUI->_('There was an error removing the picture'), $sql); // Do the postgres cleanup if ($this->picture_oid && $g_rb_database_type == "postgres") { $rc = $DB_LINK->BlobDelete($this->picture_oid); $this->picture_oid = NULL; DBUtils::checkResult($rc, NULL, $LangUI->_('There was an error removing the picture'), $sql); } return TRUE; }