| | |
|---|
| | | $querystring = str_replace("{GROUPS}",$_SESSION["s"]["user"]["groups"],$querystring);
|
|---|
| | | $table_idx = $this->formDef['db_table_idx'];
|
|---|
| | | $querystring = str_replace("{RECORDID}",$record[$table_idx],$querystring);
|
|---|
| | | $querystring = str_replace("{AUTHSQL}",$this->getAuthSQL('r'),$querystring);
|
|---|
| | |
|
|---|
| | | // Getting the records
|
|---|
| | | $tmp_records = $app->db->queryAllRecords($querystring);
|
|---|
| | |
|---|
| | | break;
|
|---|
| | |
|
|---|
| | | default:
|
|---|
| | | $new_record[$key] = htmlspecialchars($field['value']);
|
|---|
| | | $new_record[$key] = htmlspecialchars($field['default']);
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | |
|---|
| | |
|
|---|
| | | global $app;
|
|---|
| | |
|
|---|
| | | // If there are no data records on the tab, return empty sql string
|
|---|
| | | if(count($this->formDef['tabs'][$tab]['fields']) == 0) return '';
|
|---|
| | | |
|---|
| | | // checking permissions
|
|---|
| | | if($this->formDef['auth'] == 'yes') {
|
|---|
| | | if($action == "INSERT") {
|
|---|
| | |
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | |
|---|
| | | // Füge Backticks nur bei unvollständigen Tabellennamen ein
|
|---|
| | | if(stristr($this->formDef['db_table'],'.')) {
|
|---|
| | | $escape = '';
|
|---|
