| | |
|---|
| | | $this->formDef = $form; |
|---|
| | | |
|---|
| | | $this->module = $module; |
|---|
| | | $wb = array(); |
|---|
| | | |
|---|
| | | if($module == '') { |
|---|
| | | if(is_file("lib/lang/".$_SESSION["s"]["language"]."_".$this->formDef["name"].".lng")) { |
|---|
| | | include_once("lib/lang/".$_SESSION["s"]["language"]."_".$this->formDef["name"].".lng"); |
|---|
| | | } |
|---|
| | | } else { |
|---|
| | | if(is_file("../$module/lib/lang/".$_SESSION["s"]["language"]."_".$this->formDef["name"].".lng")) { |
|---|
| | | include_once("../$module/lib/lang/".$_SESSION["s"]["language"]."_".$this->formDef["name"].".lng"); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | $this->wordbook = $wb; |
|---|
| | | |
|---|
| | |
|---|
| | | $out .= "<option value='$k'$selected>$v</option>\r\n"; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | $new_record[$key] = $out; |
|---|
| | | if(isset($out)) $new_record[$key] = $out; |
|---|
| | | break; |
|---|
| | | case 'MULTIPLE': |
|---|
| | | if(is_array($field['value'])) { |
|---|
| | |
|---|
| | | $sql_insert_key .= "`$key`, "; |
|---|
| | | if($field['encryption'] == 'CRYPT') { |
|---|
| | | $salt="$1$"; |
|---|
| | | for ($n=0;$n<8;$n++) { |
|---|
| | | for ($n=0;$n<11;$n++) { |
|---|
| | | $salt.=chr(mt_rand(64,126)); |
|---|
| | | } |
|---|
| | | $salt.="$"; |
|---|
| | |
|---|
| | | } else { |
|---|
| | | $record[$key] = md5($record[$key]); |
|---|
| | | } |
|---|
| | | $sql_insert_val .= "'".$record[$key]."', "; |
|---|
| | | $sql_insert_val .= "'".addslashes($record[$key])."', "; |
|---|
| | | } elseif ($field['formtype'] == 'CHECKBOX') { |
|---|
| | | $sql_insert_key .= "`$key`, "; |
|---|
| | | if($record[$key] == '') { |
|---|
| | |
|---|
| | | } |
|---|
| | | } else { |
|---|
| | | if($field['formtype'] == 'PASSWORD') { |
|---|
| | | if($field['encryption'] == 'CRYPT') { |
|---|
| | | if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') { |
|---|
| | | $salt="$1$"; |
|---|
| | | for ($n=0;$n<8;$n++) { |
|---|
| | | for ($n=0;$n<11;$n++) { |
|---|
| | | $salt.=chr(mt_rand(64,126)); |
|---|
| | | } |
|---|
| | | $salt.="$"; |
|---|
| | |
|---|
| | | } else { |
|---|
| | | $record[$key] = md5($record[$key]); |
|---|
| | | } |
|---|
| | | $sql_update .= "`$key` = '".$record[$key]."', "; |
|---|
| | | $sql_update .= "`$key` = '".addslashes($record[$key])."', "; |
|---|
| | | } elseif ($field['formtype'] == 'CHECKBOX') { |
|---|
| | | if($record[$key] == '') { |
|---|
| | | // if a checkbox is not set, we set it to the unchecked value |
|---|
| | |
|---|
| | | } else { |
|---|
| | | $escape = '`'; |
|---|
| | | } |
|---|
| | | |
|---|
| | | /* |
|---|
| | | if($action == "UPDATE" or $action == "DELETE") { |
|---|
| | | $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id; |
|---|
| | | $record_old = $app->db->queryOneRecord($sql); |
|---|
| | | } else { |
|---|
| | | $record_old = array(); |
|---|
| | | } |
|---|
| | | */ |
|---|
| | | |
|---|
| | | $diffrec = array(); |
|---|
| | | |
|---|
| | | if(is_array($record_new) && count($record_new) > 0) { |
|---|
| | | foreach($record_new as $key => $val) { |
|---|
| | | if($record_old[$key] != $val) { |
|---|
| | | if(@$record_old[$key] != $val) { |
|---|
| | | // Record has changed |
|---|
| | | $diffrec[$key] = array('old' => $record_old[$key], |
|---|
| | | $diffrec[$key] = array('old' => @$record_old[$key], |
|---|
| | | 'new' => $val); |
|---|
| | | } |
|---|
| | | } |
|---|
| | |
|---|
| | | |
|---|
| | | if(is_array($record_old) && count($record_old) > 0) { |
|---|
| | | foreach($record_old as $key => $val) { |
|---|
| | | if(isset($record_new[$key]) && $record_new[$key] != $val) { |
|---|
| | | //if(isset($record_new[$key]) && $record_new[$key] != $val) { |
|---|
| | | if(!isset($record_new[$key]) || $record_new[$key] != $val) { |
|---|
| | | // Record has changed |
|---|
| | | $diffrec_full['old'][$key] = $val; |
|---|
| | | $diffrec_full['new'][$key] = $record_new[$key]; |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | /* |
|---|
| | | echo "<pre>"; |
|---|
| | | print_r($diffrec_full); |
|---|
| | | echo "</pre>"; |
|---|
| | | */ |
|---|
| | | |
|---|
| | | // Insert the server_id, if the record has a server_id |
|---|
| | | $server_id = (isset($record_old["server_id"]) && $record_old["server_id"] > 0)?$record_old["server_id"]:0; |
|---|
| | |
|---|
| | | } |
|---|
| | | } else { |
|---|
| | | $result = false; |
|---|
| | | if($this->formDef["auth_preset"]["userid"] == $_SESSION["s"]["user"]["userid"] && stristr($perm,$this->formDef["auth_preset"]["perm_user"])) $result = true; |
|---|
| | | if($this->formDef["auth_preset"]["groupid"] == $_SESSION["s"]["user"]["groupid"] && stristr($perm,$this->formDef["auth_preset"]["perm_group"])) $result = true; |
|---|
| | | if(@$this->formDef["auth_preset"]["userid"] == $_SESSION["s"]["user"]["userid"] && stristr($perm,$this->formDef["auth_preset"]["perm_user"])) $result = true; |
|---|
| | | if(@$this->formDef["auth_preset"]["groupid"] == $_SESSION["s"]["user"]["groupid"] && stristr($perm,$this->formDef["auth_preset"]["perm_group"])) $result = true; |
|---|
| | | if(@stristr($this->formDef["auth_preset"]["perm_other"],$perm)) $result = true; |
|---|
| | | |
|---|
| | | // if preset == 0, everyone can insert a record of this type |
|---|
