| | |
|---|
| | | var $errorMessage = ''; |
|---|
| | | |
|---|
| | | var $dateformat = "d.m.Y"; |
|---|
| | | var $formDef; |
|---|
| | | var $formDef; |
|---|
| | | var $wordbook; |
|---|
| | | var $module; |
|---|
| | | var $primary_id; |
|---|
| | | var $diffrec = array(); |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * Laden der Tabellendefinition |
|---|
| | |
|---|
| | | $validator_class = $validator['class']; |
|---|
| | | $validator_function = $validator['function']; |
|---|
| | | $app->uses($validator_class); |
|---|
| | | $this->errorMessage .= $app->$validator_class->$validator_function($validator); |
|---|
| | | $this->errorMessage .= $app->$validator_class->$validator_function($field_name, $field_value, $validator); |
|---|
| | | } else { |
|---|
| | | $this->errorMessage .= "Custom validator class or function is empty<br>\r\n"; |
|---|
| | | } |
|---|
| | |
|---|
| | | if(count($this->formDef['tabs'][$tab]['fields']) == 0) return ''; |
|---|
| | | |
|---|
| | | // checking permissions |
|---|
| | | if($this->formDef['auth'] == 'yes') { |
|---|
| | | if($this->formDef['auth'] == 'yes' && $_SESSION["s"]["user"]["typ"] != 'admin') { |
|---|
| | | if($action == "INSERT") { |
|---|
| | | if(!$this->checkPerm($primary_id,'i')) $this->errorMessage .= "Insert denied.<br>\r\n"; |
|---|
| | | } else { |
|---|
| | | if(!$this->checkPerm($primary_id,'u')) $this->errorMessage .= "Insert denied.<br>\r\n"; |
|---|
| | | if(!$this->checkPerm($primary_id,'u')) $this->errorMessage .= "Update denied.<br>\r\n"; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | |
|---|
| | | if($field['formtype'] == 'PASSWORD') { |
|---|
| | | $sql_insert_key .= "`$key`, "; |
|---|
| | | if($field['encryption'] == 'CRYPT') { |
|---|
| | | $sql_insert_val .= "encrypt('".$record[$key]."'), "; |
|---|
| | | // $sql_insert_val .= "encrypt('".$record[$key]."'), "; |
|---|
| | | $sql_insert_val .= "'".crypt($record[$key],substr(md5(time()),0,2))."', "; |
|---|
| | | } else { |
|---|
| | | $sql_insert_val .= "md5('".$record[$key]."'), "; |
|---|
| | | } |
|---|
| | |
|---|
| | | } else { |
|---|
| | | if($field['formtype'] == 'PASSWORD') { |
|---|
| | | if($field['encryption'] == 'CRYPT') { |
|---|
| | | $sql_update .= "`$key` = encrypt('".$record[$key]."'), "; |
|---|
| | | // $sql_update .= "`$key` = encrypt('".$record[$key]."'), "; |
|---|
| | | $sql_update .= "`$key` = '".crypt($record[$key],substr(md5(time()),0,2))."', "; |
|---|
| | | } else { |
|---|
| | | $sql_update .= "`$key` = md5('".$record[$key]."'), "; |
|---|
| | | } |
|---|
| | |
|---|
| | | |
|---|
| | | // Insert the server_id, if the record has a server_id |
|---|
| | | $server_id = ($record_old["server_id"] > 0)?$record_old["server_id"]:0; |
|---|
| | | if(isset($record_new["server_id"])) $server_id = $record_new["server_id"]; |
|---|
| | | |
|---|
| | | $this->diffrec = $diffrec; |
|---|
| | | |
|---|
| | | if(count($diffrec) > 0) { |
|---|
| | | |
|---|
| | |
|---|
| | | } |
|---|
| | | |
|---|
| | | function getAuthSQL($perm) { |
|---|
| | | if($_SESSION["s"]["user"]["typ"] == 'admin') { |
|---|
| | | return '1'; |
|---|
| | | } else { |
|---|
| | | $sql = '('; |
|---|
| | | $sql .= "(sys_userid = ".$_SESSION["s"]["user"]["userid"]." AND sys_perm_user like '%$perm%') OR "; |
|---|
| | | $sql .= "(sys_groupid IN (".$_SESSION["s"]["user"]["groups"].") AND sys_perm_group like '%$perm%') OR "; |
|---|
| | | $sql .= "sys_perm_other like '%$perm%'"; |
|---|
| | | $sql .= ')'; |
|---|
| | | |
|---|
| | | $sql = '('; |
|---|
| | | $sql .= "(sys_userid = ".$_SESSION["s"]["user"]["userid"]." AND sys_perm_user like '%$perm%') OR "; |
|---|
| | | $sql .= "(sys_groupid IN (".$_SESSION["s"]["user"]["groups"].") AND sys_perm_group like '%$perm%') OR "; |
|---|
| | | $sql .= "sys_perm_other like '%$perm%'"; |
|---|
| | | $sql .= ')'; |
|---|
| | | |
|---|
| | | return $sql; |
|---|
| | | return $sql; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | /* |
|---|
