Merge branch 'stable-3.1'

Marius Burkard

2016-07-10 e1ceb050e19c7574bca146a8da7047ee4ff456b5

 interface/lib/classes/tform_actions.inc.php

@@ -46,6 +46,7 @@
      $app->tpl->newTemplate("tabbed_form.tpl.htm");

      // Load table definition from file
      //$app->tform->loadFormDef($tform_def_file, (isset($_SESSION['s']['module']['name']) ? $_SESSION['s']['module']['name'] : ''));
      $app->tform->loadFormDef($tform_def_file);

      // Importing ID
@@ -81,8 +82,8 @@

      // check if the client is locked - he may not change anything, then.
      if(!$app->auth->is_admin()) {
         $client_group_id = $_SESSION["s"]["user"]["default_group"];
         $client = $app->db->queryOneRecord("SELECT client.locked FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ".$app->functions->intval($client_group_id));
         $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
         $client = $app->db->queryOneRecord("SELECT client.locked FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
         if(is_array($client) && $client['locked'] == 'y') {
            $app->tform->errorMessage .= $app->lng("client_you_are_locked")."<br />";
         }
@@ -106,14 +107,13 @@
      global $app, $conf;

      $this->onBeforeUpdate();
      $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_before_update', $this);

      $ext_where = '';
      $sql = $app->tform->getSQL($this->dataRecord, $app->tform->getCurrentTab(), 'UPDATE', $this->id, $ext_where);
      if($app->tform->errorMessage == '') {

         if($app->tform->formDef['db_history'] == 'yes') {
            $this->oldDataRecord = $app->tform->getDataRecord($this->id);
         }
         $this->oldDataRecord = $app->tform->getDataRecord($this->id);

         // Save record in database
         $this->onUpdateSave($sql);
@@ -192,6 +192,7 @@
      global $app, $conf;

      $this->onBeforeInsert();
      $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_before_insert', $this);

      $ext_where = '';
      $sql = $app->tform->getSQL($this->dataRecord, $app->tform->getCurrentTab(), 'INSERT', $this->id, $ext_where);
@@ -311,9 +312,9 @@
            if($app->tform->checkPerm($this->id, 'd') == false) $app->error($app->lng('error_no_delete_permission'));
         }

         //$this->dataRecord = $app->db->queryOneRecord("SELECT * FROM ".$liste["table"]." WHERE ".$liste["table_idx"]." = ".$this->id);
         $this->dataRecord = $app->tform->getDataRecord($this->id);

         $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_check_delete', $this);
         $this->onBeforeDelete();
         $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_before_delete', $this);

@@ -323,7 +324,7 @@
            $app->tform->datalogSave('DELETE', $this->id, $this->dataRecord, array());
         }

         $app->db->query("DELETE FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." LIMIT 1");
         $app->db->query("DELETE FROM ?? WHERE ?? = ? LIMIT 1", $app->tform->formDef['db_table'], $app->tform->formDef['db_table_idx'], $this->id);


         // loading plugins
@@ -378,11 +379,11 @@
      $app->tpl->setInclude("content_tpl", $app->tform->formDef['template_print']);

      if($app->tform->formDef['auth'] == 'no') {
         $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
         $sql = "SELECT * FROM ?? WHERE ?? = ?";
      } else {
         $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
         $sql = "SELECT * FROM ?? WHERE ?? = ? AND ".$app->tform->getAuthSQL('r');
      }
      if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
      if(!$record = $app->db->queryOneRecord($sql, $app->tform->formDef['db_table'], $app->tform->formDef['db_table_idx'], $this->id)) $app->error($app->lng('error_no_view_permission'));

      $record["datum"] = date("d.m.Y");

@@ -422,11 +423,11 @@
         $app->tpl->setInclude("content_tpl", $app->tform->formDef['template_mailsend']);
         $app->tpl->setVar('show_mail', 1);
         if($app->tform->formDef['auth'] == 'no') {
            $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
            $sql = "SELECT * FROM ?? WHERE ?? = ?";
         } else {
            $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
            $sql = "SELECT * FROM ?? WHERE ?? = ? AND ".$app->tform->getAuthSQL('r');
         }
         if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
         if(!$record = $app->db->queryOneRecord($sql, $app->tform->formDef['db_table'], $app->tform->formDef['db_table_idx'], $this->id)) $app->error($app->lng('error_no_view_permission'));

         $record["datum"] = date("d.m.Y");
         $record["mailmessage"] = $_POST["message"];
@@ -458,11 +459,11 @@


      if($app->tform->formDef['auth'] == 'no') {
         $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
         $sql = "SELECT * FROM ?? WHERE ?? = ?";
      } else {
         $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
         $sql = "SELECT * FROM ?? WHERE ?? = ? AND ".$app->tform->getAuthSQL('r');
      }
      if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
      if(!$record = $app->db->queryOneRecord($sql, $app->tform->formDef['db_table'], $app->tform->formDef['db_table_idx'], $this->id)) $app->error($app->lng('error_no_view_permission'));

      $record["datum"] = date("d.m.Y");

@@ -559,11 +560,11 @@
      // bestehenden Datensatz anzeigen
      if($app->tform->errorMessage == '') {
         if($app->tform->formDef['auth'] == 'yes' && $_SESSION["s"]["user"]["typ"] != 'admin') {
            $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
            $sql = "SELECT * FROM ?? WHERE ?? = ? AND ".$app->tform->getAuthSQL('r');
         } else {
            $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
            $sql = "SELECT * FROM ?? WHERE ?? = ?";
         }
         if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
         if(!$record = $app->db->queryOneRecord($sql, $app->tform->formDef['db_table'], $app->tform->formDef['db_table_idx'], $this->id)) $app->error($app->lng('error_no_view_permission'));
      } else {
         // $record = $app->tform->encode($_POST,$this->active_tab);
         $record = $app->tform->encode($this->dataRecord, $this->active_tab, false);
@@ -594,7 +595,7 @@
            $app->load($plugin_class);
            $this->plugins[$plugin_name] = new $plugin_class;
            $this->plugins[$plugin_name]->setOptions($plugin_name, $plugin_settings['options']);
            // Make the data of the form easily accessible for the plugib
            // Make the data of the form easily accessible for the plugin
            $this->plugins[$plugin_name]->form = $this;
            $this->plugins[$plugin_name]->onLoad();
         }