From 378935a8a92592cf1ef164b4d969c376c46a78c6 Mon Sep 17 00:00:00 2001
From: nveid <nveid@ispconfig3>
Date: Fri, 09 Dec 2011 02:35:24 -0500
Subject: [PATCH] Fixed mysql error when switching from "Options" tab to "Ftp User" edit tab, the onUpdate thought we were trying to change the Website because the Options Datalog didn't have the parent_domain_id and the Ftp User tab did.
---
interface/lib/classes/tform.inc.php | 455 ++++++++++++++++++++++++++++++++++++++++++++++++--------
1 files changed, 385 insertions(+), 70 deletions(-)
diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php
index 6810419..324d5b8 100644
--- a/interface/lib/classes/tform.inc.php
+++ b/interface/lib/classes/tform.inc.php
@@ -40,7 +40,7 @@
* - DOUBLE
* - CURRENCY (Formats digits in currency notation)
* - VARCHAR (No format check)
-* - DATE (Date format, converts from and to linux timestamps automatically)
+* - DATE (Date format, converts from and to UNIX timestamps automatically)
*
* Formtype:
* - TEXT (Normal text field)
@@ -131,6 +131,9 @@
$wb = array();
include_once(ISPC_ROOT_PATH.'/lib/lang/'.$_SESSION['s']['language'].'.lng');
+
+ if(is_array($wb)) $wb_global = $wb;
+
if($module == '') {
$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_".$this->formDef["name"].".lng";
if(!file_exists($lng_file)) $lng_file = "lib/lang/en_".$this->formDef["name"].".lng";
@@ -140,7 +143,15 @@
if(!file_exists($lng_file)) $lng_file = "../$module/lib/lang/en_".$this->formDef["name"].".lng";
include($lng_file);
}
+
+ if(is_array($wb_global)) {
+ $wb = $app->functions->array_merge($wb_global,$wb);
+ }
+ if(isset($wb_global)) unset($wb_global);
+
$this->wordbook = $wb;
+
+ $this->dateformat = $app->lng('conf_format_dateshort');
return true;
}
@@ -154,22 +165,33 @@
* @return record
*/
function decode($record,$tab) {
- if(!is_array($this->formDef['tabs'][$tab])) $app->error("Tab does not exist or the tab is empty (TAB: $tab).");
+ global $conf, $app;
+ if(!is_array($this->formDef['tabs'][$tab])) $app->error("Tab does not exist or the tab is empty (TAB: $tab).");
$new_record = '';
+ $table_idx = $this->formDef['db_table_idx'];
+ if(isset($record[$table_idx])) $new_record[$table_idx] = intval($record[$table_idx ]);
+
if(is_array($record)) {
foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) {
switch ($field['datatype']) {
case 'VARCHAR':
- $new_record[$key] = stripslashes($record[$key]);
+ $new_record[$key] = $record[$key];
break;
case 'TEXT':
- $new_record[$key] = stripslashes($record[$key]);
+ $new_record[$key] = $record[$key];
break;
- case 'DATE':
+ case 'DATETSTAMP':
if($record[$key] > 0) {
$new_record[$key] = date($this->dateformat,$record[$key]);
+ }
+ break;
+
+ case 'DATE':
+ if($record[$key] != '' && $record[$key] != '0000-00-00') {
+ $tmp = explode('-',$record[$key]);
+ $new_record[$key] = date($this->dateformat,mktime(0, 0, 0, $tmp[1] , $tmp[2], $tmp[0]));
}
break;
@@ -182,11 +204,11 @@
break;
case 'CURRENCY':
- $new_record[$key] = number_format($record[$key], 2, ',', '');
+ $new_record[$key] = $app->functions->currency_format($record[$key]);
break;
default:
- $new_record[$key] = stripslashes($record[$key]);
+ $new_record[$key] = $record[$key];
}
}
@@ -219,11 +241,12 @@
$table_idx = $this->formDef['db_table_idx'];
$tmp_recordid = (isset($record[$table_idx]))?$record[$table_idx]:0;
+ //$tmp_recordid = intval($this->primary_id);
$querystring = str_replace("{RECORDID}",$tmp_recordid,$querystring);
unset($tmp_recordid);
$querystring = str_replace("{AUTHSQL}",$this->getAuthSQL('r'),$querystring);
-
+
// Getting the records
$tmp_records = $app->db->queryAllRecords($querystring);
if($app->db->errorMessage != '') die($app->db->errorMessage);
@@ -276,6 +299,33 @@
}
}
+ //* values are limited to a field in the reseller settings
+ if($limit_parts[0] == 'reseller') {
+ if($_SESSION["s"]["user"]["typ"] == 'admin') {
+ return $values;
+ } else {
+ //* Get the limits of the client that is currently logged in
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+ //echo "SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id";
+ //* If the client belongs to a reseller, we will check against the reseller Limit too
+ if($client['parent_client_id'] != 0) {
+
+ //* first we need to know the groups of this reseller
+ $tmp = $app->db->queryOneRecord("SELECT userid, groups FROM sys_user WHERE client_id = ".$client['parent_client_id']);
+ $reseller_groups = $tmp["groups"];
+ $reseller_userid = $tmp["userid"];
+
+ // Get the limits of the reseller of the logged in client
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $reseller = $app->db->queryOneRecord("SELECT ".$limit_parts[1]." as lm FROM client WHERE client_id = ".$client['parent_client_id']);
+ $allowed = explode(',',$reseller['lm']);
+ } else {
+ return $values;
+ }
+ } // end if admin
+ } // end if reseller
+
//* values are limited to a field in the system settings
if($limit_parts[0] == 'system') {
$app->uses('getconf');
@@ -318,7 +368,12 @@
// If Datasource is set, get the data from there
if(isset($field['datasource']) && is_array($field['datasource'])) {
- $field["value"] = $this->getDatasourceData($field, $record);
+ if(is_array($field["value"])) {
+ //$field["value"] = array_merge($field["value"],$this->getDatasourceData($field, $record));
+ $field["value"] = $app->functions->array_merge($field["value"],$this->getDatasourceData($field, $record));
+ } else {
+ $field["value"] = $this->getDatasourceData($field, $record);
+ }
}
// If a limitation for the values is set
@@ -332,6 +387,8 @@
if(is_array($field['value'])) {
foreach($field['value'] as $k => $v) {
$selected = ($k == $val)?' SELECTED':'';
+ if(!empty($this->wordbook[$v]))
+ $v = $this->wordbook[$v];
$out .= "<option value='$k'$selected>$v</option>\r\n";
}
}
@@ -375,13 +432,16 @@
// HTML schreiben
$out = '';
+ $elementNo = 0;
foreach($field['value'] as $k => $v) {
$checked = '';
foreach($vals as $tvl) {
if(trim($tvl) == trim($k)) $checked = ' CHECKED';
}
- $out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v</label>\r\n";
+ // $out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v</label>\r\n";
+ $out .= "<label for=\"".$key.$elementNo."\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key.$elementNo."\" value=\"$k\" type=\"checkbox\" $checked /> $v</label><br/>\r\n";
+ $elementNo++;
}
}
$new_record[$key] = $out;
@@ -392,12 +452,29 @@
// HTML schreiben
$out = '';
+ $elementNo = 0;
foreach($field['value'] as $k => $v) {
$checked = ($k == $val)?' CHECKED':'';
- $out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v</label>\r\n";
+ //$out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v</label>\r\n";
+ $out .= "<label for=\"".$key.$elementNo."\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key.$elementNo."\" value=\"$k\" type=\"radio\" $checked/> $v </label>\r\n";
+ $elementNo++;
}
}
$new_record[$key] = $out;
+ break;
+
+ case 'DATETIME':
+ if (strtotime($val) !== false) {
+ $dt_value = $val;
+ } elseif ( isset($field['default']) && (strtotime($field['default']) !== false) ) {
+ $dt_value = $field['default'];
+ } else {
+ $dt_value = 0;
+ }
+
+ $display_seconds = (isset($field['display_seconds']) && $field['display_seconds'] == true) ? true : false;
+
+ $new_record[$key] = $this->_getDateTimeHTML($key, $dt_value, $display_seconds);
break;
default:
@@ -411,7 +488,11 @@
// If Datasource is set, get the data from there
if(@is_array($field['datasource'])) {
- $field["value"] = $this->getDatasourceData($field, $record);
+ if(is_array($field["value"])) {
+ $field["value"] = $app->functions->array_merge($field["value"],$this->getDatasourceData($field, $record));
+ } else {
+ $field["value"] = $this->getDatasourceData($field, $record);
+ }
}
// If a limitation for the values is set
@@ -424,9 +505,8 @@
if(is_array($field['value'])) {
$out = '';
foreach($field['value'] as $k => $v) {
- //$selected = ($k == $val)?' SELECTED':'';
- $selected = '';
- $out .= "<option value='$k'$selected>$v</option>\r\n";
+ $selected = ($k == $field["default"])?' SELECTED':'';
+ $out .= "<option value='$k'$selected>".$this->lng($v)."</option>\r\n";
}
}
if(isset($out)) $new_record[$key] = $out;
@@ -465,13 +545,16 @@
// HTML schreiben
$out = '';
+ $elementNo = 0;
foreach($field['value'] as $k => $v) {
$checked = '';
foreach($vals as $tvl) {
if(trim($tvl) == trim($k)) $checked = ' CHECKED';
}
- $out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v</label>\r\n";
+ // $out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v</label>\r\n";
+ $out .= "<label for=\"".$key.$elementNo."\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key.$elementNo."\" value=\"$k\" type=\"checkbox\" $checked /> $v</label> \r\n";
+ $elementNo++;
}
}
$new_record[$key] = $out;
@@ -482,12 +565,22 @@
// HTML schreiben
$out = '';
+ $elementNo = 0;
foreach($field['value'] as $k => $v) {
$checked = ($k == $field["default"])?' CHECKED':'';
- $out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v</label>\r\n";
+ //$out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v</label>\r\n";
+ $out .= "<label for=\"".$key.$elementNo."\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key.$elementNo."\" value=\"$k\" type=\"radio\" $checked/> $v</label>\r\n";
+ $elementNo++;
}
}
$new_record[$key] = $out;
+ break;
+
+ case 'DATETIME':
+ $dt_value = (isset($field['default'])) ? $field['default'] : 0;
+ $display_seconds = (isset($field['display_seconds']) && $field['display_seconds'] == true) ? true : false;
+
+ $new_record[$key] = $this->_getDateTimeHTML($key, $dt_value, $display_seconds);
break;
default:
@@ -509,7 +602,7 @@
* @param record = Datensatz als Array
* @return record
*/
- function encode($record,$tab) {
+ function encode($record,$tab,$dbencode = true) {
global $app;
if(!is_array($this->formDef['tabs'][$tab])) $app->error("Tab is empty or does not exist (TAB: $tab).");
@@ -523,24 +616,42 @@
switch ($field['datatype']) {
case 'VARCHAR':
if(!@is_array($record[$key])) {
- $new_record[$key] = (isset($record[$key]))?$app->db->quote($record[$key]):'';
+ $new_record[$key] = (isset($record[$key]))?$record[$key]:'';
} else {
$new_record[$key] = implode($field['separator'],$record[$key]);
}
break;
case 'TEXT':
if(!is_array($record[$key])) {
- $new_record[$key] = $app->db->quote($record[$key]);
+ $new_record[$key] = $record[$key];
} else {
$new_record[$key] = implode($field['separator'],$record[$key]);
}
break;
- case 'DATE':
+ case 'DATETSTAMP':
if($record[$key] > 0) {
list($tag,$monat,$jahr) = explode('.',$record[$key]);
$new_record[$key] = mktime(0,0,0,$monat,$tag,$jahr);
} else {
$new_record[$key] = 0;
+ }
+ break;
+ case 'DATE':
+ if($record[$key] != '' && $record[$key] != '0000-00-00') {
+ if(function_exists('date_parse_from_format')) {
+ $date_parts = date_parse_from_format($this->dateformat,$record[$key]);
+ //list($tag,$monat,$jahr) = explode('.',$record[$key]);
+ $new_record[$key] = $date_parts['year'].'-'.$date_parts['month'].'-'.$date_parts['day'];
+ //$tmp = strptime($record[$key],$this->dateformat);
+ //$new_record[$key] = ($tmp['tm_year']+1900).'-'.($tmp['tm_mon']+1).'-'.$tmp['tm_mday'];
+ } else {
+ //$tmp = strptime($record[$key],$this->dateformat);
+ //$new_record[$key] = ($tmp['tm_year']+1900).'-'.($tmp['tm_mon']+1).'-'.$tmp['tm_mday'];
+ $tmp = strtotime($record[$key]);
+ $new_record[$key] = date('Y-m-d',$tmp);
+ }
+ } else {
+ $new_record[$key] = '0000-00-00';
}
break;
case 'INTEGER':
@@ -549,10 +660,22 @@
//if($key == 'refresh') die($record[$key]);
break;
case 'DOUBLE':
- $new_record[$key] = $app->db->quote($record[$key]);
+ $new_record[$key] = $record[$key];
break;
case 'CURRENCY':
$new_record[$key] = str_replace(",",".",$record[$key]);
+ break;
+
+ case 'DATETIME':
+ if (is_array($record[$key]))
+ {
+ $filtered_values = array_map(create_function('$item','return (int)$item;'), $record[$key]);
+ extract($filtered_values, EXTR_PREFIX_ALL, '_dt');
+
+ if ($_dt_day != 0 && $_dt_month != 0 && $_dt_year != 0) {
+ $new_record[$key] = date( 'Y-m-d H:i:s', mktime($_dt_hour, $_dt_minute, $_dt_second, $_dt_month, $_dt_day, $_dt_year) );
+ }
+ }
break;
}
@@ -565,8 +688,9 @@
$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
}
}
-
-
+
+ //* Add slashes to all records, when we encode data which shall be inserted into mysql.
+ if($dbencode == true) $new_record[$key] = $app->db->quote($new_record[$key]);
}
}
return $new_record;
@@ -636,7 +760,7 @@
}
break;
case 'ISEMAIL':
- if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $field_value)) {
+ if(!preg_match("/^\w+[\w\.\-\+]*\w{0,}@\w+[\w.-]*\w+\.[a-zA-Z0-9\-]{2,30}$/i", $field_value)) {
$errmsg = $validator['errmsg'];
if(isset($this->wordbook[$errmsg])) {
$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
@@ -683,6 +807,36 @@
$this->errorMessage .= $errmsg."<br />\r\n";
}
}
+ break;
+ case 'ISIP':
+ //* Check if its a IPv4 or IPv6 address
+ if(function_exists('filter_var')) {
+ if(!filter_var($field_value,FILTER_VALIDATE_IP)) {
+ $errmsg = $validator['errmsg'];
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br />\r\n";
+ }
+ }
+ } else {
+ //* Check content with regex, if we use php < 5.2
+ $ip_ok = 0;
+ if(preg_match("/^(\:\:([a-f0-9]{1,4}\:){0,6}?[a-f0-9]{0,4}|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){0,6}?\:\:|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){1,6}?\:\:([a-f0-9]{1,4}\:){1,6}?[a-f0-9]{1,4})(\/\d{1,3})?$/i", $field_value)){
+ $ip_ok = 1;
+ }
+ if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
+ $ip_ok = 1;
+ }
+ if($ip_ok == 0) {
+ $errmsg = $validator['errmsg'];
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br />\r\n";
+ }
+ }
+ }
break;
case 'CUSTOM':
// Calls a custom class to validate this record
@@ -751,20 +905,14 @@
if($field['formtype'] == 'PASSWORD') {
$sql_insert_key .= "`$key`, ";
if($field['encryption'] == 'CRYPT') {
- $salt="$1$";
- for ($n=0;$n<11;$n++) {
- $salt.=chr(mt_rand(64,126));
- }
- $salt.="$";
- // $salt = substr(md5(time()),0,2);
- $record[$key] = crypt($record[$key],$salt);
+ $record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
} elseif ($field['encryption'] == 'MYSQL') {
$sql_insert_val .= "PASSWORD('".$app->db->quote($record[$key])."'), ";
} elseif ($field['encryption'] == 'CLEARTEXT') {
$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
} else {
- $record[$key] = md5($record[$key]);
+ $record[$key] = md5(stripslashes($record[$key]));
$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
}
@@ -784,20 +932,14 @@
} else {
if($field['formtype'] == 'PASSWORD') {
if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') {
- $salt="$1$";
- for ($n=0;$n<11;$n++) {
- $salt.=chr(mt_rand(64,126));
- }
- $salt.="$";
- // $salt = substr(md5(time()),0,2);
- $record[$key] = crypt($record[$key],$salt);
+ $record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
} elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') {
$sql_update .= "`$key` = PASSWORD('".$app->db->quote($record[$key])."'), ";
} elseif (isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') {
$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
} else {
- $record[$key] = md5($record[$key]);
+ $record[$key] = md5(stripslashes($record[$key]));
$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
}
@@ -897,6 +1039,9 @@
foreach( $this->formDef["tabs"] as $key => $tab) {
$tab['name'] = $key;
+ // Translate the title of the tab
+ $tab['title'] = $this->lng($tab['title']);
+
if($tab['name'] == $active_tab) {
// If module is set, then set the template path relative to the module..
@@ -904,8 +1049,7 @@
// Generate the template if it does not exist yet.
- // Translate the title of the tab
- $tab['title'] = $this->lng($tab['title']);
+
if(!is_file($tab["template"])) {
$app->uses('tform_tpl_generator');
@@ -953,7 +1097,11 @@
function datalogSave($action,$primary_id, $record_old, $record_new) {
global $app,$conf;
-
+
+ $app->db->datalogSave($this->formDef['db_table'], $action, $this->formDef['db_table_idx'], $primary_id, $record_old, $record_new);
+ return true;
+
+ /*
// Add backticks for incomplete table names.
if(stristr($this->formDef['db_table'],'.')) {
$escape = '';
@@ -962,26 +1110,6 @@
}
$this->diffrec = array();
- /*
- if(is_array($record_new) && count($record_new) > 0) {
- foreach($record_new as $key => $val) {
- if(@$record_old[$key] != $val) {
- // Record has changed
- $diffrec[$key] = array('old' => @$record_old[$key],
- 'new' => $val);
- }
- }
- } elseif(is_array($record_old)) {
- foreach($record_old as $key => $val) {
- if($record_new[$key] != $val) {
- // Record has changed
- $diffrec[$key] = array('new' => $record_new[$key],
- 'old' => $val);
- }
- }
- }
- $this->diffrec = $diffrec;
- */
// Full diff records for ISPConfig, they have a different format then the simple diffrec
$diffrec_full = array();
@@ -1034,18 +1162,22 @@
}
return true;
+ */
}
- function getAuthSQL($perm) {
+ function getAuthSQL($perm, $table = '') {
if($_SESSION["s"]["user"]["typ"] == 'admin') {
return '1';
} else {
+ if ($table != ''){
+ $table = ' ' . $table . '.';
+ }
$groups = ( $_SESSION["s"]["user"]["groups"] ) ? $_SESSION["s"]["user"]["groups"] : 0;
$sql = '(';
- $sql .= "(sys_userid = ".$_SESSION["s"]["user"]["userid"]." AND sys_perm_user like '%$perm%') OR ";
- $sql .= "(sys_groupid IN (".$groups.") AND sys_perm_group like '%$perm%') OR ";
- $sql .= "sys_perm_other like '%$perm%'";
+ $sql .= "(" . $table . "sys_userid = ".$_SESSION["s"]["user"]["userid"]." AND " . $table . "sys_perm_user like '%$perm%') OR ";
+ $sql .= "(" . $table . "sys_groupid IN (".$groups.") AND " . $table ."sys_perm_group like '%$perm%') OR ";
+ $sql .= $table . "sys_perm_other like '%$perm%'";
$sql .= ')';
return $sql;
@@ -1135,7 +1267,7 @@
// translation function for forms, tries the form wordbook first and if this fails, it tries the global wordbook
function lng($msg) {
- global $app;
+ global $app,$conf;
if(isset($this->wordbook[$msg])) {
return $this->wordbook[$msg];
@@ -1144,7 +1276,190 @@
}
}
+
+ function checkClientLimit($limit_name,$sql_where = '') {
+ global $app;
+
+ $check_passed = true;
+ $limit_name = $app->db->quote($limit_name);
+ if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');
+
+ // Get the limits of the client that is currently logged in
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $client = $app->db->queryOneRecord("SELECT $limit_name as number, parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+
+ // Check if the user may add another item
+ if($client["number"] >= 0) {
+ $sql = "SELECT count(".$this->formDef['db_table_idx'].") as number FROM ".$this->formDef['db_table']." WHERE ".$this->getAuthSQL('u');
+ if($sql_where != '') $sql .= ' and '.$sql_where;
+ $tmp = $app->db->queryOneRecord($sql);
+ if($tmp["number"] >= $client["number"]) $check_passed = false;
+ }
+
+ return $check_passed;
+ }
+
+ function checkResellerLimit($limit_name,$sql_where = '') {
+ global $app;
+
+ $check_passed = true;
+ $limit_name = $app->db->quote($limit_name);
+ if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');
+
+ // Get the limits of the client that is currently logged in
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+
+ //* If the client belongs to a reseller, we will check against the reseller Limit too
+ if($client['parent_client_id'] != 0) {
+
+ //* first we need to know the groups of this reseller
+ $tmp = $app->db->queryOneRecord("SELECT userid, groups FROM sys_user WHERE client_id = ".$client['parent_client_id']);
+ $reseller_groups = $tmp["groups"];
+ $reseller_userid = $tmp["userid"];
+
+ // Get the limits of the reseller of the logged in client
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $reseller = $app->db->queryOneRecord("SELECT $limit_name as number FROM client WHERE client_id = ".$client['parent_client_id']);
+
+ // Check if the user may add another item
+ if($reseller["number"] >= 0) {
+ $sql = "SELECT count(".$this->formDef['db_table_idx'].") as number FROM ".$this->formDef['db_table']." WHERE (sys_groupid IN (".$reseller_groups.") or sys_userid = ".$reseller_userid.")";
+ if($sql_where != '') $sql .= ' and '.$sql_where;
+ $tmp = $app->db->queryOneRecord($sql);
+ if($tmp["number"] >= $reseller["number"]) $check_passed = false;
+ }
+ }
+
+ return $check_passed;
+ }
+
+ //* get the difference record of two arrays
+ function getDiffRecord($record_old,$record_new) {
+
+ if(is_array($record_new) && count($record_new) > 0) {
+ foreach($record_new as $key => $val) {
+ if(@$record_old[$key] != $val) {
+ // Record has changed
+ $diffrec[$key] = array( 'old' => @$record_old[$key],
+ 'new' => $val);
+ }
+ }
+ } elseif(is_array($record_old)) {
+ foreach($record_old as $key => $val) {
+ if($record_new[$key] != $val) {
+ // Record has changed
+ $diffrec[$key] = array( 'new' => $record_new[$key],
+ 'old' => $val);
+ }
+ }
+ }
+ return $diffrec;
+
+ }
+
+ /**
+ * Generate HTML for DATETIME fields.
+ *
+ * @access private
+ * @param string $form_element Name of the form element.
+ * @param string $default_value Selected value for fields.
+ * @param bool $display_secons Include seconds selection.
+ * @return string HTML
+ */
+ function _getDateTimeHTML($form_element, $default_value, $display_seconds=false)
+ {
+ $_datetime = strtotime($default_value);
+ $_showdate = ($_datetime === false) ? false : true;
+ $dselect = array('day','month','year','hour','minute');
+ if ($display_seconds === true) {
+ $dselect[] = 'second';
+ }
+
+ $out = '';
+
+ foreach ($dselect as $dt_element)
+ {
+ $dt_options = array();
+ $dt_space = 1;
+
+ switch ($dt_element) {
+ case 'day':
+ for ($i = 1; $i <= 31; $i++) {
+ $dt_options[] = array('name' => sprintf('%02d', $i),
+ 'value' => sprintf('%d', $i));
+ }
+ $selected_value = date('d', $_datetime);
+ break;
+
+ case 'month':
+ for ($i = 1; $i <= 12; $i++) {
+ $dt_options[] = array('name' => strftime('%b', mktime(0, 0, 0, $i, 1, 2000)),
+ 'value' => strftime('%m', mktime(0, 0, 0, $i, 1, 2000)));
+ }
+ $selected_value = date('n', $_datetime);
+ break;
+
+ case 'year':
+ $start_year = strftime("%Y");
+ $years = range((int)$start_year, (int)($start_year+3));
+
+ foreach ($years as $year) {
+ $dt_options[] = array('name' => $year,
+ 'value' => $year);
+ }
+ $selected_value = date('Y', $_datetime);
+ $dt_space = 2;
+ break;
+
+ case 'hour':
+ foreach(range(0, 23) as $hour) {
+ $dt_options[] = array('name' => sprintf('%02d', $hour),
+ 'value' => sprintf('%d', $hour));
+ }
+ $selected_value = date('G', $_datetime);
+ break;
+
+ case 'minute':
+ foreach(range(0, 59) as $minute) {
+ if (($minute % 5) == 0) {
+ $dt_options[] = array('name' => sprintf('%02d', $minute),
+ 'value' => sprintf('%d', $minute));
+ }
+ }
+ $selected_value = (int)floor(date('i', $_datetime));
+ break;
+
+ case 'second':
+ foreach(range(0, 59) as $second) {
+ $dt_options[] = array('name' => sprintf('%02d', $second),
+ 'value' => sprintf('%d', $second));
+ }
+ $selected_value = (int)floor(date('s', $_datetime));
+ break;
+ }
+
+ $out .= "<select name=\"".$form_element."[$dt_element]\" id=\"".$form_element."_$dt_element\" class=\"selectInput\" style=\"width: auto; float: none;\">";
+ if (!$_showdate) {
+ $out .= "<option value=\"-\" selected=\"selected\">--</option>" . PHP_EOL;
+ } else {
+ $out .= "<option value=\"-\">--</option>" . PHP_EOL;
+ }
+
+ foreach ($dt_options as $dt_opt) {
+ if ( $_showdate && ($selected_value == $dt_opt['value']) ) {
+ $out .= "<option value=\"{$dt_opt['value']}\" selected=\"selected\">{$dt_opt['name']}</option>" . PHP_EOL;
+ } else {
+ $out .= "<option value=\"{$dt_opt['value']}\">{$dt_opt['name']}</option>" . PHP_EOL;
+ }
+ }
+
+ $out .= '</select>' . str_repeat(' ', $dt_space);
+ }
+
+ return $out;
+ }
}
-?>
\ No newline at end of file
+?>
--
Gitblit v1.9.1