From b17cc67ee9cf6f83c2360da16fb53231203ada8a Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Wed, 23 May 2012 12:41:54 -0400
Subject: [PATCH] - Added group (we call groups "circles" so that users don't mix them up with user groups) feature to client messaging section so that messages can be sent to either all clients/resellers or to groups of clients/resellers. TODO: add circle access control so that 1) a reseller can create circles that contain only his clients, not all clients, and 2) a reseller can send messages only to his own circles instead of all circles.
---
interface/lib/classes/listform.inc.php | 231 +++++++++++++++++++++++++++++++++++++++------------------
1 files changed, 158 insertions(+), 73 deletions(-)
diff --git a/interface/lib/classes/listform.inc.php b/interface/lib/classes/listform.inc.php
index 7362fb1..4d836f3 100644
--- a/interface/lib/classes/listform.inc.php
+++ b/interface/lib/classes/listform.inc.php
@@ -1,7 +1,7 @@
<?php
/*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
@@ -28,14 +28,6 @@
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/**
-* Listenbehandlung
-*
-* @package listform
-* @author Till Brehm
-* @version 1.1
-*/
-
class listform {
private $debug = 0;
@@ -46,7 +38,7 @@
private $pagingValues;
private $searchChanged = 0;
private $module;
- private $dateformat = 'd.m.Y';
+ public $wordbook;
public function loadListDef($file, $module = '')
{
@@ -59,11 +51,21 @@
$this->module = $module;
//* Fill datasources
- foreach($this->listDef['item'] as $key => $field) {
- if(@is_array($field['datasource'])) {
- $this->listDef['item'][$key]['value'] = $this->getDatasourceData($field);
- }
+ if(@is_array($this->listDef['item'])) {
+ foreach($this->listDef['item'] as $key => $field) {
+ if(@is_array($field['datasource'])) {
+ $this->listDef['item'][$key]['value'] = $this->getDatasourceData($field);
+ }
+ }
}
+
+ //* Set local Language File
+ $lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_'.$this->listDef['name'].'_list.lng';
+ if(!file_exists($lng_file)) $lng_file = 'lib/lang/en_'.$this->listDef['name'].'_list.lng';
+ include($lng_file);
+
+ $this->wordbook = $wb;
+
return true;
}
@@ -91,6 +93,8 @@
//$querystring = str_replace("{RECORDID}",$record[$table_idx],$querystring);
$app->uses('tform');
$querystring = str_replace("{AUTHSQL}",$app->tform->getAuthSQL('r'),$querystring);
+ $querystring = str_replace("{AUTHSQL-A}",$app->tform->getAuthSQL('r','a'),$querystring);
+ $querystring = str_replace("{AUTHSQL-B}",$app->tform->getAuthSQL('r','b'),$querystring);
//* Getting the records
$tmp_records = $app->db->queryAllRecords($querystring);
@@ -114,7 +118,7 @@
$record = array();
$values = $app->$datasource_class->$datasource_function($field, $record);
} else {
- $this->errorMessage .= "Custom datasource class or function is empty<br>\r\n";
+ $this->errorMessage .= "Custom datasource class or function is empty<br />\r\n";
}
}
return $values;
@@ -122,66 +126,82 @@
public function getSearchSQL($sql_where = '')
{
- global $db;
+ global $app, $db;
//* Get config variable
$list_name = $this->listDef['name'];
$search_prefix = $this->listDef['search_prefix'];
+
+ if(isset($_REQUEST['Filter']) && !isset($_SESSION['search'][$list_name])) {
+ //* Jump back to page 1 of the list when a new search gets started.
+ $_SESSION['search'][$list_name]['page'] = 0;
+ }
//* store retrieval query
- foreach($this->listDef['item'] as $i) {
- $field = $i['field'];
+ if(@is_array($this->listDef['item'])) {
+ foreach($this->listDef['item'] as $i) {
+ $field = $i['field'];
- //*TODO: comment = hat sich die suche ge�ndert
- if(isset($_REQUEST[$search_prefix.$field]) and $_REQUEST[$search_prefix.$field] != $_SESSION['search'][$list_name][$search_prefix.$field]){
- $this->searchChanged = 1;
- }
+ //* The search string has been changed
+ if(isset($_REQUEST[$search_prefix.$field]) && isset($_SESSION['search'][$list_name][$search_prefix.$field]) && $_REQUEST[$search_prefix.$field] != $_SESSION['search'][$list_name][$search_prefix.$field]){
+ $this->searchChanged = 1;
+
+ //* Jump back to page 1 of the list when search has changed.
+ $_SESSION['search'][$list_name]['page'] = 0;
+ }
- //* Store field in session
- if(isset($_REQUEST[$search_prefix.$field])){
- $_SESSION['search'][$list_name][$search_prefix.$field] = $_REQUEST[$search_prefix.$field];
- }
+ //* Store field in session
+ if(isset($_REQUEST[$search_prefix.$field]) && !stristr($_REQUEST[$search_prefix.$field],"'")){
+ $_SESSION['search'][$list_name][$search_prefix.$field] = $_REQUEST[$search_prefix.$field];
+ if(preg_match("/['\\\\]/", $_SESSION['search'][$list_name][$search_prefix.$field])) $_SESSION['search'][$list_name][$search_prefix.$field] = '';
+ }
- if(isset($i['formtype']) && $i['formtype'] == 'SELECT'){
- if(is_array($i['value'])) {
- $out = '<option value=""></option>';
- foreach($i['value'] as $k => $v) {
- // TODO: this could be more elegant
- $selected = (isset($_SESSION['search'][$list_name][$search_prefix.$field])
- && $k == $_SESSION['search'][$list_name][$search_prefix.$field]
- && $_SESSION['search'][$list_name][$search_prefix.$field] != '')
- ? ' SELECTED' : '';
- $out .= "<option value='$k'$selected>$v</option>\r\n";
+ if(isset($i['formtype']) && $i['formtype'] == 'SELECT'){
+ if(is_array($i['value'])) {
+ $out = '<option value=""></option>';
+ foreach($i['value'] as $k => $v) {
+ // TODO: this could be more elegant
+ $selected = (isset($_SESSION['search'][$list_name][$search_prefix.$field])
+ && $k == $_SESSION['search'][$list_name][$search_prefix.$field]
+ && $_SESSION['search'][$list_name][$search_prefix.$field] != '')
+ ? ' SELECTED' : '';
+ $out .= "<option value='$k'$selected>$v</option>\r\n";
+ }
+ }
+ $this->searchValues[$search_prefix.$field] = $out;
+ } else {
+ if(isset($_SESSION['search'][$list_name][$search_prefix.$field])){
+ $this->searchValues[$search_prefix.$field] = htmlspecialchars($_SESSION['search'][$list_name][$search_prefix.$field]);
}
}
- $this->searchValues[$search_prefix.$field] = $out;
- } else {
- if(isset($_SESSION['search'][$list_name][$search_prefix.$field])){
- $this->searchValues[$search_prefix.$field] = $_SESSION['search'][$list_name][$search_prefix.$field];
+ }
+ }
+ //* Store variables in object | $this->searchValues = $_SESSION["search"][$list_name];
+ if(@is_array($this->listDef['item'])) {
+ foreach($this->listDef['item'] as $i) {
+ $field = $i['field'];
+ // if($_REQUEST[$search_prefix.$field] != '') $sql_where .= " $field ".$i["op"]." '".$i["prefix"].$_REQUEST[$search_prefix.$field].$i["suffix"]."' and";
+ if(isset($_SESSION['search'][$list_name][$search_prefix.$field]) && $_SESSION['search'][$list_name][$search_prefix.$field] != ''){
+ $sql_where .= " $field ".$i['op']." '".$app->db->quote($i['prefix'].$_SESSION['search'][$list_name][$search_prefix.$field].$i['suffix'])."' and";
}
}
}
-
- //* Store variables in object | $this->searchValues = $_SESSION["search"][$list_name];
- foreach($this->listDef['item'] as $i) {
- $field = $i['field'];
- // if($_REQUEST[$search_prefix.$field] != '') $sql_where .= " $field ".$i["op"]." '".$i["prefix"].$_REQUEST[$search_prefix.$field].$i["suffix"]."' and";
- if(isset($_SESSION['search'][$list_name][$search_prefix.$field]) && $_SESSION['search'][$list_name][$search_prefix.$field] != ''){
- $sql_where .= " $field ".$i['op']." '".$i['prefix'].$_SESSION['search'][$list_name][$search_prefix.$field].$i['suffix']."' and";
- }
- }
-
return ( $sql_where != '' ) ? $sql_where = substr($sql_where,0,-3) : '1';
}
public function getPagingSQL($sql_where = '1')
{
global $app, $conf;
+
+ //* Add Global Limit from selectbox
+ if(!empty($_POST['search_limit']) AND intval($_POST['search_limit'])){
+ $_SESSION['search']['limit'] = $_POST['search_limit'];
+ }
//* Get Config variables
$list_name = $this->listDef['name'];
$search_prefix = $this->listDef['search_prefix'];
- $records_per_page = $this->listDef['records_per_page'];
+ $records_per_page = (empty($_SESSION['search']['limit']) ? $this->listDef['records_per_page'] : $_SESSION['search']['limit']) ;
$table = $this->listDef['table'];
//* set PAGE to zero, if in session not set
@@ -190,12 +210,12 @@
}
//* set PAGE to worth request variable "PAGE" - ? setze page auf wert der request variablen "page"
- if(isset($_REQUEST["page"])) $_SESSION["search"][$list_name]["page"] = $_REQUEST["page"];
+ if(isset($_REQUEST["page"])) $_SESSION["search"][$list_name]["page"] = intval($_REQUEST["page"]);
//* PAGE to 0 set, if look for themselves ? page auf 0 setzen, wenn suche sich ge�ndert hat.
if($this->searchChanged == 1) $_SESSION['search'][$list_name]['page'] = 0;
- $sql_von = $_SESSION['search'][$list_name]['page'] * $records_per_page;
+ $sql_von = intval($_SESSION['search'][$list_name]['page'] * $records_per_page);
$record_count = $app->db->queryOneRecord("SELECT count(*) AS anzahl FROM $table WHERE $sql_where");
$pages = intval(($record_count['anzahl'] - 1) / $records_per_page);
@@ -224,20 +244,20 @@
{
global $app;
$content = '<a href="'."javascript:loadContent('".$vars['list_file'].'?page=0'.$vars['page_params']."');".'">'
- .'<img src="themes/grey/images/btn_left.png" border="0"></a> ';
+ .'<img src="themes/'.$_SESSION['s']['theme'].'/icons/x16/arrow_stop_180.png"></a> ';
//* Show Back
if(isset($vars['show_page_back']) && $vars['show_page_back'] == 1){
$content .= '<a href="'."javascript:loadContent('".$vars['list_file'].'?page='.$vars['last_page'].$vars['page_params']."');".'">'
- .'<img src="themes/grey/images/btn_back.png" border="0"></a> ';
+ .'<img src="themes/'.$_SESSION['s']['theme'].'/icons/x16/arrow_180.png"></a> ';
}
- $content .= ' '.$app->lng('Page').' '.$vars['next_page'].' '.$app->lng('of').' '.$vars['max_pages'].' ';
+ $content .= ' '.$this->lng('page_txt').' '.$vars['next_page'].' '.$this->lng('page_of_txt').' '.$vars['max_pages'].' ';
//* Show Next
if(isset($vars['show_page_next']) && $vars['show_page_next'] == 1){
$content .= '<a href="'."javascript:loadContent('".$vars['list_file'].'?page='.$vars['next_page'].$vars['page_params']."');".'">'
- .'<img src="themes/grey/images/btn_next.png" border="0"></a> ';
+ .'<img src="themes/'.$_SESSION['s']['theme'].'/icons/x16/arrow.png"></a> ';
}
$content .= '<a href="'."javascript:loadContent('".$vars['list_file'].'?page='.$vars['pages'].$vars['page_params']."');".'">'
- .'<img src="themes/grey/images/btn_right.png" border="0"></a>';
+ .'<img src="themes/'.$_SESSION['s']['theme'].'/icons/x16/arrow_stop.png"></a>';
return $content;
}
@@ -246,11 +266,11 @@
global $app;
$content = '[<a href="'.$vars['list_file'].'?page=0'.$vars['page_params'].'">|<< </a>]';
if($vars['show_page_back'] == 1){
- $content .= '[<< <a href="'.$vars['list_file'].'?page='.$vars['last_page'].$vars['page_params'].'">'.$app->lng('Back').'</a>] ';
+ $content .= '[<< <a href="'.$vars['list_file'].'?page='.$vars['last_page'].$vars['page_params'].'">'.$app->lng('page_back_txt').'</a>] ';
}
- $content .= ' '.$app->lng('Page').' '.$vars['next_page'].' '.$app->lng('of').' '.$vars['max_pages'].' ';
+ $content .= ' '.$this->lng('page_txt').' '.$vars['next_page'].' '.$this->lng('page_of_txt').' '.$vars['max_pages'].' ';
if($vars['show_page_next'] == 1){
- $content .= '[<a href="'.$vars['list_file'].'?page='.$vars['next_page'].$vars['page_params'].'">'.$app->lng('Next').' >></a>] ';
+ $content .= '[<a href="'.$vars['list_file'].'?page='.$vars['next_page'].$vars['page_params'].'">'.$app->lng('page_next_txt').' >></a>] ';
}
$content .= '[<a href="'.$vars['list_file'].'?page='.$vars['pages'].$vars['page_params'].'"> >>|</a>]';
return $content;
@@ -267,18 +287,47 @@
public function decode($record)
{
- if(is_array($record)) {
+ global $conf, $app;
+ if(is_array($record) && count($record) > 0 && is_array($this->listDef['item'])) {
foreach($this->listDef['item'] as $field){
$key = $field['field'];
if(isset($record[$key])) {
switch ($field['datatype']){
case 'VARCHAR':
case 'TEXT':
- $record[$key] = stripslashes($record[$key]);
+ $record[$key] = htmlentities(stripslashes($record[$key]),ENT_QUOTES,$conf["html_content_encoding"]);
break;
- case 'DATE':
- $record[$key] = ($record[$key] > 0) ? date($this->dateformat,$record[$key]) : '';
+ case 'DATETSTAMP':
+ if ($record[$key] > 0) {
+ // is value int?
+ if (preg_match("/^[0-9]+[\.]?[0-9]*$/", $record[$key], $p)) {
+ $record[$key] = date($this->lng('conf_format_dateshort'), $record[$key]);
+ } else {
+ $record[$key] = date($this->lng('conf_format_dateshort'), strtotime($record[$key]));
+ }
+ }
+ break;
+ case 'DATE':
+ if ($record[$key] > 0) {
+ // is value int?
+ if (preg_match("/^[0-9]+[\.]?[0-9]*$/", $record[$key], $p)) {
+ $record[$key] = date($this->lng('conf_format_dateshort'), $record[$key]);
+ } else {
+ $record[$key] = date($this->lng('conf_format_dateshort'), strtotime($record[$key]));
+ }
+ }
+ break;
+
+ case 'DATETIME':
+ if ($record[$key] > 0) {
+ // is value int?
+ if (preg_match("/^[0-9]+[\.]?[0-9]*$/", $record[$key], $p)) {
+ $record[$key] = date($this->lng('conf_format_datetime'), $record[$key]);
+ } else {
+ $record[$key] = date($this->lng('conf_format_datetime'), strtotime($record[$key]));
+ }
+ }
break;
case 'INTEGER':
@@ -286,15 +335,15 @@
break;
case 'DOUBLE':
- $record[$key] = $record[$key];
+ $record[$key] = htmlentities($record[$key],ENT_QUOTES,$conf["html_content_encoding"]);
break;
case 'CURRENCY':
- $record[$key] = number_format($record[$key], 2, ',', '');
+ $record[$key] = $app->functions->currency_format($record[$key]);
break;
default:
- $record[$key] = stripslashes($record[$key]);
+ $record[$key] = htmlentities(stripslashes($record[$key]),ENT_QUOTES,$conf["html_content_encoding"]);
}
}
}
@@ -304,6 +353,7 @@
public function encode($record)
{
+ global $app;
if(is_array($record)) {
foreach($this->listDef['item'] as $field){
$key = $field['field'];
@@ -312,16 +362,27 @@
case 'VARCHAR':
case 'TEXT':
if(!is_array($record[$key])) {
- $record[$key] = addslashes($record[$key]);
+ $record[$key] = $app->db->quote($record[$key]);
} else {
$record[$key] = implode($this->tableDef[$key]['separator'],$record[$key]);
}
break;
- case 'DATE':
+ case 'DATETSTAMP':
if($record[$key] > 0) {
- list($tag,$monat,$jahr) = explode('.',$record[$key]);
- $record[$key] = mktime(0,0,0,$monat,$tag,$jahr);
+ $record[$key] = date('Y-m-d',strtotime($record[$key]));
+ }
+ break;
+
+ case 'DATE':
+ if($record[$key] != '' && $record[$key] != '0000-00-00') {
+ $record[$key] = $record[$key];
+ }
+ break;
+
+ case 'DATETIME':
+ if($record[$key] > 0) {
+ $record[$key] = date('Y-m-d H:i:s',strtotime($record[$key]));
}
break;
@@ -330,7 +391,7 @@
break;
case 'DOUBLE':
- $record[$key] = addslashes($record[$key]);
+ $record[$key] = $app->db->quote($record[$key]);
break;
case 'CURRENCY':
@@ -341,6 +402,30 @@
}
return $record;
}
+
+ function lng($msg) {
+ global $app;
+
+ if(isset($this->wordbook[$msg])) {
+ return $this->wordbook[$msg];
+ } else {
+ return $app->lng($msg);
+ }
+ }
+
+ function escapeArrayValues($search_values) {
+ global $conf;
+
+ $out = array();
+ if(is_array($search_values)) {
+ foreach($search_values as $key => $val) {
+ $out[$key] = htmlentities($val,ENT_QUOTES,$conf["html_content_encoding"]);
+ }
+ }
+
+ return $out;
+
+ }
}
--
Gitblit v1.9.1