From 0f26d12fe75e35bd94baf5e9394cd5fce0530064 Mon Sep 17 00:00:00 2001 From: dave Date: Wed, 11 Oct 2006 16:35:36 +0000 Subject: [PATCH] - Update the multicheck layout - Remove the mysql query on EditSave and NewSave - Unify the EditSave and NewSave code. Now that this is done, I will move the SQL generation task to the group class, so all the editor has to do is instantiate a person class, set some values, and call the save() function. --- tableeditor.class.php | 221 ++++++++++++++---------------------------- 1 file changed, 71 insertions(+), 150 deletions(-) diff --git a/tableeditor.class.php b/tableeditor.class.php index 74f6a4c..36a3a06 100644 --- a/tableeditor.class.php +++ b/tableeditor.class.php @@ -413,65 +413,86 @@ class TableEditor $this->setActivePage($_GET['page']); } - if($_POST['TableEditorAction']=="addsave") + if( ($_POST['TableEditorAction']=="editsave" && $_POST['editsave']) + || ($_POST['TableEditorAction']=="addsave") ) { - $query="INSERT INTO `{$this->table}` ("; - //create list of fields to insert - foreach($this->editfields AS $f=>$n) - $query.="`$f`,"; - if(count($this->hiddenfields)) - { - foreach($this->hiddenfields AS $f=>$n) - { + + if($_POST['TableEditorAction']=="addsave") { + $query="INSERT INTO `{$this->table}` ("; + //create list of fields to insert + foreach($this->editfields AS $f=>$n) $query.="`$f`,"; + if(count($this->hiddenfields)) { + foreach($this->hiddenfields AS $f=>$n) { + $query.="`$f`,"; + } } - } - //rip off the last comma - $query=substr($query,0,-1); - $query.=") VALUES ("; - //create list of field values + //rip off the last comma + $query=substr($query,0,-1); + $query.=") VALUES ("; + $insert_mode = 1; + } else { + $query="UPDATE `{$this->table}` SET "; + $insert_mode = 0; + } + + print_r($_POST); foreach($this->editfields AS $f=>$n) { - //figure out what kind of input this should be + if($insert_mode) { + $field = ''; + } else { + $field = "`$f`="; + } + + $inputtype = ''; + if(isset($_POST['tableeditor_fieldtype'])) { + if(array_key_exists($f, $_POST['tableeditor_fieldtype'])) { + $inputtype = $_POST['tableeditor_fieldtype'][$f]; + } + } + +/* //figure out what kind of input this should be $q=mysql_query("SHOW COLUMNS FROM `{$this->table}` LIKE '$f'"); $r=mysql_fetch_object($q); +*/ - if($r->Type=="date") + if($inputtype == 'date') //r->Type=="date") { if($_POST[$f."_year"] && $_POST[$f."_month"] && $_POST[$f."_day"]) { - $query.="'".mysql_escape_string(stripslashes($_POST[$f."_year"]))."-". + $query.="${field}'".mysql_escape_string(stripslashes($_POST[$f."_year"]))."-". mysql_escape_string(stripslashes($_POST[$f."_month"]))."-". mysql_escape_string(stripslashes($_POST[$f."_day"]))."',"; } else - $query.="null,"; + $query.="${field}null,"; + } - else if($r->Type=="time") + else if($inputtype == 'time') //r->Type=="time") { if($_POST[$f."_hour"]!="" && $_POST[$f."_minute"]!="") { - $query.="'".mysql_escape_string(stripslashes($_POST[$f."_hour"])).":". + $query.="${field}'".mysql_escape_string(stripslashes($_POST[$f."_hour"])).":". mysql_escape_string(stripslashes($_POST[$f."_minute"])).":00',"; } else - $query.="$f=null,"; + $query.="${field}null,"; } else if(substr($f,0,4)=="sel_") { //chose the text field first, if its been filled in, otherwise, go with the select box if($_POST[$f."_text"]) - $query.="'".mysql_escape_string(stripslashes($_POST[$f."_text"]))."',"; + $query.="${field}'".mysql_escape_string(stripslashes($_POST[$f."_text"]))."',"; else if($_POST[$f."_select"]) - $query.="'".mysql_escape_string(stripslashes($_POST[$f."_select"]))."',"; + $query.="${field}'".mysql_escape_string(stripslashes($_POST[$f."_select"]))."',"; else { //maybe the options were over-wridden, if so, just check the field name - $query.="'".mysql_escape_string(stripslashes($_POST[$f]))."',"; + $query.="${field}'".mysql_escape_string(stripslashes($_POST[$f]))."',"; } - } else if(strtolower($f)=="website" && $_POST[$f]) { @@ -479,9 +500,10 @@ class TableEditor //but allow them to enter http:// or https:// themselves. //if no protocol is given, assume http:// if(substr(strtolower($_POST[$f]),0,4)=="http") - $query.="'".mysql_escape_string(stripslashes($_POST[$f]))."',"; + $query.="${field}'".mysql_escape_string(stripslashes($_POST[$f]))."',"; else - $query.="'http://".mysql_escape_string(stripslashes($_POST[$f]))."',"; + $query.="${field}'http://".mysql_escape_string(stripslashes($_POST[$f]))."',"; + } else if(substr($f,0,8)=="filename" && $this->uploadPath) { @@ -491,118 +513,7 @@ class TableEditor if(file_exists($this->uploadPath."/".$_FILES[$f]['name'])) echo error(i18n("A file with that filename already exists, it will be overwritten")); move_uploaded_file($_FILES[$f]['tmp_name'],$this->uploadPath."/".$_FILES[$f]['name']); - $query.="'".mysql_escape_string(stripslashes($_FILES[$f]['name']))."',"; - } - else - { - //okay its a file but there was nothing uploaded, so, set it to null? - $query.="null,"; - } - } - else - { - if($this->fieldValidation[$f]) - { - $query.="'".mysql_escape_string(stripslashes(ereg_replace($this->fieldValidation[$f],"",$_POST[$f])))."',"; - echo "validating ".$this->fieldValidation[$f]; - } - else - $query.="'".mysql_escape_string(stripslashes($_POST[$f]))."',"; - } - } - - - if(count($this->hiddenfields)) - { - foreach($this->hiddenfields AS $f=>$n) - { - if(strtolower($n)=="now()") - $query.="$n,"; - else - $query.="'$n',"; - } - } - - - //rip off the last comma - $query=substr($query,0,-1); - $query.=")"; - mysql_query($query); - if(mysql_error()) - { - echo error(i18n("Error adding new %1: %2",array($this->recordType,mysql_error()))); - echo "query=$query"; - } - else - { - echo happy(i18n("Successfully added new %1",array($this->recordType))); - } - } - - if($_POST['TableEditorAction']=="editsave" && $_POST['editsave']) - { - $query="UPDATE `{$this->table}` SET "; - //create list of field values - foreach($this->editfields AS $f=>$n) - { - //figure out what kind of input this should be - $q=mysql_query("SHOW COLUMNS FROM `{$this->table}` LIKE '$f'"); - $r=mysql_fetch_object($q); - - if($r->Type=="date") - { - if($_POST[$f."_year"] && $_POST[$f."_month"] && $_POST[$f."_day"]) - { - $query.="$f='".mysql_escape_string(stripslashes($_POST[$f."_year"]))."-". - mysql_escape_string(stripslashes($_POST[$f."_month"]))."-". - mysql_escape_string(stripslashes($_POST[$f."_day"]))."',"; - } - else - $query.="$f=null,"; - - } - else if($r->Type=="time") - { - if($_POST[$f."_hour"]!="" && $_POST[$f."_minute"]!="") - { - $query.="$f='".mysql_escape_string(stripslashes($_POST[$f."_hour"])).":". - mysql_escape_string(stripslashes($_POST[$f."_minute"])).":00',"; - } - else - $query.="$f=null,"; - } - else if(substr($f,0,4)=="sel_") - { - //chose the text field first, if its been filled in, otherwise, go with the select box - if($_POST[$f."_text"]) - $query.="$f='".mysql_escape_string(stripslashes($_POST[$f."_text"]))."',"; - else if($_POST[$f."_select"]) - $query.="$f='".mysql_escape_string(stripslashes($_POST[$f."_select"]))."',"; - else - { - //maybe the options were over-wridden, if so, just check the field name - $query.="$f='".mysql_escape_string(stripslashes($_POST[$f]))."',"; - } - } - else if(strtolower($f)=="website" && $_POST[$f]) - { - //intelligently handle website fields, making sure they have the protocol to use - //but allow them to enter http:// or https:// themselves. - //if no protocol is given, assume http:// - if(substr(strtolower($_POST[$f]),0,4)=="http") - $query.="$f='".mysql_escape_string(stripslashes($_POST[$f]))."',"; - else - $query.="$f='http://".mysql_escape_string(stripslashes($_POST[$f]))."',"; - } - else if(substr($f,0,8)=="filename" && $this->uploadPath) - { - //accept the upload - if($_FILES[$f]['size']>0) - { - if(file_exists($this->uploadPath."/".$_FILES[$f]['name'])) - echo error(i18n("A file with that filename already exists, it will be overwritten")); - move_uploaded_file($_FILES[$f]['tmp_name'],$this->uploadPath."/".$_FILES[$f]['name']); - $query.="$f='".mysql_escape_string(stripslashes($_FILES[$f]['name']))."',"; + $query.="${field}'".mysql_escape_string(stripslashes($_FILES[$f]['name']))."',"; } else { @@ -610,18 +521,17 @@ class TableEditor if(is_array($_POST['clear'])) { if(in_array($f,$_POST['clear'])) - $query.="$f=NULL,"; + $query.="${field}NULL,"; } } - } else { if($this->fieldValidation[$f]) - $query.="$f='".mysql_escape_string(stripslashes(ereg_replace($this->fieldValidation[$f],"",$_POST[$f])))."',"; + $query.="${field}'".mysql_escape_string(stripslashes(ereg_replace($this->fieldValidation[$f],"",$_POST[$f])))."',"; else - $query.="$f='".mysql_escape_string(stripslashes($_POST[$f]))."',"; + $query.="${field}'".mysql_escape_string(stripslashes($_POST[$f]))."',"; } } @@ -632,26 +542,35 @@ class TableEditor { //well well... sometimes we want to use a function here, such as NOW(), so if thats the case then we dont want the ' ' around the value, so, lets check for NOW() and handle it differently if(strtolower($n)=="now()") - $query.="`$f`=$n,"; + $query.="${field}$n,"; else - $query.="`$f`='$n',"; + $query.="${field}'$n',"; } } //rip off the last comma $query=substr($query,0,-1); - $query.=" WHERE {$this->primaryKey}='{$_POST['editsave']}'"; + + if($insertmode) { + $query.=")"; + $text_error = "adding new"; + $text_happy = "added new"; + } else { + $query.=" WHERE {$this->primaryKey}='{$_POST['editsave']}'"; + $text_error = "saving"; + $text_happy = "saved"; + } if($this->DEBUG) echo $query; - mysql_query($query); +// mysql_query($query); if(mysql_error()) { - echo error(i18n("Error saving %1: %2",array($this->recordType,mysql_error()))); + echo error(i18n("Error $text_error %1: %2",array($this->recordType,mysql_error()))); } else { - echo happy(i18n("Successfully saved %1",array($this->recordType))); + echo happy(i18n("Successfully $text_happy %1",array($this->recordType))); } } @@ -792,7 +711,7 @@ class TableEditor } else { $ch = ''; } - echo " {$this->fieldOptions[$f][$k]}
"; + echo " {$this->fieldOptions[$f][$k]}
"; } break; @@ -809,6 +728,7 @@ class TableEditor $this->year_selector($f."_year",$yy); echo ""; echo ""; + echo ""; break; @@ -822,6 +742,7 @@ class TableEditor $this->minute_selector($f."_minute",$mm); echo ""; echo ""; + echo ""; break; case "file": if($editdata[$f])