forked from science-ation/science-ation
- Update the multicheck layout
- Remove the mysql query on EditSave and NewSave - Unify the EditSave and NewSave code. Now that this is done, I will move the SQL generation task to the group class, so all the editor has to do is instantiate a person class, set some values, and call the save() function.
This commit is contained in:
parent
373b876b1b
commit
0f26d12fe7
@ -413,176 +413,86 @@ class TableEditor
|
||||
$this->setActivePage($_GET['page']);
|
||||
}
|
||||
|
||||
if($_POST['TableEditorAction']=="addsave")
|
||||
if( ($_POST['TableEditorAction']=="editsave" && $_POST['editsave'])
|
||||
|| ($_POST['TableEditorAction']=="addsave") )
|
||||
{
|
||||
|
||||
if($_POST['TableEditorAction']=="addsave") {
|
||||
$query="INSERT INTO `{$this->table}` (";
|
||||
//create list of fields to insert
|
||||
foreach($this->editfields AS $f=>$n)
|
||||
$query.="`$f`,";
|
||||
if(count($this->hiddenfields))
|
||||
{
|
||||
foreach($this->hiddenfields AS $f=>$n)
|
||||
{
|
||||
if(count($this->hiddenfields)) {
|
||||
foreach($this->hiddenfields AS $f=>$n) {
|
||||
$query.="`$f`,";
|
||||
}
|
||||
}
|
||||
|
||||
//rip off the last comma
|
||||
$query=substr($query,0,-1);
|
||||
$query.=") VALUES (";
|
||||
|
||||
//create list of field values
|
||||
foreach($this->editfields AS $f=>$n)
|
||||
{
|
||||
//figure out what kind of input this should be
|
||||
$q=mysql_query("SHOW COLUMNS FROM `{$this->table}` LIKE '$f'");
|
||||
$r=mysql_fetch_object($q);
|
||||
|
||||
if($r->Type=="date")
|
||||
{
|
||||
if($_POST[$f."_year"] && $_POST[$f."_month"] && $_POST[$f."_day"])
|
||||
{
|
||||
$query.="'".mysql_escape_string(stripslashes($_POST[$f."_year"]))."-".
|
||||
mysql_escape_string(stripslashes($_POST[$f."_month"]))."-".
|
||||
mysql_escape_string(stripslashes($_POST[$f."_day"]))."',";
|
||||
}
|
||||
else
|
||||
$query.="null,";
|
||||
}
|
||||
else if($r->Type=="time")
|
||||
{
|
||||
if($_POST[$f."_hour"]!="" && $_POST[$f."_minute"]!="")
|
||||
{
|
||||
$query.="'".mysql_escape_string(stripslashes($_POST[$f."_hour"])).":".
|
||||
mysql_escape_string(stripslashes($_POST[$f."_minute"])).":00',";
|
||||
}
|
||||
else
|
||||
$query.="$f=null,";
|
||||
}
|
||||
else if(substr($f,0,4)=="sel_")
|
||||
{
|
||||
//chose the text field first, if its been filled in, otherwise, go with the select box
|
||||
if($_POST[$f."_text"])
|
||||
$query.="'".mysql_escape_string(stripslashes($_POST[$f."_text"]))."',";
|
||||
else if($_POST[$f."_select"])
|
||||
$query.="'".mysql_escape_string(stripslashes($_POST[$f."_select"]))."',";
|
||||
else
|
||||
{
|
||||
//maybe the options were over-wridden, if so, just check the field name
|
||||
$query.="'".mysql_escape_string(stripslashes($_POST[$f]))."',";
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
else if(strtolower($f)=="website" && $_POST[$f])
|
||||
{
|
||||
//intelligently handle website fields, making sure they have the protocol to use
|
||||
//but allow them to enter http:// or https:// themselves.
|
||||
//if no protocol is given, assume http://
|
||||
if(substr(strtolower($_POST[$f]),0,4)=="http")
|
||||
$query.="'".mysql_escape_string(stripslashes($_POST[$f]))."',";
|
||||
else
|
||||
$query.="'http://".mysql_escape_string(stripslashes($_POST[$f]))."',";
|
||||
}
|
||||
else if(substr($f,0,8)=="filename" && $this->uploadPath)
|
||||
{
|
||||
//accept the upload
|
||||
if($_FILES[$f]['size']>0)
|
||||
{
|
||||
if(file_exists($this->uploadPath."/".$_FILES[$f]['name']))
|
||||
echo error(i18n("A file with that filename already exists, it will be overwritten"));
|
||||
move_uploaded_file($_FILES[$f]['tmp_name'],$this->uploadPath."/".$_FILES[$f]['name']);
|
||||
$query.="'".mysql_escape_string(stripslashes($_FILES[$f]['name']))."',";
|
||||
}
|
||||
else
|
||||
{
|
||||
//okay its a file but there was nothing uploaded, so, set it to null?
|
||||
$query.="null,";
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if($this->fieldValidation[$f])
|
||||
{
|
||||
$query.="'".mysql_escape_string(stripslashes(ereg_replace($this->fieldValidation[$f],"",$_POST[$f])))."',";
|
||||
echo "validating ".$this->fieldValidation[$f];
|
||||
}
|
||||
else
|
||||
$query.="'".mysql_escape_string(stripslashes($_POST[$f]))."',";
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if(count($this->hiddenfields))
|
||||
{
|
||||
foreach($this->hiddenfields AS $f=>$n)
|
||||
{
|
||||
if(strtolower($n)=="now()")
|
||||
$query.="$n,";
|
||||
else
|
||||
$query.="'$n',";
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
//rip off the last comma
|
||||
$query=substr($query,0,-1);
|
||||
$query.=")";
|
||||
mysql_query($query);
|
||||
if(mysql_error())
|
||||
{
|
||||
echo error(i18n("Error adding new %1: %2",array($this->recordType,mysql_error())));
|
||||
echo "query=$query";
|
||||
}
|
||||
else
|
||||
{
|
||||
echo happy(i18n("Successfully added new %1",array($this->recordType)));
|
||||
}
|
||||
}
|
||||
|
||||
if($_POST['TableEditorAction']=="editsave" && $_POST['editsave'])
|
||||
{
|
||||
$insert_mode = 1;
|
||||
} else {
|
||||
$query="UPDATE `{$this->table}` SET ";
|
||||
//create list of field values
|
||||
$insert_mode = 0;
|
||||
}
|
||||
|
||||
print_r($_POST);
|
||||
foreach($this->editfields AS $f=>$n)
|
||||
{
|
||||
//figure out what kind of input this should be
|
||||
if($insert_mode) {
|
||||
$field = '';
|
||||
} else {
|
||||
$field = "`$f`=";
|
||||
}
|
||||
|
||||
$inputtype = '';
|
||||
if(isset($_POST['tableeditor_fieldtype'])) {
|
||||
if(array_key_exists($f, $_POST['tableeditor_fieldtype'])) {
|
||||
$inputtype = $_POST['tableeditor_fieldtype'][$f];
|
||||
}
|
||||
}
|
||||
|
||||
/* //figure out what kind of input this should be
|
||||
$q=mysql_query("SHOW COLUMNS FROM `{$this->table}` LIKE '$f'");
|
||||
$r=mysql_fetch_object($q);
|
||||
*/
|
||||
|
||||
if($r->Type=="date")
|
||||
if($inputtype == 'date') //r->Type=="date")
|
||||
{
|
||||
if($_POST[$f."_year"] && $_POST[$f."_month"] && $_POST[$f."_day"])
|
||||
{
|
||||
$query.="$f='".mysql_escape_string(stripslashes($_POST[$f."_year"]))."-".
|
||||
$query.="${field}'".mysql_escape_string(stripslashes($_POST[$f."_year"]))."-".
|
||||
mysql_escape_string(stripslashes($_POST[$f."_month"]))."-".
|
||||
mysql_escape_string(stripslashes($_POST[$f."_day"]))."',";
|
||||
}
|
||||
else
|
||||
$query.="$f=null,";
|
||||
$query.="${field}null,";
|
||||
|
||||
}
|
||||
else if($r->Type=="time")
|
||||
else if($inputtype == 'time') //r->Type=="time")
|
||||
{
|
||||
if($_POST[$f."_hour"]!="" && $_POST[$f."_minute"]!="")
|
||||
{
|
||||
$query.="$f='".mysql_escape_string(stripslashes($_POST[$f."_hour"])).":".
|
||||
$query.="${field}'".mysql_escape_string(stripslashes($_POST[$f."_hour"])).":".
|
||||
mysql_escape_string(stripslashes($_POST[$f."_minute"])).":00',";
|
||||
}
|
||||
else
|
||||
$query.="$f=null,";
|
||||
$query.="${field}null,";
|
||||
}
|
||||
else if(substr($f,0,4)=="sel_")
|
||||
{
|
||||
//chose the text field first, if its been filled in, otherwise, go with the select box
|
||||
if($_POST[$f."_text"])
|
||||
$query.="$f='".mysql_escape_string(stripslashes($_POST[$f."_text"]))."',";
|
||||
$query.="${field}'".mysql_escape_string(stripslashes($_POST[$f."_text"]))."',";
|
||||
else if($_POST[$f."_select"])
|
||||
$query.="$f='".mysql_escape_string(stripslashes($_POST[$f."_select"]))."',";
|
||||
$query.="${field}'".mysql_escape_string(stripslashes($_POST[$f."_select"]))."',";
|
||||
else
|
||||
{
|
||||
//maybe the options were over-wridden, if so, just check the field name
|
||||
$query.="$f='".mysql_escape_string(stripslashes($_POST[$f]))."',";
|
||||
$query.="${field}'".mysql_escape_string(stripslashes($_POST[$f]))."',";
|
||||
}
|
||||
|
||||
}
|
||||
else if(strtolower($f)=="website" && $_POST[$f])
|
||||
{
|
||||
@ -590,9 +500,10 @@ class TableEditor
|
||||
//but allow them to enter http:// or https:// themselves.
|
||||
//if no protocol is given, assume http://
|
||||
if(substr(strtolower($_POST[$f]),0,4)=="http")
|
||||
$query.="$f='".mysql_escape_string(stripslashes($_POST[$f]))."',";
|
||||
$query.="${field}'".mysql_escape_string(stripslashes($_POST[$f]))."',";
|
||||
else
|
||||
$query.="$f='http://".mysql_escape_string(stripslashes($_POST[$f]))."',";
|
||||
$query.="${field}'http://".mysql_escape_string(stripslashes($_POST[$f]))."',";
|
||||
|
||||
}
|
||||
else if(substr($f,0,8)=="filename" && $this->uploadPath)
|
||||
{
|
||||
@ -602,7 +513,7 @@ class TableEditor
|
||||
if(file_exists($this->uploadPath."/".$_FILES[$f]['name']))
|
||||
echo error(i18n("A file with that filename already exists, it will be overwritten"));
|
||||
move_uploaded_file($_FILES[$f]['tmp_name'],$this->uploadPath."/".$_FILES[$f]['name']);
|
||||
$query.="$f='".mysql_escape_string(stripslashes($_FILES[$f]['name']))."',";
|
||||
$query.="${field}'".mysql_escape_string(stripslashes($_FILES[$f]['name']))."',";
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -610,18 +521,17 @@ class TableEditor
|
||||
if(is_array($_POST['clear']))
|
||||
{
|
||||
if(in_array($f,$_POST['clear']))
|
||||
$query.="$f=NULL,";
|
||||
$query.="${field}NULL,";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
if($this->fieldValidation[$f])
|
||||
$query.="$f='".mysql_escape_string(stripslashes(ereg_replace($this->fieldValidation[$f],"",$_POST[$f])))."',";
|
||||
$query.="${field}'".mysql_escape_string(stripslashes(ereg_replace($this->fieldValidation[$f],"",$_POST[$f])))."',";
|
||||
else
|
||||
$query.="$f='".mysql_escape_string(stripslashes($_POST[$f]))."',";
|
||||
$query.="${field}'".mysql_escape_string(stripslashes($_POST[$f]))."',";
|
||||
}
|
||||
}
|
||||
|
||||
@ -632,26 +542,35 @@ class TableEditor
|
||||
{
|
||||
//well well... sometimes we want to use a function here, such as NOW(), so if thats the case then we dont want the ' ' around the value, so, lets check for NOW() and handle it differently
|
||||
if(strtolower($n)=="now()")
|
||||
$query.="`$f`=$n,";
|
||||
$query.="${field}$n,";
|
||||
else
|
||||
$query.="`$f`='$n',";
|
||||
$query.="${field}'$n',";
|
||||
}
|
||||
}
|
||||
|
||||
//rip off the last comma
|
||||
$query=substr($query,0,-1);
|
||||
|
||||
if($insertmode) {
|
||||
$query.=")";
|
||||
$text_error = "adding new";
|
||||
$text_happy = "added new";
|
||||
} else {
|
||||
$query.=" WHERE {$this->primaryKey}='{$_POST['editsave']}'";
|
||||
$text_error = "saving";
|
||||
$text_happy = "saved";
|
||||
}
|
||||
|
||||
if($this->DEBUG) echo $query;
|
||||
|
||||
mysql_query($query);
|
||||
// mysql_query($query);
|
||||
if(mysql_error())
|
||||
{
|
||||
echo error(i18n("Error saving %1: %2",array($this->recordType,mysql_error())));
|
||||
echo error(i18n("Error $text_error %1: %2",array($this->recordType,mysql_error())));
|
||||
}
|
||||
else
|
||||
{
|
||||
echo happy(i18n("Successfully saved %1",array($this->recordType)));
|
||||
echo happy(i18n("Successfully $text_happy %1",array($this->recordType)));
|
||||
}
|
||||
}
|
||||
|
||||
@ -792,7 +711,7 @@ class TableEditor
|
||||
} else {
|
||||
$ch = '';
|
||||
}
|
||||
echo "<input type=\"checkbox\" name=\"{$f}_text\" value=\"\" $ch> {$this->fieldOptions[$f][$k]}<br>";
|
||||
echo "<input type=\"checkbox\" name=\"{$f}[$k]\" value=\"1\" $ch> {$this->fieldOptions[$f][$k]}<br>";
|
||||
}
|
||||
break;
|
||||
|
||||
@ -809,6 +728,7 @@ class TableEditor
|
||||
$this->year_selector($f."_year",$yy);
|
||||
echo "</td></tr>";
|
||||
echo "</table>";
|
||||
echo "<input type=\"hidden\" name=\"tableeditor_fieldtype[$f]\" value=\"date\">";
|
||||
break;
|
||||
|
||||
|
||||
@ -822,6 +742,7 @@ class TableEditor
|
||||
$this->minute_selector($f."_minute",$mm);
|
||||
echo "</td></tr>";
|
||||
echo "</table>";
|
||||
echo "<input type=\"hidden\" name=\"tableeditor_fieldtype[$f]\" value=\"time\">";
|
||||
break;
|
||||
case "file":
|
||||
if($editdata[$f])
|
||||
|
Loading…
Reference in New Issue
Block a user