216 lines
8.2 KiB
PHP
216 lines
8.2 KiB
PHP
<?
|
|
|
|
$messages = array();
|
|
$error = FALSE;
|
|
|
|
|
|
if (isset($custom_action)) {
|
|
$action = $custom_action;
|
|
|
|
} else {
|
|
$action = $_REQUEST["action"];
|
|
}
|
|
switch ($action) {
|
|
case 'edit_tableform':
|
|
edit_tableform();
|
|
break;
|
|
|
|
case 'delete_tableform':
|
|
delete_tableform();
|
|
break;
|
|
case 'new_tableform':
|
|
|
|
require_once("edit_tableform_cardform.inc.php");
|
|
break;
|
|
|
|
case 'save_tableform':
|
|
save_tableform();
|
|
break;
|
|
|
|
case 'moveup_line_tableform':
|
|
moveup_line_tableform();
|
|
require_once("edit_table_listform.inc.php");
|
|
break;
|
|
case 'movedown_line_tableform':
|
|
movedown_line_tableform();
|
|
require_once("edit_table_listform.inc.php");
|
|
break;
|
|
|
|
default:
|
|
|
|
require_once("edit_table_listform.inc.php");
|
|
|
|
break;
|
|
}
|
|
function save_tableform() {
|
|
|
|
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
|
|
$input_id = "";
|
|
|
|
if ($_REQUEST["input_id"] <> '') {
|
|
$query = "UPDATE table_header SET
|
|
description = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_description"]) . "',
|
|
|
|
modified_date = " . time() . ",
|
|
modified_user = " . (int)$GLOBALS["admin_user"]['id'] . ",
|
|
code = '". mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_code"])."',
|
|
no_rows = '". mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["no_rows"])."',
|
|
no_columns = '". mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["no_columns"])."'
|
|
|
|
WHERE id = '" . $_REQUEST["input_id"] . "'
|
|
LIMIT 1";
|
|
$inserted = FALSE;
|
|
|
|
$input_id = $_REQUEST["input_id"];
|
|
|
|
} else {
|
|
|
|
$query = "INSERT INTO table_header
|
|
(main_language_id, description, modified_date, modified_user, code, no_rows, no_columns)
|
|
VALUES (
|
|
" . (int)$GLOBALS["language"]['id'] . ",
|
|
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST['input_description']) . "',
|
|
" . time() . ",
|
|
" . (int)$GLOBALS["admin_user"]['id'] . ",
|
|
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST['input_code']) . "',
|
|
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST['no_rows']) . "',
|
|
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST['no_columns']) . "'
|
|
)";
|
|
|
|
$inserted = TRUE;
|
|
}
|
|
|
|
if (($_REQUEST["input_description"] == '')) {
|
|
$messages[] = "<div class=\"errorbox\">" . $translation->get("error_description") . "</div>\n";
|
|
$error = TRUE;
|
|
}
|
|
if ($_REQUEST["input_code"] <> urlencode($_REQUEST["input_code"])) {
|
|
$messages[] = "<div class=\"errorbox\">" . $translation->get("error_textkey_encoding") . "</div>\n";
|
|
$error = TRUE;
|
|
}
|
|
|
|
if (!$error) {
|
|
@mysqli_query($GLOBALS['mysql_con'], $query);
|
|
if ($inserted == TRUE) {
|
|
$input_id = mysqli_insert_id($GLOBALS['mysql_con']);
|
|
$messages[] = '<div class="successbox">' . $translation->get("data_success_1") . '</div>';
|
|
} else {
|
|
$messages[] = '<div class="successbox">' . $translation->get("data_success_2") . '</div>';
|
|
}
|
|
|
|
if ($inserted == FALSE) {
|
|
for($row = 1; $row <= $_REQUEST['no_rows']; $row++){
|
|
for($column = 1; $column <= $_REQUEST['no_columns']; $column++){
|
|
if (array_key_exists("input_table_" . $input_id."_".$row."_".$column,$_POST) && $_POST["input_table_" . $input_id."_".$row."_".$column] != "" && $_POST["input_table_" . $input_id."_".$row."_".$column] != NULL) {
|
|
add_to_line($row, $column, $input_id, $_POST["input_table_" . $input_id."_".$row."_".$column]);
|
|
} else{
|
|
$deleteData = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM table_line WHERE table_id='".$input_id."' AND row_no = '".$row."' AND column_no = '".$column."'" );
|
|
|
|
}
|
|
}
|
|
}
|
|
}
|
|
edit_tableform($input_id, $messages);
|
|
|
|
|
|
} else {
|
|
header('EDIT_ERROR: 1');
|
|
$input_tableform["description"] = $_REQUEST["input_description"];
|
|
$input_tableform["code"] = $_REQUEST["input_code"];
|
|
$input_tableform["no_rows"] = $_REQUEST["no_rows"];
|
|
$input_tableform["no_columns"] = $_REQUEST["no_columns"];
|
|
$input_tableform["id"] = $_REQUEST["input_id"];
|
|
require_once("edit_tableform_cardform.inc.php");
|
|
}
|
|
}
|
|
function edit_tableform( $_id = "", $messages = array() ) {
|
|
|
|
$input_id = '';
|
|
|
|
if ((int)$_id > 0) {
|
|
$input_id = $_id;
|
|
} if(isset($_REQUEST['input_id']) && $_id == ''){
|
|
$input_id = $_REQUEST["input_id"];
|
|
}
|
|
|
|
|
|
if ($input_id <> '') {
|
|
$query = "SELECT * FROM table_header WHERE id = '" . $input_id . "' LIMIT 1";
|
|
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
|
|
if (@mysqli_num_rows($result) == 1) {
|
|
$input_tableform = @mysqli_fetch_array($result);
|
|
|
|
require_once("edit_tableform_cardform.inc.php");
|
|
|
|
}
|
|
} else {
|
|
$input_tableform = array();
|
|
|
|
require_once("edit_tableform_cardform.inc.php");
|
|
}
|
|
}
|
|
function delete_tableform() {
|
|
if ($_REQUEST["input_id"] <> '') {
|
|
$query = "DELETE FROM table_header WHERE id = '" . $_REQUEST["input_id"] . "' LIMIT 1";
|
|
@mysqli_query($GLOBALS['mysql_con'], $query);
|
|
|
|
|
|
|
|
}
|
|
|
|
require_once("edit_table_listform.inc.php");
|
|
}
|
|
function create_table_set($input_tableform){
|
|
|
|
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
|
|
|
|
|
|
for($i = 1; $i <= $input_tableform['no_rows']; $i++ ){
|
|
echo '<tr style="outline: thin solid #d8dce3;padding:2px;">';
|
|
for($j = 1; $j <= $input_tableform['no_columns']; $j++ ){
|
|
echo '<td style="width:auto; float:none;">';
|
|
$query = "SELECT * FROM table_line WHERE table_id = '" . $input_tableform['id'] . "' AND row_no = ".$i." AND column_no = ".$j." LIMIT 1";
|
|
$result = mysqli_query($GLOBALS['mysql_con'], $query);
|
|
$value = '';
|
|
if (@mysqli_num_rows($result) > 0) {
|
|
$row = @mysqli_fetch_array($result);
|
|
$value = $row['data'];
|
|
}
|
|
input($translation->get("description"), "input_table_".$input_tableform['id']."_".$i."_".$j, "text", $value, 255) ;
|
|
echo '</td>';
|
|
}
|
|
echo '</tr>';
|
|
}
|
|
|
|
}
|
|
function add_to_line($row, $column, $input_id, $data){
|
|
$query = "SELECT * FROM table_line WHERE table_id = '" . $input_id . "' AND row_no = ".$row." AND column_no = ".$column." LIMIT 1";
|
|
$result = mysqli_query($GLOBALS['mysql_con'], $query);
|
|
$queryLine = '';
|
|
if (@mysqli_num_rows($result) > 0) {
|
|
$tableData = @mysqli_fetch_array($result);
|
|
$queryLine = "UPDATE table_line SET
|
|
table_id = " . $input_id . ",
|
|
row_no = '". mysqli_real_escape_string($GLOBALS['mysql_con'], $row)."',
|
|
column_no = '". mysqli_real_escape_string($GLOBALS['mysql_con'], $column)."',
|
|
data = '". mysqli_real_escape_string($GLOBALS['mysql_con'], $data)."'
|
|
WHERE id = '" . $tableData["id"] . "'
|
|
LIMIT 1";
|
|
|
|
|
|
} else {
|
|
|
|
$queryLine = "INSERT INTO table_line
|
|
(table_id, row_no, column_no, data)
|
|
VALUES (
|
|
|
|
" . $input_id . ",
|
|
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $row) . "',
|
|
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $column) . "',
|
|
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $data) . "'
|
|
)";
|
|
|
|
}
|
|
@mysqli_query($GLOBALS['mysql_con'], $queryLine);
|
|
}
|
|
?>
|