Files
awo-hamburg-intranet/module/table/edit_table.inc.php

216 lines
8.2 KiB
PHP

<?
$messages = array();
$error = FALSE;
if (isset($custom_action)) {
$action = $custom_action;
} else {
$action = $_REQUEST["action"];
}
switch ($action) {
case 'edit_tableform':
edit_tableform();
break;
case 'delete_tableform':
delete_tableform();
break;
case 'new_tableform':
require_once("edit_tableform_cardform.inc.php");
break;
case 'save_tableform':
save_tableform();
break;
case 'moveup_line_tableform':
moveup_line_tableform();
require_once("edit_table_listform.inc.php");
break;
case 'movedown_line_tableform':
movedown_line_tableform();
require_once("edit_table_listform.inc.php");
break;
default:
require_once("edit_table_listform.inc.php");
break;
}
function save_tableform() {
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$input_id = "";
if ($_REQUEST["input_id"] <> '') {
$query = "UPDATE table_header SET
description = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_description"]) . "',
modified_date = " . time() . ",
modified_user = " . (int)$GLOBALS["admin_user"]['id'] . ",
code = '". mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_code"])."',
no_rows = '". mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["no_rows"])."',
no_columns = '". mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["no_columns"])."'
WHERE id = '" . $_REQUEST["input_id"] . "'
LIMIT 1";
$inserted = FALSE;
$input_id = $_REQUEST["input_id"];
} else {
$query = "INSERT INTO table_header
(main_language_id, description, modified_date, modified_user, code, no_rows, no_columns)
VALUES (
" . (int)$GLOBALS["language"]['id'] . ",
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST['input_description']) . "',
" . time() . ",
" . (int)$GLOBALS["admin_user"]['id'] . ",
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST['input_code']) . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST['no_rows']) . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST['no_columns']) . "'
)";
$inserted = TRUE;
}
if (($_REQUEST["input_description"] == '')) {
$messages[] = "<div class=\"errorbox\">" . $translation->get("error_description") . "</div>\n";
$error = TRUE;
}
if ($_REQUEST["input_code"] <> urlencode($_REQUEST["input_code"])) {
$messages[] = "<div class=\"errorbox\">" . $translation->get("error_textkey_encoding") . "</div>\n";
$error = TRUE;
}
if (!$error) {
@mysqli_query($GLOBALS['mysql_con'], $query);
if ($inserted == TRUE) {
$input_id = mysqli_insert_id($GLOBALS['mysql_con']);
$messages[] = '<div class="successbox">' . $translation->get("data_success_1") . '</div>';
} else {
$messages[] = '<div class="successbox">' . $translation->get("data_success_2") . '</div>';
}
if ($inserted == FALSE) {
for($row = 1; $row <= $_REQUEST['no_rows']; $row++){
for($column = 1; $column <= $_REQUEST['no_columns']; $column++){
if (array_key_exists("input_table_" . $input_id."_".$row."_".$column,$_POST) && $_POST["input_table_" . $input_id."_".$row."_".$column] != "" && $_POST["input_table_" . $input_id."_".$row."_".$column] != NULL) {
add_to_line($row, $column, $input_id, $_POST["input_table_" . $input_id."_".$row."_".$column]);
} else{
$deleteData = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM table_line WHERE table_id='".$input_id."' AND row_no = '".$row."' AND column_no = '".$column."'" );
}
}
}
}
edit_tableform($input_id, $messages);
} else {
header('EDIT_ERROR: 1');
$input_tableform["description"] = $_REQUEST["input_description"];
$input_tableform["code"] = $_REQUEST["input_code"];
$input_tableform["no_rows"] = $_REQUEST["no_rows"];
$input_tableform["no_columns"] = $_REQUEST["no_columns"];
$input_tableform["id"] = $_REQUEST["input_id"];
require_once("edit_tableform_cardform.inc.php");
}
}
function edit_tableform( $_id = "", $messages = array() ) {
$input_id = '';
if ((int)$_id > 0) {
$input_id = $_id;
} if(isset($_REQUEST['input_id']) && $_id == ''){
$input_id = $_REQUEST["input_id"];
}
if ($input_id <> '') {
$query = "SELECT * FROM table_header WHERE id = '" . $input_id . "' LIMIT 1";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
if (@mysqli_num_rows($result) == 1) {
$input_tableform = @mysqli_fetch_array($result);
require_once("edit_tableform_cardform.inc.php");
}
} else {
$input_tableform = array();
require_once("edit_tableform_cardform.inc.php");
}
}
function delete_tableform() {
if ($_REQUEST["input_id"] <> '') {
$query = "DELETE FROM table_header WHERE id = '" . $_REQUEST["input_id"] . "' LIMIT 1";
@mysqli_query($GLOBALS['mysql_con'], $query);
}
require_once("edit_table_listform.inc.php");
}
function create_table_set($input_tableform){
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
for($i = 1; $i <= $input_tableform['no_rows']; $i++ ){
echo '<tr style="outline: thin solid #d8dce3;padding:2px;">';
for($j = 1; $j <= $input_tableform['no_columns']; $j++ ){
echo '<td style="width:auto; float:none;">';
$query = "SELECT * FROM table_line WHERE table_id = '" . $input_tableform['id'] . "' AND row_no = ".$i." AND column_no = ".$j." LIMIT 1";
$result = mysqli_query($GLOBALS['mysql_con'], $query);
$value = '';
if (@mysqli_num_rows($result) > 0) {
$row = @mysqli_fetch_array($result);
$value = $row['data'];
}
input($translation->get("description"), "input_table_".$input_tableform['id']."_".$i."_".$j, "text", $value, 255) ;
echo '</td>';
}
echo '</tr>';
}
}
function add_to_line($row, $column, $input_id, $data){
$query = "SELECT * FROM table_line WHERE table_id = '" . $input_id . "' AND row_no = ".$row." AND column_no = ".$column." LIMIT 1";
$result = mysqli_query($GLOBALS['mysql_con'], $query);
$queryLine = '';
if (@mysqli_num_rows($result) > 0) {
$tableData = @mysqli_fetch_array($result);
$queryLine = "UPDATE table_line SET
table_id = " . $input_id . ",
row_no = '". mysqli_real_escape_string($GLOBALS['mysql_con'], $row)."',
column_no = '". mysqli_real_escape_string($GLOBALS['mysql_con'], $column)."',
data = '". mysqli_real_escape_string($GLOBALS['mysql_con'], $data)."'
WHERE id = '" . $tableData["id"] . "'
LIMIT 1";
} else {
$queryLine = "INSERT INTO table_line
(table_id, row_no, column_no, data)
VALUES (
" . $input_id . ",
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $row) . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $column) . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $data) . "'
)";
}
@mysqli_query($GLOBALS['mysql_con'], $queryLine);
}
?>