$name\n";
print_r($val);
echo "\n";
} else {
echo "$name::$val:: \n";
}
}
if (! function_exists('array_search'))
{
include('array_search.inc');
}
class PHPMyEdit {
var $hn; // hostname
var $un; // user name
var $pw; // password
var $db; // database
var $tb; // table
var $key; // Name of field which is the unique key
var $key_type; // Type of key field (int/real/string/date etc)
var $key_delim;
var $inc; // no of records to display (SELECT ... LIMIT $fm, $inc)
var $fm; // first record to display
var $fl; // is the filter row displayed (boolean)
var $options; // Options for users: A(dd) C(hange) D(elete) F(ilter) U(nsorted)
var $fdd; // field definitions
var $qfn; // value of all filters used during the last pass
var $sfn; // sort field number (- = descending sort order)
var $rec; // no. of record selected for editing
var $prev, $next; // navigation buttons
var $sw; // filter display/hide button
var $labels; // labels for buttons, etc (multilingual)
var $operation; // operation to do: Add, Change, Delete
var $saveadd;
var $moreeadd;
var $savechange;
var $savedelete;
var $fds; // sql field names
var $num_fds; // number of fields
var $logtable; // name of optional logtable
function myquery($qry,$line=0)
{
global $debug_query;
if ($debug_query)
echo "
qry at $line: $qry
\n";
$this->elog("qry: $qry",$line);
$ret = @mysql_db_query($this->db,$qry);
if (! $ret) {
$this->elog(mysql_errno().": ".mysql_error().' in '.$qry,__LINE__);
}
return $ret;
}
function htmldisplay($field,$str,$usemask=true,$usecodec=true)
{
# undo the add slashes
$str = stripslashes($str);
# if there's a field mask, use it as first arg to sprintf
if (isset($field['mask']) && $usemask)
$str = sprintf($field['mask'],$str);
if ($usecodec) {
# if db codec is in effect, use it
if (isset($field['dbdecode'])) {
$str = htmlentities(eval("return ".$field['dbdecode']."('".$str."');"));
} else {
$str = htmlentities($str);
}
}
return $str;
}
function encode($field,$str)
{
if (isset($field['dbencode'])) {
return eval(
"return "
.$field['dbencode']
."('".$str."');");
} else {
return $str;
}
}
function elog($str,$line) {
error_log(__FILE__.":$line::\n$str",0);
return true;
}
function make_language_labels($language)
{
# just try the first language and variant
# this isn't content-negotiation rfc compliant
$language = substr($language,0,5);
# try the full language w/ variant
$ret = @include('PME.lang.'.$language.'.inc');
if (! $ret) {
# try the language w/o variant
$ret = @include('PME.lang.'.substr($language,0,2).'.inc');
}
if (! $ret) {
# default to English-U.S.
$ret = @include('PME.lang.EN-US.inc');
}
return $ret;
}
function set_values_from_table($field_num,$prepend='')
{
if($this->fdd[$field_num]['values']['db'])
$db = $this->fdd[$field_num]['values']['db'];
else
$db = $this->db;
$table = $this->fdd[$field_num]['values']['table'];
$key = $this->fdd[$field_num]['values']['column'];
$desc = $this->fdd[$field_num]['values']['description'];
$qparts['type'] = 'select';
$qparts['select'] = 'DISTINCT '.$key;
if ($desc) {
$qparts['select'] .= ','.$desc;
$qparts['orderby'] = $desc;
} else {
$qparts['orderby'] = $key;
}
#$qparts['from'] = "$db.$table.$sel;
$qparts['from'] = "$db.$table";
$qparts['where'] = $this->fdd[$field_num]['values']['filters'];
if ($this->fdd[$field_num]['values']['orderby'])
$qparts['orderby'] = $this->fdd[$field_num]['values']['orderby'];
$res = $this->myquery($this->query_make($qparts),__LINE__);
$values = Array();
if ($prepend != '')
$values[$prepend[0]] = $prepend[1];
while ($row = mysql_fetch_row($res)) {
if ($desc) {
$values[$row[0]] = $row[1];
} else {
$values[$row[0]] = $row[0];
}
}
return $values;
}
function fqn($field, $use_qfx=false)
{
if (is_string($field))
$field = array_search($field,$this->fds);
# get the table/field name
if (isset($this->fdd[$field]['expression']))
{
$ret = $this->fdd[$field]['expression'];
} elseif ($this->fdd[$this->fds[$field]]['values']['description']) {
$ret = 'JoinTable'.$field.'.'.$this->fdd[$this->fds[$field]]['values']['description'];
} elseif ($this->fdd[$this->fds[$field]]['values']['column']) {
$ret = 'JoinTable'.$field.'.'.$this->fdd[$this->fds[$field]]['values']['column'];
} else {
$ret = 'Table0.'.$this->fds[$field];
}
# what to do with $format XXX
if ($use_qfx)
$ret = 'qf'.$field;
# return the value
return $ret;
}
function create_column_list()
{
$fields = Array();
for ($k = 0; $k < $this->num_fds; $k++) {
if ($this->col_is_date($k)) {
#$fields[] = 'DATE_FORMAT('.$this->fqn($k).',"%Y%m%d%H%i%s") AS qf'.$k;
$fields[] = $this->fqn($k).' AS qf'.$k;
} else {
$fields[] = $this->fqn($k).' AS qf'.$k;
}
}
return join(',',$fields);
}
function query_make($parts)
{
foreach ($parts as $k => $v)
$parts[$k] = trim($parts[$k]);
if ($parts['type'] == 'select') {
$ret = 'SELECT ';
if ($parts['DISTINCT'])
$ret .= 'DISTINCT ';
$ret .= $parts['select'];
$ret .= ' FROM '.$parts['from'];
if ($parts['where'] != '')
$ret .= ' WHERE '.$parts['where'];
if ($parts['groupby'] != '')
$ret .= ' GROUP BY '.$parts['groupby'];
if ($parts['having'] != '')
$ret .= ' HAVING '.$parts['having'];
if ($parts['orderby'] != '')
$ret .= ' ORDER BY '.$parts['orderby'];
if ($parts['limit'] != '')
$ret .= ' LIMIT '.$parts['limit'];
if ($parts['procedure'] != '')
$ret .= ' PROCEDURE '.$parts['procedure'];
} elseif ($parts['type'] == 'update') {
$ret = 'UPDATE '.$parts['table'];
$ret .= ' SET '.$parts['fields'];
if ($parts['where'] != '')
$ret .= ' WHERE '.$parts['where'];
} elseif ($parts['type'] == 'insert') {
$ret = 'INSERT INTO '.$parts['table'];
$ret .= ' VALUES '.$parts['values'];
} elseif ($parts['type'] == 'delete') {
$ret = 'DELETE FROM '.$parts['table'];
if ($parts['where'] != '')
$ret .= ' WHERE '.$parts['where'];
}
return $ret;
}
function create_join_clause()
{
$tbs[] = $this->tb;
$join = $this->tb.' AS Table0';
for ($k = 0,$numfds = sizeof($this->fds); $k<$numfds; $k++) {
$field = $this->fds[$k];
if($this->fdd[$field]['values']['db'])
$db = $this->fdd[$field]['values']['db'];
else
$db = $this->db;
$table = $this->fdd[$field]['values']['table'];
$id = $this->fdd[$field]['values']['column'];
$desc = $this->fdd[$field]['values']['description'];
if ($desc != '' || $id != '')
{
$alias = 'JoinTable'.$k;
if (!in_array($alias,$tbs)) {
$join .=
" LEFT OUTER JOIN $db.".
$table.
' AS '.$alias.
' ON '.$alias.
'.'.$id.
'='.'Table0.'.$field;
$tbs[]=$alias;
}
}
}
return $join;
}
function make_where_from_query_opts($qp='')
{
if ($qp == '')
$qp = $this->query_opts;
$where = Array();
foreach ($qp as $field => $ov) {
$where[] = sprintf('%s %s %s',$field,$ov['oper'],$ov['value']);
}
# Add any coder specified filters
if ($this->filters)
$where[] = '('.$this->filters.')';
if (count($where) > 0)
return join(' AND ',$where);
else
return false;
}
function make_text_where_from_query_opts($qp='')
{
if ($qp == '')
$qp = $this->query_opts;
$where = Array();
foreach ($qp as $field => $ov) {
$where[] = sprintf('%s %s %s',$field,$ov['oper'],$ov['value']);
}
if (count($where) > 0)
return str_replace('%','*',join(' AND ',$where));
else
return false;
}
/*
functions for get/post/query args
*/
function gather_post_vars ()
{
global $HTTP_POST_VARS;
foreach ($HTTP_POST_VARS as $key => $val) {
if ($val != '' && $val != '*') {
$pv[$key] = $val;
}
}
$this->pv = $pv;
}
function gather_query_opts ()
{
# gathers query options into an array, $this->query_opts
$query_opts = Array();
$qo = Array();
for ($k = 0; $k < $this->num_fds; $k++) {
# get the field name and value
$l = 'qf'.$k;
$lc = 'qf'.$k.'_comp';
global $$l,$$lc;
$m = $this->web2plain($$l);
# get the comparison operator for numeric/date types
$mc = $this->web2plain($$lc);
$type = $this->fdd[$k]['type'];
if ($m != '')
{
if (is_array($m)) // multiple selection has been used
{
if (!in_array('*',$m)) # one '*' in a multiple selection is all you need
{
for ($n=0; $nfqn($k)] =
Array( 'oper' => $qf_op, 'value' => '('.$qf_val.')');
}
} else {
$afilter = $m;
if ($afilter != '*')
{
if ($this->fdd[$k]['values']['description']) {
$qo[$this->fqn($k)] =
Array( 'oper' => '=', 'value' => "'".$afilter."'");
} elseif ($this->fdd[$k]['values']['column']) {
$qo[$this->fqn($k)] =
Array( 'oper' => '=', 'value' => "'".$afilter."'");
} elseif ($this->col_is_string($k))
{
# massage the filter for a string comparison
if (($afilter != '') AND ($afilter != '*'))
{
$afilter = addslashes(addslashes('%'.str_replace ('*', '%', $afilter).'%'));
$qo[$this->fqn($k)] =
Array( 'oper' => 'like', 'value' => "'".$afilter."'");
}
} elseif ($this->col_is_number($k) && ($$lc != '')) {
if ($$lc != '') {
$qo[$this->fqn($k)] =
Array( 'oper' => $mc, 'value' => $afilter);
}
} elseif ($this->col_is_date($k)) {
#if ($$lc != '') {
# $val = $this->gather_date_fields_into_type($$l,$type);
# $val = $this->mdate_set(date($this->mdate_masks[$type],$this->mdate_getFromPost($k)),$type);
# $val = $this->mdate_getFromPost($k);
# if ($val != '') {
# $qo[$this->fqn($k)] =
# Array( 'oper' => $mc, 'value' => '"'.$val.'"');
# }
#}
# massage the filter for a string comparison
if (($afilter != '') AND ($afilter != '*'))
{
$afilter = addslashes(addslashes('%'.str_replace ('*', '%', $afilter).'%'));
$qo[$this->fqn($k)] =
Array( 'oper' => 'like', 'value' => "'".$afilter."'");
}
} elseif($this->fdd[$k]['values']) {
#debug_var('col_is_string',$this->fdd[$k]['name'].'::'.$this->fdd[$k]['type']);
$qo[$this->fqn($k)] =
Array( 'oper' => '=', 'value' => "'".$afilter."'");
} else {
# unknown (to mysql/php interface) field type massage the filter for a string comparison
$afilter = addslashes(addslashes('%'.str_replace ('*', '%', $afilter).'%'));
$qo[$this->fqn($k)] =
Array( 'oper' => 'like', 'value' => "'".$afilter."'");
}
}
}
} // if
} // for
$this->query_opts = $qo;
} // gather_query_opts
function gather_get_vars()
{
global $QUERY_STRING;
$vals = Array();
$parts = split('&',$QUERY_STRING);
if (count($parts) > 0) {
foreach ($parts as $part) {
list($key,$val) = split('=',$part,2);
$vals[$key] = $val;
}
}
$this->get_opts = $vals;
}
function unify_opts()
{
$all_opts = Array();
if (count($this->qo) > 0)
foreach ($this->qo as $key=>$val)
$all_opts[$key] = $val;
if (count($this->pv) > 0)
foreach ($this->pv as $key=>$val)
$all_opts[$key] = $val;
if (count($this->get_opts) > 0)
foreach ($this->get_opts as $key=>$val)
$all_opts[$key] = $val;
$this->all_opts = $all_opts;
}
/*
type functions
*/
function col_is_date($k) { return in_array($this->fdd[$k]['type'],$this->dateTypes ); }
function col_is_number($k) { return in_array($this->fdd[$k]['type'],$this->numberTypes); }
function col_is_string($k) { return in_array($this->fdd[$k]['type'],$this->stringTypes); }
function col_is_set($k) { return ($this->fdd[$k]['type']=='set'); }
/*
functions for indicating whether operations are enabled
*/
function initial_sort_suppressed() { return (stristr ($this->options, 'I')); }
function add_enabled() { return (stristr ($this->options, 'A')); }
function change_enabled() { return (stristr ($this->options, 'C')); }
function delete_enabled() { return (stristr ($this->options, 'D')); }
function filter_enabled() { return (stristr ($this->options, 'F')); }
function detail_enabled() { return (stristr ($this->options, 'E')); }
function copy_enabled() { return ( $this->add_enabled() && (stristr($this->options, 'P'))); }
function add_operation()
{ return ( ( $this->operation == $this->labels['Add'] or $this->saveadd == $this->labels['Save'])
and $this->add_enabled ()); }
function more_operation()
{ return (($this->moreadd == $this->labels['More']) and $this->add_enabled ()); }
function display_operation()
{ return (($this->operation == $this->labels['Delete']
or $this->savedelete == $this->labels['Save'] ) and $this->delete_enabled()); }
function change_operation()
{ return (($this->operation == $this->labels['Change']
or $this->savechange == $this->labels['Save'] ) and $this->change_enabled()); }
function copy_operation()
{ return (($this->operation == $this->labels['Copy']
or $this->savechange == $this->labels['Save'] ) and $this->add_enabled()); }
function delete_operation()
{ return (($this->operation == $this->labels['Delete']
or $this->savedelete == $this->labels['Save'] ) and $this->delete_enabled()); }
function detail_operation()
{ return (($this->operation == $this->labels['Display'])); }
function filter_operation()
{ return (isset($this->filter) and $this->filter_enabled ()); }
function displayed($k)
{
return (
! $this->hidden($k) ||
! isset($this->fdd[$k]['options']) ||
( $this->add_operation() and stristr($this->fdd[$k]['options'],'A')) ||
( $this->more_operation() and stristr($this->fdd[$k]['options'],'A')) ||
( $this->display_operation() and stristr($this->fdd[$k]['options'],'I')) ||
( $this->change_operation() and stristr($this->fdd[$k]['options'],'C')) ||
( $this->delete_operation() and stristr($this->fdd[$k]['options'],'D'))
);
}
function readonly($k) { return (stristr($this->fdd[$k]['options'],'R') || $this->fdd[$k]['expression']); }
function hidden($k) { return (stristr($this->fdd[$k]['options'],'H')); }
function password($k) { return (stristr($this->fdd[$k]['options'],'P')); }
/*
Create JavaScripts
*/
function create_javascripts()
{
/*
Need a lot of work in here
using something like:
$fdd['fieldname']['validate']['js_regex']='/something/';
$fdd['fieldname']['validate']['php_regex']='something';
*/
if ($this->add_operation() or $this->change_operation() or $this->more_operation()) {
echo '' . "\n"; // echo
echo ''."\n";
}
/*
Action functions
*/
function do_add_record()
{
global $REMOTE_USER, $REMOTE_ADDR;
$tib = true;
# check for a before-add trigger
if (isset($this->triggers['insert']['before'])) {
$tib = include($this->triggers['insert']['before']);
}
if ($tib) {
# before trigger returned good status let's do the main operation
$key_col_val = '';
$qry = '';
for ($k = 0; $k < $this->num_fds; $k++) {
if ( $this->displayed($k) )
{
$fd = $this->fds[$k];
if ($fd == $this->key) {
$key_col_val = addslashes($this->encode($this->fdd[$k],$fn));
}
if ($qry == '') {
$qry = 'INSERT INTO '.$this->tb.' (`'.$fd.'`';
} else {
$qry = $qry.',`'.$fd.'`';
}
}
}
$tim = false;
# do the main operation
$val = ') VALUES (';
$vals = Array();
for ($k = 0; $k < $this->num_fds; $k++)
{
$type = $this->fdd[$k]['type'];
if ( $this->displayed($k) )
{
$fd = $this->fds[$k];
$fn = $this->get_http_post_var_by_name($fd);
/*
if ($this->col_is_date($k))
{
#$vals[$k] = '"'.$this->mdate_set($this->mdate_getFromPost($k),$type,$this->fds[$k]['type']).'"';
if ($type == 'time')
$vals[$k] = 'date_format(from_unixtime('.$this->mdate_getFromPost($k).'),"%H%i%s")';
elseif ($type == 'year')
$vals[$k] = 'date_format(from_unixtime('.$this->mdate_getFromPost($k).'),"%Y")';
else
$vals[$k] = 'from_unixtime('.$this->mdate_getFromPost($k).')';
} else // continued on next line
*/
if ($this->col_is_set($k) && $fn != '') {
$vals[$k] = "'".addslashes($this->encode($this->fdd[$k],join(',',$fn)))."'";
} else {
$vals[$k] = "'".addslashes($this->encode($this->fdd[$k],$fn))."'";
}
}
}
$qry = $qry.$val.join(',',$vals).')';
$res = $this->myquery($qry,__LINE__);
if ($res) {
$tim = true;
}
echo '
'."\n";
*/
}
if (
$tub &&
isset($this->triggers['update']['after']) &&
$tum
) {
# before executed ok
# main op executed ok
# let's do the after trigger
$tua = include($this->triggers['update']['after']);
}
# notify list
if (($this->notify['update'])) {
if (count($changes) > 0) {
$user = $REMOTE_USER;
if (! $user)
$user = $REMOTE_ADDR;
$body = 'An item with '
.$this->fdd[$this->key]['name']
.'='
.$this->key_delim.$this->rec.$this->key_delim
.' was updated by '.$user.' in '.$this->page_name." with the following fields:\n";
foreach ($changes as $key=>$vals) {
if ( $this->displayed($k) ) {
$fieldName = $this->fdd[$key]['name'];
$body .=
$fieldName.":\n".
"was:\t\"".$vals['was']."\"\n".
"is:\t\"".$vals['is']."\"\n";
}
}
# mail it
mail($this->notify['update'],'Record Updated in '.$this->tb,$body);
}
}
# note change in log table
if ($this->logtable) {
foreach ($changes as $key=>$vals) {
$qry = "insert into ".$this->logtable." values (".
"now(),'".$REMOTE_USER."','".$REMOTE_ADDR."','update','".
$this->tb."','".$key_col_val."','".$key."','".
addslashes($vals['was'])."','".
addslashes($vals['is'])."')";
$this->myquery($qry,__LINE__);
}
}
}
function do_delete_record ()
{
global $REMOTE_USER, $REMOTE_ADDR;
$tdb = true;
# check for a before-add trigger
if (isset($this->triggers['delete']['before'])) {
$tdb = include($this->triggers['delete']['before']);
}
$tdm = false;
# before trigger returned good status
# let's do the main operation
if ($tdb) {
# before trigger returned good status
# let's do the main operation
for ($k = 0; $k < $this->num_fds; $k++)
{
if ( $this->displayed($k) ) {
$fd = $this->fds[$k];
if ($fd == $this->key) {
$key_col_val = addslashes($this->encode($this->fdd[$k],$fn));
}
}
}
if ($this->logtable) {
$res = $this->myquery(
'select * from '.$this->tb.' where (`'.$this->key.'` = '.$this->key_delim.$this->rec.$this->key_delim.')'
,__LINE__);
$oldrow = mysql_fetch_array($res);
}
$qry = 'DELETE FROM '.$this->tb.' WHERE (`'.$this->key.'` = '.$this->key_delim.$this->rec.$this->key_delim.')';
$res = $this->myquery($qry,__LINE__);
if ($res) {
$tdm = true;
}
echo '