forked from freuds/nconf
-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathmodify_attr_write2db.php
363 lines (278 loc) · 13.7 KB
/
modify_attr_write2db.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
<?php
require_once 'include/head.php';
// delay normaly short (given from config)
// but if there is a special message, the message should be read, so put the delay few seconds higher
$redirecting_delay = REDIRECTING_DELAY;
// will be added to url redirection, for knowing about naming attribute information on attribute overview
$naming_attr_message = "";
# when naming_attr = yes we must set mandatory to yes (should come from select boxes, but this code here will ensure that.
if(isset($_POST['naming_attr']) AND $_POST['naming_attr'] == "yes"){
$_POST['mandatory'] = "yes";
$mandatory = $_POST['mandatory'];
message($debug, 'attribute mandatory is set to "yes" (because this attr is saved as naming_attr)');
}elseif( !empty($_POST['mandatory']) ){
$mandatory = $_POST['mandatory'];
}elseif( !empty($_POST['HIDDEN_mandatory']) ){
$mandatory = $_POST['HIDDEN_mandatory'];
$_POST['mandatory'] = $_POST['HIDDEN_mandatory'];
}
// read mandatory values
$attr_id = $_POST['attr_id'];
$attr_name = escape_string($_POST['attr_name']);
$friendly_name = escape_string($_POST['friendly_name']);
$visible = $_POST['visible'];
$write2conf = $_POST['conf'];
# take attr class from form if it is an ADD, else it gets the class from the DB (attention: this should only be so if class cant be modified)
if ($attr_id == "new"){
$fk_id_class = $_POST['fk_id_class'];
# additional entries needed for ADD
$datatype = $_POST['datatype'];
$naming_attr = $_POST['naming_attr'];
// process non-mandatory values
if(isset($_POST['fk_show_class_items'])){
$fk_show_class_items = $_POST['fk_show_class_items'];
}else{
$fk_show_class_items = "NULL";
}
if(isset($_POST['link_as_child'])){
$link_as_child = $_POST['link_as_child'];
}else{
$link_as_child = "no";
}
}else{
$query = "SELECT fk_id_class FROM ConfigAttrs WHERE id_attr=$attr_id";
$fk_id_class = db_handler($query, 'getOne', "get class id");
}
# Get class name for later use (e.g. in link)
$query = 'SELECT config_class FROM ConfigClasses where id_class = "'.$fk_id_class.'"';
$class_name = db_handler($query, "getOne", "get class name");
###
# check if attr already exists in this class
###
$query = 'SELECT id_attr, attr_name, friendly_name FROM ConfigAttrs WHERE fk_id_class="'.$fk_id_class.'" AND attr_name ="'.mysqli_real_escape_string($dbh,$attr_name).'"';
$result = db_handler($query, "assoc", "Check if attribute name already exists in this class");
# Entry exists? -> if its a modify, the id should be the same as attr_id, else the user tries to rename it to a existing one, which is not allowed!
if ( (!empty($result)) AND ( ($attr_id == "new") OR ($attr_id != $result["id_attr"]) ) ){
//message($error, 'Attribute with name "'.$attr_name.'" already exists for this class! <br> Click for details or go back:<br>');
//message($error, '<a href="detail_attributes.php?class='.$class_name.'&id='.$result["id_attr"].'">'.$result["attr_name"].'</a>', "list");
NConf_DEBUG::set('An attribute with the name "'.$attr_name.'" already exists for this class!', 'ERROR');
NConf_DEBUG::set('Click for details or go back:', 'ERROR');
$list_item = '<li><a href="detail_admin_items.php?type=attr&class='.$class_name.'&id='.$result["id_attr"].'">'.$result["attr_name"].'</a></li>';
$list = '<ul>'.$list_item.'</ul>';
NConf_DEBUG::set($list, 'ERROR');
$write2db = "no";
# When user clicks on a listed item, and goes to delete it, the redirect must know where to go after delete, this would be the add page:
# this feature is not finished with attributes!
$_SESSION["after_delete_page"] = $_SERVER["HTTP_REFERER"];
message($debug, 'Setting after delete page to : '.$_SERVER["HTTP_REFERER"]);
}else{
# check mandatory input
# It divers for ADD or MODIFY !
if ($attr_id == "new"){
$title = "Add attribute";
# mandatory for ADD
$mandatory_fields = array("attr_name" => "attribute name", 'friendly_name' => "friendly name", 'datatype'=> "attribute datatype", 'mandatory' => "mandatory", 'visible' => "visible", 'conf' => "write to conf", 'fk_id_class' => "attribute class", 'naming_attr' => "is naming attribute");
}else{
$title = "Modify attribute";
# mandatory for modify
$mandatory_fields = array("attr_name" => "attribute name", 'friendly_name' => "friendly name", 'mandatory' => "mandatory", 'visible' => "visible", 'conf' => "write to conf");
}
echo NConf_HTML::title($title);
# Check mandatory fields
$write2db = check_mandatory($mandatory_fields,$_POST);
}
# special links
# they should not both be yes (already checked, not possible with javascript)
if(isset($_POST['link_as_child'])){
$link_as_child = $_POST['link_as_child'];
}else{
$link_as_child = 'no';
}
if(isset($_POST['link_bidirectional'])){
$link_bidirectional = $_POST['link_bidirectional'];
}else{
$link_bidirectional = 'no';
}
/* Is now allowed:
if ( $link_as_child == "yes" && $link_bidirectional == "yes" ){
$write2db = "no";
message($error, 'You cannot have both special linkings on "yes"');
}
*/
// process non-mandatory values
if(isset($_POST['description'])){
$description = escape_string($_POST['description']);
}else{
$description = "NULL";
}
if(isset($_POST['poss_values'])){
$poss_values = escape_string($_POST['poss_values']);
}else{
$poss_values = "";
}
if(isset($_POST['predef_value'])){
$predef_value = escape_string($_POST['predef_value']);
}else{
$predef_value = "";
}
if(isset($_POST['max_length'])){
$max_length = $_POST['max_length'];
}else{
$max_length = "";
}
if($_POST['ordering'] != ""){
$ordering = $_POST['ordering'];
}else{
$query = "SELECT MAX(ordering) FROM ConfigAttrs WHERE fk_id_class=$fk_id_class";
$max_ord = db_handler($query, 'getOne', "get highest ordering number in class");
$ordering = $max_ord+1;
}
# write to db
if ($write2db == "yes"){
# ADD OR MODIFY
if ($attr_id == "new"){
##
## ADD CONTENT ##
##
$query = "INSERT INTO ConfigAttrs (attr_name,friendly_name,description,datatype,max_length,poss_values,predef_value,mandatory,ordering,visible,write_to_conf,naming_attr,link_as_child,link_bidirectional,fk_show_class_items,fk_id_class) VALUES ('$attr_name','$friendly_name','$description','$datatype','$max_length','$poss_values','$predef_value','$mandatory','$ordering','$visible','$write2conf','$naming_attr','$link_as_child','$link_bidirectional',$fk_show_class_items,'$fk_id_class')";
$result = db_handler($query, "result", "insert");
if($result){
# Get ID of insert:
$new_id = mysqli_insert_id($dbh);
echo NConf_HTML::text("Successfully added attribute "$attr_name"");
history_add("created", "Attribute", $attr_name);
# Check for other itmes with same order number, and change theme
set_attr_order($new_id, $ordering, $fk_id_class);
# Delete Cache of modify (if still exist)
if ( isset($_SESSION["cache"]["modify_attr"]) ) unset($_SESSION["cache"]["modify_attr"]);
# Go to show_attr page and show the class which the new added attribute belongs to
$url = 'show_attr.php?class='.$class_name;
echo '<meta http-equiv="refresh" content="'.REDIRECTING_DELAY.'; url='.$url.'">';
NConf_DEBUG::set('<a href="'.$url.'"> [ this page ] (in '.REDIRECTING_DELAY.' seconds)</a>', 'INFO', "<br>redirecting to");
}else{
echo "<h2>Failed to add attribute "$attr_name"</h2>";
}
}else{
##
## MODIFY CONTENT: ##
##
// 2009-03-04 A. Gargiulo: disabled this code because we don't want users to be able to
// modify all of the attr params, especially the naming attr (could cause data inconsistency)!
// read mandatory values
//$datatype = $_POST['datatype'];
//$fk_id_class = $_POST['fk_id_class'];
//$naming_attr = $_POST['naming_attr'];
// process non-mandatory values
//if(isset($_POST['fk_show_class_items'])){
// $fk_show_class_items = $_POST['fk_show_class_items'];
//}else{
// $fk_show_class_items = "NULL";
//}
//if(isset($_POST['link_as_child'])){
// $link_as_child = $_POST['link_as_child'];
//}else{
// $link_as_child = "no";
//}
// search other naming attr (but not this attrbiute), because there can be only 1 Naming Attribute
//$old_naming_attr_query = 'SELECT id_attr FROM ConfigAttrs WHERE fk_id_class='.$fk_id_class.' AND naming_attr = "yes" AND id_attr != '.$attr_id;
//$old_naming_attr_array = db_handler($old_naming_attr_query, "array", "looking up OTHER naming attrs in this class");
//if($naming_attr == "yes"){
// nothing hapens here, because all other will be deleted, this will be set
//}elseif($naming_attr == "no"){
// if there is no other naming attr
// select all other attributes in this class, and look if there is one naming attr set to yes.
// that is needed, otherwise the naming attr can't get "no" because this is the last one (so actual it should be yes)
// if ( count($old_naming_attr_array) == 0 ){
// $naming_attr = "yes";
// message($info, TXT_NAMING_ATTR_LAST);
// $naming_attr_message = "&naming_attr=last";
// }
//}
// UPDATE ConfigAttrs
//$query = mysqli_query($dbh,"UPDATE ConfigAttrs
// SET
// attr_name = '$attr_name',
// friendly_name = '$friendly_name',
// description = '$description',
// datatype = '$datatype',
// max_length = '$max_length',
// poss_values = '$poss_values',
// predef_value = '$predef_value',
// mandatory = '$mandatory',
// ordering = '$ordering',
// visible = '$visible',
// write_to_conf = '$write2conf',
// naming_attr = '$naming_attr',
// link_as_child = '$link_as_child',
// link_bidirectional = '$link_bidirectional',
// fk_show_class_items = $fk_show_class_items,
// fk_id_class = '$fk_id_class'
// WHERE
// id_attr = $attr_id
// ");
# get old ordering number
$old_ordering = db_handler("SELECT ordering FROM ConfigAttrs WHERE id_attr=$attr_id", "getOne", "GET old ordering number of attr");
// UPDATE ConfigAttrs
$query = "UPDATE ConfigAttrs
SET
attr_name = '$attr_name',
friendly_name = '$friendly_name',
description = '$description',
max_length = '$max_length',
poss_values = '$poss_values',
predef_value = '$predef_value',
mandatory = '$mandatory',
ordering = '$ordering',
visible = '$visible',
write_to_conf = '$write2conf'
WHERE
id_attr = $attr_id";
$result = db_handler($query, "update", "Modify attribute parameters");
if ($result){
# handle the ordering of the other items
set_attr_order($attr_id, $ordering, $fk_id_class, $old_ordering);
echo NConf_HTML::text("Successfully modified attribute "$attr_name"", FALSE);
if ($naming_attr_message == "&naming_attr=last"){
echo TXT_NAMING_ATTR_LAST;
}
// 2009-03-04 A. Gargiulo: disabled this code because we don't want users to be able to
// modify all of the attr params, especially the naming attr (could cause data inconsistency)!
// When succesfully set new entry including new naming attribute, delete the old one
//if($naming_attr == "yes"){
// if ( (count($old_naming_attr_array) != "0") AND $naming_attr == "yes" ){
// foreach ($old_naming_attr_array as $attribute){
// $update_query = 'UPDATE `ConfigAttrs` SET `naming_attr` = "no" WHERE `id_attr` = '.$attribute["id_attr"];
// db_handler($update_query, "insert", "set old naming attr to 'no'");
// }
// $naming_attr_message = "&naming_attr=changed";
// }
//}
// Go to next page without pressing the button
// Delete Cache of modify (if still exist)
if ( isset($_SESSION["cache"]["modify_attr"]) ) unset($_SESSION["cache"]["modify_attr"]);
// set go back page (show attr ) with defined class
$_SESSION["go_back_page"] = 'show_attr.php?class='.$class_name;
echo '<meta http-equiv="refresh" content="'.$redirecting_delay.'; url='.$_SESSION["go_back_page"].$naming_attr_message.'">';
NConf_DEBUG::set('<a href="'.$_SESSION["go_back_page"].$naming_attr_message.'"> [ this page ] (in '.REDIRECTING_DELAY.' seconds)</a>', 'INFO', "<br>redirecting to");
}else{
echo "<h2>Failed to modify attribute "$attr_name"</h2>";
}
}
}else{ # write to db
if ( isset($_SESSION["cache"]["modify_attr"]) ) unset($_SESSION["cache"]["modify_attr"]);
if ( NConf_DEBUG::status('ERROR') ) {
$_SESSION["cache"]["use_cache"] = TRUE;
echo NConf_HTML::limit_space( NConf_HTML::show_error() );
echo "<br><br>";
echo NConf_HTML::back_button($_SESSION["go_back_page"]);
# Cache
foreach ($_POST as $key => $value) {
$_SESSION["cache"]["modify_attr"][$attr_id][$key] = $value;
}
}else{
echo NConf_DEBUG::show_debug('INFO', TRUE);
}
}
mysqli_close($dbh);
require_once 'include/foot.php';
?>