'sql' => $sql);
}
- $id = db_lastid(empty($mask['edit_table']) ? $mask['table'] : $mask['edit_table']);
+ $id = $db->lastInsertId();
if (array_key_exists('postinsert',$mask))
$mask['postinsert']($id);
--- /dev/null
+<?php
+
+class Database {
+ private $db;
+ private $error_log = false;
+ private $error_mail = false;
+ private $lastInsertTable = null;
+
+ public function __construct($driver, $host, $dbname, $user, $passwd)
+ {
+ $this->db = new PDO(sprintf('%s:host=%s;dbname=%s', $driver, $host, $dbname), $user, $passwd);
+
+ # $this->db->query("SET NAMES 'utf8'");
+ # $this->db->query("SET CHARACTER SET 'utf8'");
+ # $this->db->query("SET collation_connection = 'utf8_general_ci'");
+ # $this->db->query("SET lc_time_names = 'de_DE'");
+ }
+
+ public function enableErrorLog()
+ {
+ $this->error_log = true;
+ }
+
+ public function disableErrorLog()
+ {
+ $this->error_log = false;
+ }
+
+ public function setErrorMail($address)
+ {
+ $this->error_mail = $address;
+ }
+
+ private function logQuery($sql)
+ {
+ if ($this->error_log) error_log(trim(str_replace("\n", ' ', $sql)));
+ }
+
+ private function handleError($sth, $sql)
+ {
+ if (!$this->error_log) error_log(trim(str_replace("\n", ' ', $sql)));
+ $arr = $this->db->errorInfo();
+ foreach (explode("\n", $arr[2]) as $line)
+ error_log($line);
+
+ if ($this->error_mail && defined('MAIL_FROM') && defined('MAIL_FROM_NAME')) {
+ $mail = new Mail();
+ $mail->env_from(MAIL_FROM);
+ $mail->set('From', mb_encode_mimeheader(utf8_decode(sprintf("%s <%s>", MAIL_FROM_NAME, MAIL_FROM)),'latin1'));
+ $mail->set('To', $this->error_mail);
+ $mail->set('Subject', 'SQL Error in ' . $_SERVER['REQUEST_URI']);
+
+ $body = sprintf("http://%s%s%s\nReferer: %s\nUser: %s\n\n%s\n\nError Number %d\n%s\n\n",
+ $_SERVER['SERVER_NAME'],
+ $_SERVER['SERVER_PORT'] != 80 ? ':'.$_SERVER['SERVER_PORT'] : '',
+ $_SERVER['REQUEST_URI'],
+ $_SERVER['HTTP_REFERER'],
+ $_SESSION['sys']['login'],
+ trim($sql),
+ $arr[1],
+ $arr[2]);
+
+ ob_start();
+ debug_print_backtrace();
+ $body .= ob_get_contents()."\n";
+ ob_end_clean();
+
+ if (count($_POST)) $body .= 'POST: ' . var_export($_POST,true)."\n";
+ if (count($_GET)) $body .= 'GET: ' . var_export($_GET,true)."\n";
+ if (count($_SESSION)) $body .= 'SESSION: ' . var_export($_SESSION,true)."\n";
+
+ $mail->send($body);
+ }
+ }
+
+ public function quote($string)
+ {
+ if (is_null($string)) return 'NULL';
+ if (strtolower($string) == 'now()' || strtolower($string) == 'current_timestamp') return 'now()';
+ return $this->db->quote($string);
+ }
+
+ public function lastInsertId()
+ {
+ if (DBDRIVER == 'pgsql')
+ return $this->db->lastInsertId($this->lastInsertTable);
+ else
+ return $this->db->lastInsertId();
+ }
+
+ public function query($sql)
+ {
+ $this->logQuery($sql);
+ $sth = $this->db->query($sql);
+
+ if ($sth === false) $this->handleError($sth,$sql);
+
+ if (preg_match('/INSERT\s+INTO\s+(\S+)\s+/i', $sql, $matches))
+ $this->lastInsertTable = $matches[1];
+
+ return $sth;
+ }
+
+ public function execute($sql)
+ {
+ return $this->query($sql) !== false;
+ }
+
+ public function fetchValue($sql)
+ {
+ $sth = $this->query($sql);
+ if ($sth === false) return false;
+ $ret = $sth->fetch(PDO::FETCH_BOTH);
+ if ($ret === false) return false;
+ return $ret[0];
+ }
+
+ public function fetchAssoc($sql)
+ {
+ $sth = $this->query($sql);
+ if ($sth === false) return false;
+ return $sth->fetch(PDO::FETCH_ASSOC);
+ }
+
+ public function fetchObject($sql)
+ {
+ $sth = $this->query($sql);
+ if ($sth === false) return false;
+ return $sth->fetchObject();
+ }
+
+ public function fetchAssocList($sql)
+ {
+ $result = array();
+ $sth = $this->query($sql);
+ if ($sth === false) return $result;
+ while ($row = $sth->fetch(PDO::FETCH_ASSOC))
+ $result[] = $row;
+ return $result;
+ }
+
+ public function fetchObjectList($sql)
+ {
+ $result = array();
+ $sth = $this->query($sql);
+ if ($sth === false) return $result;
+ while ($row = $sth->fetchObject())
+ $result[] = $row;
+ return $result;
+ }
+
+}
+
+?>
--- /dev/null
+<?php
+
+class Mail {
+ protected $header = array();
+ protected $env_from = false;
+
+ public function set($name, $value)
+ {
+ $this->header[$name][] = $value;
+ }
+
+ public function env_from($value)
+ {
+ $this->env_from = $value;
+ }
+
+ public function send($body)
+ {
+ if (!array_key_exists('From', $this->header))
+ throw new Exception('No sender given.');
+ if (!array_key_exists('To', $this->header))
+ throw new Exception('No recipient given.');
+ if (!array_key_exists('Subject', $this->header))
+ throw new Exception('No subject given.');
+ if (empty($body))
+ throw new Exception('Mail body empty.');
+
+ if (!array_key_exists('Content-Type', $this->header))
+ $this->set('Content-Type', 'text/plain; charset=UTF-8');
+ if (!array_key_exists('Content-Disposition', $this->header))
+ $this->set('Content-Disposition', 'inline');
+ if (!array_key_exists('Content-Transfer-Encoding', $this->header))
+ $this->set('Content-Transfer-Encoding', '8bit');
+
+ $header = '';
+ foreach ($this->header as $name => $values) {
+ if ($name == 'To' || $name == 'Subject')
+ continue;
+ else
+ $header .= $name . ': ' . implode(', ', $values) . "\r\n";
+ }
+
+ $opts = '-t';
+ $opts .= strlen($this->env_from) ? ' -f '.$this->env_from : '';
+ $result = mail(implode(',',$this->header['To']), $this->header['Subject'][0], $body, $header, $opts);
+
+ return $result;
+ }
+}
+
+?>
\ No newline at end of file
define('DBUSER', 'username');
define('DBPASS', 'password');
+define('MAIL_FROM', 'www-data@virka.home.infodrom.org');
+define('MAIL_FROM_NAME', 'Infodrom Virka');
+define('MAIL_ERROR', 'joey@finlandia.infodrom.org');
+
define('DELETE_COPY', true);
define('DEBUG', false);
global $db;
$dsn = sprintf('%s:host=%s;dbname=%s', DBDRIVER, DBHOST, DBNAME);
- $db = new PDO($dsn, DBUSER, DBPASS);
+ $db = new Database(DBDRIVER, DBHOST, DBNAME, DBUSER, DBPASS);
+ if (defined('MAIL_ERROR')) $db->setErrorMail(MAIL_ERROR);
}
function db_error()
{
global $db;
- if (DBDRIVER == 'pgsql')
- $sql = sprintf("SELECT currval('%s_id_seq')", $table);
- elseif (DBDRIVER == 'mysql')
- $sql = "SELECT last_insert_id()";
- else
- die("Unsupported database driver");
-
- $sth = $db->query($sql);
- $row = $sth->fetch();
- return $row[0];
+ return $db->lastInsertId();
}
function query_db($sql)
function AffectedRows($rsMain) { return pg_affected_rows($this->conn); }
function Seek($rsMain,$offset) { return pg_result_seek($rsMain,$offset); }
function RunParamQuery($query, $phs = array()) {
+ $query = str_replace(' LIKE ?', ' ILIKE ?', $query);
foreach ($phs as $ph) { // from php.net
if ( isset($ph) ) {
$ph = "'" . pg_escape_string($ph) . "'";
else
error(data.error);
alert(data.error);
+ if (typeof data.logout != 'undefined' && data.logout == true)
+ window.location.href = 'index.php?logout=true';
} else if (req.oncomplete)
req.oncomplete(data);
}
require_once('db.php');
+function __autoload($class)
+{
+ $found = false;
+
+ if (empty($_GLOBALS['module'])) {
+ if (!empty($_REQUEST['source'])) $name = sanitise_filename($_REQUEST['source']);
+ if (!empty($_GET['msak'])) $name = sanitise_filename($_GET['mask']);
+ list($module,$fname) = explode('__', $name);
+ if (!empty($module)) $_GLOBALS['module'] = $module;
+ }
+
+ if (!$found &&
+ !empty($_REQUEST['source']) &&
+ !empty($_GLOBALS['module']) &&
+ is_dir($_SESSION['sys']['basedir'].'masks/'.$_GLOBALS['module'].'/class') &&
+ file_exists($_SESSION['sys']['basedir'].'masks/'.$_GLOBALS['module'].'/class/'.strtolower($class).'.class.php')) {
+ include_once($_SESSION['sys']['basedir'].'masks/'.$_GLOBALS['module'].'/class/'.strtolower($class).'.class.php');
+ $found = true;
+ }
+
+ if (!$found &&
+ is_dir($_SESSION['sys']['basedir'].'class') &&
+ file_exists($_SESSION['sys']['basedir'].'class/'.strtolower($class).'.class.php')) {
+ include_once($_SESSION['sys']['basedir'].'class/'.strtolower($class).'.class.php');
+ $found = true;
+ }
+
+ if (!$found) {
+ $text = sprintf('Class %s not found%',
+ $class,
+ defined(MODULNAME) ? ' in module ' . MODULNAME : '');
+ die($text);
+ }
+}
+
function passwd($login,$pass)
{
return md5(md5($pass).$login);
. "WHERE sys_group_mask.gid = %d AND fname = %s",
$_SESSION['sys']['group'], $db->quote($form));
- $sth = $db->query($sql);
-
- if ($sth === false) {
- error_log('Unauthorised access to ' . $form);
- return false;
- }
+ $count = $db->fetchValue($sql);
- $row = $sth->fetch();
- if ($row === false) {
+ if ($count === false) {
error_log('Unauthorised access to ' . $form);
return false;
}
- if ($row['count'] == 0) {
+ if ($count == 0) {
error_log('Unauthorised access to ' . $form);
return false;
}
return true;
else {
if (empty($_SESSION['sys']['login']))
- format_ajax(array('error' => "No permission to access data.\nNo active session found.\nYou may need to re-login."));
+ format_ajax(array('error' => "No permission to access data.\nNo active session found.\nYou need to re-login.",
+ 'logout' => true));
else
format_ajax(array('error' => 'No permission to access data'));
}
$jscode[] = 'Rico.onLoad( function() {';
$jscode[] = " form_init();";
- $jscode[] = "// ups?";
if (isset($js_file))
$jscode[] = $js_file;
$jscode[] = '});';
$ret[] = sprintf('<p %s> </p>', implode(' ', $v_changes));
$ret[] = '<div class="buttons">';
- $ret[] = sprintf('<button %s>%s</button>', implode(' ', $v_save), 'Speichern');
+ $ret[] = sprintf('<button class="builtin" %s>%s</button>', implode(' ', $v_save), 'Speichern');
$ret[] = '<span></span>';
- $ret[] = sprintf('<button %s>%s</button>', implode(' ', $v_insert), 'Hinzufügen');
+ $ret[] = sprintf('<button class="builtin" %s>%s</button>', implode(' ', $v_insert), 'Hinzufügen');
$ret[] = '<span></span>';
- $ret[] = sprintf('<button %s>%s</button>', implode(' ', $v_delete), 'Löschen');
+ $ret[] = sprintf('<button class="builtin" %s>%s</button>', implode(' ', $v_delete), 'Löschen');
$ret[] = '</div>';
$ret[] = '</form>';
. "WHERE sys_group_mask.gid = ".$_SESSION['sys']['group']." "
. "AND shadow = 0 "
. "ORDER BY sys_menu.priority,sys_menu.name,sys_mask.priority,sys_mask.menutitle";
- $sth = $db->query($sql);
+ $list = $db->fetchObjectList($sql);
- if ($sth) {
+ if (count($list)) {
$menu = 'Start';
- while ($row = $sth->fetch()) {
- if ($menu != $row['name']) {
+ foreach ($list as $row) {
+ if ($menu != $row->name) {
$ret .= '</ul></li>';
- $ret .= sprintf('<li class="dir">%s', $row['name']);
+ $ret .= sprintf('<li class="dir">%s', $row->name);
$ret .= '<ul>';
- $menu = $row['name'];
+ $menu = $row->name;
}
- $ret .= sprintf('<li><a href="./?mask=%s"%s>%s</a></li>', str_replace('|','__',$row['fname']),
- empty($row['title']) ? '' : ' title="'.$row['title'].'"',
- $row['menutitle']);
+ $ret .= sprintf('<li><a href="./?mask=%s"%s>%s</a></li>', str_replace('|','__',$row->fname),
+ empty($row->title) ? '' : ' title="'.$row->title.'"',
+ $row->menutitle);
}
$ret .= '</ul>';
$ret .= '</li>';
if (v=='' || v=='*')
this.setUnfiltered();
else {
- this.setFilter('LIKE', v, Rico.TableColumn.USERFILTER, function() {txtbox.value='';});
+ var colnum = parseInt(txtbox.id.split('_').pop(),10);
+ if (typeof this.options.columnSpecs[colnum].type != 'undefined' &&
+ this.options.columnSpecs[parseInt(colnum,10)].type == 'number')
+ this.setFilter('EQ', v, Rico.TableColumn.USERFILTER, function() {txtbox.value='';});
+ else
+ this.setFilter('LIKE', v, Rico.TableColumn.USERFILTER, function() {txtbox.value='';});
}
},
overflow: hidden;
}
+div.second {
+ margin-top: 10px;
+}
div.second div.title {
margin-bottom: 5px;
}
color: inherit;
}
+button.builtin {
+ background-image: url('images/bg_button.png');
+ background-repeat: repeat-x;
+}
+
+button.custom {
+ background-image: url('images/bg_button_custom.png');
+ background-repeat: repeat-x;
+}
+
button:hover {
background: #EEE;
}