3 require_once('../init.php');
7 $fields = array("to_char(sys_edit,'DD.MM.YYYY HH24:mm') AS sys_edit", 'sys_user');
8 foreach ($mask['edit'] as $field => $info)
9 if ($info['type'] != 'passwd')
12 $sql = sprintf('SELECT id,%s FROM %s WHERE id = %d',
13 implode(',', $fields),
14 $mask['table'], $_POST['id']);
16 $sth = pg_query($sql);
17 if ($sth === false) return false;
19 $row = pg_fetch_assoc($sth);
21 foreach ($mask['edit'] as $field => $info)
22 if ($info['type'] == 'boolean')
23 $row[$field] = $row[$field]?true:false;
24 elseif ($info['type'] == 'passwd')
26 elseif (array_key_exists('format', $info))
27 $row[$field] = sprintf($info['format'], $row[$field]);
32 function details($mask)
34 if (empty($_POST['id']))
35 return array('error' => 'Missing ID');
37 $sql = sprintf('SELECT id,%s FROM %s WHERE id = %d',
38 implode(',', array_keys($mask['details']['list'])),
39 $mask['table'], $_POST['id']);
41 $sth = pg_query($sql);
44 return array('error' => pg_last_error(),
47 $row = pg_fetch_assoc($sth);
49 foreach ($mask['details']['list'] as $field => $info)
50 if (array_key_exists('format', $info))
51 $row[$field] = sprintf($info['format'], $row[$field]);
56 function format_decimal($value)
58 $value = str_replace(',','.',$value);
59 return sprintf("%.2f", $value);
64 if (empty($_POST['id']))
65 return array('error' => 'Missing ID');
67 $update = array(sprintf("sys_user = '%s'", pg_escape_string($_SESSION['sys']['login'])),
70 foreach ($mask['edit'] as $field => $info) {
71 if ($info['required'] === true && empty($_POST[$field]))
72 return array('error' => sprintf('Pflichtfeld %s nicht ausgefüllt', $info['name']),
73 'errormsg' => 'Pflichtfelder nicht ausgefüllt');
75 if ($info['type'] == 'boolean') {
76 $update[] = sprintf("%s=%d", $field, $_POST[$field] == 'on'?1:0);
77 } elseif ($info['type'] == 'number' || $info['type'] == 'select') {
78 if (empty($_POST[$field]) && $info['null'] === true)
79 $update[] = sprintf("%s=NULL", $field);
81 $update[] = sprintf("%s=%d", $field, $_POST[$field]);
82 } elseif ($info['type'] == 'decimal') {
83 if (empty($_POST[$field]) && $info['null'] === true)
84 $update[] = sprintf("%s=NULL", $field);
86 $update[] = sprintf("%s=%s", $field, format_decimal($_POST[$field]));
87 } elseif ($info['type'] == 'passwd') {
88 if (!empty($_POST[$field]))
89 $update[] = sprintf("%s='%s'", $field, pg_escape_string(passwd($_SESSION['sys']['login'],$_POST[$field])));
91 if (empty($_POST[$field]) && $info['null'] === true)
92 $update[] = sprintf("%s=NULL", $field);
94 $update[] = sprintf("%s='%s'", $field, pg_escape_string($_POST[$field]));
98 $sql = 'UPDATE ' . $mask['table'] . ' SET ';
99 $sql .= implode(', ', $update);
100 $sql .= ' WHERE id = ' . intval($_POST['id']);
102 $sth = pg_query($sql);
104 if ($sth === false) {
105 error_log($sql . ': ' . pg_last_error());
106 return array('error' => pg_last_error(),
110 return array('status' => true);
113 function insert($mask)
115 $fields = array('sys_user','sys_edit');
116 $values = array("'".pg_escape_string($_SESSION['sys']['login'])."'", 'now()');
118 foreach ($mask['edit'] as $field => $info) {
119 if ($info['required'] === true && empty($_POST[$field]))
120 return array('error' => sprintf('Pflichtfeld %s nicht ausgefüllt', $info['name']),
121 'errormsg' => 'Pflichtfelder nicht ausgefüllt');
123 if ($info['type'] == 'boolean') {
125 $values[] = $_POST[$field] == 'on'?1:0;
126 } elseif ($info['type'] == 'number' || $info['type'] == 'select') {
128 if (empty($_POST[$field]) && $info['null'] === true)
131 $values[] = intval($_POST[$field]);
132 } elseif ($info['type'] == 'decimal') {
134 if (empty($_POST[$field]) && $info['null'] === true)
137 $values[] = format_decimal($_POST[$field]);
138 } elseif ($info['type'] == 'passwd') {
139 if (!empty($_POST[$field])) {
141 $values[] = sprintf("'%s'", pg_escape_string(passwd($_SESSION['sys']['login'],$_POST[$field])));
145 if (empty($_POST[$field]) && $info['null'] === true)
148 $values[] = sprintf("'%s'", pg_escape_string($_POST[$field]));
152 $sql = 'INSERT INTO ' . $mask['table'] . ' (' . implode(',', $fields) . ') ';
153 $sql .= 'VALUES (' . implode(',', $values) . ')';
155 $sth = pg_query($sql);
157 if ($sth === false) {
158 error_log($sql . ': ' . pg_last_error());
159 return array('error' => pg_last_error(),
163 return array('status' => true);
166 function delete_or_copy($mask)
168 if (empty($_POST['id']))
169 return array('error' => 'Missing ID');
171 if (DELETE_COPY === true) {
172 $sql = sprintf("INSERT INTO %s_deleted SELECT * FROM %s WHERE id = %d",
173 $mask['table'], $mask['table'], $_POST['id']);
175 $sth = pg_query($sql);
177 if ($sth === false) {
178 error_log($sql . ': ' . pg_last_error());
179 return array('error' => pg_last_error(),
183 $sql = sprintf("UPDATE %s_deleted SET sys_user='%s',sys_edit=now() WHERE id = %d",
184 $mask['table'], $_SESSION['sys']['login'], $_POST['id']);
186 $sth = pg_query($sql);
188 if ($sth === false) {
189 error_log($sql . ': ' . pg_last_error());
190 return array('error' => pg_last_error(),
195 $sql = sprintf("DELETE FROM %s WHERE id = %d", $mask['table'], $_POST['id']);
197 $sth = pg_query($sql);
199 if ($sth === false) {
200 error_log($sql . ': ' . pg_last_error());
201 return array('error' => pg_last_error(),
205 return array('status' => true);
208 function set_variable($name,$mask)
210 if (!array_key_exists('variables',$mask))
211 return array('error' => 'Unknown variable ' . htmlspecialchars($_POST['name']));
213 if (!array_key_exists($_POST['name'],$mask['variables']))
214 return array('error' => 'Unknown variable ' . htmlspecialchars($_POST['name']));
216 $_SESSION[$name . '.' . $_POST['name']] = $_POST['value'];
218 if (array_key_exists('postcall',$mask['variables'][$_POST['name']]))
219 $mask['variables'][$_POST['name']]['postcall']();
221 return array('status' => true);
224 function format_ajax($data)
226 header('Content-type: application/json; charset=UTF-8');
227 echo json_encode($data);
231 if (empty($_POST['func']))
234 if (empty($_POST['source']))
238 if (load_mask($_POST['source']) === false) exit;
240 $data = array('error' => 'Unknown function');
242 if ($_POST['func'] == 'fetch') {
243 $data = fetch($mask);
244 } elseif ($_POST['func'] == 'details') {
245 $data = details($mask);
246 } elseif ($_POST['func'] == 'save') {
248 } elseif ($_POST['func'] == 'insert') {
249 $data = insert($mask);
250 } elseif ($_POST['func'] == 'delete') {
251 $data = delete_or_copy($mask);
252 } elseif ($_POST['func'] == 'setvar') {
253 $data = set_variable($_POST['source'],$mask);