3 require_once('../init.php');
7 $fields = array("to_char(sys_edit,'DD.MM.YYYY HH24:mm') AS sys_edit", 'sys_user');
8 foreach ($mask['edit'] as $field => $info)
9 if ($info['type'] == 'date')
10 $fields[] = sprintf("to_char(%s,'DD.MM.YYYY') AS %s", $field, $field);
11 elseif ($info['type'] != 'passwd')
14 $sql = sprintf('SELECT id,%s FROM %s WHERE id = %d',
15 implode(',', $fields),
16 $mask['table'], $_POST['id']);
18 $sth = pg_query($sql);
19 if ($sth === false) return false;
21 $row = pg_fetch_assoc($sth);
23 foreach ($mask['edit'] as $field => $info)
24 if ($info['type'] == 'boolean')
25 $row[$field] = $row[$field]?true:false;
26 elseif ($info['type'] == 'passwd')
28 elseif (array_key_exists('format', $info))
29 $row[$field] = sprintf($info['format'], $row[$field]);
34 function details($mask)
36 if (empty($_POST['id']))
37 return array('error' => 'Missing ID');
39 $sql = sprintf('SELECT id,%s FROM %s WHERE id = %d',
40 implode(',', array_keys($mask['details']['list'])),
41 $mask['table'], $_POST['id']);
43 $sth = pg_query($sql);
46 return array('error' => pg_last_error(),
49 $row = pg_fetch_assoc($sth);
51 foreach ($mask['details']['list'] as $field => $info)
52 if (array_key_exists('format', $info))
53 $row[$field] = sprintf($info['format'], $row[$field]);
58 function format_decimal($value)
60 $value = str_replace(',','.',$value);
61 return sprintf("%.2f", $value);
66 if (empty($_POST['id']))
67 return array('error' => 'Missing ID');
69 $update = array(sprintf("sys_user = '%s'", pg_escape_string($_SESSION['sys']['login'])),
72 foreach ($mask['edit'] as $field => $info) {
73 if ($info['required'] === true && empty($_POST[$field]))
74 return array('error' => sprintf('Pflichtfeld %s nicht ausgefüllt', $info['name']),
75 'errormsg' => 'Pflichtfelder nicht ausgefüllt');
77 if ($info['type'] == 'boolean') {
78 $update[] = sprintf("%s=%d", $field, $_POST[$field] == 'on'?1:0);
79 } elseif ($info['type'] == 'number' || ($info['type'] == 'select' && $info['options_string'] !== true)) {
80 if (empty($_POST[$field]) && $info['null'] === true)
81 $update[] = sprintf("%s=NULL", $field);
83 $update[] = sprintf("%s=%d", $field, $_POST[$field]);
84 } elseif ($info['type'] == 'decimal') {
85 if (empty($_POST[$field]) && $info['null'] === true)
86 $update[] = sprintf("%s=NULL", $field);
88 $update[] = sprintf("%s=%s", $field, format_decimal($_POST[$field]));
89 } elseif ($info['type'] == 'passwd') {
90 if (!empty($_POST[$field]))
91 $update[] = sprintf("%s='%s'", $field, pg_escape_string(passwd($_SESSION['sys']['login'],$_POST[$field])));
93 if (empty($_POST[$field]) && $info['null'] === true)
94 $update[] = sprintf("%s=NULL", $field);
96 $update[] = sprintf("%s='%s'", $field, pg_escape_string($_POST[$field]));
100 $sql = 'UPDATE ' . $mask['table'] . ' SET ';
101 $sql .= implode(', ', $update);
102 $sql .= ' WHERE id = ' . intval($_POST['id']);
104 $sth = pg_query($sql);
106 if ($sth === false) {
107 error_log($sql . ': ' . pg_last_error());
108 return array('error' => pg_last_error(),
112 return array('status' => true);
115 function insert($mask)
117 $fields = array('sys_user','sys_edit');
118 $values = array("'".pg_escape_string($_SESSION['sys']['login'])."'", 'now()');
120 foreach ($mask['edit'] as $field => $info) {
121 if ($info['required'] === true && empty($_POST[$field]))
122 return array('error' => sprintf('Pflichtfeld %s nicht ausgefüllt', $info['name']),
123 'errormsg' => 'Pflichtfelder nicht ausgefüllt');
125 if ($info['type'] == 'boolean') {
127 $values[] = $_POST[$field] == 'on'?1:0;
128 } elseif ($info['type'] == 'number' || ($info['type'] == 'select' && $info['options_string'] !== true)) {
130 if (empty($_POST[$field]) && $info['null'] === true)
133 $values[] = intval($_POST[$field]);
134 } elseif ($info['type'] == 'decimal') {
136 if (empty($_POST[$field]) && $info['null'] === true)
139 $values[] = format_decimal($_POST[$field]);
140 } elseif ($info['type'] == 'passwd') {
141 if (!empty($_POST[$field])) {
143 $values[] = sprintf("'%s'", pg_escape_string(passwd($_SESSION['sys']['login'],$_POST[$field])));
147 if (empty($_POST[$field]) && $info['null'] === true)
150 $values[] = sprintf("'%s'", pg_escape_string($_POST[$field]));
154 $sql = 'INSERT INTO ' . $mask['table'] . ' (' . implode(',', $fields) . ') ';
155 $sql .= 'VALUES (' . implode(',', $values) . ')';
157 $sth = pg_query($sql);
159 if ($sth === false) {
160 error_log($sql . ': ' . pg_last_error());
161 return array('error' => pg_last_error(),
165 return array('status' => true);
168 function delete_or_copy($mask)
170 if (empty($_POST['id']))
171 return array('error' => 'Missing ID');
173 if (DELETE_COPY === true) {
174 $sql = sprintf("INSERT INTO %s_deleted SELECT * FROM %s WHERE id = %d",
175 $mask['table'], $mask['table'], $_POST['id']);
177 $sth = pg_query($sql);
179 if ($sth === false) {
180 error_log($sql . ': ' . pg_last_error());
181 return array('error' => pg_last_error(),
185 $sql = sprintf("UPDATE %s_deleted SET sys_user='%s',sys_edit=now() WHERE id = %d",
186 $mask['table'], $_SESSION['sys']['login'], $_POST['id']);
188 $sth = pg_query($sql);
190 if ($sth === false) {
191 error_log($sql . ': ' . pg_last_error());
192 return array('error' => pg_last_error(),
197 $sql = sprintf("DELETE FROM %s WHERE id = %d", $mask['table'], $_POST['id']);
199 $sth = pg_query($sql);
201 if ($sth === false) {
202 error_log($sql . ': ' . pg_last_error());
203 return array('error' => pg_last_error(),
207 return array('status' => true);
210 function set_variable($name,$mask)
212 if (!array_key_exists('variables',$mask))
213 return array('error' => 'Unknown variable ' . htmlspecialchars($_POST['name']));
215 if (!in_array($_POST['name'],$mask['variables']))
216 return array('error' => 'Unknown variable ' . htmlspecialchars($_POST['name']));
218 $_SESSION[$name . '.' . $_POST['name']] = $_POST['value'];
220 if (array_key_exists('postcall',$mask['variables'][$_POST['name']]))
221 $mask['variables'][$_POST['name']]['postcall']();
223 return array('status' => true);
226 function format_ajax($data)
228 header('Content-type: application/json; charset=UTF-8');
229 echo json_encode($data);
233 if (empty($_POST['func']))
236 if (empty($_POST['source']))
240 if (load_mask($_POST['source']) === false) exit;
242 $data = array('error' => 'Unknown function');
244 if ($_POST['func'] == 'fetch') {
245 $data = fetch($mask);
246 } elseif ($_POST['func'] == 'details') {
247 $data = details($mask);
248 } elseif ($_POST['func'] == 'save') {
250 } elseif ($_POST['func'] == 'insert') {
251 $data = insert($mask);
252 } elseif ($_POST['func'] == 'delete') {
253 $data = delete_or_copy($mask);
254 } elseif ($_POST['func'] == 'setvar') {
255 $data = set_variable($_POST['source'],$mask);