'No permission to access data')); } /* table connections */ if (substr($_SERVER["SCRIPT_FILENAME"],-25) == '/ricoUpdateConnection.php' && !empty($_GET['id']) && substr($_GET['id'],0,5) == 'grid_') { if (check_permissions(substr($_GET['id'],5))) return true; else format_ajax(array('error' => 'No permission to access data')); } /* ajax calls */ if (substr($_SERVER["SCRIPT_FILENAME"],-9) == '/ajax.php' && !empty($_POST['source'])) { if (check_permissions($_POST['source'])) return true; else format_ajax(array('error' => 'No permission to access data')); } return true; } function sanitise_filename($file) { return str_replace('./','x',$file); } function load_mask($name) { global $mask; global $jscode; $name = sanitise_filename($name); $file = $_SESSION['sys']['basedir'] . 'masks/' . $name . '.php'; if (!file_exists($file)) return false; include_once($file); return true; } function connect_db() { $dsn = sprintf('host=%s dbname=%s user=%s password=%s',DBHOST,DBNAME,DBUSER,DBPASS); pg_connect($dsn); } function query_db($sql) { $sth = pg_query($sql); if ($sth === false) return false; $result = array(); while ($row = pg_fetch_assoc($sth)) $result[] = $row; return $result; } function load_js($jsfiles, $jscode) { $ret = ''; foreach ($jsfiles as $file) $ret .= sprintf(''."\n", $file); if (!empty($jscode)) $ret .= sprintf('\n", implode("\n",$jscode)); return $ret; } function process() { if (!empty($_GET['login'])) { require_once('lib/login.php'); return mask_login(); } if (!empty($_GET['mask'])) { require_once('lib/mask.php'); return mask($_GET['mask']); } $ret = ''; $fname = $_SESSION['sys']['basedir'] . 'data/misc/start.html'; if (file_exists($fname)) return file_get_contents($fname); return $ret; } function debug_log($text) { global $debug_info; $debug_info .= '
' . $text; } function debug_info() { global $jsfiles; global $debug_info; if (DEBUG !== true) return ''; $jsfiles[] = 'lib/debug_joey.js'; $html = '

'; $html .= "\n

\n\$_SESSION = " . var_export($_SESSION,true) . "\n";
  $html .= "\n\$_COOKIE = " . var_export($_COOKIE,true) . "\n

\n"; $html .= $debug_info; $html .= '

'; return $html; } function grid_sql_join($mask) { $ret = ''; if (array_key_exists('join', $mask)) { foreach ($mask['join'] as $line) { if (strtolower(substr($line,0,4)) == 'left') $ret .= ' LEFT JOIN ' . substr($line,5); else $ret .= ' JOIN ' . $line; } } return $ret; } function grid_sql($name, $mask) { $fields = array(); foreach ($mask['list'] as $field => $data) { if (array_key_exists('sql', $data)) $fields[] = $data['sql'] . ' AS ' . $field; else $fields[] = $field; } $_SESSION['grid_' . $name] = sprintf("SELECT %s FROM %s", implode(',', $fields), $mask['table']); if (array_key_exists('join', $mask)) $_SESSION['grid_' . $name] .= grid_sql_join($mask); if (array_key_exists('where', $mask)) $_SESSION['grid_' . $name] .= ' WHERE ' . $mask['where']; } ?>