return false, also when delete cannot be executed

[misc/kostenrechnung] / ajax / ajax.php

diff --git a/ajax/ajax.php b/ajax/ajax.php
index 213160a..5b52733 100644 (file)
--- a/ajax/ajax.php
+++ b/ajax/ajax.php
@@ -83,6 +83,9 @@ function format_decimal($value)
 
 function save($mask)
 {
+  if (array_key_exists('save', $mask))
+    return $mask['save']($mask);
+
   if (empty($_POST['id']))
     return array('error' => 'Missing ID');
 
@@ -90,7 +93,7 @@ function save($mask)
                  "sys_edit = now()");
 
   foreach ($mask['edit'] as $field => $info) {
-    if ($info['required'] === true && empty($_POST[$field]))
+    if ($info['required'] === true && !strlen($_POST[$field]))
       return array('error' => sprintf('Pflichtfeld %s nicht ausgefüllt', $info['name']),
                   'errormsg' => 'Pflichtfelder nicht ausgefüllt');
 
@@ -137,11 +140,14 @@ function save($mask)
 
 function insert($mask)
 {
+  if (array_key_exists('insert', $mask))
+    return $mask['insert']($mask);
+
   $fields = array('sys_user','sys_edit');
   $values = array("'".pg_escape_string($_SESSION['sys']['login'])."'", 'now()');
 
   foreach ($mask['edit'] as $field => $info) {
-    if ($info['required'] === true && empty($_POST[$field]))
+    if ($info['required'] === true && !strlen($_POST[$field]))
       return array('error' => sprintf('Pflichtfeld %s nicht ausgefüllt', $info['name']),
                   'errormsg' => 'Pflichtfelder nicht ausgefüllt');
 
@@ -163,7 +169,8 @@ function insert($mask)
     } elseif ($info['type'] == 'passwd') {
       if (!empty($_POST[$field])) {
        $fields[] = $field;
-       $values[] = sprintf("'%s'", pg_escape_string(passwd($_SESSION['sys']['login'],$_POST[$field])));
+       $values[] = sprintf("'%s'", pg_escape_string(passwd(empty($_POST['login'])?$_SESSION['sys']['login']:$_POST['login'],
+                                                           $_POST[$field])));
       }
     } else {
       $fields[] = $field;
@@ -190,17 +197,11 @@ function insert($mask)
   return array('status' => true);
 }
 
-function delete_or_copy($mask)
+function delete_or_copy_row($table,$id)
 {
-  if (empty($_POST['id']))
-    return array('error' => 'Missing ID');
-
-  if (!empty($mask['edit_table']))
-    return array('error' => 'Cannot handle deletion for secondary table');
-
   if (DELETE_COPY === true) {
     $sql = sprintf("INSERT INTO %s_deleted SELECT * FROM %s WHERE id = %d",
-                  $mask['table'], $mask['table'], $_POST['id']);
+                  $table, $table, $id);
 
     $sth = pg_query($sql);
 
@@ -211,7 +212,7 @@ function delete_or_copy($mask)
     }
 
     $sql = sprintf("UPDATE %s_deleted SET sys_user='%s',sys_edit=now() WHERE id = %d",
-                  $mask['table'], $_SESSION['sys']['login'], $_POST['id']);
+                  $table, $_SESSION['sys']['login'], $id);
 
     $sth = pg_query($sql);
 
@@ -222,7 +223,7 @@ function delete_or_copy($mask)
     }
   }
 
-  $sql = sprintf("DELETE FROM %s WHERE id = %d", $mask['table'], $_POST['id']);
+  $sql = sprintf("DELETE FROM %s WHERE id = %d", $table, $_POST['id']);
 
   $sth = pg_query($sql);
 
@@ -235,6 +236,20 @@ function delete_or_copy($mask)
   return array('status' => true);
 }
 
+function delete_or_copy($mask)
+{
+  if (empty($_POST['id']))
+    return array('error' => 'Missing ID');
+
+  if (array_key_exists('delete', $mask))
+    return $mask['delete']($mask);
+
+  if (!empty($mask['edit_table']))
+    return array('error' => 'Cannot handle deletion for secondary table');
+
+  return delete_or_copy_row($mask['table'],$_POST['id']);
+}
+
 function set_variable($name,$mask)
 {
   if (!array_key_exists('variables',$mask))
@@ -267,7 +282,8 @@ function get_infos($mask)
   while (preg_match('/\{([^\}]*)\}/', $sql, $matches))
     $sql = str_replace('{'.$matches[1].'}', $_POST[$matches[1]], $sql);
 
-  return array('info' => query_db($sql));
+  return array('info' => query_db($sql),
+              'parameter' => $_POST);
 }
 
 if (empty($_POST['func']))