function fetch($mask)
{
+ $fields = array("to_char(sys_edit,'DD.MM.YYYY HH24:mm') AS sys_edit", 'sys_user');
+ foreach ($mask['edit'] as $field => $info)
+ if ($info['type'] == 'date')
+ $fields[] = sprintf("to_char(%s,'DD.MM.YYYY') AS %s", $field, $field);
+ elseif ($info['type'] != 'passwd')
+ $fields[] = $field;
+
$sql = sprintf('SELECT id,%s FROM %s WHERE id = %d',
- implode(',', array_keys($mask['edit'])),
+ implode(',', $fields),
$mask['table'], $_POST['id']);
$sth = pg_query($sql);
foreach ($mask['edit'] as $field => $info)
if ($info['type'] == 'boolean')
$row[$field] = $row[$field]?true:false;
+ elseif ($info['type'] == 'passwd')
+ $row[$field] = '';
elseif (array_key_exists('format', $info))
$row[$field] = sprintf($info['format'], $row[$field]);
return $row;
}
+function format_decimal($value)
+{
+ $value = str_replace(',','.',$value);
+ return sprintf("%.2f", $value);
+}
+
function save($mask)
{
if (empty($_POST['id']))
$update = array(sprintf("sys_user = '%s'", pg_escape_string($_SESSION['sys']['login'])),
"sys_edit = now()");
- foreach ($mask['edit'] as $field => $info)
+ foreach ($mask['edit'] as $field => $info) {
+ if ($info['required'] === true && empty($_POST[$field]))
+ return array('error' => sprintf('Pflichtfeld %s nicht ausgefüllt', $info['name']),
+ 'errormsg' => 'Pflichtfelder nicht ausgefüllt');
+
if ($info['type'] == 'boolean') {
$update[] = sprintf("%s=%d", $field, $_POST[$field] == 'on'?1:0);
- } elseif ($info['type'] == 'number') {
- $update[] = sprintf("%s=%d", $field, $_POST[$field]);
+ } elseif ($info['type'] == 'number' || ($info['type'] == 'select' && $info['options_string'] !== true)) {
+ if (empty($_POST[$field]) && $info['null'] === true)
+ $update[] = sprintf("%s=NULL", $field);
+ else
+ $update[] = sprintf("%s=%d", $field, $_POST[$field]);
+ } elseif ($info['type'] == 'decimal') {
+ if (empty($_POST[$field]) && $info['null'] === true)
+ $update[] = sprintf("%s=NULL", $field);
+ else
+ $update[] = sprintf("%s=%s", $field, format_decimal($_POST[$field]));
+ } elseif ($info['type'] == 'passwd') {
+ if (!empty($_POST[$field]))
+ $update[] = sprintf("%s='%s'", $field, pg_escape_string(passwd($_SESSION['sys']['login'],$_POST[$field])));
} else {
- $update[] = sprintf("%s='%s'", $field, pg_escape_string($_POST[$field]));
+ if (empty($_POST[$field]) && $info['null'] === true)
+ $update[] = sprintf("%s=NULL", $field);
+ else
+ $update[] = sprintf("%s='%s'", $field, pg_escape_string($_POST[$field]));
}
+ }
$sql = 'UPDATE ' . $mask['table'] . ' SET ';
$sql .= implode(', ', $update);
$fields = array('sys_user','sys_edit');
$values = array("'".pg_escape_string($_SESSION['sys']['login'])."'", 'now()');
- foreach ($mask['edit'] as $field => $info)
+ foreach ($mask['edit'] as $field => $info) {
+ if ($info['required'] === true && empty($_POST[$field]))
+ return array('error' => sprintf('Pflichtfeld %s nicht ausgefüllt', $info['name']),
+ 'errormsg' => 'Pflichtfelder nicht ausgefüllt');
+
if ($info['type'] == 'boolean') {
$fields[] = $field;
$values[] = $_POST[$field] == 'on'?1:0;
- } elseif ($info['type'] == 'number') {
+ } elseif ($info['type'] == 'number' || ($info['type'] == 'select' && $info['options_string'] !== true)) {
$fields[] = $field;
- $values[] = intval($_POST[$field]);
+ if (empty($_POST[$field]) && $info['null'] === true)
+ $values[] = 'NULL';
+ else
+ $values[] = intval($_POST[$field]);
+ } elseif ($info['type'] == 'decimal') {
+ $fields[] = $field;
+ if (empty($_POST[$field]) && $info['null'] === true)
+ $values[] = 'NULL';
+ else
+ $values[] = format_decimal($_POST[$field]);
+ } elseif ($info['type'] == 'passwd') {
+ if (!empty($_POST[$field])) {
+ $fields[] = $field;
+ $values[] = sprintf("'%s'", pg_escape_string(passwd($_SESSION['sys']['login'],$_POST[$field])));
+ }
} else {
$fields[] = $field;
- $values[] = sprintf("'%s'", pg_escape_string($_POST[$field]));
+ if (empty($_POST[$field]) && $info['null'] === true)
+ $values[] = 'NULL';
+ else
+ $values[] = sprintf("'%s'", pg_escape_string($_POST[$field]));
}
+ }
$sql = 'INSERT INTO ' . $mask['table'] . ' (' . implode(',', $fields) . ') ';
$sql .= 'VALUES (' . implode(',', $values) . ')';
return array('status' => true);
}
+function set_variable($name,$mask)
+{
+ if (!array_key_exists('variables',$mask))
+ return array('error' => 'Unknown variable ' . htmlspecialchars($_POST['name']));
+
+ if (!array_key_exists($_POST['name'],$mask['variables']))
+ return array('error' => 'Unknown variable ' . htmlspecialchars($_POST['name']));
+
+ $_SESSION[$name . '.' . $_POST['name']] = $_POST['value'];
+
+ if (array_key_exists('postcall',$mask['variables'][$_POST['name']]))
+ $mask['variables'][$_POST['name']]['postcall']();
+
+ return array('status' => true);
+}
+
function format_ajax($data)
{
header('Content-type: application/json; charset=UTF-8');
$data = insert($mask);
} elseif ($_POST['func'] == 'delete') {
$data = delete_or_copy($mask);
+} elseif ($_POST['func'] == 'setvar') {
+ $data = set_variable($_POST['source'],$mask);
}
format_ajax($data);