+function save($mask)
+{
+ if (empty($_POST['id']))
+ return array('error' => 'Missing ID');
+
+ $update = array(sprintf("sys_user = '%s'", pg_escape_string($_SESSION['sys']['login'])),
+ "sys_edit = now()");
+
+ foreach ($mask['edit'] as $field => $info)
+ if ($info['type'] == 'boolean') {
+ $update[] = sprintf("%s=%d", $field, $_POST[$field] == 'on'?1:0);
+ } elseif ($info['type'] == 'number') {
+ $update[] = sprintf("%s=%d", $field, $_POST[$field]);
+ } else {
+ $update[] = sprintf("%s='%s'", $field, pg_escape_string($_POST[$field]));
+ }
+
+ $sql = 'UPDATE ' . $mask['table'] . ' SET ';
+ $sql .= implode(', ', $update);
+ $sql .= ' WHERE id = ' . intval($_POST['id']);
+
+ $sth = pg_query($sql);
+
+ if ($sth === false) {
+ error_log($sql . ': ' . pg_last_error());
+ return array('error' => pg_last_error(),
+ 'sql' => $sql);
+ }
+
+ return array('status' => true);
+}
+
+function insert($mask)
+{
+ $fields = array('sys_user','sys_edit');
+ $values = array("'".pg_escape_string($_SESSION['sys']['login'])."'", 'now()');
+
+ foreach ($mask['edit'] as $field => $info)
+ if ($info['type'] == 'boolean') {
+ $fields[] = $field;
+ $values[] = $_POST[$field] == 'on'?1:0;
+ } elseif ($info['type'] == 'number') {
+ $fields[] = $field;
+ $values[] = intval($_POST[$field]);
+ } else {
+ $fields[] = $field;
+ $values[] = sprintf("'%s'", pg_escape_string($_POST[$field]));
+ }
+
+ $sql = 'INSERT INTO ' . $mask['table'] . ' (' . implode(',', $fields) . ') ';
+ $sql .= 'VALUES (' . implode(',', $values) . ')';
+
+ $sth = pg_query($sql);
+
+ if ($sth === false) {
+ error_log($sql . ': ' . pg_last_error());
+ return array('error' => pg_last_error(),
+ 'sql' => $sql);
+ }
+
+ return array('status' => true);
+}
+
+function delete_or_copy($mask)
+{
+ if (empty($_POST['id']))
+ return array('error' => 'Missing ID');
+
+ if (DELETE_COPY === true) {
+ $sql = sprintf("INSERT INTO %s_deleted SELECT * FROM %s WHERE id = %d",
+ $mask['table'], $mask['table'], $_POST['id']);
+
+ $sth = pg_query($sql);
+
+ if ($sth === false) {
+ error_log($sql . ': ' . pg_last_error());
+ return array('error' => pg_last_error(),
+ 'sql' => $sql);
+ }
+
+ $sql = sprintf("UPDATE %s_deleted SET sys_user='%s',sys_edit=now() WHERE id = %d",
+ $mask['table'], $_SESSION['sys']['login'], $_POST['id']);
+
+ $sth = pg_query($sql);
+
+ if ($sth === false) {
+ error_log($sql . ': ' . pg_last_error());
+ return array('error' => pg_last_error(),
+ 'sql' => $sql);
+ }
+ }
+
+ $sql = sprintf("DELETE FROM %s WHERE id = %d", $mask['table'], $_POST['id']);
+
+ $sth = pg_query($sql);
+
+ if ($sth === false) {
+ error_log($sql . ': ' . pg_last_error());
+ return array('error' => pg_last_error(),
+ 'sql' => $sql);
+ }
+
+ return array('status' => true);
+}
+