Context Navigation

tabledefs_groupings.php

Revision 727, 5.5 KB (checked in by brieb, 2 years ago)
Added more rights look ups to certain pages Fixed several path disclosure errors

Line
1	<?php
2	/*
3	$Rev: 267 $ \| $LastChangedBy: brieb $
4	$LastChangedDate: 2007-08-14 13:08:27 -0600 (Tue, 14 Aug 2007) $
5	+-------------------------------------------------------------------------+
6	\| Copyright (c) 2004 - 2010, Kreotek LLC \|
7	\| All rights reserved. \|
8	+-------------------------------------------------------------------------+
9	\| \|
10	\| Redistribution and use in source and binary forms, with or without \|
11	\| modification, are permitted provided that the following conditions are \|
12	\| met: \|
13	\| \|
14	\| - Redistributions of source code must retain the above copyright \|
15	\| notice, this list of conditions and the following disclaimer. \|
16	\| \|
17	\| - Redistributions in binary form must reproduce the above copyright \|
18	\| notice, this list of conditions and the following disclaimer in the \|
19	\| documentation and/or other materials provided with the distribution. \|
20	\| \|
21	\| - Neither the name of Kreotek LLC nor the names of its contributore may \|
22	\| be used to endorse or promote products derived from this software \|
23	\| without specific prior written permission. \|
24	\| \|
25	\| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \|
26	\| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT \|
27	\| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A \|
28	\| PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT \|
29	\| OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, \|
30	\| SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT \|
31	\| LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, \|
32	\| DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY \|
33	\| THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT \|
34	\| (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE \|
35	\| OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \|
36	\| \|
37	+-------------------------------------------------------------------------+
38	*/
39
40	include("../../include/session.php");
41	include("include/fields.php");
42
43	include("include/tablegroupings.php");
44
45	if(!hasRights("Admin"))
46	goURL(APP_PATH."noaccess.php");
47
48	if(!isset($_GET["id"]))
49	$error = new appError(-200, "Passed parameter missing", "Invalid request", true);
50
51	//grab the table name
52	$querystatement = "SELECT displayname FROM tabledefs WHERE id=".((int) $_GET["id"]);
53	$queryresult = $db->query($querystatement);
54	$tableRecord = $db->fetchArray($queryresult);
55	$pageTitle="Table Definition Groupings: ".$tableRecord["displayname"];
56
57	$groupings = new groupings($db,$_GET["id"]);
58
59	$thecommand="";
60	if (isset($_GET["command"])) $thecommand=$_GET["command"];
61	if (isset($_POST["command"])) $thecommand=$_POST["command"];
62
63	$therecord = $groupings->processForm($thecommand,$_POST,$_GET);
64	$allRecords = $groupings->getRecords();
65
66	$action = $therecord["action"];
67
68	if(isset($therecord["statusMessage"]))
69	$statusmessage = $therecord["statusMessage"];
70
71	$phpbms->cssIncludes[] = "pages/tablecolumns.css";
72
73	//Form Elements
74	//==============================================================
75	$theform = new phpbmsForm();
76
77	$theinput = new inputTextarea("field",$therecord["field"], "SQL field" ,true, 3,80);
78	$theinput->setAttribute("class","important");
79	$theform->addField($theinput);
80
81	$theinput = new inputField("name",$therecord["name"],NULL,false,NULL,32,64);
82	$theform->addField($theinput);
83
84	$theinput = new inputCheckbox("ascending",$therecord["ascending"]);
85	$theform->addField($theinput);
86
87	$theinput = new inputRolesList($db,"roleid",$therecord["roleid"],"access (role)");
88	$theform->addField($theinput);
89
90	$theform->jsMerge();
91	//==============================================================
92	//End Form Elements
93
94	include("header.php");
95
96	$phpbms->showTabs("tabledefs entry","tab:c111eaf5-692b-9c7d-1d46-1bacb6703361",$_GET["id"])?><div class="bodyline">
97	<h1><span><?php echo $pageTitle?></span></h1>
98
99	<?php $groupings->showRecords($allRecords) ?>
100
101	<form action="<?php echo htmlentities($_SERVER["PHP_SELF"])."?id=".$_GET["id"] ?>" method="post" name="record" onsubmit="return validateForm(this);">
102	<fieldset>
103	<legend><?php echo $action?></legend>
104	<input id="id" name="id" type="hidden" value="<?php echo $therecord["id"]?>" />
105
106	<p>
107	<?php $theform->showField("field")?><br />
108	<span class="notes">This can be a simple SQL field name (e.g notes.title) or a complex SQL field clause (e.g. concat(clients.firstname," ",clients.lastname)</span>
109	</p>
110
111	<p><?php $theform->showField("name")?></p>
112
113
114	<p><?php $theform->showField("roleid")?></p>
115
116	<p><?php $theform->showField("ascending")?></p>
117	</fieldset>
118	<p align="right">
119	<input name="command" id="save" type="submit" value="<?php echo $action?>" class="Buttons" />
120	<?php if($action == "edit record"){?>
121	<input name="command" id="cancel" type="submit" value="cancel edit" class="Buttons" />
122	<?php }?>
123	</p>
124	</form>
125
126	</div>
127	<?php include("footer.php")?>

Note: See TracBrowser for help on using the browser.

phpBMS

Context Navigation

root/trunk/phpbms/modules/base/tabledefs_groupings.php

Download in other formats: