Context Navigation

tabledefs_options.php

Revision 727, 7.9 KB (checked in by brieb, 2 years ago)
Added more rights look ups to certain pages Fixed several path disclosure errors
Property svn:keywords set to `LastChangedBy LastChangedDate LastChangedRevision`

Line
1	<?php
2	/*
3	$Rev$ \| $LastChangedBy$
4	$LastChangedDate$
5	+-------------------------------------------------------------------------+
6	\| Copyright (c) 2004 - 2010, Kreotek LLC \|
7	\| All rights reserved. \|
8	+-------------------------------------------------------------------------+
9	\| \|
10	\| Redistribution and use in source and binary forms, with or without \|
11	\| modification, are permitted provided that the following conditions are \|
12	\| met: \|
13	\| \|
14	\| - Redistributions of source code must retain the above copyright \|
15	\| notice, this list of conditions and the following disclaimer. \|
16	\| \|
17	\| - Redistributions in binary form must reproduce the above copyright \|
18	\| notice, this list of conditions and the following disclaimer in the \|
19	\| documentation and/or other materials provided with the distribution. \|
20	\| \|
21	\| - Neither the name of Kreotek LLC nor the names of its contributore may \|
22	\| be used to endorse or promote products derived from this software \|
23	\| without specific prior written permission. \|
24	\| \|
25	\| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \|
26	\| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT \|
27	\| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A \|
28	\| PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT \|
29	\| OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, \|
30	\| SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT \|
31	\| LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, \|
32	\| DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY \|
33	\| THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT \|
34	\| (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE \|
35	\| OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \|
36	\| \|
37	+-------------------------------------------------------------------------+
38	*/
39
40	include("../../include/session.php");
41	include("include/fields.php");
42	include("modules/base/include/tabledefs_options_include.php");
43
44	if(!isset($_GET["id"]))
45	$error = new appError(100, "Passed Parameter not present.");
46
47	if(!hasRights("Admin"))
48	goURL(APP_PATH."noaccess.php");
49
50	$options = new tableOptions($db, $_GET["id"]);
51
52	$pageTitle = "Table Definition Options: ".$options->tablename;
53
54	if(isset($_POST["command"]))
55	$therecord = $options->processForm(addSlashesToArray($_POST));
56	else
57	$therecord = $options->getDefaults();
58
59	if(isset($therecord["statusmessage"]))
60	$statusmessage = $therecord["statusmessage"];
61
62	$queryresult = $options->get();
63
64	$phpbms->cssIncludes[] = "pages/tableoptions.css";
65	$phpbms->jsIncludes[] = "modules/base/javascript/tableoptions.js";
66
67	//Form Elements
68	//==============================================================
69	$theform = new phpbmsForm();
70
71	$temparray = array(
72	"Integrated Feature" => 0,
73	"Additional Commands" => 1,
74	);
75
76
77	if(moduleExists("mod:b2d42220-443b-fe74-dbdb-ed2c0968c38c", $phpbms->modules)){
78	$temparray["Api Commands"] = 2;
79
80	$theinput = new inputDataTableList($db, "pushrecordid", $therecord["pushrecordid"], "pushrecords", "pushrecords.uuid",
81	"pushrecords.name", "pushrecords.originuuid = '".$options->tabledefuuid."'",
82	"pushrecords.name ASC", true, "Push Record Commands");
83	$theform->addField($theinput);
84	}
85
86	$theinput = new inputBasicList("type", $therecord["type"], $temparray);
87	$theform->addField($theinput);
88
89	$temparray = array(
90	"new" => "new",
91	"edit" => "edit",
92	"select" => "select",
93	"reporting" => "printex",
94	"import" => "import"
95	);
96	$theinput = new inputBasicList("ifName", $therecord["name"], $temparray, "name");
97	$theform->addField($theinput);
98
99	$theinput = new inputCheckBox("ifOption", $therecord["option"], "allowed");
100	$theform->addField($theinput);
101
102	$theinput = new inputField("acName", $therecord["name"],"php method", false, NULL, 64, 64);
103	$theform->addField($theinput);
104
105	$theinput = new inputField("acOption", $therecord["option"], "display name", false, NULL, 64, 64);
106	$theform->addField($theinput);
107
108	$theinput = new inputCheckBox("needselect", $therecord["needselect"], "must select record to use");
109	$theform->addField($theinput);
110
111	$theinput = new inputRolesList($db, "roleid", $therecord["roleid"], "access (role)");
112	$theform->addField($theinput);
113
114	$theinput = new inputField("displayorder", $therecord["displayorder"], "display order", "integer", NULL, 4, 5);
115	$theform->addField($theinput);
116
117	$theform->jsMerge();
118	//==============================================================
119	//End Form Elements
120
121	include("header.php");
122
123	$phpbms->showTabs("tabledefs entry","tab:c5bdaf10-062c-fb3a-f40f-ddce821fd579",$_GET["id"])?>
124	<div class="bodyline">
125
126	<h1 id="topTitle"><span><?php echo $pageTitle?></span></h1>
127
128	<div class="fauxP">
129
130	<?php $options->showRecords($queryresult)?>
131
132	</div>
133
134	<?php
135	if($therecord["id"]){
136
137	$title = "Edit Option";
138	$command = "update";
139
140	} else {
141
142	$title = "Add New Option";
143	$command = "add";
144
145	}
146	?>
147
148	<form action="<?php echo htmlentities($_SERVER["PHP_SELF"])."?id=".$_GET["id"] ?>" method="post" id="record" name="record">
149
150	<fieldset>
151	<legend><?php echo $title?></legend>
152
153	<input type="hidden" id="command" name="command" value="<?php echo $command?>"/>
154	<input id="id" name="id" type="hidden" value="<?php echo $therecord["id"]?>" />
155
156	<p><?php $theform->showField("type")?></p>
157
158	<div id="ifDiv">
159
160	<p class="notes">
161	Integrated features allow you to set and access to
162	main buttons on the table definitions search screen.
163	</p>
164
165	<p><?php $theform->showField("ifName")?></p>
166
167	<p><?php $theform->showField("ifOption")?></p>
168
169	</div>
170
171	<div id="acDiv">
172
173	<div id="acNote">
174	<p class="notes">
175	Additional command allows you to add items to the
176	other commands drop down on the search screen.
177	The PHP method name should reference a function
178	in the tables extended searchFunctions class
179	in the [tablename].php located in the modules
180	include folder.
181	</p>
182	<p><?php $theform->showField("acName") ?></p>
183	</div>
184	<?php if(moduleExists("mod:b2d42220-443b-fe74-dbdb-ed2c0968c38c", $phpbms->modules)){ ?>
185	<div id="apiNote">
186	<p class="notes">
187	API stuff.
188	</p>
189	<p><?php $theform->showfield("pushrecordid"); ?></p>
190	</div>
191	<?php }//end if ?>
192
193	<p><?php $theform->showField("acOption") ?></p>
194
195	<p><?php $theform->showField("needselect") ?></p>
196
197	<p><?php $theform->showField("displayorder")?></p>
198
199	<p class="notes">Lower numbered display orders are displayed first, and grouped by display order.</p>
200
201	</div>
202
203	<p><?php $theform->showField("roleid")?></p>
204
205	</fieldset>
206
207	<p align="right">
208	<button id="save" type="button" class="Buttons">save</button>
209	<?php
210	if($therecord["id"]){
211	?><button id="cancel" type="button" class="Buttons">cancel edit</button><?php
212	}//end if
213	?>
214	</p>
215
216	</form>
217	</div>
218	<?php include("footer.php"); ?>

Note: See TracBrowser for help on using the browser.

phpBMS

Context Navigation

root/trunk/phpbms/modules/base/tabledefs_options.php

Download in other formats: