This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | //------------------------------------------------------------------------------ |
||
4 | // |
||
5 | // eTraxis - Records tracking web-based system |
||
6 | // Copyright (C) 2005-2011 Artem Rodygin |
||
7 | // |
||
8 | // This program is free software: you can redistribute it and/or modify |
||
9 | // it under the terms of the GNU General Public License as published by |
||
10 | // the Free Software Foundation, either version 3 of the License, or |
||
11 | // (at your option) any later version. |
||
12 | // |
||
13 | // This program is distributed in the hope that it will be useful, |
||
14 | // but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
15 | // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
16 | // GNU General Public License for more details. |
||
17 | // |
||
18 | // You should have received a copy of the GNU General Public License |
||
19 | // along with this program. If not, see <http://www.gnu.org/licenses/>. |
||
20 | // |
||
21 | //------------------------------------------------------------------------------ |
||
22 | |||
23 | /** |
||
24 | * @package eTraxis |
||
25 | * @ignore |
||
26 | */ |
||
27 | |||
28 | /**#@+ |
||
29 | * Dependency. |
||
30 | */ |
||
31 | require_once('../engine/engine.php'); |
||
32 | require_once('../dbo/accounts.php'); |
||
33 | require_once('../dbo/fields.php'); |
||
34 | require_once('../dbo/filters.php'); |
||
35 | /**#@-*/ |
||
36 | |||
37 | init_page(LOAD_INLINE); |
||
38 | |||
39 | $error = NO_ERROR; |
||
40 | $filter_name = NULL; |
||
41 | $unclosed = FALSE; |
||
42 | $postponed = 0; |
||
43 | |||
44 | // project has been selected |
||
45 | |||
46 | if (try_request('submitted') == 'projectform') |
||
47 | { |
||
48 | debug_write_log(DEBUG_NOTICE, 'Project is selected.'); |
||
49 | |||
50 | $project_id = ustr2int(try_request('project')); |
||
51 | $template_id = 0; |
||
52 | |||
53 | View Code Duplication | if ($project_id == 0) |
|
54 | { |
||
55 | $project_name = get_html_resource(RES_ALL_PROJECTS_ID); |
||
56 | $form = 'createform'; |
||
57 | } |
||
58 | else |
||
59 | { |
||
60 | $rs = dal_query('records/pfndid2.sql', $_SESSION[VAR_USERID], $project_id); |
||
61 | |||
62 | if ($rs->rows == 0) |
||
63 | { |
||
64 | debug_write_log(DEBUG_NOTICE, 'Project cannot be found.'); |
||
65 | exit; |
||
66 | } |
||
67 | |||
68 | $project_name = $rs->fetch('project_name'); |
||
69 | $form = 'templateform'; |
||
70 | } |
||
71 | } |
||
72 | |||
73 | // template has been selected |
||
74 | |||
75 | elseif (try_request('submitted') == 'templateform') |
||
76 | { |
||
77 | debug_write_log(DEBUG_NOTICE, 'Template is selected.'); |
||
78 | |||
79 | $project_id = ustr2int(try_request('project')); |
||
80 | $template_id = ustr2int(try_request('template')); |
||
81 | |||
82 | if ($template_id == 0) |
||
83 | { |
||
84 | $rs = dal_query('records/pfndid2.sql', $_SESSION[VAR_USERID], $project_id); |
||
85 | |||
86 | if ($rs->rows == 0) |
||
87 | { |
||
88 | debug_write_log(DEBUG_NOTICE, 'Project cannot be found.'); |
||
89 | exit; |
||
90 | } |
||
91 | |||
92 | $project_name = $rs->fetch('project_name'); |
||
93 | $template_name = get_html_resource(RES_ALL_TEMPLATES_ID); |
||
94 | $form = 'createform'; |
||
95 | } |
||
96 | View Code Duplication | else |
|
97 | { |
||
98 | $rs = dal_query('records/tfndid2.sql', $_SESSION[VAR_USERID], $project_id, $template_id); |
||
99 | |||
100 | if ($rs->rows == 0) |
||
101 | { |
||
102 | debug_write_log(DEBUG_NOTICE, 'Template cannot be found.'); |
||
103 | exit; |
||
104 | } |
||
105 | |||
106 | $row = $rs->fetch(); |
||
107 | |||
108 | $project_name = $row['project_name']; |
||
109 | $template_name = $row['template_name']; |
||
110 | $form = 'createform'; |
||
111 | } |
||
112 | } |
||
113 | |||
114 | // new filter has been submitted |
||
115 | |||
116 | elseif (try_request('submitted') == 'createform') |
||
117 | { |
||
118 | debug_write_log(DEBUG_NOTICE, 'Data are submitted.'); |
||
119 | |||
120 | $project_id = ustr2int(try_request('project')); |
||
121 | $template_id = ustr2int(try_request('template')); |
||
122 | $states = (isset($_REQUEST['states']) ? $_REQUEST['states'] : array()); |
||
123 | |||
124 | $filter_name = ustrcut($_REQUEST['filter_name'], MAX_FILTER_NAME); |
||
125 | $unclosed = isset($_REQUEST['unclosed']); |
||
126 | $postponed = ustr2int(try_request('postponed', 0)); |
||
127 | |||
128 | View Code Duplication | if (!in_array($postponed, array(0, FILTER_FLAG_POSTPONED, FILTER_FLAG_ACTIVE))) |
|
129 | { |
||
130 | $postponed = 0; |
||
131 | } |
||
132 | |||
133 | $error = filter_validate($filter_name); |
||
134 | |||
135 | if ($error == NO_ERROR) |
||
136 | { |
||
137 | if ($project_id == 0) |
||
138 | { |
||
139 | $filter_type = FILTER_TYPE_ALL_PROJECTS; |
||
140 | $filter_param = NULL; |
||
141 | } |
||
142 | elseif ($template_id == 0) |
||
143 | { |
||
144 | $filter_type = FILTER_TYPE_ALL_TEMPLATES; |
||
145 | $filter_param = $project_id; |
||
146 | } |
||
147 | elseif (count($states) == 0) |
||
148 | { |
||
149 | $filter_type = FILTER_TYPE_ALL_STATES; |
||
150 | $filter_param = $template_id; |
||
151 | } |
||
152 | else |
||
153 | { |
||
154 | $filter_type = FILTER_TYPE_SEL_STATES; |
||
155 | $filter_param = $template_id; |
||
156 | } |
||
157 | |||
158 | $filter_flags = ($unclosed ? FILTER_FLAG_UNCLOSED : 0) | ($postponed); |
||
159 | $filter_flags |= ($postponed); |
||
160 | |||
161 | View Code Duplication | if (isset($_REQUEST['created_by']) && |
|
162 | count($_REQUEST['created_by']) != 0) |
||
163 | { |
||
164 | $filter_flags |= FILTER_FLAG_CREATED_BY; |
||
165 | } |
||
166 | |||
167 | View Code Duplication | if (isset($_REQUEST['assigned_to']) && |
|
168 | count($_REQUEST['assigned_to']) != 0) |
||
169 | { |
||
170 | if (in_array(0, $_REQUEST['assigned_to'])) |
||
171 | { |
||
172 | $filter_flags |= FILTER_FLAG_UNASSIGNED; |
||
173 | |||
174 | if (count($_REQUEST['assigned_to']) > 1) |
||
175 | { |
||
176 | $filter_flags |= FILTER_FLAG_ASSIGNED_TO; |
||
177 | } |
||
178 | } |
||
179 | else |
||
180 | { |
||
181 | $filter_flags |= FILTER_FLAG_ASSIGNED_TO; |
||
182 | } |
||
183 | } |
||
184 | |||
185 | $error = filter_create($filter_name, |
||
186 | $filter_type, |
||
187 | $filter_flags, |
||
188 | $filter_param); |
||
189 | |||
190 | if ($error == NO_ERROR) |
||
191 | { |
||
192 | $rs = dal_query('filters/fndk.sql', $_SESSION[VAR_USERID], ustrtolower($filter_name)); |
||
193 | |||
194 | if ($rs->rows == 0) |
||
195 | { |
||
196 | debug_write_log(DEBUG_WARNING, 'Created filter cannot be found.'); |
||
197 | } |
||
198 | else |
||
199 | { |
||
200 | $id = $rs->fetch('filter_id'); |
||
201 | |||
202 | if ($filter_type == FILTER_TYPE_SEL_STATES) |
||
203 | { |
||
204 | foreach ($states as $item) |
||
205 | { |
||
206 | dal_query('filters/fscreate.sql', $id, $item); |
||
207 | } |
||
208 | } |
||
209 | |||
210 | View Code Duplication | if (($filter_flags & FILTER_FLAG_CREATED_BY) != 0) |
|
211 | { |
||
212 | foreach ($_REQUEST['created_by'] as $item) |
||
213 | { |
||
214 | dal_query('filters/facreate.sql', $id, FILTER_FLAG_CREATED_BY, $item); |
||
215 | } |
||
216 | } |
||
217 | |||
218 | View Code Duplication | if (($filter_flags & FILTER_FLAG_ASSIGNED_TO) != 0) |
|
219 | { |
||
220 | foreach ($_REQUEST['assigned_to'] as $item) |
||
221 | { |
||
222 | if ($item != 0) |
||
223 | { |
||
224 | dal_query('filters/facreate.sql', $id, FILTER_FLAG_ASSIGNED_TO, $item); |
||
225 | } |
||
226 | } |
||
227 | } |
||
228 | |||
229 | if ($template_id != 0) |
||
230 | { |
||
231 | filter_trans_set($id, $template_id); |
||
232 | filter_fields_set($id, $template_id); |
||
233 | } |
||
234 | } |
||
235 | |||
236 | exit; |
||
237 | } |
||
238 | } |
||
239 | |||
240 | switch ($error) |
||
241 | { |
||
242 | case NO_ERROR: |
||
243 | header('HTTP/1.0 200 OK'); |
||
244 | break; |
||
245 | |||
246 | case ERROR_INCOMPLETE_FORM: |
||
247 | send_http_error(get_html_resource(RES_ALERT_REQUIRED_ARE_EMPTY_ID)); |
||
248 | break; |
||
249 | |||
250 | case ERROR_ALREADY_EXISTS: |
||
251 | send_http_error(get_html_resource(RES_ALERT_FILTER_ALREADY_EXISTS_ID)); |
||
252 | break; |
||
253 | |||
254 | default: |
||
255 | send_http_error(get_html_resource(RES_ALERT_UNKNOWN_ERROR_ID)); |
||
256 | } |
||
257 | |||
258 | exit; |
||
259 | } |
||
260 | else |
||
261 | { |
||
262 | debug_write_log(DEBUG_NOTICE, 'Data are being requested.'); |
||
263 | |||
264 | $form = 'projectform'; |
||
265 | } |
||
266 | |||
267 | // local JS functions |
||
268 | |||
269 | $resTitle = get_js_resource(RES_ERROR_ID); |
||
270 | $resOK = get_js_resource(RES_OK_ID); |
||
271 | |||
272 | $xml = <<<JQUERY |
||
273 | <script> |
||
274 | |||
275 | function createSuccess () |
||
276 | { |
||
277 | closeModal(); |
||
278 | reloadTab(); |
||
279 | } |
||
280 | |||
281 | function createError (XMLHttpRequest) |
||
282 | { |
||
283 | jqAlert("{$resTitle}", XMLHttpRequest.responseText, "{$resOK}"); |
||
284 | } |
||
285 | |||
286 | </script> |
||
287 | JQUERY; |
||
288 | |||
289 | // generate header |
||
290 | |||
291 | $xml .= '<form name="' . $form . '" action="create.php" success="createSuccess" error="createError">' |
||
292 | . '<group>'; |
||
293 | |||
294 | // generate project selector |
||
295 | |||
296 | View Code Duplication | if ($form == 'projectform') |
|
297 | { |
||
298 | $xml .= '<control name="project" required="' . get_html_resource(RES_REQUIRED3_ID) . '">' |
||
299 | . '<label>' . get_html_resource(RES_PROJECT_ID) . '</label>' |
||
300 | . '<combobox>' |
||
301 | . '<listitem value="0">' . get_html_resource(RES_ALL_PROJECTS_ID) . '</listitem>'; |
||
302 | |||
303 | $rs = dal_query('records/plist2.sql', $_SESSION[VAR_USERID]); |
||
304 | |||
305 | while (($row = $rs->fetch())) |
||
306 | { |
||
307 | $xml .= '<listitem value="' . $row['project_id'] . '">' |
||
308 | . ustr2html($row['project_name']) |
||
309 | . '</listitem>'; |
||
310 | } |
||
311 | |||
312 | $xml .= '</combobox>' |
||
313 | . '</control>'; |
||
314 | } |
||
315 | elseif (isset($project_id)) |
||
316 | { |
||
317 | $xml .= '<control name="project" required="' . get_html_resource(RES_REQUIRED3_ID) . '">' |
||
318 | . '<label>' . get_html_resource(RES_PROJECT_ID) . '</label>' |
||
319 | . '<combobox>' |
||
320 | . '<listitem value="' . $project_id . '">' . ustr2html($project_name) . '</listitem>' |
||
321 | . '</combobox>' |
||
322 | . '</control>'; |
||
323 | } |
||
324 | |||
325 | // generate template selector |
||
326 | |||
327 | View Code Duplication | if ($form == 'templateform') |
|
328 | { |
||
329 | $xml .= '<control name="template" required="' . get_html_resource(RES_REQUIRED3_ID) . '">' |
||
330 | . '<label>' . get_html_resource(RES_TEMPLATE_ID) . '</label>' |
||
331 | . '<combobox>' |
||
332 | . '<listitem value="0">' . get_html_resource(RES_ALL_TEMPLATES_ID) . '</listitem>'; |
||
333 | |||
334 | $rs = dal_query('records/tlist2.sql', $_SESSION[VAR_USERID], $project_id); |
||
335 | |||
336 | while (($row = $rs->fetch())) |
||
337 | { |
||
338 | $xml .= '<listitem value="' . $row['template_id'] . '">' |
||
339 | . ustr2html($row['template_name']) |
||
340 | . '</listitem>'; |
||
341 | } |
||
342 | |||
343 | $xml .= '</combobox>' |
||
344 | . '</control>'; |
||
345 | } |
||
346 | elseif (isset($template_name)) |
||
347 | { |
||
348 | $xml .= '<control name="template" required="' . get_html_resource(RES_REQUIRED3_ID) . '">' |
||
349 | . '<label>' . get_html_resource(RES_TEMPLATE_ID) . '</label>' |
||
350 | . '<combobox>' |
||
351 | . '<listitem value="' . $template_id . '">' . ustr2html($template_name) . '</listitem>' |
||
352 | . '</combobox>' |
||
353 | . '</control>'; |
||
354 | } |
||
355 | |||
356 | // generate filter name and other common options |
||
357 | |||
358 | if ($form == 'createform') |
||
359 | { |
||
360 | $xml .= '<control name="filter_name" required="' . get_html_resource(RES_REQUIRED3_ID) . '">' |
||
361 | . '<label>' . get_html_resource(RES_FILTER_NAME_ID) . '</label>' |
||
362 | . '<editbox maxlen="' . MAX_FILTER_NAME . '">' . ustr2html($filter_name) . '</editbox>' |
||
363 | . '</control>'; |
||
364 | |||
365 | $xml .= '<control name="unclosed">' |
||
366 | . '<label/>' |
||
367 | . ($unclosed |
||
368 | ? '<checkbox checked="true">' |
||
369 | : '<checkbox>') |
||
370 | . ustrtolower(get_html_resource(RES_SHOW_UNCLOSED_ONLY_ID)) |
||
371 | . '</checkbox>' |
||
372 | . '</control>'; |
||
373 | |||
374 | $xml .= '<control name="postponed">' |
||
375 | . '<label>' . get_html_resource(RES_POSTPONE_STATUS_ID) . '</label>' |
||
376 | . '<radio value="' . 0 . ($postponed == 0 ? '" checked="true">' : '">') . get_html_resource(RES_SHOW_ALL_ID) . '</radio>' |
||
377 | . '<radio value="' . FILTER_FLAG_ACTIVE . ($postponed == FILTER_FLAG_ACTIVE ? '" checked="true">' : '">') . get_html_resource(RES_SHOW_ACTIVE_ONLY_ID) . '</radio>' |
||
378 | . '<radio value="' . FILTER_FLAG_POSTPONED . ($postponed == FILTER_FLAG_POSTPONED ? '" checked="true">' : '">') . get_html_resource(RES_SHOW_POSTPONED_ONLY_ID) . '</radio>' |
||
379 | . '</control>'; |
||
380 | } |
||
381 | |||
382 | $xml .= '</group>'; |
||
383 | |||
384 | if ($form == 'createform') |
||
385 | { |
||
386 | // generate list of states |
||
387 | |||
388 | View Code Duplication | if ($template_id != 0) |
|
389 | { |
||
390 | $xml .= '<group title="' . get_html_resource(RES_STATES_ID) . '">' |
||
391 | . '<control name="states[]">' |
||
392 | . '<listbox size="10">'; |
||
393 | |||
394 | $rs = dal_query('states/list.sql', $template_id, 'state_name'); |
||
395 | |||
396 | while (($row = $rs->fetch())) |
||
397 | { |
||
398 | $xml .= (isset($states) && in_array($row['state_id'], $states) |
||
399 | ? '<listitem value="' . $row['state_id'] . '" selected="true">' |
||
400 | : '<listitem value="' . $row['state_id'] . '">') |
||
401 | . ustr2html($row['state_name']) |
||
402 | . '</listitem>'; |
||
403 | } |
||
404 | |||
405 | $xml .= '</listbox>' |
||
406 | . '</control>' |
||
407 | . '</group>'; |
||
408 | } |
||
409 | |||
410 | // generate list of submitters |
||
411 | |||
412 | $xml .= '<group title="' . get_html_resource(RES_SHOW_CREATED_BY_ONLY_ID) . '">' |
||
413 | . '<control name="created_by[]">' |
||
414 | . '<listbox size="10">'; |
||
415 | |||
416 | $rs = ($project_id == 0) |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
417 | ? dal_query('filters/members2.sql', $_SESSION[VAR_USERID]) |
||
418 | : dal_query('filters/members.sql', $project_id); |
||
419 | |||
420 | View Code Duplication | while (($row = $rs->fetch())) |
|
421 | { |
||
422 | $xml .= '<listitem value="' . $row['account_id'] . '">' |
||
423 | . ustr2html(sprintf('%s (%s)', $row['fullname'], account_get_username($row['username']))) |
||
424 | . '</listitem>'; |
||
425 | } |
||
426 | |||
427 | $xml .= '</listbox>' |
||
428 | . '</control>' |
||
429 | . '</group>'; |
||
430 | |||
431 | // generate list of assignees |
||
432 | |||
433 | $xml .= '<group title="' . get_html_resource(RES_SHOW_ASSIGNED_TO_ONLY_ID) . '">' |
||
434 | . '<control name="assigned_to[]">' |
||
435 | . '<listbox size="10">' |
||
436 | . '<listitem value="0">' . get_html_resource(RES_NONE_ID) . '</listitem>'; |
||
437 | |||
438 | $rs->seek(); |
||
439 | |||
440 | View Code Duplication | while (($row = $rs->fetch())) |
|
441 | { |
||
442 | $xml .= '<listitem value="' . $row['account_id'] . '">' |
||
443 | . ustr2html(sprintf('%s (%s)', $row['fullname'], account_get_username($row['username']))) |
||
444 | . '</listitem>'; |
||
445 | } |
||
446 | |||
447 | $xml .= '</listbox>' |
||
448 | . '</control>' |
||
449 | . '</group>'; |
||
450 | |||
451 | // generate template-specific options |
||
452 | |||
453 | if ($template_id != 0) |
||
454 | { |
||
455 | $rs = dal_query('states/list.sql', $template_id, 'state_type, state_name'); |
||
456 | |||
457 | if ($rs->rows != 0) |
||
458 | { |
||
459 | // generate list of states with dates |
||
460 | |||
461 | $xml .= '<group title="' . get_html_resource(RES_SHOW_MOVED_TO_STATES_ONLY_ID) . '">'; |
||
462 | |||
463 | while (($row = $rs->fetch())) |
||
464 | { |
||
465 | $name = 'state' . $row['state_id']; |
||
466 | |||
467 | $xml .= '<control name="' . $name . '">' |
||
468 | . (isset($_REQUEST[$name]) |
||
469 | ? '<label checkmark="true" checked="true">' . ustr2html($row['state_name']) . '</label>' |
||
470 | : '<label checkmark="true">' . ustr2html($row['state_name']) . '</label>') |
||
471 | . '<control name="min_' . $name . '">' |
||
472 | . '<editbox small="true" maxlen="' . ustrlen(get_date(SAMPLE_DATE)) . '">' . try_request('min_' . $name) . '</editbox>' |
||
473 | . '</control>' |
||
474 | . '<control name="max_' . $name . '">' |
||
475 | . '<editbox small="true" maxlen="' . ustrlen(get_date(SAMPLE_DATE)) . '">' . try_request('max_' . $name) . '</editbox>' |
||
476 | . '</control>' |
||
477 | . '</control>'; |
||
478 | } |
||
479 | |||
480 | $xml .= '</group>'; |
||
481 | |||
482 | // generate list of fields with values |
||
483 | |||
484 | $rs->seek(); |
||
485 | |||
486 | while (($row = $rs->fetch())) |
||
487 | { |
||
488 | $rsf = dal_query('filters/flist.sql', |
||
489 | $row['state_id'], |
||
490 | $_SESSION[VAR_USERID], |
||
491 | FIELD_ALLOW_TO_READ); |
||
492 | |||
493 | if ($rsf->rows != 0) |
||
494 | { |
||
495 | $xml .= '<group title="' . ustrprocess(get_html_resource(RES_FIELDS_OF_STATE_X_ID), $row['state_name']) . '">'; |
||
496 | |||
497 | while (($row = $rsf->fetch())) |
||
498 | { |
||
499 | $name = 'field' . $row['field_id']; |
||
500 | |||
501 | $xml .= '<control name="' . $name . '">' |
||
502 | . (isset($_REQUEST[$name]) |
||
503 | ? '<label checkmark="true" checked="true">' |
||
504 | : '<label checkmark="true">') |
||
505 | . ustr2html($row['field_name']) |
||
506 | . '</label>'; |
||
507 | |||
508 | switch ($row['field_type']) |
||
509 | { |
||
510 | case FIELD_TYPE_NUMBER: |
||
511 | |||
512 | $xml .= '<control name="min_' . $name . '">' |
||
513 | . '<editbox small="true" maxlen="' . (ustrlen(MAX_FIELD_INTEGER) + 1) . '">' . try_request('min_' . $name) . '</editbox>' |
||
514 | . '</control>' |
||
515 | . '<control name="max_' . $name . '">' |
||
516 | . '<editbox small="true" maxlen="' . (ustrlen(MAX_FIELD_INTEGER) + 1) . '">' . try_request('max_' . $name) . '</editbox>' |
||
517 | . '</control>'; |
||
518 | |||
519 | break; |
||
520 | |||
521 | View Code Duplication | case FIELD_TYPE_FLOAT: |
|
522 | |||
523 | $xml .= '<control name="min_' . $name . '">' |
||
524 | . '<editbox small="true" maxlen="' . ustrlen(MIN_FIELD_FLOAT) . '">' . try_request('min_' . $name) . '</editbox>' |
||
525 | . '</control>' |
||
526 | . '<control name="max_' . $name . '">' |
||
527 | . '<editbox small="true" maxlen="' . ustrlen(MAX_FIELD_FLOAT) . '">' . try_request('max_' . $name) . '</editbox>' |
||
528 | . '</control>'; |
||
529 | |||
530 | break; |
||
531 | |||
532 | case FIELD_TYPE_STRING: |
||
533 | View Code Duplication | case FIELD_TYPE_MULTILINED: |
|
534 | |||
535 | $xml .= '<control name="edit_' . $name . '">' |
||
536 | . '<editbox maxlen="' . MAX_FIELD_STRING . '">' . try_request('edit_' . $name) . '</editbox>' |
||
537 | . '</control>'; |
||
538 | |||
539 | break; |
||
540 | |||
541 | View Code Duplication | case FIELD_TYPE_CHECKBOX: |
|
542 | |||
543 | $xml .= '<control name="check_' . $name . '">' |
||
544 | . '<label/>' |
||
545 | . '<radio value="' . 1 . (try_request('check_' . $name, 0) != 0 ? '" checked="true">' : '">') . get_html_resource(RES_ON_ID) . '</radio>' |
||
546 | . '<radio value="' . 0 . (try_request('check_' . $name, 0) == 0 ? '" checked="true">' : '">') . get_html_resource(RES_OFF_ID) . '</radio>' |
||
547 | . '</control>'; |
||
548 | |||
549 | break; |
||
550 | |||
551 | case FIELD_TYPE_LIST: |
||
552 | |||
553 | $value = try_request('list_' . $name); |
||
554 | |||
555 | $xml .= '<control name="list_' . $name . '">' |
||
556 | . '<combobox>'; |
||
557 | |||
558 | $rsv = dal_query('values/lvlist.sql', $row['field_id']); |
||
559 | |||
560 | while (($row = $rsv->fetch())) |
||
561 | { |
||
562 | $xml .= ($value == $row['int_value'] |
||
563 | ? '<listitem value="' . $row['int_value'] . '" selected="true">' |
||
564 | : '<listitem value="' . $row['int_value'] . '">') |
||
565 | . ustr2html($row['str_value']) |
||
566 | . '</listitem>'; |
||
567 | } |
||
568 | |||
569 | $xml .= '</combobox>' |
||
570 | . '</control>'; |
||
571 | |||
572 | break; |
||
573 | |||
574 | View Code Duplication | case FIELD_TYPE_RECORD: |
|
575 | |||
576 | $xml .= '<control name="edit_' . $name . '">' |
||
577 | . '<editbox maxlen="' . ustrlen(MAXINT) . '">' . try_request('edit_' . $name) . '</editbox>' |
||
578 | . '</control>'; |
||
579 | |||
580 | break; |
||
581 | |||
582 | View Code Duplication | case FIELD_TYPE_DATE: |
|
583 | |||
584 | $xml .= '<control name="min_' . $name . '">' |
||
585 | . '<editbox small="true" maxlen="' . ustrlen(get_date(SAMPLE_DATE)) . '">' . try_request('min_' . $name) . '</editbox>' |
||
586 | . '</control>' |
||
587 | . '<control name="max_' . $name . '">' |
||
588 | . '<editbox small="true" maxlen="' . ustrlen(get_date(SAMPLE_DATE)) . '">' . try_request('max_' . $name) . '</editbox>' |
||
589 | . '</control>'; |
||
590 | |||
591 | break; |
||
592 | |||
593 | View Code Duplication | case FIELD_TYPE_DURATION: |
|
594 | |||
595 | $xml .= '<control name="min_' . $name . '">' |
||
596 | . '<editbox small="true" maxlen="' . ustrlen(time2ustr(MAX_FIELD_DURATION)) . '">' . try_request('min_' . $name) . '</editbox>' |
||
597 | . '</control>' |
||
598 | . '<control name="max_' . $name . '">' |
||
599 | . '<editbox small="true" maxlen="' . ustrlen(time2ustr(MAX_FIELD_DURATION)) . '">' . try_request('max_' . $name) . '</editbox>' |
||
600 | . '</control>'; |
||
601 | |||
602 | break; |
||
603 | |||
604 | default: |
||
605 | |||
606 | debug_write_log(DEBUG_WARNING, 'Unknown field type = ' . $row['field_type']); |
||
607 | } |
||
608 | |||
609 | $xml .= '</control>'; |
||
610 | } |
||
611 | |||
612 | $xml .= '</group>'; |
||
613 | } |
||
614 | } |
||
615 | } |
||
616 | } |
||
617 | } |
||
618 | |||
619 | // generate footer |
||
620 | |||
621 | $xml .= '<note>' . get_html_resource(RES_ALERT_REQUIRED_ARE_EMPTY_ID) . '</note>' |
||
622 | . '</form>'; |
||
623 | |||
624 | echo(xml2html($xml)); |
||
625 | |||
626 | ?> |
||
627 |