Happy New Year

[platal.git] / classes / pltableeditor.php

diff --git a/classes/pltableeditor.php b/classes/pltableeditor.php
index 7637238..78d9fa4 100644 (file)
--- a/classes/pltableeditor.php
+++ b/classes/pltableeditor.php
@@ -1,6 +1,6 @@
 <?php
 /***************************************************************************
- *  Copyright (C) 2003-2008 Polytechnique.org                              *
+ *  Copyright (C) 2003-2009 Polytechnique.org                              *
  *  http://opensource.polytechnique.org/                                   *
  *                                                                         *
  *  This program is free software; you can redistribute it and/or modify   *
@@ -63,7 +63,7 @@ class PLTableEditor
         $this->sortfield = $idfield;
         $this->idfield_editable = $editid;
         $this->whereclause = '1';
-        $r = XDB::iterator("SHOW COLUMNS FROM $table");
+        $r = XDB::iterator("SHOW FULL COLUMNS FROM $table");
         $this->vars = array();
         while ($a = $r->next()) {
             // desc will be the title of the column
@@ -97,6 +97,9 @@ class PLTableEditor
             elseif (substr($a['Type'],0,10) == 'timestamp(' || $a['Type'] == 'datetime') {
                 $a['Type'] = 'timestamp';
             }
+            elseif ($a['Comment'] == 'ip_address') {
+                $a['Type']='ip_address';
+            }
 
             $this->vars[$a['Field']] = $a;
         }
@@ -133,6 +136,10 @@ class PLTableEditor
                 $date =& $entry[$field];
                 $date = preg_replace('/([0-9]{4})-?([0-9]{2})-?([0-9]{2})/', '\3/\2/\1', $date);
             }
+            if ($descr['Type'] == 'ip_address') {
+                $ip = & $entry[$field];
+                $ip = long2ip($ip);
+            }
         }
         return $entry;
     }
@@ -181,25 +188,27 @@ class PLTableEditor
     }
 
     // call when done
-    public function apply(PlatalPage &$page, $action, $id = false)
+    public function apply(PlPage &$page, $action, $id = false)
     {
-        $page->changeTpl('core/table-editor.tpl');
+        $page->coreTpl('table-editor.tpl');
         $list = true;
         if ($action == 'delete') {
+            S::assert_xsrf_token();
+
             if (!isset($this->delete_action)) {
                 foreach ($this->jtables as $table => $j)
                     XDB::execute("DELETE FROM {$table} WHERE {$j['joinid']} = {?}{$j['joinextra']}", $id);
                 XDB::execute("DELETE FROM {$this->table} WHERE {$this->idfield} = {?}",$id);
-                $page->trig("L'entrée ".$id." a été supprimée.");
+                $page->trigSuccess("L'entrée ".$id." a été supprimée.");
             } else if ($this->delete_action) {
                 XDB::execute($this->delete_action, $id);
                 if (isset($this->delete_message)) {
-                    $page->trig($this->delete_message);
+                    $page->trigSuccess($this->delete_message);
                 } else {
-                    $page->trig("L'entrée ".$id." a été supprimée.");
-                }                      
+                    $page->trigSuccess("L'entrée ".$id." a été supprimée.");
+                }
             } else {
-                $page->trig("Impossible de supprimer l'entrée.");
+                $page->trigError("Impossible de supprimer l'entrée.");
             }
         }
         if ($action == 'edit') {
@@ -231,6 +240,8 @@ class PLTableEditor
             $list = false;
         }
         if ($action == 'update') {
+            S::assert_xsrf_token();
+
             $values = "";
             $cancel = false;
             foreach ($this->vars as $field => $descr) {
@@ -254,10 +265,13 @@ class PLTableEditor
                     elseif ($descr['Type'] == 'date') {
                         $val = preg_replace('/([0-9]{1,2})\/([0-9]{1,2})\/([0-9]{4})/', '\3-\2-\1', $val);
                     }
+                    elseif ($descr['Type'] == 'ip_address') {
+                        $val = ip2long($val);
+                    }
                     $val = "'".addslashes($val)."'";
                 } else {
                     $cancel = true;
-                    $page->trig("Il manque le champ ".$field);
+                    $page->trigError("Il manque le champ ".$field);
                 }
                 $values .= $val;
             }
@@ -266,13 +280,13 @@ class PLTableEditor
                     XDB::execute("UPDATE {$this->table} SET {$this->idfield} = {?} WHERE {$this->idfield} = {?} AND {$this->whereclause}", Post::v($this->idfield), $id);
                 XDB::execute("REPLACE INTO {$this->table} VALUES ($values)");
                 if ($id !== false)
-                    $page->trig("L'entrée ".$id." a été mise à jour.");
+                    $page->trigSuccess("L'entrée ".$id." a été mise à jour.");
                 else {
-                    $page->trig("Une nouvelle entrée a été créée.");
+                    $page->trigSuccess("Une nouvelle entrée a été créée.");
                     $id = XDB::insertId();
                 }
             } else
-                $page->trig("Impossible de mette à jour.");
+                $page->trigError("Impossible de mettre à jour.");
             if (!$this->auto_return) {
                 return $this->apply($page, 'edit', $id);
             }