<?php
/***************************************************************************
- * Copyright (C) 2003-2007 Polytechnique.org *
+ * Copyright (C) 2003-2010 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************/
-class PLTableEditor
+class PLTableEditor
{
// the plat/al name of the page
public $pl;
public $vars;
// number of displayed fields
public $nbfields;
+ // a where clause to restrict table
+ public $whereclause;
// the field for sorting entries
public $sortfield;
public $sortdesc = false;
$this->idfield = $idfield;
$this->sortfield = $idfield;
$this->idfield_editable = $editid;
- $r = XDB::iterator("SHOW COLUMNS FROM $table");
+ $this->whereclause = '1';
+ $r = XDB::iterator("SHOW FULL COLUMNS FROM $table");
$this->vars = array();
while ($a = $r->next()) {
// desc will be the title of the column
$a['Value'] = $a['List'][0];
} else {
$a['Type'] = 'set';
- }
+ }
}
elseif (substr($a['Type'],0,5) == 'enum(') {
// get the list of options
elseif (substr($a['Type'],0,10) == 'timestamp(' || $a['Type'] == 'datetime') {
$a['Type'] = 'timestamp';
}
+ elseif ($a['Comment'] == 'ip_address') {
+ $a['Type']='ip_address';
+ }
$this->vars[$a['Field']] = $a;
}
}
// called before editing $entry
- private function prepare_edit(&$entry)
+ private function prepare_edit(&$entry)
{
foreach ($this->vars as $field => $descr) {
if ($descr['Type'] == 'set') {
$date =& $entry[$field];
$date = preg_replace('/([0-9]{4})-?([0-9]{2})-?([0-9]{2})/', '\3/\2/\1', $date);
}
+ if ($descr['Type'] == 'ip_address') {
+ $ip = & $entry[$field];
+ $ip = long2ip($ip);
+ }
}
return $entry;
}
-
+
// set whether the save button show redirect to list view or edit view
public function list_on_edit($var)
{
$this->vars[$name]['desc'] = $desc;
$this->vars[$name]['display'] = $display;
}
-
+
// add a join table, when deleting a row corresponding entries will be deleted in these tables
public function add_join_table($name,$joinid,$joindel,$joinextra="")
{
if ($joindel)
$this->jtables[$name] = array("joinid" => $joinid,"joinextra" => $joinextra?(" AND ".$joinextra):"");
}
-
+
// add a sort key
public function add_sort_field($key, $desc = false, $default = false)
{
}
}
+ // add a where clause to limit table listing
+ public function set_where_clause($whereclause="1")
+ {
+ $this->whereclause = $whereclause;
+ }
+
// set an action when trying to delete row
public function on_delete($action = NULL, $message = NULL)
{
}
// call when done
- public function apply(PlatalPage &$page, $action, $id = false)
+ public function apply(PlPage &$page, $action, $id = false)
{
- $page->changeTpl('core/table-editor.tpl');
+ $page->coreTpl('table-editor.tpl');
$list = true;
if ($action == 'delete') {
+ S::assert_xsrf_token();
+
if (!isset($this->delete_action)) {
foreach ($this->jtables as $table => $j)
XDB::execute("DELETE FROM {$table} WHERE {$j['joinid']} = {?}{$j['joinextra']}", $id);
XDB::execute("DELETE FROM {$this->table} WHERE {$this->idfield} = {?}",$id);
- $page->trig("L'entrée ".$id." a été supprimée.");
+ $page->trigSuccess("L'entrée ".$id." a été supprimée.");
} else if ($this->delete_action) {
XDB::execute($this->delete_action, $id);
if (isset($this->delete_message)) {
- $page->trig($this->delete_message);
+ $page->trigSuccess($this->delete_message);
} else {
- $page->trig("L'entrée ".$id." a été supprimée.");
- }
+ $page->trigSuccess("L'entrée ".$id." a été supprimée.");
+ }
} else {
- $page->trig("Impossible de supprimer l'entrée.");
+ $page->trigError("Impossible de supprimer l'entrée.");
}
}
if ($action == 'edit') {
- $r = XDB::query("SELECT * FROM {$this->table} WHERE {$this->idfield} = {?}",$id);
+ $r = XDB::query("SELECT * FROM {$this->table} WHERE {$this->idfield} = {?} AND {$this->whereclause}",$id);
$entry = $r->fetchOneAssoc();
$page->assign('entry', $this->prepare_edit($entry));
$page->assign('id', $id);
$list = false;
}
if ($action == 'update') {
+ S::assert_xsrf_token();
+
$values = "";
$cancel = false;
foreach ($this->vars as $field => $descr) {
elseif ($descr['Type'] == 'date') {
$val = preg_replace('/([0-9]{1,2})\/([0-9]{1,2})\/([0-9]{4})/', '\3-\2-\1', $val);
}
+ elseif ($descr['Type'] == 'ip_address') {
+ $val = ip2long($val);
+ }
$val = "'".addslashes($val)."'";
} else {
$cancel = true;
- $page->trig("Il manque le champ ".$field);
+ $page->trigError("Il manque le champ ".$field);
}
$values .= $val;
}
if (!$cancel) {
if ($this->idfield_editable && ($id != Post::v($this->idfield)) && $action != 'new')
- XDB::execute("UPDATE {$this->table} SET {$this->idfield} = {?} WHERE {$this->idfield} = {?}", Post::v($this->idfield), $id);
+ XDB::execute("UPDATE {$this->table} SET {$this->idfield} = {?} WHERE {$this->idfield} = {?} AND {$this->whereclause}", Post::v($this->idfield), $id);
XDB::execute("REPLACE INTO {$this->table} VALUES ($values)");
if ($id !== false)
- $page->trig("L'entrée ".$id." a été mise à jour.");
+ $page->trigSuccess("L'entrée ".$id." a été mise à jour.");
else {
- $page->trig("Une nouvelle entrée a été créée.");
+ $page->trigSuccess("Une nouvelle entrée a été créée.");
$id = XDB::insertId();
}
} else
- $page->trig("Impossible de mette à jour.");
+ $page->trigError("Impossible de mettre à jour.");
if (!$this->auto_return) {
return $this->apply($page, 'edit', $id);
}
if (count($this->sort) > 0) {
$sort = 'ORDER BY ' . join($this->sort, ',');
}
- $it = XDB::iterator("SELECT * FROM {$this->table} $sort");
+ $it = XDB::iterator("SELECT * FROM {$this->table} WHERE {$this->whereclause} $sort");
$this->nbfields = 0;
foreach ($this->vars as $field => $descr)
if ($descr['display']) $this->nbfields++;