1 <?php
2
3 // Data functions (insert, update, delete, form) for table disease_symptoms
4
5 // This script and data application were generated by AppGini 5.62
6 // Download AppGini for free from https://bigprof.com/appgini/download/
7
8 function disease_symptoms_insert(){
9 global $Translation;
10
11 // mm: can member insert record?
12 $arrPerm=getTablePermissions('disease_symptoms');
13 if(!$arrPerm[1]){
14 return false;
15 }
16
17 $data['disease'] = makeSafe($_REQUEST['disease']);
18 if($data['disease'] == empty_lookup_value){ $data['disease'] = ''; }
19 $data['symptoms'] = br2nl(makeSafe($_REQUEST['symptoms']));
20 $data['reference'] = makeSafe($_REQUEST['reference']);
21 if($data['reference'] == empty_lookup_value){ $data['reference'] = ''; }
22
23 // hook: disease_symptoms_before_insert
24 if(function_exists('disease_symptoms_before_insert')){
25 $args=array();
26 if(!disease_symptoms_before_insert($data, getMemberInfo(), $args)){ return false; }
27 }
28
29 $o = array('silentErrors' => true);
30 sql('insert into `disease_symptoms` set `disease`=' . (($data['disease'] !== '' && $data['disease'] !== NULL) ? "'{$data['disease']}'" : 'NULL') . ', `symptoms`=' . (($data['symptoms'] !== '' && $data['symptoms'] !== NULL) ? "'{$data['symptoms']}'" : 'NULL') . ', `reference`=' . (($data['reference'] !== '' && $data['reference'] !== NULL) ? "'{$data['reference']}'" : 'NULL'), $o);
31 if($o['error']!=''){
32 echo $o['error'];
33 echo "<a href=\"disease_symptoms_view.php?addNew_x=1\">{$Translation['< back']}</a>";
34 exit;
35 }
36
37 $recID = db_insert_id(db_link());
38
39 // hook: disease_symptoms_after_insert
40 if(function_exists('disease_symptoms_after_insert')){
41 $res = sql("select * from `disease_symptoms` where `id`='" . makeSafe($recID, false) . "' limit 1", $eo);
42 if($row = db_fetch_assoc($res)){
43 $data = array_map('makeSafe', $row);
44 }
45 $data['selectedID'] = makeSafe($recID, false);
46 $args=array();
47 if(!disease_symptoms_after_insert($data, getMemberInfo(), $args)){ return $recID; }
48 }
49
50 // mm: save ownership data
51 sql("insert ignore into membership_userrecords set tableName='disease_symptoms', pkValue='" . makeSafe($recID, false) . "', memberID='" . makeSafe(getLoggedMemberID(), false) . "', dateAdded='" . time() . "', dateUpdated='" . time() . "', groupID='" . getLoggedGroupID() . "'", $eo);
52
53 return $recID;
54 }
55
56 function disease_symptoms_delete($selected_id, $AllowDeleteOfParents=false, $skipChecks=false){
57 // insure referential integrity ...
58 global $Translation;
59 $selected_id=makeSafe($selected_id);
60
61 // mm: can member delete record?
62 $arrPerm=getTablePermissions('disease_symptoms');
63 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='disease_symptoms' and pkValue='$selected_id'");
64 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='disease_symptoms' and pkValue='$selected_id'");
65 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
66 // delete allowed, so continue ...
67 }else{
68 return $Translation['You don\'t have enough permissions to delete this record'];
69 }
70
71 // hook: disease_symptoms_before_delete
72 if(function_exists('disease_symptoms_before_delete')){
73 $args=array();
74 if(!disease_symptoms_before_delete($selected_id, $skipChecks, getMemberInfo(), $args))
75 return $Translation['Couldn\'t delete this record'];
76 }
77
78 sql("delete from `disease_symptoms` where `id`='$selected_id'", $eo);
79
80 // hook: disease_symptoms_after_delete
81 if(function_exists('disease_symptoms_after_delete')){
82 $args=array();
83 disease_symptoms_after_delete($selected_id, getMemberInfo(), $args);
84 }
85
86 // mm: delete ownership data
87 sql("delete from membership_userrecords where tableName='disease_symptoms' and pkValue='$selected_id'", $eo);
88 }
89
90 function disease_symptoms_update($selected_id){
91 global $Translation;
92
93 // mm: can member edit record?
94 $arrPerm=getTablePermissions('disease_symptoms');
95 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='disease_symptoms' and pkValue='".makeSafe($selected_id)."'");
96 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='disease_symptoms' and pkValue='".makeSafe($selected_id)."'");
97 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){ // allow update?
98 // update allowed, so continue ...
99 }else{
100 return false;
101 }
102
103 $data['disease'] = makeSafe($_REQUEST['disease']);
104 if($data['disease'] == empty_lookup_value){ $data['disease'] = ''; }
105 $data['symptoms'] = br2nl(makeSafe($_REQUEST['symptoms']));
106 $data['reference'] = makeSafe($_REQUEST['reference']);
107 if($data['reference'] == empty_lookup_value){ $data['reference'] = ''; }
108 $data['selectedID']=makeSafe($selected_id);
109
110 // hook: disease_symptoms_before_update
111 if(function_exists('disease_symptoms_before_update')){
112 $args=array();
113 if(!disease_symptoms_before_update($data, getMemberInfo(), $args)){ return false; }
114 }
115
116 $o=array('silentErrors' => true);
117 sql('update `disease_symptoms` set `disease`=' . (($data['disease'] !== '' && $data['disease'] !== NULL) ? "'{$data['disease']}'" : 'NULL') . ', `symptoms`=' . (($data['symptoms'] !== '' && $data['symptoms'] !== NULL) ? "'{$data['symptoms']}'" : 'NULL') . ', `reference`=' . (($data['reference'] !== '' && $data['reference'] !== NULL) ? "'{$data['reference']}'" : 'NULL') . " where `id`='".makeSafe($selected_id)."'", $o);
118 if($o['error']!=''){
119 echo $o['error'];
120 echo '<a href="disease_symptoms_view.php?SelectedID='.urlencode($selected_id)."\">{$Translation['< back']}</a>";
121 exit;
122 }
123
124
125 // hook: disease_symptoms_after_update
126 if(function_exists('disease_symptoms_after_update')){
127 $res = sql("SELECT * FROM `disease_symptoms` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
128 if($row = db_fetch_assoc($res)){
129 $data = array_map('makeSafe', $row);
130 }
131 $data['selectedID'] = $data['id'];
132 $args = array();
133 if(!disease_symptoms_after_update($data, getMemberInfo(), $args)){ return; }
134 }
135
136 // mm: update ownership data
137 sql("update membership_userrecords set dateUpdated='".time()."' where tableName='disease_symptoms' and pkValue='".makeSafe($selected_id)."'", $eo);
138
139 }
140
141 function disease_symptoms_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0, $TemplateDV = '', $TemplateDVP = ''){
142 // function to return an editable form for a table records
143 // and fill it with data of record whose ID is $selected_id. If $selected_id
144 // is empty, an empty form is shown, with only an 'Add New'
145 // button displayed.
146
147 global $Translation;
148
149 // mm: get table permissions
150 $arrPerm=getTablePermissions('disease_symptoms');
151 if(!$arrPerm[1] && $selected_id==''){ return ''; }
152 $AllowInsert = ($arrPerm[1] ? true : false);
153 // print preview?
154 $dvprint = false;
155 if($selected_id && $_REQUEST['dvprint_x'] != ''){
156 $dvprint = true;
157 }
158
159
160 // populate filterers, starting from children to grand-parents
161
162 // unique random identifier
163 $rnd1 = ($dvprint ? rand(1000000, 9999999) : '');
164
165 if($selected_id){
166 // mm: check member permissions
167 if(!$arrPerm[2]){
168 return "";
169 }
170 // mm: who is the owner?
171 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='disease_symptoms' and pkValue='".makeSafe($selected_id)."'");
172 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='disease_symptoms' and pkValue='".makeSafe($selected_id)."'");
173 if($arrPerm[2]==1 && getLoggedMemberID()!=$ownerMemberID){
174 return "";
175 }
176 if($arrPerm[2]==2 && getLoggedGroupID()!=$ownerGroupID){
177 return "";
178 }
179
180 // can edit?
181 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){
182 $AllowUpdate=1;
183 }else{
184 $AllowUpdate=0;
185 }
186
187 $res = sql("select * from `disease_symptoms` where `id`='".makeSafe($selected_id)."'", $eo);
188 if(!($row = db_fetch_array($res))){
189 return error_message($Translation['No records found'], 'disease_symptoms_view.php', false);
190 }
191 $urow = $row; /* unsanitized data */
192 $hc = new CI_Input();
193 $row = $hc->xss_clean($row); /* sanitize data */
194 }else{
195 }
196
197 // code for template based detail view forms
198
199 // open the detail view template
200 if($dvprint){
201 $template_file = is_file("./{$TemplateDVP}") ? "./{$TemplateDVP}" : './templates/disease_symptoms_templateDVP.html';
202 $templateCode = @file_get_contents($template_file);
203 }else{
204 $template_file = is_file("./{$TemplateDV}") ? "./{$TemplateDV}" : './templates/disease_symptoms_templateDV.html';
205 $templateCode = @file_get_contents($template_file);
206 }
207
208 // process form title
209 $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Disease symptom details', $templateCode);
210 $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
211 $templateCode = str_replace('<%%EMBEDDED%%>', ($_REQUEST['Embedded'] ? 'Embedded=1' : ''), $templateCode);
212 // process buttons
213 if($arrPerm[1] && !$selected_id){ // allow insert and no record selected?
214 if(!$selected_id) $templateCode=str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return disease_symptoms_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
215 $templateCode=str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return disease_symptoms_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
216 }else{
217 $templateCode=str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
218 }
219
220 // 'Back' button action
221 if($_REQUEST['Embedded']){
222 $backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;';
223 }else{
224 $backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
225 }
226
227 if($selected_id){
228 if(!$_REQUEST['Embedded']) $templateCode=str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;" title="' . html_attr($Translation['Print Preview']) . '"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
229 if($AllowUpdate){
230 $templateCode=str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return disease_symptoms_validateData();" title="' . html_attr($Translation['Save Changes']) . '"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
231 }else{
232 $templateCode=str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
233 }
234 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
235 $templateCode=str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');" title="' . html_attr($Translation['Delete']) . '"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
236 }else{
237 $templateCode=str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
238 }
239 $templateCode=str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
240 }else{
241 $templateCode=str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
242 $templateCode=str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
243 $templateCode=str_replace('<%%DESELECT_BUTTON%%>', ($ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : ''), $templateCode);
244 }
245
246 // set records to read only if user can't insert new records and can't edit current record
247 if(($selected_id && !$AllowUpdate) || (!$selected_id && !$AllowInsert)){
248 $jsReadOnly .= "\tjQuery('#disease').replaceWith('<div class=\"form-control-static\" id=\"disease\">' + (jQuery('#disease').val() || '') + '</div>');\n";
249 $jsReadOnly .= "\tjQuery('#symptoms').replaceWith('<div class=\"form-control-static\" id=\"symptoms\">' + (jQuery('#symptoms').val() || '') + '</div>');\n";
250 $jsReadOnly .= "\tjQuery('#reference').replaceWith('<div class=\"form-control-static\" id=\"reference\">' + (jQuery('#reference').val() || '') + '</div>');\n";
251 $jsReadOnly .= "\tjQuery('#reference, #reference-edit-link').hide();\n";
252 $jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
253
254 $noUploads = true;
255 }elseif(($AllowInsert && !$selected_id) || ($AllowUpdate && $selected_id)){
256 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler
257 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler
258 }
259
260 // process combos
261
262 /* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
263 $lookup_fields = array();
264 foreach($lookup_fields as $luf => $ptfc){
265 $pt_perm = getTablePermissions($ptfc[0]);
266
267 // process foreign key links
268 if($pt_perm['view'] || $pt_perm['edit']){
269 $templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-md" id="' . $ptfc[0] . '_view_parent" title="' . html_attr($Translation['View'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
270 }
271
272 // if user has insert permission to parent table of a lookup field, put an add new button
273 if($pt_perm['insert'] && !$_REQUEST['Embedded']){
274 $templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent hspacer-md" id="' . $ptfc[0] . '_add_new" title="' . html_attr($Translation['Add New'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
275 }
276 }
277
278 // process images
279 $templateCode=str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
280 $templateCode=str_replace('<%%UPLOADFILE(disease)%%>', '', $templateCode);
281 $templateCode=str_replace('<%%UPLOADFILE(symptoms)%%>', '', $templateCode);
282 $templateCode=str_replace('<%%UPLOADFILE(reference)%%>', '', $templateCode);
283
284 // process values
285 if($selected_id){
286 $templateCode=str_replace('<%%VALUE(id)%%>', html_attr($row['id']), $templateCode);
287 $templateCode=str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode);
288 $templateCode=str_replace('<%%VALUE(disease)%%>', html_attr($row['disease']), $templateCode);
289 $templateCode=str_replace('<%%URLVALUE(disease)%%>', urlencode($urow['disease']), $templateCode);
290 if($dvprint){
291 $templateCode = str_replace('<%%VALUE(symptoms)%%>', nl2br(html_attr($row['symptoms'])), $templateCode);
292 }else{
293 $templateCode = str_replace('<%%VALUE(symptoms)%%>', html_attr($row['symptoms']), $templateCode);
294 }
295 $templateCode=str_replace('<%%URLVALUE(symptoms)%%>', urlencode($urow['symptoms']), $templateCode);
296 $templateCode=str_replace('<%%VALUE(reference)%%>', html_attr($row['reference']), $templateCode);
297 $templateCode=str_replace('<%%URLVALUE(reference)%%>', urlencode($urow['reference']), $templateCode);
298 }else{
299 $templateCode=str_replace('<%%VALUE(id)%%>', '', $templateCode);
300 $templateCode=str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode);
301 $templateCode=str_replace('<%%VALUE(disease)%%>', '', $templateCode);
302 $templateCode=str_replace('<%%URLVALUE(disease)%%>', urlencode(''), $templateCode);
303 $templateCode=str_replace('<%%VALUE(symptoms)%%>', '', $templateCode);
304 $templateCode=str_replace('<%%URLVALUE(symptoms)%%>', urlencode(''), $templateCode);
305 $templateCode=str_replace('<%%VALUE(reference)%%>', '', $templateCode);
306 $templateCode=str_replace('<%%URLVALUE(reference)%%>', urlencode(''), $templateCode);
307 }
308
309 // process translations
310 foreach($Translation as $symbol=>$trans){
311 $templateCode=str_replace("<%%TRANSLATION($symbol)%%>", $trans, $templateCode);
312 }
313
314 // clear scrap
315 $templateCode=str_replace('<%%', '<!-- ', $templateCode);
316 $templateCode=str_replace('%%>', ' -->', $templateCode);
317
318 // hide links to inaccessible tables
319 if($_REQUEST['dvprint_x'] == ''){
320 $templateCode .= "\n\n<script>\$j(function(){\n";
321 $arrTables = getTableList();
322 foreach($arrTables as $name => $caption){
323 $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
324 $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
325 }
326
327 $templateCode .= $jsReadOnly;
328 $templateCode .= $jsEditable;
329
330 if(!$selected_id){
331 $templateCode.="\n\tif(document.getElementById('referenceEdit')){ document.getElementById('referenceEdit').style.display='inline'; }";
332 $templateCode.="\n\tif(document.getElementById('referenceEditLink')){ document.getElementById('referenceEditLink').style.display='none'; }";
333 }
334
335 $templateCode.="\n});</script>\n";
336 }
337
338 // ajaxed auto-fill fields
339 $templateCode .= '<script>';
340 $templateCode .= '$j(function() {';
341
342
343 $templateCode.="});";
344 $templateCode.="</script>";
345 $templateCode .= $lookups;
346
347 // handle enforced parent values for read-only lookup fields
348
349 // don't include blank images in lightbox gallery
350 $templateCode = preg_replace('/blank.gif" data-lightbox=".*?"/', 'blank.gif"', $templateCode);
351
352 // don't display empty email links
353 $templateCode=preg_replace('/<a .*?href="mailto:".*?<\/a>/', '', $templateCode);
354
355 /* default field values */
356 $rdata = $jdata = get_defaults('disease_symptoms');
357 if($selected_id){
358 $jdata = get_joined_record('disease_symptoms', $selected_id);
359 $rdata = $row;
360 }
361 $cache_data = array(
362 'rdata' => array_map('nl2br', array_map('addslashes', $rdata)),
363 'jdata' => array_map('nl2br', array_map('addslashes', $jdata)),
364 );
365 $templateCode .= loadView('disease_symptoms-ajax-cache', $cache_data);
366
367 // hook: disease_symptoms_dv
368 if(function_exists('disease_symptoms_dv')){
369 $args=array();
370 disease_symptoms_dv(($selected_id ? $selected_id : FALSE), getMemberInfo(), $templateCode, $args);
371 }
372
373 return $templateCode;
374 }
375 ?>