Hệ thống xếp lịch học tín chỉ cho sinh viên CNTT trên PHP & MySQL
111.158 lượt xem;
- schools_dml.php
- project /
1 <?php
2
3 // Data functions (insert, update, delete, form) for table schools
4
5 // This script and data application were generated by AppGini 5.72
6 // Download AppGini for free from https://bigprof.com/appgini/download/
7
8 function schools_insert(){
9 global $Translation;
10
11 // mm: can member insert record?
12 $arrPerm=getTablePermissions('schools');
13 if(!$arrPerm[1]){
14 return false;
15 }
16
17 $data['name'] = makeSafe($_REQUEST['name']);
18 if($data['name'] == empty_lookup_value){ $data['name'] = ''; }
19 if($data['name']== ''){
20 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Name': " . $Translation['field not null'] . '<br><br>';
21 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
22 exit;
23 }
24
25 // hook: schools_before_insert
26 if(function_exists('schools_before_insert')){
27 $args=array();
28 if(!schools_before_insert($data, getMemberInfo(), $args)){ return false; }
29 }
30
31 $o = array('silentErrors' => true);
32 sql('insert into `schools` set `name`=' . (($data['name'] !== '' && $data['name'] !== NULL) ? "'{$data['name']}'" : 'NULL'), $o);
33 if($o['error']!=''){
34 echo $o['error'];
35 echo "<a href=\"schools_view.php?addNew_x=1\">{$Translation['< back']}</a>";
36 exit;
37 }
38
39 $recID = db_insert_id(db_link());
40
41 // hook: schools_after_insert
42 if(function_exists('schools_after_insert')){
43 $res = sql("select * from `schools` where `id`='" . makeSafe($recID, false) . "' limit 1", $eo);
44 if($row = db_fetch_assoc($res)){
45 $data = array_map('makeSafe', $row);
46 }
47 $data['selectedID'] = makeSafe($recID, false);
48 $args=array();
49 if(!schools_after_insert($data, getMemberInfo(), $args)){ return $recID; }
50 }
51
52 // mm: save ownership data
53 set_record_owner('schools', $recID, getLoggedMemberID());
54
55 return $recID;
56 }
57
58 function schools_delete($selected_id, $AllowDeleteOfParents=false, $skipChecks=false){
59 // insure referential integrity ...
60 global $Translation;
61 $selected_id=makeSafe($selected_id);
62
63 // mm: can member delete record?
64 $arrPerm=getTablePermissions('schools');
65 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='schools' and pkValue='$selected_id'");
66 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='schools' and pkValue='$selected_id'");
67 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
68 // delete allowed, so continue ...
69 }else{
70 return $Translation['You don\'t have enough permissions to delete this record'];
71 }
72
73 // hook: schools_before_delete
74 if(function_exists('schools_before_delete')){
75 $args=array();
76 if(!schools_before_delete($selected_id, $skipChecks, getMemberInfo(), $args))
77 return $Translation['Couldn\'t delete this record'];
78 }
79
80 // child table: departments
81 $res = sql("select `id` from `schools` where `id`='$selected_id'", $eo);
82 $id = db_fetch_row($res);
83 $rires = sql("select count(1) from `departments` where `school`='".addslashes($id[0])."'", $eo);
84 $rirow = db_fetch_row($rires);
85 if($rirow[0] && !$AllowDeleteOfParents && !$skipChecks){
86 $RetMsg = $Translation["couldn't delete"];
87 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
88 $RetMsg = str_replace("<TableName>", "departments", $RetMsg);
89 return $RetMsg;
90 }elseif($rirow[0] && $AllowDeleteOfParents && !$skipChecks){
91 $RetMsg = $Translation["confirm delete"];
92 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
93 $RetMsg = str_replace("<TableName>", "departments", $RetMsg);
94 $RetMsg = str_replace("<Delete>", "<input type=\"button\" class=\"button\" value=\"".$Translation['yes']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."&delete_x=1&confirmed=1';\">", $RetMsg);
95 $RetMsg = str_replace("<Cancel>", "<input type=\"button\" class=\"button\" value=\"".$Translation['no']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."';\">", $RetMsg);
96 return $RetMsg;
97 }
98
99 // child table: class_time_table
100 $res = sql("select `id` from `schools` where `id`='$selected_id'", $eo);
101 $id = db_fetch_row($res);
102 $rires = sql("select count(1) from `class_time_table` where `school`='".addslashes($id[0])."'", $eo);
103 $rirow = db_fetch_row($rires);
104 if($rirow[0] && !$AllowDeleteOfParents && !$skipChecks){
105 $RetMsg = $Translation["couldn't delete"];
106 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
107 $RetMsg = str_replace("<TableName>", "class_time_table", $RetMsg);
108 return $RetMsg;
109 }elseif($rirow[0] && $AllowDeleteOfParents && !$skipChecks){
110 $RetMsg = $Translation["confirm delete"];
111 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
112 $RetMsg = str_replace("<TableName>", "class_time_table", $RetMsg);
113 $RetMsg = str_replace("<Delete>", "<input type=\"button\" class=\"button\" value=\"".$Translation['yes']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."&delete_x=1&confirmed=1';\">", $RetMsg);
114 $RetMsg = str_replace("<Cancel>", "<input type=\"button\" class=\"button\" value=\"".$Translation['no']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."';\">", $RetMsg);
115 return $RetMsg;
116 }
117
118 // child table: exam_time_table
119 $res = sql("select `id` from `schools` where `id`='$selected_id'", $eo);
120 $id = db_fetch_row($res);
121 $rires = sql("select count(1) from `exam_time_table` where `school`='".addslashes($id[0])."'", $eo);
122 $rirow = db_fetch_row($rires);
123 if($rirow[0] && !$AllowDeleteOfParents && !$skipChecks){
124 $RetMsg = $Translation["couldn't delete"];
125 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
126 $RetMsg = str_replace("<TableName>", "exam_time_table", $RetMsg);
127 return $RetMsg;
128 }elseif($rirow[0] && $AllowDeleteOfParents && !$skipChecks){
129 $RetMsg = $Translation["confirm delete"];
130 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
131 $RetMsg = str_replace("<TableName>", "exam_time_table", $RetMsg);
132 $RetMsg = str_replace("<Delete>", "<input type=\"button\" class=\"button\" value=\"".$Translation['yes']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."&delete_x=1&confirmed=1';\">", $RetMsg);
133 $RetMsg = str_replace("<Cancel>", "<input type=\"button\" class=\"button\" value=\"".$Translation['no']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."';\">", $RetMsg);
134 return $RetMsg;
135 }
136
137 // child table: student_details
138 $res = sql("select `id` from `schools` where `id`='$selected_id'", $eo);
139 $id = db_fetch_row($res);
140 $rires = sql("select count(1) from `student_details` where `school`='".addslashes($id[0])."'", $eo);
141 $rirow = db_fetch_row($rires);
142 if($rirow[0] && !$AllowDeleteOfParents && !$skipChecks){
143 $RetMsg = $Translation["couldn't delete"];
144 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
145 $RetMsg = str_replace("<TableName>", "student_details", $RetMsg);
146 return $RetMsg;
147 }elseif($rirow[0] && $AllowDeleteOfParents && !$skipChecks){
148 $RetMsg = $Translation["confirm delete"];
149 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
150 $RetMsg = str_replace("<TableName>", "student_details", $RetMsg);
151 $RetMsg = str_replace("<Delete>", "<input type=\"button\" class=\"button\" value=\"".$Translation['yes']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."&delete_x=1&confirmed=1';\">", $RetMsg);
152 $RetMsg = str_replace("<Cancel>", "<input type=\"button\" class=\"button\" value=\"".$Translation['no']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."';\">", $RetMsg);
153 return $RetMsg;
154 }
155
156 // child table: notices
157 $res = sql("select `id` from `schools` where `id`='$selected_id'", $eo);
158 $id = db_fetch_row($res);
159 $rires = sql("select count(1) from `notices` where `school`='".addslashes($id[0])."'", $eo);
160 $rirow = db_fetch_row($rires);
161 if($rirow[0] && !$AllowDeleteOfParents && !$skipChecks){
162 $RetMsg = $Translation["couldn't delete"];
163 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
164 $RetMsg = str_replace("<TableName>", "notices", $RetMsg);
165 return $RetMsg;
166 }elseif($rirow[0] && $AllowDeleteOfParents && !$skipChecks){
167 $RetMsg = $Translation["confirm delete"];
168 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
169 $RetMsg = str_replace("<TableName>", "notices", $RetMsg);
170 $RetMsg = str_replace("<Delete>", "<input type=\"button\" class=\"button\" value=\"".$Translation['yes']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."&delete_x=1&confirmed=1';\">", $RetMsg);
171 $RetMsg = str_replace("<Cancel>", "<input type=\"button\" class=\"button\" value=\"".$Translation['no']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."';\">", $RetMsg);
172 return $RetMsg;
173 }
174
175 sql("delete from `schools` where `id`='$selected_id'", $eo);
176
177 // hook: schools_after_delete
178 if(function_exists('schools_after_delete')){
179 $args=array();
180 schools_after_delete($selected_id, getMemberInfo(), $args);
181 }
182
183 // mm: delete ownership data
184 sql("delete from membership_userrecords where tableName='schools' and pkValue='$selected_id'", $eo);
185 }
186
187 function schools_update($selected_id){
188 global $Translation;
189
190 // mm: can member edit record?
191 $arrPerm=getTablePermissions('schools');
192 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='schools' and pkValue='".makeSafe($selected_id)."'");
193 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='schools' and pkValue='".makeSafe($selected_id)."'");
194 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){ // allow update?
195 // update allowed, so continue ...
196 }else{
197 return false;
198 }
199
200 $data['name'] = makeSafe($_REQUEST['name']);
201 if($data['name'] == empty_lookup_value){ $data['name'] = ''; }
202 if($data['name']==''){
203 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Name': {$Translation['field not null']}<br><br>";
204 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
205 exit;
206 }
207 $data['selectedID']=makeSafe($selected_id);
208
209 // hook: schools_before_update
210 if(function_exists('schools_before_update')){
211 $args=array();
212 if(!schools_before_update($data, getMemberInfo(), $args)){ return false; }
213 }
214
215 $o=array('silentErrors' => true);
216 sql('update `schools` set `name`=' . (($data['name'] !== '' && $data['name'] !== NULL) ? "'{$data['name']}'" : 'NULL') . " where `id`='".makeSafe($selected_id)."'", $o);
217 if($o['error']!=''){
218 echo $o['error'];
219 echo '<a href="schools_view.php?SelectedID='.urlencode($selected_id)."\">{$Translation['< back']}</a>";
220 exit;
221 }
222
223
224 // hook: schools_after_update
225 if(function_exists('schools_after_update')){
226 $res = sql("SELECT * FROM `schools` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
227 if($row = db_fetch_assoc($res)){
228 $data = array_map('makeSafe', $row);
229 }
230 $data['selectedID'] = $data['id'];
231 $args = array();
232 if(!schools_after_update($data, getMemberInfo(), $args)){ return; }
233 }
234
235 // mm: update ownership data
236 sql("update membership_userrecords set dateUpdated='".time()."' where tableName='schools' and pkValue='".makeSafe($selected_id)."'", $eo);
237
238 }
239
240 function schools_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0, $TemplateDV = '', $TemplateDVP = ''){
241 // function to return an editable form for a table records
242 // and fill it with data of record whose ID is $selected_id. If $selected_id
243 // is empty, an empty form is shown, with only an 'Add New'
244 // button displayed.
245
246 global $Translation;
247
248 // mm: get table permissions
249 $arrPerm=getTablePermissions('schools');
250 if(!$arrPerm[1] && $selected_id==''){ return ''; }
251 $AllowInsert = ($arrPerm[1] ? true : false);
252 // print preview?
253 $dvprint = false;
254 if($selected_id && $_REQUEST['dvprint_x'] != ''){
255 $dvprint = true;
256 }
257
258
259 // populate filterers, starting from children to grand-parents
260
261 // unique random identifier
262 $rnd1 = ($dvprint ? rand(1000000, 9999999) : '');
263
264 if($selected_id){
265 // mm: check member permissions
266 if(!$arrPerm[2]){
267 return "";
268 }
269 // mm: who is the owner?
270 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='schools' and pkValue='".makeSafe($selected_id)."'");
271 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='schools' and pkValue='".makeSafe($selected_id)."'");
272 if($arrPerm[2]==1 && getLoggedMemberID()!=$ownerMemberID){
273 return "";
274 }
275 if($arrPerm[2]==2 && getLoggedGroupID()!=$ownerGroupID){
276 return "";
277 }
278
279 // can edit?
280 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){
281 $AllowUpdate=1;
282 }else{
283 $AllowUpdate=0;
284 }
285
286 $res = sql("select * from `schools` where `id`='".makeSafe($selected_id)."'", $eo);
287 if(!($row = db_fetch_array($res))){
288 return error_message($Translation['No records found'], 'schools_view.php', false);
289 }
290 $urow = $row; /* unsanitized data */
291 $hc = new CI_Input();
292 $row = $hc->xss_clean($row); /* sanitize data */
293 }else{
294 }
295
296 // code for template based detail view forms
297
298 // open the detail view template
299 if($dvprint){
300 $template_file = is_file("./{$TemplateDVP}") ? "./{$TemplateDVP}" : './templates/schools_templateDVP.html';
301 $templateCode = @file_get_contents($template_file);
302 }else{
303 $template_file = is_file("./{$TemplateDV}") ? "./{$TemplateDV}" : './templates/schools_templateDV.html';
304 $templateCode = @file_get_contents($template_file);
305 }
306
307 // process form title
308 $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Chi tiết Lá»›p há»c', $templateCode);
309 $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
310 $templateCode = str_replace('<%%EMBEDDED%%>', ($_REQUEST['Embedded'] ? 'Embedded=1' : ''), $templateCode);
311 // process buttons
312 if($AllowInsert){
313 if(!$selected_id) $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return schools_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
314 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return schools_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
315 }else{
316 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
317 }
318
319 // 'Back' button action
320 if($_REQUEST['Embedded']){
321 $backAction = 'AppGini.closeParentModal(); return false;';
322 }else{
323 $backAction = '$j(\'form\').eq(0).attr(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
324 }
325
326 if($selected_id){
327 if(!$_REQUEST['Embedded']) $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;" title="' . html_attr($Translation['Print Preview']) . '"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
328 if($AllowUpdate){
329 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return schools_validateData();" title="' . html_attr($Translation['Save Changes']) . '"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
330 }else{
331 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
332 }
333 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
334 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');" title="' . html_attr($Translation['Delete']) . '"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
335 }else{
336 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
337 }
338 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
339 }else{
340 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
341 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
342 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', ($ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : ''), $templateCode);
343 }
344
345 // set records to read only if user can't insert new records and can't edit current record
346 if(($selected_id && !$AllowUpdate && !$AllowInsert) || (!$selected_id && !$AllowInsert)){
347 $jsReadOnly .= "\tjQuery('#name').replaceWith('<div class=\"form-control-static\" id=\"name\">' + (jQuery('#name').val() || '') + '</div>');\n";
348 $jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
349
350 $noUploads = true;
351 }elseif($AllowInsert){
352 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler
353 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler
354 }
355
356 // process combos
357
358 /* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
359 $lookup_fields = array();
360 foreach($lookup_fields as $luf => $ptfc){
361 $pt_perm = getTablePermissions($ptfc[0]);
362
363 // process foreign key links
364 if($pt_perm['view'] || $pt_perm['edit']){
365 $templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-md" id="' . $ptfc[0] . '_view_parent" title="' . html_attr($Translation['View'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
366 }
367
368 // if user has insert permission to parent table of a lookup field, put an add new button
369 if($pt_perm['insert'] && !$_REQUEST['Embedded']){
370 $templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent hspacer-md" id="' . $ptfc[0] . '_add_new" title="' . html_attr($Translation['Add New'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
371 }
372 }
373
374 // process images
375 $templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
376 $templateCode = str_replace('<%%UPLOADFILE(name)%%>', '', $templateCode);
377
378 // process values
379 if($selected_id){
380 if( $dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', safe_html($urow['id']), $templateCode);
381 if(!$dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', html_attr($row['id']), $templateCode);
382 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode);
383 if( $dvprint) $templateCode = str_replace('<%%VALUE(name)%%>', safe_html($urow['name']), $templateCode);
384 if(!$dvprint) $templateCode = str_replace('<%%VALUE(name)%%>', html_attr($row['name']), $templateCode);
385 $templateCode = str_replace('<%%URLVALUE(name)%%>', urlencode($urow['name']), $templateCode);
386 }else{
387 $templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode);
388 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode);
389 $templateCode = str_replace('<%%VALUE(name)%%>', '', $templateCode);
390 $templateCode = str_replace('<%%URLVALUE(name)%%>', urlencode(''), $templateCode);
391 }
392
393 // process translations
394 foreach($Translation as $symbol=>$trans){
395 $templateCode = str_replace("<%%TRANSLATION($symbol)%%>", $trans, $templateCode);
396 }
397
398 // clear scrap
399 $templateCode = str_replace('<%%', '<!-- ', $templateCode);
400 $templateCode = str_replace('%%>', ' -->', $templateCode);
401
402 // hide links to inaccessible tables
403 if($_REQUEST['dvprint_x'] == ''){
404 $templateCode .= "\n\n<script>\$j(function(){\n";
405 $arrTables = getTableList();
406 foreach($arrTables as $name => $caption){
407 $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
408 $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
409 }
410
411 $templateCode .= $jsReadOnly;
412 $templateCode .= $jsEditable;
413
414 if(!$selected_id){
415 }
416
417 $templateCode.="\n});</script>\n";
418 }
419
420 // ajaxed auto-fill fields
421 $templateCode .= '<script>';
422 $templateCode .= '$j(function() {';
423
424
425 $templateCode.="});";
426 $templateCode.="</script>";
427 $templateCode .= $lookups;
428
429 // handle enforced parent values for read-only lookup fields
430
431 // don't include blank images in lightbox gallery
432 $templateCode = preg_replace('/blank.gif" data-lightbox=".*?"/', 'blank.gif"', $templateCode);
433
434 // don't display empty email links
435 $templateCode=preg_replace('/<a .*?href="mailto:".*?<\/a>/', '', $templateCode);
436
437 /* default field values */
438 $rdata = $jdata = get_defaults('schools');
439 if($selected_id){
440 $jdata = get_joined_record('schools', $selected_id);
441 if($jdata === false) $jdata = get_defaults('schools');
442 $rdata = $row;
443 }
444 $templateCode .= loadView('schools-ajax-cache', array('rdata' => $rdata, 'jdata' => $jdata));
445
446 // hook: schools_dv
447 if(function_exists('schools_dv')){
448 $args=array();
449 schools_dv(($selected_id ? $selected_id : FALSE), getMemberInfo(), $templateCode, $args);
450 }
451
452 return $templateCode;
453 }
454 ?>
2
3 // Data functions (insert, update, delete, form) for table schools
4
5 // This script and data application were generated by AppGini 5.72
6 // Download AppGini for free from https://bigprof.com/appgini/download/
7
8 function schools_insert(){
9 global $Translation;
10
11 // mm: can member insert record?
12 $arrPerm=getTablePermissions('schools');
13 if(!$arrPerm[1]){
14 return false;
15 }
16
17 $data['name'] = makeSafe($_REQUEST['name']);
18 if($data['name'] == empty_lookup_value){ $data['name'] = ''; }
19 if($data['name']== ''){
20 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Name': " . $Translation['field not null'] . '<br><br>';
21 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
22 exit;
23 }
24
25 // hook: schools_before_insert
26 if(function_exists('schools_before_insert')){
27 $args=array();
28 if(!schools_before_insert($data, getMemberInfo(), $args)){ return false; }
29 }
30
31 $o = array('silentErrors' => true);
32 sql('insert into `schools` set `name`=' . (($data['name'] !== '' && $data['name'] !== NULL) ? "'{$data['name']}'" : 'NULL'), $o);
33 if($o['error']!=''){
34 echo $o['error'];
35 echo "<a href=\"schools_view.php?addNew_x=1\">{$Translation['< back']}</a>";
36 exit;
37 }
38
39 $recID = db_insert_id(db_link());
40
41 // hook: schools_after_insert
42 if(function_exists('schools_after_insert')){
43 $res = sql("select * from `schools` where `id`='" . makeSafe($recID, false) . "' limit 1", $eo);
44 if($row = db_fetch_assoc($res)){
45 $data = array_map('makeSafe', $row);
46 }
47 $data['selectedID'] = makeSafe($recID, false);
48 $args=array();
49 if(!schools_after_insert($data, getMemberInfo(), $args)){ return $recID; }
50 }
51
52 // mm: save ownership data
53 set_record_owner('schools', $recID, getLoggedMemberID());
54
55 return $recID;
56 }
57
58 function schools_delete($selected_id, $AllowDeleteOfParents=false, $skipChecks=false){
59 // insure referential integrity ...
60 global $Translation;
61 $selected_id=makeSafe($selected_id);
62
63 // mm: can member delete record?
64 $arrPerm=getTablePermissions('schools');
65 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='schools' and pkValue='$selected_id'");
66 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='schools' and pkValue='$selected_id'");
67 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
68 // delete allowed, so continue ...
69 }else{
70 return $Translation['You don\'t have enough permissions to delete this record'];
71 }
72
73 // hook: schools_before_delete
74 if(function_exists('schools_before_delete')){
75 $args=array();
76 if(!schools_before_delete($selected_id, $skipChecks, getMemberInfo(), $args))
77 return $Translation['Couldn\'t delete this record'];
78 }
79
80 // child table: departments
81 $res = sql("select `id` from `schools` where `id`='$selected_id'", $eo);
82 $id = db_fetch_row($res);
83 $rires = sql("select count(1) from `departments` where `school`='".addslashes($id[0])."'", $eo);
84 $rirow = db_fetch_row($rires);
85 if($rirow[0] && !$AllowDeleteOfParents && !$skipChecks){
86 $RetMsg = $Translation["couldn't delete"];
87 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
88 $RetMsg = str_replace("<TableName>", "departments", $RetMsg);
89 return $RetMsg;
90 }elseif($rirow[0] && $AllowDeleteOfParents && !$skipChecks){
91 $RetMsg = $Translation["confirm delete"];
92 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
93 $RetMsg = str_replace("<TableName>", "departments", $RetMsg);
94 $RetMsg = str_replace("<Delete>", "<input type=\"button\" class=\"button\" value=\"".$Translation['yes']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."&delete_x=1&confirmed=1';\">", $RetMsg);
95 $RetMsg = str_replace("<Cancel>", "<input type=\"button\" class=\"button\" value=\"".$Translation['no']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."';\">", $RetMsg);
96 return $RetMsg;
97 }
98
99 // child table: class_time_table
100 $res = sql("select `id` from `schools` where `id`='$selected_id'", $eo);
101 $id = db_fetch_row($res);
102 $rires = sql("select count(1) from `class_time_table` where `school`='".addslashes($id[0])."'", $eo);
103 $rirow = db_fetch_row($rires);
104 if($rirow[0] && !$AllowDeleteOfParents && !$skipChecks){
105 $RetMsg = $Translation["couldn't delete"];
106 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
107 $RetMsg = str_replace("<TableName>", "class_time_table", $RetMsg);
108 return $RetMsg;
109 }elseif($rirow[0] && $AllowDeleteOfParents && !$skipChecks){
110 $RetMsg = $Translation["confirm delete"];
111 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
112 $RetMsg = str_replace("<TableName>", "class_time_table", $RetMsg);
113 $RetMsg = str_replace("<Delete>", "<input type=\"button\" class=\"button\" value=\"".$Translation['yes']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."&delete_x=1&confirmed=1';\">", $RetMsg);
114 $RetMsg = str_replace("<Cancel>", "<input type=\"button\" class=\"button\" value=\"".$Translation['no']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."';\">", $RetMsg);
115 return $RetMsg;
116 }
117
118 // child table: exam_time_table
119 $res = sql("select `id` from `schools` where `id`='$selected_id'", $eo);
120 $id = db_fetch_row($res);
121 $rires = sql("select count(1) from `exam_time_table` where `school`='".addslashes($id[0])."'", $eo);
122 $rirow = db_fetch_row($rires);
123 if($rirow[0] && !$AllowDeleteOfParents && !$skipChecks){
124 $RetMsg = $Translation["couldn't delete"];
125 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
126 $RetMsg = str_replace("<TableName>", "exam_time_table", $RetMsg);
127 return $RetMsg;
128 }elseif($rirow[0] && $AllowDeleteOfParents && !$skipChecks){
129 $RetMsg = $Translation["confirm delete"];
130 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
131 $RetMsg = str_replace("<TableName>", "exam_time_table", $RetMsg);
132 $RetMsg = str_replace("<Delete>", "<input type=\"button\" class=\"button\" value=\"".$Translation['yes']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."&delete_x=1&confirmed=1';\">", $RetMsg);
133 $RetMsg = str_replace("<Cancel>", "<input type=\"button\" class=\"button\" value=\"".$Translation['no']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."';\">", $RetMsg);
134 return $RetMsg;
135 }
136
137 // child table: student_details
138 $res = sql("select `id` from `schools` where `id`='$selected_id'", $eo);
139 $id = db_fetch_row($res);
140 $rires = sql("select count(1) from `student_details` where `school`='".addslashes($id[0])."'", $eo);
141 $rirow = db_fetch_row($rires);
142 if($rirow[0] && !$AllowDeleteOfParents && !$skipChecks){
143 $RetMsg = $Translation["couldn't delete"];
144 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
145 $RetMsg = str_replace("<TableName>", "student_details", $RetMsg);
146 return $RetMsg;
147 }elseif($rirow[0] && $AllowDeleteOfParents && !$skipChecks){
148 $RetMsg = $Translation["confirm delete"];
149 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
150 $RetMsg = str_replace("<TableName>", "student_details", $RetMsg);
151 $RetMsg = str_replace("<Delete>", "<input type=\"button\" class=\"button\" value=\"".$Translation['yes']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."&delete_x=1&confirmed=1';\">", $RetMsg);
152 $RetMsg = str_replace("<Cancel>", "<input type=\"button\" class=\"button\" value=\"".$Translation['no']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."';\">", $RetMsg);
153 return $RetMsg;
154 }
155
156 // child table: notices
157 $res = sql("select `id` from `schools` where `id`='$selected_id'", $eo);
158 $id = db_fetch_row($res);
159 $rires = sql("select count(1) from `notices` where `school`='".addslashes($id[0])."'", $eo);
160 $rirow = db_fetch_row($rires);
161 if($rirow[0] && !$AllowDeleteOfParents && !$skipChecks){
162 $RetMsg = $Translation["couldn't delete"];
163 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
164 $RetMsg = str_replace("<TableName>", "notices", $RetMsg);
165 return $RetMsg;
166 }elseif($rirow[0] && $AllowDeleteOfParents && !$skipChecks){
167 $RetMsg = $Translation["confirm delete"];
168 $RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
169 $RetMsg = str_replace("<TableName>", "notices", $RetMsg);
170 $RetMsg = str_replace("<Delete>", "<input type=\"button\" class=\"button\" value=\"".$Translation['yes']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."&delete_x=1&confirmed=1';\">", $RetMsg);
171 $RetMsg = str_replace("<Cancel>", "<input type=\"button\" class=\"button\" value=\"".$Translation['no']."\" onClick=\"window.location='schools_view.php?SelectedID=".urlencode($selected_id)."';\">", $RetMsg);
172 return $RetMsg;
173 }
174
175 sql("delete from `schools` where `id`='$selected_id'", $eo);
176
177 // hook: schools_after_delete
178 if(function_exists('schools_after_delete')){
179 $args=array();
180 schools_after_delete($selected_id, getMemberInfo(), $args);
181 }
182
183 // mm: delete ownership data
184 sql("delete from membership_userrecords where tableName='schools' and pkValue='$selected_id'", $eo);
185 }
186
187 function schools_update($selected_id){
188 global $Translation;
189
190 // mm: can member edit record?
191 $arrPerm=getTablePermissions('schools');
192 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='schools' and pkValue='".makeSafe($selected_id)."'");
193 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='schools' and pkValue='".makeSafe($selected_id)."'");
194 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){ // allow update?
195 // update allowed, so continue ...
196 }else{
197 return false;
198 }
199
200 $data['name'] = makeSafe($_REQUEST['name']);
201 if($data['name'] == empty_lookup_value){ $data['name'] = ''; }
202 if($data['name']==''){
203 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Name': {$Translation['field not null']}<br><br>";
204 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
205 exit;
206 }
207 $data['selectedID']=makeSafe($selected_id);
208
209 // hook: schools_before_update
210 if(function_exists('schools_before_update')){
211 $args=array();
212 if(!schools_before_update($data, getMemberInfo(), $args)){ return false; }
213 }
214
215 $o=array('silentErrors' => true);
216 sql('update `schools` set `name`=' . (($data['name'] !== '' && $data['name'] !== NULL) ? "'{$data['name']}'" : 'NULL') . " where `id`='".makeSafe($selected_id)."'", $o);
217 if($o['error']!=''){
218 echo $o['error'];
219 echo '<a href="schools_view.php?SelectedID='.urlencode($selected_id)."\">{$Translation['< back']}</a>";
220 exit;
221 }
222
223
224 // hook: schools_after_update
225 if(function_exists('schools_after_update')){
226 $res = sql("SELECT * FROM `schools` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
227 if($row = db_fetch_assoc($res)){
228 $data = array_map('makeSafe', $row);
229 }
230 $data['selectedID'] = $data['id'];
231 $args = array();
232 if(!schools_after_update($data, getMemberInfo(), $args)){ return; }
233 }
234
235 // mm: update ownership data
236 sql("update membership_userrecords set dateUpdated='".time()."' where tableName='schools' and pkValue='".makeSafe($selected_id)."'", $eo);
237
238 }
239
240 function schools_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0, $TemplateDV = '', $TemplateDVP = ''){
241 // function to return an editable form for a table records
242 // and fill it with data of record whose ID is $selected_id. If $selected_id
243 // is empty, an empty form is shown, with only an 'Add New'
244 // button displayed.
245
246 global $Translation;
247
248 // mm: get table permissions
249 $arrPerm=getTablePermissions('schools');
250 if(!$arrPerm[1] && $selected_id==''){ return ''; }
251 $AllowInsert = ($arrPerm[1] ? true : false);
252 // print preview?
253 $dvprint = false;
254 if($selected_id && $_REQUEST['dvprint_x'] != ''){
255 $dvprint = true;
256 }
257
258
259 // populate filterers, starting from children to grand-parents
260
261 // unique random identifier
262 $rnd1 = ($dvprint ? rand(1000000, 9999999) : '');
263
264 if($selected_id){
265 // mm: check member permissions
266 if(!$arrPerm[2]){
267 return "";
268 }
269 // mm: who is the owner?
270 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='schools' and pkValue='".makeSafe($selected_id)."'");
271 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='schools' and pkValue='".makeSafe($selected_id)."'");
272 if($arrPerm[2]==1 && getLoggedMemberID()!=$ownerMemberID){
273 return "";
274 }
275 if($arrPerm[2]==2 && getLoggedGroupID()!=$ownerGroupID){
276 return "";
277 }
278
279 // can edit?
280 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){
281 $AllowUpdate=1;
282 }else{
283 $AllowUpdate=0;
284 }
285
286 $res = sql("select * from `schools` where `id`='".makeSafe($selected_id)."'", $eo);
287 if(!($row = db_fetch_array($res))){
288 return error_message($Translation['No records found'], 'schools_view.php', false);
289 }
290 $urow = $row; /* unsanitized data */
291 $hc = new CI_Input();
292 $row = $hc->xss_clean($row); /* sanitize data */
293 }else{
294 }
295
296 // code for template based detail view forms
297
298 // open the detail view template
299 if($dvprint){
300 $template_file = is_file("./{$TemplateDVP}") ? "./{$TemplateDVP}" : './templates/schools_templateDVP.html';
301 $templateCode = @file_get_contents($template_file);
302 }else{
303 $template_file = is_file("./{$TemplateDV}") ? "./{$TemplateDV}" : './templates/schools_templateDV.html';
304 $templateCode = @file_get_contents($template_file);
305 }
306
307 // process form title
308 $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Chi tiết Lá»›p há»c', $templateCode);
309 $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
310 $templateCode = str_replace('<%%EMBEDDED%%>', ($_REQUEST['Embedded'] ? 'Embedded=1' : ''), $templateCode);
311 // process buttons
312 if($AllowInsert){
313 if(!$selected_id) $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return schools_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
314 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return schools_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
315 }else{
316 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
317 }
318
319 // 'Back' button action
320 if($_REQUEST['Embedded']){
321 $backAction = 'AppGini.closeParentModal(); return false;';
322 }else{
323 $backAction = '$j(\'form\').eq(0).attr(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
324 }
325
326 if($selected_id){
327 if(!$_REQUEST['Embedded']) $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;" title="' . html_attr($Translation['Print Preview']) . '"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
328 if($AllowUpdate){
329 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return schools_validateData();" title="' . html_attr($Translation['Save Changes']) . '"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
330 }else{
331 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
332 }
333 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
334 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');" title="' . html_attr($Translation['Delete']) . '"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
335 }else{
336 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
337 }
338 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
339 }else{
340 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
341 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
342 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', ($ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : ''), $templateCode);
343 }
344
345 // set records to read only if user can't insert new records and can't edit current record
346 if(($selected_id && !$AllowUpdate && !$AllowInsert) || (!$selected_id && !$AllowInsert)){
347 $jsReadOnly .= "\tjQuery('#name').replaceWith('<div class=\"form-control-static\" id=\"name\">' + (jQuery('#name').val() || '') + '</div>');\n";
348 $jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
349
350 $noUploads = true;
351 }elseif($AllowInsert){
352 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler
353 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler
354 }
355
356 // process combos
357
358 /* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
359 $lookup_fields = array();
360 foreach($lookup_fields as $luf => $ptfc){
361 $pt_perm = getTablePermissions($ptfc[0]);
362
363 // process foreign key links
364 if($pt_perm['view'] || $pt_perm['edit']){
365 $templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-md" id="' . $ptfc[0] . '_view_parent" title="' . html_attr($Translation['View'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
366 }
367
368 // if user has insert permission to parent table of a lookup field, put an add new button
369 if($pt_perm['insert'] && !$_REQUEST['Embedded']){
370 $templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent hspacer-md" id="' . $ptfc[0] . '_add_new" title="' . html_attr($Translation['Add New'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
371 }
372 }
373
374 // process images
375 $templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
376 $templateCode = str_replace('<%%UPLOADFILE(name)%%>', '', $templateCode);
377
378 // process values
379 if($selected_id){
380 if( $dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', safe_html($urow['id']), $templateCode);
381 if(!$dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', html_attr($row['id']), $templateCode);
382 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode);
383 if( $dvprint) $templateCode = str_replace('<%%VALUE(name)%%>', safe_html($urow['name']), $templateCode);
384 if(!$dvprint) $templateCode = str_replace('<%%VALUE(name)%%>', html_attr($row['name']), $templateCode);
385 $templateCode = str_replace('<%%URLVALUE(name)%%>', urlencode($urow['name']), $templateCode);
386 }else{
387 $templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode);
388 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode);
389 $templateCode = str_replace('<%%VALUE(name)%%>', '', $templateCode);
390 $templateCode = str_replace('<%%URLVALUE(name)%%>', urlencode(''), $templateCode);
391 }
392
393 // process translations
394 foreach($Translation as $symbol=>$trans){
395 $templateCode = str_replace("<%%TRANSLATION($symbol)%%>", $trans, $templateCode);
396 }
397
398 // clear scrap
399 $templateCode = str_replace('<%%', '<!-- ', $templateCode);
400 $templateCode = str_replace('%%>', ' -->', $templateCode);
401
402 // hide links to inaccessible tables
403 if($_REQUEST['dvprint_x'] == ''){
404 $templateCode .= "\n\n<script>\$j(function(){\n";
405 $arrTables = getTableList();
406 foreach($arrTables as $name => $caption){
407 $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
408 $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
409 }
410
411 $templateCode .= $jsReadOnly;
412 $templateCode .= $jsEditable;
413
414 if(!$selected_id){
415 }
416
417 $templateCode.="\n});</script>\n";
418 }
419
420 // ajaxed auto-fill fields
421 $templateCode .= '<script>';
422 $templateCode .= '$j(function() {';
423
424
425 $templateCode.="});";
426 $templateCode.="</script>";
427 $templateCode .= $lookups;
428
429 // handle enforced parent values for read-only lookup fields
430
431 // don't include blank images in lightbox gallery
432 $templateCode = preg_replace('/blank.gif" data-lightbox=".*?"/', 'blank.gif"', $templateCode);
433
434 // don't display empty email links
435 $templateCode=preg_replace('/<a .*?href="mailto:".*?<\/a>/', '', $templateCode);
436
437 /* default field values */
438 $rdata = $jdata = get_defaults('schools');
439 if($selected_id){
440 $jdata = get_joined_record('schools', $selected_id);
441 if($jdata === false) $jdata = get_defaults('schools');
442 $rdata = $row;
443 }
444 $templateCode .= loadView('schools-ajax-cache', array('rdata' => $rdata, 'jdata' => $jdata));
445
446 // hook: schools_dv
447 if(function_exists('schools_dv')){
448 $args=array();
449 schools_dv(($selected_id ? $selected_id : FALSE), getMemberInfo(), $templateCode, $args);
450 }
451
452 return $templateCode;
453 }
454 ?>