Rev 2343 | Blame | Compare with Previous | Last modification | View Log
<?phprequire_once('../lib/functions.php');if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))include_once("../lib/sql/drivers/$config[sql_type]/functions.php");else{echo "<b>Could not include SQL library</b><br>\n";exit();}if ($config['sql_use_operators'] == 'true'){$use_ops=1;$text1 = 'AND op =';$text2 = ',op';}$link = da_sql_pconnect($config);if ($link){foreach($show_attrs as $key => $desc){if ($attrmap["$key"] == 'none')continue;if ($attrmap["$key"] == ''){$attrmap["$key"] = $key;$attr_type["key"] = 'replyItem';$rev_attrmap["$key"] = $key;}$i = 0;$j = -1;$name = $attrmap["$key"] . $i;while(isset($$name)){$val=$$name;$op_name = $name . '_op';$i++;$j++;$name = $attrmap["$key"] . $i;$sql_attr=$attrmap["$key"];$query_key = ($user_type == 'group') ? 'groupname' : 'username';if (isset($attr_type["$key"]) && $attr_type["$key"] == 'checkItem'){$table = ($user_type == 'group') ? $config['sql_groupcheck_table'] : $config['sql_check_table'];$type = 1;}else if (isset($attr_type["$key"]) && $attr_type["$key"] == 'replyItem'){$table = ($user_type == 'group') ? $config['sql_groupreply_table'] : $config['sql_reply_table'];$type = 2;}if ($use_ops){$op_val = $$op_name;if ($op_val != ''){$op_val = da_sql_escape_string($link, $op_val);if (check_operator($op_val,$type) == -1){echo "<b>Invalid operator ($op_val) for attribute $key</b><br>\n";continue;}$op_val2 = ",'$op_val'";}}$sql_attr = da_sql_escape_string($link, $sql_attr);$val = da_sql_escape_string($link, $val);// if we have operators, the operator has changed and the corresponding value exists then updateif ($key != "Filter-Id" && $use_ops && isset($item_vals["$key"]['operator'][$j]) &&$op_val != $item_vals["$key"]['operator'][$j] ){$res = da_sql_query($link,$config,"UPDATE $table SET op = '$op_val' WHERE $query_key = '$login'AND attribute = '$sql_attr' AND value = '$val';");if (!$res || !da_sql_affected_rows($link,$res,$config))echo "<b>Operator change failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";}$chkdef = (isset($default_vals["$key"])) ? check_defaults($val,$op_val,$default_vals["$key"]) : 0;// if value is the same as that in the sql database do nothingif (isset($item_vals["$key"]) && $val == $item_vals["$key"][$j])continue;// if value is null or equals the default value and corresponding value exists then deleteelse if ( isset($member_groups) && ($chkdef || $val == '' || ($sql_attr == "Filter-Id" && $val == "None")) && isset($item_vals["$key"][$j])){$res = da_sql_query($link,$config,"DELETE FROM $table WHERE $query_key = '$login' AND attribute = '$sql_attr';");if (!$res || !da_sql_affected_rows($link,$res,$config))echo "<b>Delete failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";}// if value is null or equals the default value then don't add itelse if (isset($default_vals["$key"]) && ($val == '' || check_defaults($val,$op_val,$default_vals["$key"])))continue;// if value differs from the sql value then updateelse{if (isset($item_vals["$key"][$j]) && (isset($old_val) && $old_val !='') && $sql_attr=='Filter-Id'){$old_val = $item_vals["$key"][$j];$old_val = da_sql_escape_string($link, $old_val);// we keep the fourth bit of Filter-Id to warn user about administrator who read imputability logs.$val[3] = $old_val[3];$res = da_sql_query($link,$config,"UPDATE $table SET value = '$val' WHERE $query_key = '$login' ANDattribute = '$sql_attr' AND value = '$old_val';");// if filter-id does not exit, we create it (ALCASAR 2.9.2 DDB)if (!$res || !da_sql_affected_rows($link,$res,$config))$res = da_sql_query($link,$config,"INSERT INTO $table ($query_key,attribute,value $text2) VALUES ('$login','$sql_attr','00000000', ':=');");if (!$res || !da_sql_affected_rows($link,$res,$config))echo "<b>Change failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";}else{if($val != ''){if (isset($item_vals["$key"][$j])) {$old_val = $item_vals["$key"][$j];$old_val = da_sql_escape_string($link, $old_val);$res = da_sql_query($link,$config,"UPDATE $table SET value = '$val' WHERE $query_key = '$login' ANDattribute = '$sql_attr' AND value = '$old_val';");} else {$res = null;}// if attribute does not exist, we create it.if (!$res || !da_sql_affected_rows($link,$res,$config))$res = da_sql_query($link,$config,"INSERT INTO $table ($query_key,attribute,value $text2) VALUES ('$login','$sql_attr','$val' $op_val2);");if (!$res || !da_sql_affected_rows($link,$res,$config))echo "<b>Change failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";}else if (isset($item_vals["$key"][$j])) {// if value is empty, we delete this attribute$old_val = $item_vals["$key"][$j];$old_val = da_sql_escape_string($link, $old_val);if(!empty($old_val))$res = da_sql_query($link,$config,"DELETE FROM $table WHERE $query_key = '$login' AND attribute = '$sql_attr' AND value = '$old_val';");}}}}}}elseecho "<b>Could not connect to SQL database</b><br>\n";