Location: PHPKode > projects > Clinical Handover Database > output/users_add.php
<?php 
ini_set("display_errors","1");
ini_set("display_startup_errors","1");
set_magic_quotes_runtime(0);

include("include/dbcommon.php");
include("include/users_variables.php");


//	check if logged in
if(!@$_SESSION["UserID"] || !CheckSecurity(@$_SESSION["OwnerID"],"Add"))
{ 
	$_SESSION["MyURL"]=$_SERVER["SCRIPT_NAME"]."?".$_SERVER["QUERY_STRING"];
	header("Location: login.php?message=expired"); 
	return;
}

$filename="";	
$message="";
$error_happened=false;
$readavalues=false;

//connect database
$conn = db_connect();

// insert new record if we have to

if(@$_POST["a"]=="added")
{
	$afilename_values=array();
	$avalues=array();
	$files_move=array();

//	processing Login - start

	$value = postvalue("value_Login");
	$type=postvalue("type_Login");
	$value=prepare_for_db("Login",$value,$type);
	if(!($value===false))
		$avalues["Login"]=$value;

//	processibng Login - end
//	processing Name - start

	$value = postvalue("value_Name");
	$type=postvalue("type_Name");
	$value=prepare_for_db("Name",$value,$type);
	if(!($value===false))
		$avalues["Name"]=$value;

//	processibng Name - end
//	processing Password - start

	$value = postvalue("value_Password");
	$type=postvalue("type_Password");
	$value=prepare_for_db("Password",$value,$type);
	if(!($value===false))
		$avalues["Password"]=$value;

//	processibng Password - end
//	processing User Type - start

	$value = postvalue("value_User_Type");
	$type=postvalue("type_User_Type");
	$value=prepare_for_db("User Type",$value,$type);
	if(!($value===false))
		$avalues["User Type"]=$value;

//	processibng User Type - end


//	insert ownerid value if exists
	$avalues["Login"]=prepare_for_db("Login",$_SESSION["OwnerID"]);



//	add filenames to values
	foreach($afilename_values as $akey=>$value)
		$avalues[$akey]=$value;
//	make SQL string
	$strSQL = "insert into ".AddTableWrappers($strOriginalTableName)." ";
	$strFields="(";
	$strValues="(";
	
//	before Add event
	$retval = true;
	if(function_exists("BeforeAdd"))
		$retval=BeforeAdd($avalues);
	if($retval)
	{
		foreach($avalues as $akey=>$value)
		{
			$strFields.=AddFieldWrappers($akey).", ";
			$strValues.=add_db_quotes($akey,$value).", ";
		}
		if(substr($strFields,-2)==", ")
			$strFields=substr($strFields,0,strlen($strFields)-2);
		if(substr($strValues,-2)==", ")
			$strValues=substr($strValues,0,strlen($strValues)-2);
		$strSQL.=$strFields.") values ".$strValues.")";
		LogInfo($strSQL);
		set_error_handler("add_error_handler");
		db_exec($strSQL,$conn);
		set_error_handler("error_handler");
//	move files
		if(!$error_happened)
		{
			foreach ($files_move as $file)
				move_uploaded_file($file[0],$file[1]);
		
			$message="<div class=message><<< "."Record was added"." >>></div>";
//	after add event		
			if(function_exists("AfterAdd"))
				AfterAdd();
		}
	}
	else
		$readavalues=true;
}

$defvalues=array();


$keys=array();
$keys["Primary"]=postvalue("copyid1");

//	copy record
if(array_key_exists("copyid1",$_REQUEST))
{
	$strWhere=KeyWhere($keys);
	$strSQL=$gstrSQL;
	$strSQL=AddWhere($strSQL,$strWhere);
	$strSQL=AddWhere($strSQL,SecuritySQL("Search"));
	LogInfo($strSQL);
	$rs=db_query($strSQL,$conn);
	$defvalues=db_fetch_array($rs);
//	clear key fields
	$defvalues["Primary"]="";
//call CopyOnLoad event
	if(function_exists("CopyOnLoad"))
		CopyOnLoad($defvalues,$strWhere);
}
else if(!count($defvalues))
{
	$defvalues["Login"]=@$_SESSION["OwnerID"];
}
if($readavalues)
{
	$defvalues["Login"]=@$avalues["Login"];
	$defvalues["Name"]=@$avalues["Name"];
	$defvalues["Password"]=@$avalues["Password"];
	$defvalues["User Type"]=@$avalues["User Type"];
}


include('libs/Smarty.class.php');
$smarty = new Smarty();

foreach($defvalues as $key=>$value)
	$smarty->assign("value_".GoodFieldName($key),$value);


//	include files

$includes="";

//	validation stuff
$bodyonload="";
$onsubmit="";
$includes.="<script language=\"JavaScript\" src=\"include/validate.js\"></script>\r\n";
$includes.="<script language=\"JavaScript\">\r\n";
$includes.="var TEXT_FIELDS_REQUIRED='".addslashes("The Following fields are Required")."';\r\n";
$includes.="var TEXT_FIELDS_ZIPCODES='".addslashes("")."';\r\n";
$includes.="var TEXT_FIELDS_EMAILS='".addslashes("The Following fields must be valid Emails")."';\r\n";
$includes.="var TEXT_FIELDS_NUMBERS='".addslashes("The Following fields must be Numbers")."';\r\n";
$includes.="var TEXT_FIELDS_CURRENCY='".addslashes("The Following fields must be currency")."';\r\n";
$includes.="var TEXT_FIELDS_PHONE='".addslashes("The Following fields must be Phone Numbers")."';\r\n";
$includes.="var TEXT_FIELDS_PASSWORD1='".addslashes("The Following fields must be valid Passwords")."';\r\n";
$includes.="var TEXT_FIELDS_PASSWORD2='".addslashes("should be at least 4 characters long")."';\r\n";
$includes.="var TEXT_FIELDS_PASSWORD3='".addslashes("Cannot be 'password'")."';\r\n";
$includes.="var TEXT_FIELDS_STATE='".addslashes("The Following fields must be State Names")."';\r\n";
$includes.="var TEXT_FIELDS_SSN='".addslashes("The Following fields must be Social Security Numbers")."';\r\n";
$includes.="var TEXT_FIELDS_DATE='".addslashes("The Following fields must be valid dates")."';\r\n";
$includes.="var TEXT_FIELDS_TIME='".addslashes("The Following fields must be valid time in 24-hours format")."';\r\n";
$includes.="var TEXT_FIELDS_CC='".addslashes("The Following fields must be valid Credit Card Numbers")."';\r\n";
$includes.="var TEXT_FIELDS_SSN='".addslashes("The Following fields must be Social Security Numbers")."';\r\n";
$includes.="</script>\r\n";
  	$validatetype="";
	$validatetype.="IsRequired";
	if($validatetype)
		$bodyonload.="define('value_Login','".$validatetype."','Login');";
  	$validatetype="";
	$validatetype.="IsRequired";
	if($validatetype)
		$bodyonload.="define('value_Name','".$validatetype."','Name');";
  	$validatetype="";
	$validatetype.="IsRequired";
	if($validatetype)
		$bodyonload.="define('value_Password','".$validatetype."','Password');";
	$validatetype="";
	$validatetype.="IsRequired";
	if($validatetype)
		$bodyonload.="define('value_User_Type','".$validatetype."','User Type');";

if($bodyonload)
{
	$onsubmit="return validate();";
	$bodyonload="onload=\"".$bodyonload."\"";
}

$includes.="<script language=\"JavaScript\" src=\"include/jsfunctions.js\"></script>\r\n";
$includes.="<script language=\"JavaScript\">\r\n".
"var locale_dateformat = ".$locale_info["LOCALE_IDATE"].";\r\n".
"var locale_datedelimiter = \"".$locale_info["LOCALE_SDATE"]."\";\r\n".
"var bLoading=false;\r\n".
"var TEXT_PLEASE_SELECT='".addslashes("Please select")."';\r\n".
"</script>\r\n";



$smarty->assign("includes",$includes);
$smarty->assign("bodyonload",$bodyonload);
if(strlen($onsubmit))
	$onsubmit="onSubmit=\"".$onsubmit."\"";
$smarty->assign("onsubmit",$onsubmit);

$smarty->assign("message",$message);


$max_filesize_set=0;

$readonlyfields=array();

//	show readonly fields

$linkdata="";
$smarty->assign("linkdata",$linkdata);


$smarty->display("users_add.htm");

function add_error_handler($errno, $errstr, $errfile, $errline)
{
	global $readavalues, $message, $error_happened;
	$message="<div class=message><<< Record was NOT added >>><br><br>".$errstr."</div>";
	$readavalues=true;
	$error_happened=true;
}

?>
Return current item: Clinical Handover Database