Location: PHPKode > projects > eqEpic > eqEpic0.7.8/stepsedit.php
<?php 
session_start();
ob_start();
?>
<?php
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // Always modified
header("Cache-Control: private, no-store, no-cache, must-revalidate"); // HTTP/1.1 
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache"); // HTTP/1.0
?>
<?php include ("ewconfig.php") ?>
<?php include ("db.php") ?>
<?php include ("stepsinfo.php") ?>
<?php include ("advsecu.php") ?>
<?php include ("phpmkrfn.php") ?>
<?php
if (!IsLoggedIn() && (@$_COOKIE[ewCookieAutoLogin] == "autologin" && @$_COOKIE[ewCookiePassword] <> "")) {
	ob_end_clean();
	header("Location: login.php");
	exit();
}
LoadUserLevel();
$ewCurSec = (IsLoggedIn())? CurrentUserLevelPriv("steps") : GetAnonymousPriv("steps");	
if (($ewCurSec & ewAllowEdit) <> ewAllowEdit) {
	ob_end_clean();
	header("Location: stepslist.php");
	exit();
}
?>
<?php

// Initialize common variables
$x_id = NULL;
$ox_id = NULL;
$z_id = NULL;
$ar_x_id = NULL;
$ari_x_id = NULL;
$x_idList = NULL;
$x_idChk = NULL;
$cbo_x_id_js = NULL;
$x_class = NULL;
$ox_class = NULL;
$z_class = NULL;
$ar_x_class = NULL;
$ari_x_class = NULL;
$x_classList = NULL;
$x_classChk = NULL;
$cbo_x_class_js = NULL;
$x_step = NULL;
$ox_step = NULL;
$z_step = NULL;
$ar_x_step = NULL;
$ari_x_step = NULL;
$x_stepList = NULL;
$x_stepChk = NULL;
$cbo_x_step_js = NULL;
$x_descrip = NULL;
$ox_descrip = NULL;
$z_descrip = NULL;
$ar_x_descrip = NULL;
$ari_x_descrip = NULL;
$x_descripList = NULL;
$x_descripChk = NULL;
$cbo_x_descrip_js = NULL;
$x_num_grp = NULL;
$ox_num_grp = NULL;
$z_num_grp = NULL;
$ar_x_num_grp = NULL;
$ari_x_num_grp = NULL;
$x_num_grpList = NULL;
$x_num_grpChk = NULL;
$cbo_x_num_grp_js = NULL;
$x_zone = NULL;
$ox_zone = NULL;
$z_zone = NULL;
$ar_x_zone = NULL;
$ari_x_zone = NULL;
$x_zoneList = NULL;
$x_zoneChk = NULL;
$cbo_x_zone_js = NULL;
$x_chest = NULL;
$ox_chest = NULL;
$z_chest = NULL;
$ar_x_chest = NULL;
$ari_x_chest = NULL;
$x_chestList = NULL;
$x_chestChk = NULL;
$cbo_x_chest_js = NULL;
$x_mob_url = NULL;
$ox_mob_url = NULL;
$z_mob_url = NULL;
$ar_x_mob_url = NULL;
$ari_x_mob_url = NULL;
$x_mob_urlList = NULL;
$x_mob_urlChk = NULL;
$cbo_x_mob_url_js = NULL;
?>
<?php

// Load key from QueryString
$x_step = @$_GET["step"];

// Get action
$sAction = @$_POST["a_edit"];
if ($sAction == "") {
	$sAction = "I";	// Display record	
} else {

	// Get fields from form
	$x_id = @$_POST["x_id"];
	$x_class = @$_POST["x_class"];
	$x_step = @$_POST["x_step"];
	$x_descrip = @$_POST["x_descrip"];
	$x_num_grp = @$_POST["x_num_grp"];
	$x_zone = @$_POST["x_zone"];
	$x_chest = @$_POST["x_chest"];
	$x_mob_url = @$_POST["x_mob_url"];
}
if (($x_step == "") || (is_null($x_step))) {
	ob_end_clean();
	header("Location: stepslist.php");
	exit();
}
$conn = phpmkr_db_connect(HOST, USER, PASS, DB, PORT);
switch ($sAction) {
	case "I": // Display record
		if (!LoadData($conn)) { // Load record
			$_SESSION[ewSessionMessage] = "No Steps Found";
			phpmkr_db_close($conn);
			ob_end_clean();
			header("Location: stepslist.php");
			exit();
		}
		break;
	case "U": // Update
		if (EditData($conn)) { // Update record
			$_SESSION[ewSessionMessage] = "Updated Step Successfully";
			phpmkr_db_close($conn);
			ob_end_clean();
			header("Location: stepslist.php");
			exit();
		}
		break;
}
?>
<?php include ("sources/header.php") ?>
<script type="text/javascript">
<!--
EW_LookupFn = "ewlookup.php"; // ewlookup file name
EW_AddOptFn = "ewaddopt.php"; // ewaddopt.php file name

//-->
</script>
<script type="text/javascript" src="ewp.js"></script>
<script type="text/javascript">
<!--
EW_dateSep = "-"; // set date separator
EW_UploadAllowedFileExt = "gif,jpg,jpeg,bmp,png,doc,xls,pdf,zip"; // allowed upload file extension

//-->
</script>
<script type="text/javascript">
<!--
function EW_checkMyForm(EW_this) {
if (EW_this.x_class && !EW_hasValue(EW_this.x_class, "SELECT")) {
	if (!EW_onError(EW_this, EW_this.x_class, "SELECT", "Please enter required field - Class"))
		return false;
}
if (EW_this.x_step && !EW_hasValue(EW_this.x_step, "TEXT")) {
	if (!EW_onError(EW_this, EW_this.x_step, "TEXT", "Please enter required field - Step"))
		return false;
}
if (EW_this.x_descrip && !EW_hasValue(EW_this.x_descrip, "TEXTAREA")) {
	if (!EW_onError(EW_this, EW_this.x_descrip, "TEXTAREA", "Please enter required field - Description"))
		return false;
}
if (EW_this.x_chest && !EW_hasValue(EW_this.x_chest, "SELECT")) {
	if (!EW_onError(EW_this, EW_this.x_chest, "SELECT", "Please enter required field - Chest"))
		return false;
}
return true;
}

//-->
</script>
<script type="text/javascript">
<!--
	var EW_DHTMLEditors = [];

//-->
</script>
<form name="fstepsedit" id="fstepsedit" action="stepsedit.php" method="post" onsubmit="return EW_checkMyForm(this);">
<input type="hidden" name="a_edit" value="U" />
<?php
if (@$_SESSION[ewSessionMessage] <> "") {
?>
<p><div class="ewmsg"><?php echo $_SESSION[ewSessionMessage]; ?></div></p>
<?php
	$_SESSION[ewSessionMessage] = ""; // Clear message
}
?>
	<table align="center" class="table_other">
		<tr>
			<td>Class<span class='ewmsg'>&nbsp;*</span></td>
			<td><span id="cb_x_class">
<?php
if ((!is_null($x_class)) && ($x_class <> "")) {
	$sSqlWrk = "SELECT `class` FROM `class`";
	$sTmp = $x_class;
	$sTmp = addslashes($sTmp);
	$sSqlWrk .= " WHERE `id` = " . $sTmp . "";
	$sSqlWrk .= " ORDER BY `class` Asc";
	$rswrk = phpmkr_query($sSqlWrk,$conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br />SQL:' . $sSqlWrk);
	if ($rswrk && $rowwrk = phpmkr_fetch_array($rswrk)) {
		$sTmp = $rowwrk["class"];
	}
	@phpmkr_free_result($rswrk);
} else {
	$sTmp = "";
}
$ox_class = $x_class; // Backup original value
$x_class = $sTmp;
?>
        <?php echo $x_class; ?>
        <?php $x_class = $ox_class; // Restore original value ?>
</span></td>
		</tr>
		<tr>
			<td>Step<span class='ewmsg'>&nbsp;*</span></td>
			<td><span id="cb_x_step">
<?php echo $x_step; ?><input type="hidden" id="x_step" name="x_step" value="<?php echo @$x_step; ?>" />
</span></td>
		</tr>
		<tr>
			<td valign="top">Description<span class='ewmsg'>&nbsp;*</span></td>
			<td><span id="cb_x_descrip">
<textarea cols="70" rows="15" id="x_descrip" name="x_descrip" class="text"><?php echo @$x_descrip; ?></textarea>
</span></td>
		</tr>
		<tr>
			<td>Number of Groups</td>
			<td><span id="cb_x_num_grp">
<input type="text" name="x_num_grp" id="x_num_grp" size="30" maxlength="255" value="<?php echo htmlspecialchars(@$x_num_grp) ?>" class="text" />
</span></td>
		</tr>
		<tr>
			<td>Zone</td>
			<td><span id="cb_x_zone">
<input type="text" name="x_zone" id="x_zone" size="30" maxlength="255" value="<?php echo htmlspecialchars(@$x_zone) ?>" class="text" />
</span></td>
		</tr>
		<tr>
			<td>Chest<span class='ewmsg'>&nbsp;*</span></td>
			<td><span id="cb_x_chest">
<?php
$x_chestList = "<select id='x_chest' name='x_chest'>";
$x_chestList .= "<option value=''>Please Select</option>";
	$x_chestList .= "<option value=\"Yes\"";
	if (@$x_chest == "Yes") {
		$x_chestList .= " selected";
	}
	$x_chestList .= ">" . "Yes" . "</option>";
	$x_chestList .= "<option value=\"No\"";
	if (@$x_chest == "No") {
		$x_chestList .= " selected";
	}
	$x_chestList .= ">" . "No" . "</option>";
	$x_chestList .= "<option value=\"?\"";
	if (@$x_chest == "?") {
		$x_chestList .= " selected";
	}
	$x_chestList .= ">" . "?" . "</option>";
$x_chestList .= "</select>";
echo $x_chestList;
?>
</span></td>
		</tr>
		<tr>
			<td>Additional Information</td>
			<td><span id="cb_x_mob_url">
<input type="text" name="x_mob_url" id="x_mob_url" size="30" maxlength="255" value="<?php echo htmlspecialchars(@$x_mob_url) ?>" class="text" />
</span></td>
		</tr>
	</table>
	<p align="center">
	<input type="submit" name="btnAction" id="btnAction" value="Edit Step" class="button" />
</form>
<?php include ("footer.php") ?>
<?php
phpmkr_db_close($conn);
?>
<?php

//-------------------------------------------------------------------------------
// Function LoadData
// - Variables setup: field variables

function LoadData($conn)
{
	global $x_step;
	$sFilter = ewSqlKeyWhere;
	$x_step =  (get_magic_quotes_gpc()) ? stripslashes($x_step) : $x_step;
	$sFilter = str_replace("@step", AdjustSql($x_step), $sFilter); // Replace key value
	$sSql = ewBuildSql(ewSqlSelect, ewSqlWhere, ewSqlGroupBy, ewSqlHaving, ewSqlOrderBy, $sFilter, "");
	$rs = phpmkr_query($sSql,$conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br>SQL: ' . $sSql);
	if (phpmkr_num_rows($rs) == 0) {
		$bLoadData = false;
	} else {
		$bLoadData = true;
		$row = phpmkr_fetch_array($rs);

		// Get the field contents
		$GLOBALS["x_id"] = $row["id"];
		$GLOBALS["x_class"] = $row["class"];
		$GLOBALS["x_step"] = $row["step"];
		$GLOBALS["x_descrip"] = $row["descrip"];
		$GLOBALS["x_num_grp"] = $row["num_grp"];
		$GLOBALS["x_zone"] = $row["zone"];
		$GLOBALS["x_chest"] = $row["chest"];
		$GLOBALS["x_mob_url"] = $row["mob_url"];
	}
	phpmkr_free_result($rs);
	return $bLoadData;
}
?>
<?php

//-------------------------------------------------------------------------------
// Function EditData
// - Variables used: field variables

function EditData($conn)
{
	global $x_step;
	$sFilter = ewSqlKeyWhere;
	$sTmp =  (get_magic_quotes_gpc()) ? stripslashes($x_step) : $x_step;
	$sFilter = str_replace("@step", AdjustSql($sTmp), $sFilter); // Replace key value
	$sSql = ewBuildSql(ewSqlSelect, ewSqlWhere, ewSqlGroupBy, ewSqlHaving, ewSqlOrderBy, $sFilter, "");
	$rs = phpmkr_query($sSql,$conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br>SQL: ' . $sSql);

	// Get old recordset
	$oldrs = phpmkr_fetch_array($rs);
	if (phpmkr_num_rows($rs) == 0) {
		return false; // Update Failed
	} else {
		$x_id = @$_POST["x_id"];
		$x_class = @$_POST["x_class"];
		$x_step = @$_POST["x_step"];
		$x_descrip = @$_POST["x_descrip"];
		$x_num_grp = @$_POST["x_num_grp"];
		$x_zone = @$_POST["x_zone"];
		$x_chest = @$_POST["x_chest"];
		$x_mob_url = @$_POST["x_mob_url"];
		$theValue = ($GLOBALS["x_class"] != "") ? intval($GLOBALS["x_class"]) : "NULL";
		$fieldList["`class`"] = $theValue;
		$theValue = (!get_magic_quotes_gpc()) ? addslashes($GLOBALS["x_step"]) : $GLOBALS["x_step"]; 
		$theValue = ($theValue != "") ? " '" . $theValue . "'" : "NULL";
		$fieldList["`step`"] = $theValue;
		$theValue = (!get_magic_quotes_gpc()) ? addslashes($GLOBALS["x_descrip"]) : $GLOBALS["x_descrip"]; 
		$theValue = ($theValue != "") ? " '" . $theValue . "'" : "NULL";
		$fieldList["`descrip`"] = $theValue;
		$theValue = (!get_magic_quotes_gpc()) ? addslashes($GLOBALS["x_num_grp"]) : $GLOBALS["x_num_grp"]; 
		$theValue = ($theValue != "") ? " '" . $theValue . "'" : "NULL";
		$fieldList["`num_grp`"] = $theValue;
		$theValue = (!get_magic_quotes_gpc()) ? addslashes($GLOBALS["x_zone"]) : $GLOBALS["x_zone"]; 
		$theValue = ($theValue != "") ? " '" . $theValue . "'" : "NULL";
		$fieldList["`zone`"] = $theValue;
		$theValue = (!get_magic_quotes_gpc()) ? addslashes($GLOBALS["x_chest"]) : $GLOBALS["x_chest"]; 
		$theValue = ($theValue != "") ? " '" . $theValue . "'" : "NULL";
		$fieldList["`chest`"] = $theValue;
		$theValue = (!get_magic_quotes_gpc()) ? addslashes($GLOBALS["x_mob_url"]) : $GLOBALS["x_mob_url"]; 
		$theValue = ($theValue != "") ? " '" . $theValue . "'" : "NULL";
		$fieldList["`mob_url`"] = $theValue;

		// Updating event
		if (Recordset_Updating($fieldList, $oldrs)) {

			// Update
			$sSql = "UPDATE `steps` SET ";
			foreach ($fieldList as $key=>$temp) {
				$sSql .= "$key = $temp, ";
			}
			if (substr($sSql, -2) == ", ") {
				$sSql = substr($sSql, 0, strlen($sSql)-2);
			}
			$sSql .= " WHERE " . $sFilter;
			phpmkr_query($sSql,$conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br>SQL: ' . $sSql);
			$result = (phpmkr_affected_rows($conn) >= 0);

			// Updated event
			if ($result) Recordset_Updated($fieldList, $oldrs);
		} else {
			$result = false; // Update Failed
		}
	}
	return $result;
}

// Updating Event
function Recordset_Updating(&$newrs, $oldrs)
{

	// Enter your customized codes here
	return true;
}

// Updated event
function Recordset_Updated($newrs, $oldrs)
{
	$table = "steps";
}
?>
Return current item: eqEpic