Location: PHPKode > projects > HypatiaDB > hypatiadb/form.php
<?php


include("common_db.php");
include("functions.php");
dbconnect($host, $username, $password) or die("Couldn't connect to $host");

$strings = loadStrings($lang, 'FORM');
headers();
html();
head($strings['FORM_TITLE'], array('xhr/create-xhr.php?target=\'xhr/get-data.php?action=tl-ops\'%2BString.fromCharCode(38)%2B\'db=\'%2Bindb&amp;caller=reloadTables&amp;tid=tbl&amp;tfunc=clearElem(\'tbl\');'));
menu();
navpane();
echo('<div id="mainpane">');

if(isset($_REQUEST['database'])) {
	$db = $_REQUEST['database'];
} else {
	//Check the session
	if($_SESSION['current_db'] != '') {
		$db = mysql_real_escape_string($_SESSION['current_db']);
	} else {
		//We don't know which database they want. We'll give them a "which database and table?" form
		printRequestForm('form.php');
	}
}

if(isset($_REQUEST['table'])) {
	$table = $tbl = mysql_real_escape_string($_REQUEST['table']);
} else {
	//we don't know the table, so we'll reuse the same code that we use if
	//the database is unknown, EXCEPT we'll preselect the selected database
	//(we do know the database, because the execution wouldn't have got to
	//here)
	printRequestForm('form.php',$db);		//dead end, of course, as pRF never returns
}

//If execution has come this far, then we know the table and the database


//We now check what the primary key of this table is. If there isn't one, we die with an app-
//ropriate error.

$sql = "DESCRIBE `$db`.`$table`";
$fields = mysql_query($sql);
while($r = mysql_fetch_array($fields)) {
	if($r[3] == 'PRI') {
		//this is the primary key
		$pk = $r[0];
	}
}

if(!isset($pk)) {
	//no primary key
	printError($strings['FORM_NOPK']);
}

//The $record_number variable holds the value of the current record being displayed. If it
//is the record number of a new entry, then the record number will be
//'current_number_of_records' + 1.

//This section is a bit nasty, particularly if there's no primary key, or there's a non-integer
//primary key.
if(isset($_REQUEST['number'])) {
	$record_number = intval($_REQUEST['number']);
} else {
	$record_number = 1;			//assume record 1
}


//The $save_type variable will contain either the value "insert" or the value "save", to 
//indicate whether a new entry is being saved or the changes to an already existing entry are 
//being saved respectively.
if(isset($_REQUEST['save_type'])) {
	$save_type = $_REQUEST['save_type'];
} else {
	$save_type = '';			//not saving anything
}
   

//Select the current database
mysql_select_db($db) or printError(sprintf($strings['FORM_ERR_UNABLETOSELECTDB'], $db, mysql_error()));


//If $save_type != '', then either a new record is being inserted or the updates to an already
//existing record are being saved.
if($save_type != '' && ($_SESSION['session_user_status'] == 'admin' || $_SESSION['session_user_status'] == 'normal')) {
	$i=0;
	$j=0;

	//Get the new values
	while (list($lvar, $lvalue) = each($_REQUEST)) {
		if (ereg("^field", $lvar)) {
			$save_values[$i] = "'" . mysql_real_escape_string($lvalue) . "'";
			$i++;
		}
	}

	//and the primary key, which is stored in $pk and $number

	$i=0;

	if($save_type == 'insert') {
		$insert_query_values = implode(",", $save_values);
		$insert_query = "INSERT INTO `$tbl` VALUES($insert_query_values)";
		mysql_query($insert_query);
	} else {
		$describe_query = "DESCRIBE `$tbl`";
		($describe_result = mysql_query($describe_query)) or die("Describe query unsuccesful");

		$i=0;

		while($row = mysql_fetch_array($describe_result)) {
			$current_field = $row['Field'];
			$current_save_value = $save_values[$i];
			$fields_to_save[$i] = "`$current_field`=$current_save_value";
			$i++;
		}

		$save_conditions = implode(", ", $fields_to_save);
		$update_query = "UPDATE `$tbl` SET $save_conditions WHERE `$pk` = '$record_number' LIMIT 1";
		mysql_query($update_query) or printError(mysql_error());
	}
}

$describe_query = "DESCRIBE `$tbl`";
($describe_result = mysql_query($describe_query)) or die("$describe_query query unsuccesful");

//See if this primary key already exists (i.e., we're viewing and existing record)
$sql = "SELECT * FROM `$tbl` WHERE `$pk` = '$record_number' LIMIT 1";
$result = mysql_query($sql);
if(mysql_num_rows($result) == 1) {
	$data_row = mysql_fetch_array($result);
}

//Get the total number of records
$number_of_records = getRowCount($db, $tbl);

//Calculate the number of the previous, next and possible new records.
$previous_record_number = $record_number - 1;
$next_record_number = $record_number + 1;

$new_record_number = $number_of_records + 1;



//The following body of code prints out the 'Record |< < 'x' > >| >* of 'y' displayed
//at the top of the screen.
echo '<form class="rv">' . $strings['FORM_RECORD'];
echo '<a href="form.php?database=' . $db . '&amp;table=' . $table . '&amp;number' . '=1"><img src="images/arrow_first.gif" border="0" alt="' . $strings['FORM_ALT_1ST'] . '" title="' . $strings['FORM_TITLE_1ST'] . '" /></a>';

if($record_number != 1)
   echo '<a href="form.php?database=' . $db . '&amp;table=' . $table . '&amp;number=' . $previous_record_number . '"><img src="images/arrow_previous.gif" border="0" alt="' . $strings['FORM_ALT_PREV'] . '" title="' . $strings['FORM_TITLE_PREV'] . '" /></a>';
else
   echo '<img src="images/arrow_previous_gray.gif" border="0" title="' . $strings['FORM_TITLE_DPREV'] . '" alt="' . $strings['FORM_ALT_DPREV'] . '" />';
   
echo '<input type="text" name="record" value="' . $record_number . '" size="10" />';

if($record_number != $number_of_records)
   echo '<a href="form.php?database=' . $db . '&amp;table=' . $table . '&amp;number=' . $next_record_number . '"><img src="images/arrow_next.gif" border="0" alt="' . $strings['FORM_ALT_NEXT'] . '" title="' . $strings['FORM_TITLE_NEXT'] . '" /></a>';
else
   echo '<img src="images/arrow_next_gray.gif" border="0" alt="' . $strings['FORM_ALT_NEXT'] . '" title="' . $strings['FORM_TITLE_DNEXT'] . '" />';
   
echo '<a href="form.php?database=' . $db . '&amp;table=' . $table . '&amp;number=' . $number_of_records . '"><img src="images/arrow_last.gif" border="0" alt="' . $strings['FORM_ALT_LAST'] . '" title="' . $strings['FORM_TITLE_LAST'] . '" /></a>';
echo '<a href="form.php?database=' . $db . '&amp;table=' . $table . '&amp;number=' . $new_record_number . '"><img src="images/arrow_new_record.gif" border="0" alt="' . $strings['FORM_ALT_NEW'] . '" title="' . $strings['FORM_TITLE_NEW'] . '" /></a>';

printf("$strings[FORM_OF]</form>", $record_number > $number_of_records ? $record_number : $number_of_records);
   
$i=0;

echo '<form method="post" action="form.php" class="formform lblock">';

//If $record_number <= $number_of_records, then an already existing record is currently
//selected for viewing in the form. Display the contents of this record.
if(isset($data_row)) {
   //Display the record
	while($row = mysql_fetch_array($describe_result)) {
		$current_field = $row['Field'];
		echo '<label for="field' . $i . '">' . $current_field . ': ';

//		<input type="text" name="field' . $i . '" 
//		value="' . $data_row[$i] . '" /></label>';
		if($_SESSION['session_user_status'] == 'viewer') {
			echo($data_row[$i]);
		} else {
			echo(generateInputField($row, "field$i", $data_row[$i]));
		}

		echo('</label>');

		$i++;
	}


	//Will be passed on if the record is saved, to indicate an update of a record.
	echo '<input type="hidden" name="save_type" value="update" />';

} else {		//new entry
	$i = 0;
	while($row = mysql_fetch_array($describe_result)) {
	$current_field = $row['Field'];

	echo '<label for="field' . $i . '">' . $current_field . ': ';

	if($_SESSION['session_user_status'] != 'viewer') {
		echo(generateInputField($row,"field$i"));
//<input ' . (($_SESSION['session_user_status'] == 'admin' || $_SESSION['session_user_status'] == 'viewer') ? ' disable="disabled"' : '' ) . ' type="text" name="field ' . $i . '" />
	}
	echo '</label>'; 

	$i++;
	}
	//Will be passed on if the record is saved, to indicate an insertion of a record.
	echo '<input type="hidden" name="save_type" value="insert" />';
}

echo '<input type="hidden" name="database" value="' . $db . '" />';
echo '<input type="hidden" name="table" value="' . $table . '" />';
echo '<input type="hidden" name="number" value="' . $record_number . '" />';

if($_SESSION['session_user_status'] == 'viewer')
	echo '<br /><input type="submit" value="' . $strings['FORM_SAVESUBMIT'] . '" disabled="disabled" />';
else
	echo '<br /><input type="submit" value="' . $strings['FORM_SAVESUBMIT'] . '" />';
 
   
   echo "</form></div>";		//div for mainpane

endhtml();
?>
Return current item: HypatiaDB