Location: PHPKode > scripts > phpRetrieve > phpRetrieve/saveQuery.php
<?php
session_start();

	//Link to server
	include('config.php');

	//connect to the databaser
	mysql_connect('localhost',$user,$password);
	@mysql_select_db($database) or die( "Unable to select database");
	
	$myQuery = "";
	if(isset($_SESSION['session_Query'])){
		$myQuery = $_SESSION['session_Query'];
	}
	if(isset($_SESSION['session_Criteria'])){
		$arr = $_SESSION['session_Criteria'];
	}
	if($_SESSION['session_rptTable'] != ""){
		$fld_result = mysql_query("SHOW COLUMNS FROM ".$_SESSION['session_rptTable']);
	}
	
	$CDT = date("Y-m-d H:i:s");
	$reportName = trim(addslashes($_POST['reportName']));
	$_SESSION['session_rptName'] = $reportName;
	$share = "No";
	if(isset($_POST['share'])){ $share = $_POST['share']; }
	$_SESSION['session_rptShare'] = $share;
	
	//create file name safe reportName
    $saveName = $reportName;
	$saveName = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $saveName);
	// Remove special accented characters
	$saveName = strtr($saveName, 'ŠŽšžŸÀÁÂÃÄÅÇÈÉÊËÌÍÎÏÑÒÓÔÕÖØÙÚÛÜÝàáâãäåçèéêëìíîïñòóôõöøùúûüýÿ', 'SZszYAAAAAACEEEEIIIINOOOOOOUUUUYaaaaaaceeeeiiiinoooooouuuuyy');
	$saveName = strtr($saveName, array('Þ' => 'TH', 'þ' => 'th', 'Ð' => 'DH', 'ð' => 'dh', 'ß' => 'ss', 'Œ' => 'OE', 'œ' => 'oe', 'Æ' => 'AE', 'æ' => 'ae', 'µ' => 'u'));
	$saveName = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $saveName);
    
	$saveName .= "_rpt.php";
	
	//Check if have permissions to save with this name
	if(file_exists('Reports/'.$saveName)){
	
		$readHeader = 'Y'; $readQuery = 'N'; 
		$rptShare = 'No'; $rptOwner = 'System_xyz'; 
		Include('Reports/'.$saveName);
		if($rptOwner != $_SESSION['session_currentUser'] && $rptShare != 'Full'){
			$msg = "You don't have permission to save this report. Try using a different report name.";
			header('Location: index.php?msg='.$msg);
			exit;
		}
	
	}
	
	
	//Create Header
	$rpt = "<?php \n";
	$rpt .= "if($"."readHeader =='Y'){ \n";
	$rpt .= "   $"."rptName = \"".$reportName."\"; \n";
	$rpt .= "   $"."rptShare = \"".$share."\"; \n";
	$rpt .= "   //$"."rptShare = \"No\"; \n";
	$rpt .= "   //$"."rptShare = \"Full\"; \n";
	$rpt .= "   //$"."rptShare = \"ReadOnly\"; \n";
	$rpt .= "   $"."rptOwner = \"".$_SESSION['session_rptOwner']."\"; \n";
	$rpt .= "   $"."rptCreated = \"".$_SESSION['session_rptDate']."\"; \n";
	$rpt .= "   $"."rptLastSaved = \"".$CDT."\"; \n";
	$rpt .= "   $"."rptDatabase = \"".$_SESSION['session_rptDatabase']."\"; \n";
	if($myQuery == ""){
		$rpt .= "   $"."rptType = \"Simple\"; \n";
		$rpt .= "   $"."rptTable = \"".$_SESSION['session_rptTable']."\"; \n";
	}
	else {
		$rpt .= "   $"."rptType = \"Manual\"; \n";
		$rpt .= "   $"."rptTable = \"n/a\"; \n";
	}
	$rpt .= "   $"."rptBuild = \"".$_SESSION['session_rptBuild']."\"; \n";
	$rpt .= "} \n";
		
	//Create Report
	$rpt .= "if($"."readQuery =='Y'){ \n";
	//Manual query
	$rpt .= "   $"."rptQuery = '".$myQuery."'; \n\n";
	//Simple query
	// need to save 1) field name, select, condition, val1, val2
	while ($array = mysql_fetch_array($fld_result)) {
		$fld = $array['Field'];
		if(isset($arr[$fld]['Select'])){
			$rpt .= "   $"."arr['$fld']['Name'] = \"".$arr[$fld]['Name']."\"; \n";
			$rpt .= "   $"."arr['$fld']['Select'] = \"".$arr[$fld]['Select']."\"; \n";
			$rpt .= "   $"."arr['$fld']['Condition'] = \"".$arr[$fld]['Condition']."\"; \n";
			$rpt .= "   $"."arr['$fld']['Val1'] = \"".$arr[$fld]['Val1']."\"; \n";
			$rpt .= "   $"."arr['$fld']['Val2'] = \"".$arr[$fld]['Val2']."\"; \n\n";
		}
			
	}

	
	$rpt .= "} \n";
	$rpt .= "?>";
	

	unlink('Reports/'.$saveName);
	$fh = fopen('Reports/'.$saveName, 'w') or die("can't open file");
	fwrite($fh, $rpt);
	fclose($fh);
	
	header('Location: index.php?msg=Report Saved!');
	
?>
Return current item: phpRetrieve