qemudb/admin/editAppFamily.php

<?php
/**********************************/
/* Edit application family        */
/**********************************/

include("path.php");
require(BASE."include/incl.php");
require(BASE."include/tableve.php");
require(BASE."include/application.php");
require(BASE."include/category.php");
require(BASE."include/mail.php");

$aClean = array(); //array of filtered user input

$aClean['iAppId'] = makeSafe($_REQUEST['iAppId']);
$aClean['sSubmit'] = makeSafe($_REQUEST['sSubmit']);

if(!is_numeric($aClean['iAppId']))
    util_show_error_page_and_exit("Wrong ID");

if(!($_SESSION['current']->hasPriv("admin") || $_SESSION['current']->isSuperMaintainer($aClean['iAppId'])))
    util_show_error_page_and_exit("Insufficient Privileges!");

if(!empty($aClean['sSubmit']))
{
    process_app_version_changes(false);
    util_redirect_and_exit(apidb_fullurl("appview.php?iAppId={$aClean['iAppId']}"));
}
else
// Show the form for editing the Application Family 
{
    $family = new TableVE("edit");


    $oApp = new Application($aClean['iAppId']);
    
    if(!$oApp)
    {
        util_show_error_page_and_exit('Application does not exist');
    }
    
    if($_SESSION['current']->showDebuggingInfos()) { echo "<p align=center><b>appName:</b> $oApp->sName </p>"; }

     apidb_header("Edit Application Family");

    echo "<form method=\"post\" action=\"editAppFamily.php\">\n";

    $oApp->OutputEditor("");

    echo '<table border=0 cellpadding=6 cellspacing=0 width="100%">', "\n";
    echo '<tr><td colspan=2 align=center><input type="submit" name=sSubmit value="Update Database"></td></tr>',"\n";
    echo '</table>', "\n";
    echo "</form>";

    echo "<p>";

   // url edit form
    echo '<form enctype="multipart/form-data" action="editAppFamily.php" method="post">',"\n";
    echo '<input type=hidden name="iAppId" value='.$oApp->iAppId.'>';
    echo html_frame_start("Edit URL","90%","",0);
    echo '<table border=0 cellpadding=6 cellspacing=0 width="100%">',"\n";

    $i = 0;
    $hResult = query_parameters("SELECT * FROM appData WHERE appId = '?' AND type = 'url' AND versionId = 0",
                            $oApp->iAppId);
    if($hResult && mysql_num_rows($hResult) > 0)
    {
        echo '<tr><td class=color1><b>Delete</b></td><td class=color1>',"\n";
        echo '<b>Description</b></td><td class=color1><b>URL</b></td></tr>',"\n";
        while($oRow = mysql_fetch_object($hResult))
        {
            $temp0 = "adelete[".$i."]";
            $temp1 = "adescription[".$i."]";
            $temp2 = "aURL[".$i."]";
            $temp3 = "aId[".$i."]";
            $temp4 = "aOldDesc[".$i."]";
            $temp5 = "aOldURL[".$i."]";
            echo '<tr><td class=color3><input type="checkbox" name="'.$temp0.'"></td>',"\n";
            echo '<td class=color3><input size=45% type="text" name="'.$temp1.'" value ="'.stripslashes($oRow->description).'"</td>',"\n";
            echo '<td class=color3><input size=45% type="text" name="'.$temp2.'" value="'.$oRow->url.'"></td></tr>',"\n";
            echo '<input type=hidden name="'.$temp3.'" value='.$oRow->id.'>';
            echo '<input type=hidden name="'.$temp4.'" value="'.stripslashes($oRow->description).'">';
            echo '<input type=hidden name="'.$temp5.'" value="'.$oRow->url.'">',"\n";
            $i++;
        }
    } else
    {
        echo '<tr><td class=color1></td><td class=color1><b>Description</b></td>',"\n";
        echo '<td class=color1><b>URL</b></td></tr>',"\n";
    }
    echo "</td></tr>\n";
    echo "<input type=hidden name='iRows' value='$i'>";

    echo '<tr><td class=color1>New</td><td class=color1><input size=45% type="text" name="sUrlDesc"></td>',"\n";
    echo '<td class=color1><input size=45% name="sUrl" type="text"></td></tr>',"\n";

    echo '<tr><td colspan=3 align=center class=color3><input type="submit" name=sSubmit value="Update URL"></td></tr>',"\n";

    echo '</table>',"\n";
    echo html_frame_end();
    echo "</form>";

    echo html_back_link(1,BASE."appview.php?iAppId=$oApp->iAppId");
}

apidb_footer();
?>
- replaced tons of tabs with spaces - replaced <? with <?php for compatibility sake (see TODO and CODING_STANDARD to know more) - improved overall code lisibility 2004-12-12 03:51:51 +00:00			`<?php`
- Convert to superglobals - Use include/db.php - Variable naming - Misc fixes 2005-01-02 16:51:48 +00:00			`/**********************************/`
			`/* Edit application family */`
			`/**********************************/`
Initial revision 2004-03-15 16:22:00 +00:00
			`include("path.php");`
- use mail_appdb() instead of mail() for better error handling and to avoid code duplication - use \r\n as line separator in mail (RFC compliant) 2005-01-30 00:57:34 +00:00			`require(BASE."include/incl.php");`
			`require(BASE."include/tableve.php");`
			`require(BASE."include/application.php");`
			`require(BASE."include/category.php");`
			`require(BASE."include/mail.php");`
Initial revision 2004-03-15 16:22:00 +00:00
Filter all user input to reduce the security impact of manipulated data 2006-06-17 06:10:10 +00:00			`$aClean = array(); //array of filtered user input`

Prefix all GPC variables according to our coding standard 2006-07-06 17:27:54 +00:00			`$aClean['iAppId'] = makeSafe($_REQUEST['iAppId']);`
			`$aClean['sSubmit'] = makeSafe($_REQUEST['sSubmit']);`
Filter all user input to reduce the security impact of manipulated data 2006-06-17 06:10:10 +00:00
Prefix all GPC variables according to our coding standard 2006-07-06 17:27:54 +00:00			`if(!is_numeric($aClean['iAppId']))`
Rename util_show_error_page() to util_show_error_page_and_exit() and redirect() to util_redirect_and_exit() so it is explicit that we exit in those functions that so we know it isn't necessary to put an exit after we call them 2006-07-06 18:44:56 +00:00			`util_show_error_page_and_exit("Wrong ID");`
- Convert to superglobals - Use include/db.php - Variable naming - Misc fixes 2005-01-02 16:51:48 +00:00
Prefix all GPC variables according to our coding standard 2006-07-06 17:27:54 +00:00			`if(!($_SESSION['current']->hasPriv("admin") \|\| $_SESSION['current']->isSuperMaintainer($aClean['iAppId'])))`
Rename util_show_error_page() to util_show_error_page_and_exit() and redirect() to util_redirect_and_exit() so it is explicit that we exit in those functions that so we know it isn't necessary to put an exit after we call them 2006-07-06 18:44:56 +00:00			`util_show_error_page_and_exit("Insufficient Privileges!");`
Initial revision 2004-03-15 16:22:00 +00:00
Prefix all GPC variables according to our coding standard 2006-07-06 17:27:54 +00:00			`if(!empty($aClean['sSubmit']))`
Initial revision 2004-03-15 16:22:00 +00:00			`{`
Factor ~80 lines of code that were present in both editAppFamily.php and editAppVersion.php into a new function in util.php. 2005-06-05 18:41:47 +00:00			`process_app_version_changes(false);`
Rename util_show_error_page() to util_show_error_page_and_exit() and redirect() to util_redirect_and_exit() so it is explicit that we exit in those functions that so we know it isn't necessary to put an exit after we call them 2006-07-06 18:44:56 +00:00			`util_redirect_and_exit(apidb_fullurl("appview.php?iAppId={$aClean['iAppId']}"));`
Initial revision 2004-03-15 16:22:00 +00:00			`}`
Add 'else' to make addmsg messages show after a redirect 2005-01-05 05:30:23 +00:00			`else`
- Convert to superglobals - Use include/db.php - Variable naming - Misc fixes 2005-01-02 16:51:48 +00:00			`// Show the form for editing the Application Family`
Initial revision 2004-03-15 16:22:00 +00:00			`{`
Improve fuctionality of editAppFamily.php 2004-05-04 15:21:25 +00:00			`$family = new TableVE("edit");`

Factor application/version editing code out of files and move it into the application and version classes. Add support to HtmlAreaLoaderScript() to be called multiple times on a single page without generating javascript that overwrites the previous html area settings. 2005-10-10 02:37:55 +00:00
Prefix all GPC variables according to our coding standard 2006-07-06 17:27:54 +00:00			`$oApp = new Application($aClean['iAppId']);`
- Convert to superglobals - Use include/db.php - Variable naming - Misc fixes 2005-01-02 16:51:48 +00:00
Factor application/version editing code out of files and move it into the application and version classes. Add support to HtmlAreaLoaderScript() to be called multiple times on a single page without generating javascript that overwrites the previous html area settings. 2005-10-10 02:37:55 +00:00			`if(!$oApp)`
Improve fuctionality of editAppFamily.php 2004-05-04 15:21:25 +00:00			`{`
Rename util_show_error_page() to util_show_error_page_and_exit() and redirect() to util_redirect_and_exit() so it is explicit that we exit in those functions that so we know it isn't necessary to put an exit after we call them 2006-07-06 18:44:56 +00:00			`util_show_error_page_and_exit('Application does not exist');`
Improve fuctionality of editAppFamily.php 2004-05-04 15:21:25 +00:00			`}`
- Convert to superglobals - Use include/db.php - Variable naming - Misc fixes 2005-01-02 16:51:48 +00:00
Factor application/version editing code out of files and move it into the application and version classes. Add support to HtmlAreaLoaderScript() to be called multiple times on a single page without generating javascript that overwrites the previous html area settings. 2005-10-10 02:37:55 +00:00			`if($_SESSION['current']->showDebuggingInfos()) { echo "<p align=center><b>appName:</b> $oApp->sName </p>"; }`
Initial revision 2004-03-15 16:22:00 +00:00
- Convert to superglobals - Use include/db.php - Variable naming - Misc fixes 2005-01-02 16:51:48 +00:00			`apidb_header("Edit Application Family");`
Improve fuctionality of editAppFamily.php 2004-05-04 15:21:25 +00:00
- use htmlarea for editing app description and notes - special stylesheet for application description and notes - function to display summary of description with html stripping 2005-02-02 02:38:20 +00:00			`echo "<form method=\"post\" action=\"editAppFamily.php\">\n";`
Factor application/version editing code out of files and move it into the application and version classes. Add support to HtmlAreaLoaderScript() to be called multiple times on a single page without generating javascript that overwrites the previous html area settings. 2005-10-10 02:37:55 +00:00
			`$oApp->OutputEditor("");`

			`echo '<table border=0 cellpadding=6 cellspacing=0 width="100%">', "\n";`
Prefix all GPC variables according to our coding standard 2006-07-06 17:27:54 +00:00			`echo '<tr><td colspan=2 align=center><input type="submit" name=sSubmit value="Update Database"></td></tr>',"\n";`
Factor application/version editing code out of files and move it into the application and version classes. Add support to HtmlAreaLoaderScript() to be called multiple times on a single page without generating javascript that overwrites the previous html area settings. 2005-10-10 02:37:55 +00:00			`echo '</table>', "\n";`
- drop version specific keywords - drop version specific url - let user add links for versions (installation, support, whatever) - use application description and version description to display version description - don't provide a link in the cat_path to go in the same page we already are - various html improvement and fixes in modified lines 2005-02-02 00:35:49 +00:00			`echo "</form>";`
Improve fuctionality of editAppFamily.php 2004-05-04 15:21:25 +00:00
Factor application/version editing code out of files and move it into the application and version classes. Add support to HtmlAreaLoaderScript() to be called multiple times on a single page without generating javascript that overwrites the previous html area settings. 2005-10-10 02:37:55 +00:00			`echo "<p>";`

			`// url edit form`
Restore the ability to add a url to an app family 2005-02-06 22:50:08 +00:00			`echo '<form enctype="multipart/form-data" action="editAppFamily.php" method="post">',"\n";`
Prefix all GPC variables according to our coding standard 2006-07-06 17:27:54 +00:00			`echo '<input type=hidden name="iAppId" value='.$oApp->iAppId.'>';`
Restore the ability to add a url to an app family 2005-02-06 22:50:08 +00:00			`echo html_frame_start("Edit URL","90%","",0);`
			`echo '<table border=0 cellpadding=6 cellspacing=0 width="100%">',"\n";`
Factor application/version editing code out of files and move it into the application and version classes. Add support to HtmlAreaLoaderScript() to be called multiple times on a single page without generating javascript that overwrites the previous html area settings. 2005-10-10 02:37:55 +00:00
Restore the ability to add a url to an app family 2005-02-06 22:50:08 +00:00			`$i = 0;`
Use query_parameters() in SQL select, update and delete statements to protect against sql injection attacks 2006-06-27 19:16:27 +00:00			`$hResult = query_parameters("SELECT * FROM appData WHERE appId = '?' AND type = 'url' AND versionId = 0",`
			`$oApp->iAppId);`
Make code more consistent by making it follow the appdb coding standards. Fix some spaces vs. tabs odd indenting. 2006-06-21 01:04:12 +00:00			`if($hResult && mysql_num_rows($hResult) > 0)`
Restore the ability to add a url to an app family 2005-02-06 22:50:08 +00:00			`{`
			`echo '<tr><td class=color1><b>Delete</b></td><td class=color1>',"\n";`
			`echo '<b>Description</b></td><td class=color1><b>URL</b></td></tr>',"\n";`
Make code more consistent by making it follow the appdb coding standards. Fix some spaces vs. tabs odd indenting. 2006-06-21 01:04:12 +00:00			`while($oRow = mysql_fetch_object($hResult))`
Restore the ability to add a url to an app family 2005-02-06 22:50:08 +00:00			`{`
			`$temp0 = "adelete[".$i."]";`
			`$temp1 = "adescription[".$i."]";`
			`$temp2 = "aURL[".$i."]";`
			`$temp3 = "aId[".$i."]";`
			`$temp4 = "aOldDesc[".$i."]";`
			`$temp5 = "aOldURL[".$i."]";`
			`echo '<tr><td class=color3><input type="checkbox" name="'.$temp0.'"></td>',"\n";`
Make code more consistent by making it follow the appdb coding standards. Fix some spaces vs. tabs odd indenting. 2006-06-21 01:04:12 +00:00			`echo '<td class=color3><input size=45% type="text" name="'.$temp1.'" value ="'.stripslashes($oRow->description).'"</td>',"\n";`
			`echo '<td class=color3><input size=45% type="text" name="'.$temp2.'" value="'.$oRow->url.'"></td></tr>',"\n";`
			`echo '<input type=hidden name="'.$temp3.'" value='.$oRow->id.'>';`
			`echo '<input type=hidden name="'.$temp4.'" value="'.stripslashes($oRow->description).'">';`
			`echo '<input type=hidden name="'.$temp5.'" value="'.$oRow->url.'">',"\n";`
Restore the ability to add a url to an app family 2005-02-06 22:50:08 +00:00			`$i++;`
			`}`
			`} else`
			`{`
			`echo '<tr><td class=color1></td><td class=color1><b>Description</b></td>',"\n";`
			`echo '<td class=color1><b>URL</b></td></tr>',"\n";`
			`}`
			`echo "</td></tr>\n";`
Prefix all GPC variables according to our coding standard 2006-07-06 17:27:54 +00:00			`echo "<input type=hidden name='iRows' value='$i'>";`
Restore the ability to add a url to an app family 2005-02-06 22:50:08 +00:00
Prefix all GPC variables according to our coding standard 2006-07-06 17:27:54 +00:00			`echo '<tr><td class=color1>New</td><td class=color1><input size=45% type="text" name="sUrlDesc"></td>',"\n";`
			`echo '<td class=color1><input size=45% name="sUrl" type="text"></td></tr>',"\n";`
Factor application/version editing code out of files and move it into the application and version classes. Add support to HtmlAreaLoaderScript() to be called multiple times on a single page without generating javascript that overwrites the previous html area settings. 2005-10-10 02:37:55 +00:00
Prefix all GPC variables according to our coding standard 2006-07-06 17:27:54 +00:00			`echo '<tr><td colspan=3 align=center class=color3><input type="submit" name=sSubmit value="Update URL"></td></tr>',"\n";`
Factor application/version editing code out of files and move it into the application and version classes. Add support to HtmlAreaLoaderScript() to be called multiple times on a single page without generating javascript that overwrites the previous html area settings. 2005-10-10 02:37:55 +00:00
Restore the ability to add a url to an app family 2005-02-06 22:50:08 +00:00			`echo '</table>',"\n";`
			`echo html_frame_end();`
			`echo "</form>";`
Initial revision 2004-03-15 16:22:00 +00:00
Prefix all GPC variables according to our coding standard 2006-07-06 17:27:54 +00:00			`echo html_back_link(1,BASE."appview.php?iAppId=$oApp->iAppId");`
Initial revision 2004-03-15 16:22:00 +00:00			`}`

			`apidb_footer();`
			`?>`