diff --git a/admin/editAppFamily.php b/admin/editAppFamily.php index 2808231..d87f97a 100644 --- a/admin/editAppFamily.php +++ b/admin/editAppFamily.php @@ -1,159 +1,129 @@ is_super_maintainer($_REQUEST['appId']))) { errorpage("Insufficient Privileges!"); exit; } -if($_POST) +if(isset($_REQUEST['submit'])) { $statusMessage = ''; + // commit changes of form to database - if($submit1 == "Update Database") + if($_REQUEST['submit'] == "Update Database") { - $statusMessage = ''; - $appName = addslashes($appName); - $description = addslashes($description); - $webPage = addslashes($webPage); - if (!mysql_query("UPDATE appFamily SET appName = '".$appName."', ". - "vendorId = $vendorId, keywords = '".$keywords."', ". - "description = '".$description."', ". - "webPage = '".$webPage."', ". - "catId = $catId". - " WHERE appId = $appId")) - { - $statusMessage = "

Database Error!
".mysql_error()."

\n"; - addmsg($statusMessage, "red"); - } - else + $sUpdate = compile_update_string(array( 'appName' => $_REQUEST['appName'], + 'description' => $_REQUEST['description'], + 'webPage' => $_REQUEST['webPage'], + 'vendorId' => $_REQUEST['vendorId'], + 'keywords' => $_REQUEST['keywords'], + 'catId' => $_REQUEST['catId'] )); + + if (query_appdb("UPDATE `appFamily` SET $sUpdate WHERE `appId` = {$_REQUEST['appId']}")) addmsg("Database Updated", "green"); } - else if($submit1 == "Update URL") + else if($_REQUEST['submit'] == "Update URL") { - //process added URL - if(debugging()) { echo "

$url: $url_desc

"; } + if (!empty($_REQUEST['url_desc']) && !empty($_REQUEST['url']) ) + { + // process added URL + if(debugging()) { echo "

{$_REQUEST['url']}: {$_REQUEST['url_desc']}

"; } - if ($url_desc && $url ) - { - $query = "INSERT INTO appData VALUES (null, $appId, 0, 'url','$url_desc', '$url')"; + $aInsert = compile_insert_string( array( 'appId' => $_REQUEST['appId'], + 'type' => 'url', + 'description' => $_REQUEST['url_desc'], + 'url' => $_REQUEST['url'])); + + $sQuery = "INSERT INTO appData ({$aInsert['FIELDS']}) VALUES ({$aInsert['VALUES']})"; - if(debugging()) { echo "

query: $query

"; } + if(debugging()) { echo "

query: $sQuery

"; } - if (mysql_query($query)) - { - //success + if (query_appdb($sQuery)) addmsg("The URL was successfully added into the database", "green"); - } - else - { - //error - $statusMessage = "

Database Error!
".mysql_error()."

\n"; - addmsg($statusMessage, "red"); - } - } - else if ($url_desc != $url) // not both blank - { - addmsg("The URL or description was blank. URL not added into the database", "red"); } // Process changed URL's - for($i = 0; $i < $rows; $i++) + + for($i = 0; $i < $_REQUEST['rows']; $i++) { - if(debugging()) { echo "

$adescription[$i]: $aURL[$i]: $adelete[$i] : $aId[$i] : .$aOldDesc[$i]. : $aOldURL[$i]

"; } + if(debugging()) { echo "

{$_REQUEST['adescription'][$i]}: {$_REQUEST['aURL'][$i]}: {$_REQUEST['adelete'][$i]} : {$_REQUEST['aId'][$i]} : .{$_REQUEST['aOldDesc'][$i]}. : {$_REQUEST['aOldURL'][$i]}

"; } - if ($adelete[$i] == "on") + if ($_REQUEST['adelete'][$i] == "on") { - if(debugging()) { echo "

$adescription[$i]: $aURL[$i]: $adelete[$i] : $aId[$i] : $aOldDesc[$i] : $aOldURL[$i]

"; } - $result = mysql_query("DELETE FROM appData WHERE id = '$aId[$i]'"); + $hResult = query_appdb("DELETE FROM appData WHERE id = '{$_REQUEST['aId'][$i]}'"); + + if($hResult) + addmsg("

Successfully deleted URL ".$_REQUEST['aOldDesc'][$i]." (".$_REQUEST['aOldURL'][$i].")

\n",'green'); - if(!$result) - { - //error - $statusMessage = "

Database Error!
".mysql_error()." deleting URL ".$aOldDesc[$i]." (".$aOldURL[$i].")

\n"; - addmsg($statusMessage, "red"); - $i = $rows+1; - } - else - { - $statusMessage = "

Successfully deleted URL ".$aOldDesc[$i]." (".$aOldURL[$i].")

\n"; - addmsg($statusMessage, "green"); - } } - else if( $aURL[$i] != $aOldURL[$i] || $adescription[$i] != $aOldDesc[$i]) + else if( $_REQUEST['aURL'][$i] != $_REQUEST['aOldURL'][$i] || $_REQUEST['adescription'][$i] != $_REQUEST['aOldDesc'][$i]) { - if(!$aURL[$i] || !$adescription[$i]) + if(empty($_REQUEST['aURL'][$i]) || empty($_REQUEST['adescription'][$i])) addmsg("The URL or description was blank. URL not changed in the database", "red"); else { - if(debugging()) { echo "

$adescription[$i]: $aURL[$i]: $adelete[$i] : $aId[$i] : $aOldDesc[$i] : $aOldURL[$i]

"; } - $adescription[$i] = addslashes($adescription[$i]); - $aURL[$i] = addslashes($aURL[$i]); - if (!mysql_query("UPDATE appData SET description = '".$adescription[$i]."' , url = '".$aURL[$i]."'". - " WHERE Id = $aId[$i]")) - { - //error - $statusMessage = "

Database Error!
".mysql_error()." updateing URL ".$aOldDesc[$i]." (".$aOldURL[$i].")

\n"; - addmsg($statusMessage, "red"); - $i = $rows+1; - } - else - { - $statusMessage = "

Successfully updated ".$aOldDesc[$i]." (".$aOldURL[$i].")

\n"; - addmsg($statusMessage, "green"); - } + $sUpdate = compile_update_string( array( 'description' => $_REQUEST['adescription'][$i], + 'url' => $_REQUEST['aURL'][$i])); + if (query_appdb("UPDATE appData SET $sUpdate WHERE id = '{$_REQUEST['aId'][$i]}'")) + addmsg("

Successfully updated ".$_REQUEST['aOldDesc'][$i]." (".$_REQUEST['aOldURL'][$i].")

\n",'green'); } } } } + + redirect(apidb_fullurl("appview.php?appId={$_REQUEST['appId']}")); } -//Show the form for editing the Application Family +// Show the form for editing the Application Family { $family = new TableVE("edit"); - $result = mysql_query("SELECT appId, appName, vendorId, keywords, ". - "description, webPage, catId from appFamily WHERE ". - "appId = '$appId'"); - if(!$result) + $result = query_appdb("SELECT * from appFamily WHERE appId = '{$_REQUEST['appId']}'"); + + if(!mysql_num_rows($result)) { - errorpage("You must be logged in to edit preferences"); + errorpage('Application does not exist'); exit; } + + $ob = mysql_fetch_object($result); + + if(debugging()) { echo "

appName: $ob->appName

"; } - list($appId, $appName, $vendorId, $keywords, $description, $webPage, $catId) = mysql_fetch_row($result); - if(debugging()) { echo "

appName: $appName

"; } - - // show edit app family form - $table = "appFamily"; - $query = "SELECT * FROM $table WHERE appId = $appId"; - - if(debugging()) { echo "

query: $query

"; } - apidb_header("Edit Application Family"); + apidb_header("Edit Application Family"); echo "
\n"; - echo html_frame_start("Data for Application ID $appId", "90%","",0); + echo html_frame_start("Data for Application ID $ob->appId", "90%","",0); echo html_table_begin("width='100%' border=0 align=left cellpadding=6 cellspacing=0 class='box-body'"); - echo ''; - echo 'Name',"\n"; + echo ''; + echo 'Name',"\n"; echo 'Vendor'; - $family->make_option_list("vendorId", $vendorId, "vendor", "vendorId", "vendorName"); + $family->make_option_list("vendorId", $ob->vendorId, "vendor", "vendorId", "vendorName"); echo '',"\n"; - echo 'Keywords',"\n"; + echo 'Keywords',"\n"; echo 'Description', "\n"; - echo '',"\n"; - echo 'Web Page',"\n"; + echo '',"\n"; + echo 'Web Page',"\n"; echo 'Category'; - $family->make_option_list("catId", $catId, "appCategory", "catId", "catName"); + $family->make_option_list("catId", $ob->catId, "appCategory", "catId", "catName"); echo '',"\n"; - echo '',"\n"; + echo '',"\n"; echo html_table_end(); echo html_frame_end(); @@ -165,7 +135,7 @@ if($_POST) echo '',"\n"; $i = 0; - $result = mysql_query("SELECT * FROM appData WHERE appId = $appId AND type = 'url' AND versionId = 0"); + $result = mysql_query("SELECT * FROM appData WHERE appId = $ob->appId AND type = 'url' AND versionId = 0"); if($result && mysql_num_rows($result) > 0) { echo '',"\n"; - echo '',"\n"; echo ''; echo ''; echo '',"\n"; $i++; - } + } } else { echo '',"\n"; echo '',"\n"; } echo "\n"; - echo ''; + echo ""; echo '',"\n"; echo '',"\n"; - echo '',"\n"; + echo '',"\n"; echo '
Delete',"\n"; @@ -179,30 +149,30 @@ if($_POST) $temp4 = "aOldDesc[".$i."]"; $temp5 = "aOldURL[".$i."]"; echo '
',"\n"; + echo '',"\n"; echo '
DescriptionURL
New
',"\n"; echo html_frame_end(); - echo html_back_link(1,BASE."appview.php?appId=$appId"); + echo html_back_link(1,BASE."appview.php?appId=$ob->appId"); }