svn commit: r325 - trunk/mapbender/http/php/mod_editElements.php
uli at osgeo.org
uli at osgeo.org
Fri May 19 11:53:24 EDT 2006
Author: uli
Date: 2006-05-19 15:53:24+0000
New Revision: 325
Modified:
trunk/mapbender/http/php/mod_editElements.php
Log:
transactions modified
db_prep_query included
permission validation included
Modified: trunk/mapbender/http/php/mod_editElements.php
Url: https://mapbender.osgeo.org/source/browse/mapbender/trunk/mapbender/http/php/mod_editElements.php?view=diff&rev=325&p1=trunk/mapbender/http/php/mod_editElements.php&p2=trunk/mapbender/http/php/mod_editElements.php&r1=324&r2=325
==============================================================================
--- trunk/mapbender/http/php/mod_editElements.php (original)
+++ trunk/mapbender/http/php/mod_editElements.php 2006-05-19 15:53:24+0000
@@ -19,12 +19,13 @@
session_start();
import_request_variables("PG");
-include("../php/mb_validateSession.php");
require_once("../../conf/mapbender.conf");
-require_once("../classes/class_administration.php");
$con = db_connect($DBSERVER,$OWNER,$PW);
db_select_db(DB,$con);
-
+include("../php/mb_validatePermission.php");
+require_once("../classes/class_administration.php");
+$sParams = SID."&guiID=".$_REQUEST["guiID"]."&elementID=".$_REQUEST["elementID"];
+$self = $PHP_SELF . "?".$sParams;
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
@@ -134,25 +135,19 @@
if($modPerm == false){
$modPermAlert = true;
}
-
}
-
-
- if(isset($e_js_file) && preg_match("/((\w+|\/)+.php)/i", $e_js_file, $matches)){
+ if(isset($e_js_file) && preg_match("/((\w+|\/)+.php)/i", $e_js_file, $matches)){
$modPerm = $mod->checkModulePermission($aGuis, $matches[1], "e_js_file");
if($modPerm == false){
$modPermAlert = true;
}
}
-
- if(isset($e_mb_mod) && preg_match("/((\w+|\/)+.php)/i", $e_mb_mod, $matches)){
+ if(isset($e_mb_mod) && preg_match("/((\w+|\/)+.php)/i", $e_mb_mod, $matches)){
$modPerm = $mod->checkModulePermission($aGuis, $matches[1], "e_mb_mod");
if($modPerm == false){
$modPermAlert = true;
}
}
-
-
if(isset($e_src) && preg_match("/((\w+|\/)+.php)/i", $e_src, $matches)){
$modPerm = $mod->checkModulePermission($aGuis, $matches[1], "e_src");
@@ -160,7 +155,6 @@
$modPermAlert = true;
}
}
-
if($modPermAlert == true){
unset($mySave);
echo "<script language='JavaScript'>";
@@ -171,87 +165,78 @@
}
# end permission-check -------------------------------------------------------------
- $sql = array();
-if ($mySave == '1'){
-
- $sql_vars = "SELECT * FROM gui_element_vars WHERE fkey_e_id = '".$e_id."' AND fkey_gui_id = '".$guiList1."'";
- $res_vars = db_query($sql_vars);
-
-
- if(SYS_DBTYPE=='pgsql')
- {
- #$sql[0] = "SET AUTOCOMMIT=1";
- }
- else
- {
- #$sql[0] = "SET AUTOCOMMIT=0";
- }
- $sql[1] = "BEGIN";
- $sql[2] = "DELETE FROM gui_element WHERE e_id = '".$e_id."' AND fkey_gui_id = '".$guiList1."'";
-
-
- if($e_left == ''){$e_left = "NULL";}
- if($e_top == ''){$e_top = "NULL";}
- if($e_width < 1){$e_width = "NULL";}
- if($e_height < 1){$e_height = "NULL";}
- if($e_z_index < 1){$e_z_index = "NULL";}
- $sql[3] = "INSERT INTO gui_element(fkey_gui_id,e_id,e_pos,e_public,e_comment,e_element,e_src,e_attributes,e_left,e_top,e_width,e_height,e_z_index,e_more_styles,e_content,e_closetag,e_js_file,e_mb_mod,e_target,e_requires) ";
- $sql[3] .= "VALUES ('".$guiList1."','".$e_id."','".$e_pos."','".$e_public."','".db_escape_string($e_comment)."','".$e_element."','".$e_src."','".db_escape_string($e_attributes)."',".$e_left.",".$e_top.",".$e_width.",".$e_height.",".$e_z_index.",'".$e_more_styles."','".db_escape_string($e_content)."','".$e_closetag."','".$e_js_file."','".$e_mb_mod."','".$e_target."','".$e_requires."')";
+ if ($mySave == '1'){
+ $sql_vars = "SELECT * FROM gui_element_vars WHERE fkey_e_id = $1 AND fkey_gui_id = $2";
+ $v = array($e_id,$guiList1);
+ $t = array('s','s');
+ $res_vars = db_prep_query($sql_vars,$v,$t);
+
+ db_begin();
+
+ $sql = "DELETE FROM gui_element WHERE e_id = $1 AND fkey_gui_id = $2 ";
+ $v = array($e_id,$guiList1);
+ $t = array('s','s');
+ $res = db_prep_query($sql,$v,$t);
+
+ if($e_left == ''){$e_left = NULL;}
+ if($e_top == ''){$e_top = NULL;}
+ if($e_width < 1){$e_width = NULL;}
+ if($e_height < 1){$e_height = NULL;}
+ if($e_z_index < 1){$e_z_index = NULL;}
+
+ $sql = "INSERT INTO gui_element(fkey_gui_id,e_id,e_pos,e_public,e_comment,e_element,e_src,";
+ $sql .= "e_attributes,e_left,e_top,e_width,e_height,e_z_index,e_more_styles,e_content,";
+ $sql .= "e_closetag,e_js_file,e_mb_mod,e_target,e_requires) ";
+ $sql .= "VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$19,$20)";
+ $v = array($guiList1,$e_id,$e_pos,$e_public,$e_comment,$e_element,$e_src,$e_attributes,$e_left,$e_top,$e_width,$e_height,$e_z_index,$e_more_styles,$e_content,$e_closetag,$e_js_file,$e_mb_mod,$e_target,$e_requires);
+ $t = array('s','s','i','i','s','s','s','s','i','i','i','i','i','s','s','s','s','s','s','s');
+ $res = db_prep_query($sql,$v,$t);
+ if(!$res){
+ db_rollback();
+ }
+
//copy element vars
- $sql[4] = "INSERT INTO gui_element_vars SELECT '".$guiList1."', '".$e_id."', var_name, var_value, context, var_type FROM gui_element_vars WHERE fkey_e_id = '".$e_id."' AND fkey_gui_id = '".$_POST["originGuiOfSelectedElement"]."';";
-
- }
- # mySave == 2 <=> just save GUI description
- elseif ($mySave == '2') {
- if(SYS_DBTYPE=='pgsql')
- {
- #$sql[0] = "SET AUTOCOMMIT=1";
- }
- else
- {
- #$sql[0] = "SET AUTOCOMMIT=0";
- }
- $sql[1] = "BEGIN";
- $sql[3] = "UPDATE gui SET gui_description = '". $guiDesc."' WHERE gui_id ='".$guiId."'";
- }
- if(count($sql) > 0){
- foreach ($sql as $mysql){
- $res = db_query($mysql);
- if(!$res){echo db_error();break;}
- if($res){
- $res = db_query( "COMMIT");
- if($SYS_DBTYPE=='mysql'){
- $res = db_query( "SET AUTOCOMMIT=1");
- }
- }
- else{
- $res = db_query( "ROLLBACK");
- if($SYS_DBTYPE=='mysql'){
- $res = db_query( "SET AUTOCOMMIT=1");
- }
- }
- }
-
- if(isset($sql_vars)){//sicherstellen das keine Element_Vars gelöscht wurden
- while($row = db_fetch_array($res_vars)){
- $securesql = "INSERT INTO gui_element_vars (fkey_gui_id,fkey_e_id,var_name,var_value,context,var_type) VALUES ('".$guiList1."','".$e_id."','".$row["var_name"]."','".$row["var_value"]."','".$row["context"]."','".$row["var_type"]."');";
-
- //echo $securesql."<BR>";
- $secureinsert = db_query($securesql);
- }
- }
+ $sql = "SELECT * FROM gui_element_vars WHERE fkey_e_id = $1 AND fkey_gui_id = $2";
+ $v = array($e_id,$_POST["originGuiOfSelectedElement"]);
+ print_r($v);
+ $t = array('s','s');
+ $c = 0;
+ $res = db_prep_query($sql,$v,$t);
+ while($row = db_fetch_array($res)){
+ $sql = array();
+ $v = array();
+ $t = array();
+ $r = array();
+ $sql[$c] = "INSERT INTO gui_element_vars (fkey_gui_id,fkey_e_id,var_name,var_value,context,var_type) ";
+ $sql[$c] .= "VALUES ($1,$2,$3,$4,$5,$6)";
+ $v[$c] = array($guiList1,$e_id,$row["var_name"],$row["var_value"],$row["context"],$row["var_type"]);
+ $t[$c] = array('s','s','s','s','s','s');
+ $r[$c] = db_prep_query($sql[$c],$v[$c],$t[$c]);
+ if(!$r){
+ db_rollback();
+ }
+ $c++;
+ }
+ db_commit();
+ }
+ # mySave == 2 <=> just save GUI description
+ elseif ($mySave == '2') {
+ $sql = "UPDATE gui SET gui_description = $1 WHERE gui_id = $2";
+ $v = array($guiDesc,$guiId);
+ $t = array('s','s');
+ $res = db_prep_query($sql,$v,$t);
+ }
- #echo $sql;
- if(!$res){break;}
- }
}
if(isset($myDelete) && $myDelete == '1'){
- $sql = "DELETE FROM gui_element WHERE e_id = '".$e_id."' AND fkey_gui_id = '".$guiList1."'";
- $res = db_query($sql);
- $e_id = ""; $e_pos = ""; $e_public = ""; $e_comment = ""; $e_element = "";
- $e_src = ""; $e_attributes = ""; $e_left = ""; $e_top = ""; $e_width = ""; $e_height = ""; $e_z_index = "";
- $e_more_styles = ""; $e_content = ""; $e_closetag = ""; $e_js_file = ""; $e_mb_mod = ""; $e_target = ""; $e_requires = "";
+ $sql = "DELETE FROM gui_element WHERE e_id = $1 AND fkey_gui_id = $2";
+ $v = array($e_id,$guiList1);
+ $t = array('s','s');
+ $res = db_prep_query($sql,$v,$t);
+ $e_id = ""; $e_pos = ""; $e_public = ""; $e_comment = ""; $e_element = "";
+ $e_src = ""; $e_attributes = ""; $e_left = ""; $e_top = ""; $e_width = ""; $e_height = ""; $e_z_index = "";
+ $e_more_styles = ""; $e_content = ""; $e_closetag = ""; $e_js_file = ""; $e_mb_mod = ""; $e_target = ""; $e_requires = "";
}
if(isset($myShow) && $myShow == '1'){
$_SESSION["mb_user_myGui"] = $guiList1;
@@ -260,52 +245,60 @@
echo "</script>";
}
if(isset($all) && $all == '1'){
- $sql = "SELECT * FROM gui_element WHERE fkey_gui_id = '".$guiList2."'";
- $res = db_query($sql);
- $cnt = 0;
- while($row = db_fetch_array($res)){
- $sql_del = "DELETE FROM gui_element WHERE fkey_gui_id = '".$guiList1."' AND e_id = '".$row["e_id"]."'";
- $res_del = db_query($sql_del);
- if($row["e_left"] == ""){$myleft = 'NULL';} else{$myleft = $row["e_left"];}
- if($row["e_top"] == ""){$mytop = 'NULL';} else{$mytop = $row["e_top"];}
- if($row["e_width"] == ""){$mywidth = 'NULL';} else{$mywidth = $row["e_width"];}
- if($row["e_height"] == ""){$myheight = 'NULL';} else{$myheight = $row["e_height"];}
- if($row["e_z_index"] == ""){$my_z_index = 'NULL';} else{$my_z_index = $row["e_z_index"];}
-
- $sql_ins = "INSERT INTO gui_element(fkey_gui_id,e_id,e_pos,e_public,e_comment,e_element,e_src,e_attributes,e_left,e_top,e_width,e_height,e_z_index,e_more_styles,e_content,e_closetag,e_js_file,e_mb_mod,e_target,e_requires) ";
- $sql_ins .= "VALUES ('".$guiList1."','".$row["e_id"]."','".$row["e_pos"]."','".$row["e_public"]."','".db_escape_string($row["e_comment"])."','".$row["e_element"]."','".$row["e_src"]."','".db_escape_string($row["e_attributes"])."',".$myleft.",";
- $sql_ins .= $mytop.",".$mywidth.",".$myheight.",".$my_z_index.",'".$row["e_more_styles"]."','".db_escape_string($row["e_content"])."','".$row["e_closetag"]."','".$row["e_js_file"]."','".$row["e_mb_mod"]."','".$row["e_target"]."','".$row["e_requires"]."')";
-
-
- $res_ins = db_query($sql_ins);
- if(!$res_ins){echo db_error($con); }
- $cnt++;
- }
- $sql = "SELECT * FROM gui_element_vars WHERE fkey_gui_id = '".$guiList2."'";
- $res = db_query($sql);
- $cnt = 0;
- while($row = db_fetch_array($res)){
- $sql_ins2 = "INSERT INTO gui_element_vars(fkey_gui_id,fkey_e_id,var_name,var_value,context,var_type) ";
- $sql_ins2 .= "VALUES ('".$guiList1."','".$row["fkey_e_id"]."','".$row["var_name"]."','".db_escape_string($row["var_value"])."','".db_escape_string($row["context"])."','".$row["var_type"]."')";
- $res_ins2 = db_query($sql_ins2);
- if(!$res_ins2){echo db_error($connect); }
-
- $cnt++;
- }
-
-
+ $sql = "SELECT * FROM gui_element WHERE fkey_gui_id = $1";
+ $v = array($guiList2);
+ $t = array('s');
+ $res = db_prep_query($sql,$v,$t);
+ $cnt = 0;
+ db_begin();
+ while($row = db_fetch_array($res)){
+ $sql_del = "DELETE FROM gui_element WHERE fkey_gui_id = $1 AND e_id = $2";
+ $v = array($guiList1,$row["e_id"]);
+ $t = array('s','s');
+ $res_del = db_prep_query($sql_del,$v,$t);
+ if($row["e_left"] == ""){$myleft = NULL;} else{$myleft = $row["e_left"];}
+ if($row["e_top"] == ""){$mytop = NULL;} else{$mytop = $row["e_top"];}
+ if($row["e_width"] == ""){$mywidth = NULL;} else{$mywidth = $row["e_width"];}
+ if($row["e_height"] == ""){$myheight = NULL;} else{$myheight = $row["e_height"];}
+ if($row["e_z_index"] == ""){$my_z_index = NULL;} else{$my_z_index = $row["e_z_index"];}
+
+ $sql_ins = "INSERT INTO gui_element(fkey_gui_id,e_id,e_pos,e_public,e_comment,e_element,e_src,e_attributes,e_left,e_top,e_width,e_height,e_z_index,e_more_styles,e_content,e_closetag,e_js_file,e_mb_mod,e_target,e_requires) ";
+ $sql_ins .= "VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$19,$20)";
+ $v = array($guiList1,$row["e_id"],$row["e_pos"],$row["e_public"],$row["e_comment"],$row["e_element"],$row["e_src"],$row["e_attributes"],$myleft,$mytop,$mywidth,$myheight,$my_z_index,$row["e_more_styles"],$row["e_content"],$row["e_closetag"],$row["e_js_file"],$row["e_mb_mod"],$row["e_target"],$row["e_requires"]);
+ $t = array('s','s','i','i','s','s','s','s','i','i','i','i','i','s','s','s','s','s','s','s');
+ $res_ins = db_prep_query($sql_ins,$v,$t);
+ if(!$res_ins){db_rollback(); }
+ $cnt++;
+ }
+ $sql = "SELECT * FROM gui_element_vars WHERE fkey_gui_id = $1";
+ $v = array($guiList2);
+ $t = array('s');
+ $res = db_prep_query($sql,$v,$t);
+ $cnt = 0;
+ while($row = db_fetch_array($res)){
+ $sql_ins2 = "INSERT INTO gui_element_vars(fkey_gui_id,fkey_e_id,var_name,var_value,context,var_type) ";
+ $sql_ins2 .= "VALUES ($1,$2,$3,$4,$5,$6)";
+ $v = array($guiList1,$row["fkey_e_id"],$row["var_name"],$row["var_value"],$row["context"],$row["var_type"]);
+ $t = array('s','s','s','s','s','s');
+ $res_ins2 = db_prep_query($sql_ins2,$v,$t);
+ if(!$res_ins2){db_rollback(); }
+ $cnt++;
+ }
+ db_commit();
}
# end
echo "<script language='javascript'>";
echo "var guiIDs = new Array();";
if(isset($guiList1)){
- $sql = "SELECT e_id FROM gui_element WHERE fkey_gui_id = '".$guiList1."'";
- $res = db_query($sql);
- $cnt = 0;
- while($row = db_fetch_array($res)){
- echo "guiIDs[".$cnt."] = '".$row["e_id"]."'; ";
- $cnt++;
- }
+ $sql = "SELECT e_id FROM gui_element WHERE fkey_gui_id = $1";
+ $v = array($guiList1);
+ $t = array('s');
+ $res = db_prep_query($sql,$v,$t);
+ $cnt = 0;
+ while($row = db_fetch_array($res)){
+ echo "guiIDs[".$cnt."] = '".$row["e_id"]."'; ";
+ $cnt++;
+ }
}
echo "</script>";
?>
@@ -390,15 +383,21 @@
$admin = new administration();
$ownguis = $admin->getGuisByOwner($_SESSION["mb_user_id"]);
$permguis = $admin->getGuisByPermission($_SESSION["mb_user_id"]);
-echo "<form name='form1' action='" . $_SERVER['PHP_SELF'] . "?".SID."' method='post'>\n";
+echo "<form name='form1' action='" . $self ."' method='post'>\n";
if(count($ownguis)>0){
+ $v = array();
+ $t = array();
+ $c = 1;
$sql = "SELECT * from gui WHERE gui.gui_id IN(";
for($i=0; $i<count($ownguis); $i++){
if($i>0){ $sql .= ",";}
- $sql .= "'".$ownguis[$i]."'";
+ $sql .= "$".$c;
+ array_push($v,$ownguis[$i]);
+ array_push($t,'s');
+ $c++;
}
$sql .= ") order by gui_id;";
- $res = db_query($sql);
+ $res = db_prep_query($sql,$v,$t);
$count=0;
while($row = db_fetch_array($res)){
$gui_id_own[$count]=$row["gui_id"];
@@ -407,14 +406,19 @@
$count++;
}
-
+ $v = array();
+ $t = array();
+ $c = 1;
$sql = "SELECT * from gui WHERE gui.gui_id IN(";
for($i=0; $i<count($permguis); $i++){
if($i>0){ $sql .= ",";}
- $sql .= "'".$permguis[$i]."'";
+ $sql .= "$".$c;
+ array_push($v,$permguis[$i]);
+ array_push($t,'s');
+ $c++;
}
$sql .= ") order by gui_id;";
- $res = db_query($sql);
+ $res = db_prep_query($sql,$v,$t);
$count=0;
while($row = db_fetch_array($res)){
$gui_id_perm[$count]= $row["gui_id"];
@@ -493,8 +497,10 @@
echo "<div class='guiList2_header'>Templates</div>\n";
$isTemplate = true;
}
- $sql = "SELECT * FROM gui_element WHERE fkey_gui_id = '".$guiList2."' ORDER BY e_id";
- $res = db_query($sql);
+ $sql = "SELECT * FROM gui_element WHERE fkey_gui_id = $1 ORDER BY e_id";
+ $v = array($guiList2);
+ $t = array('s');
+ $res = db_prep_query($sql,$v,$t);
$cnt = 0;
echo "<div class='myElements'>\n<table ";
@@ -516,7 +522,7 @@
//echo "</td>\n<td class='myTable'>". $row["e_id"]. "</td><td class='myTable'>" .$row["e_comment"]."</td>";
echo "</td>\n";
echo "<td class='myTable'>";
- echo "<a href=\"mod_editElementVars.php?".SID."&fkey_gui_id=".$guiList2."&fkey_e_id=".$row["e_id"]."\">";
+ echo "<a href=\"mod_editElementVars.php?".$sParams."&fkey_gui_id=".$guiList2."&fkey_e_id=".$row["e_id"]."\">";
echo $row["e_id"];
echo "</a>\n</td>\n";
echo "<td class='myTable'>".$row["e_comment"]."</td>";
@@ -528,63 +534,66 @@
#Formular:
echo "<table class='myForm'>\n";
//echo "<tr><td>" . $_POST["originGuiOfSelectedElement"] . "</td></tr>";
- if(isset($myElement)){
+if(isset($myElement)){
- $sql = "SELECT * FROM gui_element WHERE fkey_gui_id = '".$guiList2."' AND e_id = '".$myElement."'";
- $res = db_query($sql);
- if($row = db_fetch_array($res)){
- echo "<tr><td>ID: </td><td><input type='text' class='textfield' name='e_id' value='".$row["e_id"]."'></td></tr>\n";
- echo "<tr><td>Position: </td><td><input type='text' class='textfield' name='e_pos' value='".$row["e_pos"]."'></td></tr>\n";
- echo "<tr><td>ON/OFF: </td><td><input type='text' class='textfield' name='e_public' value='".$row["e_public"]."'></td></tr>\n";
- echo "<tr><td>Comment: </td><td><textarea cols='32' rows='5' name='e_comment' >".stripslashes($row["e_comment"])."</textarea></td></tr>\n";
- echo "<tr><td>HTML-TAG: </td><td><input type='text' class='textfield' name='e_element' value='".$row["e_element"]."'></td></tr>\n";
- echo "<tr><td>SRC: </td><td><input type='text' class='textfield' name='e_src' value='".$row["e_src"]."'></td></tr>\n";
- echo "<tr><td>Attributes: </td><td><textarea cols='32' rows='5' name='e_attributes' >".stripslashes($row["e_attributes"])."</textarea></td></tr>\n";
- echo "<tr><td>Left: </td><td><input type='text' class='textfield' name='e_left' value='".$row["e_left"]."'></td></tr>\n";
- echo "<tr><td>Top: </td><td><input type='text' class='textfield' name='e_top' value='".$row["e_top"]."'></td></tr>\n";
- echo "<tr><td>Width: </td><td><input type='text' class='textfield' name='e_width' value='".$row["e_width"]."'></td></tr>\n";
- echo "<tr><td>Height: </td><td><input type='text' class='textfield' name='e_height' value='".$row["e_height"]."'></td></tr>\n";
- echo "<tr><td>Z-INDEX: </td><td><input type='text' class='textfield' name='e_z_index' value='".$row["e_z_index"]."'></td></tr>\n";
- echo "<tr><td>Styles: </td><td><input type='text' class='textfield' name='e_more_styles' value='".$row["e_more_styles"]."'></td></tr>\n";
- echo "<tr><td>Content: </td><td><textarea cols='32' rows='4' name='e_content' >".stripslashes($row["e_content"])."</textarea></td></tr>\n";
- echo "<tr><td>Close-TAG: </td><td><input type='text' class='textfield' name='e_closetag' value='".$row["e_closetag"]."'></td></tr>\n";
- echo "<tr><td>JavaScript: </td><td><input type='text' class='textfield' name='e_js_file' value='".$row["e_js_file"]."'></td></tr>\n";
- echo "<tr><td>Modul: </td><td><input type='text' class='textfield' name='e_mb_mod' value='".$row["e_mb_mod"]."'></td></tr>\n";
- echo "<tr><td>Target: </td><td><input type='text' class='textfield' name='e_target' value='".$row["e_target"]."'></td></tr>\n";
- echo "<tr><td>Requires: </td><td><input type='text' class='textfield' name='e_requires' value='".$row["e_requires"]."'></td></tr>\n";
- }
- echo "</table>";
- }
- else if(isset($guiList1)){
- echo "<tr><td>ID: </td><td><input type='text' class='textfield' name='e_id' value='".$e_id."'></td></tr>\n";
- echo "<tr><td>Position: </td><td><input type='text' class='textfield' name='e_pos' value='".$e_pos."'></td></tr>\n";
- echo "<tr><td>ON/OFF: </td><td><input type='text' class='textfield' name='e_public' value='".$e_public."'></td></tr>\n";
- echo "<tr><td>Comment: </td><td><textarea cols='32' rows='5' name='e_comment' >".stripslashes($e_comment)."</textarea></td></tr>\n";
- echo "<tr><td>HTML-TAG: </td><td><input type='text' class='textfield' name='e_element' value='".$e_element."'></td></tr>\n";
- echo "<tr><td>SRC: </td><td><input type='text' class='textfield' name='e_src' value='".$e_src."'></td></tr>\n";
- echo "<tr><td>Attributes: </td><td><textarea cols='32' rows='5' name='e_attributes' >".stripslashes($e_attributes)."</textarea></td></tr>\n";
- echo "<tr><td>Left: </td><td><input type='text' class='textfield' name='e_left' value='".$e_left."'></td></tr>\n";
- echo "<tr><td>Top: </td><td><input type='text' class='textfield' name='e_top' value='".$e_top."'></td></tr>\n";
- echo "<tr><td>Width: </td><td><input type='text' class='textfield' name='e_width' value='".$e_width."'></td></tr>\n";
- echo "<tr><td>Height: </td><td><input type='text' class='textfield' name='e_height' value='".$e_height."'></td></tr>\n";
- echo "<tr><td>Z-INDEX: </td><td><input type='text' class='textfield' name='e_z_index' value='".$e_z_index."'></td></tr>\n";
- echo "<tr><td>Styles: </td><td><input type='text' class='textfield' name='e_more_styles' value='".$e_more_styles."'></td></tr>\n";
- echo "<tr><td>Content: </td><td><textarea cols='32' rows='4' name='e_content' >".stripslashes($e_content)."</textarea></td></tr>\n";
- echo "<tr><td>Close-TAG: </td><td><input type='text' class='textfield' name='e_closetag' value='".$e_closetag."'></td></tr>\n";
- echo "<tr><td>JavaScript: </td><td><input type='text' class='textfield' name='e_js_file' value='".$e_js_file."'></td></tr>\n";
- echo "<tr><td>Module: </td><td><input type='text' class='textfield' name='e_mb_mod' value='".$e_mb_mod."'></td></tr>\n";
- echo "<tr><td>Target: </td><td><input type='text' class='textfield' name='e_target' value='".$e_target."'></td></tr>\n";
- echo "<tr><td>Requires: </td><td><input type='text' class='textfield' name='e_requires' value='".$e_requires."'></td></tr>\n";
- }
- echo "</table>\n";
- echo "<input type='hidden' name='originGuiOfSelectedElement' value='" . $_POST["originGuiOfSelectedElement"] . "'>";
-
- echo "<input type='hidden' name='myDelete'>";
- echo "<input type='hidden' name='mySave'>";
- echo "<input type='hidden' name='myShow'>";
- echo "<input type='hidden' name='all'>";
- echo "</form>";
-}else{
+ $sql = "SELECT * FROM gui_element WHERE fkey_gui_id = '".$guiList2."' AND e_id = '".$myElement."'";
+ $v = array();
+ $t = array();
+ $res = db_prep_query($sql,$v,$t);
+ if($row = db_fetch_array($res)){
+ echo "<tr><td>ID: </td><td><input type='text' class='textfield' name='e_id' value='".$row["e_id"]."'></td></tr>\n";
+ echo "<tr><td>Position: </td><td><input type='text' class='textfield' name='e_pos' value='".$row["e_pos"]."'></td></tr>\n";
+ echo "<tr><td>ON/OFF: </td><td><input type='text' class='textfield' name='e_public' value='".$row["e_public"]."'></td></tr>\n";
+ echo "<tr><td>Comment: </td><td><textarea cols='32' rows='5' name='e_comment' >".stripslashes($row["e_comment"])."</textarea></td></tr>\n";
+ echo "<tr><td>HTML-TAG: </td><td><input type='text' class='textfield' name='e_element' value='".$row["e_element"]."'></td></tr>\n";
+ echo "<tr><td>SRC: </td><td><input type='text' class='textfield' name='e_src' value='".$row["e_src"]."'></td></tr>\n";
+ echo "<tr><td>Attributes: </td><td><textarea cols='32' rows='5' name='e_attributes' >".stripslashes($row["e_attributes"])."</textarea></td></tr>\n";
+ echo "<tr><td>Left: </td><td><input type='text' class='textfield' name='e_left' value='".$row["e_left"]."'></td></tr>\n";
+ echo "<tr><td>Top: </td><td><input type='text' class='textfield' name='e_top' value='".$row["e_top"]."'></td></tr>\n";
+ echo "<tr><td>Width: </td><td><input type='text' class='textfield' name='e_width' value='".$row["e_width"]."'></td></tr>\n";
+ echo "<tr><td>Height: </td><td><input type='text' class='textfield' name='e_height' value='".$row["e_height"]."'></td></tr>\n";
+ echo "<tr><td>Z-INDEX: </td><td><input type='text' class='textfield' name='e_z_index' value='".$row["e_z_index"]."'></td></tr>\n";
+ echo "<tr><td>Styles: </td><td><input type='text' class='textfield' name='e_more_styles' value='".$row["e_more_styles"]."'></td></tr>\n";
+ echo "<tr><td>Content: </td><td><textarea cols='32' rows='4' name='e_content' >".stripslashes($row["e_content"])."</textarea></td></tr>\n";
+ echo "<tr><td>Close-TAG: </td><td><input type='text' class='textfield' name='e_closetag' value='".$row["e_closetag"]."'></td></tr>\n";
+ echo "<tr><td>JavaScript: </td><td><input type='text' class='textfield' name='e_js_file' value='".$row["e_js_file"]."'></td></tr>\n";
+ echo "<tr><td>Modul: </td><td><input type='text' class='textfield' name='e_mb_mod' value='".$row["e_mb_mod"]."'></td></tr>\n";
+ echo "<tr><td>Target: </td><td><input type='text' class='textfield' name='e_target' value='".$row["e_target"]."'></td></tr>\n";
+ echo "<tr><td>Requires: </td><td><input type='text' class='textfield' name='e_requires' value='".$row["e_requires"]."'></td></tr>\n";
+ }
+ echo "</table>";
+}
+else if(isset($guiList1)){
+ echo "<tr><td>ID: </td><td><input type='text' class='textfield' name='e_id' value='".$e_id."'></td></tr>\n";
+ echo "<tr><td>Position: </td><td><input type='text' class='textfield' name='e_pos' value='".$e_pos."'></td></tr>\n";
+ echo "<tr><td>ON/OFF: </td><td><input type='text' class='textfield' name='e_public' value='".$e_public."'></td></tr>\n";
+ echo "<tr><td>Comment: </td><td><textarea cols='32' rows='5' name='e_comment' >".stripslashes($e_comment)."</textarea></td></tr>\n";
+ echo "<tr><td>HTML-TAG: </td><td><input type='text' class='textfield' name='e_element' value='".$e_element."'></td></tr>\n";
+ echo "<tr><td>SRC: </td><td><input type='text' class='textfield' name='e_src' value='".$e_src."'></td></tr>\n";
+ echo "<tr><td>Attributes: </td><td><textarea cols='32' rows='5' name='e_attributes' >".stripslashes($e_attributes)."</textarea></td></tr>\n";
+ echo "<tr><td>Left: </td><td><input type='text' class='textfield' name='e_left' value='".$e_left."'></td></tr>\n";
+ echo "<tr><td>Top: </td><td><input type='text' class='textfield' name='e_top' value='".$e_top."'></td></tr>\n";
+ echo "<tr><td>Width: </td><td><input type='text' class='textfield' name='e_width' value='".$e_width."'></td></tr>\n";
+ echo "<tr><td>Height: </td><td><input type='text' class='textfield' name='e_height' value='".$e_height."'></td></tr>\n";
+ echo "<tr><td>Z-INDEX: </td><td><input type='text' class='textfield' name='e_z_index' value='".$e_z_index."'></td></tr>\n";
+ echo "<tr><td>Styles: </td><td><input type='text' class='textfield' name='e_more_styles' value='".$e_more_styles."'></td></tr>\n";
+ echo "<tr><td>Content: </td><td><textarea cols='32' rows='4' name='e_content' >".stripslashes($e_content)."</textarea></td></tr>\n";
+ echo "<tr><td>Close-TAG: </td><td><input type='text' class='textfield' name='e_closetag' value='".$e_closetag."'></td></tr>\n";
+ echo "<tr><td>JavaScript: </td><td><input type='text' class='textfield' name='e_js_file' value='".$e_js_file."'></td></tr>\n";
+ echo "<tr><td>Module: </td><td><input type='text' class='textfield' name='e_mb_mod' value='".$e_mb_mod."'></td></tr>\n";
+ echo "<tr><td>Target: </td><td><input type='text' class='textfield' name='e_target' value='".$e_target."'></td></tr>\n";
+ echo "<tr><td>Requires: </td><td><input type='text' class='textfield' name='e_requires' value='".$e_requires."'></td></tr>\n";
+}
+echo "</table>\n";
+echo "<input type='hidden' name='originGuiOfSelectedElement' value='" . $_POST["originGuiOfSelectedElement"] . "'>";
+
+echo "<input type='hidden' name='myDelete'>";
+echo "<input type='hidden' name='mySave'>";
+echo "<input type='hidden' name='myShow'>";
+echo "<input type='hidden' name='all'>";
+echo "</form>";
+}
+else{
echo "There are no guis available for this user. Please create a gui first.";
}
?>
More information about the Mapbender_commits
mailing list