Merge lp:~andy-freeborough/sahana-agasti/krakatoa into lp:sahana-agasti/krakatoa
- krakatoa
- Merge into stable-0.6
Proposed by
Andy Freeborough
Status: | Merged | ||||||||
---|---|---|---|---|---|---|---|---|---|
Merge reported by: | dot dot dot | ||||||||
Merged at revision: | not available | ||||||||
Proposed branch: | lp:~andy-freeborough/sahana-agasti/krakatoa | ||||||||
Merge into: | lp:sahana-agasti/krakatoa | ||||||||
Diff against target: |
1294 lines (+714/-259) 3 files modified
sahana-phase2/mod/cs/lib_cs_validate.inc (+2/-2) sahana-phase2/mod/vm/model/dao.php (+410/-257) sahana-phase2/www/xml.php (+302/-0) |
||||||||
To merge this branch: | bzr merge lp:~andy-freeborough/sahana-agasti/krakatoa | ||||||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
dot dot dot | Pending | ||
Review via email: mp+49512@code.launchpad.net |
Commit message
merged
Description of the change
I've restored /xml.php which was removed thinking it was no longer used. I've removed any potential of SQL injection attacks from /xml.php by changing queries built as strings to use bound parameters. I also fixed a problem with the config include and variables being used before they were declared.
To post a comment you must log in.
- 3816. By Andy Freeborough
-
In mod/vm/
model/dao. php I've wrapped all uses of a database query result object with a check to ensure that the result object isn't empty. This specifically addresses the issues reported in bug #632834 . - 3817. By Andy Freeborough
-
Fixed a problem where you could not add aid item types to a catalog - the code was incorrectly handling the measurement unit as a string rather than an array. This fixes bug #633267.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === modified file 'sahana-phase2/mod/cs/lib_cs_validate.inc' |
2 | --- sahana-phase2/mod/cs/lib_cs_validate.inc 2011-01-13 18:35:44 +0000 |
3 | +++ sahana-phase2/mod/cs/lib_cs_validate.inc 2011-02-12 21:04:37 +0000 |
4 | @@ -113,7 +113,7 @@ |
5 | * @return boolean |
6 | */ |
7 | function _shn_cs_validate_additem_form() |
8 | -{ |
9 | +{ |
10 | $error_flag = false; |
11 | clean_errors(); |
12 | |
13 | @@ -128,7 +128,7 @@ |
14 | $error_flag = true; |
15 | } |
16 | |
17 | - if(trim($_POST['unit_select']) == null) { |
18 | + if(empty($_POST['unit_select'])) { |
19 | add_error(_("Please select unit/units")); |
20 | $error_flag = true; |
21 | } |
22 | |
23 | === modified file 'sahana-phase2/mod/vm/model/dao.php' |
24 | --- sahana-phase2/mod/vm/model/dao.php 2008-10-31 03:31:55 +0000 |
25 | +++ sahana-phase2/mod/vm/model/dao.php 2011-02-12 21:04:37 +0000 |
26 | @@ -118,10 +118,14 @@ |
27 | |
28 | $result = $this->execute("select opt_id_type, serial from identity_to_person where p_uuid = '" . $id. "'"); |
29 | $info["ids"]= array(); |
30 | - while(!$result->EOF) |
31 | + |
32 | + if( !empty( $result ) ) |
33 | { |
34 | - $info["ids"][$result->fields["opt_id_type"]] = $result->fields["serial"]; |
35 | - $result->moveNext(); |
36 | + while(!$result->EOF) |
37 | + { |
38 | + $info["ids"][$result->fields["opt_id_type"]] = $result->fields["serial"]; |
39 | + $result->moveNext(); |
40 | + } |
41 | } |
42 | |
43 | // locations |
44 | @@ -149,10 +153,13 @@ |
45 | $info['proj_id'] = $info['pos_id'] = array(); |
46 | $result = $this->execute("select pos_id, proj_id from vm_vol_assignment_active where p_uuid = '$id'"); |
47 | |
48 | - while(!$result->EOF) { |
49 | - $info['pos_id' ][] = $result->fields['pos_id']; |
50 | - $info['proj_id'][] = $result->fields['proj_id']; |
51 | - $result->MoveNext(); |
52 | + if( !empty( $result ) ) |
53 | + { |
54 | + while(!$result->EOF) { |
55 | + $info['pos_id' ][] = $result->fields['pos_id']; |
56 | + $info['proj_id'][] = $result->fields['proj_id']; |
57 | + $result->MoveNext(); |
58 | + } |
59 | } |
60 | |
61 | |
62 | @@ -184,11 +191,16 @@ |
63 | "where pgoc_uuid = '$id'"); |
64 | |
65 | $contacts=array(); |
66 | - while(!$result->EOF) |
67 | + |
68 | + if( !empty( $result ) ) |
69 | { |
70 | - $contacts[$result->fields['opt_contact_type']] = $result->fields['contact_value']; |
71 | - $result->moveNext(); |
72 | + while(!$result->EOF) |
73 | + { |
74 | + $contacts[$result->fields['opt_contact_type']] = $result->fields['contact_value']; |
75 | + $result->moveNext(); |
76 | + } |
77 | } |
78 | + |
79 | $info['contact'] = $contacts; |
80 | |
81 | //number of unread messages |
82 | @@ -202,9 +214,13 @@ |
83 | //get skills |
84 | $info['skills'] = array(); |
85 | $result = $this->execute("SELECT opt_skill_code, option_description FROM vm_vol_skills JOIN field_options ON (opt_skill_code = option_code AND field_name = 'opt_skill_type') WHERE p_uuid = '$id'"); |
86 | - while(!$result->EOF) { |
87 | - $info['skills'][$result->fields['opt_skill_code']] = $result->fields['option_description']; |
88 | - $result->moveNext(); |
89 | + |
90 | + if( !empty( $result ) ) |
91 | + { |
92 | + while(!$result->EOF) { |
93 | + $info['skills'][$result->fields['opt_skill_code']] = $result->fields['option_description']; |
94 | + $result->moveNext(); |
95 | + } |
96 | } |
97 | |
98 | return $info; |
99 | @@ -225,11 +241,16 @@ |
100 | // get the ID codes and names from the 'field_options' table |
101 | $result = $this->execute("select option_code, option_description from field_options where field_name = 'opt_id_type'"); |
102 | $id_types = array(); |
103 | - while(!$result->EOF) |
104 | + |
105 | + if( !empty( $result ) ) |
106 | { |
107 | - $id_types[$result->fields['option_code']]= $result->fields['option_description']; |
108 | - $result->moveNext(); |
109 | - } |
110 | + while(!$result->EOF) |
111 | + { |
112 | + $id_types[$result->fields['option_code']]= $result->fields['option_description']; |
113 | + $result->moveNext(); |
114 | + } |
115 | + } |
116 | + |
117 | return $id_types; |
118 | } |
119 | |
120 | @@ -319,11 +340,16 @@ |
121 | { |
122 | $result = $this->execute("select option_code, option_description from field_options where field_name = 'opt_contact_type'"); |
123 | $contact_types = array(); |
124 | - while(!$result->EOF) |
125 | + |
126 | + if( !empty( $result ) ) |
127 | { |
128 | - $contact_types[$result->fields['option_code']]= $result->fields['option_description']; |
129 | - $result->moveNext(); |
130 | - } |
131 | + while(!$result->EOF) |
132 | + { |
133 | + $contact_types[$result->fields['option_code']]= $result->fields['option_description']; |
134 | + $result->moveNext(); |
135 | + } |
136 | + } |
137 | + |
138 | return $contact_types; |
139 | } |
140 | |
141 | @@ -388,20 +414,23 @@ |
142 | |
143 | $info = array(); |
144 | |
145 | - while(!$r->EOF) |
146 | + if( !empty( $r ) ) |
147 | { |
148 | - if(!isset($info[$r->fields['proj_id']])) |
149 | - $info[$r->fields['proj_id']] = array('project_name' => $r->fields['project_name']); |
150 | - |
151 | - $info[$r->fields['proj_id']][$r->fields['pos_id']] = array |
152 | - ( |
153 | - 'title' => $r->fields['title'], |
154 | - 'payrate' => $r->fields['payrate'], |
155 | - 'status' => $r->fields['status'] |
156 | - ); |
157 | - |
158 | - $r->MoveNext(); |
159 | - } |
160 | + while(!$r->EOF) |
161 | + { |
162 | + if(!isset($info[$r->fields['proj_id']])) |
163 | + $info[$r->fields['proj_id']] = array('project_name' => $r->fields['project_name']); |
164 | + |
165 | + $info[$r->fields['proj_id']][$r->fields['pos_id']] = array |
166 | + ( |
167 | + 'title' => $r->fields['title'], |
168 | + 'payrate' => $r->fields['payrate'], |
169 | + 'status' => $r->fields['status'] |
170 | + ); |
171 | + |
172 | + $r->MoveNext(); |
173 | + } |
174 | + } |
175 | |
176 | |
177 | //get the volunteer's hours worked for each project position |
178 | @@ -461,10 +490,15 @@ |
179 | |
180 | // put all information into an array for returning |
181 | $volunteers = array(); |
182 | - while(!$result->EOF) { |
183 | - $volunteers[] = new Volunteer($result->fields['p_uuid']); |
184 | - $result->moveNext(); |
185 | - } |
186 | + |
187 | + if( !empty( $result ) ) |
188 | + { |
189 | + while(!$result->EOF) { |
190 | + $volunteers[] = new Volunteer($result->fields['p_uuid']); |
191 | + $result->moveNext(); |
192 | + } |
193 | + } |
194 | + |
195 | return $volunteers; |
196 | } |
197 | |
198 | @@ -525,24 +559,29 @@ |
199 | // put all information into an array for returning |
200 | |
201 | $volunteers = array(); |
202 | - while(!$result->EOF) |
203 | + |
204 | + if( !empty( $result ) ) |
205 | { |
206 | - if(empty($result->fields['location_id'])) |
207 | - $locations = array(); |
208 | - else |
209 | - $locations = $this->getParentLocations($result->fields['location_id']); |
210 | - |
211 | - $volunteers[$result->fields['p_uuid']] = array |
212 | - ( |
213 | - 'full_name' => $result->fields['full_name'], |
214 | - 'locations' => $locations, |
215 | - 'affiliation' => ($result->fields['org_name']==null)?'':$result->fields['org_name'], |
216 | - 'pay_info' => $this->getVolHoursAndRate($result->fields['p_uuid'], $proj_id), |
217 | - 'status' => $result->fields['status'] |
218 | - ); |
219 | - |
220 | - $result->moveNext(); |
221 | - } |
222 | + while(!$result->EOF) |
223 | + { |
224 | + if(empty($result->fields['location_id'])) |
225 | + $locations = array(); |
226 | + else |
227 | + $locations = $this->getParentLocations($result->fields['location_id']); |
228 | + |
229 | + $volunteers[$result->fields['p_uuid']] = array |
230 | + ( |
231 | + 'full_name' => $result->fields['full_name'], |
232 | + 'locations' => $locations, |
233 | + 'affiliation' => ($result->fields['org_name']==null)?'':$result->fields['org_name'], |
234 | + 'pay_info' => $this->getVolHoursAndRate($result->fields['p_uuid'], $proj_id), |
235 | + 'status' => $result->fields['status'] |
236 | + ); |
237 | + |
238 | + $result->moveNext(); |
239 | + } |
240 | + } |
241 | + |
242 | return $volunteers; |
243 | } |
244 | |
245 | @@ -720,11 +759,15 @@ |
246 | |
247 | $result = $this->execute("SELECT pos_id, proj_id,project_name, ptype_id, slots, title, description, ptype_title, ptype_description, skill_code FROM vm_vol_assignment $whereClause ORDER BY proj_id "); |
248 | $positions = array(); |
249 | - while(!$result->EOF) { |
250 | - |
251 | - $this->remove_keys($result->fields); |
252 | - $positions[] = $result->fields; |
253 | - $result->moveNext(); |
254 | + |
255 | + if( !empty( $result ) ) |
256 | + { |
257 | + while(!$result->EOF) { |
258 | + |
259 | + $this->remove_keys($result->fields); |
260 | + $positions[] = $result->fields; |
261 | + $result->moveNext(); |
262 | + } |
263 | } |
264 | |
265 | $result = $this->execute("select pos_id, count(*) numVolunteers FROM vm_vol_assignment_active group by pos_id"); |
266 | @@ -784,11 +827,16 @@ |
267 | |
268 | $result = $this->execute($query); |
269 | $position = array(); |
270 | - while(!$result->EOF) |
271 | + |
272 | + if( !empty( $result ) ) |
273 | { |
274 | - $position[$result->fields['pos_id']] = array('title' => $result->fields['title'],'skill_code' => $result->fields['skill_code'], 'payrate' => $result->fields['payrate'], 'description' => $result->fields['description'],'slots' => $result->fields['slots']); |
275 | - $result->moveNext(); |
276 | + while(!$result->EOF) |
277 | + { |
278 | + $position[$result->fields['pos_id']] = array('title' => $result->fields['title'],'skill_code' => $result->fields['skill_code'], 'payrate' => $result->fields['payrate'], 'description' => $result->fields['description'],'slots' => $result->fields['slots']); |
279 | + $result->moveNext(); |
280 | + } |
281 | } |
282 | + |
283 | return $position; |
284 | } |
285 | |
286 | @@ -814,11 +862,16 @@ |
287 | function listPositionTypes() { |
288 | $result = $this->execute("select ptype_id, title, description, skill_code from vm_positiontype"); |
289 | $ptypes = array(); |
290 | - while(!$result->EOF) { |
291 | - $this->remove_keys($result->fields); |
292 | - $ptypes[] = $result->fields; |
293 | - $result->moveNext(); |
294 | - } |
295 | + |
296 | + if( !empty( $result ) ) |
297 | + { |
298 | + while(!$result->EOF) { |
299 | + $this->remove_keys($result->fields); |
300 | + $ptypes[] = $result->fields; |
301 | + $result->moveNext(); |
302 | + } |
303 | + } |
304 | + |
305 | return $ptypes; |
306 | } |
307 | |
308 | @@ -936,14 +989,18 @@ |
309 | $result = $this->execute($query); |
310 | } |
311 | $projects = array(); |
312 | - while(!$result->EOF) |
313 | + |
314 | + if( !empty( $result ) ) |
315 | { |
316 | - if($simple) |
317 | - $projects[$result->fields['proj_id']] = $result->fields['name']; |
318 | - else |
319 | - $projects[$result->fields['proj_id']] = array('name' => $result->fields['name'], 'description' => $result->fields['description']); |
320 | - $result->moveNext(); |
321 | - } |
322 | + while(!$result->EOF) |
323 | + { |
324 | + if($simple) |
325 | + $projects[$result->fields['proj_id']] = $result->fields['name']; |
326 | + else |
327 | + $projects[$result->fields['proj_id']] = array('name' => $result->fields['name'], 'description' => $result->fields['description']); |
328 | + $result->moveNext(); |
329 | + } |
330 | + } |
331 | |
332 | return $projects; |
333 | } |
334 | @@ -978,13 +1035,17 @@ |
335 | "from vm_position_active where proj_id = '$proj_id'"); |
336 | |
337 | $proj['positions'] = array(); |
338 | - while(!$result->EOF) { |
339 | - $this->remove_keys($result->fields); |
340 | - $result->fields['pos_id'] = $result->fields['this_pos_id']; |
341 | - unset($result->fields['this_pos_id']); |
342 | - $proj['positions'][$result->fields['pos_id']] = $result->fields; |
343 | - $result->moveNext(); |
344 | - } |
345 | + |
346 | + if( !empty( $result ) ) |
347 | + { |
348 | + while(!$result->EOF) { |
349 | + $this->remove_keys($result->fields); |
350 | + $result->fields['pos_id'] = $result->fields['this_pos_id']; |
351 | + unset($result->fields['this_pos_id']); |
352 | + $proj['positions'][$result->fields['pos_id']] = $result->fields; |
353 | + $result->moveNext(); |
354 | + } |
355 | + } |
356 | |
357 | return $proj; |
358 | } |
359 | @@ -1104,45 +1165,48 @@ |
360 | $tree = new Tree("?mod=vm&stream=text&act=display_js&js="); |
361 | $tree->setRoot(new Node(_('Skills and Work Restrictions'))); |
362 | |
363 | - while(!$result->EOF) |
364 | + if( !empty( $result ) ) |
365 | { |
366 | - $split = preg_split('/'. VM_SKILLS_DELIMETER .'/', $result->fields['option_description']); |
367 | - $cur_parent = $tree->root; |
368 | - |
369 | - foreach($split as $index => $name) |
370 | - { |
371 | - $name = trim($name); |
372 | - if($name != '') |
373 | - { |
374 | - if($index < (count($split) - 1)) |
375 | - { |
376 | - $search_result = $tree->findNodeAux($cur_parent, $name); |
377 | - if($search_result == null) |
378 | - { |
379 | - $tmp_child = new Node($name, 'CheckboxNode', array('input_name' => 'null')); |
380 | - $cur_parent->addChild($tmp_child); |
381 | - $cur_parent = $tmp_child; |
382 | - } |
383 | - else |
384 | - { |
385 | - $cur_parent = $search_result; |
386 | - } |
387 | - } |
388 | - else |
389 | - { |
390 | - $extra_info = array('input_name' => "'SKILL_{$result->fields['option_code']}'"); |
391 | - |
392 | - if(in_array($result->fields['option_code'], $skills_array)) |
393 | - $extra_info['checked'] = true; |
394 | - |
395 | - $tmp_child = new Node($name, 'CheckboxNode', $extra_info); |
396 | - $cur_parent->addChild($tmp_child); |
397 | - } |
398 | - } |
399 | - } |
400 | - |
401 | - $result->MoveNext(); |
402 | - } |
403 | + while(!$result->EOF) |
404 | + { |
405 | + $split = preg_split('/'. VM_SKILLS_DELIMETER .'/', $result->fields['option_description']); |
406 | + $cur_parent = $tree->root; |
407 | + |
408 | + foreach($split as $index => $name) |
409 | + { |
410 | + $name = trim($name); |
411 | + if($name != '') |
412 | + { |
413 | + if($index < (count($split) - 1)) |
414 | + { |
415 | + $search_result = $tree->findNodeAux($cur_parent, $name); |
416 | + if($search_result == null) |
417 | + { |
418 | + $tmp_child = new Node($name, 'CheckboxNode', array('input_name' => 'null')); |
419 | + $cur_parent->addChild($tmp_child); |
420 | + $cur_parent = $tmp_child; |
421 | + } |
422 | + else |
423 | + { |
424 | + $cur_parent = $search_result; |
425 | + } |
426 | + } |
427 | + else |
428 | + { |
429 | + $extra_info = array('input_name' => "'SKILL_{$result->fields['option_code']}'"); |
430 | + |
431 | + if(in_array($result->fields['option_code'], $skills_array)) |
432 | + $extra_info['checked'] = true; |
433 | + |
434 | + $tmp_child = new Node($name, 'CheckboxNode', $extra_info); |
435 | + $cur_parent->addChild($tmp_child); |
436 | + } |
437 | + } |
438 | + } |
439 | + |
440 | + $result->MoveNext(); |
441 | + } |
442 | + } |
443 | |
444 | return $tree; |
445 | } |
446 | @@ -1160,10 +1224,13 @@ |
447 | $skills_array = array(); |
448 | $result = $this->execute("SELECT opt_skill_code FROM vm_vol_skills WHERE p_uuid = '$p_uuid'"); |
449 | |
450 | - while(!$result->EOF) |
451 | + if( !empty( $result ) ) |
452 | { |
453 | - $skills_array[] = $result->fields['opt_skill_code']; |
454 | - $result->MoveNext(); |
455 | + while(!$result->EOF) |
456 | + { |
457 | + $skills_array[] = $result->fields['opt_skill_code']; |
458 | + $result->MoveNext(); |
459 | + } |
460 | } |
461 | |
462 | return $skills_array; |
463 | @@ -1192,32 +1259,35 @@ |
464 | |
465 | // now store the skills in a Tree structure |
466 | |
467 | - while(!$result->EOF) |
468 | - { |
469 | - $split = preg_split('/'. VM_SKILLS_DELIMETER .'/', $result->fields['option_description']); |
470 | - $cur_parent = $tree->root; |
471 | - |
472 | - foreach($split as $index => $name) |
473 | - { |
474 | - $name = trim($name); |
475 | - if($name != '') { |
476 | - $search_result = $tree->findNodeAux($cur_parent, $name); |
477 | - if($search_result == null) |
478 | - { |
479 | - $tmp_child = new Node($name); |
480 | - $cur_parent->addChild($tmp_child); |
481 | - $cur_parent = $tmp_child; |
482 | - } |
483 | - else |
484 | - { |
485 | - $cur_parent = $search_result; |
486 | - } |
487 | - } |
488 | - |
489 | - } |
490 | - |
491 | - $result->MoveNext(); |
492 | - } |
493 | + if( !empty( $result ) ) |
494 | + { |
495 | + while(!$result->EOF) |
496 | + { |
497 | + $split = preg_split('/'. VM_SKILLS_DELIMETER .'/', $result->fields['option_description']); |
498 | + $cur_parent = $tree->root; |
499 | + |
500 | + foreach($split as $index => $name) |
501 | + { |
502 | + $name = trim($name); |
503 | + if($name != '') { |
504 | + $search_result = $tree->findNodeAux($cur_parent, $name); |
505 | + if($search_result == null) |
506 | + { |
507 | + $tmp_child = new Node($name); |
508 | + $cur_parent->addChild($tmp_child); |
509 | + $cur_parent = $tmp_child; |
510 | + } |
511 | + else |
512 | + { |
513 | + $cur_parent = $search_result; |
514 | + } |
515 | + } |
516 | + |
517 | + } |
518 | + |
519 | + $result->MoveNext(); |
520 | + } |
521 | + } |
522 | |
523 | return $tree; |
524 | } |
525 | @@ -1235,11 +1305,16 @@ |
526 | { |
527 | $result = $this->execute("SELECT option_code FROM field_options WHERE field_name = 'opt_skill_type'"); |
528 | $skill_ids = array(); |
529 | - while(!$result->EOF) |
530 | + |
531 | + if( !empty( $result ) ) |
532 | { |
533 | - $skill_ids[] = $result->fields['option_code']; |
534 | - $result->MoveNext(); |
535 | - } |
536 | + while(!$result->EOF) |
537 | + { |
538 | + $skill_ids[] = $result->fields['option_code']; |
539 | + $result->MoveNext(); |
540 | + } |
541 | + } |
542 | + |
543 | return $skill_ids; |
544 | } |
545 | |
546 | @@ -1247,10 +1322,15 @@ |
547 | $result = $this->execute("select option_code code, option_description skill from field_options where field_name = 'opt_skill_type' order by option_description asc"); |
548 | if(!$result->EOF) { |
549 | $skills = array(); |
550 | - while(!$result->EOF) { |
551 | - $skills[$result->fields['code']] = $result->fields['skill']; |
552 | - $result->moveNext(); |
553 | + |
554 | + if( !empty( $result ) ) |
555 | + { |
556 | + while(!$result->EOF) { |
557 | + $skills[$result->fields['code']] = $result->fields['skill']; |
558 | + $result->moveNext(); |
559 | + } |
560 | } |
561 | + |
562 | return $skills; |
563 | } else |
564 | return false; |
565 | @@ -1297,11 +1377,16 @@ |
566 | |
567 | $result = $this->execute($q); |
568 | $orgs = array(); |
569 | - while(!$result->EOF) |
570 | + |
571 | + if( !empty( $result ) ) |
572 | { |
573 | - $orgs[$result->fields['o_uuid']] = $result->fields['name']; |
574 | - $result->MoveNext(); |
575 | - } |
576 | + while(!$result->EOF) |
577 | + { |
578 | + $orgs[$result->fields['o_uuid']] = $result->fields['name']; |
579 | + $result->MoveNext(); |
580 | + } |
581 | + } |
582 | + |
583 | return $orgs; |
584 | } |
585 | |
586 | @@ -1382,11 +1467,16 @@ |
587 | ORDER BY status"); |
588 | |
589 | $vols = array(); |
590 | - while(!$result->EOF) |
591 | + |
592 | + if( !empty( $result ) ) |
593 | { |
594 | - $vols[$result->fields['p_uuid']] = array('name' => $result->fields['full_name'], 'status' => $result->fields['status']); |
595 | - $result->moveNext(); |
596 | + while(!$result->EOF) |
597 | + { |
598 | + $vols[$result->fields['p_uuid']] = array('name' => $result->fields['full_name'], 'status' => $result->fields['status']); |
599 | + $result->moveNext(); |
600 | + } |
601 | } |
602 | + |
603 | return $vols; |
604 | } |
605 | |
606 | @@ -1486,11 +1576,16 @@ |
607 | |
608 | $result = $this->getCurrentPage($query); |
609 | $messages = array(); |
610 | - while(!$result->EOF) { |
611 | - $this->remove_keys($result->fields); |
612 | - $messages[]= $result->fields; |
613 | - $result->moveNext(); |
614 | + |
615 | + if( !empty( $result ) ) |
616 | + { |
617 | + while(!$result->EOF) { |
618 | + $this->remove_keys($result->fields); |
619 | + $messages[]= $result->fields; |
620 | + $result->moveNext(); |
621 | + } |
622 | } |
623 | + |
624 | return $messages; |
625 | } |
626 | |
627 | @@ -1507,11 +1602,16 @@ |
628 | { |
629 | $result = $this->execute("SELECT to_id, full_name FROM vm_courier, person_uuid WHERE p_uuid = to_id AND message_id = $msg_id"); |
630 | $list = array(); |
631 | - while(!$result->EOF && $result != null) |
632 | + |
633 | + if( !empty( $result ) ) |
634 | { |
635 | - $list[$result->fields['to_id']] = $result->fields['full_name']; |
636 | - $result->MoveNext(); |
637 | + while(!$result->EOF && $result != null) |
638 | + { |
639 | + $list[$result->fields['to_id']] = $result->fields['full_name']; |
640 | + $result->MoveNext(); |
641 | + } |
642 | } |
643 | + |
644 | return $list; |
645 | } |
646 | |
647 | @@ -1811,9 +1911,12 @@ |
648 | |
649 | $search_results = array(); |
650 | |
651 | - while(!$result->EOF) { |
652 | - $search_results[] = new Volunteer($result->fields['p_uuid']); |
653 | - $result->MoveNext(); |
654 | + if( !empty( $result ) ) |
655 | + { |
656 | + while(!$result->EOF) { |
657 | + $search_results[] = new Volunteer($result->fields['p_uuid']); |
658 | + $result->MoveNext(); |
659 | + } |
660 | } |
661 | |
662 | return $search_results; |
663 | @@ -1830,6 +1933,8 @@ |
664 | { |
665 | $result = $this->execute("SELECT p_uuid, full_name FROM person_uuid WHERE p_uuid IN (SELECT p_uuid FROM vm_vol_active)"); |
666 | |
667 | + if( !empty( $result ) ) |
668 | + { |
669 | while(!$result->EOF) |
670 | { |
671 | $p_uuid = $result->fields['p_uuid']; |
672 | @@ -1845,6 +1950,7 @@ |
673 | |
674 | $result->MoveNext(); |
675 | } |
676 | + } |
677 | } |
678 | |
679 | /** |
680 | @@ -1936,11 +2042,16 @@ |
681 | { |
682 | $result = $this->execute("SELECT constraint_id, description FROM vm_access_constraint"); |
683 | $constraints = array(); |
684 | - while(!$result->EOF) |
685 | + |
686 | + if( !empty( $result ) ) |
687 | { |
688 | - $constraints[$result->fields['constraint_id']] = $result->fields['description']; |
689 | - $result->MoveNext(); |
690 | + while(!$result->EOF) |
691 | + { |
692 | + $constraints[$result->fields['constraint_id']] = $result->fields['description']; |
693 | + $result->MoveNext(); |
694 | + } |
695 | } |
696 | + |
697 | return $constraints; |
698 | } |
699 | |
700 | @@ -1958,26 +2069,29 @@ |
701 | AND vm_access_constraint.constraint_id = vm_access_constraint_to_request.constraint_id"); |
702 | $access = array(); |
703 | |
704 | - while(!$result->EOF) |
705 | + if( !empty( $result ) ) |
706 | { |
707 | - $act = $result->fields['act']; |
708 | - $vm_action = $result->fields['vm_action']; |
709 | - $constraint = $result->fields['constraint_id']; |
710 | - $req_desc = $result->fields['req_desc']; |
711 | - |
712 | - if(!is_array($access[$act])) |
713 | - $access[$act] = array(); |
714 | - |
715 | - if(!is_array($access[$act][$vm_action])) |
716 | - $access[$act][$vm_action] = array(); |
717 | - |
718 | - if(!is_array($access[$act][$vm_action]['extra'])) |
719 | - $access[$act][$vm_action]['extra'] = array(); |
720 | - |
721 | - $access[$act][$vm_action]['extra'][] = $constraint; |
722 | - |
723 | - $result->MoveNext(); |
724 | - } |
725 | + while(!$result->EOF) |
726 | + { |
727 | + $act = $result->fields['act']; |
728 | + $vm_action = $result->fields['vm_action']; |
729 | + $constraint = $result->fields['constraint_id']; |
730 | + $req_desc = $result->fields['req_desc']; |
731 | + |
732 | + if(!is_array($access[$act])) |
733 | + $access[$act] = array(); |
734 | + |
735 | + if(!is_array($access[$act][$vm_action])) |
736 | + $access[$act][$vm_action] = array(); |
737 | + |
738 | + if(!is_array($access[$act][$vm_action]['extra'])) |
739 | + $access[$act][$vm_action]['extra'] = array(); |
740 | + |
741 | + $access[$act][$vm_action]['extra'][] = $constraint; |
742 | + |
743 | + $result->MoveNext(); |
744 | + } |
745 | + } |
746 | |
747 | //next get Sahana-specific data classification constraints |
748 | |
749 | @@ -1985,26 +2099,29 @@ |
750 | FROM vm_access_request, vm_access_classification_to_request |
751 | WHERE vm_access_request.request_id = vm_access_classification_to_request.request_id"); |
752 | |
753 | - while(!$result->EOF) |
754 | + if( !empty( $result ) ) |
755 | { |
756 | - $act = $result->fields['act']; |
757 | - $vm_action = $result->fields['vm_action']; |
758 | - $table_name = $result->fields['table_name']; |
759 | - $crud = $result->fields['crud']; |
760 | - |
761 | - if(!is_array($access[$act])) |
762 | - $access[$act] = array(); |
763 | - |
764 | - if(!is_array($access[$act][$vm_action])) |
765 | - $access[$act][$vm_action] = array(); |
766 | - |
767 | - if(!is_array($access[$act][$vm_action]['tables'])) |
768 | - $access[$act][$vm_action]['tables'] = array(); |
769 | - |
770 | - $access[$act][$vm_action]['tables'][$table_name] = $crud; |
771 | - |
772 | - $result->MoveNext(); |
773 | - } |
774 | + while(!$result->EOF) |
775 | + { |
776 | + $act = $result->fields['act']; |
777 | + $vm_action = $result->fields['vm_action']; |
778 | + $table_name = $result->fields['table_name']; |
779 | + $crud = $result->fields['crud']; |
780 | + |
781 | + if(!is_array($access[$act])) |
782 | + $access[$act] = array(); |
783 | + |
784 | + if(!is_array($access[$act][$vm_action])) |
785 | + $access[$act][$vm_action] = array(); |
786 | + |
787 | + if(!is_array($access[$act][$vm_action]['tables'])) |
788 | + $access[$act][$vm_action]['tables'] = array(); |
789 | + |
790 | + $access[$act][$vm_action]['tables'][$table_name] = $crud; |
791 | + |
792 | + $result->MoveNext(); |
793 | + } |
794 | + } |
795 | |
796 | return $access; |
797 | } |
798 | @@ -2033,20 +2150,24 @@ |
799 | { |
800 | $result = $this->execute("SELECT act, vm_action, description FROM vm_access_request ORDER BY description"); |
801 | $requests = array(); |
802 | - while(!$result->EOF) |
803 | + |
804 | + if( !empty( $result ) ) |
805 | { |
806 | - $act = $result->fields['act']; |
807 | - $vm_action = $result->fields['vm_action']; |
808 | - $desc = $result->fields['description']; |
809 | - |
810 | - if(!is_array($requests[$act])) |
811 | - $requests[$act] = array(); |
812 | - |
813 | - $requests[$act][$vm_action] = $desc; |
814 | - |
815 | - $result->moveNext(); |
816 | - } |
817 | - return $requests; |
818 | + while(!$result->EOF) |
819 | + { |
820 | + $act = $result->fields['act']; |
821 | + $vm_action = $result->fields['vm_action']; |
822 | + $desc = $result->fields['description']; |
823 | + |
824 | + if(!is_array($requests[$act])) |
825 | + $requests[$act] = array(); |
826 | + |
827 | + $requests[$act][$vm_action] = $desc; |
828 | + |
829 | + $result->moveNext(); |
830 | + } |
831 | + return $requests; |
832 | + } |
833 | } |
834 | |
835 | /** |
836 | @@ -2057,19 +2178,24 @@ |
837 | { |
838 | $result = $this->execute("SELECT act, vm_action, description FROM vm_access_request ORDER BY description"); |
839 | $requests = array(); |
840 | - while(!$result->EOF) |
841 | + |
842 | + if( !empty( $result ) ) |
843 | { |
844 | - $act = $result->fields['act']; |
845 | - $vm_action = $result->fields['vm_action']; |
846 | - $desc = $result->fields['description']; |
847 | - |
848 | - $matches = array(); |
849 | - preg_match("/^\s*(\w+)(.*)/", $desc, $matches); |
850 | - |
851 | - $requests[] = array('display_action' => $matches[1], 'partial_desc' => $matches[2], 'act' => $act, 'vm_action' => $vm_action); |
852 | - |
853 | - $result->MoveNext(); |
854 | - } |
855 | + while(!$result->EOF) |
856 | + { |
857 | + $act = $result->fields['act']; |
858 | + $vm_action = $result->fields['vm_action']; |
859 | + $desc = $result->fields['description']; |
860 | + |
861 | + $matches = array(); |
862 | + preg_match("/^\s*(\w+)(.*)/", $desc, $matches); |
863 | + |
864 | + $requests[] = array('display_action' => $matches[1], 'partial_desc' => $matches[2], 'act' => $act, 'vm_action' => $vm_action); |
865 | + |
866 | + $result->MoveNext(); |
867 | + } |
868 | + } |
869 | + |
870 | return $requests; |
871 | } |
872 | |
873 | @@ -2087,10 +2213,14 @@ |
874 | WHERE act = '$act' AND vm_action = '$vm_action' |
875 | AND vm_access_request.request_id = vm_access_constraint_to_request.request_id |
876 | AND vm_access_constraint.constraint_id = vm_access_constraint_to_request.constraint_id"); |
877 | - while(!$result->EOF) |
878 | + |
879 | + if( !empty( $result ) ) |
880 | { |
881 | - $constraints['extra'][] = $result->fields['constraint_id']; |
882 | - $result->MoveNext(); |
883 | + while(!$result->EOF) |
884 | + { |
885 | + $constraints['extra'][] = $result->fields['constraint_id']; |
886 | + $result->MoveNext(); |
887 | + } |
888 | } |
889 | |
890 | //data classification access constraints |
891 | @@ -2098,10 +2228,14 @@ |
892 | FROM vm_access_request, vm_access_classification_to_request |
893 | WHERE act = '$act' AND vm_action = '$vm_action' |
894 | AND vm_access_request.request_id = vm_access_classification_to_request.request_id"); |
895 | - while(!$result->EOF) |
896 | + |
897 | + if( !empty( $result ) ) |
898 | { |
899 | - $constraints['tables'][$result->fields['table_name']] = $result->fields['crud']; |
900 | - $result->MoveNext(); |
901 | + while(!$result->EOF) |
902 | + { |
903 | + $constraints['tables'][$result->fields['table_name']] = $result->fields['crud']; |
904 | + $result->MoveNext(); |
905 | + } |
906 | } |
907 | |
908 | return $constraints; |
909 | @@ -2141,11 +2275,16 @@ |
910 | { |
911 | $tables = array(); |
912 | $result = $this->execute("SHOW TABLES"); |
913 | - while(!$result->EOF) |
914 | + |
915 | + if( !empty( $result ) ) |
916 | { |
917 | - $tables[] = $result->fields[0]; |
918 | - $result->MoveNext(); |
919 | + while(!$result->EOF) |
920 | + { |
921 | + $tables[] = $result->fields[0]; |
922 | + $result->MoveNext(); |
923 | + } |
924 | } |
925 | + |
926 | return $tables; |
927 | } |
928 | |
929 | @@ -2196,11 +2335,15 @@ |
930 | |
931 | $options = array(); |
932 | |
933 | - while(!$result==NULL && !$result->EOF) |
934 | + if( !empty( $result ) ) |
935 | { |
936 | - $options[$result->fields['opt_skill_code']] = $result->fields['option_description']; |
937 | - $result->MoveNext(); |
938 | + while(!$result==NULL && !$result->EOF) |
939 | + { |
940 | + $options[$result->fields['opt_skill_code']] = $result->fields['option_description']; |
941 | + $result->MoveNext(); |
942 | + } |
943 | } |
944 | + |
945 | return $options; |
946 | } |
947 | |
948 | @@ -2226,11 +2369,16 @@ |
949 | |
950 | $result = $this->execute($q); |
951 | $vols = array(); |
952 | - while(!$result->EOF) |
953 | + |
954 | + if( !empty( $result ) ) |
955 | { |
956 | - $vols[$result->fields['p_uuid']] = $result->fields['full_name']; |
957 | - $result->moveNext(); |
958 | + while(!$result->EOF) |
959 | + { |
960 | + $vols[$result->fields['p_uuid']] = $result->fields['full_name']; |
961 | + $result->moveNext(); |
962 | + } |
963 | } |
964 | + |
965 | return $vols; |
966 | } |
967 | |
968 | @@ -2298,11 +2446,16 @@ |
969 | { |
970 | $result = $this->execute("SELECT level_id, level FROM sys_data_classifications"); |
971 | $levels = array(); |
972 | - while(!$result->EOF) |
973 | + |
974 | + if( !empty( $result ) ) |
975 | { |
976 | - $levels[$result->fields['level_id']] = $result->fields['level']; |
977 | - $result->moveNext(); |
978 | + while(!$result->EOF) |
979 | + { |
980 | + $levels[$result->fields['level_id']] = $result->fields['level']; |
981 | + $result->moveNext(); |
982 | + } |
983 | } |
984 | + |
985 | return $levels; |
986 | } |
987 | |
988 | |
989 | === added file 'sahana-phase2/www/xml.php' |
990 | --- sahana-phase2/www/xml.php 1970-01-01 00:00:00 +0000 |
991 | +++ sahana-phase2/www/xml.php 2011-02-12 21:04:37 +0000 |
992 | @@ -0,0 +1,302 @@ |
993 | +<?php |
994 | +/** |
995 | + * @package Sahana - http://agasti.sahanafoundation.org |
996 | + * @author Ravindra <ravindra@opensource.lk> |
997 | + * @author Greg Miernicki <g@miernicki.com> |
998 | + * @copyright Lanka Software Foundation - http://www.opensource.lk |
999 | + * |
1000 | + */ |
1001 | + |
1002 | +$act = $_GET{"act"}; |
1003 | + |
1004 | +if($act == 'add_loc') { |
1005 | + _shn_get_level_location(); |
1006 | +} else if ($act=='sub_cat') { |
1007 | + _shn_get_sub_catalogs(); |
1008 | +} else if($act=='unit_cat') { |
1009 | + _shn_get_units(); |
1010 | +} else if($act=='get_loc_val') { |
1011 | + _shn_get_locations(); |
1012 | +} else if($act=='victims') { |
1013 | + _shn_get_victims(); |
1014 | +} else { |
1015 | + _shn_get_children(); |
1016 | +} |
1017 | + |
1018 | + |
1019 | +function _shn_get_units() { |
1020 | + require_once('../3rd/adodb/adodb.inc.php'); |
1021 | + require_once('../conf/sysconf.inc'); |
1022 | + |
1023 | + //Make the connection to $global['db'] |
1024 | + $db = NewADOConnection($conf['db_engine']); |
1025 | + $db ->Connect($conf['db_host'].($conf['db_port']?':'.$conf['db_port']:''),$conf['db_user'],$conf['db_pass'],$conf['db_name']); |
1026 | + $cat = $_GET{"cat"}; |
1027 | + |
1028 | + $q = " |
1029 | + select unit_uuid,name |
1030 | + from ct_unit |
1031 | + where unit_type_uuid = " . $db->param( "0" ) . "; |
1032 | + "; |
1033 | + $res_child=$db->Execute( $q, array( $cat ) ); |
1034 | + |
1035 | + if(!$res_child==NULL && !$res_child->EOF){ |
1036 | + while(!$res_child->EOF){ |
1037 | + $res=$res.",".$res_child->fields[0]; |
1038 | + $res=$res.",".$res_child->fields[1]; |
1039 | + $res_child->MoveNext(); |
1040 | + } |
1041 | + echo $res; |
1042 | + } else { |
1043 | + echo "null,"; |
1044 | + } |
1045 | +} |
1046 | + |
1047 | + |
1048 | + |
1049 | +function _shn_get_sub_catalogs() { |
1050 | + require_once('../3rd/adodb/adodb.inc.php'); |
1051 | + require_once('../conf/sysconf.inc'); |
1052 | + |
1053 | + // Make the connection to $global['db'] |
1054 | + $db = NewADOConnection($conf['db_engine']); |
1055 | + $db ->Connect($conf['db_host'].($conf['db_port']?':'.$conf['db_port']:''),$conf['db_user'],$conf['db_pass'],$conf['db_name']); |
1056 | + $cat = $_GET{"cat"}; |
1057 | + $flag = $_GET{"flag"}; |
1058 | + if($flag == false) { |
1059 | + $q =" |
1060 | + select ct_uuid,name |
1061 | + from ct_catalogue |
1062 | + where parentid = " . $db->param( "0" ) . "; |
1063 | + "; |
1064 | + $res_child=$db->Execute( $q, array( $cat ) ); |
1065 | + } else if($flag==true) { |
1066 | + $q = " |
1067 | + select ct_uuid,name |
1068 | + from ct_catalogue |
1069 | + where parentid= " . $db->param( "0" ) . " |
1070 | + and final_flag='0'; |
1071 | + "; |
1072 | + $res_child=$db->Execute( $q, array( $cat ) ); |
1073 | + } |
1074 | + |
1075 | + $res = ""; |
1076 | + $res = $res.",".""; |
1077 | + $res = $res.",".""; |
1078 | + |
1079 | + if(!$res_child == NULL && !$res_child->EOF) { |
1080 | + while(!$res_child->EOF) { |
1081 | + $res=$res.",".$res_child->fields[0]; |
1082 | + $res=$res.",".$res_child->fields[1]; |
1083 | + $res_child->MoveNext(); |
1084 | + } |
1085 | + echo $res; |
1086 | + } else { |
1087 | + echo "null,"; |
1088 | + } |
1089 | +} |
1090 | + |
1091 | + |
1092 | + |
1093 | +function _shn_get_children() { |
1094 | + require_once('../3rd/adodb/adodb.inc.php'); |
1095 | + require_once('../conf/sysconf.inc'); |
1096 | + |
1097 | + //Make the connection to $global['db'] |
1098 | + $db = NewADOConnection($conf['db_engine']); |
1099 | + $db ->Connect($conf['db_host'].($conf['db_port']?':'.$conf['db_port']:''),$conf['db_user'],$conf['db_pass'],$conf['db_name']); |
1100 | + |
1101 | + $level = $_GET{"lvl"}+1; |
1102 | + $parent = $_GET{"sel"}; |
1103 | + |
1104 | + $q = " |
1105 | + SELECT location.name, location.loc_uuid, parent_id |
1106 | + FROM location |
1107 | + WHERE location.opt_location_type = " . $db->param( "0" ) . " |
1108 | + AND parent_id = " . $db->param( "1" ) . " |
1109 | + ORDER BY location.name; |
1110 | + "; |
1111 | + |
1112 | + $res_child = $db->Execute( $q, array( $level, $parent ) ); |
1113 | + if($res_child->EOF) { |
1114 | + return; |
1115 | + } |
1116 | + |
1117 | + $res = ""; |
1118 | + while(!$res_child->EOF) { |
1119 | + $res=$res.",".$res_child->fields[1]; |
1120 | + $res=$res.",".$res_child->fields[0]; |
1121 | + $res_child->MoveNext(); |
1122 | + } |
1123 | + echo $res; |
1124 | +} |
1125 | + |
1126 | + |
1127 | + |
1128 | +function _shn_get_locations(){ |
1129 | + require_once('../3rd/adodb/adodb.inc.php'); |
1130 | + require_once('../conf/sysconf.inc'); |
1131 | + |
1132 | + //Make the connection to $global['db'] |
1133 | + $db = NewADOConnection($conf['db_engine']); |
1134 | + $db ->Connect($conf['db_host'].($conf['db_port']?':'.$conf['db_port']:''),$conf['db_user'],$conf['db_pass'],$conf['db_name']); |
1135 | + |
1136 | + $level = 1; |
1137 | + $sel_id = $_GET{"sel"}; |
1138 | + |
1139 | + if($_GET{"type"} == "camp") { |
1140 | + $q = " |
1141 | + SELECT location_id |
1142 | + FROM camp_general |
1143 | + WHERE c_uuid = " . $db->param( "0" ) . "; |
1144 | + "; |
1145 | + $res = $db->Execute( $q, array( $sel_id ) ); |
1146 | + if($res->EOF) { |
1147 | + return; |
1148 | + } |
1149 | + $loc_id = $res->fields["location_id"]; |
1150 | + |
1151 | + } else if($_GET{"type"}=="poc") { |
1152 | + $q = " |
1153 | + SELECT location_id |
1154 | + FROM location_details |
1155 | + WHERE poc_uuid = " . $db->param( "0" ) . "; |
1156 | + "; |
1157 | + $res = $db->Execute( $q, array( $sel_id ) ); |
1158 | + if($res->EOF) { |
1159 | + return; |
1160 | + } |
1161 | + $loc_id = $res->fields["location_id"]; |
1162 | + } else { |
1163 | + $loc_id = $_GET{"sel"}; |
1164 | + } |
1165 | + |
1166 | + $q = " |
1167 | + SELECT parent_id, opt_location_type |
1168 | + FROM location |
1169 | + WHERE loc_uuid = " . $db->param( "0" ) . "; |
1170 | + "; |
1171 | + $res = $db->Execute( $q, array( $loc_id ) ); |
1172 | + if($res->EOF) { |
1173 | + return; |
1174 | + } |
1175 | + |
1176 | + $parent = $res->fields["parent_id"]; |
1177 | + |
1178 | + $header = ""; |
1179 | + $header .= "loc_dir".",".$parent; |
1180 | + $header .=",".$res->fields["opt_location_type"]; |
1181 | + |
1182 | + $level = $res->fields["opt_location_type"]; |
1183 | + |
1184 | + $q = " |
1185 | + SELECT location.name, location.loc_uuid |
1186 | + FROM location |
1187 | + WHERE location.opt_location_type = " . $db->param( "0" ) . " |
1188 | + AND parent_id = " . $db->param( "1" ) . " |
1189 | + ORDER BY location.name; |
1190 | + "; |
1191 | + |
1192 | + $res_child = $db->Execute( $q, array( $level, $parent ) ); |
1193 | + if($res_child->EOF) { |
1194 | + return; |
1195 | + } |
1196 | + $count = 0; |
1197 | + |
1198 | + $res_data = ""; |
1199 | + while(!$res_child->EOF) { |
1200 | + if($count==0) { |
1201 | + $res_data=$res_data.$res_child->fields["loc_uuid"]; |
1202 | + $res_data=$res_data.":".$res_child->fields["name"]; |
1203 | + } else { |
1204 | + $res_data=$res_data.",".$res_child->fields["loc_uuid"]; |
1205 | + $res_data=$res_data.":".$res_child->fields["name"]; |
1206 | + } |
1207 | + if($res_child->fields["loc_uuid"]==$loc_id) { |
1208 | + $header.=",".$count; |
1209 | + } |
1210 | + $count++; |
1211 | + $res_child->MoveNext(); |
1212 | + } |
1213 | + echo $header.";".$res_data; |
1214 | +} |
1215 | + |
1216 | + |
1217 | + |
1218 | +function _shn_get_level_location() { |
1219 | + require_once('../3rd/adodb/adodb.inc.php'); |
1220 | + require_once('../conf/sysconf.inc'); |
1221 | + |
1222 | + //Make the connection to $global['db'] |
1223 | + $db = NewADOConnection($conf['db_engine']); |
1224 | + $db ->Connect($conf['db_host'].($conf['db_port']?':'.$conf['db_port']:''),$conf['db_user'],$conf['db_pass'],$conf['db_name']); |
1225 | + |
1226 | + $level = $_GET{"sel"}; |
1227 | + if($level == 1) { |
1228 | + echo "none,"; |
1229 | + } |
1230 | + $q = " |
1231 | + SELECT location.name, location.loc_uuid,parent_id |
1232 | + FROM location |
1233 | + WHERE location.opt_location_type = " . $db->param( "0" ) . "; |
1234 | + "; |
1235 | + $res_child = $db->Execute( $q, array( $level ) ); |
1236 | + if($res_child->EOF) { |
1237 | + return; |
1238 | + } |
1239 | + |
1240 | + $res = ""; |
1241 | + while(!$res_child->EOF) { |
1242 | + $res=$res.",".$res_child->fields[1]; |
1243 | + $res=$res.",".$res_child->fields[0]; |
1244 | + $res_child->MoveNext(); |
1245 | + } |
1246 | + echo $res; |
1247 | +} |
1248 | + |
1249 | + |
1250 | + |
1251 | +function _shn_get_victims() { |
1252 | + require_once('../3rd/adodb/adodb.inc.php'); |
1253 | + require_once('../conf/sysconf.inc'); |
1254 | + |
1255 | + //Make the connection to $global['db'] |
1256 | + $db = NewADOConnection($conf['db_engine']); |
1257 | + $db ->Connect($conf['db_host'].($conf['db_port']?':'.$conf['db_port']:''),$conf['db_user'],$conf['db_pass'],$conf['db_name']); |
1258 | + |
1259 | + $level = 1; |
1260 | + $head_name = $_GET{"head_name"}; |
1261 | + |
1262 | + $search = " |
1263 | + select p.p_uuid as pid, pe.full_name as full_name, pe.family_name as family_name |
1264 | + from person_to_pgroup as p inner |
1265 | + join pgroup as pg on pg.g_uuid = p.g_uuid |
1266 | + inner join group_details as gd on gd.g_uuid = p.g_uuid |
1267 | + inner join person_uuid as pe on pe.p_uuid = p.p_uuid |
1268 | + left join identity_to_person as i on (i.p_uuid = p.p_uuid and i.opt_id_type='idcard') |
1269 | + left join contact as c on (c.pgoc_uuid = p.p_uuid and c.opt_contact_type='address') |
1270 | + where pe.full_name = " . $db->param( "0" ) . " |
1271 | + or pe.family_name = " . $db->param( "1" ) . " |
1272 | + or pe.l10n_name = " . $db->param( "2" ) . " |
1273 | + or i.serial = " . $db->param( "3" ) . "; |
1274 | + "; |
1275 | + $res = $db->Execute( $search, array( $head_name, $head_name, $head_name, $head_name ) ); |
1276 | + $i = 0; |
1277 | + if(!$res->EOF && $res!=NULL) { |
1278 | + |
1279 | + $victim_array = ""; |
1280 | + while(!$res->EOF && $res!=NULL) { |
1281 | + //$name=$res->fields['first_name']." " .$res->fields['last_name']; |
1282 | + $victim_array=$victim_array.",".$res->fields['0']; |
1283 | + $victim_array=$victim_array.",".$res->fields['1']." ".$res->fields['2']; |
1284 | + |
1285 | + //$victim_array[$i]=$i; |
1286 | + $i=$i+1; |
1287 | + $res->MoveNext(); |
1288 | + } |
1289 | + //return $victim_array; |
1290 | + echo $victim_array; |
1291 | + } else { |
1292 | + echo "null"; |
1293 | + } |
1294 | +} |