File: D:/HostingSpaces/SBogers10/verrassendveel.komma.pro/wwwroot/admin/php/mp_generate_form.php
<?php
/*
LANGSTRAAT
mp_generate_form.php
part of the multipage system
Mike Ontwerpt 2012
www.mikeontwerpt.nl
functions:
- generateForm();
- validateForm();
*/
function generateForm($mp_fields, $method, $editId=0){
/* access the global sql object */
global $mysqli;
/* language */
$siteLabels = getLanguage();
/* how many fields in array ? */
$numFields = count($mp_fields) - 1; // -1 because first index is form-config
/* name of this form */
$formname = $mp_fields['form-config']['linkname'];
/* create form session */
if(!isset($_SESSION[$formname]['value'])){
for($i=0;$i<$numFields;$i++){
$_SESSION[$formname]['value'][$i] = '';
}
}
/*
If edit; fill the session with values
When the form is submitted (but not validated) we want to keep the user's values.
Otherwise we want the values from the database
*/
if($method == 'edit'){
/* if the submit btn */
if(!isset($_POST['sbm_edit'])){
/* create a session for each field */
for($i=0;$i<$numFields;$i++){
/* some fieldtypes don't have a column */
if($mp_fields[$i]['type'] != 'submit'){
//get the column in the database
$temp = explode('.',$mp_fields[$i]['db']);
$col = $temp[1];
//get the value from the database
$query = 'SELECT '.$col.' FROM '.$temp[0].' WHERE id = '.$editId.' LIMIT 1';
if($result = $mysqli->query($query)){
$record = $result->fetch_assoc();
$val = fromDatabase($record[$col]);
//fill session
$_SESSION[$formname]['value'][$i] = $val;
}
}
}
//check if there are photos in this item (EXTENTION FOR LANGSTRAAT)
$query = 'SELECT mf.id AS mediaId, ph.shortcode
FROM '.$mp_fields['form-config']['linkname'].'_photos AS ph, media_files AS mf
WHERE itemId = '.$editId.'
AND ph.shortcode = mf.shortcode
ORDER BY photoOrder';
if($result = $mysqli->query($query)){
$i = 0;
while($record = $result->fetch_assoc()){
$val = $record['shortcode'];
$mid = $record['mediaId'];
//fill session
$_SESSION[$formname]['shortcodes'][$mid] = $val;
$i++;
}
}
}
}
/* start output */
$output = '';
/* header / title */
$output .= '<h1>'.$siteLabels['mm-pages'].' › '.$mp_fields['form-config']['label'];
if($method == 'add') $output .= ' › '.$siteLabels['mp-additem'];
if($method == 'edit') $output .= ' › '.$siteLabels['mp-edititem'];
$output .= '</h1>';
/*
---> Start Form <----
start form in double container,
if media, add another double container add the end.
*/
$action = $mp_fields['form-config']['action'];
$output .= '<form action="'.$action.'" method="post">';
$sbm = ''; //submite value
//$output .= '<div class="double-column">';
/* if method == "add" || "edit" --> for each field $output .= label + input */
if($method == 'add' || $method == 'edit'){
/****** M A I N I N P U T L O O P ******/
for($i=0; $i<$numFields; $i++){
/* get type of current field */
$type = $mp_fields[$i]['type'];
/* label */
$label = '';
if($type != 'submit' && $type != 'timestamp' && $type != 'fixedValue' && $type != 'itemOrder'){
if(isset($mp_fields[$i]['label'])) {
$label .= $mp_fields[$i]['label'];
if($mp_fields[$i]['required']) $label .= ' *';
$label .= '<br />';
}
}
switch($type){
case 'text' :
$output .= '<div class="single-column">';
$output .= $label;
$output .= '<input type="text" name="'.$mp_fields[$i]['linkname'].'" id="'.$mp_fields[$i]['linkname'].'" value="'.fromDatabase($_SESSION[$formname]['value'][$i]).'" class="txt"/>';
$output .= '</div>';
break;
case 'wysiwyg' :
$output .= '<div class="double-column">';
$output .= $label;
$output .= '<textarea name="'.$mp_fields[$i]['linkname'].'" id="'.$mp_fields[$i]['linkname'].'" class="tinymce">'.fromDatabase($_SESSION[$formname]['value'][$i]).'</textarea>';
$output .= '</div>';
break;
case 'checkbox' :
$output .= $label;
$output .= '<input type="checkbox" name="cb_'.$mp_fields[$i]['linkname'].'" value="'.$mp_fields[$i]['linkname'].'" ';
$output .= '/>';
break;
case 'photos' :
//horizantal rule
$output .= '<hr />';
$output .= $label;
$output .= '<div class="double-column">';
//switch label (LANGSTRAAT EXTENTIE)
if($mp_fields['form-config']['linkname'] == 'winkelaanbod'){
$output .= '<h2>Foto’s bij deze winkel</h2>';
}
else{
$output .= '<h2>'.$siteLabels['products-formaddproduct-images'].'</h2>';
}
/* image */
$output .= '<div class="double-column" id="form-images-holder">';
//javascript call goes here
$output .= '</div>';
$output .= '<script type="text/javascript">getPage("form-images-holder","js_media","action=showSessionImages&update=0&sessionname='.$mp_fields['form-config']['linkname'].'&target=lib-holder_'.$mp_fields['form-config']['linkname'].'");</script>';
//clear float
$output .= '<div class="clear"></div>';
$output .= '</div>';
$output .= '<div class="triple-column">';
/* media lib */
$output .= '<h2>Media library voor de foto’s</h2>';
$output .= '<div class="triple-column" id="lib-holder_'.$mp_fields['form-config']['linkname'].'">';
//javascript call goes here
$output .= '</div>';
$output .= '<script type="text/javascript">getPage("lib-holder_'.$mp_fields['form-config']['linkname'].'","js_media","sessionname='.$mp_fields['form-config']['linkname'].'&target=lib-holder_'.$mp_fields['form-config']['linkname'].'");</script>';
$output .= '</div>';
$output .= '<div class="clear"></div>';
$output .= '<hr />';
break;
case 'submit' :
if($method == 'add') $sbm .= '<input type="submit" name="sbm-add" value="'.$mp_fields[$i]['label'].'" class="btn176 proceed"/>';
if($method == 'edit') $sbm .= '<input type="hidden" name="editId" value="'.$editId.'"/>';
if($method == 'edit') $sbm .= '<input type="submit" name="sbm-edit" value="'.$mp_fields[$i]['label'].'" class="btn176 proceed"/>';
break;
///////////////// L A N G S T R A A T E X T E N T I O N \\\\\\\\\\\\\\\\\\\\\
case 'winkelaanbod-interview' :
$output .= $label;
$output .= '<input type="checkbox" name="cb_interview" value="'.$mp_fields[$i]['linkname'].'" onchange="toggleInterview();" ';
if(!empty($_SESSION[$formname]['value'][$i])) { $output .= 'checked'; }
$output .= '/> Interview<br />';
if(!empty($_SESSION[$formname]['value'][$i])) { $output .= '<script type="text/javascript">setTimeout(function(){ toggleInterview(); },500);</script>'; }
$output .= '<div class="single-column" id="interview-name">';
$output .= 'Naam<br />';
$output .= '<input type="text" name="naam" id="'.$mp_fields[$i]['linkname'].'" value="'.$_SESSION[$formname]['value'][$i].'" class="txt"/>';
$output .= '</div>';
break;
// QnD we only use this once so put the options here hard coded
case 'multiSelect' :
$output .= '<div class="double-column">';
$output .= 'Verschijnt in aanbod:';
$output .= '<select name="'.$mp_fields[$i]['linkname'].'[]" class="multi-select double-column" multiple="multiple">';
// Show all themes as options
$query = 'SELECT themes.id, themes.title
FROM themes, content_status AS s
WHERE s.active = 1
AND s.itemId = themes.id
AND s.linkname = "themes"
ORDER BY themes.title DESC';
$result = $mysqli->query($query);
if($method == 'edit') {
// Active selects
$activeResult = $mysqli->query('SELECT theme_id FROM themes_shops WHERE shop_id = ' . $editId);
$activeFields = [];
while($activeRecord = $activeResult->fetch_assoc())
{
$activeFields[] = $activeRecord['theme_id'];
}
}
while($record = $result->fetch_assoc()) {
$selected = '';
if($method == 'edit')
{
if(in_array($record['id'],$activeFields)) $selected = 'selected';
}
$output .= '<option value="' . $record['id'] .'" ' . $selected . '>' . fromDatabase($record['title']). '</option>';
}
$output .= '</select>';
$output .= '</div>';
break;
///////////////// E N D L A N G S T R A A T E X T E N T I O N \\\\\\\\\\\\\\\\\\\\\
} // end switch type
if($mp_fields[$i]['clear'] == 1) $output .= '<div class="clear"></div>';
} // end main for loop
} // end if "add" || "edit"
/* end double container */
//$output .= '</div>';
/* if media, add media */
$output .= '<div class="form-media-column">';
$pageId = $mp_fields['form-config']['pageId'];
$mediaQuery = 'SELECT media FROM mp_pages WHERE id = "'.$pageId.'" LIMIT 1';
if($mediaResult = $mysqli->query($mediaQuery)){
$mediaRecord = $mediaResult->fetch_assoc();
$media = $mediaRecord['media'];
if($media == 1){
//add media library
/* media lib */
$output .= '<h2>Media library</h2>';
$output .= '<div class="triple-column" id="lib-holder">';
//javascript call goes here
$output .= '</div>';
$output .= '<script type="text/javascript">getPage("lib-holder","js_media","sessionname=addedit-'.$mp_fields['form-config']['linkname'].'&method=insertAsShortcode");</script>';
}
}
$output .= '</div>';
/* clear floating form and media */
$output .= '<div class="clear"></div>';
/* end form with submit button and back button */
$output .= '<div class="double-column">';
//add submit output (created in switch above)
$output .= $sbm;
if($method == 'add') $sbm .= '<input type="hidden" name="location" value="../"/>';
if($method == 'edit') $sbm .= '<input type="hidden" name="location" value="../../"/>';
$output .= '<input type="submit" name="back" value="'.$siteLabels['form-cancel'].'" class="btn176"/>';
$output .= '</div>';
/* end form */
$output .= '</form>';
$output .= '<div class="bottom-space">';
return $output;
}
function validateForm($mp_fields, $method, $editId=0){
/* access the global sql object */
global $mysqli;
/* language */
$siteLabels = getLanguage();
/* how many fields in array ? */
$numFields = count($mp_fields) - 1; // -1 because first index is form-config
/* name of this form */
$formname = $mp_fields['form-config']['linkname'];
$themes = [];
if($method == 'add' || $method == 'edit'){
/* M A I N F O R L O O P */
for($i=0; $i< $numFields ; $i++){
/* get input */
/* switch type */
$type = $mp_fields[$i]['type'];
switch($type){
case 'text':
case 'wysiwyg':
/* prepare for database */
$val = $_POST[$mp_fields[$i]['linkname']];
$dbVal = inDatabase($val);
if(!empty($dbVal) || !$mp_fields[$i]['required']){
$_SESSION[$formname]['value'][$i] = $val;
}
else{ //feedback fill in required fields
$errors[] = $siteLabels['fm-emptyrequiredfields'];
}
break;
case 'checkbox':
if(isset($_POST['cb_'.$mp_fields[$i]['linkname']])){
$_SESSION[$formname]['value'][$i] = 1;
}
else{
$_SESSION[$formname]['value'][$i] = 0;
}
break;
case 'timestamp': $_SESSION[$formname]['value'][$i] = time();
break;
case 'fixedValue': $_SESSION[$formname]['value'][$i] = $mp_fields[$i]['value'];
break;
case 'itemOrder':
if($method == 'add'){
/* latestOrder ++ */
$result = $mysqli->query('SELECT '.$mp_fields[$i]['linkname'].' FROM '.$mp_fields['form-config']['linkname'].' ORDER by '.$mp_fields[$i]['linkname'].' DESC LIMIT 1');
$record = $result->fetch_assoc();
$itemOrder = $record[$mp_fields[$i]['linkname']];
$itemOrder++;
$_SESSION[$formname]['value'][$i] = $itemOrder;
}
if($method == 'edit'){
/* current order of this item */
$result = $mysqli->query('SELECT '.$mp_fields[$i]['linkname'].' FROM '.$mp_fields['form-config']['linkname'].' WHERE id = '.$editId.' LIMIT 1');
$record = $result->fetch_assoc();
$itemOrder = $record[$mp_fields[$i]['linkname']];
$_SESSION[$formname]['value'][$i] = $itemOrder;
}
break;
///////////////// L A N G S T R A A T E X T E N T I O N \\\\\\\\\\\\\\\\\\\\\
case 'winkelaanbod-interview' :
if(isset($_POST['cb_interview'])){
$val = $_POST['naam'];
$dbVal = inDatabase($val);
if(!empty($dbVal)){
$_SESSION[$formname]['value'][$i] = $dbVal;
}
else{
$errors[] = 'In geval van een interview dient u de naam van de geinterviewde in te vullen';
}
}
break;
case 'multiSelect' :
$processMultiSelect = true;
$themes = $_POST[$mp_fields[$i]['linkname']];
break;
///////////////// E N D L A N G S T R A A T E X T E N T I O N \\\\\\\\\\\\\\\\\\\\\
}
}// end forloop
// VALID ?
if(isset($errors)){
displayErrors($errors);
return generateForm($mp_fields, $method, $editId);
}
else{
//handle database
//CASE ADD: Create an INSERT QUERY
if($method == 'add'){
//start the insert string
$insertQuery = 'INSERT INTO '.$mp_fields['form-config']['linkname'].' (';
#2.1 look for the field names
for($n=0; $n < $numFields ; $n++){
//avoid types that don't have a db field
if($mp_fields[$n]['type'] != 'submit' && $mp_fields[$n]['type'] != 'photos' && $mp_fields[$n]['type'] != 'multiSelect'){
$temp = explode('.',$mp_fields[$n]['db']);
//create an insert string
$insertQuery .= $temp[1];
//add a ,
$insertQuery .= ',';
}
}
//get rid of the last comma
$insertQuery = substr($insertQuery, 0, strlen($insertQuery)-1);
//finish first part, start second; the values
$insertQuery .= ') VALUES(';
#2.2 look for the values
for($n=0; $n< $numFields ; $n++){
if($mp_fields[$n]['type'] != 'submit' && $mp_fields[$n]['type'] != 'photos' && $mp_fields[$n]['type'] != 'multiSelect'){
//avoid types that don't have a db field
$dbString = $mp_fields[$n]['db'];
$temp = explode('.',$dbString);
//create an insert string
$insertQuery .= '"'.inDatabase($_SESSION[$formname]['value'][$n]).'"';
//add a ,
$insertQuery .= ',';
}
}
//get rid of the last comma
$insertQuery = substr($insertQuery, 0, strlen($insertQuery)-1);
//finish the string
$insertQuery .= ');';
//run the query
if($mysqli->query($insertQuery)){
//create an item id for the status and optional image inserts
$itemId = $mysqli->insert_id;
/* EXTENTIE VOOR DE LANGSTRAAT */
//check if this item needs photos
if(isset($_SESSION[$mp_fields['form-config']['linkname']]['shortcodes'])){
foreach($_SESSION[$mp_fields['form-config']['linkname']]['shortcodes'] as $i => $shortcode){
/* generate id */
if($mysqli->query('INSERT INTO '.$formname.'_photos(itemId, shortcode, photoOrder)
VALUES("'.$itemId.'","'.$shortcode.'",'.$i.')')){
}
else{
echo $mysqli->error;
}
}
}
if(isset($processMultiSelect))
{
// Theme == aanbod
foreach($themes as $themeId)
{
$mysqli->query('INSERT INTO themes_shops(theme_id, shop_id) VALUES(' . $themeId . ',' . $itemId .')');
}
}
/* EIND EXTENTIE */
$statusQuery = 'INSERT INTO content_status(itemId, linkname, active, timest) VALUES("'.$itemId.'", "'.$mp_fields['form-config']['linkname'].'", "1",'.time().')';
if($mysqli->query($statusQuery)){
unset($_SESSION[$formname]['value']);
//display feedback
$_SESSION['feed-msg'] = '<span class="fm-suc"><span class="fm-suc-v">√</span>jeej (mp add form)</span>';
if(isset($_SESSION[$formname]['shortcodes'])){ unset($_SESSION[$mp_fields['form-config']['linkname']]['shortcodes']); }
header('location: ../');
}
}
else{
echo $mysqli->error;
}
}
else if ($method == 'edit'){
//CASE EDIT: Create an UPDATE QUERY
//start the insert string
$updateQuery = 'UPDATE '.$mp_fields['form-config']['linkname'].' SET ';
#2.1 look for the field names
for($n=0; $n < $numFields ; $n++){
//avoid types that don't have a db field
if($mp_fields[$n]['type'] != 'submit' && $mp_fields[$n]['type'] != 'timestamp' && $mp_fields[$n]['type'] != 'fixedValue' && $mp_fields[$n]['type'] != 'photos' && $mp_fields[$n]['type'] != 'multiSelect'){
$temp = explode('.',$mp_fields[$n]['db']);
//create an update string
$updateQuery .= $temp[1].'="'.inDatabase($_SESSION[$formname]['value'][$n]).'",';
}
}
//get rid of the last comma
$updateQuery = substr($updateQuery, 0, strlen($updateQuery)-1);
$updateQuery .= ' WHERE id='.$editId.' LIMIT 1;';
/* EXTENTIE VOOR DE LANGSTRAAT */
if(isset($processMultiSelect))
{
// Remove all themes on edit
$mysqli->query('DELETE FROM themes_shops WHERE shop_id = ' . $editId);
// Theme == aanbod
foreach($themes as $themeId)
{
$mysqli->query('INSERT INTO themes_shops(theme_id, shop_id) VALUES(' . $themeId . ',' . $editId . ')');
}
}
//check if this item needs photos
if(isset($_SESSION[$mp_fields['form-config']['linkname']]['shortcodes'])){
foreach($_SESSION[$mp_fields['form-config']['linkname']]['shortcodes'] as $i => $shortcode){
if($result = $mysqli->query('SELECT shortcode FROM '.$formname.'_photos WHERE shortcode = "'.$shortcode.'" AND itemId = '.$editId.' LIMIT 1')){
/* if not exists */
if($result->num_rows == 0){
if($mysqli->query('INSERT INTO '.$formname.'_photos(itemId, shortcode, photoOrder)
VALUES("'.$editId.'","'.$shortcode.'",'.$i.')')){
}
else{
echo $mysqli->error;
}
}
}
}
//check if delete photos ?
if($result = $mysqli->query('SELECT id, shortcode FROM '.$formname.'_photos WHERE itemId = "'.$editId.'"')){
while($record = $result->fetch_assoc()){
$sc = $record['shortcode'];
if(!existInArray($sc, $_SESSION[$mp_fields['form-config']['linkname']]['shortcodes'])){
$scId = $record['id'];
$mysqli->query('DELETE FROM '.$formname.'_photos WHERE id='.$scId.' LIMIT 1');
}
}
}
}
/* EIND EXTENTIE */
//run the query
if($mysqli->query($updateQuery)){
unset($_SESSION[$formname]['value']);
//display feedback
$_SESSION['feed-msg'] = '<span class="fm-suc"><span class="fm-suc-v">√</span>jeej (mp edit form)</span>';
header('location: ../../');
}
else{
echo $mysqli->error;
}
}
}
}
}
?>