File: D:/HostingSpaces/SBogers45/smuldersinterieurprojecten.nl/wwwroot/admin/php/form.php
<?php
function createForm($arr, $method, $editId=0){
//get text
$siteText = getSiteText();
//get the number of input fields (minus 1 because we have one arr['form'] with global information
$numFields = count($arr) - 1;
$formName = $arr['form']['name'];
//check method
if($method == 'new'){
//if there isn't a session created for this form name, create one
if(!isset($_SESSION[$formName]['value'][0])){
for($i=0;$i<$numFields;$i++){
//create an empty error session
$_SESSION[$formName]['errors'][$i] = '';
//create an empty value session
$_SESSION[$formName]['value'][$i] = '';
if($arr[$i]['type'] == 'date'){
//type date needs 3 extra fields
$_SESSION[$formName]['value']['day'][$i] = '';
$_SESSION[$formName]['value']['month'][$i] = '';
$_SESSION[$formName]['value']['year'][$i] = '';
}
}
}
}
else if($method == 'edit'){
//we need to get stuff from the database, but's when it's submitted but not validated, we want to keep the users input in the session. (so skip the database)
if(!isset($_SESSION['editFormSubmitted'])){
#1 first check in how many tables we need to look for information
$arrTableNames = array();
$arrTableNamesCount = 0;
for($i=0; $i< $numFields ; $i++){
//avoid types that don't have a db field
if($arr[$i]['type'] != 'submit' && $arr[$i]['type'] != 'image' && $arr[$i]['type'] != 'mediaFile'){
$temp = explode('.', $arr[$i]['db']);
//if this tablename isn't in the array yet, put it in the array
if(!existInArray($temp[0],$arrTableNames)){
$arrTableNames[$arrTableNamesCount] = $temp[0];
$arrTableNamesCount++;
}
}
}
//new array: $tableFields['tablename'][$i]
#2. check for each tablename witch fields belongs to that table
for($n=0; $n< count($arrTableNames) ; $n++){
//if we have an edit form we need to fill this in.
for($i=0;$i<$numFields;$i++){
//avoid fields that don't have a column declarated
if($arr[$i]['type'] != 'submit' && $arr[$i]['type'] != 'image' && $arr[$i]['type'] != 'mediaFile'){
//get the column in the database
$temp = explode('.',$arr[$i]['db']);
//create an insert string
if($temp[0] == $arrTableNames[$n]){
$col = $temp[1];
//get the value from the database
$query = 'SELECT '.$col.' FROM '.$arrTableNames[$n].' WHERE id = '.$editId;
$result = mysql_query($query);
$record = mysql_fetch_assoc($result);
$val = $record[$col];
//create an empty error session
$_SESSION[$formName]['errors'][$i] = '';
//create an empty value session
$_SESSION[$formName]['value'][$i] = $val;
if($arr[$i]['type'] == 'date'){
//in case of date we get a timestamp, we need to converse this to three fields
$day = date('j',$val);
$month = date('n',$val);
$year = date('Y',$val);
//type date needs 3 extra fields
$_SESSION[$formName]['value']['day'][$i] = $day;
$_SESSION[$formName]['value']['month'][$i] = $month;
$_SESSION[$formName]['value']['year'][$i] = $year;
}
}
}
}
}
}
}
//here we start with the output
$formOutput = '';
// $formOutput .= '<div class="column">';
$formOutput .= '<div class="double-column-content">';
$formOutput .= '<form action="'.$arr['form']['action'] .'" method="post" name="'.$formName.'" enctype="multipart/form-data">';
if($method == 'new' || $method == 'edit'){
//for the number of fields, begin to create fields
$bool = 0;
for($i=0;$i<$numFields;$i++){
$type = $arr[$i]['type'];
$hasLabel = true;
if($method == 'edit' && $type == 'mediaFile'){
$hasLabel = false;
}
if($type != 'wysiwyg' && $type != 'submit' && $type != 'itemOrder' && $type != 'timestamp' && $type != 'fixedValue' && $hasLabel){
$formOutput .= '<div class="input-total ';
if($bool == 1) $formOutput .= ' column-margin-left ';
$formOutput .= ' ">';
$formOutput .= '<div class="input-title">';
if(!empty($arr[$i]['label']) ){
$formOutput .= $arr[$i]['label'];
}
if(isset($arr[$i]['required'])){
if($arr[$i]['required']){
$formOutput .= ' *';
}
}
$formOutput .= '</div>';
}
else{
if(!empty($arr[$i]['label']) && $type != 'submit' && $hasLabel){
$formOutput .= $arr[$i]['label'];
}
else{
if( $hasLabel) $formOutput .= ' ';
}
}
//get the type of this array key, then see what to do
switch($type){
case 'text': if(!empty($_SESSION[$formName]['errors'][$i])){ $formOutput .= '<span class="errForm">'.$_SESSION[$formName]['errors'][$i].'</span><br />'; }
$formOutput .= '<input type="text" name="'.$arr[$i]['name'].'" ';
$formOutput .= 'id="'.$arr[$i]['name'].'" ';
$formOutput .= 'value="'.$_SESSION[$formName]['value'][$i].'" />';
/*if($arr[$i]['newLine']){
$formOutput .= '<br /><br />';
}
else{
$formOutput .= ' ';
}*/
break;
case 'dateToTimest':
if(!empty($_SESSION[$formName]['value'][$i])){
$_SESSION[$formName]['value'][$i] = date('d-m-Y',$_SESSION[$formName]['value'][$i]);
}
if(!empty($_SESSION[$formName]['errors'][$i])){
$formOutput .= '<span class="errForm">'.$_SESSION[$formName]['errors'][$i].'</span><br />';
}
$formOutput .= '<input type="text" name="'.$arr[$i]['name'].'" ';
$formOutput .= 'id="'.$arr[$i]['name'].'" ';
$formOutput .= 'value="'.$_SESSION[$formName]['value'][$i].'" />';
break;
case 'wysiwyg': if(!empty($_SESSION[$formName]['errors'][$i])){ $formOutput .= '<span class="errForm">'.$_SESSION[$formName]['errors'][$i].'</span><br />'; }
$formOutput .= '<textarea cols="5" id="'.$arr[$i]['name'].'" name="'.$arr[$i]['name'].'" class="wysiwyg" rows="10">'.$_SESSION[$formName]['value'][$i].'</textarea>';
break;
case 'date':if(!empty($_SESSION[$formName]['errors'][$i])){ $formOutput .= '<span class="errForm">'.$_SESSION[$formName]['errors'][$i].'</span><br />'; }
$formOutput .= '<input type="text" name="'.$arr[$i]['name'].'_day" value="'.$_SESSION[$formName]['value']['day'][$i].'" maxlength="2" class="day"/>
<input type="text" name="'.$arr[$i]['name'].'_month" value="'.$_SESSION[$formName]['value']['month'][$i].'" maxlength="2" class="month"/>
<input type="text" name="'.$arr[$i]['name'].'_year" value="'.$_SESSION[$formName]['value']['year'][$i].'" maxlength="4" class="year"/>';
break;
case 'email': if(!empty($_SESSION[$formName]['errors'][$i])){ $formOutput .= '<span class="errForm">'.$_SESSION[$formName]['errors'][$i].'</span><br />'; }
$formOutput .= '<input type="text" name="'.$arr[$i]['name'].'" value="'.$_SESSION[$formName]['value'][$i].'" />';
break;
case 'image':
// we only need image fields if we create a new form
if(!empty($_SESSION[$formName]['errors'][$i])){
$formOutput .= '<span class="errForm">'.$_SESSION[$formName]['errors'][$i].'</span><br />';
}
$formOutput .= '<input type="file" name="images[]" value="'.$_SESSION[$formName]['value'][$i].'"/>';
break;
case 'mediaFile':
// we only need mediaFiles fields if we create a new form
if($method == 'new'){
if(!empty($_SESSION[$formName]['errors'][$i])){ $formOutput .= '<span class="errForm">'.$_SESSION[$formName]['errors'][$i].'</span><br />'; }
$formOutput .= '<input type="file" name="'.$arr[$i]['name'].'[]" value="'.$_SESSION[$formName]['value'][$i].'"/>';
}
break;
case 'select': $formOutput .= '<select name="'.$arr[$i]['name'].'" id="'.$arr[$i]['name'].'">';
$numOptions = count($arr[$i]['option']);
for($n=0;$n<$numOptions;$n++){
$formOutput .= '<option value="'.$arr[$i]['value'][$n].'"';
if($arr[$i]['value'][$n] == $_SESSION[$formName]['value'][$i]){
$formOutput .= ' selected="selected" ';
}
$formOutput .= '>'.$arr[$i]['option'][$n].'</option>';
}
$formOutput .= '</select>';
break;
case 'checkbox':
$formOutput .= '<input type="checkbox" name="cb_'.$arr[$i]['name'].'" value="'.$arr[$i]['name'].'" />';
break;
case 'submit':
//$formOutput .= '<div class="buttonTotal">';
$formOutput .= '<input type="submit"';
//backbuttons don't get 'new' or 'edit' attached
if($arr[$i]['name'] != 'back'){
if($method == 'new'){
$formOutput .= ' name="'.$arr[$i]['name'].'New"';
}
else if($method == 'edit'){
$formOutput .= ' name="'.$arr[$i]['name'].'Edit"';
}
}
else{
$formOutput .= ' name="'.$arr[$i]['name'].'"';
}
$formOutput .= ' value="'.$arr[$i]['label'].'" class="button fully-rounded"/>';
//$formOutput .= '<div class="clear"></div>';
//$formOutput .= '</div>';
break;
}
if($type != 'wysiwyg' && $type != 'submit' && $type != 'itemOrder' && $type != 'timestamp' && $type != 'fixedValue' && $hasLabel){
$formOutput .= '</div>';
if($bool == 1 || $arr[$i]['clear']){
$formOutput .= '<div class="clear"></div>';
$bool--;
}
else{
$bool++;
}
}
}
}
else if($method == 'delete'){
//Get the title
$dbTitle = 'title';
if($arr['form']['table'] == 'tags' || $arr['form']['table'] == '_pages') $dbTitle = 'name';
$query = 'SELECT '.$dbTitle.' FROM '.$arr['form']['table'].' WHERE id = '.$editId;
$result = mysql_query($query);
//if there is a title, echo the first line, else name it 'this item';
if(mysql_num_rows($result) > 0){
$record = mysql_fetch_assoc($result);
$val = $record[$dbTitle];
$formOutput .= $siteText['areYouSureDelete'].'<br /><br />
“'.$val.'”?<br />';
}
else{
$formOutput .= $siteText['areYouSureDeleteItem'].'<br />';
}
//get the submit name
$name = '';
foreach($arr as $key => $value){
if(isset($value['type'])){
if($value['type'] == 'submit' && $value['name'] != 'back') $name = $value['name'];
}
}
$formOutput .= '
<input type="submit" name="'.$name.'Delete" value="'.$siteText['formBtnYesDelete'].'" class="button fully-rounded"/>
<input type="submit" name="back" value="'.$siteText['formBtnNo'].'" class="button fully-rounded"/>
<div class="clear"></div>';
}
$formOutput .= '</form>';
//end column
$formOutput .= '</div>';
//return the form as a string
return $formOutput;
}
function validateForm($arr, $method,$editId=0){
//get text
$siteText = getSiteText();
$output = '';
$numFields = count($arr) - 1;
$numErrors = 0;
$formName = $arr['form']['name'];
//all images will be put in an array, so for all the images we need just one handling.
//this boolean checks if the handling has started.
$handleImage = false;
//if formtype is 'new' or 'edit' validate it. if it is delete, delete the requested itemId from the page
if($method == 'new' || $method == 'edit'){
for($i=0; $i< $numFields ; $i++){
switch($arr[$i]['type']){
case 'text':
$val = $_POST[$arr[$i]['name']];
//trim it
$dbVal = inDatabase($val);
if(!empty($dbVal) || !$arr[$i]['required']){
$_SESSION[$formName]['value'][$i] = $val;
//empty the error session in case there was an error before
$_SESSION[$formName]['errors'][$i] = '';
}
else{
//if this fields was required, add an error
if($arr[$i]['required']){
//empty the session value in case there it was filled in before
$_SESSION[$formName]['value'][$i] = '';
//set an error
$_SESSION[$formName]['errors'][$i] = $siteText['emptyField1'];
$numErrors++;
}
}
break;
case 'dateToTimest':
//textfield dd-mm-yyyy
$val = $_POST[$arr[$i]['name']];
if(!empty($val) || !$arr[$i]['required']){
$temp = explode('-', $val);
$_SESSION[$formName]['value'][$i] = mktime(13,0,0,$temp[1],$temp[0],$temp[2]);
//empty the error session in case there was an error before
$_SESSION[$formName]['errors'][$i] = '';
}
else{
//if this fields was required, add an error
if($arr[$i]['required']){
//empty the session value in case there it was filled in before
$_SESSION[$formName]['value'][$i] = '';
//set an error
$_SESSION[$formName]['errors'][$i] = $siteText['emptyField1'];
$numErrors++;
}
}
break;
case 'wysiwyg':
$val = $_POST[$arr[$i]['name']];
//sometimes wuciwug editor puts in a <br /> tag, so i use the stiptags to check if there is text in it
$strippedVal = strip_tags($val);
//but it leaves a space so i trim it
$dbVal = inDatabase($strippedVal);
if(!empty($dbVal) || !$arr[$i]['required']){
$_SESSION[$formName]['value'][$i] = $val;
//empty the error session in case there was an error before
$_SESSION[$formName]['errors'][$i] = '';
}
else{
//if this fields was required, add an error
if($arr[$i]['required']){
//empty the session value in case there it was filled in before
$_SESSION[$formName]['value'][$i] = '';
//set an error
$_SESSION[$formName]['errors'][$i] = $siteText['emptyField1'];
$numErrors++;
}
}
break;
case 'checkbox':
if(isset($_POST['cb_'.$arr[$i]['name']])){
$_SESSION[$formName]['value'][$i] = 1;
}
else{
$_SESSION[$formName]['value'][$i] = 0;
}
break;
case 'date':
//we need 3 fields for our timestamp
$day = $_POST[$arr[$i]['name'].'_day'];
$month = $_POST[$arr[$i]['name'].'_month'];
$year = $_POST[$arr[$i]['name'].'_year'];
//check the number of digits, case 1 add a 0 on the left
//$day = str_pad($day, 2, "0", STR_PAD_LEFT);
//$month = str_pad($month, 2, "0", STR_PAD_LEFT);
//trim it
$dbDay = inDatabase($day);
$dbMonth = inDatabase($month);
$dbYear = inDatabase($year);
if(!empty($dbDay) && !empty($dbMonth) && !empty($dbYear)){
if(strlen($day)==2){
if(substr($day,0,1) == '0'){
$day = substr($day, 1,1);
}
}
if(strlen($month)==2){
if(substr($month,0,1) == '0'){
$month = substr($month, 1,1);
}
}
//rember the seperated day,month and year (for the input field)
$_SESSION[$formName]['value']['day'][$i] = $day;
$_SESSION[$formName]['value']['month'][$i] = $month;
$_SESSION[$formName]['value']['year'][$i] = $year;
// in the root of [value][$i] we want to put a timestamp
$timest = mktime(12,0,0,$month,$day,$year);
//check if the timestamp isn't empty or 0
if(strlen($timest) > 1 && strlen($year) == 4){
if($timest < 0){
$timest = $timest * -1;
}
$_SESSION[$formName]['value'][$i] = $timest;
//empty the error session in case there was an error before
$_SESSION[$formName]['errors'][$i] = '';
}
else{
//set an error
$_SESSION[$formName]['errors'][$i] = $siteText['invalidDate'];
$numErrors++;
}
}
else{
//if this fields was required, add an error
if($arr[$i]['required']){
//empty the session value in case there it was filled in before
$_SESSION[$formName]['value'][$i] = '';
//set an error
$_SESSION[$formName]['errors'][$i] = $siteText['emptyField2'];
$numErrors++;
}
}
break;
case 'email':
$val = $_POST[$arr[$i]['name']];
//trim it
$dbVal = inDatabase($val);
if(!empty($dbVal) || !$arr[$i]['required']){
//validate email adres
$email = strtolower($_POST[$arr[$i]['name']]);
if(preg_match('/^[a-z0-9&\'\.\-_\+]+@[a-z0-9\-]+\.([a-z0-9\-]+\.)*+[a-z]{2}/is', $email)) {
$_SESSION[$formName]['value'][$i] = $val;
//empty the error session in case there was an error before
$_SESSION[$formName]['errors'][$i] = '';
}
else{
//set an error
$_SESSION[$formName]['errors'][$i] = $siteText['invalidEmail'];
$numErrors++;
}
}
else{
//if this fields was required, add an error
if($arr[$i]['required']){
//empty the session value in case there it was filled in before
$_SESSION[$formName]['value'][$i] = '';
//set an error
$_SESSION[$formName]['errors'][$i] = $siteText['emptyField1'];
$numErrors++;
}
}
break;
case 'image':
// we only need to validate this if we had a new-form
if(!$handleImage){
//create a temp array, we put this in the database later
$imgArr = array();
//the order of the image
$imageOrder = 1;
// for each field with the name images[]
foreach ($_FILES['images']['name'] as $key => $value) {
//set a boolean validated
$imgArr[$key]['validated'] = false;
if(!empty($value) || $method == 'edit'){
//get the filesize
$file_size[$key] = $_FILES['images']['size'][$key];
$limit_size = 800000;
//when the file isn't to big
if($file_size[$key] <= $limit_size){
$fileExtArr = explode('.', $value);
//the last part of this array is the extention
$fileExt = strtolower($fileExtArr[count($fileExtArr) - 1]);
if($fileExt == 'jpg' || $fileExt == 'png' || $fileExt == 'gif' || $fileExt == 'jpeg'){
$fileName = str_replace('.'.$fileExt, '', $value).'_'.md5(microtime()).'.'.$fileExt;
//make sure the filename has no spaces
$fileName = str_replace(' ','_', $fileName);
// create a path for this
//$dirpad = '../images/'.$arr['form']['page'].'/';
$dirpad = '../images/uploads/';
$pad = $dirpad.$fileName;
//check if this dir exists, else create one (HIER NOG EEN FUNCTIE VOOR MAKEN)
if(!file_exists($dirpad)){
mkdir($dirpad, 0777);
}
/*
//get the image size
$tempArr = explode('x', $arr[$i]['size']);
$imgWidth = $tempArr[0];
$imgHeight = $tempArr[1];
createImage($_FILES['images']['tmp_name'][$key], $pad, $imgWidth, $imgHeight);
*/
//if a thumbnail is needed, create one
if($arr[$i]['thumb']){
$thumbName = str_replace('.'.$fileExt, '', $value).'_thumb_'.md5(microtime()).'.'.$fileExt;
$thumbName = str_replace(' ','_', $thumbName);
$thumbName = str_replace('%20','_', $thumbName);
$tDirPad = '../images/uploads/thumb/';
$tPad = $tDirPad.$thumbName;
if(!file_exists($tDirPad)){
mkdir($tDirPad , 0777);
}
/*
$tempArr = explode('x', $arr[$i]['thumbsize']);
$thumbWidth = $tempArr[0];
$thumbHeight = $tempArr[1];
createImage($_FILES['images']['tmp_name'][$key], $tPad, $thumbWidth, $thumbHeight);
*/
}
//put the variables in a temporary array
//validated
$imgArr[$key]['validated'] = true;
$imgArr[$key]['tmp_name'] = $_FILES['images']['tmp_name'][$key];
$imgArr[$key]['arrKey'] = $i;
$imgArr[$key]['fileName'] = $fileName;
$imgArr[$key]['pad'] = $pad;
if($arr[$i]['thumb']){
$imgArr[$key]['thumbName'] = $thumbName;
$imgArr[$key]['tpad'] = $tPad;
}
$imgArr[$key]['imageOrder'] = $imageOrder;
$imageOrder++;
}
else{
//empty the session value in case there it was filled in before
$_SESSION[$formName]['value'][$i] = '';
//set an error
$_SESSION[$formName]['errors'][$i] = 'All images must be jpg, png or gif.';
$numErrors++;
}
}
else{
//empty the session value in case there it was filled in before
$_SESSION[$formName]['value'][$i] = '';
//set an error
$_SESSION[$formName]['errors'][$i] = 'One of the images is to big.';
$numErrors++;
}
}
else{
//if this fields was required, add an error
if($arr[$i]['required']){
//empty the session value in case there it was filled in before
$_SESSION[$formName]['value'][$i] = '';
//set an error
$_SESSION[$formName]['errors'][$i] = $siteText['emptyField1'];
$numErrors++;
}
}
}
//set imageHandle to true
$handleImage = true;
}
break;
case 'mediaFile':
// we only need to validate this if we had a new-form, and only one of the images (if there are more)
if(!$handleImage && $method == 'new'){
//create a temp array, we put this in the database later
$mediaFileArr = array();
//the order of the image
$imageOrder = 1;
// for each field with the name images[]
foreach ($_FILES[$arr[$i]['name']]['name'] as $key => $value) {
//set a boolean validated
$mediaFileArr[$key]['validated'] = false;
if(!empty($value)){
//get the filesize
$file_size[$key] = $_FILES[$arr[$i]['name']]['size'][$key];
$limit_size = 800000;
//when the file isn't to big
if($file_size[$key] <= $limit_size){
$fileExtArr = explode('.', $value);
//the last part of this array is the extention
$fileExt = strtolower($fileExtArr[count($fileExtArr) - 1]);
if($fileExt == 'jpg' || $fileExt == 'png' || $fileExt == 'gif' || $fileExt == 'jpeg'){
$shortCode = $key.time();
$fileName = $shortCode.'.'.$fileExt;
// create a path for this
$dirpad = '../images/uploads/';
$pad = $dirpad.$fileName;
//check if this dir exists, else create one (HIER NOG EEN FUNCTIE VOOR MAKEN)
if(!file_exists($dirpad)){
mkdir($dirpad, 0777);
}
//if a thumbnail is needed, create one
if($arr[$i]['thumb']){
$thumbName = $shortCode.'_thumb.'.$fileExt;
$tDirPad = '../images/uploads/thumb/';
$tPad = $tDirPad.$thumbName;
if(!file_exists($tDirPad)){
mkdir($tDirPad , 0777);
}
}
//if a medium size file is needed, create one
if(isset($arr[$i]['medium'])){
if($arr[$i]['medium']){
$mediumName = $shortCode.'_medium.'.$fileExt;
$mDirPad = '../images/uploads/thumb/';
$mPad = $mDirPad.$mediumName;
if(!file_exists($mDirPad)){
mkdir($mDirPad , 0777);
}
}
}
else{
$arr[$i]['medium'] = false;
}
//put the variables in a temporary array
//validated
$mediaFileArr[$key]['validated'] = true;
$mediaFileArr[$key]['tmp_name'] = $_FILES[$arr[$i]['name']]['tmp_name'][$key];
$mediaFileArr[$key]['arrKey'] = $i;
$mediaFileArr[$key]['shortCode'] = $shortCode;
$mediaFileArr[$key]['fileName'] = $fileName;
$mediaFileArr[$key]['pad'] = $pad;
if($arr[$i]['thumb']){
$mediaFileArr[$key]['thumbName'] = $thumbName;
$mediaFileArr[$key]['tpad'] = $tPad;
}
if($arr[$i]['medium']){
$mediaFileArr[$key]['mediumName'] = $mediumName;
$mediaFileArr[$key]['mpad'] = $mPad;
}
$mediaFileArr[$key]['imageOrder'] = $imageOrder;
$imageOrder++;
}
else{
//empty the session value in case there it was filled in before
$_SESSION[$formName]['value'][$i] = '';
//set an error
$_SESSION[$formName]['errors'][$i] = $siteText['imageFormat'];
$numErrors++;
}
}
else{
//empty the session value in case there it was filled in before
$_SESSION[$formName]['value'][$i] = '';
//set an error
$_SESSION[$formName]['errors'][$i] = $siteText['imageToBig'];
$numErrors++;
}
}
else{
//if this fields was required, add an error
if($arr[$i]['required']){
//empty the session value in case there it was filled in before
$_SESSION[$formName]['value'][$i] = '';
//set an error
$_SESSION[$formName]['errors'][$i] = $siteText['emptyField1'];
$numErrors++;
}
}
}
//set imageHandle to true
$handleImage = true;
}
break;
case 'timestamp': $_SESSION[$formName]['value'][$i] = time();
break;
case 'fixedValue': $_SESSION[$formName]['value'][$i] = $arr[$i]['value'];
break;
case 'itemOrder' :
if($method == 'new'){
$result = mysql_query('SELECT '.$arr[$i]['name'].' FROM '.$arr['form']['table'].' ORDER by '.$arr[$i]['name'].' DESC LIMIT 1');
$record = mysql_fetch_assoc($result);
$itemOrder = $record[$arr[$i]['name']];
$itemOrder++;
$_SESSION[$formName]['value'][$i] = $itemOrder;
}
if($method == 'edit'){
$result = mysql_query('SELECT '.$arr[$i]['name'].' FROM '.$arr['form']['table'].' WHERE id = '.$editId.' LIMIT 1');
$record = mysql_fetch_assoc($result);
$itemOrder = $record[$arr[$i]['name']];
$_SESSION[$formName]['value'][$i] = $itemOrder;
}
break;
case 'select':
$val = $_POST[$arr[$i]['name']];
//trim it
$dbVal = inDatabase($val);
if(!empty($dbVal)){
$_SESSION[$formName]['value'][$i] = $val;
//empty the error session in case there was an error before
$_SESSION[$formName]['errors'][$i] = '';
}
break;
}
}
$_SESSION['numErrors'] = $numErrors;
//check if there are any errors
if($numErrors > 0){
if($method == 'new'){
$output .= createForm($arr, $method);
}
else if($method == 'edit'){
//we are going to create a new form, but with editFOrmSubmitted true
$_SESSION['editFormSubmitted'] = true;
$output .= createForm($arr, $method, $editId);
}
}
else{
//header
$output .= '<div class="double-column-content">';
if($method == 'new'){
$output .= '<h1>'.ucfirst($arr['form']['label']).' // '.$siteText['titleNewItem'].'</h1>';
}
else if($method == 'edit'){
$output .= '<h1>'.ucfirst($arr['form']['label']).' // '.$siteText['titleEditItem'].'</h1>';
}
$output .= $siteText['submitSucces'].'<br /><br />';
if($arr['form']['table'] == 'media'){
$output .= '<a href="./media/">'.$siteText['formBack'].'</a>';
}
else if(isset($_GET['action'])){
if($_GET['action'] == 'article-edit'){
//edditted from article, so back to article
$output .= '<a href="./pages/'.$arr['form']['page'].'/article/'.$_GET['id'].'">'.$siteText['formBack'].'</a>';
}
else{
$output .= '<a href="./pages/'.$arr['form']['page'].'/">'.$siteText['formBack'].'</a>';
}
}
else{
$output .= '<a href="./pages/'.$arr['form']['page'].'/">'.$siteText['formBack'].'</a>';
}
$output .= '</div>';
//WRITING TO THE DATABASE
//first every thing except the images
#1. how many tablenames are there
$arrTableNames = array();
$arrTableNamesCount = 0;
for($i=0; $i< $numFields ; $i++){
//avoid types that don't have a db field
if($arr[$i]['type'] != 'submit' && $arr[$i]['type'] != 'image' && $arr[$i]['type'] != 'mediaFile' ){
$temp = explode('.', $arr[$i]['db']);
//if this tablename isn't in the array yet, put it in the array
if(!existInArray($temp[0],$arrTableNames)){
$arrTableNames[$arrTableNamesCount] = $temp[0];
$arrTableNamesCount++;
}
}
}
//new array: $tableFields['tablename'][$i]
#2. check for each tablename witch fields belongs to that table
//CASE NEW: Create an INSERT QUERY
if($method == 'new'){
for($i=0; $i< count($arrTableNames) ; $i++){
//start the insert string
$insertQuery = 'INSERT INTO '.$arrTableNames[$i].' (';
#2.1 look for the field names
for($n=0; $n < $numFields ; $n++){
//avoid types that don't have a db field
if($arr[$n]['type'] != 'submit' && $arr[$n]['type'] != 'image' && $arr[$n]['type'] != 'mediaFile'){
$temp = explode('.',$arr[$n]['db']);
//do the names match?
if($temp[0] == $arrTableNames[$i]){
//create an insert string
$insertQuery .= $temp[1];
//add a ,
$insertQuery .= ',';
}
}
}
//get rid of the last comma
$insertQuery = substr($insertQuery, 0, strlen($insertQuery)-1);
//finish first part, start second; the values
$insertQuery .= ') VALUES(';
#2.2 look for the values
for($n=0; $n< $numFields ; $n++){
if($arr[$n]['type'] != 'submit' && $arr[$n]['type'] != 'image' && $arr[$n]['type'] != 'mediaFile' ){
//avoid types that don't have a db field
$dbString = $arr[$n]['db'];
$temp = explode('.',$dbString);
//do the names match?
if($temp[0] == $arrTableNames[$i]){
//create an insert string
$insertQuery .= '"'.$_SESSION[$formName]['value'][$n].'"';
//add a ,
$insertQuery .= ',';
}
}
}
//get rid of the last comma
$insertQuery = substr($insertQuery, 0, strlen($insertQuery)-1);
//finish the string
$insertQuery .= ');';
//run the query
mysql_query($insertQuery);
//echo $insertQuery;
//create an item id for the status and optional image inserts
$itemId = mysql_insert_id();
//for the pages
if($arr['form']['page'] == '_pages'){
//insert database
//als pagina niet custom is
if(empty($_SESSION['addPages']['value'][2])){
addStandardBlogTable($itemId, $_SESSION['addPages']['value'][0], $_SESSION['addPages']['value'][3]);
}
}
$statusQuery = 'INSERT INTO status(itemId, page, active) VALUES("'.$itemId.'", "'.$arr['form']['page'].'", "1")';
if($arr['form']['name'] == 'mediaForm' || $arr['form']['name'] == 'mediaVimeo' || $arr['form']['name'] == 'soundCloud' || $arr['form']['name'] == 'mediaYoutube' ){
//add to groups
if(isset($_GET['sub'])){
$groupLinkname = $_GET['sub'];
if($groupLinkname != 'all'){
//get groupId
$groupResult = mysql_query('SELECT id FROM media_groups WHERE linkname = "'.$groupLinkname.'" LIMIT 1');
$groupRecord = mysql_fetch_assoc($groupResult);
$groupId = $groupRecord['id'];
//insert into group database
mysql_query('INSERT INTO media_grouprows (groupId, mediaId, timest) VALUES ("'.$groupId.'","'.$itemId.'","'.time().'")');
}
}
}
mysql_query($statusQuery);
}
}
else if ($method == 'edit'){
//CASE EDIT: Create an UPDATE QUERY
for($i=0; $i< count($arrTableNames) ; $i++){
//start the insert string
$updateQuery = 'UPDATE '.$arrTableNames[$i].' SET ';
#2.1 look for the field names
for($n=0; $n < $numFields ; $n++){
//avoid types that don't have a db field
if($arr[$n]['type'] != 'submit' && $arr[$n]['type'] != 'image' && $arr[$n]['type'] != 'mediaFile' && $arr[$n]['type'] != 'timestamp' && $arr[$n]['type'] != 'fixedValue'){
$temp = explode('.',$arr[$n]['db']);
//do the names match?
if($temp[0] == $arrTableNames[$i]){
//create an update string
$updateQuery .= $temp[1].'="'.inDatabase($_SESSION[$formName]['value'][$n]).'",';
}
}
}
//get rid of the last comma
$updateQuery = substr($updateQuery, 0, strlen($updateQuery)-1);
$updateQuery .= ' WHERE id='.$editId.' LIMIT 1;';
//run the query
mysql_query($updateQuery);
}
}
//check if there are images
if(isset($imgArr)){
//upload the images
//we need the itemId from the last inserted item
foreach($imgArr as $key => $value) {
if($value['validated']){
//get the image size
$tempArr = explode('x', $arr[$value['arrKey']]['size']);
$imgWidth = $tempArr[0];
//$imgHeight = $tempArr[1];
createImageByWidth($value['tmp_name'], $value['pad'], $imgWidth);
if($arr[$value['arrKey']]['thumb']){
$tempArr = explode('x', $arr[$value['arrKey']]['thumbsize']);
$thumbWidth = $tempArr[0];
$thumbHeight = $tempArr[1];
createImage($value['tmp_name'], $value['tpad'], $thumbWidth, $thumbHeight);
}
if($method == 'new'){
//create the insert query
$query = 'INSERT INTO '.$arr[$value['arrKey']]['db'].' (itemId, fileName, ';
if($arr[$value['arrKey']]['thumb']){
$query .= 'thumbName, ';
}
$query .= 'imageOrder, page, timest)
VALUES("'.$itemId.'","'.$value['fileName'].'",';
if($arr[$value['arrKey']]['thumb']){
$query .= '"'.$value['thumbName'].'",';
}
$query .= '"'.$value['imageOrder'].'","'.$arr['form']['page'].'","'.time().'")';
//run the query
mysql_query($query);
}
else if($method == 'edit'){
//create the insert query
$query = 'UPDATE '.$arr[$value['arrKey']]['db'].'
SET fileName="'.$value['fileName'].'", imageOrder="'.$value['imageOrder'].'",
page="'.$arr['form']['page'].'", timest="'.time().'"';
if($arr[$value['arrKey']]['thumb']){
$query .= ', thumbName="'.$value['thumbName'].'" ';
}
$query .= ' WHERE itemId="'.$editId.'"';
//run the query
mysql_query($query);
}
}
}
}
//check if there are media-files
if(isset($mediaFileArr)){
//upload the images
//we need the itemId from the last inserted item
foreach($mediaFileArr as $key => $value) {
if($value['validated']){
//get the image size
$tempArr = explode('x', $arr[$value['arrKey']]['size']);
$imgWidth = $tempArr[0];
// $imgHeight = $tempArr[1];
createImageByWidth($value['tmp_name'], $value['pad'], $imgWidth);
if($arr[$value['arrKey']]['thumb']){
$tempArr = explode('x', $arr[$value['arrKey']]['thumbsize']);
$thumbWidth = $tempArr[0];
$thumbHeight = $tempArr[1];
createImage($value['tmp_name'], $value['tpad'], $thumbWidth, $thumbHeight);
}
if($arr[$value['arrKey']]['medium']){
$tempArr = explode('x', $arr[$value['arrKey']]['mediumsize']);
$mediumWidth = $tempArr[0];
createImageByWidth($value['tmp_name'], $value['mpad'], $mediumWidth);
}
$updateQuery = 'UPDATE '.$arr['form']['table'].' SET path="'.$value['fileName'].'", thumb="'.$value['thumbName'].'", medium="'.$value['mediumName'].'",shortcode="'.$value['shortCode'].'" WHERE id="'.$itemId.'" LIMIT 1';
// $updateQuery;
//run the query
mysql_query($updateQuery);
}
}
}
/*
//PLUGING FOR ODDONE
if(isset($_GET['location'])){
$temp = explode('-',$_GET['location']);
$str = '?page='.$temp[0].'&action='.$temp[1];
if($temp[1] == 'edit') $str .= '&id='.$temp[2];
header('location: '.$str);
}*/
unset($_SESSION[$formName]['value']);
//unset the editFormSubmitted session
if(isset($_SESSION['editFormSubmitted'])){ unset($_SESSION['editFormSubmitted']);}
}
}
//if formtype == 'delete'
else if($method == 'delete'){
$output .= '<h1>'.ucfirst($arr['form']['page']).' // Delete item</h1>';
//set status active to 0
$updateQuery = 'UPDATE status SET active = "0" WHERE itemId = '.$editId.' AND page = "'.$arr['form']['page'].'" LIMIT 1';
mysql_query($updateQuery);
$output .= $siteText['itemToTrash'] .'<br /><br /><a href="./pages/'.$arr['form']['page'].'">'.$siteText['formBack'].'</a>';
}
return $output;
}
?>