[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] CVS: todo/inc class.bo.inc.php,1.1.2.7,1.1.2.7.2.1 cl
From: |
Dave Hall <address@hidden> |
Subject: |
[Phpgroupware-cvs] CVS: todo/inc class.bo.inc.php,1.1.2.7,1.1.2.7.2.1 class.so.inc.php,1.1.2.8,1.1.2.8.2.1 |
Date: |
Mon, 05 May 2003 02:08:19 -0400 |
Update of /cvsroot/phpgroupware/todo/inc
In directory subversions:/tmp/cvs-serv25606/inc
Modified Files:
Tag: Version-0_9_16-branch
class.bo.inc.php class.so.inc.php
Log Message:
changes needed for sync
Index: class.bo.inc.php
===================================================================
RCS file: /cvsroot/phpgroupware/todo/inc/class.bo.inc.php,v
retrieving revision 1.1.2.7
retrieving revision 1.1.2.7.2.1
diff -C2 -r1.1.2.7 -r1.1.2.7.2.1
*** class.bo.inc.php 13 Apr 2002 21:20:57 -0000 1.1.2.7
--- class.bo.inc.php 5 May 2003 06:08:17 -0000 1.1.2.7.2.1
***************
*** 197,201 ****
}
! function _list($start = 0, $limit = '', $query = '', $filter =
'', $order = '', $sort = '', $cat_id = 0, $tree = '', $parent = '')
{
if (is_array($start))
--- 197,201 ----
}
! function _list($start = 0, $limit = '', $query = '', $filter =
'', $order = '', $sort = '', $cat_id = 0, $tree = '', $parent = '', $lastmod=-1)
{
if (is_array($start))
***************
*** 212,218 ****
$tree = $params['tree'];
$parent = $params['parent'];
}
! $todos = $this->sotodo->read_todos($start, $limit,
$query, $filter, $order, $sort, $cat_id, $tree, $parent);
$this->total_records = $this->sotodo->total_records;
--- 212,219 ----
$tree = $params['tree'];
$parent = $params['parent'];
+ $lastmod= $params['lastmod'];
}
! $todos = $this->sotodo->read_todos($start, $limit,
$query, $filter, $order, $sort, $cat_id, $tree, $parent, $lastmod);
$this->total_records = $this->sotodo->total_records;
Index: class.so.inc.php
===================================================================
RCS file: /cvsroot/phpgroupware/todo/inc/class.so.inc.php,v
retrieving revision 1.1.2.8
retrieving revision 1.1.2.8.2.1
diff -C2 -r1.1.2.8 -r1.1.2.8.2.1
*** class.so.inc.php 30 Oct 2002 22:14:15 -0000 1.1.2.8
--- class.so.inc.php 5 May 2003 06:08:17 -0000 1.1.2.8.2.1
***************
*** 35,40 ****
switch ($tree)
{
! case 'mains': $s = " and todo_id_parent =
'0'"; break;
! case 'subs': $s = " and todo_id_parent !=
'0'"; break;
default: return False;
}
--- 35,40 ----
switch ($tree)
{
! case 'mains': $s = " AND todo_id_parent =
'0'"; break;
! case 'subs': $s = " AND todo_id_parent !=
'0'"; break;
default: return False;
}
***************
*** 42,56 ****
}
! function read_todos($start = 0, $limit = True, $query = '',
$filter = '', $order = '', $sort = '', $cat_id = '', $tree = '', $parent = '')
{
! $type = $this->type($tree);
if ($order)
{
! $ordermethod = ' order by ' . $order . ' ' .
$sort;
}
else
{
! $ordermethod = ' order by todo_id_main,
todo_id_parent, todo_level, todo_datecreated asc';
}
--- 42,66 ----
}
! function read_todos($start = 0, $limit = True, $query = '',
$filter = '', $order = '', $sort = '', $cat_id = '', $tree = '', $parent = '',
$lastmod = -1)
{
! // cast/addslashes for security
! $start = intval($start);
! $cat_id = intval($cat_id);
! $parent = intval($parent);
! $lastmod = intval($lastmod);
!
! $query = $this->db->db_addslashes($query);
! $order = $this->db->db_addslashes($order);
! $sort = $this->db->db_addslashes($sort);
!
! $type = $this->type($tree);
if ($order)
{
! $ordermethod = ' ORDER BY ' . $order . ' ' .
$sort;
}
else
{
! $ordermethod = ' ORDER BY todo_id_main,
todo_id_parent, todo_level, todo_datecreated ASC';
}
***************
*** 103,108 ****
$parentmethod = " AND todo_id_parent='$parent'";
}
! $sql = "SELECT * FROM phpgw_todo WHERE $filtermethod
$querymethod $type $parentmethod";
$this->db2->query($sql,__LINE__,__FILE__);
--- 113,122 ----
$parentmethod = " AND todo_id_parent='$parent'";
}
+ if ($lastmod >= 0)
+ {
+ $lastmodmethod = " AND todo_entry_date >
$lastmod";
+ }
! $sql = "SELECT * FROM phpgw_todo WHERE $filtermethod
$querymethod $lastmodmethod $type $parentmethod";
$this->db2->query($sql,__LINE__,__FILE__);
***************
*** 138,142 ****
'grants' =>
(int)$this->grants[$this->db->f('todo_owner')],
'sdate_epoch' =>
(int)$this->db->f('todo_startdate'),
! 'edate_epoch' =>
(int)$this->db->f('todo_enddate')
);
}
--- 152,157 ----
'grants' =>
(int)$this->grants[$this->db->f('todo_owner')],
'sdate_epoch' =>
(int)$this->db->f('todo_startdate'),
! 'edate_epoch' =>
(int)$this->db->f('todo_enddate'),
! 'entry_date' =>
(int)$this->db->f('entry_date')
);
}
***************
*** 146,166 ****
function read_single_todo($todo_id)
{
! $this->db->query("select * from phpgw_todo where
todo_id='$todo_id'",__LINE__,__FILE__);
if ($this->db->next_record())
{
! $todo['id'] =
$this->db->f('todo_id');
! $todo['main'] = $this->db->f('todo_id_main');
! $todo['parent'] =
$this->db->f('todo_id_parent');
! $todo['level'] = $this->db->f('todo_level');
! $todo['owner'] = $this->db->f('todo_owner');
! $todo['access'] = $this->db->f('todo_access');
! $todo['cat'] = $this->db->f('todo_cat');
! $todo['title'] = $this->db->f('todo_title');
! $todo['descr'] = $this->db->f('todo_des');
! $todo['pri'] = $this->db->f('todo_pri');
! $todo['status'] = $this->db->f('todo_status');
! $todo['sdate'] =
$this->db->f('todo_startdate');
! $todo['edate'] = $this->db->f('todo_enddate');
}
return $todo;
--- 161,183 ----
function read_single_todo($todo_id)
{
! $todo_id = intval($todo_id);
! $this->db->query("select * from phpgw_todo where
todo_id=$todo_id",__LINE__,__FILE__);
if ($this->db->next_record())
{
! $todo['id'] =
$this->db->f('todo_id');
! $todo['main'] =
$this->db->f('todo_id_main');
! $todo['parent'] =
$this->db->f('todo_id_parent');
! $todo['level'] =
$this->db->f('todo_level');
! $todo['owner'] =
$this->db->f('todo_owner');
! $todo['access'] =
$this->db->f('todo_access');
! $todo['cat'] =
$this->db->f('todo_cat');
! $todo['title'] =
$this->db->f('todo_title');
! $todo['descr'] =
$this->db->f('todo_des');
! $todo['pri'] =
$this->db->f('todo_pri');
! $todo['status'] =
$this->db->f('todo_status');
! $todo['sdate'] =
$this->db->f('todo_startdate');
! $todo['edate'] =
$this->db->f('todo_enddate');
! $todo['entry_date'] =
(int)$this->db->f('entry_date');
}
return $todo;
***************
*** 218,240 ****
}
! $values['title'] = addslashes($values['title']);
! $values['descr'] = addslashes($values['descr']);
$this->db->transaction_begin();
! $this->db->query("insert into phpgw_todo
(todo_id_main,todo_id_parent,todo_level,todo_owner,todo_access,todo_cat,"
! .
"todo_des,todo_title,todo_pri,todo_status,todo_datecreated,todo_startdate,todo_enddate)
values ('" . $values['main'] . "','"
! . $values['parent'] . "','" . $values['level']
. "','" . $this->owner . "','" . $values['access'] . "','"
! . $values['cat'] . "','" . $values['descr'] .
"','" . $values['title'] . "','" . $values['pri'] . "','"
! . $values['status'] . "','" . time() . "','" .
$values['sdate'] . "','" . $values['edate'] . "')",__LINE__,__FILE__);
! $this->db->get_last_insert_id('phpgw_todo','todo_id');
if (!$values['parent'] || $values[parent] == 0)
{
! $this->db2->query("select max(todo_id) from
phpgw_todo",__LINE__,__FILE__);
! $this->db2->next_record();
! $max = $this->db2->f(0);
!
! $this->db->query("update phpgw_todo set
todo_id_main='" . $max . "' "
! . "where todo_id='" . $max .
"'",__LINE__,__FILE__);
}
--- 235,264 ----
}
! //cast/slashes for security
! $values['main'] = intval($values['main']);
! $values['parent'] = intval($values['parent']);
! $values['level'] = intval($values['level']);
! $values['access'] =
$this->db->db_addslashes($values['access']);
! $values['cat'] = intval($values['cat']);
! $values['title'] =
$this->db->db_addslashes($values['title']);
! $values['descr'] =
$this->db->db_addslashes($values['descr']);
! $values['pri'] = intval($values['pri']);
! $values['status'] = intval($values['status']);
! $values['sdate'] = intval($values['sdate']);
! $values['edate'] = intval($values['edate']);
$this->db->transaction_begin();
! $this->db->query('INSERT INTO phpgw_todo
(todo_id_main,todo_id_parent,todo_level,todo_owner,todo_access,todo_cat,'
! .
'todo_des,todo_title,todo_pri,todo_status,todo_datecreated,todo_startdate,todo_enddate,
entry_date) '
! . ' VALUES (' . $values['main'] . ',' .
$values['parent'] . ',' . $values['level'] . ',' . $this->owner . ",'"
! . $values['access'] . "'," . $values['cat'] .
",'" . $values['descr'] . "','" . $values['title'] . "',"
! . $values['pri'] . "," . $values['status'] .
"," . time() . "," . $values['sdate'] . "," . $values['edate']
! . "," . time() .")",__LINE__,__FILE__);
! $todo_id =
$this->db->get_last_insert_id('phpgw_todo','todo_id');
if (!$values['parent'] || $values[parent] == 0)
{
! $this->db->query("update phpgw_todo set
todo_id_main='" . $todo_id . "' "
! . "where todo_id='" . $todo_id .
"'",__LINE__,__FILE__);
}
***************
*** 274,277 ****
--- 298,302 ----
function delete_todo($todo_id, $sub = False)
{
+ $todo_id = intval($todo_id);
$this->db->transaction_begin();
$sub_todos = $this->find_subs($todo_id);
***************
*** 288,298 ****
}
! $this->db->query("delete from phpgw_todo where
todo_id='$todo_id' $subdelete and ((todo_access='public' "
! . "and todo_owner != '"
. $this->owner . "') or (todo_owner='" . $this->owner .
"'))",__LINE__,__FILE__);
if (!$sub && $sub_todos)
{
! $this->db->query('UPDATE phpgw_todo set
todo_id_parent=' . $parent . ' where todo_id_parent=' .
$todo_id,__LINE__,__FILE__);
! $this->db->query("UPDATE phpgw_todo set
todo_level=todo_level-1 where todo_id in ($sub_todos)",__LINE__,__FILE__);
}
$this->historylog->delete($todo_id);
--- 313,323 ----
}
! $this->db->query("DELETE FROM phpgw_todo WHERE
todo_id=$todo_id $subdelete AND ((todo_access='public' "
! . "AND todo_owner != "
. $this->owner . ") OR (todo_owner=" . $this->owner . "))",__LINE__,__FILE__);
if (!$sub && $sub_todos)
{
! $this->db->query('UPDATE phpgw_todo SET
todo_id_parent=' . $parent . ' WHERE todo_id_parent=' .
$todo_id,__LINE__,__FILE__);
! $this->db->query("UPDATE phpgw_todo SET
todo_level=todo_level-1 WHERE todo_id IN ($sub_todos)",__LINE__,__FILE__);
}
$this->historylog->delete($todo_id);
***************
*** 348,359 ****
$this->historylog->add('a',$values['id'],$values['access'],
$old_values['access']);
! $values['title'] = addslashes($values['title']);
! $values['descr'] = addslashes($values['descr']);
! $this->db->query("update phpgw_todo set todo_des='".
$values['descr'] . "', todo_id_parent='" . $values['parent']
. "', todo_pri='" . $values['pri'] . "',
todo_status='" . $values['status'] . "', todo_id_main='" . $values['main']
. "', todo_access='" . $values['access'] . "',
todo_level='" . $values['level']
. "', todo_startdate='" . $values['sdate'] .
"', todo_enddate='" . $values['edate'] . "', todo_title='" . $values['title']
! . "', todo_cat='" . $values['cat'] . "' where
todo_id='" . $values['id']
. "'",__LINE__,__FILE__);
if (($old_values['level'] != $values['level']) ||
($old_values['main'] != $values['main']))
--- 373,397 ----
$this->historylog->add('a',$values['id'],$values['access'],
$old_values['access']);
! //need to add security shit here
! //cast/slashes for security
! $values['id'] = intval($values['id']);
! $values['main'] = intval($values['main']);
! $values['parent'] = intval($values['parent']);
! $values['level'] = intval($values['level']);
! $values['access'] =
$this->db->db_addslashes($values['access']);
! $values['cat'] = intval($values['cat']);
! $values['title'] =
$this->db->db_addslashes($values['title']);
! $values['descr'] =
$this->db->db_addslashes($values['descr']);
! $values['pri'] = intval($values['pri']);
! $values['status'] = intval($values['status']);
! $values['sdate'] = intval($values['sdate']);
! $values['edate'] = intval($values['edate']);
!
! $this->db->query("UPDATE phpgw_todo SET todo_des='".
$values['descr'] . "', todo_id_parent='" . $values['parent']
. "', todo_pri='" . $values['pri'] . "',
todo_status='" . $values['status'] . "', todo_id_main='" . $values['main']
. "', todo_access='" . $values['access'] . "',
todo_level='" . $values['level']
. "', todo_startdate='" . $values['sdate'] .
"', todo_enddate='" . $values['edate'] . "', todo_title='" . $values['title']
! . "', todo_cat='" . $values['cat'] . "',
entry_date = " . time() . " WHERE todo_id='" . $values['id']
. "'",__LINE__,__FILE__);
if (($old_values['level'] != $values['level']) ||
($old_values['main'] != $values['main']))
***************
*** 364,373 ****
if ($old_values['main'] !=
$values['main'])
{
! $this->db->query("update
phpgw_todo set todo_id_main='" . $values['main'] . "' where todo_id in
($sub_todos)",__LINE__,__FILE__);
}
if ($old_values['level'] !=
$values['level'])
{
! $this->db->query("update
phpgw_todo set todo_level=todo_level+" . ($values['level'] -
$old_values['level'])
! ." where todo_id in
($sub_todos)",__LINE__,__FILE__);
}
}
--- 402,411 ----
if ($old_values['main'] !=
$values['main'])
{
! $this->db->query("UPDATE
phpgw_todo SET todo_id_main='" . $values['main'] . "' WHERE todo_id IN
($sub_todos)",__LINE__,__FILE__);
}
if ($old_values['level'] !=
$values['level'])
{
! $this->db->query("UPDATE
phpgw_todo SET todo_level=todo_level+" . ($values['level'] -
$old_values['level'])
! ." WHERE todo_id IN
($sub_todos)",__LINE__,__FILE__);
}
}
***************
*** 378,381 ****
--- 416,420 ----
function return_value($todo_id,$action = 'main')
{
+ $todo_id = intval($todo_id);
switch($action)
{
***************
*** 385,389 ****
}
! $this->db->query("select $item from phpgw_todo where
todo_id='$todo_id'",__LINE__,__FILE__);
if ($this->db->next_record())
{
--- 424,428 ----
}
! $this->db->query("SELECT $item FROM phpgw_todo WHERE
todo_id=$todo_id",__LINE__,__FILE__);
if ($this->db->next_record())
{
***************
*** 394,398 ****
function exists($todo_id)
{
! $this->db->query("select count(*) from phpgw_todo where
todo_id_parent = '$todo_id'",__LINE__,__FILE__);
$this->db->next_record();
--- 433,438 ----
function exists($todo_id)
{
! $todo_id = intval($todo_id);
! $this->db->query("SELECT COUNT(*) FROM phpgw_todo WHERE
todo_id_parent = $todo_id",__LINE__,__FILE__);
$this->db->next_record();
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] CVS: todo/inc class.bo.inc.php,1.1.2.7,1.1.2.7.2.1 class.so.inc.php,1.1.2.8,1.1.2.8.2.1,
Dave Hall <address@hidden> <=
- Prev by Date:
[Phpgroupware-cvs] CVS: todo/setup setup.inc.php,1.13.2.3,1.13.2.3.2.1 tables_current.inc.php,1.6.2.1,1.6.2.1.2.1 tables_update.inc.php,1.13.2.3,1.13.2.3.2.1
- Next by Date:
[Phpgroupware-cvs] CVS: phpgwapi/inc class.auth_ldap.inc.php,1.17.2.1,1.17.2.1.2.1 class.common.inc.php,1.123.2.9.2.6,1.123.2.9.2.7
- Previous by thread:
[Phpgroupware-cvs] CVS: todo/setup setup.inc.php,1.13.2.3,1.13.2.3.2.1 tables_current.inc.php,1.6.2.1,1.6.2.1.2.1 tables_update.inc.php,1.13.2.3,1.13.2.3.2.1
- Next by thread:
[Phpgroupware-cvs] CVS: phpgwapi/inc class.auth_ldap.inc.php,1.17.2.1,1.17.2.1.2.1 class.common.inc.php,1.123.2.9.2.6,1.123.2.9.2.7
- Index(es):