1<?php 2 3/* 4This script has the responsibility to gather basic information necessary to retrieve data for reports. 5It is comprised of several steps designed to gather display preferences, database information, field 6information and filter/criteria information. The Report builder process is as follows: 7 8Step 1: (or script entry): displays the current listing of reports. Uses form ReportsHome.html as a UI. 9Step 2: (action=step2): After the user has selected an option, this step is followed to enter a report 10 name and the type of report it is for grouping purposes. 11Step 3: Handles the page setup information. 12Step 4: Handles the database setup and link information. 13Step 5: Handles the database field selection. 14Step 6: Handles the Criteria and filter selection. 15Export: Handled in action=step2, calls ExportReport to save report as a text file. 16Import: Handled in action=step8, calls an import function to read the setup information from a text file. 17*/ 18 19$DirectoryLevelsDeep = 2; 20$PathPrefix = '../../'; 21$PageSecurity = 2; // set security level for webERP 22// Fetch necessary include files for webERP 23require ($PathPrefix . 'includes/session.php'); 24 25// Initialize some constants 26$ReportLanguage = 'en_US'; // default language file 27define('DBReports','reports'); // name of the databse holding the main report information (ReportID) 28define('DBRptFields','reportfields'); // name of the database holding the report fields 29define ('DefRptPath',$PathPrefix . 'companies/' . $_SESSION['DatabaseName'] . '/reportwriter/'); // path to default reports 30define ('MyDocPath',$PathPrefix . 'companies/' . $_SESSION['DatabaseName'] . '/reportwriter/'); // path to user saved documents 31 32 33// Fetch necessary include files for report creator 34require_once('../languages/' . $ReportLanguage . '/reports.php'); 35require_once('defaults.php'); 36require('RCFunctions.inc'); 37 38$usrMsg = array(); // initialize array for return messages 39 40// a valid report id needs to be passed as a post field to do anything, except create new report 41if (!isset($_POST['ReportID'])) { // entered for the first time or created new report 42 $ReportID = ''; 43} else { 44 $ReportID = $_POST['ReportID']; 45 if (isset($_POST['Type'])) { // then the type was passed from the previous form 46 $Type=$_POST['Type']; 47 } else { // we only have a reportid, we need to retrieve the type from thge db to set up the forms correctly 48 $sql = "SELECT reporttype FROM ".DBReports." WHERE id='".$ReportID."'"; 49 $Result=DB_query($sql,'','',false,true); 50 $myrow = DB_fetch_array($Result); 51 $Type = $myrow[0]; 52 } 53} 54switch ($_GET['action']) { 55 default: 56 case "step2": // entered from select an action (home) page 57 // first check to see if a report was selected (except new report and import) 58 if (!isset($_GET['action']) OR ($ReportID=='' AND $_POST['todo']<>RPT_BTN_ADDNEW AND $_POST['todo']<>RPT_BTN_IMPORT)) { 59 // skip error message if back from import was pressed 60 $DropDownString = RetrieveReports(); 61 if (isset($_GET['action'])) $usrMsg[] = array('message'=>FRM_NORPT, 'level'=>'error'); 62 $FormParams = PrepStep('1'); 63 break; 64 } 65 switch ($_POST['todo']) { 66 case RPT_BTN_ADDNEW: // Fetch the defaults and got to select id screen 67 $ReportID = ''; 68 $FormParams = PrepStep('2'); 69 break; 70 case RPT_BTN_EDIT: // fetch the report information and go to the page setup screen 71 $sql = "SELECT * FROM ".DBReports." WHERE id='".$ReportID."'"; 72 $Result=DB_query($sql,'','',false,true); 73 $myrow = DB_fetch_array($Result); 74 $FormParams = PrepStep('3'); 75 break; 76 case RPT_BTN_RENAME: // Rename a report was selected, fetch the report name and show rename form 77 $sql = "SELECT reportname FROM ".DBReports." WHERE id='".$ReportID."'"; 78 $Result=DB_query($sql,'','',false,true); 79 $myrow = DB_fetch_array($Result); 80 $_POST['ReportName'] = $myrow['reportname']; 81 // continue like copy was pushed 82 case RPT_BTN_COPY: // Copy a report was selected 83 $FormParams = PrepStep('2'); 84 break; 85 case RPT_BTN_DEL: // after confirmation, delete the report and go to the main report admin menu 86 $sql= "DELETE FROM ".DBReports." WHERE id = ".$ReportID.";"; 87 $Result=DB_query($sql,'','',false,true); 88 $sql= "DELETE FROM ".DBRptFields." WHERE reportid = ".$ReportID.";"; 89 $Result=DB_query($sql,'','',false,true); 90 // reload main entry form 91 default: 92 $DropDownString = RetrieveReports(); 93 $FormParams = PrepStep('1'); 94 break; 95 case RPT_BTN_EXPORT: 96 ExportReport($ReportID); // We don't return from here, we exit the script 97 break; 98 case RPT_BTN_IMPORT: // show the file import form 99 $ReportName = ''; 100 $FormParams = PrepStep('imp'); 101 break; 102 } 103 break; // End Step 2 104 105 case "step3": // entered from id setup page 106 switch ($_POST['todo']) { 107 case RPT_BTN_REPLACE: // Erase the default report and copy a new one with the same name 108 if (isset($_POST['ReplaceReportID'])) { // then we need to delete the report to replace 109 $sql= "DELETE FROM ".DBReports." WHERE id = ".$_POST['ReplaceReportID'].";"; 110 $Result=DB_query($sql,'','',false,true); 111 $sql= "DELETE FROM ".DBRptFields." WHERE reportid = ".$_POST['ReplaceReportID'].";"; 112 $Result=DB_query($sql,'','',false,true); 113 } 114 // report has been deleted, continue to create or copy (in case 'Continue' below) 115 case RPT_BTN_CONT: // fetch the report information and go to the page setup screen 116 // input error check reportname, blank duplicate, bad characters, etc. 117 if ($_POST['ReportName']=='') { // no report name was entered, error and reload form 118 $usrMsg[] = array('message'=>RPT_NORPT, 'level'=>'error'); 119 $FormParams = PrepStep('2'); 120 break; 121 } 122 // check for duplicate report name 123 $sql = "SELECT id FROM ".DBReports." WHERE reportname='".addslashes($_POST['ReportName'])."';"; 124 $Result=DB_query($sql,'','',false,true); 125 if (DB_num_rows($Result)>0) { // then we have a duplicate report name, error and reload 126 $myrow = DB_fetch_array($Result); 127 $ReplaceReportID = $myrow['id']; // save the duplicate report id 128 $usrMsg[] = array('message'=>RPT_SAVEDUP, 'level'=>'error'); 129 $usrMsg[] = array('message'=>RPT_DEFDEL, 'level'=>'warn'); 130 $FormParams = PrepStep('2'); 131 break; 132 } 133 // Input validated perform requested operation 134 if ($ReportID=='') { // then it's a new report 135 // Check to see if a form or report to create 136 if ($_POST['NewType']=='') { // then no type selected, error and re-display form 137 $usrMsg[] = array('message'=>RPT_NORPTTYPE, 'level'=>'warn'); 138 $FormParams = PrepStep('2'); 139 break; 140 } elseif ($_POST['NewType']=='rpt') { // a report, read the groupname 141 $GroupName = $_POST['GroupName']; 142 } elseif ($_POST['NewType']=='frm') { // a form, set the groupname 143 $GroupName = $_POST['FormGroup']; 144 } 145 $Type = $_POST['NewType']; 146 $sql = "INSERT INTO ".DBReports." (reportname, reporttype, groupname, defaultreport) 147 VALUES ('".addslashes($_POST['ReportName'])."', '".$Type."', '".$GroupName."', '1')"; 148 $Result=DB_query($sql,'','',false,true); 149 $ReportID = DB_Last_Insert_ID(DBReports,'id'); 150 // Set some default report information: date display default choices to 'ALL' 151 if ($Type<>'frm') { // set the truncate long descriptions default 152 $sql = "INSERT INTO ".DBRptFields." (reportid, entrytype, params, displaydesc) 153 VALUES (".$ReportID.", 'trunclong', '0', '');"; 154 $Result=DB_query($sql,'','',false,true); 155 } else { // it's a form so write a default form break record 156 $sql = "INSERT INTO ".DBRptFields." (reportid, entrytype, params, displaydesc) 157 VALUES (".$ReportID.", 'grouplist', '', '');"; 158 $Result=DB_query($sql,'','',false,true); 159 } 160 $sql = "INSERT INTO ".DBRptFields." (reportid, entrytype, fieldname, displaydesc) 161 VALUES (".$ReportID.", 'dateselect', '', 'a');"; 162 $Result=DB_query($sql,'','',false,true); 163 } else { // copy the report and all fields to the new report name 164 $OrigID = $ReportID; 165 // Set the report id to 0 to prepare to copy 166 $sql = "UPDATE ".DBReports." SET id=0 WHERE id=".$ReportID.";"; 167 $Result=DB_query($sql,'','',false,true); 168 $sql = "INSERT INTO ".DBReports." SELECT * FROM ".DBReports." WHERE id = 0;"; 169 $Result=DB_query($sql,'','',false,true); 170 // Fetch the id entered 171 $ReportID = DB_Last_Insert_ID(DBReports,'id'); 172 // Restore original report ID from 0 173 $sql = "UPDATE ".DBReports." SET id=".$OrigID." WHERE id=0;"; 174 $Result=DB_query($sql,'','',false,true); 175 // Set the report name and group name per the form 176 $sql = "UPDATE ".DBReports." SET 177 reportname = '" . DB_escape_string($_POST['ReportName']) . "' 178 WHERE id =".$ReportID.";"; 179 $Result=DB_query($sql,'','',false,true); 180 // fetch the fields and duplicate 181 $sql = "SELECT * FROM ".DBRptFields." WHERE reportid=".$OrigID.";"; 182 $Result=DB_query($sql,'','',false,true); 183 while ($temp = DB_fetch_array($Result)) $field[] = $temp; 184 foreach ($field as $row) { 185 $sql = "INSERT INTO ".DBRptFields." (reportid, entrytype, seqnum, fieldname, 186 displaydesc, visible, columnbreak, params) 187 VALUES (".$ReportID.", '".$row['entrytype']."', ".$row['seqnum'].", 188 '".$row['fieldname']."', '".$row['displaydesc']."', '".$row['visible']."', 189 '".$row['columnbreak']."', '".$row['params']."');"; 190 $Result=DB_query($sql,'','',false,true); 191 } 192 } 193 // read back in new data for next screen (will set defaults as defined in the db) 194 $sql = "SELECT * FROM ".DBReports." WHERE id='".$ReportID."'"; 195 $Result=DB_query($sql,'','',false,true); 196 $myrow = DB_fetch_array($Result); 197 $FormParams = PrepStep('3'); 198 break; 199 200 case RPT_BTN_RENAME: // Rename a report was selected, fetch the report name and update 201 // input error check reportname, blank duplicate, bad characters, etc. 202 if ($_POST['ReportName']=='') { // no report name was entered, error and reload form 203 $usrMsg[] = array('message'=>RPT_NORPT, 'level'=>'error'); 204 $FormParams = PrepStep('2'); 205 break; 206 } 207 // check for duplicate report name 208 $sql = "SELECT id FROM ".DBReports." WHERE reportname='".addslashes($_POST['ReportName'])."';"; 209 $Result=DB_query($sql,'','',false,true); 210 if (DB_num_rows($Result)>0) { // then we have a duplicate report name, error and reload 211 $myrow = DB_fetch_array($Result); 212 if ($myrow['id']<>$ReportID) { // then the report has a duplicate name to something other than itself, error 213 $usrMsg[] = array('message'=>RPT_REPDUP, 'level'=>'error'); 214 $FormParams = PrepStep('2'); 215 break; 216 } 217 } 218 $sql = "UPDATE ".DBReports." SET reportname='".addslashes($_POST['ReportName'])."' WHERE id=".$ReportID.";"; 219 $Result=DB_query($sql,'','',false,true); 220 $usrMsg[] = array('message'=>RPT_UPDATED, 'level'=>'success'); 221 // continue with default to return to reports home 222 case RPT_BTN_BACK: 223 default: // bail to reports home 224 $DropDownString = RetrieveReports(); 225 $FormParams = PrepStep('1'); 226 } 227 break; 228 229 case "step4": // entered from page setup page 230 switch ($_POST['todo']) { 231 case RPT_BTN_UPDATE: 232 $success = UpdatePageFields($ReportID); 233 // read back in new data for next screen (will set defaults as defined in the db) 234 $sql = "SELECT * FROM ".DBReports." WHERE id='".$ReportID."'"; 235 $Result=DB_query($sql,'','',false,true); 236 $myrow = DB_fetch_array($Result); 237 $FormParams = PrepStep('3'); 238 break; 239 case RPT_BTN_CONT: // fetch the report information and go to the page setup screen 240 $success = UpdatePageFields($ReportID); 241 // read in the data for the next form 242 $sql = "SELECT table1, 243 table2, table2criteria, 244 table3, table3criteria, 245 table4, table4criteria, 246 table5, table5criteria, 247 table6, table6criteria, 248 reportname 249 FROM " . DBReports . " WHERE id='".$ReportID."'"; 250 $Result=DB_query($sql,'','',false,true); 251 $myrow = DB_fetch_array($Result); 252 $numrows = DB_num_rows($Result); 253 $FormParams = PrepStep('4'); 254 break; 255 case RPT_BTN_BACK: 256 default: // bail to reports home 257 $DropDownString = RetrieveReports(); 258 $FormParams = PrepStep('1'); 259 } 260 break; 261 262 case "step5": // entered from dbsetup page 263 switch ($_POST['todo']) { 264 case RPT_BTN_BACK: 265 $sql = "SELECT * FROM ".DBReports." WHERE id='".$ReportID."'"; 266 $Result=DB_query($sql,'','',false,true); 267 $myrow = DB_fetch_array($Result); 268 $FormParams = PrepStep('3'); 269 break; 270 case RPT_BTN_UPDATE: 271 case RPT_BTN_CONT: // fetch the report information and go to the page setup screen 272 if ($_POST['Table1']) { 273 $sql = "SELECT table1 FROM ".DBReports." WHERE id='".$ReportID."'"; 274 $Result=DB_query($sql,'','',false,true); 275 $myrow = DB_fetch_row($Result); 276 if ($myrow[0] != $_POST['Table1']) { 277 unset($_POST['Table2']); unset($_POST['Table2Criteria']); 278 unset($_POST['Table3']); unset($_POST['Table3Criteria']); 279 unset($_POST['Table4']); unset($_POST['Table4Criteria']); 280 unset($_POST['Table5']); unset($_POST['Table5Criteria']); 281 unset($_POST['Table6']); unset($_POST['Table6Criteria']); 282 } 283 } 284 $success = UpdateDBFields($ReportID); 285 if (!$success OR $_POST['todo']==RPT_BTN_UPDATE) { 286 // update fields and stay on this form 287 if (!$success) $usrMsg[] = array('message'=>RPT_DUPDB, 'level'=>'error'); 288 // read back in new data for next screen (will set defaults as defined in the db) 289 $sql = "SELECT table1, 290 table2, table2criteria, 291 table3, table3criteria, 292 table4, table4criteria, 293 table5, table5criteria, 294 table6, table6criteria, 295 reportname 296 FROM ".DBReports." WHERE id='".$ReportID."'"; 297 $Result=DB_query($sql,'','',false,true); 298 $myrow = DB_fetch_array($Result); 299 $FormParams = PrepStep('4'); 300 break; 301 } 302 // read in fields and continue to next form 303 $reportname = $_POST['ReportName']; 304 $FieldListings = RetrieveFields('fieldlist'); 305 $FormParams = PrepStep('5'); 306 break; 307 default: // bail to reports home 308 $DropDownString = RetrieveReports(); 309 $FormParams = PrepStep('1'); 310 } 311 break; 312 313 case "step6": // entered from field setup page 314 if (!isset($_POST['todo'])) { // then a sequence image button was pushed 315 $SeqNum = $_POST['SeqNum']; //fetch the sequence number 316 if (isset($_POST['up_x'])) { // the shift up button was pushed, check for not at first sequence 317 if ($SeqNum<>1) $success = ChangeSequence($SeqNum, 'fieldlist', 'up'); 318 $FieldListings = RetrieveFields('fieldlist'); 319 } elseif (isset($_POST['dn_x'])) { // the shift down button was pushed 320 $sql = "SELECT seqnum FROM ".DBRptFields." WHERE reportid = ".$ReportID." AND entrytype = 'fieldlist';"; 321 $Result=DB_query($sql,'','',false,true); 322 if ($SeqNum<DB_num_rows($Result)) $success = ChangeSequence($SeqNum, 'fieldlist', 'down'); 323 $FieldListings = RetrieveFields('fieldlist'); 324 } elseif (isset($_POST['ed_x'])) { // the sequence edit button was pushed 325 // pre fill form with the field to edit and change button name 326 $FieldListings = RetrieveFields('fieldlist'); 327 $sql = "SELECT * FROM ".DBRptFields." 328 WHERE reportid = ".$ReportID." AND entrytype = 'fieldlist' AND seqnum=".$SeqNum.";"; 329 $Result=DB_query($sql,'','',false,true); 330 $FieldListings['defaults'] = DB_fetch_array($Result); 331 $FieldListings['defaults']['buttonvalue'] = RPT_BTN_CHANGE; 332 } elseif (isset($_POST['rm_x'])) { // the sequence remove button was pushed 333 $success = DeleteSequence($_POST['SeqNum'], 'fieldlist'); 334 $FieldListings = RetrieveFields('fieldlist'); 335 } 336 $reportname = $_POST['ReportName']; 337 $FormParams = PrepStep('5'); 338 } else { 339 switch ($_POST['todo']) { 340 case RPT_BTN_BACK: 341 $sql = "SELECT table1, 342 table2, table2criteria, 343 table3, table3criteria, 344 table4, table4criteria, 345 table5, table5criteria, 346 table6, table6criteria, 347 reportname 348 FROM ".DBReports." WHERE id='".$ReportID."'"; 349 $Result=DB_query($sql,'','',false,true); 350 $myrow = DB_fetch_array($Result); 351 $FormParams = PrepStep('4'); 352 break; 353 case RPT_BTN_ADDNEW: 354 case RPT_BTN_CHANGE: 355 // error check input 356 $IsValidField = ValidateField($ReportID, $_POST['FieldName'], $_POST['DisplayDesc']); 357 if (!$IsValidField) { // then user entered a bad fieldname or description, error and reload 358 $usrMsg[] = array('message'=>RPT_BADFLD, 'level'=>'error'); 359 // reload form with bad data entered as field defaults, ready to be editted 360 $FieldListings = RetrieveFields('fieldlist'); 361 $FieldListings['defaults']['seqnum']=$_POST['SeqNum']; 362 $FieldListings['defaults']['fieldname']=$_POST['FieldName']; 363 $FieldListings['defaults']['displaydesc']=$_POST['DisplayDesc']; 364 $FieldListings['defaults']['columnbreak']=$_POST['ColumnBreak']; 365 $FieldListings['defaults']['visible']=$_POST['Visible']; 366 $FieldListings['defaults']['params']=$_POST['Params']; 367 if ($_POST['todo']==RPT_BTN_ADDNEW) { // add new so insert 368 $FieldListings['defaults']['buttonvalue'] = RPT_BTN_ADDNEW; 369 } else { // exists, so update it. 370 $FieldListings['defaults']['buttonvalue'] = RPT_BTN_CHANGE; 371 } 372 $reportname = $_POST['ReportName']; 373 $FormParams = PrepStep('5'); 374 break; 375 } 376 if ($_POST['todo']==RPT_BTN_ADDNEW) { // add new so insert 377 $_POST['SeqNum'] = InsertSequence($_POST['SeqNum'], 'fieldlist'); 378 } else { // exists, so update it. 379 $success = UpdateSequence('fieldlist'); 380 } 381 if ($Type<>'frm') { 382 $FieldListings = RetrieveFields('fieldlist'); 383 $reportname = $_POST['ReportName']; 384 $FormParams = PrepStep('5'); 385 break; 386 } 387 // Go to the properties screen for the field just entered 388 case RPT_BTN_PROP: // Enter the properties of a given field 389 // see what form needs to be loaded and load based on index stored in params variable 390 $SeqNum = $_POST['SeqNum']; 391 $sql = "SELECT id, displaydesc, params FROM ".DBRptFields." 392 WHERE reportid = ".$ReportID." AND entrytype='fieldlist' AND seqnum = ".$SeqNum.";"; 393 $Result = DB_query($sql,'','',false,true); 394 $myrow = DB_fetch_assoc($Result); 395 $Params = unserialize($myrow['params']); 396 $reportname = $_POST['ReportName']; 397 $ButtonValue = RPT_BTN_ADDNEW; // default the field button to Add New for form entry 398 $FormParams = PrepStep('prop'); 399 $FormParams['id'] = $myrow['id']; 400 $DisplayName = $myrow['displaydesc']; 401 break; 402 case RPT_BTN_CONT: // fetch the report information and go to the page setup screen 403 $DateListings = RetrieveFields('dateselect'); 404 $DateListings = $DateListings['lists'][0]; // only need the first field 405 $TruncListings = RetrieveFields('trunclong'); 406 $TruncListings = $TruncListings['lists'][0]; // only need the first field 407 $SortListings = RetrieveFields('sortlist'); 408 $GroupListings = RetrieveFields('grouplist'); 409 $CritListings = RetrieveFields('critlist'); 410 $reportname = $_POST['ReportName']; 411 $FormParams = PrepStep('6'); 412 break; 413 default: // bail to reports home 414 $DropDownString = RetrieveReports(); 415 $FormParams = PrepStep('1'); 416 break; 417 } 418 } 419 break; 420 421 case "step6a": // entered from properties page for fields 422 $ButtonValue = RPT_BTN_ADDNEW; // default the field button to Add New unless overidden by the edit image pressed 423 $reportname = $_POST['ReportName']; 424 $SeqNum = $_POST['SeqNum']; 425 // first fetch the original Params 426 $sql = "SELECT id, params FROM ".DBRptFields." 427 WHERE reportid = ".$ReportID." AND entrytype='fieldlist' AND seqnum = ".$SeqNum.";"; 428 $Result = DB_query($sql,'','',false,true); 429 $myrow = DB_fetch_assoc($Result); 430 $Params = unserialize($myrow['params']); 431 if (!isset($_POST['todo'])) { // then a sequence image button was pushed, we must be in form table entry 432 $success = ModFormTblEntry($Params); 433 if (!$success) { // check for errors 434 $usrMsg[] = array('message'=>RPT_BADDATA, 'level'=>'error'); 435 } else { // update the database 436 $sql = "UPDATE ".DBRptFields." SET params='".serialize($Params)."' WHERE id = ".$_POST['ID'].";"; 437 $Result=DB_query($sql,'','',false,true); 438 if ($success=='edit') { // then the edit button was pressed, change button name from Add New to Change 439 $ButtonValue = RPT_BTN_CHANGE; 440 } 441 } 442 // Update field properties 443 $FormParams = PrepStep('prop'); 444 $FormParams['id'] = $myrow['id']; 445 } else { 446 // fetch the choices with the form post data 447 foreach ($_POST as $key=>$value) $Params[$key]=$value; 448 // check for what button or image was pressed 449 switch ($_POST['todo']) { 450 case RPT_BTN_CANCEL: 451 $FieldListings = RetrieveFields('fieldlist'); 452 $FormParams = PrepStep('5'); 453 break; 454 case RPT_BTN_ADD: 455 case RPT_BTN_REMOVE: // For the total parameters gather the list of fieldnames 456 // Process the button pushed 457 if ($_POST['todo']==RPT_BTN_REMOVE) { // the remove button was pressed 458 $Index = $_POST['FieldIndex']; 459 if ($Index<>'') $Params['Seq'] = array_merge(array_slice($Params['Seq'],0,$Index),array_slice($Params['Seq'],$Index+1)); 460 } else { // it's the add button, error check 461 if ($_POST['TotalField']=='') { 462 $usrMsg[] = array('message'=>RPT_BADFLD, 'level'=>'error'); 463 // reload form with bad data entered as field defaults, ready to be editted 464 $DisplayName =$_POST['DisplayName']; 465 $FormParams = PrepStep('prop'); 466 $FormParams['id'] = $myrow['id']; 467 break; 468 } 469 $Params['Seq'][] = $_POST['TotalField']; 470 } 471 // Update field properties 472 $sql = "UPDATE ".DBRptFields." SET params='".serialize($Params)."' WHERE id = ".$_POST['ID'].";"; 473 $Result=DB_query($sql,'','',false,true); 474 $Params['TotalField']=''; 475 $FormParams = PrepStep('prop'); 476 $FormParams['id'] = $myrow['id']; 477 break; 478 case RPT_BTN_CHANGE: 479 case RPT_BTN_ADDNEW: 480 // Error Check input, see if user entered a bad fieldname or description, error and reload 481 if ($_POST['TblField']=='' OR ($Params['index']=='Tbl' AND $_POST['TblDesc']=='')) { 482 $usrMsg[] = array('message'=>RPT_BADFLD, 'level'=>'error'); 483 // reload form with bad data entered as field defaults, ready to be editted 484 if ($_POST['todo']==RPT_BTN_ADDNEW) $ButtonValue = RPT_BTN_ADDNEW; 485 else $ButtonValue = RPT_BTN_CHANGE; 486 $DisplayName =$_POST['DisplayName']; 487 $FormParams = PrepStep('prop'); 488 $FormParams['id'] = $myrow['id']; 489 break; 490 } 491 if ($_POST['todo']==RPT_BTN_ADDNEW) $success = InsertFormSeq($Params,'insert'); 492 else $success = InsertFormSeq($Params, 'update'); 493 // continue on 494 case RPT_BTN_UPDATE: 495 case RPT_BTN_FINISH: // Enter the properties of a given field and return to the field setup screen 496 // additional processing for the image upload in the form image type 497 if ($Params['index']=='Img') { 498 $success = ImportImage(); 499 if ($success['result']=='error') { // image upload failed 500 $usrMsg[] = array('message'=>$success['message'], 'level'=>'error'); 501 $FormParams = PrepStep('prop'); 502 $FormParams['id'] = $myrow['id']; 503 break; 504 } else { 505 $Params['filename'] = $success['filename']; 506 } 507 } 508 // reset the sequence defaults to null for Table type only 509 if ($Params['index']=='Tbl' OR $Params['index']=='TBlk') { 510 $Params['TblSeqNum'] = ''; 511 $Params['TblField'] = ''; 512 $Params['TblDesc'] = ''; 513 $Params['Processing'] = ''; 514 } 515 // Update field properties 516 $sql = "UPDATE ".DBRptFields." SET params='".serialize($Params)."' WHERE id = ".$_POST['ID'].";"; 517 $Result=DB_query($sql,'','',false,true); 518 // check for update errors and reload 519 if ($_POST['todo']==RPT_BTN_FINISH) { // no errors and finished so return to field setup 520 $FieldListings = RetrieveFields('fieldlist'); 521 $FormParams = PrepStep('5'); 522 } else { // print error message if need be and reload parameter form 523 $DisplayName =$_POST['DisplayName']; 524 $FormParams = PrepStep('prop'); 525 $FormParams['id'] = $myrow['id']; 526 } 527 break; 528 default: // bail to reports home 529 $DropDownString = RetrieveReports(); 530 $FormParams = PrepStep('1'); 531 break; 532 } 533 } 534 break; 535 536 case "step7": // entered from criteria setup page 537 $OverrideDefaults = false; 538 if (!isset($_POST['todo'])) { // then a sequence image button was pushed 539 $SeqNum = $_POST['SeqNum']; //fetch the sequence number 540 $EntryType = $_POST['EntryType']; //fetch the entry type 541 if (isset($_POST['up_x'])) { // the shift up button was pushed 542 if ($SeqNum<>1) $success = ChangeSequence($_POST['SeqNum'], $EntryType, 'up'); 543 } elseif (isset($_POST['dn_x'])) { // the shift down button was pushed 544 $sql = "SELECT seqnum FROM ".DBRptFields." WHERE reportid = ".$ReportID." AND entrytype = '".$EntryType."';"; 545 $Result=DB_query($sql,'','',false,true); 546 if ($SeqNum<DB_num_rows($Result)) $success = ChangeSequence($_POST['SeqNum'], $EntryType, 'down'); 547 } elseif (isset($_POST['ed_x'])) { // the sequence edit button was pushed 548 $OverrideDefaults = true; 549 // pre fill form with the field to edit and change button name 550 $sql = "SELECT * FROM ".DBRptFields." 551 WHERE reportid = ".$ReportID." AND entrytype = '".$EntryType."' AND seqnum=".$SeqNum.";"; 552 $Result=DB_query($sql,'','',false,true); 553 $NewDefaults['defaults'] = DB_fetch_array($Result); 554 $NewDefaults['defaults']['buttonvalue'] = RPT_BTN_CHANGE; 555 } elseif (isset($_POST['rm_x'])) { // the sequence remove button was pushed 556 $success = DeleteSequence($_POST['SeqNum'], $EntryType); 557 } 558 $reportname = $_POST['ReportName']; 559 $FormParams = PrepStep('6'); 560 } else { 561 switch ($_POST['todo']) { 562 case RPT_BTN_BACK: 563 $reportname = $_POST['ReportName']; 564 $FormParams = PrepStep('5'); 565 break; 566 case RPT_BTN_ADDNEW: 567 case RPT_BTN_CHANGE: 568 $EntryType = $_POST['EntryType']; //fetch the entry type 569 // error check input 570 $IsValidField = ValidateField($ReportID, $_POST['FieldName'], $_POST['DisplayDesc']); 571 if (!$IsValidField) { // then user entered a bad fieldname or description, error and reload 572 $usrMsg[] = array('message'=>RPT_BADFLD, 'level'=>'error'); 573 // reload form with bad data entered as field defaults, ready to be editted 574 $OverrideDefaults = true; 575 $NewDefaults['defaults']['seqnum']=$_POST['SeqNum']; 576 $NewDefaults['defaults']['fieldname']=$_POST['FieldName']; 577 $NewDefaults['defaults']['displaydesc']=$_POST['DisplayDesc']; 578 if (isset($_POST['Params'])) $NewDefaults['defaults']['params']=$_POST['Params']; 579 if ($_POST['todo']==RPT_BTN_ADDNEW) { // add new so insert 580 $NewDefaults['defaults']['buttonvalue'] = RPT_BTN_ADDNEW; 581 } else { // exists, so update it. 582 $NewDefaults['defaults']['buttonvalue'] = RPT_BTN_CHANGE; 583 } 584 } else { // fetch the input results and save them 585 if ($_POST['todo']==RPT_BTN_ADDNEW) { // add new so insert 586 $success = InsertSequence($_POST['SeqNum'], $EntryType); 587 } else { // record exists, so update it. 588 $success = UpdateSequence($EntryType); 589 } 590 } 591 $reportname = $_POST['ReportName']; 592 $FormParams = PrepStep('6'); 593 break; 594 case RPT_BTN_UPDATE: // update the date and general options fields, reload form 595 case RPT_BTN_FINISH: // update fields and return to report manager screen 596 default: // bail to reports home 597 //fetch the entry type 598 if (isset($_POST['EntryType'])) $EntryType = $_POST['EntryType']; else $EntryType = ''; 599 // build date string of choices from user 600 $DateString = ''; 601 for ($i=1; $i<=count($DateChoices); $i++) { 602 if (isset($_POST['DateRange'.$i])) $DateString .= $_POST['DateRange'.$i]; 603 } 604 // error check input for date 605 if ($DateString=='' OR $DateString=='a') { // then the report is date independent 606 $_POST['DateField'] = ''; // clear the date field since we don't need it 607 $IsValidField = true; // 608 } else { // check the input for a valid fieldname 609 $IsValidField = ValidateField($ReportID, $_POST['DateField'], 'TestField'); 610 } 611 if ($Type=='frm' AND $IsValidField) { 612 $IsValidField = ValidateField($ReportID, $_POST['FormBreakField'], 'TestField'); 613 } 614 if (!$IsValidField) { // then user entered a bad fieldname or description, error and reload 615 $usrMsg[] = array('message'=>RPT_BADFLD, 'level'=>'error'); 616 // reload form with bad data entered as field defaults, ready to be editted 617 $DateListings['displaydesc'] = $DateString; 618 $DateListings['params'] = $_POST['DefDate']; 619 $DateListings['fieldname'] = $_POST['DateField']; 620 if ($Type=='frm') $GroupListings['lists'][0]['fieldname'] = $_POST['FormBreakField']; 621 $reportname = $_POST['ReportName']; 622 $DateError = true; 623 $FormParams = PrepStep('6'); 624 break; 625 } else { // fetch the input results and save them 626 $DateError = false; 627 $success = UpdateCritFields($ReportID, $DateString); 628 } 629 // read in fields for next form 630 $reportname = $_POST['ReportName']; 631 if ($_POST['todo']==RPT_BTN_FINISH) { // then finish was pressed 632 $DropDownString = RetrieveReports(); // needed to return to reports manager home 633 $FormParams = PrepStep('1'); 634 } else { // update was pressed, return to criteria form 635 $FormParams = PrepStep('6'); 636 } 637 break; 638 } 639 } 640 // reload fields to display form 641 $FieldListings = RetrieveFields('fieldlist'); // needed for GO Back (fields) screen 642 // Below needed to reload criteria form 643 if (!$DateError) { 644 $DateListings = RetrieveFields('dateselect'); 645 $DateListings = $DateListings['lists'][0]; // only need the first field 646 } 647 $TruncListings = RetrieveFields('trunclong'); 648 $TruncListings = $TruncListings['lists'][0]; // only need the first field 649 $SortListings = RetrieveFields('sortlist'); 650 $GroupListings = RetrieveFields('grouplist'); 651 $CritListings = RetrieveFields('critlist'); 652 // override defaults used for edit of existing fields. 653 if ($OverrideDefaults) { 654 switch ($EntryType) { 655 case "sortlist": 656 $SortListings['defaults'] = $NewDefaults['defaults']; 657 $SortListings['defaults']['buttonvalue'] = $NewDefaults['defaults']['buttonvalue']; 658 break; 659 case "grouplist": 660 $GroupListings['defaults'] = $NewDefaults['defaults']; 661 $GroupListings['defaults']['buttonvalue'] = $NewDefaults['defaults']['buttonvalue']; 662 break; 663 case "critlist": 664 $CritListings['defaults'] = $NewDefaults['defaults']; 665 $CritListings['defaults']['buttonvalue'] = $NewDefaults['defaults']['buttonvalue']; 666 break; 667 } 668 } 669 break; // End Step 7 670 671 case "step8": // Entered from import report form 672 switch ($_POST['todo']) { 673 case RPT_BTN_IMPORT: // Error check input and import the new report 674 $success = ImportReport(trim($_POST['reportname'])); 675 $usrMsg[] = array('message'=>$success['message'], 'level'=>$success['result']); 676 if ($success['result']=='error') { 677 $FormParams = PrepStep('imp'); 678 break; 679 } 680 // All through and imported successfully, return to reports home page 681 case RPT_BTN_BACK: 682 default: 683 $DropDownString = RetrieveReports(); 684 $FormParams = PrepStep('1'); 685 } 686 break; // End Step 8 687} // end switch 688 689$Title = $FormParams['title']; // fetch the title for the header.php file 690 691include ($PathPrefix . 'includes/header.php'); 692if ($usrMsg) foreach ($usrMsg as $temp) prnmsg($temp['message'],$temp['level']); 693include ($FormParams['IncludePage']); 694include ($PathPrefix . 'includes/footer.php'); 695// End main body 696?> 697