* @author Claire Figueras */ require_once 'apps' . DIRECTORY_SEPARATOR . $_SESSION['config']['app_id'] . DIRECTORY_SEPARATOR . 'class' . DIRECTORY_SEPARATOR . 'class_business_app_tools.php'; $core = new core_tools(); $business = new business_app_tools(); $core->load_lang(); $core->load_html(); $core->load_header('', true, false); $func = new functions(); $db = new dbquery(); $db->connect(); $tmp = $business->get_titles(); $titles = $tmp['titles']; $defaultTitle = $tmp['default_title']; if ($_REQUEST['id'] == "" && $_REQUEST['mode'] == 'view') { echo ''; echo '

'._YOU_MUST_SELECT_CONTACT.'

'; exit(); } if (! empty($_REQUEST['submit'])) { $contact['IS_CORPORATE_PERSON'] = $_REQUEST['is_corporate']; if ($contact['IS_CORPORATE_PERSON'] == 'Y') { $contact['SOCIETY'] = $func->wash( $_REQUEST['society'], "no", _SOCIETY." " ); $contact['LASTNAME'] = ''; } else { $contact['LASTNAME'] = $func->wash( $_REQUEST['lastname'], "no", _LASTNAME ); if ($_REQUEST['society'] <> '') { $contact['SOCIETY'] = $func->wash( $_REQUEST['society'], "no", _SOCIETY." " ); } else { $contact['SOCIETY'] = ''; } } if ($_REQUEST['title'] <> '') { $contact['TITLE'] = $func->wash( $_REQUEST['title'], "no", _TITLE2." " ); } else { $contact['TITLE'] = ''; } if ($_REQUEST['firstname'] <> '') { $contact['FIRSTNAME'] = $func->wash( $_REQUEST['firstname'], "no", _FIRSTNAME." " ); } else { $contact['FIRSTNAME'] = ''; } if ($_REQUEST['function'] <> '') { $contact['FUNCTION'] = $func->wash( $_REQUEST['function'], "no", _FUNCTION." " ); } else { $contact['FUNCTION'] = ''; } if ($_REQUEST['num'] <> '') { $contact['ADD_NUM'] = $func->wash($_REQUEST['num'], "no", _NUM." "); } else { $contact['ADD_NUM'] = ''; } if ($_REQUEST['street'] <> '') { $contact['ADD_STREET'] = $func->wash( $_REQUEST['street'], "no", _STREET." " ); } else { $contact['ADD_STREET'] = ''; } if ($_REQUEST['add_comp'] <> '') { $contact['ADD_COMP'] = $func->wash( $_REQUEST['add_comp'], "no", ADD_COMP." " ); } else { $contact['ADD_COMP'] = ''; } if ($_REQUEST['town'] <> '') { $contact['ADD_TOWN'] = $func->wash($_REQUEST['town'], "no", _TOWN." "); } else { $contact['ADD_TOWN'] = ''; } if ($_REQUEST['cp'] <> '') { $contact['ADD_CP'] = $func->wash($_REQUEST['cp'], "no", _POSTAL_CODE); } else { $contact['ADD_CP'] = ''; } if ($_REQUEST['country'] <> '') { $contact['ADD_COUNTRY'] = $func->wash( $_REQUEST['country'], "no", _COUNTRY ); } else { $contact['ADD_COUNTRY'] = ''; } if ($_REQUEST['phone'] <> '') { $contact['PHONE'] = $func->wash($_REQUEST['phone'], "num", _PHONE); } else { $contact['PHONE'] = ''; } if ($_REQUEST['mail'] <> '') { $contact['MAIL'] = $func->wash($_REQUEST['mail'], "mail", _MAIL); } else { $contact['MAIL'] = ''; } if ($_REQUEST['comp_data'] <> '') { $contact['OTHER_DATA'] = $func->wash( $_REQUEST['comp_data'], "no", _COMP_DATA ); } else { $contact['OTHER_DATA'] = ''; } if (! empty($_SESSION['error'])) { //error } else { if ($contact['IS_CORPORATE_PERSON'] == 'Y') { $db->query( "INSERT INTO " . $_SESSION['tablename']['contacts'] . " (society, phone, email, address_num, address_street, " . "address_complement, address_town, address_postal_code, " . "address_country, other_data, is_corporate_person, user_id)" . " values ('" . $func->protect_string_db($contact['SOCIETY']) . "', '" . $func->protect_string_db($contact['PHONE']) . "', '" . $func->protect_string_db($contact['MAIL']) . "', '" . $func->protect_string_db($contact['ADD_NUM']) . "','" . $func->protect_string_db($contact['ADD_STREET']) . "', '" . $func->protect_string_db($contact['ADD_COMP']) . "', '" . $func->protect_string_db($contact['ADD_TOWN']) . "', '" . $func->protect_string_db($contact['ADD_CP']) . "', '" . $func->protect_string_db($contact['ADD_COUNTRY']) . "', '" . $func->protect_string_db($contact['OTHER_DATA']) . "', '" . $func->protect_string_db($contact['IS_CORPORATE_PERSON']) . "', '" . $func->protect_string_db($_SESSION['user']['UserId']) . "')" ); } else { $db->query( "INSERT INTO " . $_SESSION['tablename']['contacts'] . " (lastname , firstname , society , function , phone , email," . " address_num, address_street, address_complement, " . "address_town, address_postal_code, address_country," . " other_data, title, is_corporate_person, user_id) values ('" . $func->protect_string_db($contact['LASTNAME']) . "', '" . $func->protect_string_db($contact['FIRSTNAME']) . "', '" . $func->protect_string_db($contact['SOCIETY']) . "', '" . $func->protect_string_db($contact['FUNCTION']) . "', '" . $func->protect_string_db($contact['PHONE']) . "', '" . $func->protect_string_db($contact['MAIL']) . "', '" . $func->protect_string_db($contact['ADD_NUM']) . "','" . $func->protect_string_db($contact['ADD_STREET']) . "', '" . $func->protect_string_db($contact['ADD_COMP']) . "', '" . $func->protect_string_db($contact['ADD_TOWN']) . "', '" . $func->protect_string_db($contact['ADD_CP']) . "','" . $func->protect_string_db($contact['ADD_COUNTRY']) . "','" . $func->protect_string_db($contact['OTHER_DATA']) . "','" . $func->protect_string_db($contact['TITLE']) . "','" . $func->protect_string_db($contact['IS_CORPORATE_PERSON']) . "','" . $func->protect_string_db($_SESSION['user']['UserId']) . "')" ); } if ($contact['IS_CORPORATE_PERSON'] == 'N') { $db->query( "select contact_id, lastname, firstname, society from " . $_SESSION['tablename']['contacts'] . " where lastname = '" . $func->protect_string_db($contact['LASTNAME']) . "' and firstname = '" . $func->protect_string_db($contact['FIRSTNAME']) . "' and enabled = 'Y' order by contact_id desc" ); $res = $db->fetch_object(); if (empty($res->society)) { $value_contact = $res->lastname.', '.$res->firstname.' ('.$res->contact_id.')'; } else { $value_contact = $res->society.', '.$res->lastname.' '.$res->firstname.' ('.$res->contact_id.')'; } } else { $db->query("select contact_id, society from ".$_SESSION['tablename']['contacts']." where society = '".$func->protect_string_db($contact['SOCIETY'])."' and enabled = 'Y' order by contact_id desc"); $res = $db->fetch_object(); $value_contact = $res->society.' ('.$res->contact_id.')'; } ?> query("select * from ".$_SESSION['tablename']['contacts']." where contact_id = ".$_REQUEST['id']." "); if($db->nb_result() == 0) { $_SESSION['error'] = _THE_CONTACT.' '._NOT_EXISTS; $state = false; } else { $contact_info = array(); $line = $db->fetch_object(); $contact_info['ID'] = $line->contact_id; $contact_info['TITLE'] = $line->title; $contact_info['TITLE_LABEL'] = $business->get_label_title($line->title); $contact_info['LASTNAME'] = $func->show_string($line->lastname); $contact_info['FIRSTNAME'] = $func->show_string($line->firstname); $contact_info['SOCIETY'] = $func->show_string($line->society); $contact_info['FUNCTION'] = $func->show_string($line->function); $contact_info['ADD_NUM'] = $func->show_string($line->address_num); $contact_info['ADD_STREET'] = $func->show_string($line->address_street); $contact_info['ADD_COMP'] = $func->show_string($line->address_complement); $contact_info['ADD_TOWN'] = $func->show_string($line->address_town); $contact_info['ADD_CP'] = $func->show_string($line->address_postal_code); $contact_info['ADD_COUNTRY'] = $func->show_string($line->address_country); $contact_info['PHONE'] = $func->show_string($line->phone); $contact_info['MAIL'] = $func->show_string($line->email); $contact_info['OTHER_DATA'] = $func->show_string($line->other_data); $contact_info['IS_CORPORATE_PERSON'] = $func->show_string($line->is_corporate_person); } } else if($_REQUEST['mode'] == 'add') { $readonly = false; $contact_info['IS_CORPORATE_PERSON'] == 'Y'; } $core->load_js(); ?>

: checked="checked" checked="checked" onclick="javascript:show_admin_contacts(true);"/> checked="checked" onclick="javascript:show_admin_contacts( false);"/>

: /> *

: />

: /> *

: />

><?php echo $func->show_str($contact_info['OTHER_DATA']); ?>