* @author Claire Figueras */ require_once 'apps' . DIRECTORY_SEPARATOR . $_SESSION['config']['app_id'] . DIRECTORY_SEPARATOR . 'class' . DIRECTORY_SEPARATOR . 'class_business_app_tools.php'; $core = new core_tools(); $business = new business_app_tools(); $core->load_lang(); $core->load_html(); $core->load_header('', true, false); $func = new functions(); $db = new dbquery(); $db->connect(); $tmp = $business->get_titles(); $titles = $tmp['titles']; $defaultTitle = $tmp['default_title']; if ($_REQUEST['id'] == "" && $_REQUEST['mode'] == 'view') { echo ''; echo '

'._YOU_MUST_SELECT_CONTACT.'

'; exit(); } if (!empty($_REQUEST['submit'])) { $contact['ID'] = $_REQUEST['contact_id']; $contact['IS_CORPORATE_PERSON'] = $_REQUEST['is_corporate']; if ($contact['IS_CORPORATE_PERSON'] == 'Y') { $contact['SOCIETY'] = $func->wash( $_REQUEST['society'], "no", _SOCIETY." " ); $contact['LASTNAME'] = ''; } else { $contact['LASTNAME'] = $func->wash( $_REQUEST['lastname'], "no", _LASTNAME ); if ($_REQUEST['society'] <> '') { $contact['SOCIETY'] = $func->wash( $_REQUEST['society'], "no", _SOCIETY." " ); } else { $contact['SOCIETY'] = ''; } } if ($_REQUEST['title'] <> '') { $contact['TITLE'] = $func->wash( $_REQUEST['title'], "no", _TITLE2." " ); } else { $contact['TITLE'] = ''; } if ($_REQUEST['firstname'] <> '') { $contact['FIRSTNAME'] = $func->wash( $_REQUEST['firstname'], "no", _FIRSTNAME." " ); } else { $contact['FIRSTNAME'] = ''; } if ($_REQUEST['function'] <> '') { $contact['FUNCTION'] = $func->wash( $_REQUEST['function'], "no", _FUNCTION." " ); } else { $contact['FUNCTION'] = ''; } if ($_REQUEST['num'] <> '') { $contact['ADD_NUM'] = $func->wash($_REQUEST['num'], "no", _NUM." "); } else { $contact['ADD_NUM'] = ''; } if ($_REQUEST['street'] <> '') { $contact['ADD_STREET'] = $func->wash( $_REQUEST['street'], "no", _STREET." " ); } else { $contact['ADD_STREET'] = ''; } if ($_REQUEST['add_comp'] <> '') { $contact['ADD_COMP'] = $func->wash( $_REQUEST['add_comp'], "no", ADD_COMP." " ); } else { $contact['ADD_COMP'] = ''; } if ($_REQUEST['town'] <> '') { $contact['ADD_TOWN'] = $func->wash($_REQUEST['town'], "no", _TOWN." "); } else { $contact['ADD_TOWN'] = ''; } if ($_REQUEST['cp'] <> '') { $contact['ADD_CP'] = $func->wash($_REQUEST['cp'], "no", _POSTAL_CODE); } else { $contact['ADD_CP'] = ''; } if ($_REQUEST['country'] <> '') { $contact['ADD_COUNTRY'] = $func->wash( $_REQUEST['country'], "no", _COUNTRY ); } else { $contact['ADD_COUNTRY'] = ''; } if ($_REQUEST['phone'] <> '') { $contact['PHONE'] = $func->wash($_REQUEST['phone'], "no", _PHONE); } else { $contact['PHONE'] = ''; } if ($_REQUEST['mail'] <> '') { $contact['MAIL'] = $func->wash($_REQUEST['mail'], "mail", _MAIL); } else { $contact['MAIL'] = ''; } if ($_REQUEST['comp_data'] <> '') { $contact['OTHER_DATA'] = $func->wash( $_REQUEST['comp_data'], "no", _COMP_DATA ); } else { $contact['OTHER_DATA'] = ''; } if ($_REQUEST['contact_type'] <> '') { $contact['CONTACT_TYPE'] = $_REQUEST['contact_type']; } else { $contact['CONTACT_TYPE'] = 'letter'; } if ($_REQUEST['is_private'] <> '') { $contact['IS_PRIVATE'] = $_REQUEST['is_private']; } else { $contact['IS_PRIVATE'] = 'N'; } if (!empty($_SESSION['error'])) { // } else { if(isset($contact['ID'])) { $db->query( "UPDATE " . $_SESSION['tablename']['contacts'] . " SET " . "lastname = '".$func->protect_string_db($contact['LASTNAME'])."', " . "firstname = '".$func->protect_string_db($contact['FIRSTNAME'])."', " . "society = '".$func->protect_string_db($contact['SOCIETY'])."', " . "function = '".$func->protect_string_db($contact['FUNCTION'])."', " . "phone = '".$func->protect_string_db($contact['PHONE'])."', " . "email = '".$func->protect_string_db($contact['MAIL'])."', " . "address_num = '".$func->protect_string_db($contact['ADD_NUM'])."', " . "address_street = '".$func->protect_string_db($contact['ADD_STREET'])."', " . "address_complement = '".$func->protect_string_db($contact['ADD_COMP'])."', " . "address_town = '".$func->protect_string_db($contact['ADD_TOWN'])."', " . "address_postal_code = '".$func->protect_string_db($contact['ADD_CP'])."', " . "address_country = '".$func->protect_string_db($contact['ADD_COUNTRY'])."', " . "other_data = '".$func->protect_string_db($contact['OTHER_DATA'])."', " . "title = '".$func->protect_string_db($contact['TITLE'])."', " . "is_corporate_person = '".$func->protect_string_db($contact['IS_CORPORATE_PERSON'])."', " . "user_id = '".$func->protect_string_db($_SESSION['user']['UserId'])."', " . "is_private = '".$func->protect_string_db($contact['IS_PRIVATE'])."'" . " WHERE contact_id = " . $contact['ID']); } else { if ($contact['IS_CORPORATE_PERSON'] == 'Y') { $db->query( "INSERT INTO " . $_SESSION['tablename']['contacts'] . " (society, phone, email, address_num, address_street, " . "address_complement, address_town, address_postal_code, " . "address_country, other_data, is_corporate_person, user_id, is_private)" . " values ('" . $func->protect_string_db($contact['SOCIETY']) . "', '" . $func->protect_string_db($contact['PHONE']) . "', '" . $func->protect_string_db($contact['MAIL']) . "', '" . $func->protect_string_db($contact['ADD_NUM']) . "','" . $func->protect_string_db($contact['ADD_STREET']) . "', '" . $func->protect_string_db($contact['ADD_COMP']) . "', '" . $func->protect_string_db($contact['ADD_TOWN']) . "', '" . $func->protect_string_db($contact['ADD_CP']) . "', '" . $func->protect_string_db($contact['ADD_COUNTRY']) . "', '" . $func->protect_string_db($contact['OTHER_DATA']) . "', '" . $func->protect_string_db($contact['IS_CORPORATE_PERSON']) . "', '" . $func->protect_string_db($_SESSION['user']['UserId']) . "', '" . $func->protect_string_db($contact['IS_PRIVATE']). "')" ); } else { $db->query( "INSERT INTO " . $_SESSION['tablename']['contacts'] . " (lastname , firstname , society , function , phone , email," . " address_num, address_street, address_complement, " . "address_town, address_postal_code, address_country," . " other_data, title, is_corporate_person, user_id, contact_type, is_private) values ('" . $func->protect_string_db($contact['LASTNAME']) . "', '" . $func->protect_string_db($contact['FIRSTNAME']) . "', '" . $func->protect_string_db($contact['SOCIETY']) . "', '" . $func->protect_string_db($contact['FUNCTION']) . "', '" . $func->protect_string_db($contact['PHONE']) . "', '" . $func->protect_string_db($contact['MAIL']) . "', '" . $func->protect_string_db($contact['ADD_NUM']) . "','" . $func->protect_string_db($contact['ADD_STREET']) . "', '" . $func->protect_string_db($contact['ADD_COMP']) . "', '" . $func->protect_string_db($contact['ADD_TOWN']) . "', '" . $func->protect_string_db($contact['ADD_CP']) . "','" . $func->protect_string_db($contact['ADD_COUNTRY']) . "','" . $func->protect_string_db($contact['OTHER_DATA']) . "','" . $func->protect_string_db($contact['TITLE']) . "','" . $func->protect_string_db($contact['IS_CORPORATE_PERSON']) . "','" . $func->protect_string_db($_SESSION['user']['UserId']) . "', '" . $func->protect_string_db($contact['CONTACT_TYPE']). "', '" . $func->protect_string_db($contact['IS_PRIVATE']). "')" ); } } if ($contact['IS_CORPORATE_PERSON'] == 'N') { if(isset($contact['ID'])) { $db->query( "select contact_id, lastname, firstname, society from " . $_SESSION['tablename']['contacts'] . " where contact_id = " . $contact['ID'] . " and enabled = 'Y' order by contact_id desc" ); } else { $db->query( "select contact_id, lastname, firstname, society from " . $_SESSION['tablename']['contacts'] . " where lastname = '" . $func->protect_string_db($contact['LASTNAME']) . "' and firstname = '" . $func->protect_string_db($contact['FIRSTNAME']) . "' and enabled = 'Y' order by contact_id desc" ); } $res = $db->fetch_object(); if (empty($res->society)) { $value_contact = $res->lastname.', '.$res->firstname.' ('.$res->contact_id.')'; } else { $value_contact = $res->society.', '.$res->lastname.' '.$res->firstname.' ('.$res->contact_id.')'; } } else { $db->query("select contact_id, society from ".$_SESSION['tablename']['contacts']." where society = '".$func->protect_string_db($contact['SOCIETY'])."' and enabled = 'Y' order by contact_id desc"); $res = $db->fetch_object(); $value_contact = $res->society.' ('.$res->contact_id.')'; } ?> query("select * from ".$_SESSION['tablename']['contacts']." where contact_id = ".$_REQUEST['id']." "); if($db->nb_result() == 0) { $_SESSION['error'] = _CONTACT.' '._NOT_EXISTS; $state = false; } else { $contact_info = array(); $line = $db->fetch_object(); if($line->is_private == 'Y') { $is_private = true; } if($line->user_id != '') { $is_personal = true; if($line->user_id == $_SESSION['user']['UserId']) { $is_owner = true; } } $contact_info['ID'] = $line->contact_id; $contact_info['IS_CORPORATE_PERSON'] = $line->is_corporate_person; $contact_info['TITLE'] = $line->title; $contact_info['TITLE_LABEL'] = $business->get_label_title($line->title); $contact_info['LASTNAME'] = $func->show_string($line->lastname); $contact_info['FIRSTNAME'] = $func->show_string($line->firstname); $contact_info['SOCIETY'] = $func->show_string($line->society); $contact_info['FUNCTION'] = $func->show_string($line->function); $contact_info['IS_PRIVATE'] = $func->show_string($line->is_private); $contact['CONTACT_TYPE'] = $func->show_string($line->contact_type); if(!$is_private || $is_owner) { $contact_info['ADD_NUM'] = $func->show_string($line->address_num); $contact_info['ADD_STREET'] = $func->show_string($line->address_street); $contact_info['ADD_COMP'] = $func->show_string($line->address_complement); $contact_info['ADD_TOWN'] = $func->show_string($line->address_town); $contact_info['ADD_CP'] = $func->show_string($line->address_postal_code); $contact_info['ADD_COUNTRY'] = $func->show_string($line->address_country); $contact_info['PHONE'] = $func->show_string($line->phone); $contact_info['MAIL'] = $func->show_string($line->email); $contact_info['OTHER_DATA'] = $func->show_string($line->other_data); } } if($_REQUEST['mode'] == 'update') { if(!$is_personal && !$is_private) { $readonly = false; } elseif($is_personal && $is_owner) { $readonly = false; } } else if($_REQUEST['mode'] == 'add') { $readonly = false; $contact_info['IS_CORPORATE_PERSON'] == 'Y'; } //echo "

"; var_dump($contact_info); echo "

"; $core->load_js(); ?>

: onclick="javascript:show_admin_contacts(true);"/> onclick="javascript:show_admin_contacts(false);"/>

: />

: checked="checked" checked="checked" /> checked="checked" />

: />

><?php echo $func->show_str($contact_info['OTHER_DATA']); ?>

test_service('update_contacts','apps', false)) { ?>