Location: PHPKode > scripts > phpMyAccess > phpmyaccess-1.5.3/phpmyaccess/pma-ajaxcell.php
<?
//Version 5.0a108 modified for phpMyAccess on 19 Oct 2012
//Version 5.0a108 updated along with pma-editinline 08 Oct 2012 - 16 Oct 2012
//Added code when updateorselect = put -- to return True or False from sql update call 
//-- so pma-editinline can wait for post completes to reload cell from sql 
//Version 4.5.1 Added code to check for and update sql field `lastmodifiedon` on Jul 12, 2010
//Version 4.5 update along with pma-editinline on 09 Jun 2011
//Added code to check for and update sql field `lastmodifiedby` on Dec 18, 2009
//Version 4 modified for phpMyAccess on 13 Jan 2010
//Version 3.1 modified for phpMyAccess on 11 Jan 2010

include 'dbaccess.php';//to verify db to edit info
include 'pma-debuginc.php';//so that pma_errpage works

// database connection
$dbl = mysql_connect($opt['hn'],$opt['un'],$opt['pw'])
  or pma_errpage("Could not connect to MySQL");
if (!isset($opt['db'])) {
   pma_errpage("No Database defined");
} else {
	#if (!mysql_select_db($opt['db']) { pma_errpage("Unable to select database"); }
	mysql_select_db($opt['db']) or die ("Unable to select database");
}

// is auth required ??
if ($_POST['auth'] >= 1) {
  $auth_level = 0;
  include 'auth.inc.php';
  if ((!$auth_level) || ($auth_level < $_POST['auth'])) {
     // personalise this to your liking in pma_debuginc.php
     // don't switch on debug stuff in this routine unless you are testing
     Say_No_acces_then_die();
  }
}

//process other posted variables
$updateorselect=$_POST['bmethod'];
$rowId=$_POST['rowid'];//'pri%20key_name.table_name.field_name.255.1'
////\''.rawurlencode($queryuniquekey).'.'.rawurlencode($colnames[$rowcount]).'.'.$row[0].'\'
$encodedrowIdarr =explode('.',$rowId);//pri%20key_name,table_name,field_name,255,1
$prikey = "`".rawurldecode($encodedrowIdarr[0])."`";//`pri key_name`
$tblname = "`".rawurldecode($encodedrowIdarr[1])."`";//`table_name`
$cellname = "`".rawurldecode($encodedrowIdarr[2])."`";//`field_name`
$cellmaxlength = $encodedrowIdarr[3];//255 -- to be used for error checking to avoid truncation
$prikeytoupdate = $encodedrowIdarr[4];//1

if($updateorselect == 'put'){
	$celldata = $_POST['putdata'];
	
	#Below code is optional and has been used in other projects to record who last modified a row of data.
	#$sql_lastmodifiedby =  	'SHOW COLUMNS FROM '.$tblname.
	#		 				' LIKE "lastmodifiedby";';	
    #$res_lastmodifiedby = mysql_query($sql_lastmodifiedby);
	//if returned more than 0 rows... exists -->update last modify
	
	#Below code is optional and has been used in other projects to record when data was last modified.
	#$sql_lastmodifiedon =  	'SHOW COLUMNS FROM '.$tblname.
	#		 				' LIKE "lastmodifiedon";';	
    #$res_lastmodifiedon = mysql_query($sql_lastmodifiedon);
	#//if returned more than 0 rows... exists -->update last modify
	
	#if(mysql_num_rows($res_lastmodifiedby)) { //check for lastmodifiedby exists...
	#$query_getdata =  	'UPDATE '.$tblname.' set '.$cellname.' = "'.$celldata.'" ';
	#if(array_key_exists('email',$_SESSION)){ 	$query_getdata .= ', `lastmodifiedby` = "'.$_SESSION["email"].'" ';}
	#if(mysql_num_rows($res_lastmodifiedon)){ 	$query_getdata .= ', `lastmodifiedon` = NOW() ';}
	#$query_getdata .=	'WHERE '.$prikey.' = "'.$prikeytoupdate.'" ';
	#$query_result = mysql_query($query_getdata);
	#} else {//lastmodified by field doesn't exist in table -- so cant update it!!!)
		$query_getdata =  	'UPDATE '.$tblname.' set '.$cellname.' = "'.$celldata.'" '.
							'WHERE '.$prikey.' = "'.$prikeytoupdate.'" ';
		$query_result = mysql_query($query_getdata);
	#}

	//echo '{"0":"'.$query_getdata.'", '.mysql_error($query_result).' ';
	echo '{"0":"'.$query_result.'"';//Return TRUE if update successful or FALSE on error

} else if ($updateorselect == 'get'){
	$JSONid	= 0;
	echo '{';

    $query_getdata2 =  	'SELECT '.$cellname.
						' FROM '.$tblname.
			 			' WHERE '.$prikey.' = "'.$prikeytoupdate.'" ';	
    $query_result = mysql_query($query_getdata2);

	while ($row = mysql_fetch_row($query_result)) {
			$row_text	= $row[0];
		
			//Need to look at how edit screen handles verifying content is of right type and length
			//and then sanitize accordingly... existing code below sanitizes things JSON doesn't like
			//see do_change_add_field in pma-recordinc... all called functions in pma-fieldinc
			
			//sanitizes " and ' so that they are encapsulated correctly within JSON
			$row_text = str_replace("'","\'",$row_text);
			$row_text = str_replace('"','\\"',$row_text);
			//below sanitizes any form of line feed since JSON doesn't like them.
			//in future may need to find a workaround
			$row_text = str_replace("\n","",$row_text);
			$crlf = chr(13);
			$row_text = str_replace($crlf,"",$row_text);
			$crlf = chr(10);
			$row_text = str_replace($crlf,"",$row_text);

			echo'"'.$JSONid.'":';
			echo'"'.$row_text.'"';
	}
}
echo'}';
?>
Return current item: phpMyAccess