switch ($mode) {
case 'guest':
// Guests (in the registration form) are not allowed to select 0 mails per day.
- $result = SQL_QUERY('SELECT `value`,`comment` FROM `{?_MYSQL_PREFIX?}_max_receive` WHERE `value` > 0 ORDER BY `value` ASC',
+ $result = SQL_QUERY('SELECT `value`, `comment` FROM `{?_MYSQL_PREFIX?}_max_receive` WHERE `value` > 0 ORDER BY `value` ASC',
__FUNCTION__, __LINE__);
break;
case 'admin':
case 'member':
// Members are allowed to set to zero mails per day (we will change this soon!)
- $result = SQL_QUERY('SELECT `value`,`comment` FROM `{?_MYSQL_PREFIX?}_max_receive` ORDER BY `value` ASC',
+ $result = SQL_QUERY('SELECT `value`, `comment` FROM `{?_MYSQL_PREFIX?}_max_receive` ORDER BY `value` ASC',
__FUNCTION__, __LINE__);
break;
), __FUNCTION__, __LINE__, false);
} elseif (($what != 'welcome') && (!empty($what))) {
// Other actions
- $sql = SQL_QUERY_ESC("SELECT `id`,`what` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND `what`='%s'".$add." ORDER BY `action` DESC LIMIT 1",
+ $sql = SQL_QUERY_ESC("SELECT `id`, `what` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND `what`='%s'".$add." ORDER BY `action` DESC LIMIT 1",
array(
$mode,
$action,
), __FUNCTION__, __LINE__, false);
} else {
// Admin login overview
- $sql = SQL_QUERY_ESC("SELECT `id`,`what` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND (`what`='' OR `what` IS NULL)".$add." ORDER BY `action` DESC LIMIT 1",
+ $sql = SQL_QUERY_ESC("SELECT `id`, `what` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND (`what`='' OR `what` IS NULL)".$add." ORDER BY `action` DESC LIMIT 1",
array(
$mode,
$action
// Was it *not* found?
if (SQL_HASZERONUMS($result)) {
// So we add one!
- SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_links` (`%s`,`userid`,`link_type`) VALUES (%s,%s,'%s')",
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_links` (`%s`, `userid`, `link_type`) VALUES (%s,%s,'%s')",
array(
$rowName,
bigintval($statsId),
} // END - if
// Run SQL query
- $result = SQL_QUERY_ESC("SELECT `%s` AS `key`,`%s` AS `value`" . $extraColumn . " FROM `{?_MYSQL_PREFIX?}_%s` " . $whereStatement . " ORDER BY `%s` ASC",
+ $result = SQL_QUERY_ESC("SELECT `%s` AS `key`, `%s` AS `value`" . $extraColumn . " FROM `{?_MYSQL_PREFIX?}_%s` " . $whereStatement . " ORDER BY `%s` ASC",
array(
$key,
$value,
// Creates a new task
function createNewTask ($subject, $notes, $taskType, $userid = NULL, $adminId = NULL, $strip = true) {
// Insert the task data into the database
- SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_task_system` (`assigned_admin`,`userid`,`status`,`task_type`,`subject`,`text`,`task_created`) VALUES (%s,%s,'NEW','%s','%s','%s', UNIX_TIMESTAMP())",
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_task_system` (`assigned_admin`, `userid`, `status`, `task_type`, `subject`, `text`, `task_created`) VALUES (%s,%s,'NEW','%s','%s','%s', UNIX_TIMESTAMP())",
array(
convertZeroToNull($adminId),
convertZeroToNull($userid),
}
// This is the minimum query, so at least columns and tableName must have entries
- $SQL = 'SELECT ';
+ $sql = 'SELECT ';
// Get the sql part back from given array
- $SQL .= getSqlPartFromXmlArray($columns);
+ $sql .= getSqlPartFromXmlArray($columns);
// Remove last commata and add FROM statement
- $SQL .= ' FROM `{?_MYSQL_PREFIX?}_' . $tableName[0] . '`';
+ $sql .= ' FROM `{?_MYSQL_PREFIX?}_' . $tableName[0] . '`';
// Are there entries from whereColumns to add?
if (count($whereColumns) > 0) {
// Then add these as well
if (count($whereColumns) == 1) {
// One entry found
- $SQL .= ' WHERE ';
+ $sql .= ' WHERE ';
// Table/alias included?
if (!empty($whereColumns[0]['table'])) {
// Add it as well
- $SQL .= $whereColumns[0]['table'] . '.';
+ $sql .= $whereColumns[0]['table'] . '.';
} // END - if
// Add the rest
- $SQL .= '`' . $whereColumns[0]['column'] . '`' . $whereColumns[0]['condition'] . chr(39) . $whereColumns[0]['look_for'] . chr(39);
+ $sql .= '`' . $whereColumns[0]['column'] . '`' . $whereColumns[0]['condition'] . chr(39) . $whereColumns[0]['look_for'] . chr(39);
} elseif ((count($whereColumns > 1)) && (count($conditions) > 0)) {
// More than one "WHERE" + condition found
foreach ($whereColumns as $idx => $columnArray) {
// Default is WHERE
- $condition = 'WHERE';
+ $condition = ' WHERE ';
// Is the condition element there?
if (isset($conditions[$columnArray['column']])) {
// Assume the condition
- $condition = $conditions[$columnArray['column']];
+ $condition = ' ' . $conditions[$columnArray['column']] . ' ';
} // END - if
// Add to SQL query
- $SQL .= ' ' . $condition;
+ $sql .= $condition;
// Table/alias included?
if (!empty($whereColumns[$idx]['table'])) {
// Add it as well
- $SQL .= $whereColumns[$idx]['table'] . '.';
+ $sql .= $whereColumns[$idx]['table'] . '.';
} // END - if
// Add the rest
- $SQL .= '`' . $whereColumns[$idx]['column'] . '`' . $whereColumns[$idx]['condition'] . chr(39) . convertDollarDataToGetElement($whereColumns[$idx]['look_for']) . chr(39);
+ $sql .= '`' . $whereColumns[$idx]['column'] . '`' . $whereColumns[$idx]['condition'] . chr(39) . convertDollarDataToGetElement($whereColumns[$idx]['look_for']) . chr(39);
} // END - foreach
} else {
// Did not set $conditions
// Are there entries from orderByColumns to add?
if (count($orderByColumns) > 0) {
// Add them as well
- $SQL .= ' ORDER BY ';
+ $sql .= ' ORDER BY ';
foreach ($orderByColumns as $orderByColumn => $array) {
// Get keys (table/alias) and values (sorting itself)
$table = trim(implode('', array_keys($array)));
// table/alias can be omitted
if (!empty($table)) {
// table/alias is given
- $SQL .= $table . '.';
+ $sql .= $table . '.';
} // END - if
// Add order-by column
- $SQL .= '`' . $orderByColumn . '` ' . $sorting . ',';
+ $sql .= '`' . $orderByColumn . '` ' . $sorting . ',';
} // END - foreach
// Remove last column
- $SQL = substr($SQL, 0, -1);
+ $sql = substr($sql, 0, -1);
} // END - if
// Now handle all over to the inner function which will execute the listing
- doListEntries($SQL, $tableTemplate, $noEntryMessageId, $rowTemplate, $callbackColumns, $extraParameters);
+ doListEntries($sql, $tableTemplate, $noEntryMessageId, $rowTemplate, $callbackColumns, $extraParameters);
}
// Do the listing of entries
-function doListEntries ($SQL, $tableTemplate, $noEntryMessageId, $rowTemplate, $callbackColumns, $extraParameters = array()) {
+function doListEntries ($sql, $tableTemplate, $noEntryMessageId, $rowTemplate, $callbackColumns, $extraParameters = array()) {
// Run the SQL query
- $result = SQL_QUERY($SQL, __FUNCTION__, __LINE__);
+ $result = SQL_QUERY($sql, __FUNCTION__, __LINE__);
// Are there some URLs left?
if (!SQL_HASZERONUMS($result)) {
// If all values are okay, continue
if ($sqlValues[$key] !== false) {
// Build the SQL query
- $sql = 'INSERT INTO `{?_MYSQL_PREFIX?}_' . $tableName[0] . '` (`' . implode('`,`', $sqlColumns) . "`) VALUES (" . implode(',', $sqlValues) . ')';
+ $sql = 'INSERT INTO `{?_MYSQL_PREFIX?}_' . $tableName[0] . '` (`' . implode('`, `', $sqlColumns) . "`) VALUES (" . implode(',', $sqlValues) . ')';
// Run the SQL query
SQL_QUERY($sql, __FUNCTION__, __LINE__);
$sql .= ' AND `' . $userIdColumn[0] . '`=' . bigintval(postRequestElement($rawUserId[0]));
} // END - if
+ // $idColumn[0] in POST must be an array again
+ if (!is_array(postRequestElement($idColumn[0]))) {
+ // This indicates that you have conflicting form field naming with XML names
+ reportBug(__FUNCTION__, __LINE__, 'You have a wrong form field element, idColumn[0]=' . $idColumn[0]);
+ } // END - if
+
// Delete them all
- //* BUG: */ die($sql.'<br /><pre>'.print_r($idColumn,true).'</pre>');
+ //* BUG: */ die($sql.'<br /><pre>'.print_r($tableName,true).'</pre><pre>'.print_r($columns,true).'</pre><pre>'.print_r($filterFunctions,true).'</pre><pre>'.print_r($extraValues,true).'</pre><pre>'.print_r($deleteNow,true).'</pre><pre>'.print_r($idColumn,true).'</pre>');
$idList = '';
foreach (postRequestElement($idColumn[0]) as $id => $sel) {
// Is id zero?