Revision: 1484
http://mrbs.svn.sourceforge.net/mrbs/?rev=1484&view=rev
Author: cimorrison
Date: 2010-09-30 14:12:22 +0000 (Thu, 30 Sep 2010)
Log Message:
-----------
Merged in latest changes from the trunk
Modified Paths:
--------------
mrbs/branches/provisional_bookings_new_style/INSTALL
mrbs/branches/provisional_bookings_new_style/web/add.php
mrbs/branches/provisional_bookings_new_style/web/admin.php
mrbs/branches/provisional_bookings_new_style/web/edit_area_room.php
mrbs/branches/provisional_bookings_new_style/web/edit_entry.php
mrbs/branches/provisional_bookings_new_style/web/edit_entry_handler.php
mrbs/branches/provisional_bookings_new_style/web/edit_users.php
mrbs/branches/provisional_bookings_new_style/web/functions.inc
mrbs/branches/provisional_bookings_new_style/web/internalconfig.inc.php
mrbs/branches/provisional_bookings_new_style/web/lang.en
mrbs/branches/provisional_bookings_new_style/web/mrbs_sql.inc
mrbs/branches/provisional_bookings_new_style/web/systemdefaults.inc.php
Property Changed:
----------------
mrbs/branches/provisional_bookings_new_style/
mrbs/branches/provisional_bookings_new_style/web/upgrade/5/pgsql.sql
Property changes on: mrbs/branches/provisional_bookings_new_style
___________________________________________________________________
Modified: svn:mergeinfo
- /mrbs/branches/custom_entry_fields:1374-1396
/mrbs/branches/datepicker:1409-1416
/mrbs/branches/improve_css_2008_06:804-872
/mrbs/branches/provisional_bookings:1242-1280
/mrbs/trunk:1407-1477
+ /mrbs/branches/custom_entry_fields:1374-1396
/mrbs/branches/datepicker:1409-1416
/mrbs/branches/improve_css_2008_06:804-872
/mrbs/branches/provisional_bookings:1242-1280
/mrbs/trunk:1407-1483
Modified: mrbs/branches/provisional_bookings_new_style/INSTALL
===================================================================
--- mrbs/branches/provisional_bookings_new_style/INSTALL 2010-09-30
13:16:21 UTC (rev 1483)
+++ mrbs/branches/provisional_bookings_new_style/INSTALL 2010-09-30
14:12:22 UTC (rev 1484)
@@ -164,9 +164,17 @@
and handle them automatically, displaying the information in the lists of rooms
and users and allowing you to edit the data in the appropriate forms.
-NOTE: if you are adding a field to the entry table you must add an
+NOTES:
+(1) if you are adding a field to the entry table you must add an
identical field to the repeat table. If you do not MRBS will fail with
a fatal error when you try and run it.
+(2) names must consist of letters, numbers or underscores. If you are
+using PostgreSQL then the name must begin with a letter or an underscore.
+If you are using MySQL then there is no restriction on the first character
+as long as it is in the permitted set, ie a letter, number or underscore.
+(Although MySQL will allow other characters in column names, MRBS imposes
+restrictions on the characters allowed in order to simplify the code. For
+a technical explanation see below).
At the moment only text, varchar, int, smallint and tinyint columns are
supported, displayed as textarea, text or checkbox fields as appropriate.
@@ -198,7 +206,51 @@
should then do the rest and display your coffee machine field on the room
pages.
+Technical explanation of the restriction on column names for custom fields
+--------------------------------------------------------------------------
+// Column names for custom fields are used by MRBS in a number of ways:
+// - as the column name in the database
+// - as part of an HTML name attibute for a form input
+// - as part of a PHP variable name
+//
+// MySQL, PostgreSQL, HTML and PHP all have different rules for these tokens:
+// - MySQL: almost anything is allowed except that:
+// - "No identifier can contain ASCII NUL (0x00) or a byte with a value
+// of 255."
+// - "Database, table, and column names should not end with space
+// characters."
+// (http://dev.mysql.com/doc/refman/5.0/en/identifiers.html)
+//
+// - PostgreSQL: "SQL identifiers and key words must begin with a letter (a-z,
+// but also letters with diacritical marks and non-Latin letters) or an
+// underscore (_). Subsequent characters in an identifier or key word can
+// be letters, underscores, digits (0-9), or dollar signs ($). Note that
+// dollar signs are not allowed in identifiers according to the letter of the
+// SQL standard, so their use may render applications less portable. The SQL
+// standard will not define a key word that contains digits or starts or ends
+// with an underscore, so identifiers of this form are safe against possible
+// conflict with future extensions of the standard."
+//
(http://www.postgresql.org/docs/8.1/interactive/sql-syntax.html#SQL-SYNTAX-IDENTIFIERS)
+//
+// - PHP: "Variable names follow the same rules as other labels in PHP. A
+// valid variable name starts with a letter or underscore, followed by any
+// number of letters, numbers, or underscores. As a regular expression, it
+// would be expressed thus: '[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*' "
+// (http://php.net/manual/en/language.variables.basics.php)
+//
+// - HTML: "ID and NAME tokens must begin with a letter ([A-Za-z]) and may be
+// followed by any number of letters, digits ([0-9]), hyphens ("-"),
+// underscores ("_"), colons (":"), and periods (".")."
+// (http://www.w3.org/TR/html401/types.html#type-cdata)
+//
+// In order to avoid complications with using names in each of these contexts,
+// we restrict custom field names to the set of names which conforms to all
+// four rules, taking into account the fact that when MRBS uses column names
+// in PHP and HTML it always prefixes them with a string beginning with a
letter.
+// This gives us the rule that custom field names must consist of letters,
+// numbers or underscores.
+
CONFIGURING MRBS
---------------------------------------------------------------------------
Next, you will need to customize the file "config.inc.php"...
Modified: mrbs/branches/provisional_bookings_new_style/web/add.php
===================================================================
--- mrbs/branches/provisional_bookings_new_style/web/add.php 2010-09-30
13:16:21 UTC (rev 1483)
+++ mrbs/branches/provisional_bookings_new_style/web/add.php 2010-09-30
14:12:22 UTC (rev 1484)
@@ -15,10 +15,15 @@
// This file is for adding new areas/rooms
+// First of all check that we've got an area or room name
+if (!isset($name) || ($name === ''))
+{
+ $error = "empty_name";
+}
+
// we need to do different things depending on if its a room
// or an area
-
-if ($type == "area")
+elseif ($type == "area")
{
// Truncate the name field to the maximum length as a precaution.
$name = substr($name, 0, $maxlength['area.area_name']);
@@ -49,7 +54,7 @@
sql_mutex_unlock("$tbl_area");
}
-if ($type == "room")
+elseif ($type == "room")
{
// Truncate the name and description fields to the maximum length as a
precaution.
$name = substr($name, 0, $maxlength['room.room_name']);
Modified: mrbs/branches/provisional_bookings_new_style/web/admin.php
===================================================================
--- mrbs/branches/provisional_bookings_new_style/web/admin.php 2010-09-30
13:16:21 UTC (rev 1483)
+++ mrbs/branches/provisional_bookings_new_style/web/admin.php 2010-09-30
14:12:22 UTC (rev 1484)
@@ -292,11 +292,13 @@
else
{
// strings
- $text = htmlspecialchars($r[$field['name']]);
- echo "<td title=\"$text\"><div>";
- echo substr($text, 0, $max_content_length);
- echo (strlen($text) > $max_content_length) ? " ..." : "";
- echo "</div></td>\n";
+ $value = $r[$field['name']];
+ $html = "<td title=\"" . htmlspecialchars($value) . "\"><div>";
+ // Truncate before conversion, otherwise you could chop off in
the middle of an entity
+ $html .= htmlspecialchars(substr($value, 0,
$max_content_length));
+ $html .= (strlen($value) > $max_content_length) ? " ..." : "";
+ $html .= "</div></td>\n";
+ echo $html;
}
break;
}
Modified: mrbs/branches/provisional_bookings_new_style/web/edit_area_room.php
===================================================================
--- mrbs/branches/provisional_bookings_new_style/web/edit_area_room.php
2010-09-30 13:16:21 UTC (rev 1483)
+++ mrbs/branches/provisional_bookings_new_style/web/edit_area_room.php
2010-09-30 14:12:22 UTC (rev 1484)
@@ -104,7 +104,7 @@
$type = 'string';
break;
}
- $var = "f_" . $field['name'];
+ $var = VAR_PREFIX . $field['name'];
$$var = get_form_var($var, $type);
if (($type == 'int') && ($$var === ''))
{
@@ -224,7 +224,7 @@
break;
// then look at any user defined fields
default:
- $var = "f_" . $field['name'];
+ $var = VAR_PREFIX . $field['name'];
switch ($field['nature'])
{
case 'integer':
@@ -240,6 +240,8 @@
$$var = "'" . addslashes($$var) . "'";
break;
}
+ // Note that we don't have to escape or quote the fieldname
+ // thanks to the restriction on custom field names
$assign_array[] = $field['name'] . "=" . $$var;
break;
}
@@ -520,15 +522,16 @@
// then look at any user defined fields
default:
$label_text = get_loc_field_name($tbl_room, $field['name']);
- echo "<label for=\"f_" . $field['name'] .
"\">$label_text:</label>\n";
+ $var_name = VAR_PREFIX . $field['name'];
+ echo "<label for=\"$var_name\">$label_text:</label>\n";
// Output a checkbox if it's a boolean or integer <= 2 bytes
(which we will
// assume are intended to be booleans)
if (($field['nature'] == 'boolean') ||
(($field['nature'] == 'integer') && isset($field['length'])
&& ($field['length'] <= 2)) )
{
echo "<input type=\"checkbox\" class=\"checkbox\" " .
- "id=\"f_" . $field['name'] . "\" " .
- "name=\"f_" . $field['name'] . "\" " .
+ "id=\"$var_name\" " .
+ "name=\"$var_name\" " .
"value=\"1\" " .
((!empty($row[$field['name']])) ? " checked=\"checked\""
: "") .
"$disabled>\n";
@@ -538,8 +541,8 @@
elseif (($field['nature'] == 'character') &&
isset($field['length']) && ($field['length'] > $text_input_max))
{
echo "<textarea rows=\"8\" cols=\"40\" " .
- "id=\"f_" . $field['name'] . "\" " .
- "name=\"f_" . $field['name'] . "\" " .
+ "id=\"$var_name\" " .
+ "name=\"$var_name\" " .
"$disabled>\n";
echo htmlspecialchars($row[$field['name']]);
echo "</textarea>\n";
@@ -548,8 +551,8 @@
else
{
echo "<input type=\"text\" " .
- "id=\"f_" . $field['name'] . "\" " .
- "name=\"f_" . $field['name'] . "\" " .
+ "id=\"$var_name\" " .
+ "name=\"$var_name\" " .
"value=\"" . htmlspecialchars($row[$field['name']]) .
"\"" .
"$disabled>\n";
}
Modified: mrbs/branches/provisional_bookings_new_style/web/edit_entry.php
===================================================================
--- mrbs/branches/provisional_bookings_new_style/web/edit_entry.php
2010-09-30 13:16:21 UTC (rev 1483)
+++ mrbs/branches/provisional_bookings_new_style/web/edit_entry.php
2010-09-30 14:12:22 UTC (rev 1484)
@@ -51,49 +51,6 @@
require_once "defaultincludes.inc";
require_once "mrbs_sql.inc";
-// Generate an input field with an associated label
-// Optional fourth parameter: $maxlength - the maximum length of input allowed
-function generate_input($label_text, $name, $value)
-{
- // get any optional fourth parameter
- if (func_num_args() > 3)
- {
- $maxlength = func_get_arg(3);
- }
- // generate the HTML
- $html = "<label for=\"$name\">$label_text</label>\n";
- $html .= "<input id=\"$name\" name=\"$name\"";
- $html .= (isset($maxlength)) ? " maxlength=\"$maxlength\"" : '';
- $html .= " value=\"" . htmlspecialchars($value) . "\">\n";
- echo $html;
-}
-
-// Generates a select box from $options, an array of options
-function generate_select($label_text, $name, $value, $options)
-{
- // generate the HTML
- $html = "<label for=\"$name\">$label_text</label>\n";
- $html .= "<select id=\"$name\" name=\"$name\">\n";
- foreach ($options as $option)
- {
- $html .= "<option";
- $html .= (isset($value) && ($value == $option)) ? " selected=\"selected\""
: '';
- $html .= ">$option</option>\n";
- }
- $html .= "</select>\n";
- echo $html;
-}
-
-// Generate a textarea with an associated label
-function generate_textarea($label_text, $name, $value)
-{
- $html = "<label for=\"$name\">$label_text</label>\n";
- // textarea rows and cols are overridden by CSS height and width
- $html .= "<textarea id=\"$name\" name=\"$name\" rows=\"8\" cols=\"40\">" .
htmlspecialchars ($value) . "</textarea>\n";
- echo $html;
-}
-
-
global $twentyfourhour_format;
// Get non-standard form variables
@@ -934,6 +891,7 @@
$key = $field['name'];
if (!in_array($key, $standard_fields['entry']))
{
+ $var_name = VAR_PREFIX . $key;
$value = $custom_fields[$key];
$label_text = get_loc_field_name($tbl_entry, $key) . ":";
echo "<div>\n";
@@ -942,27 +900,27 @@
if (($field['nature'] == 'boolean') ||
(($field['nature'] == 'integer') && isset($field['length']) &&
($field['length'] <= 2)) )
{
- echo "<label for=\"f_$key\">$label_text</label>\n";
+ echo "<label for=\"$var_name\">$label_text</label>\n";
echo "<input type=\"checkbox\" class=\"checkbox\" " .
- "id=\"f_$key\" name=\"f_$key\" value=\"1\" " .
+ "id=\"$var_name\" name=\"$var_name\" value=\"1\" " .
((!empty($value)) ? " checked=\"checked\"" : "") .
">\n";
}
// Output a select box if they want one
elseif (count($select_options["entry.$key"]) > 0)
{
- generate_select($label_text, "f_$key", $value,
$select_options["entry.$key"]);
+ generate_select($label_text, $var_name, $value,
$select_options["entry.$key"]);
}
// Output a textarea if it's a character string longer than the limit
for a
// text input
elseif (($field['nature'] == 'character') && isset($field['length'])
&& ($field['length'] > $text_input_max))
{
- generate_textarea($label_text, "f_$key", $value);
+ generate_textarea($label_text, $var_name, $value);
}
// Otherwise output a text input
else
{
- generate_input($label_text, "f_$key", $value);
+ generate_input($label_text, $var_name, $value);
}
echo "</div>\n";
}
Modified:
mrbs/branches/provisional_bookings_new_style/web/edit_entry_handler.php
===================================================================
--- mrbs/branches/provisional_bookings_new_style/web/edit_entry_handler.php
2010-09-30 13:16:21 UTC (rev 1483)
+++ mrbs/branches/provisional_bookings_new_style/web/edit_entry_handler.php
2010-09-30 14:12:22 UTC (rev 1484)
@@ -58,7 +58,7 @@
$f_type = 'string';
break;
}
- $var = "f_" . $field['name'];
+ $var = VAR_PREFIX . $field['name'];
$custom_fields[$field['name']] = get_form_var($var, $f_type);
if (($f_type == 'int') && ($custom_fields[$field['name']] === ''))
{
Modified: mrbs/branches/provisional_bookings_new_style/web/edit_users.php
===================================================================
--- mrbs/branches/provisional_bookings_new_style/web/edit_users.php
2010-09-30 13:16:21 UTC (rev 1483)
+++ mrbs/branches/provisional_bookings_new_style/web/edit_users.php
2010-09-30 14:12:22 UTC (rev 1484)
@@ -224,11 +224,11 @@
}
else
{
- // strings
- $text = htmlspecialchars($col_value);
- $html .= "<td title=\"$text\"><div>";
- $html .= substr($text, 0, $max_content_length);
- $html .= (strlen($text) > $max_content_length) ? " ..." : "";
+ // strings
+ $html .= "<td title=\"" . htmlspecialchars($col_value) .
"\"><div>";
+ // Truncate before conversion, otherwise you could chop off in
the middle of an entity
+ $html .= htmlspecialchars(substr($col_value, 0,
$max_content_length));
+ $html .= (strlen($col_value) > $max_content_length) ? " ..." :
"";
$html .= "</div></td>\n";
}
break;
@@ -351,25 +351,26 @@
foreach ($fields as $field)
{
- $fieldname = $field['name'];
+ $key = $field['name'];
+ $var_name = VAR_PREFIX . $key;
// First of all output the input for the field
// The ID field cannot change; The password field must not be
shown.
- switch($fieldname)
+ switch($key)
{
case 'id':
echo "<input type=\"hidden\" name=\"Id\" value=\"$Id\">\n";
break;
case 'password':
- echo "<input type=\"hidden\" name=\"Field_$fieldname\"
value=\"". htmlspecialchars($data[$fieldname]) . "\">\n";
+ echo "<input type=\"hidden\" name=\"$var_name\" value=\"".
htmlspecialchars($data[$key]) . "\">\n";
break;
default:
- $html_fieldname = htmlspecialchars("Field_$fieldname");
echo "<div>\n";
- echo "<label for=\"Field_$fieldname\">" .
get_loc_field_name($tbl_users, $fieldname) . ":</label>\n";
- switch($fieldname)
+ $label_text = get_loc_field_name($tbl_users, $key);
+ switch($key)
{
case 'level':
- echo "<select id=\"Field_$fieldname\"
name=\"Field_$fieldname\"" . ($disable_select ? " disabled=\"disabled\"" : "")
. ">\n";
+ echo "<label for=\"$var_name\">$label_text:</label>\n";
+ echo "<select id=\"$var_name\" name=\"$var_name\"" .
($disable_select ? " disabled=\"disabled\"" : "") . ">\n";
// Only display options up to and including one's own
level (you can't upgrade yourself).
// If you're not some kind of admin then the select will
also be disabled.
// (Note - disabling individual options doesn't work in
older browsers, eg IE6)
@@ -380,7 +381,7 @@
// if we're editing an existing entry, then it should
be the current value;
// if we're adding the very first entry, then it
should be an admin;
// if we're adding a subsequent entry, then it should
be an ordinary user;
- if ( (($Action == "Edit") && ($i == $data[$fieldname]))
||
+ if ( (($Action == "Edit") && ($i == $data[$key])) ||
(($Action == "Add") && $initial_user_creation &&
($i == $max_level)) ||
(($Action == "Add") && !$initial_user_creation &&
($i == 1)) )
{
@@ -399,27 +400,26 @@
}
else
{
- $v = $data[$fieldname];
+ $v = $data[$key];
}
- echo "<input type=\"hidden\" name=\"Field_$fieldname\"
value=\"$v\">\n";
+ echo "<input type=\"hidden\" name=\"$var_name\"
value=\"$v\">\n";
}
break;
case 'name':
// you cannot change a username (even your own) unless you
have user editing rights
- echo "<input id=\"$html_fieldname\"
name=\"$html_fieldname\" type=\"text\" " .
+ echo "<label for=\"$var_name\">$label_text:</label>\n";
+ echo "<input id=\"$var_name\" name=\"$var_name\"
type=\"text\" " .
"maxlength=\"" . $maxlength['users.name'] . "\" " .
(($level < $min_user_editing_level) ?
"disabled=\"disabled\" " : "") .
- "value=\"" . htmlspecialchars($data[$fieldname]) .
"\">\n";
+ "value=\"" . htmlspecialchars($data[$key]) . "\">\n";
// if the field was disabled then we still need to pass
through the value as a hidden input
if ($level < $min_user_editing_level)
{
- echo "<input type=\"hidden\" name=\"Field_$fieldname\"
value=\"" . $data[$fieldname] . "\">\n";
+ echo "<input type=\"hidden\" name=\"$var_name\"
value=\"" . $data[$key] . "\">\n";
}
break;
case 'email':
- echo "<input id=\"$html_fieldname\"
name=\"$html_fieldname\" type=\"text\" " .
- (isset($maxlength["users.$fieldname"]) ?
"maxlength=\"" . $maxlength["users.$fieldname"] . "\" " : "") .
- "value=\"" . htmlspecialchars($data[$fieldname]) .
"\">\n";
+ generate_input($label_text, $var_name, $data[$key],
isset($maxlength["users.$key"]) ? $maxlength["users.$key"] : NULL);
break;
default:
// Output a checkbox if it's a boolean or integer <= 2
bytes (which we will
@@ -427,25 +427,27 @@
if (($field['nature'] == 'boolean') ||
(($field['nature'] == 'integer') &&
isset($field['length']) && ($field['length'] <= 2)) )
{
+ echo "<label for=\"$var_name\">$label_text:</label>\n";
echo "<input type=\"checkbox\" class=\"checkbox\" " .
- "id=\"$html_fieldname\" name=\"$html_fieldname\"
value=\"1\"" .
- ((!empty($data[$fieldname])) ? "
checked=\"checked\"" : "") .
+ "id=\"$var_name\" name=\"$var_name\" value=\"1\"" .
+ ((!empty($data[$key])) ? " checked=\"checked\"" :
"") .
">\n";
}
+ // Output a select box if they want one
+ elseif (count($select_options["users.$key"]) > 0)
+ {
+ generate_select($label_text, $var_name, $data[$key],
$select_options["users.$key"]);
+ }
// Output a textarea if it's a character string longer
than the limit for a
// text input
elseif (($field['nature'] == 'character') &&
isset($field['length']) && ($field['length'] > $text_input_max))
{
- echo "<textarea rows=\"8\" cols=\"40\"
id=\"$html_fieldname\" name=\"$html_fieldname\">\n";
- echo htmlspecialchars($data[$fieldname]);
- echo "</textarea>\n";
+ generate_textarea($label_text, $var_name, $data[$key]);
}
// Otherwise output a text input
else
{
- echo "<input id=\"$html_fieldname\"
name=\"$html_fieldname\" type=\"text\" " .
- (isset($maxlength["users.$fieldname"]) ?
"maxlength=\"" . $maxlength["users.$fieldname"] . "\" " : "") .
- "value=\"" . htmlspecialchars($data[$fieldname]) .
"\">\n";
+ generate_input($label_text, $var_name, $data[$key],
isset($maxlength["users.$key"]) ? $maxlength["users.$key"] : NULL);
}
break;
} // end switch
@@ -455,7 +457,7 @@
// Then output any error messages associated with the field
// except for the password field which is a special case
- switch($fieldname)
+ switch($key)
{
case 'email':
if (!empty($invalid_email))
@@ -571,7 +573,7 @@
}
// first, get all the other form variables and put them into an array,
$values, which
// we will use for entering into the database assuming we pass validation
- $values[$fieldname] = get_form_var("Field_$fieldname", $type);
+ $values[$fieldname] = get_form_var(VAR_PREFIX. $fieldname, $type);
// Truncate the field to the maximum length as a precaution.
if (isset($maxlength["users.$fieldname"]))
{
@@ -741,6 +743,8 @@
foreach ($sql_fields as $fieldname => $value)
{
+ // Note that we don't have to escape or quote the fieldname
+ // thanks to the restriction on custom field names
array_push($assign_array,"$fieldname=$value");
}
$operation .= implode(",", $assign_array) . " WHERE id=$Id;";
@@ -757,14 +761,15 @@
array_push($fields_list,$fieldname);
array_push($values_list,$value);
}
-
+ // Note that we don't have to escape or quote the fieldname
+ // thanks to the restriction on custom field names
$operation = "INSERT INTO $tbl_users " .
"(". implode(",",$fields_list) . ")" .
" VALUES " . "(" . implode(",",$values_list) . ");";
}
/* DEBUG lines - check the actual sql statement going into the db */
- //echo "Final SQL string: <code>$operation</code>";
+ //echo "Final SQL string: <code>" . htmlspecialchars($operation) .
"</code>";
//exit;
$r = sql_command($operation);
if ($r == -1)
Modified: mrbs/branches/provisional_bookings_new_style/web/functions.inc
===================================================================
--- mrbs/branches/provisional_bookings_new_style/web/functions.inc
2010-09-30 13:16:21 UTC (rev 1483)
+++ mrbs/branches/provisional_bookings_new_style/web/functions.inc
2010-09-30 14:12:22 UTC (rev 1484)
@@ -297,6 +297,49 @@
}
+// Generate an input field with an associated label
+// Optional fourth parameter: $maxlength - the maximum length of input allowed
+function generate_input($label_text, $name, $value)
+{
+ // get any optional fourth parameter
+ if (func_num_args() > 3)
+ {
+ $maxlength = func_get_arg(3);
+ }
+ // generate the HTML
+ $html = "<label for=\"$name\">$label_text</label>\n";
+ $html .= "<input id=\"$name\" name=\"$name\" type=\"text\"";
+ $html .= (isset($maxlength)) ? " maxlength=\"$maxlength\"" : '';
+ $html .= " value=\"" . htmlspecialchars($value) . "\">\n";
+ echo $html;
+}
+
+// Generates a select box from $options, an array of options
+function generate_select($label_text, $name, $value, $options)
+{
+ // generate the HTML
+ $html = "<label for=\"$name\">$label_text</label>\n";
+ $html .= "<select id=\"$name\" name=\"$name\">\n";
+ foreach ($options as $option)
+ {
+ $html .= "<option";
+ $html .= (isset($value) && ($value == $option)) ? " selected=\"selected\""
: '';
+ $html .= ">$option</option>\n";
+ }
+ $html .= "</select>\n";
+ echo $html;
+}
+
+// Generate a textarea with an associated label
+function generate_textarea($label_text, $name, $value)
+{
+ // generate the HTML
+ $html = "<label for=\"$name\">$label_text</label>\n";
+ // textarea rows and cols are overridden by CSS height and width
+ $html .= "<textarea id=\"$name\" name=\"$name\" rows=\"8\" cols=\"40\">" .
htmlspecialchars($value) . "</textarea>\n";
+ echo $html;
+}
+
// Generates a date selector for use on a form. If JavaScript is enabled
// then it will generate a calendar picker using jQuery UI datepicker. If
not,
// it will generate three separate select boxes, one each for day, month and
year.
Modified:
mrbs/branches/provisional_bookings_new_style/web/internalconfig.inc.php
===================================================================
--- mrbs/branches/provisional_bookings_new_style/web/internalconfig.inc.php
2010-09-30 13:16:21 UTC (rev 1483)
+++ mrbs/branches/provisional_bookings_new_style/web/internalconfig.inc.php
2010-09-30 14:12:22 UTC (rev 1484)
@@ -17,9 +17,9 @@
// in calls to nl2br. TRUE means XHTML, FALSE means HTML.
define('IS_XHTML', FALSE);
- /*************************************************
+/*************************************************
* ENTRY STATUS CODES - internal use, do not change
- **************************************************/
+ *************************************************/
// The status code field for an entry is a tinyint (smallint on PostgreSQL)
// with individual bits set to record the various possible boolean properties
@@ -37,9 +37,9 @@
define('STATUS_TENTATIVE', 0x04);
- /*************************************************
+/*************************************************
* REPEAT TYPE CODES - internal use, do not change
- **************************************************/
+ *************************************************/
define('REP_NONE', 0);
define('REP_DAILY', 1);
@@ -49,10 +49,15 @@
define('REP_MONTHLY_SAMEDAY', 5);
define('REP_N_WEEKLY', 6);
- /****************************************************************
- * DATABASE TABLES - STANDARD FIELDS - internal use, do not change
- *****************************************************************/
+/****************************************************************
+ * DATABASE TABLES - internal use, do not change
+ ****************************************************************/
+// CUSTOM FIELDS
+// Prefix for custom field variable names
+define('VAR_PREFIX', 'f_'); // must begin with a letter;
+
+// STANDARD FIELDS
// These are the standard fields in the database tables. If you add more
// standard (not user defined, custom) fields, then you need to change these
Modified: mrbs/branches/provisional_bookings_new_style/web/lang.en
===================================================================
--- mrbs/branches/provisional_bookings_new_style/web/lang.en 2010-09-30
13:16:21 UTC (rev 1483)
+++ mrbs/branches/provisional_bookings_new_style/web/lang.en 2010-09-30
14:12:22 UTC (rev 1484)
@@ -297,6 +297,7 @@
$vocab["norooms"] = "No rooms have been defined.";
$vocab["administration"] = "Room Details";
$vocab["invalid_area_name"] = "This area name has already been used!";
+$vocab["empty_name"] = "You have not entered a name!";
// Used in edit_area_room.php
$vocab["editarea"] = "Edit Area";
Modified: mrbs/branches/provisional_bookings_new_style/web/mrbs_sql.inc
===================================================================
--- mrbs/branches/provisional_bookings_new_style/web/mrbs_sql.inc
2010-09-30 13:16:21 UTC (rev 1483)
+++ mrbs/branches/provisional_bookings_new_style/web/mrbs_sql.inc
2010-09-30 14:12:22 UTC (rev 1484)
@@ -324,7 +324,9 @@
} // switch ($key)
} // foreach
-
+
+ // Note that we don't have to escape or quote the fieldname
+ // thanks to the restriction on custom field names
$sql = "INSERT INTO $table (" . implode(', ',$sql_col) . ") VALUES (" .
implode(', ',$sql_val) . ")";
if (sql_command($sql) < 0)
Modified:
mrbs/branches/provisional_bookings_new_style/web/systemdefaults.inc.php
===================================================================
--- mrbs/branches/provisional_bookings_new_style/web/systemdefaults.inc.php
2010-09-30 13:16:21 UTC (rev 1483)
+++ mrbs/branches/provisional_bookings_new_style/web/systemdefaults.inc.php
2010-09-30 14:12:22 UTC (rev 1484)
@@ -494,10 +494,9 @@
//$select_options['entry.name'] = array('Physics', 'Chemistry', 'Biology');
-// At the moment this feature is only supported for the name, description and
-// any custom fields in the entry table. However the indexing format of
-// tablename.columnname has been chosen to allow it to be extended to other
-// tables in the future.
+// At the moment this feature is only supported as follows:
+// - Entry table: name, description and custom fields
+// - Users table: custom fields
Property changes on:
mrbs/branches/provisional_bookings_new_style/web/upgrade/5/pgsql.sql
___________________________________________________________________
Modified: svn:mergeinfo
- /mrbs/branches/custom_entry_fields/web/upgrade/5/pgsql.sql:1374-1396
/mrbs/branches/datepicker/web/upgrade/5/pgsql.sql:1409-1416
/mrbs/branches/provisional_bookings/web/upgrade/5/pgsql.sql:1242-1280
/mrbs/trunk/web/upgrade/5/pgsql.sql:1407-1477
+ /mrbs/branches/custom_entry_fields/web/upgrade/5/pgsql.sql:1374-1396
/mrbs/branches/datepicker/web/upgrade/5/pgsql.sql:1409-1416
/mrbs/branches/provisional_bookings/web/upgrade/5/pgsql.sql:1242-1280
/mrbs/trunk/web/upgrade/5/pgsql.sql:1407-1483
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
------------------------------------------------------------------------------
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________
Mrbs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mrbs-commits
