BannerMntc_8prg_source.html

 <?php
   $monLibrary= dirname(__FILE__) . "/../library";
   $sharedLibrary= dirname(__FILE__) . "/../../shared/library";
   require_once("$monLibrary/cu_top.i");
   require_once("$monLibrary/ck_hticket.i");
   require_once("$sharedLibrary/cu_flagconst.i");

   if (!CheckPerm($link, $Hu, basename($_SERVER['SCRIPT_NAME']), $_SERVER['REMOTE_ADDR'])) {
     // ** Permissions failed
     // ** redirect to new page
     header("Location: /hcuadm/hcu_noperm.prg");
     exit;
   }

 $dms_ok=array('action'=>'string','AddChange'=>'string', 'msg'=>'string',
 'sname'=>'string','sstart'=>'string','sstop'=>'string','banner'=>'string',
 'todelete'=>'string','bannertext'=>'string','rowid'=>'string','stype'=>'digits');
 dms_import($dms_ok);
 $cu = strtoupper(prep_save($rowid, 10));

 $banner = (empty($banner) ? "" : trim($banner));
 $self = $_SERVER['PHP_SELF'] ;

 $action = (empty($action) ? "ok" : $action);
 $action = strtolower($action);
 $action = trim($action);

 $msg = (empty($msg) ? "NO MESSAGE" : $msg);

 $today = date("m/d/Y");
 $oneyear  = date("m/d/Y",mktime (0,0,0,date("m"),date("d"),date("Y")+1));

 switch ($action) {
     case "yes":
         banner_update("delete");
         break;
     case "delete":
         confirm($banner, $action);
         break;
     case "add":
     case "save":
         banner_update("$action");
         break;
     case "no":
         $banner="";
     case "ok":
         getbanner("$msg");
         break;
     }

 //exit;

 function banner_update($action) {
   global $banner;
     global $stype;
   global $sname;
   global $sstart;
   global $sstop;
   global $bannertext;

   global $Cn;
   global $cu;
   global $rowid;
   global $self;
   global $today;
   global $oneyear;
     global $link;

     $msg = "";


 if ($action == "add" || $action == "save") {
   $sname = (trim($sname) == "" ? "" : $sname);
   $sstart = (trim($sstart) == "" ? "$today" : $sstart);
   $sstop = (trim($sstop) == "" ? "$oneyear" : $sstop);
   $bannertext = (trim($bannertext) == "" ? "" : $bannertext);

   # need to check start and stop dates here
   if (trim($banner) == ""){ $msg .= "Please Select a Banner<br>\n"; }
   if (trim($bannertext) == ""){ $msg .= "Please Specify Banner Text<br>\n"; }
   if (preg_match("/^ *$/",$banner)) { $msg .= "Invalid Banner ID<br>\n";}
   if (($starttime = strtotime($sstart)) === -1) {
            $msg .= "Invalid Start Date<br>\n";
   } else {
     list($mm,$dd,$yyyy) = explode("/",$sstart);
     if (!dms_checkdate("$mm", "$dd", "$yyyy")) {
            $msg .= "Invalid Start Date<br>\n";}
   }
   if (($stoptime = strtotime($sstop)) === -1) {
            $msg .= "Invalid Stop Date<br>\n";
   } else {
     list($mm,$dd,$yyyy) = explode("/",$sstop);
     if (!dms_checkdate("$mm", "$dd", "$yyyy")) {
            $msg .= "Invalid Stop Date<br>\n";}
   }
   if ($starttime > $stoptime) {
            $msg .= "Start Date must be before Stop Date<br>\n";}

     }

     // ** MWS - 1 - Replace any " (double) with ' (single) quotes
         // **       2 - Test the banner script using eval as is done in ShowBanner.i, in hopes of finding problems.

     // Banner
     $bannertext = str_replace('"', "'", $bannertext);

     // Try to catch a syntax error
     // ** We need slashes stripped from the bannertext first
     $testbannertext=stripslashes($bannertext);

     if (php_syntax_error("\$bannertext=sprintf ('%s',\"$testbannertext\");")) {
         $msg .= "There is a problem with the syntax of the banner text you entered.  Please review the text and look for any double quotes or declaration of php variables that may have caused the problem.<br>";
     }

   if ($msg == ""){
    switch ($action) {
        case "delete":
          $what = "Deleted";
          $sql = "delete from cusurveymaster
                 where surveyid='" . intval($banner) . "' and cu='$cu';";
           break;
        case "save":
              $what = "Updated";
              $sql= "update cusurveymaster set
                     startdate='$sstart', stopdate='$sstop',
                     surveyname='$sname',
                                         question='" . prep_save($bannertext) . "',
                                         qstyle='3', runstat=1,
                                         employee='Y', inc_balances='Y',
                                         surveytype = $stype,
                                         dontshow = 'Y'
                  where  surveyid='" . intval($banner) . "' and cu='$cu'";


            break;

        case "add":
             $what = "Added";
              $sql = "insert into cusurveymaster (cu,surveyid, startdate,
                    stopdate, surveyname, question, qstyle,
                                      runstat, employee, surveytype, dontshow, inc_balances)
                             values (
                   '$cu',nextval('cusurveymaster_surveyid_seq'),'$sstart',
                                     '$sstop','$sname','" .  prep_save($bannertext) . "', '3',
                                     1, 'Y',$stype,'Y','Y');";
 #
                     break;
          }

         $sth = db_query($sql,$link);
              $msg = pg_errormessage();
          if (!$sth) {
               require("errormail.i");
               $notify = new ErrorMail;
               $notify->line=__LINE__;
               $notify->file=__FILE__;
               $notify->callingfunction = __FUNCTION__;
               $notify->error=$msg;
               $notify->cu="$cu";
               $notify->banner="$banner";
               $notify->sql="$sql";
               $notify->SendErr();
          }
       if ($msg == "") { update_success($what);}

       db_free_result($sth);
    }
    if ($msg) {
       switch ($action) {
         case "delete":
           $banner="";
         case "add":
         case "save":
         default:
           getbanner($msg);
           break;
       }
 }
 }
 function getbanner($msg) {

 global $self;
 global $Cn;
 global $cu;
 global $rowid;
 global $banner;
 global $bannertext;
 global $AddChange;
 global $today;
 global $oneyear;
 global $sname;
 global $sstart;
 global $sstop;
 global $link;

 header("Expires: Sat 20 May 1995 03:32:38 GMT");
 header("Pragma: no-cache");
 header("Cache-Control: no-cache, must-revalidate");

 cu_header("Banner Maintenance");
 print <<<EOF
 <script language="JAVASCRIPT">
 <!--
     function show_preview(sform)
 {
 var marker="BannerView?cu=$cu";
 viewwin=window.open("","_Preview","toolbar=1,location=0,directories=0,status=1,menubar=0,scrollbars=1,resizable=0,width=600,height=380");
 document.viewform.viewtext.value=sform.bannertext.value;
 document.viewform.submit();
 viewwin.focus();
     }

 function validate(mode,sform)
 {
     var strSurvey = sform.banner.value;
     var strBanner = sform.bannertext.value;
     var strMessage = "";
         var patSpaces = /^ *$/;

     // validate user entries

   if (strSurvey.length == 0)
         { strMessage += "Please Select a Banner Number.\\n";}
   if (strBanner.length == 0)
         { strMessage += "Please Specify Banner Text.\\n";}
   if (patSpaces.exec(strSurvey) != null)
         { strMessage += "Invalid Banner Number.\\n";}
   if (strSurvey.indexOf("'") != -1  || strSurvey.indexOf('"') != -1)
         { strMessage += "Invalid Characters in Banner Number.\\n";}


   if (strMessage.length > 0)
     {
           alert(strMessage);
           return false;
     } else {
               sform.action.value=mode;
           sform.submit();

               return true;
         }

 }
 // -->
 </script>
 EOF;

       $sql= "select surveyid,
              to_char(startdate,'mm/dd/yyyy'),
              to_char(stopdate,'mm/dd/yyyy'),
              question,
                          surveytype
              from cusurveymaster
              where cu='$cu'
                          and surveytype in (2,3)
              order by surveytype";

       $sth = db_query($sql,$link);

 $blist = array();

     for ($row=0;list($banner,$sstart,$sstop,$bannertext,$stype) = db_fetch_array($sth,$row); $row++) {

                 $blist[$stype][0]=$banner;
                 $blist[$stype][1]=$sstart;
                 $blist[$stype][2]=$sstop;
                 $blist[$stype][3]=$bannertext;
             }
  if ("$msg" != "NO MESSAGE") {
  print <<<EOF
    <table width=95% cellspacing=1 cellpadding=4 border=0>
   <tr><td class="ahd" align='center'><img src='/monitor/images/alert.black.gif'>&nbsp;
 $msg</td></tr></table>
 EOF;
    }
 print <<<EOF
 <form name='viewform' action='BannerView?cu=$cu&chome=$rowid' method='POST' target='_Preview'>
 <input type='hidden' name='viewtext' value=''>
 <input type='hidden' name='cu' value='$cu'>
 <input type='hidden' name='chome' value='$rowid'>
 </form>
 EOF;
 for ($stype=2;$stype < 3; $stype++) { // Desktop is apparently 2 and mobile is apparently 3 so change the limit from 4 to 3 to remove the mobile banner.
     list ($banner, $sstart,$sstop,$bannertext) = $blist[$stype];
     $AddChange = ($blist[$stype][0] == "" ? "Add" : "Save");
     $banner = ($AddChange == "Add" ? "new" : $banner);
   $sstart = (trim($sstart) == "" ? "$today" : $sstart);
   $sstop = (trim($sstop) == "" ? "$oneyear" : $sstop);
     $sname = ($stype == 2 ? "Desktop" : "Mobile");
    print <<<EOF
    <div align=center><br><form name='${sname}form' action='$self'>
    <table width=95% cellspacing=1 cellpadding=4 border=0>
    <tr><td class='bar' colspan=2 align=center>$cu $sname Banner</td></tr>
    <tr><td class='dtll' width='50%'>&nbsp;</td>
    <td class='dtll'>
 EOF;
 if ($banner != "new") {
    print <<<EOF
 <a href="$self?rowid=$rowid&banner=$banner&action=delete&sname=$sname">&nbsp;Delete&nbsp;</a>&nbsp;|&nbsp;<a href="javascript:show_preview(document.${sname}form)"> &nbsp;View&nbsp;</a>
 EOF;
 } else { print "&nbsp;";}
    print <<<EOF
    </td></tr>
         <tr><td class='dtlc' valign=top colspan='2'>
         <textarea cols='60' rows='6' wrap='virtual' name='bannertext'>$bannertext</textarea>
         </td></tr>
    <tr>
      <td class='dtlr'>Effective Dates: </td>
      <td class='dtll'>&nbsp;
             <input type=text name='sstart' size='10' maxlength='10' value='$sstart'>
                 &nbsp;to&nbsp;
       <input type=text name='sstop' size='10' maxlength='10' value='$sstop'>
         </td>
   </tr>
         <tr><td class='dtlc' colspan='2'>
 <input type='hidden' name='stype' value='$stype'>
 <input type='hidden' name='rowid' value='$rowid'>
 <input type='hidden' name='banner' value='$banner'>
 <input type='hidden' name='action' value='$AddChange'>
 <input type=hidden name='AddChange' value='$AddChange'>
 <hr width=50%><br>
   <input type=button value='$AddChange' onClick="validate('$AddChange',this.form);">
 </td></tr></table></form>
 EOF;
 }

 }

 function confirm($banner, $action) {
 global $self;
 global $Cn;
 global $cu;
 global $rowid;
 global $sname;

    if (!$banner) {
        getbanner("You must select a banner type");
        return;
    }
 header("Expires: Sat 20 May 1995 03:32:38 GMT");
 header("Pragma: no-cache");
 header("Cache-Control: no-cache, must-revalidate");
 cu_header("Banner Maintenance");
    $sname = (trim($sname) == "" ? "" : stripslashes($sname));

    print <<<EOF
    <div align=center><br><form name="form1" action="$self">
      <input type="hidden" name="rowid" value="$rowid">
    <table width=90% cellspacing=0 cellpadding=4 border=0>
    <tr><td class="bar" colspan=2 align=center>$cu Banner</td></tr>

 <tr><td class='ahd' colspan=2 align=center>Warning! This will delete the $sname banner for $cu.  Do you wish to continue?</td></tr>

    <tr><td class="hdr" colspan=2><hr></td>
    <tr><td class="hdr" align=right>
          <input type=submit name="action" value="Yes">
        </td>
        <td class="hdr" align=left>
          <input type=submit name="action" value="No">
        </td>
    </tr>
    </table>
    <input type=hidden name="banner" value="$banner">
    <input type=hidden name="todelete" value="delete">
    </form></div>
 EOF;
 }

 function update_success($what) {
 global $banner;
 global $rowid;
 global $self;
 global $main_url;
    $msg=urlencode("Banner $what Successfully");
    header("Location: $main_url?rowid=$rowid&msg=$msg");
 }
 function disp_msg($msg,$mode) {
 #   return htmlspecialchars(trim(stripslashes($msg)));
     switch ($mode) {
         case 'en':
             $msg=htmlentities(trim(stripslashes($msg)),ENT_QUOTES);
         break;
         case 'sc':
         default:
             # translate the htmlspecial character
             $msg=htmlspecialchars(trim(stripslashes($msg)));
         break;
     }
     # and then put back the numeric entity codes
     $msg=str_replace('&amp;#','&#',$msg);
     return $msg;
 }
 function error_exit($reason) {
 global $pg_ttl;
      print <<<EOF
     <CENTER><BR>
     <TABLE BORDER=0 CELLPADDING=6 WIDTH=90%>
 <tr><td CLASS="bar" align="center">$cu $pg_ttl
 </td></tr><tr>
     <td class='hdr' align='center'>
     Unable to complete your request</td></tr>
     <tr><td class='dtl' align='center'>
     ${reason}.
     </td></tr></table>
 EOF;
 exit;
 }
 /**
  * Check the syntax of some PHP code.
  * @param string $code PHP code to check.
  * @return boolean|array If false, then check was successful, otherwise an array(message,line) of errors is returned.
  */
 function php_syntax_error($code){
     $braces=0;
     $inString=0;
     foreach (token_get_all('<?php ' . $code) as $token) {
         if (is_array($token)) {
             switch ($token[0]) {
                 case T_CURLY_OPEN:
                 case T_DOLLAR_OPEN_CURLY_BRACES:
                 case T_START_HEREDOC: ++$inString; break;
                 case T_END_HEREDOC:   --$inString; break;
             }
         } else if ($inString & 1) {
             switch ($token) {
                 case '`': case '\'':
                 case '"': --$inString; break;
             }
         } else {
             switch ($token) {
                 case '`': case '\'':
                 case '"': ++$inString; break;
                 case '{': ++$braces; break;
                 case '}':
                     if ($inString) {
                         --$inString;
                     } else {
                         --$braces;
                         if ($braces < 0) break 2;
                     }
                     break;
             }
         }
     }
     $inString = @ini_set('log_errors', false);
     $token = @ini_set('display_errors', true);
     ob_start();
     $braces || $code = "if(0){{$code}\n}";
     if (eval($code) === false) {
         if ($braces) {
             $braces = PHP_INT_MAX;
         } else {
             false !== strpos($code,CR) && $code = strtr(str_replace(CRLF,LF,$code),CR,LF);
             $braces = substr_count($code,LF);
         }
         $code = ob_get_clean();
         $code = strip_tags($code);
         if (preg_match("'syntax error, (.+) in .+ on line \d+)$'s", $code, $code)) {
             $code[2] = (int) $code[2];
             $code = $code[2] <= $braces
                 ? array($code[1], $code[2])
                 : array('unexpected $end' . substr($code[1], 14), $braces);
         } else $code = array('syntax error', 0);
     } else {
         ob_end_clean();
         $code = false;
     }
     @ini_set('display_errors', $token);
     @ini_set('log_errors', $inString);
     return $code;
 }
ErrorMail
Definition: errormail.i:9