cuDataModel.i

<?php
/**
 * FILE: cuDataModel.i
 *
 * PURPOSE: This script will be used for creating a repository of functions for data retrieval
 *          from the postgres database.  These functions should only be concerned with the actual
 *          query and retrieving the recordset handle.  They should not perform any action with
 *          the data.
 * ?? NOT SURE - about the purpose of this script..  But it would be nice if NO SQL was done here..
 *
 *  MWS 10/20/2015
 *
 */


/**
 *
 * Update User Related Data In A Structured Table defined in GetTableDefinition
 *
 * @param integer $pDbh    - Database Handle for current Credit Union Session
 * @param array[] $pHbEnv  - The current session HB_ENV -- This is the array that contains session/environment variables.
 *                            This function requires the following variables in HB_ENV
 *                            cu - the CU CODE
 * @param class   $pMc     - The current session MC (Multi-Language) class
 * @param array[] $pUpdTable
 * @param integer $pAuditUser   - The user id related to the data change
 * @param string $pAction       - Identifies the action that triggered this audit record.  Some codes include
 *                                U_ADD - User Account was added.
 *                                U_DEL_A - User Account Deleted
 *                                U_DEL_H - User History Deleted.
 *                                U_RESET - User Password was reset
 *                                U_UPD - User Account Was updated
 *                                U_OMA - Override MICRs
 *                                U_EST - E-statemnt Flag Changed
 * @param string $pAppContext   - Application Context {DSK, MBL, APP, ADA}
 * @param string $pCodeContext  - Name of the PHP script that called this function.
 * @param string $pAuditType    - The type of user that triggered this audit
 *                                U - user, the user themselves made this particular change
 *                                A - admin user, an admin user made the change to the user account.
 *                                H - HomeCU made the change to the user record
 * @param string $pFullDesc     - A full description of why the audit record was necessary. {Force Password, Update Profile..etc}
 * @param string $pUserName     - The User Name value that made the triggered user.  The source of this user_name
 *                                  depends on the type defined in pAuditSrcType
 * @param string $pEmail        - The email associated with the user
 * @param string $pIp           - The source IP address that triggered the audit record
 * @param boolean $pSuppressAudit - {true/false(default)} When true ,the audit record will NOT be recorded regardless of table settings
 * @param string $pAccountNumber  - Either empty or an account number.  This refers to audits that are account-centric, not user-centric.

 *
 * @return array[]
 *
 */
function DataUserTableUpdate($pDbh, $pHbEnv, $pMc, $pUpdTable, $pAuditUser, $pAction, $pAppContext, $pCodeContext, $pAuditType, $pFullDesc, $pUserName, $pEmail, $pIp, $pSuppressAudit = false,
                             $pAccountNumber = "") {
  // ** BUILD SQL ??
  /*
   *   Should validation be done here? Or previous to calling this function
   *

   *
   *   If snapshot is needed - Get this here.. This will perform the select query to get data, and return the information in an array with the table key as the key
   *

   As CRUD statements are created, the snapshot is also taken at that time.  It may be able to leverage the same query information this way.



   *
   *   Build/execute the table sql command
   *

   *
   *   Should this function handle doing transactions? or build,execute method
   *

   *
   *
   */

  /**
   * RETHINK 2.23.2016
   * Before I tried to make the called functions do all the work,
   * BUT I think it best that this function perform the looping and call each function.
   * SIMPLIFYING the scope of each function to only need to be one at a time
   *
   * ** NOTE ** FOR THE MOST PART THIS FUNCTION SHOULD ONLY BE UPDATING ONE TABLE AT A TIME
   */

  /**
   * This will contain an array of the updated values
   */
  $retSnapshot = array();
  $updatedDataSnapShot = array();

  try {
    // ** Snapshots take place before data update

    // * be sure the pUpdTable is an array
    if (!is_array($pUpdTable)) {
      // * ERROR - Update Table is NOT an array
      throw new exception('Update Table Not Defined', 900);
    }

    // * Get the table schema
      // * tablecode located is the base key of the pUpdTable array

    $tableCodeList = array_keys($pUpdTable);
    // * Should now have indexed list of tables.
    if (count($tableCodeList) == 0) {
      // ** NO TABLES DEFINED
      throw new exception('Update Table Empty', 901);
    }

    /**
     * Potential for multiple table update.
     * I will loop through the options and get the different record snapshots.
     * Each snapshot should be an individual record
     */

    for ($updIdx = 0; $updIdx < count($tableCodeList); $updIdx++) {

      /**
       * LOOP THROUGH EACH TABLE UPDATE
       */

      $tableCode = $tableCodeList[$updIdx];

      $recordAudit = (!$pSuppressAudit);

      /**
       *
       * GET Snapshot of ALL data ROWS prior to update
       *
       * @var array[] This will be an empty array if there was not snapshot??
       *
       */
      if ($recordAudit) {
        $saveBeforeDataSnapshot = GetDataSnapshot($pDbh, $pHbEnv, $pMc, $tableCode, $pUpdTable[$tableCode]);
      } else {
        $saveBeforeDataSnapshot = false;
      }


      /**
       * NOW HAVE Data Snapshot Array
       */

// * 2/29/2016 - - Should snapshot be for ONLY the records being updated. The array storing the data can aggregate the addt'l lines if need be
      /**
       * LOOP THROUGH EACH ROW AND EXECUTE THE SQL
       */
      $savedRecords = $pUpdTable[$tableCode];
      for ($rowIdx = 0; $rowIdx < count($savedRecords); $rowIdx++) {
        /**
         *
         * Create SQL for updating the actual record (why we are here)
         * Code execution is handled in this function as well
         *
         */
        $updTableResp = SetDataTableUpdate( $pDbh, $pHbEnv, $pMc, $tableCode, $savedRecords[$rowIdx]);
        /**
         * CHECK the response from SetDataTableUpdate
         */
        if ($updTableResp['code'] == '000') {
          foreach($updTableResp['data']['row'] as $table => $rows) // Append new records in previous snapshot
          {
            $retSnapshot[$table]= isset($retSnapshot[$table]) ? array_merge($retSnapshot[$table], $rows) : $rows;
          }
        } else {
          throw new exception ('Data Update Error', '902');
        }

      }

      /**
       * FINISHED LOOPING THROUGH TABLES IN UPDATE ARRAY
       */

      if ($saveBeforeDataSnapshot !== false) {
        /**
         * snapshot not false, so save...
         *
         */
        /**
         *
         * Create Audit Insert Record SQL
         *
         */

        // IF $pAuditUser IS NULL: if null, is create user
        if ($pAuditUser == null) {

          // CHECK: USER_ID SET IN $updTableResp
          $updTableResp_id = HCU_array_key_exists("user", $updTableResp['data']['row']) ? $updTableResp['data']['row']['user'][0]['user_id'] : null;

          if (isset($updTableResp_id)) {
            $pAuditUser = $updTableResp_id;
          } else {
            $pAuditUser = 0;
          }
        }

        $dataAuditRecord = SetAuditRecord($pDbh, $pHbEnv, $pMc, $pAuditUser, $pAction, $pAppContext, $pCodeContext, $pAuditType, $pFullDesc, $pUserName, $pEmail, $pIp,
          HCU_JsonEncode($saveBeforeDataSnapshot), HCU_JsonEncode($retSnapshot), false, $pAccountNumber);


      }

    }

  } catch (exception $e) {
    // * For now when an error occurs I want to return an empty array
    // ** $retSnapshot = Array();
    // OR
    $retSnapshot = false;
  }

  return $retSnapshot;


}

/**
 * Update Admin user Related Data In A Structured Table defined in GetTableDefinition
 *
 * @param integer $pDbh    - Database Handle for current Credit Union Session
 * @param array[] $pHbEnv  - The current session HB_ENV -- This is the array that contains session/environment variables.
 *                            This function requires the following variables in HB_ENV
 *                            cu - the CU CODE
 * @param array[] $pUpdTable
 * @param integer $pAuditUser   - The user id related to the data change
 * @param string $pAction       - Identifies the action that triggered this audit record.
 * @param string $pCodeContext  - Name of the PHP script that called this function.
 * @param string $pAuditType    - The type of user that triggered this audit
 *                                U - user, the user themselves made this particular change
 *                                A - admin user, an admin user made the change to the user account.
 *                                H - HomeCU made the change to the user record
 * @param string $pFullDesc     - A full description of why the audit record was necessary. {Force Password, Update Profile..etc}
 * @param string $pUserName     - The User Name value that made the triggered user.  The source of this user_name
 *                                  depends on the type defined in pAuditSrcType
 * @param string $pEmail        - The email associated with the user
 * @param string $pIp           - The source IP address that triggered the audit record
 * @param boolean $pSuppressAudit - {true/false(default)} When true ,the audit record will NOT be recorded regardless of table settings
 *
 * @return array[]
 *
 */
function DataAdminTableUpdate($pDbh, $pHbEnv, $pUpdTable, $pAuditUser, $pAction, $pCodeContext, $pAuditType, $pFullDesc, $pUserName, $pEmail, $pIp, $pSuppressAudit = false)
{
  $retSnapshot= array();
  try
  {
      if (!is_array($pUpdTable))
        throw new exception('Update Table Not Defined', 900);
      if (count($pUpdTable) == 0)
        throw new exception('Update Table Empty', 901);

      foreach($pUpdTable as $table => $tableRecord)
      {
          $saveBeforeDataSnapshot = $pSuppressAudit ? false : GetDataSnapshot($pDbh, $pHbEnv, null, $table, $tableRecord); // Get snapshot if audit is not suppressed
          foreach($tableRecord as $rowRecord)
          {
              $results= SetDataTableUpdate($pDbh, $pHbEnv, null, $table, $rowRecord);
              if ($results["code"] != "000")
                throw new exception ('Data Update Error', '902');

              foreach($results['data']['row'] as $table => $rows) // Append new records in previous snapshot
              {
                $retSnapshot[$table]= isset($retSnapshot[$table]) ? array_merge($retSnapshot[$table], $rows) : $rows;
              }
          }
      }

      if ($saveBeforeDataSnapshot !== false)
      {
          $dataAuditRecord = SetAdminAuditRecord($pDbh, $pHbEnv, $pAuditUser, $pAction, $pCodeContext, $pAuditType, $pFullDesc, $pUserName, $pEmail, $pIp,
            HCU_JsonEncode($saveBeforeDataSnapshot), HCU_JsonEncode($retSnapshot) );
      }
  }
  catch (exception $e)
  {
      $retSnapshot = false;
  }

  return $retSnapshot;
}

/**
 *
 *
 * This will take the list of arrays and build the large array for the snapshot.
 *  The snapshot will be an array with the tablenamekey as the array index (associative)
 *  At this time the function will only build the Record data array
 *
 * @param integer $pDbh      - This is the current session database connection
 * @param array[] $pHbEnv    - Current HB_ENV environment array
 * @param class   $pMc       - Current Translation Class
 * @param string  $pTableCode - This is the table code to take the snapshot of
 * @param mixed[] $pUpdRows  - This is an array of the updated column values for the tables being updated.  It should be formatted as:
 *                    {"user": [{"_action":"create|update|delete","column1":"value2:"},{"_action":"update","col2":"val2"}]}
 *
 * @return mixed
 *                    returns FALSE if no snapshot OR ERROR
 *
 */
function GetDataSnapshot($pDbh, $pHbEnv, $pMc, $pTableCode, $pUpdRows) {
  $retSnapShot = array();

  try {
    // ** Snapshots take place before data update

    // * be sure the pUpdTable is an array
    if ($pTableCode == '') {
      // * ERROR - Update Table is NOT an array
      throw new exception('Update Table Not Defined', 900);
    }

    // * Get the table schema
      // * tablecode located is the base key of the pUpdTable array

    $tableCodeList = $pTableCode;
    // * Should now have indexed list of tables.
    if (count($tableCodeList) == '') {
      // ** NO TABLES DEFINED
      throw new exception('Update Table Empty', 901);
    }

    /**
     * Potential for multiple table update.
     * I will loop through the options and get the different record snapshots.
     * Each snapshot should be an individual record
     */

    /**
     * First Get the table schema
     */
    $tblSchemaList = GetTableDefinition ($pHbEnv, $tableCodeList);

    if (!HCU_array_key_exists($tableCodeList, $tblSchemaList)) {
      throw new exception('Update Table Empty', 902);
    }
    $tblSchema = $tblSchemaList[$tableCodeList];
    if (HCU_array_key_value('_takesnapshot', $tblSchema)) {
      // Table schema determines if we take snapshot --
      /**
      * Each table update will be an array.  with one or more records.
      * On error simply continue.
      */
      $recordsToSave = $pUpdRows;
      if (is_array($recordsToSave)) {
        // * The record is an array.
        // * Loop through the records to get their snapshot
        for ($recordIdx = 0; $recordIdx < count($recordsToSave); $recordIdx++) {

          $singleRecord = $recordsToSave[$recordIdx];
          if (HCU_array_key_value('_action', $singleRecord) == 'create') {
            // * For the CREATE snapshot, simply set this to an empty row
            $retSnapShot[$tableCodeList][] = array();
          } else {
            // * Get the Snapshot (SELECT QUERY)
            $sql = GetTableSelectSql($tblSchema, $singleRecord);
            /*
             * Data Snapshot will ONLY get one record at a time.  This should preserve the desired order for the records.
             * By default the GetAllRowsFromSql returns a [0] based array, if directly applied to the returned array a snapshot
             * of multiple records would only show one record. Not all
             */
            $getSingleDataRow = GetAllRowsFromSql($pDbh, $sql);
            $retSnapShot[$tableCodeList][] = (is_array($getSingleDataRow) ? $getSingleDataRow[0] : Array());
            /**
             * at this point it could be added to only return the snapshot values of fields being updated.
             * for now it will return all columns
             */
          }
        }
      }
    } else {
      $retSnapShot = false;
    }

  } catch (exception $e) {
    // * For now when an error occurs I want to return an empty array
    $retSnapShot = false;
  }
  return $retSnapShot;
}

/**  UpdateMemberFailedLogin
  *
  *  Purpose: Update the member information to set a failed login attempt on their record
  *
  *  @param integer $pDbh         - This is the current database handle
  *  @param string $pCu           - This is the credit union code for the CU being accessed
  *  @param string $pLogin        - This is the login id of the user trying to access home banking
  *  @param integer $pFailedType  - This is the integer value identifying what part of the login failed
  *
  *  @return int         - Returns the resulting recordset handle
  */
function UpdateMemberFailedLogin($pDbh, $pCu, $pLogin, $pFailedType) {

  $sql = "SELECT hcumbrloginfailed('" . prep_save($pCu, 10). "', '" . prep_save($pLogin, 50) . "', " . intval($pFailedType) . ")";

  $selRs = db_query($sql, $pDbh);

  return $selRs;
}


/**  UpdateMemberTrackLogin
  *
  *  Purpose: Update the member information to track a successful login
  *
  *  Parameters
  *  @param integer  pDbh             - This is the current database handle
  *  @param string   pCu              - This is the credit union code for the CU being accessed
  *  @param string   pLogin           - This is the login id of the user trying to access home banking
  *  @param string   pFchange         - Is the member required to change their password {'Y', 'N'}
  *  @param string   pLastPwdChg      - The timestamp when the password was last changed.   Used to force member to change password on their next login.  {12/15/2010 12:00}
  *  @param string   pLoginType       - The source of the current login, this is meta data used for tracking logins.  current values includes {'MBL', 'DSK', 'CLS', 'APP', 'ADA'}
  *  @param array    pMfaQuest        - The mfaquest array for the current user -- this function will prepare the array to be saved
  *
  * return int         - Returns the resulting recordset handle
  */
function UpdateMemberLoginTrack($pDbh, $pCu, $pLogin, $pFchange, $pLastPwdChg, $pLoginType, $pMfaQuest) {
  /*
   *  SANITIZE
   */
  $pFchange = ($pFchange == 'Y' ? 'Y' : 'N');

  $sql = "SELECT hcumbrlogintrack('" . prep_save($pCu, 10). "', '" . prep_save($pLogin, 50) . "', '$pFchange', '" . prep_save($pLastPwdChg) . "', '" . prep_save($pLoginType) . "', '" . prep_save(PrepareMfaQuestString($pMfaQuest)) . "');";


  $selRs = db_query($sql, $pDbh);

  return $selRs;
}


/**
  * PrepareExpressionList
  *
  * This function will take the accepted column list array and combine with values array
  *     to create the sql syntax of column1 = 'value1', etc.  This could be used for update
  *     columns as well as where clause statements
  *
  * @param array $pColumnListAry  - This is the list of columns.
  *                                 The key is the column name, the value will define the data type
  *                                   I - Integer
  *                                   C?? - Character, followed by length, if there is one
  *                                   N - Numeric Standard 12,2
  * @param array $pValueListAry   - This is the array of values.
  *                                   key is the column name
  *                                   value is the field value
  * @param boolean (optional) $pAllValuesSet -- (default: false)  If true the function will return ALL items in pColumnListAry (with or without value in pValueListAry)
  *                                                               If false, the function will only return values that exist in pValueListAry
  *
  */

function PrepareExpressionList ($pColumnListAry, $pValueListAry, $pAllValuesSet=false) {

  $retValueString = '';
  try {
    /*
     * VALIDATION
     * both parameters must be arrays
     */
    if (is_array($pColumnListAry) && is_array($pValueListAry)) {
      // ** First get the JOINED list of the fields that will be updated
      if ($pAllValuesSet) {
        // ** INCLUDE ALL FIELDS
        $updateFieldsAry = $pColumnListAry;
      } else {
        // * ONLY INCLUDE FIELDS THAT HAVE VALUES
        $updateFieldsAry = array_intersect_key($pColumnListAry, $pValueListAry);
      }

      // ** Goal is to maybe create one place to update the cuusers table, however,
        // ** Not all fields need to be saved at the same time.
      foreach ($updateFieldsAry as $fieldname => $fieldtype) {
        //  We will looped through the joined fields to ensure we are looking at the
        // allowed list
        switch (substr($fieldtype, 0, 1)) {
          case "C":
          case "S":
            $maxlen = (intval(substr($fieldtype, 1)) > 0 ? intval(substr($fieldtype, 1)) : 0);
            $retValueString .= ($retValueString != '' ? "," : "") . "{$fieldname} " . (substr($fieldtype, 0, 1) == 'S' ? 'ilike' : '=') ." '" . prep_save($pValueListAry[$fieldname], $maxlen) . "'";
            break;
          case "I":
            $retValueString .= ($retValueString != '' ? "," : "") . "{$fieldname} = '" . intval($pValueListAry[$fieldname]) . "'";
            break;
          case "N":
            $retValueString .= ($retValueString != '' ? "," : "") . "{$fieldname} = '" . floatval($pValueListAry[$fieldname]) . "'";
            break;
          default:
            // ** DO NOTHING WITH THE FIELD

        }
      }
    } else {
      throw new Exception('Validation Error', '999');
    }

  } catch (Exception $e) {
    $retValueString = '';
  }

  return $retValueString;
}

/**
 *
 * Get the array structure for a specific system table.
 *
 * @param array[] $pHbEnv - HB_ENV Session environment
 *                          required values
 *                            cu - CU Code for current session
 * @param string $pTableCode - This is the specific table code to find
 * @param array[] $pTableVariables - (optional) This is the list of columns to return
 *
 * @return mixed[]      When an array is returned it will return the following structure
 *    empty array if table was NOT found
 *    OR
 *    array['tablecode'] - array that defines the table schema
 *      ['_primary-columns']    - An array of column keys that are the primary key and used for looking up values
 *      ['_tablename']          - The table name as defined in the database. Sometimes this is prefixed with cucode
 *      ['_required-columns']   - Columns that must be set for data interaction. This can help ensure we don't override
 *                        a record not assigned to session member 2/17 -- DON'T LIKE THIS OPTION REMOVE IF CONTINUE TO UNUSE
 *      ['_takesnapshot']       - When an update occurs is a snapshot required?? {true, false}
 *      array['_cols']          - Array defining the column attributes
 *        ['type']              - column data type, one of:
 *            serial
 *            integer
 *            smallint
 *            bigint
 *            numeric
 *            boolean
 *            char
 *            varchar
 *            date
 *            timestamptz
 *            timestamp
 *        ['maxlength']
 *        ['required']          - assume false
 *        ['display']           - Array  (title key...), display properties for the column
 *        ['precision']         - for numeric type. sets size of the numeric column
 *
 */
function GetTableDefinition ($pHbEnv, $pTableCode, $pTableVariables = array()) {

  /**
   * Table Definition Array
   */
  $retTDAry = Array();


  switch ($pTableCode){
    case "group":
    case $pHbEnv['cu'] . "group":
      $retTDAry = array(
        "_primary-columns" => array("group_id"),
        "_tablename" => $pHbEnv['cu'] . "group",
        "_required-columns" => array("group_id", "group_name", "profile_id", "contact"),
        "_takesnapshot" => true,
        "_cols" => array(
          "group_id" => array("type" => DBTYPE_SERIAL),
          "group_name" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50),
          "profile_id" => array("type" => DBTYPE_INTEGER),
          "contact" => array("type" => DBTYPE_INTEGER)
        )
      );
      break;
    case "grouprights":
    case $pHbEnv['cu'] . "grouprights":
      $retTDAry = array(
        "_primary-columns" => array("group_id", "feature_code"),
        "_tablename" => $pHbEnv['cu'] . "grouprights",
        "_required-columns" => array("group_id", "feature_code"),
        "_takesnapshot" => true,
        "_cols" => array(
          "group_id" => array("type" => DBTYPE_INTEGER),
          "feature_code" => array("type" => DBTYPE_VARCHAR, "maxlength" => 10),
          "amount_per_transaction" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
          "amount_per_day" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
          "amount_per_month" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
          "amount_per_account_per_day" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
          "count_per_day" => array("type" => DBTYPE_INTEGER),
          "count_per_month" => array("type" => DBTYPE_INTEGER),
          "count_per_account_per_day" => array("type" => DBTYPE_INTEGER),
          "confirm_required" => array("type" => DBTYPE_BOOLEAN)
        )
      );
      break;
    case 'user':
    case $pHbEnv['cu'] . 'user':
    $retTDAry = array(
      "_primary-columns" => array("user_id"),
      "_tablename" => $pHbEnv['cu'] . 'user',
      "_required-columns" => array("user_id"),
      "_takesnapshot" => true,
      "_cols" => array(
        "user_id" => array("type" => DBTYPE_SERIAL, "label" => "Login Id"),
        "group_id" => array("type" => DBTYPE_INTEGER),
        "user_name" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50, "label" => "User Name"),
        "passwd" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255, "label" => "Password"),
        "email" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255, "label" => "Email"),
        "primary_account" => array("type" => DBTYPE_CHAR, "maxlength" => 12, "label" => "Primary Accnt #"),
        "egenl_flag" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
        "failedremain" => array("type" => DBTYPE_SMALLINT, "label" => "Failed Tries Left"),
        "forcechange" => array("type" => DBTYPE_CHAR, "maxlength" => 1, "label" => "Force Change?"),
        "forceremain" => array("type" => DBTYPE_SMALLINT, "label" => "Force Tries Left"),
        "lastlogin" => array("type" => DBTYPE_CHAR, "maxlength" => 20, "label" => "Last Login"),
        "priorlogin" => array("type" => DBTYPE_CHAR, "maxlength" => 20, "label" => "Prior Login"),
        "failedlogin" => array("type" => DBTYPE_CHAR, "maxlength" => 20, "label" => "Failed Login"),
        "pwchange" => array("type" => DBTYPE_TIMESTAMPTZ, "label" => "Password Change Date"),
        "msg_tx" => array("type" => DBTYPE_SMALLINT, "label" => "Message Code"),
        "employee" => array("type" => DBTYPE_CHAR, "maxlength" => 1, "label" => "Employee?"),
        "userflags" => array("type" => DBTYPE_INTEGER, "label" => "User Options"),
        "confidence" => array("type" => DBTYPE_CHAR, "maxlength" => 20, "label" => "Confidence"),
        "challenge_quest_id" => array("type" => DBTYPE_INTEGER),
        "pkattempt" => array("type" => DBTYPE_BIGINT, "label" => "Package Attempt"),
        "other_rights" => array("type" => DBTYPE_CHAR, "maxlength" => 10, "label" => "Other Rights"),
        "is_group_primary" => array("type" => DBTYPE_BOOLEAN, "label" => "Primary?"),
        "name" => array("type" => DBTYPE_VARCHAR, "maxlength" => 100, "label" => "Name"),
        "contact" => array("type" => DBTYPE_INTEGER),
        "schedule_code" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
        "ip" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255),
        "mfaquest" => array("type" => DBTYPE_VARCHAR)
      )
    );
    break;
    case 'userrights':
    case $pHbEnv['cu'] . 'userrights':
      $retTDAry= array( "_label" => "User Rights",
        "_primary-columns" => array("user_id", "feature_code"),
        "_tablename" => $pHbEnv['cu'] . 'userrights',
        "_required-columns" => array("user_id", "feature_code"),
        "_takesnapshot" => true,
        "_cols" => array(
          "user_id" => array("type" => "integer", "label" => "Login Id"),
          "feature_code" => array("type" => "char", "maxlength" => 10, "label" => "Feature"),
          "amount_per_transaction" => array("type" => "numeric", "precision" => "11,2", "label" => "Amount Per Transaction", "nullable" => true),
          "amount_per_day" => array("type" => "numeric", "precision" => "11,2", "label" => "Amount Per Day", "nullable" => true),
          "amount_per_month" => array("type" => "numeric", "precision" => "11,2", "label" => "Amount Per Month", "nullable" => true),
          "amount_per_account_per_day" => array("type" => "numeric", "percision" => "11,2", "label" => "Amount Per Account Per Day", "nullable" => true),
          "deny_access" => array("type" => "boolean", "label" => "Access?", "nullable" => true),
          "deny_create" => array("type" => "boolean", "label" => "Create?", "nullable" => true),
          "deny_confirm" => array("type" => "boolean", "label" => "Approve?", "nullable" => true),
          "deny_decline" => array("type" => "boolean", "label" => "Reject?", "nullable" => true),
          "deny_report" => array("type" => "boolean", "maxlength" => 1, "label" => "Report Value", "nullable" => true),
          "confirm_required" => array("type" => "boolean", "label" => "Confirm Required", "nullable" => true),
          "count_per_day" => array("type" => "integer", "label" => "Count Per Day", "nullable" => true),
          "count_per_month" => array("type" => "integer", "label" => "Count Per Month", "nullable" => true),
          "count_per_account_per_day" => array("type" => "integer", "label" => "Count Per Account Per Day", "nullable" => true)
        )
      );
      break;
    case 'useraccount':
    case "useraccounts":
    case $pHbEnv['cu'] . 'useraccounts':
      $retTDAry = array(
        "_label" => "User Account",
        "_primary-columns" => array("user_id", "accountnumber", "accounttype", "certnumber", "recordtype"),
        "_tablename" => $pHbEnv['cu'] . 'useraccounts',
        "_required-columns" => Array("user_id", "accountnumber", "accounttype", "certnumber", "recordtype"),
        "_takesnapshot" => true,
        "_cols" => array(
          "user_id" => array("type" => DBTYPE_INTEGER, "label" => "User Id"),
          "accountnumber" => array("type" =>  DBTYPE_CHAR, "maxlength" => 12, "label" => "Accnt #"),
          "accounttype" => array("type" =>  DBTYPE_CHAR, "maxlength" => 25, "label" => "Accnt Type"),
          "certnumber" => array("type" => DBTYPE_INTEGER, "label" => "Cert Number"),
          "recordtype" => array("type" => DBTYPE_CHAR, "maxlength" => 1, "label" => "Record Type"),
          "display_name" => array("type" => DBTYPE_CHAR, "maxlength" => 255, "label" => "Name"),
          "view_balances" => array("type" => DBTYPE_BOOLEAN, "label" => "View Balances?"),
          "view_transactions" => array("type" => DBTYPE_BOOLEAN, "label" => "View Transactions?"),
          "int_deposit" => array("type" => DBTYPE_BOOLEAN, "label" => "Internal Deposit?"),
          "int_withdraw" => array("type" => DBTYPE_BOOLEAN, "label" => "Internal Withdraw?"),
          "ext_deposit" => array("type" => DBTYPE_BOOLEAN, "label" => "External Deposit?"),
          "ext_withdraw" => array("type" => DBTYPE_BOOLEAN, "label" => "External Withdraw?"),
          "display_order" => array("type" => DBTYPE_SMALLINT, "label" => "Display Order"),
          "display_qty" => array("type" => DBTYPE_SMALLINT, "label" => "Display Quantity"),
          "display_qty_type" => array("type" => DBTYPE_CHAR, "label" => "Display Quantity Type")
        )
      );
      break;
    case 'alert':
    case "cu_alerts":
      $retTDAry = array(
        "_primary-columns" => array("id"),
        "_label" => "Alert",
        "_tablename" => "cu_alerts",
        "_takesnapshot" => true,
        "_cols" => array(
          "id" => array("type" => DBTYPE_SERIAL),
          "alerttype" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
          "cu" => array("type" => DBTYPE_CHAR, "maxlength" => 10),
          "user_id" => array("type" => DBTYPE_INTEGER),
          "accountnumber" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
          "accounttype" => array("type" => DBTYPE_CHAR, "maxlength" => 25),
          "certnumber" => array("type" => DBTYPE_INTEGER),
          "emailtype" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
          "notifyto" => array("type" => DBTYPE_CHAR, "maxlength" => 50),
          "provider_id" => array("type" => DBTYPE_CHAR, "maxlength" => 35),
          "notifymsg" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255),
          "incbal" => array("type" => DBTYPE_SMALLINT),
          "incamt" => array("type" => DBTYPE_SMALLINT),
          "inctransdesc" => array("type" => DBTYPE_SMALLINT),
          "lastalert" => array("type" => DBTYPE_TIMESTAMPTZ),
          "notifyamt" => array("type" => DBTYPE_NUMERIC, "precision" => "12"),
          "useavailbal" => array("type" => DBTYPE_SMALLINT),
          "notifyrange" => array("type" => DBTYPE_SMALLINT),
          "notifyamtmin" => array("type" => DBTYPE_NUMERIC, "precision" => "12"),
          "notifyamtmax" => array("type" => DBTYPE_NUMERIC, "precision" => "12"),
          "notifydesc" => array("type" => DBTYPE_VARCHAR, "maxlength" => 90),
          "notifytranstype" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
          "notifychknum" => array("type" => DBTYPE_CHAR, "maxlength" => 8),
          "notifyloandaysprior" => array("type" => DBTYPE_SMALLINT),
          "alertstatus" => array("type" => DBTYPE_SMALLINT, "label" => "Enabled?"),
          "lasttrace" => array("type" => DBTYPE_CHAR, "maxlength" => 16)
        )
      );
      break;
      case 'cu_scheduledtxn':
        $retTDAry = array(
          "_primary-columns" => array("id"),
          "_label" => "Scheduled",
          "_tablename" => "cu_scheduledtxn",
          "_takesnapshot" => true,
          "_cols" => array(
            "id" => array("type" => DBTYPE_INTEGER, "nullable" => false),
            "cu" => array("type" => DBTYPE_VARCHAR, "maxlength" => 10, "nullable" => false),
            "name" => array("type" => DBTYPE_VARCHAR, "maxlength" => 100),
            "feature_code" => array("type" => DBTYPE_VARCHAR, "maxlength" => 10, "nullable" => false),
            "user_id" => array("type" => DBTYPE_INTEGER, "nullable" => false),
            "create_date" => array("type" => DBTYPE_TIMESTAMP),
            "approved_by" => array("type" => DBTYPE_INTEGER),
            "approved_date" => array("type" => DBTYPE_TIMESTAMP),
            "last_edit_by" => array("type" => DBTYPE_INTEGER),
            "last_edit_date" => array("type" => DBTYPE_DATE),
            "start_date" => array("type" => DBTYPE_DATE),
            "end_date" => array("type" => DBTYPE_DATE),
            "next_trigger_date" => array("type" => DBTYPE_DATE),
            "interval_count" => array("type" => DBTYPE_SMALLINT),
            "failure_count" => array("type" => DBTYPE_SMALLINT),
            "status" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
            "repeating_parameters" => array("type" => DBTYPE_VARCHAR),
            "txn_data" => array("type" => DBTYPE_VARCHAR),
            "approved_status" => array("type" => DBTYPE_SMALLINT)
          )
        );
      break;
      case 'scheduled':
      break;
    case 'audituser':
    case $pHbEnv['cu'] . 'audituser':
      $retTDAry = array(
        "_primary-columns" => array("user_id", "auditdate", "auditaction", "accountnumber"),
        "_tablename" => $pHbEnv['cu'] . 'audituser',
        "_required-columns" => Array("user_id", "auditdate", "auditaction", "accountnumber"),
        "_takesnapshot" => false,
        "_cols" => array(
          "user_id" => array("type" => DBTYPE_INTEGER),
          "auditdate" => array("type" => DBTYPE_TIMESTAMPTZ),
          "auditaction" => array("type" => DBTYPE_VARCHAR, "maxlength" => 10),
          "auditsrctype" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
          "auditsrcuser_name" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50),
          "auditsrcemail" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255),
          "auditrecbefore" => array("type" => DBTYPE_VARCHAR),
          "auditrecafter" => array("type" => DBTYPE_VARCHAR),
          "auditsrcip" => array("type" => DBTYPE_VARCHAR, "maxlength" => 15),
          "auditsrcapp_context" => array("type" => DBTYPE_VARCHAR, "maxlength" => 10),
          "auditsrccode_context" => array("type" => DBTYPE_VARCHAR, "maxlength" => 20),
          "auditfulldesc" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255),
          "accountnumber" => array("type" => DBTYPE_VARCHAR, "maxlength" => 12)
        )
      );
      break;
    case "memberacct":
    case $pHbEnv['cu'] . "memberacct":
      $retTDAry = array(
        "_primary-columns" => array("accountnumber"),
        "_tablename" => $pHbEnv['cu'] . "memberacct",
        "_required-columns" => array("primary_user", "accountnumber", "estmnt_flag"),
        "_takesnapshot" => true,
        "_cols" => array(
          "primary_user" => array("type" => DBTYPE_INTEGER),
          "accountnumber" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
          "estmnt_flag" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
          "billpayid" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
          "rdcsetting" => array("type" => DBTYPE_INTEGER, "nullable" => true),
          "restrictions" => array("type" => DBTYPE_CHAR, "maxlength" => 1, "nullable" => true),
          "balance_stamp" => array("type" => DBTYPE_BIGINT, "nullable" => true),
          "balance_attempt" => array("type" => DBTYPE_BIGINT, "nullable" => true),
          "allowenroll" => array("type" => DBTYPE_BOOLEAN, "nullable" => true)
        )
      );
    break;
    case "cuovermicr":
      $retTDAry= array(
        "_primary-columns" => array("micrid"),
        "_tablename" => "cuovermicr",
        "_required-columns" => array("micrid", "cu", "accountnumber", "accounttype", "startcheck"),
        "_takesnapshot" => true,
        "_cols" => array(
          "micrid" => array("type" => DBTYPE_SERIAL),
          "cu" => array("type" => DBTYPE_CHAR, "maxlength" => 10),
          "accountnumber" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
          "accounttype" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
          "startcheck" => array("type" => DBTYPE_INTEGER),
          "rt" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
          "micraccount" => array("type" => DBTYPE_CHAR, "maxlength" => 17)
        )
      );
      break;
    case 'auditadmin':
      $retTDAry = array(
        "_primary-columns" => array("cu", "user_name", "auditdate", "auditaction"),
        "_tablename" => 'cuauditadmin',
        "_required-columns" => array("cu", "user_name", "auditdate", "auditaction"),
        "_takesnapshot" => false,
        "_cols" => array(
          "cu" => array("type" => DBTYPE_CHAR, "maxlength" => 10, "defaultValue" => $pHbEnv['cu']),
          "user_name" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50),
          "auditdate" => array("type" => DBTYPE_TIMESTAMPTZ),
          "auditaction" => array("type" => DBTYPE_VARCHAR, "maxlength" => 10),
          "auditsrctype" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
          "auditsrcuser_name" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50),
          "auditsrcemail" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255),
          "auditrecbefore" => array("type" => DBTYPE_VARCHAR),
          "auditrecafter" => array("type" => DBTYPE_VARCHAR),
          "auditsrcip" => array("type" => DBTYPE_VARCHAR, "maxlength" => 15),
          "auditsrccode_context" => array("type" => DBTYPE_VARCHAR, "maxlength" => 20),
          "auditfulldesc" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255)
        )
      );
      break;
      case "cuadminusers":
        $retTDAry = array(
          "_primary-columns" => array("cu", "user_name"),
          "_tablename" => "cuadminusers",
          "_required-columns" => array("cu", "user_name", "passwd", "realname", "failedremain", "forcechange", "forceremain"),
          "_takesnapshot" => true,
          "_cols" => array(
            "cu" => array("type" => DBTYPE_CHAR, "maxlength" => 10),
            "user_name" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50),
            "passwd" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255),
            "realname" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50),
            "failedremain" => array("type" => DBTYPE_INTEGER),
            "forcechange" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
            "forceremain" => array("type" => DBTYPE_INTEGER),
            "lastlogin" => array("type" => DBTYPE_VARCHAR, "maxlength" => 20),
            "priorlogin" => array("type" => DBTYPE_VARCHAR, "maxlength" => 20),
            "failedlogin" => array("type" => DBTYPE_VARCHAR, "maxlength" => 20),
            "pwchange" => array("type" => DBTYPE_TIMESTAMP),
            "email" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50),
            "userflags" => array("type" => DBTYPE_INTEGER),
            "confidence" => array("type" => DBTYPE_CHAR, "maxlength" => 20),
            "remoteip" => array("type" => DBTYPE_VARCHAR, "maxlength" => 15),
            "usersms" => array("type" => DBTYPE_VARCHAR, "maxlength" => 40),
            "userconfirm" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50),
            "mfaquest" => array("type" => DBTYPE_VARCHAR)
          )
        );
      break;
      case "cuadminallow":
        $retTDAry = array(
          "_primary-columns" => array("cu", "user_name", "program"),
          "_tablename" => "cuadminallow",
          "_required-columns" => array("cu", "user_name", "program"),
          "_takesnapshot" => true,
          "_cols" => array(
            "cu" => array("type" => DBTYPE_CHAR, "maxlength" => 10),
            "user_name" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50),
            "program" => array("type" => DBTYPE_VARCHAR, "maxlength" => 20)
          )
        );
        break;
      case $pHbEnv['cu'] . "memberacctrights":
      case "memberacctrights":
        $retTDAry = array(
          "_primary-columns" => array("user_id", "accountnumber", "whichright"),
          "_tablename" => $pHbEnv['cu'] . "memberacctrights",
          "_required-columns" => array("user_id", "accountnumber", "whichright", "allowed"),
          "_takesnapshot" => true,
          "_cols" => array(
            "user_id" => array("type" => DBTYPE_INTEGER),
            "accountnumber" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
            "whichright" => array("type" => DBTYPE_VARCHAR, "maxlength" => 6),
            "allowed" => array("type" => DBTYPE_BOOLEAN),
            "platform" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255)
          )
        );
        break;
      case $pHbEnv['cu'] . "accountbalance":
      case "accountbalance":
        $retTDAry = array(
          "_primary-columns" => array("accountnumber", "accounttype", "certnumber"),
          "_tablename" => $pHbEnv['cu'] . "accountbalance",
          "_required-columns" => array("accountnumber", "accounttype", "certnumber"),
          "_takesnapshot" => false,
          "_cols" => array(
            "accountnumber" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
            "accounttype" => array("type" => DBTYPE_CHAR, "maxlength" => 25),
            "certnumber" => array("type" => DBTYPE_INTEGER),
            "deposittype" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
            "description" => array("type" => DBTYPE_CHAR, "maxlength" => 255),
            "amount" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
            "ytdinterest" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
            "available" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
            "micraccount" => array("type" => DBTYPE_CHAR, "maxlength" => "17"),
            "may_deposit" => array("type" => DBTYPE_BOOLEAN),
            "may_withdraw" => array("type" => DBTYPE_BOOLEAN),
            "interestrate" => array("type" => DBTYPE_NUMERIC, "precision" => "11,4"),
            "maturitydate" => array("type" => DBTYPE_TIMESTAMP),
            "misc1" => array("type" => DBTYPE_CHAR, "maxlength" => 255),
            "balance_stamp" => array("type" => DBTYPE_BIGINT),
            "history_stamp" => array("type" => DBTYPE_BIGINT),
            "balance_attempt" => array("type" => DBTYPE_BIGINT),
            "history_attempt" => array("type" => DBTYPE_BIGINT),
            "regdcount" => array("type" => DBTYPE_SMALLINT),
            "lastyrinterest" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2")

          )
        );
        break;
      case $pHbEnv['cu'] . "accounthistory":
      case "accounthistory":
      $retTDAry = array(
        "_primary-columns" => array("accountnumber", "accounttype", "certnumber", "tracenumber"),
        "_tablename" => $pHbEnv['cu'] . "accounthistory",
        "_required-columns" => array("accountnumber", "accounttype", "certnumber", "tracenumber", "date", "amount", "balance"),
        "_takesnapshot" => true,
        "_cols" => array(
          "accountnumber" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
          "accounttype" => array("type" => DBTYPE_CHAR, "maxlength" => 25),
          "certnumber" => array("type" => DBTYPE_INTEGER),
          "tracenumber" => array("type" => DBTYPE_CHAR, "maxlength" => 20),
          "checknumber" => array("type" => DBTYPE_CHAR, "maxlength" => 9),
          "date" => array("type" => DBTYPE_TIMESTAMP),
          "amount" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
          "description" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255),
          "balance" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
          "loaddate" => array("type" => DBTYPE_TIMESTAMP),
          "sortkey" => array("type" => DBTYPE_CHAR, "maxlength" => 16)
        )
      );
      break;
      case $pHbEnv['cu'] . "loanbalance":
      case "loanbalance":
        $retTDAry = array(
          "_primary-columns" => array("accountnumber", "loannumber"),
          "_tablename" => $pHbEnv['cu'] . "loanbalance",
          "_required-columns" => array("accountnumber", "loannumber"),
          "_takesnapshot" => false,
          "_cols" => array(
            "accountnumber" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
            "loannumber" => array("type" => DBTYPE_CHAR, "maxlength" => 25),
            "currentbalance" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
            "payoff" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
            "paymentamount" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
            "nextduedate" => array("type" => DBTYPE_TIMESTAMP),
            "description" => array("type" => DBTYPE_CHAR, "maxlength" => 255),
            "interestrate" => array("type" => DBTYPE_NUMERIC, "precision" => "11,4"),
            "creditlimit" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
            "ytdinterest" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
            "misc1" => array("type" => DBTYPE_CHAR, "maxlength" => 255),
            "cbtype" => array("type" => DBTYPE_CHAR, "maxlength" => "17"),
            "lastpaymentdate" => array("type" => DBTYPE_TIMESTAMP),
            "balance_stamp" => array("type" => DBTYPE_BIGINT),
            "history_stamp" => array("type" => DBTYPE_BIGINT),
            "balance_attempt" => array("type" => DBTYPE_BIGINT),
            "history_attempt" => array("type" => DBTYPE_BIGINT),
            "may_payment" => array("type" => DBTYPE_BOOLEAN),
            "may_addon" => array("type" => DBTYPE_BOOLEAN),
            "currentdue" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
            "lastyrinterest" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
            "unpaidinterest" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
            "frequencyperyear" => array("type" => DBTYPE_SMALLINT),
            "originalamount" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
            "originaldate" => array("type" => DBTYPE_TIMESTAMP),
            "term" => array("type" => DBTYPE_INTEGER),
            "creditdisability" => array("type" => DBTYPE_CHAR, "maxlength" => "1"),
            "creditlife" => array("type" => DBTYPE_CHAR, "maxlength" => "1")
          )
        );
        break;
      case $pHbEnv['cu'] . "loanhistory":
      case "loanhistory":
      $retTDAry = array(
        "_primary-columns" => array("accountnumber", "loannumber", "tracenumber"),
        "_tablename" => $pHbEnv['cu'] . "loanhistory",
        "_required-columns" => array("accountnumber", "loannumber", "tracenumber", "date", "principleamount", "interestamount"),
        "_takesnapshot" => true,
        "_cols" => array(
          "accountnumber" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
          "loannumber" => array("type" => DBTYPE_CHAR, "maxlength" => 25),
          "tracenumber" => array("type" => DBTYPE_CHAR, "maxlength" => 20),
          "date" => array("type" => DBTYPE_TIMESTAMP),
          "principleamount" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
          "interestamount" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
          "description" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255),
          "balance" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
          "sortkey" => array("type" => DBTYPE_CHAR, "maxlength" => 16),
          "fee" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
          "escrow" => array("type" => DBTYPE_NUMERIC, "precision" => "11,2")
        )
      );
      break;
      case $pHbEnv['cu'] . "holds":
      case "holds":
        $retTDAry = array(
          "_primary-columns" => array("accountnumber", "accounttype", "certnumber", "tracenumber"),
          "_tablename" => $pHbEnv['cu'] . "loanhistory",
          "_required-columns" => array("accountnumber", "accounttype", "certnumber", "holdtype", "tracenumber", "postdate", "amount", "description"),
          "_takesnapshot" => true,
          "_cols" => array(
            "accountnumber" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
            "accounttype"   => array("type" => DBTYPE_CHAR, "maxlength" => 25),
            "certnumber"    => array("type" => DBTYPE_INTEGER,),
            "holdtype"      => array("type" => DBTYPE_CHAR, "maxlength" => 1),
            "tracenumber"   => array("type" => DBTYPE_CHAR, "maxlength" => 20),
            "postdate"      => array("type" => DBTYPE_TIMESTAMPTZ),
            "expiredate"    => array("type" => DBTYPE_TIMESTAMPTZ),
            "amount"        => array("type" => DBTYPE_NUMERIC, "precision" => "11,2"),
            "description"   => array("type" => DBTYPE_VARCHAR, "maxlength" => 255)
          )
        );
        break;

      case $pHbEnv['cu'] . "crossaccounts":
      case "crossaccounts":
      $retTDAry = array(
        "_primary-columns" => array("accountnumber", "tomember", "accounttype", "deposittype"),
        "_tablename" => $pHbEnv['cu'] . "crossaccounts",
        "_required-columns" => array("accountnumber", "tomember", "accounttype", "deposittype"),
        "_takesnapshot" => true,
        "_cols" => array(
          "accountnumber" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
          "tomember" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
          "accounttype" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
          "deposittype" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
          "description" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255),
          "misc1" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255)
        )
      );
      break;
      case "cuadmin":
        $retTDAry = array(
          "_primary-columns" => array("cu"),
          "_tablename" => "cuadmin",
          "_required-columns" => array("cu"),
          "_takesnapshot" => true,
          "_cols" => array(
            "cu" => array("type" => DBTYPE_CHAR, "maxlength" => 10),
            "user_name" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
            "passwd" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255),
            "vendor" => array("type" => DBTYPE_CHAR, "maxlength" => 15),
            "nextbatch" => array("type" => DBTYPE_INTEGER),
            "fid" => array("type" => DBTYPE_CHAR, "maxlength" => 6),
            "t" => array("type" => DBTYPE_CHAR, "maxlength" => 3),
            "db" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
            "mtx" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
            "mxcu" => array("type" => DBTYPE_CHAR, "maxlength" => 36),
            "img" => array("type" => DBTYPE_CHAR, "maxlength" => 10),
            "rt" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
            "orgname" => array("type" => DBTYPE_CHAR, "maxlength" => 36),
            "livebatch" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
            "cc" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
            "pname" => array("type" => DBTYPE_CHAR, "maxlength" => 20),
            "liveport" => array("type" => DBTYPE_INTEGER),
            "livewait" => array("type" => DBTYPE_INTEGER),
            "lastupdate" => array("type" => DBTYPE_CHAR, "maxlength" => 30),
            "from_name" => array("type" => DBTYPE_CHAR, "maxlength" => 35),
            "from_email" => array("type" => DBTYPE_CHAR, "maxlength" => 50),
            "stmt_msg" => array("type" => "text"),
            "email_footer" => array("type" => "text"),
            "liveserver" => array("type" => DBTYPE_VARCHAR, "maxlength" => 100),
            "retrylimit" => array("type" => DBTYPE_INTEGER),
            "upllaststart" => array("type" => DBTYPE_TIMESTAMPTZ),
            "upllaststat" => array("type" => DBTYPE_INTEGER),
            "tranformat" => array("type" => DBTYPE_SMALLINT),
            "ahdropdays" => array("type" => DBTYPE_CHAR, "maxlength" => 4),
            "lhdropdays" => array("type" => DBTYPE_CHAR, "maxlength" => 4),
            "upllastend" => array("type" => DBTYPE_TIMESTAMPTZ),
            "trandropdays" => array("type" => DBTYPE_CHAR, "maxlength" => 4),
            "trandropbatches" => array("type" => DBTYPE_CHAR, "maxlength" => 4),
            "tz" => array("type" => DBTYPE_CHAR, "maxlength" => 25),
            "histtrunc" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
            "showavailable" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
            "gracelimit" => array("type" => DBTYPE_INTEGER),
            "pwdays" => array("type" => DBTYPE_INTEGER),
            "flagset" => array("type" => DBTYPE_BIGINT),
            "histdays" => array("type" => DBTYPE_INTEGER),
            "surveyintro" => array("type" => DBTYPE_VARCHAR),
            "tranfldsep" => array("type" => DBTYPE_INTEGER),
            "traneol" => array("type" => DBTYPE_INTEGER),
            "bp_cuid" => array("type" => DBTYPE_VARCHAR, "maxlength" => 9),
            "bp_secret" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255),
            "flagset2" => array("type" => DBTYPE_BIGINT),
            "dep_exp_days" => array("type" => DBTYPE_SMALLINT),
            "ccinfourl" => array("type" => DBTYPE_VARCHAR),
            "min_chlng_qst" => array("type" => DBTYPE_SMALLINT),
            "cookie_ver" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
            "loginscript" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50),
            "offlinestat" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
            "offlineblurb" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255),
            "bp_vendor" => array("type" => DBTYPE_CHAR, "maxlength" => 10),
            "ssovendor" => array("type" => DBTYPE_CHAR, "maxlength" => 10),
            "ckhexkey" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50),
            "ckorgid" => array("type" => DBTYPE_VARCHAR, "maxlength" => 20),
            "ckurl" => array("type" => DBTYPE_VARCHAR),
            "trmemomaxlen" => array("type" => DBTYPE_SMALLINT),
            "flagset3" => array("type" => DBTYPE_BIGINT),
            "livesetup" => array("type" => DBTYPE_BIGINT),
            "pwdconfig" => array("type" => DBTYPE_VARCHAR),
            "ip_acl" => array("type" => DBTYPE_VARCHAR, "maxlength" => 500),
            "maskconfig" => array("type" => DBTYPE_VARCHAR)
          )
        );
        break;
      case "cuadmemailtmpl":
        $retTDAry = array(
          "_primary-columns" => array("tmpl_id"),
          "_tablename" => "cuadmemailtmpl",
          "_required-columns" => array("tmpl_id"),
          "_takesnapshot" => true,
          "_cols" => array(
            "tmpl_id" => array("type" => DBTYPE_SERIAL),
            "tmpl_name" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50),
            "tmpl_email" => array("type" => DBTYPE_VARCHAR, "maxlength" => 100),
            "tmpl_email_name" => array("type" => DBTYPE_VARCHAR, "maxlength" => 100),
            "tmpl_subject" => array("type" => DBTYPE_VARCHAR, "maxlength" => 255),
            "tmpl_message" => array("type" => DBTYPE_VARCHAR),
            "tmpl_opt_mailto" => array("type" => DBTYPE_SMALLINT),
            "tmpl_opt_mbr" => array("type" => DBTYPE_SMALLINT),
            "tmpl_lastmodified" => array("type" => DBTYPE_TIMESTAMPTZ),
            "tmpl_lastused" => array("type" => DBTYPE_TIMESTAMPTZ),
            "cu" => array("type" => DBTYPE_CHAR, "maxlength" => 10)
          )
        );
        break;
      case "cuadmnotify":
        $retTDAry = array(
          "_primary-columns" => array("cu", "role"),
          "_tablename" => "cuadmnotify",
          "_required-columns" => array("cu", "role"),
          "_takesnapshot" => true,
          "_cols" => array(
            "cu" => array("type" => DBTYPE_CHAR, "maxlength" => 10),
            "role" => array("type" => DBTYPE_CHAR, "maxlength" => 15),
            "email" => array("type" => DBTYPE_VARCHAR)
          )
        );
        break;
      case "cucontact":
        $retTDAry = array(
          "_primary-columns" => array("contactid"),
          "_tablename" => "cucontact",
          "_required-columns" => array("user_name", "priority", "contactid"),
          "_takesnapshot" => true,
          "_cols" => array(
            "user_name" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
            "priority" => array("type" => DBTYPE_SMALLINT),
            "name" => array("type" => DBTYPE_CHAR, "maxlength" => 35),
            "phone" => array("type" => DBTYPE_CHAR, "maxlength" => 15),
            "comments" => array("type" => DBTYPE_CHAR, "maxlength" => 255),
            "contactid" => array("type" => DBTYPE_SERIAL)
          )
        );
        break;

    case $pHbEnv['cu'] ."usercontact":
    case "usercontact":
    $retTDAry = array(
      "_primary-columns" => array("contact_id"),
      "_tablename" => $pHbEnv['cu'] ."usercontact",
      "_required-columns" => array("contact_id"),
      "_takesnapshot" => true,
      "_cols" => array(
        "contact_id" => array("type" => DBTYPE_SERIAL),
        "address1" => array("type" => DBTYPE_VARCHAR, "maxlength" => 100),
        "address2" => array("type" => DBTYPE_VARCHAR, "maxlength" => 100),
        "city" => array("type" => DBTYPE_VARCHAR, "maxlength" => 30),
        "state" => array("type" => DBTYPE_VARCHAR, "maxlength" => 30),
        "zip" => array("type" => DBTYPE_VARCHAR, "maxlength" => 9),
        "phones" => array("type" => DBTYPE_VARCHAR)
      )
    );
    break;

    // Needed for audits migrated from Mammoth
    case "cuusers":
    $retTDAry = array(
      "_primary-columns" => array(""),
      "_tablename" => "cuusers",
      "_required-columns" => array("cu", "user_name", "passwd"),
      "_takesnapshot" => true,
      "_cols" => array(
        "cu" => array("type" => DBTYPE_CHAR, "maxlength" => 10),
        "user_name" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
        "passwd" => array("type" => DBTYPE_CHAR, "maxlength" => 34),
        "pktdate" => array("type" => DBTYPE_CHAR, "maxlength" => 30),
        "pktstamp" => array("type" => DBTYPE_BIGINT),
        "email" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50),
        "estmt_flag" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
        "egenl_flag" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
        "failedremain" => array("type" => DBTYPE_INTEGER),
        "forcechange" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
        "forceremain" => array("type" => DBTYPE_INTEGER),
        "lastlogin" => array("type" => DBTYPE_CHAR, "maxlength" => 20),
        "priorlogin" => array("type" => DBTYPE_CHAR, "maxlength" => 20),
        "failedlogin" => array("type" => DBTYPE_CHAR, "maxlength" => 20),
        "pwchange" => array("type" => DBTYPE_TIMESTAMPTZ),
        "msg_tx" => array("type" => DBTYPE_SMALLINT),
        "billpayid" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
        "employee" => array("type" => DBTYPE_CHAR, "maxlength" => 1),
        "depositlimit" => array("type" => DBTYPE_NUMERIC, "precision" => "12,2"),
        "userflags" => array("type" => DBTYPE_INTEGER),
        "confidence" => array("type" => DBTYPE_CHAR, "maxlength" => 20),
        "user_alias" => array("type" => DBTYPE_VARCHAR, "maxlength" => 50),
        "challenge_quest_id" => array("type" => DBTYPE_INTEGER),
        "pktattempt" => array("type" => DBTYPE_BIGINT),
        "txlist" => array("type" => DBTYPE_VARCHAR)
      )
    );
    break;

    case "cucorerequests":
    $retTDAry = array(
      "_primary-columns" => array("id"),
      "_tablename" => "cucorerequests",
      "_required-columns" => array("id"),
      "_takesnapshot" => true,
      "_cols" => array(
        "id" => array("type" => DBTYPE_INTEGER),
        "cu" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
        "appliance_ip" => array("type" => DBTYPE_VARCHAR, "maxlength" => 100),
        "accountnumber" => array("type" => DBTYPE_CHAR, "maxlength" => 12),
        "request_type" => array("type" => DBTYPE_VARCHAR, "maxlength" => 20),
        "request_url" => array("type" => DBTYPE_VARCHAR),
        "request_start" => array("type" => DBTYPE_TIMESTAMP),
        "request_end" => array("type" => DBTYPE_TIMESTAMP),
        # request_elapsed: actual type is integer, but we evaluate a string
        # expression during the update to get the value for this column
        "request_elapsed" => array("type" => DBTYPE_CUSTOM_EXPRESSION),
        "request_status" => array("type" => DBTYPE_VARCHAR),
        "remote_ip" => array("type" => DBTYPE_CHAR, "maxlength" => 15)
      )
    );
    break;

  }

  if (count($pTableVariables) > 0)
  {
    foreach($retTDAry["_cols"] as $col)
    {
      if(!isset($retTDAry["_primary-columns"][$col]) && !isset($pTableVariables[$col])) // If the column doesn't exist in the primary columns or the $pTableVariables array then remove it.
        unset($retTDAry["_cols"][$col]);
    }
  }

  $retTDAry= array($pTableCode => $retTDAry);
  return $retTDAry;
}

/**
 *
 * Build the SQL to execute
 * Do this by retrieving the table definition
 * Then build sql code from the fields
 *
 * @param string $pTableSchema - This is the table schema to which we want data
 * @param array  $pValuesAry - (optional) This is the array of values to be used in the WHERE clause
 *                              This should be for ONE Record, THE RECORD NEEDING THE SNAPSHOT
 * @param boolean $pAllValues - (optional) If true, whatever is the $pValuesAry shows up in the where clause.
 */
function GetTableSelectSql($pTableSchema, $pValuesAry = array(), $pAllValues=false) {

  $sqlSelect = '';
  $sqlWhere = '';
  $retSql = '';

  $pValuesAry = (is_array($pValuesAry) ? $pValuesAry : array());

  if (HCU_array_key_exists('_cols', $pTableSchema) && HCU_array_key_value('_tablename', $pTableSchema) != '') {
    // * Found the table definition -- Build SELECT ?
    $primaryColumns = HCU_array_key_value('_primary-columns', $pTableSchema);
    $primaryColumns = is_array($primaryColumns) ? array_flip($primaryColumns) : array(); // Ensure the primaryColumns is an array of some sort -- make the values keys

    foreach ($pTableSchema['_cols'] as $colName => $colAttr) {
      $sqlSelect .= ($sqlSelect != '' ? ', ' : '') . $colName;

      $addToWhere= false;

      // * If the colName is found in primary columns; ** THIS COLUMN IS A PRIMARY -- CHECK FOR VALUE
      if (HCU_array_key_value($colName, $pValuesAry) && (HCU_array_key_exists($colName, $primaryColumns) || $pAllValues))
      {
        $colValue = $pValuesAry[$colName];
        $addToWhere= true;
      }

      // There is a value, build the where statement
      if ($addToWhere)
          $sqlWhere .= ($sqlWhere != '' ? " AND " : "") . " $colName = " . db_build_expr_value($colValue, $colAttr);
    }

    // ** Now build the sql to return
    $retSql = "SELECT $sqlSelect FROM {$pTableSchema['_tablename']} " . ($sqlWhere != '' ? " WHERE $sqlWhere" : "");

  }


  return $retSql;
}


/**
 *
 * Return the main table columns.  This will ignore any configuration columns
 *
 * @param array[] pSingleRecord   - This should be only ONE data record update
 *
 * @return array[]  This will return the updated record MINUS any setting/configuration columns
 *
 */
function GetDataUpdatedColumnsOnly($pSingleRecord) {

  $ignoreList = array("_action");
  $retData = array();

  $retData = array_diff_key($pSingleRecord, array_flip($ignoreList));

  return $retData;
}


/**
 *
 * HomeCU Audit Record Function
 * This will insert a record into the <cucode>audituser table.
 * It may eventually audit changes for several types of tables.  (user, userrights, useraccounts, alert, scheduled)
 *
 * ** STANDARD PARAMETERS FOR FUNCTIONS
 * @param integer $pDbh    - Database Handle for current Credit Union Session
 * @param array[] $pHbEnv  - The current session HB_ENV -- This is the array that contains session/environment variables.
 *                            This function requires the following variables in HB_ENV
 *                            cu - the CU CODE
 * @param class   $pMc     - The current session MC (Multi-Language) class
 *
 * ** Function Specific Parameters
 * ??? @param string  pTableName - The table key name that is associated with this change.
 * @param integer $pAuditUser   - The user id related to the data change
 * @param string $pAction       - Identifies the action that triggered this audit record.  Some codes include
 *                                U_ADD - User Account was added.
 *                                U_DEL_A - User Account Deleted
 *                                U_DEL_H - User History Deleted.
 *                                U_RESET - User Password was reset
 *                                U_UPD - User Account Was updated
 *                                U_OMA - Override MICRs
 *                                U_EST - E-statemnt Flag Changed
 * @param string $pAppContext   - Application Context {DSK, MBL, APP, ADA}
 * @param string $pCodeContext  - Name of the PHP script that called this function.
 * @param string $pAuditType    - The type of user that triggered this audit
 *                                U - user, the user themselves made this particular change
 *                                A - admin user, an admin user made the change to the user account.
 *                                H - HomeCU made the change to the user record
 * @param string $pFullDesc     - A full description of why the audit record was necessary. {Force Password, Update Profile..etc}
 * @param string $pUserName     - The User Name value that made the triggered user.  The source of this user_name
 *                                  depends on the type defined in pAuditSrcType
 * @param string $pEmail        - The email associated with the user
 * @param string $pIp           - The source IP address that triggered the audit record
 * @param string $pRecBefore    - This is a json encoded array of a "snapshot" prior to any changes that will be occurring.
 * @param string $pRecAfter     - This is a json encoded array of the "delta" values associated with the table
 * @param boolean $pBuildSqlOnly  - {true,false (default)} -
 *                                 True - the sql will not be sent to the database. The sql is returned in the [data][sql] value
 *                                 False - The sql will be sent to the database.
 *
 * @return array[]        - This will return a standard return array
 *                          [code] - Base return code {000-success, 999-error}
 *                          [errors] - Indexed array of error descriptions (in case there could be more than one)
 *                          [data] - Extra Data
 *                            [sql] - The SQL that was created will always be returned.
 */
function SetAuditRecord ($pDbh, $pHbEnv, $pMc, $pAuditUser, $pAction, $pAppContext, $pCodeContext, $pAuditType, $pFullDesc, $pUserName, $pEmail, $pIp, $pRecBefore, $pRecAfter,
  $pBuildSqlOnly = false, $pAccountNumber = "") {

  /**
   * @var array[] Return array
   */
  $retVal = array("code" => "000",
                  "errors" => array(),
                  "data" => array());

  try {
    /* VALIDATION */
    /* CU CODE */
    if (!HCU_array_key_exists('cu', $pHbEnv)) {
      throw new exception ('Environment Config Error', '900');
    } else if (trim($pHbEnv['cu']) == '') {
      throw new exception ('CU Config Error', '901');
    }

    $insAuditRec = array(
                       "_action" => 'create',
                       "user_id" => $pAuditUser,
                       "auditdate" => DBTIMESTAMP_USETS,
                       "auditaction" => $pAction,
                       "auditsrctype" => $pAuditType,
                       "auditsrcuser_name" => $pUserName,
                       "auditsrcemail" => $pEmail,
                       "auditrecbefore" => $pRecBefore,
                       "auditrecafter" => $pRecAfter,
                       "auditsrcip" => $pIp,
                       "auditsrcapp_context" => $pAppContext,
                       "auditsrccode_context" => $pCodeContext,
                       "auditfulldesc" => $pFullDesc,
                       "accountnumber" => $pAccountNumber
                    );
    $updResult = SetDataTableUpdate($pDbh, $pHbEnv, $pMc, "audituser", $insAuditRec, $pBuildSqlOnly);

    if ($updResult) {
      // ** Set the Return SQL
      $retVal['data']['sql'] = HCU_array_key_value('sql', $updResult['data']);
    } else {
      throw new exception ('Audit Record Update Error', '903');
    }
/*
** OLD METHOD START**
    * CREATE SQL *
    $sql = "INSERT INTO " . prep_save($pHbEnv['cu'], 12) . "audituser
              (user_id, auditdate, auditaction,
               auditsrctype, auditsrcuser_name, auditsrcemail,
               auditsrcip, auditsrcapp_context, auditsrccode_context,
               auditfulldesc, auditrecbefore, auditrecafter)
              VALUES
              (" . intval($pAuditUser) . ", now(), '" . prep_save($pAction, 10) . "',
               '" . prep_save($pAuditType, 1) . "', '" . prep_save($pUserName, 50) . "', '" . prep_save($pEmail, 255) . "',
               '" . prep_save($pIp, 15) . "', '" . prep_save($pAppContext, 10) . "', '" . prep_save($pCodeContext, 20) . "',
               '" . prep_save($pFullDesc, 255) . "', '" . prep_save($pRecBefore) . "', '" . prep_save($pRecAfter) . "'
              ); ";

    $retVal['data']['sql'] = $sql;
    if (!$pBuildSqlOnly) {
      * EXECUTE THE QUERY *
      // ** Should this evalute the dbh?
      if (pg_connection_status($pDbh) == PGSQL_CONNECTION_BAD) {
        throw new exception ('Database Connection Interruption', '902');
      }

      $queryResult = db_query($sql, $pDbh);
      if ($queryResult == false) {
        throw new exception ('Audit Record Update Error', '903');
      }
    }
** OLD METHOD END **
Set Data Table Update should be handling
*/


  } catch (exception $e){
    $retVal['code'] = $e->getCode();
    $retVal['error'][] = $e->getMessage();
    $retVal['data'] = array();
  }

  return $retVal;
}

/**
 * HomeCU Audit Record Function
 * This will insert a record into the <cucode>auditadmin table. It may eventually audit changes for several types of tables.  (user, userrights, useraccounts, alert, scheduled)
 *
 * ** STANDARD PARAMETERS FOR FUNCTIONS
 * @param integer $pDbh    - Database Handle for current Credit Union Session
 * @param array[] $pHbEnv  - The current session HB_ENV -- This is the array that contains session/environment variables.
 *                            This function requires the following variables in HB_ENV: cu - the CU CODE
 *
 * @param integer $pAuditUser   - The user id related to the data change
 * @param string $pAction       - Identifies the action that triggered this audit record.
 * @param string $pCodeContext  - Name of the PHP script that called this function.
 * @param string $pAuditType    - The type of user that triggered this audit
 *                                A - admin user, an admin user made the change to the admin user account.
 *                                H - HomeCU made the change to the user record
 * @param string $pFullDesc     - A full description of why the audit record was necessary. {Force Password, Update Profile..etc}
 * @param string $pUserName     - The User Name value that made the triggered user.  The source of this user_name
 *                                  depends on the type defined in pAuditSrcType
 * @param string $pEmail        - The email associated with the user
 * @param string $pIp           - The source IP address that triggered the audit record
 * @param string $pRecBefore    - This is a json encoded array of a "snapshot" prior to any changes that will be occurring.
 * @param string $pRecAfter     - This is a json encoded array of the "delta" values associated with the table
 * @param boolean $pBuildSqlOnly  - {true,false (default)} -
 *                                 True - the sql will not be sent to the database. The sql is returned in the [data][sql] value
 *                                 False - The sql will be sent to the database.
 *
 * @return array[]        - This will return a standard return array
 *                          [code] - Base return code {000-success, 999-error}
 *                          [errors] - Indexed array of error descriptions (in case there could be more than one)
 *                          [data] - Extra Data
 *                            [sql] - The SQL that was created will always be returned.
 */
function SetAdminAuditRecord ($pDbh, $pHbEnv, $pAuditUser, $pAction, $pCodeContext, $pAuditType, $pFullDesc, $pUserName, $pEmail, $pIp, $pRecBefore, $pRecAfter, $pBuildSqlOnly=false)
{
    try
    {
        if (!HCU_array_key_exists('cu', $pHbEnv))
            throw new exception ('Environment Config Error', '900');
        if (trim($pHbEnv['cu']) == '')
            throw new exception ('CU Config Error', '901');

        $insAuditRec = array (
             "_action" => 'create',
             "user_name" => $pAuditUser,
             "auditdate" => DBTIMESTAMP_USENOW,
             "auditaction" => $pAction,
             "auditsrctype" => $pAuditType,
             "auditsrcuser_name" => $pUserName,
             "auditsrcemail" => $pEmail,
             "auditrecbefore" => $pRecBefore,
             "auditrecafter" => $pRecAfter,
             "auditsrcip" => $pIp,
             "auditsrccode_context" => $pCodeContext,
             "auditfulldesc" => $pFullDesc
        );

        $updResult = SetDataTableUpdate($pDbh, $pHbEnv, null, "auditadmin", $insAuditRec, $pBuildSqlOnly);

        if (!$updResult)
            throw new exception ('Audit Record Update Error', '903');
    }
    catch (exception $e)
    {
        return array("code" => $e->getCode(), "error" => array($e->getMessage()), "data" => array());
    }

    return array("code" => "000", "error" => array(), "data" => array());
}


/**
 *
 * This function will create SQL for CRUD from the data arrays.
 * The arrays will provide the type of operation (Create, Update, Delete)
 *
 * This function does NOT need to update the database, it can also be used to build sql
 *
 *
 * ** STANDARD PARAMETERS FOR FUNCTIONS
 * @param integer pDbh    - Database Handle for current Credit Union Session
 * @param array[] pHbEnv  - The current session HB_ENV -- This is the array that contains session/environment variables.
 *                            This function requires the following variables in HB_ENV
 *                            cu - the CU CODE
 * @param class   pMc     - The current session MC (Multi-Language) class
 *
 * ** Function Specific Parameters
 * @param string pUpdTableCode    - Table "key" for data being updated
 * @param array[] pUpdValues      - This is the array of data values to be set in the table
 * @param boolean pBuildSqlOnly   - {true,false (default)} -
 *                                   True - the sql will not be sent to the database. The sql is returned in the [data][sql] value
 *                                   False - The sql will be sent to the database.
 *
 * @return array[]        - This will return a standard return array
 *                          [code] - Base return code {000-success, 9XX-error}
 *                          [errors] - Indexed array of error descriptions (in case there could be more than one)
 *                          [data] - Extra Data
 *                            [sql] - The SQL that was created will always be returned.
 *                            [row] - This is the returned row for ALL the columns in the table (uses postgres RETURNING *)
 */
function SetDataTableUpdate($pDbh, $pHbEnv, $pMC, $pUpdTableCode, $pUpdValues, $pBuildSqlOnly = false) {
  /**
   * @var array[] Return array
   */

  $retVal = array("code" => "000",
                  "errors" => array(),
                  "data" => "");
  $retRows= array();

  try {

    /**
     * Verify the table exists in the Table Definitions
     */
    $tblSchemaList = GetTableDefinition($pHbEnv, $pUpdTableCode);
    if (!HCU_array_key_exists($pUpdTableCode, $tblSchemaList)) {
      // * NOT FOUND
      throw new Exception("Table Schema Not Found", '901');
    }
    $tblSchema = $tblSchemaList[$pUpdTableCode];
    // Add default values to updValues if doesn't exist
    foreach($tblSchema["_cols"] as $col => $colInfo)
    {
      if (isset($colInfo["defaultValue"]) && !isset($pUpdValues[$col]))
        $pUpdValues[$col]= $colInfo["defaultValue"];
    }
    /**
     * VERIFY the _action is defined and set in the pUpdValues array
     */
    if (!HCU_array_key_exists('_action', $pUpdValues)) {
      throw new Exception ("Unknown data action encountered", "902");
    }
    /**
     * Verify the required-columns exist for ALL ACTIONS
     * Do this by counting the required-columns elements and compare to the intersection results array
     *    of the required columns and the Updated Column Values
     */

    $reqColumns = HCU_array_key_value("_primary-columns", $tblSchema);
    if (count($reqColumns) !== count(array_intersect_key(array_flip($reqColumns), $pUpdValues))) {
      throw new Exception ("Required Columns Missing", "903");
    }

    /**
     *
     * CREATE SQL STATEMENT
     * Based on Query Action
     *
     *
     */
    switch (strtolower($pUpdValues['_action'])) {
      /**
       * INSERT STATEMENT -- DIFFICULT AS I NEED TO BE ABLE TO USE SERIAL
       * It may be possible to leverage the "RETURNING" syntax.
       * INSERT INTO table .. RETURNING *
       */
      case "create":
      case "insert":
        /**
         * Build Value Updates
         * This will be all the values in pUpdValues INCLUDING PRIMARY COLUMNS
         */
        $sqlInsertCols= "";
        $sqlInsertVals= "";
        foreach ( GetDataUpdatedColumnsOnly($pUpdValues) as $colName => $colValue) {
          /**
           * colName - This is the column name as defined in the table structure
           * colValue - This is the value to be used for updatings
           * colAttr - Look this up from the table schema
           */
          $colAttr = HCU_array_key_value($colName, $tblSchema['_cols']);

          /**
           * BUILD THE EXRESSION
           */
          $sqlInsertCols .= ($sqlInsertCols != '' ? ', ' : '') . $colName;
          $sqlInsertVals .= ($sqlInsertVals != '' ? ', ' : '') . db_build_expr_value($colValue, $colAttr);
        }

        $retSql = "INSERT INTO {$tblSchema['_tablename']} ($sqlInsertCols) VALUES ($sqlInsertVals) RETURNING " . implode(', ', array_keys(GetDataUpdatedColumnsOnly($pUpdValues))) . "; ";
        break;
      /**
       * UPDATE STATEMENT --  UPDATE FIELDS WHERE PRIMARY MEETS CONDITION
       */
      case "update":
        /**
         * Build Value Updates
         * This will be all the values in pUpdValues MINUS any _primary-columns
         */
        // ** get the list of primary columns
        $sqlUpdate= "";
        foreach ( array_diff_key(GetDataUpdatedColumnsOnly($pUpdValues), array_flip(HCU_array_key_value("_primary-columns", $tblSchema))) as $colName => $colValue) {
          /**
           * colName - This is the column name as defined in the table structure
           * colValue - This is the value to be used for updatings
           * colAttr - Look this up from the table schema
           */
          $colAttr = HCU_array_key_value($colName, $tblSchema['_cols']);

          /**
           * BUILD THE EXRESSION
           */
          $sqlUpdate .= ($sqlUpdate != '' ? ", " : "") . " $colName = " . db_build_expr_value($colValue, $colAttr);
        }
        // * *BUILD THE WHERE Expression FROM the primary columns -- they should all exist in this instance
        $primaryColumns = HCU_array_key_value('_primary-columns', $tblSchema);
        $primaryColumns = is_array($primaryColumns) ? array_flip($primaryColumns) : array(); // Ensure the primaryColumns is an array of some sort -- make the values keys
        $sqlWhere= "";
        foreach (array_keys($primaryColumns) as $colName) {
          if (HCU_array_key_exists($colName, $primaryColumns)) {
            // Primary column found in list of values --
            $colValue = $pUpdValues[$colName];
            $colAttr = HCU_array_key_value($colName, $tblSchema['_cols']);

            $sqlWhere .= ($sqlWhere != '' ? " AND " : "") . " $colName = " . db_build_expr_value($colValue, $colAttr);
          } else {
            // Primary Column was NOT FOUND -- throw an error -- SHOULD HAVE BEEN CAUGHT error 903
          }
        }

        // ** Require the WHERE statement
        $retSql = "UPDATE {$tblSchema['_tablename']} SET $sqlUpdate WHERE $sqlWhere RETURNING " . implode(', ', array_keys(GetDataUpdatedColumnsOnly($pUpdValues))) . "; ";
        break;
      /**
       * DELETE STATEMENT -- DELETE ROWS WHERE PRIMARY MEETS CONDITION
       */
      case "delete":
        /**
         * DELETE only REQUIRES the DELETE statement
         * This will be all the values in pUpdValues MINUS any _primary-columns
         */
        // ** get the list of primary columns

        // * *BUILD THE WHERE Expression FROM the primary columns -- they should all exist in this instance
        $primaryColumns = HCU_array_key_value('_primary-columns', $tblSchema);
        $primaryColumns = is_array($primaryColumns) ? array_flip($primaryColumns) : array(); // Ensure the primaryColumns is an array of some sort -- make the values keys

        $sqlWhere= "";
        foreach (array_keys($primaryColumns) as $colName) {
          if (HCU_array_key_exists($colName, $primaryColumns)) {
            // Primary column found in list of values --
            $colValue = $pUpdValues[$colName];
            $colAttr = HCU_array_key_value($colName, $tblSchema['_cols']);

            $sqlWhere .= ($sqlWhere != '' ? " AND " : "") . " $colName = " . db_build_expr_value($colValue, $colAttr);
          } else {
            // Primary Column was NOT FOUND -- throw an error -- SHOULD HAVE BEEN CAUGHT error 903
          }
        }

        // ** Require the WHERE statement
        $retSql = "DELETE FROM {$tblSchema['_tablename']} WHERE $sqlWhere; ";

        break;
      default:
        throw new Exception ("Unknown Data Action", "904");
    }

    if (!$pBuildSqlOnly) {
      // * EXECUTE the query
      if (strtolower($pUpdValues['_action']) == 'delete') {
        // * Handle delete
        if (db_query($retSql, $pDbh)) {
          $retVal['data']['row'][$pUpdTableCode][] = array();
        } else {
          /**
           * ERROR DURING DB EXECUTION
           */
          throw new exception ('Database Query Failed', '902');
        }
      } else {
        $retRows[$pUpdTableCode] = GetAllRowsFromSql($pDbh, $retSql);
        if ($retRows[$pUpdTableCode] !== false) {
          $retVal['data']['row'] = $retRows;
        } elseif (db_last_error() != "") {
          /**
           * ERROR DURING DB EXECUTION
           */
          throw new exception ('Database Query Failed', '902');
        } else {
          // ** no error - most likely no update -- return empty row
          $retVal['data']['row'] = $retRows;
        }
      }
    }
    $retVal['data']['sql'] = $retSql;

  } catch (exception $e){
    $retVal['code'] = $e->getCode();
    $retVal['errors'][] = $e->getMessage();
  }

  return $retVal;

}

/**
 * Update_User_Settings - Project Odyssey
 *
 * This function will accept the fields to change and update the tables accordingly
 *
 * @param integer $p_dbh      - database handle
 * @param array $p_hb_env     - value of the array HB_ENV
 * @param class $p_mc         - This is the reference to the MC class that describes the currently selected language
 * @param array $p_upd_fields - Array of fields that are being updated
 * @param bol $p_transaction  - Do I need to use a transaction for updating the query
 *
 */
function Update_User_Settings($p_dbh, $p_hb_env, $p_mc, $p_upd_fields, $p_transaction) {
  /* ALLOWED FIELDS with DATATYPE -- MULTI DIMENSION ARRAY
   * First Key is the category on where the flag is set
   *  {settings_email, settings_password, settings_useralias, settings_questions, settings_confidence}
   * settings_email
   * [email] - 'email' The member email to update
   * [egenl] - 'include on email list' Does the member want to be included on the member list?
   * [verify] - 'verify email' has the member been flagged to verify the email
   * [valid] - 'email valid' Has the member declared this email to be valid
   *
   * settings_password - 'char (*)' The member password to the save to the dB, in PLAIN form
   * [current] - This the current password the member would be entered
   * [newpasswd] - This is the members new password
   * [confpasswd] - This is the members entry for confirming the password
   * [review_guidelines] - {Y, N} - Did the user review the Guidelines?
   *
   * settings_useralias -
   * [username] - 'char (50)' The member alias, used for altnerate login
   * [username_confirm] - 'char (50)' A CONFIRMATION of the username the member entered
   * [username_required] - {Y, N} Yes / No
   *
   * settings_questions - 'array' This is an array of the security question answers.
   *                      Each array element should be an array of cqid, display
   *                      These are Named in correlation with retrieving challenge questions
   *    ['cqid'] - Challenge question ID
   *    ['display'] - Challenge response
   *
   *                        key is the ChallengeQuestionID for the question
   *                        value is the answer given by the member
   * settings_confidence -
   *  [confword] - 'char (20)' The confidence word for the members account
   *
   */

  $retAry = Array("status" => Array ("code" => "", "severity" => "", "errors" => Array()));

  $whatUpdated = array( "email" => false, "password" => false, "questions" => false,
                        "alias" => false, "confidence" => false, "old_email" => "",
                        "new_email" => "" );

  $trans_failed = false;

  $EMAIL_FLAG = GetMsgTxValue('MSGTX_FORCE_EM');

  /**
   * 4/8/2016
   *
   * In 'mammoth' the ability to create a postgres "TRANSACTION" was added to ensure data integrity and to fail if any part failed.
   * However, if I can put all the changes into ONE update then it would achieve the same thing.
   * This may be possible if I call the DataUserTableUpdate function instead of the individual Update Functions
   *
   */

  /**
   *
   * This function is really a layer
   * between the Validate_Settings scripts and the DataUserTableUpdate function
   *
   */


  /**
   * SNAPSHOT HANDLED BY THE DataUserTableUpdate function
   */

  $userDataRecordChanges = Array("_action" => "update",
                                 "user_id" => $p_hb_env['Uid'],
                                 "user_name" => $p_hb_env['Cn']
                                );

  // Set the contact if it exists.
  HCU_array_key_exists("settings_contact", $p_upd_fields) ? $userDataRecordChanges["contact"] = $p_upd_fields["settings_contact"] : null;

  // Set the mfa date if it exists.
  HCU_array_key_exists("settings_mfadate", $p_upd_fields) ? $userDataRecordChanges["mfaquest"] = $p_upd_fields["settings_mfadate"] : null;

  // ** EMAIL
  // ** egenl flag for Include on E-mail list
  if (isset($p_upd_fields['settings_email']) && !$trans_failed) {
    // ** Email needs to be updated
// **     $trans_failed = Update_SettingsEmail($p_dbh, $p_hb_env, $p_upd_fields['settings_email'], $p_transaction, $sBuildSql);

    if ( !$trans_failed && strcmp( $p_hb_env["Ml"], $p_upd_fields['settings_email']["email"] ) != 0 ) {
      $whatUpdated["email"] = true;

      // save the new email
      $whatUpdated["new_email"] = $p_upd_fields["settings_email"]["email"];

      // save the old email
      $whatUpdated["old_email"] = $p_hb_env["Ml"];
    }

    /**
     * SETUP EMAIL FIELDS TO SAVE
     * consider 'verify' and 'valid' options from the previous
     * no need to add extra logic in lower function.  if they are to be changed then change them
     * ALSO need to keep track of information being modified to later notify the member
     *
     */
     $userDataRecordChanges['email'] = $p_upd_fields["settings_email"]["email"];
     $userDataRecordChanges['egenl_flag'] = $p_upd_fields["settings_email"]["egenl"];

    /**
     * Verify e-mail
     * Verify e-mail is set to force the member to change their password.  However, the flag does not always 'require' the member to change the email
     *   The
     */
    if (HCU_array_key_exists('verify', $p_upd_fields['settings_email'])) {
      // * Did the member tag the e-mail as 'valid'??
        // * IF tagged as YES -- THEN UPDATE msg_tx

        // * IF not TAGGED, then only update if the email being saved is different
      $curEmail = $p_hb_env['Ml'];
      if (($curEmail != $p_upd_fields["settings_email"]["email"]) || (HCU_array_key_value('valid', $p_upd_fields["settings_email"]) == "Y")) {
        // ** Subtract out the Temp flag bits FROM the current Fmsg_tx
        $tmpVal = ~(~(int)$p_hb_env['Fmsg_tx'] | HCUTEMP_FLAGS);

        // ** Subtract out the Email Settings Flag
        $tmpVal = ~(~$tmpVal | $EMAIL_FLAG);

        $userDataRecordChanges['msg_tx'] = $tmpVal;
      }
    }

  }
  /**
   * UPDATE PASSWORD
   */
  if (isset($p_upd_fields['settings_password']) && !$trans_failed) {
    /**
     * Only Update the password IF newpasswd is set
     *   ** Otherwise, the structure may exist to confirm the current password 'current'
     */
    if (HCU_array_key_exists('newpasswd', $p_upd_fields['settings_password'])) {
      $userDataRecordChanges['passwd'] = password_hash($p_upd_fields['settings_password']['newpasswd'], PASSWORD_DEFAULT);
      $userDataRecordChanges['forcechange'] = 'N';
      $userDataRecordChanges['pwchange'] = DBTIMESTAMP_USENOW;

      $whatUpdated["password"] = true;
    }
  }

  /**
   * UPDATE ALIAS
   */
  if (isset($p_upd_fields['settings_alias']) && !$trans_failed) {
    $userDataRecordChanges['user_name'] = $p_upd_fields['settings_alias']['username'];

    $whatUpdated["alias"] = true;
  }

  /**
   * CONFIDENCE WORD
   */
  if (isset($p_upd_fields['settings_confidence']) && !$trans_failed) {
    $userDataRecordChanges['confidence'] = $p_upd_fields['settings_confidence']['confword'];

    if (HCU_array_key_exists('userflags', $p_upd_fields['settings_confidence'])) {
      $userDataRecordChanges['userflags'] = $p_upd_fields['settings_confidence']['userflags'];
    }

    $whatUpdated["confidence"] = true;
  }

  /**
   * SECURITY QUESTIONS
   */
  if (isset($p_upd_fields['settings_questions']) && !$trans_failed) {
      # note mfaquest array may contain Array("answers", "challenge", "authcode", "authexpires", "mfadate");
      # this will throw away everything and only save the answers - and now I'm adding the mfadate
    $mfaAnswers = Array();
    if (is_array($p_upd_fields['settings_questions'])) {
      // ** Iterate through the questions and create new mfa json value
      for ($qIdx = 0; $qIdx < count($p_upd_fields['settings_questions']); $qIdx++) {
        $mfaAnswers[$p_upd_fields['settings_questions'][$qIdx]['cqid']] = $p_upd_fields['settings_questions'][$qIdx]['display'];
      }
    }
    $mfaArray = Array("answers" => $mfaAnswers);
    $mfaArray['mfadate'] = time();
    $userDataRecordChanges['mfaquest'] = PrepareMfaQuestString($mfaArray);

    $whatUpdated["questions"] = true;
  }

//  /**
//   * ACCOUNT DESCRIPTIONS
//   * ** NOT COMPLETE MWS 4/11/2016
//   */

  $updateTableArray = Array("user" => Array($userDataRecordChanges));

  // * Start the transaction
  if (!($trans_rs = db_query("begin transaction", $p_dbh))) {
      $trans_failed = true;
  }

  if ( !$trans_failed ) {

    // * Update the records -- ONLY SAVE AUDIT RECORD IF UPDATING EMAIL
    $updateResults = DataUserTableUpdate($p_dbh, $p_hb_env, $p_mc, $updateTableArray, $p_hb_env['Uid'], 'U_UPD', 'U', $p_hb_env['currentscript'], 'U', "Required Profile Update", $p_hb_env['Cn'], $p_hb_env['Ml'], $p_hb_env['remoteIp']);
    if ( !$updateResults ) {
      $trans_failed = true;
    }
  }

  // * EITHER POST THE ROLLBACK OR COMMIT
  if ($trans_failed) {
    // ** UPDATE FAILED -- ROLLBACK
    $upd_rs = db_query("rollback transaction", $p_dbh);

    $retAry['status']['code'] = '999';
    $retAry['status']['severity'] = 'ERROR';
    $retAry['status']['errors'][] = $p_mc->msg("Error Occurred updating settings");
  } else {
    // ** UPDATE SUCCEEDED-- COMMIT
    if (!$upd_rs = db_query("commit transaction", $p_dbh)) {
      // ** COMMIT FAILED
      $retAry['status']['code'] = '999';
      $retAry['status']['severity'] = 'ERROR';
      $retAry['status']['errors'][] = $p_mc->msg("Error Occurred updating settings");
    } else {
      // send an email to the registered user to let them know a change occurred
      NotifyUserOfChange( $p_dbh, $p_hb_env, $whatUpdated, $p_mc );

      // return success
      $retAry['status']['code'] = '000';
      $retAry['status']['severity'] = "SUCCESS";
    }
  }

  /**
   *
   * END OF NEW CODE -- FOLLOWING CODE SHOULD BE REMOVED
   *
   */

/*
//  $PostOrBuild = ($p_transaction ? "POST" : "BUILD");    // ** THIS WILL TELL US WHETHER WE POST OR BUILD AN SQL
    // * Build is used for a one sql call at the end of this function
      // * all sql queries will be appended together
    // * Post is used for a 'sql transaction' query , each query is separtely
      // * executed and at the end , either a rollback or commit will be executed
  $sBuildSql = "";    // This is the accumulated sql that will be executed at the end

  // ** DECLARE SETTINGS FOR THIS FUNCTION

  // * GET THE CURRENT dB time
  if ($time_rs = db_query("select now();", $p_dbh)) {
    list($chnow) = db_fetch_array($time_rs, 0);
  } else {
    // ** For some reason unable to get the current time
    $trans_failed = true;
  }

  // * Start the transaction if needed
  if ($p_transaction && !$trans_failed) {
    if (!($trans_rs = db_query("begin transaction", $p_dbh))) {
      $trans_failed = true;
    }
  }

  // save the old email
  $whatUpdated["old_email"] = $p_hb_env["Ml"];

  // ** SNAPSHOT OF AUDIT USERS
  $trans_failed = Update_AuditMember($p_dbh, $p_hb_env, 0, $chnow, $p_transaction, $sBuildSql);

  // ** EMAIL
  // ** egenl flag for Include on E-mail list
  if (isset($p_upd_fields['settings_email']) && !$trans_failed) {
    // ** Email needs to be updated
    $trans_failed = Update_SettingsEmail($p_dbh, $p_hb_env, $p_upd_fields['settings_email'], $p_transaction, $sBuildSql);

    if ( !$trans_failed && strcmp( $p_hb_env["Ml"], $p_upd_fields['settings_email']["email"] ) != 0 ) {
      $whatUpdated["email"] = true;

      // save the new email
      $whatUpdated["new_email"] = $p_upd_fields["settings_email"]["email"];
    }
  }

  // ** PASSWORD
  if (isset($p_upd_fields['settings_password']) && !$trans_failed) {
    // ** CRYPT THE PASSWORD FOR SAVING
    $trans_failed = Update_SettingsPassword($p_dbh, $p_hb_env, $p_upd_fields['settings_password'], $p_transaction, $sBuildSql);

    if ( !$trans_failed && array_key_exists('newpasswd', $p_upd_fields['settings_password']) ) {
      $whatUpdated["password"] = true;
    }
  }


  // ** USER ALIAS
  if (isset($p_upd_fields['settings_alias']) && !$trans_failed) {
    $trans_failed = Update_SettingsAlias($p_dbh, $p_hb_env, $p_upd_fields['settings_alias'], $p_transaction, $sBuildSql);

    if ( !$trans_failed ) {
      $whatUpdated["alias"] = true;
    }
  }

  // ** CONFIDENCE WORD
  if (isset($p_upd_fields['settings_confidence']) && !$trans_failed) {
    $trans_failed = Update_SettingsConfidence($p_dbh, $p_hb_env, $p_upd_fields['settings_confidence'], $p_transaction, $sBuildSql);

    if ( !$trans_failed ) {
      $whatUpdated["confidence"] = true;
    }
  }

  // ** SECURITY QUESTIONS
  if (isset($p_upd_fields['settings_questions']) && !$trans_failed) {
    // ** Create the update query for challenge questions
    $trans_failed = Update_SettingsChallenge($p_dbh, $p_hb_env, $p_upd_fields['settings_questions'], $p_transaction, $sBuildSql);

    if ( !$trans_failed ) {
      $whatUpdated["questions"] = true;
    }
  }

  // ** ACCOUNT DESCRIPTIONS
  if (isset($p_upd_fields['settings_desc']) && !$trans_failed) {
    // ** Create the update query for challenge questions
    $trans_failed = Update_SettingsDesc($p_dbh, $p_hb_env, $p_upd_fields['settings_desc'], $p_transaction, $sBuildSql);
  }

  // ** ONE FOR CLEARING FORCE_RESET?? -- CURRENTLY -- CONFIDENCE WORD UPDATE WILL CLEAR FORCE RESET

  // ** TAKE ANOTHER SNAPSHOT OF THE MEMBER
  $trans_failed = Update_AuditMember($p_dbh, $p_hb_env, 1, $chnow, $p_transaction, $sBuildSql);
*/
/*
HOW TO HANDLE UPDATE QUERY

  // END THE PROCESS
  if ($p_transaction) {
    // * EITHER POST THE ROLLBACK OR COMMIT
    if ($trans_failed) {
      // ** UPDATE FAILED -- ROLLBACK
      $upd_rs = db_query("rollback transaction", $p_dbh);

      $retAry['status']['code'] = '999';
      $retAry['status']['severity'] = 'ERROR';
      $retAry['status']['errors'][] = $p_mc->msg("Error Occurred updating settings");
    } else {
      // ** UPDATE SUCCEEDED-- COMMIT
      if (!$upd_rs = db_query("commit transaction", $p_dbh)) {
        // ** COMMIT FAILED
        $retAry['status']['code'] = '999';
        $retAry['status']['severity'] = 'ERROR';
        $retAry['status']['errors'][] = $p_mc->msg("Error Occurred updating settings");
      } else {
        // send an email to the registered user to let them know a change occurred
        NotifyUserOfChange( $p_dbh, $p_hb_env, $whatUpdated, $p_mc );

        // return success
        $retAry['status']['code'] = '000';
        $retAry['status']['severity'] = "SUCCESS";
      }
    }
  } else {

print "<br /><br />PRINT SQL<br />". $sBuildSql;
    // * WE NOW POST THE ACCUMULATED SQL
    if ($upd_rs = db_query($sBuildSql, $p_dbh)) {
      // send an email to the registered user to let them know a change occurred
// MWS TEMP REMOVE      NotifyUserOfChange( $p_dbh, $p_hb_env, $whatUpdated, $p_mc );

      // return success
      $retAry['status']['code'] = '000';
      $retAry['status']['severity'] = "SUCCESS";
    } else {
      // ** RECORD ERROR HERE
      $retAry['status']['code'] = '999';
      $retAry['status']['severity'] = 'ERROR';
      $retAry['status']['errors'][] = $p_mc->msg("Error Occurred updating settings");
    }
  }
*/

  // ** RETURN THE status array
  return $retAry;
}

function Update_User_Security($p_dbh, $p_hb_env, $p_mc, &$p_upd_fields) {
  try {
    $securityPhones = HCU_JsonEncode($p_upd_fields['settings_phones']);
    $shones = prep_save($securityPhones);
    $shones = trim($securityPhones);

    // check if contact record exists for the user
    // this will determine update or create.
    $sql = "SELECT contact, mfaquest FROM {$p_hb_env['Cu']}user WHERE user_name = '{$p_hb_env['Cn']}'";
    $sqlRs = db_query($sql, $p_dbh);
    if (!$sqlRs) {
      throw new Exception("Error reading user security settings.", 100);
    }

    $sqlData = db_fetch_assoc($sqlRs, 0);
    $sqlContact = intval($sqlData['contact']);
    $sqlMfaQuest = HCU_JsonDecode($sqlData['mfaquest']);

    // update mfadate in mfaquest column
    $sqlMfaQuest['mfadate'] = time();
    $sqlMfaQuest = HCU_JsonEncode($sqlMfaQuest);

    $p_upd_fields ["settings_mfadate"] = $sqlMfaQuest; // Send to the audit for the user table.

    $contactUpdate = array("phones" => $securityPhones);

    if ($sqlContact === 0) { // Will need to get the next value
      $sql = "select nextval('" . $p_hb_env['Cu'] . "usercontact_contact_id_seq'::regclass)";
      $sth = db_query($sql, $p_dbh);
      if (!$sth) {
        throw new exception("Error getting next contact id.", 101);
      }

      $sqlContact = db_fetch_row($sth, 0);
      $sqlContact = intval($sqlContact[0]);
      $contactUpdate["_action"] = "insert";
      $contactUpdate["contact_id"] = $sqlContact;
    } else { // Otherwise, update the contact record for the contact_id.
      $contactUpdate["_action"] = "update";
      $contactUpdate["contact_id"] = $sqlContact;
    }

    $p_upd_fields ["settings_contact"] = $sqlContact; // Send to the audit for the user table.

    $userUpdate = array("usercontact" => array($contactUpdate));

    if (!DataUserTableUpdate($p_dbh, $p_hb_env, $p_mc, $userUpdate, $p_hb_env['Uid'], 'U_UPD', 'U', $p_hb_env['currentscript'], 'U', "Update User Security", $p_hb_env['Cn'],
                         $p_hb_env['Ml'], $p_hb_env['remoteIp'])) {
      throw new exception("User Update Failed.", 103);
    }

  // Prepare and send the return array structure like before.
    $returnArray = array("status" => array("code" => "000", "severity" => "SUCCESS", "errors" => array()));
  } catch (exception $e) {
    $returnArray = array("status" => array("code" => "999", "severity" => "ERROR", "errors" => array($e->getMessage())));
  }

  return $returnArray;
}

/**
 * Update_Settings
 * This function will evaluate the
 *
 * @param integer $p_dbh - database handle
 * @param array $p_hb_env - value of the array HB_ENV
 * @param array $p_upd_fields - Array of fields that are being updated
 * @param bol $p_transaction - Do I need to use a transaction for updating the query
 * @param class $p_mc     - This is the reference to the MC class that describes the currently selected language
 *
 */
function DEPRECATED_Update_Settings($p_dbh, $p_hb_env, $p_upd_fields, $p_transaction, $p_mc) {

  /* ALLOWED FIELDS with DATATYPE -- MULTI DIMENSION ARRAY
   * First Key is the category on where the flag is set
   *  {settings_email, settings_password, settings_useralias, settings_questions, settings_confidence}
   * settings_email
   * [email] - 'email' The member email to update
   * [egenl] - 'include on email list' Does the member want to be included on the member list?
   * [verify] - 'verify email' has the member been flagged to verify the email
   * [valid] - 'email valid' Has the member declared this email to be valid
   *
   * settings_password - 'char (*)' The member password to the save to the dB, in PLAIN form
   * [current] - This the current password the member would be entered
   * [newpasswd] - This is the members new password
   * [confpasswd] - This is the members entry for confirming the password
   * [review_guidelines] - {Y, N} - Did the user review the Guidelines?
   *
   * settings_useralias -
   * [username] - 'char (50)' The member alias, used for altnerate login
   * [username_confirm] - 'char (50)' A CONFIRMATION of the username the member entered
   * [username_required] - {Y, N} Yes / No
   *
   * settings_questions - 'array' This is an array of the security question answers.
   *                      Each array element should be an array of cqid, display
   *                      These are Named in correlation with retrieving challenge questions
   *    ['cqid'] - Challenge question ID
   *    ['display'] - Challenge response
   *
   *                        key is the ChallengeQuestionID for the question
   *                        value is the answer given by the member
   * settings_confidence -
   *  [confword] - 'char (20)' The confidence word for the members account
   *
   */

  $retAry = Array("status" => Array ("code" => "", "severity" => "", "errors" => Array()));

  $whatUpdated = array( "email" => false, "password" => false, "questions" => false,
                        "alias" => false, "confidence" => false, "old_email" => "",
                        "new_email" => "" );

  $trans_failed = false;

//  $PostOrBuild = ($p_transaction ? "POST" : "BUILD");    // ** THIS WILL TELL US WHETHER WE POST OR BUILD AN SQL
    // * Build is used for a one sql call at the end of this function
      // * all sql queries will be appended together
    // * Post is used for a 'sql transaction' query , each query is separtely
      // * executed and at the end , either a rollback or commit will be executed
  $sBuildSql = "";    // This is the accumulated sql that will be executed at the end

  // ** DECLARE SETTINGS FOR THIS FUNCTION

  // * GET THE CURRENT dB time
  if ($time_rs = db_query("select now();", $p_dbh)) {
    list($chnow) = db_fetch_array($time_rs, 0);
  } else {
    // ** For some reason unable to get the current time
    $trans_failed = true;
  }

  // * Start the transaction if needed
  if ($p_transaction && !$trans_failed) {
    if (!($trans_rs = db_query("begin transaction", $p_dbh))) {
      $trans_failed = true;
    }
  }

  // save the old email
  $whatUpdated["old_email"] = $p_hb_env["Ml"];

  // ** SNAPSHOT OF AUDIT USERS
  $trans_failed = Update_AuditMember($p_dbh, $p_hb_env, 0, $chnow, $p_transaction, $sBuildSql);

  // ** EMAIL
  // ** egenl flag for Include on E-mail list
  if (isset($p_upd_fields['settings_email']) && !$trans_failed) {
    // ** Email needs to be updated
    $trans_failed = Update_SettingsEmail($p_dbh, $p_hb_env, $p_upd_fields['settings_email'], $p_transaction, $sBuildSql);

    if ( !$trans_failed && strcmp( $p_hb_env["Ml"], $p_upd_fields['settings_email']["email"] ) != 0 ) {
      $whatUpdated["email"] = true;

      // save the new email
      $whatUpdated["new_email"] = $p_upd_fields["settings_email"]["email"];
    }
  }

  // ** PASSWORD
  if (isset($p_upd_fields['settings_password']) && !$trans_failed) {
    // ** CRYPT THE PASSWORD FOR SAVING
    $trans_failed = Update_SettingsPassword($p_dbh, $p_hb_env, $p_upd_fields['settings_password'], $p_transaction, $sBuildSql);

    if ( !$trans_failed && array_key_exists('newpasswd', $p_upd_fields['settings_password']) ) {
      $whatUpdated["password"] = true;
    }
  }


  // ** USER ALIAS
  if (isset($p_upd_fields['settings_alias']) && !$trans_failed) {
    $trans_failed = Update_SettingsAlias($p_dbh, $p_hb_env, $p_upd_fields['settings_alias'], $p_transaction, $sBuildSql);

    if ( !$trans_failed ) {
      $whatUpdated["alias"] = true;
    }
  }

  // ** CONFIDENCE WORD
  if (isset($p_upd_fields['settings_confidence']) && !$trans_failed) {
    $trans_failed = Update_SettingsConfidence($p_dbh, $p_hb_env, $p_upd_fields['settings_confidence'], $p_transaction, $sBuildSql);

    if ( !$trans_failed ) {
      $whatUpdated["confidence"] = true;
    }
  }

  // ** SECURITY QUESTIONS
  if (isset($p_upd_fields['settings_questions']) && !$trans_failed) {
    // ** Create the update query for challenge questions
    $trans_failed = Update_SettingsChallenge($p_dbh, $p_hb_env, $p_upd_fields['settings_questions'], $p_transaction, $sBuildSql);

    if ( !$trans_failed ) {
      $whatUpdated["questions"] = true;
    }
  }

  // ** ACCOUNT DESCRIPTIONS
  if (isset($p_upd_fields['settings_desc']) && !$trans_failed) {
    // ** Create the update query for challenge questions
    $trans_failed = Update_SettingsDesc($p_dbh, $p_hb_env, $p_upd_fields['settings_desc'], $p_transaction, $sBuildSql);
  }

  // ** ONE FOR CLEARING FORCE_RESET?? -- CURRENTLY -- CONFIDENCE WORD UPDATE WILL CLEAR FORCE RESET

  // ** TAKE ANOTHER SNAPSHOT OF THE MEMBER
  $trans_failed = Update_AuditMember($p_dbh, $p_hb_env, 1, $chnow, $p_transaction, $sBuildSql);


  // END THE PROCESS
  if ($p_transaction) {
    // * EITHER POST THE ROLLBACK OR COMMIT
    if ($trans_failed) {
      // ** UPDATE FAILED -- ROLLBACK
      $upd_rs = db_query("rollback transaction", $p_dbh);

      $retAry['status']['code'] = '999';
      $retAry['status']['severity'] = 'ERROR';
      $retAry['status']['errors'][] = $p_mc->msg("Error Occurred updating settings");
    } else {
      // ** UPDATE SUCCEEDED-- COMMIT
      if (!$upd_rs = db_query("commit transaction", $p_dbh)) {
        // ** COMMIT FAILED
        $retAry['status']['code'] = '999';
        $retAry['status']['severity'] = 'ERROR';
        $retAry['status']['errors'][] = $p_mc->msg("Error Occurred updating settings");
      } else {
        // send an email to the registered user to let them know a change occurred
        NotifyUserOfChange( $p_dbh, $p_hb_env, $whatUpdated, $p_mc );

        // return success
        $retAry['status']['code'] = '000';
        $retAry['status']['severity'] = "SUCCESS";
      }
    }
  } else {

    // * WE NOW POST THE ACCUMULATED SQL
    if ($upd_rs = db_query($sBuildSql, $p_dbh)) {
      // send an email to the registered user to let them know a change occurred
      NotifyUserOfChange( $p_dbh, $p_hb_env, $whatUpdated, $p_mc );

      // return success
      $retAry['status']['code'] = '000';
      $retAry['status']['severity'] = "SUCCESS";
    } else {
      // ** RECORD ERROR HERE
      $retAry['status']['code'] = '999';
      $retAry['status']['severity'] = 'ERROR';
      $retAry['status']['errors'][] = $p_mc->msg("Error Occurred updating settings");
    }
  }



  // ** RETURN THE status array
  return $retAry;
}

// This is a function that silently notifies the user of any changes to security settings. The
// $whatUpdated variable has the old email address as well as flags for what might have been updated.
// If the email was updated send the notice to both the old and new email address.
function NotifyUserOfChange( $p_dbh, $p_hb_env, $whatUpdated, $p_mc ) {
  // make sure we have an email address
  $email = $whatUpdated["old_email"];

  if ( strlen( $email ) > 0 ) {
    // get the organization and product name
    $Cu = $p_hb_env["Cu"];

    // get the "From" email address
    $sql= "select email from cuadmnotify
           where  role='securitychgfrom' and cu='$Cu'";
    $sth = db_query($sql,$p_dbh);
    list($admFrom) = db_fetch_array($sth,0);
    $admFrom = preg_replace("/ +$/","",$admFrom);
    $admFrom = trim( $admFrom );
    db_free_result($sth);

    if ( strlen( $admFrom ) > 0 ) {
      // build the notice string that explains what changed
      $reasonString = "";

      if ( $whatUpdated["email"] ) {
        $reasonString .= "<li>{$p_mc->msg( "Email Address" )}</li>\n";
      }
      if ( $whatUpdated["password"] ) {
        $reasonString .= "<li>{$p_mc->msg( "Password" )}</li>\n";
      }
      if ( $whatUpdated["questions"] ) {
        $reasonString .= "<li>{$p_mc->msg( "Updated Questions" )}</li>\n";
      }
      if ( $whatUpdated["alias"] ) {
        $reasonString .= "<li>{$p_mc->msg( "Username" )}</li>\n";
      }
      if ( $whatUpdated["confidence"] ) {
        $reasonString .= "<li>{$p_mc->msg( "Updated Confidence" )}</li>\n";
      }

      if ( strlen( $reasonString ) > 0 ) {
        $reasonReply = "<ul>$reasonString</ul>";

        $sql = "select orgname, pname from cuadmin where cu='$Cu'";
        $sth = db_query($sql,$p_dbh);
        if($sth) { list( $orgName, $pName ) =  db_fetch_array($sth,0); }
        $orgName = trim( $orgName );
        $pName = trim( $pName );

        // build the subject
        $msgSubject = $p_mc->combo_msg( "Updated Settings Subject", HCU_DISPLAY_AS_HTML, "#ORGNAME#", $orgName );

        // build the message body
        $searchArray = array( "#ORGNAME#", "#PRODNAME#", "#REASON#" );
        $replaceArray = array( "$orgName", "$pName", $reasonReply );
        $msgBody =  $p_mc->combo_msg( "Updated Settings Message", HCU_DISPLAY_AS_HTML, $searchArray, $replaceArray );

        // mail to the user
        $notify = new ErrorMail;
        $notify->header = "Content-type: text/html";
        $notify->mailto = $email;
        $notify->mailfromname = $orgName;
        $notify->replyto = $admFrom;
        $notify->subject = $msgSubject;
        $notify->msgbody = "$msgBody";
        $notify->callingfunction = __FUNCTION__;
        $notify->file = __FILE__;
        $notify->cu = $Cu;

        $notify->SendMail();

        // if updated email also mail to new address
        if ( $whatUpdated["email"] && strlen( $whatUpdated["new_email"] ) > 0 ) {
          $notify->mailto = $whatUpdated["new_email"];

          $notify->SendMail();
        }
      }
    }
  }
} // end NotifyUserOfChange

/**
 *
 * Update_SettingsEmail
 *
 * Create the sql queries to update the email and all the pieces that may also be saved
 *
 *
 * @param type $p_dbh
 * @param type $p_hb_env
 * @param type $p_values
 * @param bool $p_transaction
 * @param string $p_build_sql -- REFERENCE --
 */
function DEPRECATED_Update_SettingsEmail($p_dbh, $p_hb_env, $p_values, $p_transaction, &$p_build_sql) {

  $retFuncFailed = false;   // **Did the query execute as expected
//  global $EMAIL_FLAG;
  $EMAIL_FLAG = GetMsgTxValue('MSGTX_FORCE_EM');

  // ** VERIFY EMAIL IS A SEPARATE QUERY FROM THE NORMAL EMAIL UPDATE
  if (array_key_exists('verify', $p_values)) {

    $sql = "UPDATE cuusers
              SET msg_tx = (coalesce(msg_tx,0)::int # $EMAIL_FLAG)::int2
            WHERE cu = '{$p_hb_env['Cu']}'
              AND lower(user_name) = '" . strtolower($p_hb_env['Cn']) . "'
            AND (coalesce(msg_tx, 0)::int & $EMAIL_FLAG)::int2 = $EMAIL_FLAG ";
    if ($p_values['valid'] != "Y") {
      $sql .= " AND email <> '" . prep_save($p_values['email'], 50) . "' ";
    }
    $sql .= "; ";   // END SQL STATEMENT

    if ($p_transaction) {
      // * TRANSACTION -- IMMEDIATELY POST
      if (!$trans_rs = db_query($sql, $p_dbh)) {
        $retFuncFailed = true;
      }
    } else {
      $p_build_sql .= $sql;
    }

  }

  // ** UPDATE THE OTEHR EMAIL VALUES

  $sql .= "UPDATE cuusers
          SET email='" . prep_save($p_values['email'], 50) . "' ";
  if (array_key_exists('egenl', $p_values)) {
    $egenl = (strtoupper($p_values['egenl'])=="Y" ? "Y" : "N");
    $sql .= ", egenl_flag = '$egenl' ";
  }
  $sql .= "WHERE user_name='{$p_hb_env['Cn']}' and cu='{$p_hb_env['Cu']}'; ";

  if ($p_transaction) {
    if (!$trans_rs = db_query($sql, $p_dbh)) {
      $retFuncFailed = true;
    }

  } else {
    $p_build_sql .= $sql;
  }

  return $retFuncFailed;
}

/**
 *
 * Update_SettingsPassword
 *
 * Create the sql queries to update the password
 *
 *
 * @param type $p_dbh
 * @param type $p_hb_env
 * @param type $p_values
 * @param bool $p_transaction
 * @param string $p_build_sql -- REFERENCE --
 */
function DEPRECATED_Update_SettingsPassword($p_dbh, $p_hb_env, $p_values, $p_transaction, &$p_build_sql) {

  $retFuncFailed = false;   // **Did the query execute as expected

  // ** ONLY UPDATE IF newpasswd is defined in the p_values array
    // ** That way I may be able to use the current password as part of valiation and NO updated will occur
  if (array_key_exists('newpasswd', $p_values)) {
    // ** Create the password hash
    $hash = crypt($p_values['newpasswd']);

    $sql = "UPDATE cuusers
            SET passwd = '$hash',
                forcechange = 'N',
                pwchange = now()
            WHERE lower(user_name) = '" . strtolower($p_hb_env['Cn']) . "' and cu = '{$p_hb_env['Cu']}'; ";

    if ($p_transaction) {
      if (!$trans_rs = db_query($sql, $p_dbh)) {
        $retFuncFailed = true;
      }

    } else {
      $p_build_sql .= $sql;
    }
  }

  return $retFuncFailed;
}

/**
 * Update_SettingsAlias
 * Update the user_alias piece of the member information
 *
 * @param integer $p_dbh          -- Current database handle
 * @param array $p_hb_env         -- Current HB_ENV values
 * @param array $p_values         -- Array of the values being passed to be updated
 * @param boolean $p_transaction  -- {true, false} Are we running udpate as transaction queries?
 * @param string $p_build_sql     -- BYREF The current SQL to build if we are NOT doing transaction
 * @return boolean -- Did the function fail in execuing the query
 */
function DEPRECATED_Update_SettingsAlias($p_dbh, $p_hb_env, $p_values, $p_transaction, &$p_build_sql) {
  $retFuncFailed = false;   // ** Did the query execute as expected?

  // ** Build the SQL to execute
  $sql = "UPDATE cuusers
          SET user_alias='" . prep_save($p_values['username'], 50) . "'
          WHERE user_name = '{$p_hb_env['Cn']}' and cu = '{$p_hb_env['Cu']}'
            AND NOT EXISTS
              (SELECT * FROM cuusers WHERE cu = '{$p_hb_env['Cu']}'
                and user_name <> '{$p_hb_env['Cn']}'
                and user_alias = '" . prep_save($p_values['username'], 50) . "'); ";

  if ($p_transaction) {
    if(!$trans_rs = db_query($sql, $p_dbh)) {
      $retFuncFailed = true;
    }
  } else {
    // ** Build SQL
    $p_build_sql .= $sql;
  }

  return $retFuncFailed;
}

/**
 * Update_SettingsConfidence
 * Update the members' confidence word
 *
 * @param integer $p_dbh          -- Current database handle
 * @param array $p_hb_env         -- Current HB_ENV values
 * @param array $p_values         -- Array of the values being passed to be updated
 * @param boolean $p_transaction  -- {true, false} Are we running udpate as transaction queries?
 * @param string $p_build_sql     -- BYREF The current SQL to build if we are NOT doing transaction
 * @return boolean -- Did the function fail in execuing the query
 */
function DEPRECATED_Update_SettingsConfidence($p_dbh, $p_hb_env, $p_values, $p_transaction, &$p_build_sql) {
  global $MEM_FORCE_RESET;

  $retFuncFailed = false;       // ** Did the function execute as expected

  // ** Build the SQL to execute

  // * *WHEN I set the confidence I will also RESET THE userflags for FORCE_RESET
  //coalesce(userflags - (userflags::int4 & {$MEM_FORCE_RESET}::int4), 0),

  $sql = "UPDATE cuusers
          SET confidence = '" . prep_save($p_values['confword'], 20) . "',
            userflags = coalesce(userflags - (userflags::int4 & {$MEM_FORCE_RESET}::int4), 0)

          WHERE user_name = '{$p_hb_env['Cn']}' and cu = '{$p_hb_env['Cu']}'; ";


  if ($p_transaction) {
    if(!$trans_rs = db_query($sql, $p_dbh)) {
      $retFuncFailed = true;
    }
  } else {
    // ** Build SQL
    $p_build_sql .= $sql;
  }

  return $retFuncFailed;
}
/**
 * Update_SettingsConfidence
 * Update the members' challenge questions
 *
 * @param integer $p_dbh          -- Current database handle
 * @param array $p_hb_env         -- Current HB_ENV values
 * @param array $p_values         -- Array of the values being passed to be updated
 * @param boolean $p_transaction  -- {true, false} Are we running udpate as transaction queries?
 * @param string $p_build_sql     -- BYREF The current SQL to build if we are NOT doing transaction
 * @return boolean -- Did the function fail in execuing the query
 */
function DEPRECATED_Update_SettingsChallenge($p_dbh, $p_hb_env, $p_values, $p_transaction, &$p_build_sql) {
  $retFuncFailed = false;       // ** Did the function execute as expected

  // ** Build the SQL to execute

  // * First DELETE ALL
  $sql = "DELETE FROM cuquestselect
         WHERE accountnumber = '{$p_hb_env['Cn']}' and cu = '{$p_hb_env['Cu']}'; ";

  // ** NOW ADD BACK THE INSERTS
  foreach ($p_values as $qst_info) {
    $qst_id = $qst_info['cqid'];
    $qst_value = $qst_info['display'];
    //FROM THIS WE will form the sql query
    // * validate the information here?
    $sql .= "INSERT INTO cuquestselect
                (cu, accountnumber, quest_id, answer)
              VALUES
                ('{$p_hb_env['Cu']}',
                '{$p_hb_env['Cn']}',
                '" . intval($qst_id) . "',
                '" . prep_save($qst_value, 50) . "'); ";
  }


  if ($p_transaction) {
    if(!$trans_rs = db_query($sql, $p_dbh)) {
      $retFuncFailed = true;
    }
  } else {
    // ** Build SQL
    $p_build_sql .= $sql;
  }

  return $retFuncFailed;
}

/**
 * Update_SettingsDesc
 * Update the members' account descriptions
 *
 * @param integer $p_dbh          -- Current database handle
 * @param array $p_hb_env         -- Current HB_ENV values
 * @param array $p_values         -- Array of the values being passed to be updated
 * @param boolean $p_transaction  -- {true, false} Are we running udpate as transaction queries?
 * @param string $p_build_sql     -- BYREF The current SQL to build if we are NOT doing transaction
 * @return boolean -- Did the function fail in execuing the query
 */
function DEPRECATED_Update_SettingsDesc($p_dbh, $p_hb_env, $p_values, $p_transaction, &$p_build_sql) {
    $retFuncFailed = false;       // ** Did the function execute as expected
    if ($p_hb_env['live']) {
        $cutx = "culivetx";
    } else {
        $cutx = "cubatchtx";
    }
    // ** Build the SQL to execute

    $sql = "";
    if (is_array($p_values['swaccts']) && sizeof($p_values['swaccts']) > 0) {
        foreach ($p_values['swaccts'] as $swacct) {
            $id = trim($swacct[0]);
            $description = trim($swacct[1]);

            // ** -- Strip [\;`"] from the string
            $description = preg_replace('/[\\\]/', "", $description);

            $sql .= "update {$cutx} set description = '" . prep_save($description) . "'
              where id = $id and cu = '{$p_hb_env['Cu']}' and accountnumber = '{$p_hb_env['Cn']}';";
        }
    }
#
    if (is_array($p_values['xaccts']) && sizeof($p_values['xaccts']) > 0) {
        foreach ($p_values['xaccts'] as $xacct) {
            $id = trim($xacct[0]);
            $description = trim($xacct[1]);

            // ** -- Strip [\;`"] from the string
            $description = preg_replace('/[\\\]/', "", $description);

            $sql .= "update {$cutx} set description = '" . prep_save($description) . "'
              where id = $id and cu = '{$p_hb_env['Cu']}' and accountnumber = '{$p_hb_env['Cn']}';";
        }
    }

    $set_myaccount = $p_values['set_myaccount'];
    $set_myaccount = preg_replace('/[;"\\\]/', "", $set_myaccount);

    $sql .= "delete from {$cutx}
                where cu = '{$p_hb_env['Cu']}'
                and accountnumber = '{$p_hb_env['Cn']}'
                and tomember = '{$p_hb_env['Cn']}';";


    $sql .= "insert into {$cutx} (cu, accountnumber,
                   tomember, accounttype, deposittype, description, misc1)
            values ('{$p_hb_env['Cu']}','{$p_hb_env['Cn']}',
                '{$p_hb_env['Cn']}','00','W','" . prep_save($set_myaccount) . "',NULL);";

    if ($p_transaction) {
        if (!$trans_rs = db_query($sql, $p_dbh)) {
            $retFuncFailed = true;
        }
    } else {
        // ** Build SQL
        $p_build_sql .= $sql;
    }

    return $retFuncFailed;
}

/**
 *  Get_PwdRules
 *
 *  Return the password rules.
 *
 * @param integer $p_dbh - Current Database Pointer
 * @param array $p_hb_env - Current value of the HB_ENV array
 *
 * @return array - Returns an array of the rules.
 */
function Get_PwdRules($p_dbh, $p_hb_env) {
  // read the password requirements, if any
  $sql = "select pwdconfig from cuadmin where cu='{$p_hb_env["cu"]}'";
  $sth = db_query($sql,$p_dbh);

  $row = db_fetch_array($sth,0);
  // this is a JSON object
  $pwdConfigAry = json_decode( $row["pwdconfig"], true );

  // see if the "use" flag is not set (meaning we need to use the default requirements)
  if ( $pwdConfigAry["use"] == 1 ) {
    // strip out the "use" since the rules should always be used
    unset( $pwdConfigAry["use"] );
  } else {
    $pwdConfigAry = array( "len" => 6, "digit" => 1);
  }

  return $pwdConfigAry;
} // end Get_PwdRules

/**
 *  Validate_PwdRules
 *
 *  This will accept the same settings as Validate_Settings, BUT will VALIDATE
 *    that the password rules are being met. If the requirements are not set up
 *    then use the default checks that are tested down inside Validate_SettingsPassword().
 *  Only call this if you want to validate.
 *
 * @param integer $p_dbh - Current Database Pointer
 * @param array $p_hb_env - Current value of the HB_ENV array
 * @param array $p_upd_fields - These are the fields that will be validated.  Their
 *                layout is the same as Update_Settings
 *     $p_upd_fields['settings_password']['current'] : current password;
 *     $p_upd_fields['settings_password']['newpasswd'] : new password;
 *     $p_upd_fields['settings_password']['confpasswd'] : confirming new password;
 * @param object $p_mc - This is the currently used Language Class
 *
 * @return array - Returns a status array containing any errors that may have
 *      been encountered
 */
function Validate_PwdRules($p_dbh, $p_hb_env, $p_upd_fields, $p_mc) {
  $retAry = Array("status" => Array ("code" => "", "severity" => "", "errors" => Array()));

  // see if password requirements are set
  $sql = "select pwdconfig from cuadmin where cu='{$p_hb_env["cu"]}'";
  $sth = db_query($sql,$p_dbh);

  $row = db_fetch_array($sth,0);
  // this is a JSON object
  $pwdConfigAry = json_decode( $row["pwdconfig"], true );
  db_free_result($sth);

  if ( count( $pwdConfigAry ) && $pwdConfigAry["use"] > 0 ) {
    $pwdErrorCount = 0;
    if ( $pwdConfigAry["len"] > 0 &&
         strlen( $p_upd_fields['settings_password']['newpasswd'] ) < $pwdConfigAry["len"] ) {
      $pwdErrorCount++;
    }

    // make an array for easier searching
    $specialCharAry = explode( ",", Get_PwdSpecialCharacters() );

    // gather the other requirement test values
    $countUpper = 0;
    $countLower = 0;
    $countSpecial = 0;
    $countDigits = 0;
    $countLetters = 0;      // upper or lower
    $testString = trim( $p_upd_fields['settings_password']['newpasswd'] );
    for ( $i = 0; $i < strlen( $testString ); $i++ ) {
      $testChar = substr( $testString, $i, 1 );
      if (preg_match("/[a-z]/", $testChar) ) {
        $countLower++;
        $countLetters++;
      } else if (preg_match("/[A-Z]/", $testChar) ) {
        $countUpper++;
        $countLetters++;
      } else if (preg_match("/\d/", $testChar) ) {
        $countDigits++;
      } else if (in_array($testChar, $specialCharAry ) ) {
        $countSpecial++;
      }
    }

    // now test against the requirements
    if (HCU_array_key_value("len", $pwdConfigAry) > 0) {
      if ( strlen( $testString ) < $pwdConfigAry["len"] ) {
        $pwdErrorCount++;
      }
    }
    if (HCU_array_key_value("upper", $pwdConfigAry) > 0) {
      if ( $countUpper < $pwdConfigAry["upper"] ) {
        $pwdErrorCount++;
      }
    }
    if (HCU_array_key_value("lower", $pwdConfigAry) > 0) {
      if ( $countLower < $pwdConfigAry["lower"] ) {
        $pwdErrorCount++;
      }
    }
    if (HCU_array_key_value("spec", $pwdConfigAry) > 0) {
      if ( $countSpecial < $pwdConfigAry["spec"] ) {
        $pwdErrorCount++;
      }
    }
    if (HCU_array_key_value("digit", $pwdConfigAry) > 0) {
      if ( $countDigits < $pwdConfigAry["digit"] ) {
        $pwdErrorCount++;
      }
    }

    // check if the requirements were met
    if ( $pwdErrorCount > 0 ) {
      $retAry['status']['errors'][] = $p_mc->msg('Minimum password requirement not met');
      $FailedCurrPassword = true;
    }
  } else {
    $FailedCurrPassword = Validate_SettingsPassword($p_dbh, $p_hb_env, $p_upd_fields['settings_password'], $retAry['status']['errors'], $p_mc);
  }

  if (count($retAry['status']['errors']) > 0) {
    // * validation errors occurred
    $retAry['status']['code'] = '999';
    $retAry['status']['severity'] = 'ERRORS';

    if ( $FailedCurrPassword ) {
      $retAry['status']['failed_curr_pass'] = TRUE;
    }
  } else {
    // * SUCCESS
    $retAry['status']['code'] = '000';
    $retAry['status']['severity'] = 'SUCCESS';
  }

  return $retAry;
} // end Validate_PwdRules

/**
 *  Validate_Settings
 *
 *  This will accept the same settings as Update_Settings, BUT will VALIDATE
 *    The information ONLY
 *
 * @param integer $p_dbh - Current Database Pointer
 * @param array $p_hb_env - Current value of the HB_ENV array
 * @param array $p_upd_fields - These are the fields that will be validated.  Their
 *                layout is the same as Update_Settings
 * @param object $p_mc - This is the currently used Language Class
 *
 * @return array - Returns a status array containing any errors that may have
 *      been encountered
 */
function Validate_Settings($p_dbh, $p_hb_env, $p_upd_fields, $p_mc) {
  $retAry = Array("status" => Array ("code" => "", "severity" => "", "errors" => Array()));

  // * For each included piece, call it's validation routine.
  // ** any error message will be accumulated on the errors array that will be passed to each routine
  $trans_failed = false;

  // ** Validate Email

  if (isset($p_upd_fields['settings_email']) && !$trans_failed) {
    Validate_SettingsEmail($p_dbh, $p_hb_env, $p_upd_fields['settings_email'], $retAry['status']['errors'], $p_mc);
  }

  // ** Validate Password
  if (isset($p_upd_fields['settings_password']) && !$trans_failed) {
    $FailedCurrPassword = Validate_SettingsPassword($p_dbh, $p_hb_env, $p_upd_fields['settings_password'], $retAry['status']['errors'], $p_mc);
  }

  // ** Validate Security Phone Numbers
  if (isset($p_upd_fields['settings_phones']) && !$trans_failed) {
    Validate_SettingsPhones($p_dbh, $p_hb_env, $p_upd_fields['settings_phones'], $retAry['status']['errors'], $p_mc);
  }

  // ** Validate Challenge Questions
  if (isset($p_upd_fields['settings_questions']) && !$trans_failed) {
    Validate_SettingsChallenge($p_dbh, $p_hb_env, $p_upd_fields['settings_questions'], $retAry['status']['errors'], $p_mc);
  }

  // ** Validate User Alias
  if (isset($p_upd_fields['settings_alias']) && !$trans_failed) {
    Validate_SettingsAlias($p_dbh, $p_hb_env, $p_upd_fields['settings_alias'], $retAry['status']['errors'], $p_mc);
  }

  // ** Validate Confidence Word
  if (isset($p_upd_fields['settings_confidence']) && !$trans_failed) {
    Validate_SettingsConfidence($p_dbh, $p_hb_env, $p_upd_fields['settings_confidence'], $retAry['status']['errors'], $p_mc);
  }

  // ** Validate Account Descriptions
  if (isset($p_upd_fields['settings_desc']) && !$trans_failed) {
        Validate_SettingsDesc($p_dbh, $p_hb_env, $p_upd_fields['settings_desc'], $retAry['status']['errors'], $p_mc);
  }

  if (count($retAry['status']['errors']) > 0) {
    // * validation errors occurred
    $retAry['status']['code'] = '999';
    $retAry['status']['severity'] = 'ERRORS';


    if ( $FailedCurrPassword ) {
      $retAry['status']['failed_curr_pass'] = TRUE;
    }
  } else {
    // * SUCCESS
    $retAry['status']['code'] = '000';
    $retAry['status']['severity'] = 'SUCCESS';
  }

  return $retAry;
}

/**
 *
 * Validate_SettingsEmail
 *
 * This will evaluate the email in p_values.  If an error occurred the error will
 *  be added to the p_errors_ary array
 *
 * @param integer $p_dbh
 * @param array $p_hb_env
 * @param array $p_values
 * @param array $p_errors_ary REFERENCE
 * @param object $p_mc
 *
 * @return NO RETURN
 */
function Validate_SettingsEmail($p_dbh, $p_hb_env, $p_values, &$p_errors_ary, $p_mc) {

  if (trim($p_values['email']) == '') {
    // ** EMPTY EMAIL
    $p_errors_ary[] = $p_mc->msg('EMail Missing');
  } else {
    if (!validateEmail($p_values['email'])) {
      $p_errors_ary[] = $p_mc->msg('Email appears invalid');
    }
  }

  // ** NO RETURN
}
/**
 * Validate_SettingsPassword
 *
 * Validate the password security fields.
 *
 * @param integer $p_dbh
 * @param array $p_hb_env
 * @param array $p_values
 * @param array $p_errors_ary REFERENCE
 * @param object $p_mc
 *
 * @return TRUE if failed current password check, FALSE otherwise
 */
function Validate_SettingsPassword($p_dbh, $p_hb_env, $p_values, &$p_errors_ary, $p_mc) {
  $FailedCurrPassword = false;

  $pwd_maxlength = 20;
  // ** Did the user review password guidelines??
  if (array_key_exists('review_guidelines', $p_values)) {
    if ($p_values['review_guidelines'] != 'Y') {
      $p_errors_ary[] = $p_mc->msg("Please review the password guidelines");
    }
  }

  // ** Get the saved member password hash
  $mbrPwd = GetUserInfo($p_dbh, $p_hb_env, $p_mc, Array("user_id" => $p_hb_env['Uid'], "cu" => $p_hb_env['Cu']));

  if ($mbrPwd['status']['code'] != '000') {
    // ** An error occurred retrieving the saved password hash value
    $p_errors_ary = array_merge($p_errors_ary, $mbrPwd['status']['errors']);
  } else {
    $mbr_pwdhash = $mbrPwd['data']['cuusers_passwd'];

    // ** if Current password is included -- verify it matches current password for member
    if (array_key_exists('current', $p_values)) {

      $saved_passwd = preg_replace("/ +$/", "", $mbr_pwdhash);
      $current_hashed = password_verify($p_values['current'], $saved_passwd);
      if (!$current_hashed) {
        $p_errors_ary[] = $p_mc->msg('Invalid login or password');

        $FailedCurrPassword = true;
      }

      // * Be sure the NEW and CURRENT do NOT match
      if (array_key_exists('newpasswd', $p_values)) {
        if ($p_values['newpasswd'] == $p_values['current']) {
          $p_errors_ary[] = $p_mc->msg('New password and Current password cannot match');
        }
      }
    }

    // ** Validate new passwords
    if (array_key_exists('newpasswd', $p_values)) {
      // ** Do they match?
      if ($p_values['newpasswd'] != $p_values['confpasswd']) {
        $p_errors_ary[] = $p_mc->msg("New passwords do not match");
      }

      // ** validate the password length
      if (strlen($p_values['newpasswd']) < 6 || strlen($p_values['newpasswd']) > 20 ) {
        $p_errors_ary[] = $p_mc->combo_msg('NEW password must be X characters long', 0, "#max#", $pwd_maxlength);
      }

      // ** Do they meet security criteria?
      if (preg_match("/['\"]/",$p_values['newpasswd'])){
        $p_errors_ary[] = $p_mc->msg("Invalid Characters in New password");
      }

      if (strlen($p_values['newpasswd']) > 0 && !(preg_match("/\d/",$p_values['newpasswd']) && preg_match("/\D/",$p_values['newpasswd']))) {
        $p_errors_ary[] = $p_mc->msg("Password must contain both number and letter characters");
      }
    }
  }

  return $FailedCurrPassword;
}

/**
 * Validate_SettingsAlias
 *
 * Validate the User Alias, It must be unique and meet certain security requirements
 *
 * @param integer $p_dbh
 * @param array $p_hb_env
 * @param array $p_values
 * @param array $p_errors_ary REFERENCE
 * @param object $p_mc
 *
 * @return NO RETURN
 */
function Validate_SettingsAlias($p_dbh, $p_hb_env, $p_values, &$p_errors_ary, $p_mc) {

    // * Is username Required? -- If so, it may not be blank
    if (strlen($p_values['username']) == 0 && (($p_hb_env['Fset2'] & $GLOBALS['CU2_ALIAS_REQ']) == $GLOBALS['CU2_ALIAS_REQ'])) {
      $p_errors_ary[] = $p_mc->msg("Username Required");
    }

    // ** Validate the user alias if it IS entered
    // * Validate user alias length
    if (strlen($p_values['username'])  > 0 && strlen($p_values['username']) < 6 ) {
      $p_errors_ary[] = $p_mc->msg('Username too short');
    }
    // * Validate the useralias and confirmation match
    if ($p_values['username'] != $p_values['username_confirm']) {
      $p_errors_ary[] = $p_mc->msg('Username nomatch');
    }
    // * Validate the useralias is correct format
    if (strlen($p_values['username']) > 5 && !check_alias_format($p_values['username'])) {
      $p_errors_ary[] = $p_mc->msg('Username appears invalid');
    }
    // The user alias MUST be unique -- This is a database lookup
    // ** If there are NO errors reported, then go ahead and also evaluate the user alias availability

    if (count($p_errors_ary) == 0) {
      if (strlen($p_values['username']) > 5 && !check_alias_available($p_dbh, $p_hb_env, $p_values['username'])) {
        $p_errors_ary[] = $p_mc->msg('Username not available');
      }
    }


}

/**
 *
 * Validate_SettingsConfidence
 *
 * This will evaluate the information in settings_confidence.  It will ensure
 *  the confidence word is valid
 *
 * @param integer $p_dbh
 * @param array $p_hb_env
 * @param array $p_values [settings_confidence]
 * @param array $p_errors_ary REFERENCE
 * @param object $p_mc
 *
 * @return NO RETURN
 */
function Validate_SettingsConfidence($p_dbh, $p_hb_env, $p_values, &$p_errors_ary, $p_mc) {

  // Confidence word MUST be entered
  if (strlen($p_values['confword']) == 0) {
    $p_errors_ary[] = $p_mc->msg("Set Config Enter Word");
  }

  // ** NO RETURN
}

/**
 *
 * Validate_SettingsPhones
 *
 * This will evaluate the information in settings_phones.  It will ensure
 *  the phone numbers are valid.
 *
 * @param integer $p_dbh
 * @param array $p_hb_env
 * @param array $p_values [settings_phones]
 * @param array $p_errors_ary REFERENCE
 * @param object $p_mc
 *
 * @return NO RETURN
 */
function Validate_SettingsPhones($p_dbh, $p_hb_env, $p_values, &$p_errors_ary, $p_mc) {
  $valid = true;
  if (is_array($p_values)) {
    foreach ($p_values as $type => $numbers) {
      if (is_array($numbers)) {
        for ($i = 0; $i < count($numbers); $i++) {
          $value = $numbers[$i];
          $valid = preg_match('/^[2-9]\d{2}-\d{3}-\d{4}$/', $value);
          if (!$valid) {
            $p_errors_ary[] = $p_mc->msg("Phone Invalid", HCU_DISPLAY_AS_JS);
            break;
          }
        }
      } else {
        $value = $numbers;
        if ($value != '') {
          $valid = preg_match('/^[2-9]\d{2}-\d{3}-\d{4}$/', $value);
          if (!$valid) {
            $p_errors_ary[] = $p_mc->msg("Phone Invalid", HCU_DISPLAY_AS_JS);
            break;
          }
        }
      }
      if (!$valid) { break; }
    }
  }
}

/**
 * Validate_SettingsChallenge
 *
 * Validate the challenge questions/responses
 *
 * @param integer $p_dbh
 * @param array $p_hb_env
 * @param array $p_values - information set in the settings_questions section
 * @param array $p_errors_ary BY REFERENCE
 * @param object $p_mc   - This is the current MC class for the selected language
 *
 * @return NO RETURN
 */
function Validate_SettingsChallenge($p_dbh, $p_hb_env, $p_values, &$p_errors_ary, $p_mc) {

  $loop_idx = 0;
  $selected_questions_list = Array();
  foreach ($p_values as $quest_info) {
    $qst_id = $quest_info['cqid'];
    $qst_resp = $quest_info['display'];

    $loop_idx++;
    // ** loop through each id -> response

    // * No Question ID selected
    if (intval($qst_id) == 0) {
      $p_errors_ary[] = $p_mc->combo_msg("Set Config Question Select", 0, "#num#", $loop_idx);
    } else {
      // * Duplicated Questions
      // * if the question was answered, check to see if it was selected before
      if (array_search(intval($qst_id), $selected_questions_list) !== False) {
        // * It has been duplicated
        $p_errors_ary[] = $p_mc->combo_msg("Set Config Question Duplicate", 0, "#num#", $loop_idx);
       }
      // * Add the current Question ID to the list of selected questions
      $selected_questions_list[] = intval($qst_id);
    }

    // * Question response is BLANK
    if (strlen($qst_resp) == 0) {
      $p_errors_ary[] = $p_mc->combo_msg("Set Config Question Blank", 0, "#num#", $loop_idx);
    }
  }

  // ** NO RETURN
}
/**
 * Validate_SettingsDesc
 *
 * Validate the account descriptions
 *
 * @param integer $p_dbh
 * @param array $p_hb_env
 * @param array $p_values - information set in the settings_desc section
 *      myaccount   string  member account nickname
 *      swaccts     array   descriptions for switch accounts
 *      xaccts      array   descriptions for cross-accounts
 *      subaccts    array   descriptions for myaccount subaccts (inc. joint accts)
 * @param array $p_errors_ary BY REFERENCE
 * @param object $p_mc   - This is the current MC class for the selected language
 *
 * @return NO RETURN
 */
function Validate_SettingsDesc($p_dbh, $p_hb_env, $p_values, &$p_errors_ary, $p_mc) {

    $set_myaccount = trim($p_values['set_myaccount']);
    if ($set_myaccount == "") {
        $p_errors_ary[] = $p_mc->msg('Account Descriptions cannot be blank');
    }

    # if we have switch accounts, validate the descriptions are unique
    if (is_array($p_values['swaccts']) && sizeof($p_values['swaccts']) > 0) {
        $membercnt = array("$set_myaccount" => 1);
        foreach ($p_values['swaccts'] as $swacct) {
            $description = trim($swacct[1]);
            $membercnt{$description} += 1;

            if (trim($description) != "" && $membercnt{$description} > 1) {
                $p_errors_ary[] = $p_mc->msg('Account Descriptions must be unique');
            }
            if (trim($description) == "") {
                $p_errors_ary[] = $p_mc->msg('Account Descriptions cannot be blank');
            }
        }
    }

    # if we have cross accounts, validate the descriptions are unique
    if (is_array($p_values['xaccts']) && sizeof($p_values['xaccts']) > 0) {
        $membercnt = array("$set_myaccount" => 1);
        foreach ($p_values['xaccts'] as $xacct) {
            $description = trim($xacct[1]);
            $membercnt{$description} += 1;

            if (trim($description) != "" && $membercnt{$description} > 1) {
                $p_errors_ary[] = $p_mc->msg('Account Descriptions must be unique');
            }
            if (trim($description) == "") {
                $p_errors_ary[] = $p_mc->msg('Account Descriptions cannot be blank');
            }
        }
    }

    // ** NO RETURN
}