From 0c4374aede5ea62304563b9b2e907e55a62b70df Mon Sep 17 00:00:00 2001 From: bradymiller Date: Sat, 1 Aug 2009 06:29:26 +0000 Subject: [PATCH] merged from head the following: use of formTrim functionto fix quote handling when no magic quotes --- library/options.inc.php | 1184 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1184 insertions(+) create mode 100644 library/options.inc.php diff --git a/library/options.inc.php b/library/options.inc.php new file mode 100644 index 000000000..7dbdc6a12 --- /dev/null +++ b/library/options.inc.php @@ -0,0 +1,1184 @@ + +// +// This program is free software; you can redistribute it and/or +// modify it under the terms of the GNU General Public License +// as published by the Free Software Foundation; either version 2 +// of the License, or (at your option) any later version. + +// Functions for managing the lists and layouts +// +// Note: there are translation wrappers for the lists and layout labels +// at library/translation.inc.php. The functions are titled +// xl_list_label() and xl_layout_label() and are controlled by the +// $GLOBALS['translate_lists'] and $GLOBALS['translate_layout'] +// flags in globals.php + +require_once("formdata.inc.php"); + +$date_init = ""; + +function get_pharmacies() { + return sqlStatement("SELECT d.id, d.name, a.line1, a.city, " . + "p.area_code, p.prefix, p.number FROM pharmacies AS d " . + "LEFT OUTER JOIN addresses AS a ON a.foreign_id = d.id " . + "LEFT OUTER JOIN phone_numbers AS p ON p.foreign_id = d.id " . + "AND p.type = 2 " . + "ORDER BY name, area_code, prefix, number"); +} + +function generate_form_field($frow, $currvalue) { + global $rootdir, $date_init; + + $currescaped = htmlspecialchars($currvalue, ENT_QUOTES); + + $data_type = $frow['data_type']; + $field_id = $frow['field_id']; + $list_id = $frow['list_id']; + + // Added 5-09 by BM - Translate description if applicable + $description = htmlspecialchars(xl_layout_label($frow['description']), ENT_QUOTES); + + // added 5-2009 by BM to allow modification of the 'empty' text title field. + // Can pass $frow['empty_title'] with this variable, otherwise + // will default to 'Unassigned'. + // modified 6-2009 by BM to allow complete skipping of the 'empty' text title + // if make $frow['empty_title'] equal to 'SKIP' + $showEmpty = true; + if (isset($frow['empty_title'])) { + if ($frow['empty_title'] == "SKIP") { + //do not display an 'empty' choice + $showEmpty = false; + $empty_title = "Unassigned"; + } + else { + $empty_title = $frow['empty_title']; + } + } + else { + $empty_title = "Unassigned"; + } + + // generic single-selection list + if ($data_type == 1) { + echo ""; + echo " " . xl('Fix this') . "!"; + } + else { + echo ""; + } + } + + // simple text field + else if ($data_type == 2) { + echo ""; + } + + // long or multi-line text field + else if ($data_type == 3) { + echo "" . + $currescaped . ""; + } + + // date + else if ($data_type == 4) { + echo "" . + "[?]"; + $date_init .= " Calendar.setup({inputField:'form_$field_id', ifFormat:'%Y-%m-%d', button:'img_$field_id'});\n"; + } + + // provider list, local providers only + else if ($data_type == 10) { + $ures = sqlStatement("SELECT id, fname, lname, specialty FROM users " . + "WHERE active = 1 AND ( info IS NULL OR info NOT LIKE '%Inactive%' ) " . + "AND authorized = 1 " . + "ORDER BY lname, fname"); + echo ""; + } + + // provider list, including address book entries with an NPI number + else if ($data_type == 11) { + $ures = sqlStatement("SELECT id, fname, lname, specialty FROM users " . + "WHERE active = 1 AND ( info IS NULL OR info NOT LIKE '%Inactive%' ) " . + "AND ( authorized = 1 OR ( username = '' AND npi != '' ) ) " . + "ORDER BY lname, fname"); + echo ""; + } + + // pharmacy list + else if ($data_type == 12) { + echo ""; + } + + // squads + else if ($data_type == 13) { + echo ""; + } + + // Address book, preferring organization name if it exists and is not in + // parentheses, and excluding local users who are not providers. + // Supports "referred to" practitioners and facilities. + else if ($data_type == 14) { + $ures = sqlStatement("SELECT id, fname, lname, organization FROM users " . + "WHERE active = 1 AND ( info IS NULL OR info NOT LIKE '%Inactive%' ) " . + "AND ( username = '' OR authorized = 1 ) " . + "ORDER BY organization, lname, fname"); + echo ""; + } + + // a billing code (only one of these allowed!) + else if ($data_type == 15) { + echo ""; + } + + // a set of labeled checkboxes + else if ($data_type == 21) { + // In this special case, fld_length is the number of columns generated. + $cols = max(1, $frow['fld_length']); + $avalue = explode('|', $currvalue); + $lres = sqlStatement("SELECT * FROM list_options " . + "WHERE list_id = '$list_id' ORDER BY seq, title"); + echo ""; + $tdpct = (int) (100 / $cols); + for ($count = 0; $lrow = sqlFetchArray($lres); ++$count) { + $option_id = $lrow['option_id']; + // if ($count) echo "
"; + if ($count % $cols == 0) { + if ($count) echo ""; + echo ""; + } + echo ""; + } + if ($count) { + echo ""; + if ($count > $cols) { + // Add some space after multiple rows of checkboxes. + echo ""; + } + } + echo "
"; + echo "" . xl_list_label($lrow['title']); + + echo "
"; + } + + // a set of labeled text input fields + else if ($data_type == 22) { + $tmp = explode('|', $currvalue); + $avalue = array(); + foreach ($tmp as $value) { + if (preg_match('/^(\w+?):(.*)$/', $value, $matches)) { + $avalue[$matches[1]] = $matches[2]; + } + } + $lres = sqlStatement("SELECT * FROM list_options " . + "WHERE list_id = '$list_id' ORDER BY seq, title"); + echo ""; + while ($lrow = sqlFetchArray($lres)) { + $option_id = $lrow['option_id']; + $maxlength = empty($frow['max_length']) ? 255 : $frow['max_length']; + $fldlength = empty($frow['fld_length']) ? 20 : $frow['fld_length']; + + // Added 5-09 by BM - Translate label if applicable + echo ""; + + echo ""; + } + echo "
" . xl_list_label($lrow['title']) . " 
"; + } + + // a set of exam results; 3 radio buttons and a text field: + else if ($data_type == 23) { + $tmp = explode('|', $currvalue); + $avalue = array(); + foreach ($tmp as $value) { + if (preg_match('/^(\w+?):(.*)$/', $value, $matches)) { + $avalue[$matches[1]] = $matches[2]; + } + } + $maxlength = empty($frow['max_length']) ? 255 : $frow['max_length']; + $fldlength = empty($frow['fld_length']) ? 20 : $frow['fld_length']; + $lres = sqlStatement("SELECT * FROM list_options " . + "WHERE list_id = '$list_id' ORDER BY seq, title"); + echo ""; + echo "" . + ""; + while ($lrow = sqlFetchArray($lres)) { + $option_id = $lrow['option_id']; + $restype = substr($avalue[$option_id], 0, 1); + $resnote = substr($avalue[$option_id], 2); + + // Added 5-09 by BM - Translate label if applicable + echo ""; + + for ($i = 0; $i < 3; ++$i) { + echo ""; + } + echo ""; + echo ""; + } + echo "
 " . xl('N/A') . + " " . xl('Nor') . " " . xl('Abn') . " " . + xl('Date/Notes') . "
" . xl_list_label($lrow['title']) . " 
"; + } + + // the list of active allergies for the current patient + // this is read-only! + else if ($data_type == 24) { + $query = "SELECT title, comments FROM lists WHERE " . + "pid = '" . $GLOBALS['pid'] . "' AND type = 'allergy' AND enddate IS NULL " . + "ORDER BY begdate"; + // echo "\n"; // debugging + $lres = sqlStatement($query); + $count = 0; + while ($lrow = sqlFetchArray($lres)) { + if ($count++) echo "
"; + echo $lrow['title']; + if ($lrow['comments']) echo ' (' . $lrow['comments'] . ')'; + } + } + + // a set of labeled checkboxes, each with a text field: + else if ($data_type == 25) { + $tmp = explode('|', $currvalue); + $avalue = array(); + foreach ($tmp as $value) { + if (preg_match('/^(\w+?):(.*)$/', $value, $matches)) { + $avalue[$matches[1]] = $matches[2]; + } + } + $maxlength = empty($frow['max_length']) ? 255 : $frow['max_length']; + $fldlength = empty($frow['fld_length']) ? 20 : $frow['fld_length']; + $lres = sqlStatement("SELECT * FROM list_options " . + "WHERE list_id = '$list_id' ORDER BY seq, title"); + echo ""; + while ($lrow = sqlFetchArray($lres)) { + $option_id = $lrow['option_id']; + $restype = substr($avalue[$option_id], 0, 1); + $resnote = substr($avalue[$option_id], 2); + + // Added 5-09 by BM - Translate label if applicable + echo ""; + + echo ""; + echo ""; + echo ""; + } + echo "
" . xl_list_label($lrow['title']) . "  
"; + } + + // single-selection list with ability to add to it + else if ($data_type == 26) { + echo ""; + echo " " . xl('Fix this') . "!"; + } + else { + echo ""; + } + + // show the add button if user has access to correct list + $outputAddButton = ""; + if (aco_exist('lists', $list_id)) { + // a specific aco exist for this list, so ensure access + if (acl_check('lists', $list_id)) echo $outputAddButton; + } + else { + // no specific aco exist for this list, so check for access to 'default' list + if (acl_check('lists', 'default')) echo $outputAddButton; + } + } + +} + +function generate_print_field($frow, $currvalue) { + global $rootdir, $date_init; + + $currescaped = htmlspecialchars($currvalue, ENT_QUOTES); + + $data_type = $frow['data_type']; + $field_id = $frow['field_id']; + $list_id = $frow['list_id']; + $fld_length = $frow['fld_length']; + + $description = htmlspecialchars(xl_layout_label($frow['description']), ENT_QUOTES); + + // Can pass $frow['empty_title'] with this variable, otherwise + // will default to 'Unassigned'. + // If it is 'SKIP' then an empty text title is completely skipped. + $showEmpty = true; + if (isset($frow['empty_title'])) { + if ($frow['empty_title'] == "SKIP") { + //do not display an 'empty' choice + $showEmpty = false; + $empty_title = "Unassigned"; + } + else { + $empty_title = $frow['empty_title']; + } + } + else { + $empty_title = "Unassigned"; + } + + // generic single-selection list + if ($data_type == 1 || $data_type == 26) { + if (empty($fld_length)) { + if ($list_id == 'titles') { + $fld_length = 3; + } else { + $fld_length = 10; + } + } + $tmp = ''; + if ($currvalue) { + $lrow = sqlQuery("SELECT title FROM list_options " . + "WHERE list_id = '$list_id' AND option_id = '$currvalue'"); + $tmp = xl_list_label($lrow['title']); + if (empty($tmp)) $tmp = "($currvalue)"; + } + /***************************************************************** + echo ""; + *****************************************************************/ + if ($tmp === '') $tmp = ' '; + echo $tmp; + } + + // simple text field + else if ($data_type == 2 || $data_type == 15) { + /***************************************************************** + echo ""; + *****************************************************************/ + if ($currescaped === '') $currescaped = ' '; + echo $currescaped; + } + + // long or multi-line text field + else if ($data_type == 3) { + echo "" . + $currescaped . ""; + } + + // date + else if ($data_type == 4) { + /***************************************************************** + echo ""; + *****************************************************************/ + if ($currescaped === '') $currescaped = ' '; + echo $currescaped; + } + + // provider list + else if ($data_type == 10 || $data_type == 11) { + $tmp = ''; + if ($currvalue) { + $urow = sqlQuery("SELECT fname, lname, specialty FROM users " . + "WHERE id = '$currvalue'"); + $tmp = ucwords($urow['fname'] . " " . $urow['lname']); + if (empty($tmp)) $tmp = "($currvalue)"; + } + /***************************************************************** + echo ""; + *****************************************************************/ + if ($tmp === '') $tmp = ' '; + echo $tmp; + } + + // pharmacy list + else if ($data_type == 12) { + $tmp = ''; + if ($currvalue) { + $pres = get_pharmacies(); + while ($prow = sqlFetchArray($pres)) { + $key = $prow['id']; + if ($currvalue == $key) { + $tmp = $prow['name'] . ' ' . $prow['area_code'] . '-' . + $prow['prefix'] . '-' . $prow['number'] . ' / ' . + $prow['line1'] . ' / ' . $prow['city']; + } + } + if (empty($tmp)) $tmp = "($currvalue)"; + } + /***************************************************************** + echo ""; + *****************************************************************/ + if ($tmp === '') $tmp = ' '; + echo $tmp; + } + + // squads + else if ($data_type == 13) { + $tmp = ''; + if ($currvalue) { + $squads = acl_get_squads(); + if ($squads) { + foreach ($squads as $key => $value) { + if ($currvalue == $key) { + $tmp = $value[3]; + } + } + } + if (empty($tmp)) $tmp = "($currvalue)"; + } + /***************************************************************** + echo ""; + *****************************************************************/ + if ($tmp === '') $tmp = ' '; + echo $tmp; + } + + // Address book. + else if ($data_type == 14) { + $tmp = ''; + if ($currvalue) { + $urow = sqlQuery("SELECT fname, lname, specialty FROM users " . + "WHERE id = '$currvalue'"); + $uname = $urow['lname']; + if ($urow['fname']) $uname .= ", " . $urow['fname']; + $tmp = $uname; + if (empty($tmp)) $tmp = "($currvalue)"; + } + /***************************************************************** + echo ""; + *****************************************************************/ + if ($tmp === '') $tmp = ' '; + echo $tmp; + } + + // a set of labeled checkboxes + else if ($data_type == 21) { + // In this special case, fld_length is the number of columns generated. + $cols = max(1, $fld_length); + $avalue = explode('|', $currvalue); + $lres = sqlStatement("SELECT * FROM list_options " . + "WHERE list_id = '$list_id' ORDER BY seq, title"); + echo ""; + $tdpct = (int) (100 / $cols); + for ($count = 0; $lrow = sqlFetchArray($lres); ++$count) { + $option_id = $lrow['option_id']; + if ($count % $cols == 0) { + if ($count) echo ""; + echo ""; + } + echo ""; + } + if ($count) { + echo ""; + if ($count > $cols) { + // Add some space after multiple rows of checkboxes. + echo ""; + } + } + echo "
"; + echo "" . xl_list_label($lrow['title']); + echo "
"; + } + + // a set of labeled text input fields + else if ($data_type == 22) { + $tmp = explode('|', $currvalue); + $avalue = array(); + foreach ($tmp as $value) { + if (preg_match('/^(\w+?):(.*)$/', $value, $matches)) { + $avalue[$matches[1]] = $matches[2]; + } + } + $lres = sqlStatement("SELECT * FROM list_options " . + "WHERE list_id = '$list_id' ORDER BY seq, title"); + echo ""; + while ($lrow = sqlFetchArray($lres)) { + $option_id = $lrow['option_id']; + $maxlength = empty($frow['max_length']) ? 255 : $frow['max_length']; + $fldlength = empty($fld_length) ? 20 : $fld_length; + echo ""; + echo ""; + } + echo "
" . xl_list_label($lrow['title']) . " 
"; + } + + // a set of exam results; 3 radio buttons and a text field: + else if ($data_type == 23) { + $tmp = explode('|', $currvalue); + $avalue = array(); + foreach ($tmp as $value) { + if (preg_match('/^(\w+?):(.*)$/', $value, $matches)) { + $avalue[$matches[1]] = $matches[2]; + } + } + $maxlength = empty($frow['max_length']) ? 255 : $frow['max_length']; + $fldlength = empty($fld_length) ? 20 : $fld_length; + $lres = sqlStatement("SELECT * FROM list_options " . + "WHERE list_id = '$list_id' ORDER BY seq, title"); + echo ""; + echo "" . + ""; + while ($lrow = sqlFetchArray($lres)) { + $option_id = $lrow['option_id']; + $restype = substr($avalue[$option_id], 0, 1); + $resnote = substr($avalue[$option_id], 2); + echo ""; + for ($i = 0; $i < 3; ++$i) { + echo ""; + } + echo "" . + " class='under'" . + ""; + } + echo "
 " . xl('N/A') . + " " . xl('Nor') . " " . xl('Abn') . " " . + xl('Date/Notes') . "
" . xl_list_label($lrow['title']) . " 
"; + } + + // the list of active allergies for the current patient + // this is read-only! + else if ($data_type == 24) { + $query = "SELECT title, comments FROM lists WHERE " . + "pid = '" . $GLOBALS['pid'] . "' AND type = 'allergy' AND enddate IS NULL " . + "ORDER BY begdate"; + $lres = sqlStatement($query); + $count = 0; + while ($lrow = sqlFetchArray($lres)) { + if ($count++) echo "
"; + echo $lrow['title']; + if ($lrow['comments']) echo ' (' . $lrow['comments'] . ')'; + } + } + + // a set of labeled checkboxes, each with a text field: + else if ($data_type == 25) { + $tmp = explode('|', $currvalue); + $avalue = array(); + foreach ($tmp as $value) { + if (preg_match('/^(\w+?):(.*)$/', $value, $matches)) { + $avalue[$matches[1]] = $matches[2]; + } + } + $maxlength = empty($frow['max_length']) ? 255 : $frow['max_length']; + $fldlength = empty($fld_length) ? 20 : $fld_length; + $lres = sqlStatement("SELECT * FROM list_options " . + "WHERE list_id = '$list_id' ORDER BY seq, title"); + echo ""; + while ($lrow = sqlFetchArray($lres)) { + $option_id = $lrow['option_id']; + $restype = substr($avalue[$option_id], 0, 1); + $resnote = substr($avalue[$option_id], 2); + echo ""; + echo ""; + echo "" . + ""; + } + echo "
" . xl_list_label($lrow['title']) . "  
"; + } + +} + +function generate_display_field($frow, $currvalue) { + $data_type = $frow['data_type']; + $field_id = $frow['field_id']; + $list_id = $frow['list_id']; + $s = ''; + + // generic selection list or the generic selection list with add on the fly feature + if ($data_type == 1 || $data_type == 26) { + $lrow = sqlQuery("SELECT title FROM list_options " . + "WHERE list_id = '$list_id' AND option_id = '$currvalue'"); + + // Added 5-09 by BM - Translate label if applicable + $s = xl_list_label($lrow['title']); + + } + + // simple text field + else if ($data_type == 2) { + $s = $currvalue; + } + + // long or multi-line text field + else if ($data_type == 3) { + $s = nl2br($currvalue); + } + + // date + else if ($data_type == 4) { + $s = $currvalue; + } + + // provider + else if ($data_type == 10 || $data_type == 11) { + $urow = sqlQuery("SELECT fname, lname, specialty FROM users " . + "WHERE id = '$currvalue'"); + $s = ucwords($urow['fname'] . " " . $urow['lname']); + } + + // pharmacy list + else if ($data_type == 12) { + $pres = get_pharmacies(); + while ($prow = sqlFetchArray($pres)) { + $key = $prow['id']; + if ($currvalue == $key) { + $s .= $prow['name'] . ' ' . $prow['area_code'] . '-' . + $prow['prefix'] . '-' . $prow['number'] . ' / ' . + $prow['line1'] . ' / ' . $prow['city']; + } + } + } + + // squads + else if ($data_type == 13) { + $squads = acl_get_squads(); + if ($squads) { + foreach ($squads as $key => $value) { + if ($currvalue == $key) { + $s .= $value[3]; + } + } + } + } + + // address book + else if ($data_type == 14) { + $urow = sqlQuery("SELECT fname, lname, specialty FROM users " . + "WHERE id = '$currvalue'"); + $uname = $urow['lname']; + if ($urow['fname']) $uname .= ", " . $urow['fname']; + $s = $uname; + } + + // billing code + else if ($data_type == 15) { + $s = $currvalue; + } + + // a set of labeled checkboxes + else if ($data_type == 21) { + $avalue = explode('|', $currvalue); + $lres = sqlStatement("SELECT * FROM list_options " . + "WHERE list_id = '$list_id' ORDER BY seq, title"); + $count = 0; + while ($lrow = sqlFetchArray($lres)) { + $option_id = $lrow['option_id']; + if (in_array($option_id, $avalue)) { + if ($count++) $s .= "
"; + + // Added 5-09 by BM - Translate label if applicable + $s .= xl_list_label($lrow['title']); + + } + } + } + + // a set of labeled text input fields + else if ($data_type == 22) { + $tmp = explode('|', $currvalue); + $avalue = array(); + foreach ($tmp as $value) { + if (preg_match('/^(\w+?):(.*)$/', $value, $matches)) { + $avalue[$matches[1]] = $matches[2]; + } + } + $lres = sqlStatement("SELECT * FROM list_options " . + "WHERE list_id = '$list_id' ORDER BY seq, title"); + $s .= ""; + while ($lrow = sqlFetchArray($lres)) { + $option_id = $lrow['option_id']; + if (empty($avalue[$option_id])) continue; + + // Added 5-09 by BM - Translate label if applicable + $s .= ""; + + $s .= ""; + } + $s .= "
" . xl_list_label($lrow['title']) . ": " . $avalue[$option_id] . "
"; + } + + // a set of exam results; 3 radio buttons and a text field: + else if ($data_type == 23) { + $tmp = explode('|', $currvalue); + $avalue = array(); + foreach ($tmp as $value) { + if (preg_match('/^(\w+?):(.*)$/', $value, $matches)) { + $avalue[$matches[1]] = $matches[2]; + } + } + $lres = sqlStatement("SELECT * FROM list_options " . + "WHERE list_id = '$list_id' ORDER BY seq, title"); + $s .= ""; + while ($lrow = sqlFetchArray($lres)) { + $option_id = $lrow['option_id']; + $restype = substr($avalue[$option_id], 0, 1); + $resnote = substr($avalue[$option_id], 2); + if (empty($restype) && empty($resnote)) continue; + + // Added 5-09 by BM - Translate label if applicable + $s .= ""; + + $restype = ($restype == '1') ? xl('Normal') : (($restype == '2') ? xl('Abnormal') : xl('N/A')); + $s .= ""; + $s .= ""; + $s .= ""; + } + $s .= "
" . xl_list_label($lrow['title']) . " $restype
$resnote
"; + } + + // the list of active allergies for the current patient + else if ($data_type == 24) { + $query = "SELECT title, comments FROM lists WHERE " . + "pid = '" . $GLOBALS['pid'] . "' AND type = 'allergy' AND enddate IS NULL " . + "ORDER BY begdate"; + // echo "\n"; // debugging + $lres = sqlStatement($query); + $count = 0; + while ($lrow = sqlFetchArray($lres)) { + if ($count++) $s .= "
"; + $s .= $lrow['title']; + if ($lrow['comments']) $s .= ' (' . $lrow['comments'] . ')'; + } + } + + // a set of labeled checkboxes, each with a text field: + else if ($data_type == 25) { + $tmp = explode('|', $currvalue); + $avalue = array(); + foreach ($tmp as $value) { + if (preg_match('/^(\w+?):(.*)$/', $value, $matches)) { + $avalue[$matches[1]] = $matches[2]; + } + } + $lres = sqlStatement("SELECT * FROM list_options " . + "WHERE list_id = '$list_id' ORDER BY seq, title"); + $s .= ""; + while ($lrow = sqlFetchArray($lres)) { + $option_id = $lrow['option_id']; + $restype = substr($avalue[$option_id], 0, 1); + $resnote = substr($avalue[$option_id], 2); + if (empty($restype) && empty($resnote)) continue; + + // Added 5-09 by BM - Translate label if applicable + $s .= ""; + + $restype = $restype ? xl('Yes') : xl('No'); + $s .= ""; + $s .= ""; + $s .= ""; + } + $s .= "
" . xl_list_label($lrow['title']) . " $restype
$resnote
"; + } + + return $s; +} + +$CPR = 4; // cells per row of generic data +$last_group = ''; +$cell_count = 0; +$item_count = 0; + +function disp_end_cell() { + global $item_count, $cell_count; + if ($item_count > 0) { + echo ""; + $item_count = 0; + } +} + +function disp_end_row() { + global $cell_count, $CPR; + disp_end_cell(); + if ($cell_count > 0) { + for (; $cell_count < $CPR; ++$cell_count) echo ""; + echo "\n"; + $cell_count = 0; + } +} + +function disp_end_group() { + global $last_group; + if (strlen($last_group) > 0) { + disp_end_row(); + } +} + +function display_layout_rows($formtype, $result1, $result2='') { + global $item_count, $cell_count, $last_group, $CPR; + + $fres = sqlStatement("SELECT * FROM layout_options " . + "WHERE form_id = '$formtype' AND uor > 0 " . + "ORDER BY group_name, seq"); + + while ($frow = sqlFetchArray($fres)) { + $this_group = $frow['group_name']; + $titlecols = $frow['titlecols']; + $datacols = $frow['datacols']; + $data_type = $frow['data_type']; + $field_id = $frow['field_id']; + $list_id = $frow['list_id']; + $currvalue = ''; + + if ($formtype == 'DEM') { + if ($GLOBALS['athletic_team']) { + // Skip fitness level and return-to-play date because those appear + // in a special display/update form on this page. + if ($field_id === 'fitness' || $field_id === 'userdate1') continue; + } + if (strpos($field_id, 'em_') === 0) { + // Skip employer related fields, if it's disabled. + if ($GLOBALS['omit_employers']) continue; + $tmp = substr($field_id, 3); + if (isset($result2[$tmp])) $currvalue = $result2[$tmp]; + } + else { + if (isset($result1[$field_id])) $currvalue = $result1[$field_id]; + } + } + else { + if (isset($result1[$field_id])) $currvalue = $result1[$field_id]; + } + + // Handle a data category (group) change. + if (strcmp($this_group, $last_group) != 0) { + $group_name = substr($this_group, 1); + // totally skip generating the employer category, if it's disabled. + if ($group_name === 'Employer' && $GLOBALS['omit_employers']) continue; + disp_end_group(); + $last_group = $this_group; + } + + // Handle starting of a new row. + if (($titlecols > 0 && $cell_count >= $CPR) || $cell_count == 0) { + disp_end_row(); + echo ""; + if ($group_name) { + echo ""; + //echo ""; + //echo "$group_name"; + + // Added 5-09 by BM - Translate label if applicable + echo (xl_layout_label($group_name)); + + $group_name = ''; + } else { + //echo ""; + echo ' '; + } + echo ""; + } + + if ($item_count == 0 && $titlecols == 0) $titlecols = 1; + + // Handle starting of a new label cell. + if ($titlecols > 0) { + disp_end_cell(); + //echo ""; + $cell_count += $titlecols; + } + ++$item_count; + + // Added 5-09 by BM - Translate label if applicable + if ($frow['title']) echo (xl_layout_label($frow['title']).":"); else echo " "; + + // Handle starting of a new data cell. + if ($datacols > 0) { + disp_end_cell(); + //echo " 0) echo " style='padding-left:5pt'"; + echo ">"; + $cell_count += $datacols; + } + + ++$item_count; + echo generate_display_field($frow, $currvalue); + } + + disp_end_group(); +} + +// From the currently posted HTML form, this gets the value of the +// field corresponding to the provided layout_options table row. +// +function get_layout_form_value($frow) { + $data_type = $frow['data_type']; + $field_id = $frow['field_id']; + $value = ''; + if (isset($_POST["form_$field_id"])) { + if ($data_type == 21) { + // $_POST["form_$field_id"] is an array of checkboxes and its keys + // must be concatenated into a |-separated string. + foreach ($_POST["form_$field_id"] as $key => $val) { + if (strlen($value)) $value .= '|'; + $value .= $key; + } + } + else if ($data_type == 22) { + // $_POST["form_$field_id"] is an array of text fields to be imploded + // into "key:value|key:value|...". + foreach ($_POST["form_$field_id"] as $key => $val) { + $val = str_replace('|', ' ', $val); + if (strlen($value)) $value .= '|'; + $value .= "$key:$val"; + } + } + else if ($data_type == 23) { + // $_POST["form_$field_id"] is an array of text fields with companion + // radio buttons to be imploded into "key:n:notes|key:n:notes|...". + foreach ($_POST["form_$field_id"] as $key => $val) { + $restype = $_POST["radio_{$field_id}"][$key]; + if (empty($restype)) $restype = '0'; + $val = str_replace('|', ' ', $val); + if (strlen($value)) $value .= '|'; + $value .= "$key:$restype:$val"; + } + } + else if ($data_type == 25) { + // $_POST["form_$field_id"] is an array of text fields with companion + // checkboxes to be imploded into "key:n:notes|key:n:notes|...". + foreach ($_POST["form_$field_id"] as $key => $val) { + $restype = empty($_POST["check_{$field_id}"][$key]) ? '0' : '1'; + $val = str_replace('|', ' ', $val); + if (strlen($value)) $value .= '|'; + $value .= "$key:$restype:$val"; + } + } + else { + $value = $_POST["form_$field_id"]; + } + } + + // Make sure the return value is quote-safe. + return formTrim($value); +} + +// Generate JavaScript validation logic for the required fields. +// +function generate_layout_validation($form_id) { + $fres = sqlStatement("SELECT * FROM layout_options " . + "WHERE form_id = '$form_id' AND uor > 0 AND field_id != '' " . + "ORDER BY group_name, seq"); + + while ($frow = sqlFetchArray($fres)) { + if ($frow['uor'] < 2) continue; + $data_type = $frow['data_type']; + $field_id = $frow['field_id']; + $fldtitle = $frow['title']; + if (!$fldtitle) $fldtitle = $frow['description']; + $fldname = "form_$field_id"; + switch($data_type) { + case 1: + case 11: + case 12: + case 13: + case 14: + echo + " if (f.$fldname.selectedIndex <= 0) {\n" . + " alert('" . xl('Please choose a value for','','',' ') . + xl_layout_label($fldtitle) . "');\n" . + " if (f.$fldname.focus) f.$fldname.focus();\n" . + " return false;\n" . + " }\n"; + break; + case 2: + case 3: + case 4: + case 15: + echo + " if (trimlen(f.$fldname.value) == 0) {\n" . + " alert('" . xl('Please choose a value for','','',' ') . + xl_layout_label($fldtitle) . "');\n" . + " if (f.$fldname.focus) f.$fldname.focus();\n" . + " return false;\n" . + " }\n"; + break; + } + } +} +?> -- 2.11.4.GIT