...

web/admin/dafa.txt

@@ -5,9 +5,10 @@
 
 - index.php: lunghezza automatica di username
 - crawler.php: ricorsivizzarlo?
+- crawler.php: deve controllare se nella tabella Instances OurAdmID è definito; se è definito deve aggiornare l'account "guest" corrispettivo in Admins con la mail e il nome utente attuali
 - instances.php: tradurre tutto in inglese
-- instances.php: icona della lente in qualche modo diversa se è attivo un filtro/ordinamento
-* instances.php: i criteri di ricerca e ordinamento "volanti" vanno salvati sempre in un preset "di battaglia" (uno per ogni admin) in modo che, per esempio, al ritorno da edinst*.php si possa vedere ciò che si vedeva prima (forse la cosa più agevole è fare due tabelle ad-hoc uguali a PresFiltConds e PresOrdConds dove invece di PresID si ha AdminID)
+* instances.php: icona della lente in qualche modo diversa se è attivo un filtro/ordinamento
+* instances.php: i criteri di ricerca e ordinamento "volanti" vanno salvati sempre in un preset "di battaglia" (uno per ogni admin) in modo da poter slegare il cambio pagina dal submittare i filtri/ordinamenti e in modo che, per esempio, al ritorno da edinst*.php si possa vedere ciò che si vedeva prima (forse la cosa più agevole è fare due tabelle ad-hoc uguali a PresFiltConds e PresOrdConds dove invece di PresID si ha AdminID)
 * instances.php, edinst*.php: implementare la faccenda della lingua del browser: se è tra quelle supportate (o una variante delle stesse) impostare la ricerca e la visualizzazione dei campi multilingua nella lingua supportata; altrimenti in inglese
 - tutto: possibilità di *scegliere* la lingua da usare tra quelle supportate
 - instances.php: rendere funzione il codice che crea una tabella-istanza; usare la funzione in edinst.php (?) e in edinstres.php

web/admin/edinst.php

@@ -3,15 +3,19 @@
 require('include/glob.php');
 require('include/muoribene.php');
 require('include/sessionstart.php');
-
-require('include/menu.php');
-$menu['istanze']['href']=null;
-$menu['istanze']['selected']=true;
-$menu['istanze']['submenu']['modifica']['href']=null;
-$menu['istanze']['submenu']['modifica']['selected']=true;
-buildmenu($menu);
-
 require('include/myconn.php');
+require('include/getadmacc.php');
+
+if ($account['Level']!='guest') {
+	require('include/menu.php');
+	$menu['istanze']['href']=null;
+	$menu['istanze']['selected']=true;
+	$menu['istanze']['submenu']['modifica']['href']=null;
+	$menu['istanze']['submenu']['modifica']['selected']=true;
+	buildmenu($menu);
+} else {
+	$menuout='';
+}
 
 $dbg='';
 
@@ -26,16 +30,23 @@ $dbg.=$dlang.'<br>'.N;
 $dbg.='<pre>'.print_r($_GET,1).'</pre>';
 
 if (array_key_exists('id',$_GET) && preg_match('/^[0-9]+$/',$_GET['id'])===1) {
+	$_GET['id']+=0;
+	if ($account['Level']=='guest' && !in_array($_GET['id'],$account['Insts']))
+		muoribene('You can’t edit data for an instance you don’t own.',true);
 	$res=mysqli_query($link,'SELECT * FROM Instances WHERE ID='.$_GET['id'])
 		or muoribene(__LINE__.': '.mysqli_error($link),true);
 	if (mysqli_num_rows($res)!=1)
-		muoribene(__LINE__.': There is no instance with ID='.$_GET['ID'].'.');
+		muoribene(__LINE__.': There is no instance with ID='.$_GET['ID'].'.',true);
 	$inst=mysqli_fetch_assoc($res);
+} else {
+	muoribene('Malformed input.',true);
 }
 
 function check($row,$col) {
 	if ($row[$col]>0)
-		echo(' checked');
+		return(' checked');
+	else
+		return('');
 }
 
 ?>
@@ -287,18 +298,21 @@ function ckf() {
 <tr><td class="insthead"><?php echo($inst['URI']); ?></td></tr>
 <tr><td>
 
-<table class="cbtab">
-<tr><td><label for="Blacklisted">Blacklisted:</label></td><td>&nbsp;<input type="checkbox" name="Blacklisted" id="Blacklisted"<?php check($inst,'Blacklisted'); ?>></td></tr>
-<tr><td><label for="New">New:</label></td><td>&nbsp;<input type="checkbox" name="New" id="New"<?php check($inst,'New'); ?>></td></tr>
-<tr><td><label for="Chosen">Chosen:</label></td><td>&nbsp;<input type="checkbox" name="Chosen" id="Chosen"<?php check($inst,'Chosen'); ?>></td></tr>
-<tr><td><label for="Visible">Visible:</label></td><td>&nbsp;<input type="checkbox" name="Visible" id="Visible"<?php check($inst,'Visible'); ?>></td></tr>
+<?php
+if ($account['Level']!='guest')
+	echo('<table class="cbtab">
+<tr><td><label for="Blacklisted">Blacklisted:</label></td><td>&nbsp;<input type="checkbox" name="Blacklisted" id="Blacklisted"'.check($inst,'Blacklisted').'></td></tr>
+<tr><td><label for="New">New:</label></td><td>&nbsp;<input type="checkbox" name="New" id="New"'.check($inst,'New').'></td></tr>
+<tr><td><label for="Chosen">Chosen:</label></td><td>&nbsp;<input type="checkbox" name="Chosen" id="Chosen"'.check($inst,'Chosen').'></td></tr>
+<tr><td><label for="Visible">Visible:</label></td><td>&nbsp;<input type="checkbox" name="Visible" id="Visible"'.check($inst,'Visible').'></td></tr>
 </table>
+<div class="ruler"></div>'.N);
+?>
 
-<div class="ruler"></div>
 <div class="tit"><label for="OurDesc">Our description (original language)</label></div>
 <textarea name="OurDesc" id="OurDesc" rows="10" class="tarea"><?php echo(hspech($inst['OurDesc'])); ?></textarea>
-
 <div class="ruler"></div>
+
 <div class="tit"><label for="OurDescEN">Our description (english)</label></div>
 <textarea name="OurDescEN" id="OurDescEN" rows="10" class="tarea"><?php echo(hspech($inst['OurDescEN'])); ?></textarea>
 
@@ -333,11 +347,14 @@ var '.$o['disparr'].'=getselarr(\''.$o['dispselid'].'\');
 //-->
 </script>
 </td>
-<td style="width:1%;">
-<div class="butdiv"><img src="imgs/edit.svg" class="imgbut" title="Edit first selected entry" onclick="edit(\''.$o['dispselid'].'\',\''.$o['title'].'\',\'edit\')"></div>
-<div class="butdiv"><img src="imgs/plus.svg" class="imgbut" title="Add an entry" onclick="edit(\''.$o['dispselid'].'\',\''.$o['title'].'\',\'add\')"></div>
-<div class="butdiv"><img src="imgs/minus.svg" class="imgbut" title="Remove first selected entry" onclick="edit(\''.$o['dispselid'].'\',\''.$o['title'].'\',\'remove\')"></div>
-</td>
+<td style="width:1%;">'.N);
+	if (!array_key_exists('edavail',$o) || $o['edavail'])
+		echo('<div class="butdiv"><img src="imgs/edit.svg" class="imgbut" title="Edit first selected entry" onclick="edit(\''.$o['dispselid'].'\',\''.$o['title'].'\',\'edit\')"></div>'.N);
+	if (!array_key_exists('addavail',$o) || $o['addavail'])
+		echo('<div class="butdiv"><img src="imgs/plus.svg" class="imgbut" title="Add an entry" onclick="edit(\''.$o['dispselid'].'\',\''.$o['title'].'\',\'add\')"></div>'.N);
+	if (!array_key_exists('remavail',$o) || $o['remavail'])
+		echo('<div class="butdiv"><img src="imgs/minus.svg" class="imgbut" title="Remove first selected entry" onclick="edit(\''.$o['dispselid'].'\',\''.$o['title'].'\',\'remove\')"></div>'.N);
+echo('</td>
 </tr>'.N);
 	if ($o['multi']) {
 		echo('<tr>
@@ -400,7 +417,10 @@ selbox(array(
 	'dida'=>'Above: available languages; below: chosen languages',
 	'chosenselid'=>'ChosenLangs[]',
 	'chosenque'=>'SELECT * FROM InstOurLangs LEFT JOIN Languages ON Languages.ID=OurLangID WHERE InstID='.$inst['ID'].' ORDER BY Pos ASC',
-	'chosenvalcol'=>'OurLangID'));
+	'chosenvalcol'=>'OurLangID',
+	'edavail'=>false,
+	'addavail'=>false,
+	'remavail'=>false));
 
 ?>
 

web/admin/edinsth.php

@@ -99,10 +99,10 @@ if (array_key_exists('w',$_GET) && array_key_exists('i',$_GET) && preg_match('/^
 			$fout=buildform($id,'Localities','Name'.$dlang,'Locality name','Instances','LocalityID');
 			$exvalsjsarr=setjsarr('Localities','Name'.$dlang);
 		break;
-		case 'DispLangs':
+		/*case 'DispLangs':
 			$fout=buildform($id,'Languages','Name'.$dlang,'Language','InstOurLangs','OurLangID');
 			$exvalsjsarr=setjsarr('Languages','Name'.$dlang);
-		break;
+		break;*/
 		case 'DispFinModes':
 			$fout=buildform($id,'Financing','Type','Financing method','InstFinancing','FinID');
 			$exvalsjsarr=setjsarr('Financing','Type');
@@ -183,8 +183,8 @@ if (array_key_exists('w',$_GET) && array_key_exists('i',$_GET) && preg_match('/^
 			} else {
 				$fout='<p class="hiferr">Couldn’t fetch OpenStreetMap search data.</p>'.N;
 			}
-		} elseif ($_POST['t']=='Languagues') {
-			edaddrem($link,$morejs,$id,'Languages','Name'.$langd,'langselarr','InstOurLangs','OurLangID','langsearch','DispLangs','langselre');
+		/*} elseif ($_POST['t']=='Languagues') {
+			edaddrem($link,$morejs,$id,'Languages','Name'.$langd,'langselarr','InstOurLangs','OurLangID','langsearch','DispLangs','langselre');*/
 		} elseif ($_POST['t']=='Financing') {
 			edaddrem($link,$morejs,$id,'Financing','Type','finselarr','InstFinancing','FinID','finsearch','DispFinModes','finselre');
 		} elseif ($_POST['t']=='Policies') {
@@ -202,13 +202,20 @@ if (array_key_exists('w',$_GET) && array_key_exists('i',$_GET) && preg_match('/^
 }
 
 function buildform($id,$table,$column,$title,$lntable,$lncolumn) {
-	global $tables, $link;
+	global $account, $tables, $link;
 	$fout='';
 	if ($_GET['m']=='edit' || $_GET['m']=='remove') {
 		$res=mysqli_query($link,'SELECT * FROM '.$table.' WHERE ID='.$id)
 			or muoribene(__LINE__.': '.mysqli_error($link),true);
 		if (mysqli_num_rows($res)==1) {
 			$row=mysqli_fetch_assoc($res);
+			/*if ($account['Level']=='guest') {
+				if ($row['AddedBy']!=$account['ID']
+				$rres=mysqli_query($link,'SELECT * FROM '.$lntable.' WHERE '.$lncolumn.'='.$id.' AND InstID!='.$account['OwnInstID']) or muoribene(__LINE__.': '.mysqli_error($link),true);
+				if ($
+			}
+			$rres='SELECT * FROM '.$lntable.' WHERE '.$lncolumn.'='.$id.' AND InstID!=
+			if ($account['Level']!='guest' || ($row['AddedBy']==$account['ID']*/
 			if ($_GET['m']=='edit') {
 				$fout.='<div class="hiflab"><label for="v">'.$title.'</label></div>'.N;
 				$fout.='<input type="text" class="hifinp" name="v" id="v" maxlength="'.$tables[$table][$column].'" value="'.hspech($row[$column]).'">'.N;

web/admin/imgs/cerca_act_off.svg

@@ -0,0 +1,110 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:xlink="http://www.w3.org/1999/xlink"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="32"
+   height="32"
+   viewBox="0 0 8.4666659 8.4666659"
+   version="1.1"
+   id="svg8"
+   inkscape:version="0.92.4 5da689c313, 2019-01-14"
+   sodipodi:docname="cerca_act_off.svg">
+  <defs
+     id="defs2">
+    <linearGradient
+       inkscape:collect="always"
+       id="linearGradient842">
+      <stop
+         style="stop-color:#ffffff;stop-opacity:0.32028469"
+         offset="0"
+         id="stop838" />
+      <stop
+         style="stop-color:#ffffff;stop-opacity:0;"
+         offset="1"
+         id="stop840" />
+    </linearGradient>
+    <radialGradient
+       inkscape:collect="always"
+       xlink:href="#linearGradient842"
+       id="radialGradient844"
+       cx="4.6095376"
+       cy="290.89627"
+       fx="4.6095376"
+       fy="290.89627"
+       r="1.8892902"
+       gradientUnits="userSpaceOnUse"
+       gradientTransform="matrix(1.1490804,0,0,1.1490804,-208.85235,-125.74979)" />
+  </defs>
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#000000"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="16"
+     inkscape:cx="8.401469"
+     inkscape:cy="15.200569"
+     inkscape:document-units="px"
+     inkscape:current-layer="layer1"
+     showgrid="false"
+     units="px"
+     inkscape:window-width="3840"
+     inkscape:window-height="2037"
+     inkscape:window-x="0"
+     inkscape:window-y="0"
+     inkscape:window-maximized="1" />
+  <metadata
+     id="metadata5">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title></dc:title>
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:label="Livello 1"
+     inkscape:groupmode="layer"
+     id="layer1"
+     transform="translate(0,-288.53334)">
+    <circle
+       style="opacity:1;vector-effect:none;fill:url(#radialGradient844);fill-opacity:1;stroke:#78b1e2;stroke-width:0.52916664;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;paint-order:normal"
+       id="path815"
+       cx="-204.02388"
+       cy="208.25554"
+       r="2.0189326"
+       transform="rotate(-45)" />
+    <rect
+       style="opacity:1;vector-effect:none;fill:#78b1e2;fill-opacity:1;stroke:none;stroke-width:0.25695357;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;paint-order:normal"
+       id="rect817"
+       width="0.88468486"
+       height="3.6048934"
+       x="-204.46622"
+       y="210.94218"
+       ry="0.098359987"
+       transform="rotate(-45)" />
+    <path
+       style="fill:none;stroke:#78b1e2;stroke-width:0.52916664;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 4.3892585,292.9226 0.7184244,0.71841"
+       id="path848"
+       inkscape:connector-curvature="0" />
+    <circle
+       style="opacity:1;vector-effect:none;fill:#ff2a2a;fill-opacity:1;stroke:none;stroke-width:0.52916664;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;paint-order:normal"
+       id="path4522"
+       cx="6.9855547"
+       cy="289.97131"
+       r="0.72760421" />
+  </g>
+</svg>

web/admin/imgs/cerca_act_on.svg

@@ -0,0 +1,110 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:xlink="http://www.w3.org/1999/xlink"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="32"
+   height="32"
+   viewBox="0 0 8.4666659 8.4666659"
+   version="1.1"
+   id="svg8"
+   inkscape:version="0.92.4 5da689c313, 2019-01-14"
+   sodipodi:docname="cerca_act_on.svg">
+  <defs
+     id="defs2">
+    <linearGradient
+       inkscape:collect="always"
+       id="linearGradient842">
+      <stop
+         style="stop-color:#ffffff;stop-opacity:0.32028469"
+         offset="0"
+         id="stop838" />
+      <stop
+         style="stop-color:#ffffff;stop-opacity:0;"
+         offset="1"
+         id="stop840" />
+    </linearGradient>
+    <radialGradient
+       inkscape:collect="always"
+       xlink:href="#linearGradient842"
+       id="radialGradient844"
+       cx="4.6095376"
+       cy="290.89627"
+       fx="4.6095376"
+       fy="290.89627"
+       r="1.8892902"
+       gradientUnits="userSpaceOnUse"
+       gradientTransform="matrix(1.1490804,0,0,1.1490804,-208.85235,-125.74979)" />
+  </defs>
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#000000"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="22.627417"
+     inkscape:cx="21.610884"
+     inkscape:cy="25.037986"
+     inkscape:document-units="px"
+     inkscape:current-layer="layer1"
+     showgrid="false"
+     units="px"
+     inkscape:window-width="3840"
+     inkscape:window-height="2037"
+     inkscape:window-x="0"
+     inkscape:window-y="0"
+     inkscape:window-maximized="1" />
+  <metadata
+     id="metadata5">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title></dc:title>
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:label="Livello 1"
+     inkscape:groupmode="layer"
+     id="layer1"
+     transform="translate(0,-288.53334)">
+    <circle
+       style="opacity:1;vector-effect:none;fill:url(#radialGradient844);fill-opacity:1;stroke:#ffffff;stroke-width:0.52916664;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;paint-order:normal"
+       id="path815"
+       cx="-204.02388"
+       cy="208.25554"
+       r="2.0189326"
+       transform="rotate(-45)" />
+    <rect
+       style="opacity:1;vector-effect:none;fill:#ffffff;fill-opacity:1;stroke:none;stroke-width:0.25695357;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;paint-order:normal"
+       id="rect817"
+       width="0.88468486"
+       height="3.6048934"
+       x="-204.46622"
+       y="210.94218"
+       ry="0.098359987"
+       transform="rotate(-45)" />
+    <path
+       style="fill:none;stroke:#ffffff;stroke-width:0.52916664;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 4.3892585,292.9226 0.7184244,0.71841"
+       id="path848"
+       inkscape:connector-curvature="0" />
+    <circle
+       style="opacity:1;vector-effect:none;fill:#ff2a2a;fill-opacity:1;stroke:none;stroke-width:0.52916664;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;paint-order:normal"
+       id="path4522"
+       cx="6.9855547"
+       cy="289.97131"
+       r="0.72760421" />
+  </g>
+</svg>

web/admin/include/getadmacc.php

@@ -1,10 +1,18 @@
 <?php
 
-$account=mysqli_query($link,'SELECT * FROM Admins WHERE ID='.$_SESSION['AdmID'])
+$res=mysqli_query($link,'SELECT * FROM Admins WHERE ID='.$_SESSION['AdmID'])
 	or muoribene(mysqli_error($link),true);
-if (mysqli_num_rows($account)==1)
-	$account=mysqli_fetch_assoc($account);
-else
+if (mysqli_num_rows($res)==1) {
+	$account=mysqli_fetch_assoc($res);
+	if ($account['Level']=='guest') {
+		$res=mysqli_query($link,'SELECT ID FROM Instances WHERE OurAdmID='.$account['ID'])
+			or muoribene(mysqli_error($link),true);
+		$account['Insts']=array();
+		while ($row=mysqli_fetch_assoc($res))
+			$account['Insts'][]=$row['ID'];
+	}
+} else {
 	muoribene('Non esiste un account con ID='.$_SESSION['AdmID'],true);
+}
 
 ?>

web/admin/instances.php

@@ -3,7 +3,10 @@
 require('include/glob.php');
 require('include/muoribene.php');
 require('include/sessionstart.php');
-
+require('include/myconn.php');
+require('include/getadmacc.php');
+if ($account['Level']=='guest')
+	muoribene('Sorry, you are not authorized.',true);
 require('include/menu.php');
 $menu['istanze']['href']=null;
 $menu['istanze']['selected']=true;
@@ -11,9 +14,6 @@ $menu['istanze']['submenu']['elenco']['href']=null;
 $menu['istanze']['submenu']['elenco']['selected']=true;
 buildmenu($menu);
 
-require('include/myconn.php');
-require('include/getadmacc.php');
-
 $dbg='';
 $dbg.='$account: <pre>'.print_r($account,1).'</pre>'.N;
 
@@ -325,6 +325,7 @@ if (array_key_exists('filt',$_POST) && $_POST['filt']=='filt') {
 $fi=0;
 $ji=0;
 $oi=0;
+$filtordon=false;
 $jsaddrows='';
 $jssetrows='';
 $jsordaddrows='';
@@ -337,6 +338,7 @@ $order='';
 $res=mysqli_query($link,'SELECT * FROM PresFiltCondsAdm WHERE AdmID='.$account['ID'].' ORDER BY Pos ASC')
 	or muoribene(__LINE__.': '.mysqli_error($link));
 $blocks=mysqli_num_rows($res);
+if ($blocks>0) $filtordon=true;
 while ($row=mysqli_fetch_assoc($res)) {
 	$fi++;
 	if (preg_match('/^\(+$/',$row['OpenPar'])===1) {
@@ -407,6 +409,7 @@ while ($row=mysqli_fetch_assoc($res)) {
 
 $res=mysqli_query($link,'SELECT * FROM PresOrdCondsAdm WHERE AdmID='.$account['ID'].' ORDER BY Pos ASC')
 	or muoribene(__LINE__.': '.mysqli_error($link));
+if (mysqli_num_rows($res)>0) $filtordon=true;
 while ($row=mysqli_fetch_assoc($res)) {
 	preg_match('/^(.+):(.+):(.+)$/',$row['Field'],$buf);
 	$oi++;
@@ -709,6 +712,14 @@ while ($row=mysqli_fetch_assoc($res)) {
 
 mysqli_close($link);
 
+if ($filtordon) {
+	$filtordimgoff='imgs/cerca_act_off.svg';
+	$filtordimgon='imgs/cerca_act_on.svg';
+} else {
+	$filtordimgoff='imgs/cerca_off.svg';
+	$filtordimgon='imgs/cerca_on.svg';
+}
+
 ?>
 <!DOCTYPE HTML>
 <html lang="it">
@@ -732,11 +743,11 @@ function shideplancia() {
 	var plctrl=document.getElementById('lente');
 	if (plancia.style.display=='block') {
 		plancia.style.display='none';
-		lente.src='imgs/cerca_off.svg';
+		lente.src='<?php echo($filtordimgoff); ?>';
 		lente.title='Mostra il pannello di ricerca e ordinamento';
 	} else {
 		plancia.style.display='block';
-		lente.src='imgs/cerca_on.svg';
+		lente.src='<?php echo($filtordimgon); ?>';
 		lente.title='Nascondi il pannello di ricerca e ordinamento';
 	}
 }
@@ -1285,7 +1296,7 @@ function pupoff() {
 <?php echo($menuout); ?>
 </ul>
 <div id="rightdiv">
-	<img src="imgs/cerca_off.svg" id="lente" class="rlinks" title="Mostra il pannello di ricerca e ordinamento" onclick="shideplancia();">
+	<img src="<?php echo($filtordimgoff); ?>" id="lente" class="rlinks" title="Mostra il pannello di ricerca e ordinamento" onclick="shideplancia();">
 	<a href="logout.php" class="rlinks"><img src="imgs/esci.svg" title="Esci"></a>
 </div>
 </div>

web/admin/loadsaverempres.php

@@ -9,17 +9,30 @@ require('include/myconn.php');
 
 use function mysqli_real_escape_string as myesc;
 
+function nulltonull($arr) {
+	$newarr=array();
+	foreach ($arr as $key=>$val)
+		if (is_null($val))
+			if ($key!='AndOr')
+				$newarr[$key]='null';
+			else
+				$newarr[$key]='AND';
+		else
+			$newarr[$key]=$val;
+	return($newarr);
+}
+
 if (array_key_exists('act',$_POST)) {
 	if ($_POST['act']=='load' && array_key_exists('pid',$_POST) && preg_match('/^[0-9]+$/',$_POST['pid'])===1) {
 		$res=mysqli_query($link,'SELECT * FROM PresFiltConds WHERE PresID='.$_POST['pid'].' ORDER BY Pos ASC')
 			or muoribene(mysqli_error($link),true);
 		$buf=array('f'=>array(),'o'=>array());
 		while ($row=mysqli_fetch_assoc($res))
-			$buf['f'][]=$row;
+			$buf['f'][]=nulltonull($row);
 		$res=mysqli_query($link,'SELECT * FROM PresOrdConds WHERE PresID='.$_POST['pid'].' ORDER BY Pos ASC')
 			or muoribene(mysqli_error($link),true);
 		while ($row=mysqli_fetch_assoc($res))
-			$buf['o'][]=$row;
+			$buf['o'][]=nulltonull($row);
 		echo(json_encode($buf));
 	} elseif ($_POST['act']=='save' && array_key_exists('txt',$_POST)) {
 		$fi=-1;