'.print_r($account,1).''.N; use function mysqli_real_escape_string as myesc; // praticamente una macro function hspech($str) { return(htmlspecialchars($str,ENT_QUOTES|ENT_HTML5,'UTF-8')); } require('include/columns.php'); $types=array('bool','int','time','text','join','joini'); $fieldselopts=''; $ordfieldselopts=''; foreach ($cols as $key=>$arr) { if (!array_key_exists('search',$arr) || $arr['search']==true) { if ($arr['type']=='joini') { $fieldselopts.=''; } else { $fieldselopts.=''; } } if (!array_key_exists('ord',$arr) || $arr['ord']==true) { if (!array_key_exists('ordname',$arr)) $name=$arr['name']; else $name=$arr['ordname']; if ($arr['type']=='joini') { $ordfieldselopts.=''; } else { $ordfieldselopts.=''; } } } $dbg.='$_POST:
'.print_r($_POST,1).'
'; $page=$account['Page']; if (array_key_exists('filt',$_POST) && $_POST['filt']=='filt') { $page=0; $blocks=0; foreach ($_POST as $key=>$val) if (preg_match('/^openpar-\d+$/',$key)===1) $blocks++; $fi=0; $oi=0; $admpresques=array('DELETE FROM PresFiltCondsAdm WHERE AdmID='.$account['ID'],'DELETE FROM PresOrdCondsAdm WHERE AdmID='.$account['ID']); foreach ($_POST as $key=>$val) { if (preg_match('/^openpar-\d+$/',$key)===1) { $fi++; $admpresque='INSERT INTO PresFiltCondsAdm SET AdmID='.$account['ID'].', '; if (preg_match('/^\(+$/',$val)===1) $admpresque.='OpenPar=\''.myesc($link,$val).'\', '; else $admpresque.='OpenPar=NULL, '; } if (preg_match('/^fieldsel-\d+$/',$key)===1 && preg_match('/^(.+):(.+):(.+)$/',$val,$buf)===1) { $tagk=$buf[1]; $type=$buf[2]; $subtype=$buf[3]; if (array_key_exists($tagk,$cols) && in_array($type,$types)) { $admpresque.='Field=\''.myesc($link,$val).'\', '; } else { muoribene($dbg.'
Dati POST corrotti.
Puoi riprovare resettando i parametri o tornare al login.',true); } } if (preg_match('/^condsel-\d+$/',$key)===1) { $admpresque.='Cond=\''.myesc($link,$val).'\', '; } if (preg_match('/^valuesel-\d+$/',$key)===1) { $admpresque.='ValueSel=\''.myesc($link,$val).'\', '; } if (preg_match('/^valueinp-\d+$/',$key)===1) { $admpresque.='ValueInp=\''.myesc($link,$val).'\', '; } if (preg_match('/^closepar-\d+$/',$key)===1) { if (preg_match('/^\)+$/',$val)===1) $admpresque.='ClosePar=\''.myesc($link,$val).'\', '; else $admpresque.='ClosePar=NULL, '; } if (preg_match('/^andor-\d+$/',$key)===1 && preg_match('/^AND|OR$/',$val)===1) { if ($fi<$blocks) $admpresque.='AndOr=\''.myesc($link,$val).'\', '; else $admpresque.='AndOr=NULL, '; $admpresque.='Pos='.$fi; $admpresques[]=$admpresque; } if (preg_match('/^ordfieldsel-\d+$/',$key)===1 && preg_match('/^(.+):(.+):(.+)$/',$val,$buf)===1) { $oi++; $tagk=$buf[1]; $type=$buf[2]; $subtype=$buf[3]; if (array_key_exists($tagk,$cols) && in_array($type,$types)) { $admpresque='INSERT INTO PresOrdCondsAdm SET AdmID='.$account['ID'].', Field=\''.myesc($link,$val).'\', '; } else { muoribene($dbg.'
Dati POST corrotti.
Puoi riprovare resettando i parametri o tornare al login.',true); } } if (preg_match('/^ascdesc-\d+$/',$key)===1 && preg_match('/^ASC|DESC$/',$val)===1) { $admpresque.='Sort=\''.myesc($link,$val).'\', Pos='.$oi; $admpresques[]=$admpresque; } } $dbg.='$admpresques:
'.print_r($admpresques,1).'
'.N; foreach ($admpresques as $que) mysqli_query($link,$que) or muoribene(__LINE__.': '.$dbg.'
'.N.mysqli_error($link),true); } elseif (array_key_exists('pageselect',$_POST) && preg_match('/^[0-9]+$/',$_POST['pageselect'])===1) { $page=$_POST['pageselect']+0; mysqli_query($link,'UPDATE Admins SET Page='.$page.' WHERE ID='.$account['ID']) or muoribene(__LINE__.': '.$dbg.'
'.N.mysqli_error($link),true); } $fi=0; $ji=0; $oi=0; $filtordon=false; $jsaddrows=''; $jssetrows=''; $jsordaddrows=''; $jsordsetrows=''; $sels=array(); $joins=array(); $havings=array(); $where=''; $order=''; $res=mysqli_query($link,'SELECT * FROM PresFiltCondsAdm WHERE AdmID='.$account['ID'].' ORDER BY Pos ASC') or muoribene(__LINE__.': '.mysqli_error($link)); $blocks=mysqli_num_rows($res); if ($blocks>0) $filtordon=true; while ($row=mysqli_fetch_assoc($res)) { $fi++; if (preg_match('/^\(+$/',$row['OpenPar'])===1) { $where.=$row['OpenPar']; $jssetrows.='setrow('.$fi.','.json_encode($row['OpenPar']); } else { $jssetrows.='setrow('.$fi.',"null"'; } $jsaddrows.='addrow('.$fi.',false);'.N; preg_match('/^(.+):(.+):(.+)$/',$row['Field'],$buf); $tagk=$buf[1]; $type=$buf[2]; $subtype=$buf[3]; if (array_key_exists($tagk,$cols) && in_array($type,$types)) { ($tagk=='Instances.AdmCreatedAt') ? $inpisdate=true : $inpisdate=false; if (strpos($cols[$tagk]['field'],'%')!==false) $ji++; $where.=str_replace('%',$ji,$cols[$tagk]['field']); if ($type=='join' || $type=='joini') { foreach ($cols[$tagk]['join'] as $join) { $join=str_replace('%',$ji,$join); if (!in_array($join,$joins)) $joins[]=$join; } } if (array_key_exists('havings',$cols[$tagk]) && !in_array($cols[$tagk]['havings'],$havings)) $havings[]=$cols[$tagk]['havings']; if (array_key_exists('selmore',$cols[$tagk]) && !in_array($cols[$tagk]['selmore'],$sels)) $sels[]=$cols[$tagk]['selmore']; $jssetrows.=','.json_encode($row['Field']); } $where.=' '.$row['Cond'].' '; $cond=$row['Cond']; $jssetrows.=','.json_encode($row['Cond']); // nel caso qui sotto, valuesel e valueinp sono entrambi disabilitati (non ci sono in $_POST), quindi li riempio di introvabile e nulla if (preg_match('/^IS NULL|IS NOT NULL$/',$row['Cond'])===1) $jssetrows.=',"NOMMITROVI!",""'; if (!is_null($row['ValueSel'])) { $where.=$row['ValueSel']; $jssetrows.=','.json_encode($row['ValueSel']); $jssetrows.=',""'; } if (!is_null($row['ValueInp'])) { if ($inpisdate && preg_match('/^([0-9]{1,2}) ([0-9]{1,2}) ([0-9]{4,5})$/',$row['ValueInp'],$buf)===1) { $where.=mktime(0,0,0,$buf[2]+0,$buf[1]+0,$buf[3]+0); } elseif (preg_match('/^LIKE|NOT LIKE$/',$cond)===1) { $where.='\'%'.myesc($link,$row['ValueInp']).'%\''; } else { $where.='\''.myesc($link,$row['ValueInp']).'\''; } $jssetrows.=',"NOMMITROVI!"'; $jssetrows.=','.json_encode($row['ValueInp']); } if (preg_match('/^\)+$/',$row['ClosePar'])===1) { $where.=$row['ClosePar']; $jssetrows.=','.json_encode($row['ClosePar']); } else { $jssetrows.=',"null"'; } if (preg_match('/^AND|OR$/',$row['AndOr'])===1) { if ($fi<$blocks) $where.=' '.$row['AndOr'].' '; $jssetrows.=','.json_encode($row['AndOr']).');'.N; } else { $jssetrows.=',"AND");'.N; } } $res=mysqli_query($link,'SELECT * FROM PresOrdCondsAdm WHERE AdmID='.$account['ID'].' ORDER BY Pos ASC') or muoribene(__LINE__.': '.mysqli_error($link)); if (mysqli_num_rows($res)>0) $filtordon=true; while ($row=mysqli_fetch_assoc($res)) { preg_match('/^(.+):(.+):(.+)$/',$row['Field'],$buf); $oi++; $tagk=$buf[1]; $type=$buf[2]; $subtype=$buf[3]; if (array_key_exists($tagk,$cols) && in_array($type,$types)) { if ($type=='join' || $type=='joini') { if (!array_key_exists('ordjoin',$cols[$tagk])) { foreach ($cols[$tagk]['join'] as $join) if (!in_array($join,$joins)) $joins[]=$join; } else { foreach ($cols[$tagk]['ordjoin'] as $join) if (!in_array($join,$joins)) $joins[]=$join; } } if (!array_key_exists('ordby',$cols[$tagk])) { $order.=$cols[$tagk]['field']; } else { if (!in_array($cols[$tagk]['ordselmore'],$sels)) $sels[]=$cols[$tagk]['ordselmore']; $order.=$cols[$tagk]['ordby']; } if (array_key_exists('havings',$cols[$tagk]) && !in_array($cols[$tagk]['havings'],$havings)) $havings[]=$cols[$tagk]['havings']; if (array_key_exists('selmore',$cols[$tagk]) && !in_array($cols[$tagk]['selmore'],$sels)) $sels[]=$cols[$tagk]['selmore']; $jsordaddrows.='ordaddrow('.$oi.',false);'.N; $jsordsetrows.='ordsetrow('.$oi.','.json_encode($row['Field']); } else { muoribene($dbg.'
Dati db corrotti.
Puoi riprovare resettando i parametri o tornare al login.',true); } $order.=' '.$row['Sort'].', '; $jsordsetrows.=','.json_encode($row['Sort']).');'.N; } if ($jsaddrows!='') { $jsaddrows.='document.getElementById("filbut").value="Rimuovi tutti i criteri di filtraggio";'.N; $jsaddrows.='synctai();'.N; } if ($jsordaddrows!='') { $jsordaddrows.='document.getElementById("ordbut").value="Rimuovi tutti i criteri di ordinamento";'.N; $jsordaddrows.='synctoi();'.N; } if (count($sels)>0) $sels=', '.implode(', ',$sels); else $sels=''; if ($where!='') $where='WHERE '.$where; if ($order!='') $order='ORDER BY '.substr($order,0,-2); $dbg.='ORDER: '.$order.'
'; if (count($joins)>0) $joins='LEFT JOIN '.implode(' LEFT JOIN ',$joins); else $joins=''; if (count($havings)>0) $havings='HAVING '.implode(' AND ',$havings); else $havings=''; $query='SELECT *, Instances.ID AS IID '.$sels.' FROM Instances '.$joins.' '.$where.' GROUP BY IID '.$havings.' '.$order; $dbg.='QUERONA: '.$query.'
'.N; $tini=microtime(true); $res=mysqli_query($link,$query) or muoribene($dbg.'
'.$query.': '.mysqli_error($link).'
'.'La query è fallita. Resetta.',true); $dbg.='Durata esecuzione query: '.round(microtime(true)-$tini,4).' sec.
'.N; $cinsts=mysqli_num_rows($res); $iperp=25; if ($page*$iperp>$cinsts) $page=0; $finst=$page*$iperp; if (mysqli_num_rows($res)<1) { $pgout=''; $out='

Nessuna istanza da mostrare.

'.N; } else { // $pgout='Pag. '.($page+1).'/'.(ceil($cinsts/$iperp)-1); $pgout='
'.N; $pgout.=''.N; $pgout.='
'; // --- mysqli_data_seek($res,$finst); $out=''; $i=$finst; $ii=0; require('include/dispinst.php'); while ($row=mysqli_fetch_assoc($res)) { $i++; $ii++; if ($ii>$iperp) break; $out.=dispinst($row,$cols,$link,$dlang,$account,true,$i,$cinsts); } $out.='
'.N; } $presid=0; if (array_key_exists('presets',$_POST) && preg_match('/^[0-9]+$/',$_POST['presets'])===1) $presid=$_POST['presets']; $presopts=''.N; $res=mysqli_query($link,'SELECT * FROM Presets ORDER BY LENGTH(Name) ASC, Name ASC') or muoribene(mysqli_error($link),true); while ($row=mysqli_fetch_assoc($res)) { if ($row['ID']!=$presid) $presopts.=''.N; else $presopts.=''.N; } require('include/notifs.php'); $notifs=notifs($link); mysqli_close($link); if ($filtordon) { $filtordimgoff='imgs/cerca_act_off.svg'; $filtordimgon='imgs/cerca_act_on.svg'; } else { $filtordimgoff='imgs/cerca_off.svg'; $filtordimgon='imgs/cerca_on.svg'; } ?> Mustard - Elenco istanze
Preset: