"; if (!CheckUsernameAndPassword($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'], GetLDAPOptions())) return; } if (!empty($_GET["fComment"])) { include("db2.php"); $db_id = mysql_pconnect($host, $user, $pw); if ($db_id==FALSE) { printf("mysql_connect returned the following error: %s\n", mysql_error()); die(""); } mysql_select_db($db); //for insert if (strcmp($_GET["fMode"], "insert")==0) $query0 = "INSERT " . $_GET["fTable"] . " SET "; //for update if (strcmp($_GET["fMode"], "update")==0) $query0 = "UPDATE " . $_GET["fTable"] . " SET "; //for both $query0.= " fComment='".str_replace("'", "\'", $_GET["fComment"])."'"; $query0.= ", fUser='".$_SERVER['PHP_AUTH_USER']."'"; //for insert if (strcmp($_GET["fMode"], "insert")==0) { $query0.=", fNight=".$_GET["fNight"]; if (strcmp($_GET["fTable"], "RunComments")==0) $query0.= ", fRunID=".$_GET["fRunID"]; if (strcmp($_GET["fTable"], "SequenceComments")==0) $query0.= ", fSequenceID=".$_GET["fSequenceID"]; } //for update if (strcmp($_GET["fMode"], "update")==0) { $query2="SELECT fCommentKEY FROM " . $_GET["fTable"]; $query2.=" WHERE fNight=".$_GET["fNight"]; if (strcmp($_GET["fTable"], "RunComments")==0) $query2.=" AND fRunID=".$_GET["fRunID"]; if (strcmp($_GET["fTable"], "SequenceComments")==0) $query2.=" AND fSequenceID=".$_GET["fSequenceID"]; $query2.=" AND fComment='".str_replace("'", "\'", $_GET["fOldComment"])."'"; $result2=mysql_query($query2, $db_id); $row2 = mysql_fetch_row($result2); $commentkey=$row2[0]; mysql_free_result($result2); $query0.=" WHERE fCommentKEY=".$commentkey; } //echo "insert query: " . $query0 . "
"; $result0=mysql_query($query0, $db_id); mysql_close($db_id); } } // // display part // include("db.php"); if (strcmp($_GET["fMode"], "tooltip")!=0) { //mode printf("With this page, you can \n"); //view mode if (strcmp($_GET["fMode"], "view")==0) printf("view,\n"); else printf("view,\n", str_replace($_GET["fMode"], 'view', $_SERVER['REQUEST_URI'])); //update mode if (strcmp($_GET["fMode"], "update")==0) printf("update and\n"); else printf("update and \n", str_replace($_GET["fMode"], 'update', $_SERVER['REQUEST_URI'])); //insert mode if (strcmp($_GET["fMode"], "insert")==0) printf("insert\n"); else printf("insert \n", str_replace($_GET["fMode"], 'insert', $_SERVER['REQUEST_URI'])); //table printf("entries in the tables %s \n", $_GET["fTable"]); if (strcmp($_GET["fTable"], "RunComments")==0) printf(" and SequenceComments \n", str_replace($_GET["fTable"], 'SequenceComments', $_SERVER['REQUEST_URI'])); else printf(" and RunComments \n", str_replace($_GET["fTable"], 'RunComments', $_SERVER['REQUEST_URI'])); //database printf("from the DB %s.

\n", $db); //insert field for run/sequence number printf("
\n"); if (strcmp($_GET["fTable"], "RunComments")==0) { printf("Run# (YYYYMMDD_FFF) \n", $_GET["fNight"]); printf("_ \n", $_GET["fRunID"]); } if (strcmp($_GET["fTable"], "SequenceComments")==0) { printf("Sequence# (YYYYMMDD_FFF) \n", $_GET["fNight"]); printf("_ \n", $_GET["fSequenceID"]); } printf("", $_GET["fMode"]); printf("", $_GET["fTable"]); printf("

\n"); printf("
\n"); } if (!(preg_match("/20[0-9][0-9][01][0-9][0-3][0-9]/",$_GET["fNight"]) || (preg_match("/all/",$_GET["fNight"]) && strcmp($_GET["fMode"], "view")==0))) { printf("-%s-
", $_GET["fMode"]); printf("Please enter a valid number for the Night (format: YYYYMMDD)."); return; } if (strcmp($_GET["fTable"], "RunComments")==0 && (!(preg_match("/[0-9][0-9]?[0-9]?/",$_GET["fRunID"]) || (preg_match("/all/",$_GET["fRunID"]) && strcmp($_GET["fMode"], "view")==0)))) { printf("Please enter a valid number for the RunID (format: FFF, e.g. 001)."); return; } if (strcmp($_GET["fTable"], "SequenceComments")==0 && (!(preg_match("/[0-9][0-9]?[0-9]?/",$_GET["fSequenceID"]) || (preg_match("/all/",$_GET["fSequenceID"]) && strcmp($_GET["fMode"], "view")==0)))) { printf("Please enter a valid number for the SequenceID (format: FFF, e.g. 001)."); return; } $db_id = mysql_pconnect($host, $user, $pw); if ($db_id==FALSE) { printf("mysql_connect returned the following error: %s\n", mysql_error()); die(""); } mysql_select_db($db); if (strcmp($_GET["fTable"], "RunComments")==0) $query1 = "SELECT CONCAT(fNight,'_', LPAD(fRunID, 3, 0))"; if (strcmp($_GET["fTable"], "SequenceComments")==0) $query1 = "SELECT CONCAT(fNight,'_', LPAD(fSequenceID, 3, 0))"; $query1 .= ", fComment FROM " . $_GET["fTable"] . " "; if (strcmp($_GET["fNight"], "all")!=0) { $query1 .= "WHERE fNight=".$_GET["fNight"]; if (strcmp($_GET["fTable"], "RunComments")==0) if (strcmp($_GET["fRunID"], "all")!=0) $query1 .=" AND fRunID=".$_GET["fRunID"]; if (strcmp($_GET["fTable"], "SequenceComments")==0) if (strcmp($_GET["fSequenceID"], "all")!=0) $query1 .=" AND fSequenceID=".$_GET["fSequenceID"]; } if (strcmp($_GET["fTable"], "RunComments")==0) $query1 .= " ORDER BY fNight, fRunID, fCommentKEY "; if (strcmp($_GET["fTable"], "SequenceComments")==0) $query1 .= " ORDER BY fNight, fSequenceID, fCommentKEY "; //printf("Query: %s
\n\n", $query1); $result1=mysql_query($query1, $db_id); printf("Found %d comment(s).\n\n", mysql_num_rows($result1)); if (strcmp($_GET["fMode"], "tooltip")!=0) { printf("
\n"); printf(""); $col = FALSE; printf(""); } while ($row1 = mysql_fetch_row($result1)) { if (strcmp($_GET["fMode"], "tooltip")!=0) { if (!$col) printf("\n"); else printf("\n"); $col = !$col; if (strcmp($_GET["fMode"], "update")==0) printf("\n"); printf("\n", $row1[0]); if (strcmp($_GET["fMode"], "update")==0) { printf("\n"); printf("\n"); } else printf("\n", $row1[1]); printf("\n"); } else { if (strcmp($_GET["fTable"], "RunComments")==0) printf("%s_%03d: %s\n", $_GET["fNight"], $_GET["fRunID"], $row1[1]); if (strcmp($_GET["fTable"], "SequenceComments")==0) printf("%s_%03d: %s\n", $_GET["fNight"], $_GET["fSequenceID"], $row1[1]); } } //insert mode if (strcmp($_GET["fMode"], "insert")==0) { printf(""); if (strcmp($_GET["fTable"], "RunComments")==0) printf("\n", $_GET["fNight"], $_GET["fRunID"]); if (strcmp($_GET["fTable"], "SequenceComments")==0) printf("\n", $_GET["fNight"], $_GET["fSequenceID"]); printf("\n"); printf("\n"); } if (strcmp($_GET["fMode"], "tooltip")!=0) printf("
Run#Comment
\n%s\n\n"); printf("\n", htmlspecialchars($row1[1],ENT_QUOTES)); printf("\n", htmlspecialchars($row1[1],ENT_QUOTES)); printf("\n", $_GET["fMode"]); printf("\n", $_GET["fNight"]); printf("\n", $_GET["fRunID"]); printf("\n", $_GET["fSequenceID"]); printf("\n", $_GET["fTable"]); printf("\n"); printf("\n%s\n
%s_%s%s_%s\n"); printf("
\n"); printf("\n"); printf("\n", $_GET["fMode"]); printf("\n", $_GET["fNight"]); printf("\n", $_GET["fRunID"]); printf("\n", $_GET["fSequenceID"]); printf("\n", $_GET["fTable"]); printf("\n"); printf("
\n"); printf("
"); if (strcmp($_GET["fMode"], "update")==0) printf("Remark: You can update only one comment at once."); mysql_free_result($result1); mysql_close($db_id); if (strcmp($_GET["fMode"], "tooltip")!=0) echo (file_get_contents("index-footer.html")); ini_set("display_errors", "Off"); ini_set("mysql.trace_mode", "Off"); } ?>