Refbase
/
Refbase2X
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
1.9 MiB
Tree: 3d11dd7f65
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3d11dd7f65'
${ noResults }
Refbase2X/duplicate_modify.php

198 lines
9.3 KiB
Raw Normal View History

Refbase update_2021-01-28_15_58
4 years ago
 
  1. <?php
  2. 	// Project:    Web Reference Database (refbase) <http://www.refbase.net>

  3. 	// Copyright:  Matthias Steffens <mailto:refbase@extracts.de> and the file's

  4. 	//             original author(s).

  5. 	//

  6. 	//             This code is distributed in the hope that it will be useful,

  7. 	//             but WITHOUT ANY WARRANTY. Please see the GNU General Public

  8. 	//             License for more details.

  9. 	//

  10. 	// File:       ./duplicate_modify.php

  11. 	// Repository: $HeadURL: file:///svn/p/refbase/code/branches/bleeding-edge/duplicate_modify.php $

  12. 	// Author(s):  Matthias Steffens <mailto:refbase@extracts.de>

  13. 	//

  14. 	// Created:    27-Jan-07, 23:22

  15. 	// Modified:   $Date: 2017-04-13 02:00:18 +0000 (Thu, 13 Apr 2017) $

  16. 	//             $Author: karnesky $

  17. 	//             $Revision: 1416 $

  18. 

  19. 	// This php script will flag records as original and duplicate records.

  20. 	// It then displays the affected records using 'search.php' so that the user

  21. 	// can verify the changes.

  22. 	// TODO: I18n

  23. 

  24. 

  25. 	// Incorporate some include files:

  26. 	include 'initialize/db.inc.php'; // 'db.inc.php' is included to hide username and password

  27. 	include 'includes/include.inc.php'; // include common functions

  28. 	include 'initialize/ini.inc.php'; // include common variables

  29. 

  30. 	// --------------------------------------------------------------------

  31. 

  32. 	// START A SESSION:

  33. 	// call the 'start_session()' function (from 'include.inc.php') which will also read out available session variables:

  34. 	start_session(true);
  35. 

  36. 	// --------------------------------------------------------------------

  37. 

  38. 	// Initialize preferred display language:

  39. 	// (note that 'locales.inc.php' has to be included *after* the call to the 'start_session()' function)

  40. 	include 'includes/locales.inc.php'; // include the locales

  41. 

  42. 	// --------------------------------------------------------------------

  43. 

  44. 	// Clear any errors that might have been found previously:

  45. 	$errors = array();
  46. 	
  47. 	// Write the form variables into an array:

  48. 	foreach($_REQUEST as $varname => $value)
  49. 		$formVars[$varname] = trim($value); // remove any leading or trailing whitespace from the field's contents & copy the trimmed string to the '$formVars' array

  50. //		$formVars[$varname] = trim(clean($value, 50)); // the use of the clean function would be more secure!

  51. 

  52. 	// --------------------------------------------------------------------

  53. 

  54. 	// Extract form variables:

  55. 	// Note: Although we could use the '$formVars' array directly below (e.g.: $formVars['origRecord'] etc., like in 'user_validation.php'), we'll read out

  56. 	//       all variables individually again. This is done to enhance readability. (A smarter way of doing so seems be the use of the 'extract()' function, but that

  57. 	//       may expose yet another security hole...)

  58. 

  59. 	// First of all, check if this script was called by something else than 'duplicate_manager.php':

  60. 	if (!preg_match("#/duplicate_manager\.php#i", $referer)) // variable '$referer' is globally defined in function 'start_session()' in 'include.inc.php'

  61. 	{
  62. 		// return an appropriate error message:

  63. 		$HeaderString = returnMsg($loc["Warning_InvalidCallToScript"] . " '" . scriptURL() . "'!", "warning", "strong", "HeaderString"); // functions 'returnMsg()' and 'scriptURL()' are defined in 'include.inc.php'

  64. 		
  65. 		header("Location: " . $referer); // redirect to calling page

  66. 

  67. 		exit; // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> !EXIT! <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

  68. 	}
  69. 

  70. 	// Extract the form used by the user:

  71. 	$formType = $formVars['formType'];
  72. 

  73. 	// Extract the view type requested by the user (either 'Mobile', 'Print', 'Web' or ''):

  74. 	// ('' will produce the default 'Web' output style)

  75. 	if (isset($formVars['viewType']))
  76. 		$viewType = $formVars['viewType'];
  77. 	else
  78. 		$viewType = "";
  79. 

  80. 	// Extract other form values provided by 'duplicate_manager.php':

  81. 	if (isset($formVars['origRecord']))
  82. 		$origRecord = $formVars['origRecord'];
  83. 	else
  84. 		$origRecord = "";
  85. 

  86. 	if (isset($formVars['dupRecords']))
  87. 		$dupRecords = $formVars['dupRecords'];
  88. 	else
  89. 		$dupRecords = "";
  90. 

  91. 	// Extract serial numbers (i.e. discard any non-digit characters from the original user input):

  92. 	$origRecordSerial = preg_replace("/\D*(\d+).*/", "\\1", $origRecord); // extract the first number given

  93. 	$dupRecordSerialsArray = preg_split("/\D+/", $dupRecords, -1, PREG_SPLIT_NO_EMPTY); // extract all given serial numbers (the 'PREG_SPLIT_NO_EMPTY' flag causes only non-empty pieces to be returned)

  94. 

  95. 	// --------------------------------------------------------------------

  96. 

  97. 	// (1) OPEN CONNECTION, (2) SELECT DATABASE

  98. 	connectToMySQLDatabase(); // function 'connectToMySQLDatabase()' is defined in 'include.inc.php'

  99. 

  100. 	// --------------------------------------------------------------------

  101. 

  102. 	// VALIDATE data fields:

  103. 

  104. 	// NOTE: for all fields that are validated here must exist error parsing code (of the form: " . fieldError("origRecord", $errors) . ")

  105. 	//       in front of the respective <input> form field in 'duplicate_manager.php'! Otherwise the generated error won't be displayed!

  106. 

  107. 	// Validate the 'Original' field:

  108. 	if (empty($origRecord) OR !preg_match("/\d/", $origRecord))
  109. 		$errors["origRecord"] = "You must specify a serial number for the original record:"; // 'origRecord' must not be empty and must contain a number

  110. 

  111. 	elseif (preg_match("/\d\D+\d/", $origRecord))
  112. 		$errors["origRecord"] = "You can only specify a single record as original entry:"; // only one serial number must be given

  113. 	
  114. 	elseif (in_array($origRecordSerial, $dupRecordSerialsArray))
  115. 		$errors["origRecord"] = "The original record cannot be one of the duplicate records:"; // the serial number of the original record must not be given within the list of duplicate serial numbers

  116. 	
  117. 	// Validate the 'Duplicates' field:

  118. 	if (empty($dupRecords) OR !preg_match("/\d/", $dupRecords))
  119. 		$errors["dupRecords"] = "You must specify at least one serial number that identifies a duplicate record:"; // 'dupRecords' must not be empty and at least one serial number must be given

  120. 	
  121. 	// --------------------------------------------------------------------

  122. 

  123. 	// Now the script has finished the validation, check if there were any errors:

  124. 	if (count($errors) > 0)
  125. 	{
  126. 		// Write back session variables:

  127. 		saveSessionVariable("errors", $errors); // function 'saveSessionVariable()' is defined in 'include.inc.php'

  128. 		saveSessionVariable("formVars", $formVars);
  129. 

  130. 		// There are errors. Relocate back to the 'Flag Duplicates' form (script 'duplicate_manager.php'):

  131. 		header("Location: " . $referer);
  132. 

  133. 		exit; // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> !EXIT! <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

  134. 	}
  135. 

  136. 	// --------------------------------------------------------------------

  137. 

  138. 	// If we made it here, then the data is considered valid!

  139. 

  140. 	// CONSTRUCT SQL QUERY:

  141. 

  142. 	// UPDATE field 'orig_record' in table 'refs':

  143. 	// original record:

  144. 	$queryArray[] = "UPDATE $tableRefs SET "
  145. 					. "orig_record = -" . $origRecordSerial
  146. 					. " WHERE serial = " . $origRecordSerial;
  147. 

  148. 	// duplicate record(s):

  149. 	$queryArray[] = "UPDATE $tableRefs SET "
  150. 					. "orig_record = " . $origRecordSerial
  151. 					. " WHERE serial RLIKE \"^(" . implode("|", $dupRecordSerialsArray) . ")$\"";

  152. 

  153. 	// --------------------------------------------------------------------

  154. 

  155. 	// (3) RUN QUERY, (4) DISPLAY HEADER & RESULTS

  156. 

  157. 	// (3) RUN the queries on the database through the connection:

  158. 	foreach($queryArray as $query)
  159. 		$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'

  160. 

  161. 	$affectedRows = ($result ? mysqli_affected_rows ($connection) : 0); // get the number of rows that were modified (or return 0 if an error occurred)

  162. 

  163. 	if ($affectedRows == 0) // no rows were affected by the update

  164. 	{
  165. 		// we'll file this additional error element here so that the 'errors' session variable isn't empty causing 'duplicate_manager.php' to re-load the form data that were submitted by the user

  166. 		$errors["ignoredRecords"] = "all";
  167. 

  168. 		// return an appropriate error message:

  169. 		$HeaderString = returnMsg("Nothing was changed by your query!", "warning", "strong", "HeaderString"); // function 'returnMsg()' is defined in 'include.inc.php'

  170. 

  171. 		// Write back session variables:

  172. 		saveSessionVariable("errors", $errors); // function 'saveSessionVariable()' is defined in 'include.inc.php'

  173. 		saveSessionVariable("formVars", $formVars);
  174. 		
  175. 		// Relocate back to the 'Flag Duplicates' form (script 'duplicate_manager.php'):

  176. 		header("Location: " . $referer);
  177. 

  178. 		exit; // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> !EXIT! <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

  179. 	}
  180. 

  181. 	// Build correct header message:

  182. 	$HeaderString = returnMsg("The records below have been successfully flagged as original/duplicate records:", "", "", "HeaderString"); // function 'returnMsg()' is defined in 'include.inc.php'

  183. 

  184. 

  185. 	// Merge all given record serial numbers:

  186. 	$allRecordSerialsString = $origRecordSerial . "," . implode(",", $dupRecordSerialsArray);
  187. 

  188. 	// (4) Call 'show.php' which will display all affected records along with the header message

  189. 	//     (routing feedback output to a different script page will avoid any reload problems effectively!)

  190. 	header("Location: show.php?records=" . $allRecordSerialsString);
  191. 

  192. 	// --------------------------------------------------------------------

  193. 

  194. 	// (5) CLOSE CONNECTION

  195. 	disconnectFromMySQLDatabase(); // function 'disconnectFromMySQLDatabase()' is defined in 'include.inc.php'

  196. 

  197. 	// --------------------------------------------------------------------

  198. ?>