query('UPDATE `zz_modules` SET `title`='.prepare(post('title')).', `options2`='.prepare($options2).' WHERE `id`='.prepare($id_record)); $rs = true; } else { $rs = false; } if ($rs) { flash()->info(tr('Salvataggio completato!')); } else { flash()->error(tr('Ci sono stati alcuni errori durante il salvataggio!')); } break; case 'fields': $rs = true; // Fix per la protezone contro XSS, che interpreta la sequenza " $query) { if (check_query($query)) { $array = [ 'name' => post('name')[$c], 'query' => $query, 'visible' => post('visible')[$c], 'search' => post('search')[$c], 'slow' => post('slow')[$c], 'format' => post('format')[$c], 'summable' => post('sum')[$c], 'search_inside' => post('search_inside')[$c], 'order_by' => post('order_by')[$c], 'id_module' => $id_record, ]; if (!empty(post('id')[$c]) && !empty($query)) { $id = post('id')[$c]; $dbo->update('zz_views', $array, ['id' => $id]); } elseif (!empty($query)) { $array['order'] = orderValue('zz_views', 'id_module', $id_record); $dbo->insert('zz_views', $array); $id = $dbo->lastInsertedID(); } // Aggiornamento dei permessi relativi $dbo->sync('zz_group_view', ['id_vista' => $id], ['id_gruppo' => (array) post('gruppi')[$c]]); } else { $rs = false; } } if ($rs) { flash()->info(tr('Salvataggio completato!')); } else { flash()->error(tr('Ci sono stati alcuni errori durante il salvataggio!')); } break; case 'filters': $rs = true; // Fix per la protezone contro XSS, che interpreta la sequenza " $query) { $query = $_POST['query'][$c]; if (check_query($query)) { $array = [ 'name' => post('name')[$c], 'idgruppo' => post('gruppo')[$c], 'idmodule' => $id_record, 'clause' => $query, 'position' => !empty(post('position')[$c]) ? 'HVN' : 'WHR', ]; if (!empty(post('id')[$c]) && !empty($query)) { $id = post('id')[$c]; $dbo->update('zz_group_module', $array, ['id' => $id]); } elseif (!empty($query)) { $dbo->insert('zz_group_module', $array); $id = $dbo->lastInsertedID(); } } else { $rs = false; } } if ($rs) { flash()->info(tr('Salvataggio completato!')); } else { flash()->error(tr('Ci sono stati alcuni errori durante il salvataggio!')); } break; case 'change': $id = filter('id'); $rs = $dbo->fetchArray('SELECT enabled FROM zz_group_module WHERE id='.prepare($id)); $dbo->update('zz_group_module', [ 'enabled' => !empty($rs[0]['enabled']) ? 0 : 1 ], ['id' => $id]); flash()->info(tr('Salvataggio completato!')); break; case 'test': $total = App::readQuery(Modules::get($id_record)); $module_query = $total['query']; $dbo->fetchArray($module_query.' LIMIT 1'); break; case 'delete': $id = filter('id'); $dbo->query('DELETE FROM `zz_views` WHERE `id`='.prepare($id)); $dbo->query('DELETE FROM `zz_group_view` WHERE `id_vista`='.prepare($id)); flash()->info(tr('Eliminazione completata!')); break; case 'delete_filter': $id = filter('id'); $dbo->query('DELETE FROM `zz_group_module` WHERE `id`='.prepare($id)); flash()->info(tr('Eliminazione completata!')); break; case 'update_position': $start = filter('start') + 1; $end = filter('end') + 1; $id = filter('id'); if ($start > $end) { $dbo->query('UPDATE `zz_views` SET `order`=`order` + 1 WHERE `order`>='.prepare($end).' AND `order`<'.prepare($start).' AND id_module='.prepare($id_record)); $dbo->query('UPDATE `zz_views` SET `order`='.prepare($end).' WHERE id='.prepare($id)); } elseif ($end != $start) { $dbo->query('UPDATE `zz_views` SET `order`=`order` - 1 WHERE `order`>'.prepare($start).' AND `order`<='.prepare($end).' AND id_module='.prepare($id_record)); $dbo->query('UPDATE `zz_views` SET `order`='.prepare($end).' WHERE id='.prepare($id)); } break; }