Subversion Repositories eFlore/Applications.cel

Rev

Rev 2458 | Rev 2486 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 2458 Rev 2461
Line 15... Line 15...
15
 * @license    CECILL v2 <http://www.cecill.info/licences/Licence_CeCILL_V2-en.txt>
15
 * @license    CECILL v2 <http://www.cecill.info/licences/Licence_CeCILL_V2-en.txt>
16
 * @copyright  1999-2014 Tela Botanica <accueil@tela-botanica.org>
16
 * @copyright  1999-2014 Tela Botanica <accueil@tela-botanica.org>
17
 */
17
 */
18
class InventoryTransmit extends Cel  {
18
class InventoryTransmit extends Cel  {
Line -... Line 19...
-
 
19
 
-
 
20
	private $idUtilisateur = null;
-
 
21
	private $ordres = null;
19
 
22
 
20
	public function updateElement($uid, $pairs) {
23
	public function updateElement($ressources, $data) {
21
		// Controle detournement utilisateur
24
		$this->verifierRessources($ressources);
-
 
25
		$this->verifierData($data);
-
 
26
 
-
 
27
		$transmission = intval($data['transmission']);
-
 
28
		$date = ($transmission == 1) ? 'NOW()' : 'NULL';
-
 
29
 
-
 
30
		$idsObsConcat = implode(',', $this->getIdsObs());
-
 
31
 
-
 
32
		$requete = 'UPDATE cel_obs '.
-
 
33
			"SET transmission = $transmission, date_transmission = $date, date_modification = NOW() ".
-
 
34
			"WHERE id_observation IN ($idsObsConcat) ".
-
 
35
			' -- '.__FILE__.':'.__LINE__;
-
 
36
		$resultatObs = Cel::db()->executer($requete);
-
 
37
 
-
 
38
		$requete = 'UPDATE cel_images '.
-
 
39
			"SET transmission = $transmission, date_transmission = $date, date_modification = NOW() ".
-
 
40
			"WHERE ce_observation IN ($idsObsConcat) ".
-
 
41
			' -- '.__FILE__.':'.__LINE__;
-
 
42
		$resultatImg = Cel::db()->executer($requete);
-
 
43
 
-
 
44
		return ($resultatObs != 0 && $resultatImg != 0);
-
 
45
	}
-
 
46
 
22
		$this->controleUtilisateur($uid[0]);
47
	private function verifierRessources($ressources) {
23
		if (!isset($uid[1])) {
48
		if (!isset($ressources[0])) {
-
 
49
			return false;
-
 
50
		} else {
-
 
51
			$this->controleUtilisateur($ressources[0]);
24
			return false;
52
			$this->idUtilisateur = $ressources[0];
-
 
53
		}
-
 
54
		if (!isset($ressources[1])) {
-
 
55
			return false;
-
 
56
		} else {
-
 
57
			$this->ordres = $ressources[1];
-
 
58
		}
-
 
59
	}
-
 
60
 
25
		}
61
	private function verifierData($data) {
26
		$transmission = intval($pairs['transmission']);
62
		$transmission = (int) $data['transmission'];
27
		if ($transmission != 0 && $transmission != 1) {
63
		if ($transmission != 0 && $transmission != 1) {
28
			return false;
64
			return false;
-
 
65
		}
Line -... Line 66...
-
 
66
	}
29
		}
67
 
-
 
68
	private function getIdsObs() {
-
 
69
		$idUtilisateurP = Cel::db()->proteger($this->idUtilisateur);
Line 30... Line 70...
30
 
70
		$ordres = $this->nettoyerOrdres();
31
		$ids = array_filter(array_map(create_function('$v','return intval($v);'), explode(',', $uid[1])), 'strlen');
-
 
32
 
71
		$ordreConcat = implode(',', $ordres);
33
		$date = ($transmission == 1) ? 'now()' : 'NULL';
-
 
34
		//TODO: modification pour passer ceci dans la classe gestion observation
-
 
35
		$requete = 'UPDATE cel_obs '.
72
 
36
			'SET transmission = '.$pairs['transmission'].', '.
73
		$requete = 'SELECT id_observation '.
37
			'date_modification = now(), date_transmission = '.$date.' '.
74
			'FROM cel_obs '.
38
			'WHERE ce_utilisateur = '.Cel::db()->proteger($uid[0]).' '.
75
			"WHERE ce_utilisateur = $idUtilisateurP ".
-
 
76
			"AND ordre IN ($ordreConcat) ".
-
 
77
			' -- '.__FILE__.':'.__LINE__;
-
 
78
		$resultats = Cel::db()->executer($requete);
-
 
79
 
-
 
80
		$idsObs = array();
-
 
81
		if ($idsObs && is_array($idsObs)) {
-
 
82
			foreach ($resultats as $infos) {
-
 
83
				$idsObs[] = $infos['id_observation'];
-
 
84
			}
-
 
85
		}
-
 
86
		return $idsObs;
-
 
87
	}
-
 
88
 
-
 
89
	private function nettoyerOrdres() {
-
 
90
		$ordres = explode(',', $this->ordres);
-
 
91
		$ordresNettoyes = array();
-
 
92
		foreach ($ordres as $ordre) {
-
 
93
			if (preg_match('/^\d+$/', $ordre)) {
39
			'AND ordre in ('.implode(',', $ids).') '.
94
				$ordresNettoyes[] = $ordre;
40
			' -- '.__FILE__.':'.__LINE__;
95
			}
41
		$resultat = Cel::db()->executer($requete);
96
		}
42
		return ($resultat != 0);
97
		return $ordresNettoyes;