-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathlink_contacts.php
More file actions
87 lines (73 loc) · 3.81 KB
/
link_contacts.php
File metadata and controls
87 lines (73 loc) · 3.81 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
<?php
$headings = array_key_exists('headings', $_POST) ? $_POST['headings'] : array();
$navbox = array_key_exists( 'navbox', $_POST) ? $_POST[ 'navbox' ] : TRUE;
$urls = array_key_exists( 'urls', $_POST) ? $_POST[ 'urls' ] : array();
require_once './php/essentials.php';
include_once './php/nocache.php';
if (empty($_POST)) redirect('');
foreach (array('user_id', 'business_id', 'client_id') as $part) {
if (!array_key_exists($part, $_POST))
friendly_error("No $part was specified. There must be something wrong with the page you've just come from.", TRUE);
if (preg_match('/^\d+$/', $_POST[$part]))
settype($_POST[$part], 'integer');
else
trigger_error("‘{$_POST[$part]}’ isn't a valid $part.", E_USER_ERROR);
}
if (! defined('AUTHUID') and ($user_id = $_POST['user_id']) > 0)
require_once './php/identify/authenticate.php';
if (AUTHUID != $_POST['user_id']) die;
if (!array_key_exists('realcontacts', $_POST)) $_POST['realcontacts'] = array();
foreach ($_POST['realcontacts'] as &$realcontact_id) {
if (! preg_match('/^\d+$/', $realcontact_id))
trigger_error("‘$realcontact_id’ isn't a valid realcontact_id.", E_USER_ERROR);
}
if (array_key_exists('business_name', $_POST)) {
$thebusiness = "the business ‘{$_POST['business_name']}’";
$business_ybox = "the business ‘"
. $db_connection->real_escape_string(truncate($_POST['business_name'])) . "’";
} else {
$thebusiness = "business $numero {$_POST['business_id']}";
$business_ybox = "business No. {$_POST['business_id']}";
}
if (array_key_exists('client_name', $_POST)) {
$theclient = "the client ‘{$_POST['client_name']}’";
$client_ybox = "the client ‘"
. $db_connection->real_escape_string(truncate($_POST['client_name'])) . "’";
} else {
$theclient = "client $numero {$_POST['client_id']}";
$client_ybox = "client No. {$_POST['client_id']}";
}
$result = $db_connection->query('SELECT realcontact_id FROM metacontacts WHERE user_id=' . $_POST['user_id'] .
" AND business_id={$_POST['business_id']} AND client_id={$_POST['client_id']}");
if ($result === FALSE) trigger_error(
"I was just trying to check which contacts from $thebusiness were already linked to $theclient, and something went wrong. Here's the
error message:<br />\n" . $db_connection->error, E_USER_ERROR);
$existing = array();
while ($mini = $result->fetch_row()) {
$existing[] = $mini[0];
}
$result->free();
unset($result);
$insert = array_diff($_POST['realcontacts'], $existing);
$delete = array_diff($existing, $_POST['realcontacts']);
// magic line that makes it work
$insert = unserialize(serialize($insert));
foreach ($delete as $realcontact_id) {
$result = $db_connection->query("DELETE FROM metacontacts WHERE user_id={$_POST['user_id']} AND business_id={$_POST['business_id']}" .
" AND client_id={$_POST['client_id']} AND realcontact_id=$realcontact_id");
if ($result === FALSE) trigger_error(
"I didn't manage to dissociate the deselected contacts from $theclient. Here's the
error message:<br />\n" . $db_connection->error, E_USER_ERROR);
}
unset($result, $realcontact_id);
foreach ($insert as $realcontact_id) {
$result = $db_connection->query("INSERT INTO metacontacts (user_id,business_id,client_id,realcontact_id)" .
"VALUES({$_POST['user_id']},{$_POST['business_id']},{$_POST['client_id']},$realcontact_id)");
if ($result === FALSE) trigger_error(
"I couldn't link the contacts you specified with $theclient. Here's the
error message:<br />\n" . $db_connection->error, E_USER_ERROR);
}
unset($result, $realcontact_id);
$db_connection->query("INSERT INTO messages (user_id,tie,msg) VALUES({$_POST['user_id']},"
. yellowboxtie($user_id) . ",'I\'ve recorded which contacts are linked to $client_ybox.')");
redirect($_POST['goto']);