X-Git-Url: http://git.pippins.net/embedvideo/.git/static/gitweb.js?a=blobdiff_plain;f=inc%2Fclass.eq.inc.php;h=b0a9fd016dbe352e263c79904f91fcaed6dbf817;hb=9e24999ac4e155679e9c8bf05e92b4f0742096a6;hp=53de695e33061ddc190754d3a71239a147eca8dc;hpb=37d22c01cf5181413568afe66ceb6ec716664e04;p=eq%2F.git

diff --git a/inc/class.eq.inc.php b/inc/class.eq.inc.php
index 53de695..b0a9fd0 100644
--- a/inc/class.eq.inc.php
+++ b/inc/class.eq.inc.php
@@ -726,9 +726,9 @@ class eq
       
       if($action == 'save')
 	{
-	  $activity['assignment'] = $this->db->db_addslashes(get_var('assignment',array('POST')));
-	  $activity['date'] = $this->db->db_addslashes(get_var('date',array('POST')));
-	  $activity['notes']= $this->db->db_addslashes(get_var('notes',array('POST')));
+	  $activity['assignment'] = get_var('assignment',array('POST'));
+	  $activity['date'] = get_var('date',array('POST'));
+	  $activity['notes']= get_var('notes',array('POST'));
 	  $this->db->query("UPDATE eq_activity set " .
 			   "   assignment='" . $activity['assignment'] .
 			   "', date='" . $activity['date'] . "'" .
@@ -752,9 +752,9 @@ class eq
 
       if($action == 'insert')
 	{
-	  $activity['assignment'] = $this->db->db_addslashes(get_var('assignment',array('POST')));
-	  $activity['date'] = $this->db->db_addslashes(get_var('date',array('POST')));
-	  $activity['notes']= $this->db->db_addslashes(get_var('notes',array('POST')));
+	  $activity['assignment'] = get_var('assignment',array('POST'));
+	  $activity['date'] = get_var('date',array('POST'));
+	  $activity['notes']= get_var('notes',array('POST'));
 	  $this->db->query("INSERT INTO eq_activity (assignment,date,notes) "
 			   . "VALUES ('" . $activity['assignment'] . "','"
 			   . $activity['date'] . "','" . $activity['notes'] . "')",__LINE__,__FILE__);
@@ -937,8 +937,8 @@ class eq
 
       if($action == 'save')
 	{
-	  $assignment['name'] = $this->db->db_addslashes(get_var('name',array('POST')));
-	  $assignment['code'] = $this->db->db_addslashes(get_var('code',array('POST')));
+	  $assignment['name'] = get_var('name',array('POST'));
+	  $assignment['code'] = get_var('code',array('POST'));
 	  $this->db->query("UPDATE eq_assignment set " .
 			   "  name='" . $assignment['name'] . "'" .
 			   ", code='" . $assignment['code'] . "'" .
@@ -950,8 +950,8 @@ class eq
 
       if($action == 'insert')
 	{
-	  $assignment['name'] = $this->db->db_addslashes(get_var('name',array('POST')));
-	  $assignment['code'] = $this->db->db_addslashes(get_var('code',array('POST')));
+	  $assignment['name'] = get_var('name',array('POST'));
+	  $assignment['code'] = get_var('code',array('POST'));
 	  $this->db->query("INSERT INTO eq_assignment (name,code) "
 			   . "VALUES ('" . $assignment['name'] . "','"
 			   . $assignment['code'] . "')",__LINE__,__FILE__);
@@ -1683,6 +1683,7 @@ class eq
 	     $elder_name = $entry['elder_name'];
 	     $int_pri = $entry['pri'];
 	     $aaronic = $entry['aaronic'];
+	     //print "int_notes: $int_notes elder_name: $elder_name aaronic: $aaronic <Br>";
 	     if($aaronic == 0) { 
 	       // Perform database save actions here
 	       $this->db->query("UPDATE eq_elder set " .
@@ -1886,20 +1887,24 @@ class eq
 		$table_data.= "<tr bgcolor=". $this->t->get_var('tr_color') ."><td title=\"$phone\"><a href=$link>$name</a></td>";
 		$table_data.= "<td align=center>$phone</td>";
 		$table_data.= "<td align=center>";
-		$table_data.= '<select name=int_notes['.$i.'][pri]>';
-		foreach(range(0,6) as $num) {
-		  if($num == 0) { $num = 1; } else {$num = $num*5; }
-		  if($int_pri == $num) { $selected[$num] = 'selected="selected"'; } else { $selected[$num] = ''; }
-		  $table_data.= '<option value='.$num.' '.$selected[$num].'>'.$num.'</option>';
+		if($aaronic == 0) { 
+		  $table_data.= '<select name=int_notes['.$i.'][pri]>';
+		  foreach(range(0,6) as $num) {
+		    if($num == 0) { $num = 1; } else {$num = $num*5; }
+		    if($int_pri == $num) { $selected[$num] = 'selected="selected"'; } else { $selected[$num] = ''; }
+		    $table_data.= '<option value='.$num.' '.$selected[$num].'>'.$num.'</option>';
+		  }
+		  $table_data.= '</select></td>';
 		}
-		$table_data.= '</select></td>';
 		$table_data.= "<td align=center>$date</td>";
-		$table_data.= '<td><input type=text size="50" maxlength="128" name="int_notes['.$i.'][notes]" value="'.$int_notes.'">';
+		if($aaronic == 0) { 
+		  $table_data.= '<td><input type=text size="50" maxlength="128" name="int_notes['.$i.'][notes]" value="'.$int_notes.'">';
+		}
 		$table_data.= '<input type=hidden name="int_notes['.$i.'][elder_id]" value="'.$id.'">';
 		$table_data.= '<input type=hidden name="int_notes['.$i.'][elder_name]" value="'.$name.'">';
 		$table_data.= '<input type=hidden name="int_notes['.$i.'][aaronic]" value="'.$aaronic.'">';
 		$table_data.= '</td>';
-		$table_data.= '</tr>';
+		$table_data.= '</tr>'."\n";
 		$i++;
 	      } else {
 		$link_data['menuaction'] = 'eq.eq.int_update';
@@ -2201,7 +2206,7 @@ class eq
 	    $families_with_yearly_visit++;
 	    $date = $this->db2->f('date');
 	    $vis_notes = $this->db2->f('notes');
-	    if(strlen($vis_notes) > 40) { $vis_notes = substr($vis_notes,0,40) . "..."; }
+	    if(strlen($vis_notes) > 40) { $vis_notes = stripslashes(substr($vis_notes,0,40) . "..."); }
 	    $completed_data.= "<tr bgcolor=". $this->t->get_var('tr_color2') ."><td title=\"$phone\"><a href=$link>$name Family</a></td>";
 	    $completed_data.= "<td align=center>$phone</td>";
 	    $completed_data.= "<td align=center><a href=".$link.">$date</a></td>";
@@ -2212,7 +2217,7 @@ class eq
 	  }
       }
 
-      $name_width=175; $phone_width=100; $date_width=100; $notes_width=300;
+      $name_width=190; $phone_width=100; $date_width=100; $notes_width=300;
       $completed_table_width=$name_width + $phone_width + $date_width + $notes_width;
       $completed_header_row = "<th width=$name_width><font size=-2>Family Name</th>";
       $completed_header_row.= "<th width=$phone_width><font size=-2>Phone</th>";      
@@ -2423,7 +2428,7 @@ class eq
       
       if($action == 'save')
 	{
-	  $notes = $this->db->db_addslashes(get_var('notes',array('POST')));
+	  $notes = get_var('notes',array('POST'));
 	  $this->db->query("UPDATE eq_ppi set " .
 			   "   ppi='" . $ppi . "'" .
 		    ", interviewer='" . $interviewer . "'" .
@@ -2438,7 +2443,7 @@ class eq
 
       if($action == 'insert')
 	{
-	  $notes = $this->db->db_addslashes(get_var('notes',array('POST')));
+	  $notes = get_var('notes',array('POST'));
 	  $this->db->query("INSERT INTO eq_ppi (interviewer,elder,date,notes,eqpresppi) "
 			   . "VALUES ('" . $interviewer . "','" . $elder . "','"
 			   . $date . "','" . $notes . "','" . $eqpresppi  ."')",__LINE__,__FILE__);
@@ -2752,7 +2757,7 @@ class eq
       
       if($action == 'save')
 	{
-	  $notes = $this->db->db_addslashes(get_var('notes',array('POST')));
+	  $notes = get_var('notes',array('POST'));
 	  $this->db->query("UPDATE eq_interview set " .
 		     "   interview='" . $interview . "'" .
 		    ", interviewer='" . $interviewer . "'" .
@@ -2767,7 +2772,7 @@ class eq
 
       if($action == 'insert')
 	{
-	  $notes = $this->db->db_addslashes(get_var('notes',array('POST')));
+	  $notes = get_var('notes',array('POST'));
 	  $this->db->query("INSERT INTO eq_interview (interviewer,elder,aaronic,date,notes) "
 			   . "VALUES ('" . $interviewer . "','" . $elder . "','" . $aaronic . "','"
 			   . $date . "','" . $notes ."')",__LINE__,__FILE__);
@@ -2965,7 +2970,7 @@ class eq
       
       if($action == 'save')
 	{
-	  $notes = $this->db->db_addslashes(get_var('notes',array('POST')));
+	  $notes = get_var('notes',array('POST'));
 	  $this->db->query("UPDATE eq_visit set " .
 			   "  date='" . $date . "'" .
 			  ", notes='" . $notes . "'" .
@@ -2976,7 +2981,7 @@ class eq
 
       if($action == 'insert')
 	{
-	  $notes = $this->db->db_addslashes(get_var('notes',array('POST')));
+	  $notes = get_var('notes',array('POST'));
 	  $this->db->query("INSERT INTO eq_visit (family,companionship,date,notes) "
 			   . "VALUES ('" . $family . "','" . $companionship . "','"
 			   . $date . "','" . $notes . "')",__LINE__,__FILE__);