print button in reporting module.
*/
$path_to_root = "..";
+global $page_security, $save_report_selections;
$page_security = 'SA_OPEN'; // this level is later overriden in rep file
include_once($path_to_root . "/includes/session.inc");
-/*
- Find report definition file.
- Standard reports can be superseded by report with the same id
- included in active extension, or company customized report.
-*/
-function find_report_file($rep) {
- global $installed_extensions, $comp_path, $path_to_root;
-
- // customized per company versions
- $rep_file = $comp_path.'/'.user_company()."/reporting/rep$rep.php";
- if (file_exists($rep_file))
- return $rep_file;
- // reports added by active extension modules
- if (count($installed_extensions) > 0)
- {
- $extensions = $installed_extensions;
- foreach ($extensions as $ext)
- if (($ext['active'] && $ext['type'] == 'module')) {
- $rep_file = $path_to_root.'/'.$ext['path']."/reporting/rep$rep.php";
- if (file_exists($rep_file))
- return $rep_file;
- }
+if (isset($save_report_selections) && $save_report_selections > 0 && isset($_POST['REP_ID'])) { // save parameters from Report Center
+ for($i=0; $i<12; $i++) { // 2013-01-16 Joe Hunt
+ if (isset($_POST['PARAM_'.$i]) && !is_array($_POST['PARAM_'.$i])) {
+ $rep = $_POST['REP_ID'];
+ setcookie("select[$rep][$i]", $_POST['PARAM_'.$i], time()+60*60*24*$save_report_selections); // days from $save_report_selections
+ }
}
- // standard reports
- $rep_file = $path_to_root ."/reporting/rep$rep.php";
- if (file_exists($rep_file))
- return $rep_file;
-
- return null;
-}
+}
if (isset($_GET['xls']))
{
$filename = $_GET['filename'];
- $unique_name = $_GET['unique'];
- $path = $comp_path.'/'.user_company(). '/pdf_files/';
+ $unique_name = preg_replace('/[^0-9a-z.]/i', '', $_GET['unique']);
+ $path = company_path(). '/pdf_files/';
header("Content-type: application/vnd.ms-excel");
header("Content-Disposition: attachment; filename=$filename" );
header("Expires: 0");
elseif (isset($_GET['xml']))
{
$filename = $_GET['filename'];
- $unique_name = $_GET['unique'];
- $path = $comp_path.'/'.user_company(). '/pdf_files/';
+ $unique_name = preg_replace('/[^0-9a-z.]/i', '', $_GET['unique']);
+ $path = company_path(). '/pdf_files/';
header("content-type: text/xml");
header("Content-Disposition: attachment; filename=$filename");
header("Expires: 0");
? $_GET['PARAM_'.$i] : $def_pars[$i];
}
}
-$rep = $_POST['REP_ID'];
-$rep_file = find_report_file($rep);
-require($rep_file);
+$rep = preg_replace('/[^a-z_0-9]/i', '', $_POST['REP_ID']);
+
+$rep_file = find_custom_file("/reporting/rep$rep.php");
+
+if ($rep_file) {
+ require($rep_file);
+} else
+ display_error("Cannot find report file '$rep'");
exit();
?>
\ No newline at end of file