employees_dml.php

<?php

// Data functions (insert, update, delete, form) for table employees

// This script and data application were generated by AppGini 5.51
// Download AppGini for free from http://bigprof.com/appgini/download/

function employees_insert(){
	global $Translation;

	// mm: can member insert record?
	$arrPerm=getTablePermissions('employees');
	if(!$arrPerm[1]){
		return false;
	}

	$data['first'] = makeSafe($_REQUEST['first']);
		if($data['first'] == empty_lookup_value){ $data['first'] = ''; }
	$data['last'] = makeSafe($_REQUEST['last']);
		if($data['last'] == empty_lookup_value){ $data['last'] = ''; }
	$data['street_addr'] = makeSafe($_REQUEST['street_addr']);
		if($data['street_addr'] == empty_lookup_value){ $data['street_addr'] = ''; }
	$data['city'] = makeSafe($_REQUEST['city']);
		if($data['city'] == empty_lookup_value){ $data['city'] = ''; }
	$data['state'] = makeSafe($_REQUEST['state']);
		if($data['state'] == empty_lookup_value){ $data['state'] = ''; }
	$data['hire_date'] = intval($_REQUEST['hire_dateYear']) . '-' . intval($_REQUEST['hire_dateMonth']) . '-' . intval($_REQUEST['hire_dateDay']);
	$data['hire_date'] = parseMySQLDate($data['hire_date'], '1');
	$data['notes'] = makeSafe($_REQUEST['notes']);
		if($data['notes'] == empty_lookup_value){ $data['notes'] = ''; }

	// hook: employees_before_insert
	if(function_exists('employees_before_insert')){
		$args=array();
		if(!employees_before_insert($data, getMemberInfo(), $args)){ return false; }
	}

	$o = array('silentErrors' => true);
	sql('insert into `employees` set       `first`=' . (($data['first'] !== '' && $data['first'] !== NULL) ? "'{$data['first']}'" : 'NULL') . ', `last`=' . (($data['last'] !== '' && $data['last'] !== NULL) ? "'{$data['last']}'" : 'NULL') . ', `street_addr`=' . (($data['street_addr'] !== '' && $data['street_addr'] !== NULL) ? "'{$data['street_addr']}'" : 'NULL') . ', `city`=' . (($data['city'] !== '' && $data['city'] !== NULL) ? "'{$data['city']}'" : 'NULL') . ', `state`=' . (($data['state'] !== '' && $data['state'] !== NULL) ? "'{$data['state']}'" : 'NULL') . ', `hire_date`=' . (($data['hire_date'] !== '' && $data['hire_date'] !== NULL) ? "'{$data['hire_date']}'" : 'NULL') . ', `notes`=' . (($data['notes'] !== '' && $data['notes'] !== NULL) ? "'{$data['notes']}'" : 'NULL'), $o);
	if($o['error']!=''){
		echo $o['error'];
		echo "<a href=\"employees_view.php?addNew_x=1\">{$Translation['< back']}</a>";
		exit;
	}

	$recID = db_insert_id(db_link());

	// hook: employees_after_insert
	if(function_exists('employees_after_insert')){
		$res = sql("select * from `employees` where `id`='" . makeSafe($recID, false) . "' limit 1", $eo);
		if($row = db_fetch_assoc($res)){
			$data = array_map('makeSafe', $row);
		}
		$data['selectedID'] = makeSafe($recID, false);
		$args=array();
		if(!employees_after_insert($data, getMemberInfo(), $args)){ return $recID; }
	}

	// mm: save ownership data
	sql("insert ignore into membership_userrecords set tableName='employees', pkValue='" . makeSafe($recID, false) . "', memberID='" . makeSafe(getLoggedMemberID(), false) . "', dateAdded='" . time() . "', dateUpdated='" . time() . "', groupID='" . getLoggedGroupID() . "'", $eo);

	return $recID;
}

function employees_delete($selected_id, $AllowDeleteOfParents=false, $skipChecks=false){
	// insure referential integrity ...
	global $Translation;
	$selected_id=makeSafe($selected_id);

	// mm: can member delete record?
	$arrPerm=getTablePermissions('employees');
	$ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='employees' and pkValue='$selected_id'");
	$ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='employees' and pkValue='$selected_id'");
	if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
		// delete allowed, so continue ...
	}else{
		return $Translation['You don\'t have enough permissions to delete this record'];
	}

	// hook: employees_before_delete
	if(function_exists('employees_before_delete')){
		$args=array();
		if(!employees_before_delete($selected_id, $skipChecks, getMemberInfo(), $args))
			return $Translation['Couldn\'t delete this record'];
	}

	// child table: register
	$res = sql("select `id` from `employees` where `id`='$selected_id'", $eo);
	$id = db_fetch_row($res);
	$rires = sql("select count(1) from `register` where `seller`='".addslashes($id[0])."'", $eo);
	$rirow = db_fetch_row($rires);
	if($rirow[0] && !$AllowDeleteOfParents && !$skipChecks){
		$RetMsg = $Translation["couldn't delete"];
		$RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
		$RetMsg = str_replace("<TableName>", "register", $RetMsg);
		return $RetMsg;
	}elseif($rirow[0] && $AllowDeleteOfParents && !$skipChecks){
		$RetMsg = $Translation["confirm delete"];
		$RetMsg = str_replace("<RelatedRecords>", $rirow[0], $RetMsg);
		$RetMsg = str_replace("<TableName>", "register", $RetMsg);
		$RetMsg = str_replace("<Delete>", "<input type=\"button\" class=\"button\" value=\"".$Translation['yes']."\" onClick=\"window.location='employees_view.php?SelectedID=".urlencode($selected_id)."&delete_x=1&confirmed=1';\">", $RetMsg);
		$RetMsg = str_replace("<Cancel>", "<input type=\"button\" class=\"button\" value=\"".$Translation['no']."\" onClick=\"window.location='employees_view.php?SelectedID=".urlencode($selected_id)."';\">", $RetMsg);
		return $RetMsg;
	}

	sql("delete from `employees` where `id`='$selected_id'", $eo);

	// hook: employees_after_delete
	if(function_exists('employees_after_delete')){
		$args=array();
		employees_after_delete($selected_id, getMemberInfo(), $args);
	}

	// mm: delete ownership data
	sql("delete from membership_userrecords where tableName='employees' and pkValue='$selected_id'", $eo);
}

function employees_update($selected_id){
	global $Translation;

	// mm: can member edit record?
	$arrPerm=getTablePermissions('employees');
	$ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='employees' and pkValue='".makeSafe($selected_id)."'");
	$ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='employees' and pkValue='".makeSafe($selected_id)."'");
	if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){ // allow update?
		// update allowed, so continue ...
	}else{
		return false;
	}

	$data['first'] = makeSafe($_REQUEST['first']);
		if($data['first'] == empty_lookup_value){ $data['first'] = ''; }
	$data['last'] = makeSafe($_REQUEST['last']);
		if($data['last'] == empty_lookup_value){ $data['last'] = ''; }
	$data['street_addr'] = makeSafe($_REQUEST['street_addr']);
		if($data['street_addr'] == empty_lookup_value){ $data['street_addr'] = ''; }
	$data['city'] = makeSafe($_REQUEST['city']);
		if($data['city'] == empty_lookup_value){ $data['city'] = ''; }
	$data['state'] = makeSafe($_REQUEST['state']);
		if($data['state'] == empty_lookup_value){ $data['state'] = ''; }
	$data['hire_date'] = intval($_REQUEST['hire_dateYear']) . '-' . intval($_REQUEST['hire_dateMonth']) . '-' . intval($_REQUEST['hire_dateDay']);
	$data['hire_date'] = parseMySQLDate($data['hire_date'], '1');
	$data['notes'] = makeSafe($_REQUEST['notes']);
		if($data['notes'] == empty_lookup_value){ $data['notes'] = ''; }
	$data['last_update'] = parseCode('Timestamp: <%%editingDateTime%%> | User: <%%editorUsername%%> | IP: <%%editorIP%%>', false);
	$data['selectedID']=makeSafe($selected_id);

	// hook: employees_before_update
	if(function_exists('employees_before_update')){
		$args=array();
		if(!employees_before_update($data, getMemberInfo(), $args)){ return false; }
	}

	$o=array('silentErrors' => true);
	sql('update `employees` set       `first`=' . (($data['first'] !== '' && $data['first'] !== NULL) ? "'{$data['first']}'" : 'NULL') . ', `last`=' . (($data['last'] !== '' && $data['last'] !== NULL) ? "'{$data['last']}'" : 'NULL') . ', `street_addr`=' . (($data['street_addr'] !== '' && $data['street_addr'] !== NULL) ? "'{$data['street_addr']}'" : 'NULL') . ', `city`=' . (($data['city'] !== '' && $data['city'] !== NULL) ? "'{$data['city']}'" : 'NULL') . ', `state`=' . (($data['state'] !== '' && $data['state'] !== NULL) ? "'{$data['state']}'" : 'NULL') . ', `hire_date`=' . (($data['hire_date'] !== '' && $data['hire_date'] !== NULL) ? "'{$data['hire_date']}'" : 'NULL') . ', `notes`=' . (($data['notes'] !== '' && $data['notes'] !== NULL) ? "'{$data['notes']}'" : 'NULL') . ', `last_update`=' . "'{$data['last_update']}'" . " where `id`='".makeSafe($selected_id)."'", $o);
	if($o['error']!=''){
		echo $o['error'];
		echo '<a href="employees_view.php?SelectedID='.urlencode($selected_id)."\">{$Translation['< back']}</a>";
		exit;
	}


	// hook: employees_after_update
	if(function_exists('employees_after_update')){
		$res = sql("SELECT * FROM `employees` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
		if($row = db_fetch_assoc($res)){
			$data = array_map('makeSafe', $row);
		}
		$data['selectedID'] = $data['id'];
		$args = array();
		if(!employees_after_update($data, getMemberInfo(), $args)){ return; }
	}

	// mm: update ownership data
	sql("update membership_userrecords set dateUpdated='".time()."' where tableName='employees' and pkValue='".makeSafe($selected_id)."'", $eo);

}

function employees_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0){
	// function to return an editable form for a table records
	// and fill it with data of record whose ID is $selected_id. If $selected_id
	// is empty, an empty form is shown, with only an 'Add New'
	// button displayed.

	global $Translation;

	// mm: get table permissions
	$arrPerm=getTablePermissions('employees');
	if(!$arrPerm[1] && $selected_id==''){ return ''; }
	$AllowInsert = ($arrPerm[1] ? true : false);
	// print preview?
	$dvprint = false;
	if($selected_id && $_REQUEST['dvprint_x'] != ''){
		$dvprint = true;
	}


	// populate filterers, starting from children to grand-parents

	// unique random identifier
	$rnd1 = ($dvprint ? rand(1000000, 9999999) : '');
	// combobox: state
	$combo_state = new Combo;
	$combo_state->ListType = 0;
	$combo_state->MultipleSeparator = ', ';
	$combo_state->ListBoxHeight = 10;
	$combo_state->RadiosPerLine = 1;
	if(is_file(dirname(__FILE__).'/hooks/employees.state.csv')){
		$state_data = addslashes(implode('', @file(dirname(__FILE__).'/hooks/employees.state.csv')));
		$combo_state->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($state_data)));
		$combo_state->ListData = $combo_state->ListItem;
	}else{
		$combo_state->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("ALABAMA (AL);;ALASKA (AK);;AMERICAN SAMOA (AS);;ARIZONA (AZ);;ARKANSAS (AR);;CALIFORNIA (CA);;COLORADO (CO);;CONNECTICUT (CT);;DELAWARE (DE);;DISTRICT OF COLUMBIA (DC);;FEDERATED STATES OF MICRONESIA (FM);;FLORIDA (FL);;GEORGIA (GA);;GUAM (GU);;HAWAII (HI);;IDAHO (ID);;ILLINOIS (IL);;INDIANA (IN);;IOWA (IA);;KANSAS (KS);;KENTUCKY (KY);;LOUISIANA (LA);;MAINE (ME);;MARSHALL ISLANDS (MH);;MARYLAND (MD);;MASSACHUSETTS (MA);;MICHIGAN (MI);;MINNESOTA (MN);;MISSISSIPPI (MS);;MISSOURI (MO);;MONTANA (MT);;NEBRASKA (NE);;NEVADA (NV);;NEW HAMPSHIRE (NH);;NEW JERSEY (NJ);;NEW MEXICO (NM);;NEW YORK (NY);;NORTH CAROLINA (NC);;NORTH DAKOTA (ND);;NORTHERN MARIANA ISLANDS (MP);;OHIO (OH);;OKLAHOMA (OK);;OREGON (OR);;PALAU (PW);;PENNSYLVANIA (PA);;PUERTO RICO (PR);;RHODE ISLAND (RI);;SOUTH CAROLINA (SC);;SOUTH DAKOTA (SD);;TENNESSEE (TN);;TEXAS (TX);;UTAH (UT);;VERMONT (VT);;VIRGIN ISLANDS (VI);;VIRGINIA (VA);;WASHINGTON (WA);;WEST VIRGINIA (WV);;WISCONSIN (WI);;WYOMING (WY)")));
		$combo_state->ListData = $combo_state->ListItem;
	}
	$combo_state->SelectName = 'state';
	// combobox: hire_date
	$combo_hire_date = new DateCombo;
	$combo_hire_date->DateFormat = "mdy";
	$combo_hire_date->MinYear = 1900;
	$combo_hire_date->MaxYear = 2100;
	$combo_hire_date->DefaultDate = parseMySQLDate('1', '1');
	$combo_hire_date->MonthNames = $Translation['month names'];
	$combo_hire_date->NamePrefix = 'hire_date';

	if($selected_id){
		// mm: check member permissions
		if(!$arrPerm[2]){
			return "";
		}
		// mm: who is the owner?
		$ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='employees' and pkValue='".makeSafe($selected_id)."'");
		$ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='employees' and pkValue='".makeSafe($selected_id)."'");
		if($arrPerm[2]==1 && getLoggedMemberID()!=$ownerMemberID){
			return "";
		}
		if($arrPerm[2]==2 && getLoggedGroupID()!=$ownerGroupID){
			return "";
		}

		// can edit?
		if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){
			$AllowUpdate=1;
		}else{
			$AllowUpdate=0;
		}

		$res = sql("select * from `employees` where `id`='".makeSafe($selected_id)."'", $eo);
		if(!($row = db_fetch_array($res))){
			return error_message($Translation['No records found']);
		}
		$urow = $row; /* unsanitized data */
		$hc = new CI_Input();
		$row = $hc->xss_clean($row); /* sanitize data */
		$combo_state->SelectedData = $row['state'];
		$combo_hire_date->DefaultDate = $row['hire_date'];
	}else{
		$combo_state->SelectedText = ( $_REQUEST['FilterField'][1]=='6' && $_REQUEST['FilterOperator'][1]=='<=>' ? (get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1]) : "");
	}
	$combo_state->Render();

	ob_start();
	?>

	<script>
		// initial lookup values

		jQuery(function() {
		});
	</script>
	<?php

	$lookups = str_replace('__RAND__', $rnd1, ob_get_contents());
	ob_end_clean();


	// code for template based detail view forms

	// open the detail view template
	if($dvprint){
		$templateCode = @file_get_contents('./templates/employees_templateDVP.html');
	}else{
		$templateCode = @file_get_contents('./templates/employees_templateDV.html');
	}

	// process form title
	$templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Employee details', $templateCode);
	$templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
	$templateCode = str_replace('<%%EMBEDDED%%>', ($_REQUEST['Embedded'] ? 'Embedded=1' : ''), $templateCode);
	// process buttons
	if($AllowInsert){
		if(!$selected_id) $templateCode=str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return employees_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
		$templateCode=str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return employees_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
	}else{
		$templateCode=str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
	}

	// 'Back' button action
	if($_REQUEST['Embedded']){
		$backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;';
	}else{
		$backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
	}

	if($selected_id){
		if(!$_REQUEST['Embedded']) $templateCode=str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
		if($AllowUpdate){
			$templateCode=str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return employees_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
		}else{
			$templateCode=str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
		}
		if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
			$templateCode=str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
		}else{
			$templateCode=str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
		}
		$templateCode=str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
	}else{
		$templateCode=str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
		$templateCode=str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
		$templateCode=str_replace('<%%DESELECT_BUTTON%%>', ($ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : ''), $templateCode);
	}

	// set records to read only if user can't insert new records and can't edit current record
	if(($selected_id && !$AllowUpdate && !$AllowInsert) || (!$selected_id && !$AllowInsert)){
		$jsReadOnly .= "\tjQuery('#first').replaceWith('<div class=\"form-control-static\" id=\"first\">' + (jQuery('#first').val() || '') + '</div>');\n";
		$jsReadOnly .= "\tjQuery('#last').replaceWith('<div class=\"form-control-static\" id=\"last\">' + (jQuery('#last').val() || '') + '</div>');\n";
		$jsReadOnly .= "\tjQuery('#street_addr').replaceWith('<div class=\"form-control-static\" id=\"street_addr\">' + (jQuery('#street_addr').val() || '') + '</div>');\n";
		$jsReadOnly .= "\tjQuery('#city').replaceWith('<div class=\"form-control-static\" id=\"city\">' + (jQuery('#city').val() || '') + '</div>');\n";
		$jsReadOnly .= "\tjQuery('#state').replaceWith('<div class=\"form-control-static\" id=\"state\">' + (jQuery('#state').val() || '') + '</div>'); jQuery('#state-multi-selection-help').hide();\n";
		$jsReadOnly .= "\tjQuery('#hire_date').prop('readonly', true);\n";
		$jsReadOnly .= "\tjQuery('#hire_dateDay, #hire_dateMonth, #hire_dateYear').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
		$jsReadOnly .= "\tjQuery('.select2-container').hide();\n";

		$noUploads = true;
	}elseif($AllowInsert){
		$jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler
			$jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler
	}

	// process combos
	$templateCode=str_replace('<%%COMBO(state)%%>', $combo_state->HTML, $templateCode);
	$templateCode=str_replace('<%%COMBOTEXT(state)%%>', $combo_state->SelectedData, $templateCode);
	$templateCode=str_replace('<%%COMBO(hire_date)%%>', ($selected_id && !$arrPerm[3] ? '<div class="form-control-static">' . $combo_hire_date->GetHTML(true) . '</div>' : $combo_hire_date->GetHTML()), $templateCode);
	$templateCode=str_replace('<%%COMBOTEXT(hire_date)%%>', $combo_hire_date->GetHTML(true), $templateCode);

	/* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
	$lookup_fields = array();
	foreach($lookup_fields as $luf => $ptfc){
		$pt_perm = getTablePermissions($ptfc[0]);

		// process foreign key links
		if($pt_perm['view'] || $pt_perm['edit']){
			$templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-md" id="' . $ptfc[0] . '_view_parent" title="' . html_attr($Translation['View'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
		}

		// if user has insert permission to parent table of a lookup field, put an add new button
		if($pt_perm['insert'] && !$_REQUEST['Embedded']){
			$templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent hspacer-md" id="' . $ptfc[0] . '_add_new" title="' . html_attr($Translation['Add New'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
		}
	}

	// process images
	$templateCode=str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(first)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(last)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(street_addr)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(city)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(state)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(hire_date)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(notes)%%>', '', $templateCode);
	$templateCode=str_replace('<%%UPLOADFILE(last_update)%%>', '', $templateCode);

	// process values
	if($selected_id){
		$templateCode=str_replace('<%%VALUE(id)%%>', html_attr($row['id']), $templateCode);
		$templateCode=str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode);
		$templateCode=str_replace('<%%VALUE(first)%%>', html_attr($row['first']), $templateCode);
		$templateCode=str_replace('<%%URLVALUE(first)%%>', urlencode($urow['first']), $templateCode);
		$templateCode=str_replace('<%%VALUE(last)%%>', html_attr($row['last']), $templateCode);
		$templateCode=str_replace('<%%URLVALUE(last)%%>', urlencode($urow['last']), $templateCode);
		$templateCode=str_replace('<%%VALUE(street_addr)%%>', html_attr($row['street_addr']), $templateCode);
		$templateCode=str_replace('<%%URLVALUE(street_addr)%%>', urlencode($urow['street_addr']), $templateCode);
		$templateCode=str_replace('<%%VALUE(city)%%>', html_attr($row['city']), $templateCode);
		$templateCode=str_replace('<%%URLVALUE(city)%%>', urlencode($urow['city']), $templateCode);
		$templateCode=str_replace('<%%VALUE(state)%%>', html_attr($row['state']), $templateCode);
		$templateCode=str_replace('<%%URLVALUE(state)%%>', urlencode($urow['state']), $templateCode);
		$templateCode=str_replace('<%%VALUE(hire_date)%%>', @date('m/d/Y', @strtotime(html_attr($row['hire_date']))), $templateCode);
		$templateCode=str_replace('<%%URLVALUE(hire_date)%%>', urlencode(@date('m/d/Y', @strtotime(html_attr($urow['hire_date'])))), $templateCode);
		if($AllowUpdate || $AllowInsert){
			$templateCode = str_replace('<%%HTMLAREA(notes)%%>', '<textarea name="notes" id="notes" rows="5">' . html_attr($row['notes']) . '</textarea>', $templateCode);
		}else{
			$templateCode = str_replace('<%%HTMLAREA(notes)%%>', '<div id="notes" class="form-control-static">' . $row['notes'] . '</div>', $templateCode);
		}
		$templateCode=str_replace('<%%VALUE(notes)%%>', nl2br($row['notes']), $templateCode);
		$templateCode=str_replace('<%%URLVALUE(notes)%%>', urlencode($urow['notes']), $templateCode);
		$templateCode=str_replace('<%%VALUE(last_update)%%>', html_attr($row['last_update']), $templateCode);
		$templateCode=str_replace('<%%URLVALUE(last_update)%%>', urlencode($urow['last_update']), $templateCode);
	}else{
		$templateCode=str_replace('<%%VALUE(id)%%>', '', $templateCode);
		$templateCode=str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode);
		$templateCode=str_replace('<%%VALUE(first)%%>', '', $templateCode);
		$templateCode=str_replace('<%%URLVALUE(first)%%>', urlencode(''), $templateCode);
		$templateCode=str_replace('<%%VALUE(last)%%>', '', $templateCode);
		$templateCode=str_replace('<%%URLVALUE(last)%%>', urlencode(''), $templateCode);
		$templateCode=str_replace('<%%VALUE(street_addr)%%>', '', $templateCode);
		$templateCode=str_replace('<%%URLVALUE(street_addr)%%>', urlencode(''), $templateCode);
		$templateCode=str_replace('<%%VALUE(city)%%>', '', $templateCode);
		$templateCode=str_replace('<%%URLVALUE(city)%%>', urlencode(''), $templateCode);
		$templateCode=str_replace('<%%VALUE(state)%%>', '', $templateCode);
		$templateCode=str_replace('<%%URLVALUE(state)%%>', urlencode(''), $templateCode);
		$templateCode=str_replace('<%%VALUE(hire_date)%%>', '1', $templateCode);
		$templateCode=str_replace('<%%URLVALUE(hire_date)%%>', urlencode('1'), $templateCode);
		$templateCode=str_replace('<%%HTMLAREA(notes)%%>', '<textarea name="notes" id="notes" rows="5"></textarea>', $templateCode);
		$templateCode=str_replace('<%%VALUE(last_update)%%>', 'Timestamp: <%%editingDateTime%%> | User: <%%editorUsername%%> | IP: <%%editorIP%%>', $templateCode);
		$templateCode=str_replace('<%%URLVALUE(last_update)%%>', urlencode('Timestamp: <%%editingDateTime%%> | User: <%%editorUsername%%> | IP: <%%editorIP%%>'), $templateCode);
	}

	// process translations
	foreach($Translation as $symbol=>$trans){
		$templateCode=str_replace("<%%TRANSLATION($symbol)%%>", $trans, $templateCode);
	}

	// clear scrap
	$templateCode=str_replace('<%%', '<!-- ', $templateCode);
	$templateCode=str_replace('%%>', ' -->', $templateCode);

	// hide links to inaccessible tables
	if($_REQUEST['dvprint_x'] == ''){
		$templateCode .= "\n\n<script>\$j(function(){\n";
		$arrTables = getTableList();
		foreach($arrTables as $name => $caption){
			$templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
			$templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
		}

		$templateCode .= $jsReadOnly;
		$templateCode .= $jsEditable;

		if(!$selected_id){
		}

		$templateCode.="\n});</script>\n";
	}

	// ajaxed auto-fill fields
	$templateCode .= '<script>';
	$templateCode .= '$j(function() {';


	$templateCode.="});";
	$templateCode.="</script>";
	$templateCode .= $lookups;

	// handle enforced parent values for read-only lookup fields

	// don't include blank images in lightbox gallery
	$templateCode = preg_replace('/blank.gif" data-lightbox=".*?"/', 'blank.gif"', $templateCode);

	// don't display empty email links
	$templateCode=preg_replace('/<a .*?href="mailto:".*?<\/a>/', '', $templateCode);

	// hook: employees_dv
	if(function_exists('employees_dv')){
		$args=array();
		employees_dv(($selected_id ? $selected_id : FALSE), getMemberInfo(), $templateCode, $args);
	}

	return $templateCode;
}
?>