| Server IP : 103.119.228.120 / Your IP : 18.188.140.232 Web Server : Apache System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64 User : nobody ( 99) PHP Version : 5.6.40 Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/share/awl/inc/ |
Upload File : |
<?php
/**
* Classes to handle entry and viewing of field-based data.
*
* @package awl
* @subpackage DataEntry
* @author Andrew McMillan <andrew@mcmillan.net.nz>
* @copyright Catalyst IT Ltd, Morphoss Ltd <http://www.morphoss.com/>
* @license http://gnu.org/copyleft/gpl.html GNU GPL v2
*/
require_once("AWLUtilities.php");
/**
* Individual fields used for data entry / viewing.
*
* This object is not really intended to be used directly. The more normal
* interface is to instantiate an {@link EntryForm} and then issue calls
* to {@link DataEntryLine()} and other {@link EntryForm} methods.
*
* Understanding the operation of this class (and possibly auditing the source
* code, particularly {@link EntryField::Render}) will however convey valuable
* understanding of some of the more
* esoteric features.
*
* @todo This class doesn't really provide a huge amount of utility between construct
* and render, but there must be good things possible there. Perhaps one EntryField
* is created and used repeatedly as a template (e.g.). That might be useful to
* support... Why is this a Class anyway? Maybe we should have just done half a
* dozen functions (one per major field type) and just used those... Maybe we should
* build a base class for this and extend it to make EntryField in a better way.
*
* EntryField is only useful at present if you desperately want to use it's simple
* field interface, but want to intimately control the layout (or parts of the layout),
* otherwise you should be using {@link EntryForm} as the main class.
*
* @package awl
*/
class EntryField
{
/**#@+
* @access private
*/
/**
* The name of the field
* @var string
*/
var $fname;
/**
* The type of entry field
* @var string
*/
var $ftype;
/**#@-*/
/**#@+
* @access public
*/
/**
* The current value
* @var string
*/
var $current;
/**
* An array of key value pairs
* @var string
*/
var $attributes;
/**
* Once it actually is...
* @var string
*/
var $rendered;
/**#@-*/
/**
* Initialise an EntryField, used for data entry.
*
* The following types of fields are possible:
* <ul>
* <li>select - Will display a select list of the keys/values in $attributes where the
* key starts with an underscore. The key will have the '_' removed before being used
* as the key in the list. All the $attributes with keys not beginning with '_' will
* be used in the normal manner as HTML attributes within the <select ...> tag.</li>
* <li>lookup - Will display a select list of values from the database.
* If $attributes defines a '_sql' attibute then that will be used to make
* the list, otherwise the database values will be from the 'codes' table
* as in "SELECT code_id, code_value FROM codes WHERE code_type = '_type' ORDER BY code_seq, code_id"
* using the value of $attributes['_type'] as the code_type.</li>
* <li>date - Will be a text field, expecting a date value which might be
* javascript validated at some point in the future.</li>
* <li>checkbox - Will display a checkbox for an on-off value.</li>
* <li>textarea - Will display an HTML textarea.</li>
* <li>file - Will display a file browse / enter field.</li>
* <li>button - Will display a button field.</li>
* <li>password - Password entry. This will display entered data as asterisks.</li>
* </ul>
*
* The $attributes array is useful to set specific HTML attributes within the HTML tag
* used for the entry field however $attribute keys named starting with an underscore ('_')
* affect the field operation rather than the HTML. For the 'select' field type, these are
* simply used as the keys / values for the selection (with the '_' removed), but other
* cases are more complex:
* <ul>
* <li>_help - While this will be ignored by the EntryField::Render() method the _help
* should be assigned (or will be assigned the same value as the 'title' attribute) and
* will (depending on the data-entry line format in force) be displayed as help for the
* field by the EntryForm::DataEntryLine() method.</li>
* <li>_sql - When used in a 'lookup' field this controls the SQL to return keys/values
* for the list. The actual SQL should return two columns, the first will be used for
* the key and the second for the displayed value.</li>
* <li>_type - When used in a 'lookup' field this defines the codes type used.</li>
* <li>_null - When used in a 'lookup' field this will control the description for an
* option using a '' key value which will precede the list of values from the database.</li>
* <li>_zero - When used in a 'lookup' field this will control the description for an
* option using a '0' key value which will precede the list of values from the database.</li>
* <li>_label - When used in a 'radio' or 'checkbox' field this will wrap the field
* with an HTML label tag as <label ...><input field...>$attributes['_label']</label></li>
* <li> - </li>
* </ul>
*
* @param text $intype The type of field:
* select | lookup | date | checkbox | textarea | file | button | password
* (anything else is dealt with as "text")
*
* @param text $inname The name of the field.
*
* @param text $attributes An associative array of extra attributes to be applied
* to the field. Optional, but generally important. Some $attribute keys have
* special meaning, while others are simply added as HTML attributes to the field.
*
* @param text $current_value The current value to use to initialise the
* field. Optional.
*/
function __construct( $intype, $inname, $attributes="", $current_value="" )
{
$this->ftype = $intype;
$this->fname = $inname;
$this->current = $current_value;
if ( isset($this->{"new_$intype"}) && function_exists($this->{"new_$intype"}) ) {
// Optionally call a function within this object called "new_<intype>" for setup
$this->{"new_$intype"}( $attributes );
}
else if ( is_array($attributes) ) {
$this->attributes = $attributes;
}
else {
}
$this->rendered = "";
}
/**
* Render an EntryField into HTML
* @see EntryField::EntryField(), EntryForm::DataEntryLine()
*
* @return text An HTML fragment for the data-entry field.
*/
function Render() {
global $session;
$r = "<";
dbg_error_log( "EntryField", ":Render: Name: %s, Type: %s, Current: %s", $this->fname, $this->ftype, $this->current );
$size = "";
switch ( $this->ftype ) {
case "select":
$r .= "select name=\"$this->fname\"%%attributes%%>";
reset( $this->attributes );
foreach( $this->attributes as $k => $v ) {
if ( substr($k, 0, 1) != '_' ) continue;
if ( $k == '_help' ) continue;
$k = substr($k,1);
$r .= "<option value=\"".htmlspecialchars($k)."\"";
if ( "$this->current" == "$k" ) $r .= " selected";
$r .= ">$v</option>" ;
}
$r .= "</select>";
break;
case "lookup":
$r .= "select name=\"$this->fname\"%%attributes%%>";
reset( $this->attributes );
foreach( $this->attributes as $k => $v ) {
if ( substr($k, 0, 1) != '_' ) continue;
$k = substr($k,1);
if ( $k == 'help' || $k == "sql" || $k == "type" ) continue;
if ( $k == "null" ) $k = "";
if ( $k == "zero" ) $k = "0";
$r .= "<option value=\"".htmlspecialchars($k)."\"";
if ( "$this->current" == "$k" ) $r .= " selected";
$r .= ">$v</option>" ;
}
if ( isset($this->attributes["_sql"]) ) {
$qry = new PgQuery( $this->attributes["_sql"] );
}
else {
$qry = new PgQuery( "SELECT code_id, code_value FROM codes WHERE code_type = ? ORDER BY code_seq, code_id", $this->attributes['_type'] );
}
$r .= EntryField::BuildOptionList( $qry, $this->current, "rndr:$this->fname", array('translate'=>1) );
$r .= "</select>";
break;
case "date":
case "timestamp":
$size = '';
if ( !isset($this->attributes['size']) || $this->attributes['size'] == "" ) $size = " size=" . ($this->ftype == 'date' ? "12" : "18");
$r .= "input type=\"text\" name=\"$this->fname\"$size value=\"".$session->FormattedDate(htmlspecialchars($this->current))."\"%%attributes%%>";
break;
case "checkbox":
// We send a hidden field with a false value, which will be overridden by the real
// field with a true value (if true) or not overridden (if false).
$r .= "input type=\"hidden\" name=\"$this->fname\" value=\"off\"><";
case "radio":
$checked = "";
if ( $this->current === true || $this->current == 't' || intval($this->current) == 1 || $this->current == 'on'
|| (isset($this->attributes['value']) && $this->current == $this->attributes['value'] ) )
$checked = " checked";
$id = "id_$this->fname" . ( $this->ftype == "radio" ? "_".$this->attributes['value'] : "");
if ( isset($this->attributes['_label']) ) {
$r .= "label for=\"$id\"";
if ( isset($this->attributes['class']) )
$r .= ' class="'. $this->attributes['class'] . '"';
$r .= "><";
}
$r .= "input type=\"$this->ftype\" name=\"$this->fname\" id=\"$id\"$checked%%attributes%%>";
if ( isset($this->attributes['_label']) ) {
$r .= " " . $this->attributes['_label'];
$r .= "</label>";
}
break;
case "button":
$r .= "input type=\"button\" name=\"$this->fname\"%%attributes%%>";
break;
case "submit":
$r .= "input type=\"submit\" name=\"$this->fname\" value=\"".htmlspecialchars($this->current)."\"%%attributes%%>";
break;
case "textarea":
$r .= "textarea name=\"$this->fname\"%%attributes%%>$this->current</textarea>";
break;
case "file":
if ( !isset($this->attributes['size']) || $this->attributes['size'] == "" ) $size = " size=25";
$r .= "input type=\"file\" name=\"$this->fname\"$size value=\"".htmlspecialchars($this->current)."\"%%attributes%%>";
break;
case "password":
$r .= "input type=\"password\" name=\"$this->fname\" value=\"".htmlspecialchars($this->current)."\"%%attributes%%>";
break;
default:
$r .= "input type=\"text\" name=\"$this->fname\" value=\"".htmlspecialchars($this->current)."\"%%attributes%%>";
break;
}
// Now process the generic attributes
reset( $this->attributes );
$attribute_values = "";
foreach( $this->attributes as $k => $v ) {
if ( $k == '_readonly' ) $attribute_values .= " readonly";
else if ( $k == '_disabled' ) $attribute_values .= " disabled";
if ( substr($k, 0, 1) == '_' ) continue;
$attribute_values .= " $k=\"".htmlspecialchars($v)."\"";
}
$r = str_replace( '%%attributes%%', $attribute_values, $r );
$this->rendered = $r;
return $r;
}
/**
* Function called indirectly when a new EntryField of type 'lookup' is created.
* @param array $attributes The attributes array that was passed in to the new EntryField()
* constructor.
*/
function new_lookup( $attributes ) {
$this->attributes = $attributes;
}
/**
* Build an option list from the query.
* @param string $current Default selection of drop down box (optional)
* @param string $location for debugging purposes
* @param array $parameters an array further parameters, including 'maxwidth' => 20 to set a maximum width
* @return string Select box HTML
*/
static function BuildOptionList( $qry, $current = '', $location = 'options', $parameters = false ) {
global $debuggroups;
$result = '';
$translate = false;
if ( isset($maxwidth) ) unset($maxwidth);
if ( is_array($parameters) ) {
if ( isset($parameters['maxwidth']) ) $maxwidth = max(4,intval($parameters['maxwidth']));
if ( isset($parameters['translate']) ) $translate = true;
}
// The query may not have already been executed
if ( $qry->rows() > 0 || $qry->Exec($location) ) {
while( $row = $qry->Fetch(true) )
{
if (is_array($current)) {
$selected = ( ( in_array($row[0],$current,true) || in_array($row[1],$current,true)) ? ' selected="selected"' : '' );
}
else {
$selected = ( ( "$row[0]" == "$current" || "$row[1]" == "$current" ) ? ' selected="selected"' : '' );
}
$display_value = $row[1];
if ( isset($translate) ) $display_value = translate( $display_value );
if ( isset($maxwidth) ) $display_value = substr( $display_value, 0, $maxwidth);
$nextrow = "<option value=\"".htmlspecialchars($row[0])."\"$selected>".htmlspecialchars($display_value)."</option>";
$result .= $nextrow;
}
}
return $result;
}
}
/**
* A class to handle displaying a form on the page (for editing) or a structured
* layout of non-editable content (for viewing), with a simple switch to flip from
* view mode to edit mode.
*
* @package awl
*/
class EntryForm
{
/**#@+
* @access private
*/
/**
* The submit action for the form
* @var string
*/
var $action;
/**
* The record that the form is dealing with
* @var string
*/
var $record;
/**
* Whether we are editing, or not
* @var string
*/
var $EditMode;
/**
* The name of the form
* @var string
*/
var $name;
/**
* The CSS class of the form
* @var string
*/
var $class;
/**
* Format string for lines that are breaks in the data entry field groupings
* @var string
*/
var $break_line_format;
/**
* Format string for normal data entry field lines.
* @var string
*/
var $table_line_format;
/**
* Format string that has been temporarily saved so we can restore it later
* @var string
*/
var $saved_line_format;
/**#@-*/
/**
* Initialise a new data-entry form.
* @param string $action The action when the form is submitted.
* @param objectref $record A reference to the database object we are displaying / editing.
* @param boolean $editmode Whether we are editing.
*/
function __construct( $action, &$record, $editing=false )
{
$this->action = $action;
$this->record = &$record;
$this->EditMode = $editing;
$this->break_line_format = '<tr><th class="ph" colspan="2">%s</th></tr>'."\n";
$this->table_line_format = '<tr><th class="prompt">%s</th><td class="entry">%s<span class="help">%s</span></td></tr>'."\n";
}
/**
* Initialise some more of the forms fields, possibly with a prefix
* @param objectref $record A reference to the database object we are displaying / editing.
* @param string $prefix A prefix to prepend to the field name.
*/
function PopulateForm( &$record, $prefix="" )
{
foreach( $record AS $k => $v ) {
$this->record->{"$prefix$k"} = $v;
}
}
/**
* Set the line format to have no help display
*/
function NoHelp( ) {
$this->break_line_format = '<tr><th class="ph" colspan="2">%s</th></tr>'."\n";
$this->table_line_format = '<tr><th class="prompt">%s</th><td class="entry">%s</td></tr>'."\n";
}
/**
* Set the line format to have help displayed in the same cell as the entry field.
*/
function HelpInLine( ) {
$this->break_line_format = '<tr><th class="ph" colspan="2">%s</th></tr>'."\n";
$this->table_line_format = '<tr><th class="prompt">%s</th><td class="entry">%s<span class="help">%s</span></td></tr>'."\n";
}
/**
* Set the line format to have help displayed in it's own separate cell
*/
function HelpInCell( ) {
$this->break_line_format = '<tr><th class="ph" colspan="3">%s</th></tr>'."\n";
$this->table_line_format = '<tr><th class="prompt">%s</th><td class="entry">%s</td><td class="help">%s</td></tr>'."\n";
}
/**
* Set the line format to an extremely simple CSS based prompt / field layout.
*/
function SimpleForm( $new_format = '<span class="prompt">%s:</span> <span class="entry">%s</span>' ) {
$this->break_line_format = '%s'."\n";
$this->table_line_format = $new_format."\n";
}
/**
* Set the line format to a temporary one that we can revert from.
* @param string $new_format The (optional) new format we will temporarily use.
*/
function TempLineFormat( $new_format = '<span class="prompt">%s:</span> <span class="entry">%s</span>' ) {
$this->saved_line_format = $this->table_line_format;
$this->table_line_format = $new_format ."\n";
}
/**
* Revert the line format to what was in place before the last TempLineFormat call.
*/
function RevertLineFormat( ) {
if ( isset($this->saved_line_format) ) {
$this->table_line_format = $this->saved_line_format;
}
}
/**
* Start the actual HTML form. Return the fragment to do this.
* @param array $extra_attributes Extra key/value pairs for the FORM tag.
* @return string The HTML fragment for the start of the form.
*/
function StartForm( $extra_attributes='' ) {
if ( !is_array($extra_attributes) && $extra_attributes != '' ) {
list( $k, $v ) = explode( '=', $extra_attributes );
$extra_attributes = array( $k => $v );
}
$extra_attributes['action'] = $this->action;
if ( !isset($extra_attributes['method']) ) $extra_attributes['method'] = 'post';
if ( strtolower($extra_attributes['method']) != 'get' )
if ( !isset($extra_attributes['enctype']) ) $extra_attributes['enctype'] = 'multipart/form-data';
if ( !isset($extra_attributes['name']) ) $extra_attributes['name'] = 'form';
if ( !isset($extra_attributes['class']) ) $extra_attributes['class'] = 'formdata';
if ( !isset($extra_attributes['id']) ) $extra_attributes['id'] = $extra_attributes['name'];
// Now process the generic attributes
reset( $extra_attributes );
$attribute_values = "";
foreach( $extra_attributes as $k => $v ) {
$attribute_values .= " $k=\"".htmlspecialchars($v)."\"";
}
return "<form$attribute_values>\n";
}
/**
* Return the HTML fragment to end the form.
* @return string The HTML fragment to end the form.
*/
function EndForm( ) {
return "</form>\n";
}
/**
* A utility function for a heading line within a data entry table
* @return string The HTML fragment to end the form.
*/
function BreakLine( $text = '' )
{
return sprintf( $this->break_line_format, translate($text));
}
/**
* A utility function for a hidden field within a data entry table
*
* @param string $fname The name of the field.
* @param string $fvalue The value of the field.
* @return string The HTML fragment for the hidden field.
*/
function HiddenField($fname,$fvaluei,$fid = null) {
return sprintf( '<input type="hidden" name="%s" value="%s" %s/>%s', $fname,
htmlspecialchars($fvalue), (isset($id) ? 'id="$id" ' : ''), "\n" );
}
/**
* Internal function for parsing the type extra on a field.
*
* If the '_help' attribute is not set it will be assigned the value of
* the 'title' attribute, if there is one.
*
* If the 'class' attribute is not set it will be assigned to 'flookup',
* 'fselect', etc, according to the field type.
* @static
* @return string The parsed type extra.
*/
function _ParseAttributes( $ftype = '', $attributes = '' ) {
if ( !is_array($attributes) ) {
if ( strpos( $attributes, '=' ) === false ) {
$attributes = array();
}
else {
list( $k, $v ) = explode( '=', $attributes );
$attributes = array( $k => $v );
}
}
// Default the help to the title, or to blank
if ( !isset($attributes['_help']) ) {
$attributes['_help'] = "";
if ( isset($attributes['title']) )
$attributes['_help'] = $attributes['title'];
}
// Default the style to fdate, ftext, fcheckbox etc.
if ( !isset($attributes['class']) ) {
$attributes['class'] = "f$ftype";
}
return $attributes;
}
/**
* A utility function for a data entry line within a table
* @return string The HTML fragment to display the data entry field
*/
function DataEntryField( $format, $ftype='', $base_fname='', $attributes='', $prefix='' )
{
global $session;
if ( ($base_fname == '' || $ftype == '') ) {
// Displaying never-editable values
return $format;
}
$fname = $prefix . $base_fname;
dbg_error_log( "DataEntry", ":DataEntryField: fmt='%s', fname='%s', fvalue='%s'", $format, $fname, (isset($this->record->{$fname})?$this->record->{$fname}:'value not set') );
if ( !$this->EditMode ) {
/** For some forms we prefix the field name with xxxx so it doesn't collide with the real DB field name. */
if ( !isset($this->record->{$fname}) && substr($fname,0,4) == 'xxxx' && isset($this->record->{substr($fname,4)}) )
$fname = substr($fname,4);
if ( !isset($this->record->{$fname}) ) return '';
/** If it is a date, then format it according to the current user's date format type */
if ($ftype == "date" || $ftype == "timestamp")
return sprintf($format, $session->FormattedDate($this->record->{$fname}) );
dbg_error_log( "DataEntry", ":DataEntryField: fmt='%s', fname='%s', fvalue='%s'", $format, $fname, (isset($this->record->{$fname})?$this->record->{$fname}:'value not set') );
return sprintf($format, $this->record->{$fname} );
}
$currval = '';
// Get the default value, preferably from $_POST
if ( preg_match("/^(.+)\[(.+)\]$/", $fname, $parts) ) {
$p1 = $parts[1];
$p2 = $parts[2];
@dbg_error_log( "DataEntry", ":DataEntryField: fname=%s, p1=%s, p2=%s, POSTVAL=%s, \$this->record->{'%s'}['%s']=%s",
$fname, $p1, $p2, $_POST[$p1][$p2], $p1, $p2, $this->record->{"$p1"}["$p2"] );
// @todo This could be changed to handle more dimensions on submitted variable names
if ( isset($_POST[$p1]) ) {
if ( isset($_POST[$p1][$p2]) ) {
$currval = $_POST[$p1][$p2];
}
}
else if ( isset($this->record) && is_object($this->record)
&& isset($this->record->{"$p1"}["$p2"])
) {
$currval = $this->record->{"$p1"}["$p2"];
}
}
else {
if ( isset($_POST[$fname]) ) {
$currval = $_POST[$fname];
}
else if ( isset($this->record) && is_object($this->record) && isset($this->record->{"$base_fname"}) ) {
$currval = $this->record->{"$base_fname"};
}
else if ( isset($this->record) && is_object($this->record) && isset($this->record->{"$fname"}) ) {
$currval = $this->record->{"$fname"};
}
}
if ( $ftype == "date" ) $currval = $session->FormattedDate($currval);
else if ( $ftype == "timestamp" ) $currval = $session->FormattedDate($currval, $ftype);
// Now build the entry field and render it
$field = new EntryField( $ftype, $fname, $this->_ParseAttributes($ftype,$attributes), $currval );
return $field->Render();
}
/**
* A utility function for a submit button within a data entry table
* @return string The HTML fragment to display a submit button for the form.
*/
function SubmitButton( $fname, $fvalue, $attributes = '' )
{
$field = new EntryField( 'submit', $fname, $this->_ParseAttributes('submit', $attributes), $fvalue );
return $field->Render();
}
/**
* A utility function for a data entry line within a table
* @return string The HTML fragment to display the prompt and field.
*/
function DataEntryLine( $prompt, $field_format, $ftype='', $fname='', $attributes='', $prefix = '' )
{
$attributes = $this->_ParseAttributes( $ftype, $attributes );
return sprintf( $this->table_line_format, $prompt,
$this->DataEntryField( $field_format, $ftype, $fname, $attributes, $prefix ),
$attributes['_help'] );
}
/**
* A utility function for a data entry line, where the prompt is a drop-down.
* @return string The HTML fragment for the drop-down prompt and associated entry field.
*/
function MultiEntryLine( $prompt_options, $prompt_name, $default_prompt, $format, $ftype='', $fname='', $attributes='', $prefix )
{
$prompt = "<select name=\"$prompt_name\">";
reset($prompt_options);
foreach( $prompt_options as $k => $v ) {
$selected = ( ( $k == $default_prompt ) ? ' selected="selected"' : '' );
$nextrow = "<option value=\"$k\"$selected>$v</option>";
if ( preg_match('/&/', $nextrow) ) $nextrow = preg_replace( '/&/', '&', $nextrow);
$prompt .= $nextrow;
}
$prompt .= "</select>";
return $this->DataEntryLine( $prompt, $format, $ftype, $fname, $attributes, $prefix );
}
}