/** * give creates the form to give an inventoryitem to somebody else * * @param int $did entry-id for the inventoryitem * @return string html-string with the form */ private function give($did) { // check rights if (Rights::check_rights($did, 'inventory')) { // pagecaption $this->tpl->assign('pagecaption', parent::lang('class.InventoryView#page#caption#give')); // get inventory-object $inventory = new Inventory($did); // check owned if ($inventory->get_owned() == 'taken') { // smarty-template $sG = new JudoIntranetSmarty(); // prepare return $return = ''; // get preset $preset = $inventory->get_preset(); // get fields $fields = $preset->get_fields(); // add headline $sG->assign('caption', parent::lang('class.InventoryView#give#page#headline') . ': ' . $inventory->get_name() . ' (' . $inventory->get_inventory_no() . ')'); // add accessory info $sG->assign('inventoryinfo', parent::lang('class.InventoryView#give#page#accessory.required')); // formular $form = new HTML_QuickForm2('inventory_give', 'post', array('name' => 'inventory_give', 'action' => 'inventory.php?id=give&did=' . $this->get('did'))); // renderer $renderer = HTML_QuickForm2_Renderer::factory('default'); $renderer->setOption('required_note', parent::lang('class.InventoryView#entry#form#requiredNote')); // add user-selection // get users $users_options = array('--'); $users = $_SESSION['user']->return_all_users(array($_SESSION['user']->get_userinfo('username'))); foreach ($users as $user) { // put id and name in options-array $users_options[$user->get_userinfo('username')] = $user->get_userinfo('name'); } // remove admin unset($users_options['admin']); $give_to = $form->addElement('select', 'give_to', array()); $give_to->setLabel(parent::lang('class.InventoryView#give#page#objectinfo.head') . $inventory->get_name() . ' (' . $inventory->get_inventory_no() . ')' . parent::lang('class.InventoryView#give#page#objectinfo.tail') . ':'); $give_to->loadOptions($users_options); $give_to->addRule('required', parent::lang('class.InventoryView#entry#rule#required.give_to')); $give_to->addRule('callback', parent::lang('class.InventoryView#entry#rule#check.give_to'), array($this, 'callback_check_select')); // generate field-quickform and add to form foreach ($fields as $field) { // generate quickform $field->read_quickform(); // add to form $form->appendChild($field->get_quickform()); } // submit-button $form->addSubmit('submit', array('value' => parent::lang('class.InventoryView#give#form#submitButton'))); // validate if ($form->validate()) { // values $values = $form->getValue(); // get user $givento_user = new User(); $givento_user->change_user($values['give_to'], false); // write to db $insert_id = $this->movement_to_db('given', $inventory->get_id(), $givento_user->userid()); // accessory to db $this->values_to_db($insert_id, $fields, $values); // headline $sG->assign('action', $inventory->get_name() . ' (' . $inventory->get_inventory_no() . ')' . parent::lang('class.InventoryView#give#page#headline.givento') . $givento_user->get_userinfo('name')); // accessory $sG->assign('accessoryaction', parent::lang('class.InventoryView#give#page#accessory.given')); // walk through fields $data = array(); foreach ($fields as $field) { // check value if (isset($values['inventory-' . $field->get_id()])) { $field_value = $values['inventory-' . $field->get_id()]; } else { $field_value = 0; } // return field and value as HTML $field->value($field_value); $data[] = $field->value_to_html(); } $sG->assign('form', ''); $sG->assign('data', $data); } else { $sG->assign('form', $form->render($renderer)); } // return return $sG->fetch('smarty.inventory.takegive.tpl'); } else { // error $errno = $GLOBALS['Error']->error_raised('NotOwned', $this->get('id'), $did); $GLOBALS['Error']->handle_error($errno); return $GLOBALS['Error']->to_html($errno); } } else { // error $errno = $GLOBALS['Error']->error_raised('NotAuthorized', $this->get('id'), $did); $GLOBALS['Error']->handle_error($errno); return $GLOBALS['Error']->to_html($errno); } }
<span class="glyphicon glyphicon-remove"></span> Cancel </a> </div> </h1> <hr /> </div> <div class="col-sm-12"> <div class="row"> <div class="col-sm-6"> <div class="form-group"> <label>Userid</label> <input type="text" name="userid" class="form-control" value="<?php echo User::userid($_GET['id']); ?> "> <small>Only Admin can edit userid</small> </div> </div> <div class="col-sm-6"> <div class="form-group"> <label>Email</label> <input type="text" name="email" class="form-control" value="<?php echo User::email($_GET['id']); ?> "> <small>Email must be different with another.</small> </div> </div>
} $data['usr'] = Db::result("SELECT * FROM `user` ORDER BY `userid` ASC LIMIT 10"); $data['num'] = Db::$num_rows; Theme::admin('header', $data); System::inc('user', $data); Theme::admin('footer'); break; case 'inactive': if (!isset($_GET['token']) || !Token::isExist($_GET['token'])) { // VALIDATE ALL $data['alertred'][] = TOKEN_NOT_EXIST; } else { if (User::deactivate($_GET['id'])) { $data['alertgreen'][] = USER . " " . User::userid($_GET['id']) . "" . MSG_USER_DEACTIVATED; } else { $data['alertred'][] = USER . " " . User::userid($_GET['id']) . "" . MSG_USER_DEACTIVATION_FAIL; } } if (isset($_GET['token'])) { Token::remove($_GET['token']); } $data['usr'] = Db::result("SELECT * FROM `user` ORDER BY `userid` ASC LIMIT 10"); $data['num'] = Db::$num_rows; Theme::admin('header', $data); System::inc('user', $data); Theme::admin('footer'); break; default: # code... $data[] = ""; switch (isset($_POST['adduser'])) {