Beispiel #1
 function preprocess()
     global $FANNIE_URL;
     $this->uid = ltrim(FannieAuth::getUID($this->current_user), "0");
     $this->title = "Cal";
     $this->header = "Calendars";
     $plugin = new CalendarPlugin();
     $this->add_script($FANNIE_URL . 'src/javascript/jquery.js');
     $this->add_script($FANNIE_URL . 'src/javascript/jquery-ui.js');
     $this->add_script($plugin->pluginURL() . '/javascript/calendar.js');
     $this->add_script($plugin->pluginURL() . '/javascript/ajax.js');
     $view = FormLib::get_form_value('view', 'index');
     if (FormLib::get('calID') === '') {
         $view = 'index';
     if ($view == 'month') {
         $this->window_dressing = False;
     } else {
         $this->add_css_file($FANNIE_URL . 'src/javascript/jquery-ui.css');
     if (file_exists(dirname(__FILE__) . '/css/' . $view . '.css')) {
         $this->add_css_file($plugin->pluginURL() . '/css/' . $view . '.css');
     return True;
Beispiel #2
 function preprocess()
     if (!isset($FANNIE_PLUGIN_LIST) || !in_array('CoopCred', $FANNIE_PLUGIN_LIST)) {
         $this->errors .= _("Error: The Coop Cred Plugin is not enabled.");
         return True;
     if (!array_key_exists('CoopCredDatabase', $FANNIE_PLUGIN_SETTINGS) || $FANNIE_PLUGIN_SETTINGS['CoopCredDatabase'] == "") {
         $this->errors .= _("Error: Coop Cred Database not named in Plugin Settings.");
         return True;
     /* Get values from the Whole-Project (Plugin) config table.
     $this->first = 0;
     if (FormLib::get_form_value('action') == '') {
         $dbc = FannieDB::get($FANNIE_PLUGIN_SETTINGS['CoopCredDatabase']);
         $config = new CCredConfigModel($dbc);
         $id = FormLib::get_form_value('configno') != '' ? (int) FormLib::get_form_value('configno') : 1;
         if (!$config->load()) {
             // Create the initial config record with default values.
             $saved = $config->save();
             if ($saved === False) {
                 $this->errors .= _("Error: Could not create initial " . "Coop Cred configuration record.");
                 return True;
         $this->first = 1;
     $this->authUserNumber = 0;
     $authName = FannieAuth::checkLogin();
     if (!($authName == 'null' || $authName == 'init' || $authName == False)) {
         $this->authUserNumber = FannieAuth::getUID($authName);
     /* The first (unless this is an update) time proceed directly to edit.
     if ($this->first) {
         return True;
     /* Support ajax calls to this program.
      * If there is a form submission with an action go do it.
      * The form submission may be via AJAX instead of <form ...>
      *  with action= in the query string with other parameters.
     if (FormLib::get_form_value('action') !== '') {
         /* How to handle errors/problems esp. in save?
          * Possibly code readinessCheck()
         return False;
     /* If the call was not by form, e.g. from the initial menu
      * or the <form action=> is '' (when does that happen?)
      * FanniePage::draw_page() continues to $this->body_content()
      *  which returns the the program-select form.
     return True;
     // preprocess()
Beispiel #3
 public function preprocess()
     $this->empID = FormLib::get('id');
     if ($this->empID === '' || !is_numeric($this->empID)) {
         $this->empID = FannieAuth::getUID($this->current_user);
     if (!FannieAuth::validateUserQuiet('view_all_hours')) {
         /* see if logged in user has access to any
               department. if so, see if the selected employee
               is in that department
         $validated = false;
         $depts = array(10, 11, 12, 13, 20, 21, 30, 40, 41, 50, 60, 998);
         $sql = WfcHtLib::hours_dbconnect();
         $checkQ = $sql->prepare_statement("select department from employees where empID=?");
         $checkR = $sql->exec_statement($checkQ, array($this->empID));
         $checkW = $sql->fetch_row($checkR);
         if (FannieAuth::validateUserQuiet('view_all_hours', $checkW['department'])) {
             $validated = true;
         /* no access permissions found, so only allow the
               logged in user to see themself
         if (!$validated) {
             $this->empID = FannieAuth::getUID($this->current_user);
     $sql = WfcHtLib::hours_dbconnect();
     $deptQ = $sql->prepare_statement("select department from employees where empID=?");
     $deptR = $sql->exec_statement($deptQ, array($this->empID));
     $deptW = $sql->fetch_row($deptR);
     if ($deptW['department'] < 998) {
         header("Location: WfcHtViewEmpPage.php?id=" . $this->empID);
         return false;
     return true;
 function preprocess()
     if (!isset($FANNIE_PLUGIN_LIST) || !in_array('CoopCred', $FANNIE_PLUGIN_LIST)) {
         $this->errors .= _("Error: The Coop Cred Plugin is not enabled.");
         return True;
     if (!array_key_exists('CoopCredDatabase', $FANNIE_PLUGIN_SETTINGS) || $FANNIE_PLUGIN_SETTINGS['CoopCredDatabase'] == "") {
         $this->errors .= _("Error: Coop Cred Database not named in Plugin Settings.");
         return True;
     /* Get values from the Whole-Project (Plugin) config table.
     $dbc = FannieDB::get($FANNIE_PLUGIN_SETTINGS['CoopCredDatabase']);
     $config = new CCredConfigModel($dbc);
     if (!$config->load()) {
         $this->errors .= _("Error: Coop Cred configuration not available.");
         return True;
     $this->dummyTenderCode = $config->dummyTenderCode();
     $this->dummyDepartment = $config->dummyDepartment();
     $this->deptMin = $config->deptMin();
     $this->deptMax = $config->deptMax();
     $this->dummyBanker = $config->dummyBanker();
     $this->bankerMin = $config->bankerMin();
     $this->bankerMax = $config->bankerMax();
     /* For CCredPrograms.modifiedBy
     $this->authUserNumber = 0;
     $authName = FannieAuth::checkLogin();
     if (!($authName == 'null' || $authName == 'init' || $authName == False)) {
         $this->authUserNumber = FannieAuth::getUID($authName);
     /* Support ajax calls to this program.
      * If there is a form submission with an action go do it.
      * The form submission may be via AJAX instead of <form ...>
      *  with action= in the query string with other parameters.
     if (FormLib::get_form_value('action') !== '') {
         /* How to handle errors/problems esp. in save?
          * Possibly code readinessCheck()
         return False;
     /* If the call was not by form, e.g. from the initial menu
      * or the <form action=> is '' (when does that happen?)
      * FanniePage::draw_page() continues to $this->body_content()
      *  which returns the the program-select form.
     return True;
     // preprocess()
Beispiel #5
   Log updates to many products at once
   @param $upcs [array] of UPCs
   @param $type [string] update type
   @param $user [string] username
   @return [boolean] success
 public function logManyUpdates($upcs, $type = 'UNKNOWN', $user = false)
     if (count($upcs) == 0) {
         // nothing to log
         return true;
     $col_map = array('upc' => 'p.upc', 'description' => 'description', 'price' => 'normal_price', 'salePrice' => 'special_price', 'cost' => 'cost', 'dept' => 'department', 'tax' => 'tax', 'fs' => 'foodstamp', 'scale' => 'scale', 'modified' => 'modified', 'forceQty' => 'qttyEnforced', 'noDisc' => 'discount', 'inUse' => 'inUse', 'likeCode' => 'likeCode', 'storeID' => 'store_id');
     if (!$user) {
         $user = FannieAuth::getUID(FannieAuth::checkLogin());
     $select_cols = '?,?,';
     $insert_cols = 'updateType,' . $this->connection->identifier_escape('user') . ',';
     foreach ($col_map as $insert => $select) {
         $insert_cols .= $this->connection->identifier_escape($insert) . ',';
         // identifier escape does not handle alias prefix
         $select_cols .= ($select == 'p.upc' ? $select : $this->connection->identifier_escape($select)) . ',';
     $insert_cols = substr($insert_cols, 0, strlen($insert_cols) - 1);
     $select_cols = substr($select_cols, 0, strlen($select_cols) - 1);
     $args = array($type, $user);
     $upc_in = '';
     foreach ($upcs as $upc) {
         $args[] = $upc;
         $upc_in .= '?,';
     $upc_in = substr($upc_in, 0, strlen($upc_in) - 1);
     $query = 'INSERT INTO prodUpdate (' . $insert_cols . ')
               SELECT ' . $select_cols . '
               FROM products AS p
                 LEFT JOIN upcLike AS u ON p.upc=u.upc
               WHERE p.upc IN (' . $upc_in . ')';
     $prep = $this->connection->prepare($query);
     $res = $this->connection->execute($prep, $args);
     return $res ? true : false;
Beispiel #6
 public function get_id_dreceipt_did_handler()
     $bridge = GumLib::getSetting('posLayer');
     $this->custdata = $bridge::getCustdata($this->id);
     $this->meminfo = $bridge::getMeminfo($this->id);
     $uid = FannieAuth::getUID($this->current_user);
     // bridge may change selected database
     $dbc = FannieDB::get($FANNIE_PLUGIN_SETTINGS['GiveUsMoneyDB']);
     $model = new GumDividendsModel($dbc);
     $msg = 'Dear ' . $this->custdata->FirstName() . ' ' . $this->custdata->LastName() . ',' . "\n";
     $msg .= "\n";
     $msg .= 'Attached is a 1099 for the Class C dividend issued ' . date('Y-m-d', strtotime($model->yearEndDate())) . "\n";
     $msg .= wordwrap('Whole Foods Co-op recognizes and thanks you for your support and purchase of Class C Stock. It is important that we maintain your current contact information so that we can deliver any dividends you may earn. Please reply to this email or to with any questions or concerns. Or you may also call 218-728-0884, ask for Finance, and we will gladly assist you.') . "\n";
     $msg .= "\n";
     $msg .= 'Dale Maiers' . "\n";
     $msg .= 'Finance Manager' . "\n";
     $subject = 'SAMPLE WFC Owner Financing: Class C Stock Dividend';
     $to = $this->meminfo->email_1();
     $mail = new PHPMailer();
     $mail->From = '*****@*****.**';
     $mail->FromName = 'Whole Foods Co-op';
     $mail->Subject = $subject;
     $mail->Body = $msg;
     $year = date('Y', strtotime($model->yearEndDate()));
     $taxID = new GumTaxIdentifiersModel($dbc);
     $ssn = 'n/a';
     if ($taxID->maskedTaxIdentifier() != '') {
         $ssn = 'xxx-xx-' . $taxID->maskedTaxIdentifier();
     $amount = array(1 => $model->dividendAmount());
     $pdf = new FPDF('P', 'mm', 'Letter');
     $form = new GumTaxFormTemplate($this->custdata, $this->meminfo, $ssn, $year, $amount);
     $form->renderAsPDF($pdf, 15);
     $raw_pdf = $pdf->Output('wfc.pdf', 'S');
     $mail->AddStringAttachment($raw_pdf, 'wfc.pdf', 'base64', 'application/pdf');
     if ($mail->Send()) {
         header('Location: GumEmailPage.php?id=' . $this->id);
     } else {
         echo $mail->ErrorInfo;
     return false;
Beispiel #7
 function process_file($linedata)
     global $FANNIE_OP_DB;
     $dbc = FannieDB::get($FANNIE_OP_DB);
     $skuCol = $this->get_column_index('sku');
     $costCol = $this->get_column_index('cost');
     $uQtyCol = $this->get_column_index('unitQty');
     $cQtyCol = $this->get_column_index('caseQty');
     $uSizeCol = $this->get_column_index('unitSize');
     $cSizeCol = $this->get_column_index('caseSize');
     $brandCol = $this->get_column_index('brand');
     $descCol = $this->get_column_index('desc');
     $upcCol = $this->get_column_index('upc');
     $upccCol = $this->get_column_index('upcc');
     $vendorID = FormLib::get('vendorID');
     $inv = FormLib::get('identifier', '');
     $orderDate = FormLib::get('orderDate', date('Y-m-d H:i:s'));
     $recvDate = FormLib::get('recvDate', '');
     $order = new PurchaseOrderModel($dbc);
     $orderID = $order->save();
     $item = new PurchaseOrderItemsModel($dbc);
     $info = new VendorItemsModel($dbc);
     $ret = '';
     foreach ($linedata as $line) {
         if (!isset($line[$skuCol])) {
         if (!isset($line[$costCol])) {
         $sku = $line[$skuCol];
         $cost = $line[$costCol];
         $cost = trim($cost, ' ');
         $cost = trim($cost, '$');
         if (!is_numeric($cost)) {
             $ret .= "<i>Omitting item {$sku}. Cost {$cost} isn't a number</i><br />";
         $unitQty = $uQtyCol !== false && isset($line[$uQtyCol]) ? $line[$uQtyCol] : 0;
         $caseQty = $cQtyCol !== false && isset($line[$cQtyCol]) ? $line[$cQtyCol] : 0;
         if ($unitQty == 0 && $caseQty == 0) {
             // no qty specified.
         $unitSize = $uSizeCol !== false && isset($line[$uSizeCol]) ? $line[$uSizeCol] : 0;
         $caseSize = $cSizeCol !== false && isset($line[$cSizeCol]) ? $line[$cSizeCol] : 0;
         $brand = $brandCol !== '' && isset($line[$brandCol]) ? $line[$brandCol] : '';
         $desc = $descCol !== false && isset($line[$descCol]) ? $line[$descCol] : '';
         $upc = '';
         if ($upcCol !== false && isset($line[$upcCol])) {
             $upc = BarcodeLib::padUPC($line[$upcCol]);
         } elseif ($upccCol !== false && isset($line[$upccCol])) {
             $upc = BarcodeLib::padUPC($line[$upccCol]);
             $upc = '0' . substr($upc, 0, 12);
         if ($info->load()) {
             if ($brand === '') {
                 $brand = $info->brand();
             if ($desc === '') {
                 $desc = $info->description();
             if ($unitSize === 0) {
                 $unitSize = $info->size();
             if ($caseSize === 0) {
                 $caseSize = $info->units();
             $upc = $info->upc();
         if ($caseQty == 0 && $unitQty != 0) {
             if ($caseSize == 0) {
                 $caseQty = $unitQty;
                 $caseSize = 1;
             } else {
                 $caseQty = $unitQty / $caseSize;
         } elseif ($caseQty != 0 && $unitQty == 0) {
             if ($caseSize == 0) {
                 $unitQty = $caseQty;
                 $caseSize = 1;
             } else {
                 $unitQty = $caseQty * $caseSize;
         } elseif ($caseQty != 0 && $unitQty != 0) {
             if ($caseSize == 0) {
                 $caseSize = $caseQty / $unitQty;
         $unitCost = $cost / $unitQty;
         if ($item->load()) {
             // multiple records for same item
             $item->quantity($caseQty + $item->quantity());
             if ($recvDate !== '') {
                 $item->receivedTotalCost($cost + $item->receivedTotalCost());
                 $item->receivedQty($caseQty + $item->receivedQty());
         } else {
             if ($recvDate !== '') {
     $ret .= "<p>Import Complete";
     $ret .= '<br />';
     $ret .= '<a href="' . $this->config->get('URL') . 'purchasing/ViewPurchaseOrders.php?id=' . $orderID . '">View Order</a></p>';
     $this->results = $ret;
     return true;
 public function post_id_handler()
     $dbc = FannieDB::get($this->config->get('OP_DB'));
     $ret = array('error' => false);
     $date = FormLib::get('order-date', date('Y-m-d'));
     $po_num = FormLib::get('po-number');
     $inv_num = FormLib::get('inv-number');
     $sku = FormLib::get('sku', array());
     $upc = FormLib::get('upc', array());
     $cases = FormLib::get('cases', array());
     $caseSize = FormLib::get('case-size', array());
     $total = FormLib::get('total', array());
     $brand = FormLib::get('brand', array());
     $description = FormLib::get('description', array());
     if (count($sku) == 0) {
         $ret['error'] = true;
         $ret['message'] = 'Order must have at least one item';
         echo json_encode($ret);
         return false;
       Queries to check for vendorItems entries
     $skuP = $dbc->prepare('
         SELECT size
         FROM vendorItems
         WHERE vendorID=?
             AND sku=?');
     $upcP = $dbc->prepare('
         SELECT size
         FROM vendorItems
         WHERE vendorID=?
             AND upc=?');
     $vitem = new VendorItemsModel($dbc);
       Create parent record for the order
     $po = new PurchaseOrderModel($dbc);
     // if an orderID is supplied, update the existing order
     if (FormLib::get('order-id') !== '' && is_numeric(FormLib::get('order-id'))) {
         $orderID = FormLib::get('order-id');
     } else {
         $orderID = $po->save();
     if (!$orderID) {
         $ret['error'] = true;
         $ret['message'] = 'Could not create new order';
         echo json_encode($ret);
         return false;
       Create item records for the order
     $pitem = new PurchaseOrderItemsModel($dbc);
     for ($i = 0; $i < count($sku); $i++) {
         $units = $caseSize[$i];
         $qty = $cases[$i];
         $unitCost = $total[$i] / $qty / $units;
           Multiple same-SKU records
           Sum the quantities and costs to merge
           into a single record
         if ($pitem->load()) {
             $qty += $pitem->receivedQty();
             $total[$i] += $pitem->receivedTotalCost();
           Try to look up unit size using
           vendorID+sku or vendorID+upc.
           This avoids making unit size a required
           field *and* checks for an existing
           vendorItems record
         $size = false;
         $skuR = $dbc->execute($skuP, array($this->id, $sku[$i]));
         if ($skuR && $dbc->numRows($skuR)) {
             $size = true;
             $w = $dbc->fetchRow($skuR);
         if ($size === false) {
             $upcR = $dbc->execute($upcP, array($this->id, $upc[$i]));
             if ($upcR && $dbc->numRows($upcR)) {
                 $size = true;
                 $w = $dbc->fetchRow($upcR);
           If no vendorItems record exists for this
           SKU or UPC then create one
         if ($size === false) {
     $ret['order_id'] = $orderID;
     echo json_encode($ret);
     return false;
 public function get_id_view()
     global $FANNIE_OP_DB;
     $uid = FannieAuth::getUID(FannieAuth::checkLogin());
     $dbc = CalendarPluginDB::get();
     $event = new MonthviewEventsModel($dbc);
     list($date, $time) = explode(' ', $event->eventDate());
     $ret = '<h3>' . $date . '</h3>';
     $ret .= '<div class="eventDesc">' . $event->eventText() . '</div>';
     $ret .= '<hr />';
     $attending = false;
     $ret .= '<h3>Attendees</h3>';
     $ret .= '<ol>';
     $query = 'SELECT m.uid, u.real_name
               FROM attendees AS m
                 INNER JOIN ' . $FANNIE_OP_DB . $dbc->sep() . 'Users AS u ON m.uid=u.uid
               WHERE m.eventID=?
               ORDER BY attendeeID';
     $prep = $dbc->prepare($query);
     $result = $dbc->execute($prep, $this->id);
     $num = $result ? $dbc->num_rows($result) : 0;
     while ($row = $dbc->fetch_row($result)) {
         $ret .= '<li>' . $row['real_name'] . '</li>';
         if ($row['uid'] == $uid) {
             $attending = true;
     $ret .= '</ol>';
     if (!$attending && $num < $event->attendeeLimit()) {
         $ret .= sprintf('<a href="CalendarAttendedEventPage.php?id=%d&join_id=%d">Sign up for this Event</a>', $this->id, $uid);
     } else {
         if (!$attending) {
             $ret .= 'This event is at capacity';
         } else {
             $ret .= sprintf('<a href="CalendarAttendedEventPage.php?id=%d&leave_id=%d">Take myself off the List</a>', $this->id, $uid);
     $ret .= '<div style="margin-top:20px"><a href="CalendarMainPage.php">Home</a></div>';
     return $ret;
Beispiel #10
 function get_orders($placed)
     global $FANNIE_OP_DB;
     $dbc = FannieDB::get($FANNIE_OP_DB);
     $month = FormLib::get('month');
     $year = FormLib::get('year');
     $start = date('Y-m-01 00:00:00', mktime(0, 0, 0, $month, 1, $year));
     $end = date('Y-m-t 23:59:59', mktime(0, 0, 0, $month, 1, $year));
     $query = 'SELECT p.orderID, p.vendorID, MIN(creationDate) as creationDate,
             MIN(placedDate) as placedDate, COUNT(i.orderID) as records,
             SUM(i.unitCost*i.caseSize*i.quantity) as estimatedCost,
             SUM(i.receivedTotalCost) as receivedCost, v.vendorName,
             MAX(i.receivedDate) as receivedDate,
         FROM PurchaseOrder as p
             LEFT JOIN PurchaseOrderItems AS i ON p.orderID = i.orderID
             LEFT JOIN vendors AS v ON p.vendorID=v.vendorID
         WHERE placed=? 
             AND creationDate BETWEEN ? AND ? ';
     if (!$this->show_all) {
         $query .= 'AND userID=? ';
     $query .= 'GROUP BY p.orderID, p.vendorID, v.vendorName 
                ORDER BY MIN(creationDate) DESC';
     $args = array($placed, $start, $end);
     if (!$this->show_all) {
         $args[] = FannieAuth::getUID($this->current_user);
     $prep = $dbc->prepare_statement($query);
     $result = $dbc->exec_statement($prep, $args);
     $ret = '<div class="table-responsive">
         <table class="table table-striped table-bordered tablesorter">';
     $ret .= '<thead><tr><th>Created</th><th>Invoice#</th><th>Vendor</th><th># Items</th><th>Est. Cost</th>
         <th>Placed</th><th>Received</th><th>Rec. Cost</th></tr></thead><tbody>';
     $count = 1;
     while ($w = $dbc->fetch_row($result)) {
         $ret .= sprintf('<tr><td><a href="ViewPurchaseOrders.php?id=%d">%s</a></td>
                 <td>%s</td><td>%s</td><td>%.2f</td></tr>', $w['orderID'], $w['creationDate'], $w['vendorInvoiceID'], $w['vendorName'], $w['records'], $w['estimatedCost'], $placed == 1 ? $w['placedDate'] : '&nbsp;', !empty($w['receivedDate']) ? $w['receivedDate'] : '&nbsp;', !empty($w['receivedCost']) ? $w['receivedCost'] : 0.0);
     $ret .= '</tbody></table></div>';
     return $ret;
 function calculate_sidebar()
     global $FANNIE_OP_DB;
     $userID = FannieAuth::getUID($this->current_user);
     $dbc = FannieDB::get($FANNIE_OP_DB);
     $q = 'SELECT p.orderID, vendorName, 
         sum(case when i.orderID is null then 0 else 1 END) as rows, 
         MAX(creationDate) as date,
         sum(unitCost*caseSize*quantity) as estimatedCost
         FROM PurchaseOrder as p 
         INNER JOIN vendors as v ON p.vendorID=v.vendorID
         LEFT JOIN PurchaseOrderItems as i
         ON p.orderID=i.orderID
         WHERE p.userID=?
         GROUP BY p.orderID, vendorName
         ORDER BY vendorName';
     $p = $dbc->prepare_statement($q);
     $r = $dbc->exec_statement($p, array($userID));
     $ret = '<ul id="vendorList">';
     while ($w = $dbc->fetch_row($r)) {
         $ret .= '<li><span id="orderInfoVendor">' . $w['vendorName'] . '</span>';
         $ret .= '<ul class="vendorSubList"><li>' . $w['date'];
         $ret .= '<li># of Items: <span class="orderInfoCount">' . $w['rows'] . '</span>';
         $ret .= '<li>Est. cost: $<span class="orderInfoCost">' . sprintf('%.2f', $w['estimatedCost']) . '</span>';
         $ret .= '</ul></li>';
     $ret .= '</ul>';
     return $ret;
Beispiel #12
 public function run($args = array())
     global $FANNIE_URL;
     $data = array();
     $action = FormLib::get_form_value('action');
     if ($action !== '') {
         $data[] = $action;
         switch ($action) {
             case 'save_or_add_event':
                 $calID = FormLib::get('id', 0);
                 $text = FormLib::get('text');
                 $text = str_replace('<br>', "\n", $text);
                 $text = htmlspecialchars($text);
                 $text = str_replace("\n", '<br>', $text);
                 $db = CalendarPluginDB::get();
                 $event = new MonthviewEventsModel($db);
                 $eventID = FormLib::get('eventID', false);
                 if ($eventID !== false) {
                     if (!empty($text)) {
                     } else {
                 } else {
                     $date = FormLib::get('datestr');
                     $uid = FormLib::get('uid');
                     if (!empty($text)) {
                         $eventID = $event->save();
                         $data = array();
                         echo $eventID;
                 $calendar = new CalendarsModel($db);
             case 'monthview_save':
                 $date = FormLib::get_form_value('date');
                 $id = FormLib::get_form_value('id', 0);
                 $text = FormLib::get_form_value('text');
                 $uid = FormLib::get_form_value('uid', 0);
                 $db = CalendarPluginDB::get();
                 $chkP = $db->prepare_statement("SELECT calendarID FROM monthview_events \n                        WHERE eventDate=? and uid=? and calendarID=?");
                 $rowCheck = $db->exec_statement($chkP, array($date, $uid, $id));
                 if ($db->num_rows($rowCheck) <= 0 && $text != "") {
                     $insP = $db->prepare_statement("INSERT INTO monthview_events \n                                                    (calendarID, eventDate, eventText, uid) VALUES (?,?,?,?)");
                     $db->exec_statement($insP, array($id, $date, $text, $uid));
                 } else {
                     if ($text == "") {
                         $delP = $db->prepare_statement("DELETE FROM monthview_events WHERE\n                            calendarID=? AND eventDate=?\n                            AND uid=?");
                         $db->exec_statement($delP, array($id, $date, $uid));
                     } else {
                         $upP = $db->prepare_statement("UPDATE monthview_events SET\n                            eventText=?\n                            WHERE calendarID=? AND eventDate=?\n                            AND uid=?");
                         $db->exec_statement($upP, array($text, $id, $date, $uid));
                 $calendar = new CalendarsModel($db);
             case 'createCalendar':
                 $name = FormLib::get_form_value('name');
                 $uid = FormLib::get_form_value('uid', 0);
                 $db = CalendarPluginDB::get();
                 $p = $db->prepare_statement("INSERT INTO calendars (name) VALUES (?)");
                 $db->exec_statement($p, array($name));
                 $id = $db->insert_id();
                 $p = $db->prepare_statement("INSERT INTO permissions (calendarID,uid,classID)\n                                VALUES (?,?,4)");
                 $db->exec_statement($p, array($id, $uid));
                 $data[] = "<p class=\"index\"><a href=\"?calID={$id}&view=month\">{$name}</a></p>";
             case 'createSubscription':
                 $db = CalendarPluginDB::get();
                 $name = FormLib::get('name');
                 $url = FormLib::get('url');
                 $uid = FormLib::get_form_value('uid', 0);
                 $subscription = new CalendarSubscriptionsModel($db);
                 $subscriptionID = $subscription->save();
                 $calendar = new CalendarsModel($db);
                 $calendarID = $calendar->save();
                 $permissions = new PermissionsModel($db);
                 $data[] = 'Subscribed';
             case 'savePrefs':
                 $calID = FormLib::get_form_value('calID');
                 $name = str_replace("'", "''", $_GET['name']);
                 $name = FormLib::get_form_value('name');
                 $viewers = FormLib::get_form_value('viewers', array());
                 $writers = FormLib::get_form_value('writers', array());
                 $db = CalendarPluginDB::get();
                 $calendar = new CalendarsModel($db);
                 $p = $db->prepare_statement("DELETE FROM permissions WHERE calendarID=? and classID < 4");
                 $db->exec_statement($p, array($calID));
                 $insP = $db->prepare_statement("INSERT INTO permissions (calendarID,uid,classID) VALUES (?,?,?)");
                 if ($viewers != "") {
                     foreach (explode(",", $viewers) as $v) {
                         $db->exec_statement($insP, array($calID, $v, 1));
                 if ($writers != "") {
                     foreach (explode(",", $writers) as $w) {
                         $db->exec_statement($insP, array($calID, $w, 2));
                 if (FormLib::get('url')) {
                     $url = FormLib::get('url');
                     $sub = new CalendarSubscriptionsModel($db);
             case 'weekview_save':
                 $timestamp = FormLib::get_form_value('ts');
                 $date = date('Y-m-d H:i:00', $timestamp);
                 $calID = FormLib::get_form_value('id', 0);
                 $text = trim(FormLib::get_form_value('text'));
                 $eID = FormLib::get('eventID', false);
                 $uid = FannieAuth::getUID(FannieAuth::checkLogin());
                 $pat = '/#(\\d+)/';
                 $rep = '<a href="' . $FANNIE_URL . 'modules/plugins2.0/PIKiller/PIMemberPage.php?id=${1}" onclick="noBubble(event);">#${1}</a>';
                 $text = preg_replace($pat, $rep, $text);
                 $db = CalendarPluginDB::get();
                 $model = new MonthviewEventsModel($db);
                 if ($eID) {
                 if (empty($text) && $eID) {
                     // delete empty event
                     // no eID implies event doesn't exist
                     // just opened/closed w/o content
                 } else {
                     if (!empty($text)) {
                         $newID = $model->save();
                         if (!$eID) {
                             $data[] = $newID;
     return $data;
Beispiel #13
   Main page. Vendor is selected. Find/create order
   based on vendorID & userID
 function get_id_view()
     global $FANNIE_OP_DB;
     $vendorID = $this->id;
     $userID = FannieAuth::getUID($this->current_user);
     $orderID = $this->getOrderID($vendorID, $userID);
     $dbc = FannieDB::get($FANNIE_OP_DB);
     $q = 'SELECT vendorName, 
         sum(case when i.orderID is null then 0 else 1 END) as rows, 
         MAX(creationDate) as date,
         sum(unitCost*caseSize*quantity) as estimatedCost
         FROM PurchaseOrder as p 
         INNER JOIN vendors as v ON p.vendorID=v.vendorID
         LEFT JOIN PurchaseOrderItems as i
         ON p.orderID=i.orderID
         WHERE p.orderID=?';
     $p = $dbc->prepare_statement($q);
     $r = $dbc->exec_statement($p, array($orderID));
     $w = $dbc->fetch_row($r);
     $ret = '<div id="orderInfo">
         <span id="orderInfoVendor">' . $w['vendorName'] . '</span>';
     $ret .= ' ' . $w['date'];
     $ret .= '&nbsp;&nbsp;&nbsp;&nbsp;';
     $ret .= ' # of Items: <span id="orderInfoCount">' . $w['rows'] . '</span>';
     $ret .= '&nbsp;&nbsp;&nbsp;&nbsp;';
     $ret .= ' Est. cost: $<span id="orderInfoCost">' . sprintf('%.2f', $w['estimatedCost']) . '</span>';
     $ret .= '</div><hr />';
     $ret .= '<div id="ItemSearch">';
     $ret .= '<form class="form-inline" action="" onsubmit="itemSearch();return false;">';
     $ret .= '<div class="form-group">';
     $ret .= '<label class="control-label">UPC/SKU</label><input class="form-control" type="text" id="searchField" />';
     $ret .= '</div>';
     $ret .= '<div class="form-group">';
     $ret .= '&nbsp;&nbsp;&nbsp;';
     $ret .= '<button type="submit" class="btn btn-default">Search</button>';
     $ret .= '&nbsp;&nbsp;&nbsp;';
     $ret .= '<button type="button" class="btn btn-default" onclick="location=\'PurchasingIndexPage.php\'; return false;">Home</button>';
     $ret .= '&nbsp;&nbsp;&nbsp;';
     $ret .= '<button type="button" class="btn btn-default" onclick="location=\'ViewPurchaseOrders.php?id=' . $orderID . '\'; return false;">View Order</button>';
     $ret .= '</div>';
     $ret .= '</form>';
     $ret .= '</div>';
     $ret .= '<p><div id="SearchResults"></div></p>';
     $ret .= sprintf('<input type="hidden" id="id" value="%d" />', $this->id);
     return $ret;
 public static function weekView($id, $year, $week)
     $sql = CalendarPluginDB::get();
     $calendarModel = new CalendarsModel($sql);
     $name = $calendarModel->name();
     $uid = FannieAuth::getUID(FannieAuth::checkLogin());
     $EDIT = CalendarPluginPermissions::can_write($uid, $id);
     $OWNER = CalendarPluginPermissions::is_owner($uid, $id);
     $startTS = strtotime($year . '-W' . str_pad($week, 2, '0', STR_PAD_LEFT) . '-1');
     $endTS = mktime(0, 0, 0, date('n', $startTS), date('j', $startTS) + 6, date('Y', $startTS));
     $query = 'SELECT eventDate, eventText, eventID
               FROM monthview_events
               WHERE calendarID=?
                 AND eventDate BETWEEN ? AND ?';
     $prep = $sql->prepare($query);
     $args = array($id, date('Y-m-d 00:00:00', $startTS), date('Y-m-d 23:59:59', $endTS));
     $result = $sql->execute($prep, $args);
     $cal_data = array();
     while ($row = $sql->fetch_row($result)) {
         $cal_ts = strtotime($row['eventDate']);
         $cal_data[$cal_ts] = array('id' => $row['eventID'], 'text' => $row['eventText']);
     $startT = 7;
     $endT = 21;
     $prevWeek = mktime(0, 0, 0, date('n', $startTS), date('j', $startTS) - 7, date('Y', $startTS));
     $nextWeek = mktime(0, 0, 0, date('n', $startTS), date('j', $startTS) + 7, date('Y', $startTS));
     $ret = '<table cellpadding="4" cellspacing="0" border="1">';
     // paging
     $ret .= '<tr>';
     $ret .= sprintf('<td colspan="3" align="left">
                     <a href="?view=week&calID=%d&week=%d&year=%d">Prev</a></td>', $id, date('W', $prevWeek), date('Y', $prevWeek));
     $ret .= '<td align="center">' . date('Y', $startTS) . '</td>';
     $ret .= sprintf('<td colspan="4" align="right">
                     <a href="?view=week&calID=%d&week=%d&year=%d">Next</a></td>', $id, date('W', $nextWeek), date('Y', $nextWeek));
     $ret .= '</tr>';
     $ret .= '<tr><th>' . $name . '</th>';
     for ($i = 0; $i < 7; $i++) {
         $ts = mktime(0, 0, 0, date('n', $startTS), date('j', $startTS) + $i, date('Y', $startTS));
         $ret .= '<th>' . date('M j', $ts) . '<br />' . date('l', $ts) . '</th>';
     $ret .= '</tr>';
     for ($hour = $startT; $hour < $endT; $hour++) {
         $ret .= '<tr>';
         $ret .= '<td>' . date('h:i A', mktime($hour, 0)) . '</td>';
         for ($i = 0; $i < 7; $i++) {
             $entry_ts = mktime($hour, 0, 0, date('n', $startTS), date('j', $startTS) + $i, date('Y', $startTS));
             if ($EDIT) {
                 $ret .= sprintf('<td id="weekEntry%d" class="weekEntry"
                                 <input type="hidden" class="weekEntryTS" value="%d" />
                                 <span class="weekEntryContent">%s</span>', $entry_ts, $entry_ts, $entry_ts, $entry_ts, isset($cal_data[$entry_ts]) ? $cal_data[$entry_ts]['text'] : '');
                 if (isset($cal_data[$entry_ts])) {
                     $ret .= sprintf('<input type="hidden" class="weekEntryEventID" value="%d" />', $cal_data[$entry_ts]['id']);
             } else {
                 $ret .= '<td class="weekEntry"><span class="weekEntryContent">';
                 $ret .= isset($cal_data[$entry_ts]) ? $cal_data[$entry_ts]['text'] : '';
                 $ret .= '</span>';
             $ret .= '</td>';
         $ret .= '</tr>';
         $ret .= '<tr>';
         $ret .= '<td>' . date('h:i A', mktime($hour, 30)) . '</td>';
         for ($i = 0; $i < 7; $i++) {
             $entry_ts = mktime($hour, 30, 0, date('n', $startTS), date('j', $startTS) + $i, date('Y', $startTS));
             if ($EDIT) {
                 $ret .= sprintf('<td id="weekEntry%d" class="weekEntry"
                                 <input type="hidden" class="weekEntryTS" value="%d" />
                                 <span class="weekEntryContent">%s</span>', $entry_ts, $entry_ts, $entry_ts, $entry_ts, isset($cal_data[$entry_ts]) ? $cal_data[$entry_ts]['text'] : '');
                 if (isset($cal_data[$entry_ts])) {
                     $ret .= sprintf('<input type="hidden" class="weekEntryEventID" value="%d" />', $cal_data[$entry_ts]['id']);
             } else {
                 $ret .= '<td class="weekEntry"><span class="weekEntryContent">';
                 $ret .= isset($cal_data[$entry_ts]) ? $cal_data[$entry_ts]['text'] : '';
                 $ret .= '</span>';
             $ret .= '</td>';
         $ret .= '</tr>';
     $ret .= '</table>';
     $ret .= '<input type="hidden" id="calendarID" value="' . $id . '" />';
     return $ret;