/* main content */
// biblio topic save proccess
if (isset($_POST['upload']) and trim(strip_tags($_POST['fileTitle'])) != '') {
$uploaded_file_id = 0;
$title = trim(strip_tags($_POST['fileTitle']));
$url = trim(strip_tags($_POST['fileURL']));
// create new sql op object
$sql_op = new simbio_dbop($dbs);
// FILE UPLOADING
if (isset($_FILES['file2attach']) and $_FILES['file2attach']['size']) {
// create upload object
$file_dir = trim($_POST['fileDir']);
$file_upload = new simbio_file_upload();
$file_upload->setAllowableFormat($sysconf['allowed_file_att']);
$file_upload->setMaxSize($sysconf['max_upload'] * 1024);
$file_upload->setUploadDir(REPO_BASE_DIR . DIRECTORY_SEPARATOR . str_replace('/', DIRECTORY_SEPARATOR, $file_dir));
$file_upload_status = $file_upload->doUpload('file2attach');
if ($file_upload_status === UPLOAD_SUCCESS) {
$file_ext = substr($file_upload->new_filename, strrpos($file_upload->new_filename, '.') + 1);
$fdata['uploader_id'] = $_SESSION['uid'];
$fdata['file_title'] = $dbs->escape_string($title);
$fdata['file_name'] = $dbs->escape_string($file_upload->new_filename);
$fdata['file_url'] = $dbs->escape_string($url);
$fdata['file_dir'] = $dbs->escape_string($file_dir);
$fdata['file_desc'] = $dbs->escape_string(trim(strip_tags($_POST['fileDesc'])));
$fdata['mime_type'] = $sysconf['mimetype'][$file_ext];
$fdata['input_date'] = date('Y-m-d H:i:s');
$fdata['last_update'] = $fdata['input_date'];
// insert file data to database
@$sql_op->insert('files', $fdata);
$uploaded_file_id = $sql_op->insert_id;
$data['member_address'] = trim($dbs->escape_string(strip_tags($_POST['memberAddress'])));
$data['member_phone'] = trim($dbs->escape_string(strip_tags($_POST['memberPhone'])));
$data['member_fax'] = trim($dbs->escape_string(strip_tags($_POST['memberFax'])));
$data['postal_code'] = trim($dbs->escape_string(strip_tags($_POST['memberPostal'])));
$data['member_notes'] = trim($dbs->escape_string(strip_tags($_POST['memberNotes'])));
$data['member_email'] = trim($dbs->escape_string(strip_tags($_POST['memberEmail'])));
$data['is_pending'] = intval($_POST['isPending']);
$data['input_date'] = date('Y-m-d');
$data['last_update'] = date('Y-m-d');
if (!empty($_FILES['image']) and $_FILES['image']['size']) {
// create upload object
$upload = new simbio_file_upload();
$upload->setAllowableFormat($sysconf['allowed_images']);
$upload->setMaxSize($sysconf['max_image_upload'] * 1024);
// approx. 100 kb
$upload->setUploadDir(IMAGES_BASE_DIR . 'persons');
// give new name for upload file
$new_filename = 'member_' . $data['member_id'];
$upload_status = $upload->doUpload('image', $new_filename);
if ($upload_status == UPLOAD_SUCCESS) {
$data['member_image'] = $dbs->escape_string($upload->new_filename);
}
}
// password confirmation
if ($mpasswd1 and $mpasswd2 and $mpasswd1 === $mpasswd2) {
$data['mpasswd'] = 'literal{MD5(\'' . $mpasswd2 . '\')}';
}
// create sql op object
$sql_op = new simbio_dbop($dbs);
if (isset($_POST['updateRecordID'])) {
/* UPDATE RECORD MODE */
utility::jsAlert(__('Required fields (*) must be filled correctly!'));
exit;
} else {
// set PHP time limit
set_time_limit(7200);
// set ob implicit flush
ob_implicit_flush();
// create upload object
$upload = new simbio_file_upload();
// get system temporary directory location
$temp_dir = sys_get_temp_dir();
// set max size
$max_size = $sysconf['max_upload'] * 1024;
$upload->setAllowableFormat(array('.csv'));
$upload->setMaxSize($max_size);
$upload->setUploadDir($temp_dir);
$upload_status = $upload->doUpload('importFile');
if ($upload_status != UPLOAD_SUCCESS) {
utility::jsAlert(__('Upload failed! File type not allowed or the size is more than') . ' ' . $sysconf['max_upload'] / 1024 . ' MB');
//mfc
exit;
}
// uploaded file path
$uploaded_file = $temp_dir . DIRECTORY_SEPARATOR . $_FILES['importFile']['name'];
$row_count = 0;
// check for import setting
$record_num = intval($_POST['recordNum']);
$field_enc = trim($_POST['fieldEnc']);
$field_sep = trim($_POST['fieldSep']);
$record_offset = intval($_POST['recordOffset']);
$record_offset = $record_offset - 1;
if (trim($label) != '') {
$arr_label[] = array($label, isset($_POST['label_urls'][$label]) ? $_POST['label_urls'][$label] : null);
}
}
$data['labels'] = $arr_label ? serialize($arr_label) : 'literal{NULL}';
$data['frequency_id'] = $_POST['frequencyID'] == '0' ? 'literal{0}' : (int) $_POST['frequencyID'];
$data['spec_detail_info'] = trim($dbs->escape_string(strip_tags($_POST['specDetailInfo'])));
$data['input_date'] = date('Y-m-d H:i:s');
$data['last_update'] = date('Y-m-d H:i:s');
// image uploading
if (!empty($_FILES['image']) and $_FILES['image']['size']) {
// create upload object
$image_upload = new simbio_file_upload();
$image_upload->setAllowableFormat($sysconf['allowed_images']);
$image_upload->setMaxSize($sysconf['max_image_upload'] * 1024);
$image_upload->setUploadDir(IMAGES_BASE_DIR . 'docs');
// upload the file and change all space characters to underscore
$img_upload_status = $image_upload->doUpload('image', preg_replace('@\\s+@i', '_', $_FILES['image']['name']));
if ($img_upload_status == UPLOAD_SUCCESS) {
$data['image'] = $dbs->escape_string($image_upload->new_filename);
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' upload image file ' . $image_upload->new_filename);
utility::jsAlert(__('Image Uploaded Successfully'));
} else {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', 'ERROR : ' . $_SESSION['realname'] . ' FAILED TO upload image file ' . $image_upload->new_filename . ', with error (' . $image_upload->error . ')');
utility::jsAlert(__('Image Uploaded Successfully'));
}
}
// create sql op object
$sql_op = new simbio_dbop($dbs);
$arr_label[] = array($label, isset($_POST['label_urls'][$label]) ? $_POST['label_urls'][$label] : null);
}
}
}
$data['labels'] = $arr_label ? serialize($arr_label) : 'literal{NULL}';
$data['frequency_id'] = $_POST['frequencyID'] == '0' ? 'literal{0}' : (int) $_POST['frequencyID'];
$data['spec_detail_info'] = trim($dbs->escape_string(strip_tags($_POST['specDetailInfo'])));
$data['input_date'] = date('Y-m-d H:i:s');
$data['last_update'] = date('Y-m-d H:i:s');
// image uploading
if (!empty($_FILES['image']) and $_FILES['image']['size']) {
// create upload object
$image_upload = new simbio_file_upload();
$image_upload->setAllowableFormat($sysconf['allowed_images']);
$image_upload->setMaxSize($sysconf['max_image_upload'] * 1024);
$image_upload->setUploadDir(IMGBS . 'docs');
// upload the file and change all space characters to underscore
$img_upload_status = $image_upload->doUpload('image', preg_replace('@\\s+@i', '_', $_FILES['image']['name']));
if ($img_upload_status == UPLOAD_SUCCESS) {
$data['image'] = $dbs->escape_string($image_upload->new_filename);
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' upload image file ' . $image_upload->new_filename);
utility::jsAlert(__('Image Uploaded Successfully'));
} else {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', 'ERROR : ' . $_SESSION['realname'] . ' FAILED TO upload image file ' . $image_upload->new_filename . ', with error (' . $image_upload->error . ')');
utility::jsAlert(__('Image Uploaded Failed'));
}
} else {
if (!empty($_POST['base64picstring'])) {
list($filedata, $filedom) = explode('#image/type#', $_POST['base64picstring']);
$groups = 'literal{NULL}';
}
$data['groups'] = trim($groups);
}
if ($passwd1 and $passwd2 and $passwd1 === $passwd2) {
$data['passwd'] = 'literal{MD5(\'' . $passwd2 . '\')}';
}
$data['input_date'] = date('Y-m-d');
$data['last_update'] = date('Y-m-d');
if (!empty($_FILES['image']) and $_FILES['image']['size']) {
// create upload object
$upload = new simbio_file_upload();
$upload->setAllowableFormat($sysconf['allowed_images']);
$upload->setMaxSize($sysconf['max_image_upload'] * 1024);
// approx. 100 kb
$upload->setUploadDir(IMGBS . 'persons');
// give new name for upload file
$new_filename = 'user_' . str_replace(array(',', '.', ' ', '-'), '_', strtolower($data['username']));
$upload_status = $upload->doUpload('image', $new_filename);
if ($upload_status == UPLOAD_SUCCESS) {
$data['user_image'] = $dbs->escape_string($upload->new_filename);
}
} else {
if (!empty($_POST['base64picstring'])) {
list($filedata, $filedom) = explode('#image/type#', $_POST['base64picstring']);
$filedata = base64_decode($filedata);
$fileinfo = getimagesizefromstring($filedata);
$valid = strlen($filedata) / 1024 < $sysconf['max_image_upload'];
$valid = !$fileinfo || $valid === false ? false : in_array($fileinfo['mime'], $sysconf['allowed_images_mimetype']);
$new_filename = 'user_' . str_replace(array(',', '.', ' ', '-'), '_', strtolower($data['username'])) . '.' . strtolower($filedom);
if ($valid and file_put_contents(IMGBS . 'persons/' . $new_filename, $filedata)) {
die('<div class="errorBox">' . __('You don\'t have enough privileges to access this area!') . '</div>');
}
// check if there is any active stock take proccess
$stk_query = $dbs->query('SELECT * FROM stock_take WHERE is_active=1');
if ($stk_query->num_rows < 1) {
echo '<div class="errorBox">' . __('NO stock taking proccess initialized yet!') . '</div>';
die;
}
// file upload
if (isset($_POST['stUpload']) && isset($_FILES['stFile'])) {
require SIMBIO_BASE_DIR . 'simbio_FILE/simbio_file_upload.inc.php';
// create upload object
$upload = new simbio_file_upload();
$upload->setAllowableFormat(array('.txt'));
$upload->setMaxSize($sysconf['max_upload'] * 1024);
$upload->setUploadDir(FILES_UPLOAD_DIR);
// upload the file and change all space characters to underscore
$upload_status = $upload->doUpload('stFile');
if ($upload_status == UPLOAD_SUCCESS) {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'stock_take', $_SESSION['realname'] . ' upload stock take file ' . $upload->new_filename);
// open file
$stfile = @fopen(FILES_UPLOAD_DIR . $upload->new_filename, 'r');
if (!$stfile) {
echo '<script type="text/javascript">' . "\n";
echo 'parent.$(\'#stUploadMsg\').html(\'Failed to open stock take file ' . $upload->new_filename . '. Please check permission for directory ' . FILES_UPLOAD_DIR . '\')';
echo '.toggleClass(\'errorBox\').css( {\'display\': \'block\'} );' . "\n";
echo '</script>';
exit;
}
// start loop
/* main content */
// biblio topic save proccess
if (isset($_POST['upload']) and trim(strip_tags($_POST['fileTitle'])) != '') {
$uploaded_file_id = 0;
$title = trim(strip_tags($_POST['fileTitle']));
$url = trim(strip_tags($_POST['fileURL']));
// create new sql op object
$sql_op = new simbio_dbop($dbs);
// FILE UPLOADING
if (isset($_FILES['file2attach']) and $_FILES['file2attach']['size']) {
// create upload object
$file_dir = trim($_POST['fileDir']);
$file_upload = new simbio_file_upload();
$file_upload->setAllowableFormat($sysconf['allowed_file_att']);
$file_upload->setMaxSize($sysconf['max_upload'] * 1024);
$file_upload->setUploadDir(REPOBS . DS . str_replace('/', DS, $file_dir));
$file_upload_status = $file_upload->doUpload('file2attach');
if ($file_upload_status === UPLOAD_SUCCESS) {
$file_ext = substr($file_upload->new_filename, strrpos($file_upload->new_filename, '.') + 1);
$fdata['uploader_id'] = $_SESSION['uid'];
$fdata['file_title'] = $dbs->escape_string($title);
$fdata['file_name'] = $dbs->escape_string($file_upload->new_filename);
$fdata['file_url'] = $dbs->escape_string($url);
$fdata['file_dir'] = $dbs->escape_string($file_dir);
$fdata['file_desc'] = $dbs->escape_string(trim(strip_tags($_POST['fileDesc'])));
$fdata['mime_type'] = $sysconf['mimetype'][$file_ext];
$fdata['input_date'] = date('Y-m-d H:i:s');
$fdata['last_update'] = $fdata['input_date'];
// insert file data to database
@$sql_op->insert('files', $fdata);
$uploaded_file_id = $sql_op->insert_id;
$labelName = trim(strip_tags($_POST['labelName']));
$labelDesc = trim(strip_tags($_POST['labelDesc']));
// check form validity
if (empty($labelDesc) or empty($labelName)) {
utility::jsAlert('Label Name OR Label Description must be filled!');
exit;
} else {
$data['label_desc'] = $dbs->escape_string($labelDesc);
$data['label_name'] = 'label-' . strtolower(str_ireplace(array(' ', 'label-', '_'), array('-', '', '-'), $dbs->escape_string($labelName)));
// image uploading
if (!empty($_FILES['labelImage']) and $_FILES['labelImage']['size']) {
// create upload object
$image_upload = new simbio_file_upload();
$image_upload->setAllowableFormat($sysconf['allowed_images']);
$image_upload->setMaxSize($sysconf['max_image_upload'] * 1024);
$image_upload->setUploadDir(IMAGES_BASE_DIR . 'labels');
// upload
$img_upload_status = $image_upload->doUpload('labelImage', $data['label_name']);
if ($img_upload_status == UPLOAD_SUCCESS) {
$data['label_image'] = $dbs->escape_string($image_upload->new_filename . '.png');
// resize the image
if (function_exists('imagecopyresampled')) {
// we use phpthumb class to resize image
include LIB . 'phpthumb/ThumbLib.inc.php';
// create phpthumb object
$src = IMAGES_BASE_DIR . 'labels/' . $image_upload->new_filename;
$phpthumb = PhpThumbFactory::create($src);
$w = $h = 24;
$phpthumb->resize($w, $h);
$phpthumb->save(IMAGES_BASE_DIR . 'labels/' . $data['label_name'] . '.png', 'PNG');
}
$labelName = trim(strip_tags($_POST['labelName']));
$labelDesc = trim(strip_tags($_POST['labelDesc']));
// check form validity
if (empty($labelDesc) or empty($labelName)) {
utility::jsAlert('Label Name OR Label Description must be filled!');
exit;
} else {
$data['label_desc'] = $dbs->escape_string($labelDesc);
$data['label_name'] = 'label-' . strtolower(str_ireplace(array(' ', 'label-', '_'), array('-', '', '-'), $dbs->escape_string($labelName)));
// image uploading
if (!empty($_FILES['labelImage']) and $_FILES['labelImage']['size']) {
// create upload object
$image_upload = new simbio_file_upload();
$image_upload->setAllowableFormat($sysconf['allowed_images']);
$image_upload->setMaxSize($sysconf['max_image_upload'] * 1024);
$image_upload->setUploadDir(IMGBS . 'labels');
// upload
$img_upload_status = $image_upload->doUpload('labelImage', $data['label_name']);
if ($img_upload_status == UPLOAD_SUCCESS) {
$data['label_image'] = $dbs->escape_string($image_upload->new_filename);
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' upload label image file ' . $image_upload->new_filename);
utility::jsAlert('Label image file successfully uploaded');
} else {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', 'ERROR : ' . $_SESSION['realname'] . ' FAILED TO upload label image file ' . $image_upload->new_filename . ', with error (' . $image_upload->error . ')');
utility::jsAlert('FAILED to upload label image! Please see System Log for more detailed information');
}
}
$data['input_date'] = date('Y-m-d');
$data['last_update'] = date('Y-m-d');
die('<div class="errorBox">' . __('You don\'t have enough privileges to access this area!') . '</div>');
}
// check if there is any active stock take proccess
$stk_query = $dbs->query('SELECT * FROM stock_take WHERE is_active=1');
if ($stk_query->num_rows < 1) {
echo '<div class="errorBox">' . __('NO stock taking proccess initialized yet!') . '</div>';
die;
}
// file upload
if (isset($_POST['stUpload']) && isset($_FILES['stFile'])) {
require SIMBIO . 'simbio_FILE/simbio_file_upload.inc.php';
// create upload object
$upload = new simbio_file_upload();
$upload->setAllowableFormat(array('.txt'));
$upload->setMaxSize($sysconf['max_upload'] * 1024);
$upload->setUploadDir(UPLOAD);
// upload the file and change all space characters to underscore
$upload_status = $upload->doUpload('stFile');
if ($upload_status == UPLOAD_SUCCESS) {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'stock_take', $_SESSION['realname'] . ' upload stock take file ' . $upload->new_filename);
// open file
$stfile = @fopen(UPLOAD . $upload->new_filename, 'r');
if (!$stfile) {
echo '<script type="text/javascript">' . "\n";
echo 'parent.$(\'#stUploadMsg\').html(\'Failed to open stock take file ' . $upload->new_filename . '. Please check permission for directory ' . UPLOAD . '\')';
echo '.toggleClass(\'errorBox\').css( {\'display\': \'block\'} );' . "\n";
echo '</script>';
exit;
}
// start loop
