/**
* Action handler for the INSERT / UPDATE of a membership record
* returns err:string or success:messages ...
*
* @param int $membership_id
* @param int $player_id
* @param int $verein_id
* @param int $mtype_id
* @param string $v_passnr
* @param date $v_mstart
* @param date $v_mend
*/
function dso_insupdmembership($membership_id, $player_id, $verein_id, $mtype_id, $v_passnr, $v_mstart, $v_mend)
{
global $dbi, $usertoken;
// CHECK ACCESS 2
$qV = sql_query('SELECT * from tverein WHERE vid=' . $verein_id, $dbi);
$aV = sql_fetch_array($qV, $dbi);
if ($usertoken['registermap'][$aV['verband_id']] < 3) {
return 'E50:P2:RightsMissing:' . $usertoken['registermap'][$aV['verband_id']];
}
// cre_INFO, date defaults ...
$upd_date = ls_getdate();
// check Values
if (!$verein_id > 0) {
die_red('Verein not set');
}
if (!$mtype_id > 0) {
die_red('Type not set');
}
if (!$player_id > 0) {
die_red('Player not set');
}
if (strlen($v_passnr) < 3) {
die_red('Pass Number not set');
}
if (!check_date($v_mstart)) {
$v_mstart = substr($upd_date, 0, 4) . '-01-01';
}
if (!check_date($v_mend)) {
$v_mend = substr($upd_date, 0, 4) . '-12-31';
}
/* CODE from the workflow ORM stuff ...
$p=new cPlayer;
$p->setDB($dbi);
$p->getbyID($player_id);
$p->saveMembershipVerein($v_verein,$v_mtype,$v_passnr,$v_mstart,$v_mend);
if (strlen($p->pError)>1){debug($p->pError);return 0;}else{return 1;}
*/
if ($membership_id > 0) {
$qry = "UPDATE tmembership SET mtype={$mtype_id},mvereinid={$verein_id},mpassnr='{$v_passnr}', mstart='{$v_mstart}',mend='{$v_mend}'," . "mcre_user='******'uname'] . "',mcre_date='{$upd_date}' where mpid={$player_id} and mid={$membership_id} limit 1";
} else {
$qry = 'INSERT into tmembership(mid,mpid,mtype,mpassnr,mstart,mend,mvereinid,mcre_user,mcre_date,mstatus,mflag)' . " VALUES(0,{$player_id},{$mtype_id},'{$v_passnr}','{$v_mstart}','{$v_mend}',{$verein_id},'" . $usertoken['uname'] . "','{$upd_date}',0,0)";
}
if (!($presult = sql_query($qry, $dbi))) {
return '<font color=red>E71:DB error on MembershipRecord save possible constraint violation</font>';
}
# // In any case we store the KEYVAL directly into the player record ...
# // and we make sure the player is marked as active ...
$keyfield = dso_getPassKeyFieldForType($mtype_id);
$sql = "update tplayer set {$keyfield}=\"{$v_passnr}\",pactive=1 where pid={$player_id}";
if (!($ans = sql_query($sql, $dbi))) {
return 'Database error on keyfield save ...';
}
dsolog(1, $usertoken['uname'], 'Created Membership for pid: (' . $player_id . ')');
if ($presult == 1) {
return 'Membership Saved';
} else {
return 'E88:saving ';
}
}
/**
* actually handle the insert / Update logic based on the PASSNUMBER + type_id
* param: aP=named array with PlayerData
*/
function _InsertUpdatePlayer($aP, $passkey = 'pfkey1')
{
/* ------------------------
* v03 BH 2006/11/20 for Player Import DATA
* v031 after db version 3 - only a minimum is needed for the creation
* TODO v5 merge this and the dso_player_code to the ORM Modell ...
* TODO v5 replace model by using player_foreignkey table
* -----------------------
*/
global $dbi, $usertoken;
$update = 0;
$pid = 0;
$pidstore = 0;
# set defaults
$thisdate = ls_getdate();
# A - check which PASSNUMBER to sync on the fieldname is stored in any $passkey
$pidstore = dso_checkPlayerByPassNr($aP['passnr']);
if ($pidstore > 0) {
$MSG = "Player with Pass Number: " . $aP['passnr'] . " found in DB trying sync on PID={$pidstore}";
} else {
$MSG = "Pass with Number: " . $aP['passnr'] . " NOT found in DB checking name+birthdate.";
# CHECK B try to obtain PID via name+birthdate combination
$pidstore = dso_checkPlayerByNameAndBirth($aP['firstname'], $aP['lastname'], $aP['birthdate']);
if ($pidstore > 0) {
$MSG = $MSG . ' Found Match, running sync on PID=' . $pidstore;
}
}
# check the insert flag ..... and output ...
# we NEVER update the passnr - this is the sync point !!
$OUT = "Pass:"******" Name:" . $aP['firstname'] . " " . $aP['lastname'] . " Adr:" . $aP['town'] . " " . $aP['plz'] . " " . $aP['street'] . "</td></tr>";
if ($pidstore > 0) {
$qry = "update tplayer set pfname=\"" . $aP['firstname'] . "\",plname=\"" . $aP['lastname'] . "\",pbirthdate=\"" . $aP['birthdate'] . "\",ptel1=\"" . $aP['tel1'] . "\",ptel2=\"" . $aP['tel2'] . "\"," . "pemail=\"" . $aP['email'] . "\",pnationality=\"" . $aP['nation'] . "\",ptown=\"" . $aP['town'] . "\",pplz=\"" . $aP['plz'] . "\",pstreet=\"" . $aP['street'] . "\",pactive=1,pupd_user=\"" . $usertoken['uname'] . "\"," . "pupd_date=\"{$thisdate}\",pcomment=\"" . $aP['comment'] . "\" where pid={$pidstore} limit 1";
$res = sql_query($qry, $dbi);
if ($res == 1) {
print "<tr><td>{$MSG}</td><td bgcolor='#eedd88'>UPDATE " . $OUT;
dsolog(2, $usertoken['uname'], "<b>eGate UPDATE:</b> " . $OUT);
} else {
print "<tr><td>{$MSG}</td><td bgcolor='#ee4444'>FAILED " . $OUT;
dsolog(2, $usertoken['uname'], "<b>eGate FAILURE UPDATE:</b> " . $OUT);
}
} else {
/*
* when exactly are we doing AUTO-INSERTS ???
*/
$qry = "insert into tplayer(" . "pid,pfname,plname,pgender,pactive,pcomment,pbirthdate,pcre_date,pcre_user,ptel1,ptel2,pemail,pnationality,ptown,pplz,pstreet,{$passkey})" . " values(0,\"" . $aP['firstname'] . "\",\"" . $aP['lastname'] . "\",\"" . $aP['gender'] . "\",1,\"" . $aP['comment'] . "\",\"" . $aP['birthdate'] . "\",\"{$thisdate}\",\"" . $usertoken['uname'] . "\",\"" . $aP['tel1'] . "\",\"" . $aP['tel2'] . "\",\"" . $aP['email'] . "\",\"" . $aP['nation'] . "\",\"" . $aP['town'] . "\",\"" . $aP['plz'] . "\",\"" . $aP['street'] . "\",\"" . $aP['passnr'] . "\")";
$res = sql_query($qry, $dbi);
if ($res == 1) {
print "<tr><td>{$MSG}</td><td bgcolor='#88ff88'>NEW " . $OUT;
dsolog(2, $usertoken['uname'], "<b>eGate INSERT:</b> " . $OUT);
} else {
print "<tr><td>{$MSG}</td><td bgcolor='#FF8888'>NEW Player FAILED " . $OUT;
dsolog(2, $usertoken['uname'], "<b>eGate FAILURE INSERT:</b> " . $OUT);
}
}
}
function _showform_membership($membership_id, $player_id)
{
/*
* depending on passed in id -> either fetch existing or show new
* output is loaded into hosting DIV
*/
global $dbi, $usertoken;
$aMEM = array();
$d = ls_getdate();
if ($membership_id > 0) {
if (!($precord = sql_query('select * from tmembership where mid=' . $membership_id, $dbi))) {
die('<font color="red">E127:Record not found</font>');
}
if (!($aMEM = sql_fetch_array($precord, $dbi))) {
die('<font color="red">E128:DB engine Error</font>');
}
} else {
$aMEM['mpassnr'] = '';
$aMEM['mtype'] = 0;
$aMEM['mvereinid'] = $usertoken['verein_id'];
// just in case we come here as the vereins account
$aMEM['mcre_user'] = $usertoken['uname'];
$aMEM['mcre_date'] = $d;
$aMEM['mid'] = 0;
$aMEM['mpid'] = $player_id;
$aMEM['mstart'] = substr($d, 0, 4) . '-01-01';
$aMEM['mend'] = substr($d, 0, 4) . '-12-31';
}
/*
* OUTPUT ...
*/
$OUT = '';
$OUT = $OUT . (include '../forms/membership.php');
$OUT = $OUT . '<table><tr><td>' . _imgButton('save', 'membersave(' . $membership_id . ',' . $player_id . ')') . '</td><td><div id="savemsg"></div></td></tr></table>';
return $OUT;
}
function _insupdplayer($v_pid = 0, $last_name = '')
{
# ------------------------
# v02 BH 2003/7/3
# v07 BH 10.9. included add fields
# v09 BH removed vverband this is done auto by vrealm
# // v10 removed membership entries - just basic player details ...
# -----------------------
# TODO v5 merge this and the egate_code to the ORM Modell ...
if (isset($_POST['vfname']) && strlen(dounhtmlentities($_POST['vfname'])) < 30) {
$first_name = strip_tags($_POST['vfname']);
} else {
$first_name = '';
}
if (isset($_POST['vbirthdate']) && strlen(dounhtmlentities($_POST['vbirthdate'])) < 15) {
$v_birthdate = strip_tags($_POST['vbirthdate']);
} else {
$v_birthdate = '1901-01-01';
}
if (isset($_POST['vgender']) && strlen(dounhtmlentities($_POST['vgender'])) < 2) {
$v_gender = strip_tags($_POST['vgender']);
} else {
$v_gender = 'H';
}
if (isset($_POST['vactive']) && is_numeric(dounhtmlentities($_POST['vactive']))) {
$v_active = strip_tags($_POST['vactive']);
} else {
$v_active = 1;
}
if (isset($_POST['vcomment']) && strlen(dounhtmlentities($_POST['vcomment'])) < 50) {
$v_comment = strip_tags($_POST['vcomment']);
} else {
$v_comment = '';
}
$v_username = '';
if (isset($_POST['vnation']) && strlen(dounhtmlentities($_POST['vnation'])) < 12) {
$v_nation = strip_tags($_POST['vnation']);
} else {
$v_nation = '';
}
if (isset($_POST['vtown']) && strlen(dounhtmlentities($_POST['vtown'])) < 30) {
$v_town = strip_tags($_POST['vtown']);
} else {
$v_town = '';
}
if (isset($_POST['vplz']) && strlen(dounhtmlentities($_POST['vplz'])) < 10) {
$v_plz = strip_tags($_POST['vplz']);
} else {
$v_plz = '';
}
if (isset($_POST['vstreet']) && strlen(dounhtmlentities($_POST['vstreet'])) < 60) {
$v_street = strip_tags($_POST['vstreet']);
} else {
$v_street = '';
}
if (isset($_POST['vtel1']) && strlen(dounhtmlentities($_POST['vtel1'])) < 20) {
$v_tel1 = strip_tags($_POST['vtel1']);
} else {
$v_tel1 = '';
}
if (isset($_POST['vtel2']) && strlen(dounhtmlentities($_POST['vtel2'])) < 20) {
$v_tel2 = strip_tags($_POST['vtel2']);
} else {
$v_tel2 = '';
}
if (isset($_POST['vemail']) && strlen(dounhtmlentities($_POST['vemail'])) < 80) {
$v_email = strip_tags($_POST['vemail']);
} else {
$v_email = '';
}
global $dbi, $sipgoback, $usertoken;
dsolog(2, $usertoken['uname'], "<b>UPDATE REQUEST</b> Player: {$last_name}({$v_pid})");
if ($usertoken['usertype_id'] < 2 && $usertoken['usertype_id'] != 0) {
die("<h3>Illegal attempt to change data ....</h3>");
}
if (sizeof($usertoken['registermap']) < 1 && $usertoken['usertype_id'] != 0) {
die("<h3>Illegal attempt to change data .......</h3>");
}
#
# sanity checks come here please ........
#
$v_gender = strtoupper($v_gender);
if (!ereg("([H,D,J]{1})", $v_gender)) {
die("Wrong Gender should be H,D or J ... {$sipgoback}");
}
if (checkBirthDate($v_birthdate) == 0) {
die("Geburtsdatum ist <b>kein gültges Datum</b> ... {$sipgoback}");
}
if (strlen($last_name) == 0) {
die("Nachname <b>muss</b> angegeben werden ... {$sipgoback}");
}
if (strlen($first_name) == 0) {
die("Vorname <b>muss</b> angegeben werden ... {$sipgoback}");
}
/*
* in case of an insert the PID=0, check if unique
*/
if ($v_pid == 0) {
$playerlist = CheckUniquePlayer($first_name, $last_name, $v_birthdate);
if (!strlen($playerlist) == 0) {
die("<h3>Achtung, Doppel Einträge gefunden:</h3><p>Vorname, Nachname, Geburtsdatum ident:</p><br/>" . $playerlist . "<br/><br/> ...{$sipgoback}");
}
}
$upd_user = $usertoken['uname'];
$upd_date = ls_getdate();
if (!ereg("([0-1]{1})", $v_active)) {
die("<h3>Aktiv Flag entweder 0 oder 1</h3> ... {$sipgoback}");
}
// FINALLY ACTION
if ($v_pid > 1) {
$qry = "update tplayer set pfname=\"{$first_name}\",plname=\"{$last_name}\",pgender=\"{$v_gender}\"," . "pactive={$v_active},pcomment=\"{$v_comment}\",pusername=\"{$v_username}\",pbirthdate=\"{$v_birthdate}\"," . "pupd_user=\"{$upd_user}\",pupd_date=\"{$upd_date}\",pnationality=\"{$v_nation}\"," . "ptown=\"{$v_town}\",pplz=\"{$v_plz}\",pstreet=\"{$v_street}\",ptel1=\"{$v_tel1}\",ptel2=\"{$v_tel2}\",pemail=\"{$v_email}\" where pid={$v_pid} limit 1";
} else {
$qry = "insert into tplayer (pid,pfname,plname,pgender,pactive,sipcount,pcomment,pusername,psipstatus,pbirthdate,pcre_date,pcre_user,ptel1,ptel2,pnationality,ptown,pplz,pstreet,pemail) values(0,\"{$first_name}\",\"{$last_name}\",\"{$v_gender}\",1,0,\"{$v_comment}\",\"{$v_username}\",0,\"{$v_birthdate}\",\"{$upd_date}\",\"{$upd_user}\",\"{$v_tel1}\",\"{$v_tel2}\",\"{$v_nation}\",\"{$v_town}\",\"{$v_plz}\",\"{$v_street}\",\"{$v_email}\")";
}
$res = sql_query($qry, $dbi);
return $res;
}
