} echo format_help_block($listingObject->getHelpEntries()); echo "<ul class=\"listingControls\">"; if (get_opendb_config_var('listings', 'allow_override_show_item_image') !== FALSE) { echo "<li>" . getToggleControl($PHP_SELF, $HTTP_VARS, get_opendb_lang_var('show_item_image'), 'show_item_image', ifempty($HTTP_VARS['show_item_image'], get_opendb_config_var('listings', 'show_item_image') == TRUE ? 'Y' : 'N')) . "</li>"; } echo "<li>" . getItemsPerPageControl($PHP_SELF, $HTTP_VARS) . "</li>"; echo "</ul>"; echo "<p class=\"listingDate\">" . get_opendb_lang_var('listing_generated', 'datetime', get_localised_timestamp(get_opendb_config_var('listings', 'print_listing_datetime_mask'))) . "</p>"; echo format_footer_links($footer_links_r); echo _theme_footer(); } //end if($show_listings) } else { //no guests allowed! opendb_not_authorised_page(PERM_USER_BORROWER, $HTTP_VARS); } } else { //borrow functionality disabled. echo _theme_header(get_opendb_lang_var('borrow_not_supported')); echo "<p class=\"error\">" . get_opendb_lang_var('borrow_not_supported') . "</p>"; echo _theme_footer(); } } else { // invalid login, so login instead. redirect_login($PHP_SELF, $HTTP_VARS); } } else { //if(is_site_enabled()) opendb_site_disabled(); }
if ($return_val === '__ABORTED__') { echo "<p class=\"success\">" . get_opendb_lang_var('user_not_deleted') . "</p>"; $footer_links_r[] = array(url => "{$PHP_SELF}?op=edit&user_id=" . $HTTP_VARS['user_id'], text => $HTTP_VARS['user_id'] == get_opendb_session_var('user_id') ? get_opendb_lang_var('edit_my_info') : get_opendb_lang_var('edit_user_info')); } else { if ($return_val === TRUE) { echo "<p class=\"success\">" . get_opendb_lang_var('user_deleted') . "</p>"; } else { //if($return_val === FALSE) echo format_error_block($errors); } } } echo format_footer_links($footer_links_r); echo _theme_footer(); } else { opendb_not_authorised_page(PERM_ADMIN_USER_PROFILE, $HTTP_VARS); } } else { if ($HTTP_VARS['op'] == 'signup' && get_opendb_config_var('login.signup', 'enable') !== FALSE) { if ($HTTP_VARS['op2'] == 'send_info') { $page_title = get_opendb_lang_var('new_account'); echo _theme_header($page_title, is_show_login_menu_enabled()); echo "<h2>" . $page_title . "</h2>"; if (get_opendb_config_var('login.signup', 'disable_captcha') === TRUE || is_secret_image_code_valid($HTTP_VARS['gfx_code_check'], $HTTP_VARS['gfx_random_number'])) { $return_val = handle_user_insert($HTTP_VARS, $errors); if ($return_val !== FALSE) { echo "\n<p class=\"success\">" . get_opendb_lang_var('new_account_reply', 'site', get_opendb_config_var('site', 'title')) . "</p>"; if (send_signup_info_to_admin($HTTP_VARS, $errors)) { echo "\n<p class=\"smsuccess\">" . get_opendb_lang_var('new_account_admin_email_sent', 'site', get_opendb_config_var('site', 'title')) . "</p>"; } else { echo format_error_block($errors);
} return TRUE; } else { return FALSE; } } if (is_site_enabled()) { if (is_opendb_valid_session() || is_site_public_access()) { $isThumbnail = ifempty($HTTP_VARS['op'], 'fullscreen') == 'thumbnail'; if (is_numeric($HTTP_VARS['id'])) { $file_cache_r = fetch_file_cache_r($HTTP_VARS['id']); if ($file_cache_r !== FALSE) { if ($file_cache_r['cache_type'] != 'ITEM' || is_user_granted_permission(PERM_VIEW_ITEM_COVERS)) { handle_file_cache($file_cache_r, $isThumbnail); } else { opendb_not_authorised_page(); } } else { opendb_operation_not_available(); } } else { if (strlen($HTTP_VARS['tmpId']) > 0) { $url = get_url_from_temp_file_cache($HTTP_VARS['tmpId']); if ($url !== FALSE) { output_cache_file($url); } else { opendb_operation_not_available(); } } else { opendb_operation_not_available(); }
$listingObject->endListing(); echo "</div>"; echo "<ul class=\"listingControls\">"; if (get_opendb_config_var('listings', 'allow_override_show_item_image') !== FALSE) { echo "<li>" . getToggleControl($PHP_SELF, $HTTP_VARS, get_opendb_lang_var('show_item_image'), 'show_item_image', ifempty($HTTP_VARS['show_item_image'], get_opendb_config_var('listings', 'show_item_image') == TRUE ? 'Y' : 'N')) . "</li>"; } echo "</ul>"; } echo _theme_footer(); } else { opendb_operation_not_available(); } } else { //borrow functionality disabled. echo _theme_header(get_opendb_lang_var('borrow_not_supported')); echo "<p class=\"error\">" . get_opendb_lang_var('borrow_not_supported') . "</p>"; echo _theme_footer(); } } else { opendb_not_authorised_page(PERM_ADMIN_QUICK_CHECKOUT, $HTTP_VARS); } } else { // invalid login, so login instead. redirect_login($PHP_SELF, $HTTP_VARS); } } else { //if(is_site_enabled()) opendb_site_disabled(); } // Cleanup after begin.inc.php require_once "./include/end.inc.php";
if (get_opendb_config_var('listings.multi_borrow', 'reserve_action') !== FALSE) { $checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'reserve', link => get_opendb_lang_var('reserve_item(s)')); } if (get_opendb_config_var('borrow', 'reserve_basket') !== FALSE && (get_opendb_config_var('listings.multi_borrow', 'basket_action') === TRUE && (get_opendb_config_var('listings.multi_borrow', 'basket_action_if_not_empty_only') !== TRUE || is_exists_my_reserve_basket(get_opendb_session_var('user_id'))))) { $checkbox_action_rs[] = array('action' => 'borrow.php', 'op' => 'update_my_reserve_basket', link => get_opendb_lang_var('add_to_reserve_list')); } } echo format_checkbox_action_links('item_id_instance_no', get_opendb_lang_var('no_items_checked'), $checkbox_action_rs); } echo format_help_block($listingObject->getHelpEntries()); echo "<ul class=\"listingControls\">"; if (get_opendb_config_var('listings', 'allow_override_show_item_image') !== FALSE) { echo "<li>" . getToggleControl($PHP_SELF, $HTTP_VARS, get_opendb_lang_var('show_item_image'), 'show_item_image', ifempty($HTTP_VARS['show_item_image'], get_opendb_config_var('listings', 'show_item_image') == TRUE ? 'Y' : 'N')) . "</li>"; } echo "<li>" . getItemsPerPageControl($PHP_SELF, $HTTP_VARS) . "</li>"; echo "</ul>"; echo "<p class=\"listingDate\">" . get_opendb_lang_var('listing_generated', 'datetime', get_localised_timestamp(get_opendb_config_var('listings', 'print_listing_datetime_mask'))) . "</p>"; echo _theme_footer(); } else { opendb_not_authorised_page(PERM_VIEW_LISTINGS, $HTTP_VARS); } } else { // invalid login, so login instead. redirect_login($PHP_SELF, $HTTP_VARS); } } else { //if(is_site_enabled()) opendb_site_disabled(); } // Cleanup after begin.inc.php require_once "./include/end.inc.php";
} } else { if ($HTTP_VARS['op'] == 'send_to_uid' && is_user_permitted_to_receive_email($HTTP_VARS['uid'])) { if (is_user_granted_permission(PERM_SEND_EMAIL)) { echo _theme_header(get_opendb_lang_var('send_email'), $HTTP_VARS['inc_menu']); echo "<h2>" . get_opendb_lang_var('send_email') . "</h2>"; $from_user_r = fetch_user_r(get_opendb_session_var('user_id')); $HTTP_VARS['toname'] = trim(strip_tags($HTTP_VARS['toname'])); if ($HTTP_VARS['op2'] == 'send' && send_email_to_userids(array($HTTP_VARS['uid']), $from_user_r['user_id'], $HTTP_VARS['subject'], $HTTP_VARS['message'], $errors)) { // do nothing } else { show_email_form($HTTP_VARS['uid'], fetch_user_name($HTTP_VARS['uid']), $from_user_r['user_id'], $from_user_r['fullname'], $HTTP_VARS['subject'], $HTTP_VARS['message'], $HTTP_VARS, $errors); } echo _theme_footer(); } else { opendb_not_authorised_page(PERM_SEND_EMAIL, $HTTP_VARS); } } else { opendb_operation_not_available(); } } } } else { opendb_operation_not_available(); } } else { // invalid login, so login instead. redirect_login($PHP_SELF, $HTTP_VARS); } } else { opendb_site_disabled();
echo "<li>" . render_chart_image('item_types') . "</li>"; echo "<li>" . render_chart_image('categories') . "</li>"; echo "</ul>"; echo "</div>"; reset($item_type_rs); while (list(, $item_type_r) = each($item_type_rs)) { echo "\n<div class=\"tabContentHidden\" id=\"{$item_type_r['s_item_type']}\">"; echo "<h3>" . get_opendb_lang_var('itemtype_breakdown', array('desc' => $item_type_r['description'], 's_item_type' => $item_type_r['s_item_type'], 'total' => $item_type_r['count'])) . "</h3>"; echo "<ul class=\"graph\">"; echo "<li>" . render_chart_image('item_type_ownership', $item_type_r['s_item_type']) . "</li>"; echo "<li>" . render_chart_image('item_type_category', $item_type_r['s_item_type']) . "</li>"; echo "</ul>"; echo "</div>\n"; } } echo "</div>"; } echo _theme_footer(); } else { opendb_not_authorised_page(PERM_VIEW_STATS, $HTTP_VARS); } } else { // invalid login, so login instead. redirect_login($PHP_SELF, $HTTP_VARS); } } else { //if(is_site_enabled()) opendb_site_disabled(); } // Cleanup after begin.inc.php require_once "./include/end.inc.php";
$field .= "</select>"; echo format_field(get_opendb_lang_var('type'), $field); if (is_user_granted_permission(PERM_ADMIN_EXPORT)) { echo format_field(get_opendb_lang_var('owner'), "\n<select name=\"owner_id\">" . "\n<option value=\"\">-------------- " . get_opendb_lang_var('all') . " --------------" . custom_select('owner_id', fetch_user_rs(PERM_USER_EXPORT), '%fullname% (%user_id%)', 'NA', ifempty($HTTP_VARS['owner_id'], get_opendb_session_var('user_id')), 'user_id') . "\n</select>"); } else { echo "<input type=\"hidden\" name=\"owner_id\" value=\"" . $HTTP_VARS['owner_id'] . "\">"; } echo format_field(get_opendb_lang_var('item_type'), "<select name=\"s_item_type\">" . "\n<option value=\"\">-------------- " . get_opendb_lang_var('all') . " --------------" . custom_select('s_item_type', fetch_item_type_rs(), '%s_item_type% - %description%', 'NA', $HTTP_VARS['s_item_type'], 's_item_type') . "\n</select>"); $lookup_results = fetch_status_type_rs(TRUE); if ($lookup_results && db_num_rows($lookup_results) > 1) { echo format_field(get_opendb_lang_var('s_status_type'), checkbox_grid('s_status_type', $lookup_results, '%img%', 'VERTICAL', NULL)); // value } echo "</table>"; echo "<input type=\"submit\" class=\"submit\" value=\"" . get_opendb_lang_var('submit') . "\">"; echo "</form>"; echo _theme_footer(); } } else { //no guests or borrowers allowed! opendb_not_authorised_page(array(PERM_USER_EXPORT, PERM_ADMIN_EXPORT)); } } else { // invalid login, so login instead. redirect_login($PHP_SELF, $HTTP_VARS); } } else { opendb_site_disabled(); } // Cleanup after begin.inc.php require_once "./include/end.inc.php";
$xajax->processRequest(); } if ($HTTP_VARS['mode'] != 'job') { $menu_option_r = get_system_admin_tools_menu($ADMIN_TYPE); $title = $menu_option_r['link'] . " Admin Tool"; _theme_header($title); // todo - this should really be in the <head>...</head> - does it matter? if ($xajax) { $xajax->printJavascript(); } echo "<h2>" . $title . "</h2>"; } include_once "./admin/" . $ADMIN_TYPE . "/index.php"; if ($HTTP_VARS['mode'] != 'job') { echo _theme_footer(); } } else { //not an administrator or own user. opendb_not_authorised_page(PERM_ADMIN_TOOLS, $HTTP_VARS); } } else { //not a valid session. // invalid login, so login instead. redirect_login($PHP_SELF, $HTTP_VARS, 'admin'); } } else { //if(is_site_enabled()) opendb_site_disabled(); } // Cleanup after begin.inc.php require_once "./include/end.inc.php";
} echo "</div>"; // end of tab content echo "</div>"; // end of tabContainer } else { echo _theme_header(get_opendb_lang_var('item_not_found')); echo "<p class=\"error\">" . get_opendb_lang_var('item_not_found') . "</p>"; } if (is_export_plugin(get_opendb_config_var('item_display', 'export_link')) && is_user_granted_permission(PERM_USER_EXPORT)) { $footer_links_r[] = array(url => "export.php?op=export&plugin=" . get_opendb_config_var('item_display', 'export_link') . "&item_id=" . $item_r['item_id'] . "&instance_no=" . $item_r['instance_no'], text => get_opendb_lang_var('export_item_record')); } // Include a Back to Listing link. if (is_opendb_session_var('listing_url_vars')) { $footer_links_r[] = array(url => "listings.php?" . get_url_string(get_opendb_session_var('listing_url_vars')), text => get_opendb_lang_var('back_to_listing')); } echo format_footer_links($footer_links_r); echo _theme_footer(); } else { opendb_not_authorised_page(PERM_VIEW_ITEM_DISPLAY, $HTTP_VARS); } } else { // invalid login, so login instead. redirect_login($PHP_SELF, $HTTP_VARS); } } else { //if(is_site_enabled()) opendb_site_disabled(); } // Cleanup after begin.inc.php require_once "./include/end.inc.php";
echo format_field(get_opendb_lang_var('s_attribute_type_lookup'), "\n<select name=\"lookup_attribute_val\" id=\"search-lookupattributeval\" onChange=\"if(this.options[this.options.selectedIndex].value.length>0){this.form['attribute_val'].disabled=true;}else{this.form['attribute_val'].disabled=false;}\">" . "\n<option value=\"\">" . get_opendb_lang_var('use_the_value_field') . " ---->" . "\n</select>"); echo format_field(get_opendb_lang_var('attribute_val'), "<input type=\"text\" class=\"text\" name=\"attribute_val\" id=\"search-attributeval\" size=\"50\" value=\"\">" . "\n<ul class=\"searchInputOptions\">" . "\n<li><input type=\"radio\" class=\"radio\" name=\"attr_match\" value=\"word\">" . get_opendb_lang_var('word_match') . "</li>" . "\n<li><input type=\"radio\" class=\"radio\" name=\"attr_match\" value=\"partial\" CHECKED>" . get_opendb_lang_var('partial_match') . "</li>" . "\n<li><input type=\"radio\" class=\"radio\" name=\"attr_match\" value=\"exact\">" . get_opendb_lang_var('exact_match') . "</li>" . "\n<li><input type=\"checkbox\" class=\"checkbox\" name=\"attr_case\" value=\"case_sensitive\">" . get_opendb_lang_var('case_sensitive') . "</li>" . "\n</ul>"); if (strlen($HTTP_VARS['not_owner_id']) > 0) { echo "\n<input type=\"hidden\" name=\"not_owner_id\" value=\"" . $HTTP_VARS['not_owner_id'] . "\">"; } echo format_field(get_opendb_lang_var('owner'), "\n<select name=\"owner_id\" id=\"search-owner\">" . "\n<option value=\"\">-------------- " . get_opendb_lang_var('all') . " --------------" . custom_select('owner_id', fetch_user_rs(PERM_ITEM_OWNER), '%fullname% (%user_id%)', 'NA', NULL, 'user_id') . "\n</select>"); $lookup_results = fetch_status_type_rs(TRUE); if ($lookup_results && db_num_rows($lookup_results) > 1) { echo format_field(get_opendb_lang_var('s_status_type'), checkbox_grid('s_status_type', $lookup_results, '%img%', 'VERTICAL', array())); // value } echo format_field(get_opendb_lang_var('status_comment'), "\n<input type=\"text\" class=\"text\" name=\"status_comment\" id=\"search-statuscomment\" size=\"50\">" . "\n<ul class=\"searchInputOptions\">" . "\n<li><input type=\"radio\" class=\"radio\" name=\"status_comment_match\" value=\"word\">" . get_opendb_lang_var('word_match') . "</li>" . "\n<li><input type=\"radio\" class=\"radio\" name=\"status_comment_match\" value=\"partial\" CHECKED>" . get_opendb_lang_var('partial_match') . "</li>" . "\n<li><input type=\"radio\" class=\"radio\" name=\"status_comment_match\" value=\"exact\">" . get_opendb_lang_var('exact_match') . "</li>" . "\n<li><input type=\"checkbox\" class=\"checkbox\" name=\"status_comment_case\" value=\"case_sensitive\">" . get_opendb_lang_var('case_sensitive') . "</li>" . "\n</ul>"); echo format_field(get_opendb_lang_var('updated'), "\n<select name=\"update_on_days\" id=\"search-updateondays\" onChange=\"if(this.options[this.options.selectedIndex].value.length>0){this.form['update_on'].disabled=true;}else{this.form['update_on'].disabled=false;}\">" . "\n<option value=\"\">" . get_opendb_lang_var('specify_datetime') . " ---->" . "\n<option value=\"1\">" . get_opendb_lang_var('one_day_ago') . "\n<option value=\"7\">" . get_opendb_lang_var('one_week_ago') . "\n<option value=\"28\">" . get_opendb_lang_var('one_month_ago') . "\n<option value=\"365\">" . get_opendb_lang_var('one_year_ago') . "\n</select>" . get_input_field("update_on", NULL, NULL, "datetime(" . get_opendb_config_var('search', 'datetime_mask') . ")", "N", NULL, FALSE)); echo format_field(get_opendb_lang_var('order_by'), "\n<select name=\"order_by\" id=\"search-orderby\">" . "\n<option value=\"title\" SELECTED>" . get_opendb_lang_var('title') . "\n<option value=\"owner_id\">" . get_opendb_lang_var('owner') . "\n<option value=\"category\">" . get_opendb_lang_var('category') . "\n<option value=\"s_item_type\">" . get_opendb_lang_var('item_type') . "\n<option value=\"s_status_type\">" . get_opendb_lang_var('s_status_type') . "\n<option value=\"update_on\">" . get_opendb_lang_var('update_date') . "\n</select>" . "\n<input type=\"radio\" class=\"radio\" name=\"sortorder\" value=\"ASC\" CHECKED>" . get_opendb_lang_var('asc') . "\n<input type=\"radio\" class=\"radio\" name=\"sortorder\" value=\"DESC\">" . get_opendb_lang_var('desc')); echo "</table>"; echo "\n<input type=\"submit\" class=\"submit\" value=\"" . get_opendb_lang_var('search') . "\">"; echo "</form>"; echo _theme_footer(); } else { opendb_not_authorised_page(PERM_VIEW_ADVANCED_SEARCH, $HTTP_VARS); } } else { // invalid login, so login instead. redirect_login($PHP_SELF, $HTTP_VARS); } } else { //if(is_site_enabled()) opendb_site_disabled(); } // Cleanup after begin.inc.php require_once "./include/end.inc.php";
if ($HTTP_VARS['op'] == 'add') { echo get_edit_form('insert', array(), $HTTP_VARS); } } } } } } else { echo _theme_header(get_opendb_lang_var('item_not_found')); echo "<h2>" . get_opendb_lang_var('item_not_found') . "</h2>"; echo "<p class=\"error\">" . get_opendb_lang_var('item_not_found') . "</p>"; } $footer_links_r[] = array(url => "item_display.php?item_id=" . $HTTP_VARS['item_id'] . "&instance_no=" . $HTTP_VARS['instance_no'], text => get_opendb_lang_var('back_to_item')); if (is_opendb_session_var('listing_url_vars')) { $footer_links_r[] = array(url => "listings.php?" . get_url_string(get_opendb_session_var('listing_url_vars')), text => get_opendb_lang_var('back_to_listing')); } echo format_footer_links($footer_links_r); echo _theme_footer(); } else { opendb_not_authorised_page(PERM_USER_REVIEWER, $HTTP_VARS); } } else { // invalid login, so login instead. redirect_login($PHP_SELF, $HTTP_VARS); } } else { //if(is_site_enabled()) opendb_site_disabled(); } // Cleanup after begin.inc.php require_once "./include/end.inc.php";
switch ($HTTP_VARS['ajax_op']) { case 'possible-parents': // Get HTML select list of possible item parents. if (is_user_granted_permission(PERM_ITEM_OWNER) || is_user_granted_permission(PERM_ITEM_ADMIN)) { echo json_encode(array('select' => format_item_parents_select($HTTP_VARS, fetch_item_r($HTTP_VARS['item_id']), $HTTP_VARS['parent_item_filter']))); } break; default: // invalid operation. echo json_encode(array('error' => get_opendb_lang_var('operation_not_available'))); break; } } } else { if (empty($HTTP_VARS['ajax_op'])) { opendb_not_authorised_page(array(PERM_ITEM_OWNER, PERM_ITEM_ADMIN), $HTTP_VARS); } else { echo json_encode(array('error' => get_opendb_lang_var('not_authorized_to_page'))); } } } else { if (empty($HTTP_VARS['ajax_op'])) { // invalid login, so login instead. redirect_login($PHP_SELF, $HTTP_VARS); } else { echo json_encode(array('error' => get_opendb_lang_var('login_failure'))); } } } else { //if(is_site_enabled()) if (empty($HTTP_VARS['ajax_op'])) {
if ($listingObject->isCheckboxColumns() > 0) { if ($HTTP_VARS['restrict_active_ind'] == 'X') { $checkbox_action_rs[] = array('action' => 'user_admin.php', 'op' => 'activate_users', link => get_opendb_lang_var('activate_users')); } else { if (is_valid_opendb_mailer()) { $checkbox_action_rs[] = array('action' => 'email.php', 'op' => 'send_to_uids', link => get_opendb_lang_var('email_users')); } } echo format_checkbox_action_links('user_id_rs', get_opendb_lang_var('no_users_checked'), $checkbox_action_rs); } echo format_help_block($listingObject->getHelpEntries()); echo "<ul class=\"listingControls\">"; if ($HTTP_VARS['restrict_active_ind'] != 'X') { echo "<li>" . getToggleControl($PHP_SELF, $HTTP_VARS, get_opendb_lang_var('show_deactivated_users'), 'show_deactivated_users', ifempty($HTTP_VARS['show_deactivated_users'], 'N')) . "</li>"; } echo "<li>" . getItemsPerPageControl($PHP_SELF, $HTTP_VARS) . "</li>"; echo "</ul>"; echo _theme_footer(); } else { opendb_not_authorised_page(PERM_ADMIN_USER_LISTING, $HTTP_VARS); } } else { // invalid login, so login instead. redirect_login($PHP_SELF, $HTTP_VARS); } } else { //if(is_site_enabled()) opendb_site_disabled(); } // Cleanup after begin.inc.php require_once "./include/end.inc.php";
} } } } } // Include a link no matter what, because they might have initiated the action by accident. if (is_numeric($HTTP_VARS['item_id']) && is_numeric($HTTP_VARS['instance_no'])) { $footer_links_r[] = array(url => "item_display.php?item_id=" . $HTTP_VARS['item_id'] . "&instance_no=" . $HTTP_VARS['instance_no'], text => get_opendb_lang_var('back_to_item')); } if (is_opendb_session_var('listing_url_vars')) { $footer_links_r[] = array(url => "listings.php?" . get_url_string(get_opendb_session_var('listing_url_vars')), text => get_opendb_lang_var('back_to_listing')); } echo format_footer_links($footer_links_r); echo _theme_footer(); } else { opendb_not_authorised_page(array(PERM_ADMIN_BORROWER, PERM_USER_BORROWER)); } } } else { //borrow functionality disabled. echo _theme_header(get_opendb_lang_var('borrow_not_supported')); echo "<p class=\"error\">" . get_opendb_lang_var('borrow_not_supported') . "</p>"; echo _theme_footer(); } } else { // invalid login, so login instead. redirect_login($PHP_SELF, $HTTP_VARS); } } else { //if(is_site_enabled()) opendb_site_disabled();