/**
* Method to check user validity
*
* @param object $obj_db
* @return void
*/
public function valid($obj_db)
{
global $sysconf;
$this->obj_db = $obj_db;
$_check_login = call_user_func(array($this, $this->auth_method . 'Login'));
// check if the user exist in database
if (!$_check_login) {
return false;
}
// fill all sessions var
$_SESSION['mid'] = $this->user_info['member_id'];
$_SESSION['m_name'] = $this->user_info['member_name'];
$_SESSION['m_email'] = $this->user_info['member_email'];
$_SESSION['m_institution'] = $this->user_info['inst_name'];
$_SESSION['m_logintime'] = time();
$_SESSION['m_expire_date'] = $this->user_info['expire_date'];
$_SESSION['m_member_type_id'] = $this->user_info['member_type_id'];
$_SESSION['m_member_type'] = $this->user_info['member_type_name'];
$_SESSION['m_register_date'] = $this->user_info['register_date'];
$_SESSION['m_membership_pending'] = intval($this->user_info['is_pending']) ? true : false;
$_SESSION['m_is_expired'] = false;
$_SESSION['m_mark_biblio'] = array();
$_SESSION['m_can_reserve'] = $this->user_info['enable_reserve'];
$_SESSION['m_reserve_limit'] = $this->user_info['reserve_limit'];
// check member expiry date
require_once SIMBIO . 'simbio_UTILS/simbio_date.inc.php';
$_curr_date = date('Y-m-d');
if (simbio_date::compareDates($this->user_info['expire_date'], $_curr_date) == $_curr_date) {
$_SESSION['m_is_expired'] = true;
}
if ($sysconf['chat_system']['enabled'] and $sysconf['chat_system']['opac']) {
if ($sysconf['chat_system']['vendors'] == 'freichat') {
$_SESSION['chat_mid'] = mt_rand();
$chatinfo['userid'] = $_SESSION['chat_mid'];
$chatinfo['username'] = $_SESSION['m_name'];
$chat_reg = new simbio_dbop($obj_db);
$insert = $chat_reg->insert('chat_user', $chatinfo, TRUE);
}
}
// update the last login time
$obj_db->query("UPDATE member SET last_login='******',\r\n last_login_ip='" . $_SERVER['REMOTE_ADDR'] . "'\r\n WHERE member_id='" . $this->user_info['member_id'] . "'");
return true;
}
}
$dbs->query("INSERT INTO group_access VALUES ({$updateRecordID}, {$module}, 1, {$is_write})");
}
}
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' update group data (' . $groupName . ')');
utility::jsAlert(__('Group Data Successfully Updated'));
echo '<script type="text/javascript">parent.setContent(\'mainContent\', parent.getPreviousAJAXurl(), \'post\');</script>';
} else {
utility::jsAlert(__('Group Data FAILED to Updated. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
$insert = $sql_op->insert('user_group', $data);
if ($insert) {
$group_id = $dbs->insert_id;
// set group privileges
if (isset($_POST['read'])) {
foreach ($_POST['read'] as $module) {
// check write privileges
$is_write = 0;
if (isset($_POST['write'])) {
foreach ($_POST['write'] as $module_write) {
if ($module_write == $module) {
$is_write = 1;
}
}
}
$dbs->query("INSERT INTO group_access VALUES ({$group_id}, {$module}, 1, {$is_write})");
}
}
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'membership', $_SESSION['realname'] . ' update member data (' . $memberName . ') with ID (' . $memberID . ')');
echo '<script type="text/javascript">parent.setContent(\'mainContent\', parent.getPreviousAJAXurl(), \'post\');</script>';
} else {
utility::jsAlert(__('Member Data FAILED to Save/Update. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
if (!$mpasswd1 and !$mpasswd2) {
$data['mpasswd'] = 'literal{NULL}';
}
// insert the data
$insert = $sql_op->insert('member', $data);
if ($insert) {
utility::jsAlert(__('New Member Data Successfully Saved'));
// upload status alert
if (isset($upload_status)) {
if ($upload_status == UPLOAD_SUCCESS) {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'membership', $_SESSION['realname'] . ' upload image file ' . $upload->new_filename);
utility::jsAlert(__('Image Uploaded Successfully'));
} else {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'membership', 'ERROR : ' . $_SESSION['realname'] . ' FAILED TO upload image file ' . $upload->new_filename . ', with error (' . $upload->error . ')');
utility::jsAlert(__('Image FAILED to upload'));
}
}
// write log
$file_upload->setMaxSize($sysconf['max_upload'] * 1024);
$file_upload->setUploadDir(REPO_BASE_DIR . DIRECTORY_SEPARATOR . str_replace('/', DIRECTORY_SEPARATOR, $file_dir));
$file_upload_status = $file_upload->doUpload('file2attach');
if ($file_upload_status === UPLOAD_SUCCESS) {
$file_ext = substr($file_upload->new_filename, strrpos($file_upload->new_filename, '.') + 1);
$fdata['uploader_id'] = $_SESSION['uid'];
$fdata['file_title'] = $dbs->escape_string($title);
$fdata['file_name'] = $dbs->escape_string($file_upload->new_filename);
$fdata['file_url'] = $dbs->escape_string($url);
$fdata['file_dir'] = $dbs->escape_string($file_dir);
$fdata['file_desc'] = $dbs->escape_string(trim(strip_tags($_POST['fileDesc'])));
$fdata['mime_type'] = $sysconf['mimetype'][$file_ext];
$fdata['input_date'] = date('Y-m-d H:i:s');
$fdata['last_update'] = $fdata['input_date'];
// insert file data to database
@$sql_op->insert('files', $fdata);
$uploaded_file_id = $sql_op->insert_id;
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' upload file (' . $file_upload->new_filename . ')');
} else {
echo '<script type="text/javascript">';
echo 'alert(\'' . __('Upload FAILED! Forbidden file type or file size too big!') . '\');';
echo 'self.close();';
echo '</script>';
die;
}
} else {
if ($url && preg_match('@^(http|https|ftp|gopher):\\/\\/@i', $url)) {
$fdata['uploader_id'] = $_SESSION['uid'];
$fdata['file_title'] = $dbs->escape_string($title);
$fdata['file_name'] = $dbs->escape_string($url);
$fdata['file_url'] = $dbs->escape_string($fdata['file_name']);
$updateRecordID = (int) $_POST['updateRecordID'];
// update the data
$update = $sql_op->update('content', $data, 'content_id=' . $updateRecordID);
if ($update) {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['content_title'] . ' update content data (' . $data['content_title'] . ') with contentname (' . $data['contentname'] . ')');
utility::jsAlert(__('Content data updated'));
echo '<script type="text/javascript">parent.setContent(\'mainContent\', parent.getPreviousAJAXurl(), \'post\');</script>';
} else {
utility::jsAlert(__('Content data FAILED to update!') . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
if ($sql_op->insert('content', $data)) {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' add new content (' . $data['content_title'] . ') with contentname (' . $data['contentname'] . ')');
utility::jsAlert(__('Content data saved'));
echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '\', \'post\');</script>';
} else {
utility::jsAlert(__('Content data FAILED to save!') . "\n" . $sql_op->error);
}
exit;
}
}
exit;
} else {
if (isset($_POST['itemID']) and !empty($_POST['itemID']) and isset($_POST['itemAction'])) {
if (!($can_read and $can_write)) {
die;
// remove input date
unset($data['input_date']);
// filter update record ID
$updateRecordID = (int) $_POST['updateRecordID'];
// update the data
$update = $sql_op->update('mst_loan_rules', $data, 'loan_rules_id=' . $updateRecordID);
if ($update) {
utility::jsAlert(__('Loan Rules Successfully Updated'));
echo '<script language="Javascript">parent.setContent(\'mainContent\', parent.getPreviousAJAXurl(), \'post\');</script>';
} else {
utility::jsAlert(__('Loan Rules FAILED to Updated. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
$insert = $sql_op->insert('mst_loan_rules', $data);
if ($insert) {
utility::jsAlert(__('New Loan Rules Successfully Saved'));
echo '<script language="Javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '\', \'post\');</script>';
} else {
utility::jsAlert(__('Loan Rules FAILED to Save. Please Contact System Administrator') . "\n" . $sql_op->error);
}
exit;
}
exit;
} else {
if (isset($_POST['itemID']) and !empty($_POST['itemID']) and isset($_POST['itemAction'])) {
if (!($can_read and $can_write)) {
die;
}
/* DATA DELETION PROCESS */
$updateRecordID = $dbs->escape_string(trim($_POST['updateRecordID']));
// update the data
$update = $sql_op->update('mst_language', $data, 'language_id=\'' . $updateRecordID . '\'');
if ($update) {
utility::jsAlert(__('Language Data Successfully Updated'));
// update language ID in biblio table to keep data integrity
$sql_op->update('biblio', array('language_id' => $data['language_id']), 'language_id=\'' . $updateRecordID . '\'');
echo '<script type="text/javascript">parent.setContent(\'mainContent\', parent.getPreviousAJAXurl(), \'post\');</script>';
} else {
utility::jsAlert(__('Language Data FAILED to Updated. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
$insert = $sql_op->insert('mst_language', $data);
if ($insert) {
utility::jsAlert(__('New Language Data Successfully Saved'));
echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '\', \'post\');</script>';
} else {
utility::jsAlert(__('Language Data FAILED to Save. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
}
}
exit;
} else {
if (isset($_POST['itemID']) and !empty($_POST['itemID']) and isset($_POST['itemAction'])) {
if (!($can_read and $can_write)) {
die;
}
unset($data['input_date']);
// filter update record ID
$updateRecordID = (int) $_POST['updateRecordID'];
// update the data
$update = $sql_op->update('mst_supplier', $data, 'supplier_id=' . $updateRecordID);
if ($update) {
utility::jsAlert(__('Supplier Data Successfully Updated'));
echo '<script type="text/javascript">parent.setContent(\'mainContent\', parent.getPreviousAJAXurl(), \'post\');</script>';
} else {
utility::jsAlert(__('Supplier Data FAILED to Updated. Please Contact System Administrator') . "\nDEBUG : " . $error);
}
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
$insert = $sql_op->insert('mst_supplier', $data);
if ($insert) {
utility::jsAlert(__('New Supplier Data Successfully Saved'));
echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '\', \'post\');</script>';
} else {
utility::jsAlert(__('Supplier Data FAILED to Save. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
}
}
exit;
} else {
if (isset($_POST['itemID']) and !empty($_POST['itemID']) and isset($_POST['itemAction'])) {
if (!($can_read and $can_write)) {
die;
}
if (isset($_POST['authorID']) and !empty($_POST['authorID'])) {
$data['author_id'] = $_POST['authorID'];
} else {
if ($author_name and empty($_POST['authorID'])) {
// check author
$author_id = checkAuthor($author_name, $_POST['type']);
if ($author_id !== false) {
$data['author_id'] = $author_id;
} else {
// adding new author
$author_data['author_name'] = $author_name;
$author_data['authority_type'] = $_POST['type'];
$author_data['input_date'] = date('Y-m-d');
$author_data['last_update'] = date('Y-m-d');
// insert new author to author master table
@$sql_op->insert('mst_author', $author_data);
$data['author_id'] = $sql_op->insert_id;
}
}
}
$data['level'] = intval($_POST['level']);
if ($sql_op->insert('biblio_author', $data)) {
echo '<script type="text/javascript">';
echo 'alert(\'' . __('Author succesfully updated!') . '\');';
echo 'parent.setIframeContent(\'authorIframe\', \'' . MODULES_WEB_ROOT_DIR . 'bibliography/iframe_author.php?biblioID=' . $data['biblio_id'] . '\');';
echo '</script>';
} else {
utility::jsAlert(__('Author FAILED to Add. Please Contact System Administrator') . "\n" . $sql_op->error);
}
} else {
if (isset($_POST['authorID']) and !empty($_POST['authorID'])) {
utility::jsAlert(__('Item Data Successfully Updated'));
}
if ($in_pop_up) {
echo '<script type="text/javascript">top.setIframeContent(\'itemIframe\', \'' . MODULES_WEB_ROOT_DIR . 'bibliography/iframe_item_list.php?biblioID=' . $data['biblio_id'] . '\');</script>';
echo '<script type="text/javascript">top.closeHTMLpop();</script>';
} else {
echo '<script type="text/javascript">parent.$(\'#mainContent\').simbioAJAX(parent.jQuery.ajaxHistory[0].url);</script>';
}
} else {
utility::jsAlert(__('Item Data FAILED to Save. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
$insert = $sql_op->insert('item', $data);
if ($insert) {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' insert item data (' . $data['item_code'] . ') with title (' . $title . ')');
utility::jsAlert(__('New Item Data Successfully Saved'));
if ($in_pop_up) {
echo '<script type="text/javascript">top.setIframeContent(\'itemIframe\', \'' . MODULES_WEB_ROOT_DIR . 'bibliography/iframe_item_list.php?biblioID=' . $data['biblio_id'] . '\');</script>';
echo '<script type="text/javascript">top.closeHTMLpop();</script>';
} else {
echo '<script type="text/javascript">parent.$(\'#mainContent\').simbioAJAX(\'' . $_SERVER['PHP_SELF'] . '\');</script>';
}
} else {
utility::jsAlert(__('Item Data FAILED to Save. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
}
$stk_q = $dbs->query('SELECT * FROM stock_take WHERE is_active=1');
if ($stk_q->num_rows) {
echo '<div class="errorBox">' . __('There is already stock taking proccess running!') . '</div>';
} else {
// add new stock take
if (isset($_POST['saveData']) and empty($_POST['name'])) {
utility::jsAlert(__('Stock Take Name must be filled!'));
exit;
} else {
if (isset($_POST['saveData']) and !empty($_POST['name'])) {
$data['stock_take_name'] = trim($dbs->escape_string(strip_tags($_POST['name'])));
$data['start_date'] = date('Y-m-d H:i:s');
$data['init_user'] = $_SESSION['realname'];
$data['is_active'] = 1;
$sql_op = new simbio_dbop($dbs);
if ($sql_op->insert('stock_take', $data)) {
// get latest stock take id
$stock_take_id = $sql_op->insert_id;
// criteria
$criteria = ' WHERE item_id IS NOT NULL ';
// gmd
if ($_POST['gmdID'] != '0') {
$criteria .= ' AND b.gmd_id=' . intval($_POST['gmdID']) . ' ';
}
// collection type
if ($_POST['collTypeID'] != '0') {
$criteria .= ' AND i.coll_type_id=\'' . intval($_POST['collTypeID']) . '\' ';
}
// location
if ($_POST['location'] != '0') {
$criteria .= ' AND i.location_id=\'' . $dbs->escape_string($_POST['location']) . '\' ';
// update the data
$update = $sql_op->update('mst_member_type', $data, 'member_type_id=' . $updateRecordID);
if ($update) {
utility::jsAlert(__('Member Type Successfully Updated'));
// update all member expire date
@$dbs->query('UPDATE member AS m SET expire_date=DATE_ADD(register_date,INTERVAL ' . $data['member_periode'] . ' DAY)
WHERE member_type_id=' . $updateRecordID);
echo '<script type="text/javascript">parent.$(\'#mainContent\').simbioAJAX(\'' . $_SERVER['PHP_SELF'] . '\');</script>';
} else {
utility::jsAlert(__('Member Type Data FAILED to Save/Update. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
if ($sql_op->insert('mst_member_type', $data)) {
utility::jsAlert(__('New Member Type Successfully Saved'));
echo '<script type="text/javascript">parent.$(\'#mainContent\').simbioAJAX(\'' . $_SERVER['PHP_SELF'] . '\');</script>';
} else {
utility::jsAlert(__('Member Type Data FAILED to Save/Update. Please Contact System Administrator') . "\n" . $sql_op->error);
}
exit;
}
}
exit;
} else {
if (isset($_POST['itemID']) and !empty($_POST['itemID']) and isset($_POST['itemAction'])) {
if (!($can_read and $can_write)) {
die;
}
/* DATA DELETION PROCESS */
// filter update record ID
$updateRecordID = (int) $_POST['updateRecordID'];
// update the data
$update = $sql_op->update('serial', $data, 'serial_id=' . $updateRecordID);
if ($update) {
utility::jsAlert(__('Subscription Data Successfully Updated'));
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'serial_control', $_SESSION['realname'] . ' update subcription(' . $updateRecordID . ') ' . $period);
} else {
utility::jsAlert(__('Subscription Data FAILED to Updated. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
echo '<script type="text/javascript">self.location.href = \'' . MODULES_WEB_ROOT_DIR . 'serial_control/subscription.php?biblioID=' . $biblioID . '\';</script>';
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
$insert = $sql_op->insert('serial', $data);
$serial_id = $sql_op->insert_id;
if ($insert) {
$exemplar = (int) $_POST['exemplar'];
// generate kardex entry
$serial = new serial($dbs, $serial_id);
$serial->generateKardexes($exemplar, true);
// alert
utility::jsAlert(__('New Subscription Data Successfully Saved'));
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'serial_control', $_SESSION['realname'] . ' add new subcription(' . $sql_op->insert_id . ') ' . $period);
} else {
utility::jsAlert(__('Subscription Data FAILED to Save. Please Contact System Administrator') . "\n" . $sql_op->error);
}
echo '<script type="text/javascript">self.location.href = \'' . MODULES_WEB_ROOT_DIR . 'serial_control/subscription.php?biblioID=' . $biblioID . '\';</script>';
exit;
}
$data['related_topic_id'] = $_POST['topicID'];
} else {
if ($search_str and empty($_POST['topicID'])) {
// check subject
$subject_id = checkSubject($search_str);
if ($subject_id !== false) {
$data['related_topic_id'] = $subject_id;
} else {
// adding new topic
$topic_data['topic'] = $search_str;
$topic_data['classification'] = $_POST['topicClass'];
$topic_data['topic_type'] = 't';
$topic_data['input_date'] = date('Y-m-d');
$topic_data['last_update'] = date('Y-m-d');
// insert new topic to topic master table
$sql_op->insert('mst_topic', $topic_data);
// put last inserted ID
$data['related_topic_id'] = $sql_op->insert_id;
}
}
}
// data secondary vocabulary
$_data['topic_id'] = $data['related_topic_id'];
$_data['vocabolary_id'] = '';
$_data['related_topic_id'] = $itemID;
$_data['rt_id'] = false;
if ($relatedterm === 'U') {
$_data['rt_id'] = 'UF';
}
if ($relatedterm === 'UF') {
$_data['rt_id'] = 'U';
unset($data['input_date']);
// filter update record ID
$updateRecordID = $dbs->escape_string(trim($_POST['updateRecordID']));
// update the data
$update = $sql_op->update('mst_frequency', $data, 'frequency_id=' . $updateRecordID);
if ($update) {
utility::jsAlert(__('Frequency Data Successfully Updated'));
echo '<script type="text/javascript">parent.jQuery(\'#mainContent\').simbioAJAX(parent.jQuery.ajaxHistory[0].url);</script>';
} else {
utility::jsAlert(__('Frequency Data FAILED to Updated. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
if ($sql_op->insert('mst_frequency', $data)) {
utility::jsAlert(__('New Frequency Data Successfully Saved'));
echo '<script type="text/javascript">parent.jQuery(\'#mainContent\').simbioAJAX(\'' . $_SERVER['PHP_SELF'] . '\');</script>';
} else {
utility::jsAlert(__('Frequency Data FAILED to Save. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
}
}
exit;
} else {
if (isset($_POST['itemID']) and !empty($_POST['itemID']) and isset($_POST['itemAction'])) {
if (!($can_read and $can_write)) {
die;
}
/* DATA DELETION PROCESS */
/**
* LDAP/Active directory login
*
* @return boolean
*/
protected function ldapLogin() {
global $ldap_configs;
if (!function_exists('ldap_connect')) {
$this->errors = 'LDAP library is not installed yet!';
return false;
}
// connect to Directory Server
$_ds = $ldap_configs['ldap_port']?ldap_connect($ldap_configs['ldap_server'], $ldap_configs['ldap_port']):ldap_connect($ldap_configs['ldap_server']);
// check LDAP options
if ($ldap_configs['ldap_options']) {
foreach ($ldap_configs['ldap_options'] as $_opt) {
@ldap_set_option($_ds, $_opt[0], $_opt[1]);
}
}
// LDAP Connection check
if (!$_ds) {
$this->errors = 'Failed to connect to LDAP server';
return false;
}
// LDAP binding
// for Active Directory Server login active line below
// $_bind = ldap_bind($_ds, ( $ldap_configs['ldap_suffix']?$this->username.'@'.$ldap_configs['ldap_suffix']:$this->username ), $this->password);
$_bind = @ldap_bind($_ds,
str_ireplace('#loginUserName', $this->username, $ldap_configs['ldap_bind_dn']),
$this->password);
if (!$_bind) {
$this->errors = 'Failed to bind to directory server!';
return false;
}
$_filter = str_ireplace('#loginUserName', $this->username, $ldap_configs['ldap_search_filter']);
// run query
$_search = @ldap_search($_ds, $ldap_configs['ldap_base_dn'], $_filter);
if (!$_search) {
$this->errors = 'LDAP search failed because of error!';
return false;
}
// get query entry
$_entries = @ldap_get_entries($_ds, $_search);
if ($_entries) {
$this->user_info['member_id'] = $_entries[0]['uid'][0];
// check member in database
$_check_q = $this->obj_db->query('SELECT m.member_id, m.member_name, m.inst_name,
m.member_email, m.expire_date, m.register_date, m.is_pending,
m.member_type_id, mt.member_type_name
FROM member AS m LEFT JOIN mst_member_type AS mt ON m.member_type_id=mt.member_type_id
WHERE m.member_id=\''.$this->user_info['member_id'].'\'');
if ($_check_q->num_rows < 1) {
$_curr_date = date('Y-m-d H:i:s');
// insert member data to database
$this->user_info['member_id'] = $_entries[0]['uid'][0];
$this->user_info['member_name'] = $_entries[0]['cn'][0];
$this->user_info['gender'] = '1';
$this->user_info['inst_name'] = 'New registered member';
$this->user_info['member_email'] = $_entries[0]['mail'][0];
$this->user_info['expire_date'] = '0000-00-00';
$this->user_info['register_date'] = '0000-00-00';
$this->user_info['is_pending'] = '1';
$this->user_info['member_type_id'] = '1';
$this->user_info['input_date'] = $_curr_date;
$this->user_info['last_update'] = $_curr_date;
// include database operation library
require_once SIMBIO_BASE_DIR.'simbio_DB/simbio_dbop.inc.php';
$_dbop = new simbio_dbop($this->obj_db);
$_insert = $_dbop->insert('member', $this->user_info);
if (!$_insert) {
$this->errors = 'Member insertion error because of: '.$_dbop->error;
}
$this->user_info['member_type_name'] = 'None';
} else {
$this->user_info = $_check_q->fetch_assoc();
}
} else {
$this->errors = 'LDAP Record not found!';
return false;
}
// closing connection
ldap_close($_ds);
return true;
}
unset($data['input_date']);
// filter update record ID
$updateRecordID = (int) $_POST['updateRecordID'];
// update the data
$update = $sql_op->update('mst_place', $data, 'place_id=' . $updateRecordID);
if ($update) {
utility::jsAlert(__('Place Data Successfully Updated'));
echo '<script type="text/javascript">parent.jQuery(\'#mainContent\').simbioAJAX(parent.jQuery.ajaxHistory[0].url);</script>';
} else {
utility::jsAlert(__('Place Data FAILED to Updated. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
$insert = $sql_op->insert('mst_place', $data);
if ($insert) {
utility::jsAlert(__('New Place Data Successfully Saved'));
echo '<script type="text/javascript">parent.jQuery(\'#mainContent\').simbioAJAX(\'' . $_SERVER['PHP_SELF'] . '\');</script>';
} else {
utility::jsAlert(__('Place Data FAILED to Save. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
}
}
exit;
} else {
if (isset($_POST['itemID']) and !empty($_POST['itemID']) and isset($_POST['itemAction'])) {
if (!($can_read and $can_write)) {
die;
}
if (!empty($_POST['topicID'])) {
$data['topic_id'] = $_POST['topicID'];
} else {
if ($subject and empty($_POST['topicID'])) {
// check subject
$subject_id = checkSubject($subject);
if ($subject_id !== false) {
$data['topic_id'] = $subject_id;
} else {
// adding new topic
$topic_data['topic'] = $subject;
$topic_data['topic_type'] = $_POST['type'];
$topic_data['input_date'] = date('Y-m-d');
$topic_data['last_update'] = date('Y-m-d');
// insert new topic to topic master table
$sql_op->insert('mst_topic', $topic_data);
// put last inserted ID
$data['topic_id'] = $sql_op->insert_id;
}
}
}
$data['level'] = intval($_POST['level']);
if ($sql_op->insert('biblio_topic', $data)) {
echo '<script type="text/javascript">';
echo 'alert(\'Topic succesfully updated!\');';
echo 'opener.setIframeContent(\'topicIframe\', \'' . MODULES_WEB_ROOT_DIR . 'bibliography/iframe_topic.php?biblioID=' . $data['biblio_id'] . '\');';
echo '</script>';
} else {
utility::jsAlert(lang_mod_biblio_topic_added_fail . "\n" . $sql_op->error);
}
} else {
unset($data['input_date']);
// filter update record ID
$updateRecordID = (int) $_POST['updateRecordID'];
// update the data
$update = $sql_op->update('mst_author', $data, 'author_id=' . $updateRecordID);
if ($update) {
utility::jsAlert(lang_mod_masterfile_author_alert_update_ok);
echo '<script type="text/javascript">parent.setContent(\'mainContent\', parent.getPreviousAJAXurl(), \'post\');</script>';
} else {
utility::jsAlert(lang_mod_masterfile_author_alert_update_fail . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
$insert = $sql_op->insert('mst_author', $data);
if ($insert) {
utility::jsAlert(lang_mod_masterfile_author_alert_new_add_ok);
echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '\', \'post\');</script>';
} else {
utility::jsAlert(lang_mod_masterfile_author_alert_add_fail . "\nDEBUG : " . $sql_op->error);
}
exit;
}
}
exit;
} else {
if (isset($_POST['itemID']) and !empty($_POST['itemID']) and isset($_POST['itemAction'])) {
if (!($can_read and $can_write)) {
die;
}
// privileges checking
$can_read = utility::havePrivilege('master_file', 'r');
$can_write = utility::havePrivilege('master_file', 'w');
// GET ID FROM URL
$itemID = (int) isset($_GET['itemID']) ? $_GET['itemID'] : 0;
if (isset($_POST['save'])) {
$data['topic_id'] = (int) $_POST['topic_id'];
$data['scope'] = trim($dbs->escape_string(strip_tags($_POST['scope'])));
# create new sql op object
$sql_op = new simbio_dbop($dbs);
if (!empty($_POST['vocabolary_id'])) {
// do update
$save = $sql_op->update('mst_voc_ctrl', $data, 'vocabolary_id=' . $_POST['vocabolary_id']);
} else {
// insert
$save = $sql_op->insert('mst_voc_ctrl', $data);
}
if (isset($_POST['delete'])) {
# create new sql op object
$save = $sql_op->delete('mst_voc_ctrl', 'vocabolary_id=' . $_POST['vocabolary_id']);
}
if ($save) {
$alert_save = '<script type="text/javascript">';
$alert_save .= 'alert(\'' . __('Data saved!') . '\');';
$alert_save .= 'parent.setIframeContent(\'itemIframe\', \'' . MWB . 'master_file/iframe_vocabolary_control.php?itemID=' . $data['topic_id'] . '\');';
$alert_save .= 'top.jQuery.colorbox.close();';
$alert_save .= '</script>';
echo $alert_save;
} else {
utility::jsAlert('Failed save data!');
}
// filter update record ID
$updateRecordID = (int) $_POST['updateRecordID'];
// update data
$update = $sql_op->update('biblio', $data, 'biblio_id=' . $updateRecordID);
// send an alert
if ($update) {
// update custom data
if (isset($custom_data)) {
// check if custom data for this record exists
$_sql_check_custom_q = sprintf('SELECT biblio_id FROM biblio_custom WHERE biblio_id=%d', $updateRecordID);
$check_custom_q = $dbs->query($_sql_check_custom_q);
if ($check_custom_q->num_rows) {
$update2 = @$sql_op->update('biblio_custom', $custom_data, 'biblio_id=' . $updateRecordID);
} else {
$custom_data['biblio_id'] = $updateRecordID;
@$sql_op->insert('biblio_custom', $custom_data);
}
}
if ($sysconf['bibliography_update_notification']) {
utility::jsAlert(__('Bibliography Data Successfully Updated'));
}
// auto insert catalog to UCS if enabled
if ($sysconf['ucs']['enable']) {
echo '<script type="text/javascript">parent.ucsUpload(\'' . MODULES_WEB_ROOT_DIR . 'bibliography/ucs_upload.php\', \'itemID[]=' . $updateRecordID . '\', false);</script>';
}
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' update bibliographic data (' . $data['title'] . ') with biblio_id (' . $_POST['itemID'] . ')');
// close window OR redirect main page
if ($in_pop_up) {
$itemCollID = (int) $_POST['itemCollID'];
echo '<script type="text/javascript">top.$(\'#mainContent\').simbioAJAX(parent.jQuery.ajaxHistory[0].url, {method: \'post\', addData: \'' . ($itemCollID ? 'itemID=' . $itemCollID . '&detail=true' : '') . '\'});</script>';
/* UPDATE RECORD MODE */
// remove input date
unset($data['input_date']);
// filter update record ID
$updateRecordID = (int) $_POST['updateRecordID'];
// update the data
$update = $sql_op->update('fines', $data, 'fines_id=' . $updateRecordID);
if ($update) {
utility::jsAlert(__('Fines Data Successfully Updated'));
} else {
utility::jsAlert(__('Fines Data FAILED to Updated. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
} else {
/* INSERT RECORD MODE */
// insert the data
$insert = $sql_op->insert('fines', $data);
if ($insert) {
utility::jsAlert(__('New Fines Data Successfully Saved'));
} else {
utility::jsAlert(__('Fines Data FAILED to Save. Please Contact System Administrator') . "\n" . $sql_op->error);
}
}
}
}
} else {
if ($_SESSION['uid'] == 1 && isset($_POST['itemID']) && !empty($_POST['itemID']) && isset($_POST['itemAction'])) {
// only admin can delete
if (!($can_read and $can_write)) {
die;
}
/* DATA DELETION PROCESS */
$updateRecordID = $dbs->escape_string(trim($_POST['updateRecordID']));
// update the data
$update = $sql_op->update('mst_item_status', $data, 'item_status_id=\'' . $updateRecordID . '\'');
if ($update) {
utility::jsAlert(__('Item Status Data Successfully Updated'));
// update item status ID in item table to keep data integrity
$sql_op->update('item', array('item_status_id' => $data['item_status_id']), 'item_status_id=\'' . $updateRecordID . '\'');
echo '<script type="text/javascript">parent.setContent(\'mainContent\', parent.getPreviousAJAXurl(), \'post\');</script>';
} else {
utility::jsAlert(__('Item Status Data FAILED to Updated. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
$insert = $sql_op->insert('mst_item_status', $data);
if ($insert) {
utility::jsAlert(__('New Item Status Data Successfully Saved'));
echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '\', \'post\');</script>';
} else {
utility::jsAlert(__('Item Status Data FAILED to Save. Please Contact System Administrator') . "\n" . $sql_op->error);
}
exit;
}
}
exit;
} else {
if (isset($_POST['itemID']) and !empty($_POST['itemID']) and isset($_POST['itemAction'])) {
if (!($can_read and $can_write)) {
die;
}
$updateRecordID = (int) $_POST['updateRecordID'];
// update the data
$update = $sql_op->update('user', $data, 'user_id=' . $updateRecordID);
if ($update) {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' update user data (' . $data['realname'] . ') with username (' . $data['username'] . ')');
utility::jsAlert(__('User Data Successfully Updated'));
echo '<script type="text/javascript">parent.setContent(\'mainContent\', parent.getPreviousAJAXurl(), \'post\');</script>';
} else {
utility::jsAlert(__('User Data FAILED to Updated. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
if ($sql_op->insert('user', $data)) {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' add new user (' . $data['realname'] . ') with username (' . $data['username'] . ')');
utility::jsAlert(__('New User Data Successfully Saved'));
echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '\', \'post\');</script>';
} else {
utility::jsAlert(__('User Data FAILED to Save. Please Contact System Administrator') . "\n" . $sql_op->error);
}
exit;
}
}
}
}
exit;
} else {
if (isset($_POST['itemID']) and !empty($_POST['itemID']) and isset($_POST['itemAction'])) {
unset($biblio['manuscript']);
unset($biblio['collection']);
unset($biblio['resource_type']);
unset($biblio['genre_authority']);
unset($biblio['genre']);
unset($biblio['issuance']);
unset($biblio['location']);
unset($biblio['id']);
unset($biblio['create_date']);
unset($biblio['modified_date']);
unset($biblio['origin']);
// fot debugging purpose
// var_dump($biblio);
// die();
// insert biblio data
$sql_op->insert('biblio', $biblio);
echo '<p>' . $sql_op->error . '</p><p> </p>';
$biblio_id = $sql_op->insert_id;
if ($biblio_id < 1) {
continue;
}
// insert authors
if ($authors) {
$author_id = 0;
foreach ($authors as $author) {
$author_id = getAuthorID($author['name'], strtolower(substr($author['author_type'], 0, 1)), $author_cache);
@$dbs->query("INSERT IGNORE INTO biblio_author (biblio_id, author_id, level) VALUES ({$biblio_id}, {$author_id}, " . $author['level'] . ")");
}
}
// insert subject/topical terms
if ($subjects) {
$updateRecordID = (int) $_POST['updateRecordID'];
// update the data
$update = $sql_op->update('mst_module', $data, 'module_id=' . $updateRecordID);
if ($update) {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' update module data (' . $moduleName . ') with path (' . $modulePath . ')');
utility::jsAlert(__('Module Data Successfully Updated'));
echo '<script type="text/javascript">parent.setContent(\'mainContent\', parent.getPreviousAJAXurl(), \'post\');</script>';
} else {
utility::jsAlert(__('Module Data FAILED to Updated. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
if ($sql_op->insert('mst_module', $data)) {
// insert module privileges for administrator
$module_id = $sql_op->insert_id;
$dbs->query('INSERT INTO group_access VALUES (1, ' . $module_id . ', 1, 1)');
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' add new module (' . $moduleName . ') with path (' . $modulePath . ')');
utility::jsAlert(__('New Module Data Successfully Saved'));
echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '\', \'post\');</script>';
} else {
utility::jsAlert(__('Module Data FAILED to Save. Please Contact System Administrator') . "\n" . $sql_op->error);
}
exit;
}
}
exit;
} else {
unset($data['input_date']);
// filter update record ID
$updateRecordID = (int) $_POST['updateRecordID'];
// update the data
$update = $sql_op->update('mst_topic', $data, 'topic_id=' . $updateRecordID);
if ($update) {
utility::jsAlert(__('Subject Data Successfully Updated'));
echo '<script type="text/javascript">parent.jQuery(\'#mainContent\').simbioAJAX(parent.jQuery.ajaxHistory[0].url);</script>';
} else {
utility::jsAlert(__('Subject Data FAILED to Updated. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
$insert = $sql_op->insert('mst_topic', $data);
if ($insert) {
utility::jsAlert(__('New Subject Data Successfully Saved'));
echo '<script type="text/javascript">parent.jQuery(\'#mainContent\').simbioAJAX(\'' . $_SERVER['PHP_SELF'] . '\');</script>';
} else {
utility::jsAlert(__('Subject Data FAILED to Save. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
}
}
exit;
} else {
if (isset($_POST['itemID']) and !empty($_POST['itemID']) and isset($_POST['itemAction'])) {
if (!($can_read and $can_write)) {
die;
}
/* UPDATE RECORD MODE */
// filter update record ID
$updateRecordID = (int) $_POST['updateRecordID'];
if ($sql_op->update('holiday', $data, 'holiday_id=' . $updateRecordID)) {
utility::jsAlert(__('Holiday Data Successfully updated'));
// update holiday_dayname session
$_SESSION['holiday_date'][$data['holiday_date']] = $data['holiday_date'];
echo '<script type="text/javascript">parent.$(\'#mainContent\').simbioAJAX(parent.$.ajaxHistory[0].url);</script>';
exit;
} else {
utility::jsAlert(__('Holiday FAILED to update. Please Contact System Administrator') . "\n" . $sql_op->error);
}
} else {
/* INSERT RECORD MODE */
// insert the data
if ($sql_op->insert('holiday', $data)) {
utility::jsAlert(__('New Holiday Successfully Saved'));
// update holiday_dayname session
$_SESSION['holiday_date'][$data['holiday_date']] = $data['holiday_date'];
// date range insert
if (isset($_POST['holDateEnd'])) {
$holiday_end_date = trim(preg_replace('@\\s[0-9]{2}:[0-9]{2}:[0-9]{2}$@i', '', $_POST['holDateEnd']));
// check if holiday end date is more than holiday start date
if (simbio_date::compareDates($holiday_start_date, $holiday_end_date) == $holiday_end_date) {
$guard = 365;
$d = 1;
while ($holiday_start_date != $holiday_end_date) {
if ($d == $guard) {
break;
}
$holiday_start_date = simbio_date::getNextDate(1, $holiday_start_date);
unset($data['input_date']);
// filter update record ID
$updateRecordID = $dbs->escape_string(trim($_POST['updateRecordID']));
// update the data
$update = $sql_op->update('mst_gmd', $data, 'gmd_id=' . $updateRecordID);
if ($update) {
utility::jsAlert(__('GMD Data Successfully Updated'));
echo '<script type="text/javascript">parent.jQuery(\'#mainContent\').simbioAJAX(parent.jQuery.ajaxHistory[0].url);</script>';
} else {
utility::jsAlert(__('GMD Data FAILED to Updated. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
} else {
/* INSERT RECORD MODE */
// insert the data
if ($sql_op->insert('mst_gmd', $data)) {
utility::jsAlert(__('New GMD Data Successfully Saved'));
echo '<script type="text/javascript">parent.jQuery(\'#mainContent\').simbioAJAX(\'' . $_SERVER['PHP_SELF'] . '\');</script>';
} else {
utility::jsAlert(__('GMD Data FAILED to Save. Please Contact System Administrator') . "\nDEBUG : " . $sql_op->error);
}
exit;
}
}
exit;
} else {
if (isset($_POST['itemID']) and !empty($_POST['itemID']) and isset($_POST['itemAction'])) {
if (!($can_read and $can_write)) {
die;
}
/* DATA DELETION PROCESS */
/**
* Finish loan transaction session
* @return void
**/
public function finishLoanSession()
{
// receipt
if (isset($_SESSION['receipt_record'])) {
$_SESSION['receipt_record']['memberID'] = $this->member_id;
$_SESSION['receipt_record']['memberName'] = $this->member_name;
$_SESSION['receipt_record']['memberType'] = $this->member_type_name;
$_SESSION['receipt_record']['date'] = date('Y-m-d H:i:s');
}
if (count($_SESSION['temp_loan']) > 0) {
$error_num = 0;
foreach ($_SESSION['temp_loan'] as $loan_item) {
// insert loan data to database
if ($loan_item['loan_rules_id']) {
$data['loan_rules_id'] = $loan_item['loan_rules_id'];
} else {
$data['loan_rules_id'] = 'literal{0}';
}
$data['item_code'] = $loan_item['item_code'];
$data['member_id'] = $this->member_id;
$data['loan_date'] = $loan_item['loan_date'];
$data['due_date'] = $loan_item['due_date'];
$data['renewed'] = 'literal{0}';
$data['is_lent'] = 1;
$data['is_return'] = 'literal{0}';
$sql_op = new simbio_dbop($this->obj_db);
if (!$sql_op->insert('loan', $data)) {
$error_num++;
} else {
if (isset($_SESSION['receipt_record'])) {
// get title
$_title_q = $this->obj_db->query('SELECT title FROM biblio AS b INNER JOIN item AS i ON b.biblio_id=i.biblio_id WHERE i.item_code=\'' . $data['item_code'] . '\'');
$_title_d = $_title_q->fetch_row();
$_title = $_title_d[0];
// add to receipt
$_SESSION['receipt_record']['loan'][] = array('itemCode' => $data['item_code'], 'title' => $_title, 'loanDate' => $data['loan_date'], 'dueDate' => $data['due_date']);
}
// remove any reservation related to this items
@$this->obj_db->query('DELETE FROM reserve WHERE member_id=\'' . $this->member_id . '\' AND item_code=\'' . $data['item_code'] . '\'');
}
}
// clean all circulation sessions
$_SESSION['temp_loan'] = array();
$_SESSION['reborrowed'] = array();
unset($_SESSION['memberID']);
// return the status
if ($error_num) {
return TRANS_FLUSH_ERROR;
} else {
return TRANS_FLUSH_SUCCESS;
}
} else {
// clean all circulation sessions
$_SESSION['temp_loan'] = array();
$_SESSION['reborrowed'] = array();
unset($_SESSION['memberID']);
}
}