function display()
{
extract($_REQUEST);
$fields = array();
$fields["search"] = "";
$fields["type_id"] = 0;
$fields["from_year"] = date("Y");
$fields["from_month"] = date("m");
$fields["from_day"] = date("d");
$fields["to_year"] = date("Y");
$fields["to_month"] = date("m");
$fields["to_day"] = date("t");
extract($fields, EXTR_SKIP);
if ($type_id) {
$type_sql = "AND assets.type_id='{$type_id}'";
} else {
$type_sql = "";
}
$sql = "SELECT qty, des, serial, customers.cusnum, customers.cusname,\r\n\t\t\t\tcustomers.surname, to_date, invnum, hire_invitems.invid,\r\n\t\t\t\thire_invitems.id, done, printed, grpname, name\r\n\t\t\t\tFROM hire.hire_invitems\r\n\t\t\t\t\tLEFT JOIN cubit.assets\r\n\t\t\t\t\t\tON hire_invitems.asset_id = assets.id\r\n\t\t\t\t\tLEFT JOIN hire.hire_invoices\r\n\t\t\t\t\t\tON hire_invitems.invid = hire_invoices.invid\r\n\t\t\t\t\tLEFT JOIN cubit.customers\r\n\t\t\t\t\t\tON hire_invoices.cusnum = customers.cusnum\r\n\t\t\t\t\tLEFT JOIN cubit.assetgrp\r\n\t\t\t\t\t\tON assets.grpid=assetgrp.grpid\r\n\t\t\t\t\tLEFT JOIN cubit.asset_types\r\n\t\t\t\t\t\tON assets.type_id=asset_types.id\r\n\t\t\t\tWHERE done='y' {$type_sql} AND remaction IS NULL AND\r\n\t\t\t\t\tprinted='y' AND (cast(qty as text) ILIKE '%{$search}%' OR\r\n\t\t\t\t\tserial ILIKE '%{$search}%' OR\r\n\t\t\t\t\tcustomers.cusname ILIKE '{$search}%' OR\r\n\t\t\t\t\tcustomers.surname ILIKE '{$search}%' OR\r\n\t\t\t\t\tcast(to_date as text) ILIKE '%{$search}%' OR\r\n\t\t\t\t\tcast(invnum as text) ILIKE '%{$search}%'\r\n\t\t\t\t\tOR grpname ILIKE '%{$search}%' OR name ILIKE '%{$search}%')\r\n\t\t\t\tORDER BY des ASC";
$asset_rslt = db_exec($sql) or errDie("Unable to retrieve assets.");
$sql = "SELECT id, name FROM cubit.asset_types";
$type_rslt = db_exec($sql) or errDie("Unable to retrieve asset types.");
$type_sel = "<select name='type_id' onchange='javascript:document.form.submit()'\r\n\t\t\t\t style='width: 100%'>";
$type_sel .= "<option value='0'>[All]</option>";
while ($type_data = pg_fetch_array($type_rslt)) {
if ($type_data["id"] == $type_id) {
$sel = "selected='t'";
} else {
$sel = "";
}
$type_sel .= "\r\n\t\t<option value='{$type_data['id']}' {$sel}>\r\n\t\t\t{$type_data['name']}\r\n\t\t</option>";
}
$type_sel .= "</select>";
$hired_out = "";
while ($asset_data = pg_fetch_array($asset_rslt)) {
$hired_out .= "<tr class='" . bg_class() . "'>\r\n\t\t\t<td align='center'>\r\n\t\t\t\t<a href='javascript:popupOpen" . "(\"hire-invoice-new.php?invid={$asset_data['invid']}\")'>\r\n\t\t\t\t\tH" . getHirenum($asset_data["invid"], 1) . "\r\n\t\t\t\t</a>\r\n\t\t\t</td>\r\n\t\t\t<td>{$asset_data['grpname']}</td>\r\n\t\t\t<td>{$asset_data['name']}</td>\r\n\t\t\t<td>{$asset_data['des']}</td>\r\n\t\t\t<td>{$asset_data['serial']}</td>\r\n\t\t\t<td align='center'>{$asset_data['qty']}</td>\r\n\t\t\t<td>{$asset_data['cusname']} {$asset_data['surname']}</td>\r\n\t\t\t<td align='center'>" . returnDate($asset_data["id"]) . "</td>\r\n\t\t</tr>";
}
// Display something atleast, even though we've got no results.
if (empty($hired_out)) {
$hired_out = "<tr class='" . bg_class() . "'>\r\n\t\t\t<td colspan='8'><li>No results found.</li></td>\r\n\t\t</tr>";
}
// Available assets -------------------------------------------------------
$sql = "SELECT grpname, name, des, assets.id, serial2\r\n\t\t\tFROM cubit.assets\r\n\t\t\t\tLEFT JOIN cubit.assetgrp ON assets.grpid=assetgrp.grpid\r\n\t\t\t\tLEFT JOIN cubit.asset_types ON assets.type_id=asset_types.id\r\n\t\t\tWHERE remaction is NULL AND (grpname ILIKE '%{$search}%' OR\r\n\t\t\t\tname ILIKE '%{$search}%' OR des ILIKE '%{$search}%') {$type_sql}\r\n\t\t\tORDER BY des ASC";
$asset_rslt = db_exec($sql) or errDie("Unable to retrieve assets.");
$available_out = "";
while ($asset_data = pg_fetch_array($asset_rslt)) {
if (isHired($asset_data["id"])) {
continue;
}
$available_out .= "\r\n\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t<td>{$asset_data['grpname']}</td>\r\n\t\t\t<td>{$asset_data['name']}</td>\r\n\t\t\t<td>{$asset_data['des']}</td>\r\n\t\t\t<td>" . getSerial($asset_data["id"]) . "</td>\r\n\t\t\t<td>" . getUnits($asset_data["id"]) . "</td>\r\n\t\t</tr>";
}
if (empty($available_out)) {
$available_out = "<tr class='" . bg_class() . "'>\r\n\t\t\t<td colspan='5'><li>No results found.</li></td>\r\n\t\t</tr>";
}
$OUTPUT = "<center>\r\n\t<h3>Asset Report</th>\r\n\t<br /><br />\r\n\t<form method='post' action='" . SELF . "' name='form'>\r\n\t<table " . TMPL_tblDflts . ">\r\n\t\t<tr>\r\n\t\t\t<th colspan='4'>Date Range</th>\r\n\t\t</tr>\r\n\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t<td>" . mkDateSelect("from", $from_year, $from_month, $from_day) . "</td>\r\n\t\t\t<td> <b>To</b> </td>\r\n\t\t\t<td>" . mkDateSelect("to", $to_year, $to_month, $to_day) . "</td>\r\n\t\t\t<td><input type='submit' value='Select' /></td>\r\n\t\t</tr>\r\n\t\t<tr class='" . bg_class() . "'><td colspan='4' align='center'>\r\n\t\t<table " . TMPL_tblDflts . ">\r\n\t\t\t<tr>\r\n\t\t\t\t<th colspan='2'>Search</th>\r\n\t\t\t\t<th>Asset Type</th>\r\n\t\t\t</tr>\r\n\t\t\t<tr>\r\n\t\t\t\t<td><input type='text' name='search' value='{$search}' /></td>\r\n\t\t\t\t<td><input type='submit' value='Search' /></td>\r\n\t\t\t\t<td>{$type_sel}</td>\r\n\t\t\t</tr>\r\n\t\t</table>\r\n\t\t</td></tr>\r\n\t</table>\r\n\t</form>\r\n\t<h3>Hired Out</h3>\r\n\t<table " . TMPL_tblDflts . ">\r\n\t\t<tr>\r\n\t\t\t<th>Hire No</th>\r\n\t\t\t<th>Asset Group</th>\r\n\t\t\t<th>Asset Type</th>\r\n\t\t\t<th>Asset</th>\r\n\t\t\t<th>Serial</th>\r\n\t\t\t<th>Qty</th>\r\n\t\t\t<th>Customer</th>\r\n\t\t\t<th>Expected Return</th>\r\n\t\t</tr>\r\n\t\t{$hired_out}\r\n\t</table>\r\n\t<h3>Available</h3>\r\n\t<table " . TMPL_tblDflts . ">\r\n\t\t<tr>\r\n\t\t\t<th>Asset Group</th>\r\n\t\t\t<th>Asset Type</th>\r\n\t\t\t<th>Asset</th>\r\n\t\t\t<th>Serial</th>\r\n\t\t\t<th>Qty</th>\r\n\t\t</tr>\r\n\t\t{$available_out}\r\n\t</table>";
return $OUTPUT;
}
<?php
session_start();
require_once '../dbaccess.php';
require_once '../functions.php';
getStats();
getUnits();
$unusedPop = $_SESSION['population'] - $_SESSION['explorers'] - $_SESSION['preachers'] - $_SESSION['scientists'] - $_SESSION['workers'] - $_SESSION['warriors'];
if ($_SERVER['REQUEST_METHOD'] = 'post') {
$db = getDB();
$user = $_SESSION['username'];
$explorers = $_POST['explorers'] + $_SESSION['explorers'];
$preachers = $_POST['preachers'] + $_SESSION['preachers'];
$scientists = $_POST['scientists'] + $_SESSION['scientists'];
$workers = $_POST['workers'] + $_SESSION['workers'];
$warriors = $_POST['warriors'] + $_SESSION['warriors'];
$sql = "SELECT id FROM units_l0l WHERE username=?";
$stmt = $db->prepare($sql);
$stmt->bind_param('s', $user);
$stmt->execute();
if ($stmt->fetch()) {
if ($unusedPop >= $_POST['explorers'] + $_POST['preachers'] + $_POST['scientists'] + $_POST['workers'] + $_POST['warriors']) {
$stmt->close();
$sql = "UPDATE units_l0l SET explorers=?, preachers=?, scientists=?, workers=?, warriors=? WHERE username=?";
$stmt = $db->prepare($sql);
$stmt->bind_param('iiiiis', $explorers, $preachers, $scientists, $workers, $warriors, $user);
if (!$stmt->execute()) {
echo "Execute failed: (" . $db->errno . ") " . $db->error;
}
$_SESSION['explorers'] = $explorers;
$_SESSION['preachers'] = $preachers;
function getChannel($id, $sendPermissions = false)
{
global $user, $mysqli;
$len = strlen($id);
$id[$len - 1] = $id[$len - 1] != '/' ? $id[$len - 1] : '';
$path = explode('/', $id);
$id = intval($path[count($path) - 1]);
//Set Jörn's Channel as root
if ($id == 0) {
$id = 1;
}
$userid = $user->userid();
$query = "SELECT id,title,parent,description FROM Channels WHERE id=?";
$stmt = $mysqli->prepare($query);
$stmt->bind_param("i", $id);
$stmt->execute();
$channel = get_result($stmt);
$stmt->fetch();
$stmt->close();
$query = "SELECT Channels.id,Channels.title,Channels.viewIndex,Channels.published,Channels.parent,Channels.description,ThumbnailCache.thumbnail,p.progress\n\t\t\t FROM Channels\n\t\t\t LEFT JOIN ThumbnailCache ON ThumbnailCache.channelId=Channels.id\n\t\t\t LEFT JOIN ChannelProgress p ON p.channelId = Channels.id AND p.userId=?\n\t\t\t WHERE Channels.parent=?" . ($sendPermissions ? "" : " AND published=1") . " ORDER BY Channels.viewIndex";
$stmt = $mysqli->prepare($query);
$stmt->bind_param("ii", $userid, $id);
$stmt->execute();
$stmt->store_result();
$subchannels = array();
$subchannel = get_result($stmt);
while ($stmt->fetch()) {
/*
Where is this informations necessary? Just legacy from old system? Can be large overhead...
if ($sendPermissions) && $user->has_privilege($subchannel['id'], AUTHOR)) {
$subchannel['author'] = true;
}
*/
if ($subchannel['thumbnail'] == null) {
$subchannel['thumbnail'] = getThumbnailRecursiveCache($subchannel['id']);
}
$subchannels[] = $subchannel;
$subchannel = get_result($stmt);
}
$stmt->free_result();
$stmt->close();
$channel['channels'] = $subchannels;
$channel['units'] = getUnits($id);
$channel['path'] = getPath($id);
if ($sendPermissions) {
if ($user->has_privilege($channel['id'], ADMIN)) {
$channel['admin'] = true;
}
if ($user->has_privilege($channel['parent'], AUTHOR)) {
$channel['parentAuthor'] = true;
}
}
//You may want to know in the Channel if User can access the Channel-Editor.
//That's why we send it, even if not the full permissions have been requested.
if ($user->has_privilege($channel['id'], AUTHOR)) {
$channel['author'] = true;
}
return $channel;
}
function unitsAvailable($asset_id, $date)
{
$current_units = getUnits($asset_id);
$booked_units = unitsBooked($asset_id, $date);
$units = $current_units - $booked_units;
return $units;
}
function write()
{
extract($_REQUEST);
require_lib("validate");
$v = new validate();
$v->isOk($asset_id, "num", 1, 9, "Invalid asset id.");
$v->isOk($ex_year, "num", 4, 4, "Invalid expected date (year)");
$v->isOk($ex_month, "num", 1, 2, "Invalid expected date (month)");
$v->isOk($ex_day, "num", 1, 2, "Invalid expected date (day)");
$v->isOk($description, "string", 0, 255, "Invalid description.");
$v->isOk($qty, "num", 1, 9, "Invalid qty.");
if (!isSerialized($asset_id) && $qty <= 0) {
$v->addError(0, "Invalid Quantity.");
}
if (getUnits($asset_id) < $qty) {
$v->addError(0, "Not enough items available.");
}
if ($v->isError()) {
return enter($v->genErrors());
}
$ex_date = dateFmt($ex_year, $ex_month, $ex_day);
$notes = base64_encode($notes);
$sql = "SELECT id, des, serial, serial2 FROM cubit.assets\r\n\t\t\t\tWHERE id='{$asset_id}'";
$asset_rslt = db_exec($sql) or errDie("Unable to retrieve assets.");
$asset_data = pg_fetch_array($asset_rslt);
pglib_transaction("BEGIN");
$sql = "INSERT INTO cubit.workshop (stkcod, description, notes, status,\r\n\t\t\t\tserno, cdate, active, asset_id, e_date, qty)\r\n\t\t\t\tVALUES ('{$asset_data['des']}', '{$description}', '{$notes}', 'Present',\r\n\t\t\t\t\t'{$asset_data['serial']}', CURRENT_DATE, 'true',\r\n\t\t\t\t\t'{$asset_data['id']}', '{$ex_date}', '{$qty}')";
$ws_rslt = db_exec($sql) or errDie("Unable to add workshop item.");
$sql = "UPDATE cubit.assets SET remaction='Workshop' WHERE id='{$asset_data['id']}'";
db_exec($sql) or errDie("Unable to update assets.");
if (!isSerialized($asset_id)) {
$new_qty = $asset_data["serial2"] - $qty;
$sql = "UPDATE cubit.assets SET serial2='{$new_qty}'\r\n\t\t\t\t\tWHERE id='{$asset_data['id']}'";
db_exec($sql) or errDie("Unable to update assets.");
}
pglib_transaction("COMMIT");
$OUTPUT = "<h3>Book Asset to Workshop</h3>\r\n\t<table " . TMPL_tblDflts . ">\r\n\t\t<tr>\r\n\t\t\t<th>Write</th>\r\n\t\t</tr>\r\n\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t<td><li>Successfully booked asset to the workshop.</li></td>\r\n\t\t</tr>\r\n\t</table>";
return $OUTPUT;
}
