function display() { extract($_REQUEST); $fields = array(); $fields["search"] = ""; $fields["type_id"] = 0; $fields["from_year"] = date("Y"); $fields["from_month"] = date("m"); $fields["from_day"] = date("d"); $fields["to_year"] = date("Y"); $fields["to_month"] = date("m"); $fields["to_day"] = date("t"); extract($fields, EXTR_SKIP); if ($type_id) { $type_sql = "AND assets.type_id='{$type_id}'"; } else { $type_sql = ""; } $sql = "SELECT qty, des, serial, customers.cusnum, customers.cusname,\r\n\t\t\t\tcustomers.surname, to_date, invnum, hire_invitems.invid,\r\n\t\t\t\thire_invitems.id, done, printed, grpname, name\r\n\t\t\t\tFROM hire.hire_invitems\r\n\t\t\t\t\tLEFT JOIN cubit.assets\r\n\t\t\t\t\t\tON hire_invitems.asset_id = assets.id\r\n\t\t\t\t\tLEFT JOIN hire.hire_invoices\r\n\t\t\t\t\t\tON hire_invitems.invid = hire_invoices.invid\r\n\t\t\t\t\tLEFT JOIN cubit.customers\r\n\t\t\t\t\t\tON hire_invoices.cusnum = customers.cusnum\r\n\t\t\t\t\tLEFT JOIN cubit.assetgrp\r\n\t\t\t\t\t\tON assets.grpid=assetgrp.grpid\r\n\t\t\t\t\tLEFT JOIN cubit.asset_types\r\n\t\t\t\t\t\tON assets.type_id=asset_types.id\r\n\t\t\t\tWHERE done='y' {$type_sql} AND remaction IS NULL AND\r\n\t\t\t\t\tprinted='y' AND (cast(qty as text) ILIKE '%{$search}%' OR\r\n\t\t\t\t\tserial ILIKE '%{$search}%' OR\r\n\t\t\t\t\tcustomers.cusname ILIKE '{$search}%' OR\r\n\t\t\t\t\tcustomers.surname ILIKE '{$search}%' OR\r\n\t\t\t\t\tcast(to_date as text) ILIKE '%{$search}%' OR\r\n\t\t\t\t\tcast(invnum as text) ILIKE '%{$search}%'\r\n\t\t\t\t\tOR grpname ILIKE '%{$search}%' OR name ILIKE '%{$search}%')\r\n\t\t\t\tORDER BY des ASC"; $asset_rslt = db_exec($sql) or errDie("Unable to retrieve assets."); $sql = "SELECT id, name FROM cubit.asset_types"; $type_rslt = db_exec($sql) or errDie("Unable to retrieve asset types."); $type_sel = "<select name='type_id' onchange='javascript:document.form.submit()'\r\n\t\t\t\t style='width: 100%'>"; $type_sel .= "<option value='0'>[All]</option>"; while ($type_data = pg_fetch_array($type_rslt)) { if ($type_data["id"] == $type_id) { $sel = "selected='t'"; } else { $sel = ""; } $type_sel .= "\r\n\t\t<option value='{$type_data['id']}' {$sel}>\r\n\t\t\t{$type_data['name']}\r\n\t\t</option>"; } $type_sel .= "</select>"; $hired_out = ""; while ($asset_data = pg_fetch_array($asset_rslt)) { $hired_out .= "<tr class='" . bg_class() . "'>\r\n\t\t\t<td align='center'>\r\n\t\t\t\t<a href='javascript:popupOpen" . "(\"hire-invoice-new.php?invid={$asset_data['invid']}\")'>\r\n\t\t\t\t\tH" . getHirenum($asset_data["invid"], 1) . "\r\n\t\t\t\t</a>\r\n\t\t\t</td>\r\n\t\t\t<td>{$asset_data['grpname']}</td>\r\n\t\t\t<td>{$asset_data['name']}</td>\r\n\t\t\t<td>{$asset_data['des']}</td>\r\n\t\t\t<td>{$asset_data['serial']}</td>\r\n\t\t\t<td align='center'>{$asset_data['qty']}</td>\r\n\t\t\t<td>{$asset_data['cusname']} {$asset_data['surname']}</td>\r\n\t\t\t<td align='center'>" . returnDate($asset_data["id"]) . "</td>\r\n\t\t</tr>"; } // Display something atleast, even though we've got no results. if (empty($hired_out)) { $hired_out = "<tr class='" . bg_class() . "'>\r\n\t\t\t<td colspan='8'><li>No results found.</li></td>\r\n\t\t</tr>"; } // Available assets ------------------------------------------------------- $sql = "SELECT grpname, name, des, assets.id, serial2\r\n\t\t\tFROM cubit.assets\r\n\t\t\t\tLEFT JOIN cubit.assetgrp ON assets.grpid=assetgrp.grpid\r\n\t\t\t\tLEFT JOIN cubit.asset_types ON assets.type_id=asset_types.id\r\n\t\t\tWHERE remaction is NULL AND (grpname ILIKE '%{$search}%' OR\r\n\t\t\t\tname ILIKE '%{$search}%' OR des ILIKE '%{$search}%') {$type_sql}\r\n\t\t\tORDER BY des ASC"; $asset_rslt = db_exec($sql) or errDie("Unable to retrieve assets."); $available_out = ""; while ($asset_data = pg_fetch_array($asset_rslt)) { if (isHired($asset_data["id"])) { continue; } $available_out .= "\r\n\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t<td>{$asset_data['grpname']}</td>\r\n\t\t\t<td>{$asset_data['name']}</td>\r\n\t\t\t<td>{$asset_data['des']}</td>\r\n\t\t\t<td>" . getSerial($asset_data["id"]) . "</td>\r\n\t\t\t<td>" . getUnits($asset_data["id"]) . "</td>\r\n\t\t</tr>"; } if (empty($available_out)) { $available_out = "<tr class='" . bg_class() . "'>\r\n\t\t\t<td colspan='5'><li>No results found.</li></td>\r\n\t\t</tr>"; } $OUTPUT = "<center>\r\n\t<h3>Asset Report</th>\r\n\t<br /><br />\r\n\t<form method='post' action='" . SELF . "' name='form'>\r\n\t<table " . TMPL_tblDflts . ">\r\n\t\t<tr>\r\n\t\t\t<th colspan='4'>Date Range</th>\r\n\t\t</tr>\r\n\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t<td>" . mkDateSelect("from", $from_year, $from_month, $from_day) . "</td>\r\n\t\t\t<td> <b>To</b> </td>\r\n\t\t\t<td>" . mkDateSelect("to", $to_year, $to_month, $to_day) . "</td>\r\n\t\t\t<td><input type='submit' value='Select' /></td>\r\n\t\t</tr>\r\n\t\t<tr class='" . bg_class() . "'><td colspan='4' align='center'>\r\n\t\t<table " . TMPL_tblDflts . ">\r\n\t\t\t<tr>\r\n\t\t\t\t<th colspan='2'>Search</th>\r\n\t\t\t\t<th>Asset Type</th>\r\n\t\t\t</tr>\r\n\t\t\t<tr>\r\n\t\t\t\t<td><input type='text' name='search' value='{$search}' /></td>\r\n\t\t\t\t<td><input type='submit' value='Search' /></td>\r\n\t\t\t\t<td>{$type_sel}</td>\r\n\t\t\t</tr>\r\n\t\t</table>\r\n\t\t</td></tr>\r\n\t</table>\r\n\t</form>\r\n\t<h3>Hired Out</h3>\r\n\t<table " . TMPL_tblDflts . ">\r\n\t\t<tr>\r\n\t\t\t<th>Hire No</th>\r\n\t\t\t<th>Asset Group</th>\r\n\t\t\t<th>Asset Type</th>\r\n\t\t\t<th>Asset</th>\r\n\t\t\t<th>Serial</th>\r\n\t\t\t<th>Qty</th>\r\n\t\t\t<th>Customer</th>\r\n\t\t\t<th>Expected Return</th>\r\n\t\t</tr>\r\n\t\t{$hired_out}\r\n\t</table>\r\n\t<h3>Available</h3>\r\n\t<table " . TMPL_tblDflts . ">\r\n\t\t<tr>\r\n\t\t\t<th>Asset Group</th>\r\n\t\t\t<th>Asset Type</th>\r\n\t\t\t<th>Asset</th>\r\n\t\t\t<th>Serial</th>\r\n\t\t\t<th>Qty</th>\r\n\t\t</tr>\r\n\t\t{$available_out}\r\n\t</table>"; return $OUTPUT; }
<?php session_start(); require_once '../dbaccess.php'; require_once '../functions.php'; getStats(); getUnits(); $unusedPop = $_SESSION['population'] - $_SESSION['explorers'] - $_SESSION['preachers'] - $_SESSION['scientists'] - $_SESSION['workers'] - $_SESSION['warriors']; if ($_SERVER['REQUEST_METHOD'] = 'post') { $db = getDB(); $user = $_SESSION['username']; $explorers = $_POST['explorers'] + $_SESSION['explorers']; $preachers = $_POST['preachers'] + $_SESSION['preachers']; $scientists = $_POST['scientists'] + $_SESSION['scientists']; $workers = $_POST['workers'] + $_SESSION['workers']; $warriors = $_POST['warriors'] + $_SESSION['warriors']; $sql = "SELECT id FROM units_l0l WHERE username=?"; $stmt = $db->prepare($sql); $stmt->bind_param('s', $user); $stmt->execute(); if ($stmt->fetch()) { if ($unusedPop >= $_POST['explorers'] + $_POST['preachers'] + $_POST['scientists'] + $_POST['workers'] + $_POST['warriors']) { $stmt->close(); $sql = "UPDATE units_l0l SET explorers=?, preachers=?, scientists=?, workers=?, warriors=? WHERE username=?"; $stmt = $db->prepare($sql); $stmt->bind_param('iiiiis', $explorers, $preachers, $scientists, $workers, $warriors, $user); if (!$stmt->execute()) { echo "Execute failed: (" . $db->errno . ") " . $db->error; } $_SESSION['explorers'] = $explorers; $_SESSION['preachers'] = $preachers;
function getChannel($id, $sendPermissions = false) { global $user, $mysqli; $len = strlen($id); $id[$len - 1] = $id[$len - 1] != '/' ? $id[$len - 1] : ''; $path = explode('/', $id); $id = intval($path[count($path) - 1]); //Set Jörn's Channel as root if ($id == 0) { $id = 1; } $userid = $user->userid(); $query = "SELECT id,title,parent,description FROM Channels WHERE id=?"; $stmt = $mysqli->prepare($query); $stmt->bind_param("i", $id); $stmt->execute(); $channel = get_result($stmt); $stmt->fetch(); $stmt->close(); $query = "SELECT Channels.id,Channels.title,Channels.viewIndex,Channels.published,Channels.parent,Channels.description,ThumbnailCache.thumbnail,p.progress\n\t\t\t FROM Channels\n\t\t\t LEFT JOIN ThumbnailCache ON ThumbnailCache.channelId=Channels.id\n\t\t\t LEFT JOIN ChannelProgress p ON p.channelId = Channels.id AND p.userId=?\n\t\t\t WHERE Channels.parent=?" . ($sendPermissions ? "" : " AND published=1") . " ORDER BY Channels.viewIndex"; $stmt = $mysqli->prepare($query); $stmt->bind_param("ii", $userid, $id); $stmt->execute(); $stmt->store_result(); $subchannels = array(); $subchannel = get_result($stmt); while ($stmt->fetch()) { /* Where is this informations necessary? Just legacy from old system? Can be large overhead... if ($sendPermissions) && $user->has_privilege($subchannel['id'], AUTHOR)) { $subchannel['author'] = true; } */ if ($subchannel['thumbnail'] == null) { $subchannel['thumbnail'] = getThumbnailRecursiveCache($subchannel['id']); } $subchannels[] = $subchannel; $subchannel = get_result($stmt); } $stmt->free_result(); $stmt->close(); $channel['channels'] = $subchannels; $channel['units'] = getUnits($id); $channel['path'] = getPath($id); if ($sendPermissions) { if ($user->has_privilege($channel['id'], ADMIN)) { $channel['admin'] = true; } if ($user->has_privilege($channel['parent'], AUTHOR)) { $channel['parentAuthor'] = true; } } //You may want to know in the Channel if User can access the Channel-Editor. //That's why we send it, even if not the full permissions have been requested. if ($user->has_privilege($channel['id'], AUTHOR)) { $channel['author'] = true; } return $channel; }
function unitsAvailable($asset_id, $date) { $current_units = getUnits($asset_id); $booked_units = unitsBooked($asset_id, $date); $units = $current_units - $booked_units; return $units; }
function write() { extract($_REQUEST); require_lib("validate"); $v = new validate(); $v->isOk($asset_id, "num", 1, 9, "Invalid asset id."); $v->isOk($ex_year, "num", 4, 4, "Invalid expected date (year)"); $v->isOk($ex_month, "num", 1, 2, "Invalid expected date (month)"); $v->isOk($ex_day, "num", 1, 2, "Invalid expected date (day)"); $v->isOk($description, "string", 0, 255, "Invalid description."); $v->isOk($qty, "num", 1, 9, "Invalid qty."); if (!isSerialized($asset_id) && $qty <= 0) { $v->addError(0, "Invalid Quantity."); } if (getUnits($asset_id) < $qty) { $v->addError(0, "Not enough items available."); } if ($v->isError()) { return enter($v->genErrors()); } $ex_date = dateFmt($ex_year, $ex_month, $ex_day); $notes = base64_encode($notes); $sql = "SELECT id, des, serial, serial2 FROM cubit.assets\r\n\t\t\t\tWHERE id='{$asset_id}'"; $asset_rslt = db_exec($sql) or errDie("Unable to retrieve assets."); $asset_data = pg_fetch_array($asset_rslt); pglib_transaction("BEGIN"); $sql = "INSERT INTO cubit.workshop (stkcod, description, notes, status,\r\n\t\t\t\tserno, cdate, active, asset_id, e_date, qty)\r\n\t\t\t\tVALUES ('{$asset_data['des']}', '{$description}', '{$notes}', 'Present',\r\n\t\t\t\t\t'{$asset_data['serial']}', CURRENT_DATE, 'true',\r\n\t\t\t\t\t'{$asset_data['id']}', '{$ex_date}', '{$qty}')"; $ws_rslt = db_exec($sql) or errDie("Unable to add workshop item."); $sql = "UPDATE cubit.assets SET remaction='Workshop' WHERE id='{$asset_data['id']}'"; db_exec($sql) or errDie("Unable to update assets."); if (!isSerialized($asset_id)) { $new_qty = $asset_data["serial2"] - $qty; $sql = "UPDATE cubit.assets SET serial2='{$new_qty}'\r\n\t\t\t\t\tWHERE id='{$asset_data['id']}'"; db_exec($sql) or errDie("Unable to update assets."); } pglib_transaction("COMMIT"); $OUTPUT = "<h3>Book Asset to Workshop</h3>\r\n\t<table " . TMPL_tblDflts . ">\r\n\t\t<tr>\r\n\t\t\t<th>Write</th>\r\n\t\t</tr>\r\n\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t<td><li>Successfully booked asset to the workshop.</li></td>\r\n\t\t</tr>\r\n\t</table>"; return $OUTPUT; }