}
$alwaysAvailable = $elements[0]->attribute('lang_mask') & 1;
$res = eZURLAliasML::storePath($fromPath, $action, false, $linkID, $alwaysAvailable);
if (!$res || $res['status'] == 3) {
logError("The wildcard url " . var_export($fromPath, true) . " cannot be created since the path already exists");
list($column, $counter) = displayProgress('s', $urlImportStartTime, $counter, $urlCount, $column);
continue;
}
if (!$res || $res['status'] !== true) {
logStoreError($res, "eZURLAliasML::storePath", array($fromPath, $action, false, $linkID, $alwaysAvailable));
list($column, $counter) = displayProgress('E', $urlImportStartTime, $counter, $urlCount, $column);
continue;
}
logStore($res, "eZURLAliasML::storePath", array($fromPath, $action, false, $linkID, $alwaysAvailable));
$result = '.';
verifyData($result, $source, $row['id']);
list($column, $counter) = displayProgress($result, $urlImportStartTime, $counter, $urlCount, $column);
}
markAsImported($rows);
} while ($count > 0);
flush();
if ($column > 0) {
$cli->output();
}
backupTables('impwcard');
}
// $cli->output( "Removing urlalias data which have been imported" );
// $db = eZDB::instance();
// $db->query( "DELETE FROM ezurlalias WHERE is_imported = 1" ); // Removing all aliases which have been imported
$rows = $db->arrayQuery("SELECT count(*) AS count FROM ezurlalias WHERE is_imported = 0");
$remaining = $rows[0]['count'];
$return['html'] .= '<div class="btnSpacer"><button id="editBtn">Edit</button></div>';
echo json_encode($return);
}
/*
Function: editSave
Inputs:
Outputs:
*/
if ($_POST['action'] == 'editSave') {
//verify data
$data = $_POST;
unset($data['action']);
unset($data['type']);
unset($data['id']);
$data = cleanData($_POST['type'], null, $data);
$return = verifyData($_POST['type'], null, $data);
//manual check for managerID (ONLY for editMany (I think only for editMany because otherwise you can't edit the CEO)) because it's required, but not checked in verifyData
if (array_key_exists('managerID', $data) && $data['managerID'] == '' && count(explode(',', $_POST['id'])) > 1) {
$return['status'] = 'fail';
$return['managerID'] = 'Required';
}
if ($return['status'] != 'fail') {
$idArr = explode(',', $_POST['id']);
$idArrSafe = [];
foreach ($data as $key => $value) {
if ($TYPES[$_POST['type']]['fields'][$key]['verifyData'][1] == 'date') {
//if this is a date, convert it to a unixTS
$temp = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $value)->getTimestamp();
$data[$key] = $temp;
$value = $temp;
}
public function customAjax($id, $data)
{
global $dbh;
global $SETTINGS;
global $TYPES;
$return = ['status' => 'success'];
if ($data['subAction'] == 'list') {
//list subAction
$return['options'] = [];
if ($data['subType'] == 'preDiscount') {
//list all products and services on the order, plus an order line
$sth = $dbh->prepare('SELECT CONCAT("P", orderProductID) AS id, name, recurringID, parentRecurringID, date
FROM products, orders_products
WHERE orderID = 1 AND products.productID = orders_products.productID
UNION
SELECT CONCAT("S", orderServiceID) AS id, name, recurringID, parentRecurringID, date
FROM services, orders_services
WHERE orderID = 1 AND services.serviceID = orders_services.serviceID');
$sth->execute([':orderID' => $id]);
$return['options'][] = ['value' => 'O', 'text' => 'Order'];
while ($row = $sth->fetch()) {
if ($row['recurringID'] !== null) {
$text = 'Recurring: ' . $row['name'];
} elseif ($row['parentRecurringID'] !== null) {
$text = formatDate($row['date']) . ': ' . $row['name'];
} else {
$text = $row['name'];
}
$return['options'][] = ['value' => $row['id'], 'text' => htmlspecialchars($text, ENT_QUOTES | ENT_HTML5, 'UTF-8')];
}
} else {
$discounts = [];
if ($data['subType'] == 'discount') {
//get the list of discounts applied to the item already so we don't apply the same discount twice to the same item
$temp = [substr($data['subID'], 0, 1), substr($data['subID'], 1)];
$sth = $dbh->prepare('SELECT discountID
FROM orders_discounts
WHERE orderID = :orderID AND appliesToType = :appliesToType AND appliesToID = :appliesToID');
$sth->execute([':orderID' => $id, ':appliesToType' => $temp[0], ':appliesToID' => $temp[1]]);
while ($row = $sth->fetch()) {
$discounts[] = $row['discountID'];
}
}
$sth = $dbh->prepare('SELECT ' . $TYPES[$data['subType']]['idName'] . ', name
FROM ' . $TYPES[$data['subType']]['pluralName'] . '
WHERE active = 1');
$sth->execute();
while ($row = $sth->fetch()) {
if ($data['subType'] != 'discount' || !in_array($row[0], $discounts)) {
$return['options'][] = ['value' => $row[0], 'text' => htmlspecialchars($row[1], ENT_QUOTES | ENT_HTML5, 'UTF-8')];
}
}
}
} elseif ($data['subAction'] == 'getDefaultPrice') {
//getDefaultPrice subAction
$sth = $dbh->prepare('SELECT defaultPrice
FROM ' . $TYPES[$data['subType']]['pluralName'] . '
WHERE ' . $TYPES[$data['subType']]['idName'] . ' = :subID');
$sth->execute([':subID' => $data['subID']]);
$row = $sth->fetch();
$return['defaultPrice'] = formatNumber($row['defaultPrice']);
} elseif ($data['subAction'] == 'add') {
//add subAction
$return['status'] = 'fail';
$subType = $data['subType'];
unset($data['subAction']);
unset($data['subType']);
if ($subType == 'discount') {
//for discounts, subID contains a one letter indication of the type of item (O = order, P = product, S = service), and the unique subID
$itemType = substr($data['subID'], 0, 1);
$uniqueID = substr($data['subID'], 1);
if ($itemType == 'O') {
$itemTypeFull = 'order';
$subType = 'discountOrder';
} elseif ($itemType == 'P') {
$itemTypeFull = 'product';
$subType = 'discountProduct';
} elseif ($itemType == 'S') {
$itemTypeFull = 'service';
$subType = 'discountService';
}
if ($itemType == 'O') {
$data['subID'] = 0;
} else {
$sth = $dbh->prepare('SELECT ' . $TYPES[$itemTypeFull]['idName'] . '
FROM orders_' . $TYPES[$itemTypeFull]['pluralName'] . '
WHERE order' . $TYPES[$itemTypeFull]['formalName'] . 'ID = :uniqueID');
$sth->execute([':uniqueID' => $uniqueID]);
$row = $sth->fetch();
$data['subID'] = $row[0];
}
}
$data = cleanData('order', $subType, $data);
$return = verifyData('order', $subType, $data);
if ($return['status'] != 'fail') {
if ($subType == 'payment') {
$dateTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['date'])->getTimestamp();
$sth = $dbh->prepare('INSERT INTO orderPayments (orderID, date, paymentType, paymentAmount)
VALUES(:orderID, :date, :paymentType, :paymentAmount)');
$sth->execute([':orderID' => $id, ':date' => $dateTS, ':paymentType' => $data['paymentType'], ':paymentAmount' => $data['paymentAmount']]);
$changeData = ['subType' => 'payment', 'date' => $dateTS, 'paymentType' => $data['paymentType'], 'paymentAmount' => $data['paymentAmount']];
} elseif ($subType == 'product' || $subType == 'service') {
$sth = $dbh->prepare('SELECT quantity
FROM orders_' . $TYPES[$subType]['pluralName'] . '
WHERE orderID = :orderID AND ' . $TYPES[$subType]['idName'] . ' = :subID AND unitPrice = :unitPrice');
$sth->execute([':orderID' => $id, ':subID' => $data['subID'], ':unitPrice' => $data['unitPrice']]);
$result = $sth->fetchAll();
if (count($result) == 1 && $data['recurring'] == 'no') {
//if the product or service is already present in the expense AND we aren't doing a recurring item, add the quantity to the existing row
$totalQuantity = $data['quantity'] + $result[0]['quantity'];
$sth = $dbh->prepare('UPDATE orders_' . $TYPES[$subType]['pluralName'] . '
SET quantity = :quantity
WHERE orderID = :orderID AND ' . $TYPES[$subType]['idName'] . ' = :subID AND unitPrice = :unitPrice');
$sth->execute([':quantity' => $totalQuantity, ':orderID' => $id, ':subID' => $data['subID'], ':unitPrice' => $data['unitPrice']]);
$changeAction = 'E';
//this is technically an edit, not an add
$changeData = ['subType' => $subType, 'subID' => $data['subID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $totalQuantity];
} else {
if ($data['recurring'] == 'yes') {
$startTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['startDate'])->getTimestamp();
$endTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['endDate'])->getTimestamp();
//add the recurring item
$sth = $dbh->prepare('SELECT MAX(recurringID) AS recurringID
FROM orders_' . $TYPES[$subType]['pluralName']);
$sth->execute();
$result = $sth->fetchAll();
$recurringID = $result[0]['recurringID'] + 1;
$sth = $dbh->prepare('INSERT INTO orders_' . $TYPES[$subType]['pluralName'] . ' (orderID, ' . $TYPES[$subType]['idName'] . ', unitPrice, quantity, recurringID, dayOfMonth, startDate, endDate)
VALUES(:orderID, :subID, :unitPrice, :quantity, :recurringID, :dayOfMonth, :startDate, :endDate)');
$sth->execute([':orderID' => $id, ':subID' => $data['subID'], ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':recurringID' => $recurringID, ':dayOfMonth' => $data['dayOfMonth'], ':startDate' => $startTS, ':endDate' => $endTS]);
//add occasions from start date to now
$temp = new DateTime();
$temp->setTimestamp($startTS);
$patternStart = new DateTime($data['dayOfMonth'] . '-' . $temp->format('M') . '-' . $temp->format('Y'));
$interval = new DateInterval('P1M');
$now = new DateTime();
$period = new DatePeriod($patternStart, $interval, $now);
foreach ($period as $date) {
$timestamp = $date->getTimestamp();
if ($timestamp >= $startTS && $timestamp <= $endTS) {
$sth = $dbh->prepare('INSERT INTO orders_' . $TYPES[$subType]['pluralName'] . ' (orderID, ' . $TYPES[$subType]['idName'] . ', date, unitPrice, quantity, parentRecurringID)
VALUES(:orderID, :subID, :date, :unitPrice, :quantity, :parentRecurringID)');
$sth->execute([':orderID' => $id, ':subID' => $data['subID'], ':date' => $timestamp, ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':parentRecurringID' => $recurringID]);
}
}
$changeData = ['subType' => $subType, 'subID' => $data['subID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity'], 'recurring' => $data['recurring'], 'interval' => $data['interval'], 'dayOfMonth' => $data['dayOfMonth'], 'startDate' => $startTS, 'endDate' => $endTS];
} else {
//get date of order
$sth = $dbh->prepare('SELECT date
FROM orders
WHERE orderID = :orderID');
$sth->execute([':orderID' => $id]);
$row = $sth->fetch();
$sth = $dbh->prepare('INSERT INTO orders_' . $TYPES[$subType]['pluralName'] . ' (orderID, ' . $TYPES[$subType]['idName'] . ', date, unitPrice, quantity)
VALUES(:orderID, :subID, :date, :unitPrice, :quantity)');
$sth->execute([':orderID' => $id, ':subID' => $data['subID'], ':date' => $row['date'], ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity']]);
$changeData = ['subType' => $subType, 'subID' => $data['subID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity']];
}
}
} elseif ($subType == 'discountOrder' || $subType == 'discountProduct' || $subType == 'discountService') {
//get discountType and discountAmount
$sth = $dbh->prepare('SELECT discountType, discountAmount
FROM discounts
WHERE discountID = :discountID');
$sth->execute([':discountID' => $data['discountID']]);
$row = $sth->fetch();
$discountType = $row['discountType'];
$discountAmount = $row['discountAmount'];
$sth = $dbh->prepare('INSERT INTO orders_discounts (orderID, discountID, appliesToType, appliesToID, discountType, discountAmount)
VALUES(:orderID, :discountID, :appliesToType, :appliesToID, :discountType, :discountAmount)');
$sth->execute([':orderID' => $id, ':discountID' => $data['discountID'], ':appliesToType' => $itemType, ':appliesToID' => $uniqueID, ':discountType' => $discountType, ':discountAmount' => $discountAmount]);
$changeData = ['subType' => $subType, 'subID' => $data['subID'], 'discountID' => $data['discountID']];
//determine if the appliesTo item is a recurring item, and if so, add a discount to past recurrences if they don't already have this discount
//TODO: user could possibly make a decision to apply this to past and future recurrences, or just future
if ($itemType != 'O') {
$sth = $dbh->prepare('SELECT recurringID
FROM orders_' . $TYPES[$itemTypeFull]['pluralName'] . '
WHERE order' . $TYPES[$itemTypeFull]['formalName'] . 'ID = :uniqueID');
$sth->execute([':uniqueID' => $uniqueID]);
$row = $sth->fetch();
if ($row['recurringID'] != null) {
$recurringID = $row['recurringID'];
$sth = $dbh->prepare('SELECT order' . $TYPES[$itemTypeFull]['formalName'] . 'ID AS uniqueID
FROM orders_' . $TYPES[$itemTypeFull]['pluralName'] . '
WHERE parentRecurringID = :parentRecurringID AND order' . $TYPES[$itemTypeFull]['formalName'] . 'ID NOT IN(
SELECT appliesToID
FROM orders_discounts
WHERE discountID = :discountID AND appliesToType = :appliesToType
)');
$sth->execute([':parentRecurringID' => $recurringID, ':discountID' => $data['discountID'], 'appliesToType' => $itemType]);
while ($row = $sth->fetch()) {
$sth2 = $dbh->prepare('INSERT INTO orders_discounts (orderID, discountID, appliesToType, appliesToID, discountType, discountAmount)
VALUES(:orderID, :discountID, :appliesToType, :appliesToID, :discountType, :discountAmount)');
$sth2->execute([':orderID' => $id, ':discountID' => $data['discountID'], ':appliesToType' => $itemType, ':appliesToID' => $row['uniqueID'], ':discountType' => $discountType, ':discountAmount' => $discountAmount]);
}
}
}
}
self::updateAmountDue($id);
$temp = isset($changeAction) ? $changeAction : 'A';
addChange('order', $id, $_SESSION['employeeID'], $temp, json_encode($changeData));
}
} elseif ($data['subAction'] == 'edit') {
//edit subAction
$subType = $data['subType'];
unset($data['subAction']);
unset($data['subType']);
$sth = $dbh->prepare('SELECT ' . $TYPES[$subType]['idName'] . ' AS id
FROM orders_' . $TYPES[$subType]['pluralName'] . '
WHERE order' . $TYPES[$subType]['formalName'] . 'ID = :uniqueID');
$sth->execute([':uniqueID' => $data['subID']]);
$row = $sth->fetch();
$uniqueID = $data['subID'];
$data['subID'] = $row['id'];
$data = cleanData('order', $subType, $data);
$return = verifyData('order', $subType, $data);
if ($return['status'] != 'fail') {
$sth = $dbh->prepare('UPDATE orders_' . $TYPES[$subType]['pluralName'] . '
SET unitPrice = :unitPrice, quantity = :quantity
WHERE order' . $TYPES[$subType]['formalName'] . 'ID = :uniqueID');
$sth->execute([':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':uniqueID' => $uniqueID]);
self::updateAmountDue($id);
addChange('order', $id, $_SESSION['employeeID'], 'E', json_encode(['subType' => $subType, 'subID' => $data['subID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity']]));
}
} elseif ($data['subAction'] == 'delete') {
//delete subAction
if ($data['subType'] == 'payment') {
$sth = $dbh->prepare('SELECT date, paymentAmount
FROM orderPayments
WHERE paymentID = :paymentID');
$sth->execute([':paymentID' => $data['subID']]);
$row = $sth->fetch();
$sth = $dbh->prepare('DELETE FROM orderPayments
WHERE paymentID = :paymentID');
$sth->execute([':paymentID' => $data['subID']]);
$changeData = ['subType' => 'payment', 'date' => $row['date'], 'paymentAmount' => $row['paymentAmount']];
} elseif ($data['subType'] == 'product' || $data['subType'] == 'service') {
$appliesToType = $data['subType'] == 'product' ? 'P' : 'S';
$sth = $dbh->prepare('SELECT ' . $TYPES[$data['subType']]['idName'] . ' AS id, recurringID, unitPrice, quantity
FROM orders_' . $TYPES[$data['subType']]['pluralName'] . '
WHERE order' . $TYPES[$data['subType']]['formalName'] . 'ID = :uniqueID');
$sth->execute([':uniqueID' => $data['subID']]);
$row = $sth->fetch();
$recurring = $row['recurringID'] === null ? 'no' : 'yes';
//delete item discounts and children's discounts (if any)
$sth = $dbh->prepare('DELETE FROM orders_discounts
WHERE appliesToType = :appliesToType AND (appliesToID IN (
SELECT order' . $TYPES[$data['subType']]['formalName'] . 'ID
FROM orders_' . $TYPES[$data['subType']]['pluralName'] . '
WHERE parentRecurringID = :recurringID
) OR appliesToID = :appliesToID)');
$sth->execute([':appliesToType' => $appliesToType, ':recurringID' => $row['recurringID'], ':appliesToID' => $data['subID']]);
//delete item and children (if any)
$sth = $dbh->prepare('DELETE FROM orders_' . $TYPES[$data['subType']]['pluralName'] . '
WHERE order' . $TYPES[$data['subType']]['formalName'] . 'ID = :uniqueID OR parentRecurringID = :recurringID');
$sth->execute([':uniqueID' => $data['subID'], ':recurringID' => $row['recurringID']]);
$changeData = ['subType' => $data['subType'], 'subID' => $row['id'], 'unitPrice' => $row['unitPrice'], 'quantity' => $row['quantity'], 'recurring' => $recurring];
} elseif ($data['subType'] == 'discount') {
$sth = $dbh->prepare('SELECT discountID, appliesToType, appliesToID
FROM orders_discounts
WHERE orderDiscountID = :orderDiscountID');
$sth->execute([':orderDiscountID' => $data['subID']]);
$row = $sth->fetch();
if ($row['appliesToType'] == 'O') {
$subType = 'discountOrder';
} elseif ($row['appliesToType'] == 'P') {
$subType = 'discountProduct';
} elseif ($row['appliesToType'] == 'S') {
$subType = 'discountService';
}
$sth = $dbh->prepare('DELETE FROM orders_discounts
WHERE orderDiscountID = :orderDiscountID');
$sth->execute([':orderDiscountID' => $data['subID']]);
$changeData = ['subType' => $subType, 'subID' => $row['appliesToID'], 'discountID' => $row['discountID']];
}
self::updateAmountDue($id);
addChange('order', $id, $_SESSION['employeeID'], 'D', json_encode($changeData));
}
return $return;
}
$FName = trim($_POST['FName']);
$LName = trim($_POST['LName']);
$MName = trim($_POST['MName']);
$Address1 = trim($_POST['Address1']);
$Address2 = trim($_POST['Address2']);
$City = trim($_POST['City']);
$State = trim($_POST['State']);
$Zip = trim($_POST['Zip']);
$Phone1 = trim($_POST['Phone1']);
$Phone2 = trim($_POST['Phone2']);
$Email = trim($_POST['Email']);
$Username = trim(strtoupper($_POST['Username']));
$Password = trim(strtoupper($_POST['Password']));
$PasswordVerify = trim(strtoupper($_POST['VerifyPassword']));
verifyData($FName, $LName, $Address1, $Address2, $City, $State, $Zip, $Phone1, $Phone2, $Email, $Username, $Password);
mysql_connect(localhost, $dblogin, $dbpass);
@mysql_select_db($database) or die("Unable to select database");
$query = "SELECT CustomerID, Username FROM customers WHERE Username = '******'";
$result = mysql_query($query) or die("Query failed:<BR>$query<BR>Error: " . mysql_error());
if (mysql_numrows($result) >= 1)
{
$conflict_CustomerID = mysql_result($result, 0, "CustomerID");
ECHO "<B>ERROR</B>: Username $Username is already claimed by customer ID $conflict_CustomerID";
displayNewUserForm($FName, $LName, $Address1, $Address2, $City, $State, $Zip, $Phone1, $Phone2, $Email, "", "");
endContentBox();
exit;
}
} else {
$error = true;
$msg = 'Неверно указана учетная запись в contest-системе.';
}
mysql_select_db(t_DBName);
}
//конец проверки наличия логина в контест-системе
}
}
//конец проверки нажатия кнопки submit
//конец проверки правильности введенного пароля
} else {
//если нажат кнопка сабмит - нужно записать данные
if (@$submit) {
//проверка корректности данных
$verifyMsg = verifyData($names, $lengths, true);
//если все введено корректно - вносим изменения в таблицы
if ($verifyMsg == "") {
$contestteamid = getLoginId($contestlogin, $contestpassword);
$_headpassportdate = parseDate($headpassportdate);
if ($_headpassportdate != "NULL") {
$_headpassportdate = '"' . $_headpassportdate . '"';
}
$_headbirthdate = parseDate($headbirthdate);
if ($_headbirthdate != "NULL") {
$_headbirthdate = '"' . $_headbirthdate . '"';
}
$_coachpassportdate = parseDate($coachpassportdate);
if ($_coachpassportdate != "NULL") {
$_coachpassportdate = '"' . $_coachpassportdate . '"';
}
$return['status'] = 'fail';
$return['dbName'] = 'This database already exists. Either delete the database or change the name.';
}
}
//verify data that will be going into the db
if ($return['status'] == 'success') {
$data = ['username' => $_POST['username'], 'firstName' => $_POST['firstName'], 'lastName' => $_POST['lastName'], 'payType' => 'S', 'workEmail' => $_POST['workEmail']];
$employee = verifyData('employee', null, 'add', $data);
$data = ['name' => $_POST['position']];
$position = verifyData('position', null, 'add', $data);
if (isset($position['name'])) {
$position['position'] = $position['name'];
unset($position['name']);
}
$data = ['name' => $_POST['location']];
$location = verifyData('location', null, 'add', $data);
if (isset($location['name'])) {
$location['location'] = $location['name'];
unset($location['name']);
}
$accounting = [];
if ($_POST['accounting'] != 'accrual' && $_POST['accounting'] != 'cash') {
$accounting['status'] = 'fail';
$accounting['accounting'] = 'Must be Accrual or Cash';
}
$return = array_merge($employee, $position, $location, $accounting);
if ($employee['status'] == 'fail' || $position['status'] == 'fail' || $location['status'] == 'fail' || $accounting['status'] == 'fail') {
$return['status'] = 'fail';
}
}
//try to write settings.php, if we can't, we'll send it in the final section
public function customAjax($id, $data)
{
global $dbh;
global $SETTINGS;
$return = ['status' => 'success'];
if ($data['subAction'] == 'list') {
//list subAction
$return['products'] = generateTypeOptions('product', true);
$return['locations'] = generateTypeOptions('location', true);
} elseif ($data['subAction'] == 'add') {
//add subAction
$return['status'] = 'fail';
$subType = $data['subType'];
unset($data['subAction']);
unset($data['subType']);
$data = cleanData('expense', $subType, $data);
$return = verifyData('expense', $subType, 'add', $data);
if ($return['status'] != 'fail') {
if ($subType == 'payment') {
$dateTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['date'])->getTimestamp();
$sth = $dbh->prepare('INSERT INTO expensePayments (expenseID, date, paymentType, paymentAmount)
VALUES(:expenseID, :date, :paymentType, :paymentAmount)');
$sth->execute([':expenseID' => $id, ':date' => $dateTS, ':paymentType' => $data['paymentType'], ':paymentAmount' => $data['paymentAmount']]);
$changeData = ['subType' => 'payment', 'date' => $dateTS, 'paymentType' => $data['paymentType'], 'paymentAmount' => $data['paymentAmount']];
} elseif ($subType == 'product') {
$sth = $dbh->prepare('SELECT quantity
FROM expenses_products
WHERE expenseID = :expenseID AND productID = :productID AND locationID = :locationID AND unitPrice = :unitPrice');
$sth->execute([':expenseID' => $id, ':productID' => $data['productID'], ':locationID' => $data['locationID'], ':unitPrice' => $data['unitPrice']]);
$result = $sth->fetchAll();
if (count($result) == 1 && $data['recurring'] == 'no') {
//if the product is already present in the expense AND we aren't doing a recurring item, add the quantity to the existing row
$totalQuantity = $data['quantity'] + $result[0]['quantity'];
$sth = $dbh->prepare('UPDATE expenses_products
SET quantity = :quantity
WHERE expenseID = :expenseID AND productID = :productID AND locationID = :locationID AND unitPrice = :unitPrice');
$sth->execute([':quantity' => $totalQuantity, ':expenseID' => $id, ':productID' => $data['productID'], ':locationID' => $data['locationID'], ':unitPrice' => $data['unitPrice']]);
$changeAction = 'E';
//this is technically an edit, not an add
$changeData = ['subType' => 'product', 'productID' => $data['productID'], 'locationID' => $data['locationID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $totalQuantity];
} else {
if ($data['recurring'] == 'yes') {
$startTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['startDate'])->getTimestamp();
$endTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['endDate'])->getTimestamp();
//add the recurring item
$sth = $dbh->prepare('SELECT MAX(recurringID) AS recurringID
FROM expenses_products');
$sth->execute();
$result = $sth->fetchAll();
$recurringID = $result[0]['recurringID'] + 1;
$sth = $dbh->prepare('INSERT INTO expenses_products (expenseID, productID, locationID, unitPrice, quantity, recurringID, dayOfMonth, startDate, endDate)
VALUES(:expenseID, :productID, :locationID, :unitPrice, :quantity, :recurringID, :dayOfMonth, :startDate, :endDate)');
$sth->execute([':expenseID' => $id, ':productID' => $data['productID'], ':locationID' => $data['locationID'], ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':recurringID' => $recurringID, ':dayOfMonth' => $data['dayOfMonth'], ':startDate' => $startTS, ':endDate' => $endTS]);
//add occasions from start date to now
$temp = new DateTime();
$temp->setTimestamp($startTS);
$patternStart = new DateTime($data['dayOfMonth'] . '-' . $temp->format('M') . '-' . $temp->format('Y'));
$interval = new DateInterval('P1M');
$now = new DateTime();
$period = new DatePeriod($patternStart, $interval, $now);
foreach ($period as $date) {
$timestamp = $date->getTimestamp();
if ($timestamp >= $startTS && $timestamp <= $endTS) {
$sth = $dbh->prepare('INSERT INTO expenses_products (expenseID, productID, locationID, date, unitPrice, quantity, parentRecurringID)
VALUES(:expenseID, :productID, :locationID, :date, :unitPrice, :quantity, :parentRecurringID)');
$sth->execute([':expenseID' => $id, ':productID' => $data['productID'], ':locationID' => $data['locationID'], ':date' => $timestamp, ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':parentRecurringID' => $recurringID]);
}
}
$changeData = ['subType' => 'product', 'productID' => $data['productID'], 'locationID' => $data['locationID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity'], 'recurring' => $data['recurring'], 'interval' => $data['interval'], 'dayOfMonth' => $data['dayOfMonth'], 'startDate' => $startTS, 'endDate' => $endTS];
} else {
//get date of expense
$sth = $dbh->prepare('SELECT date
FROM expenses
WHERE expenseID = :expenseID');
$sth->execute([':expenseID' => $id]);
$row = $sth->fetch();
$sth = $dbh->prepare('INSERT INTO expenses_products (expenseID, productID, locationID, date, unitPrice, quantity)
VALUES(:expenseID, :productID, :locationID, :date, :unitPrice, :quantity)');
$sth->execute([':expenseID' => $id, ':productID' => $data['productID'], ':locationID' => $data['locationID'], ':date' => $row['date'], ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity']]);
$changeData = ['subType' => 'product', 'productID' => $data['productID'], 'locationID' => $data['locationID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity']];
}
}
} elseif ($subType == 'other') {
$sth = $dbh->prepare('SELECT quantity
FROM expenseOthers
WHERE expenseID = :expenseID AND name = :name AND unitPrice = :unitPrice');
$sth->execute([':expenseID' => $id, ':name' => $data['name'], ':unitPrice' => $data['unitPrice']]);
$result = $sth->fetchAll();
if (count($result) == 1 && $data['recurring'] == 'no') {
//if the item is already present in the expense AND we aren't doing a recurring item, add the quantity to the existing row
$totalQuantity = $data['quantity'] + $result[0]['quantity'];
$sth = $dbh->prepare('UPDATE expenseOthers
SET quantity = :quantity
WHERE expenseID = :expenseID AND name = :name AND unitPrice = :unitPrice');
$sth->execute([':quantity' => $totalQuantity, ':expenseID' => $id, ':name' => $data['name'], ':unitPrice' => $data['unitPrice']]);
$changeAction = 'E';
//this is technically an edit, not an add
$changeData = ['subType' => 'other', 'name' => $data['name'], 'unitPrice' => $data['unitPrice'], 'quantity' => $totalQuantity];
} else {
if ($data['recurring'] == 'yes') {
$startTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['startDate'])->getTimestamp();
$endTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['endDate'])->getTimestamp();
//add the recurring item
$sth = $dbh->prepare('SELECT MAX(recurringID) AS recurringID
FROM expenseOthers');
$sth->execute();
$result = $sth->fetchAll();
$recurringID = $result[0]['recurringID'] + 1;
$sth = $dbh->prepare('INSERT INTO expenseOthers (expenseID, name, unitPrice, quantity, recurringID, dayOfMonth, startDate, endDate)
VALUES(:expenseID, :name, :unitPrice, :quantity, :recurringID, :dayOfMonth, :startDate, :endDate)');
$sth->execute([':expenseID' => $id, ':name' => $data['name'], ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':recurringID' => $recurringID, ':dayOfMonth' => $data['dayOfMonth'], ':startDate' => $startTS, ':endDate' => $endTS]);
//add occasions from start date to now
$temp = new DateTime();
$temp->setTimestamp($startTS);
$patternStart = new DateTime($data['dayOfMonth'] . '-' . $temp->format('M') . '-' . $temp->format('Y'));
$interval = new DateInterval('P1M');
$now = new DateTime();
$period = new DatePeriod($patternStart, $interval, $now);
foreach ($period as $date) {
$timestamp = $date->getTimestamp();
if ($timestamp >= $startTS && $timestamp <= $endTS) {
$sth = $dbh->prepare('INSERT INTO expenseOthers (expenseID, name, date, unitPrice, quantity, parentRecurringID)
VALUES(:expenseID, :name, :date, :unitPrice, :quantity, :parentRecurringID)');
$sth->execute([':expenseID' => $id, ':name' => $data['name'], ':date' => $timestamp, ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':parentRecurringID' => $recurringID]);
}
}
$changeData = ['subType' => 'other', 'name' => $data['name'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity'], 'recurring' => $data['recurring'], 'interval' => $data['interval'], 'dayOfMonth' => $data['dayOfMonth'], 'startDate' => $startTS, 'endDate' => $endTS];
} else {
//get date of expense
$sth = $dbh->prepare('SELECT date
FROM expenses
WHERE expenseID = :expenseID');
$sth->execute([':expenseID' => $id]);
$row = $sth->fetch();
$sth = $dbh->prepare('INSERT INTO expenseOthers (expenseID, name, date, unitPrice, quantity)
VALUES(:expenseID, :name, :date, :unitPrice, :quantity)');
$sth->execute([':expenseID' => $id, ':name' => $data['name'], ':date' => $row['date'], ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity']]);
$changeData = ['subType' => 'other', 'name' => $data['name'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity']];
}
}
}
self::updateAmountDue($id);
$temp = isset($changeAction) ? $changeAction : 'A';
addChange('expense', $id, $_SESSION['employeeID'], $temp, json_encode($changeData));
}
} elseif ($data['subAction'] == 'edit') {
//edit subAction
$subType = $data['subType'];
unset($data['subAction']);
unset($data['subType']);
$subID = $data['subID'];
unset($data['subID']);
$data = cleanData('expense', $subType, $data);
$return = verifyData('expense', $subType, 'edit', $data);
if ($return['status'] != 'fail') {
if ($subType == 'product') {
$sth = $dbh->prepare('UPDATE expenses_products
SET unitPrice = :unitPrice, quantity = :quantity
WHERE expenseProductID = :expenseProductID');
$sth->execute([':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':expenseProductID' => $subID]);
$changeData = ['subType' => 'product', 'productID' => $data['productID'], 'locationID' => $data['locationID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity']];
} elseif ($subType == 'other') {
$sth = $dbh->prepare('UPDATE expenseOthers
SET unitPrice = :unitPrice, quantity = :quantity
WHERE expenseOtherID = :expenseOtherID');
$sth->execute([':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':expenseOtherID' => $subID]);
$changeData = ['subType' => 'other', 'name' => $data['name'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity']];
}
self::updateAmountDue($id);
addChange('expense', $id, $_SESSION['employeeID'], 'E', json_encode($changeData));
}
} elseif ($data['subAction'] == 'delete') {
//delete subAction
if ($data['subType'] == 'payment') {
$sth = $dbh->prepare('SELECT date, paymentAmount FROM expensePayments
WHERE paymentID = :paymentID');
$sth->execute([':paymentID' => $data['subID']]);
$row = $sth->fetch();
$sth = $dbh->prepare('DELETE FROM expensePayments
WHERE paymentID = :paymentID');
$sth->execute([':paymentID' => $data['subID']]);
$changeData = ['subType' => 'payment', 'date' => $row['date'], 'paymentAmount' => $row['paymentAmount']];
} elseif ($data['subType'] == 'product') {
$sth = $dbh->prepare('SELECT productID, locationID, unitPrice, quantity, recurringID
FROM expenses_products
WHERE expenseProductID = :expenseProductID');
$sth->execute([':expenseProductID' => $data['subID']]);
$row = $sth->fetch();
$recurring = $row['recurringID'] === null ? 'no' : 'yes';
//delete item and children (if any)
$sth = $dbh->prepare('DELETE FROM expenses_products
WHERE expenseProductID = :expenseProductID OR parentRecurringID = :recurringID');
$sth->execute([':expenseProductID' => $data['subID'], ':recurringID' => $row['recurringID']]);
$changeData = ['subType' => 'product', 'productID' => $row['productID'], 'locationID' => $row['locationID'], 'unitPrice' => $row['unitPrice'], 'quantity' => $row['quantity'], 'recurring' => $recurring];
} elseif ($data['subType'] == 'other') {
$sth = $dbh->prepare('SELECT name, unitPrice, quantity, recurringID
FROM expenseOthers
WHERE expenseOtherID = :expenseOtherID');
$sth->execute([':expenseOtherID' => $data['subID']]);
$row = $sth->fetch();
$recurring = $row['recurringID'] === null ? 'no' : 'yes';
//delete item and children (if any)
$sth = $dbh->prepare('DELETE FROM expenseOthers
WHERE expenseOtherID = :expenseOtherID OR parentRecurringID = :recurringID');
$sth->execute([':expenseOtherID' => $data['subID'], ':recurringID' => $row['recurringID']]);
$changeData = ['subType' => 'other', 'name' => $row['name'], 'unitPrice' => $row['unitPrice'], 'quantity' => $row['quantity'], 'recurring' => $recurring];
}
self::updateAmountDue($id);
addChange('expense', $id, $_SESSION['employeeID'], 'D', json_encode($changeData));
}
return $return;
}
<?php
include_once '../../../wp-load.php';
global $wpdb;
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($_POST['type'] == "create") {
$data = verifyData();
create($data);
} else {
if ($_POST['type'] == "delete") {
delete();
} else {
echo json_encode(array("status" => "error", "message" => "Invalid request type."));
die;
}
}
} else {
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
getCurrentList();
} else {
echo json_encode(array("status" => "error", "message" => "Bad HTTP method"));
die;
}
}
function verifyData()
{
$phone = $_POST["phone"];
$phone = str_replace("(", "", $phone);
$phone = str_replace(")", "", $phone);
$phone = str_replace("-", "", $phone);
$phone = str_replace("+", "", $phone);