} $alwaysAvailable = $elements[0]->attribute('lang_mask') & 1; $res = eZURLAliasML::storePath($fromPath, $action, false, $linkID, $alwaysAvailable); if (!$res || $res['status'] == 3) { logError("The wildcard url " . var_export($fromPath, true) . " cannot be created since the path already exists"); list($column, $counter) = displayProgress('s', $urlImportStartTime, $counter, $urlCount, $column); continue; } if (!$res || $res['status'] !== true) { logStoreError($res, "eZURLAliasML::storePath", array($fromPath, $action, false, $linkID, $alwaysAvailable)); list($column, $counter) = displayProgress('E', $urlImportStartTime, $counter, $urlCount, $column); continue; } logStore($res, "eZURLAliasML::storePath", array($fromPath, $action, false, $linkID, $alwaysAvailable)); $result = '.'; verifyData($result, $source, $row['id']); list($column, $counter) = displayProgress($result, $urlImportStartTime, $counter, $urlCount, $column); } markAsImported($rows); } while ($count > 0); flush(); if ($column > 0) { $cli->output(); } backupTables('impwcard'); } // $cli->output( "Removing urlalias data which have been imported" ); // $db = eZDB::instance(); // $db->query( "DELETE FROM ezurlalias WHERE is_imported = 1" ); // Removing all aliases which have been imported $rows = $db->arrayQuery("SELECT count(*) AS count FROM ezurlalias WHERE is_imported = 0"); $remaining = $rows[0]['count'];
$return['html'] .= '<div class="btnSpacer"><button id="editBtn">Edit</button></div>'; echo json_encode($return); } /* Function: editSave Inputs: Outputs: */ if ($_POST['action'] == 'editSave') { //verify data $data = $_POST; unset($data['action']); unset($data['type']); unset($data['id']); $data = cleanData($_POST['type'], null, $data); $return = verifyData($_POST['type'], null, $data); //manual check for managerID (ONLY for editMany (I think only for editMany because otherwise you can't edit the CEO)) because it's required, but not checked in verifyData if (array_key_exists('managerID', $data) && $data['managerID'] == '' && count(explode(',', $_POST['id'])) > 1) { $return['status'] = 'fail'; $return['managerID'] = 'Required'; } if ($return['status'] != 'fail') { $idArr = explode(',', $_POST['id']); $idArrSafe = []; foreach ($data as $key => $value) { if ($TYPES[$_POST['type']]['fields'][$key]['verifyData'][1] == 'date') { //if this is a date, convert it to a unixTS $temp = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $value)->getTimestamp(); $data[$key] = $temp; $value = $temp; }
public function customAjax($id, $data) { global $dbh; global $SETTINGS; global $TYPES; $return = ['status' => 'success']; if ($data['subAction'] == 'list') { //list subAction $return['options'] = []; if ($data['subType'] == 'preDiscount') { //list all products and services on the order, plus an order line $sth = $dbh->prepare('SELECT CONCAT("P", orderProductID) AS id, name, recurringID, parentRecurringID, date FROM products, orders_products WHERE orderID = 1 AND products.productID = orders_products.productID UNION SELECT CONCAT("S", orderServiceID) AS id, name, recurringID, parentRecurringID, date FROM services, orders_services WHERE orderID = 1 AND services.serviceID = orders_services.serviceID'); $sth->execute([':orderID' => $id]); $return['options'][] = ['value' => 'O', 'text' => 'Order']; while ($row = $sth->fetch()) { if ($row['recurringID'] !== null) { $text = 'Recurring: ' . $row['name']; } elseif ($row['parentRecurringID'] !== null) { $text = formatDate($row['date']) . ': ' . $row['name']; } else { $text = $row['name']; } $return['options'][] = ['value' => $row['id'], 'text' => htmlspecialchars($text, ENT_QUOTES | ENT_HTML5, 'UTF-8')]; } } else { $discounts = []; if ($data['subType'] == 'discount') { //get the list of discounts applied to the item already so we don't apply the same discount twice to the same item $temp = [substr($data['subID'], 0, 1), substr($data['subID'], 1)]; $sth = $dbh->prepare('SELECT discountID FROM orders_discounts WHERE orderID = :orderID AND appliesToType = :appliesToType AND appliesToID = :appliesToID'); $sth->execute([':orderID' => $id, ':appliesToType' => $temp[0], ':appliesToID' => $temp[1]]); while ($row = $sth->fetch()) { $discounts[] = $row['discountID']; } } $sth = $dbh->prepare('SELECT ' . $TYPES[$data['subType']]['idName'] . ', name FROM ' . $TYPES[$data['subType']]['pluralName'] . ' WHERE active = 1'); $sth->execute(); while ($row = $sth->fetch()) { if ($data['subType'] != 'discount' || !in_array($row[0], $discounts)) { $return['options'][] = ['value' => $row[0], 'text' => htmlspecialchars($row[1], ENT_QUOTES | ENT_HTML5, 'UTF-8')]; } } } } elseif ($data['subAction'] == 'getDefaultPrice') { //getDefaultPrice subAction $sth = $dbh->prepare('SELECT defaultPrice FROM ' . $TYPES[$data['subType']]['pluralName'] . ' WHERE ' . $TYPES[$data['subType']]['idName'] . ' = :subID'); $sth->execute([':subID' => $data['subID']]); $row = $sth->fetch(); $return['defaultPrice'] = formatNumber($row['defaultPrice']); } elseif ($data['subAction'] == 'add') { //add subAction $return['status'] = 'fail'; $subType = $data['subType']; unset($data['subAction']); unset($data['subType']); if ($subType == 'discount') { //for discounts, subID contains a one letter indication of the type of item (O = order, P = product, S = service), and the unique subID $itemType = substr($data['subID'], 0, 1); $uniqueID = substr($data['subID'], 1); if ($itemType == 'O') { $itemTypeFull = 'order'; $subType = 'discountOrder'; } elseif ($itemType == 'P') { $itemTypeFull = 'product'; $subType = 'discountProduct'; } elseif ($itemType == 'S') { $itemTypeFull = 'service'; $subType = 'discountService'; } if ($itemType == 'O') { $data['subID'] = 0; } else { $sth = $dbh->prepare('SELECT ' . $TYPES[$itemTypeFull]['idName'] . ' FROM orders_' . $TYPES[$itemTypeFull]['pluralName'] . ' WHERE order' . $TYPES[$itemTypeFull]['formalName'] . 'ID = :uniqueID'); $sth->execute([':uniqueID' => $uniqueID]); $row = $sth->fetch(); $data['subID'] = $row[0]; } } $data = cleanData('order', $subType, $data); $return = verifyData('order', $subType, $data); if ($return['status'] != 'fail') { if ($subType == 'payment') { $dateTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['date'])->getTimestamp(); $sth = $dbh->prepare('INSERT INTO orderPayments (orderID, date, paymentType, paymentAmount) VALUES(:orderID, :date, :paymentType, :paymentAmount)'); $sth->execute([':orderID' => $id, ':date' => $dateTS, ':paymentType' => $data['paymentType'], ':paymentAmount' => $data['paymentAmount']]); $changeData = ['subType' => 'payment', 'date' => $dateTS, 'paymentType' => $data['paymentType'], 'paymentAmount' => $data['paymentAmount']]; } elseif ($subType == 'product' || $subType == 'service') { $sth = $dbh->prepare('SELECT quantity FROM orders_' . $TYPES[$subType]['pluralName'] . ' WHERE orderID = :orderID AND ' . $TYPES[$subType]['idName'] . ' = :subID AND unitPrice = :unitPrice'); $sth->execute([':orderID' => $id, ':subID' => $data['subID'], ':unitPrice' => $data['unitPrice']]); $result = $sth->fetchAll(); if (count($result) == 1 && $data['recurring'] == 'no') { //if the product or service is already present in the expense AND we aren't doing a recurring item, add the quantity to the existing row $totalQuantity = $data['quantity'] + $result[0]['quantity']; $sth = $dbh->prepare('UPDATE orders_' . $TYPES[$subType]['pluralName'] . ' SET quantity = :quantity WHERE orderID = :orderID AND ' . $TYPES[$subType]['idName'] . ' = :subID AND unitPrice = :unitPrice'); $sth->execute([':quantity' => $totalQuantity, ':orderID' => $id, ':subID' => $data['subID'], ':unitPrice' => $data['unitPrice']]); $changeAction = 'E'; //this is technically an edit, not an add $changeData = ['subType' => $subType, 'subID' => $data['subID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $totalQuantity]; } else { if ($data['recurring'] == 'yes') { $startTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['startDate'])->getTimestamp(); $endTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['endDate'])->getTimestamp(); //add the recurring item $sth = $dbh->prepare('SELECT MAX(recurringID) AS recurringID FROM orders_' . $TYPES[$subType]['pluralName']); $sth->execute(); $result = $sth->fetchAll(); $recurringID = $result[0]['recurringID'] + 1; $sth = $dbh->prepare('INSERT INTO orders_' . $TYPES[$subType]['pluralName'] . ' (orderID, ' . $TYPES[$subType]['idName'] . ', unitPrice, quantity, recurringID, dayOfMonth, startDate, endDate) VALUES(:orderID, :subID, :unitPrice, :quantity, :recurringID, :dayOfMonth, :startDate, :endDate)'); $sth->execute([':orderID' => $id, ':subID' => $data['subID'], ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':recurringID' => $recurringID, ':dayOfMonth' => $data['dayOfMonth'], ':startDate' => $startTS, ':endDate' => $endTS]); //add occasions from start date to now $temp = new DateTime(); $temp->setTimestamp($startTS); $patternStart = new DateTime($data['dayOfMonth'] . '-' . $temp->format('M') . '-' . $temp->format('Y')); $interval = new DateInterval('P1M'); $now = new DateTime(); $period = new DatePeriod($patternStart, $interval, $now); foreach ($period as $date) { $timestamp = $date->getTimestamp(); if ($timestamp >= $startTS && $timestamp <= $endTS) { $sth = $dbh->prepare('INSERT INTO orders_' . $TYPES[$subType]['pluralName'] . ' (orderID, ' . $TYPES[$subType]['idName'] . ', date, unitPrice, quantity, parentRecurringID) VALUES(:orderID, :subID, :date, :unitPrice, :quantity, :parentRecurringID)'); $sth->execute([':orderID' => $id, ':subID' => $data['subID'], ':date' => $timestamp, ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':parentRecurringID' => $recurringID]); } } $changeData = ['subType' => $subType, 'subID' => $data['subID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity'], 'recurring' => $data['recurring'], 'interval' => $data['interval'], 'dayOfMonth' => $data['dayOfMonth'], 'startDate' => $startTS, 'endDate' => $endTS]; } else { //get date of order $sth = $dbh->prepare('SELECT date FROM orders WHERE orderID = :orderID'); $sth->execute([':orderID' => $id]); $row = $sth->fetch(); $sth = $dbh->prepare('INSERT INTO orders_' . $TYPES[$subType]['pluralName'] . ' (orderID, ' . $TYPES[$subType]['idName'] . ', date, unitPrice, quantity) VALUES(:orderID, :subID, :date, :unitPrice, :quantity)'); $sth->execute([':orderID' => $id, ':subID' => $data['subID'], ':date' => $row['date'], ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity']]); $changeData = ['subType' => $subType, 'subID' => $data['subID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity']]; } } } elseif ($subType == 'discountOrder' || $subType == 'discountProduct' || $subType == 'discountService') { //get discountType and discountAmount $sth = $dbh->prepare('SELECT discountType, discountAmount FROM discounts WHERE discountID = :discountID'); $sth->execute([':discountID' => $data['discountID']]); $row = $sth->fetch(); $discountType = $row['discountType']; $discountAmount = $row['discountAmount']; $sth = $dbh->prepare('INSERT INTO orders_discounts (orderID, discountID, appliesToType, appliesToID, discountType, discountAmount) VALUES(:orderID, :discountID, :appliesToType, :appliesToID, :discountType, :discountAmount)'); $sth->execute([':orderID' => $id, ':discountID' => $data['discountID'], ':appliesToType' => $itemType, ':appliesToID' => $uniqueID, ':discountType' => $discountType, ':discountAmount' => $discountAmount]); $changeData = ['subType' => $subType, 'subID' => $data['subID'], 'discountID' => $data['discountID']]; //determine if the appliesTo item is a recurring item, and if so, add a discount to past recurrences if they don't already have this discount //TODO: user could possibly make a decision to apply this to past and future recurrences, or just future if ($itemType != 'O') { $sth = $dbh->prepare('SELECT recurringID FROM orders_' . $TYPES[$itemTypeFull]['pluralName'] . ' WHERE order' . $TYPES[$itemTypeFull]['formalName'] . 'ID = :uniqueID'); $sth->execute([':uniqueID' => $uniqueID]); $row = $sth->fetch(); if ($row['recurringID'] != null) { $recurringID = $row['recurringID']; $sth = $dbh->prepare('SELECT order' . $TYPES[$itemTypeFull]['formalName'] . 'ID AS uniqueID FROM orders_' . $TYPES[$itemTypeFull]['pluralName'] . ' WHERE parentRecurringID = :parentRecurringID AND order' . $TYPES[$itemTypeFull]['formalName'] . 'ID NOT IN( SELECT appliesToID FROM orders_discounts WHERE discountID = :discountID AND appliesToType = :appliesToType )'); $sth->execute([':parentRecurringID' => $recurringID, ':discountID' => $data['discountID'], 'appliesToType' => $itemType]); while ($row = $sth->fetch()) { $sth2 = $dbh->prepare('INSERT INTO orders_discounts (orderID, discountID, appliesToType, appliesToID, discountType, discountAmount) VALUES(:orderID, :discountID, :appliesToType, :appliesToID, :discountType, :discountAmount)'); $sth2->execute([':orderID' => $id, ':discountID' => $data['discountID'], ':appliesToType' => $itemType, ':appliesToID' => $row['uniqueID'], ':discountType' => $discountType, ':discountAmount' => $discountAmount]); } } } } self::updateAmountDue($id); $temp = isset($changeAction) ? $changeAction : 'A'; addChange('order', $id, $_SESSION['employeeID'], $temp, json_encode($changeData)); } } elseif ($data['subAction'] == 'edit') { //edit subAction $subType = $data['subType']; unset($data['subAction']); unset($data['subType']); $sth = $dbh->prepare('SELECT ' . $TYPES[$subType]['idName'] . ' AS id FROM orders_' . $TYPES[$subType]['pluralName'] . ' WHERE order' . $TYPES[$subType]['formalName'] . 'ID = :uniqueID'); $sth->execute([':uniqueID' => $data['subID']]); $row = $sth->fetch(); $uniqueID = $data['subID']; $data['subID'] = $row['id']; $data = cleanData('order', $subType, $data); $return = verifyData('order', $subType, $data); if ($return['status'] != 'fail') { $sth = $dbh->prepare('UPDATE orders_' . $TYPES[$subType]['pluralName'] . ' SET unitPrice = :unitPrice, quantity = :quantity WHERE order' . $TYPES[$subType]['formalName'] . 'ID = :uniqueID'); $sth->execute([':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':uniqueID' => $uniqueID]); self::updateAmountDue($id); addChange('order', $id, $_SESSION['employeeID'], 'E', json_encode(['subType' => $subType, 'subID' => $data['subID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity']])); } } elseif ($data['subAction'] == 'delete') { //delete subAction if ($data['subType'] == 'payment') { $sth = $dbh->prepare('SELECT date, paymentAmount FROM orderPayments WHERE paymentID = :paymentID'); $sth->execute([':paymentID' => $data['subID']]); $row = $sth->fetch(); $sth = $dbh->prepare('DELETE FROM orderPayments WHERE paymentID = :paymentID'); $sth->execute([':paymentID' => $data['subID']]); $changeData = ['subType' => 'payment', 'date' => $row['date'], 'paymentAmount' => $row['paymentAmount']]; } elseif ($data['subType'] == 'product' || $data['subType'] == 'service') { $appliesToType = $data['subType'] == 'product' ? 'P' : 'S'; $sth = $dbh->prepare('SELECT ' . $TYPES[$data['subType']]['idName'] . ' AS id, recurringID, unitPrice, quantity FROM orders_' . $TYPES[$data['subType']]['pluralName'] . ' WHERE order' . $TYPES[$data['subType']]['formalName'] . 'ID = :uniqueID'); $sth->execute([':uniqueID' => $data['subID']]); $row = $sth->fetch(); $recurring = $row['recurringID'] === null ? 'no' : 'yes'; //delete item discounts and children's discounts (if any) $sth = $dbh->prepare('DELETE FROM orders_discounts WHERE appliesToType = :appliesToType AND (appliesToID IN ( SELECT order' . $TYPES[$data['subType']]['formalName'] . 'ID FROM orders_' . $TYPES[$data['subType']]['pluralName'] . ' WHERE parentRecurringID = :recurringID ) OR appliesToID = :appliesToID)'); $sth->execute([':appliesToType' => $appliesToType, ':recurringID' => $row['recurringID'], ':appliesToID' => $data['subID']]); //delete item and children (if any) $sth = $dbh->prepare('DELETE FROM orders_' . $TYPES[$data['subType']]['pluralName'] . ' WHERE order' . $TYPES[$data['subType']]['formalName'] . 'ID = :uniqueID OR parentRecurringID = :recurringID'); $sth->execute([':uniqueID' => $data['subID'], ':recurringID' => $row['recurringID']]); $changeData = ['subType' => $data['subType'], 'subID' => $row['id'], 'unitPrice' => $row['unitPrice'], 'quantity' => $row['quantity'], 'recurring' => $recurring]; } elseif ($data['subType'] == 'discount') { $sth = $dbh->prepare('SELECT discountID, appliesToType, appliesToID FROM orders_discounts WHERE orderDiscountID = :orderDiscountID'); $sth->execute([':orderDiscountID' => $data['subID']]); $row = $sth->fetch(); if ($row['appliesToType'] == 'O') { $subType = 'discountOrder'; } elseif ($row['appliesToType'] == 'P') { $subType = 'discountProduct'; } elseif ($row['appliesToType'] == 'S') { $subType = 'discountService'; } $sth = $dbh->prepare('DELETE FROM orders_discounts WHERE orderDiscountID = :orderDiscountID'); $sth->execute([':orderDiscountID' => $data['subID']]); $changeData = ['subType' => $subType, 'subID' => $row['appliesToID'], 'discountID' => $row['discountID']]; } self::updateAmountDue($id); addChange('order', $id, $_SESSION['employeeID'], 'D', json_encode($changeData)); } return $return; }
$FName = trim($_POST['FName']); $LName = trim($_POST['LName']); $MName = trim($_POST['MName']); $Address1 = trim($_POST['Address1']); $Address2 = trim($_POST['Address2']); $City = trim($_POST['City']); $State = trim($_POST['State']); $Zip = trim($_POST['Zip']); $Phone1 = trim($_POST['Phone1']); $Phone2 = trim($_POST['Phone2']); $Email = trim($_POST['Email']); $Username = trim(strtoupper($_POST['Username'])); $Password = trim(strtoupper($_POST['Password'])); $PasswordVerify = trim(strtoupper($_POST['VerifyPassword'])); verifyData($FName, $LName, $Address1, $Address2, $City, $State, $Zip, $Phone1, $Phone2, $Email, $Username, $Password); mysql_connect(localhost, $dblogin, $dbpass); @mysql_select_db($database) or die("Unable to select database"); $query = "SELECT CustomerID, Username FROM customers WHERE Username = '******'"; $result = mysql_query($query) or die("Query failed:<BR>$query<BR>Error: " . mysql_error()); if (mysql_numrows($result) >= 1) { $conflict_CustomerID = mysql_result($result, 0, "CustomerID"); ECHO "<B>ERROR</B>: Username $Username is already claimed by customer ID $conflict_CustomerID"; displayNewUserForm($FName, $LName, $Address1, $Address2, $City, $State, $Zip, $Phone1, $Phone2, $Email, "", ""); endContentBox(); exit; }
} else { $error = true; $msg = 'Неверно указана учетная запись в contest-системе.'; } mysql_select_db(t_DBName); } //конец проверки наличия логина в контест-системе } } //конец проверки нажатия кнопки submit //конец проверки правильности введенного пароля } else { //если нажат кнопка сабмит - нужно записать данные if (@$submit) { //проверка корректности данных $verifyMsg = verifyData($names, $lengths, true); //если все введено корректно - вносим изменения в таблицы if ($verifyMsg == "") { $contestteamid = getLoginId($contestlogin, $contestpassword); $_headpassportdate = parseDate($headpassportdate); if ($_headpassportdate != "NULL") { $_headpassportdate = '"' . $_headpassportdate . '"'; } $_headbirthdate = parseDate($headbirthdate); if ($_headbirthdate != "NULL") { $_headbirthdate = '"' . $_headbirthdate . '"'; } $_coachpassportdate = parseDate($coachpassportdate); if ($_coachpassportdate != "NULL") { $_coachpassportdate = '"' . $_coachpassportdate . '"'; }
$return['status'] = 'fail'; $return['dbName'] = 'This database already exists. Either delete the database or change the name.'; } } //verify data that will be going into the db if ($return['status'] == 'success') { $data = ['username' => $_POST['username'], 'firstName' => $_POST['firstName'], 'lastName' => $_POST['lastName'], 'payType' => 'S', 'workEmail' => $_POST['workEmail']]; $employee = verifyData('employee', null, 'add', $data); $data = ['name' => $_POST['position']]; $position = verifyData('position', null, 'add', $data); if (isset($position['name'])) { $position['position'] = $position['name']; unset($position['name']); } $data = ['name' => $_POST['location']]; $location = verifyData('location', null, 'add', $data); if (isset($location['name'])) { $location['location'] = $location['name']; unset($location['name']); } $accounting = []; if ($_POST['accounting'] != 'accrual' && $_POST['accounting'] != 'cash') { $accounting['status'] = 'fail'; $accounting['accounting'] = 'Must be Accrual or Cash'; } $return = array_merge($employee, $position, $location, $accounting); if ($employee['status'] == 'fail' || $position['status'] == 'fail' || $location['status'] == 'fail' || $accounting['status'] == 'fail') { $return['status'] = 'fail'; } } //try to write settings.php, if we can't, we'll send it in the final section
public function customAjax($id, $data) { global $dbh; global $SETTINGS; $return = ['status' => 'success']; if ($data['subAction'] == 'list') { //list subAction $return['products'] = generateTypeOptions('product', true); $return['locations'] = generateTypeOptions('location', true); } elseif ($data['subAction'] == 'add') { //add subAction $return['status'] = 'fail'; $subType = $data['subType']; unset($data['subAction']); unset($data['subType']); $data = cleanData('expense', $subType, $data); $return = verifyData('expense', $subType, 'add', $data); if ($return['status'] != 'fail') { if ($subType == 'payment') { $dateTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['date'])->getTimestamp(); $sth = $dbh->prepare('INSERT INTO expensePayments (expenseID, date, paymentType, paymentAmount) VALUES(:expenseID, :date, :paymentType, :paymentAmount)'); $sth->execute([':expenseID' => $id, ':date' => $dateTS, ':paymentType' => $data['paymentType'], ':paymentAmount' => $data['paymentAmount']]); $changeData = ['subType' => 'payment', 'date' => $dateTS, 'paymentType' => $data['paymentType'], 'paymentAmount' => $data['paymentAmount']]; } elseif ($subType == 'product') { $sth = $dbh->prepare('SELECT quantity FROM expenses_products WHERE expenseID = :expenseID AND productID = :productID AND locationID = :locationID AND unitPrice = :unitPrice'); $sth->execute([':expenseID' => $id, ':productID' => $data['productID'], ':locationID' => $data['locationID'], ':unitPrice' => $data['unitPrice']]); $result = $sth->fetchAll(); if (count($result) == 1 && $data['recurring'] == 'no') { //if the product is already present in the expense AND we aren't doing a recurring item, add the quantity to the existing row $totalQuantity = $data['quantity'] + $result[0]['quantity']; $sth = $dbh->prepare('UPDATE expenses_products SET quantity = :quantity WHERE expenseID = :expenseID AND productID = :productID AND locationID = :locationID AND unitPrice = :unitPrice'); $sth->execute([':quantity' => $totalQuantity, ':expenseID' => $id, ':productID' => $data['productID'], ':locationID' => $data['locationID'], ':unitPrice' => $data['unitPrice']]); $changeAction = 'E'; //this is technically an edit, not an add $changeData = ['subType' => 'product', 'productID' => $data['productID'], 'locationID' => $data['locationID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $totalQuantity]; } else { if ($data['recurring'] == 'yes') { $startTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['startDate'])->getTimestamp(); $endTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['endDate'])->getTimestamp(); //add the recurring item $sth = $dbh->prepare('SELECT MAX(recurringID) AS recurringID FROM expenses_products'); $sth->execute(); $result = $sth->fetchAll(); $recurringID = $result[0]['recurringID'] + 1; $sth = $dbh->prepare('INSERT INTO expenses_products (expenseID, productID, locationID, unitPrice, quantity, recurringID, dayOfMonth, startDate, endDate) VALUES(:expenseID, :productID, :locationID, :unitPrice, :quantity, :recurringID, :dayOfMonth, :startDate, :endDate)'); $sth->execute([':expenseID' => $id, ':productID' => $data['productID'], ':locationID' => $data['locationID'], ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':recurringID' => $recurringID, ':dayOfMonth' => $data['dayOfMonth'], ':startDate' => $startTS, ':endDate' => $endTS]); //add occasions from start date to now $temp = new DateTime(); $temp->setTimestamp($startTS); $patternStart = new DateTime($data['dayOfMonth'] . '-' . $temp->format('M') . '-' . $temp->format('Y')); $interval = new DateInterval('P1M'); $now = new DateTime(); $period = new DatePeriod($patternStart, $interval, $now); foreach ($period as $date) { $timestamp = $date->getTimestamp(); if ($timestamp >= $startTS && $timestamp <= $endTS) { $sth = $dbh->prepare('INSERT INTO expenses_products (expenseID, productID, locationID, date, unitPrice, quantity, parentRecurringID) VALUES(:expenseID, :productID, :locationID, :date, :unitPrice, :quantity, :parentRecurringID)'); $sth->execute([':expenseID' => $id, ':productID' => $data['productID'], ':locationID' => $data['locationID'], ':date' => $timestamp, ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':parentRecurringID' => $recurringID]); } } $changeData = ['subType' => 'product', 'productID' => $data['productID'], 'locationID' => $data['locationID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity'], 'recurring' => $data['recurring'], 'interval' => $data['interval'], 'dayOfMonth' => $data['dayOfMonth'], 'startDate' => $startTS, 'endDate' => $endTS]; } else { //get date of expense $sth = $dbh->prepare('SELECT date FROM expenses WHERE expenseID = :expenseID'); $sth->execute([':expenseID' => $id]); $row = $sth->fetch(); $sth = $dbh->prepare('INSERT INTO expenses_products (expenseID, productID, locationID, date, unitPrice, quantity) VALUES(:expenseID, :productID, :locationID, :date, :unitPrice, :quantity)'); $sth->execute([':expenseID' => $id, ':productID' => $data['productID'], ':locationID' => $data['locationID'], ':date' => $row['date'], ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity']]); $changeData = ['subType' => 'product', 'productID' => $data['productID'], 'locationID' => $data['locationID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity']]; } } } elseif ($subType == 'other') { $sth = $dbh->prepare('SELECT quantity FROM expenseOthers WHERE expenseID = :expenseID AND name = :name AND unitPrice = :unitPrice'); $sth->execute([':expenseID' => $id, ':name' => $data['name'], ':unitPrice' => $data['unitPrice']]); $result = $sth->fetchAll(); if (count($result) == 1 && $data['recurring'] == 'no') { //if the item is already present in the expense AND we aren't doing a recurring item, add the quantity to the existing row $totalQuantity = $data['quantity'] + $result[0]['quantity']; $sth = $dbh->prepare('UPDATE expenseOthers SET quantity = :quantity WHERE expenseID = :expenseID AND name = :name AND unitPrice = :unitPrice'); $sth->execute([':quantity' => $totalQuantity, ':expenseID' => $id, ':name' => $data['name'], ':unitPrice' => $data['unitPrice']]); $changeAction = 'E'; //this is technically an edit, not an add $changeData = ['subType' => 'other', 'name' => $data['name'], 'unitPrice' => $data['unitPrice'], 'quantity' => $totalQuantity]; } else { if ($data['recurring'] == 'yes') { $startTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['startDate'])->getTimestamp(); $endTS = DateTime::createFromFormat($SETTINGS['dateFormat'] . '|', $data['endDate'])->getTimestamp(); //add the recurring item $sth = $dbh->prepare('SELECT MAX(recurringID) AS recurringID FROM expenseOthers'); $sth->execute(); $result = $sth->fetchAll(); $recurringID = $result[0]['recurringID'] + 1; $sth = $dbh->prepare('INSERT INTO expenseOthers (expenseID, name, unitPrice, quantity, recurringID, dayOfMonth, startDate, endDate) VALUES(:expenseID, :name, :unitPrice, :quantity, :recurringID, :dayOfMonth, :startDate, :endDate)'); $sth->execute([':expenseID' => $id, ':name' => $data['name'], ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':recurringID' => $recurringID, ':dayOfMonth' => $data['dayOfMonth'], ':startDate' => $startTS, ':endDate' => $endTS]); //add occasions from start date to now $temp = new DateTime(); $temp->setTimestamp($startTS); $patternStart = new DateTime($data['dayOfMonth'] . '-' . $temp->format('M') . '-' . $temp->format('Y')); $interval = new DateInterval('P1M'); $now = new DateTime(); $period = new DatePeriod($patternStart, $interval, $now); foreach ($period as $date) { $timestamp = $date->getTimestamp(); if ($timestamp >= $startTS && $timestamp <= $endTS) { $sth = $dbh->prepare('INSERT INTO expenseOthers (expenseID, name, date, unitPrice, quantity, parentRecurringID) VALUES(:expenseID, :name, :date, :unitPrice, :quantity, :parentRecurringID)'); $sth->execute([':expenseID' => $id, ':name' => $data['name'], ':date' => $timestamp, ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':parentRecurringID' => $recurringID]); } } $changeData = ['subType' => 'other', 'name' => $data['name'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity'], 'recurring' => $data['recurring'], 'interval' => $data['interval'], 'dayOfMonth' => $data['dayOfMonth'], 'startDate' => $startTS, 'endDate' => $endTS]; } else { //get date of expense $sth = $dbh->prepare('SELECT date FROM expenses WHERE expenseID = :expenseID'); $sth->execute([':expenseID' => $id]); $row = $sth->fetch(); $sth = $dbh->prepare('INSERT INTO expenseOthers (expenseID, name, date, unitPrice, quantity) VALUES(:expenseID, :name, :date, :unitPrice, :quantity)'); $sth->execute([':expenseID' => $id, ':name' => $data['name'], ':date' => $row['date'], ':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity']]); $changeData = ['subType' => 'other', 'name' => $data['name'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity']]; } } } self::updateAmountDue($id); $temp = isset($changeAction) ? $changeAction : 'A'; addChange('expense', $id, $_SESSION['employeeID'], $temp, json_encode($changeData)); } } elseif ($data['subAction'] == 'edit') { //edit subAction $subType = $data['subType']; unset($data['subAction']); unset($data['subType']); $subID = $data['subID']; unset($data['subID']); $data = cleanData('expense', $subType, $data); $return = verifyData('expense', $subType, 'edit', $data); if ($return['status'] != 'fail') { if ($subType == 'product') { $sth = $dbh->prepare('UPDATE expenses_products SET unitPrice = :unitPrice, quantity = :quantity WHERE expenseProductID = :expenseProductID'); $sth->execute([':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':expenseProductID' => $subID]); $changeData = ['subType' => 'product', 'productID' => $data['productID'], 'locationID' => $data['locationID'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity']]; } elseif ($subType == 'other') { $sth = $dbh->prepare('UPDATE expenseOthers SET unitPrice = :unitPrice, quantity = :quantity WHERE expenseOtherID = :expenseOtherID'); $sth->execute([':unitPrice' => $data['unitPrice'], ':quantity' => $data['quantity'], ':expenseOtherID' => $subID]); $changeData = ['subType' => 'other', 'name' => $data['name'], 'unitPrice' => $data['unitPrice'], 'quantity' => $data['quantity']]; } self::updateAmountDue($id); addChange('expense', $id, $_SESSION['employeeID'], 'E', json_encode($changeData)); } } elseif ($data['subAction'] == 'delete') { //delete subAction if ($data['subType'] == 'payment') { $sth = $dbh->prepare('SELECT date, paymentAmount FROM expensePayments WHERE paymentID = :paymentID'); $sth->execute([':paymentID' => $data['subID']]); $row = $sth->fetch(); $sth = $dbh->prepare('DELETE FROM expensePayments WHERE paymentID = :paymentID'); $sth->execute([':paymentID' => $data['subID']]); $changeData = ['subType' => 'payment', 'date' => $row['date'], 'paymentAmount' => $row['paymentAmount']]; } elseif ($data['subType'] == 'product') { $sth = $dbh->prepare('SELECT productID, locationID, unitPrice, quantity, recurringID FROM expenses_products WHERE expenseProductID = :expenseProductID'); $sth->execute([':expenseProductID' => $data['subID']]); $row = $sth->fetch(); $recurring = $row['recurringID'] === null ? 'no' : 'yes'; //delete item and children (if any) $sth = $dbh->prepare('DELETE FROM expenses_products WHERE expenseProductID = :expenseProductID OR parentRecurringID = :recurringID'); $sth->execute([':expenseProductID' => $data['subID'], ':recurringID' => $row['recurringID']]); $changeData = ['subType' => 'product', 'productID' => $row['productID'], 'locationID' => $row['locationID'], 'unitPrice' => $row['unitPrice'], 'quantity' => $row['quantity'], 'recurring' => $recurring]; } elseif ($data['subType'] == 'other') { $sth = $dbh->prepare('SELECT name, unitPrice, quantity, recurringID FROM expenseOthers WHERE expenseOtherID = :expenseOtherID'); $sth->execute([':expenseOtherID' => $data['subID']]); $row = $sth->fetch(); $recurring = $row['recurringID'] === null ? 'no' : 'yes'; //delete item and children (if any) $sth = $dbh->prepare('DELETE FROM expenseOthers WHERE expenseOtherID = :expenseOtherID OR parentRecurringID = :recurringID'); $sth->execute([':expenseOtherID' => $data['subID'], ':recurringID' => $row['recurringID']]); $changeData = ['subType' => 'other', 'name' => $row['name'], 'unitPrice' => $row['unitPrice'], 'quantity' => $row['quantity'], 'recurring' => $recurring]; } self::updateAmountDue($id); addChange('expense', $id, $_SESSION['employeeID'], 'D', json_encode($changeData)); } return $return; }
<?php include_once '../../../wp-load.php'; global $wpdb; if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($_POST['type'] == "create") { $data = verifyData(); create($data); } else { if ($_POST['type'] == "delete") { delete(); } else { echo json_encode(array("status" => "error", "message" => "Invalid request type.")); die; } } } else { if ($_SERVER['REQUEST_METHOD'] == 'GET') { getCurrentList(); } else { echo json_encode(array("status" => "error", "message" => "Bad HTTP method")); die; } } function verifyData() { $phone = $_POST["phone"]; $phone = str_replace("(", "", $phone); $phone = str_replace(")", "", $phone); $phone = str_replace("-", "", $phone); $phone = str_replace("+", "", $phone);