} // remove last comma $item_sql = substr_replace($item_sql, '', -1); // execute query $dbs->query($item_sql); } } else { $cnt_sql_error++; } } } // close file handle fclose($file); $end_time = time(); $import_time_sec = $end_time - $start_time; utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', 'Importing ' . $cnt_insert . ' bibliographic records from file : ' . $_FILES['importFile']['name']); $msg = ""; $msg .= "<strong>" . $row_count . "</strong> " . __("record(s) in file. Start processing from record") . " <strong>" . $record_offset . " " . __("in") . " " . $import_time_sec . " " . __("second(s)") . "</strong><br>"; $msg .= "<strong>" . $cnt_record_ignore . "</strong> " . __("record(s) ignored") . ", "; $msg .= "<strong>" . $cnt_insert . "</strong> " . __("record(s) inserted") . ", "; $msg .= "<strong>" . $cnt_update . "</strong> " . __("record(s) updated") . " " . __("having") . " " . "<strong>" . $cnt_sql_error . "</strong> " . __("record(s) with sql error"); echo '<script type="text/javascript">' . "\n"; // echo 'parent.$(\'importInfo\').update(\'<strong>'.$cnt_insert.'</strong> records inserted or updated successfully to bibliographic database, from record <strong>'.$_POST['recordOffset'].' in '.$import_time_sec.' second(s)</strong>\');'."\n"; echo 'parent.$(\'importInfo\').update(\'' . $msg . '\');' . "\n"; echo 'parent.$(\'importInfo\').setStyle( {display: \'block\'} );' . "\n"; echo '</script>'; exit; } } } ?>
$error_num = 0; if (!is_array($_POST['itemID'])) { // make an array $_POST['itemID'] = array((int) $_POST['itemID']); } // loop array foreach ($_POST['itemID'] as $itemID) { $itemID = (int) $itemID; // get content data $content_q = $dbs->query('SELECT content_title FROM content WHERE content_id=' . $itemID); $content_d = $content_q->fetch_row(); if (!$sql_op->delete('content', "content_id='{$itemID}'")) { $error_num++; } else { // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' DELETE content (' . $content_d[0] . ')'); } } // error alerting if ($error_num == 0) { utility::jsAlert(__('All Data Successfully Deleted')); echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '?' . $_POST['lastQueryStr'] . '\', \'post\');</script>'; } else { utility::jsAlert(__('Some or All Data NOT deleted successfully!\\nPlease contact system administrator')); echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '?' . $_POST['lastQueryStr'] . '\', \'post\');</script>'; } exit; } } /* RECORD OPERATION END */ /* search form */
$_POST['itemID'] = array((int) $_POST['itemID']); } // loop array foreach ($_POST['itemID'] as $itemID) { $itemID = (int) $itemID; // get group data $group_q = $dbs->query('SELECT group_name FROM user_group WHERE group_id=' . $itemID); $group_d = $group_q->fetch_row(); if (!$sql_op->delete('user_group', 'group_id=' . $itemID)) { $error_num++; } else { // also delete all records related to this data // delete group privileges $dbs->query('DELETE FROM group_access WHERE group_id=' . $itemID); // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' DELETE group (' . $group_d[0] . ')'); } } // error alerting if ($error_num == 0) { utility::jsAlert(__('All Data Successfully Deleted')); echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '?' . $_POST['lastQueryStr'] . '\', \'post\');</script>'; } else { utility::jsAlert(__('Some or All Data NOT deleted successfully!\\nPlease contact system administrator')); echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '?' . $_POST['lastQueryStr'] . '\', \'post\');</script>'; } exit; } } /* RECORD OPERATION END */ /* search form */
foreach ($data['subjects'] as $subject) { $subject['auth_list'] = $subject['auth_list'] ? "'" . $subject['auth_list'] . "'" : 'NULL'; @$dbs->query('INSERT IGNORE INTO mst_topic (topic,topic_type,auth_list,input_date,last_update) VALUES (\'' . $subject['name'] . '\', \'' . $subject['type'] . '\', ' . $subject['auth_list'] . ', \'' . $curr_date . '\', \'' . $curr_date . '\')'); $subject['name'] = $dbs->escape_string(trim($subject['name'])); $subject_id = utility::getID($dbs, 'mst_topic', 'topic_id', 'topic', $subject['name'], $cache_subject); $biblio_subject_sql .= " ({$biblio_id}, {$subject_id}, " . $subject['level'] . "),"; } // remove last comma $biblio_subject_sql = substr_replace($biblio_subject_sql, '', -1); // execute query $dbs->query($biblio_subject_sql); // echo $dbs->error; } } $r++; } // close poll ucs_nodes_poll::clear_poll($dbs, $node_id); // write log utility::writeLogs($dbs, 'nodes', $biblio['node_info']['id'], 'ucs', 'Node ' . $node_id . '(' . $sysconf['node'][$node_id]['name'] . ') upload ' . $r . ' of catalog data'); die(json_encode(array('status' => 'UPLOADED', 'message' => $r . ' catalog record uploaded succesfully to ' . $sysconf['server']['name'] . '!'))); } else { die(json_encode(array('status' => 'NOT_AUTHORIZED', 'message' => 'You not authorized to upload data to server ' . $sysconf['server']['name'] . '! Please check your ucnode.inc.php file for correct configuration!'))); } } else { die(json_encode(array('status' => 'NOT_AUTHORIZED', 'message' => 'You not authorized to upload data to server ' . $sysconf['server']['name'] . '! Please check your ucnode.inc.php file for correct configuration!'))); } } else { die(json_encode(array('status' => 'NO_DATA', 'message' => 'Request is empty! Could be error on HTTP request'))); }
// loop array $http_query = ''; foreach ($_POST['itemID'] as $itemID) { $itemID = (int) $itemID; // check if this biblio data still have an item $_sql_biblio_item_q = sprintf('SELECT b.title, COUNT(item_id) FROM biblio AS b LEFT JOIN item AS i ON b.biblio_id=i.biblio_id WHERE b.biblio_id=%d GROUP BY title', $itemID); $biblio_item_q = $dbs->query($_sql_biblio_item_q); $biblio_item_d = $biblio_item_q->fetch_row(); if ($biblio_item_d[1] < 1) { if (!$sql_op->delete('biblio', "biblio_id={$itemID}")) { $error_num++; } else { // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' DELETE bibliographic data (' . $biblio_item_d[0] . ') with biblio_id (' . $itemID . ')'); // delete related data $sql_op->delete('biblio_topic', "biblio_id={$itemID}"); $sql_op->delete('biblio_author', "biblio_id={$itemID}"); $sql_op->delete('biblio_attachment', "biblio_id={$itemID}"); // add to http query for UCS delete $http_query .= "itemID[]={$itemID}&"; } } else { $still_have_item[] = substr($biblio_item_d[0], 0, 45) . '... still have ' . $biblio_item_d[1] . ' copies'; $error_num++; } } if ($still_have_item) { $titles = ''; foreach ($still_have_item as $title) {
session_regenerate_id(true); // create logon class instance $logon = new admin_logon($username, $password); if ($logon->adminValid($dbs)) { // set cookie admin flag setcookie('admin_logged_in', true, time() + 14400, SENAYAN_WEB_ROOT_DIR); // write log utility::writeLogs($dbs, 'staff', $username, 'Login', 'Login success for user ' . $username . ' from address ' . $_SERVER['REMOTE_ADDR']); echo '<script type="text/javascript">'; echo 'alert(\'' . __('Welcome to Library Automation, ') . $logon->real_name . '\');'; echo 'location.href = \'admin/index.php\';'; echo '</script>'; exit; } else { // write log utility::writeLogs($dbs, 'staff', $username, 'Login', 'Login FAILED for user ' . $username . ' from address ' . $_SERVER['REMOTE_ADDR']); // message $msg = '<script type="text/javascript">'; $msg .= 'alert(\'' . __('Wrong Username or Password. ACCESS DENIED') . '\');'; $msg .= 'history.back();'; $msg .= '</script>'; simbio_security::destroySessionCookie($msg, SENAYAN_SESSION_COOKIES_NAME, SENAYAN_WEB_ROOT_DIR . 'admin', false); exit; } } } ?> <div id="loginForm"> <noscript> <div style="font-weight: bold; color: #FF0000;"><?php
$sql_str = "INSERT IGNORE INTO member\r\n (member_id, member_name, gender,\r\n member_type_id, member_email, member_address, postal_code,\r\n inst_name, is_new, member_image, pin, member_phone,\r\n member_fax, member_since_date, register_date,\r\n expire_date, birth_date, member_notes,\r\n input_date, last_update)\r\n VALUES ({$member_id}, {$member_name}, {$gender},\r\n {$member_type_id}, {$member_email}, {$member_address}, {$postal_code},\r\n {$inst_name}, {$is_new},\r\n {$member_image}, {$pin}, {$member_phone},\r\n {$member_fax}, {$member_since_date}, {$register_date},\r\n {$expire_date}, {$birth_date}, {$member_notes},\r\n {$curr_datetime}, {$curr_datetime})"; // send query @$dbs->query($sql_str); if (!$dbs->error) { $inserted_row++; } else { echo $sql_str . '<br />'; echo $dbs->error . '<hr />'; } } $row_count++; } } // close file handle fclose($file); utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'membership', 'Importing ' . $inserted_row . ' members data from file : ' . $_FILES['importFile']['name']); echo '<script type="text/javascript">' . "\n"; echo 'parent.$(\'#importInfo\').html(\'<strong>' . $inserted_row . '</strong> ' . __('records inserted successfully to members database, from record') . ' <strong>' . $_POST['recordOffset'] . '</strong>\');' . "\n"; //mfc echo 'parent.$(\'#importInfo\').css( {\'display\': \'block\'} );' . "\n"; echo '</script>'; exit; } } } ?> <fieldset class="menuBox"> <div class="menuBoxInner importIcon"> <?php echo strtoupper(__('Import Data')) . '<hr />' . __('Import for members data from CSV file'); ?>
// xml result $xml_result = $_POST['enable_xml_result'] == '1' ? true : false; $dbs->query('UPDATE setting SET setting_value=\'' . $dbs->escape_string(serialize($xml_result)) . '\' WHERE setting_name=\'enable_xml_result\''); // file download $file_download = $_POST['allow_file_download'] == '1' ? true : false; $dbs->query('UPDATE setting SET setting_value=\'' . $dbs->escape_string(serialize($file_download)) . '\' WHERE setting_name=\'allow_file_download\''); // session timeout $session_timeout = intval($_POST['session_timeout']) >= 1800 ? $_POST['session_timeout'] : 1800; $dbs->query('UPDATE setting SET setting_value=\'' . $dbs->escape_string(serialize($session_timeout)) . '\' WHERE setting_name=\'session_timeout\''); // barcode encoding $dbs->query('UPDATE setting SET setting_value=\'' . $dbs->escape_string(serialize($_POST['barcode_encoding'])) . '\' WHERE setting_name=\'barcode_encoding\''); // spellchecker $spellchecker_enabled = $_POST['spellchecker_enabled'] == '1' ? true : false; $dbs->query('REPLACE INTO setting (setting_value, setting_name) VALUES (\'' . serialize($spellchecker_enabled) . '\', \'spellchecker_enabled\')'); // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' change application global configuration'); utility::jsAlert(__('Settings saved. Refreshing page')); echo '<script type="text/javascript">top.location.href = \'' . AWB . 'index.php?mod=system\';</script>'; exit; } /* Config Vars update process end */ // create new instance $form = new simbio_form_table_AJAX('mainForm', $_SERVER['PHP_SELF'], 'post'); $form->submit_button_attr = 'name="updateData" value="' . __('Save Settings') . '" class="btn btn-default"'; // form table attributes $form->table_attr = 'align="center" id="dataList" cellpadding="5" cellspacing="0"'; $form->table_header_attr = 'class="alterCell" style="font-weight: bold;"'; $form->table_content_attr = 'class="alterCell2"'; // load settings from database utility::loadSettings($dbs); // version status
} } else { // record to log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'stock_take', 'Stock Take ERROR : Item Code ' . $item_code . ' doesnt exists in stock take data. Invalid Item Code OR Maybe out of Stock Take range (from uploaded file ' . $upload->new_filename . ')'); } } fclose($stfile); // message echo '<script type="text/javascript">' . "\n"; echo 'parent.$(\'#stUploadMsg\').html(\'' . __('Succesfully upload stock take file') . $upload->new_filename . ', <b>' . $i . '</b>' . __(' item codes scanned!') . '\')'; //mfc echo '.css( {\'display\': \'block\'} );' . "\n"; echo '</script>'; } else { // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'stock_take', 'ERROR : ' . $_SESSION['realname'] . ' FAILED TO upload stock take file ' . $upload->new_filename . ', with error (' . $upload->error . ')'); echo '<script type="text/javascript">' . "\n"; echo 'parent.$(\'#stUploadMsg\').html(\'Failed to upload stock take file! <div>Error : ' . $upload->error . '</div>\')'; echo '.toggleClass(\'errorBox\').css( {\'display\': \'block\'} );' . "\n"; echo '</script>'; } exit; } ?> <fieldset class="menuBox"> <div class="menuBoxInner stockTakeIcon"> <?php echo __('STOCK TAKE UPLOAD - Upload a plain text file (.txt) containing list of Item Code to stock take. Each Item Code separated by line.'); ?> <hr /> <form name="uploadForm" class="notAJAX" method="post" enctype="multipart/form-data" action="<?php
require UCS_BASE_DIR . 'admin/default/session_check.inc.php'; if (isset($_SESSION['formID']) && isset($_POST['nodeID']) && isset($_POST['removeAll'])) { // check form ID if ($_SESSION['formID'] === $_POST['formID']) { echo '<div class="errorBox">' . __('ERROR ON PROCESSING DATA REMOVAL REQUEST') . '</div>'; exit; } $node_ID = trim($dbs->escape_string(strip_tags($_POST['nodeID']))); if (isset($sysconf['node'][$node_ID])) { $node = $sysconf['node'][$node_ID]; // remove all data $remove_q = $dbs->query('DELETE FROM biblio WHERE node_id=\'' . $node_ID . '\''); $deleted = $dbs->affected_rows; if ($deleted) { // write to log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' remove all bibliographic of ' . $node['name']); echo '<div class="infoBox">' . sprintf(__('%d records of %s removed succesfully from database'), $deleted, $node['name']) . '</div>'; } } // nullify form ID $_SESSION['formID'] = null; exit; } // nullify form ID $_SESSION['formID'] = null; ?> <fieldset class="menuBox"> <div class="menuBoxInner trashIcon"> <?php echo strtoupper(__('Nodes Data Removal')); ?>
if (function_exists('imagecopyresampled')) { // we use phpthumb class to resize image include LIB . 'phpthumb/ThumbLib.inc.php'; // create phpthumb object $src = IMAGES_BASE_DIR . 'labels/' . $image_upload->new_filename; $phpthumb = PhpThumbFactory::create($src); $w = $h = 24; $phpthumb->resize($w, $h); $phpthumb->save(IMAGES_BASE_DIR . 'labels/' . $data['label_name'] . '.png', 'PNG'); } // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' upload label image file ' . $image_upload->new_filename); utility::jsAlert('Label image file successfully uploaded'); } else { // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', 'ERROR : ' . $_SESSION['realname'] . ' FAILED TO upload label image file ' . $image_upload->new_filename . ', with error (' . $image_upload->error . ')'); utility::jsAlert('FAILED to upload label image! Please see System Log for more detailed information'); } } $data['input_date'] = date('Y-m-d'); $data['last_update'] = date('Y-m-d'); // create sql op object $sql_op = new simbio_dbop($dbs); if (isset($_POST['updateRecordID'])) { /* UPDATE RECORD MODE */ // remove input date unset($data['input_date']); // filter update record ID $updateRecordID = $dbs->escape_string(trim($_POST['updateRecordID'])); // update the data $update = $sql_op->update('mst_label', $data, 'label_id=' . $updateRecordID);
public function sendOverdueNotice() { global $sysconf; if (!class_exists('PHPMailer')) { return false; } $_mail = new PHPMailer(false); $_mail->IsSMTP(); // telling the class to use SMTP // get message template $_msg_tpl = @file_get_contents(SENAYAN_BASE_DIR . 'admin/admin_template/overdue-mail-tpl.html'); // date $_curr_date = date('Y-m-d H:i:s'); // compile overdue data $_overdue_data = '<table width="100%" border="1">' . "\n"; $_overdue_data .= '<tr><th>Title</th><th>Item Code</th><th>Loan Date</th><th>Due Date</th><th>Overdue</th></tr>' . "\n"; $_arr_overdued = self::getOverduedLoan($this->obj_db, $this->member_id); foreach ($_arr_overdued as $_overdue) { $_overdue_data .= '<tr>'; $_overdue_data .= '<td>' . $_overdue['title'] . '</td><td>' . $_overdue['item_code'] . '</td><td>' . $_overdue['loan_date'] . '</td><td>' . $_overdue['due_date'] . '</td><td>' . $_overdue['Overdue Days'] . ' days</td>' . "\n"; $_overdue_data .= '</tr>'; } $_overdue_data .= '</table>'; // message $_message = str_ireplace(array('<!--MEMBER_ID-->', '<!--MEMBER_NAME-->', '<!--OVERDUE_DATA-->', '<!--DATE-->'), array($this->member_id, $this->member_name, $_overdue_data, $_curr_date), $_msg_tpl); // e-mail setting // $_mail->SMTPDebug = 2; $_mail->SMTPAuth = $sysconf['mail']['auth_enable']; $_mail->Host = $sysconf['mail']['server']; $_mail->Port = $sysconf['mail']['server_port']; $_mail->Username = $sysconf['mail']['auth_username']; $_mail->Password = $sysconf['mail']['auth_password']; $_mail->SetFrom($sysconf['mail']['from'], $sysconf['mail']['from_name']); $_mail->AddReplyTo($sysconf['mail']['reply_to'], $sysconf['mail']['reply_to_name']); $_mail->AddAddress($this->member_email, $this->member_name); $_mail->Subject = 'Overdue Notice for Member ' . $this->member_name . ' (' . $this->member_email . ')'; $_mail->AltBody = strip_tags($_message); $_mail->MsgHTML($_message); $_sent = $_mail->Send(); if (!$_sent) { return array('status' => 'ERROR', 'message' => $_mail->ErrorInfo); utility::writeLogs($this->obj_db, 'staff', isset($_SESSION['uid']) ? $_SESSION['uid'] : '1', 'membership', 'FAILED to send overdue notification e-mail to ' . $this->member_email . ' (' . $_mail->ErrorInfo . ')'); } else { return array('status' => 'SENT', 'message' => 'Overdue notification E-Mail have been sent to ' . $this->member_email); utility::writeLogs($this->obj_db, 'staff', isset($_SESSION['uid']) ? $_SESSION['uid'] : '1', 'membership', 'Overdue notification e-mail sent to ' . $this->member_email); } }
if ($json_error) { die(json_encode(array('status' => 'JSON_ERROR', 'message' => $json_errors[$json_error]))); } } // node ID $node_id = $op['node_info']['id']; // authentication if (isset($sysconf['node'][$node_id])) { // check for password if ($sysconf['node'][$node_id]['password'] === $op['node_info']['password']) { $action = $op['node_data']['operation']; $action_data = $op['node_data']['biblio']; // update/delete catalog data if ($action_data) { if ($action == 'delete') { $_del = @$dbs->query("DELETE FROM biblio WHERE orig_biblio_id IN ({$action_data}) AND node_id='{$node_id}'"); $_deleted_num = $dbs->affected_rows; // write log utility::writeLogs($dbs, 'nodes', $op['node_info']['id'], 'ucs', 'Node ' . $node_id . '(' . $op['node_info']['name'] . ') delete ' . $_deleted_num . ' catalog data'); die(json_encode(array('status' => 'DELETED', 'message' => $_deleted_num . ' catalog record(s) delete succesfully from ' . $sysconf['server']['name'] . '!'))); } } } else { die(json_encode(array('status' => 'NOT_AUTHORIZED', 'message' => 'You not authorized to update data on server ' . $sysconf['server']['name'] . '! Please check your ucnode.inc.php file for correct configuration!'))); } } else { die(json_encode(array('status' => 'NOT_AUTHORIZED', 'message' => 'You not authorized to update data on server ' . $sysconf['server']['name'] . '! Please check your ucnode.inc.php file for correct configuration!'))); } } else { die(json_encode(array('status' => 'NO_DATA', 'message' => 'Request is empty! Could be error on HTTP request'))); }
// IP based access limitation require LIB . 'ip_based_access.inc.php'; do_checkIP('smc'); do_checkIP('smc-bibliography'); require SB . 'admin/default/session_check.inc.php'; require SIMBIO . 'simbio_FILE/simbio_directory.inc.php'; require SIMBIO . 'simbio_GUI/form_maker/simbio_form_table_AJAX.inc.php'; require SIMBIO . 'simbio_GUI/table/simbio_table.inc.php'; require SIMBIO . 'simbio_DB/simbio_dbop.inc.php'; if (isset($_POST['updateSettings'])) { $setting_type = trim($_POST['settingType']); $setting_name = $setting_type . '_print_settings'; // reset $dbs->query(sprintf("REPLACE INTO setting (setting_name, setting_value) VALUES ('%s', '%s')", $setting_name, $dbs->escape_string(serialize($_POST[$setting_type])))); // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' change ' . $setting_type . ' print settings'); utility::jsAlert(__('Settings saved')); echo '<script type="text/javascript"></script>'; } /* Config Vars update process end */ $type = 'barcode'; if (isset($_GET['type'])) { $type = trim($_GET['type']); } if (!in_array($type, array('barcode', 'label', 'membercard'))) { $type = 'barcode'; } // include printed settings configuration file include SB . 'admin' . DS . 'admin_template' . DS . 'printed_settings.inc.php'; // check for custom template settings $custom_settings = SB . 'admin' . DS . $sysconf['admin_template']['dir'] . DS . $sysconf['template']['theme'] . DS . 'printed_settings.inc.php';
$_POST['itemID'] = array((int) $_POST['itemID']); } // loop array foreach ($_POST['itemID'] as $itemID) { $itemID = (int) $itemID; // get module data $module_q = $dbs->query('SELECT module_name, module_path FROM mst_module WHERE module_id=' . $itemID); $module_d = $module_q->fetch_row(); if (!$sql_op->delete('mst_module', "module_id={$itemID}")) { $error_num++; } else { // also delete all records related to this data // delete group privileges $dbs->query('DELETE FROM group_access WHERE module_id=' . $itemID); // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' DELETE module (' . $module_d[0] . ') with path (' . $module_d[1] . ')'); } } // error alerting if ($error_num == 0) { utility::jsAlert(__('All Data Successfully Deleted')); echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '?' . $_POST['lastQueryStr'] . '\', \'post\');</script>'; } else { utility::jsAlert(__('Some or All Data NOT deleted successfully!\\nPlease contact system administrator')); echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '?' . $_POST['lastQueryStr'] . '\', \'post\');</script>'; } exit; } } /* RECORD OPERATION */ /* search form */
} echo '<script type="text/javascript">self.location.href = \'' . MODULES_WEB_ROOT_DIR . 'serial_control/subscription.php?biblioID=' . $biblioID . '\';</script>'; exit; } else { /* INSERT RECORD MODE */ // insert the data $insert = $sql_op->insert('serial', $data); $serial_id = $sql_op->insert_id; if ($insert) { $exemplar = (int) $_POST['exemplar']; // generate kardex entry $serial = new serial($dbs, $serial_id); $serial->generateKardexes($exemplar, true); // alert utility::jsAlert(__('New Subscription Data Successfully Saved')); utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'serial_control', $_SESSION['realname'] . ' add new subcription(' . $sql_op->insert_id . ') ' . $period); } else { utility::jsAlert(__('Subscription Data FAILED to Save. Please Contact System Administrator') . "\n" . $sql_op->error); } echo '<script type="text/javascript">self.location.href = \'' . MODULES_WEB_ROOT_DIR . 'serial_control/subscription.php?biblioID=' . $biblioID . '\';</script>'; exit; } } exit; } else { if (isset($_POST['itemID']) and !empty($_POST['itemID']) and isset($_POST['itemAction'])) { if (!($can_read and $can_write)) { die; } /* DATA DELETION PROCESS */ $sql_op = new simbio_dbop($dbs);
* * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA * */ // key to authenticate define('INDEX_AUTH', '1'); /* Library Automation logout */ // required file require '../sysconfig.inc.php'; // start the session require SB . 'admin/default/session.inc.php'; // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' Log Out from application from address ' . $_SERVER['REMOTE_ADDR']); // redirecting pages $msg = '<script type="text/javascript">'; if ($sysconf['logout_message']) { $msg .= 'alert(\'' . __('You Have Been Logged Out From Library Automation System') . '\');'; } $msg .= 'location.href = \'' . SWB . 'index.php?p=login\';'; $msg .= '</script>'; // unset admin cookie flag setcookie('admin_logged_in', true, time() - 86400, SWB); // completely destroy session cookie simbio_security::destroySessionCookie($msg, COOKIES_NAME, SWB . 'admin/', true);
require SIMBIO_BASE_DIR . 'simbio_DB/simbio_dbop.inc.php'; if (isset($_POST['resync'])) { // update stock item data against bibliographic and item data $update_q = $dbs->query('UPDATE stock_take_item AS sti LEFT JOIN item AS i ON sti.item_code=i.item_code LEFT JOIN mst_coll_type AS ct ON i.coll_type_id=ct.coll_type_id LEFT JOIN mst_location AS loc ON i.location_id=loc.location_id LEFT JOIN biblio AS b ON i.biblio_id=b.biblio_id LEFT JOIN mst_gmd AS g ON b.gmd_id=g.gmd_id SET sti.title=b.title, sti.gmd_name=g.gmd_name, sti.classification=b.classification, sti.call_number=b.call_number, sti.coll_type_name=ct.coll_type_name'); if (!$dbs->error) { $aff_rows = $dbs->affected_rows; // record to log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'stock_take', 'Stock Take Re-Synchronization'); echo '<script type="text/javascript">' . "\n"; echo 'parent.$(\'resyncInfo\').update(\'' . $aff_rows . ' Stock Take\\\'s Item Data Successfully Synchronized!\');' . "\n"; echo 'parent.$(\'resyncInfo\').setStyle( {display: \'block\'} );' . "\n"; echo '</script>'; } else { echo '<script type="text/javascript">' . "\n"; echo 'parent.$(\'resyncInfo\').update(\'Stock Take\\\'s Item Data FAILED to Synchronized!\');' . "\n"; echo 'parent.$(\'resyncInfo\').setStyle( {color: \'red\', display: \'block\'} );' . "\n"; echo '</script>'; } exit; } echo '<div class="infoBox">' . lang_mod_stocktake_resync_info . "\n"; echo '<hr size="1" />' . "\n"; echo '<form action="' . $_SERVER['PHP_SELF'] . '" method="post" target="resyncSubmit">' . "\n";
$updated_row++; } } else { if ($dbs->affected_rows > 0) { $updated_row++; } } } $row_count++; } } // close file handle fclose($file); $end_time = time(); $import_time_sec = $end_time - $start_time; utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', 'Importing ' . $updated_row . ' item records from file : ' . $_FILES['importFile']['name']); echo '<script type="text/javascript">' . "\n"; echo 'parent.$(\'#importInfo\').html(\'<strong>' . $updated_row . '</strong> records updated successfully to item database, from record <strong>' . $_POST['recordOffset'] . ' in ' . $import_time_sec . ' second(s)</strong>\');' . "\n"; echo 'parent.$(\'#importInfo\').css( {\'display\': \'block\'} );' . "\n"; echo '</script>'; exit; } } } ?> <fieldset class="menuBox"> <div class="menuBoxInner importIcon"> <?php echo __('ITEM IMPORT TOOL'); ?> <hr />
// loop array foreach ($_POST['itemID'] as $itemID) { $itemID = (int) $itemID; // check if the item still on loan $loan_q = $dbs->query('SELECT i.item_code, b.title, COUNT(l.loan_id) FROM item AS i LEFT JOIN biblio AS b ON i.biblio_id=b.biblio_id LEFT JOIN loan AS l ON (i.item_code=l.item_code AND l.is_lent=1 AND l.is_return=0) WHERE i.item_id=' . $itemID . ' GROUP BY i.item_code'); $loan_d = $loan_q->fetch_row(); // if there is no loan if ($loan_d[2] < 1) { if (!$sql_op->delete('item', 'item_id=' . $itemID)) { $error_num++; } else { // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' DELETE item data (' . $loan_d[0] . ') with title (' . $loan_d[1] . ')'); } } else { $still_on_loan[] = $loan_d[0] . ' - ' . $loan_d[1]; $error_num++; } } if ($still_on_loan) { $items = ''; foreach ($still_on_loan as $item) { $items .= $item . "\n"; } utility::jsAlert(__('Item data can not be deleted because still on hold by members') . " : \n" . $items); echo '<script type="text/javascript">parent.$(\'#mainContent\').simbioAJAX(\'' . $_SERVER['PHP_SELF'] . '?' . $_POST['lastQueryStr'] . '\');</script>'; exit; }
// put html to file $file_write = @file_put_contents(REPORT_FILE_BASE_DIR . $stk_take_report_filename, $html_str); if ($file_write) { // open result in new window echo '<script type="text/javascript">parent.openWin(\'' . SENAYAN_WEB_ROOT_DIR . '/' . FILES_DIR . '/' . REPORT_DIR . '/' . $stk_take_report_filename . '\', \'popMemberReport\', 800, 500, true)</script>'; } else { utility::jsAlert('ERROR! Stock take report failed to generate, possibly because ' . REPORT_FILE_BASE_DIR . ' directory is not writable'); } // update $update_st_q = $dbs->query("UPDATE stock_take SET report_file='{$stk_take_report_filename}' WHERE is_active=1"); // set currently active stock take process to unactive $inactive_q = $dbs->query('UPDATE stock_take SET is_active=0'); // clean all current stock take error log $error_log_q = $dbs->query('DELETE FROM system_log WHERE log_location=\'stock_take\' AND log_msg LIKE \'Stock Take ERROR%\''); // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'stock_take', $_SESSION['realname'] . ' finish stock take (' . $stk_take_d[0] . ') from address ' . $_SERVER['REMOTE_ADDR']); // send an alert echo '<script type="text/javascript">'; echo 'alert(\'' . __('Stock Take Proccess Finished!') . '\');'; echo 'parent.location.href = \'' . SENAYAN_WEB_ROOT_DIR . 'admin/index.php?mod=stock_take\';'; echo '</script>'; } exit; } else { ?> <fieldset class="menuBox"> <div class="menuBoxInner errorIcon"> <strong style="color: #f00;"><?php echo strtoupper(__('Finish Stock Take')); ?> <hr />
// get number of item on loan $item_loan_q = $dbs->query("SELECT COUNT(loan_id) FROM loan AS l WHERE is_lent=1 AND is_return=0"); $item_loan_d = $item_loan_q->fetch_row(); if (!$item_loan_d[0]) { $item_loan_d[0] = 0; } // update data for item being loan $update_q = $dbs->query("UPDATE stock_take_item SET status='l' WHERE item_code IN (SELECT item_code FROM loan AS l WHERE is_lent=1 AND is_return=0)"); // total rows inserted $total_rows_q = $dbs->query("SELECT COUNT(item_code) FROM stock_take_item WHERE status='m'"); $total_rows_d = $total_rows_q->fetch_row(); if ($total_rows_d[0] > 0) { // update total_lost_item field value in stock_take table $update_total_q = $dbs->query('UPDATE stock_take SET total_item_stock_taked=' . $total_rows_d[0] . ', total_item_loan=' . $item_loan_d[0] . ', total_item_lost=' . $total_rows_d[0] . ", stock_take_users='" . $_SESSION['realname'] . "\n' WHERE stock_take_id={$stock_take_id}"); // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'stock_take', $_SESSION['realname'] . ' initialize stock take (' . $data['stock_take_name'] . ') from address ' . $_SERVER['REMOTE_ADDR']); utility::jsAlert(__('Stock Taking Initialized')); echo '<script type="text/javascript">parent.location.href = \'' . SENAYAN_WEB_ROOT_DIR . 'admin/index.php?mod=stock_take\';</script>'; } else { // delete stock take data $dbs->query('DELETE FROM stock_take WHERE stock_take_id=' . $stock_take_id); utility::jsAlert(__('Stock Taking FAILED to Initialized.\\nNo item to stock take!')); } exit; } } } // create new instance $form = new simbio_form_table('mainForm', $_SERVER['PHP_SELF'] . '?action=new', 'post'); $form->submit_button_attr = 'name="saveData" value="' . __('Initialize Stock Take') . '" class="button"'; // form table attributes
function sendReserveMail() { if (count($_SESSION['m_mark_biblio']) > 0) { $_ids = '('; foreach ($_SESSION['m_mark_biblio'] as $_biblio) { $_ids .= (int) $_biblio . ','; } $_ids = substr_replace($_ids, '', -1); $_ids .= ')'; } else { return array('status' => 'ERROR', 'message' => 'No Titles to reserve'); } global $dbs, $sysconf; require LIB . 'phpmailer/class.phpmailer.php'; $_mail = new PHPMailer(false); $_mail->IsSMTP(); // get message template $_msg_tpl = @file_get_contents(SB . 'template/reserve-mail-tpl.html'); // date $_curr_date = date('Y-m-d H:i:s'); // query $_biblio_q = $dbs->query("SELECT biblio_id, title FROM biblio WHERE biblio_id IN {$_ids}"); // compile reservation data $_data = '<table width="100%" border="1">' . "\n"; $_data .= '<tr><th>Titles to reserve</th></tr>' . "\n"; while ($_title_d = $_biblio_q->fetch_assoc()) { $_data .= '<tr>'; $_data .= '<td>' . $_title_d['title'] . '</td>' . "\n"; $_data .= '</tr>'; } $_data .= '</table>'; // message $_message = str_ireplace(array('<!--MEMBER_ID-->', '<!--MEMBER_NAME-->', '<!--DATA-->', '<!--DATE-->'), array($_SESSION['mid'], $_SESSION['m_name'], $_data, $_curr_date), $_msg_tpl); // e-mail setting // $_mail->SMTPDebug = 2; $_mail->SMTPAuth = $sysconf['mail']['auth_enable']; $_mail->Host = $sysconf['mail']['server']; $_mail->Port = $sysconf['mail']['server_port']; $_mail->Username = $sysconf['mail']['auth_username']; $_mail->Password = $sysconf['mail']['auth_password']; $_mail->SetFrom($sysconf['mail']['from'], $sysconf['mail']['from_name']); $_mail->AddReplyTo($sysconf['mail']['reply_to'], $sysconf['mail']['reply_to_name']); // send carbon copy off reserve e-mail to member/requester $_mail->AddCC($_SESSION['m_email'], $_SESSION['m_name']); // send reservation e-mail to librarian $_mail->AddAddress($sysconf['mail']['from'], $sysconf['mail']['from_name']); // additional recipient if (isset($sysconf['mail']['add_recipients'])) { foreach ($sysconf['mail']['add_recipients'] as $_recps) { $_mail->AddAddress($_recps['from'], $_recps['from_name']); } } $_mail->Subject = 'Reservation request from Member ' . $_SESSION['m_name'] . ' (' . $_SESSION['m_email'] . ')'; $_mail->AltBody = strip_tags($_message); $_mail->MsgHTML($_message); $_sent = $_mail->Send(); if (!$_sent) { return array('status' => 'ERROR', 'message' => $_mail->ErrorInfo); utility::writeLogs($this->obj_db, 'member', isset($_SESSION['mid']) ? $_SESSION['mid'] : '0', 'membership', 'FAILED to send reservation e-mail to ' . $_SESSION['m_email'] . ' (' . $_mail->ErrorInfo . ')'); } else { return array('status' => 'SENT', 'message' => 'Overdue notification E-Mail have been sent to ' . $_SESSION['m_email']); utility::writeLogs($this->obj_db, 'member', isset($_SESSION['mid']) ? $_SESSION['mid'] : '0', 'membership', 'Reservation notification e-mail sent to ' . $_SESSION['m_email']); } }
if ($item_check_d['status'] == 'e') { echo '<script type="text/javascript">' . "\n"; echo 'parent.$(\'#stError\').html(\'Item ' . $item_code . ' is already SCANNED!\')'; echo '.css( {\'display\': \'block\'} );' . "\n"; echo 'parent.$(\'#itemCode\').val(\'\').focus();' . "\n"; echo '</script>'; } else { $listShow = 0; if (isset($_POST['listShow']) && $_POST['listShow'] == '1') { $listShow = 1; } // current time $curr_time = date('Y-m-d H:i:s'); $update = $dbs->query("UPDATE stock_take_item SET status='e', checked_by='" . $_SESSION['realname'] . "', last_update='" . $curr_time . "' WHERE item_code='{$item_code}'"); $update = $dbs->query("UPDATE stock_take SET total_item_lost=total_item_lost-1 WHERE is_active=1"); echo '<script type="text/javascript">' . "\n"; echo 'parent.$(\'#mainContent\').simbioAJAX(\'' . MODULES_WEB_ROOT_DIR . 'stock_take/current.php?listShow=' . $listShow . '\');' . "\n"; echo '</script>'; } } } else { // record to log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'stock_take', 'Stock Take ERROR : Item Code ' . $item_code . ' doesnt exists in stock take data. Invalid Item Code OR Maybe out of Stock Take range'); echo '<script type="text/javascript">' . "\n"; echo 'parent.$(\'#stError\').html(\'Item Code ' . $item_code . ' doesnt exists in stock take data.\\nInvalid Item Code OR Maybe out of Stock Take range\')'; echo '.css( {\'display\': \'block\'} );' . "\n"; echo 'parent.$(\'#itemCode\').val(\'\').focus();' . "\n"; echo '</script>'; } echo '</body></html>'; }
echo 'parent.setIframeContent(\'attachIframe\', \'' . MODULES_WEB_ROOT_DIR . 'bibliography/iframe_attach.php?biblioID=' . $updateBiblioID . '\');'; echo '</script>'; } else { utility::jsAlert('' . __('File Attachment data FAILED to update!') . '' . "\n" . $sql_op->error); } } else { if ($sql_op->insert('biblio_attachment', $data)) { echo '<script type="text/javascript">'; echo 'alert(\'' . __('File Attachment uploaded succesfully!') . '\');'; echo 'parent.setIframeContent(\'attachIframe\', \'' . MODULES_WEB_ROOT_DIR . 'bibliography/iframe_attach.php?biblioID=' . $data['biblio_id'] . '\');'; echo '</script>'; } else { utility::jsAlert('' . __('File Attachment data FAILED to save!') . '' . "\n" . $sql_op->error); } } utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' updating file attachment data'); } else { if ($uploaded_file_id) { // add to session array $fdata['file_id'] = $uploaded_file_id; $fdata['access_type'] = trim($_POST['accessType']); $_SESSION['biblioAttach'][$uploaded_file_id] = $fdata; echo '<script type="text/javascript">'; echo 'alert(\'' . __('File Attachment uploaded succesfully!') . '\');'; echo 'parent.setIframeContent(\'attachIframe\', \'' . MODULES_WEB_ROOT_DIR . 'bibliography/iframe_attach.php\');'; echo '</script>'; } } } // create new instance $form = new simbio_form_table('mainForm', $_SERVER['PHP_SELF'] . '?biblioID=' . $biblioID, 'post');
echo '</script>'; exit; } // transaction is started if (isset($_POST['memberID']) or isset($_SESSION['memberID'])) { // create member object // if there is already member ID session if (isset($_SESSION['memberID'])) { $memberID = trim($_SESSION['memberID']); } else { // new transaction proccess // clear previous sessions $_SESSION['temp_loan'] = array(); $memberID = trim(preg_replace('@\\s*(<.+)$@i', '', $_POST['memberID'])); // write log utility::writeLogs($dbs, 'member', $memberID, 'circulation', $_SESSION['realname'] . ' start transaction with member (' . $memberID . ')'); } $member = new member($dbs, $memberID); if (!$member->valid()) { # echo '<div class="errorBox">Member ID '.$memberID.' not valid (unregistered in database)</div>'; echo '<div class="errorBox">' . __('Member ID') . ' ' . $memberID . ' ' . __(' not valid (unregistered in database)') . '</div>'; //mfc } else { // get member information $member_type_d = $member->getMemberTypeProp(); // member type ID $_SESSION['memberTypeID'] = $member->member_type_id; // save member ID to the sessions $_SESSION['memberID'] = $member->member_id; // create renewed/reborrow session array $_SESSION['reborrowed'] = array();
$subject_type = 'gr'; } else { if ($subject['term_type'] == 'Occupation') { $subject_type = 'oc'; } else { $subject_type = strtolower(substr($subject['term_type'], 0, 1)); } } } $subject_id = getSubjectID($subject['term'], $subject_type, $subject_cache); @$dbs->query("INSERT IGNORE INTO biblio_topic (biblio_id, topic_id, level) VALUES ({$biblio_id}, {$subject_id}, 1)"); } } if ($biblio_id) { // write to logs utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' insert bibliographic data from P2P service (server:' . $p2pserver . ') with (' . $biblio['title'] . ') and biblio_id (' . $biblio_id . ')'); $r++; } } } utility::jsAlert($r . ' records inserted to database.'); echo '<script type="text/javascript">parent.$(\'#mainContent\').simbioAJAX(\'' . $_SERVER['PHP_SELF'] . '\');</script>'; exit; } /* RECORD OPERATION END */ /* SEARCH OPERATION */ if (isset($_GET['keywords']) && $can_read && isset($_GET['p2pserver'])) { $max_fetch = 20; # get server information $serverid = (int) $_GET['p2pserver']; $p2pserver = $sysconf['p2pserver'][$serverid]['uri'];
$error_num = 0; if (!is_array($_POST['itemID'])) { // make an array $_POST['itemID'] = array((int) $_POST['itemID']); } // loop array foreach ($_POST['itemID'] as $itemID) { $itemID = (int) $itemID; // get user data $user_q = $dbs->query('SELECT username, realname FROM user WHERE user_id=' . $itemID); $user_d = $user_q->fetch_row(); if (!$sql_op->delete('user', "user_id='{$itemID}'")) { $error_num++; } else { // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' DELETE user (' . $user_d[1] . ') with username (' . $user_d[0] . ')'); } } // error alerting if ($error_num == 0) { utility::jsAlert(__('All Data Successfully Deleted')); echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '?' . $_POST['lastQueryStr'] . '\', \'post\');</script>'; } else { utility::jsAlert(__('Some or All Data NOT deleted successfully!\\nPlease contact system administrator')); echo '<script type="text/javascript">parent.setContent(\'mainContent\', \'' . $_SERVER['PHP_SELF'] . '?' . $_POST['lastQueryStr'] . '\', \'post\');</script>'; } exit; } } /* RECORD OPERATION END */ if (!$changecurrent) {
$_POST['itemID'] = array($dbs->escape_string(trim($_POST['itemID']))); } // loop array foreach ($_POST['itemID'] as $itemID) { $itemID = $dbs->escape_string(trim($itemID)); // check if the member still have loan $loan_q = $dbs->query('SELECT DISTINCT m.member_id, m.member_name, COUNT(l.loan_id) FROM member AS m LEFT JOIN loan AS l ON (m.member_id=l.member_id AND l.is_lent=1 AND l.is_return=0) WHERE m.member_id=\'' . $itemID . '\' GROUP BY m.member_id'); $loan_d = $loan_q->fetch_row(); if ($loan_d[2] < 1) { if (!$sql_op->delete('member', "member_id='{$itemID}'")) { $error_num++; } else { // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'membership', $_SESSION['realname'] . ' DELETE member data (' . $loan_d[1] . ') with ID (' . $loan_d[0] . ')'); } } else { $still_have_loan[] = $loan_d[0] . ' - ' . $loan_d[1]; $error_num++; } } if ($still_have_loan) { $members = ''; foreach ($still_have_loan as $mbr) { $members .= $mbr . "\n"; } utility::jsAlert(__('Below member data can\'t be deleted because still have unreturned item(s)') . ' : ' . "\n" . $mbr); exit; } // error alerting
?> </h2> </div> <div class="infoBox"> <?php echo __('Add or remove application shortcuts'); ?> </div> <?php if (isset($_POST['selectedShortcuts']) && count($_POST['selectedShortcuts'])) { $shortcuts = $dbs->escape_string(serialize($_POST['selectedShortcuts'])); $dbs->query('REPLACE INTO setting (setting_name, setting_value) VALUES (\'shortcuts_' . $_SESSION['uid'] . '\', \'' . $shortcuts . '\')'); echo '<div class="infoBox">' . __('Shortcut setting saved') . '</div>'; // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' change application shortcuts'); } ?> </div> </fieldset> <?php /* main content */ ob_start(); ?> <form name="shortcut-form" class="shortcut-form submitViaAJAX" id="mainForm" method="post" action="<?php echo MWB . 'system/shortcut.php'; ?> "> <div class="row"> <div class="col-md-5"> <select class="form-control shortcuts-list" name="shortcutsOptions" id="shortcuts-options" multiple="multiple" size="10">