/
receipt.php
156 lines (117 loc) · 8.12 KB
/
receipt.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
<?php
// Project: Web Reference Database (refbase) <http://www.refbase.net>
// Copyright: Matthias Steffens <mailto:refbase@extracts.de> and the file's
// original author(s).
//
// This code is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY. Please see the GNU General Public
// License for more details.
//
// File: ./receipt.php
// Repository: $HeadURL: http://svn.code.sf.net/p/refbase/code/trunk/receipt.php $
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
//
// Created: 02-Jan-03, 22:43
// Modified: $Date: 2012-02-27 12:25:30 -0800 (Mon, 27 Feb 2012) $
// $Author: msteffens $
// $Revision: 1337 $
// This php script will display a feedback page after any action of
// adding/editing/deleting a record. It will display links to the
// modified/added record as well as to the previous search results page (if any)
// TODO: I18n
// Incorporate some include files:
include 'initialize/db.inc.php'; // 'db.inc.php' is included to hide username and password
include 'includes/header.inc.php'; // include header
include 'includes/footer.inc.php'; // include footer
include 'includes/include.inc.php'; // include common functions
include 'initialize/ini.inc.php'; // include common variables
// --------------------------------------------------------------------
// START A SESSION:
// call the 'start_session()' function (from 'include.inc.php') which will also read out available session variables:
start_session(true);
// --------------------------------------------------------------------
// Initialize preferred display language:
// (note that 'locales.inc.php' has to be included *after* the call to the 'start_session()' function)
include 'includes/locales.inc.php'; // include the locales
// --------------------------------------------------------------------
// First of all, check if this script was called by something else than 'record.php' (via 'modify.php'):
// Notes: - although 'receipt.php' gets actually called by 'modify.php', the referrer will be still set to 'record.php'
// - if a user clicks on Login/Logout while viewing a 'receipt.php' page she should get directed back to this receipt page (which is why 'receipt.php' must be also among the recognized referrers)
if (!preg_match("/.*(record|receipt)\.php.*/", $referer)) // variable '$referer' is globally defined in function 'start_session()' in 'include.inc.php'
{
// return an appropriate error message:
$HeaderString = returnMsg($loc["Warning_InvalidCallToScript"] . " '" . scriptURL() . "'!", "warning", "strong", "HeaderString"); // functions 'returnMsg()' and 'scriptURL()' are defined in 'include.inc.php'
header("Location: " . $referer); // redirect to calling page
exit; // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> !EXIT! <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
}
// [ Extract form variables sent through POST/GET by use of the '$_REQUEST' variable ]
// [ !! NOTE !!: for details see <http://www.php.net/release_4_2_1.php> & <http://www.php.net/manual/en/language.variables.predefined.php> ]
// Extract the type of action requested by the user (either 'add', 'edit', 'delet' or ''):
// ('' will be treated equal to 'add')
$recordAction = $_REQUEST['recordAction'];
if ("$recordAction" == "")
$recordAction = "add"; // '' will be treated equal to 'add'
// Extract the id number of the record that was added/edited/deleted by the user:
$serialNo = $_REQUEST['serialNo'];
// Extract the header message that was returned by 'modify.php':
$HeaderString = $_REQUEST['headerMsg'];
// Function 'showLogin()' in 'include.inc.php' requires the header string being available in the '$headerMsg' variable so that it gets included within the Login/Logout links:
$headerMsg = $HeaderString;
// Extract the view type requested by the user (either 'Mobile', 'Print', 'Web' or ''):
// ('' will produce the default 'Web' output style)
if (isset($_REQUEST['viewType']))
$viewType = $_REQUEST['viewType'];
else
$viewType = "";
// Get the query URL of the last multi-record query:
if (isset($_SESSION['oldMultiRecordQuery']))
$oldMultiRecordQuery = $_SESSION['oldMultiRecordQuery'];
else
$oldMultiRecordQuery = "";
// --------------------------------------------------------------------
// (4) DISPLAY HEADER & RESULTS
// (NOTE: Since there's no need to query the database here, we won't perform any of the following: (1) OPEN CONNECTION, (2) SELECT DATABASE, (3) RUN QUERY, (5) CLOSE CONNECTION)
// Show the login status:
showLogin(); // (function 'showLogin()' is defined in 'include.inc.php')
// (4a) DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Record Action Feedback", "noindex,nofollow", "Feedback page that confirms any adding, editing or deleting of records in the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (4b) DISPLAY results:
// construct the correct SQL query that will link back to the added/edited record:
$sqlQuery = buildSELECTclause("Display", "1", "", true, false); // function 'buildSELECTclause()' is defined in 'include.inc.php'
if (isset($_SESSION['loginEmail'])) // if a user is logged in, show user specific fields:
$sqlQuery .= " FROM $tableRefs LEFT JOIN $tableUserData ON serial = record_id AND user_id = " . quote_smart($loginUserID) . " WHERE serial RLIKE " . quote_smart("^(" . $serialNo . ")$") . " ORDER BY author, year DESC, publication"; // we simply use the fixed default ORDER BY clause here
else // if NO user logged in, don't display any user specific fields:
$sqlQuery .= " FROM $tableRefs WHERE serial RLIKE " . quote_smart("^(" . $serialNo . ")$") . " ORDER BY author, year DESC, publication"; // we simply use the fixed default ORDER BY clause here
$sqlQuery = rawurlencode($sqlQuery);
// Generate a 'search.php' URL that points to the formerly displayed results page:
if (!empty($oldMultiRecordQuery))
$oldMultiRecordQueryURL = generateURL("search.php", "html", $oldMultiRecordQuery, true); // function 'generateURL()' is defined in 'include.inc.php'
// Build a TABLE, containing one ROW and DATA tag:
echo "\n<table align=\"center\" border=\"0\" cellpadding=\"0\" cellspacing=\"10\" width=\"95%\" summary=\"This table holds links to the added/edited records as well as to the previously displayed search results page\">"
. "\n<tr>"
. "\n\t<td valign=\"top\">"
. "\n\t\tChoose how to proceed: ";
if (isset($_SESSION['user_permissions']) AND preg_match("/allow_details_view/", $_SESSION['user_permissions'])) // if the 'user_permissions' session variable does contain 'allow_details_view'...
{
if ($recordAction != "delet")
echo "\n\t\t<a href=\"search.php?sqlQuery=" . $sqlQuery . "&showQuery=0&showLinks=1&formType=sqlSearch&submit=Display\">Show " . $recordAction . "ed record</a>";
if ($recordAction != "delet" && !empty($oldMultiRecordQuery))
echo "\n\t\t -OR- ";
}
if (!empty($oldMultiRecordQuery)) // only provide a link to any previous search results if '$oldMultiRecordQuery' isn't empty
echo "\n\t\t<a href=\"" . $oldMultiRecordQueryURL . "\">Display previous search results</a>";
if ((isset($_SESSION['user_permissions']) AND preg_match("/allow_details_view/", $_SESSION['user_permissions']) AND ($recordAction != "delet")) || !empty($oldMultiRecordQuery))
echo "\n\t\t -OR- ";
echo "\n\t\t<a href=\"index.php\">Goto " . encodeHTML($officialDatabaseName) . " Home</a>"; // we include the link to the home page here so that "Choose how to proceed:" never stands without any link to go
echo "\n\t</td>"
. "\n</tr>"
. "\n</table>";
// --------------------------------------------------------------------
// DISPLAY THE HTML FOOTER:
// call the 'showPageFooter()' and 'displayHTMLfoot()' functions (which are defined in 'footer.inc.php')
showPageFooter($HeaderString);
displayHTMLfoot();
// --------------------------------------------------------------------
?>