function viewBooking()
{
global $arrSiteConfig;
global $STR_URL, $STR_PATH;
$this->conn = DB::dbConnect();
$query = "SELECT * FROM `mbs_bookings` WHERE `booking_id` = '" . mysql_real_escape_string($_REQUEST['booking_id']) . "' LIMIT 1";
$result = mysql_query($query);
if ($result) {
$row = mysql_fetch_assoc($result);
// get some variables
$intBookingYear = substr($row['booking_date'], 0, 4);
$strFilePath = $STR_PATH . $row['booking_file_path'] . $row['booking_file_name'];
// get supplier data
$strQuerySupplier = "SELECT * FROM `mbs_suppliers` WHERE `supplier_id` = '" . mysql_real_escape_string($row['supplier_id']) . "'";
$resultSupplier = mysql_query($strQuerySupplier);
if ($resultSupplier) {
$rowSupplier = mysql_fetch_assoc($resultSupplier);
// get marketing contact
$strQueryContact = "SELECT * FROM `mbs_suppliers_marketing_contacts` WHERE `supplier_id` = '" . mysql_real_escape_string($rowSupplier['supplier_id']) . "'";
$resultContact = mysql_query($strQueryContact);
if ($resultContact) {
$rowContact = mysql_fetch_assoc($resultContact);
}
}
?>
<?php
if ($_REQUEST['pop'] == "yes") {
?>
<div align="center">
<form name="myformTop" action="<?php
if (preg_match("/_exec/", $_SERVER['HTTP_REFERER'])) {
if ($_SESSION['user']['type'] == 'admin') {
echo "booking_list.php";
} else {
echo "booking_search.php";
}
} else {
echo $_SERVER['HTTP_REFERER'];
}
?>
">
<input type="hidden" name="booking_id" value="<?php
echo $_REQUEST['booking_id'];
?>
">
<input type="hidden" name="page_num" value="<?php
echo $_REQUEST['page_num'];
?>
">
<input type="hidden" name="frm_search_text" value="<?php
echo $_REQUEST['frm_search_text'];
?>
">
<input class="btn" type="submit" value="Close" onclick="this.value='Loading...'">
</form>
</div>
<?php
}
?>
<div class="container-fluid">
<div class="row-fluid">
<div class="span12" style="text-align:center;margin-top:20px;">
<h2>Booking » <?php
echo stripslashes(htmlspecialchars($row['booking_name']));
?>
</h2>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span12" style="text-align:center;margin-top:20px;">
<?php
if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'add') !== 0) {
?>
<a class="btn btn-popover" href="booking.php?action=add" rel="popover" data-content="Insert new Booking to the database" data-original-title="New Booking" title="New Booking"><img src="<?php
echo $STR_URL;
?>
img/add_icon.png" /> New Booking</a>
<?php
}
?>
<?php
if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'edit') !== 0) {
?>
<a class="btn btn-popover" href="booking.php?booking_id=<?php
echo $row['booking_id'];
?>
&action=edit" rel="popover" data-content="Edit Booking including the Promotional Activities included" data-original-title="Edit Booking" title="Edit Booking"><img src="<?php
echo $STR_URL;
?>
img/edit_icon.png" /> Edit</a>
<?php
}
?>
<?php
if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'delete') !== 0) {
?>
<a id="frm_delete_button_<?php
echo $row['booking_id'];
?>
" class="btn btn-popover" href="booking_list.php?booking_id=<?php
echo $row['booking_id'];
?>
&action=delete" rel="popover" data-content="Delete Booking from the database" data-original-title="Delete Booking" title="Delete Booking" /><img src="<?php
echo $STR_URL;
?>
img/delete_icon.png" /> Delete</a>
<?php
}
?>
<?php
if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'list') !== 0) {
?>
<a class="btn btn-popover" href="booking_list.php" rel="popover" data-content="Refresh the Booking List to the latest update" data-original-title="Booking List" title="Booking List"><img src="<?php
echo $STR_URL;
?>
img/list_icon.png" /> List</a>
<?php
}
?>
<a class="btn btn-popover" href="documentation_list.php#bookings" rel="popover" data-content="Look up for the Documentation about Booking module" data-original-title="Help" title="Help"><i class="icon-info-sign"></i> Help</a>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span12" style="text-align:center;margin-top:20px;">
<?php
if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'add') !== 0) {
?>
<!--<a class="btn" href="booking.php?booking_id=<?php
echo $row['booking_id'];
?>
&action=edit" title="New Promo Activity"><img src="<?php
echo $STR_URL;
?>
img/add_icon.png" /> New Promo Activity</a>-->
<?php
}
?>
<a class="btn btn-popover ajax callbacks cboxElement" href="booking_view_upload.php?action=upload&booking_id=<?php
echo $row['booking_id'];
?>
" rel="popover" data-content="Upload the scanned Booking document to server. Please upload in JPG, GIF, PNG or PDF format!" data-original-title="Upload Booking" title="Upload Booking"><img src="<?php
echo $STR_URL;
?>
img/upload_icon.png" /> Attach</a>
<?php
if ($row['booking_file_name'] && file_exists($strFilePath)) {
?>
<a class="btn btn-popover" href="booking_view_download.php?action=download&booking_id=<?php
echo $row['booking_id'];
?>
" rel="popover" data-content="Download attached scanned Booking document from server" data-original-title="Download Booking" title="Download Booking"><img src="<?php
echo $STR_URL;
?>
img/download_icon.png" /> Download</a>
<?php
}
?>
<a class="btn btn-popover" href="booking_view_print.php?action=print&booking_id=<?php
echo $row['booking_id'];
?>
" target="_blank" rel="popover" data-content="Print the Booking from the browser. A new tab and a Print dialog will be popped up" data-original-title="Print Booking" title="Print Booking"><img src="<?php
echo $STR_URL;
?>
img/print_icon.png" /> Print</a>
<a class="btn btn-popover ajax callbacks cboxElement" href="booking_view_email.php?action=email&booking_id=<?php
echo $row['booking_id'];
?>
" rel="popover" data-content="Send the Booking to a certain email" data-original-title="Email Booking" title="Email Booking"><img src="<?php
echo $STR_URL;
?>
img/email_icon.png" /> Email</a>
</div>
</div>
</div>
<fieldset>
<div class="container-fluid">
<div class="row-fluid">
<div class="span12" style="text-align:center;margin-top:20px;">
<h3>Promotional Activity <?php
echo $intBookingYear;
?>
</h3>
</div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span5">
<p><strong>Supplier Name: <?php
echo htmlspecialchars($rowSupplier['supplier_name']);
?>
</strong></p>
</div>
<div class="span3 offset4">
<p><strong>Date: <?php
echo HTML::convertDateTime($row['booking_date']);
?>
</strong></p>
</div>
</div>
</div>
<script>
$(document).ready(function () {
$('#frm_delete_button_<?php
echo $row['booking_id'];
?>
').click(function () {
if (confirmDeleteBooking())
{
var dataString = 'action=delete&booking_id=<?php
echo $row['booking_id'];
?>
';
var request = $.ajax({
url: 'ajax/booking_proc.php',
type: 'post',
data: dataString,
success: function(msg) {
$.gritter.add({
title: 'Info',
text: '<p>' + msg + '</p>',
image: '<?php
echo $STR_URL;
?>
img/accepted.png',
sticky: false,
time: '3000'
});
}
});
}
return false;
});
});
</script>
<?php
// Get the booking activity
$queryBookingActivity = "SELECT * FROM `mbs_bookings_activities` WHERE `booking_id` = '" . mysql_real_escape_string($_REQUEST['booking_id']) . "' ORDER BY `booking_activity_month`";
$resultBookingActivity = mysql_query($queryBookingActivity);
$arrBookingActivityData = array();
while ($rowBookingActivity = mysql_fetch_assoc($resultBookingActivity)) {
$arrBookingActivityData[] = $rowBookingActivity;
}
// Get the booking activity amount
$queryBookingActivityAmount = "SELECT COUNT(*) FROM `mbs_bookings_activities` WHERE `booking_id` = '" . mysql_real_escape_string($_REQUEST['booking_id']) . "'";
$resultBookingActivityAmount = mysql_query($queryBookingActivityAmount);
$rowBookingActivityAmount = mysql_fetch_row($resultBookingActivityAmount);
$intBookingActivityAmount = $rowBookingActivityAmount[0];
?>
<?php
if ($intBookingActivityAmount > 0) {
?>
<script>
$(document).ready(function() {
<?php
for ($i = 0; $i < count($arrBookingActivityData); $i++) {
?>
$('#frm_activity_edit_<?php
echo $arrBookingActivityData[$i]['booking_activity_id'];
?>
').click(function() {
window.location = "<?php
echo $STR_URL;
?>
booking.php?booking_id=<?php
echo $row['booking_id'];
?>
&action=edit&booking_activity_id=<?php
echo $arrBookingActivityData[$i]['booking_activity_id'];
?>
&child_action=edit-activity";
});
$('#frm_activity_delete_<?php
echo $arrBookingActivityData[$i]['booking_activity_id'];
?>
').click(function() {
if (confirmDeleteBookingActivity())
{
$(this).closest('tr').remove();
var dataString = 'action=delete&booking_id=<?php
echo $row['booking_id'];
?>
&booking_activity_id=<?php
echo $arrBookingActivityData[$i]['booking_activity_id'];
?>
';
var request = $.ajax({
url: 'ajax/booking_proc.php',
type: 'post',
data: dataString,
success: function(msg) {
$.gritter.add({
title: 'Info',
text: '<p>' + msg + '</p>',
image: '<?php
echo $STR_URL;
?>
img/accepted.png',
sticky: false,
time: '3000'
});
$('#frm_preview').load('ajax/booking_activity_preview.php?booking_id=<?php
echo $row['booking_id'];
?>
');
}
});
}
return false;
});
<?php
}
?>
});
</script>
<script>
$(function () {
$('.btn-popover').popover({
trigger: 'hover',
placement: 'top'
});
});
</script>
<?php
}
?>
<div id="frm_preview">
<table class="table table-bordered table-hover">
<thead class="well">
<tr>
<th style="text-align:center;"><strong>Month/Year</strong></th>
<th style="text-align:center;"><strong>Promotional Agreement</strong></th>
<th style="text-align:center;"><strong>Price</strong></th>
<th style="text-align:center;"><strong>Action</strong></th>
</tr>
</thead>
<tbody>
<?php
if ($intBookingActivityAmount > 0) {
?>
<?php
for ($i = 0; $i < count($arrBookingActivityData); $i++) {
?>
<?php
if ($arrBookingActivityData[$i]['store_id']) {
$arrStoreID = explode(',', $arrBookingActivityData[$i]['store_id']);
$intStoreCount = count($arrStoreID);
}
?>
<?php
if ($arrBookingActivityData[$i]['store_id']) {
$strPrice = $arrBookingActivityData[$i]['booking_activity_price'] * $intStoreCount;
} else {
$strPrice = $arrBookingActivityData[$i]['booking_activity_price'];
}
?>
<tr id="id<?php
echo $arrBookingActivityData[$i]['booking_activity_id'];
?>
">
<td><?php
echo HTML::getMonthName($arrBookingActivityData[$i]['booking_activity_month']);
?>
<?php
echo stripslashes($arrBookingActivityData[$i]['booking_activity_year']);
?>
</td>
<td><?php
echo stripslashes($arrBookingActivityData[$i]['booking_activity_description']);
?>
</td>
<td style="width:10%;"><div style="text-align:right;">$<?php
echo number_format($strPrice, 2);
?>
</div></td>
<?php
if ($_SESSION['user']['type'] == 'admin') {
?>
<td style="width:20%;"><div align="center">
<?php
if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'edit') !== 0 && $_SESSION['user']['type'] == 'user') {
?>
<!--<button class="btn" type="button" id="frm_activity_edit_<?php
echo $arrBookingActivityData[$i]['booking_activity_id'];
?>
"><img src="<?php
echo $STR_URL;
?>
img/edit_icon.png" /> Edit</button>-->
<?php
}
?>
<?php
if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'delete') !== 0 && $_SESSION['user']['type'] == 'user') {
?>
<button class="btn" type="button" id="frm_activity_delete_<?php
echo $arrBookingActivityData[$i]['booking_activity_id'];
?>
"><img src="<?php
echo $STR_URL;
?>
img/delete_icon.png" /> Remove</button>
<?php
}
?>
</div></td>
<?php
}
?>
</tr>
<?php
$intTotalAmount += $strPrice;
?>
<?php
}
?>
<?php
} else {
?>
<tr>
<td colspan="4"><div align="center">No Promo Activity yet. Please <a class="btn" href="booking.php?booking_id=<?php
echo $row['booking_id'];
?>
&action=edit">add</a></div></td>
</tr>
<?php
}
?>
<tr>
<td colspan="2"><div style="text-align:right;"><strong>Total</strong></div></td>
<td><div style="text-align:right;"><strong>$<?php
echo number_format($intTotalAmount, 2);
?>
</strong></div></td>
<td></td>
</tr>
</tbody>
</table>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="row-fluid">
<div class="span2 offset6">
<p style="text-align:right;">Purchases in <?php
echo intval($intBookingYear) - 1;
?>
:</p>
</div>
<div class="span4" style="border-bottom:1px solid #ddd;">
<p><?php
echo $rowSupplier['supplier_last_year_purchase'];
?>
</p>
</div>
</div>
<div class="row-fluid">
<div class="span2 offset6">
<p style="text-align:right;"><?php
echo intval($intBookingYear);
?>
Target:</p>
</div>
<div class="span4" style="border-bottom:1px solid #ddd;">
<p><?php
echo stripslashes(htmlspecialchars($rowSupplier['supplier_target']));
?>
</p>
</div>
</div>
<div class="row-fluid">
<div class="span2 offset6">
<p style="text-align:right;">Growth Incentives:</p>
</div>
<div class="span4" style="border-bottom:1px solid #ddd;">
<p><?php
echo stripslashes(htmlspecialchars($rowSupplier['supplier_growth_incentives']));
?>
</p>
</div>
</div>
<div class="row-fluid">
<div class="span2 offset6">
<p style="text-align:right;">Co-op Budget:</p>
</div>
<div class="span4" style="border-bottom:1px solid #ddd;">
<p><?php
echo stripslashes(htmlspecialchars($rowSupplier['supplier_budget']));
?>
</p>
</div>
</div>
</div>
</div>
<div class="container-fluid" style="margin-top:80px;">
<div class="row-fluid">
<div class="span2"><p>Signed:</p></div>
<div class="span4" style="border-bottom:1px solid #ddd;"></div>
<div class="span2"></div>
<div class="span4" style="border-bottom:1px solid #ddd;"></div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2"></div>
<div class="span4" style="text-align:center;"><p style="color:#999;">For & on behalf of supplier</p></div>
<div class="span2"></div>
<div class="span4" style="text-align:center;"><p style="color:#999;">For & on behalf of Pharmacy 4 Less</p></div>
</div>
</div>
<div class="container-fluid" style="margin-top:40px;">
<div class="row-fluid">
<div class="span2" style="text-align:right;"><p>Name :</p></div>
<div class="span2" style="border-bottom:1px solid #ddd;"><p><?php
echo htmlspecialchars($rowContact['supplier_contact_name']);
?>
</p></div>
<div class="span2"></div>
<div class="span2" style="text-align:right;"><p>Name :</p></div>
<div class="span4" style="border-bottom:1px solid #ddd;"><p><?php
echo stripslashes(htmlspecialchars($arrSiteConfig['mbs_p4l_on_behalf_name']));
?>
</p></div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2" style="text-align:right;"><p>Title :</p></div>
<div class="span2" style="border-bottom:1px solid #ddd;"><p><?php
echo htmlspecialchars($rowContact['supplier_contact_position']);
?>
</p></div>
<div class="span2"></div>
<div class="span2" style="text-align:right;"><p>Title :</p></div>
<div class="span4" style="border-bottom:1px solid #ddd;"><p><?php
echo stripslashes(htmlspecialchars($arrSiteConfig['mbs_p4l_on_behalf_position']));
?>
</p></div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2" style="text-align:right;"><p>Date :</p></div>
<div class="span2" style="border-bottom:1px solid #ddd;"><p><?php
echo HTML::convertDateTime($row['booking_date']);
?>
</p></div>
<div class="span2"></div>
<div class="span2" style="text-align:right;"><p>Date :</p></div>
<div class="span4" style="border-bottom:1px solid #ddd;"><p><?php
echo HTML::convertDateTime($row['booking_date']);
?>
</p></div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2" style="text-align:right;"><p>Phone :</p></div>
<div class="span2" style="border-bottom:1px solid #ddd;"><p><?php
echo htmlspecialchars($rowContact['supplier_contact_phone_number']);
?>
</p></div>
<div class="span2"></div>
<div class="span2" style="text-align:right;"></div>
<div class="span4"></div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2" style="text-align:right;"><p>Mobile :</p></div>
<div class="span2" style="border-bottom:1px solid #ddd;"><p><?php
echo htmlspecialchars($rowContact['supplier_contact_mobile_number']);
?>
</p></div>
<div class="span2"></div>
<div class="span2" style="text-align:right;"></div>
<div class="span4"></div>
</div>
</div>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2" style="text-align:right;"><p>Billing Address :</p></div>
<div class="span2" style="border-bottom:1px solid #ddd;"><p><?php
echo htmlspecialchars($rowContact['supplier_contact_postal_address']);
?>
</p></div>
<div class="span2"></div>
<div class="span2" style="text-align:right;"></div>
<div class="span4"><?php
if ($row['booking_file_name'] && file_exists($strFilePath)) {
?>
<strong>Attachment</strong> <img src="<?php
echo $STR_URL;
?>
img/attachment_icon.png" title="Attachment" /><p><?php
echo $row['booking_file_name'];
?>
<em>(<?php
echo HTML::getFileSize($strFilePath);
?>
)</em></p><?php
}
?>
</div>
</div>
</div>
</fieldset>
<ul style="margin-top:40px;">
<li><strong>Created on:</strong> <?php
echo HTML::convertDateTime($row['booking_created_date']);
?>
by <strong><?php
echo stripslashes($row['booking_created_by']);
?>
</strong></li>
<li><strong>Last modified on:</strong> <?php
echo HTML::convertDateTime($row['booking_modified_date']);
?>
by <strong><?php
echo stripslashes($row['booking_modified_by']);
?>
</strong></li>
</ul>
<?php
if ($_REQUEST['pop'] == "yes") {
?>
<div align="center" style="margin-top:20px;">
<form name="myformBottom" action="<?php
if (preg_match("/_exec/", $_SERVER['HTTP_REFERER'])) {
if ($_SESSION['user']['type'] == 'admin') {
echo "booking_list.php";
} else {
echo "booking_search.php";
}
} else {
echo $_SERVER['HTTP_REFERER'];
}
?>
">
<input type="hidden" name="booking_id" value="<?php
echo $_REQUEST['booking_id'];
?>
">
<input type="hidden" name="page_num" value="<?php
echo $_REQUEST['page_num'];
?>
">
<input type="hidden" name="frm_search_text" value="<?php
echo $_REQUEST['frm_search_text'];
?>
">
<input class="btn" type="submit" value="Close" onclick="this.value='Loading...'">
</form>
</div>
<?php
}
?>
<?php
// The Log
$strLog = "View Booking named \"" . $row['booking_name'] . "\"";
$queryLog = "INSERT INTO `logs` (`log_id`, \n\t\t\t\t\t\t\t\t\t\t `log_user`, \n\t\t\t\t\t\t\t\t\t\t `log_action`, \n\t\t\t\t\t\t\t\t\t\t `log_time`, \n\t\t\t\t\t\t\t\t\t\t `log_from`, \n\t\t\t\t\t\t\t\t\t\t `log_logout`)\n\n\t\t\t\t\tVALUES (NULL, \n\t\t\t\t\t\t\t'" . $_SESSION['user']['login_name'] . "',\n\t\t\t\t\t\t\t'" . mysql_real_escape_string($strLog) . "',\n\t\t\t\t\t\t\t'" . date('Y-m-d H:i:s') . "',\n\t\t\t\t\t\t\t'" . $_SESSION['user']['ip_address'] . "', \n\t\t\t\t\t\t\tNULL)";
$resultLog = mysql_query($queryLog);
}
}
function listBooking()
{
global $arrSiteConfig;
global $STR_URL;
global $TABLE_MAX_ROW_PER_PAGE;
DB::dbConnect();
// If page number not set, set it to 1
if (!$_REQUEST['page_num']) {
$_REQUEST['page_num'] = 1;
}
// Setting queries and pages
$offset = ($_REQUEST['page_num'] - 1) * $TABLE_MAX_ROW_PER_PAGE;
$this->conn = DB::dbConnect();
$strSearchText = stripslashes($_REQUEST['frm_search_text']);
// sort variables
if (!$_REQUEST['sortmode']) {
$_REQUEST['sortmode'] = "asc";
}
$strSortMode = $_REQUEST['sortmode'];
if ($_REQUEST['frm_search_text']) {
// search query *********************************************************************************
$query = "SELECT * FROM `mbs_bookings` \n\t\t\t\t\t \t\t WHERE (`booking_name` LIKE '%" . mysql_real_escape_string($strSearchText) . "%'\n\t\t\t\t\t \t\t \t\t OR `booking_code` LIKE '%" . mysql_real_escape_string($strSearchText) . "%' \n\t\t\t\t\t \t\t\t OR `booking_description` LIKE '%" . mysql_real_escape_string($strSearchText) . "%')\n\t\t\t\t\t \t\t\t ORDER BY ";
if ($_REQUEST['sortby']) {
$query .= "`" . mysql_real_escape_string($_REQUEST['sortby']) . "` " . $strSortMode . ", `booking_id`";
} else {
$query .= "`booking_code` ASC, `booking_name` ASC, `booking_created_date` DESC";
}
$query .= " LIMIT " . $offset . "," . $TABLE_MAX_ROW_PER_PAGE;
// search query total ***************************************************************************
$queryTotal = "SELECT COUNT(*) FROM `mbs_bookings` \n\t\t\t\t\t \t\t\t WHERE (`booking_name` LIKE '%" . mysql_real_escape_string($strSearchText) . "%' \n\t\t\t\t\t \t\t\t \t OR `booking_code` LIKE '%" . mysql_real_escape_string($strSearchText) . "%'\n\t\t\t\t\t \t\t\t OR `booking_description` LIKE '%" . mysql_real_escape_string($strSearchText) . "%')";
} else {
// the query ************************************************************************************
$query = "SELECT * FROM `mbs_bookings` ORDER BY ";
if ($_REQUEST['sortby']) {
$query .= " `" . mysql_real_escape_string($_REQUEST['sortby']) . "` " . $strSortMode . ", `booking_id`";
} else {
$query .= " `booking_code`, `booking_name`";
}
$query .= " LIMIT " . $offset . "," . $TABLE_MAX_ROW_PER_PAGE;
// the query total ******************************************************************************
$queryTotal = "SELECT COUNT(*) FROM `mbs_bookings`";
}
$result = mysql_query($query, $this->conn);
$resultTotal = mysql_query($queryTotal, $this->conn);
$rowTotal = mysql_fetch_row($resultTotal);
$totalPage = ceil($rowTotal[0] / $TABLE_MAX_ROW_PER_PAGE);
$strResult = "";
#echo "<div style=\"padding:15px; background-color:#eee;\">";
#echo "<strong>Query:</strong> " . $query . "<br /><br />";
#echo "<strong>Query Total:</strong> " . $queryTotal . "<br /><br />";
#echo "</div>";
// javascript to pop up message
$strResult .= "\n\t\t\n\t\t\t\t\t";
// search form
$strResult .= "\n\t\t\t<form name=\"search_booking_data\" method=\"post\" action=\"" . $STR_URL . "booking_list.php\">\n\t\t\t\t<input type=\"hidden\" name=\"frm_search_referer\" value=\"" . $_SERVER['PHP_SELF'] . "\" />\n\t\t\t\t<input type=\"text\" name=\"frm_search_text\" size=\"40\" maxlength=\"128\" value=\"";
if ($_REQUEST['frm_search_text']) {
$strResult .= stripslashes($_REQUEST['frm_search_text']);
}
$strResult .= "\" />\t\t\t\t\n\t\t\t\t<input class=\"btn\" type=\"submit\" name=\"frm_search_submit\" value=\"Search Bookings\" onclick=\"return validateSearch(this.form)\" /><br />\n\t\t\t</form>\n\t\t\t";
// the form
$strResult .= "\n\t\t\t<form id=\"frm_booking\" method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\" />\n\t\t\t";
$strResult .= "<div align=\"right\">";
// the refresh link
if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'list') !== 0) {
$strResult .= "<a class=\"btn\" href=\"" . $STR_URL . ADMIN::getModuleFile('bookings', 'list') . "\" title=\"Booking List\"><img src=\"" . $STR_URL . "img/refresh_icon.png\" /> Refresh</a>";
}
$strResult .= " ";
// the add link
if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'add') !== 0) {
$strResult .= "<a class=\"btn ajax callbacks cboxElement\" href=\"" . $STR_URL . ADMIN::getModuleFile('bookings', 'add') . "?pop=yes\" title=\"New Booking\"><img src=\"" . $STR_URL . "img/add_icon.png\" /> New Booking</a>";
}
$strResult .= "\t</div>";
if ($strSortMode == "asc") {
$strSortMode = "desc";
} elseif ($strSortMode == "desc") {
$strSortMode = "asc";
}
// the table
$strResult .= "\t\t\t\n\t\t\t<div align=\"center\"><h2>Booking List</h2></div>\n\t\t\t<div align=\"right\">" . HTML::showPaging($rowTotal[0], $totalPage, 4, array(array('frm_search_text', urlencode($_REQUEST['frm_search_text'])), array('pop', urlencode('yes')), array('sortby', urlencode($_REQUEST['sortby'])), array('sortmode', urlencode($_REQUEST['sortmode'])))) . "</div>\n\n\t\t\t<section id=\"table_booking_list\">\n\t\t\t<table class=\"table table-bordered table-hover\" summary=\"Booking List\">\n\t\t\t<caption>Booking List</caption>\n\t\t\t<thead>\n\t\t\t\t<tr>\t\t\t\t\t\n\t\t\t\t\t<th scope=\"col\" width=\"5%\"><div align=\"center\">No</div></th>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t<th scope=\"col\"><div align=\"center\"><a href=\"" . $_SERVER['PHP_SELF'] . "?page_num=" . intval($_REQUEST['page_num']) . "&frm_search_text=" . urlencode($_REQUEST['frm_search_text']) . "&sortby=booking_name&sortmode=" . $strSortMode . "\">Code/Name</a></div></th>\n\t\t\t\t\t<th scope=\"col\"><div align=\"center\"><a href=\"" . $_SERVER['PHP_SELF'] . "?page_num=" . intval($_REQUEST['page_num']) . "&frm_search_text=" . urlencode($_REQUEST['frm_search_text']) . "&sortby=booking_normal_retail_price&sortmode=" . $strSortMode . "\">Normal Retail Price</a></div></th>\n\t\t\t\t\t<th scope=\"col\"><div align=\"center\"><a href=\"" . $_SERVER['PHP_SELF'] . "?page_num=" . intval($_REQUEST['page_num']) . "&frm_search_text=" . urlencode($_REQUEST['frm_search_text']) . "&sortby=booking_promo_price&sortmode=" . $strSortMode . "\">Promo Price</a></div></th>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t";
// edit / delete column
if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'edit') !== 0 && $_SESSION['user']['type'] == 'user' || ADMIN::getModulePrivilege('bookings', 'delete') !== 0 && $_SESSION['user']['type'] == 'user') {
$strResult .= "\t\n\t\t\t\t\t<th scope=\"col\" width=\"20%\"><div align=\"center\">Edit/Delete</div></th>\n\t\t\t\t\t";
}
$strResult .= "\n\t\t\t\t</tr>\n\t\t\t</thead>\t\n\t\t\t\n\t\t\t<tbody>\n\t\t\t";
if ($rowTotal[0] > 0) {
$no = $offset;
while ($row = mysql_fetch_assoc($result)) {
$no++;
// link
$strLink = ADMIN::getModuleFile('bookings', 'view') . "?booking_id=" . urlencode($row['booking_id']) . "&frm_search_text=" . urlencode($_REQUEST['frm_search_text']) . "&page_num=" . $_REQUEST['page_num'] . "&pop=yes";
$strResult .= "\n\t\t\t\t\t\t<tr ";
if ($no % 2 == 0) {
$strResult .= "class=\"odd\"";
}
$strResult .= ">\n\t\t\t\t\t\t\t<td id=\"r" . $row['booking_id'] . "\"><div align=\"right\">" . $no . ".</div></td>\t\t\t\t\t\t\n\t\t\t\t\t\t\t<td><div align=\"left\">";
if ($_SESSION['user']['type'] == 'admin' || $strPrivView == "yes") {
$strResult .= "<a class=\"ajax callbacks cboxElement\" href=\"" . $STR_URL . $strLink . "\" title=\"" . html_entity_decode(strtoupper($row['booking_name'])) . "\">";
}
$strResult .= "<strong>" . html_entity_decode(stripslashes($row['booking_code'])) . " / " . html_entity_decode(stripslashes($row['booking_name'])) . "</strong>";
if ($_SESSION['user']['type'] == 'admin' || $strPrivView == "yes") {
"</a>";
}
$strResult .= "</div></td>\n\t\t\t\t\t\t\t<td><div align=\"right\"><strong>\$" . html_entity_decode(stripslashes($row['booking_normal_retail_price'])) . "</strong></div></td>\n\t\t\t\t\t\t\t<td><div align=\"right\"><strong>\$" . html_entity_decode(stripslashes($row['booking_promo_price'])) . "</strong></div></td>\t\t\t\t\t\t\t\n\t\t\t\t\t\t";
// action column
if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'edit') !== 0 && $_SESSION['user']['type'] == 'user' || ADMIN::getModulePrivilege('bookings', 'delete') !== 0 && $_SESSION['user']['type'] == 'user') {
$strResult .= "<td><div align=\"center\">";
// edit
if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'edit') !== 0 && $_SESSION['user']['type'] == 'user') {
$strResult .= "<a class=\"btn ajax callbacks cboxElement\" href=\"" . $STR_URL . "booking.php?booking_id=" . html_entity_decode($row['booking_id']) . "&action=edit&pop=yes\" title=\"Edit Booking\"><img src=\"" . $STR_URL . "img/edit_icon.png\" /> Edit</a>";
}
$strResult .= " ";
// delete
if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'delete') !== 0 && $_SESSION['user']['type'] == 'user') {
$strResult .= "<a id=\"frm_delete_button_" . $row['booking_id'] . "\" class=\"btn\" href=\"" . $STR_URL . "booking_list.php?booking_id=" . $row['booking_id'] . "&action=delete\" title=\"Delete Booking\"><img src=\"" . $STR_URL . "img/delete_icon.png\" /> Delete</a> ";
}
$strResult .= "</div></td>";
}
$strResult .= "\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t";
}
// end while($row = )
} else {
$strResult .= "<tr><td colspan=\"5\"><div align=\"center\">Found no data</div></td></tr>";
}
$strResult .= "\n\t\t\t</tbody>\n\t\t\t<tfoot>\n\t\t\t\t<tr>\n\t\t\t\t\t<th scope=\"row\" colspan=\"2\">Total: " . $rowTotal[0] . "</th>\t\t\t\t\t\n\t\t\t\t\t<td colspan=\"3\">" . HTML::showPaging($rowTotal[0], $totalPage, 4, array(array('frm_search_text', urlencode($_REQUEST['frm_search_text'])), array('pop', urlencode('yes')), array('sortby', urlencode($_REQUEST['sortby'])), array('sortmode', urlencode($_REQUEST['sortmode'])))) . "</td>\n\t\t\t\t</tr>\n\t\t\t</tfoot>\n\t\t\t</table>\n\t\t\t</section>\n\t\t\t</form>\n\t\t\t<a class=\"btn\" href=\"#content\"><i class=\"icon-arrow-up\"></i> Back to top</a>\n\n\n\t\t\t<script>\n\t\t\t\t\$(document).ready(function () {\n\t\t\t\t\tvar strID;\n\t\t\t\t\tvar intID;\n\t\t\t\t\tvar deleteConf;\t\n\t\t\t\n\t\t\t\t\t\$('a').click(function(event) {\n \t\t\t\tstrID = event.target.id; \t\t\t\t \t\t\t\t\n\t\t\t\t\t\tintID = strID.replace('frm_delete_button_', '');\t\t\t\t\t\t\n\n\t\t\t\t\t\tif (intID && intID !== '')\n\t\t\t\t\t\t{\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tif (confirmDeleteBooking())\n\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\t\$(this).closest('tr').remove();\t\n\n\t\t\t\t\t\t\t\tvar dataString = 'action=delete&booking_id=' + intID;\t\t\t\t\t\t\t\n\t\t \t\t\t\t \n\t\t\t\t\t\t\t\tvar request = \$.ajax({\t\t\t\t\t\t\t \n\t\t\t\t\t\t\t\t\turl: 'ajax/booking_proc.php',\n\t\t\t\t\t\t\t\t\ttype: 'post', \n\t\t\t\t\t\t\t\t\tdata: dataString,\n\t\t\t\t\t\t\t\t\tsuccess: function(msg) {\n\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\$.gritter.add({\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\ttitle: 'Info',\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\ttext: '<p>' + msg + '</p>',\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\timage: '" . $STR_URL . "img/accepted.png',\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\tsticky: false,\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\ttime: '3000'\n\t\t\t\t\t\t\t\t\t\t});\n\n\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t\t\t \n\t\t\t\t\t\t\t\t});\t\t\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t}\n\n\t\t\t\t\t\t\treturn false;\t\n\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t}\t\t\t\n\t\t\t\t\t\t\n \t\t\t\t});\n \n\t\t\t\t});\n\t\t\t</script>\n\t\t\t";
// The Log
$strLog = "View the Booking List";
$queryLog = "INSERT INTO `logs` (`log_id`, \n\t\t\t\t\t\t\t\t\t\t `log_user`, \n\t\t\t\t\t\t\t\t\t\t `log_action`, \n\t\t\t\t\t\t\t\t\t\t `log_time`, \n\t\t\t\t\t\t\t\t\t\t `log_from`, \n\t\t\t\t\t\t\t\t\t\t `log_logout`)\n\n\t\t\t\t\tVALUES (NULL, \n\t\t\t\t\t\t\t'" . $_SESSION['user']['login_name'] . "',\n\t\t\t\t\t\t\t'" . mysql_real_escape_string($strLog) . "',\n\t\t\t\t\t\t\t'" . date('Y-m-d H:i:s') . "',\n\t\t\t\t\t\t\t'" . $_SESSION['user']['ip_address'] . "', \n\t\t\t\t\t\t\tNULL)";
$resultLog = mysql_query($queryLog);
echo $strResult;
}
