function viewBooking() { global $arrSiteConfig; global $STR_URL, $STR_PATH; $this->conn = DB::dbConnect(); $query = "SELECT * FROM `mbs_bookings` WHERE `booking_id` = '" . mysql_real_escape_string($_REQUEST['booking_id']) . "' LIMIT 1"; $result = mysql_query($query); if ($result) { $row = mysql_fetch_assoc($result); // get some variables $intBookingYear = substr($row['booking_date'], 0, 4); $strFilePath = $STR_PATH . $row['booking_file_path'] . $row['booking_file_name']; // get supplier data $strQuerySupplier = "SELECT * FROM `mbs_suppliers` WHERE `supplier_id` = '" . mysql_real_escape_string($row['supplier_id']) . "'"; $resultSupplier = mysql_query($strQuerySupplier); if ($resultSupplier) { $rowSupplier = mysql_fetch_assoc($resultSupplier); // get marketing contact $strQueryContact = "SELECT * FROM `mbs_suppliers_marketing_contacts` WHERE `supplier_id` = '" . mysql_real_escape_string($rowSupplier['supplier_id']) . "'"; $resultContact = mysql_query($strQueryContact); if ($resultContact) { $rowContact = mysql_fetch_assoc($resultContact); } } ?> <?php if ($_REQUEST['pop'] == "yes") { ?> <div align="center"> <form name="myformTop" action="<?php if (preg_match("/_exec/", $_SERVER['HTTP_REFERER'])) { if ($_SESSION['user']['type'] == 'admin') { echo "booking_list.php"; } else { echo "booking_search.php"; } } else { echo $_SERVER['HTTP_REFERER']; } ?> "> <input type="hidden" name="booking_id" value="<?php echo $_REQUEST['booking_id']; ?> "> <input type="hidden" name="page_num" value="<?php echo $_REQUEST['page_num']; ?> "> <input type="hidden" name="frm_search_text" value="<?php echo $_REQUEST['frm_search_text']; ?> "> <input class="btn" type="submit" value="Close" onclick="this.value='Loading...'"> </form> </div> <?php } ?> <div class="container-fluid"> <div class="row-fluid"> <div class="span12" style="text-align:center;margin-top:20px;"> <h2>Booking » <?php echo stripslashes(htmlspecialchars($row['booking_name'])); ?> </h2> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span12" style="text-align:center;margin-top:20px;"> <?php if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'add') !== 0) { ?> <a class="btn btn-popover" href="booking.php?action=add" rel="popover" data-content="Insert new Booking to the database" data-original-title="New Booking" title="New Booking"><img src="<?php echo $STR_URL; ?> img/add_icon.png" /> New Booking</a> <?php } ?> <?php if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'edit') !== 0) { ?> <a class="btn btn-popover" href="booking.php?booking_id=<?php echo $row['booking_id']; ?> &action=edit" rel="popover" data-content="Edit Booking including the Promotional Activities included" data-original-title="Edit Booking" title="Edit Booking"><img src="<?php echo $STR_URL; ?> img/edit_icon.png" /> Edit</a> <?php } ?> <?php if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'delete') !== 0) { ?> <a id="frm_delete_button_<?php echo $row['booking_id']; ?> " class="btn btn-popover" href="booking_list.php?booking_id=<?php echo $row['booking_id']; ?> &action=delete" rel="popover" data-content="Delete Booking from the database" data-original-title="Delete Booking" title="Delete Booking" /><img src="<?php echo $STR_URL; ?> img/delete_icon.png" /> Delete</a> <?php } ?> <?php if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'list') !== 0) { ?> <a class="btn btn-popover" href="booking_list.php" rel="popover" data-content="Refresh the Booking List to the latest update" data-original-title="Booking List" title="Booking List"><img src="<?php echo $STR_URL; ?> img/list_icon.png" /> List</a> <?php } ?> <a class="btn btn-popover" href="documentation_list.php#bookings" rel="popover" data-content="Look up for the Documentation about Booking module" data-original-title="Help" title="Help"><i class="icon-info-sign"></i> Help</a> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span12" style="text-align:center;margin-top:20px;"> <?php if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'add') !== 0) { ?> <!--<a class="btn" href="booking.php?booking_id=<?php echo $row['booking_id']; ?> &action=edit" title="New Promo Activity"><img src="<?php echo $STR_URL; ?> img/add_icon.png" /> New Promo Activity</a>--> <?php } ?> <a class="btn btn-popover ajax callbacks cboxElement" href="booking_view_upload.php?action=upload&booking_id=<?php echo $row['booking_id']; ?> " rel="popover" data-content="Upload the scanned Booking document to server. Please upload in JPG, GIF, PNG or PDF format!" data-original-title="Upload Booking" title="Upload Booking"><img src="<?php echo $STR_URL; ?> img/upload_icon.png" /> Attach</a> <?php if ($row['booking_file_name'] && file_exists($strFilePath)) { ?> <a class="btn btn-popover" href="booking_view_download.php?action=download&booking_id=<?php echo $row['booking_id']; ?> " rel="popover" data-content="Download attached scanned Booking document from server" data-original-title="Download Booking" title="Download Booking"><img src="<?php echo $STR_URL; ?> img/download_icon.png" /> Download</a> <?php } ?> <a class="btn btn-popover" href="booking_view_print.php?action=print&booking_id=<?php echo $row['booking_id']; ?> " target="_blank" rel="popover" data-content="Print the Booking from the browser. A new tab and a Print dialog will be popped up" data-original-title="Print Booking" title="Print Booking"><img src="<?php echo $STR_URL; ?> img/print_icon.png" /> Print</a> <a class="btn btn-popover ajax callbacks cboxElement" href="booking_view_email.php?action=email&booking_id=<?php echo $row['booking_id']; ?> " rel="popover" data-content="Send the Booking to a certain email" data-original-title="Email Booking" title="Email Booking"><img src="<?php echo $STR_URL; ?> img/email_icon.png" /> Email</a> </div> </div> </div> <fieldset> <div class="container-fluid"> <div class="row-fluid"> <div class="span12" style="text-align:center;margin-top:20px;"> <h3>Promotional Activity <?php echo $intBookingYear; ?> </h3> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span5"> <p><strong>Supplier Name: <?php echo htmlspecialchars($rowSupplier['supplier_name']); ?> </strong></p> </div> <div class="span3 offset4"> <p><strong>Date: <?php echo HTML::convertDateTime($row['booking_date']); ?> </strong></p> </div> </div> </div> <script> $(document).ready(function () { $('#frm_delete_button_<?php echo $row['booking_id']; ?> ').click(function () { if (confirmDeleteBooking()) { var dataString = 'action=delete&booking_id=<?php echo $row['booking_id']; ?> '; var request = $.ajax({ url: 'ajax/booking_proc.php', type: 'post', data: dataString, success: function(msg) { $.gritter.add({ title: 'Info', text: '<p>' + msg + '</p>', image: '<?php echo $STR_URL; ?> img/accepted.png', sticky: false, time: '3000' }); } }); } return false; }); }); </script> <?php // Get the booking activity $queryBookingActivity = "SELECT * FROM `mbs_bookings_activities` WHERE `booking_id` = '" . mysql_real_escape_string($_REQUEST['booking_id']) . "' ORDER BY `booking_activity_month`"; $resultBookingActivity = mysql_query($queryBookingActivity); $arrBookingActivityData = array(); while ($rowBookingActivity = mysql_fetch_assoc($resultBookingActivity)) { $arrBookingActivityData[] = $rowBookingActivity; } // Get the booking activity amount $queryBookingActivityAmount = "SELECT COUNT(*) FROM `mbs_bookings_activities` WHERE `booking_id` = '" . mysql_real_escape_string($_REQUEST['booking_id']) . "'"; $resultBookingActivityAmount = mysql_query($queryBookingActivityAmount); $rowBookingActivityAmount = mysql_fetch_row($resultBookingActivityAmount); $intBookingActivityAmount = $rowBookingActivityAmount[0]; ?> <?php if ($intBookingActivityAmount > 0) { ?> <script> $(document).ready(function() { <?php for ($i = 0; $i < count($arrBookingActivityData); $i++) { ?> $('#frm_activity_edit_<?php echo $arrBookingActivityData[$i]['booking_activity_id']; ?> ').click(function() { window.location = "<?php echo $STR_URL; ?> booking.php?booking_id=<?php echo $row['booking_id']; ?> &action=edit&booking_activity_id=<?php echo $arrBookingActivityData[$i]['booking_activity_id']; ?> &child_action=edit-activity"; }); $('#frm_activity_delete_<?php echo $arrBookingActivityData[$i]['booking_activity_id']; ?> ').click(function() { if (confirmDeleteBookingActivity()) { $(this).closest('tr').remove(); var dataString = 'action=delete&booking_id=<?php echo $row['booking_id']; ?> &booking_activity_id=<?php echo $arrBookingActivityData[$i]['booking_activity_id']; ?> '; var request = $.ajax({ url: 'ajax/booking_proc.php', type: 'post', data: dataString, success: function(msg) { $.gritter.add({ title: 'Info', text: '<p>' + msg + '</p>', image: '<?php echo $STR_URL; ?> img/accepted.png', sticky: false, time: '3000' }); $('#frm_preview').load('ajax/booking_activity_preview.php?booking_id=<?php echo $row['booking_id']; ?> '); } }); } return false; }); <?php } ?> }); </script> <script> $(function () { $('.btn-popover').popover({ trigger: 'hover', placement: 'top' }); }); </script> <?php } ?> <div id="frm_preview"> <table class="table table-bordered table-hover"> <thead class="well"> <tr> <th style="text-align:center;"><strong>Month/Year</strong></th> <th style="text-align:center;"><strong>Promotional Agreement</strong></th> <th style="text-align:center;"><strong>Price</strong></th> <th style="text-align:center;"><strong>Action</strong></th> </tr> </thead> <tbody> <?php if ($intBookingActivityAmount > 0) { ?> <?php for ($i = 0; $i < count($arrBookingActivityData); $i++) { ?> <?php if ($arrBookingActivityData[$i]['store_id']) { $arrStoreID = explode(',', $arrBookingActivityData[$i]['store_id']); $intStoreCount = count($arrStoreID); } ?> <?php if ($arrBookingActivityData[$i]['store_id']) { $strPrice = $arrBookingActivityData[$i]['booking_activity_price'] * $intStoreCount; } else { $strPrice = $arrBookingActivityData[$i]['booking_activity_price']; } ?> <tr id="id<?php echo $arrBookingActivityData[$i]['booking_activity_id']; ?> "> <td><?php echo HTML::getMonthName($arrBookingActivityData[$i]['booking_activity_month']); ?> <?php echo stripslashes($arrBookingActivityData[$i]['booking_activity_year']); ?> </td> <td><?php echo stripslashes($arrBookingActivityData[$i]['booking_activity_description']); ?> </td> <td style="width:10%;"><div style="text-align:right;">$<?php echo number_format($strPrice, 2); ?> </div></td> <?php if ($_SESSION['user']['type'] == 'admin') { ?> <td style="width:20%;"><div align="center"> <?php if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'edit') !== 0 && $_SESSION['user']['type'] == 'user') { ?> <!--<button class="btn" type="button" id="frm_activity_edit_<?php echo $arrBookingActivityData[$i]['booking_activity_id']; ?> "><img src="<?php echo $STR_URL; ?> img/edit_icon.png" /> Edit</button>--> <?php } ?> <?php if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'delete') !== 0 && $_SESSION['user']['type'] == 'user') { ?> <button class="btn" type="button" id="frm_activity_delete_<?php echo $arrBookingActivityData[$i]['booking_activity_id']; ?> "><img src="<?php echo $STR_URL; ?> img/delete_icon.png" /> Remove</button> <?php } ?> </div></td> <?php } ?> </tr> <?php $intTotalAmount += $strPrice; ?> <?php } ?> <?php } else { ?> <tr> <td colspan="4"><div align="center">No Promo Activity yet. Please <a class="btn" href="booking.php?booking_id=<?php echo $row['booking_id']; ?> &action=edit">add</a></div></td> </tr> <?php } ?> <tr> <td colspan="2"><div style="text-align:right;"><strong>Total</strong></div></td> <td><div style="text-align:right;"><strong>$<?php echo number_format($intTotalAmount, 2); ?> </strong></div></td> <td></td> </tr> </tbody> </table> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="row-fluid"> <div class="span2 offset6"> <p style="text-align:right;">Purchases in <?php echo intval($intBookingYear) - 1; ?> :</p> </div> <div class="span4" style="border-bottom:1px solid #ddd;"> <p><?php echo $rowSupplier['supplier_last_year_purchase']; ?> </p> </div> </div> <div class="row-fluid"> <div class="span2 offset6"> <p style="text-align:right;"><?php echo intval($intBookingYear); ?> Target:</p> </div> <div class="span4" style="border-bottom:1px solid #ddd;"> <p><?php echo stripslashes(htmlspecialchars($rowSupplier['supplier_target'])); ?> </p> </div> </div> <div class="row-fluid"> <div class="span2 offset6"> <p style="text-align:right;">Growth Incentives:</p> </div> <div class="span4" style="border-bottom:1px solid #ddd;"> <p><?php echo stripslashes(htmlspecialchars($rowSupplier['supplier_growth_incentives'])); ?> </p> </div> </div> <div class="row-fluid"> <div class="span2 offset6"> <p style="text-align:right;">Co-op Budget:</p> </div> <div class="span4" style="border-bottom:1px solid #ddd;"> <p><?php echo stripslashes(htmlspecialchars($rowSupplier['supplier_budget'])); ?> </p> </div> </div> </div> </div> <div class="container-fluid" style="margin-top:80px;"> <div class="row-fluid"> <div class="span2"><p>Signed:</p></div> <div class="span4" style="border-bottom:1px solid #ddd;"></div> <div class="span2"></div> <div class="span4" style="border-bottom:1px solid #ddd;"></div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"></div> <div class="span4" style="text-align:center;"><p style="color:#999;">For & on behalf of supplier</p></div> <div class="span2"></div> <div class="span4" style="text-align:center;"><p style="color:#999;">For & on behalf of Pharmacy 4 Less</p></div> </div> </div> <div class="container-fluid" style="margin-top:40px;"> <div class="row-fluid"> <div class="span2" style="text-align:right;"><p>Name :</p></div> <div class="span2" style="border-bottom:1px solid #ddd;"><p><?php echo htmlspecialchars($rowContact['supplier_contact_name']); ?> </p></div> <div class="span2"></div> <div class="span2" style="text-align:right;"><p>Name :</p></div> <div class="span4" style="border-bottom:1px solid #ddd;"><p><?php echo stripslashes(htmlspecialchars($arrSiteConfig['mbs_p4l_on_behalf_name'])); ?> </p></div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2" style="text-align:right;"><p>Title :</p></div> <div class="span2" style="border-bottom:1px solid #ddd;"><p><?php echo htmlspecialchars($rowContact['supplier_contact_position']); ?> </p></div> <div class="span2"></div> <div class="span2" style="text-align:right;"><p>Title :</p></div> <div class="span4" style="border-bottom:1px solid #ddd;"><p><?php echo stripslashes(htmlspecialchars($arrSiteConfig['mbs_p4l_on_behalf_position'])); ?> </p></div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2" style="text-align:right;"><p>Date :</p></div> <div class="span2" style="border-bottom:1px solid #ddd;"><p><?php echo HTML::convertDateTime($row['booking_date']); ?> </p></div> <div class="span2"></div> <div class="span2" style="text-align:right;"><p>Date :</p></div> <div class="span4" style="border-bottom:1px solid #ddd;"><p><?php echo HTML::convertDateTime($row['booking_date']); ?> </p></div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2" style="text-align:right;"><p>Phone :</p></div> <div class="span2" style="border-bottom:1px solid #ddd;"><p><?php echo htmlspecialchars($rowContact['supplier_contact_phone_number']); ?> </p></div> <div class="span2"></div> <div class="span2" style="text-align:right;"></div> <div class="span4"></div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2" style="text-align:right;"><p>Mobile :</p></div> <div class="span2" style="border-bottom:1px solid #ddd;"><p><?php echo htmlspecialchars($rowContact['supplier_contact_mobile_number']); ?> </p></div> <div class="span2"></div> <div class="span2" style="text-align:right;"></div> <div class="span4"></div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2" style="text-align:right;"><p>Billing Address :</p></div> <div class="span2" style="border-bottom:1px solid #ddd;"><p><?php echo htmlspecialchars($rowContact['supplier_contact_postal_address']); ?> </p></div> <div class="span2"></div> <div class="span2" style="text-align:right;"></div> <div class="span4"><?php if ($row['booking_file_name'] && file_exists($strFilePath)) { ?> <strong>Attachment</strong> <img src="<?php echo $STR_URL; ?> img/attachment_icon.png" title="Attachment" /><p><?php echo $row['booking_file_name']; ?> <em>(<?php echo HTML::getFileSize($strFilePath); ?> )</em></p><?php } ?> </div> </div> </div> </fieldset> <ul style="margin-top:40px;"> <li><strong>Created on:</strong> <?php echo HTML::convertDateTime($row['booking_created_date']); ?> by <strong><?php echo stripslashes($row['booking_created_by']); ?> </strong></li> <li><strong>Last modified on:</strong> <?php echo HTML::convertDateTime($row['booking_modified_date']); ?> by <strong><?php echo stripslashes($row['booking_modified_by']); ?> </strong></li> </ul> <?php if ($_REQUEST['pop'] == "yes") { ?> <div align="center" style="margin-top:20px;"> <form name="myformBottom" action="<?php if (preg_match("/_exec/", $_SERVER['HTTP_REFERER'])) { if ($_SESSION['user']['type'] == 'admin') { echo "booking_list.php"; } else { echo "booking_search.php"; } } else { echo $_SERVER['HTTP_REFERER']; } ?> "> <input type="hidden" name="booking_id" value="<?php echo $_REQUEST['booking_id']; ?> "> <input type="hidden" name="page_num" value="<?php echo $_REQUEST['page_num']; ?> "> <input type="hidden" name="frm_search_text" value="<?php echo $_REQUEST['frm_search_text']; ?> "> <input class="btn" type="submit" value="Close" onclick="this.value='Loading...'"> </form> </div> <?php } ?> <?php // The Log $strLog = "View Booking named \"" . $row['booking_name'] . "\""; $queryLog = "INSERT INTO `logs` (`log_id`, \n\t\t\t\t\t\t\t\t\t\t `log_user`, \n\t\t\t\t\t\t\t\t\t\t `log_action`, \n\t\t\t\t\t\t\t\t\t\t `log_time`, \n\t\t\t\t\t\t\t\t\t\t `log_from`, \n\t\t\t\t\t\t\t\t\t\t `log_logout`)\n\n\t\t\t\t\tVALUES (NULL, \n\t\t\t\t\t\t\t'" . $_SESSION['user']['login_name'] . "',\n\t\t\t\t\t\t\t'" . mysql_real_escape_string($strLog) . "',\n\t\t\t\t\t\t\t'" . date('Y-m-d H:i:s') . "',\n\t\t\t\t\t\t\t'" . $_SESSION['user']['ip_address'] . "', \n\t\t\t\t\t\t\tNULL)"; $resultLog = mysql_query($queryLog); } }
function listBooking() { global $arrSiteConfig; global $STR_URL; global $TABLE_MAX_ROW_PER_PAGE; DB::dbConnect(); // If page number not set, set it to 1 if (!$_REQUEST['page_num']) { $_REQUEST['page_num'] = 1; } // Setting queries and pages $offset = ($_REQUEST['page_num'] - 1) * $TABLE_MAX_ROW_PER_PAGE; $this->conn = DB::dbConnect(); $strSearchText = stripslashes($_REQUEST['frm_search_text']); // sort variables if (!$_REQUEST['sortmode']) { $_REQUEST['sortmode'] = "asc"; } $strSortMode = $_REQUEST['sortmode']; if ($_REQUEST['frm_search_text']) { // search query ********************************************************************************* $query = "SELECT * FROM `mbs_bookings` \n\t\t\t\t\t \t\t WHERE (`booking_name` LIKE '%" . mysql_real_escape_string($strSearchText) . "%'\n\t\t\t\t\t \t\t \t\t OR `booking_code` LIKE '%" . mysql_real_escape_string($strSearchText) . "%' \n\t\t\t\t\t \t\t\t OR `booking_description` LIKE '%" . mysql_real_escape_string($strSearchText) . "%')\n\t\t\t\t\t \t\t\t ORDER BY "; if ($_REQUEST['sortby']) { $query .= "`" . mysql_real_escape_string($_REQUEST['sortby']) . "` " . $strSortMode . ", `booking_id`"; } else { $query .= "`booking_code` ASC, `booking_name` ASC, `booking_created_date` DESC"; } $query .= " LIMIT " . $offset . "," . $TABLE_MAX_ROW_PER_PAGE; // search query total *************************************************************************** $queryTotal = "SELECT COUNT(*) FROM `mbs_bookings` \n\t\t\t\t\t \t\t\t WHERE (`booking_name` LIKE '%" . mysql_real_escape_string($strSearchText) . "%' \n\t\t\t\t\t \t\t\t \t OR `booking_code` LIKE '%" . mysql_real_escape_string($strSearchText) . "%'\n\t\t\t\t\t \t\t\t OR `booking_description` LIKE '%" . mysql_real_escape_string($strSearchText) . "%')"; } else { // the query ************************************************************************************ $query = "SELECT * FROM `mbs_bookings` ORDER BY "; if ($_REQUEST['sortby']) { $query .= " `" . mysql_real_escape_string($_REQUEST['sortby']) . "` " . $strSortMode . ", `booking_id`"; } else { $query .= " `booking_code`, `booking_name`"; } $query .= " LIMIT " . $offset . "," . $TABLE_MAX_ROW_PER_PAGE; // the query total ****************************************************************************** $queryTotal = "SELECT COUNT(*) FROM `mbs_bookings`"; } $result = mysql_query($query, $this->conn); $resultTotal = mysql_query($queryTotal, $this->conn); $rowTotal = mysql_fetch_row($resultTotal); $totalPage = ceil($rowTotal[0] / $TABLE_MAX_ROW_PER_PAGE); $strResult = ""; #echo "<div style=\"padding:15px; background-color:#eee;\">"; #echo "<strong>Query:</strong> " . $query . "<br /><br />"; #echo "<strong>Query Total:</strong> " . $queryTotal . "<br /><br />"; #echo "</div>"; // javascript to pop up message $strResult .= "\n\t\t\n\t\t\t\t\t"; // search form $strResult .= "\n\t\t\t<form name=\"search_booking_data\" method=\"post\" action=\"" . $STR_URL . "booking_list.php\">\n\t\t\t\t<input type=\"hidden\" name=\"frm_search_referer\" value=\"" . $_SERVER['PHP_SELF'] . "\" />\n\t\t\t\t<input type=\"text\" name=\"frm_search_text\" size=\"40\" maxlength=\"128\" value=\""; if ($_REQUEST['frm_search_text']) { $strResult .= stripslashes($_REQUEST['frm_search_text']); } $strResult .= "\" />\t\t\t\t\n\t\t\t\t<input class=\"btn\" type=\"submit\" name=\"frm_search_submit\" value=\"Search Bookings\" onclick=\"return validateSearch(this.form)\" /><br />\n\t\t\t</form>\n\t\t\t"; // the form $strResult .= "\n\t\t\t<form id=\"frm_booking\" method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\" />\n\t\t\t"; $strResult .= "<div align=\"right\">"; // the refresh link if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'list') !== 0) { $strResult .= "<a class=\"btn\" href=\"" . $STR_URL . ADMIN::getModuleFile('bookings', 'list') . "\" title=\"Booking List\"><img src=\"" . $STR_URL . "img/refresh_icon.png\" /> Refresh</a>"; } $strResult .= " "; // the add link if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'add') !== 0) { $strResult .= "<a class=\"btn ajax callbacks cboxElement\" href=\"" . $STR_URL . ADMIN::getModuleFile('bookings', 'add') . "?pop=yes\" title=\"New Booking\"><img src=\"" . $STR_URL . "img/add_icon.png\" /> New Booking</a>"; } $strResult .= "\t</div>"; if ($strSortMode == "asc") { $strSortMode = "desc"; } elseif ($strSortMode == "desc") { $strSortMode = "asc"; } // the table $strResult .= "\t\t\t\n\t\t\t<div align=\"center\"><h2>Booking List</h2></div>\n\t\t\t<div align=\"right\">" . HTML::showPaging($rowTotal[0], $totalPage, 4, array(array('frm_search_text', urlencode($_REQUEST['frm_search_text'])), array('pop', urlencode('yes')), array('sortby', urlencode($_REQUEST['sortby'])), array('sortmode', urlencode($_REQUEST['sortmode'])))) . "</div>\n\n\t\t\t<section id=\"table_booking_list\">\n\t\t\t<table class=\"table table-bordered table-hover\" summary=\"Booking List\">\n\t\t\t<caption>Booking List</caption>\n\t\t\t<thead>\n\t\t\t\t<tr>\t\t\t\t\t\n\t\t\t\t\t<th scope=\"col\" width=\"5%\"><div align=\"center\">No</div></th>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t<th scope=\"col\"><div align=\"center\"><a href=\"" . $_SERVER['PHP_SELF'] . "?page_num=" . intval($_REQUEST['page_num']) . "&frm_search_text=" . urlencode($_REQUEST['frm_search_text']) . "&sortby=booking_name&sortmode=" . $strSortMode . "\">Code/Name</a></div></th>\n\t\t\t\t\t<th scope=\"col\"><div align=\"center\"><a href=\"" . $_SERVER['PHP_SELF'] . "?page_num=" . intval($_REQUEST['page_num']) . "&frm_search_text=" . urlencode($_REQUEST['frm_search_text']) . "&sortby=booking_normal_retail_price&sortmode=" . $strSortMode . "\">Normal Retail Price</a></div></th>\n\t\t\t\t\t<th scope=\"col\"><div align=\"center\"><a href=\"" . $_SERVER['PHP_SELF'] . "?page_num=" . intval($_REQUEST['page_num']) . "&frm_search_text=" . urlencode($_REQUEST['frm_search_text']) . "&sortby=booking_promo_price&sortmode=" . $strSortMode . "\">Promo Price</a></div></th>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t"; // edit / delete column if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'edit') !== 0 && $_SESSION['user']['type'] == 'user' || ADMIN::getModulePrivilege('bookings', 'delete') !== 0 && $_SESSION['user']['type'] == 'user') { $strResult .= "\t\n\t\t\t\t\t<th scope=\"col\" width=\"20%\"><div align=\"center\">Edit/Delete</div></th>\n\t\t\t\t\t"; } $strResult .= "\n\t\t\t\t</tr>\n\t\t\t</thead>\t\n\t\t\t\n\t\t\t<tbody>\n\t\t\t"; if ($rowTotal[0] > 0) { $no = $offset; while ($row = mysql_fetch_assoc($result)) { $no++; // link $strLink = ADMIN::getModuleFile('bookings', 'view') . "?booking_id=" . urlencode($row['booking_id']) . "&frm_search_text=" . urlencode($_REQUEST['frm_search_text']) . "&page_num=" . $_REQUEST['page_num'] . "&pop=yes"; $strResult .= "\n\t\t\t\t\t\t<tr "; if ($no % 2 == 0) { $strResult .= "class=\"odd\""; } $strResult .= ">\n\t\t\t\t\t\t\t<td id=\"r" . $row['booking_id'] . "\"><div align=\"right\">" . $no . ".</div></td>\t\t\t\t\t\t\n\t\t\t\t\t\t\t<td><div align=\"left\">"; if ($_SESSION['user']['type'] == 'admin' || $strPrivView == "yes") { $strResult .= "<a class=\"ajax callbacks cboxElement\" href=\"" . $STR_URL . $strLink . "\" title=\"" . html_entity_decode(strtoupper($row['booking_name'])) . "\">"; } $strResult .= "<strong>" . html_entity_decode(stripslashes($row['booking_code'])) . " / " . html_entity_decode(stripslashes($row['booking_name'])) . "</strong>"; if ($_SESSION['user']['type'] == 'admin' || $strPrivView == "yes") { "</a>"; } $strResult .= "</div></td>\n\t\t\t\t\t\t\t<td><div align=\"right\"><strong>\$" . html_entity_decode(stripslashes($row['booking_normal_retail_price'])) . "</strong></div></td>\n\t\t\t\t\t\t\t<td><div align=\"right\"><strong>\$" . html_entity_decode(stripslashes($row['booking_promo_price'])) . "</strong></div></td>\t\t\t\t\t\t\t\n\t\t\t\t\t\t"; // action column if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'edit') !== 0 && $_SESSION['user']['type'] == 'user' || ADMIN::getModulePrivilege('bookings', 'delete') !== 0 && $_SESSION['user']['type'] == 'user') { $strResult .= "<td><div align=\"center\">"; // edit if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'edit') !== 0 && $_SESSION['user']['type'] == 'user') { $strResult .= "<a class=\"btn ajax callbacks cboxElement\" href=\"" . $STR_URL . "booking.php?booking_id=" . html_entity_decode($row['booking_id']) . "&action=edit&pop=yes\" title=\"Edit Booking\"><img src=\"" . $STR_URL . "img/edit_icon.png\" /> Edit</a>"; } $strResult .= " "; // delete if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'delete') !== 0 && $_SESSION['user']['type'] == 'user') { $strResult .= "<a id=\"frm_delete_button_" . $row['booking_id'] . "\" class=\"btn\" href=\"" . $STR_URL . "booking_list.php?booking_id=" . $row['booking_id'] . "&action=delete\" title=\"Delete Booking\"><img src=\"" . $STR_URL . "img/delete_icon.png\" /> Delete</a> "; } $strResult .= "</div></td>"; } $strResult .= "\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t"; } // end while($row = ) } else { $strResult .= "<tr><td colspan=\"5\"><div align=\"center\">Found no data</div></td></tr>"; } $strResult .= "\n\t\t\t</tbody>\n\t\t\t<tfoot>\n\t\t\t\t<tr>\n\t\t\t\t\t<th scope=\"row\" colspan=\"2\">Total: " . $rowTotal[0] . "</th>\t\t\t\t\t\n\t\t\t\t\t<td colspan=\"3\">" . HTML::showPaging($rowTotal[0], $totalPage, 4, array(array('frm_search_text', urlencode($_REQUEST['frm_search_text'])), array('pop', urlencode('yes')), array('sortby', urlencode($_REQUEST['sortby'])), array('sortmode', urlencode($_REQUEST['sortmode'])))) . "</td>\n\t\t\t\t</tr>\n\t\t\t</tfoot>\n\t\t\t</table>\n\t\t\t</section>\n\t\t\t</form>\n\t\t\t<a class=\"btn\" href=\"#content\"><i class=\"icon-arrow-up\"></i> Back to top</a>\n\n\n\t\t\t<script>\n\t\t\t\t\$(document).ready(function () {\n\t\t\t\t\tvar strID;\n\t\t\t\t\tvar intID;\n\t\t\t\t\tvar deleteConf;\t\n\t\t\t\n\t\t\t\t\t\$('a').click(function(event) {\n \t\t\t\tstrID = event.target.id; \t\t\t\t \t\t\t\t\n\t\t\t\t\t\tintID = strID.replace('frm_delete_button_', '');\t\t\t\t\t\t\n\n\t\t\t\t\t\tif (intID && intID !== '')\n\t\t\t\t\t\t{\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tif (confirmDeleteBooking())\n\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\t\$(this).closest('tr').remove();\t\n\n\t\t\t\t\t\t\t\tvar dataString = 'action=delete&booking_id=' + intID;\t\t\t\t\t\t\t\n\t\t \t\t\t\t \n\t\t\t\t\t\t\t\tvar request = \$.ajax({\t\t\t\t\t\t\t \n\t\t\t\t\t\t\t\t\turl: 'ajax/booking_proc.php',\n\t\t\t\t\t\t\t\t\ttype: 'post', \n\t\t\t\t\t\t\t\t\tdata: dataString,\n\t\t\t\t\t\t\t\t\tsuccess: function(msg) {\n\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\$.gritter.add({\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\ttitle: 'Info',\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\ttext: '<p>' + msg + '</p>',\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\timage: '" . $STR_URL . "img/accepted.png',\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\tsticky: false,\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\ttime: '3000'\n\t\t\t\t\t\t\t\t\t\t});\n\n\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t\t\t \n\t\t\t\t\t\t\t\t});\t\t\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t}\n\n\t\t\t\t\t\t\treturn false;\t\n\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t}\t\t\t\n\t\t\t\t\t\t\n \t\t\t\t});\n \n\t\t\t\t});\n\t\t\t</script>\n\t\t\t"; // The Log $strLog = "View the Booking List"; $queryLog = "INSERT INTO `logs` (`log_id`, \n\t\t\t\t\t\t\t\t\t\t `log_user`, \n\t\t\t\t\t\t\t\t\t\t `log_action`, \n\t\t\t\t\t\t\t\t\t\t `log_time`, \n\t\t\t\t\t\t\t\t\t\t `log_from`, \n\t\t\t\t\t\t\t\t\t\t `log_logout`)\n\n\t\t\t\t\tVALUES (NULL, \n\t\t\t\t\t\t\t'" . $_SESSION['user']['login_name'] . "',\n\t\t\t\t\t\t\t'" . mysql_real_escape_string($strLog) . "',\n\t\t\t\t\t\t\t'" . date('Y-m-d H:i:s') . "',\n\t\t\t\t\t\t\t'" . $_SESSION['user']['ip_address'] . "', \n\t\t\t\t\t\t\tNULL)"; $resultLog = mysql_query($queryLog); echo $strResult; }