}
// start the output buffer
ob_start();
/* main content */
// biblio topic save proccess
if (isset($_POST['upload']) and trim(strip_tags($_POST['fileTitle'])) != '') {
$uploaded_file_id = 0;
$title = trim(strip_tags($_POST['fileTitle']));
$url = trim(strip_tags($_POST['fileURL']));
// create new sql op object
$sql_op = new simbio_dbop($dbs);
// FILE UPLOADING
if (isset($_FILES['file2attach']) and $_FILES['file2attach']['size']) {
// create upload object
$file_dir = trim($_POST['fileDir']);
$file_upload = new simbio_file_upload();
$file_upload->setAllowableFormat($sysconf['allowed_file_att']);
$file_upload->setMaxSize($sysconf['max_upload'] * 1024);
$file_upload->setUploadDir(REPO_BASE_DIR . DIRECTORY_SEPARATOR . str_replace('/', DIRECTORY_SEPARATOR, $file_dir));
$file_upload_status = $file_upload->doUpload('file2attach');
if ($file_upload_status === UPLOAD_SUCCESS) {
$file_ext = substr($file_upload->new_filename, strrpos($file_upload->new_filename, '.') + 1);
$fdata['uploader_id'] = $_SESSION['uid'];
$fdata['file_title'] = $dbs->escape_string($title);
$fdata['file_name'] = $dbs->escape_string($file_upload->new_filename);
$fdata['file_url'] = $dbs->escape_string($url);
$fdata['file_dir'] = $dbs->escape_string($file_dir);
$fdata['file_desc'] = $dbs->escape_string(trim(strip_tags($_POST['fileDesc'])));
$fdata['mime_type'] = $sysconf['mimetype'][$file_ext];
$fdata['input_date'] = date('Y-m-d H:i:s');
$fdata['last_update'] = $fdata['input_date'];
$data['register_date'] = date('Y-m-d');
$data['expire_date'] = simbio_date::getNextDate($mtype_data[0], $data['register_date']);
}
$data['pin'] = trim($dbs->escape_string(strip_tags($_POST['memberPIN'])));
$data['member_address'] = trim($dbs->escape_string(strip_tags($_POST['memberAddress'])));
$data['member_phone'] = trim($dbs->escape_string(strip_tags($_POST['memberPhone'])));
$data['member_fax'] = trim($dbs->escape_string(strip_tags($_POST['memberFax'])));
$data['postal_code'] = trim($dbs->escape_string(strip_tags($_POST['memberPostal'])));
$data['member_notes'] = trim($dbs->escape_string(strip_tags($_POST['memberNotes'])));
$data['member_email'] = trim($dbs->escape_string(strip_tags($_POST['memberEmail'])));
$data['is_pending'] = intval($_POST['isPending']);
$data['input_date'] = date('Y-m-d');
$data['last_update'] = date('Y-m-d');
if (!empty($_FILES['image']) and $_FILES['image']['size']) {
// create upload object
$upload = new simbio_file_upload();
$upload->setAllowableFormat($sysconf['allowed_images']);
$upload->setMaxSize($sysconf['max_image_upload'] * 1024);
// approx. 100 kb
$upload->setUploadDir(IMAGES_BASE_DIR . 'persons');
// give new name for upload file
$new_filename = 'member_' . $data['member_id'];
$upload_status = $upload->doUpload('image', $new_filename);
if ($upload_status == UPLOAD_SUCCESS) {
$data['member_image'] = $dbs->escape_string($upload->new_filename);
}
}
// password confirmation
if ($mpasswd1 and $mpasswd2 and $mpasswd1 === $mpasswd2) {
$data['mpasswd'] = 'literal{MD5(\'' . $mpasswd2 . '\')}';
}
// labels
$arr_label = array();
foreach ($_POST['labels'] as $label) {
if (trim($label) != '') {
$arr_label[] = array($label, isset($_POST['label_urls'][$label]) ? $_POST['label_urls'][$label] : null);
}
}
$data['labels'] = $arr_label ? serialize($arr_label) : 'literal{NULL}';
$data['frequency_id'] = $_POST['frequencyID'] == '0' ? 'literal{0}' : (int) $_POST['frequencyID'];
$data['spec_detail_info'] = trim($dbs->escape_string(strip_tags($_POST['specDetailInfo'])));
$data['input_date'] = date('Y-m-d H:i:s');
$data['last_update'] = date('Y-m-d H:i:s');
// image uploading
if (!empty($_FILES['image']) and $_FILES['image']['size']) {
// create upload object
$image_upload = new simbio_file_upload();
$image_upload->setAllowableFormat($sysconf['allowed_images']);
$image_upload->setMaxSize($sysconf['max_image_upload'] * 1024);
$image_upload->setUploadDir(IMAGES_BASE_DIR . 'docs');
// upload the file and change all space characters to underscore
$img_upload_status = $image_upload->doUpload('image', preg_replace('@\\s+@i', '_', $_FILES['image']['name']));
if ($img_upload_status == UPLOAD_SUCCESS) {
$data['image'] = $dbs->escape_string($image_upload->new_filename);
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' upload image file ' . $image_upload->new_filename);
utility::jsAlert(__('Image Uploaded Successfully'));
} else {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', 'ERROR : ' . $_SESSION['realname'] . ' FAILED TO upload image file ' . $image_upload->new_filename . ', with error (' . $image_upload->error . ')');
utility::jsAlert(__('Image Uploaded Successfully'));
}
if (isset($_POST['doImport'])) {
// check for form validity
if (!$_FILES['importFile']['name']) {
utility::jsAlert(__('Please select the file to import!'));
exit;
} else {
if (empty($_POST['fieldSep']) or empty($_POST['fieldEnc'])) {
utility::jsAlert(__('Required fields (*) must be filled correctly!'));
exit;
} else {
// set PHP time limit
set_time_limit(7200);
// set ob implicit flush
ob_implicit_flush();
// create upload object
$upload = new simbio_file_upload();
// get system temporary directory location
$temp_dir = sys_get_temp_dir();
// set max size
$max_size = $sysconf['max_upload'] * 1024;
$upload->setAllowableFormat(array('.csv'));
$upload->setMaxSize($max_size);
$upload->setUploadDir($temp_dir);
$upload_status = $upload->doUpload('importFile');
if ($upload_status != UPLOAD_SUCCESS) {
utility::jsAlert(__('Upload failed! File type not allowed or the size is more than') . ' ' . $sysconf['max_upload'] / 1024 . ' MB');
//mfc
exit;
}
// uploaded file path
$uploaded_file = $temp_dir . DIRECTORY_SEPARATOR . $_FILES['importFile']['name'];
$can_read = utility::havePrivilege('stock_take', 'r');
$can_write = utility::havePrivilege('stock_take', 'w');
if (!($can_read and $can_write)) {
die('<div class="errorBox">' . __('You don\'t have enough privileges to access this area!') . '</div>');
}
// check if there is any active stock take proccess
$stk_query = $dbs->query('SELECT * FROM stock_take WHERE is_active=1');
if ($stk_query->num_rows < 1) {
echo '<div class="errorBox">' . __('NO stock taking proccess initialized yet!') . '</div>';
die;
}
// file upload
if (isset($_POST['stUpload']) && isset($_FILES['stFile'])) {
require SIMBIO_BASE_DIR . 'simbio_FILE/simbio_file_upload.inc.php';
// create upload object
$upload = new simbio_file_upload();
$upload->setAllowableFormat(array('.txt'));
$upload->setMaxSize($sysconf['max_upload'] * 1024);
$upload->setUploadDir(FILES_UPLOAD_DIR);
// upload the file and change all space characters to underscore
$upload_status = $upload->doUpload('stFile');
if ($upload_status == UPLOAD_SUCCESS) {
// write log
utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'stock_take', $_SESSION['realname'] . ' upload stock take file ' . $upload->new_filename);
// open file
$stfile = @fopen(FILES_UPLOAD_DIR . $upload->new_filename, 'r');
if (!$stfile) {
echo '<script type="text/javascript">' . "\n";
echo 'parent.$(\'#stUploadMsg\').html(\'Failed to open stock take file ' . $upload->new_filename . '. Please check permission for directory ' . FILES_UPLOAD_DIR . '\')';
echo '.toggleClass(\'errorBox\').css( {\'display\': \'block\'} );' . "\n";
echo '</script>';
}
// start the output buffer
ob_start();
/* main content */
// biblio topic save proccess
if (isset($_POST['upload']) and trim(strip_tags($_POST['fileTitle'])) != '') {
$uploaded_file_id = 0;
$title = trim(strip_tags($_POST['fileTitle']));
$url = trim(strip_tags($_POST['fileURL']));
// create new sql op object
$sql_op = new simbio_dbop($dbs);
// FILE UPLOADING
if (isset($_FILES['file2attach']) and $_FILES['file2attach']['size']) {
// create upload object
$file_dir = trim($_POST['fileDir']);
$file_upload = new simbio_file_upload();
$file_upload->setAllowableFormat($sysconf['allowed_file_att']);
$file_upload->setMaxSize($sysconf['max_upload'] * 1024);
$file_upload->setUploadDir(REPOBS . DS . str_replace('/', DS, $file_dir));
$file_upload_status = $file_upload->doUpload('file2attach');
if ($file_upload_status === UPLOAD_SUCCESS) {
$file_ext = substr($file_upload->new_filename, strrpos($file_upload->new_filename, '.') + 1);
$fdata['uploader_id'] = $_SESSION['uid'];
$fdata['file_title'] = $dbs->escape_string($title);
$fdata['file_name'] = $dbs->escape_string($file_upload->new_filename);
$fdata['file_url'] = $dbs->escape_string($url);
$fdata['file_dir'] = $dbs->escape_string($file_dir);
$fdata['file_desc'] = $dbs->escape_string(trim(strip_tags($_POST['fileDesc'])));
$fdata['mime_type'] = $sysconf['mimetype'][$file_ext];
$fdata['input_date'] = date('Y-m-d H:i:s');
$fdata['last_update'] = $fdata['input_date'];
}
/* RECORD OPERATION */
if (isset($_POST['saveData']) and $can_read and $can_write) {
$labelName = trim(strip_tags($_POST['labelName']));
$labelDesc = trim(strip_tags($_POST['labelDesc']));
// check form validity
if (empty($labelDesc) or empty($labelName)) {
utility::jsAlert('Label Name OR Label Description must be filled!');
exit;
} else {
$data['label_desc'] = $dbs->escape_string($labelDesc);
$data['label_name'] = 'label-' . strtolower(str_ireplace(array(' ', 'label-', '_'), array('-', '', '-'), $dbs->escape_string($labelName)));
// image uploading
if (!empty($_FILES['labelImage']) and $_FILES['labelImage']['size']) {
// create upload object
$image_upload = new simbio_file_upload();
$image_upload->setAllowableFormat($sysconf['allowed_images']);
$image_upload->setMaxSize($sysconf['max_image_upload'] * 1024);
$image_upload->setUploadDir(IMAGES_BASE_DIR . 'labels');
// upload
$img_upload_status = $image_upload->doUpload('labelImage', $data['label_name']);
if ($img_upload_status == UPLOAD_SUCCESS) {
$data['label_image'] = $dbs->escape_string($image_upload->new_filename . '.png');
// resize the image
if (function_exists('imagecopyresampled')) {
// we use phpthumb class to resize image
include LIB . 'phpthumb/ThumbLib.inc.php';
// create phpthumb object
$src = IMAGES_BASE_DIR . 'labels/' . $image_upload->new_filename;
$phpthumb = PhpThumbFactory::create($src);
$w = $h = 24;
