398 lines
14 KiB
PHP
Executable file
398 lines
14 KiB
PHP
Executable file
<?php
|
|
global $GlobalMysqlHandler;
|
|
global $GlobalDownloadDir;
|
|
global $GlobalPictureDir;
|
|
|
|
//////////////
|
|
// Get Part Id
|
|
$PartId = 0;
|
|
$PartId = (isset($_GET['PartId']) ) ? $_GET['PartId']:$PartId;
|
|
$PartId = (isset($_POST['PartId'])) ? $_POST['PartId']:$PartId;
|
|
|
|
//mysql part request
|
|
$PartSQLQuery = "SELECT * FROM `Parts` WHERE `Id` = $PartId LIMIT 1;";
|
|
$PartQuery = mysqli_query($GlobalMysqlHandler, $PartSQLQuery);
|
|
$Part = mysqli_fetch_array($PartQuery);
|
|
|
|
if (mysqli_num_rows($PartQuery))
|
|
{
|
|
/////////////////////
|
|
// upload new picture
|
|
if (($ToDo=="UploadNewPicture") && (UserHasRight('EditParts')))
|
|
{
|
|
if (!LockIsActive('Parts',$PartId))
|
|
{
|
|
if (!is_dir($GlobalPictureDir) && !mkdir($GlobalPictureDir))
|
|
{
|
|
MessageError(LangSpell('SentenceCanNotCopyFile'));
|
|
ErrorLog("Can not create directory $GlobalPictureDir");
|
|
}
|
|
elseif (!isset($_FILES['NewPictureFile']))
|
|
{
|
|
MessageError(LangSpell('SentenceNoFileGiven'));
|
|
$ToDo="EditPicture";
|
|
}
|
|
elseif ($_FILES['NewPictureFile']['error'])
|
|
{
|
|
MessageError($_FILES['NewPictureFile']['error'].': http://www.php.net/manual/de/features.file-upload.errors.php');
|
|
ErrorLog("Picture upload error ".$_FILES['NewPictureFile']['error']);
|
|
$ToDo="EditPicture";
|
|
}
|
|
elseif (diskfreespace($GlobalPictureDir)<$_FILES['NewPictureFile']['size'])
|
|
{
|
|
MessageError(LangSpell('SentenceNotEnoughDiskSpace'));
|
|
$ToDo="EditPicture";
|
|
}
|
|
else
|
|
{
|
|
$DestinationFileName = "[".$PartId."]_".$_FILES["NewPictureFile"]["name"];
|
|
$SqlInsertQuery="UPDATE `Parts` SET `PicturePath` = '$DestinationFileName' WHERE `Id` = $PartId LIMIT 1 ;";
|
|
$OldFileNameQuery=mysqli_query($GlobalMysqlHandler, "SELECT `PicturePath` FROM `Parts` WHERE `Id` = $PartId");
|
|
$OldFileNameArray=mysqli_fetch_array($OldFileNameQuery);
|
|
$OldFileName=$OldFileNameArray['PicturePath'];
|
|
if ($OldFileName && file_exists($GlobalPictureDir."/".$OldFileName) && !unlink($GlobalPictureDir."/".$OldFileName))
|
|
{
|
|
MessageError(LangSpell('SentenceCanNotCopyFile'));
|
|
ErrorLog("Unable to delete old picture!");
|
|
$ToDo="EditPicture";
|
|
}
|
|
elseif (!move_uploaded_file($_FILES["NewPictureFile"]["tmp_name"],$GlobalPictureDir."/".$DestinationFileName))
|
|
{
|
|
MessageError(LangSpell('SentenceCanNotCopyFile')." ($GlobalPictureDir)");
|
|
$ToDo="EditPicture";
|
|
}
|
|
elseif (!mysqli_query($GlobalMysqlHandler, $SqlInsertQuery))
|
|
{
|
|
ErrorLog("Can not instert into table 'Parts'!");
|
|
MessageError(LangSpell('SentenceDatabaseError'));
|
|
unlink($GlobalPictureDir."/".$DestinationFileName);
|
|
}
|
|
else
|
|
{
|
|
MessageSuccess(LangSpell('SentenceFileHasBeenUploaded'));
|
|
$ToDo="";
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
MessageError(LangSpell('SentenceLockIsActive'));
|
|
}
|
|
}
|
|
|
|
//////////////////
|
|
// Delete Download
|
|
if (isset($_GET['DownloadId']) && ($ToDo=="DeleteDownload") && (UserHasRight('EditParts')))
|
|
{
|
|
if (!LockIsActive('Parts',$PartId))
|
|
{
|
|
$DownloadQuery = "SELECT * FROM `Downloads` WHERE `Id` = ".$_GET['DownloadId'];
|
|
$DownloadQuery = mysqli_query($GlobalMysqlHandler, $DownloadQuery);
|
|
if (mysqli_num_rows($DownloadQuery))
|
|
{
|
|
$Download=mysqli_fetch_array($DownloadQuery);
|
|
if (file_exists($GlobalDownloadDir."/".$Download['Path']))
|
|
{
|
|
if (unlink($GlobalDownloadDir."/".$Download['Path']))
|
|
{
|
|
if (mysqli_query($GlobalMysqlHandler, "DELETE FROM `Downloads` WHERE `Id` = ".$_GET['DownloadId']." LIMIT 1"))
|
|
MessageSuccess(LangSpell('SentenceDownloadDeleted'));
|
|
else
|
|
{
|
|
ErrorLog("Can not update table 'Downloads' at id '".$_POST['EditDownloadId']."'!");
|
|
MessageError(LangSpell('SentenceDatabaseError'));
|
|
}
|
|
}
|
|
else
|
|
{
|
|
ErrorLog("Deleting file '".$GlobalDownloadDir."/".$Download['Path']."' failed'!");
|
|
MessageError(LangSpell('SentenceCanNotCopyFile'));
|
|
}
|
|
}
|
|
else
|
|
{
|
|
if (mysqli_query($GlobalMysqlHandler, "DELETE FROM `Downloads` WHERE `Id` = ".$_GET['DownloadId']." LIMIT 1"))
|
|
MessageSuccess(LangSpell('SentenceDownloadDeleted'));
|
|
else
|
|
{
|
|
ErrorLog("Can not update table 'Downloads' at id '".$_POST['EditDownloadId']."'!");
|
|
MessageError(LangSpell('SentenceDatabaseError'));
|
|
}
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
MessageError(LangSpell('SentenceLockIsActive'));
|
|
}
|
|
$ToDo="";
|
|
}
|
|
|
|
////////////////
|
|
// Edit Download
|
|
if (isset($_POST['EditDownloadId']) && isset($_POST['EditDownloadName']) && ($ToDo=="EditDownload") && (UserHasRight('EditParts')))
|
|
{
|
|
if (!LockIsActive('Parts',$PartId))
|
|
{
|
|
if (!mysqli_query($GlobalMysqlHandler, "UPDATE `Downloads` SET `Name` = '".$_POST['EditDownloadName']."' WHERE `Id` =".$_POST['EditDownloadId']." LIMIT 1 ;"))
|
|
{
|
|
ErrorLog("Can not update table 'Downloads' at id '".$_POST['EditDownloadId']."'!");
|
|
MessageError(LangSpell('SentenceDatabaseError'));
|
|
}
|
|
else
|
|
MessageSuccess(LangSpell('SentenceDownloadEdited'));
|
|
}
|
|
else
|
|
{
|
|
MessageError(LangSpell('SentenceLockIsActive'));
|
|
}
|
|
$ToDo="";
|
|
}
|
|
|
|
//////////////////////
|
|
// upload new downlaod
|
|
if (($ToDo=="UploadNewDownload") && (UserHasRight('EditParts')))
|
|
{
|
|
if (!LockIsActive('Parts',$PartId))
|
|
{
|
|
if (!is_dir($GlobalDownloadDir) && !mkdir($GlobalDownloadDir))
|
|
{
|
|
MessageError(LangSpell('SentenceCanNotCopyFile'));
|
|
ErrorLog("Can not create directory $GlobalDownloadDir");
|
|
}
|
|
elseif (!isset($_FILES['AddNewDownloadFile']))
|
|
{
|
|
MessageError(LangSpell('SentenceNoFileGiven'));
|
|
$ToDo="EditDownloads";
|
|
}
|
|
elseif ($_FILES['AddNewDownloadFile']['error'])
|
|
{
|
|
MessageError($_FILES['AddNewDownloadFile']['error'].': http://www.php.net/manual/de/features.file-upload.errors.php');
|
|
ErrorLog("Upload error ".$_FILES['AddNewDownloadFile']['error']);
|
|
$ToDo="EditDownloads";
|
|
}
|
|
elseif (diskfreespace($GlobalDownloadDir)<$_FILES['AddNewDownloadFile']['size'])
|
|
{
|
|
MessageError(LangSpell('SentenceNotEnoughDiskSpace'));
|
|
$ToDo="EditDownloads";
|
|
}
|
|
else
|
|
{
|
|
$DestinationFileName = "[".$PartId."]_".$_FILES["AddNewDownloadFile"]["name"];
|
|
$SqlInsertQuery="INSERT INTO `Downloads` ( `PartId` , `Name` , `Path` , `Type` ) VALUES ( '$PartId', "
|
|
."'".((isset($_POST['AddNewDownloadName']) && $_POST['AddNewDownloadName'])? $_POST['AddNewDownloadName']:$_FILES["AddNewDownloadFile"]["name"])."', "
|
|
."'$DestinationFileName', '".$_FILES["AddNewDownloadFile"]["type"]."' );";
|
|
if (file_exists($GlobalDownloadDir."/".$DestinationFileName))
|
|
{
|
|
MessageError(LangSpell('SentenceFileAlreadyExist'));
|
|
$ToDo="EditDownloads";
|
|
}
|
|
elseif (!move_uploaded_file($_FILES["AddNewDownloadFile"]["tmp_name"],$GlobalDownloadDir."/".$DestinationFileName))
|
|
{
|
|
MessageError(LangSpell('SentenceCanNotCopyFile')." ($GlobalDownloadDir)");
|
|
$ToDo="EditDownloads";
|
|
}
|
|
elseif (!mysqli_query($GlobalMysqlHandler, $SqlInsertQuery))
|
|
{
|
|
ErrorLog("Can not instert into table 'Downloads'!");
|
|
MessageError(LangSpell('SentenceDatabaseError'));
|
|
unlink($GlobalDownloadDir."/".$DestinationFileName);
|
|
}
|
|
else
|
|
{
|
|
MessageSuccess(LangSpell('SentenceFileHasBeenUploaded'));
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
MessageError(LangSpell('SentenceLockIsActive'));
|
|
}
|
|
}
|
|
|
|
//////////////////////////
|
|
// Save values of the part
|
|
if (($ToDo=="SaveValues") && (UserHasRight('EditParts')))
|
|
{
|
|
if (!LockIsActive('Parts',$PartId))
|
|
{
|
|
$UpdateQuery = "UPDATE `Parts` SET `Name` = '".$_POST['EditValuesName']."', ";
|
|
$UpdateQuery .= "`Value1` = '".((isset($_POST['EditValuesValue1']))? OtherSiPrefixToFloat($_POST['EditValuesValue1']):0)."', ";
|
|
$UpdateQuery .= "`Value2` = '".((isset($_POST['EditValuesValue2']))? OtherSiPrefixToFloat($_POST['EditValuesValue2']):0)."', ";
|
|
$UpdateQuery .= "`Value3` = '".((isset($_POST['EditValuesValue3']))? OtherSiPrefixToFloat($_POST['EditValuesValue3']):0)."', ";
|
|
$UpdateQuery .= "`ShortDesc` = '".$_POST['EditValuesShortDesc']."', ";
|
|
$UpdateQuery .= "`LongDesc` = '".$_POST['EditValuesLongDesc']."', ";
|
|
$UpdateQuery .= "`VendorId` = '".$_POST['EditValuesVendor']."', ";
|
|
$UpdateQuery .= "`VendorLink` = '".$_POST['NewPartVedorLink']."', ";
|
|
$UpdateQuery .= "`ManufactorLink` = '".$_POST['NewPartManufactorLink']."', ";
|
|
$UpdateQuery .= "`PackageUnit` = '".$_POST['EditValuesPackageUnit']."', ";
|
|
$UpdateQuery .= "`Price` = '".OtherFormatPrice($_POST['EditValuesPrice'])."', ";
|
|
$UpdateQuery .= "`MinOrderQty` = '".$_POST['EditValuesMinOrderQty']."', ";
|
|
$UpdateQuery .= "`Qty` = '".$_POST['EditValuesQty']."', ";
|
|
$UpdateQuery .= "`MinQty` = '".$_POST['EditValuesMinQty']."', ";
|
|
$UpdateQuery .= "`Obsolete` = '".(((isset($_POST['EditValuesObsolete'])) && (strtolower($_POST['EditValuesObsolete'])=="true"))? "True":"False")."' ";
|
|
$UpdateQuery .= "WHERE `Id` = $PartId LIMIT 1 ;";
|
|
if (mysqli_query($GlobalMysqlHandler, $UpdateQuery))
|
|
{
|
|
MessageSuccess(LangSpell('SentencePartHasBeenUpdated'));
|
|
}
|
|
else
|
|
{
|
|
ErrorLog("Can not update table 'Parts' at id '$PartId'!");
|
|
MessageError(LangSpell('SentenceDatabaseError'));
|
|
}
|
|
$ToDo="";
|
|
}
|
|
else
|
|
{
|
|
MessageError(LangSpell('SentenceLockIsActive'));
|
|
}
|
|
$ToDo="";
|
|
}
|
|
|
|
///////////////////////////
|
|
// Save storage of the part
|
|
if (isset($_POST['EditPartStorage']) && ($ToDo=="SaveStorage") && (UserHasRight('EditParts')))
|
|
{
|
|
if (!LockIsActive('Parts',$PartId))
|
|
{
|
|
if (!mysqli_query($GlobalMysqlHandler, "UPDATE `Parts` SET `StorageId` = '".$_POST['EditPartStorage']."' WHERE `Id` =$PartId LIMIT 1 ;"))
|
|
{
|
|
ErrorLog("Can not update table 'Parts' at id '$PartId'!");
|
|
MessageError(LangSpell('SentenceDatabaseError'));
|
|
}
|
|
else
|
|
MessageSuccess(LangSpell('SentencePartHasBeenUpdated'));
|
|
}
|
|
else
|
|
{
|
|
MessageError(LangSpell('SentenceLockIsActive'));
|
|
}
|
|
$ToDo="";
|
|
}
|
|
|
|
///////////////////////////
|
|
// Save package of the part
|
|
if (isset($_POST['EditPartPackage']) && ($ToDo=="SavePackage") && (UserHasRight('EditParts')))
|
|
{
|
|
if (!LockIsActive('Parts',$PartId))
|
|
{
|
|
if (!mysqli_query($GlobalMysqlHandler, "UPDATE `Parts` SET `PackageId` = '".$_POST['EditPartPackage']."' WHERE `Id` =$PartId LIMIT 1 ;"))
|
|
{
|
|
ErrorLog("Can not update table 'Parts' at id '$PartId'!");
|
|
MessageError(LangSpell('SentenceDatabaseError'));
|
|
}
|
|
else
|
|
MessageSuccess(LangSpell('SentencePartHasBeenUpdated'));
|
|
}
|
|
else
|
|
{
|
|
MessageError(LangSpell('SentenceLockIsActive'));
|
|
}
|
|
$ToDo="";
|
|
}
|
|
|
|
////////////////////////
|
|
// Save type of the part
|
|
if (isset($_POST['EditPartType']) && ($ToDo=="SaveType") && (UserHasRight('EditParts')))
|
|
{
|
|
if (!LockIsActive('Parts',$PartId))
|
|
{
|
|
if (!mysqli_query($GlobalMysqlHandler, "UPDATE `Parts` SET `TypeId` = '".$_POST['EditPartType']."' WHERE `Id` =$PartId LIMIT 1 ;"))
|
|
{
|
|
ErrorLog("Can not update table 'Parts' at id '$PartId'!");
|
|
MessageError(LangSpell('SentenceDatabaseError'));
|
|
}
|
|
else
|
|
MessageSuccess(LangSpell('SentencePartHasBeenUpdated'));
|
|
}
|
|
else
|
|
{
|
|
MessageError(LangSpell('SentenceLockIsActive'));
|
|
}
|
|
$ToDo="";
|
|
}
|
|
|
|
//////////////////////////////
|
|
//Update Parts Actual Quantity
|
|
if (isset($_POST['NewQuantity']) && ($ToDo=="SaveNewQuantity") && (UserHasRight('EditParts') || UserHasRight('EditPartQuantity')))
|
|
{
|
|
if (!LockIsActive('Parts',$PartId))
|
|
{
|
|
$NewQuantity=$_POST['NewQuantity'];
|
|
if (!mysqli_query($GlobalMysqlHandler, "UPDATE `Parts` SET `Qty` = '$NewQuantity' WHERE `Id` =$PartId LIMIT 1 ;"))
|
|
{
|
|
ErrorLog("Can not update table 'Parts' at id '$PartId'!");
|
|
MessageError(LangSpell('SentenceDatabaseError'));
|
|
}
|
|
else
|
|
MessageSuccess(LangSpell('SentencePartHasBeenUpdated'));
|
|
}
|
|
else
|
|
{
|
|
MessageError(LangSpell('SentenceLockIsActive'));
|
|
}
|
|
$ToDo="";
|
|
}
|
|
|
|
/////////////////
|
|
// Get Part Query
|
|
$PartSQLQuery = "SELECT * FROM `Parts` WHERE `Id` = $PartId LIMIT 1;";
|
|
$PartQuery = mysqli_query($GlobalMysqlHandler, $PartSQLQuery);
|
|
$Part = mysqli_fetch_array($PartQuery);
|
|
|
|
/////////////
|
|
// Type Array
|
|
$TypeQuery = "SELECT * FROM `Types` WHERE `Id` = ".$Part['TypeId'];
|
|
$TypeQuery = mysqli_query($GlobalMysqlHandler, $TypeQuery);
|
|
$TypeValues = array();
|
|
if (mysqli_num_rows($TypeQuery))
|
|
{
|
|
$TypeItem = mysqli_fetch_array($TypeQuery);
|
|
$TypeValues[0][0] = $TypeItem['NameValue1'];
|
|
$TypeValues[0][1] = $TypeItem['UnitValue1'];
|
|
$TypeValues[1][0] = $TypeItem['NameValue2'];
|
|
$TypeValues[1][1] = $TypeItem['UnitValue2'];
|
|
$TypeValues[2][0] = $TypeItem['NameValue3'];
|
|
$TypeValues[2][1] = $TypeItem['UnitValue3'];
|
|
}
|
|
|
|
$GlobalContent .= '<div id="ShowPart">'."\n";
|
|
|
|
if ($ToDo=="EditType" && UserHasRight('EditParts') && LockActivate('Parts',$PartId))
|
|
{
|
|
include "./pages/show_part_edit_type.php";
|
|
}
|
|
elseif ($ToDo=="EditPackage" && UserHasRight('EditParts') && LockActivate('Parts',$PartId))
|
|
{
|
|
include "./pages/show_part_edit_package.php";
|
|
}
|
|
elseif ($ToDo=="EditStorage" && UserHasRight('EditParts') && LockActivate('Parts',$PartId))
|
|
{
|
|
include "./pages/show_part_edit_storage.php";
|
|
}
|
|
elseif ($ToDo=="EditValues" && UserHasRight('EditParts') && LockActivate('Parts',$PartId))
|
|
{
|
|
include "./pages/show_part_edit_values.php";
|
|
}
|
|
elseif ($ToDo=="EditDownloads" && UserHasRight('EditParts') && LockActivate('Parts',$PartId))
|
|
{
|
|
include "./pages/show_part_edit_downloads.php";
|
|
}
|
|
elseif ($ToDo=="DeletePart" && UserHasRight('EditParts') && LockActivate('Parts',$PartId))
|
|
{
|
|
include "./pages/show_part_delete_part.php";
|
|
}
|
|
else
|
|
{
|
|
include "./pages/show_part_show.php";
|
|
}
|
|
|
|
$GlobalContent .= '</div>'."\n";
|
|
}
|
|
else
|
|
{
|
|
MessageError(LangSpell("SentenceDatabaseError"));
|
|
ErrorLog("[show_part.php] Part Id '$PartId' not found!");
|
|
}
|
|
?>
|