X-Git-Url: https://git.harvie.cz/?a=blobdiff_plain;f=index.php;h=8f37200644000085749f7c776b3cf8c5e281608d;hb=b4c58cd09ff3251041d9cd6f946f7875608a132c;hp=ce099b166954c63ca978ce258311003a765b9e91;hpb=16261142aaa2e3477b476d84c662a14bb3d1fa82;p=mirrors%2FSokoMan.git

diff --git a/index.php b/index.php
index ce099b1..8f37200 100755
--- a/index.php
+++ b/index.php
@@ -111,14 +111,18 @@ class Sklad_HTML extends HTML {
 <h1><a href="$script/">SystémSklad</a><small>$title</small></h1>
 
 <style type="text/css">
-.menu li, .menu * li {
+.menu li {
 	float: left;
-	margin: 0.2em;
+	padding: 0.2em;
+}
+
+.menu * li {
+	float: none;
 }
 
 .menu * menu {
 	position: absolute;
-	background-color: yellow;
+	padding: 0.2em;
 }
 
 .menu, .menu * menu {
@@ -126,22 +130,29 @@ class Sklad_HTML extends HTML {
 }
 
 .menu * menu {
+	border: 1px solid orange;
 	display: none;
 	margin: 0;
 }
 
-.menu li:hover menu {
+.menu li:hover menu, .menu li:hover {
 	display: block;
+	background-color: yellow;
 }
+
 </style>
 
 <div>
 	<menu class="menu">
 		<li><a href="?logout">Logout</a></li>
 		<li><a href="$script/">Home</a></li>
-		<li><a href="#">Assistants</A>
+		<li><a href="#">Assistants</a>
 			<menu>
+				<li><a href="$script/assistant/stats">stats</a></li>
 				<li><a href="$script/assistant/store">store</a></li>
+				<li><a href="$script/assistant/dispose">dispose</a></li>
+				<li><a href="$script/assistant/sell">sell</a></li>
+				<li>&darr;&darr; BETA &darr;&darr;</li>
 				<li><a href="$script/assistant/new-item">new-item</a></li>
 			</menu>
 		</li>
@@ -214,7 +225,7 @@ EOF;
 		);
 		foreach($table as $id => $row) {
 			foreach($collapse as $link => $title)
-				if(isset($table[$id][$link])) {
+				if(isset($table[$id][$link]) && isset($row[$title])) {
 					$type = @array_shift(preg_split('/_/', $link));
 					if($link != $title) unset($table[$id][$link]);
 					$table[$id][$title]=$this->link($row[$title], $type.'/'.$row[$link].'/');
@@ -328,7 +339,7 @@ class Sklad_DB extends PDO {
 			'model'	=> array('category', 'producer')
 		); //TODO Autodetect using foreign keys?
 		$search_fields = array(
-			'item'	=> array('item_id','model_name','model_barcode','model_descript','producer_name','vendor_name')
+			'item'	=> array('item_id','item_serial','model_name','model_barcode','model_descript','producer_name','vendor_name')
 		); //TODO Autodetect
 
 		//Escaping
@@ -342,13 +353,13 @@ class Sklad_DB extends PDO {
 		if($search) {
 			$search = $this->quote($search);
 			if(!isset($search_fields[$class])) $this->post_redirect_get($class, "Ve tride $class zatim vyhledavat nemozno :-(");
-			$search = '';
-			foreach($search_fields[$class] as $column) $search .= "OR $column REGEXP $search ";
-			$where[] = "FALSE $search";
+			$sql_search = '';
+			foreach($search_fields[$class] as $column) $sql_search .= "OR $column REGEXP $search ";
+			$where[] = "FALSE $sql_search";
 		}	elseif($id) $where[] = "$class$suffix_id = $id";
 		if(!$history && $this->contains_history($class)) $where[] = $class.'_valid_till=0';
 
-		if($where) $sql .= 'WHERE '.implode(' AND ', $where)."\n";
+		if($where) $sql .= 'WHERE ('.implode(') AND (', $where).")\n";
 		//ORDER
 		if(!$order) $order = $class.$suffix_id;
 		if($this->contains_history($class)) $order .= ",${class}_valid_from DESC";
@@ -614,7 +625,11 @@ class Sklad_UI {
 		$location = $this->html->internal_url($location).'?message='.urlencode($message);
 		header('Location: '.$location);
 		if($error) trigger_error($message);
-		die("Location: <a href='$location'>$location</a>");
+		$location=htmlspecialchars($location);
+		die(
+			"<meta http-equiv='refresh' content='0; url=$location'>".
+			"Location: <a href='$location'>$location</a>"
+		);
 	}
 
 	function safe_include($dir,$name,$vars=array(),$ext='.inc.php') {