X-Git-Url: https://git.harvie.cz/?a=blobdiff_plain;f=index.php;h=925b0e2447bcf052b7733227ba21693bf550eebf;hb=a084118b0d833341b0a70fca7f84cc7001d791a1;hp=a41759c806ca12358db1e6bc34cbad8aef9d1884;hpb=c97592292d9b256247251f82d30d1085b2be5211;p=mirrors%2FSokoMan.git diff --git a/index.php b/index.php index a41759c..925b0e2 100755 --- a/index.php +++ b/index.php @@ -21,6 +21,75 @@ require_once('sklad.conf.php'); require_once('Sklad_LMS-fake.class.php'); require_once('HTTP_Auth.class.php'); +/** +* Trida poskytuje vseobecne funkce pro generovani HTML kodu +* +* Tato trida by nemela sama nic vypisovat (vyjma chybovych a debugovacich hlasek)! +* +* @package HTML +* @author Tomas Mudrunka +*/ +class HTML { + function row($row) { + $html=''; + foreach($row as $var) { + if(trim($var) == '') $var = ' '; + $html.="$var"; + } + $html.=''; + return $html; + } + + function table(&$table, $params='border=1') { + $html=""; + $header=true; + foreach($table as $row) { + if($header) { + $html.=$this->row(array_keys($row)); + $header=false; + } + $html.=$this->row($row); + } + $html.='
'; + return $html; + } + + function link($title='n/a', $link='#void', $internal=true) { + if($internal) $link = $this->internal_url($link); + return "$title"; + } + + function img($src='#void', $title='img') { + return "$title"; + } + + function input($name=false, $value=false, $type='text', $placeholder=false, $options=false) { + $html = "'); print_r($selectbox); + $html = ""; + return $html; + } +} + /** * Trida poskytuje podpurne funkce pro generovani HTML kodu specificke pro sklad * @@ -29,12 +98,12 @@ require_once('HTTP_Auth.class.php'); * @package Sklad_HTML * @author Tomas Mudrunka */ -class Sklad_HTML { +class Sklad_HTML extends HTML { function header($title='') { $home = URL_HOME; $script = $_SERVER['SCRIPT_NAME']; $search = htmlspecialchars(@trim($_GET['q'])); - $message = htmlspecialchars(@trim($_GET['message'])); + $message = strip_tags(@trim($_GET['message']),''); return << @@ -117,43 +186,10 @@ class Sklad_HTML { EOF; } - function row($row) { - $html=''; - foreach($row as $var) { - if(trim($var) == '') $var = ' '; - $html.="$var"; - } - $html.=''; - return $html; - } - - function table(&$table, $params='border=1') { - $html=""; - $header=true; - foreach($table as $row) { - if($header) { - $html.=$this->row(array_keys($row)); - $header=false; - } - $html.=$this->row($row); - } - $html.='
'; - return $html; - } - function internal_url($link) { return $_SERVER['SCRIPT_NAME'].'/'.$link; } - function link($title='n/a', $link='#void', $internal=true) { - if($internal) $link = $this->internal_url($link); - return "$title"; - } - - function img($src='#void', $title='img') { - return "$title"; - } - function table_add_images(&$table) { $image = array('model_id'); foreach($table as $id => $row) { @@ -206,33 +242,7 @@ EOF; return $this->table($table); } - function input($name=false, $value=false, $type='text', $placeholder=false, $options=false) { - $html = "'); print_r($selectbox); - $html = ""; - return $html; - } - - function render_insert_form($class, $columns, $selectbox=array(), $current=false, $multi_insert=true) { + function render_insert_form($class, $columns, $selectbox=array(), $current=false, $hidecols=false, $multi_insert=true) { //echo('
'); print_r($selectbox);
 		//echo('
'); print_r($current);
 		$update = false;
@@ -241,6 +251,8 @@ EOF;
 			$current = array_shift($current);
 		}
 
+		if(!is_array($hidecols)) $hidecols = array('item_author', 'item_valid_from', 'item_valid_till'); //TODO Autodetect
+
 		$html='
';
 		if($multi_insert) $html.='
';
 		//$html.=$this->input('table', $class, 'hidden');
@@ -249,7 +261,7 @@ EOF;
 			$name="values[$class][".$column['Field'].'][]';
 			$val = $update ? $current[$column['Field']] : false;
 			switch(true) {
-				case preg_match('/auto_increment/', $column['Extra']):
+				case (preg_match('/auto_increment/', $column['Extra']) || in_array($column['Field'], $hidecols)):
 					if(!$val) $val = '';
 					$html.=$this->input($name, $val, 'hidden');
 					$html.=$val.'(AUTO)';
@@ -329,8 +341,7 @@ class Sklad_DB extends PDO {
 		if($search) {
 			$search = $this->quote($search);
 			if(!isset($search_fields[$class])) {
-				trigger_error("Ve tride $class zatim vyhledavat nemozno :-(");
-				die();
+				$this->post_redirect_get($class, "Ve tride $class zatim vyhledavat nemozno :-(");
 			}
 			$where[0] = 'FALSE ';
 			foreach($search_fields[$class] as $column) $where[0] .= "OR $column REGEXP $search ";
@@ -383,7 +394,8 @@ class Sklad_DB extends PDO {
 			if(!preg_match('/'.$suffix_id.'$/', $column['Field'])) continue;
 			$table=preg_replace('/'.$suffix_id.'$/','',$column['Field']);
 
-			$sql = "SELECT $table$suffix_id, $table$suffix_name FROM $table;"; //TODO History
+			$history = $this->contains_history($table) ? ' WHERE '.$table.'_valid_till=0' : '';
+			$sql = "SELECT $table$suffix_id, $table$suffix_name FROM $table$history;";
 			$result = $this->safe_query($sql, false);
 			if(!$result) continue;
 			$result = $result->fetchAll(PDO::FETCH_ASSOC);
@@ -483,7 +495,7 @@ class Sklad_DB extends PDO {
 	}
 
 	function delete($table, $id, $suffix_id='_id') {
-		if($this->contains_history($table)) die(trigger_error("V tabulce $table jentak neco mazat nebudes chlapecku :-P")); //TODO post redirect get
+		if($this->contains_history($table)) return false;
 		$key = $this->escape($table.$suffix_id);
 		$table = $this->escape($table);
 		$id = $this->quote($id);
@@ -491,6 +503,16 @@ class Sklad_DB extends PDO {
 	}
 }
 
+/**
+* Trida poskytuje high-level rozhrani k databazi skladu
+*
+* @package  Sklad_DB_Abstract
+* @author   Tomas Mudrunka
+*/
+class Sklad_DB_Abstract extends Sklad_DB {
+	//TODO Code
+}
+
 /**
 * Trida implementuje uzivatelske rozhrani skladu
 *
@@ -559,7 +581,6 @@ class Sklad_UI {
 			$html.=$this->render_listing_navigation($class, '*', $limit, $offset);
 		}
 		if($edit)	{
-			$html.='
TODO UPDATE FORM!
'; //TODO: Asi uz je hotovy...
 			$html.= $this->render_form_edit($class, $id);
 			$action = $_SERVER['SCRIPT_NAME']."/$class/$id/delete";
 	    $html.= "";
@@ -579,16 +600,17 @@ class Sklad_UI {
 		new HTTP_Auth('SkladovejSystem', true, array($this->db->lms,'check_auth'));
 	}
 
-	function post_redirect_get($location, $message='') {
+	function post_redirect_get($location, $message='', $error=false) {
 		$location = $this->html->internal_url($location).'?message='.urlencode($message);
 		header('Location: '.$location);
-		die("Location: $location");
+		if($error) trigger_error($message);
+		die("Location: $location");
 	}
 
 	function safe_include($dir,$name,$vars=array(),$ext='.inc.php') {
-		if(preg_match('/[^a-zA-Z0-9-]/',$name)) die(trigger_error('SAFE INCLUDE: Securityfuck.'));
+		if(preg_match('/[^a-zA-Z0-9-]/',$name)) $this->post_redirect_get('', 'SAFE INCLUDE: Securityfuck.', true);
 		$filename="$dir/$name$ext";
-		if(!is_file($filename)) die(trigger_error('SAFE INCLUDE: Fuckfound.'));
+		if(!is_file($filename)) $this->post_redirect_get('', 'SAFE INCLUDE: Fuckfound.', true);
 		foreach($vars as $var => $val) $$var=$val;
 		ob_start();
 		include($filename);
@@ -620,31 +642,27 @@ class Sklad_UI {
 		if($action) switch($action) {
 			case 'new':
 			case 'edit':
-				//if(!isset($_POST['table'])) die(trigger_error("Jest nutno specifikovat tabulku voe!"));
-				//$table=$_POST['table'];
-				$table='item';
+				$table = $class ? $class : 'item';
 				//print_r($values); //debug
 				$last = $this->db->insert_or_update_multitab($values);
 				$last = "$table/$last/";
 				$next = "$table/new/";
-				echo 'Hotovo. Poslední vložený záznam naleznete '.$this->html->link('zde', $last).'.
'.
-					'Další záznam přidáte '.$this->html->link('zde', $next).'.';
-				die();
+				$this->post_redirect_get($last, 'Hotovo. Další záznam přidáte '.$this->html->link('zde', $next).'.');
 				break;
 			case 'delete':
-				if(!isset($_POST['sure']) || !$_POST['sure']) die(trigger_error('Sure user expected :-)'));
-				$this->db->delete($class, $id);
+				if(!isset($_POST['sure']) || !$_POST['sure']) $this->post_redirect_get("$class/$id/edit", 'Sure user expected :-)');
+				$this->db->delete($class, $id) || $this->post_redirect_get("$class/$id/edit", "V tabulce $class jentak neco mazat nebudes chlapecku :-P");
 				$this->post_redirect_get("$class", "Neco (pravdepodobne /$class/$id) bylo asi smazano. Fnuk :'-(");
 				break;
 			case 'image':
 				$image_classes = array('model'); //TODO, use this more widely across the code
-				if(!in_array($class, $image_classes)) die(trigger_error("Nekdo nechce k DB Tride '$class' prirazovat obrazky!"));
+				if(!in_array($class, $image_classes)) $this->post_redirect_get("$class/$id/edit", "Nekdo nechce k DB Tride '$class' prirazovat obrazky!");
 				$image_destination = DIR_IMAGES."/$class/$id.jpg";
-				if($_FILES['image']['name'] == '') die(trigger_error('Kazde neco se musi nejak jmenovat!'));
+				if($_FILES['image']['name'] == '') $this->post_redirect_get("$class/$id/edit", 'Kazde neco se musi nejak jmenovat!', true);
 				if(move_uploaded_file($_FILES['image']['tmp_name'], $image_destination)) {
 					chmod ($image_destination, 0664);
 					$this->post_redirect_get("$class/$id", 'Obrazek se naladoval :)');
-				} else die(trigger_error('Soubor se nenahral :('));
+				} else $this->post_redirect_get("$class/$id/edit", 'Soubor se nenahral :(', true);
 				break;
 			default:
 				trigger_error('Nothin\' to do here my cutie :-*');