3 * SkladovySystem - Storage management system compatible with LMS
4 * Copyright (C) 2011 Tomas Mudrunka
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as
8 * published by the Free Software Foundation, either version 3 of the
9 * License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
16 * You should have received a copy of the GNU Affero General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
20 require_once('sklad.conf.php');
21 require_once('Sklad_LMS-fake.class.php');
22 require_once('HTTP_Auth.class.php');
25 * Trida poskytuje podpurne funkce pro generovani HTML kodu specificke pro sklad
27 * Tato trida by nemela sama nic vypisovat (vyjma chybovych a debugovacich hlasek)!
30 * @author Tomas Mudrunka
33 function header($title='') {
35 $script = $_SERVER['SCRIPT_NAME'];
36 $search = @trim
($_GET['q']);
39 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
41 <h1><a href="$script/">SystémSklad</a><small>$title</small></h1>
44 <li><a href="?logout">Logout</a></li>
45 <li><a href="$script/">Home</a></li>
47 <form action="?" method="GET">
48 <input type="text" name="q" placeholder="regexp..." value="$search" />
49 <input type="submit" value="filter" />
51 <!-- form action="$script/" method="GET">
52 <input type="text" name="q" placeholder="regexp..." value="$search" />
53 <input type="submit" value="search items" />
61 foreach($row as $var) {
62 if(trim($var) == '') $var = ' ';
63 $html.="<td>$var</td>";
69 function table(&$table, $params='border=1') {
70 $html="<table $params>";
72 foreach($table as $row) {
74 $html.=$this->row(array_keys($row));
77 $html.=$this->row($row);
83 function link($title='n/a', $link='#void', $internal=true) {
84 if($internal) $link = $_SERVER['SCRIPT_NAME'].'/'.$link;
85 return "<a href='$link'>$title</a>";
88 function img($src='#void', $title='img') {
89 return "<img src='$src' alt='$title' title='$title' width=64 />";
92 function table_add_images(&$table) {
93 $image = array('model_id');
94 foreach($table as $id => $row) {
95 foreach($image as $column) if(isset($table[$id][$column])) {
96 $type = @array_shift
(preg_split('/_/', $column));
97 $src=URL_IMAGES
."/$type/".$table[$id][$column].'.jpg';
98 $table[$id][$type.'_image']=$this->img($src, $table[$id][$column]);
103 function table_collapse(&$table) {
105 'item_id' => 'item_id',
106 'model_id' => 'model_name',
107 'category_id' => 'category_name',
108 'producer_id' => 'producer_name',
109 'vendor_id' => 'vendor_name',
110 'room_id' => 'room_name',
111 'status_id' => 'status_name',
113 foreach($table as $id => $row) {
114 foreach($collapse as $link => $title)
115 if(isset($table[$id][$link])) {
116 $type = @array_shift
(preg_split('/_/', $link));
117 if($link != $title) unset($table[$id][$link]);
118 $table[$id][$title]=$this->link($row[$title], $type.'/'.$row[$link].'/');
123 function table_sort(&$table) {
124 $precedence = array('item_id', 'model_image', 'model_name','model_descript','category_name','status_name','room_name');
125 $table_sorted = array();
126 foreach($table as $id => $row) {
127 $table_sorted[$id] = array();
128 foreach($precedence as $column) if(isset($table[$id][$column])) {
129 $table_sorted[$id][$column]=$table[$id][$column];
130 unset($table[$id][$column]);
132 $table_sorted[$id]=array_merge($table_sorted[$id],$table[$id]);
134 $table = $table_sorted;
137 function render_item_table($table) {
138 $this->table_add_images($table);
139 $this->table_collapse($table);
140 $this->table_sort($table);
141 return $this->table($table);
144 function input($name=false, $value=false, $type='text', $placeholder=false, $options=false) {
145 $html = "<input type='$type' ";
146 if($name) $html.= "name='$name' ";
147 if(!is_bool($value)) $html.= "value='$value' ";
148 if($options) $html.= "$options ";
149 if($placeholder) $html.= "placeholder='$placeholder' ";
154 function select($name, $selectbox, $default=false) {
155 //echo('<pre>'); print_r($selectbox);
156 $html = "<select name='$name'>";
159 $value=$default; $title=$selectbox[$value];
160 $html .= "<option value='$value'>$value :: $title</option>";
161 unset($selectbox[$value]);
163 foreach($selectbox as $value => $title) {
164 $html .= "<option value='$value'>$value :: $title</option>";
166 $html .= "</select>";
170 function render_insert_form($class, $columns, $selectbox=array(), $current=false, $multi_insert=true) {
171 //echo('<pre>'); print_r($selectbox);
172 //echo('<pre>'); print_r($current);
174 if(is_array($current)) {
176 $current = array_shift($current);
179 $html='<form method="POST">';
180 if($multi_insert) $html.='<div name="input_set" style="float:left; border:1px solid grey;">';
181 //$html.=$this->input('table', $class, 'hidden');
182 foreach($columns as $column) {
183 $html.=$class.':<b>'.$column['Field'].'</b>: ';
184 $name="values[$class][".$column['Field'].'][]';
185 $val = $update ?
$current[$column['Field']] : false;
187 case preg_match('/auto_increment/', $column['Extra']):
189 $html.=$this->input($name, $val, 'hidden');
190 $html.=$val.'(AUTO)';
192 case isset($selectbox[$column['Field']]):
193 $html.=$this->select($name,$selectbox[$column['Field']],$val);
196 $html.=$this->input($name, $val);
203 //TODO, move to separate JS file
206 <span name="input_set_next"></span><br style="clear:both" />
208 function duplicate_element(what, where) {
209 document.getElementsByName(where)[0].outerHTML =
210 document.getElementsByName(what)[0].outerHTML
211 + document.getElementsByName(where)[0].outerHTML;
214 <a href='#' onClick="duplicate_element('input_set', 'input_set_next')">+</a>
218 $btn = is_array($current) ?
'UPDATE' : 'INSERT';
219 $html.=$this->input(false, $btn, 'submit');
226 * Trida poskytuje rozhrani k databazi skladu
229 * @author Tomas Mudrunka
231 class Sklad_DB
extends PDO
{
232 function __construct() {
233 $this->lms
= new Sklad_LMS();
236 DB_DSN
, DB_USER
, DB_PASS
,
237 array(PDO
::MYSQL_ATTR_INIT_COMMAND
=> "SET NAMES utf8") //Force UTF8 for MySQL
241 function escape($str) {
242 return preg_replace('(^.|.$)', '', $this->quote($str)); //TODO HACK
245 function build_query_select($class, $id=false, $limit=false, $offset=0, $search=false, $id_suffix='_id') {
246 $class = $this->escape($class);
248 'item' => array('model', 'category', 'producer', 'vendor', 'room', 'status'),
249 'model' => array('category', 'producer')
251 $search_fields = array(
252 'item' => array('item_id','model_name','model_barcode','model_descript','producer_name','vendor_name')
254 $sql="SELECT * FROM $class\n";
255 if(isset($join[$class])) foreach($join[$class] as $j) $sql .= "LEFT JOIN $j USING($j$id_suffix)\n";
257 $search = $this->quote($search);
258 if(!isset($search_fields[$class])) {
259 trigger_error("Ve tride $class zatim vyhledavat nemozno :-(");
262 $sql .= 'WHERE FALSE ';
263 foreach($search_fields[$class] as $column) $sql .= "OR $column REGEXP $search ";
264 } elseif($id) $sql .= "WHERE $class$id_suffix = $id\n";
266 $limit = $this->escape((int)$limit);
267 $offset = $this->escape((int)$offset);
268 $sql .= "LIMIT $offset,$limit\n";
273 function safe_query($sql) {
274 $result = $this->query($sql);
276 trigger_error('<font color=red><b>QUERY FAILED:</b><pre>'.$sql.'</pre></font>');
282 function get_listing($class, $id=false, $limit=false, $offset=0, $search=false, $indexed=array(), $suffix_id='_id') {
283 $sql = $this->build_query_select($class, $id, $limit, $offset, $search);
284 $result = $this->safe_query($sql)->fetchAll(PDO
::FETCH_ASSOC
);
285 if(!$result ||
!is_array($indexed)) return $result;
287 foreach($result as $key => $row) $indexed[$row[$class.$suffix_id]]=$row;
291 function get_columns($class) {
292 $class = $this->escape($class);
293 $sql = "SHOW COLUMNS FROM $class;";
294 return $this->safe_query($sql)->fetchAll(PDO
::FETCH_ASSOC
);
297 function columns_get_selectbox($columns, $class=false, $suffix_id='_id', $suffix_name='_name') {
299 foreach($columns as $column) {
300 if($class && $column['Field'] == $class.$suffix_id) continue;
301 if(!preg_match('/'.$suffix_id.'$/', $column['Field'])) continue;
302 $table=preg_replace('/'.$suffix_id.'$/','',$column['Field']);
303 $sql = "SELECT $table$suffix_id, $table$suffix_name FROM $table;";
304 $result=$this->safe_query($sql)->fetchAll(PDO
::FETCH_ASSOC
);
305 foreach($result as $row) $selectbox[$table.$suffix_id][$row[$table.$suffix_id]]=$row[$table.$suffix_name];
307 //echo('<pre>'); print_r($selectbox);
311 function build_query_insert($table, $values, $replace=true, $suffix_id='_id') {
312 $table = $this->escape($table);
314 //Get list of POSTed columns
315 $columns = implode(',',array_map(array($this,'escape'), array_keys($values[0])));
317 //Insert into table (columns)
319 if($replace) $sql = 'REPLACE';
320 $sql .= " INTO $table ($columns) VALUES ";
322 //Values (a,b,c),(d,e,f)
324 foreach($values as $row) {
325 $sql .= $comma.'('.implode(',',array_map(array($this,'quote'), $row)).')';
334 function insert_or_update($table, $values) {
335 $sql = $this->build_query_insert($table, $values);
336 $this->safe_query($sql);
337 return $this->lastInsertId();
340 function insert_or_update_multitab($values) {
342 foreach($values as $table => $rows) $last = $this->insert_or_update($table, $rows);
346 function delete($table, $id, $suffix_id='_id') {
347 $key = $this->escape($table.$suffix_id);
348 $table = $this->escape($table);
349 $id = $this->quote($id);
350 return $this->safe_query("DELETE FROM $table WHERE $key = $id LIMIT 1;");
355 * Trida implementuje uzivatelske rozhrani skladu
358 * $sklad = new Sklad_UI();
359 * $sklad->process_http_request();
362 * @author Tomas Mudrunka
365 function __construct() {
366 $this->db
= new Sklad_DB();
367 $this->html
= new Sklad_HTML();
370 function render_items($class, $id=false, $limit=false, $offset=0, $search=false) {
371 return $this->html
->render_item_table($this->db
->get_listing($class, $id, $limit, $offset, $search));
374 function render_form_add($class) {
375 $columns = $this->db
->get_columns($class);
376 $selectbox = $this->db
->columns_get_selectbox($columns, $class);
377 return $this->html
->render_insert_form($class, $columns, $selectbox);
380 function render_form_edit($class, $id) {
381 $columns = $this->db
->get_columns($class);
382 $selectbox = $this->db
->columns_get_selectbox($columns, $class);
383 $current = $this->db
->get_listing($class, $id);
384 return $this->html
->render_insert_form($class, $columns, $selectbox, $current);
387 function render_single_record_details($class, $id) {
389 $id_prev = $id - 1 > 0 ?
$id - 1 : 0;
390 $get = $_SERVER['QUERY_STRING'] != '' ?
'?'.$_SERVER['QUERY_STRING'] : '';
392 $html.= $this->html
->link('<<', "$class/$id_prev/");
394 $html.= $this->html
->link('>>', "$class/$id_next/");
396 $html.= $this->html
->link('edit', "$class/$id/edit/");
400 function render_listing_navigation($class, $id, $limit, $offset) {
401 $offset_next = $offset +
$limit;
402 $offset_prev = $offset - $limit > 0 ?
$offset - $limit : 0;
403 $get = $_SERVER['QUERY_STRING'] != '' ?
'?'.$_SERVER['QUERY_STRING'] : '';
405 $html.= $this->html
->link('<<', "$class/$id/$limit/$offset_prev/$get");
407 $html.= $this->html
->link('>>', "$class/$id/$limit/$offset_next/$get");
409 $html.= $this->html
->link('new', "$class/new/$get");
413 function render_listing_extensions($class, $id, $limit, $offset, $edit=false) {
415 if(is_numeric($id)) {
416 $html.=$this->render_single_record_details($class, $id);
418 $html.=$this->render_listing_navigation($class, '*', $limit, $offset);
421 $html.='<br />TODO UPDATE FORM!<br />';
422 $html.= $this->render_form_edit($class, $id);
423 $action = $_SERVER['SCRIPT_NAME']."/$class/$id/delete";
424 $html.= "<form action='$action' method='POST'>";
425 $html.= $this->html
->input(false, 'DELETE', 'submit');
426 $html.= 'sure?'.$this->html
->input('sure', false, 'checkbox');
428 $action = $_SERVER['SCRIPT_NAME']."/$class/$id/image";
429 $html.= "<form action='$action' method='POST' enctype='multipart/form-data'>";
430 $html.= $this->html
->input('image', false, 'file', false, 'size="30"');
431 $html.= $this->html
->input(false, 'IMAGE', 'submit');
437 function check_auth() {
438 new HTTP_Auth('SkladovejSystem', true, array($this->db
->lms
,'check_auth'));
441 function post_redirect_get($last, $next) { //TODO prepracovat, tohle je uplna picovina...
442 //header('Location: '.$_SERVER['REQUEST_URI']); //TODO redirect (need templating system or ob_start() first!!!)
443 echo 'Hotovo. Poslední vložený záznam naleznete '.$this->html
->link('zde', $last).'.<br />'.
444 'Další záznam přidáte '.$this->html
->link('zde', $next).'.';
448 function safe_include($dir,$name,$vars=array(),$ext='.inc.php') {
449 if(preg_match('/[^a-zA-Z0-9-]/',$name)) die(trigger_error('SAFE INCLUDE: Securityfuck.'));
450 $filename="$dir/$name$ext";
451 if(!is_file($filename)) die(trigger_error('SAFE INCLUDE: Fuckfound.'));
452 foreach($vars as $var => $val) $
$var=$val;
455 $out=ob_get_contents();
460 function process_http_request_post($action=false, $class=false, $id=false) {
461 if($_SERVER['REQUEST_METHOD'] != 'POST') return;
462 echo('<pre>'); //DEBUG (maybe todo remove)
466 /* Tenhle foreach() prekopiruje promenne
467 * z: $_POST['values'][$table][$column][$id];
468 * do: $values[$table][$id][$column]
470 if(isset($_POST['values'])) {
472 foreach($_POST['values'] as $table => $columns) {
473 foreach($columns as $column => $ids) {
474 foreach($ids as $id => $val) $values[$table][$id][$column] = $val;
477 //die(print_r($values));
480 if($action) switch($action) {
483 //if(!isset($_POST['table'])) die(trigger_error("Jest nutno specifikovat tabulku voe!"));
484 //$table=$_POST['table'];
486 //print_r($values); //debug
487 $last = $this->db
->insert_or_update_multitab($values);
488 $this->post_redirect_get("$table/$last/", "$table/new/");
491 if(!isset($_POST['sure']) ||
!$_POST['sure']) die(trigger_error('Sure user expected :-)'));
492 $this->db
->delete($class, $id);
493 die("Neco (pravdepodobne /$class/$id) bylo asi smazano. Fnuk :'-("); //TODO REDIRECT
496 $image_classes = array('model'); //TODO, use this more widely across the code
497 if(!in_array($class, $image_classes)) die(trigger_error("Nekdo nechce k DB Tride '$class' prirazovat obrazky!"));
498 $image_destination = DIR_IMAGES
."/$class/$id.jpg";
499 if($_FILES['image']['name'] == '') die(trigger_error('Kazde neco se musi nejak jmenovat!'));
500 if(move_uploaded_file($_FILES['image']['tmp_name'], $image_destination)) {
501 chmod ($image_destination, 0664);
502 die('Obrazek se naladoval :)'); //TODO REDIRECT
503 } else die(trigger_error('Soubor se nenahral :('));
506 trigger_error('Nothin\' to do here my cutie :-*');
513 function process_http_request() {
516 @ini_set
('magic_quotes_gpc' , 'off');
517 if(get_magic_quotes_gpc()) {
518 die(trigger_error("Error: magic_quotes_gpc needs to be disabled! F00K!"));
521 $PATH_INFO=@trim
($_SERVER[PATH_INFO
]);
522 echo $this->html
->header($PATH_INFO);
526 $PATH_CHUNKS = preg_split('/\//', $PATH_INFO);
527 if(!isset($PATH_CHUNKS[1])) $PATH_CHUNKS[1]='';
528 switch($PATH_CHUNKS[1]) {
530 die('Tell me why you cry');
532 case 'assistant': //assistant
533 $assistant_vars['step'] = isset($PATH_CHUNKS[3]) && is_numeric($PATH_CHUNKS[3]) ?
trim($PATH_CHUNKS[3]) : false;
534 echo $this->safe_include(DIR_ASSISTANTS
,$PATH_CHUNKS[2],$assistant_vars);
537 $search = (isset($_GET['q']) && trim($_GET['q']) != '') ?
trim($_GET['q']) : false;
538 $class = (isset($PATH_CHUNKS[1]) && $PATH_CHUNKS[1] != '') ?
$PATH_CHUNKS[1] : 'item';
539 if(!isset($PATH_CHUNKS[2])) $PATH_CHUNKS[2]='';
540 switch($PATH_CHUNKS[2]) {
542 $this->process_http_request_post($PATH_CHUNKS[2], $class);
543 echo $this->render_form_add($class);
546 $id = (isset($PATH_CHUNKS[2]) && is_numeric($PATH_CHUNKS[2]) ?
(int) $PATH_CHUNKS[2] : false);
547 if(!isset($PATH_CHUNKS[3])) $PATH_CHUNKS[3]='';
549 switch($PATH_CHUNKS[3]) {
550 case 'edit': //?/?/edit
551 case 'image': //?/image
552 case 'delete': //?/delete
553 $this->process_http_request_post($PATH_CHUNKS[3], $class, $id);
556 $limit = (int) (isset($PATH_CHUNKS[3]) ?
$PATH_CHUNKS[3] : '0');
557 $offset = (int) (isset($PATH_CHUNKS[4]) ?
$PATH_CHUNKS[4] : '0');
558 echo $this->render_items($class, $id, $limit, $offset, $search);
559 echo $this->render_listing_extensions($class, $id, $limit, $offset, $edit);
560 //print_r(array("<pre>",$_SERVER));
570 $sklad = new Sklad_UI();
571 $sklad->process_http_request();
This page took 0.834579 seconds and 4 git commands to generate.