po/src/profile.edit.php

143 lines
5.8 KiB
PHP

<?php
// Copyright (C) 2002-2006 Balint Kis (balint@k-i-s.net)
// Copyright (C) 2005-2013 Solomon Peachy (pizza@shaftnet.org)
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
include_once "include/config.php";
include_once "include/profile.php";
include_once "include/site.php";
include_once "include/common.php";
$database = site_prolog(PO_USER_TYPE_USER);
$type = pg_escape_string($database, $_REQUEST['type']);
$manufacturer_filter = pg_escape_string($database, isset($_REQUEST['filter']) ? $_REQUEST['filter'] : "");
$item = pg_escape_string($database, $_REQUEST['item']);
$current_value = pg_fetch_assoc(pg_query($database, "select name, model, serial,
purchase_date, s_url, purchased_new, access_rights, users
from view_equipment where identifier='$item'"));
/* Ensure the user owns it !*/
if (($po_user['id'] != $current_value['users']) &&
($po_user['type'] != PO_USER_TYPE_ADMIN)) {
site_referer_error('not_owner');
site_epilog($database);
exit();
}
$type_current_value = pg_fetch_assoc(pg_query($database, "select sku from equipment where identifier='$item'"));
$manufacturer = get_generic_query_all($database, "select identifier, name from manufacturer order by name", 'manuf_all');
switch ($manufacturer_filter) {
case 'All':
case '':
$skus = pg_query($database, "select identifier, name, model, m_url from view_equipment_sku where type=$type");
break;
default:
$skus = pg_query($database, "select identifier, name, model, m_url from view_equipment_sku where type=$type and name='$manufacturer_filter'");
}
site_header(sprintf($strings['profile_edit'], $strings['generic_'.$equipment_types[$type]]));
site_navigator(6);
site_navigator_status(emit_a(generate_link('user', ''), $strings['generic_users'])." : ".emit_a("my.profile.php", $strings['generic_my_profile'])." : ".sprintf($strings['profile_edit'], $strings['generic_'.$equipment_types[$type]]), "");
theme_display_navigator_box_top($profile_data[$equipment_types[$type]]['idx'], $profile_data, "100%");
print "<form method=\"post\" action=\"profile.edit.2.php\" accept-charset=\"".$strings['formats_encoding']."\">";
print "<input type=\"hidden\" name=\"type\" value=\"$type\">";
print "<input type=\"hidden\" name=\"item_id\" value=\"$item\">";
print "<table class=\"profile\">\n";
print emit_profile_manuf_combo("profile.edit.php?type=$type&amp;item=$item", $equipment_types[$type], 2, $manufacturer, $manufacturer_filter);
print "<tr>\n";
print "<th width=\"5%\"></th>\n";
print emit_th($strings['profile_manufacturer'], "width=\"35%\"");
print emit_th($strings['profile_model'], "width=\"45%\"");
print "</tr>\n";
print "<input type=\"hidden\" name=\"type\" value=\"$type\" />\n";
$num = pg_num_rows($skus);
if ($num > 0) {
for ($i=0; $i < $num; $i++) {
$r = pg_fetch_assoc($skus, $i);
print "<tr>\n";
print emit_td(emit_radio_item("sku", $r['identifier'], false));
print "<td><a href=\"$r[m_url]\">$r[name]</a></td>\n";
print "<td>$r[model]</td>\n";
print "</tr>\n";
}
} else
print "<tr><td colspan=\"3\">".sprintf($strings['profile_none_found'], $strings['generic_'.$equipment_types[$type]])." ".$strings['generic_types'] ."</td></tr>\n";
print "</table>\n";
print "<table class=\"profile\">\n";
print "<tr class=\"folder_top\">";
print "<td colspan=\"4\">".sprintf($strings['profile_edit_type'], $strings['generic_'.$equipment_types[$type]])."</td>\n";
print "</tr>";
print "<tr>";
print "<th width=\"5%\"></th>\n";
print emit_th($strings['profile_manufacturer'], "width=\"25%\"");
print emit_th($strings['profile_model'], "width=\"35%\"");
print emit_th($strings['user_web'], "width=\"35%\"");
print "</tr>";
print "<tr>";
print emit_td(emit_radio_item("sku", "custom", true));
print "</td>";
print emit_td(emit_manufacturer_combo('manufacturer_id', $manufacturer, $current_value['name']));
print emit_td("<input type=\"text\" name=\"model\" value=\"$current_value[model]\"/>");
print emit_td("<input type=\"text\" name=\"url\" value=\"$current_value[s_url]\"/>");
print "</tr>";
print "</table>\n";
print "<table class=\"profile\">\n";
print "<tr class=\"folder_top\"><td colspan=\"4\">".sprintf($strings['profile_specific_data'], $strings['generic_'.$equipment_types[$type]])."</td></tr>\n";
print "<tr>";
print emit_th($strings['profile_serial']);
print emit_th($strings['profile_purchased']);
print emit_th($strings['profile_new']);
print emit_th($strings['generic_access']);
print "</tr>";
$date_of_purchase= substr($current_value['purchase_date'], 0, 10);
print "<tr>";
print "<td><input type=\"text\" name=\"serial\" value=\"$current_value[serial]\"/></td>";
print "<td>\n";
print emit_date_input_form("purchase_timestamp", $date_of_purchase);
print "</td>\n";
print "<td>"; print emit_yes_no_combo("purchased_new", $current_value['purchased_new']); print "</td>\n";
print "<td>"; print emit_access_combo("access_rights", $current_value['access_rights'], ""); print "</td>\n";
print "</tr>";
print "</table>";
print $thm_elem['button.save.changes'];
print $thm_elem['button.clear'];
print $thm_elem['button.cancel'];
print "</form>";
theme_display_navigator_box_bottom("100%");
site_footer($database);
site_epilog($database);
?>