121 lines
4.2 KiB
PHP
121 lines
4.2 KiB
PHP
<?php
|
|
|
|
// Copyright (C) 2002-2006 Balint Kis (balint@k-i-s.net)
|
|
// Copyright (C) 2005-2013 Solomon Peachy (pizza@shaftnet.org)
|
|
|
|
// This program is free software; you can redistribute it and/or modify
|
|
// it under the terms of the GNU General Public License as published by
|
|
// the Free Software Foundation; either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU General Public License for more details.
|
|
|
|
// You should have received a copy of the GNU General Public License
|
|
// along with this program; if not, write to the Free Software
|
|
// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
|
|
include_once "include/config.php";
|
|
include_once "include/profile.php";
|
|
include_once "include/site.php";
|
|
include_once "include/calendar.php";
|
|
|
|
|
|
/* type = flash, filter, scanner, support [lens film camera won't work] */
|
|
function profile_update_item($database, $identifier, $user_id, $type,
|
|
$sku, $manufacturer_id,
|
|
$model, $url, $serial,
|
|
$date_of_purchase, $purchased_new,
|
|
$access_rights)
|
|
{
|
|
global $po_user;
|
|
global $strings;
|
|
|
|
$user_id = pg_escape_string($database, $user_id);
|
|
$type = pg_escape_string($database, $type);
|
|
|
|
$identifier = pg_escape_string($database, $identifier);
|
|
$model = pg_escape_string($database, $model);
|
|
$url = pg_escape_string($database, $url);
|
|
$serial = pg_escape_string($database, $serial);
|
|
$date_of_purchase = check_date_validity($date_of_purchase);
|
|
$purcahsed_new = pg_escape_string($database, $purchased_new);
|
|
$access_rights = pg_escape_string($database, $access_rights);
|
|
|
|
$sku_to_remove = FALSE;
|
|
|
|
/* Ensure the user owns it !*/
|
|
if ($po_user['type'] != PO_USER_TYPE_ADMIN) {
|
|
$result = pg_fetch_row(pg_query($database, "select count(identifier) from equipment where identifier=$identifier and users=$user_id"));
|
|
if ($result[0] == 0) {
|
|
return FALSE;
|
|
}
|
|
}
|
|
|
|
pg_query($database, "begin");
|
|
|
|
if ($sku=='custom') {
|
|
/* type has changed */
|
|
$sku_to_remove = pg_fetch_row(pg_query($database, "select sku from equipment where identifier='$identifier'"));
|
|
|
|
$number_of_same_type = pg_fetch_row(pg_query($database, "select count(identifier) from equipment where sku = $sku_to_remove[0]"));
|
|
if ($number_of_same_type[0] != 1) {
|
|
$sku_to_remove = FALSE;
|
|
}
|
|
|
|
/* create new type */
|
|
$new_sku = pg_fetch_row(pg_query($database, "select nextval('equipment_sku_id_seq')"));
|
|
$sku = $new_sku[0];
|
|
$result = pg_query($database, "insert into equipment_sku (identifier, manufacturer, model, url, type)
|
|
values ($sku, $manufacturer_id, '$model', '$url', $type)");
|
|
if (!$result) {
|
|
pg_query($database, "rollback");
|
|
site_push_error($strings['errors_db_insert_failed']);
|
|
return FALSE;
|
|
}
|
|
}
|
|
|
|
/* add item */
|
|
$result = pg_query($database, "update equipment set sku=$sku, serial='$serial', purchase_date=$date_of_purchase, purchased_new='$purchased_new', access_rights='$access_rights' where identifier='$identifier'");
|
|
if (!$result) {
|
|
pg_query($database, "rollback");
|
|
site_push_error($strings['errors_db_insert_failed']);
|
|
return FALSE;
|
|
}
|
|
|
|
/* remove old type */
|
|
if ($sku_to_remove) {
|
|
$result = pg_query($database, "delete from equipment_sku where identifier='$sku_to_remove[0]'");
|
|
if (!$result) {
|
|
pg_query($database, "rollback");
|
|
site_push_error($strings['errors_db_insert_failed']);
|
|
return FALSE;
|
|
}
|
|
}
|
|
|
|
pg_query($database, "commit");
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
$database = site_prolog(PO_USER_TYPE_USER);
|
|
|
|
$type = $_REQUEST['type'];
|
|
|
|
profile_update_item($database, $_REQUEST['item_id'],
|
|
$po_user['id'], $type,
|
|
$_REQUEST['sku'],
|
|
$_REQUEST['manufacturer_id'],
|
|
$_REQUEST['model'],
|
|
$_REQUEST['url'],
|
|
$_REQUEST['serial'],
|
|
$_REQUEST['purchase_timestamp'],
|
|
$_REQUEST['purchased_new'],
|
|
$_REQUEST['access_rights']);
|
|
|
|
site_epilog($database);
|
|
header("Location: my.profile.php?selector=".$profile_data[$equipment_types[$type]]['idx']);
|
|
?>
|