2 /**********************************************************************
3 Copyright (C) FrontAccounting, LLC.
4 Released under the terms of the GNU General Public License, GPL,
5 as published by the Free Software Foundation, either version 3
6 of the License, or (at your option) any later version.
7 This program is distributed in the hope that it will be useful,
8 but WITHOUT ANY WARRANTY; without even the implied warranty of
9 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10 See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
11 ***********************************************************************/
12 include_once($path_to_root. '/includes/ui/simple_crud_class.inc');
15 View/Edit class for attachments
17 class attachments extends simple_crud {
23 function __construct($name, $id, $class, $subclass=null) {
24 $fields = array('type_no', 'trans_no','description','filename','tran_date' => 'date');
25 parent::__construct($name, $fields);
26 $this->class = $class;
27 $this->sub_class = $subclass;
32 function list_view() {
33 global $Ajax, $path_to_root, $session_debtor_no, $session_supplier_id;
35 if(isset($_POST['attachmentDownload'])){
36 $keys = array_keys($_POST['attachmentDownload']);
37 $sql = "SELECT * FROM ".TB_PREF."attachments WHERE id = ".db_escape($keys[0]);
38 $row = db_fetch(db_query($sql), "Cannot retrieve attachment $keys[0]");
41 if ($row['unique_name'] != ""){
43 $Ajax->redirect($path_to_root.'/admin/attachments.php?dl='.$keys[0]);
45 Header("Content-type: 'application/octet-stream' ");
46 //header('Content-Length: '.$row['filesize']);
47 header('Content-Disposition: attachment; filename="'.$row['filename'].'"');
48 echo file_get_contents(company_path()."/attachments/".$row['unique_name']);
53 if(isset($_POST['attachmentView'])){
54 $keys = array_keys($_POST['attachmentView']);
55 $sql = "SELECT * FROM ".TB_PREF."attachments WHERE id = ".db_escape($keys[0]);
56 $row = db_fetch(db_query($sql), "Cannot retrieve attachment $keys[0]");
58 if ($row['unique_name'] != ""){
60 $Ajax->redirect($path_to_root.'/admin/attachments.php?vw='.$keys[0]);
64 $type_no = ($row['filetype']) ? $row['filetype'] : 'application/octet-stream';
65 header("Content-type: ".$type_no);
66 header("Content-Disposition: inline");
67 echo file_get_contents(company_path(). "/attachments/".$row['unique_name']);
72 $filters = array('trans_no' => $this->entity, 'type_no' => (isset($_GET['type_no']) ? $_GET['type_no'] : ST_CUSTOMER)); // default ST_CUSTOMER
74 if($session_debtor_no || $session_supplier_id)
75 $filters['visible'] = 1;
77 $sql = "SELECT * FROM ".TB_PREF."attachments WHERE trans_no=".db_escape($this->entity)." AND type_no = ".db_escape(isset($_GET['type_no']) ? $_GET['type_no'] : ST_CUSTOMER);
78 $result = db_query($sql, "Could not get data from ".TB_PREF."attachments table");
79 $attachments = Array();
80 while($row = db_fetch_assoc($result))
81 $attachments[] = $row;
83 start_table(TABLESTYLE, "width=80%");
84 $th = array(_("ID"), _("Doc Title"), _("Filename"), _("Size"), _("Filetype"), _("Doc Date"), "", "", "", "");
87 foreach($attachments as $de) {
88 label_cell($de['id']);
89 label_cell($de['description']);
90 label_cell($de['filename']);
91 label_cell($de['filesize']);
92 label_cell($de['filetype']);
93 label_cell(sql2date($de['tran_date']));
94 edit_button_cell("{$this->name}Edit[{$de['id']}]", _("Edit"));
95 label_cell('<a target="_blank" class="viewlink" href="'.$path_to_root.'/admin/attachments.php?vw='.$de['id'].'" onclick="javascript:openWindow(this.href,this.target); return false;" accesskey="V"><img src="'.$path_to_root.'/themes/default/images/view.gif" style="vertical-align:middle;width:12px;height:12px;border:0;"></a>', 'style="text-align: center;" ');
96 button_cell("{$this->name}Download[{$de['id']}]", _("Download"), false, ICON_DOWN);
98 delete_button_cell("{$this->name}Delete[{$de['id']}]", _("Delete"));
105 function editor_view(){
108 div_start('Attachment_Details');
109 start_outer_table(TABLESTYLE);
112 table_section_title(_("Attachment Detail"));
114 if($this->selected_id != null && $this->selected_id != "") {
115 $sql = "SELECT * FROM ".TB_PREF."attachments WHERE id = ".db_escape($this->selected_id);
116 $row = db_fetch(db_query($sql), "Cannot retrieve attachment $this->selected_id");
117 hidden('unique_name', $row['unique_name']);
118 $_POST['tran_date'] = sql2date($row['tran_date']);
119 $_POST['title'] = $row['description'];
120 $_POST['trans_no'] = $row['trans_no'];
122 $_POST['trans_no'] = $this->entity;
123 $_POST['tran_date'] = Today();
124 hidden('unique_name', '');
127 $type_no= $_GET['type_no'];
130 if($type_no==ST_CUSTOMER) // 5
131 $id_word = _("Customer ID");
132 elseif($type_no==ST_SUPPLIER) // 6
133 $id_word = _("Supplier ID");
134 elseif($type_no==ST_ITEM)
135 $id_word = _("Item ID");
136 elseif($type_no==ST_FIXEDASSET)
137 $id_word = _("Fixed Asset ID");
138 elseif($type_no==ST_BANKACCOUNT)
139 $id_word = _("Bank Account ID");
141 label_row(_($id_word), $_POST['trans_no']);
142 date_row(_("Date"), 'tran_date');
143 text_row_ex(_("Doc Title").':', 'description', 40);
144 if ($this->selected_id)
145 label_row(_("File:"), sprintf(_("%s [%s bytes]"), $row['filename'], $row['filesize']));
146 file_row( ($this->selected_id ? _("File change") : _("Select file")) . ":", 'file_attachment_name', 'file_attachment_name');
147 hidden('type_no', $_GET['type_no']);
152 function _bottom_controls() {
159 if ($async === 'both') {
160 $async = 'default'; $cancel = 'cancel';
162 else if ($async === 'default')
164 else if ($async === 'cancel')
168 if ($this->Mode == '' || $this->Mode == 'RESET')
169 submit("{$base}NEW", _("Add new"), true, $title, $async);
171 if ($this->Mode == 'NEW' || $this->selected_id==$this->_none)
173 submit("{$base}ADD", _("Add"), true, $title, $async);
175 submit("{$base}UPDATE[{$this->selected_id}]", _("Update"), true, _("Submit changes"), $async);
177 submit("{$base}RESET", _("Cancel"), true, _("Cancel edition"), $cancel);
182 function db_insert() {
184 if(!isset($max_image_size))
185 $max_image_size = 5000;
187 if (isset($_FILES['file_attachment_name']) && $_FILES['file_attachment_name']['name'] <> '') {
189 $result = $_FILES['file_attachment_name']['error'];
190 $upload_file = 'Yes';
191 $attr_dir = company_path().'/attachments' ;
192 if (!file_exists($attr_dir)){
195 $attach_dir = $attr_dir;
196 if (!file_exists($attach_dir)){
200 if(isset($_POST['unique_name']) && $_POST['unique_name'] <> '')
201 $attachment_file_name = $_POST['unique_name'];
203 $attachment_file_name = uniqid();
205 $filesize = $_FILES['file_attachment_name']['size'];
206 $filetype = $_FILES['file_attachment_name']['type'];
208 $filename = $attach_dir."/".$attachment_file_name;
210 if (file_exists($filename)){
211 $result = unlink($filename);
213 display_error(_('The existing Docs could not be removed'));
217 if ($upload_file == 'Yes'){
218 $actual_file_nam = $_FILES['file_attachment_name']['name'];
219 $result = move_uploaded_file($_FILES['file_attachment_name']['tmp_name'], $filename);
220 $sql = "INSERT INTO ".TB_PREF."attachments (trans_no, type_no, `description`, `filename`, unique_name, tran_date, `filesize`, `filetype`) VALUES ("
221 . db_escape($this->entity) . ","
222 . db_escape($dat['type_no']) . ","
223 . db_escape($_POST['description']) . ","
224 . db_escape($actual_file_nam) . ","
225 . db_escape($attachment_file_name) . ","
226 . db_escape(date2sql($_POST['tran_date'])) . ","
227 . db_escape($filesize) . ","
228 . db_escape($filetype) . ")";
229 if(db_query($sql, 'Could not add Attachment'))
230 display_notification(_("A New Attachment Added Successfully"));
235 function db_update() {
237 if(!isset($max_image_size))
238 $max_image_size = 5000;
240 if (isset($_FILES['file_attachment_name']) && $_FILES['file_attachment_name']['name'] != '') {
241 $result = $_FILES['file_attachment_name']['error'];
242 $upload_file = 'Yes';
243 $attr_dir = company_path().'/attachments' ;
244 if (!file_exists($attr_dir)){
247 $attach_dir = $attr_dir;
248 if (!file_exists($attach_dir)){
252 if(isset($_POST['unique_name']) && $_POST['unique_name'] == '')
253 $attachment_file_name = uniqid();
255 $attachment_file_name = $_POST['unique_name'];
257 $filesize = $_FILES['file_attachment_name']['size'];
258 $filetype = $_FILES['file_attachment_name']['type'];
260 $filename = $attach_dir."/".$attachment_file_name;
261 if (file_exists($filename)){
262 $result = unlink($filename);
264 display_error(_('The existing Docs could not be removed'));
268 if ($upload_file == 'Yes'){
269 $actual_file_nam = $_FILES['file_attachment_name']['name'];
270 $result = move_uploaded_file($_FILES['file_attachment_name']['tmp_name'], $filename);
273 $sql = "UPDATE ".TB_PREF."attachments SET "
274 . "trans_no = " . db_escape($this->entity) . ","
275 . "type_no = " . db_escape($dat['type_no']) . ","
276 . "`description` = " . db_escape($_POST['description']) . ","
277 . "tran_date = " . db_escape(date2sql($_POST['tran_date']));
278 if ($upload_file == 'Yes')
279 $sql .= ", unique_name = " . db_escape($attachment_file_name) . ","
280 . "`filename` = " . db_escape($actual_file_nam) . ","
281 . "`filesize` = " . db_escape($filesize) . ","
282 . "`filetype` = " . db_escape($filetype);
283 $sql .= " WHERE id = " . db_escape($this->selected_id);
284 if(db_query($sql, "Could not Update Attachment $this->selected_id"))
285 display_notification(_("The Selected Attachment $this->selected_id Updated Successfully"));
288 function insert_check() {
289 if (strlen($_POST['description']) == 0) {
290 display_error(_("Description cannot be empty."));
291 set_focus('description');
298 $sql = "SELECT * FROM ".TB_PREF."attachments WHERE id=".db_escape($this->selected_id);
299 $result = db_query($sql, "Could not get all data from ".TB_PREF."attachments table");
300 $attachments = Array();
301 return db_fetch_assoc($result);
304 function delete_check() {
308 // Delete all attachments for Customer / Supplier in current class/entity
310 function db_delete() {
311 $sql = "SELECT * FROM ".TB_PREF."attachments WHERE id = ".db_escape($this->selected_id);
312 $row = db_fetch(db_query($sql), "Cannot retrieve attachment $this->selected_id");
314 $dir = company_path()."/attachments";
315 if ($row['unique_name'] && file_exists($dir."/".$row['unique_name']))
316 unlink($dir."/".$row['unique_name']);
318 $sql = "DELETE FROM ".TB_PREF."attachments WHERE id = ".db_escape($this->selected_id);
319 if(db_query($sql, "Could not Delete Attachment $this->selected_id"))
320 display_notification(_("The Selected Attachment is Deleted Successfully"));