X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=admin%2Fattachments.php;h=5b5e8247511c359d923f3f85f8a61475dcb5f215;hb=a4f6f631dd0b537229b295e71f7fe3fd85e42333;hp=fca578674cb948799f04b882ac5f97e54182215f;hpb=869e336c7335d984c9ae87d0b810f5c1b3744798;p=fa-stable.git diff --git a/admin/attachments.php b/admin/attachments.php index fca57867..5b5e8247 100644 --- a/admin/attachments.php +++ b/admin/attachments.php @@ -10,18 +10,21 @@ See the License here . ***********************************************************************/ $path_to_root=".."; -$page_security = 8; +$page_security = 'SA_ATTACHDOCUMENT'; +include_once($path_to_root . "/includes/db_pager.inc"); include_once($path_to_root . "/includes/session.inc"); include_once($path_to_root . "/includes/date_functions.inc"); include_once($path_to_root . "/includes/ui.inc"); include_once($path_to_root . "/includes/data_checks.inc"); +include_once($path_to_root . "/admin/db/attachments_db.inc"); +include_once($path_to_root . "/admin/db/transactions_db.inc"); if (isset($_GET['vw'])) $view_id = $_GET['vw']; else -$view_id = find_submit('view'); + $view_id = find_submit('view'); if ($view_id != -1) { $row = get_attachment($view_id); @@ -33,11 +36,8 @@ if ($view_id != -1) $type = ($row['filetype']) ? $row['filetype'] : 'application/octet-stream'; header("Content-type: ".$type); header('Content-Length: '.$row['filesize']); - if ($type == 'application/octet-stream') - header('Content-Disposition: attachment; filename='.$row['filename']); - else - header("Content-Disposition: inline"); - echo file_get_contents($comp_path."/".user_company(). "/attachments/".$row['unique_name']); + header("Content-Disposition: inline"); + echo file_get_contents(company_path(). "/attachments/".$row['unique_name']); exit(); } } @@ -58,17 +58,17 @@ if ($download_id != -1) $type = ($row['filetype']) ? $row['filetype'] : 'application/octet-stream'; header("Content-type: ".$type); header('Content-Length: '.$row['filesize']); - header('Content-Disposition: attachment; filename='.$row['filename']); - echo file_get_contents($comp_path."/".user_company(). "/attachments/".$row['unique_name']); + header('Content-Disposition: attachment; filename="'.$row['filename'].'"'); + echo file_get_contents(company_path()."/attachments/".$row['unique_name']); exit(); } } } $js = ""; -if ($use_popup_windows) +if ($SysPrefs->use_popup_windows) $js .= get_js_open_window(800, 500); -page(_("Attach Documents"), false, false, "", $js); +page(_($help_context = "Attach Documents"), false, false, "", $js); simple_page_mode(true); //---------------------------------------------------------------------------------------- @@ -76,80 +76,92 @@ if (isset($_GET['filterType'])) // catch up external links $_POST['filterType'] = $_GET['filterType']; if (isset($_GET['trans_no'])) $_POST['trans_no'] = $_GET['trans_no']; - + if ($Mode == 'ADD_ITEM' || $Mode == 'UPDATE_ITEM') { - if (isset($_FILES['filename']) && $_FILES['filename']['size'] > 0) + + $filename = basename($_FILES['filename']['name']); + if (!transaction_exists($_POST['filterType'], $_POST['trans_no'])) + display_error(_("Selected transaction does not exists.")); + elseif ($Mode == 'ADD_ITEM' && !in_array(strtoupper(substr($filename, strlen($filename) - 3)), array('JPG','PNG','GIF', 'PDF', 'DOC', 'ODT'))) { + display_error(_('Only graphics,pdf,doc and odt files are supported.')); + } elseif ($Mode == 'ADD_ITEM' && !isset($_FILES['filename'])) + display_error(_("Select attachment file.")); + elseif ($Mode == 'ADD_ITEM' && ($_FILES['filename']['error'] > 0)) { + if ($_FILES['filename']['error'] == UPLOAD_ERR_INI_SIZE) + display_error(_("The file size is over the maximum allowed.")); + else + display_error(_("Select attachment file.")); + } elseif ( strlen($filename) > 60) { + display_error(_("File name exceeds maximum of 60 chars. Please change filename and try again.")); + } else { //$content = base64_encode(file_get_contents($_FILES['filename']['tmp_name'])); $tmpname = $_FILES['filename']['tmp_name']; - $dir = $comp_path."/".user_company(). "/attachments"; + $dir = company_path()."/attachments"; if (!file_exists($dir)) { mkdir ($dir,0777); - $index_file = ""; + $index_file = "activate('_page_body'); +} if ($Mode == 'Delete') { $row = get_attachment($selected_id); - $dir = $comp_path."/".user_company(). "/attachments"; + $dir = company_path()."/attachments"; if (file_exists($dir."/".$row['unique_name'])) unlink($dir."/".$row['unique_name']); - $sql = "DELETE FROM ".TB_PREF."attachments WHERE id = $selected_id"; - db_query($sql, "Could not delete attachment"); + delete_attachment($selected_id); display_notification(_("Attachment has been deleted.")); - $Mode = 'RESET'; + reset_form(); } if ($Mode == 'RESET') + reset_form(); + +function reset_form() { unset($_POST['trans_no']); unset($_POST['description']); @@ -158,76 +170,89 @@ if ($Mode == 'RESET') function viewing_controls() { - start_form(false, true); + global $selected_id; + + start_table(TABLESTYLE_NOBORDER); - start_table("class='tablestyle_noborder'"); + start_row(); + systypes_list_cells(_("Type:"), 'filterType', null, true); + if (list_updated('filterType')) + reset_form(); - systypes_list_row(_("Type:"), 'filterType', null, true); + if(get_post('filterType') == ST_CUSTOMER ){ + customer_list_cells(_("Select a customer: "), 'trans_no', null, false, true, true); + } elseif(get_post('filterType') == ST_SUPPLIER){ + supplier_list_cells(_("Select a supplier: "), 'trans_no', null, false, true,true); + } + end_row(); end_table(1); - end_form(); } -//---------------------------------------------------------------------------------------- +function trans_view($trans) +{ + return get_trans_view_str($trans["type_no"], $trans["trans_no"]); +} -function get_attached_documents($type) +function edit_link($row) { - $sql = "SELECT * FROM ".TB_PREF."attachments WHERE type_no=$type ORDER BY trans_no"; - return db_query($sql, "Could not retrieve attachments"); + return button('Edit'.$row["id"], _("Edit"), _("Edit"), ICON_EDIT); } -function get_attachment($id) +function view_link($row) { - $sql = "SELECT * FROM ".TB_PREF."attachments WHERE id=$id"; - $result = db_query($sql, "Could not retrieve attachments"); - return db_fetch($result); + return button('view'.$row["id"], _("View"), _("View"), ICON_VIEW); } -function display_rows($type) +function download_link($row) { - global $table_style; + return button('download'.$row["id"], _("Download"), _("Download"), ICON_DOWN); +} - $rows = get_attached_documents($type); - $th = array(_("#"), _("Description"), _("Filename"), _("Size"), _("Filetype"), _("Date Uploaded"), "", "", "", ""); - - div_start('transactions'); - start_form(); - start_table($table_style); - table_header($th); - $k = 0; - while ($row = db_fetch($rows)) - { - alt_table_row_color($k); - - label_cell(get_trans_view_str($type, $row['trans_no'])); - label_cell($row['description']); - label_cell($row['filename']); - label_cell($row['filesize']); - label_cell($row['filetype']); - label_cell(sql2date($row['tran_date'])); - edit_button_cell("Edit".$row['id'], _("Edit")); - button_cell("view".$row['id'], _("View"), false, ICON_VIEW); - button_cell("download".$row['id'], _("Download"), false, ICON_DOWN); - delete_button_cell("Delete".$row['id'], _("Delete")); - end_row(); - } - end_table(1); - hidden('filterType', $type); - end_form(); - div_end(); +function delete_link($row) +{ + return button('Delete'.$row["id"], _("Delete"), _("Delete"), ICON_DELETE); +} + +function display_rows($type, $trans_no) +{ + $sql = get_sql_for_attached_documents($type, $type==ST_SUPPLIER || $type==ST_CUSTOMER ? $trans_no : 0); + $cols = array( + _("#") => $type == ST_SUPPLIER || $type == ST_CUSTOMER? 'skip' : array('fun'=>'trans_view', 'ord'=>''), + _("Description") => array('name'=>'description'), + _("Filename") => array('name'=>'filename'), + _("Size") => array('name'=>'filesize'), + _("Filetype") => array('name'=>'filetype'), + _("Date Uploaded") => array('name'=>'tran_date', 'type'=>'date'), + array('insert'=>true, 'fun'=>'edit_link'), + array('insert'=>true, 'fun'=>'view_link'), + array('insert'=>true, 'fun'=>'download_link'), + array('insert'=>true, 'fun'=>'delete_link') + ); + + $table =& new_db_pager('trans_tbl', $sql, $cols); + + $table->width = "60%"; + + display_db_pager($table); } //---------------------------------------------------------------------------------------- +if (list_updated('filterType') || list_updated('trans_no')) + $Ajax->activate('_page_body'); + +start_form(true); viewing_controls(); -if (isset($_POST['filterType'])) - display_rows($_POST['filterType']); +$type = get_post('filterType'); -start_form(true); +display_rows($type, get_post('trans_no')); + +br(2); -start_table($table_style2); +start_table(TABLESTYLE2); if ($selected_id != -1) { @@ -238,25 +263,23 @@ if ($selected_id != -1) $_POST['description'] = $row["description"]; hidden('trans_no', $row['trans_no']); hidden('unique_name', $row['unique_name']); - label_row(_("Transaction #"), $row['trans_no']); + if ($type != ST_SUPPLIER && $type != ST_CUSTOMER) + label_row(_("Transaction #"), $row['trans_no']); } hidden('selected_id', $selected_id); } -else - text_row_ex(_("Transaction #").':', 'trans_no', 10); +else { + if ($type != ST_SUPPLIER && $type != ST_CUSTOMER) + text_row_ex(_("Transaction #").':', 'trans_no', 10); +} text_row_ex(_("Description").':', 'description', 40); -start_row(); -label_cells(_("Attached File") . ":", ""); -end_row(); +file_row(_("Attached File") . ":", 'filename', 'filename'); end_table(1); -if (isset($_POST['filterType'])) - hidden('filterType', $_POST['filterType']); -submit_add_or_update_center($selected_id == -1, '', true); +submit_add_or_update_center($selected_id == -1, '', 'process'); end_form(); end_page(); -?>