admin/db/attachments_db.inc

   1 <?php
   2 /**********************************************************************
   3     Copyright (C) FrontAccounting, LLC.
   4         Released under the terms of the GNU General Public License, GPL,
   5         as published by the Free Software Foundation, either version 3
   6         of the License, or (at your option) any later version.
   7     This program is distributed in the hope that it will be useful,
   8     but WITHOUT ANY WARRANTY; without even the implied warranty of
   9     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  10     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
  11 ***********************************************************************/
  12
  13 //----------------------------------------------------------------------------------------
  14
  15 function add_attachment($filterType, $trans_no, $description,
  16         $filename, $unique_name, $filesize, $filetype)
  17 {
  18         $date = date2sql(Today());
  19         $sql = "INSERT INTO ".TB_PREF."attachments (type_no, trans_no, description, filename, unique_name,
  20                 filesize, filetype, tran_date) VALUES (".db_escape($filterType).","
  21                 .db_escape($trans_no).",".db_escape($description).", "
  22                 .db_escape($filename).", ".db_escape($unique_name).", ".db_escape($filesize)
  23                 .", ".db_escape($filetype).", '$date')";
  24         db_query($sql, "Attachment could not be inserted");
  25 }
  26 //----------------------------------------------------------------------------------------
  27
  28 function update_attachment($selected_id, $filterType, $trans_no, $description,
  29         $filename, $unique_name, $filesize, $filetype)
  30 {
  31         $date = date2sql(Today());
  32         $sql = "UPDATE ".TB_PREF."attachments SET
  33                 type_no=".db_escape($filterType).",
  34                 trans_no=".db_escape($trans_no).",
  35                 description=".db_escape($description).", ";
  36         if ($filename != "")
  37         {
  38                 $sql .= "filename=".db_escape($filename).",
  39                 unique_name=".db_escape($unique_name).",
  40                 filesize=".db_escape($filesize).",
  41                 filetype=".db_escape($filetype).",";
  42         }
  43         $sql .= "tran_date='$date' WHERE id=".db_escape($selected_id);
  44         db_query($sql, "Attachment could not be updated");
  45 }
  46
  47 //----------------------------------------------------------------------------------------
  48
  49 function delete_attachment($id)
  50 {
  51         $sql = "DELETE FROM ".TB_PREF."attachments WHERE id = ".db_escape($id);
  52         db_query($sql, "Could not delete attachment");
  53 }
  54
  55 //----------------------------------------------------------------------------------------
  56
  57 function get_attachment_string($type, $id)
  58 {
  59         global $path_to_root;
  60     $str_return = "";
  61     $sql = "SELECT * FROM ".TB_PREF."attachments WHERE type_no=".db_escape($type)." AND trans_no=".db_escape($id)." ORDER BY trans_no";
  62     $return = db_query($sql, "Could not retrieve attachments");
  63     while ($attachment = db_fetch($return))
  64     {
  65         if (strlen($str_return))
  66             $str_return = $str_return . " \n";
  67         $str_return .= _("Attached File:")." <a target='_blank' href='$path_to_root/admin/attachments.php?vw=".$attachment["id"]."' onclick='javascript:openWindow(this.href, this.target);return false;'> ".
  68                 $attachment["id"] . " " . $attachment["description"]. " - ". $attachment["filename"]."</a><br>";
  69     }
  70     return $str_return . "<br>";
  71 }
  72
  73 //----------------------------------------------------------------------------------------
  74
  75 function get_attached_documents($type, $trans_no=false)
  76 {
  77         $sql = "SELECT * FROM ".TB_PREF."attachments WHERE type_no=".db_escape($type);
  78         if ($trans_no)
  79                 $sql .= " AND trans_no=".db_escape($trans_no);
  80         $sql .= " ORDER BY trans_no";
  81         return db_query($sql, "Could not retrieve attachments");
  82 }
  83
  84 function get_attachment($id)
  85 {
  86         $sql = "SELECT * FROM ".TB_PREF."attachments WHERE id=".db_escape($id);
  87         $result = db_query($sql, "Could not retrieve attachments");
  88         return db_fetch($result);
  89 }
  90
  91 function has_attachment($type, $id)
  92 {
  93         $sql = "SELECT DISTINCT * FROM ".TB_PREF."attachments WHERE type_no=".db_escape($type)." AND trans_no=".db_escape($id);
  94         $result = db_query($sql, "Could not retrieve attachments");
  95         $myrow = db_fetch($result);
  96         if ($myrow === false)
  97                 return 0;
  98         else
  99                 return $myrow['id'];
 100 }
 101
 102 function get_sql_for_attached_documents($type, $id_no)
 103 {
 104     // $_POST['trans_no'] will be used to store the customer_id or supplier_id for them
 105         $sql = "SELECT trans_no, description, filename, filesize, filetype, tran_date, id, type_no FROM ".TB_PREF."attachments WHERE type_no=".db_escape($type);
 106
 107         if(($type == ST_CUSTOMER || $type == ST_SUPPLIER) && $id_no != null)
 108                 $sql .=" AND trans_no = ".db_escape($id_no);
 109
 110         $sql .= " ORDER BY trans_no DESC";
 111
 112         return $sql;
 113 }
 114
 115 function move_trans_attachments($type, $trans_from, $trans_to)
 116 {
 117         $sql = "UPDATE ".TB_PREF."attachments SET trans_no=".db_escape($trans_to)
 118                 ." WHERE type_no=".db_escape($type)." AND trans_no=".db_escape($trans_from);
 119         db_query($sql, 'cannot move atachments');
 120 }
 121
 122