includes/ui/attachment.inc

   1 <?php
   2 /**********************************************************************
   3     Copyright (C) FrontAccounting, LLC.
   4         Released under the terms of the GNU General Public License, GPL,
   5         as published by the Free Software Foundation, either version 3
   6         of the License, or (at your option) any later version.
   7     This program is distributed in the hope that it will be useful,
   8     but WITHOUT ANY WARRANTY; without even the implied warranty of
   9     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  10     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
  11 ***********************************************************************/
  12 include_once($path_to_root. '/includes/ui/simple_crud_class.inc');
  13
  14 /*
  15         View/Edit class for attachments
  16 */
  17 class attachments extends simple_crud {
  18         var $selected_id;
  19         var $entity;
  20         var $sub_class;
  21         var $class;
  22
  23         function __construct($name, $id, $class, $subclass=null) {
  24                 $fields = array('type_no', 'trans_no','description','filename','tran_date' => 'date');
  25                 parent::__construct($name, $fields);
  26                 $this->class = $class;
  27                 $this->sub_class = $subclass;
  28                 $this->entity = $id;
  29
  30         }
  31
  32         function list_view() {
  33                 global $Ajax, $path_to_root, $session_debtor_no, $session_supplier_id;
  34                 br();
  35                 if(isset($_POST['attachmentDownload'])){
  36                         $keys =  array_keys($_POST['attachmentDownload']);
  37                         $sql = "SELECT * FROM ".TB_PREF."attachments WHERE id = ".db_escape($keys[0]);
  38                         $row = db_fetch(db_query($sql), "Cannot retrieve attachment $keys[0]");
  39
  40
  41                         if ($row['unique_name'] != ""){
  42                                 if(in_ajax()) {
  43                                         $Ajax->redirect($path_to_root.'/admin/attachments.php?dl='.$keys[0]);
  44                                 } else {
  45                                 Header("Content-type: 'application/octet-stream' ");
  46                                 //header('Content-Length: '.$row['filesize']);
  47                                 header('Content-Disposition: attachment; filename="'.$row['filename'].'"');
  48                                 echo file_get_contents(company_path()."/attachments/".$row['unique_name']);
  49                                 exit();
  50                                 }
  51                         }
  52                 }
  53                 if(isset($_POST['attachmentView'])){
  54                         $keys =  array_keys($_POST['attachmentView']);
  55                         $sql = "SELECT * FROM ".TB_PREF."attachments WHERE id = ".db_escape($keys[0]);
  56                         $row = db_fetch(db_query($sql), "Cannot retrieve attachment $keys[0]");
  57
  58                         if ($row['unique_name'] != ""){
  59
  60                                 $Ajax->redirect($path_to_root.'/admin/attachments.php?vw='.$keys[0]);
  61                                 /*if(in_ajax()) {
  62
  63                                 } else {
  64                                 $type_no = ($row['filetype']) ? $row['filetype'] : 'application/octet-stream';
  65                                 header("Content-type: ".$type_no);
  66                                         header("Content-Disposition: inline");
  67                                 echo file_get_contents(company_path(). "/attachments/".$row['unique_name']);
  68                                 exit();
  69                                 }*/
  70                         }
  71                 }
  72                 $filters = array('trans_no' => $this->entity, 'type_no' => (isset($_GET['type_no']) ? $_GET['type_no'] : ST_CUSTOMER)); // default ST_CUSTOMER
  73
  74                 if($session_debtor_no || $session_supplier_id)
  75                         $filters['visible'] = 1;
  76
  77                 $sql = "SELECT * FROM ".TB_PREF."attachments WHERE trans_no=".db_escape($this->entity)." AND type_no = ".db_escape(isset($_GET['type_no']) ? $_GET['type_no'] : ST_CUSTOMER);
  78                 $result = db_query($sql, "Could not get data from ".TB_PREF."attachments table");
  79                 $attachments = Array();
  80                 while($row = db_fetch_assoc($result))
  81                         $attachments[] = $row;
  82
  83                 start_table(TABLESTYLE, "width=80%");
  84                 $th = array(_("ID"), _("Doc Title"), _("Filename"), _("Size"), _("Filetype"), _("Doc Date"),  "",  "", "", "");
  85                 table_header($th);
  86                 if($attachments){
  87                         foreach($attachments as $de) {
  88                                 label_cell($de['id']);
  89                                 label_cell($de['description']);
  90                                 label_cell($de['filename']);
  91                                 label_cell($de['filesize']);
  92                                 label_cell($de['filetype']);
  93                                 label_cell(sql2date($de['tran_date']));
  94                                 edit_button_cell("{$this->name}Edit[{$de['id']}]", _("Edit"));
  95                                 label_cell('<a target="_blank" class="viewlink" href="'.$path_to_root.'/admin/attachments.php?vw='.$de['id'].'" onclick="javascript:openWindow(this.href,this.target); return false;" accesskey="V"><img src="'.$path_to_root.'/themes/default/images/view.gif" style="vertical-align:middle;width:12px;height:12px;border:0;"></a>', 'style="text-align: center;" ');
  96                                 button_cell("{$this->name}Download[{$de['id']}]", _("Download"), false, ICON_DOWN);
  97
  98                                 delete_button_cell("{$this->name}Delete[{$de['id']}]", _("Delete"));
  99                                 end_row();
 100                         }
 101                 }
 102                 end_table(1);
 103         }
 104
 105         function editor_view(){
 106                 //global $Ajax;
 107                 br();
 108                 div_start('Attachment_Details');
 109                 start_outer_table(TABLESTYLE);
 110
 111                 table_section(1);
 112                 table_section_title(_("Attachment Detail"));
 113
 114                 if($this->selected_id != null && $this->selected_id != "") {
 115                         $sql = "SELECT * FROM ".TB_PREF."attachments WHERE id = ".db_escape($this->selected_id);
 116                         $row = db_fetch(db_query($sql), "Cannot retrieve attachment $this->selected_id");
 117                         hidden('unique_name', $row['unique_name']);
 118                         $_POST['tran_date'] = sql2date($row['tran_date']);
 119                         $_POST['title'] = $row['description'];
 120                         $_POST['trans_no'] = $row['trans_no'];
 121                 } else {
 122                         $_POST['trans_no'] = $this->entity;
 123                         $_POST['tran_date'] = Today();
 124                         hidden('unique_name', '');
 125                 }
 126
 127                 $type_no= $_GET['type_no'];
 128
 129
 130                 if($type_no==ST_CUSTOMER) // 5
 131                         $id_word = _("Customer ID");
 132                 elseif($type_no==ST_SUPPLIER) // 6
 133                         $id_word = _("Supplier ID");
 134                 elseif($type_no==ST_ITEM)
 135                         $id_word = _("Item ID");
 136                 elseif($type_no==ST_FIXEDASSET)
 137                         $id_word = _("Fixed Asset ID");
 138                 elseif($type_no==ST_BANKACCOUNT)
 139                         $id_word = _("Bank Account ID");
 140
 141                 label_row(_($id_word), $_POST['trans_no']);
 142                 date_row(_("Date"), 'tran_date');
 143                 text_row_ex(_("Doc Title").':', 'description', 40);
 144                 if ($this->selected_id)
 145                         label_row(_("File:"), sprintf(_("%s [%s bytes]"), $row['filename'], $row['filesize']));
 146                 file_row( ($this->selected_id ? _("File change") : _("Select file")) . ":", 'file_attachment_name', 'file_attachment_name');
 147                 hidden('type_no', $_GET['type_no']);
 148                 end_outer_table(1);
 149                 div_end();
 150         }
 151
 152         function _bottom_controls()     {
 153                 $title=false;
 154                 $async='both';
 155                 $base=$this->name;
 156
 157                 $cancel = $async;
 158
 159                 if ($async === 'both') {
 160                         $async = 'default'; $cancel = 'cancel';
 161                 }
 162                 else if ($async === 'default')
 163                         $cancel = true;
 164                 else if ($async === 'cancel')
 165                         $async = true;
 166                 echo "<center>";
 167
 168                 if ($this->Mode == '' || $this->Mode == 'RESET')
 169                         submit("{$base}NEW", _("Add new"), true, $title, $async);
 170                 else {
 171                         if ($this->Mode == 'NEW' || $this->selected_id==$this->_none)
 172
 173                                 submit("{$base}ADD", _("Add"), true, $title, $async);
 174                         else {
 175                                 submit("{$base}UPDATE[{$this->selected_id}]", _("Update"), true, _("Submit changes"), $async);
 176                         }
 177                         submit("{$base}RESET", _("Cancel"), true, _("Cancel edition"), $cancel);
 178                 }
 179                 echo "</center>";
 180         }
 181
 182         function db_insert() {
 183                 $dat = $this->data;
 184                 if(!isset($max_image_size))
 185                 $max_image_size = 5000;
 186                 $upload_file = "";
 187                 if (isset($_FILES['file_attachment_name']) && $_FILES['file_attachment_name']['name'] <> '') {
 188
 189                         $result = $_FILES['file_attachment_name']['error'];
 190                         $upload_file = 'Yes';
 191                         $attr_dir = company_path().'/attachments' ;
 192                         if (!file_exists($attr_dir)){
 193                                 mkdir($attr_dir);
 194                         }
 195                         $attach_dir = $attr_dir;
 196                         if (!file_exists($attach_dir)){
 197                                 mkdir($attach_dir);
 198                         }
 199
 200                         if(isset($_POST['unique_name']) && $_POST['unique_name'] <> '')
 201                                 $attachment_file_name = $_POST['unique_name'];
 202                         else
 203                                 $attachment_file_name = uniqid();
 204
 205                         $filesize = $_FILES['file_attachment_name']['size'];
 206                         $filetype = $_FILES['file_attachment_name']['type'];
 207
 208                         $filename = $attach_dir."/".$attachment_file_name;
 209
 210                         if (file_exists($filename)){
 211                                 $result = unlink($filename);
 212                                 if (!$result)   {
 213                                         display_error(_('The existing Docs could not be removed'));
 214                                         $upload_file ='No';
 215                                 }
 216                         }
 217                         if ($upload_file == 'Yes'){
 218                                 $actual_file_nam = $_FILES['file_attachment_name']['name'];
 219                                 $result  =  move_uploaded_file($_FILES['file_attachment_name']['tmp_name'], $filename);
 220                                 $sql = "INSERT INTO ".TB_PREF."attachments (trans_no, type_no, `description`, `filename`, unique_name, tran_date, `filesize`, `filetype`) VALUES ("
 221                                            . db_escape($this->entity) . ","
 222                                            . db_escape($dat['type_no']) . ","
 223                                            . db_escape($_POST['description']) . ","
 224                                            . db_escape($actual_file_nam) . ","
 225                                            . db_escape($attachment_file_name) . ","
 226                                            . db_escape(date2sql($_POST['tran_date'])) . ","
 227                                            . db_escape($filesize) . ","
 228                                            . db_escape($filetype) . ")";
 229                                 if(db_query($sql, 'Could not add Attachment'))
 230                                         display_notification(_("A New Attachment Added Successfully"));
 231                         }
 232                 }
 233         }
 234
 235         function db_update() {
 236                 $dat = $this->data;
 237                 if(!isset($max_image_size))
 238                         $max_image_size = 5000;
 239                 $upload_file = "";
 240                 if (isset($_FILES['file_attachment_name']) && $_FILES['file_attachment_name']['name'] != '') {
 241                         $result = $_FILES['file_attachment_name']['error'];
 242                         $upload_file = 'Yes';
 243                         $attr_dir = company_path().'/attachments' ;
 244                         if (!file_exists($attr_dir)){
 245                                 mkdir($attr_dir);
 246                         }
 247                         $attach_dir = $attr_dir;
 248                         if (!file_exists($attach_dir)){
 249                                 mkdir($attach_dir);
 250                         }
 251
 252                         if(isset($_POST['unique_name']) && $_POST['unique_name'] == '')
 253                                 $attachment_file_name = uniqid();
 254                         else
 255                                 $attachment_file_name = $_POST['unique_name'];
 256
 257                         $filesize = $_FILES['file_attachment_name']['size'];
 258                         $filetype = $_FILES['file_attachment_name']['type'];
 259
 260                         $filename = $attach_dir."/".$attachment_file_name;
 261                         if (file_exists($filename)){
 262                                 $result = unlink($filename);
 263                                 if (!$result)   {
 264                                         display_error(_('The existing Docs could not be removed'));
 265                                         $upload_file ='No';
 266                                 }
 267                         }
 268                         if ($upload_file == 'Yes'){
 269                                 $actual_file_nam = $_FILES['file_attachment_name']['name'];
 270                                 $result  =  move_uploaded_file($_FILES['file_attachment_name']['tmp_name'], $filename);
 271                         }
 272                 }
 273                         $sql = "UPDATE ".TB_PREF."attachments SET "
 274                                       . "trans_no = " . db_escape($this->entity) . ","
 275                                            . "type_no = " . db_escape($dat['type_no']) . ","
 276                              . "`description` = " . db_escape($_POST['description']) . ","
 277                                      . "tran_date = " . db_escape(date2sql($_POST['tran_date']));
 278                         if ($upload_file == 'Yes')
 279                                 $sql .=  ", unique_name = " . db_escape($attachment_file_name) . ","
 280                                         . "`filename` = " . db_escape($actual_file_nam) . ","
 281                                         . "`filesize` = " . db_escape($filesize) . ","
 282                                         . "`filetype` = " . db_escape($filetype);
 283                         $sql .=  " WHERE id = " . db_escape($this->selected_id);
 284                                 if(db_query($sql, "Could not Update Attachment $this->selected_id"))
 285                                         display_notification(_("The Selected Attachment $this->selected_id Updated Successfully"));
 286         }
 287
 288         function insert_check() {
 289                 if (strlen($_POST['description']) == 0) {
 290                         display_error(_("Description cannot be empty."));
 291                         set_focus('description');
 292                         return false;
 293                 }
 294                 return true;
 295         }
 296
 297         function db_read() {
 298                 $sql = "SELECT * FROM ".TB_PREF."attachments WHERE id=".db_escape($this->selected_id);
 299                 $result = db_query($sql, "Could not get all data from ".TB_PREF."attachments table");
 300                 $attachments = Array();
 301                 return db_fetch_assoc($result);
 302         }
 303
 304         function delete_check() {
 305                 return true;
 306         }
 307         //
 308         //      Delete all attachments for Customer / Supplier in current class/entity
 309         //
 310         function db_delete() {
 311                 $sql = "SELECT * FROM ".TB_PREF."attachments WHERE id = ".db_escape($this->selected_id);
 312                 $row = db_fetch(db_query($sql), "Cannot retrieve attachment $this->selected_id");
 313
 314                 $dir =  company_path()."/attachments";
 315                 if ($row['unique_name'] && file_exists($dir."/".$row['unique_name']))
 316                         unlink($dir."/".$row['unique_name']);
 317
 318                 $sql = "DELETE FROM ".TB_PREF."attachments WHERE id = ".db_escape($this->selected_id);
 319                 if(db_query($sql, "Could not Delete Attachment $this->selected_id"))
 320                         display_notification(_("The Selected Attachment is Deleted Successfully"));
 321                 return false;
 322         }
 323 }
 324