Location: PHPKode > projects > ACSoc Comics Library Management System > odin-0.589/staff.php
<?php 
	require_once "odincom.php";
	require_once "$ui_dir/uicom.inc";
	require_once "dbo/User.php";
	require_once "dbo/UserList.php";
	require_once "dbo/Staff.php";
	require_once "$ui_dir/renderer.inc";
	require_once "$ui_dir/dispstaff.inc";
	
	$script	="staff.php";
	odin_staff_login();

	if ($_GET['nvr']) {
		$_SESSION['navbar']->register("root_staff");
	}

	switch ($_POST['action']) {
		case "add_class":
			add_class();
			$mainForm = "class";
			break;
		case "edit_class":
			edit_class();
			$mainForm = "class";
			break;
		case "del_class":
			del_class();
			$mainForm = "class";
			break;
		case "set_class":
			if (set_class()) {
				$_SESSION['navbar']->unregister("setpermission");
				$renderObj = query_staff();
				$mainForm = "main";
			} else {
				$renderObj = query_staff();
				$renderObj->set_staff_permission = 1;
			}
			break;
		case "upgrade_patron":
			if (upgrade_patron()) {
				$_SESSION['navbar']->unregister("upgrade_p2s");
				$renderObj = query_staff();
				$mainForm = "main";
			} else {
				$formPreload = htmlspecialchars($_POST['patronnos']);
				$mainForm = "upgrade";
			}
			break;
		default:
			if ($_GET['class']) {
				$_SESSION['navbar']->register("editclass", "get");
				$mainForm = "class";
			} elseif ($_GET['setp']) { 
				$_SESSION['navbar']->register("setpermission", "get");	
				$renderObj = query_staff();
				$renderObj->set_staff_permission = 1;
			} elseif ($_GET['upgrade']) {
				$_SESSION['navbar']->register("upgrade_p2s", "get");
				$mainForm = "upgrade";
			} else {
				$_SESSION['navbar']->register("root_staff");
				$renderObj = query_staff();
				$mainForm = "main";
			}
	}
	
	
	print_header();
	$renderer = new Renderer;
	if (!$deferRenderObj && $renderObj) {
		$renderer->is_admin = check_staff_permission('writestafflist',0);
		$renderer->render($renderObj);
		unset($renderObj);
	}

	switch ($mainForm) {
		case "class":
			staff_permission_form();
			break;
		case "main":
			main_staff_form();
			break;
		case "upgrade":
			upgrade_form($formPreload);
			break;
		default:
			default_form();
	}			

	if ($renderObj) {
		$renderer->render($renderObj);
	}
	print_footer();
	exit();

function query_staff() {
	global $lang;
	$list = new UserList();
	$list->lim = $_GET['lim'];
	$list->page = $_GET['page'];
	$list->orderby = $_GET['ord'];
	$list->orderdesc = $_GET['odn'];
	$list->subset = "staff";
	$list->browse();
	if ($list->no_of_match>=1) {
		//$_SESSION['navbar']->register("staff_browse", "get", $displaystr);
		return $list;
	}
	else
	{
		myresult(1, $lang[60]);
	}
}

function upgrade_patron() {
	if (!check_staff_permission("writestafflist")) return;

	$class = $_POST['class'];
	$patronnos = split("[\n\r,]+", $_POST['patronnos']);
	$changed = 0;
	odin_connect();
	foreach ($patronnos as $pno) {
		if (!$class) continue;
		$query = "UPDATE odin_user SET staffclass='$class' WHERE patronno='$pno'";
		//print $query;
		if (!mysql_query($query)) {
			myresult (0, "Update odin_user failed : ". mysql_error() ."<br>$query");
		} elseif (!mysql_affected_rows()) {
			myresult (0, "Patron no. $pno not found or is currently a staff.");
		} else {
			$okpno[] = $pno;
			$changed = 1;
		}
	}
	
	if ($changed) {
		//$itemdesc = "MID=$this->id\n";
		//$itemdesc .= ("DIS=" . join("\t", $okpno) ."\n");
		$itemdesc .= (join("\t", $okpno) ."\n");
		$itemdesc .= "Upgrade to staff";
		$query = "INSERT INTO odin_log SET
				type='EditUser',
				staff='{$_SESSION['userinfo']['id']}',
				ipaddr='{$_SERVER['REMOTE_ADDR']}',
				itemdesc='$itemdesc',
				timestamp=NULL";
		if (!mysql_query($query) || !mysql_affected_rows()) {
			myresult (0, "(Warning) Insert into odin_log failed : ". mysql_error() ."<br>$query");
		}

		myresult (1, "Staff class updated");
		return 1;
	}
	else return;
}


function set_class() {
	if (!check_staff_permission("writestafflist")) return;

	$classArr = $_POST['class'];	
	$changed = 0;
	odin_connect();
	foreach ($classArr as $id=>$class) {
		if (!$class) continue;
		if (!is_numeric($id)) continue;
		elseif ($class != 'NULL') $class="'".mysql_escape_string($class)."'";
		$query = "UPDATE odin_user SET staffclass=$class WHERE id=$id";
		if (!mysql_query($query)) {
			myresult (0, "Update odin_user failed : ". mysql_error() ."<br>$query");
		} else {
			$changed = 1;
		}
	}
	
	if ($changed) {
		myresult (1, "Staff class updated");
		return 1;
	}
	else return;
}

function edit_class() {
	$class = new StaffClass();
	$class->putFields($_POST);
	$class->id = $_POST['id'];
	$error = $class->validate();
	if ($error) {
		myresult(0, join("<br>\n", $error));
		return;
	}
	if ($class->updateToDB()) {
		myresult (1, "Edit Class Successful\n");
		unset ($GLOBALS["_POST"]);
		return 1;
	}
	return;
}

function add_class() {
	
	$class = new StaffClass();
	$class->putFields($_POST);
	$error = $class->validate();
	if ($error) {
		myresult(0, join("<br>\n", $error));
		return;
	}
	if ($class->insertIntoDB()) {
		myresult (1, "Add Class Successful\n");		
		return $series->id;
	}
	return;
}

function del_class() {
	
	$class = new StaffClass();
	$class->id = $_POST['id'];
	if ($class->deleteFromDB()) {
		myresult (1, "Delete Class Successful\n");		
		return 1;
	}
	return;
}


?>
Return current item: ACSoc Comics Library Management System