<?php
/* editf.php
phpInvoice - is easy-to-use Web-based multilingual accounting software.
Copyright (C) 2001 - 2008 Edy Corak < phprechnung at ecorak dot net >
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
require_once("../include/phprechnung.inc.php");
require_once("../include/smarty.inc.php");
CheckUser();
CheckSession();
if(isset($_POST['myID']))
{
$myID = $_POST['myID'];
}
if(isset($_POST['page']))
{
$page = $_POST['page'];
}
if(isset($_POST['infoID']))
{
$infoID = $_POST['infoID'];
}
if(isset($_POST['Customer']))
{
$Customer = $_POST['Customer'];
}
if(isset($_POST['PrintName']))
{
$PrintName = $_POST['PrintName'];
}
if(isset($_POST['Prefix']))
{
$Prefix = $_POST['Prefix'];
}
if(isset($_POST['Firstname']))
{
$Firstname = $_POST['Firstname'];
}
if(isset($_POST['Lastname']))
{
$Lastname = $_POST['Lastname'];
}
if(isset($_POST['Title1']))
{
$Title1 = $_POST['Title1'];
}
if(isset($_POST['Company']))
{
$Company = $_POST['Company'];
}
if(isset($_POST['Department']))
{
$Department = $_POST['Department'];
}
if(isset($_POST['Address']))
{
$Address = $_POST['Address'];
}
if(isset($_POST['Country']))
{
$Country = $_POST['Country'];
}
if(isset($_POST['Postalcode']))
{
$Postalcode = $_POST['Postalcode'];
}
if(isset($_POST['City']))
{
$City = $_POST['City'];
}
if(isset($_POST['Stateprov']))
{
$Stateprov = $_POST['Stateprov'];
}
if(isset($_POST['Position1']))
{
$Position1 = $_POST['Position1'];
}
if(isset($_POST['Initials']))
{
$Initials = $_POST['Initials'];
}
if(isset($_POST['Salutation']))
{
$Salutation = $_POST['Salutation'];
}
if(isset($_POST['Note']))
{
$Note = $_POST['Note'];
}
if(isset($_POST['Category']))
{
$Category = $_POST['Category'];
}
if(isset($_POST['MethodOfPayment']))
{
$MethodOfPayment = $_POST['MethodOfPayment'];
}
if(isset($_POST['Birthday']))
{
$Birthday = $_POST['Birthday'];
}
if(isset($_POST['Message']))
{
$Message = $_POST['Message'];
}
if(isset($_POST['PrintName1']))
{
$PrintName1 = $_POST['PrintName1'];
}
if(isset($_POST['Date_From1']))
{
$Date_From1 = $_POST['Date_From1'];
}
if(isset($_POST['Date_Till1']))
{
$Date_Till1 = $_POST['Date_Till1'];
}
if(isset($_POST['CustomerID']))
{
$CustomerID = $_POST['CustomerID'];
}
if(isset($_POST['Prefix1']))
{
$Prefix1 = $_POST['Prefix1'];
}
if(isset($_POST['Firstname1']))
{
$Firstname1 = $_POST['Firstname1'];
}
if(isset($_POST['Lastname1']))
{
$Lastname1 = $_POST['Lastname1'];
}
if(isset($_POST['Title11']))
{
$Title11 = $_POST['Title11'];
}
if(isset($_POST['Company1']))
{
$Company1 = $_POST['Company1'];
}
if(isset($_POST['Department1']))
{
$Department1 = $_POST['Department1'];
}
if(isset($_POST['Address1']))
{
$Address1 = $_POST['Address1'];
}
if(isset($_POST['Country1']))
{
$Country1 = $_POST['Country1'];
}
if(isset($_POST['Postalcode1']))
{
$Postalcode1 = $_POST['Postalcode1'];
}
if(isset($_POST['City1']))
{
$City1 = $_POST['City1'];
}
if(isset($_POST['Stateprov1']))
{
$Stateprov1 = $_POST['Stateprov1'];
}
if(isset($_POST['Position11']))
{
$Position11 = $_POST['Position11'];
}
if(isset($_POST['Initials1']))
{
$Initials1 = $_POST['Initials1'];
}
if(isset($_POST['Salutation1']))
{
$Salutation1 = $_POST['Salutation1'];
}
if(isset($_POST['Phonehome1']))
{
$Phonehome1 = $_POST['Phonehome1'];
}
if(isset($_POST['Phoneoffi1']))
{
$Phoneoffi1 = $_POST['Phoneoffi1'];
}
if(isset($_POST['Phoneothe1']))
{
$Phoneothe1 = $_POST['Phoneothe1'];
}
if(isset($_POST['Phonework1']))
{
$Phonework1 = $_POST['Phonework1'];
}
if(isset($_POST['Mobile1']))
{
$Mobile1 = $_POST['Mobile1'];
}
if(isset($_POST['Pager1']))
{
$Pager1 = $_POST['Pager1'];
}
if(isset($_POST['Fax1']))
{
$Fax1 = $_POST['Fax1'];
}
if(isset($_POST['Email1']))
{
$Email1 = $_POST['Email1'];
}
if(isset($_POST['Url1']))
{
$Url1 = $_POST['Url1'];
}
if(isset($_POST['Note1']))
{
$Note1 = $_POST['Note1'];
}
if(isset($_POST['AltField11']))
{
$AltField11 = $_POST['AltField11'];
}
if(isset($_POST['AltField21']))
{
$AltField21 = $_POST['AltField21'];
}
if(isset($_POST['AltField31']))
{
$AltField31 = $_POST['AltField31'];
}
if(isset($_POST['AltField41']))
{
$AltField41 = $_POST['AltField41'];
}
if(isset($_POST['Category1']))
{
$Category1 = $_POST['Category1'];
}
if(isset($_POST['MethodOfPayment1']))
{
$MethodOfPayment1 = $_POST['MethodOfPayment1'];
}
if(isset($_POST['Birthday1']))
{
$Birthday1 = $_POST['Birthday1'];
}
if(isset($_POST['Order']))
{
$Order = $_POST['Order'];
}
if(isset($_POST['Sort']))
{
$Sort = $_POST['Sort'];
}
$Searchstring = "CustomerID=$CustomerID&Prefix1=$Prefix1&Title11=$Title11&Firstname1=$Firstname1&Initials1=$Initials1&Lastname1=$Lastname1&Phonehome1=$Phonehome1&Salutation1=$Salutation1&Mobile1=$Mobile1&Address1=$Address1&Fax1=$Fax1&Stateprov1=$Stateprov1&Email1=$Email1&Postalcode1=$Postalcode1&City1=$City1&Url1=$Url1&Company1=$Company1&Phonework1=$Phonework1&Department1=$Department1&Phoneoffi1=$Phoneoffi1&Position11=$Position11&Phoneothe1=$Phoneothe1&Pager1=$Pager1&Note1=$Note1&Altfield11=$AltField11&Altfield21=$AltField21&Altfield31=$AltField31&Altfield41=$AltField41&Country1=$Country1&Date_From1=$Date_From1&Date_Till1=$Date_Till1&Birthday1=$Birthday1&Category1=$Category1&MethodOfPayment1=$MethodOfPayment1&PrintName1=$PrintName1";
// Database connection
//
DBConnect();
// Get the creator
//
$query = $db->Execute("SELECT MYID, CREATEDBY FROM {$TBLName}addressbook WHERE MYID=$myID");
$row = $query->GetRows();
// If an error has occurred, display the error message
//
if (!$query)
print $db->ErrorMsg();
else
foreach($row as $f)
{
$CreatedBy = $f['CREATEDBY'];
}
function UserInput($mark)
{
global $smarty, $a, $myID, $page, $infoID, $Prefix, $Title1, $Firstname, $Initials, $Lastname,
$Salutation, $Address, $Stateprov, $Postalcode, $City, $Company, $Department, $Position1,
$Note, $Country, $Birthday, $Category, $MethodOfPayment, $Message, $PrintName, $Date_From1, $Date_Till1, $CustomerID, $Prefix1,
$Title11, $Firstname1, $Initials1, $Lastname1, $Phonehome1, $Salutation1, $Mobile1, $Address1,
$Fax1, $Stateprov1, $Email1, $Postalcode1, $City1, $Url1, $Company1, $Phonework1, $Department1,
$Phoneoffi1, $Position11, $Phoneothe1, $Pager1, $Note1, $AltField11, $AltField21, $AltField31,
$AltField41, $Country1, $Birthday1, $Category1, $MethodOfPayment1, $PrintName1, $Customer, $Order, $Sort;
$smarty->assign("myID","$myID");
$smarty->assign("page",$page);
$smarty->assign("infoID","$infoID");
$smarty->assign("Customer","$Customer");
$smarty->assign("PrintName","$PrintName");
$smarty->assign("Prefix","$Prefix");
$smarty->assign("Firstname","$Firstname");
$smarty->assign("Lastname","$Lastname");
$smarty->assign("Title1","$Title1");
$smarty->assign("Company","$Company");
$smarty->assign("Department","$Department");
$smarty->assign("Address","$Address");
$smarty->assign("Country","$Country");
$smarty->assign("Postalcode","$Postalcode");
$smarty->assign("City","$City");
$smarty->assign("Stateprov","$Stateprov");
$smarty->assign("Position1","$Position1");
$smarty->assign("Initials","$Initials");
$smarty->assign("Salutation","$Salutation");
$smarty->assign("Note","$Note");
$smarty->assign("Category","$Category");
$smarty->assign("MethodOfPayment","$MethodOfPayment");
$smarty->assign("Birthday","$Birthday");
$smarty->assign("Message","$Message");
$smarty->assign("Date_From1","$Date_From1");
$smarty->assign("Date_Till1","$Date_Till1");
$smarty->assign("CustomerID","$CustomerID");
$smarty->assign("Prefix1","$Prefix1");
$smarty->assign("Firstname1","$Firstname1");
$smarty->assign("Lastname1","$Lastname1");
$smarty->assign("Title11","$Title11");
$smarty->assign("Company1","$Company1");
$smarty->assign("Department1","$Department1");
$smarty->assign("Address1","$Address1");
$smarty->assign("Country1","$Country1");
$smarty->assign("Postalcode1","$Postalcode1");
$smarty->assign("City1","$City1");
$smarty->assign("Stateprov1","$Stateprov1");
$smarty->assign("Position11","$Position11");
$smarty->assign("Initials1","$Initials1");
$smarty->assign("Salutation1","$Salutation1");
$smarty->assign("Phonehome1","$Phonehome1");
$smarty->assign("Phoneoffi1","$Phoneoffi1");
$smarty->assign("Phoneothe1","$Phoneothe1");
$smarty->assign("Phonework1","$Phonework1");
$smarty->assign("Mobile1","$Mobile1");
$smarty->assign("Pager1","$Pager1");
$smarty->assign("Fax1","$Fax1");
$smarty->assign("Email1","$Email1");
$smarty->assign("Url1","$Url1");
$smarty->assign("Note1","$Note1");
$smarty->assign("AltField11","$AltField11");
$smarty->assign("AltField21","$AltField21");
$smarty->assign("AltField31","$AltField31");
$smarty->assign("AltField41","$AltField41");
$smarty->assign("Category1","$Category1");
$smarty->assign("MathodOfPayment1","$MethodOfPayment1");
$smarty->assign("PrintName1","$PrintName1");
$smarty->assign("Birthday1","$Birthday1");
$smarty->assign("Order",$Order);
$smarty->assign("Sort",$Sort);
$smarty->assign("Mark",$mark);
$smarty->assign("EditForm","1");
}
if (empty($myID))
{
$smarty->assign("FieldError","$a[customer_no] - $a[field_error]");
UserInput("");
$smarty->display('addressbook/editf.tpl');
}
else if (empty($Prefix))
{
$smarty->assign("FieldError","$a[prefix] - $a[field_error]");
UserInput("Prefix");
$smarty->display('addressbook/editf.tpl');
}
else if (empty($Firstname) && (empty($Company)))
{
$smarty->assign("FieldError","$a[firstname] - $a[field_error]");
UserInput("Firstname");
$smarty->display('addressbook/editf.tpl');
}
else if (empty($Lastname) && (empty($Company)))
{
$smarty->assign("FieldError","$a[lastname] - $a[field_error]");
UserInput("Lastname");
$smarty->display('addressbook/editf.tpl');
}
else if (empty($Address))
{
$smarty->assign("FieldError","$a[address] - $a[field_error]");
UserInput("Address");
$smarty->display('addressbook/editf.tpl');
}
else if (empty($Country))
{
$smarty->assign("FieldError","$a[country] - $a[field_error]");
UserInput("Country");
$smarty->display('addressbook/editf.tpl');
}
else if (empty($Postalcode))
{
$smarty->assign("FieldError","$a[postalcode] - $a[field_error]");
UserInput("Postalcode");
$smarty->display('addressbook/editf.tpl');
}
else if (empty($City))
{
$smarty->assign("FieldError","$a[city] - $a[field_error]");
UserInput("City");
$smarty->display('addressbook/editf.tpl');
}
else if(isset($_SESSION['Username']) && $_SESSION['Username'] != $root && $_SESSION['Usergroup1'] != $admingroup_1 && $_SESSION['Usergroup2'] != $admingroup_2 && $_SESSION['Username'] != $CreatedBy)
{
$smarty->assign("FieldError","$a[no_permission]");
UserInput("");
$smarty->display('addressbook/editf.tpl');
}
else
{
$query1 = $db->Execute("SELECT MYID, FIRSTNAME, LASTNAME, ADDRESS, POSTALCODE, CITY FROM {$TBLName}addressbook WHERE FIRSTNAME='$Firstname' AND LASTNAME='$Lastname' AND ADDRESS='$Address' AND POSTALCODE='$Postalcode' AND CITY='$City' AND MYID != $myID");
$numrows1 = $query1->RowCount();
if ($numrows1)
{
$smarty->assign("FieldError","$a[entry_exist]");
UserInput("");
$smarty->display('addressbook/editf.tpl');
}
else
{
$Birthday = German_Mysql_Date($Birthday);
$query3 = "UPDATE {$TBLName}addressbook SET PREFIX='$Prefix', FIRSTNAME='$Firstname', LASTNAME='$Lastname', TITLE='$Title1', COMPANY='$Company', DEPARTMENT='$Department', ADDRESS='$Address', CITY='$City', STATEPROV='$Stateprov', POSTALCODE='$Postalcode', COUNTRY='$Country', POSITION='$Position1', INITIALS='$Initials', SALUTATION='$Salutation', NOTE='$Note', CATEGORY='$Category', METHODOFPAY='$MethodOfPayment', MESSAGE='$Message', BIRTHDAY='$Birthday', PRINT_NAME='$PrintName', MODIFIEDBY='$_SESSION[Username]', MODIFIED='$CurrentDateTime' WHERE MYID=$myID";
if ($db->Execute($query3) === false)
{
die($db->ErrorMsg());
}
$_SESSION['EditID'] = "1";
}
if($infoID == '9')
{
Header("Location: $web/addressbook/searchlist.php?myID=$myID&page=$page&Customer=$Customer&Order=$Order&Sort=$Sort&$sessname=$sessid#$myID");
}
else if($infoID == '10')
{
Header("Location: $web/addressbook/searchlist_e.php?myID=$myID&page=$page&$Searchstring&Order=$Order&Sort=$Sort&$sessname=$sessid#$myID");
}
else
{
Header("Location: $web/addressbook/list.php?myID=$myID&page=$page&Order=$Order&Sort=$Sort&$sessname=$sessid#$myID");
}
}
?>