Location: PHPKode > projects > PhpRechnung > phpRechnung/addressbook/editf.php
<?php
/*	editf.php

	phpInvoice - is easy-to-use Web-based multilingual accounting software.
	Copyright (C) 2001 - 2008 Edy Corak < phprechnung at ecorak dot net >

	This program is free software; you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation; either version 2 of the License, or
	(at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program; if not, write to the Free Software
	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*/

require_once("../include/phprechnung.inc.php");
require_once("../include/smarty.inc.php");
CheckUser();
CheckSession();

if(isset($_POST['myID']))
{
	$myID = $_POST['myID'];
}
if(isset($_POST['page']))
{
	$page = $_POST['page'];
}
if(isset($_POST['infoID']))
{
	$infoID = $_POST['infoID'];
}
if(isset($_POST['Customer']))
{
	$Customer = $_POST['Customer'];
}
if(isset($_POST['PrintName']))
{
	$PrintName = $_POST['PrintName'];
}
if(isset($_POST['Prefix']))
{
	$Prefix = $_POST['Prefix'];
}
if(isset($_POST['Firstname']))
{
	$Firstname = $_POST['Firstname'];
}
if(isset($_POST['Lastname']))
{
	$Lastname = $_POST['Lastname'];
}
if(isset($_POST['Title1']))
{
	$Title1 = $_POST['Title1'];
}
if(isset($_POST['Company']))
{
	$Company = $_POST['Company'];
}
if(isset($_POST['Department']))
{
	$Department = $_POST['Department'];
}
if(isset($_POST['Address']))
{
	$Address = $_POST['Address'];
}
if(isset($_POST['Country']))
{
	$Country = $_POST['Country'];
}
if(isset($_POST['Postalcode']))
{
	$Postalcode = $_POST['Postalcode'];
}
if(isset($_POST['City']))
{
	$City = $_POST['City'];
}
if(isset($_POST['Stateprov']))
{
	$Stateprov = $_POST['Stateprov'];
}
if(isset($_POST['Position1']))
{
	$Position1 = $_POST['Position1'];
}
if(isset($_POST['Initials']))
{
	$Initials = $_POST['Initials'];
}
if(isset($_POST['Salutation']))
{
	$Salutation = $_POST['Salutation'];
}

if(isset($_POST['Note']))
{
	$Note = $_POST['Note'];
}

if(isset($_POST['Category']))
{
	$Category = $_POST['Category'];
}
if(isset($_POST['MethodOfPayment']))
{
	$MethodOfPayment = $_POST['MethodOfPayment'];
}
if(isset($_POST['Birthday']))
{
	$Birthday = $_POST['Birthday'];
}
if(isset($_POST['Message']))
{
	$Message = $_POST['Message'];
}

if(isset($_POST['PrintName1']))
{
	$PrintName1 = $_POST['PrintName1'];
}
if(isset($_POST['Date_From1']))
{
	$Date_From1 = $_POST['Date_From1'];
}
if(isset($_POST['Date_Till1']))
{
	$Date_Till1 = $_POST['Date_Till1'];
}
if(isset($_POST['CustomerID']))
{
	$CustomerID = $_POST['CustomerID'];
}
if(isset($_POST['Prefix1']))
{
	$Prefix1 = $_POST['Prefix1'];
}
if(isset($_POST['Firstname1']))
{
	$Firstname1 = $_POST['Firstname1'];
}
if(isset($_POST['Lastname1']))
{
	$Lastname1 = $_POST['Lastname1'];
}
if(isset($_POST['Title11']))
{
	$Title11 = $_POST['Title11'];
}
if(isset($_POST['Company1']))
{
	$Company1 = $_POST['Company1'];
}
if(isset($_POST['Department1']))
{
	$Department1 = $_POST['Department1'];
}
if(isset($_POST['Address1']))
{
	$Address1 = $_POST['Address1'];
}
if(isset($_POST['Country1']))
{
	$Country1 = $_POST['Country1'];
}
if(isset($_POST['Postalcode1']))
{
	$Postalcode1 = $_POST['Postalcode1'];
}
if(isset($_POST['City1']))
{
	$City1 = $_POST['City1'];
}
if(isset($_POST['Stateprov1']))
{
	$Stateprov1 = $_POST['Stateprov1'];
}
if(isset($_POST['Position11']))
{
	$Position11 = $_POST['Position11'];
}
if(isset($_POST['Initials1']))
{
	$Initials1 = $_POST['Initials1'];
}
if(isset($_POST['Salutation1']))
{
	$Salutation1 = $_POST['Salutation1'];
}
if(isset($_POST['Phonehome1']))
{
	$Phonehome1 = $_POST['Phonehome1'];
}
if(isset($_POST['Phoneoffi1']))
{
	$Phoneoffi1 = $_POST['Phoneoffi1'];
}
if(isset($_POST['Phoneothe1']))
{
	$Phoneothe1 = $_POST['Phoneothe1'];
}
if(isset($_POST['Phonework1']))
{
	$Phonework1 = $_POST['Phonework1'];
}
if(isset($_POST['Mobile1']))
{
	$Mobile1 = $_POST['Mobile1'];
}
if(isset($_POST['Pager1']))
{
	$Pager1 = $_POST['Pager1'];
}
if(isset($_POST['Fax1']))
{
	$Fax1 = $_POST['Fax1'];
}
if(isset($_POST['Email1']))
{
	$Email1 = $_POST['Email1'];
}
if(isset($_POST['Url1']))
{
	$Url1 = $_POST['Url1'];
}
if(isset($_POST['Note1']))
{
	$Note1 = $_POST['Note1'];
}
if(isset($_POST['AltField11']))
{
	$AltField11 = $_POST['AltField11'];
}
if(isset($_POST['AltField21']))
{
	$AltField21 = $_POST['AltField21'];
}
if(isset($_POST['AltField31']))
{
	$AltField31 = $_POST['AltField31'];
}
if(isset($_POST['AltField41']))
{
	$AltField41 = $_POST['AltField41'];
}
if(isset($_POST['Category1']))
{
	$Category1 = $_POST['Category1'];
}
if(isset($_POST['MethodOfPayment1']))
{
	$MethodOfPayment1 = $_POST['MethodOfPayment1'];
}
if(isset($_POST['Birthday1']))
{
	$Birthday1 = $_POST['Birthday1'];
}
if(isset($_POST['Order']))
{
	$Order = $_POST['Order'];
}
if(isset($_POST['Sort']))
{
	$Sort = $_POST['Sort'];
}


$Searchstring = "CustomerID=$CustomerID&Prefix1=$Prefix1&Title11=$Title11&Firstname1=$Firstname1&Initials1=$Initials1&Lastname1=$Lastname1&Phonehome1=$Phonehome1&Salutation1=$Salutation1&Mobile1=$Mobile1&Address1=$Address1&Fax1=$Fax1&Stateprov1=$Stateprov1&Email1=$Email1&Postalcode1=$Postalcode1&City1=$City1&Url1=$Url1&Company1=$Company1&Phonework1=$Phonework1&Department1=$Department1&Phoneoffi1=$Phoneoffi1&Position11=$Position11&Phoneothe1=$Phoneothe1&Pager1=$Pager1&Note1=$Note1&Altfield11=$AltField11&Altfield21=$AltField21&Altfield31=$AltField31&Altfield41=$AltField41&Country1=$Country1&Date_From1=$Date_From1&Date_Till1=$Date_Till1&Birthday1=$Birthday1&Category1=$Category1&MethodOfPayment1=$MethodOfPayment1&PrintName1=$PrintName1";

// Database connection
//
DBConnect();

// Get the creator
//
$query = $db->Execute("SELECT MYID, CREATEDBY FROM {$TBLName}addressbook WHERE MYID=$myID");
$row = $query->GetRows();

// If an error has occurred, display the error message
//
if (!$query)
	print $db->ErrorMsg();
else
	foreach($row as $f)
	{
		$CreatedBy = $f['CREATEDBY'];
	}

function UserInput($mark)
{
	global $smarty, $a, $myID, $page, $infoID, $Prefix, $Title1, $Firstname, $Initials, $Lastname,
	$Salutation, $Address, $Stateprov, $Postalcode, $City, $Company, $Department, $Position1,
	$Note, $Country, $Birthday, $Category, $MethodOfPayment, $Message, $PrintName, $Date_From1, $Date_Till1, $CustomerID, $Prefix1,
	$Title11, $Firstname1, $Initials1, $Lastname1, $Phonehome1, $Salutation1, $Mobile1, $Address1,
	$Fax1, $Stateprov1, $Email1, $Postalcode1, $City1, $Url1, $Company1, $Phonework1, $Department1,
	$Phoneoffi1, $Position11, $Phoneothe1, $Pager1, $Note1, $AltField11, $AltField21, $AltField31,
	$AltField41, $Country1, $Birthday1, $Category1, $MethodOfPayment1, $PrintName1, $Customer, $Order, $Sort;
	$smarty->assign("myID","$myID");
	$smarty->assign("page",$page);
	$smarty->assign("infoID","$infoID");
	$smarty->assign("Customer","$Customer");
	$smarty->assign("PrintName","$PrintName");
	$smarty->assign("Prefix","$Prefix");
	$smarty->assign("Firstname","$Firstname");
	$smarty->assign("Lastname","$Lastname");
	$smarty->assign("Title1","$Title1");
	$smarty->assign("Company","$Company");
	$smarty->assign("Department","$Department");
	$smarty->assign("Address","$Address");
	$smarty->assign("Country","$Country");
	$smarty->assign("Postalcode","$Postalcode");
	$smarty->assign("City","$City");
	$smarty->assign("Stateprov","$Stateprov");
	$smarty->assign("Position1","$Position1");
	$smarty->assign("Initials","$Initials");
	$smarty->assign("Salutation","$Salutation");
	$smarty->assign("Note","$Note");
	$smarty->assign("Category","$Category");
	$smarty->assign("MethodOfPayment","$MethodOfPayment");
	$smarty->assign("Birthday","$Birthday");
	$smarty->assign("Message","$Message");
	$smarty->assign("Date_From1","$Date_From1");
	$smarty->assign("Date_Till1","$Date_Till1");
	$smarty->assign("CustomerID","$CustomerID");
	$smarty->assign("Prefix1","$Prefix1");
	$smarty->assign("Firstname1","$Firstname1");
	$smarty->assign("Lastname1","$Lastname1");
	$smarty->assign("Title11","$Title11");
	$smarty->assign("Company1","$Company1");
	$smarty->assign("Department1","$Department1");
	$smarty->assign("Address1","$Address1");
	$smarty->assign("Country1","$Country1");
	$smarty->assign("Postalcode1","$Postalcode1");
	$smarty->assign("City1","$City1");
	$smarty->assign("Stateprov1","$Stateprov1");
	$smarty->assign("Position11","$Position11");
	$smarty->assign("Initials1","$Initials1");
	$smarty->assign("Salutation1","$Salutation1");
	$smarty->assign("Phonehome1","$Phonehome1");
	$smarty->assign("Phoneoffi1","$Phoneoffi1");
	$smarty->assign("Phoneothe1","$Phoneothe1");
	$smarty->assign("Phonework1","$Phonework1");
	$smarty->assign("Mobile1","$Mobile1");
	$smarty->assign("Pager1","$Pager1");
	$smarty->assign("Fax1","$Fax1");
	$smarty->assign("Email1","$Email1");
	$smarty->assign("Url1","$Url1");
	$smarty->assign("Note1","$Note1");
	$smarty->assign("AltField11","$AltField11");
	$smarty->assign("AltField21","$AltField21");
	$smarty->assign("AltField31","$AltField31");
	$smarty->assign("AltField41","$AltField41");
	$smarty->assign("Category1","$Category1");
	$smarty->assign("MathodOfPayment1","$MethodOfPayment1");
	$smarty->assign("PrintName1","$PrintName1");
	$smarty->assign("Birthday1","$Birthday1");
	$smarty->assign("Order",$Order);
	$smarty->assign("Sort",$Sort);
	$smarty->assign("Mark",$mark);
	$smarty->assign("EditForm","1");
}

if (empty($myID))
{
	$smarty->assign("FieldError","$a[customer_no] - $a[field_error]");
	UserInput("");
	$smarty->display('addressbook/editf.tpl');
}
else if (empty($Prefix))
{
	$smarty->assign("FieldError","$a[prefix] - $a[field_error]");
	UserInput("Prefix");
	$smarty->display('addressbook/editf.tpl');
}
else if (empty($Firstname) && (empty($Company)))
{
	$smarty->assign("FieldError","$a[firstname] - $a[field_error]");
	UserInput("Firstname");
	$smarty->display('addressbook/editf.tpl');
}
else if (empty($Lastname) && (empty($Company)))
{
	$smarty->assign("FieldError","$a[lastname] - $a[field_error]");
	UserInput("Lastname");
	$smarty->display('addressbook/editf.tpl');
}
else if (empty($Address))
{
	$smarty->assign("FieldError","$a[address] - $a[field_error]");
	UserInput("Address");
	$smarty->display('addressbook/editf.tpl');
}
else if (empty($Country))
{
	$smarty->assign("FieldError","$a[country] - $a[field_error]");
	UserInput("Country");
	$smarty->display('addressbook/editf.tpl');
}
else if (empty($Postalcode))
{
	$smarty->assign("FieldError","$a[postalcode] - $a[field_error]");
	UserInput("Postalcode");
	$smarty->display('addressbook/editf.tpl');
}
else if (empty($City))
{
	$smarty->assign("FieldError","$a[city] - $a[field_error]");
	UserInput("City");
	$smarty->display('addressbook/editf.tpl');
}
else if(isset($_SESSION['Username']) && $_SESSION['Username'] != $root && $_SESSION['Usergroup1'] != $admingroup_1 && $_SESSION['Usergroup2'] != $admingroup_2 && $_SESSION['Username'] != $CreatedBy)
{
	$smarty->assign("FieldError","$a[no_permission]");
	UserInput("");
	$smarty->display('addressbook/editf.tpl');
}
else
{
	$query1 = $db->Execute("SELECT MYID, FIRSTNAME, LASTNAME, ADDRESS, POSTALCODE, CITY FROM {$TBLName}addressbook WHERE FIRSTNAME='$Firstname' AND LASTNAME='$Lastname' AND ADDRESS='$Address' AND POSTALCODE='$Postalcode' AND CITY='$City' AND MYID != $myID");
	$numrows1 = $query1->RowCount();

	if ($numrows1)
	{
		$smarty->assign("FieldError","$a[entry_exist]");
		UserInput("");
		$smarty->display('addressbook/editf.tpl');
	}
	else
	{
		$Birthday = German_Mysql_Date($Birthday);

		$query3 = "UPDATE {$TBLName}addressbook SET PREFIX='$Prefix', FIRSTNAME='$Firstname', LASTNAME='$Lastname', TITLE='$Title1', COMPANY='$Company', DEPARTMENT='$Department', ADDRESS='$Address', CITY='$City', STATEPROV='$Stateprov', POSTALCODE='$Postalcode', COUNTRY='$Country', POSITION='$Position1', INITIALS='$Initials', SALUTATION='$Salutation', NOTE='$Note', CATEGORY='$Category', METHODOFPAY='$MethodOfPayment', MESSAGE='$Message', BIRTHDAY='$Birthday', PRINT_NAME='$PrintName', MODIFIEDBY='$_SESSION[Username]', MODIFIED='$CurrentDateTime' WHERE MYID=$myID";

		if ($db->Execute($query3) === false)
		{
			die($db->ErrorMsg());
		}

		$_SESSION['EditID'] = "1";
	}

	if($infoID == '9')
	{
		Header("Location: $web/addressbook/searchlist.php?myID=$myID&page=$page&Customer=$Customer&Order=$Order&Sort=$Sort&$sessname=$sessid#$myID");
	}
	else if($infoID == '10')
	{
		Header("Location: $web/addressbook/searchlist_e.php?myID=$myID&page=$page&$Searchstring&Order=$Order&Sort=$Sort&$sessname=$sessid#$myID");
	}
	else
	{
		Header("Location: $web/addressbook/list.php?myID=$myID&page=$page&Order=$Order&Sort=$Sort&$sessname=$sessid#$myID");
	}
}

?>
Return current item: PhpRechnung