Browse Source

First commit of biketree to github!

master
Jonathan Rosenbaum 7 years ago
commit
8ca61d45eb
  1. 47
      allstyles.css
  2. 755
      backupDB.php
  3. 59
      bikes/customers_barcode.php
  4. 169
      bikes/form_bikes.php
  5. 57
      bikes/index.php
  6. 74
      bikes/manage_customers.php
  7. 160
      bikes/process_form_bikes.php
  8. 76
      books/closeshop.php
  9. 96
      books/depositPayout.php
  10. 2
      books/error_log
  11. 32
      books/form.css
  12. 75
      books/form_open.php
  13. 162
      books/open_form.php
  14. 91
      books/openshop.php
  15. 190
      books/verifyaction.php
  16. BIN
      classes/.form.php.swp
  17. 340
      classes/barcode.php
  18. 586
      classes/db_functions.php
  19. 887
      classes/display.php
  20. 309
      classes/form.php
  21. 258
      classes/security_functions.php
  22. 59
      customers/customers_barcode.php
  23. 15
      customers/error_log
  24. 102
      customers/form_customers.php
  25. 57
      customers/index.php
  26. 74
      customers/manage_customers.php
  27. 111
      customers/process_form_customers.php
  28. BIN
      docker/.Dockerfile.swp
  29. 20
      docker/Dockerfile
  30. 16
      docker/Dockerfile-fpm
  31. BIN
      docker/codeforbikebike.tar.gz
  32. 69
      docker/default.conf
  33. 71
      docker/docker-compose.yml
  34. 42
      docker/settings.php
  35. 8368
      docker/sql/biketree.sql
  36. 340
      general_public_license.txt
  37. 43
      generaltodo.php
  38. 382
      home.php
  39. BIN
      images/config.gif
  40. BIN
      images/customers.gif
  41. BIN
      images/home_print.gif
  42. BIN
      images/install_pos.gif
  43. BIN
      images/items.gif
  44. BIN
      images/login.gif
  45. BIN
      images/login_01.gif
  46. BIN
      images/login_02.gif
  47. BIN
      images/login_03.gif
  48. BIN
      images/login_04.gif
  49. BIN
      images/login_05.gif
  50. BIN
      images/login_06.gif
  51. BIN
      images/login_07.gif
  52. BIN
      images/login_08.gif
  53. BIN
      images/login_09.gif
  54. BIN
      images/login_10.gif
  55. BIN
      images/login_bg.gif
  56. BIN
      images/menubar_01.gif
  57. BIN
      images/menubar_02.gif
  58. BIN
      images/menubar_03.gif
  59. BIN
      images/menubar_04.gif
  60. BIN
      images/menubar_05.gif
  61. BIN
      images/menubar_06.gif
  62. BIN
      images/menubar_07.gif
  63. BIN
      images/menubar_bg.gif
  64. BIN
      images/menubar_bottom.gif
  65. BIN
      images/menubar_reports_01.gif
  66. BIN
      images/menubar_reports_02.gif
  67. BIN
      images/menubar_reports_03.gif
  68. BIN
      images/menubar_reports_04.gif
  69. BIN
      images/menubar_reports_05.gif
  70. BIN
      images/menubar_reports_06.gif
  71. BIN
      images/menubar_sales_01.gif
  72. BIN
      images/menubar_sales_02.gif
  73. BIN
      images/menubar_sales_03.gif
  74. BIN
      images/menubar_sales_04.gif
  75. BIN
      images/menubar_sales_05.gif
  76. BIN
      images/menubar_sales_06.gif
  77. BIN
      images/reports.gif
  78. BIN
      images/sales.gif
  79. BIN
      images/spacer.gif
  80. BIN
      images/uhohbg.gif
  81. 45
      index.php
  82. 31
      install/index.php
  83. 181
      install/installer.php
  84. 332
      install/makeinstall.php
  85. BIN
      install/message.gif
  86. 85
      items/brands/form_brands.php
  87. 68
      items/brands/manage_brands.php
  88. 106
      items/brands/process_form_brands.php
  89. 86
      items/categories/form_categories.php
  90. 67
      items/categories/manage_categories.php
  91. 106
      items/categories/process_form_categories.php
  92. 101
      items/discounts/form_discounts.php
  93. 67
      items/discounts/manage_discounts.php
  94. 108
      items/discounts/process_form_discounts.php
  95. 164
      items/form_items.php
  96. 58
      items/index.php
  97. 59
      items/items_barcode.php
  98. 87
      items/manage_items.php
  99. 124
      items/process_form_items.php
  100. 100
      items/suppliers/form_suppliers.php

47
allstyles.css

@ -0,0 +1,47 @@
h4{
font-family: verdana;
font-size: 12px;
font-style: italic;
font-weight: normal;
margin-bottom: 0;
margin-top: 0;
}
h3{
font-family: verdana;
font-size: 14px;
font-weight: bold;
background: #9aadd0;
margin-bottom: 0;
margin-top: 0;
text-align: right;
}
h2{
font-family: verdana;
font-size: 16px;
font-weight: bold;
font-style: italic;
margin-bottom: 0;
margin-top: 0;
text-align: left;
}
.text {
font-size: 13px;
padding: 4px;
margin-left: auto;
margin-right: auto;
}
td.high40 {
height: 40px;
width: 500px;
text-align: left;
}
td.submit {
border-bottom: 4px solid #333333;
border-top: 1px dotted #333333;
text-align: center;
}

755
backupDB.php

@ -0,0 +1,755 @@
<?php
define('backupDBversion', '1.1.31');
include ("settings.php");
/////////////////////////////////////////////////////////////////////
/// //
// backupDB() - MySQL database backup utility //
// //
// You should configure at least ADMIN_EMAIL below. //
// //
// See backupDB.txt for more information. //
// ///
/////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////
/////////////////// CONFIGURATION ///////////////////
/////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////
// hack for Lynx browser that only supports one GETstring parameter
if (!empty($_REQUEST['lynxauth'])) {
// backupDB.php?lynxauth=localhost.username.password.database[.backuptype]
$lynxautharray = explode('.', $_REQUEST['lynxauth']);
$_REQUEST['DB_HOST'] = @$lynxautharray[0];
$_REQUEST['DB_USER'] = @$lynxautharray[1];
$_REQUEST['DB_PASS'] = @$lynxautharray[2];
$_REQUEST['onlyDB'] = @$lynxautharray[3];
$_REQUEST['StartBackup'] = (@$lynxautharray[4] ? @$lynxautharray[4] : 'standard');
$_REQUEST['mailto'] = (@$lynxautharray[5] ? @$lynxautharray[5] : '');
$_REQUEST['nohtml'] = (isset($_REQUEST['nohtml']) ? $_REQUEST['nohtml'] : '1');
}
// end Lynx hack
/////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////
// You SHOULD modify these values: //
/////////////////////////////////////////////////////////////////////
// If DB_HOST, DB_USER and/or DB_PASS are undefined or empty,
// you will be prompted to enter them each time the script runs
define('DB_HOST', (isset($_REQUEST['DB_HOST']) ? $_REQUEST['DB_HOST'] : "$cfg_server")); // usually 'localhost'
define('DB_USER', (isset($_REQUEST['DB_USER']) ? $_REQUEST['DB_USER'] : "$cfg_username")); // MySQL username
define('DB_PASS', (isset($_REQUEST['DB_PASS']) ? $_REQUEST['DB_PASS'] : "$cfg_password")); // MySQL password
// Only define DB_NAME if you want to restrict to ONLY this
// database, otherwise all accessible databases will be backed up
if (!empty($_REQUEST['onlyDB'])) {
define('DB_NAME', $_REQUEST['onlyDB']);
} else {
// uncomment this line if you want to define a single database to back up
// note: this may be required for some servers, where the user cannot list available databases
//define('DB_NAME', 'database');
}
/////////////////////////////////////////////////////////////////////
// You MAY modify these values (defaults should be fine too): //
/////////////////////////////////////////////////////////////////////
define('BACKTICKCHAR', '`');
define('QUOTECHAR', '\'');
define('LINE_TERMINATOR', "\n"); // \n = UNIX; \r\n = Windows; \r = Mac
define('BUFFER_SIZE', 32768); // in bytes
define('TABLES_PER_COL', 30); //
define('STATS_INTERVAL', 500); // number of records processed between each DHTML stats refresh
$GZ_enabled = (bool) function_exists('gzopen');
$DHTMLenabled = true; // set $DHTMLenabled = FALSE to prevent JavaScript errors in incompatible browsers
// set $DHTMLenabled = TRUE to get the nice DHTML display in recent browsers
$dbNameInCreate = true; // if true: "CREATE TABLE `database`.`table`", if false: "CREATE TABLE `table`"
$CreateIfNotExists = false; // if true: "CREATE TABLE IF NOT EXISTS `database`.`table`", if false: "CREATE TABLE `database`.`table`"
$ReplaceInto = false; // if true: "REPLACE INTO ", if false: "INSERT INTO "
$HexBLOBs = true; // if true: blobs get data dumped as hex string; if false: blobs get data dumped as escaped binary string
$SuppressHTMLoutput = (@$_REQUEST['nohtml'] ? true : false); // disable all output for running as a cron job
$backuptimestamp = '.'.date('Y-m-d'); // timestamp
if (!empty($_REQUEST['onlyDB'])) {
$backuptimestamp = '.'.$_REQUEST['onlyDB'].$backuptimestamp;
}
//$backuptimestamp = ''; // no timestamp
$backupabsolutepath = dirname(__FILE__).'/backups/'; // make sure to include trailing slash
$fullbackupfilename = 'db_backup'.$backuptimestamp.'.sql'.($GZ_enabled ? '.gz' : '');
$partbackupfilename = 'db_backup_partial'.$backuptimestamp.'.sql'.($GZ_enabled ? '.gz' : '');
$strubackupfilename = 'db_backup_structure'.$backuptimestamp.'.sql'.($GZ_enabled ? '.gz' : '');
$tempbackupfilename = 'db_backup.temp.sql'.($GZ_enabled ? '.gz' : '');
$NeverBackupDBtypes = array('HEAP');
// Auto close the browser after the script finishes.
// This will allow task scheduler in Windows to work properly,
// else the task will be considered running until the browser is closed
$CloseWindowOnFinish = false;
/////////////////////////////////////////////////////////////////////
/////////////////// END CONFIGURATION ///////////////////
/////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////
/////////////////// SUPPORT FUNCTIONS ///////////////////
/////////////////////////////////////////////////////////////////////
if (!function_exists('getmicrotime')) {
function getmicrotime() {
list($usec, $sec) = explode(' ', microtime());
return ((float) $usec + (float) $sec);
}
}
function FormattedTimeRemaining($seconds, $precision=1) {
if ($seconds > 86400) {
return number_format($seconds / 86400, $precision).' days';
} elseif ($seconds > 3600) {
return number_format($seconds / 3600, $precision).' hours';
} elseif ($seconds > 60) {
return number_format($seconds / 60, $precision).' minutes';
}
return number_format($seconds, $precision).' seconds';
}
function FileSizeNiceDisplay($filesize, $precision=2) {
if ($filesize < 1000) {
$sizeunit = 'bytes';
$precision = 0;
} else {
$filesize /= 1024;
$sizeunit = 'kB';
}
if ($filesize >= 1000) {
$filesize /= 1024;
$sizeunit = 'MB';
}
if ($filesize >= 1000) {
$filesize /= 1024;
$sizeunit = 'GB';
}
return number_format($filesize, $precision).' '.$sizeunit;
}
function OutputInformation($id, $dhtml, $text='') {
global $DHTMLenabled;
if ($DHTMLenabled) {
if (!is_null($dhtml)) {
if ($id) {
echo '<script>if (document.getElementById("'.$id.'")) document.getElementById("'.$id.'").innerHTML="'.$dhtml.'"</script>';
} else {
echo $dhtml;
}
flush();
}
} else {
if ($text) {
echo $text;
flush();
}
}
return true;
}
/////////////////////////////////////////////////////////////////////
/////////////////// END SUPPORT FUNCTIONS ///////////////////
/////////////////////////////////////////////////////////////////////
if ((!defined('DB_HOST') || (DB_HOST == '')) || (!defined('DB_USER') || (DB_USER == '')) || (!defined('DB_PASS') || (DB_PASS == ''))) {
echo '<html><head><body><form action="'.$_SERVER['PHP_SELF'].'" method="post">';
echo 'database hostname: <input type="text" name="DB_HOST" value="'.(defined('DB_HOST') ? DB_HOST : 'localhost').'"><br>';
echo 'database username: <input type="text" name="DB_USER" value="'.(defined('DB_USER') ? DB_USER : '').'"><br>';
echo 'database password: <input type="text" name="DB_PASS" value="'.(defined('DB_PASS') ? DB_PASS : '').'"><br>';
echo '<input type="submit" value="submit">';
echo '</form></body></html>';
exit;
}
if (!@mysql_connect(DB_HOST, DB_USER, DB_PASS)) {
die('There was a problem connecting to the database:<br>'."\n".mysql_error());
}
if (!is_dir($backupabsolutepath)) {
die('"'.htmlentities($backupabsolutepath).'" is not a directory');
} elseif (!is_writable($backupabsolutepath)) {
die('"'.htmlentities($backupabsolutepath).'" is not writable');
}
if ($SuppressHTMLoutput) {
ob_start();
}
echo '<h3>backupDB() v'.backupDBversion.'</h3>';
echo '<h4>MySQL database backup</h4>';
if (isset($_REQUEST['StartBackup'])) {
OutputInformation('', '<span id="cancellink"><a href="'.$_SERVER['PHP_SELF'].'">Cancel</a><br><br></span>', '<a href="'.$_SERVER['PHP_SELF'].'">Cancel</a><br><br>');
}
OutputInformation('', '<span id="statusinfo"></span>', 'DHTML display is disabled - you won\'t see anything until the backup is complete.');
flush();
$ListOfDatabasesToMaybeBackUp = array();
if (defined('DB_NAME')) {
$ListOfDatabasesToMaybeBackUp[] = DB_NAME;
} else {
$db_name_list = mysql_list_dbs();
while (list($dbname) = mysql_fetch_array($db_name_list)) {
$ListOfDatabasesToMaybeBackUp[] = $dbname;
}
}
if (isset($_REQUEST['StartBackup']) && ($_REQUEST['StartBackup'] == 'partial')) {
echo '<script language="JavaScript">'.LINE_TERMINATOR.'<!--'.LINE_TERMINATOR.'function CheckAll(checkornot) {'.LINE_TERMINATOR;
echo 'for (var i = 0; i < document.SelectedTablesForm.elements.length; i++) {'.LINE_TERMINATOR;
echo ' document.SelectedTablesForm.elements[i].checked = checkornot;'.LINE_TERMINATOR;
echo '}'.LINE_TERMINATOR.'}'.LINE_TERMINATOR.'-->'.LINE_TERMINATOR.'</script>';
echo '<form name="SelectedTablesForm" action="'.$_SERVER['PHP_SELF'].'" method="post">';
foreach ($ListOfDatabasesToMaybeBackUp as $dbname) {
$tables = mysql_list_tables($dbname);
if (is_resource($tables)) {
echo '<table border="1"><tr><td colspan="'.ceil(mysql_num_rows($tables) / TABLES_PER_COL).'"><b>'.$dbname.'</b></td></tr><tr><td nowrap valign="top">';
$tablecounter = 0;
while (list($tablename) = mysql_fetch_array($tables)) {
$TableStatusResult = mysql_query('SHOW TABLE STATUS LIKE "'.mysql_escape_string($tablename).'"');
if ($TableStatusRow = mysql_fetch_array($TableStatusResult)) {
if (in_array($TableStatusRow['Type'], $NeverBackupDBtypes)) {
// no need to back up HEAP tables, and will generate errors if you try to optimize/repair
} else {
if ($tablecounter++ >= TABLES_PER_COL) {
echo '</td><td nowrap valign="top">';
$tablecounter = 0;
}
$SQLquery = 'SELECT COUNT(*) AS num FROM '.$tablename;
mysql_select_db($dbname);
$result = mysql_query($SQLquery);
$row = @mysql_fetch_array($result);
echo '<input type="checkbox" name="SelectedTables['.htmlentities($dbname, ENT_QUOTES).'][]" value="'.$tablename.'" checked>'.$tablename.' ('.$row['num'].')<br>';
}
}
}
echo '</td></tr></table><br>';
}
}
if (isset($_POST['DB_HOST'])) {
echo '<input type="hidden" name="DB_HOST" value="'.htmlspecialchars(@$_POST['DB_HOST'], ENT_QUOTES).'">';
echo '<input type="hidden" name="DB_USER" value="'.htmlspecialchars(@$_POST['DB_USER'], ENT_QUOTES).'">';
echo '<input type="hidden" name="DB_PASS" value="'.htmlspecialchars(@$_POST['DB_PASS'], ENT_QUOTES).'">';
}
echo '<input type="button" onClick="CheckAll(true)" value="Select All"> ';
echo '<input type="button" onClick="CheckAll(false)" value="Deselect All"> ';
echo '<input type="hidden" name="StartBackup" value="complete">';
echo '<input type="submit" name="SelectedTablesOnly" value="Create Backup"></form>';
echo '<a href="'.$_SERVER['PHP_SELF'].'">Back to menu</a>';
} elseif (isset($_REQUEST['StartBackup'])) {
if (($GZ_enabled && ($zp = @gzopen($backupabsolutepath.$tempbackupfilename, 'wb'))) ||
(!$GZ_enabled && ($fp = @fopen($backupabsolutepath.$tempbackupfilename, 'wb')))) {
$fileheaderline = '# backupDB() v'.backupDBversion.' (http://www.silisoftware.com)'.LINE_TERMINATOR;
$fileheaderline .= '# mySQL backup ('.date('F j, Y g:i a').') Type = ';
if ($GZ_enabled) {
gzwrite($zp, $fileheaderline, strlen($fileheaderline));
} else {
fwrite($fp, $fileheaderline, strlen($fileheaderline));
}
if ($_REQUEST['StartBackup'] == 'structure') {
if ($GZ_enabled) {
gzwrite($zp, 'Structure Only'.LINE_TERMINATOR.LINE_TERMINATOR, strlen('Structure Only'.LINE_TERMINATOR.LINE_TERMINATOR));
} else {
fwrite($fp, 'Structure Only'.LINE_TERMINATOR.LINE_TERMINATOR, strlen('Structure Only'.LINE_TERMINATOR.LINE_TERMINATOR));
}
$backuptype = 'full';
unset($SelectedTables);
foreach ($ListOfDatabasesToMaybeBackUp as $dbname) {
set_time_limit(60);
$tables = mysql_list_tables($dbname);
if (is_resource($tables)) {
$tablecounter = 0;
while (list($tablename) = mysql_fetch_array($tables)) {
$TableStatusResult = mysql_query('SHOW TABLE STATUS LIKE "'.mysql_escape_string($tablename).'"');
if ($TableStatusRow = mysql_fetch_array($TableStatusResult)) {
if (in_array($TableStatusRow['Type'], $NeverBackupDBtypes)) {
// no need to back up HEAP tables, and will generate errors if you try to optimize/repair
} else {
$SelectedTables[$dbname][] = $tablename;
}
}
}
}
}
} elseif (isset($_REQUEST['SelectedTables']) && is_array($_REQUEST['SelectedTables'])) {
if ($GZ_enabled) {
gzwrite($zp, 'Selected Tables Only'.LINE_TERMINATOR.LINE_TERMINATOR, strlen('Selected Tables Only'.LINE_TERMINATOR.LINE_TERMINATOR));
} else {
fwrite($fp, 'Selected Tables Only'.LINE_TERMINATOR.LINE_TERMINATOR, strlen('Selected Tables Only'.LINE_TERMINATOR.LINE_TERMINATOR));
}
$backuptype = 'partial';
$SelectedTables = $_REQUEST['SelectedTables'];
} else {
if ($GZ_enabled) {
gzwrite($zp, 'Complete'.LINE_TERMINATOR.LINE_TERMINATOR, strlen('Complete'.LINE_TERMINATOR.LINE_TERMINATOR));
} else {
fwrite($fp, 'Complete'.LINE_TERMINATOR.LINE_TERMINATOR, strlen('Complete'.LINE_TERMINATOR.LINE_TERMINATOR));
}
$backuptype = 'full';
unset($SelectedTables);
foreach ($ListOfDatabasesToMaybeBackUp as $dbname) {
set_time_limit(60);
$tables = mysql_list_tables($dbname);
if (is_resource($tables)) {
$tablecounter = 0;
while (list($tablename) = mysql_fetch_array($tables)) {
$TableStatusResult = mysql_query('SHOW TABLE STATUS LIKE "'.mysql_escape_string($tablename).'"');
if ($TableStatusRow = mysql_fetch_array($TableStatusResult)) {
if (in_array($TableStatusRow['Type'], $NeverBackupDBtypes)) {
// no need to back up HEAP tables, and will generate errors if you try to optimize/repair
} else {
$SelectedTables[$dbname][] = $tablename;
}
}
}
}
}
}
$starttime = getmicrotime();
OutputInformation('', null, 'Checking tables...<br><br>');
$TableErrors = array();
foreach ($SelectedTables as $dbname => $selectedtablesarray) {
mysql_select_db($dbname);
$repairresult = '';
$CanContinue = true;
foreach ($selectedtablesarray as $selectedtablename) {
OutputInformation('statusinfo', 'Checking table <b>'.$dbname.'.'.$selectedtablename.'</b>');
$result = mysql_query('CHECK TABLE '.$selectedtablename);
while ($row = mysql_fetch_array($result)) {
set_time_limit(60);
if ($row['Msg_text'] == 'OK') {
mysql_query('OPTIMIZE TABLE '.$selectedtablename);
} else {
OutputInformation('statusinfo', 'Repairing table <b>'.$selectedtablename.'</b>');
$repairresult .= 'REPAIR TABLE '.$selectedtablename.' EXTENDED'."\n\n";
$fixresult = mysql_query('REPAIR TABLE '.$selectedtablename.' EXTENDED');
$ThisCanContinue = false;
while ($fixrow = mysql_fetch_array($fixresult)) {
$thisMessage = $fixrow['Msg_type'].': '.$fixrow['Msg_text'];
$repairresult .= $thisMessage."\n";
switch ($thisMessage) {
case 'status: OK':
case 'error: The handler for the table doesn\'t support repair':
$ThisCanContinue = true;
break;
}
}
if (!$ThisCanContinue) {
$CanContinue = false;
}
$repairresult .= "\n\n".str_repeat('-', 60)."\n\n";
}
}
}
if (!empty($repairresult)) {
echo '<pre>'.$repairresult.'</pre>';
if (!$CanContinue) {
if ($SuppressHTMLoutput) {
ob_end_clean();
echo 'errors';
}
exit;
}
}
}
OutputInformation('statusinfo', '');
OutputInformation('', '<br><b><span id="topprogress">Overall Progress:</span></b><br>');
$overallrows = 0;
foreach ($SelectedTables as $dbname => $value) {
mysql_select_db($dbname);
echo '<table border="1"><tr><td colspan="'.ceil(count($SelectedTables[$dbname]) / TABLES_PER_COL).'"><b>'.$dbname.'</b></td></tr><tr><td nowrap valign="top">';
$tablecounter = 0;
for ($t = 0; $t < count($SelectedTables[$dbname]); $t++) {
if ($tablecounter++ >= TABLES_PER_COL) {
echo '</td><td nowrap valign="top">';
$tablecounter = 1;
}
$SQLquery = 'SELECT COUNT(*) AS num FROM '.$SelectedTables[$dbname][$t];
$result = mysql_query($SQLquery);
$row = mysql_fetch_array($result);
$rows[$t] = $row['num'];
$overallrows += $rows[$t];
echo '<span id="rows_'.$dbname.'_'.$SelectedTables[$dbname][$t].'">'.$SelectedTables[$dbname][$t].' ('.number_format($rows[$t]).' records)</span><br>';
}
echo '</td></tr></table><br>';
}
$alltablesstructure = '';
foreach ($SelectedTables as $dbname => $value) {
mysql_select_db($dbname);
for ($t = 0; $t < count($SelectedTables[$dbname]); $t++) {
set_time_limit(60);
OutputInformation('statusinfo', 'Creating structure for <b>'.$dbname.'.'.$SelectedTables[$dbname][$t].'</b>');
$fieldnames = array();
$structurelines = array();
$result = mysql_query('SHOW FIELDS FROM '.BACKTICKCHAR.$SelectedTables[$dbname][$t].BACKTICKCHAR);
while ($row = mysql_fetch_array($result)) {
$structureline = BACKTICKCHAR.$row['Field'].BACKTICKCHAR;
$structureline .= ' '.$row['Type'];
$structureline .= ' '.($row['Null'] ? '' : 'NOT ').'NULL';
eregi('^[a-z]+', $row['Type'], $matches);
$RowTypes[$dbname][$SelectedTables[$dbname][$t]][$row['Field']] = $matches[0];
if (@$row['Default']) {
if (eregi('^(tiny|medium|long)?(text|blob)', $row['Type'])) {
// no default values
} else {
$structureline .= ' default \''.$row['Default'].'\'';
}
}
$structureline .= ($row['Extra'] ? ' '.$row['Extra'] : '');
$structurelines[] = $structureline;
$fieldnames[] = $row['Field'];
}
mysql_free_result($result);
$tablekeys = array();
$uniquekeys = array();
$fulltextkeys = array();
$result = mysql_query('SHOW KEYS FROM '.BACKTICKCHAR.$SelectedTables[$dbname][$t].BACKTICKCHAR);
while ($row = mysql_fetch_array($result)) {
$uniquekeys[$row['Key_name']] = (bool) ($row['Non_unique'] == 0);
if (isset($row['Index_type'])) {
$fulltextkeys[$row['Key_name']] = (bool) ($row['Index_type'] == 'FULLTEXT');
} elseif (@$row['Comment'] == 'FULLTEXT') {
$fulltextkeys[$row['Key_name']] = true;
} else {
$fulltextkeys[$row['Key_name']] = false;
}
$tablekeys[$row['Key_name']][$row['Seq_in_index']] = $row['Column_name'];
ksort($tablekeys[$row['Key_name']]);
}
mysql_free_result($result);
foreach ($tablekeys as $keyname => $keyfieldnames) {
$structureline = '';
if ($keyname == 'PRIMARY') {
$structureline .= 'PRIMARY KEY';
} else {
if ($fulltextkeys[$keyname]) {
$structureline .= 'FULLTEXT ';
} elseif ($uniquekeys[$keyname]) {
$structureline .= 'UNIQUE ';
}
$structureline .= 'KEY '.BACKTICKCHAR.$keyname.BACKTICKCHAR;
}
$structureline .= ' ('.BACKTICKCHAR.implode(BACKTICKCHAR.','.BACKTICKCHAR, $keyfieldnames).BACKTICKCHAR.')';
$structurelines[] = $structureline;
}
$TableStatusResult = mysql_query('SHOW TABLE STATUS LIKE "'.mysql_escape_string($SelectedTables[$dbname][$t]).'"');
if (!($TableStatusRow = mysql_fetch_array($TableStatusResult))) {
die('failed to execute "SHOW TABLE STATUS" on '.$dbname.'.'.$tablename);
}
$tablestructure = 'CREATE TABLE '.($CreateIfNotExists ? 'IF NOT EXISTS ' : '').($dbNameInCreate ? BACKTICKCHAR.$dbname.BACKTICKCHAR.'.' : '').BACKTICKCHAR.$SelectedTables[$dbname][$t].BACKTICKCHAR.' ('.LINE_TERMINATOR;
$tablestructure .= ' '.implode(','.LINE_TERMINATOR.' ', $structurelines).LINE_TERMINATOR;
$tablestructure .= ') TYPE='.(@$TableStatusRow['Engine'] ? $TableStatusRow['Engine'] : $TableStatusRow['Type']); // MySQL 4.and higher, the 'Type' of database is now 'Engine' <thanks Philippe Soussan>
if ($TableStatusRow['Auto_increment'] !== null) {
$tablestructure .= ' AUTO_INCREMENT='.$TableStatusRow['Auto_increment'];
}
$tablestructure .= ';'.LINE_TERMINATOR.LINE_TERMINATOR;
$alltablesstructure .= str_replace(' ,', ',', $tablestructure);
} // end table structure backup
}
if ($GZ_enabled) {
gzwrite($zp, $alltablesstructure.LINE_TERMINATOR, strlen($alltablesstructure) + strlen(LINE_TERMINATOR));
} else {
fwrite($fp, $alltablesstructure.LINE_TERMINATOR, strlen($alltablesstructure) + strlen(LINE_TERMINATOR));
}
OutputInformation('statusinfo', '');
if ($_REQUEST['StartBackup'] != 'structure') {
$processedrows = 0;
foreach ($SelectedTables as $dbname => $value) {
set_time_limit(60);
mysql_select_db($dbname);
for ($t = 0; $t < count($SelectedTables[$dbname]); $t++) {
$result = mysql_query('SELECT * FROM '.$SelectedTables[$dbname][$t]);
$rows[$t] = mysql_num_rows($result);
if ($rows[$t] > 0) {
$tabledatadumpline = '# dumping data for '.$dbname.'.'.$SelectedTables[$dbname][$t].LINE_TERMINATOR;
if ($GZ_enabled) {
gzwrite($zp, $tabledatadumpline, strlen($tabledatadumpline));
} else {
fwrite($fp, $tabledatadumpline, strlen($tabledatadumpline));
}
}
unset($fieldnames);
for ($i = 0; $i < mysql_num_fields($result); $i++) {
$fieldnames[] = mysql_field_name($result, $i);
}
if ($_REQUEST['StartBackup'] == 'complete') {
$insertstatement = ($ReplaceInto ? 'REPLACE' : 'INSERT').' INTO '.BACKTICKCHAR.$SelectedTables[$dbname][$t].BACKTICKCHAR.' ('.BACKTICKCHAR.implode(BACKTICKCHAR.', '.BACKTICKCHAR, $fieldnames).BACKTICKCHAR.') VALUES (';
} else {
$insertstatement = ($ReplaceInto ? 'REPLACE' : 'INSERT').' INTO '.BACKTICKCHAR.$SelectedTables[$dbname][$t].BACKTICKCHAR.' VALUES (';
}
$currentrow = 0;
$thistableinserts = '';
while ($row = mysql_fetch_array($result)) {
unset($valuevalues);
foreach ($fieldnames as $key => $val) {
if ($row[$key] === null) {
$valuevalues[] = 'NULL';
} else {
switch ($RowTypes[$dbname][$SelectedTables[$dbname][$t]][$val]) {
// binary data dump, two hex characters per byte
case 'tinyblob':
case 'blob':
case 'mediumblob':
case 'longblob':
if ($HexBLOBs) {
$data = $row[$key];
$data_len = strlen($data);
$hexstring = '0x';
for ($i = 0; $i < $data_len; $i++) {
$hexstring .= str_pad(dechex(ord($data{$i})), 2, '0', STR_PAD_LEFT);
}
$valuevalues[] = $hexstring;
} else {
$valuevalues[] = QUOTECHAR.mysql_escape_string($row[$key]).QUOTECHAR;
}
break;
// just the (numeric) value, not surrounded by quotes
case 'tinyint':
case 'smallint':
case 'mediumint':
case 'int':
case 'bigint':
case 'float':
case 'double':
case 'decimal':
case 'year':
$valuevalues[] = mysql_escape_string($row[$key]);
break;
// value surrounded by quotes
case 'varchar':
case 'char':
case 'tinytext':
case 'text':
case 'mediumtext':
case 'longtext':
case 'enum':
case 'set':
case 'date':
case 'datetime':
case 'time':
case 'timestamp':
default:
$valuevalues[] = QUOTECHAR.mysql_escape_string($row[$key]).QUOTECHAR;
break;
}
}
}
$thistableinserts .= $insertstatement.implode(', ', $valuevalues).');'.LINE_TERMINATOR;
if (strlen($thistableinserts) >= BUFFER_SIZE) {
if ($GZ_enabled) {
gzwrite($zp, $thistableinserts, strlen($thistableinserts));
} else {
fwrite($fp, $thistableinserts, strlen($thistableinserts));
}
$thistableinserts = '';
}
if ((++$currentrow % STATS_INTERVAL) == 0) {
set_time_limit(60);
if ($DHTMLenabled) {
OutputInformation('rows_'.$dbname.'_'.$SelectedTables[$dbname][$t], '<b>'.$SelectedTables[$dbname][$t].' ('.number_format($rows[$t]).' records, ['.number_format(($currentrow / $rows[$t])*100).'%])</b>');
$elapsedtime = getmicrotime() - $starttime;
$percentprocessed = ($processedrows + $currentrow) / $overallrows;
$overallprogress = 'Overall Progress: '.number_format($processedrows + $currentrow).' / '.number_format($overallrows).' ('.number_format($percentprocessed * 100, 1).'% done) ['.FormattedTimeRemaining($elapsedtime).' elapsed';
if (($percentprocessed > 0) && ($percentprocessed < 1)) {
$overallprogress .= ', '.FormattedTimeRemaining(abs($elapsedtime - ($elapsedtime / $percentprocessed))).' remaining';
}
$overallprogress .= ']';
OutputInformation('topprogress', $overallprogress);
}
}
}
if ($DHTMLenabled) {
OutputInformation('rows_'.$dbname.'_'.$SelectedTables[$dbname][$t], $SelectedTables[$dbname][$t].' ('.number_format($rows[$t]).' records, [100%])');
$processedrows += $rows[$t];
}
if ($GZ_enabled) {
gzwrite($zp, $thistableinserts.LINE_TERMINATOR.LINE_TERMINATOR, strlen($thistableinserts) + strlen(LINE_TERMINATOR) + strlen(LINE_TERMINATOR));
} else {
fwrite($fp, $thistableinserts.LINE_TERMINATOR.LINE_TERMINATOR, strlen($thistableinserts) + strlen(LINE_TERMINATOR) + strlen(LINE_TERMINATOR));
}
}
}
}
if ($GZ_enabled) {
gzclose($zp);
} else {
fclose($fp);
}
if ($_REQUEST['StartBackup'] == 'structure') {
$newfullfilename = $backupabsolutepath.$strubackupfilename;
} elseif ($backuptype == 'full') {
$newfullfilename = $backupabsolutepath.$fullbackupfilename;
} else {
$newfullfilename = $backupabsolutepath.$partbackupfilename;
}
if (file_exists($newfullfilename)) {
unlink($newfullfilename); // Windows won't allow overwriting via rename
}
rename($backupabsolutepath.$tempbackupfilename, $newfullfilename);
if (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN') {
touch($newfullfilename);
if (!chmod($newfullfilename, 0777)) {
}
}
echo '<br>Backup complete in '.FormattedTimeRemaining(getmicrotime() - $starttime, 2).'.<br>';
echo '<a href="'.str_replace(@$_SERVER['DOCUMENT_ROOT'], '', $backupabsolutepath).basename($newfullfilename).'"><b>'.basename($newfullfilename).'</b> ('.FileSizeNiceDisplay(filesize($newfullfilename), 2);
echo ')</a><br><br><a href="'.$_SERVER['PHP_SELF'].'">Back to MySQL Database Backup main menu</a><br>';
OutputInformation('cancellink', '');
} else {
echo '<b>Warning:</b> failed to open '.$backupabsolutepath.$tempbackupfilename.' for writing!<br><br>';
if (is_dir($backupabsolutepath)) {
echo '<i>CHMOD 777</i> on the directory ('.htmlentities($backupabsolutepath).') should fix that.';
} else {
echo 'The specified directory does not exist: "'.htmlentities($backupabsolutepath).'"';
}
}
} else { // !$_REQUEST['StartBackup']
if (file_exists($backupabsolutepath.$fullbackupfilename)) {
echo 'It is now '.gmdate('F j, Y g:ia T', time() + date('Z')).'<br>';
echo 'Last full backup of MySQL databases: ';
$lastbackuptime = filemtime($backupabsolutepath.$fullbackupfilename);
echo gmdate('F j, Y g:ia T', $lastbackuptime + date('Z'));
echo ' (<b>'.FormattedTimeRemaining(time() - $lastbackuptime).'</b> ago)<br>';
if ((time() - $lastbackuptime) < 86400) {
echo 'Generally, backing up more than once a day is not neccesary.<br>';
}
echo '<br><a href="'.str_replace(@$_SERVER['DOCUMENT_ROOT'], '', $backupabsolutepath).$fullbackupfilename.'">Download previous full backup ('.FileSizeNiceDisplay(filesize($backupabsolutepath.$fullbackupfilename), 2).')</a> (right-click, Save As...)<br><br>';
} else {
echo 'Last backup of MySQL databases: <i>unknown</i>'.($backuptimestamp ? ' (incompatible with timestamping)' : '').'<br>';
}
$BackupTypesList = array(
'complete' => 'Full backup, complete inserts (recommended)',
'standard' => 'Full backup, standard inserts (smaller)',
'partial' => 'Selected tables only (with complete inserts)',
'structure' => 'Table structure(s) only'
);
echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post">';
if (isset($_POST['DB_HOST'])) {
echo '<input type="hidden" name="DB_HOST" value="'.htmlspecialchars(@$_POST['DB_HOST'], ENT_QUOTES).'">';
echo '<input type="hidden" name="DB_USER" value="'.htmlspecialchars(@$_POST['DB_USER'], ENT_QUOTES).'">';
echo '<input type="hidden" name="DB_PASS" value="'.htmlspecialchars(@$_POST['DB_PASS'], ENT_QUOTES).'">';
}
echo '<select name="StartBackup">';
foreach ($BackupTypesList as $key => $value) {
echo '<option value="'.$key.'">'.htmlentities($value).'</option>';;
}
echo '</select><br>';
echo '<input type="submit" value="Go">';
echo '</form>';
}
if ($SuppressHTMLoutput) {
ob_end_clean();
echo "File saved to $backupabsolutepath.$fullbackupfilename.";
}
if ($CloseWindowOnFinish) {
// Auto close the browser after the script finishes.
// This will allow task scheduler in Windows to work properly,
// else the task will be considered running until the browser is closed
echo '<script language="javascript">'."\n";
echo 'window.opener = top;'."\n";
echo 'window.close();'."\n";
echo '</script>';
}
?>

59
bikes/customers_barcode.php

@ -0,0 +1,59 @@
<?php session_start();
include ("../settings.php");
include("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/display.php");
include ("../classes/security_functions.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(isset($_GET['generateWith']))
{
$generateWith=$_GET['generateWith'];
}
else
{
$generateWith='id';
}
$display->displayTitle("$lang->customersBarcode"." ($generateWith)");
echo "<a href='customers_barcode.php?generateWith=account_number'>$lang->accountNumber</a> / <a href='customers_barcode.php?generateWith=id'>id</a>";
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$customers_table=$cfg_tableprefix.'customers';
$result=mysql_query("SELECT * FROM $customers_table ORDER by last_name",$dbf->conn);
echo '<table border=0 width=85% align=center cellspacing=5 cellpadding=12>
<tr>';
$counter=0;
while($row=mysql_fetch_assoc($result))
{
if($counter%2==0)
{
echo '</tr><tr>';
}
echo "<td align='center'><img src='../classes/barcode.php?barcode=$row[$generateWith]&width=227&text=*$row[last_name], $row[first_name]*'></td>";
$counter++;
}
echo '</tr></table>';
$dbf->closeDBlink();
?>

169
bikes/form_bikes.php

@ -0,0 +1,169 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../settings.php");
include("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
include ("../classes/form.php");
include ("../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
//set default values, these will change if $action==update.
$bikebrand_value='';
$bikemodel_value='';
$bikecolor_value='';
$biketype_number_value='';
$wheel_value='';
$frame_value='';
$bikestatus_value="$_GET[mode]";
$putinservice_value='';
$inrepair_value='';
$retired_value='';
$sold_value='';
$notes_value='';
$id=-1;
//decides if the form will be used to update or add a bike.
if(isset($_GET['action']))
{
$action=$_GET['action'];
}
else
{
$action="update";
}
//if action is update, sets variables to what the current users data is.
if($action=="update")
{
if (!$_POST[id] && !$_GET[passbike]){ echo "Oops. Try again. Maybe with a valid bike number this time"; die(); }
$display->displayTitle("Update a $_POST[mode] Bike");
if(isset($_POST['id']) || isset($_GET['passbike']))
{
$id=$_POST['id'];
if($id == ""){
$id=$_GET[passbike];
}
$tablename = "$cfg_tableprefix".'bikes';
$queree = "SELECT * FROM $tablename WHERE id=$id";
$result = mysql_query("$queree",$dbf->conn);
$row = mysql_fetch_assoc($result);
$bikebrand_value=$row['bikebrand'];
$bikemodel_value=$row['bikemodel'];
$bikecolor_value=$row['bikecolor'];
$biketype_value=$row['biketype'];
if ($biketype_value == ""){ echo "Oops, one of the fly rod's has gone out askew on the treddle. Try again. Maybe with a valid bike number this time"; die(); }
$wheel_value=$row['wheel'];
$frame_value=$row['frame'];
$bikestatus_value=$row['bikestatus'];
$putinservice_value=$row['putinservice'];
$inrepair_value=$row['inrepair'];
if($putinservice_value != "0000-00-00" && $bikestatus_value == "repair"){ echo "This fuckin bike was a repair and has already been returned to the owner."; die();}
if ($inrepair_value != '' && $inrepair_value != '0000-00-00' && $bikestatus_value == "library"){ echo "<center><h4 style=\"background: #000000; color: #FFFFFF; display: inline;\">This library bike is in for repair!</h4><center><br />"; }
$userID_value=$row['userID'];
$retired_value=$row['retired'];
if($retired_value != "0000-00-00" && $retired_value != ""){ die('This bike has been retired and probably stripped down');}
$sold_value=$row['sold'];
$notes_value=$row['notes'];
}
}
else
{
$display->displayTitle("Add a $bikestatus_value Bike");
}
//creates a form object
$f1=new form('process_form_bikes.php','POST','bikes','450',$cfg_theme,$lang);
//creates form parts.
//Get user List first
$idarray = array();
$namearray = array();
$result = mysql_query("SELECT id,first_name,last_name FROM customers ORDER BY last_name ASC");
while($field = mysql_fetch_array($result)) {
$namearray[] = "$field[last_name], $field[first_name]";
$idarray[] = "$field[id]";
}
if($_POST[id]){ $disable = "DISABLED"; }
if ($_GET[mode] == "repair" || isset($userID_value) && $userID_value != 0){ $f1->createSelectField("<b>Which Member?</b>",'userID',$idarray,$namearray,'150',"$disable","$userID_value"); }
$f1->createInputField("<b>Brand:</b> ",'text','bikebrand',"$bikebrand_value",'24','150');
$f1->createInputField("<b>Model:</b> ",'text','bikemodel',"$bikemodel_value",'24','150');
$f1->createInputField("<b>Color:</b> ",'text','bikecolor',"$bikecolor_value",'24','150');
//make the bike type arrays
$option_values = array('newroad','10spd','8spdinternal','5spd','3spd','singlespeedcoaster','singlespeed','fixedgear','mountain','hybrid','chopper');
$option_titles = array('road bike (12-27speed)','10 speed road bike','8 speed internal hub','5 speed road bike','3 speed internal hub','single speed w/coaster brake','single speed w/brakes','fixed gear','mountain bike','hybrid (road/mountain)','chopper');
$f1->createSelectField("<b>Bike Type</b>",'biketype',$option_values,$option_titles,'150','NULL',"$biketype_value");
//make the wheel size array
$option_values = array('20inch','22inch','24inch','26inch','26fractional','27inch','','','650','700');
$option_titles = array('20 inch','22 inch','24 inch','26 inch','26 by fraction','27 inch','','----Metric Crap----','650','700c');
$f1->createSelectField("<b>Wheel Size</b>",'wheel',$option_values,$option_titles,'150','NULL',"$wheel_value");
$f1->createInputField("<b>Frame Height (inches)</b>: ",'text','frame',"$frame_value",'4','150');
//select bikeStatus here
//make the bike status array and form field
$option_values = array('library','sale','repair');
$option_titles = array('Library bike','For sale bike','Member bike in for repair');
if($action == "insert"){ $statdisable = "DISABLED"; }
$f1->createSelectField("<b>Bike Status</b>",'bikestatus',$option_values,$option_titles,'150',"$statdisable","$bikestatus_value");
if ($_GET[mode] == "repair"){ $f1->createSingleDateSelectField("To be picked up on:"); }
// major changes to library bike
if($inrepair_value != "" && $inrepair_value != "0000-00-00"){ $repairtext = "Mark library bike as fixed"; $repairvalue = "makeoutrepair"; }
else { $repairtext = "Mark as broken library bike"; $repairvalue = "makeinrepair";}
$option_values = array("$repairvalue",'makeretire');
$option_titles = array("$repairtext",'Retire this bike from library');
if($bikestatus_value=="library" && $action=="update"){ $f1->createRadioField("Major Updates",'majorupdates',$option_values,$option_titles,'150','',"$bikestatus_value"); }
$f1->createTextareaField("Repair needed:<br />Accepted by:<br />Other notes:",'notes','6','30',"$notes_value",'150');
if($bikestatus_value == "repair"){
$f1->createCheckboxField("Remember to process payment<br /> in the sales area. ",'repairpickup','150','','','<b>Check if being picked up</b>');
}
//sends 2 hidden varibles needed for process_form_users.php.
echo "
<input type='hidden' name='action' value='$action'>
<input type='hidden' name='id' value='$id'>";
if($action == "insert"){ echo "<input type='hidden' name='bikestatus' value='$_GET[mode]'>"; }
$f1->endForm();
$dbf->closeDBlink();
?>
</body>
</html>

57
bikes/index.php

@ -0,0 +1,57 @@
<?php session_start();
include ("../settings.php");
include("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
if(!$sec->isLoggedIn()){
header("location: ../login.php");
exit();
}
if(!$sec->isOpen()){
header("location: ../books/openshop.php");
exit();
}
echo "
<html>
<body>
<head>
</head>
<table border=\"0\" width=\"500\">
<tr>
<td><img border=\"0\" src=\"../images/customers.gif\" width=\"41\" height=\"33\" valign='top'><font color='#005B7F' size='4'>&nbsp;<b>Rental Bikes - Sale Bikes - Repair Bikes</b></font><br>
<br>
<font face=\"Verdana\" size=\"2\">Welcome to the Bikes panel! Here you can manage <b>any</b> bikes that are in the shop. What would you like to do?
<br /><br /><b>Add a bike!</b>
<ul>
<li><font face=\"Verdana\" size=\"2\"><a href=\"form_bikes.php?action=insert&mode=repair\">Enter a new member bike in for repair</a></font><br /><br /></li>
<li><font face=\"Verdana\" size=\"2\"><a href=\"form_bikes.php?action=insert&mode=library\">Add a new bike to the library</a></font><br /><br /></li>
<li><font face=\"Verdana\" size=\"2\"><a href=\"form_bikes.php?action=insert&mode=sale\">Add a new for-sale completed bike</a></font><br /><br /></li>
</ul></font>
<font face=\"Verdana\" size=\"2\"><b>Update/modify bike info</b><br /></font>
<form name=bikenumber enctype=\"multipart/form-data\" method=\"POST\" action=\"form_bikes.php?action=update\">
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font face=\"Verdana\" size=\"2\">Bike Number:</font>
&nbsp;<input type=\"text\" name=\"id\" size=\"10\">
<input type=\"submit\" name=\"submit\" value=\"Ok Go!\">
</form>
</td>
</tr>
</table>
</body>
</html>";
$dbf->closeDBlink();
?>

74
bikes/manage_customers.php

@ -0,0 +1,74 @@
<?php session_start(); ?>
<html>
<head>
<SCRIPT LANGUAGE="Javascript">
<!---
function decision(message, url)
{
if(confirm(message) )
{
location.href = url;
}
}
// --->
</SCRIPT>
</head>
<body>
<?php
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
include ("../classes/display.php");
include ("../classes/form.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
$display->displayTitle("Manage Members");
$f1=new form('manage_customers.php','POST','customers','450',$cfg_theme,$lang);
$f1->createInputField("<b>$lang->searchForCustomer</b>",'text','search','','24','150');
$option_values2=array('first_name','last_name','account_number','id');
$option_titles2=array("$lang->firstName","$lang->lastName","$lang->accountNumber",'ID');
$f1->createSelectField("<b>$lang->searchBy</b>",'searching_by',$option_values2,$option_titles2,100);
$f1->endForm();
$tableheaders=array("$lang->rowID","$lang->lastName","$lang->firstName","$lang->phoneNumber","$lang->email","$lang->streetAddress","More Info","Update/Edit Member","Remove Member");
$tablefields=array('id','last_name','first_name','phone_number','email','street_address');
if(isset($_POST['search']))
{
$search=$_POST['search'];
$searching_by =$_POST['searching_by'];
echo "<center>$lang->searchedForItem: <b>$search</b> $lang->searchBy <b>$searching_by</b></center>";
$display->displayManageTable("$cfg_tableprefix",'customers',$tableheaders,$tablefields,"$searching_by","$search",'last_name');
}
else
{
$display->displayManageTable("$cfg_tableprefix",'customers',$tableheaders,$tablefields,'','','last_name');
}
$dbf->closeDBlink();
?>
</body>
</html>

160
bikes/process_form_bikes.php

@ -0,0 +1,160 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
//creates 3 objects needed for this script.
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
//checks if user is logged in.
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit ();
}
//variables needed globably in this file.
$tablename="$cfg_tableprefix".'bikes';
$field_names=null;
$field_data=null;
//$id=-1;
//checks to see if action is delete and an ID is specified. (only delete uses $_GET.)
if(isset($_GET['action']) and isset($_GET['id']))
{
$action=$_GET['action'];
$id=$_GET['id'];
}
//checks to make sure data is comming from form ($action is either dateup or update)
elseif(isset($_POST['bikebrand']) and isset($_POST['bikemodel']) and isset($_POST['bikecolor'])
and isset($_POST['biketype']) and isset($_POST['wheel']) and isset($_POST['frame']) and isset($_POST['bikestatus']) and isset($_POST['id']) and isset($_POST['action']) )
{
$action=$_POST['action'];
$id = $_POST['id'];
//gets variables ALWAYS used for everything
$bikebrand=$_POST['bikebrand'];
$bikemodel=$_POST['bikemodel'];
$bikecolor=$_POST['bikecolor'];
$biketype=$_POST['biketype'];
$wheel=$_POST['wheel'];
$frame=$_POST['frame'];
$bikestatus=$_POST['bikestatus'];
//Adding a library bike to be in-service? Make a date for it... today perhaps?
if($action == "insert" && $bikestatus == "library"){ $putinservice=date('Y-m-d'); }
//Making a library bike into an out of service library bike or vice versa? Make it so in the DB...
if($_POST[majorupdates] == "makeinrepair"){ $inrepair = date('Y-m-d'); }
if($_POST[majorupdates] == "makeoutrepair"){ $inrepair = ""; }
//same for retiring a library bike
if($_POST[majorupdates] == "makeretire"){ $retired = date('Y-m-d'); }
//If it's a member repair... same as above
if($bikestatus == "repair" && $action == "insert"){ $inrepair = date('Y-m-d'); $userID=$_POST['userID']; }
if($bikestatus == "repair" && $action == "update" && $_POST[repairpickup] == "on"){ $pickedupdate = date('Y-m-d'); }
$duedate= "$_POST[year]-$_POST[month]-$_POST[day]";
$notes=$_POST['notes'];
// HERE YOU ARE UP TO
//ensure all fields are filled in.
if($bikebrand=='' or $bikemodel=='' or $bikecolor=='' or $frame=='')
{
echo "$lang->forgottenFields";
exit();
}
else if($bikestatus == "library" && $action == "insert")
{
$field_names=array('bikebrand','bikemodel','bikecolor','biketype','wheel','frame','bikestatus','putinservice','inrepair',' retired','notes');
$field_data=array("$bikebrand","$bikemodel","$bikecolor","$biketype","$wheel","$frame","$bikestatus","$putinservice","$inrepair","$retired","$notes");
}
else if($bikestatus == "library" && $action == "update")
{
$field_names=array('bikebrand','bikemodel','bikecolor','biketype','wheel','frame','bikestatus','inrepair',' retired','notes');
$field_data=array("$bikebrand","$bikemodel","$bikecolor","$biketype","$wheel","$frame","$bikestatus","$inrepair","$retired","$notes");
}
else if($bikestatus == "sale")
{
$field_names=array('bikebrand','bikemodel','bikecolor','biketype','wheel','frame','bikestatus','notes');
$field_data=array("$bikebrand","$bikemodel","$bikecolor","$biketype","$wheel","$frame","$bikestatus","$notes");
}
else if($bikestatus == "repair" && $action == "update")
{
$field_names=array('bikebrand','bikemodel','bikecolor','biketype','wheel','frame','bikestatus','notes','putinservice');
$field_data=array("$bikebrand","$bikemodel","$bikecolor","$biketype","$wheel","$frame","$bikestatus","$notes","$pickedupdate");
}
else if($bikestatus == "repair" && $action == "insert")
{
$field_names=array('bikebrand','bikemodel','bikecolor','biketype','wheel','frame','bikestatus','inrepair','userID','duedate','notes');
$field_data=array("$bikebrand","$bikemodel","$bikecolor","$biketype","$wheel","$frame","$bikestatus","$inrepair","$userID","$duedate","$notes");
}
}
else
{
//outputs error message because user did not use form to fill out data.
echo "$lang->mustUseForm";
exit();
}
switch ($action)
{
//finds out what action needs to be taken and preforms it by calling methods from dbf class.
case $action=="insert":
$dbf->insert($field_names,$field_data,$tablename,true);
$newnumber = mysql_insert_id();
break;
case $action=="update":
$dbf->update($field_names,$field_data,$tablename,$id,true);
break;
case $action=="delete":
$dbf->deleteRow($tablename,$id);
break;
default:
echo "$lang->noActionSpecified";
break;
}
$dbf->closeDBlink();
if($action == "insert"){ echo "<center><h2>Important!!!</h2><h2>Tag this bike as BIKE NUMBER $newnumber</h2>"; }
?>
<br />
<a href="index.php">Manage Bikes--></a>
<br>
<a href="/pos/home.php">Go Home--></a></center>
</body>
</html>

76
books/closeshop.php

@ -0,0 +1,76 @@
<?php session_start(); ?>
<html>
<head>
<link rel="stylesheet" href="form.css" type="text/css">
</head>
<body>
<?php
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
include ("../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$today = date("Y-m-d");
//$result = mysql_query("SELECT * FROM books");
$body.="</select>";
$tablename = $cfg_tableprefix.'users';
$userLoginName = $dbf->idToField($tablename,'username',$_SESSION['session_user_id']);
if(isset($_GET[error])){
$error = (int)$_GET[error];
$errorMsg = "";
switch($error){
case 1:
$errorMsg="ERROR: invalid username or password";
break;
case 2:
$errorMsg="ERROR: Not a valid ammount: [$_GET[count]]";
break;
}
}
if($errorMsg != ""){
$body.="<br><font color=\"red\">".$errorMsg."</font><br>";
}
$body.="
<h2>Close The Shop...</h2>
<form class=\"form\" name=closeform enctype=\"multipart/form-data\" method=\"POST\" action=\"verifyaction.php\">
<h5>Please count all cash, cheques, and coupons in the coin box</h5>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font face=\"Verdana\" size=\"2\">Closing Count: $
<input type=\"text\" name=\"ammount\" size=\"10\" value=\"$_GET[count]\">
<br>
Counted by:
<blockquote>Username: <input type=\"text\" name=\"username\" size=\"15\" value=\"$userLoginName\"><br>
Password: <input type=\"password\" name=\"password\" size=\"15\"></blockquote>
<br><br><br>
<input type=\"hidden\" name=\"action\" value=\"2\">
<input type=\"hidden\" name=\"data\" value=\"0\">
</font>
<input type=\"submit\" name=\"submit\" value=\"Process!\">
</form>
";
echo "$body";
// &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Counted by <b>$userLoginName</b>&nbsp;<input type=\"checkbox\" name=\"counter\">
$dbf->closeDBlink();
?>
</body>
</html>

96
books/depositPayout.php

@ -0,0 +1,96 @@
<?php session_start(); ?>
<html>
<head>
<link rel="stylesheet" href="form.css" type="text/css">
</head>
<body>
<?php
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
include ("../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$today = date("Y-m-d");
//$result = mysql_query("SELECT * FROM books");
$body.="</select>";
$tablename = $cfg_tableprefix.'users';
$userLoginName = $dbf->idToField($tablename,'username',$_SESSION['session_user_id']);
if(isset($_GET[error])){
$error = (int)$_GET[error];
$errorMsg = "";
switch($error){
case 1:
$errorMsg="ERROR: invalid username or password";
break;
case 2:
$errorMsg="ERROR: Not a valid ammount: [$_GET[count]]";
break;
case 3:
$errorMsg="ERROR: Invalid Data";
break;
}
}
if($errorMsg != ""){
$body.="<br><font color=\"red\">".$errorMsg."</font><br>";
}
$body.="
<table border=\"0\"><tr><td>
<h2>Deposit...</h2>
<form class=\"form\" name=depositform enctype=\"multipart/form-data\" method=\"POST\" action=\"verifyaction.php\">
<h5>Please count all cash, cheques, and coupons in the coin box</h5>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font face=\"Verdana\" size=\"2\">Deposit Ammount: $
<input type=\"text\" name=\"ammount\" size=\"10\" value=\"$_GET[count]\">
<br>
Approved by:
<blockquote>Username: <input type=\"text\" name=\"username\" size=\"15\" value=\"$userLoginName\"><br>
Password: <input type=\"password\" name=\"password\" size=\"15\"></blockquote>
<br><br><br>
<input type=\"hidden\" name=\"action\" value=\"4\">
Deposited by: <input type=\"text\" name=\"data\" value=\"$_GET[data]\">
</font>
<input type=\"submit\" name=\"submit\" value=\"Process Deposit!\">
</form></td><td>
<h2>Payout...</h2>
<form class=\"form\" name=payoutform enctype=\"multipart/form-data\" method=\"POST\" action=\"verifyaction.php\">
<h5>Please count all cash, cheques, and coupons in the coin box</h5>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font face=\"Verdana\" size=\"2\">Payout Ammount: $
<input type=\"text\" name=\"ammount\" size=\"10\" value=\"$_GET[count]\">
<br>
Approved by:
<blockquote>Username: <input type=\"text\" name=\"username\" size=\"15\" value=\"$userLoginName\"><br>
Password: <input type=\"password\" name=\"password\" size=\"15\"></blockquote>
<br><br><br>
<input type=\"hidden\" name=\"action\" value=\"5\">
Payee: <input type=\"text\" name=\"data\" value=\"$_GET[data]\">
For: <input type=\"text\" name=\"data2\" value=\"$_GET[data2]\">
</font>
<input type=\"submit\" name=\"submit\" value=\"Process Payout!\">
</form></td></tr></table>
";
echo "$body";
// &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Counted by <b>$userLoginName</b>&nbsp;<input type=\"checkbox\" name=\"counter\">
$dbf->closeDBlink();
?>
</body>
</html>

2
books/error_log

@ -0,0 +1,2 @@
[12-Mar-2009 01:49:01] PHP Parse error: syntax error, unexpected T_STRING in /home/recycle/public_html/www_campusbike.ca/pos/books/openshop.php on line 68
[12-Mar-2009 01:49:16] PHP Parse error: syntax error, unexpected $end in /home/recycle/public_html/www_campusbike.ca/pos/books/openshop.php on line 91

32
books/form.css

@ -0,0 +1,32 @@
.form {
width: 400px;
margin-left: 15%;
//margin-right: auto;
margin-top: 0px;
padding: 10px;
border: 1px dotted #b2c7e7;
background-color: #EEEEEE;
}
.subform {
width: 250px;
margin: 0px;
padding: 0px;
border: 0px solid black;
background-color: #EEEEEE;
}
h2 {
width: 200px;
margin-top: 20px;
margin-bottom: 0px;
margin-left: 15%;
border-top: 1px dotted #b2c7e7;
border-left: 1px dotted #b2c7e7;
border-right: 1px dotted #b2c7e7;
background-color: #FFFFFF;
}
body {
background-color: #BBBBBB;
}

75
books/form_open.php

@ -0,0 +1,75 @@
<?php session_start();?>
<html>
<head>
</head>
<body>
<?php
include ("../settings.php");
include ("../classes/db_functions.php");
include ("../language/$cfg_language");
include ("../classes/security_functions.php");
include ("../classes/form.php");
include ("../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
echo "Processing...";
//check to make sure it's a number
if(!strval(floatval($_POST[openCount])) == strval($_POST[openCount])){
echo "<script>document.location.href='openshop.php?error=2&count=$_POST[openCount]'</script>";
exit();
}
//check to make sure it was the administrator who counted
if(!$_POST[counter]){
echo "<script>document.location.href='openshop.php?error=1'</script>";
exit();
}
//$tablename = $cfg_tableprefix.'users';
$userLoginName = $dbf->idToField($cfg_tableprefix.'users','username',$_SESSION['session_user_id']);
$tablename="$cfg_tableprefix".'books';
$field_names=null;
$field_data=null;
$today = date('Y-m-d');
$adminID = $_SESSION['session_user_id'];
$field_names=array('date','event','user','ammount','data');
$field_data=array("$today", "open", "$adminID","$_POST[openCount]","$_POST[mechID]");
$dbf->insert($field_names,$field_data,$tablename,"");
$tablename="$cfg_tableprefix".'visits';
$tdin = date('Y-m-d H:i:s');
$field_names=array('userID','intime','activity');
$field_data=array("$_POST[mechID]", "$tdin", "Mechanic");
$dbf->insert($field_names, $field_data, $tablename, "");
$adminID = $dbf->idToField($cfg_tableprefix.'users','customerID',$_SESSION['session_user_id']);
$field_data=array("$adminID", "$tdin", "Administrator");
$dbf->insert($field_names, $field_data, $tablename, "");
//$query = "INSERT INTO 'visits' ('userID' ,'intime' ,'activity') VALUES ('$_POST[mechID]', '$tdin', '\"using\"')";
//mysql_query($query);
echo "<script>document.location.href='../home.php'</script>";
$dbf->closeDBlink();
?>
</body>
</html>

162
books/open_form.php

@ -0,0 +1,162 @@
\<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../settings.php");
include ("../classes/db_functions.php");
include("../language/$cfg_language");
include ("../classes/security_functions.php");
include ("../classes/form.php");
include ("../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
//set default values, these will change if $action==update.
$userID='';
$loanID='';
$deposittaken='';
$loandate='';
$returndate='';
$notes='';
$latefeespaid='';
$paid='';
$id=-1;
//echo "post is $_POST[bikeID]and id is $id";
//Destroy the world if they didn't put a valid bike number in. Then apologize.
$bikecheck = mysql_query("SELECT * FROM bikes WHERE id='$_POST[bikeID]' LIMIT 1",$dbf->conn);
echo mysql_error();
$bikeexists = mysql_fetch_array($bikecheck);
$back = "<br /><br /><a href=\"index.php\">[Go Baaaaaack]</a>";
if($bikeexists['id'] == ""){ echo "<br />Bike Doesn't exist. Divide by zero. Did you put a bike number in the box? If you <b>did</b> put a number in, go back and try typing it again.$back"; die(); }
if($bikeexists['bikestatus'] == "repair"){ echo "<br />This is <b>a personal bike in for repair!</b> Take it from them and make a note! $back"; die(); }
if($bikeexists['bikestatus'] != "library"){ echo "<br />This is not a library bike. It is marked as <b>$bikeexists[bikestatus]</b>. Take it from them and tell the IT working group $back"; die(); }
if($bikeexists['putinservice'] == "" || $bikeexists['putinservice'] == "0000-00-00"){ echo "<br />This bike has not yet been put in service! DO NOT LOAN. Merci! $back"; die(); }
if($bikeexists['inrepair'] != "" && $bikeexists['inrepair'] != "0000-00-00"){ echo "<br />This bike is in repair. DO NOT LOAN. Merci! $back"; die(); }
if($bikeexists['retired'] != "" && $bikeexists['retired'] != "0000-00-00"){ echo "<br />This bike has been retired from the library. Do not loan. $back"; die(); }
//Check if bike is in or out
$inoutquery = mysql_query("SELECT * FROM libraryloans WHERE bikeID='$_POST[bikeID]' AND bikeout=1",$dbf->conn);
$loanarray = mysql_fetch_array($inoutquery);
//decides if the form will be used to sign in or add a loan.
if($loanarray['id'] != "")
{
$action="update";
// print_r($loanarray);
}
else
{
$action="insert";
}
//if action is update, sets variables to what the current loan data is.
if($action=="update")
{
$display->displayTitle("Bike is OUT. Sign it in");
if(isset($_POST['bikeID']))
{
// echo "Now it's all: $_POST[bikeID]";
$bikeID=$_POST['bikeID'];
$tablename = "$cfg_tableprefix".'libraryloans';
$result = mysql_query("SELECT *, UNIX_TIMESTAMP(duedate)as latedate FROM $tablename WHERE bikeID=\"$bikeID\" AND bikeout=1",$dbf->conn);
$row = mysql_fetch_assoc($result);
$userID=$row['userID'];
$loanID=$row['id'];
$deposittaken=$row['deposittaken'];
$loandate=$row['loandate'];
$duedate=$row['duedate'];
$returndate=$row['returndate'];
$notes=$row['notes'];
$latefees=$row['latefees'];
$latedate=$row['latedate'];
$today = date('U');
if($today > $latedate){
$todayowing = round((($today-$latedate)/60/60/24)-1, 0) * $cfg_dailyLateFee;
echo "<center>There is <b>\$$todayowing.00</b> owing in late fees.</center><br />";
}