Browse Source

First commit of biketree to github!

master
Jonathan Rosenbaum 7 years ago
commit
8ca61d45eb
  1. 47
      allstyles.css
  2. 755
      backupDB.php
  3. 59
      bikes/customers_barcode.php
  4. 169
      bikes/form_bikes.php
  5. 57
      bikes/index.php
  6. 74
      bikes/manage_customers.php
  7. 160
      bikes/process_form_bikes.php
  8. 76
      books/closeshop.php
  9. 96
      books/depositPayout.php
  10. 2
      books/error_log
  11. 32
      books/form.css
  12. 75
      books/form_open.php
  13. 162
      books/open_form.php
  14. 91
      books/openshop.php
  15. 190
      books/verifyaction.php
  16. BIN
      classes/.form.php.swp
  17. 340
      classes/barcode.php
  18. 586
      classes/db_functions.php
  19. 887
      classes/display.php
  20. 309
      classes/form.php
  21. 258
      classes/security_functions.php
  22. 59
      customers/customers_barcode.php
  23. 15
      customers/error_log
  24. 102
      customers/form_customers.php
  25. 57
      customers/index.php
  26. 74
      customers/manage_customers.php
  27. 111
      customers/process_form_customers.php
  28. BIN
      docker/.Dockerfile.swp
  29. 20
      docker/Dockerfile
  30. 16
      docker/Dockerfile-fpm
  31. BIN
      docker/codeforbikebike.tar.gz
  32. 69
      docker/default.conf
  33. 71
      docker/docker-compose.yml
  34. 42
      docker/settings.php
  35. 8368
      docker/sql/biketree.sql
  36. 340
      general_public_license.txt
  37. 43
      generaltodo.php
  38. 382
      home.php
  39. BIN
      images/config.gif
  40. BIN
      images/customers.gif
  41. BIN
      images/home_print.gif
  42. BIN
      images/install_pos.gif
  43. BIN
      images/items.gif
  44. BIN
      images/login.gif
  45. BIN
      images/login_01.gif
  46. BIN
      images/login_02.gif
  47. BIN
      images/login_03.gif
  48. BIN
      images/login_04.gif
  49. BIN
      images/login_05.gif
  50. BIN
      images/login_06.gif
  51. BIN
      images/login_07.gif
  52. BIN
      images/login_08.gif
  53. BIN
      images/login_09.gif
  54. BIN
      images/login_10.gif
  55. BIN
      images/login_bg.gif
  56. BIN
      images/menubar_01.gif
  57. BIN
      images/menubar_02.gif
  58. BIN
      images/menubar_03.gif
  59. BIN
      images/menubar_04.gif
  60. BIN
      images/menubar_05.gif
  61. BIN
      images/menubar_06.gif
  62. BIN
      images/menubar_07.gif
  63. BIN
      images/menubar_bg.gif
  64. BIN
      images/menubar_bottom.gif
  65. BIN
      images/menubar_reports_01.gif
  66. BIN
      images/menubar_reports_02.gif
  67. BIN
      images/menubar_reports_03.gif
  68. BIN
      images/menubar_reports_04.gif
  69. BIN
      images/menubar_reports_05.gif
  70. BIN
      images/menubar_reports_06.gif
  71. BIN
      images/menubar_sales_01.gif
  72. BIN
      images/menubar_sales_02.gif
  73. BIN
      images/menubar_sales_03.gif
  74. BIN
      images/menubar_sales_04.gif
  75. BIN
      images/menubar_sales_05.gif
  76. BIN
      images/menubar_sales_06.gif
  77. BIN
      images/reports.gif
  78. BIN
      images/sales.gif
  79. BIN
      images/spacer.gif
  80. BIN
      images/uhohbg.gif
  81. 45
      index.php
  82. 31
      install/index.php
  83. 181
      install/installer.php
  84. 332
      install/makeinstall.php
  85. BIN
      install/message.gif
  86. 85
      items/brands/form_brands.php
  87. 68
      items/brands/manage_brands.php
  88. 106
      items/brands/process_form_brands.php
  89. 86
      items/categories/form_categories.php
  90. 67
      items/categories/manage_categories.php
  91. 106
      items/categories/process_form_categories.php
  92. 101
      items/discounts/form_discounts.php
  93. 67
      items/discounts/manage_discounts.php
  94. 108
      items/discounts/process_form_discounts.php
  95. 164
      items/form_items.php
  96. 58
      items/index.php
  97. 59
      items/items_barcode.php
  98. 87
      items/manage_items.php
  99. 124
      items/process_form_items.php
  100. 100
      items/suppliers/form_suppliers.php

47
allstyles.css

@ -0,0 +1,47 @@
h4{
font-family: verdana;
font-size: 12px;
font-style: italic;
font-weight: normal;
margin-bottom: 0;
margin-top: 0;
}
h3{
font-family: verdana;
font-size: 14px;
font-weight: bold;
background: #9aadd0;
margin-bottom: 0;
margin-top: 0;
text-align: right;
}
h2{
font-family: verdana;
font-size: 16px;
font-weight: bold;
font-style: italic;
margin-bottom: 0;
margin-top: 0;
text-align: left;
}
.text {
font-size: 13px;
padding: 4px;
margin-left: auto;
margin-right: auto;
}
td.high40 {
height: 40px;
width: 500px;
text-align: left;
}
td.submit {
border-bottom: 4px solid #333333;
border-top: 1px dotted #333333;
text-align: center;
}

755
backupDB.php

@ -0,0 +1,755 @@
<?php
define('backupDBversion', '1.1.31');
include ("settings.php");
/////////////////////////////////////////////////////////////////////
/// //
// backupDB() - MySQL database backup utility //
// //
// You should configure at least ADMIN_EMAIL below. //
// //
// See backupDB.txt for more information. //
// ///
/////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////
/////////////////// CONFIGURATION ///////////////////
/////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////
// hack for Lynx browser that only supports one GETstring parameter
if (!empty($_REQUEST['lynxauth'])) {
// backupDB.php?lynxauth=localhost.username.password.database[.backuptype]
$lynxautharray = explode('.', $_REQUEST['lynxauth']);
$_REQUEST['DB_HOST'] = @$lynxautharray[0];
$_REQUEST['DB_USER'] = @$lynxautharray[1];
$_REQUEST['DB_PASS'] = @$lynxautharray[2];
$_REQUEST['onlyDB'] = @$lynxautharray[3];
$_REQUEST['StartBackup'] = (@$lynxautharray[4] ? @$lynxautharray[4] : 'standard');
$_REQUEST['mailto'] = (@$lynxautharray[5] ? @$lynxautharray[5] : '');
$_REQUEST['nohtml'] = (isset($_REQUEST['nohtml']) ? $_REQUEST['nohtml'] : '1');
}
// end Lynx hack
/////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////
// You SHOULD modify these values: //
/////////////////////////////////////////////////////////////////////
// If DB_HOST, DB_USER and/or DB_PASS are undefined or empty,
// you will be prompted to enter them each time the script runs
define('DB_HOST', (isset($_REQUEST['DB_HOST']) ? $_REQUEST['DB_HOST'] : "$cfg_server")); // usually 'localhost'
define('DB_USER', (isset($_REQUEST['DB_USER']) ? $_REQUEST['DB_USER'] : "$cfg_username")); // MySQL username
define('DB_PASS', (isset($_REQUEST['DB_PASS']) ? $_REQUEST['DB_PASS'] : "$cfg_password")); // MySQL password
// Only define DB_NAME if you want to restrict to ONLY this
// database, otherwise all accessible databases will be backed up
if (!empty($_REQUEST['onlyDB'])) {
define('DB_NAME', $_REQUEST['onlyDB']);
} else {
// uncomment this line if you want to define a single database to back up
// note: this may be required for some servers, where the user cannot list available databases
//define('DB_NAME', 'database');
}
/////////////////////////////////////////////////////////////////////
// You MAY modify these values (defaults should be fine too): //
/////////////////////////////////////////////////////////////////////
define('BACKTICKCHAR', '`');
define('QUOTECHAR', '\'');
define('LINE_TERMINATOR', "\n"); // \n = UNIX; \r\n = Windows; \r = Mac
define('BUFFER_SIZE', 32768); // in bytes
define('TABLES_PER_COL', 30); //
define('STATS_INTERVAL', 500); // number of records processed between each DHTML stats refresh
$GZ_enabled = (bool) function_exists('gzopen');
$DHTMLenabled = true; // set $DHTMLenabled = FALSE to prevent JavaScript errors in incompatible browsers
// set $DHTMLenabled = TRUE to get the nice DHTML display in recent browsers
$dbNameInCreate = true; // if true: "CREATE TABLE `database`.`table`", if false: "CREATE TABLE `table`"
$CreateIfNotExists = false; // if true: "CREATE TABLE IF NOT EXISTS `database`.`table`", if false: "CREATE TABLE `database`.`table`"
$ReplaceInto = false; // if true: "REPLACE INTO ", if false: "INSERT INTO "
$HexBLOBs = true; // if true: blobs get data dumped as hex string; if false: blobs get data dumped as escaped binary string
$SuppressHTMLoutput = (@$_REQUEST['nohtml'] ? true : false); // disable all output for running as a cron job
$backuptimestamp = '.'.date('Y-m-d'); // timestamp
if (!empty($_REQUEST['onlyDB'])) {
$backuptimestamp = '.'.$_REQUEST['onlyDB'].$backuptimestamp;
}
//$backuptimestamp = ''; // no timestamp
$backupabsolutepath = dirname(__FILE__).'/backups/'; // make sure to include trailing slash
$fullbackupfilename = 'db_backup'.$backuptimestamp.'.sql'.($GZ_enabled ? '.gz' : '');
$partbackupfilename = 'db_backup_partial'.$backuptimestamp.'.sql'.($GZ_enabled ? '.gz' : '');
$strubackupfilename = 'db_backup_structure'.$backuptimestamp.'.sql'.($GZ_enabled ? '.gz' : '');
$tempbackupfilename = 'db_backup.temp.sql'.($GZ_enabled ? '.gz' : '');
$NeverBackupDBtypes = array('HEAP');
// Auto close the browser after the script finishes.
// This will allow task scheduler in Windows to work properly,
// else the task will be considered running until the browser is closed
$CloseWindowOnFinish = false;
/////////////////////////////////////////////////////////////////////
/////////////////// END CONFIGURATION ///////////////////
/////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////
/////////////////// SUPPORT FUNCTIONS ///////////////////
/////////////////////////////////////////////////////////////////////
if (!function_exists('getmicrotime')) {
function getmicrotime() {
list($usec, $sec) = explode(' ', microtime());
return ((float) $usec + (float) $sec);
}
}
function FormattedTimeRemaining($seconds, $precision=1) {
if ($seconds > 86400) {
return number_format($seconds / 86400, $precision).' days';
} elseif ($seconds > 3600) {
return number_format($seconds / 3600, $precision).' hours';
} elseif ($seconds > 60) {
return number_format($seconds / 60, $precision).' minutes';
}
return number_format($seconds, $precision).' seconds';
}
function FileSizeNiceDisplay($filesize, $precision=2) {
if ($filesize < 1000) {
$sizeunit = 'bytes';
$precision = 0;
} else {
$filesize /= 1024;
$sizeunit = 'kB';
}
if ($filesize >= 1000) {
$filesize /= 1024;
$sizeunit = 'MB';
}
if ($filesize >= 1000) {
$filesize /= 1024;
$sizeunit = 'GB';
}
return number_format($filesize, $precision).' '.$sizeunit;
}
function OutputInformation($id, $dhtml, $text='') {
global $DHTMLenabled;
if ($DHTMLenabled) {
if (!is_null($dhtml)) {
if ($id) {
echo '<script>if (document.getElementById("'.$id.'")) document.getElementById("'.$id.'").innerHTML="'.$dhtml.'"</script>';
} else {
echo $dhtml;
}
flush();
}
} else {
if ($text) {
echo $text;
flush();
}
}
return true;
}
/////////////////////////////////////////////////////////////////////
/////////////////// END SUPPORT FUNCTIONS ///////////////////
/////////////////////////////////////////////////////////////////////
if ((!defined('DB_HOST') || (DB_HOST == '')) || (!defined('DB_USER') || (DB_USER == '')) || (!defined('DB_PASS') || (DB_PASS == ''))) {
echo '<html><head><body><form action="'.$_SERVER['PHP_SELF'].'" method="post">';
echo 'database hostname: <input type="text" name="DB_HOST" value="'.(defined('DB_HOST') ? DB_HOST : 'localhost').'"><br>';
echo 'database username: <input type="text" name="DB_USER" value="'.(defined('DB_USER') ? DB_USER : '').'"><br>';
echo 'database password: <input type="text" name="DB_PASS" value="'.(defined('DB_PASS') ? DB_PASS : '').'"><br>';
echo '<input type="submit" value="submit">';
echo '</form></body></html>';
exit;
}
if (!@mysql_connect(DB_HOST, DB_USER, DB_PASS)) {
die('There was a problem connecting to the database:<br>'."\n".mysql_error());
}
if (!is_dir($backupabsolutepath)) {
die('"'.htmlentities($backupabsolutepath).'" is not a directory');
} elseif (!is_writable($backupabsolutepath)) {
die('"'.htmlentities($backupabsolutepath).'" is not writable');
}
if ($SuppressHTMLoutput) {
ob_start();
}
echo '<h3>backupDB() v'.backupDBversion.'</h3>';
echo '<h4>MySQL database backup</h4>';
if (isset($_REQUEST['StartBackup'])) {
OutputInformation('', '<span id="cancellink"><a href="'.$_SERVER['PHP_SELF'].'">Cancel</a><br><br></span>', '<a href="'.$_SERVER['PHP_SELF'].'">Cancel</a><br><br>');
}
OutputInformation('', '<span id="statusinfo"></span>', 'DHTML display is disabled - you won\'t see anything until the backup is complete.');
flush();
$ListOfDatabasesToMaybeBackUp = array();
if (defined('DB_NAME')) {
$ListOfDatabasesToMaybeBackUp[] = DB_NAME;
} else {
$db_name_list = mysql_list_dbs();
while (list($dbname) = mysql_fetch_array($db_name_list)) {
$ListOfDatabasesToMaybeBackUp[] = $dbname;
}
}
if (isset($_REQUEST['StartBackup']) && ($_REQUEST['StartBackup'] == 'partial')) {
echo '<script language="JavaScript">'.LINE_TERMINATOR.'<!--'.LINE_TERMINATOR.'function CheckAll(checkornot) {'.LINE_TERMINATOR;
echo 'for (var i = 0; i < document.SelectedTablesForm.elements.length; i++) {'.LINE_TERMINATOR;
echo ' document.SelectedTablesForm.elements[i].checked = checkornot;'.LINE_TERMINATOR;
echo '}'.LINE_TERMINATOR.'}'.LINE_TERMINATOR.'-->'.LINE_TERMINATOR.'</script>';
echo '<form name="SelectedTablesForm" action="'.$_SERVER['PHP_SELF'].'" method="post">';
foreach ($ListOfDatabasesToMaybeBackUp as $dbname) {
$tables = mysql_list_tables($dbname);
if (is_resource($tables)) {
echo '<table border="1"><tr><td colspan="'.ceil(mysql_num_rows($tables) / TABLES_PER_COL).'"><b>'.$dbname.'</b></td></tr><tr><td nowrap valign="top">';
$tablecounter = 0;
while (list($tablename) = mysql_fetch_array($tables)) {
$TableStatusResult = mysql_query('SHOW TABLE STATUS LIKE "'.mysql_escape_string($tablename).'"');
if ($TableStatusRow = mysql_fetch_array($TableStatusResult)) {
if (in_array($TableStatusRow['Type'], $NeverBackupDBtypes)) {
// no need to back up HEAP tables, and will generate errors if you try to optimize/repair
} else {
if ($tablecounter++ >= TABLES_PER_COL) {
echo '</td><td nowrap valign="top">';
$tablecounter = 0;
}
$SQLquery = 'SELECT COUNT(*) AS num FROM '.$tablename;
mysql_select_db($dbname);
$result = mysql_query($SQLquery);
$row = @mysql_fetch_array($result);
echo '<input type="checkbox" name="SelectedTables['.htmlentities($dbname, ENT_QUOTES).'][]" value="'.$tablename.'" checked>'.$tablename.' ('.$row['num'].')<br>';
}
}
}
echo '</td></tr></table><br>';
}
}
if (isset($_POST['DB_HOST'])) {
echo '<input type="hidden" name="DB_HOST" value="'.htmlspecialchars(@$_POST['DB_HOST'], ENT_QUOTES).'">';
echo '<input type="hidden" name="DB_USER" value="'.htmlspecialchars(@$_POST['DB_USER'], ENT_QUOTES).'">';
echo '<input type="hidden" name="DB_PASS" value="'.htmlspecialchars(@$_POST['DB_PASS'], ENT_QUOTES).'">';
}
echo '<input type="button" onClick="CheckAll(true)" value="Select All"> ';
echo '<input type="button" onClick="CheckAll(false)" value="Deselect All"> ';
echo '<input type="hidden" name="StartBackup" value="complete">';
echo '<input type="submit" name="SelectedTablesOnly" value="Create Backup"></form>';
echo '<a href="'.$_SERVER['PHP_SELF'].'">Back to menu</a>';
} elseif (isset($_REQUEST['StartBackup'])) {
if (($GZ_enabled && ($zp = @gzopen($backupabsolutepath.$tempbackupfilename, 'wb'))) ||
(!$GZ_enabled && ($fp = @fopen($backupabsolutepath.$tempbackupfilename, 'wb')))) {
$fileheaderline = '# backupDB() v'.backupDBversion.' (http://www.silisoftware.com)'.LINE_TERMINATOR;
$fileheaderline .= '# mySQL backup ('.date('F j, Y g:i a').') Type = ';
if ($GZ_enabled) {
gzwrite($zp, $fileheaderline, strlen($fileheaderline));
} else {
fwrite($fp, $fileheaderline, strlen($fileheaderline));
}
if ($_REQUEST['StartBackup'] == 'structure') {
if ($GZ_enabled) {
gzwrite($zp, 'Structure Only'.LINE_TERMINATOR.LINE_TERMINATOR, strlen('Structure Only'.LINE_TERMINATOR.LINE_TERMINATOR));
} else {
fwrite($fp, 'Structure Only'.LINE_TERMINATOR.LINE_TERMINATOR, strlen('Structure Only'.LINE_TERMINATOR.LINE_TERMINATOR));
}
$backuptype = 'full';
unset($SelectedTables);
foreach ($ListOfDatabasesToMaybeBackUp as $dbname) {
set_time_limit(60);
$tables = mysql_list_tables($dbname);
if (is_resource($tables)) {
$tablecounter = 0;
while (list($tablename) = mysql_fetch_array($tables)) {
$TableStatusResult = mysql_query('SHOW TABLE STATUS LIKE "'.mysql_escape_string($tablename).'"');
if ($TableStatusRow = mysql_fetch_array($TableStatusResult)) {
if (in_array($TableStatusRow['Type'], $NeverBackupDBtypes)) {
// no need to back up HEAP tables, and will generate errors if you try to optimize/repair
} else {
$SelectedTables[$dbname][] = $tablename;
}
}
}
}
}
} elseif (isset($_REQUEST['SelectedTables']) && is_array($_REQUEST['SelectedTables'])) {
if ($GZ_enabled) {
gzwrite($zp, 'Selected Tables Only'.LINE_TERMINATOR.LINE_TERMINATOR, strlen('Selected Tables Only'.LINE_TERMINATOR.LINE_TERMINATOR));
} else {
fwrite($fp, 'Selected Tables Only'.LINE_TERMINATOR.LINE_TERMINATOR, strlen('Selected Tables Only'.LINE_TERMINATOR.LINE_TERMINATOR));
}
$backuptype = 'partial';
$SelectedTables = $_REQUEST['SelectedTables'];
} else {
if ($GZ_enabled) {
gzwrite($zp, 'Complete'.LINE_TERMINATOR.LINE_TERMINATOR, strlen('Complete'.LINE_TERMINATOR.LINE_TERMINATOR));
} else {
fwrite($fp, 'Complete'.LINE_TERMINATOR.LINE_TERMINATOR, strlen('Complete'.LINE_TERMINATOR.LINE_TERMINATOR));
}
$backuptype = 'full';
unset($SelectedTables);
foreach ($ListOfDatabasesToMaybeBackUp as $dbname) {
set_time_limit(60);
$tables = mysql_list_tables($dbname);
if (is_resource($tables)) {
$tablecounter = 0;
while (list($tablename) = mysql_fetch_array($tables)) {
$TableStatusResult = mysql_query('SHOW TABLE STATUS LIKE "'.mysql_escape_string($tablename).'"');
if ($TableStatusRow = mysql_fetch_array($TableStatusResult)) {
if (in_array($TableStatusRow['Type'], $NeverBackupDBtypes)) {
// no need to back up HEAP tables, and will generate errors if you try to optimize/repair
} else {
$SelectedTables[$dbname][] = $tablename;
}
}
}
}
}
}
$starttime = getmicrotime();
OutputInformation('', null, 'Checking tables...<br><br>');
$TableErrors = array();
foreach ($SelectedTables as $dbname => $selectedtablesarray) {
mysql_select_db($dbname);
$repairresult = '';
$CanContinue = true;
foreach ($selectedtablesarray as $selectedtablename) {
OutputInformation('statusinfo', 'Checking table <b>'.$dbname.'.'.$selectedtablename.'</b>');
$result = mysql_query('CHECK TABLE '.$selectedtablename);
while ($row = mysql_fetch_array($result)) {
set_time_limit(60);
if ($row['Msg_text'] == 'OK') {
mysql_query('OPTIMIZE TABLE '.$selectedtablename);
} else {
OutputInformation('statusinfo', 'Repairing table <b>'.$selectedtablename.'</b>');
$repairresult .= 'REPAIR TABLE '.$selectedtablename.' EXTENDED'."\n\n";
$fixresult = mysql_query('REPAIR TABLE '.$selectedtablename.' EXTENDED');
$ThisCanContinue = false;
while ($fixrow = mysql_fetch_array($fixresult)) {
$thisMessage = $fixrow['Msg_type'].': '.$fixrow['Msg_text'];
$repairresult .= $thisMessage."\n";
switch ($thisMessage) {
case 'status: OK':
case 'error: The handler for the table doesn\'t support repair':
$ThisCanContinue = true;
break;
}
}
if (!$ThisCanContinue) {
$CanContinue = false;
}
$repairresult .= "\n\n".str_repeat('-', 60)."\n\n";
}
}
}
if (!empty($repairresult)) {
echo '<pre>'.$repairresult.'</pre>';
if (!$CanContinue) {
if ($SuppressHTMLoutput) {
ob_end_clean();
echo 'errors';
}
exit;
}
}
}
OutputInformation('statusinfo', '');
OutputInformation('', '<br><b><span id="topprogress">Overall Progress:</span></b><br>');
$overallrows = 0;
foreach ($SelectedTables as $dbname => $value) {
mysql_select_db($dbname);
echo '<table border="1"><tr><td colspan="'.ceil(count($SelectedTables[$dbname]) / TABLES_PER_COL).'"><b>'.$dbname.'</b></td></tr><tr><td nowrap valign="top">';
$tablecounter = 0;
for ($t = 0; $t < count($SelectedTables[$dbname]); $t++) {
if ($tablecounter++ >= TABLES_PER_COL) {
echo '</td><td nowrap valign="top">';
$tablecounter = 1;
}
$SQLquery = 'SELECT COUNT(*) AS num FROM '.$SelectedTables[$dbname][$t];
$result = mysql_query($SQLquery);
$row = mysql_fetch_array($result);
$rows[$t] = $row['num'];
$overallrows += $rows[$t];
echo '<span id="rows_'.$dbname.'_'.$SelectedTables[$dbname][$t].'">'.$SelectedTables[$dbname][$t].' ('.number_format($rows[$t]).' records)</span><br>';
}
echo '</td></tr></table><br>';
}
$alltablesstructure = '';
foreach ($SelectedTables as $dbname => $value) {
mysql_select_db($dbname);
for ($t = 0; $t < count($SelectedTables[$dbname]); $t++) {
set_time_limit(60);
OutputInformation('statusinfo', 'Creating structure for <b>'.$dbname.'.'.$SelectedTables[$dbname][$t].'</b>');
$fieldnames = array();
$structurelines = array();
$result = mysql_query('SHOW FIELDS FROM '.BACKTICKCHAR.$SelectedTables[$dbname][$t].BACKTICKCHAR);
while ($row = mysql_fetch_array($result)) {
$structureline = BACKTICKCHAR.$row['Field'].BACKTICKCHAR;
$structureline .= ' '.$row['Type'];
$structureline .= ' '.($row['Null'] ? '' : 'NOT ').'NULL';
eregi('^[a-z]+', $row['Type'], $matches);
$RowTypes[$dbname][$SelectedTables[$dbname][$t]][$row['Field']] = $matches[0];
if (@$row['Default']) {
if (eregi('^(tiny|medium|long)?(text|blob)', $row['Type'])) {
// no default values
} else {
$structureline .= ' default \''.$row['Default'].'\'';
}
}
$structureline .= ($row['Extra'] ? ' '.$row['Extra'] : '');
$structurelines[] = $structureline;
$fieldnames[] = $row['Field'];
}
mysql_free_result($result);
$tablekeys = array();
$uniquekeys = array();
$fulltextkeys = array();
$result = mysql_query('SHOW KEYS FROM '.BACKTICKCHAR.$SelectedTables[$dbname][$t].BACKTICKCHAR);
while ($row = mysql_fetch_array($result)) {
$uniquekeys[$row['Key_name']] = (bool) ($row['Non_unique'] == 0);
if (isset($row['Index_type'])) {
$fulltextkeys[$row['Key_name']] = (bool) ($row['Index_type'] == 'FULLTEXT');
} elseif (@$row['Comment'] == 'FULLTEXT') {
$fulltextkeys[$row['Key_name']] = true;
} else {
$fulltextkeys[$row['Key_name']] = false;
}
$tablekeys[$row['Key_name']][$row['Seq_in_index']] = $row['Column_name'];
ksort($tablekeys[$row['Key_name']]);
}
mysql_free_result($result);
foreach ($tablekeys as $keyname => $keyfieldnames) {
$structureline = '';
if ($keyname == 'PRIMARY') {
$structureline .= 'PRIMARY KEY';
} else {
if ($fulltextkeys[$keyname]) {
$structureline .= 'FULLTEXT ';
} elseif ($uniquekeys[$keyname]) {
$structureline .= 'UNIQUE ';
}
$structureline .= 'KEY '.BACKTICKCHAR.$keyname.BACKTICKCHAR;
}
$structureline .= ' ('.BACKTICKCHAR.implode(BACKTICKCHAR.','.BACKTICKCHAR, $keyfieldnames).BACKTICKCHAR.')';
$structurelines[] = $structureline;
}
$TableStatusResult = mysql_query('SHOW TABLE STATUS LIKE "'.mysql_escape_string($SelectedTables[$dbname][$t]).'"');
if (!($TableStatusRow = mysql_fetch_array($TableStatusResult))) {
die('failed to execute "SHOW TABLE STATUS" on '.$dbname.'.'.$tablename);
}
$tablestructure = 'CREATE TABLE '.($CreateIfNotExists ? 'IF NOT EXISTS ' : '').($dbNameInCreate ? BACKTICKCHAR.$dbname.BACKTICKCHAR.'.' : '').BACKTICKCHAR.$SelectedTables[$dbname][$t].BACKTICKCHAR.' ('.LINE_TERMINATOR;
$tablestructure .= ' '.implode(','.LINE_TERMINATOR.' ', $structurelines).LINE_TERMINATOR;
$tablestructure .= ') TYPE='.(@$TableStatusRow['Engine'] ? $TableStatusRow['Engine'] : $TableStatusRow['Type']); // MySQL 4.and higher, the 'Type' of database is now 'Engine' <thanks Philippe Soussan>
if ($TableStatusRow['Auto_increment'] !== null) {
$tablestructure .= ' AUTO_INCREMENT='.$TableStatusRow['Auto_increment'];
}
$tablestructure .= ';'.LINE_TERMINATOR.LINE_TERMINATOR;
$alltablesstructure .= str_replace(' ,', ',', $tablestructure);
} // end table structure backup
}
if ($GZ_enabled) {
gzwrite($zp, $alltablesstructure.LINE_TERMINATOR, strlen($alltablesstructure) + strlen(LINE_TERMINATOR));
} else {
fwrite($fp, $alltablesstructure.LINE_TERMINATOR, strlen($alltablesstructure) + strlen(LINE_TERMINATOR));
}
OutputInformation('statusinfo', '');
if ($_REQUEST['StartBackup'] != 'structure') {
$processedrows = 0;
foreach ($SelectedTables as $dbname => $value) {
set_time_limit(60);
mysql_select_db($dbname);
for ($t = 0; $t < count($SelectedTables[$dbname]); $t++) {
$result = mysql_query('SELECT * FROM '.$SelectedTables[$dbname][$t]);
$rows[$t] = mysql_num_rows($result);
if ($rows[$t] > 0) {
$tabledatadumpline = '# dumping data for '.$dbname.'.'.$SelectedTables[$dbname][$t].LINE_TERMINATOR;
if ($GZ_enabled) {
gzwrite($zp, $tabledatadumpline, strlen($tabledatadumpline));
} else {
fwrite($fp, $tabledatadumpline, strlen($tabledatadumpline));
}
}
unset($fieldnames);
for ($i = 0; $i < mysql_num_fields($result); $i++) {
$fieldnames[] = mysql_field_name($result, $i);
}
if ($_REQUEST['StartBackup'] == 'complete') {
$insertstatement = ($ReplaceInto ? 'REPLACE' : 'INSERT').' INTO '.BACKTICKCHAR.$SelectedTables[$dbname][$t].BACKTICKCHAR.' ('.BACKTICKCHAR.implode(BACKTICKCHAR.', '.BACKTICKCHAR, $fieldnames).BACKTICKCHAR.') VALUES (';
} else {
$insertstatement = ($ReplaceInto ? 'REPLACE' : 'INSERT').' INTO '.BACKTICKCHAR.$SelectedTables[$dbname][$t].BACKTICKCHAR.' VALUES (';
}
$currentrow = 0;
$thistableinserts = '';
while ($row = mysql_fetch_array($result)) {
unset($valuevalues);
foreach ($fieldnames as $key => $val) {
if ($row[$key] === null) {
$valuevalues[] = 'NULL';
} else {
switch ($RowTypes[$dbname][$SelectedTables[$dbname][$t]][$val]) {
// binary data dump, two hex characters per byte
case 'tinyblob':
case 'blob':
case 'mediumblob':
case 'longblob':
if ($HexBLOBs) {
$data = $row[$key];
$data_len = strlen($data);
$hexstring = '0x';
for ($i = 0; $i < $data_len; $i++) {
$hexstring .= str_pad(dechex(ord($data{$i})), 2, '0', STR_PAD_LEFT);
}
$valuevalues[] = $hexstring;
} else {
$valuevalues[] = QUOTECHAR.mysql_escape_string($row[$key]).QUOTECHAR;
}
break;
// just the (numeric) value, not surrounded by quotes
case 'tinyint':
case 'smallint':
case 'mediumint':
case 'int':
case 'bigint':
case 'float':
case 'double':
case 'decimal':
case 'year':
$valuevalues[] = mysql_escape_string($row[$key]);
break;
// value surrounded by quotes
case 'varchar':
case 'char':
case 'tinytext':
case 'text':
case 'mediumtext':
case 'longtext':
case 'enum':
case 'set':
case 'date':
case 'datetime':
case 'time':
case 'timestamp':
default:
$valuevalues[] = QUOTECHAR.mysql_escape_string($row[$key]).QUOTECHAR;
break;
}
}
}
$thistableinserts .= $insertstatement.implode(', ', $valuevalues).');'.LINE_TERMINATOR;
if (strlen($thistableinserts) >= BUFFER_SIZE) {
if ($GZ_enabled) {
gzwrite($zp, $thistableinserts, strlen($thistableinserts));
} else {
fwrite($fp, $thistableinserts, strlen($thistableinserts));
}
$thistableinserts = '';
}
if ((++$currentrow % STATS_INTERVAL) == 0) {
set_time_limit(60);
if ($DHTMLenabled) {
OutputInformation('rows_'.$dbname.'_'.$SelectedTables[$dbname][$t], '<b>'.$SelectedTables[$dbname][$t].' ('.number_format($rows[$t]).' records, ['.number_format(($currentrow / $rows[$t])*100).'%])</b>');
$elapsedtime = getmicrotime() - $starttime;
$percentprocessed = ($processedrows + $currentrow) / $overallrows;
$overallprogress = 'Overall Progress: '.number_format($processedrows + $currentrow).' / '.number_format($overallrows).' ('.number_format($percentprocessed * 100, 1).'% done) ['.FormattedTimeRemaining($elapsedtime).' elapsed';
if (($percentprocessed > 0) && ($percentprocessed < 1)) {
$overallprogress .= ', '.FormattedTimeRemaining(abs($elapsedtime - ($elapsedtime / $percentprocessed))).' remaining';
}
$overallprogress .= ']';
OutputInformation('topprogress', $overallprogress);
}
}
}
if ($DHTMLenabled) {
OutputInformation('rows_'.$dbname.'_'.$SelectedTables[$dbname][$t], $SelectedTables[$dbname][$t].' ('.number_format($rows[$t]).' records, [100%])');
$processedrows += $rows[$t];
}
if ($GZ_enabled) {
gzwrite($zp, $thistableinserts.LINE_TERMINATOR.LINE_TERMINATOR, strlen($thistableinserts) + strlen(LINE_TERMINATOR) + strlen(LINE_TERMINATOR));
} else {
fwrite($fp, $thistableinserts.LINE_TERMINATOR.LINE_TERMINATOR, strlen($thistableinserts) + strlen(LINE_TERMINATOR) + strlen(LINE_TERMINATOR));
}
}
}
}
if ($GZ_enabled) {
gzclose($zp);
} else {
fclose($fp);
}
if ($_REQUEST['StartBackup'] == 'structure') {
$newfullfilename = $backupabsolutepath.$strubackupfilename;
} elseif ($backuptype == 'full') {
$newfullfilename = $backupabsolutepath.$fullbackupfilename;
} else {
$newfullfilename = $backupabsolutepath.$partbackupfilename;
}
if (file_exists($newfullfilename)) {
unlink($newfullfilename); // Windows won't allow overwriting via rename
}
rename($backupabsolutepath.$tempbackupfilename, $newfullfilename);
if (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN') {
touch($newfullfilename);
if (!chmod($newfullfilename, 0777)) {
}
}
echo '<br>Backup complete in '.FormattedTimeRemaining(getmicrotime() - $starttime, 2).'.<br>';
echo '<a href="'.str_replace(@$_SERVER['DOCUMENT_ROOT'], '', $backupabsolutepath).basename($newfullfilename).'"><b>'.basename($newfullfilename).'</b> ('.FileSizeNiceDisplay(filesize($newfullfilename), 2);
echo ')</a><br><br><a href="'.$_SERVER['PHP_SELF'].'">Back to MySQL Database Backup main menu</a><br>';
OutputInformation('cancellink', '');
} else {
echo '<b>Warning:</b> failed to open '.$backupabsolutepath.$tempbackupfilename.' for writing!<br><br>';
if (is_dir($backupabsolutepath)) {
echo '<i>CHMOD 777</i> on the directory ('.htmlentities($backupabsolutepath).') should fix that.';
} else {
echo 'The specified directory does not exist: "'.htmlentities($backupabsolutepath).'"';
}
}
} else { // !$_REQUEST['StartBackup']
if (file_exists($backupabsolutepath.$fullbackupfilename)) {
echo 'It is now '.gmdate('F j, Y g:ia T', time() + date('Z')).'<br>';
echo 'Last full backup of MySQL databases: ';
$lastbackuptime = filemtime($backupabsolutepath.$fullbackupfilename);
echo gmdate('F j, Y g:ia T', $lastbackuptime + date('Z'));
echo ' (<b>'.FormattedTimeRemaining(time() - $lastbackuptime).'</b> ago)<br>';
if ((time() - $lastbackuptime) < 86400) {
echo 'Generally, backing up more than once a day is not neccesary.<br>';
}
echo '<br><a href="'.str_replace(@$_SERVER['DOCUMENT_ROOT'], '', $backupabsolutepath).$fullbackupfilename.'">Download previous full backup ('.FileSizeNiceDisplay(filesize($backupabsolutepath.$fullbackupfilename), 2).')</a> (right-click, Save As...)<br><br>';
} else {
echo 'Last backup of MySQL databases: <i>unknown</i>'.($backuptimestamp ? ' (incompatible with timestamping)' : '').'<br>';
}
$BackupTypesList = array(
'complete' => 'Full backup, complete inserts (recommended)',
'standard' => 'Full backup, standard inserts (smaller)',
'partial' => 'Selected tables only (with complete inserts)',
'structure' => 'Table structure(s) only'
);
echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post">';
if (isset($_POST['DB_HOST'])) {
echo '<input type="hidden" name="DB_HOST" value="'.htmlspecialchars(@$_POST['DB_HOST'], ENT_QUOTES).'">';
echo '<input type="hidden" name="DB_USER" value="'.htmlspecialchars(@$_POST['DB_USER'], ENT_QUOTES).'">';
echo '<input type="hidden" name="DB_PASS" value="'.htmlspecialchars(@$_POST['DB_PASS'], ENT_QUOTES).'">';
}
echo '<select name="StartBackup">';
foreach ($BackupTypesList as $key => $value) {
echo '<option value="'.$key.'">'.htmlentities($value).'</option>';;
}
echo '</select><br>';
echo '<input type="submit" value="Go">';
echo '</form>';
}
if ($SuppressHTMLoutput) {
ob_end_clean();
echo "File saved to $backupabsolutepath.$fullbackupfilename.";
}
if ($CloseWindowOnFinish) {
// Auto close the browser after the script finishes.
// This will allow task scheduler in Windows to work properly,
// else the task will be considered running until the browser is closed
echo '<script language="javascript">'."\n";
echo 'window.opener = top;'."\n";
echo 'window.close();'."\n";
echo '</script>';
}
?>

59
bikes/customers_barcode.php

@ -0,0 +1,59 @@
<?php session_start();
include ("../settings.php");
include("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/display.php");
include ("../classes/security_functions.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(isset($_GET['generateWith']))
{
$generateWith=$_GET['generateWith'];
}
else
{
$generateWith='id';
}
$display->displayTitle("$lang->customersBarcode"." ($generateWith)");
echo "<a href='customers_barcode.php?generateWith=account_number'>$lang->accountNumber</a> / <a href='customers_barcode.php?generateWith=id'>id</a>";
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$customers_table=$cfg_tableprefix.'customers';
$result=mysql_query("SELECT * FROM $customers_table ORDER by last_name",$dbf->conn);
echo '<table border=0 width=85% align=center cellspacing=5 cellpadding=12>
<tr>';
$counter=0;
while($row=mysql_fetch_assoc($result))
{
if($counter%2==0)
{
echo '</tr><tr>';
}
echo "<td align='center'><img src='../classes/barcode.php?barcode=$row[$generateWith]&width=227&text=*$row[last_name], $row[first_name]*'></td>";
$counter++;
}
echo '</tr></table>';
$dbf->closeDBlink();
?>

169
bikes/form_bikes.php

@ -0,0 +1,169 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../settings.php");
include("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
include ("../classes/form.php");
include ("../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
//set default values, these will change if $action==update.
$bikebrand_value='';
$bikemodel_value='';
$bikecolor_value='';
$biketype_number_value='';
$wheel_value='';
$frame_value='';
$bikestatus_value="$_GET[mode]";
$putinservice_value='';
$inrepair_value='';
$retired_value='';
$sold_value='';
$notes_value='';
$id=-1;
//decides if the form will be used to update or add a bike.
if(isset($_GET['action']))
{
$action=$_GET['action'];
}
else
{
$action="update";
}
//if action is update, sets variables to what the current users data is.
if($action=="update")
{
if (!$_POST[id] && !$_GET[passbike]){ echo "Oops. Try again. Maybe with a valid bike number this time"; die(); }
$display->displayTitle("Update a $_POST[mode] Bike");
if(isset($_POST['id']) || isset($_GET['passbike']))
{
$id=$_POST['id'];
if($id == ""){
$id=$_GET[passbike];
}
$tablename = "$cfg_tableprefix".'bikes';
$queree = "SELECT * FROM $tablename WHERE id=$id";
$result = mysql_query("$queree",$dbf->conn);
$row = mysql_fetch_assoc($result);
$bikebrand_value=$row['bikebrand'];
$bikemodel_value=$row['bikemodel'];
$bikecolor_value=$row['bikecolor'];
$biketype_value=$row['biketype'];
if ($biketype_value == ""){ echo "Oops, one of the fly rod's has gone out askew on the treddle. Try again. Maybe with a valid bike number this time"; die(); }
$wheel_value=$row['wheel'];
$frame_value=$row['frame'];
$bikestatus_value=$row['bikestatus'];
$putinservice_value=$row['putinservice'];
$inrepair_value=$row['inrepair'];
if($putinservice_value != "0000-00-00" && $bikestatus_value == "repair"){ echo "This fuckin bike was a repair and has already been returned to the owner."; die();}
if ($inrepair_value != '' && $inrepair_value != '0000-00-00' && $bikestatus_value == "library"){ echo "<center><h4 style=\"background: #000000; color: #FFFFFF; display: inline;\">This library bike is in for repair!</h4><center><br />"; }
$userID_value=$row['userID'];
$retired_value=$row['retired'];
if($retired_value != "0000-00-00" && $retired_value != ""){ die('This bike has been retired and probably stripped down');}
$sold_value=$row['sold'];
$notes_value=$row['notes'];
}
}
else
{
$display->displayTitle("Add a $bikestatus_value Bike");
}
//creates a form object
$f1=new form('process_form_bikes.php','POST','bikes','450',$cfg_theme,$lang);
//creates form parts.
//Get user List first
$idarray = array();
$namearray = array();
$result = mysql_query("SELECT id,first_name,last_name FROM customers ORDER BY last_name ASC");
while($field = mysql_fetch_array($result)) {
$namearray[] = "$field[last_name], $field[first_name]";
$idarray[] = "$field[id]";
}
if($_POST[id]){ $disable = "DISABLED"; }
if ($_GET[mode] == "repair" || isset($userID_value) && $userID_value != 0){ $f1->createSelectField("<b>Which Member?</b>",'userID',$idarray,$namearray,'150',"$disable","$userID_value"); }
$f1->createInputField("<b>Brand:</b> ",'text','bikebrand',"$bikebrand_value",'24','150');
$f1->createInputField("<b>Model:</b> ",'text','bikemodel',"$bikemodel_value",'24','150');
$f1->createInputField("<b>Color:</b> ",'text','bikecolor',"$bikecolor_value",'24','150');
//make the bike type arrays
$option_values = array('newroad','10spd','8spdinternal','5spd','3spd','singlespeedcoaster','singlespeed','fixedgear','mountain','hybrid','chopper');
$option_titles = array('road bike (12-27speed)','10 speed road bike','8 speed internal hub','5 speed road bike','3 speed internal hub','single speed w/coaster brake','single speed w/brakes','fixed gear','mountain bike','hybrid (road/mountain)','chopper');
$f1->createSelectField("<b>Bike Type</b>",'biketype',$option_values,$option_titles,'150','NULL',"$biketype_value");
//make the wheel size array
$option_values = array('20inch','22inch','24inch','26inch','26fractional','27inch','','','650','700');
$option_titles = array('20 inch','22 inch','24 inch','26 inch','26 by fraction','27 inch','','----Metric Crap----','650','700c');
$f1->createSelectField("<b>Wheel Size</b>",'wheel',$option_values,$option_titles,'150','NULL',"$wheel_value");
$f1->createInputField("<b>Frame Height (inches)</b>: ",'text','frame',"$frame_value",'4','150');
//select bikeStatus here
//make the bike status array and form field
$option_values = array('library','sale','repair');
$option_titles = array('Library bike','For sale bike','Member bike in for repair');
if($action == "insert"){ $statdisable = "DISABLED"; }
$f1->createSelectField("<b>Bike Status</b>",'bikestatus',$option_values,$option_titles,'150',"$statdisable","$bikestatus_value");
if ($_GET[mode] == "repair"){ $f1->createSingleDateSelectField("To be picked up on:"); }
// major changes to library bike
if($inrepair_value != "" && $inrepair_value != "0000-00-00"){ $repairtext = "Mark library bike as fixed"; $repairvalue = "makeoutrepair"; }
else { $repairtext = "Mark as broken library bike"; $repairvalue = "makeinrepair";}
$option_values = array("$repairvalue",'makeretire');
$option_titles = array("$repairtext",'Retire this bike from library');
if($bikestatus_value=="library" && $action=="update"){ $f1->createRadioField("Major Updates",'majorupdates',$option_values,$option_titles,'150','',"$bikestatus_value"); }
$f1->createTextareaField("Repair needed:<br />Accepted by:<br />Other notes:",'notes','6','30',"$notes_value",'150');
if($bikestatus_value == "repair"){
$f1->createCheckboxField("Remember to process payment<br /> in the sales area. ",'repairpickup','150','','','<b>Check if being picked up</b>');
}
//sends 2 hidden varibles needed for process_form_users.php.
echo "
<input type='hidden' name='action' value='$action'>
<input type='hidden' name='id' value='$id'>";
if($action == "insert"){ echo "<input type='hidden' name='bikestatus' value='$_GET[mode]'>"; }
$f1->endForm();
$dbf->closeDBlink();
?>
</body>
</html>

57
bikes/index.php

@ -0,0 +1,57 @@
<?php session_start();
include ("../settings.php");
include("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
if(!$sec->isLoggedIn()){
header("location: ../login.php");
exit();
}
if(!$sec->isOpen()){
header("location: ../books/openshop.php");
exit();
}
echo "
<html>
<body>
<head>
</head>
<table border=\"0\" width=\"500\">
<tr>
<td><img border=\"0\" src=\"../images/customers.gif\" width=\"41\" height=\"33\" valign='top'><font color='#005B7F' size='4'>&nbsp;<b>Rental Bikes - Sale Bikes - Repair Bikes</b></font><br>
<br>
<font face=\"Verdana\" size=\"2\">Welcome to the Bikes panel! Here you can manage <b>any</b> bikes that are in the shop. What would you like to do?
<br /><br /><b>Add a bike!</b>
<ul>
<li><font face=\"Verdana\" size=\"2\"><a href=\"form_bikes.php?action=insert&mode=repair\">Enter a new member bike in for repair</a></font><br /><br /></li>
<li><font face=\"Verdana\" size=\"2\"><a href=\"form_bikes.php?action=insert&mode=library\">Add a new bike to the library</a></font><br /><br /></li>
<li><font face=\"Verdana\" size=\"2\"><a href=\"form_bikes.php?action=insert&mode=sale\">Add a new for-sale completed bike</a></font><br /><br /></li>
</ul></font>
<font face=\"Verdana\" size=\"2\"><b>Update/modify bike info</b><br /></font>
<form name=bikenumber enctype=\"multipart/form-data\" method=\"POST\" action=\"form_bikes.php?action=update\">
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font face=\"Verdana\" size=\"2\">Bike Number:</font>
&nbsp;<input type=\"text\" name=\"id\" size=\"10\">
<input type=\"submit\" name=\"submit\" value=\"Ok Go!\">
</form>
</td>
</tr>
</table>
</body>
</html>";
$dbf->closeDBlink();
?>

74
bikes/manage_customers.php

@ -0,0 +1,74 @@
<?php session_start(); ?>
<html>
<head>
<SCRIPT LANGUAGE="Javascript">
<!---
function decision(message, url)
{
if(confirm(message) )
{
location.href = url;
}
}
// --->
</SCRIPT>
</head>
<body>
<?php
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
include ("../classes/display.php");
include ("../classes/form.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
$display->displayTitle("Manage Members");
$f1=new form('manage_customers.php','POST','customers','450',$cfg_theme,$lang);
$f1->createInputField("<b>$lang->searchForCustomer</b>",'text','search','','24','150');
$option_values2=array('first_name','last_name','account_number','id');
$option_titles2=array("$lang->firstName","$lang->lastName","$lang->accountNumber",'ID');
$f1->createSelectField("<b>$lang->searchBy</b>",'searching_by',$option_values2,$option_titles2,100);
$f1->endForm();
$tableheaders=array("$lang->rowID","$lang->lastName","$lang->firstName","$lang->phoneNumber","$lang->email","$lang->streetAddress","More Info","Update/Edit Member","Remove Member");
$tablefields=array('id','last_name','first_name','phone_number','email','street_address');
if(isset($_POST['search']))
{
$search=$_POST['search'];
$searching_by =$_POST['searching_by'];
echo "<center>$lang->searchedForItem: <b>$search</b> $lang->searchBy <b>$searching_by</b></center>";
$display->displayManageTable("$cfg_tableprefix",'customers',$tableheaders,$tablefields,"$searching_by","$search",'last_name');
}
else
{
$display->displayManageTable("$cfg_tableprefix",'customers',$tableheaders,$tablefields,'','','last_name');
}
$dbf->closeDBlink();
?>
</body>
</html>

160
bikes/process_form_bikes.php

@ -0,0 +1,160 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
//creates 3 objects needed for this script.
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
//checks if user is logged in.
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit ();
}
//variables needed globably in this file.
$tablename="$cfg_tableprefix".'bikes';
$field_names=null;
$field_data=null;
//$id=-1;
//checks to see if action is delete and an ID is specified. (only delete uses $_GET.)
if(isset($_GET['action']) and isset($_GET['id']))
{
$action=$_GET['action'];
$id=$_GET['id'];
}
//checks to make sure data is comming from form ($action is either dateup or update)
elseif(isset($_POST['bikebrand']) and isset($_POST['bikemodel']) and isset($_POST['bikecolor'])
and isset($_POST['biketype']) and isset($_POST['wheel']) and isset($_POST['frame']) and isset($_POST['bikestatus']) and isset($_POST['id']) and isset($_POST['action']) )
{
$action=$_POST['action'];
$id = $_POST['id'];
//gets variables ALWAYS used for everything
$bikebrand=$_POST['bikebrand'];
$bikemodel=$_POST['bikemodel'];
$bikecolor=$_POST['bikecolor'];
$biketype=$_POST['biketype'];
$wheel=$_POST['wheel'];
$frame=$_POST['frame'];
$bikestatus=$_POST['bikestatus'];
//Adding a library bike to be in-service? Make a date for it... today perhaps?
if($action == "insert" && $bikestatus == "library"){ $putinservice=date('Y-m-d'); }
//Making a library bike into an out of service library bike or vice versa? Make it so in the DB...
if($_POST[majorupdates] == "makeinrepair"){ $inrepair = date('Y-m-d'); }
if($_POST[majorupdates] == "makeoutrepair"){ $inrepair = ""; }
//same for retiring a library bike
if($_POST[majorupdates] == "makeretire"){ $retired = date('Y-m-d'); }
//If it's a member repair... same as above
if($bikestatus == "repair" && $action == "insert"){ $inrepair = date('Y-m-d'); $userID=$_POST['userID']; }
if($bikestatus == "repair" && $action == "update" && $_POST[repairpickup] == "on"){ $pickedupdate = date('Y-m-d'); }
$duedate= "$_POST[year]-$_POST[month]-$_POST[day]";
$notes=$_POST['notes'];
// HERE YOU ARE UP TO
//ensure all fields are filled in.
if($bikebrand=='' or $bikemodel=='' or $bikecolor=='' or $frame=='')
{
echo "$lang->forgottenFields";
exit();
}
else if($bikestatus == "library" && $action == "insert")
{
$field_names=array('bikebrand','bikemodel','bikecolor','biketype','wheel','frame','bikestatus','putinservice','inrepair',' retired','notes');
$field_data=array("$bikebrand","$bikemodel","$bikecolor","$biketype","$wheel","$frame","$bikestatus","$putinservice","$inrepair","$retired","$notes");
}
else if($bikestatus == "library" && $action == "update")
{
$field_names=array('bikebrand','bikemodel','bikecolor','biketype','wheel','frame','bikestatus','inrepair',' retired','notes');
$field_data=array("$bikebrand","$bikemodel","$bikecolor","$biketype","$wheel","$frame","$bikestatus","$inrepair","$retired","$notes");
}
else if($bikestatus == "sale")
{
$field_names=array('bikebrand','bikemodel','bikecolor','biketype','wheel','frame','bikestatus','notes');
$field_data=array("$bikebrand","$bikemodel","$bikecolor","$biketype","$wheel","$frame","$bikestatus","$notes");
}
else if($bikestatus == "repair" && $action == "update")
{
$field_names=array('bikebrand','bikemodel','bikecolor','biketype','wheel','frame','bikestatus','notes','putinservice');
$field_data=array("$bikebrand","$bikemodel","$bikecolor","$biketype","$wheel","$frame","$bikestatus","$notes","$pickedupdate");
}
else if($bikestatus == "repair" && $action == "insert")
{
$field_names=array('bikebrand','bikemodel','bikecolor','biketype','wheel','frame','bikestatus','inrepair','userID','duedate','notes');
$field_data=array("$bikebrand","$bikemodel","$bikecolor","$biketype","$wheel","$frame","$bikestatus","$inrepair","$userID","$duedate","$notes");
}
}
else
{
//outputs error message because user did not use form to fill out data.
echo "$lang->mustUseForm";
exit();
}
switch ($action)
{
//finds out what action needs to be taken and preforms it by calling methods from dbf class.
case $action=="insert":
$dbf->insert($field_names,$field_data,$tablename,true);
$newnumber = mysql_insert_id();
break;
case $action=="update":
$dbf->update($field_names,$field_data,$tablename,$id,true);
break;
case $action=="delete":
$dbf->deleteRow($tablename,$id);
break;
default:
echo "$lang->noActionSpecified";
break;
}
$dbf->closeDBlink();
if($action == "insert"){ echo "<center><h2>Important!!!</h2><h2>Tag this bike as BIKE NUMBER $newnumber</h2>"; }
?>
<br />
<a href="index.php">Manage Bikes--></a>
<br>
<a href="/pos/home.php">Go Home--></a></center>
</body>
</html>

76
books/closeshop.php

@ -0,0 +1,76 @@
<?php session_start(); ?>
<html>
<head>
<link rel="stylesheet" href="form.css" type="text/css">
</head>
<body>
<?php
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
include ("../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$today = date("Y-m-d");
//$result = mysql_query("SELECT * FROM books");
$body.="</select>";
$tablename = $cfg_tableprefix.'users';
$userLoginName = $dbf->idToField($tablename,'username',$_SESSION['session_user_id']);
if(isset($_GET[error])){
$error = (int)$_GET[error];
$errorMsg = "";
switch($error){
case 1:
$errorMsg="ERROR: invalid username or password";
break;
case 2:
$errorMsg="ERROR: Not a valid ammount: [$_GET[count]]";
break;
}
}
if($errorMsg != ""){
$body.="<br><font color=\"red\">".$errorMsg."</font><br>";
}
$body.="
<h2>Close The Shop...</h2>
<form class=\"form\" name=closeform enctype=\"multipart/form-data\" method=\"POST\" action=\"verifyaction.php\">
<h5>Please count all cash, cheques, and coupons in the coin box</h5>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font face=\"Verdana\" size=\"2\">Closing Count: $
<input type=\"text\" name=\"ammount\" size=\"10\" value=\"$_GET[count]\">
<br>
Counted by:
<blockquote>Username: <input type=\"text\" name=\"username\" size=\"15\" value=\"$userLoginName\"><br>
Password: <input type=\"password\" name=\"password\" size=\"15\"></blockquote>
<br><br><br>
<input type=\"hidden\" name=\"action\" value=\"2\">
<input type=\"hidden\" name=\"data\" value=\"0\">
</font>
<input type=\"submit\" name=\"submit\" value=\"Process!\">
</form>
";
echo "$body";
// &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Counted by <b>$userLoginName</b>&nbsp;<input type=\"checkbox\" name=\"counter\">
$dbf->closeDBlink();
?>
</body>
</html>

96
books/depositPayout.php

@ -0,0 +1,96 @@
<?php session_start(); ?>
<html>
<head>
<link rel="stylesheet" href="form.css" type="text/css">
</head>
<body>
<?php
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
include ("../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$today = date("Y-m-d");
//$result = mysql_query("SELECT * FROM books");
$body.="</select>";
$tablename = $cfg_tableprefix.'users';
$userLoginName = $dbf->idToField($tablename,'username',$_SESSION['session_user_id']);
if(isset($_GET[error])){
$error = (int)$_GET[error];
$errorMsg = "";
switch($error){
case 1:
$errorMsg="ERROR: invalid username or password";
break;
case 2:
$errorMsg="ERROR: Not a valid ammount: [$_GET[count]]";
break;
case 3:
$errorMsg="ERROR: Invalid Data";
break;
}
}
if($errorMsg != ""){
$body.="<br><font color=\"red\">".$errorMsg."</font><br>";
}
$body.="
<table border=\"0\"><tr><td>
<h2>Deposit...</h2>
<form class=\"form\" name=depositform enctype=\"multipart/form-data\" method=\"POST\" action=\"verifyaction.php\">
<h5>Please count all cash, cheques, and coupons in the coin box</h5>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font face=\"Verdana\" size=\"2\">Deposit Ammount: $
<input type=\"text\" name=\"ammount\" size=\"10\" value=\"$_GET[count]\">
<br>
Approved by:
<blockquote>Username: <input type=\"text\" name=\"username\" size=\"15\" value=\"$userLoginName\"><br>
Password: <input type=\"password\" name=\"password\" size=\"15\"></blockquote>
<br><br><br>
<input type=\"hidden\" name=\"action\" value=\"4\">
Deposited by: <input type=\"text\" name=\"data\" value=\"$_GET[data]\">
</font>
<input type=\"submit\" name=\"submit\" value=\"Process Deposit!\">
</form></td><td>
<h2>Payout...</h2>
<form class=\"form\" name=payoutform enctype=\"multipart/form-data\" method=\"POST\" action=\"verifyaction.php\">
<h5>Please count all cash, cheques, and coupons in the coin box</h5>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font face=\"Verdana\" size=\"2\">Payout Ammount: $
<input type=\"text\" name=\"ammount\" size=\"10\" value=\"$_GET[count]\">
<br>
Approved by:
<blockquote>Username: <input type=\"text\" name=\"username\" size=\"15\" value=\"$userLoginName\"><br>
Password: <input type=\"password\" name=\"password\" size=\"15\"></blockquote>
<br><br><br>
<input type=\"hidden\" name=\"action\" value=\"5\">
Payee: <input type=\"text\" name=\"data\" value=\"$_GET[data]\">
For: <input type=\"text\" name=\"data2\" value=\"$_GET[data2]\">
</font>
<input type=\"submit\" name=\"submit\" value=\"Process Payout!\">
</form></td></tr></table>
";
echo "$body";
// &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Counted by <b>$userLoginName</b>&nbsp;<input type=\"checkbox\" name=\"counter\">
$dbf->closeDBlink();
?>
</body>
</html>

2
books/error_log

@ -0,0 +1,2 @@
[12-Mar-2009 01:49:01] PHP Parse error: syntax error, unexpected T_STRING in /home/recycle/public_html/www_campusbike.ca/pos/books/openshop.php on line 68
[12-Mar-2009 01:49:16] PHP Parse error: syntax error, unexpected $end in /home/recycle/public_html/www_campusbike.ca/pos/books/openshop.php on line 91

32
books/form.css

@ -0,0 +1,32 @@
.form {
width: 400px;
margin-left: 15%;
//margin-right: auto;
margin-top: 0px;
padding: 10px;
border: 1px dotted #b2c7e7;
background-color: #EEEEEE;
}
.subform {
width: 250px;
margin: 0px;
padding: 0px;
border: 0px solid black;
background-color: #EEEEEE;
}
h2 {
width: 200px;
margin-top: 20px;
margin-bottom: 0px;
margin-left: 15%;
border-top: 1px dotted #b2c7e7;
border-left: 1px dotted #b2c7e7;
border-right: 1px dotted #b2c7e7;
background-color: #FFFFFF;
}
body {
background-color: #BBBBBB;
}

75
books/form_open.php

@ -0,0 +1,75 @@
<?php session_start();?>
<html>
<head>
</head>
<body>
<?php
include ("../settings.php");
include ("../classes/db_functions.php");
include ("../language/$cfg_language");
include ("../classes/security_functions.php");
include ("../classes/form.php");
include ("../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
echo "Processing...";
//check to make sure it's a number
if(!strval(floatval($_POST[openCount])) == strval($_POST[openCount])){
echo "<script>document.location.href='openshop.php?error=2&count=$_POST[openCount]'</script>";
exit();
}
//check to make sure it was the administrator who counted
if(!$_POST[counter]){
echo "<script>document.location.href='openshop.php?error=1'</script>";
exit();
}
//$tablename = $cfg_tableprefix.'users';
$userLoginName = $dbf->idToField($cfg_tableprefix.'users','username',$_SESSION['session_user_id']);
$tablename="$cfg_tableprefix".'books';
$field_names=null;
$field_data=null;
$today = date('Y-m-d');
$adminID = $_SESSION['session_user_id'];
$field_names=array('date','event','user','ammount','data');
$field_data=array("$today", "open", "$adminID","$_POST[openCount]","$_POST[mechID]");
$dbf->insert($field_names,$field_data,$tablename,"");
$tablename="$cfg_tableprefix".'visits';
$tdin = date('Y-m-d H:i:s');
$field_names=array('userID','intime','activity');
$field_data=array("$_POST[mechID]", "$tdin", "Mechanic");
$dbf->insert($field_names, $field_data, $tablename, "");
$adminID = $dbf->idToField($cfg_tableprefix.'users','customerID',$_SESSION['session_user_id']);
$field_data=array("$adminID", "$tdin", "Administrator");
$dbf->insert($field_names, $field_data, $tablename, "");
//$query = "INSERT INTO 'visits' ('userID' ,'intime' ,'activity') VALUES ('$_POST[mechID]', '$tdin', '\"using\"')";
//mysql_query($query);
echo "<script>document.location.href='../home.php'</script>";
$dbf->closeDBlink();
?>
</body>
</html>

162
books/open_form.php

@ -0,0 +1,162 @@
\<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../settings.php");
include ("../classes/db_functions.php");
include("../language/$cfg_language");
include ("../classes/security_functions.php");
include ("../classes/form.php");
include ("../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
//set default values, these will change if $action==update.
$userID='';
$loanID='';
$deposittaken='';
$loandate='';
$returndate='';
$notes='';
$latefeespaid='';
$paid='';
$id=-1;
//echo "post is $_POST[bikeID]and id is $id";
//Destroy the world if they didn't put a valid bike number in. Then apologize.
$bikecheck = mysql_query("SELECT * FROM bikes WHERE id='$_POST[bikeID]' LIMIT 1",$dbf->conn);
echo mysql_error();
$bikeexists = mysql_fetch_array($bikecheck);
$back = "<br /><br /><a href=\"index.php\">[Go Baaaaaack]</a>";
if($bikeexists['id'] == ""){ echo "<br />Bike Doesn't exist. Divide by zero. Did you put a bike number in the box? If you <b>did</b> put a number in, go back and try typing it again.$back"; die(); }
if($bikeexists['bikestatus'] == "repair"){ echo "<br />This is <b>a personal bike in for repair!</b> Take it from them and make a note! $back"; die(); }
if($bikeexists['bikestatus'] != "library"){ echo "<br />This is not a library bike. It is marked as <b>$bikeexists[bikestatus]</b>. Take it from them and tell the IT working group $back"; die(); }
if($bikeexists['putinservice'] == "" || $bikeexists['putinservice'] == "0000-00-00"){ echo "<br />This bike has not yet been put in service! DO NOT LOAN. Merci! $back"; die(); }
if($bikeexists['inrepair'] != "" && $bikeexists['inrepair'] != "0000-00-00"){ echo "<br />This bike is in repair. DO NOT LOAN. Merci! $back"; die(); }
if($bikeexists['retired'] != "" && $bikeexists['retired'] != "0000-00-00"){ echo "<br />This bike has been retired from the library. Do not loan. $back"; die(); }
//Check if bike is in or out
$inoutquery = mysql_query("SELECT * FROM libraryloans WHERE bikeID='$_POST[bikeID]' AND bikeout=1",$dbf->conn);
$loanarray = mysql_fetch_array($inoutquery);
//decides if the form will be used to sign in or add a loan.
if($loanarray['id'] != "")
{
$action="update";
// print_r($loanarray);
}
else
{
$action="insert";
}
//if action is update, sets variables to what the current loan data is.
if($action=="update")
{
$display->displayTitle("Bike is OUT. Sign it in");
if(isset($_POST['bikeID']))
{
// echo "Now it's all: $_POST[bikeID]";
$bikeID=$_POST['bikeID'];
$tablename = "$cfg_tableprefix".'libraryloans';
$result = mysql_query("SELECT *, UNIX_TIMESTAMP(duedate)as latedate FROM $tablename WHERE bikeID=\"$bikeID\" AND bikeout=1",$dbf->conn);
$row = mysql_fetch_assoc($result);
$userID=$row['userID'];
$loanID=$row['id'];
$deposittaken=$row['deposittaken'];
$loandate=$row['loandate'];
$duedate=$row['duedate'];
$returndate=$row['returndate'];
$notes=$row['notes'];
$latefees=$row['latefees'];
$latedate=$row['latedate'];
$today = date('U');
if($today > $latedate){
$todayowing = round((($today-$latedate)/60/60/24)-1, 0) * $cfg_dailyLateFee;
echo "<center>There is <b>\$$todayowing.00</b> owing in late fees.</center><br />";
}
}
}
else
{
$display->displayTitle("Bike #$_POST[bikeID] is available for loan. Use form below.");
}
//creates a form object
$f1=new form('process_form_library.php','POST','library','450',$cfg_theme,$lang);
// Get User ID's and names for the select creation
//sidenote: if user has bike, grab user number and add SELECTED to their entry in the select (last 3 lines)
$fnamearray = array();
$lnamearray = array();
$userIDarray = array();
$usrquery = mysql_query("SELECT first_name, last_name, id FROM customers ORDER BY last_name ASC");
while ($row = mysql_fetch_assoc($usrquery))
{
$namearray[] = $row['last_name'] .',' . $row['first_name'];
$idstring = $row['id'];
if($userID == $row['id']){
$idstring .= "SELECTED"; }
$userIDarray[] = $idstring;
}
if($action == "update"){ $disabled="disabled"; }
//creates form parts.
$f1->createSelectField("<b>Member: </b>",'userID',$userIDarray,$namearray,'170',"$disabled");
$f1->createInputField("<b>Deposit Taken:</b> $",'text','deposittaken',"$deposittaken",'24','170',"$disabled");
if ($action == "update"){ $f1->createInputField("Due Date (YYYY-MM-DD): ",'text','<b>duedate</b>',"$duedate",'24','170',"$disabled"); }
if ($action == "insert"){ $f1->createSingleDateSelectField("<b>Due Date</b>"); }
$f1->createCheckboxField("<b>Paying fees now?</b>","feespaid",'170');
//$f1->createInputField("<i>Late Fees Paid: $</i> ",'text','amtpaid',"",'24','170');
$f1->createTextareaField("Notes about this loan:",'notes','5','24',"$notes",'170');
//sends many hidden varibles needed for process_form_library.php.
echo "
<input type='hidden' name='action' value='$action'>
<input type='hidden' name='action' value='$action'>
<input type='hidden' name='id' value='$loanID'>
<input type='hidden' name='bikeID' value='$_POST[bikeID]'>";
if($action == "update"){
echo "<input type='hidden' name='userID' value='$userID'>";
echo "<input type='hidden' name='duedate' value='$duedate'>";
echo "<input type='hidden' name='deposittaken' value='$deposittaken'>";
echo "<input type='hidden' name='todayowing' value='$todayowing'>";
}
$f1->endLibraryForm();
$dbf->closeDBlink();
?>
</body>
</html>

91
books/openshop.php

@ -0,0 +1,91 @@
<?php session_start(); ?>
<html>
<head>
<link rel="stylesheet" href="form.css" type="text/css">
</head>
<body>
<?php
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
include ("../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$today = date("Y-m-d");
$result = mysql_query("SELECT * FROM books");
if(!mysql_num_rows(mysql_query("SELECT * FROM books WHERE date='$today' AND event='close'")) && mysql_num_rows(mysql_query("SELECT * FROM books WHERE date='$today' AND event='open'"))){
header("location: ../home.php");
exit();
}
$body.="</select>";
$tablename = $cfg_tableprefix.'users';
$userLoginName = $dbf->idToField($tablename,'username',$_SESSION['session_user_id']);
$result = mysql_query("SELECT id,first_name,last_name FROM customers ORDER BY last_name ASC");
$error = (int)$_GET[error];
$errorMsg = "";
switch($error){
case 1:
$errorMsg="ERROR: if you are not $userLoginName please switch to your own administrator account";
break;
case 2:
$errorMsg="ERROR: Not a valid ammount: [$_GET[count]]";
break;
}
if($errorMsg != ""){
$body.="<br><font color=\"red\">".$errorMsg."</font><br>";
}
$body.="
<h2>Open The Shop...</h2>
<form class=\"form\" name=oopen enctype=\"multipart/form-data\" method=\"POST\" action=\"verifyaction.php\">
<h5>Before any members are singed in or any transactions are processed please count all
cash, cheques, and coupons in the coin box</h5>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font face=\"Verdana\" size=\"2\">Opening Count: $
<input type=\"text\" name=\"ammount\" size=\"10\" value=\"$_GET[count]\">
<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Counted by <b>$userLoginName</b>&nbsp;<input type=\"checkbox\" name=\"counter\">
<br><br>";
if($cfg_mechAutoSignin != "no"){
if($cfg_mechAutoSignin == "option"){
$body .= "<input type=\"checkbox\" CHECKED name=\"m\">Sign in Mechanic: <br>";
}else{
$body .= "<input type=\"hidden\" value=\"on\" name=\"m\">";
}
$body .= "&nbsp;&nbsp;&nbsp;&nbsp;Mechanic on duty
<select name=\"data\">";
while($field = mysql_fetch_array($result)) { $body.="<option value=\"$field[id]\">$field[last_name], $field[first_name] </option>"; }
$body.="
</select>";
}
$body .= "<input type=\"hidden\" name=\"action\" value=\"1\">
<br><br><br>
</font>
<input type=\"submit\" name=\"submit\" value=\"Process!\">
</form>
";
echo "$body";
$dbf->closeDBlink();
?>
</body>
</html>

190
books/verifyaction.php

@ -0,0 +1,190 @@
<?php session_start();
//<?php
include ("../settings.php");
include ("../classes/db_functions.php");
include ("../language/$cfg_language");
include ("../classes/security_functions.php");
include ("../classes/form.php");
include ("../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
//echo "Processing...";
$action = $_POST[action];
//check to make sure it's a number
$actionPage = "";
$user = null;
switch($action){
case 1:
$actionPage = "openshop";
$user = $_SESSION['session_user_id'];
break;
case 2:
$actionPage = "closeshop";
$user = $_POST[username];
break;
case 3:
$actionPage = "openshop";
$user = $_POST[username];
break;
case 4:
case 5:
$actionPage = "depositPayout";
$user = $_POST[username];
break;
}
//make sure the ammount looks right
if(!isset($_POST[ammount]) || !strval(floatval($_POST[ammount])) == strval($_POST[ammount])){
header("location: $actionPage.php?error=2&count=$_POST[ammount]");
exit();
}
//check to make sure it was the administrator who counted
// Or that a valid username and password was entered
if($action == 1 && !$_POST[counter]){
header("location: $actionPage.php?error=1&count=$_POST[ammount]");
exit();
}else if($action != 1 && !$sec->checkLogin($_POST[username], md5($_POST[password]))){
header("location: $actionPage.php?error=1&count=$_POST[ammount]");
exit();
}
if((($action == 4 || $action == 5) && (!isset($_POST[data]) || !strlen($_POST[data]))) || ($action == 5 && (!isset($_POST[data2]) || !strlen($_POST[data]) || strrchr($_POST[data], "^")))){
header("location: $actionPage.php?error=3&count=$_POST[ammount]&data=$_POST[data]&data2=$_POST[data2]");
exit();
}
//echo "stuff";
if(($action == 1 || $action == 2) && !$_POST[nocompare]){
$lastCountFound = false;
$compareAmmount = 0.0;
if($action == 2){
$cashresult = mysql_query("SELECT sale_total_cost FROM sales WHERE date='$today'");
while ($casharray = mysql_fetch_array($cashresult)){
$compareAmmount += $casharray[sale_total_cost];
}
}
$le = mysql_query("SELECT * FROM books ORDER BY listID DESC");//, $dfb->conn);
while(($item = mysql_fetch_assoc($le)) && !$lastCountFound){
switch($item[event]){
case 1:
case 2://close
$lastCountFound = true;
$compareAmmount += ($item[ammount] / 100.0);
break;
case 4://deposit
$compareAmmount -= ($item[ammount] / 100.0);
break;
case 5://payout
$compareAmmount -= ($item[ammount] / 100.0);
break;
}
}
if($_POST[ammount] != $compareAmmount){
$difference = round(abs($_POST[ammount] - $compareAmmount), 2);//, PHP_ROUND_HALF_UP);
echo "<html><head><link rel=\"stylesheet\" href=\"form.css\" type=\"text/css\"></head>";
echo "<body><h2>Count was ";
if($_POST[ammount] < $compareAmmount){
echo "Short";
}else{
echo "Over";
}
echo "</h2><form class=\"form\" name=\"continue\" enctype=\"multipart/form-data\" method=\"POST\" action=\"verifyaction.php\">
<h3>There was a difference of $"."$difference<br><br>
<input type=\"hidden\" name=\"ammount\" value=\"$_POST[ammount]\">
<input type=\"hidden\" name=\"action\" value=\"1\">
<input type=\"hidden\" name=\"counter\" value=\"1\">
<input type=\"hidden\" name=\"data\" value=\"$_POST[data]\">
<input type=\"hidden\" name=\"nocompare\" value=\"$action\">
<input type=\"submit\" name=\"submit\" value=\"Count is correct, proceede...\">
</form><br><br>
<form name=\"redo\" class=\"subform\" enctype=\"multipart/form-data\" method=\"GET\" action=\"$actionPage.php\">
<input type=\"hidden\" name=\"count\" value=\"$_POST[ammount]\">
<input type=\"submit\" name=\"submit\" value=\"Recount...\">
</form>
</body>
</html>";
exit();
}
// <input type=\"text\" name=\"username\" size=\"15\" value=\"$_POST[username]\">
// <input type=\"hidden\" name=\"password\" size=\"15\ value=\"$_POST[password]\">
}
//$tablename = $cfg_tableprefix.'users';
$userLoginName = $dbf->idToField($cfg_tableprefix.'users','username',$_SESSION['session_user_id']);
$tablename="$cfg_tableprefix".'books';
$field_names=null;
$field_data=null;
$today = date('Y-m-d');
$ammount = $_POST[ammount]*100.0;
$field_names=array('date','event','user','ammount','data');
$data = $_POST[data];
if($action == 5){
$data .= "^".$_POST[data2];
}
$field_data=array("$today", "$action", "$user","$ammount","$data");
$dbf->insert($field_names,$field_data,$tablename,"");
if($action == 1){//"open"){
//no one should be logged in but in case they are, log them out.
$now = date('Y-m-d H:i:s');
$userresult = mysql_query("SELECT * FROM visits WHERE endout IS NULL ORDER BY activity ASC");
while($row = mysql_fetch_array($userresult)){
$visitID = $row[visitID];
//
$query="UPDATE visits SET endout='$now' WHERE visitID='$visitID' LIMIT 1";
mysql_query($query) or die('Error, user not done . Consult Mark, he probably fucked up. OH shits');
}
$tablename="$cfg_tableprefix".'visits';
//$tdin = date('Y-m-d H:i:s');
if($cfg_mechAutoSignin != "no" && $_POST["m"]){
$sec->signinMember($_POST[data], $now, "Mechanic");
}
if($cfg_adminAutoSignin){
$adminID = $dbf->idToField($cfg_tableprefix.'users','customerID',$_SESSION['session_user_id']);
$sec->signinMember($adminID, $now, "Administrator");
}
header("location: ../home.php");
}else if($action == 2){//"close"){
//log everyone out
$userresult = mysql_query("SELECT * FROM visits WHERE endout IS NULL ORDER BY activity ASC");
while($row = mysql_fetch_array($userresult)){
$visitID = $row[visitID];
$now = date('Y-m-d H:i:s');
$query="UPDATE visits SET endout='$now' WHERE visitID='$visitID' LIMIT 1";
mysql_query($query) or die('Error, user not done . Consult Mark, he probably fucked up. OH shits');
}
session_destroy();
//header("location: ../shopclosed.php");
echo "<script>parent.document.location.href='../shopclosed.php'</script>";
}else{
//header("location: ../index.php");
echo "<script>document.location.href='../home.php'</script>";
}
$dbf->closeDBlink();
?>
<html>
<head>
<link rel="stylesheet" href="form.css" type="text/css">
</head>
<body>
</body>
</html>

BIN
classes/.form.php.swp

Binary file not shown.

340
classes/barcode.php

@ -0,0 +1,340 @@
<?php
/*===========================================================================*/
/* PHP Barcode Image Generator v1.0 [9/28/2000]
Copyright (C)2000 by Charles J. Scheffold - cs@wsia.fm
---
UPDATE 09/21/2002 by Laurent NAVARRO - ln@altidev.com - http://www.altidev.com
Updated to be compatible with register_globals = off and on
---
UPDATE 4/6/2001 - Important Note! This script was written with the assumption
that "register_globals = On" is defined in your PHP.INI file! It will not
work as-is and as described unless this is set. My PHP came with this
enabled by default, but apparently many people have turned it off. Either
turn it on or modify the startup code to pull the CGI variables in the old
fashioned way (from the HTTP* arrays). If you just want to use the functions
and pass the variables yourself, well then go on with your bad self.
---
This code is hereby released into the public domain.
Use it, abuse it, just don't get caught using it for something stupid.
The only barcode type currently supported is Code 3 of 9. Don't ask about
adding support for others! This is a script I wrote for my own use. I do
plan to add more types as time permits but currently I only require
Code 3 of 9 for my purposes. Just about every scanner on the market today
can read it.
PARAMETERS:
-----------
$barcode = [required] The barcode you want to generate
$type = (default=0) It's 0 for Code 3 of 9 (the only one supported)
$width = (default=160) Width of image in pixels. The image MUST be wide
enough to handle the length of the given value. The default
value will probably be able to display about 6 digits. If you
get an error message, make it wider!
$height = (default=80) Height of image in pixels
$format = (default=jpeg) Can be "jpeg", "png", or "gif"
$quality = (default=100) For JPEG only: ranges from 0-100
$text = (default='') 0 Enter any string to be displayed
NOTE: You must have GD-1.8 or higher compiled into PHP
in order to use PNG and JPEG. GIF images only work with
GD-1.5 and lower. (http://www.boutell.com)
ANOTHER NOTE: If you actually intend to print the barcodes
and scan them with a scanner, I highly recommend choosing
JPEG with a quality of 100. Most browsers can't seem to print
a PNG without mangling it beyond recognition.
USAGE EXAMPLES FOR ANY PLAIN OLD HTML DOCUMENT:
-----------------------------------------------
<IMG SRC="barcode.php?barcode=HELLO&quality=75">
<IMG SRC="barcode.php?barcode=123456&width=320&height=200">
*/
/*=============================================================================*/
//-----------------------------------------------------------------------------
// Startup code
//-----------------------------------------------------------------------------
if(isset($_GET["text"])) $text=$_GET["text"];
if(isset($_GET["format"])) $format=$_GET["format"];
if(isset($_GET["quality"])) $quality=$_GET["quality"];
if(isset($_GET["width"])) $width=$_GET["width"];
if(isset($_GET["height"])) $height=$_GET["height"];
if(isset($_GET["type"])) $type=$_GET["type"];
if(isset($_GET["barcode"])) $barcode=$_GET["barcode"];
if (!isset ($text)) $text = '';
if (!isset ($type)) $type = 1;
if (empty ($quality)) $quality = 100;
if (empty ($width)) $width = 160;
if (empty ($height)) $height = 80;
if (!empty ($format)) $format = strtoupper ($format);
else $format="PNG";
switch ($type)
{
default:
$type = 1;
case 1:
Barcode39 ($barcode, $width, $height, $quality, $format, $text);
break;
}
//-----------------------------------------------------------------------------
// Generate a Code 3 of 9 barcode
//-----------------------------------------------------------------------------
function Barcode39 ($barcode, $width, $height, $quality, $format, $text)
{
switch ($format)
{
default:
$format = "JPEG";
case "JPEG":
header ("Content-type: image/jpeg");
break;
case "PNG":
header ("Content-type: image/png");
break;
case "GIF":
header ("Content-type: image/gif");
break;
}
$im = ImageCreate ($width, $height)
or die ("Cannot Initialize new GD image stream");
$White = ImageColorAllocate ($im, 255, 255, 255);
$Black = ImageColorAllocate ($im, 0, 0, 0);
//ImageColorTransparent ($im, $White);
ImageInterLace ($im, 1);
$NarrowRatio = 20;
$WideRatio = 55;
$QuietRatio = 35;
$nChars = (strlen($barcode)+2) * ((6 * $NarrowRatio) + (3 * $WideRatio) + ($QuietRatio));
$Pixels = $width / $nChars;
$NarrowBar = (int)(20 * $Pixels);
$WideBar = (int)(55 * $Pixels);
$QuietBar = (int)(35 * $Pixels);
$ActualWidth = (($NarrowBar * 6) + ($WideBar*3) + $QuietBar) * (strlen ($barcode)+2);
if (($NarrowBar == 0) || ($NarrowBar == $WideBar) || ($NarrowBar == $QuietBar) || ($WideBar == 0) || ($WideBar == $QuietBar) || ($QuietBar == 0))
{
ImageString ($im, 1, 0, 0, "Image is too small!", $Black);
OutputImage ($im, $format, $quality);
exit;
}
$CurrentBarX = (int)(($width - $ActualWidth) / 2);
$Color = $White;
$BarcodeFull = "*".strtoupper ($barcode)."*";
settype ($BarcodeFull, "string");
$FontNum = 3;
$FontHeight = ImageFontHeight ($FontNum);
$FontWidth = ImageFontWidth ($FontNum);
if ($text != '')
{
$CenterLoc = (int)(($width) / 2) - (int)(($FontWidth * strlen($text)) / 2);
ImageString ($im, $FontNum, $CenterLoc, $height-$FontHeight, "$text", $Black);
}
for ($i=0; $i<strlen($BarcodeFull); $i++)
{
$StripeCode = Code39 ($BarcodeFull[$i]);
for ($n=0; $n < 9; $n++)
{
if ($Color == $White) $Color = $Black;
else $Color = $White;
switch ($StripeCode[$n])
{
case '0':
ImageFilledRectangle ($im, $CurrentBarX, 0, $CurrentBarX+$NarrowBar, $height-1-$FontHeight-2, $Color);
$CurrentBarX += $NarrowBar;
break;
case '1':
ImageFilledRectangle ($im, $CurrentBarX, 0, $CurrentBarX+$WideBar, $height-1-$FontHeight-2, $Color);
$CurrentBarX += $WideBar;
break;
}
}
$Color = $White;
ImageFilledRectangle ($im, $CurrentBarX, 0, $CurrentBarX+$QuietBar, $height-1-$FontHeight-2, $Color);
$CurrentBarX += $QuietBar;
}
OutputImage ($im, $format, $quality);
}
//-----------------------------------------------------------------------------
// Output an image to the browser
//-----------------------------------------------------------------------------
function OutputImage ($im, $format, $quality)
{
switch ($format)
{
case "JPEG":
ImageJPEG ($im, "", $quality);
break;
case "PNG":
ImagePNG ($im);
break;
case "GIF":
ImageGIF ($im);
break;
}
}
//-----------------------------------------------------------------------------
// Returns the Code 3 of 9 value for a given ASCII character
//-----------------------------------------------------------------------------
function Code39 ($Asc)
{
switch ($Asc)
{
case ' ':
return "011000100";
case '$':
return "010101000";
case '%':
return "000101010";
case '*':
return "010010100"; // * Start/Stop
case '+':
return "010001010";
case '|':
return "010000101";
case '.':
return "110000100";
case '/':
return "010100010";
case '0':
return "000110100";
case '1':
return "100100001";
case '2':
return "001100001";
case '3':
return "101100000";
case '4':
return "000110001";
case '5':
return "100110000";
case '6':
return "001110000";
case '7':
return "000100101";
case '8':
return "100100100";
case '9':
return "001100100";
case 'A':
return "100001001";
case 'B':
return "001001001";
case 'C':
return "101001000";
case 'D':
return "000011001";
case 'E':
return "100011000";
case 'F':
return "001011000";
case 'G':
return "000001101";
case 'H':
return "100001100";
case 'I':
return "001001100";
case 'J':
return "000011100";
case 'K':
return "100000011";
case 'L':
return "001000011";
case 'M':
return "101000010";
case 'N':
return "000010011";
case 'O':
return "100010010";
case 'P':
return "001010010";
case 'Q':
return "000000111";
case 'R':
return "100000110";
case 'S':
return "001000110";
case 'T':
return "000010110";
case 'U':
return "110000001";
case 'V':
return "011000001";
case 'W':
return "111000000";
case 'X':
return "010010001";
case 'Y':
return "110010000";
case 'Z':
return "011010000";
default:
return "011000100";
}
}
?>

586
classes/db_functions.php

@ -0,0 +1,586 @@
<?php
class db_functions
{
//class variable that represents the database connection.
var $conn;
var $lang;
var $tblprefix;
//var $sec;
var $table_bgcolor,$cellspacing,$cellpadding,$border_style,$border_width,
$border_color,$header_rowcolor,$header_text_color,$headerfont_face,$headerfont_size,
$rowcolor,$rowcolor2,$rowcolor_text,$rowfont_face,$rowfont_size;
//user-defined constructor
function db_functions($server,$username,$password,$database,$tableprefix,$theme,$language)
{
//pre: parameters must be correct in order to connect to database.
//post: connects to database.
//$sec=new security_functions($this,'Sales Clerk',$lang);
$this->tblprefix=$tableprefix;
$this->lang=$language;
$this->conn = mysql_connect("$server", "$username", "$password") or die("Could not connect : " . mysql_error());
mysql_select_db("$database",$this->conn) or die("Could not select database <b>$database</b>");
switch($theme)
{
//add more themes
case $theme=='serious':
$this->table_bgcolor='white';
$this->cellspacing='1';
$this->cellpadding='0';
$this->border_style='solid';
$this->border_width='1';
$this->border_color='black';
$this->header_rowcolor='black';
$this->header_text_color='white';
$this->headerfont_face='arial';
$this->headerfont_size='2';
$this->rowcolor='#DDDDDD';
$this->rowcolor_text='black';
$this->rowfont_face='geneva';
$this->rowfont_size='2';
break;
case $theme=='big blue':
$this->table_bgcolor='white';
$this->cellspacing='1';
$this->cellpadding='0';
$this->border_style='solid';
$this->border_width='1';
$this->border_color='black';
$this->header_rowcolor='navy';
$this->header_text_color='white';
$this->headerfont_face='arial';
$this->headerfont_size='2';
$this->rowcolor='#15759B';
$this->rowcolor_text='white';
$this->rowfont_face='geneva';
$this->rowfont_size='2';
break;
}
}
function getUserID($username,$password)
{
//pre: $username is a string and $password (encrypted) is the user's encrypted password.
//post: returns the id of the user with the specific username and password supplied.
$tablename = "$this->tblprefix".'users';
$result = mysql_query("SELECT * FROM $tablename WHERE username=\"$username\" and password=\"$password\"",$this->conn);
$row = mysql_fetch_assoc($result);
return $row['id'];
}
function getAllElements($tablename,$field,$orderby)
{
//pre: $tablename,$field,$orderby must be valid
/*post: returns all elements in an array of specified table
and sets first position to an empty string. This function will be used for filling
select fields, which requires the first position for the selected value
*/
$result = mysql_query("SELECT $field FROM $tablename ORDER BY $orderby",$this->conn);
$numRows = mysql_num_rows($result);
$data = array();
$data[0]='';
for($k=1; $k< $numRows+1; $k++)
{
$data[$k]= mysql_result($result,$k-1);
}
return $data;
}
function idToField($tablename,$field,$id)
{
//pre: $tablename, field, and id all must be valid
//post: returns a specified field based on the ID from a specified table.
$result = mysql_query("SELECT $field FROM $tablename WHERE id=\"$id\"",$this->conn);
$row = mysql_fetch_assoc($result);
return $row[$field];
}
function fieldToid($tablename,$field,$value)
{
//pre: $tablename, field, and value all must be valid
//post: returns a specified id based on the field from a specified table.
$result = mysql_query("SELECT * FROM $tablename WHERE $field=\"$value\"",$this->conn);
$row=mysql_fetch_assoc($result);
return $row['id'];
}
function getFields($database,$tablename)
{
//returns fields in table
$fields=array();
$fieldsRef=mysql_list_fields ($database, $tablename);
$columns=mysql_num_fieldsfieldsRef;
for($k=0;$k<$columns;$k++)
{
$fields[]=mysql_field_name($fieldsRef,$k);
}
return $fields;
}
function insert($field_names,$field_data,$tablename,$output)
{
//pre: $field_names and $field_data are pararell arrays and $tablename is a string.
//post: creates a query then executes it.
if(!($this->isValidData($field_data)))
{
echo "{$this->lang->invalidCharactor}";
exit();
}
$query = "INSERT INTO $tablename ($field_names[0]";
for($k=1;$k< count($field_names);$k++)
{
$query.=', '."$field_names[$k]";
}
$query.=") VALUES (\"$field_data[0]\"";
for($k=1;$k< count($field_data);$k++)
{
$query.=', '."\"$field_data[$k]\"";
}
$query.=')';
mysql_query($query,$this->conn);
if($output)
{
echo "<center><b>{$this->lang->successfullyAdded} $tablename</b></center><br>";
echo "<center><table width=350 cellspacing=$this->cellspacing cellpadding=$this->cellpadding bgcolor=$this->table_bgcolor style=\"border: $this->border_style $this->border_color $this->border_width px\">
<tr bgcolor=$this->header_rowcolor>
<th align='left'><font color='$this->header_text_color' face='$this->headerfont_face' size='$this->headerfont_size'>{$this->lang->field}</th></font>
<th align='left'><font color='$this->header_text_color' face='$this->headerfont_face' size='$this->headerfont_size'>{$this->lang->data}</th></font>
</tr>";
for($k=0;$k<count($field_names);$k++)
{
//certain fields I do not want displayed.
if($field_names[$k]!="password")
{
echo "<tr bgcolor=$this->rowcolor><td width='120'><font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$field_names[$k]". '</font></td>'."<td><font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$field_data[$k]</font></td></tr>\n";
}
else
{
echo "<tr bgcolor=$this->rowcolor><td width='120'><font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$field_names[$k]". '</font></td>'."<td><font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>*******</font></td></tr>\n";
}
}
echo '</table></center>';
}
}
function update($field_names,$field_data,$tablename,$id,$output)
{
//pre: $field_names and $field_data are pararell arrays and tablename and id are strings.
//post: creates a query then executes it limites based on id.
if($id=='')
{
echo "{$this->lang->didNotEnterID}";
exit();
}
if(!($this->isValidData($field_data)))
{
echo "{$this->lang->invalidCharactor}";
exit();
}
$query="UPDATE $tablename SET $field_names[0]=\"$field_data[0]\"";
for($k=1;$k< count($field_names);$k++)
{
$query.=', '."$field_names[$k]=\"$field_data[$k]\"";
}
$sales_items_table=$this->tblprefix.'sales_items';
if($output)
{
$query.=" WHERE id=\"$id\"";
//echo "Here: $query";
}
else
{
$query.=" WHERE sale_id=\"$id\"";
}
mysql_query($query,$this->conn);
if($output)
{
echo "<center><b>{$this->lang->successfullyUpdated} $tablename</b></center><br>";
echo "<center><table width=350 cellspacing=$this->cellspacing cellpadding=$this->cellpadding bgcolor=$this->table_bgcolor style=\"border: $this->border_style $this->border_color $this->border_width px\">
<tr bgcolor=$this->header_rowcolor>
<th align='left'><font color='$this->header_text_color' face='$this->headerfont_face' size='$this->headerfont_size'>{$this->lang->field}</th></font>
<th align='left'><font color='$this->header_text_color' face='$this->headerfont_face' size='$this->headerfont_size'>{$this->lang->data}</th></font>
</tr>";
for($k=0;$k<count($field_names);$k++)
{
//certain fields I do not want displayed.
if($field_names[$k]!="password")
{
echo "<tr bgcolor=$this->rowcolor><td width='120'><font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$field_names[$k]". '</font></td>'."<td><font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$field_data[$k]</font></td></tr>\n";
}
else
{
echo "<tr bgcolor=$this->rowcolor><td width='120'><font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$field_names[$k]". '</font></td>'."<td><font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>*******</font></td></tr>\n";
}
}
echo '</table></center>';
}
}
function deleteRow($tablename,$id)
{
//pre: $tablename and id are strings.
//post: Does extensive error checking and then deletes row is allowed.
if($this->tblprefix=='')
{
$baseTable=$tablename;
}
else
{
$splitTable= explode ("$this->tblprefix",$tablename);
$baseTable=$splitTable[1];
}
$canDelete=true;
$errmessage='';
if($id=='')
{
echo "{$this->lang->didNotEnterID}";
exit();
}
elseif($baseTable=='brands')
{
$checkTable = "$this->tblprefix".'items';
$result = mysql_query("SELECT brand_id FROM $checkTable WHERE brand_id=\"$id\"",$this->conn);
if(@mysql_num_rows($result) >= 1)
{
$canDelete=false;
$errmessage="{$this->lang->cantDeleteBrand}";
}
}
elseif($baseTable=='categories')
{
$checkTable = "$this->tblprefix".'items';
$result = mysql_query("SELECT category_id FROM $checkTable WHERE category_id=\"$id\"",$this->conn);
if(@mysql_num_rows($result) >= 1)
{
$canDelete=false;
$errmessage="{$this->lang->cantDeleteCategory}";
}
}
elseif($baseTable=='customers')
{
$checkTable = "$this->tblprefix".'sales';
$result = mysql_query("SELECT customer_id FROM $checkTable WHERE customer_id=\"$id\"",$this->conn);
if(@mysql_num_rows($result) >= 1)
{
$canDelete=false;
$errmessage="{$this->lang->cantDeleteCustomer}";
}
}
elseif($baseTable=='items')
{
$checkTable = "$this->tblprefix".'sales_items';
$result = mysql_query("SELECT item_id FROM $checkTable WHERE item_id=\"$id\"",$this->conn);
if(@mysql_num_rows($result) >= 1)
{
$canDelete=false;
$errmessage="{$this->lang->cantDeleteItem}";
}
}
elseif($baseTable=='suppliers')
{
$checkTable = "$this->tblprefix".'items';
$result = mysql_query("SELECT supplier_id FROM $checkTable WHERE supplier_id=\"$id\"",$this->conn);
if(@mysql_num_rows($result) >= 1)
{
$canDelete=false;
$errmessage="{$this->lang->cantDeleteSupplier}";
}
}
elseif($baseTable=='sales')
{
$sales_items_table="$this->tblprefix".'sales_items';
$items_table="$this->tblprefix".'items';
$result=mysql_query("SELECT * FROM $sales_items_table WHERE sale_id=\"$id\"");
while($row=mysql_fetch_assoc($result))
{
$quantityToAdd =$row['quantity_purchased'];
$newQuantity=$this->idToField($items_table,'quantity',"$row[item_id]")+$quantityToAdd;
$this->updateItemQuantity($row['item_id'],$newQuantity);
}
mysql_query("DELETE FROM $sales_items_table WHERE sale_id=\"$id\"",$this->conn);
}
elseif($baseTable=='users')
{
$checkTable = "$this->tblprefix".'sales';
$result = mysql_query("SELECT sold_by FROM $checkTable WHERE sold_by=\"$id\"",$this->conn);
if($_SESSION['session_user_id']==$id)
{
$canDelete=false;
$errmessage="{$this->lang->cantDeleteUserLoggedIn}";
}
elseif(@mysql_num_rows($result) >= 1)
{
$canDelete=false;
$errmessage="{$this->lang->cantDeleteUserEnteredSales}";
}
}
if($canDelete==true)
{
$query="DELETE FROM $tablename WHERE id=\"$id\"";
mysql_query($query,$this->conn);
echo "<center>{$this->lang->successfullyDeletedRow} <b>$id</b> {$this->lang->fromThe} <b>$tablename</b> {$this->lang->table}</center>";
}
else
{
echo "<center>$errmessage</center><br>";
}
}
function isValidData($data_to_check)
{
//checks data for errors
for($k=0;$k<count($data_to_check);$k++)
{
if(ereg('\"',$data_to_check[$k]) or ereg('<',$data_to_check[$k]) or ereg('>',$data_to_check[$k]) )
{
return false;
}
}
return true;
}
function isValidItem($item)
{
$table=$this->tblprefix.'items';
$result=mysql_query("SELECT id FROM $table WHERE id=\"$item\"",$this->conn);
if(mysql_num_rows($result)==0)
{
return false;
}
return true;
}
function isItemOnDiscount($itemID)
{
$table=$this->tblprefix.'discounts';
$query="SELECT item_id FROM $table WHERE item_id=\"$itemID\"";
$result=mysql_query($query,$this->conn);
if(mysql_num_rows($result) >0)
{
return true;
}
return false;
}
function getPercentDiscount($itemID)
{
$table=$this->tblprefix.'discounts';
$query="SELECT percent_off FROM $table WHERE item_id=\"$itemID\"";
$result=mysql_query($query,$this->conn);
if(mysql_num_rows($result) >0)
{
$row=mysql_fetch_assoc($result);
return $row['percent_off'];
}
return -1;
}
function getDiscountedPrice($itemID)
{
$itemtable=$this->tblprefix.'items';
$discounttable=$this->tblprefix.'discounts';
$query1="SELECT * FROM $discounttable WHERE item_id=\"$itemID\"";
$row=mysql_fetch_assoc(mysql_query($query1,$this->conn));
$percent_off=$row['percent_off'];
$query2="SELECT * FROM $itemtable WHERE id=\"$itemID\"";
$row=mysql_fetch_assoc(mysql_query($query2,$this->conn));
$discounted_price=$row['unit_price']*(1-($percent_off/100));
return number_format($discounted_price,2,'.', '');
}
function isValidCustomer($customer)
{
$table=$this->tblprefix.'customers';
$result=mysql_query("SELECT id FROM $table WHERE id=\"$customer\"",$this->conn);
if(mysql_num_rows($result)==0)
{
return false;
}
return true;
}
function getNumRows($table)
{
//gets the number of rows in a table
$query="SELECT id FROM $table";
$result=mysql_query($query,$this->conn);
return mysql_num_rows($result);
}
function updateSaleTotals($sale_id)
{
//updates the totals for a sale
$sales_items_table=$this->tblprefix.'sales_items';
$sales_table=$this->tblprefix.'sales';
$query="SELECT item_total_cost,item_total_tax,quantity_purchased FROM $sales_items_table WHERE sale_id=\"$sale_id\"";
$result=mysql_query($query,$this->conn);
if(@mysql_num_rows($result) > 0)
{
$sale_sub_total=0;
$sale_total_cost=0;
$items_purchased=0;
while($row=mysql_fetch_assoc($result))
{
$sale_sub_total+=$row['item_total_cost']-$row['item_total_tax'];
$sale_total_cost+=$row['item_total_cost'];
$items_purchased+=$row['quantity_purchased'];
}
$sale_sub_total=number_format($sale_sub_total,2,'.', '');
$sale_total_cost=number_format($sale_total_cost,2,'.', '');
$query2="UPDATE $sales_table SET sale_sub_total=\"$sale_sub_total\",sale_total_cost=\"$sale_total_cost\",items_purchased=\"$items_purchased\" WHERE id=\"$sale_id\"";
mysql_query($query2,$this->conn);
}
else
{
$this->deleteRow($sales_table,$sale_id);
}
}
function updateItemQuantity($item_id,$newQuantity)
{
$items_table=$this->tblprefix.'items';
$query="UPDATE $items_table SET quantity=\"$newQuantity\" WHERE id=\"$item_id\"";
mysql_query($query,$this->conn);
}
function optimizeTables()
{
//optimizes the sales
$tableprefix=$this->tblprefix;
$brandsTable="$tableprefix".'brands';
$categorieTable="$tableprefix".'categories';
$customersTable="$tableprefix".'customers';
$itemsTable="$tableprefix".'items';
$salesTable="$tableprefix".'sales';
$sales_itemsTable="$tableprefix".'sales_items';
$suppliersTable="$tableprefix".'suppliers';
$usersTable="$tableprefix".'users';
$booksTable="$tableprefix".'books';
$query="OPTIMIZE TABLE $brandsTable, $categorieTable, $customersTable, $itemsTable, $salesTable, $sales_itemsTable,$suppliersTable, $usersTable, $booksTable";
mysql_query($query,$this->conn);
}
function closeDBlink()
{
mysql_close($this->conn);
}
}
?>

887
classes/display.php

@ -0,0 +1,887 @@
<?php
class display
{
var $conn;
var $lang;
var $title_color,$list_of_color,$table_bgcolor,$cellspacing,$cellpadding,$border_style,$border_width,
$border_color,$header_rowcolor,$header_text_color,$headerfont_face,$headerfont_size,
$rowcolor1,$rowcolor2,$rowcolor_text,$rowfont_face,$rowcolor_link,$rowfont_size,$sale_bg;
function display($connection,$theme,$currency_symbol,$language)
{
$this->conn=$connection;
$this->lang=$language;
$this->currency_symbol=$currency_symbol;
switch($theme)
{
case $theme=='big blue':
$this->title_color='#005B7F';
$this->list_of_color='#247392';
$this->table_bgcolor='white';
$this->cellspacing='1';
$this->cellpadding='0';
$this->border_style='solid';
$this->border_width='1';
$this->border_color='#0A6184';
$this->header_rowcolor='navy';
$this->header_text_color='white';
$this->headerfont_face='arial';
$this->headerfont_size='2';
$this->rowcolor1='#15759B';
$this->rowcolor2='#0A6184';
$this->rowcolor_text='white';
$this->rowfont_face='geneva';
$this->rowcolor_link='CCCCCC';
$this->rowfont_size='2';
$this->sale_bg='#015B7E';
break;
case $theme=='serious':
$this->title_color='black';
$this->list_of_color='black';
$this->table_bgcolor='white';
$this->cellspacing='1';
$this->cellpadding='0';
$this->border_style='solid';
$this->border_width='1';
$this->border_color='black';
$this->header_rowcolor='black';
$this->header_text_color='white';
$this->headerfont_face='arial';
$this->headerfont_size='2';
$this->rowcolor1='#DDDDDD';
$this->rowcolor2='#CCCCCC';
$this->rowcolor_text='black';
$this->rowfont_face='geneva';
$this->rowcolor_link='black';
$this->rowfont_size='2';
$this->sale_bg='#999999';
break;
}
}
function displayTitle($title)
{
//pre: Title must be a string.
//post: Applys title to page.
echo "<center><h3><font color='$this->title_color'>$title</font></h3></center>";
}
function idToField($tablename,$field,$id)
{
//pre: $tablename, field, and id all must be valid
//post: returns a specified field based on the ID from a specified table.
$result = mysql_query("SELECT $field FROM $tablename WHERE id=\"$id\"",$this->conn);
$row = mysql_fetch_assoc($result);
return $row[$field];
}
function getNumRows($table)
{
$query="SELECT id FROM $table";
$result=mysql_query($query,$this->conn);
return mysql_num_rows($result);
}
function displayManageTable($tableprefix,$tablename,$tableheaders,$tablefields,$wherefield,$wheredata,$orderby)
{
//pre:params must be right type
//post: outputs a nice looking table that is used for manage parts of the program
if($tablename=='brands' or $tablename=='categories')
{
$tablewidth='35%';
}
else
{
$tablewidth='95%';
}
$table="$tableprefix"."$tablename";
echo "\n".'<center>';
if($wherefield=='quantity' and $wheredata=='outofstock')
{
$result = mysql_query("SELECT * FROM $table WHERE quantity < 1 ORDER BY $orderby",$this->conn);
}
elseif($wherefield=='quantity' and $wheredata=='reorder')
{
$result = mysql_query("SELECT * FROM $table WHERE quantity <= reorder_level ORDER BY $orderby",$this->conn);
}
elseif($wherefield!='' and $wheredata!='')
{
$result = mysql_query("SELECT * FROM $table WHERE $wherefield like \"%$wheredata%\" ORDER BY $orderby",$this->conn);
}
elseif($this->getNumRows($table) >200)
{
$result = mysql_query("SELECT * FROM $table ORDER BY $orderby LIMIT 0,200",$this->conn);
echo "{$this->lang->moreThan200} $tableprefix $table".'\'s'."{$this->lang->first200Displayed}";
}
else
{
$result = mysql_query("SELECT * FROM $table ORDER BY $orderby",$this->conn);
}
echo '<hr>';
if(@mysql_num_rows($result) ==0)
{
echo "<div align='center'>{$this->lang->noDataInTable} <b>$table</b> {$this->lang->table}.</div>";
exit();
}
echo "<center><h4><font color='$this->list_of_color'>{$this->lang->listOf}";
if ($tablename == "customers"){ echo " Members</font></h4></center>"; } else { echo " $tablename</font></h4></center>"; }
echo "<table cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='$tablewidth' style=\"border: $this->border_style $this->border_color $this->border_width px\">
<tr bgcolor=$this->header_rowcolor>\n\n";
for($k=0;$k< count($tableheaders);$k++)
{
echo "<th align='center'>\n<font color='$this->header_text_color' face='$this->headerfont_face' size='$this->headerfont_size'>$tableheaders[$k]</font>\n</th>\n";
}
echo '</tr>'."\n\n";
$rowCounter=0;
while($row=mysql_fetch_assoc($result))
{
if($rowCounter%2==0)
{
echo "\n<tr bgcolor=$this->rowcolor1>\n";
}
else
{
echo "\n<tr bgcolor=$this->rowcolor2>\n";
}
$rowCounter++;
for($k=0;$k<count($tablefields);$k++)
{
$field=$tablefields[$k];
$data=$this->formatData($field,$row[$field],$tableprefix);
echo "\n<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$data</font>\n</td>\n";
}
if($tablename == "customers")
{
echo "<td align='center'>\n<a href=\"../members/add.php?userID=$row[id]\"><font color='$this->rowcolor_link'>{$this->lang->update}</font></a></td>
<td align='center'>\n<a href=\"javascript:decision('{$this->lang->confirmDelete} $table {$this->lang->table}?','process_form_$tablename.php?action=delete&id=$row[id]')\"><font color='$this->rowcolor_link'>{$this->lang->delete}</font></a></td>\n
<td align='center'>\n<a href=\"../members/getinfo.php?userID=$row[id]\"><font color='$this->rowcolor_link'>{$this->lang->getinfo}</font></a></td>
</tr>\n\n";
} else {
echo "<td align='center'>\n<a href=\"form_$tablename.php?action=update&id=$row[id]\"><font color='$this->rowcolor_link'>{$this->lang->update}</font></a></td>
<td align='center'>\n<a href=\"javascript:decision('{$this->lang->confirmDelete} $table {$this->lang->table}?','process_form_$tablename.php?action=delete&id=$row[id]')\"><font color='$this->rowcolor_link'>{$this->lang->delete}</font></a></td>\n</tr>\n\n";
}
}
echo '</table>'."\n";
}
function displayReportTable($tableprefix,$tablename,$tableheaders,$tablefields,$wherefield,$wheredata,$date1,$date2,$orderby,$subtitle)
{
echo "<center><h4><font color='$this->list_of_color'>$subtitle</font></h4></center>";
$tablewidth='85%';
$table="$tableprefix"."$tablename";
echo "\n".'<center>';
if($wherefield!='' and $wheredata!='' and $date1=='' and $date2=='')
{
$result = mysql_query("SELECT * FROM $table WHERE $wherefield = \"$wheredata\" ORDER BY $orderby",$this->conn);
}
elseif($wherefield!='' and $wheredata!='' and $date1!='' and $date2!='')
{
$result = mysql_query("SELECT * FROM $table WHERE $wherefield = \"$wheredata\" and date between \"$date1\" and \"$date2\" ORDER BY $orderby",$this->conn);
}
elseif($date1!='' and $date2!='')
{
$result = mysql_query("SELECT * FROM $table WHERE date between \"$date1\" and \"$date2\" ORDER BY $orderby",$this->conn);
}
else
{
$result = mysql_query("SELECT * FROM $table ORDER BY $orderby",$this->conn);
}
echo '<hr>';
if(@mysql_num_rows($result) ==0)
{
echo "<div align='center'>{$this->lang->noDataInTable} <b>$table</b> {$this->lang->table}.</div>";
exit();
}
echo "<table cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='$tablewidth' style=\"border: $this->border_style $this->border_color $this->border_width px\">
<tr bgcolor=$this->header_rowcolor>\n\n";
for($k=0;$k< count($tableheaders);$k++)
{
echo "<th align='center'>\n<font color='$this->header_text_color' face='$this->headerfont_face' size='$this->headerfont_size'>$tableheaders[$k]</font>\n</th>\n";
}
echo '</tr>'."\n\n";
$rowCounter=0;
while($row=mysql_fetch_assoc($result))
{
if($rowCounter%2==0)
{
echo "\n<tr bgcolor=$this->rowcolor1>\n";
}
else
{
echo "\n<tr bgcolor=$this->rowcolor2>\n";
}
$rowCounter++;
for($k=0;$k<count($tablefields);$k++)
{
$field=$tablefields[$k];
if($field=='sale_details')
{
$temp_customer_id=$row['customer_id'];
$temp_date=$row['date'];
$temp_sale_id=$row['id'];
$data="<a href=\"javascript:popUp('show_details.php?sale_id=$temp_sale_id&sale_customer_id=$temp_customer_id&sale_date=$temp_date')\"><font color='$this->rowcolor_link'>{$this->lang->showSaleDetails}</font></a>";
}
else
{
if($field=='brand_id' or $field=='category_id' or $field=='supplier_id')
{
$field_data=$this->idToField("$tableprefix".'items',"$field",$row['item_id']);
$data=$this->formatData($field,$field_data,$tableprefix);
}
else
{
$data=$this->formatData($field,$row[$field],$tableprefix);
}
}
echo "\n<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$data</font>\n</td>\n";
}
}
echo '</table>'."\n";
}
function displaySaleManagerTable($tableprefix,$where1,$where2)
{
$tablewidth='85%';
$sales_table="$tableprefix"."sales";
$sales_items_table="$tableprefix"."sales_items";
if($where1!='' and $where2!='')
{
$sale_query="SELECT * FROM $sales_table WHERE id between \"$where1\" and \"$where2\" ORDER BY id DESC";
$sale_result=mysql_query($sale_query,$this->conn);
}
else
{
$sale_query="SELECT * FROM $sales_table ORDER BY id DESC";
$sale_result=mysql_query($sale_query,$this->conn);
}
$sales_tableheaders=array("{$this->lang->date}","{$this->lang->customerName}","{$this->lang->itemsPurchased}","{$this->lang->paidWith}","{$this->lang->soldBy}","{$this->lang->saleSubTotal}","{$this->lang->saleTotalCost}","{$this->lang->saleComment}");
$sales_tablefields=array('date','customer_id','items_purchased','paid_with','sold_by','sale_sub_total','sale_total_cost','comment');
$sales_items_tableheaders=array("{$this->lang->itemName}","{$this->lang->brand}","{$this->lang->category}","{$this->lang->supplier}","{$this->lang->quantityPurchased}","{$this->lang->unitPrice}","{$this->lang->tax}","{$this->lang->itemTotalCost}","{$this->lang->updateItem}","{$this->lang->deleteItem}");
$sales_items_tablefields=array('item_id','brand_id','category_id','supplier_id','quantity_purchased','item_unit_price','item_total_tax','item_total_cost');
if(@mysql_num_rows($sale_result) < 1)
{
echo "<div align='center'>You do not have any data in the <b>sales</b> tables.</div>";
exit();
}
$rowCounter1=0;
echo "<center><table cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='$tablewidth' style=\"border: $this->border_style $this->border_color 3 px\"><tr><td><br>";
while($row=mysql_fetch_assoc($sale_result))
{
echo "<table align='center' cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='$tablewidth' style=\"border: $this->border_style $this->border_color $this->border_width px\"><tr><td align='center'><br><b>{$this->lang->saleID} $row[id]</b>
[<a href='update_sale.php?id=$row[id]'>{$this->lang->updateSale}</a>]
[<a href=\"javascript:decision('{$this->lang->confirmDelete} $sales_table {$this->lang->table}?','delete_sale.php?id=$row[id]')\">{$this->lang->deleteEntireSale}]</a>
<table cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='$tablewidth' style=\"border: $this->border_style $this->border_color $this->border_width px\">
<tr bgcolor=$this->header_rowcolor>\n\n";
for($k=0;$k< count($sales_tableheaders);$k++)
{
echo "<th align='center'>\n<font color='$this->header_text_color' face='$this->headerfont_face' size='$this->headerfont_size'>$sales_tableheaders[$k]</font>\n</th>\n";
}
echo '</tr>'."\n\n";
if($rowCounter1%2==0)
{
echo "\n<tr bgcolor=$this->rowcolor1>\n";
}
else
{
echo "\n<tr bgcolor=$this->rowcolor2>\n";
}
$rowCounter1++;
for($k=0;$k<count($sales_tablefields);$k++)
{
$field=$sales_tablefields[$k];
$data=$this->formatData($field,$row[$field],$tableprefix);
echo "\n<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$data</font>\n</td>\n";
}
echo '</tr></table>';
$sale_items_query="SELECT * FROM $sales_items_table WHERE sale_id=\"$row[id]\"";
$sale_items_result=mysql_query($sale_items_query,$this->conn);
echo "<br><b>{$this->lang->itemsInSale}</b><table cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='$tablewidth' style=\"border: $this->border_style $this->border_color $this->border_width px\">
<tr bgcolor=$this->header_rowcolor>\n\n";
for($k=0;$k<count($sales_items_tableheaders);$k++)
{
echo "<th align='center'>\n<font color='$this->header_text_color' face='$this->headerfont_face' size='$this->headerfont_size'>$sales_items_tableheaders[$k]</font>\n</th>\n";
}
echo '</tr>';
$rowCounter2=0;
while($newrow=mysql_fetch_assoc($sale_items_result))
{
if($rowCounter2%2==0)
{
echo "\n<tr bgcolor=$this->rowcolor1>\n";
}
else
{
echo "\n<tr bgcolor=$this->rowcolor2>\n";
}
$rowCounter2++;
for($k=0;$k<count($sales_items_tablefields);$k++)
{
$field=$sales_items_tablefields[$k];
if($field=='brand_id' or $field=='category_id' or $field=='supplier_id')
{
$field_data=$this->idToField("$tableprefix".'items',"$field",$newrow['item_id']);
$data=$this->formatData($field,$field_data,$tableprefix);
}
else
{
$data=$this->formatData($field,$newrow[$field],$tableprefix);
}
echo "\n<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$data</font>\n</td>\n";
}
echo "<td align='center'>\n<a href=\"update_item.php?sale_id=$newrow[sale_id]&item_id=$newrow[item_id]&row_id=$newrow[id]\"><font color='$this->rowcolor_link'>{$this->lang->update}</font></a></td>
<td align='center'>\n<a href=\"javascript:decision('{$this->lang->confirmDelete} $sales_items_table {$this->lang->table}?','delete_item.php?sale_id=$newrow[sale_id]&item_id=$newrow[item_id]&row_id=$newrow[id]')\"><font color='$this->rowcolor_link'>{$this->lang->delete}</font></a></td>\n</tr>\n\n";
echo '</tr>'."\n\n";
}
echo '</table><br></table><br>';
}
echo "</table></td></tr></table></center>";
}
function displayTotalsReport($tableprefix,$total_type,$tableheaders,$date1,$date2,$where1,$where2)
{
$sales_table="$tableprefix".'sales';
$sales_items_table="$tableprefix".'sales_items';
$items_table="$tableprefix".'items';
$brands_table="$tableprefix".'brands';
$categories_table="$tableprefix".'categories';
$suppliers_table="$tableprefix".'suppliers';
$customer_table="$tableprefix".'customers';
$users_table="$tableprefix".'users';
if($total_type=='customers')
{
echo "<center><b>{$this->lang->totalsShownBetween} $date1 {$this->lang->and} $date2</b></center>";
echo "<table align='center' cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='60%' style=\"border: $this->border_style $this->border_color $this->border_width px\">";
echo "<tr bgcolor=$this->header_rowcolor>\n\n";
for($k=0;$k< count($tableheaders);$k++)
{
echo "<th align='center'>\n<font color='$this->header_text_color' face='$this->headerfont_face' size='$this->headerfont_size'>$tableheaders[$k]</font>\n</th>\n";
}
echo '</tr>'."\n\n";
$query="SELECT * FROM $customer_table ORDER BY last_name";
$customer_result=mysql_query($query,$this->conn);
$temp_cust_id=0;
$accum_sub_total=0;
$accum_total_cost=0;
$accum_items_purhcased=0;
$row_counter=0;
while($row=mysql_fetch_assoc($customer_result))
{
$temp_cust_id=$row['id'];
$customer_name=$this->formatData('customer_id',$temp_cust_id,$tableprefix);
$query2="SELECT * FROM $sales_table WHERE customer_id=\"$temp_cust_id\" and date between \"$date1\" and \"$date2\"";
$result2=mysql_query($query2,$this->conn);
$sub_total=0;
$total_cost=0;
$items_purchased=0;
while($row2=mysql_fetch_assoc($result2))
{
$sub_total+=$row2['sale_sub_total'];
$accum_sub_total+=$row2['sale_sub_total'];
$total_cost+=$row2['sale_total_cost'];
$accum_total_cost+=$row2['sale_total_cost'];
$items_purchased+=$row2['items_purchased'];
$accum_items_purhcased+=$row2['items_purchased'];
}
$row_counter++;
$sub_total=number_format($sub_total,2,'.', '');
$total_cost=number_format($total_cost,2,'.', '');
if($row_counter%2==0)
{
echo "\n<tr bgcolor=$this->rowcolor1>\n";
}
else
{
echo "\n<tr bgcolor=$this->rowcolor2>\n";
}
echo "<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$customer_name</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$items_purchased</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$this->currency_symbol$sub_total</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$this->currency_symbol$total_cost</font>\n</td>
</tr>";
}
echo '</table>';
$accum_sub_total=number_format($accum_sub_total,2,'.', '');
$accum_total_cost=number_format($accum_total_cost,2,'.', '');
echo "<br><table align='right' cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='60%' border=0>";
echo "<tr><td>{$this->lang->totalItemsPurchased}: <b>$accum_items_purhcased</b></td></tr>
<tr><td>{$this->lang->totalWithOutTax}: <b>$this->currency_symbol$accum_sub_total</b></td></tr>
<tr><td>{$this->lang->totalWithTax}: <b>$this->currency_symbol$accum_total_cost</b></td></tr></table>";
}
elseif($total_type=='employees')
{
echo "<center><b>{$this->lang->totalsShownBetween} $date1 {$this->lang->and} $date2</b></center>";
echo "<table align='center' cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='60%' style=\"border: $this->border_style $this->border_color $this->border_width px\">";
echo "<tr bgcolor=$this->header_rowcolor>\n\n";
for($k=0;$k< count($tableheaders);$k++)
{
echo "<th align='center'>\n<font color='$this->header_text_color' face='$this->headerfont_face' size='$this->headerfont_size'>$tableheaders[$k]</font>\n</th>\n";
}
echo '</tr>'."\n\n";
$query="SELECT * FROM $users_table ORDER BY last_name";
$employee_result=mysql_query($query,$this->conn);
$temp_cust_id=0;
$accum_sub_total=0;
$accum_total_cost=0;
$accum_items_purhcased=0;
$row_counter=0;
while($row=mysql_fetch_assoc($employee_result))
{
$temp_empl_id=$row['id'];
$employee_name=$this->formatData('user_id',$temp_empl_id,$tableprefix);
$query2="SELECT * FROM $sales_table WHERE sold_by=\"$temp_empl_id\" and date between \"$date1\" and \"$date2\"";
$result2=mysql_query($query2,$this->conn);
$sub_total=0;
$total_cost=0;
$items_purchased=0;
while($row2=mysql_fetch_assoc($result2))
{
$sub_total+=$row2['sale_sub_total'];
$accum_sub_total+=$row2['sale_sub_total'];
$total_cost+=$row2['sale_total_cost'];
$accum_total_cost+=$row2['sale_total_cost'];
$items_purchased+=$row2['items_purchased'];
$accum_items_purhcased+=$row2['items_purchased'];
}
$row_counter++;
$sub_total=number_format($sub_total,2,'.', '');
$total_cost=number_format($total_cost,2,'.', '');
if($row_counter%2==0)
{
echo "\n<tr bgcolor=$this->rowcolor1>\n";
}
else
{
echo "\n<tr bgcolor=$this->rowcolor2>\n";
}
echo "<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$employee_name</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$items_purchased</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$this->currency_symbol$sub_total</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$this->currency_symbol$total_cost</font>\n</td>
</tr>";
}
echo '</table>';
$accum_sub_total=number_format($accum_sub_total,2,'.', '');
$accum_total_cost=number_format($accum_total_cost,2,'.', '');
echo "<br><table align='right' cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='60%' border=0>";
echo "<tr><td>{$this->lang->totalItemsPurchased}:<b> $accum_items_purhcased</b></td></tr>
<tr><td>{$this->lang->totalWithOutTax}: <b>$this->currency_symbol$accum_sub_total</b></td></tr>
<tr><td>{$this->lang->totalWithTax}: <b> $this->currency_symbol$accum_total_cost</b></td></tr></table>";
}
elseif($total_type=='items')
{
echo "<center><b>{$this->lang->totalsShownBetween} $date1 {$this->lang->and} $date2</b></center>";
echo "<table align='center' cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='70%' style=\"border: $this->border_style $this->border_color $this->border_width px\">";
echo "<tr bgcolor=$this->header_rowcolor>\n\n";
for($k=0;$k< count($tableheaders);$k++)
{
echo "<th align='center'>\n<font color='$this->header_text_color' face='$this->headerfont_face' size='$this->headerfont_size'>$tableheaders[$k]</font>\n</th>\n";
}
echo '</tr>'."\n\n";
$query="SELECT * FROM $items_table ORDER BY item_name";
$item_result=mysql_query($query,$this->conn);
$temp_item_id=0;
$accum_sub_total=0;
$accum_total_cost=0;
$accum_items_purhcased=0;
$row_counter=0;
while($row=mysql_fetch_assoc($item_result))
{
$temp_item_id=$row['id'];
$item_name=$this->formatData('item_id',$temp_item_id,$tableprefix);
$temp_brand=$this->idToField($brands_table,'brand',$this->idToField($items_table,'brand_id',$temp_item_id));
$temp_category=$this->idToField($categories_table,'category',$this->idToField($items_table,'category_id',$temp_item_id));
$temp_supplier=$this->idToField($suppliers_table,'supplier',$this->idToField($items_table,'supplier_id',$temp_item_id));
$query2=mysql_query("SELECT * FROM $sales_table WHERE date between \"$date1\" and \"$date2\" ORDER by id ASC",$this->conn);
$sale_row1=mysql_fetch_assoc($query2);
$low_sale_id=$sale_row1['id'];
$query3=mysql_query("SELECT * FROM $sales_table WHERE date between \"$date1\" and \"$date2\" ORDER by id DESC",$this->conn);
$sale_row2=mysql_fetch_assoc($query3);
$high_sale_id=$sale_row2['id'];
$query4="SELECT * FROM $sales_items_table WHERE item_id=\"$temp_item_id\" and sale_id between \"$low_sale_id\" and \"$high_sale_id\"";
$result4=mysql_query($query4,$this->conn);
$sub_total=0;
$total_cost=0;
$items_purchased=0;
while($row2=mysql_fetch_assoc($result4))
{
$sub_total+=$row2['item_total_cost']-$row2['item_total_tax'];
$accum_sub_total+=$row2['item_total_cost']-$row2['item_total_tax'];
$total_cost+=$row2['item_total_cost'];
$accum_total_cost+=$row2['item_total_cost'];
$items_purchased+=$row2['quantity_purchased'];
$accum_items_purhcased+=$row2['quantity_purchased'];
}
$row_counter++;
$sub_total=number_format($sub_total,2,'.', '');
$total_cost=number_format($total_cost,2,'.', '');
if($row_counter%2==0)
{
echo "\n<tr bgcolor=$this->rowcolor1>\n";
}
else
{
echo "\n<tr bgcolor=$this->rowcolor2>\n";
}
echo "<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$item_name</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$temp_brand</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$temp_category</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$temp_supplier</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$items_purchased</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$this->currency_symbol$sub_total</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$this->currency_symbol$total_cost</font>\n</td>
</tr>";
}
echo '</table>';
$accum_sub_total=number_format($accum_sub_total,2,'.', '');
$accum_total_cost=number_format($accum_total_cost,2,'.', '');
echo "<br><table align='right' cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='60%' border=0>";
echo "<tr><td>{$this->lang->totalItemsPurchased}:<b> $accum_items_purhcased</b></td></tr>
<tr><td>{$this->lang->totalWithOutTax}: <b>$this->currency_symbol$accum_sub_total</b></td></tr>
<tr><td>{$this->lang->totalWithTax}: <b> $this->currency_symbol$accum_total_cost</b></td></tr></table>";
}
elseif($total_type=='item')
{
echo "<center><b>{$this->lang->totalsShownBetween} $date1 {$this->lang->and} $date2</b></center>";
echo "<table align='center' cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='60%' style=\"border: $this->border_style $this->border_color $this->border_width px\">";
echo "<tr bgcolor=$this->header_rowcolor>\n\n";
for($k=0;$k< count($tableheaders);$k++)
{
echo "<th align='center'>\n<font color='$this->header_text_color' face='$this->headerfont_face' size='$this->headerfont_size'>$tableheaders[$k]</font>\n</th>\n";
}
echo '</tr>'."\n\n";
$query="SELECT * FROM $items_table WHERE $where1=\"$where2\" ORDER BY item_name";
$item_result=mysql_query($query,$this->conn);
$row=mysql_fetch_assoc($item_result);
$temp_item_id=$row['id'];
$item_name=$this->formatData('item_id',$temp_item_id,$tableprefix);
$temp_brand=$this->idToField($brands_table,'brand',$this->idToField($items_table,'brand_id',$temp_item_id));
$temp_category=$this->idToField($categories_table,'category',$this->idToField($items_table,'category_id',$temp_item_id));
$temp_supplier=$this->idToField($suppliers_table,'supplier',$this->idToField($items_table,'supplier_id',$temp_item_id));
$item_name=$this->formatData('item_id',$temp_item_id,$tableprefix);
$query2=mysql_query("SELECT * FROM $sales_table WHERE date between \"$date1\" and \"$date2\" ORDER by id ASC",$this->conn);
$sale_row1=mysql_fetch_assoc($query2);
$low_sale_id=$sale_row1['id'];
$query3=mysql_query("SELECT * FROM $sales_table WHERE date between \"$date1\" and \"$date2\" ORDER by id DESC",$this->conn);
$sale_row2=mysql_fetch_assoc($query3);
$high_sale_id=$sale_row2['id'];
$query4="SELECT * FROM $sales_items_table WHERE item_id=\"$temp_item_id\" and sale_id between \"$low_sale_id\" and \"$high_sale_id\"";
$result4=mysql_query($query4,$this->conn);
$sub_total=0;
$total_cost=0;
$items_purchased=0;
while($row2=mysql_fetch_assoc($result4))
{
$sub_total+=$row2['item_total_cost']-$row2['item_total_tax'];
$total_cost+=$row2['item_total_cost'];
$items_purchased+=$row2['quantity_purchased'];
}
$sub_total=number_format($sub_total,2,'.', '');
$total_cost=number_format($total_cost,2,'.', '');
echo "\n<tr bgcolor=$this->rowcolor1>\n";
echo "<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$item_name</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$temp_brand</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$temp_category</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$temp_supplier</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$items_purchased</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$this->currency_symbol$sub_total</font>\n</td>
<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$this->currency_symbol$total_cost</font>\n</td>
</tr>";
echo '</table>';
}
elseif($total_type=='profit')
{
echo "<center><b>{$this->lang->totalsShownBetween} $date1 {$this->lang->and} $date2</b></center>";
echo "<table align='center' cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='40%' style=\"border: $this->border_style $this->border_color $this->border_width px\">";
echo "<tr bgcolor=$this->header_rowcolor>\n\n";
for($k=0;$k< count($tableheaders);$k++)
{
echo "<th align='center'>\n<font color='$this->header_text_color' face='$this->headerfont_face' size='$this->headerfont_size'>$tableheaders[$k]</font>\n</th>\n";
}
echo '</tr>'."\n\n";
$query="SELECT DISTINCT date FROM $sales_table WHERE date between \"$date1\" and \"$date2\" ORDER by date ASC";
$result=mysql_query($query);
$amount_sold=0;
$profit=0;
$total_amount_sold=0;
$total_profit=0;
while($row=mysql_fetch_assoc($result))
{
$amount_sold=0;
$profit=0;
$distinct_date=$row['date'];
$result2=mysql_query("SELECT * FROM $sales_table WHERE date=\"$distinct_date\"",$this->conn);
echo "\n<tr bgcolor=$this->rowcolor1>\n";
echo "<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$distinct_date</font>\n</td>";
while($row2=mysql_fetch_assoc($result2))
{
$amount_sold+=$row2['sale_sub_total'];
$total_amount_sold+=$row2['sale_sub_total'];
$profit+=$this->getProfit($row2['id'],$tableprefix);
$total_profit+=$this->getProfit($row2['id'],$tableprefix);
}
$amount_sold=number_format($amount_sold,2,'.', '');
$profit=number_format($profit,2,'.', '');
echo "<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$this->currency_symbol$amount_sold</font>\n</td>";
echo "<td align='center'>\n<font color='$this->rowcolor_text' face='$this->rowfont_face' size='$this->rowfont_size'>$this->currency_symbol$profit</font>\n</td>";
echo "</tr>";
}
echo '</table>';
$total_amount_sold=number_format($total_amount_sold,2,'.', '');
$total_profit=number_format($total_profit,2,'.', '');
echo "<br><table align='right' cellspacing='$this->cellspacing' cellpadding='$this->cellpadding' bgcolor='$this->table_bgcolor' width='60%' border=0>";
echo "<tr><td>{$this->lang->totalAmountSold}: <b>$this->currency_symbol$total_amount_sold</b></td></tr>
<tr><td>{$this->lang->totalProfit}: <b>$this->currency_symbol$total_profit</b></td></tr>
</table>";
}
}
function getProfit($sale_id,$tableprefix)
{
$sales_items_table="$tableprefix".'sales_items';
$query="SELECT * FROM $sales_items_table WHERE sale_id=\"$sale_id\"";
$result=mysql_query($query,$this->conn);
$profit=0;
while($row=mysql_fetch_assoc($result))
{
$profit+=($row['item_unit_price']-$row['item_buy_price'])*$row['quantity_purchased'];
}
return $profit;
}
function formatData($field,$data,$tableprefix)
{
if($field=='unit_price' or $field=='total_cost' or $field=='buy_price' or $field=='sale_sub_total' or $field=='sale_total_cost' or $field=='item_unit_price' or $field=='item_total_cost' or $field=='item_total_tax' )
{
return "$this->currency_symbol"."$data";
}
elseif($field=='tax_percent' or $field=='percent_off')
{
return "$data".'%';
}
elseif($field=='brand_id')
{
return $this->idToField("$tableprefix".'brands','brand',$data);
}
elseif($field=='category_id')
{
return $this->idToField("$tableprefix".'categories','category',$data);
}
elseif($field=='supplier_id')
{
return $this->idToField("$tableprefix".'suppliers','supplier',$data);
}
elseif($field=='customer_id')
{
$field_first_name=$this->idToField("$tableprefix".'customers','first_name',$data);
$field_last_name=$this->idToField("$tableprefix".'customers','last_name',$data);
return $field_first_name.' '.$field_last_name;
}
elseif($field=='user_id')
{
$field_first_name=$this->idToField("$tableprefix".'users','first_name',$data);
$field_last_name=$this->idToField("$tableprefix".'users','last_name',$data);
return $field_first_name.' '.$field_last_name;
}
elseif($field=='item_id')
{
return $this->idToField("$tableprefix".'items','item_name',$data);
}
elseif($field=='sold_by')
{
$field_first_name=$this->idToField("$tableprefix".'users','first_name',$data);
$field_last_name=$this->idToField("$tableprefix".'users','last_name',$data);
return $field_first_name.' '.$field_last_name;
}
elseif($field=='supplier_id')
{
return $this->idToField("$tableprefix".'suppliers','supplier',$data);
}
elseif($field=='password')
{
return '*******';
}
else
{
return "$data";
}
}
}
?>

309
classes/form.php

@ -0,0 +1,309 @@
<?php
class form
{
var $row_color,$text_color;
var $lang;
function form($form_action,$form_method,$form_name,$table_width,$theme,$language)
{
//pre: all parameters are strings.
//post: sets up the form header along with the table to display form
$this->lang=$language;
$getType=explode('_',$form_action);
$type=$getType[0];
if($type=='manage')
{
$url=$_SERVER['PHP_SELF'];
if(isset($_POST['search']) or isset($_GET['outofstock']) or isset($_GET['reorder']))
{
echo "<center><a href='$url'>[{$this->lang->clearSearch}]</a></center>";
}
echo "<form action='$form_action' method='$form_method' name='$form_name'>
<center>\n<table border='0' width='$table_width' cellspacing='2' cellpadding='0'>";
}
else
{
echo "<form action='$form_action' method='$form_method' name='$form_name'>
<center><b>*{$this->lang->itemsInBoldRequired}</b>\n<table border='0' width='$table_width' cellspacing='2' cellpadding='0'>";
}
switch($theme)
{
//add more themes
case $theme=='serious':
$this->row_color='#DDDDDD';
$this->text_color='black';
break;
case $theme=='big blue':
$this->row_color='#15759B';
$this->text_color='white';
break;
}
}
function formBreak ($table_width,$theme)
{
{
echo "<table border='0' width='$table_width' cellspacing='2' cellpadding='0'>";
}
switch($theme)
{
//add more themes
case $theme=='serious':
$this->row_color='#DDDDDD';
$this->text_color='black';
break;
case $theme=='big blue':
$this->row_color='#15759B';
$this->text_color='white';
break;
}
}
function createInputField($field_title,$input_type,$input_name,$input_value,$input_size,$td_width,$disabled=NULL)
{
//pre: all parameters are strings.
//post: creates in inputField based on parameters.
echo"
<tr bgcolor=$this->row_color>
<td width='$td_width'><font color='$this->text_color'>$field_title</font></td>
<td><input type='$input_type' name='$input_name' value='$input_value' size='$input_size' $disabled></td>
</tr>\n";
}
function createCheckboxField($field_title,$check_name,$td_width,$disabled=NULL,$checked=NULL,$postlabel=NULL)
{
//pre: all parameters are strings option selected value is at pos 0.
//post: creates in CheckboxField based on parameters.
echo "
<tr bgcolor=$this->row_color>
<td width='$td_width'><font color='$this->text_color'>$field_title</font></td>
<td>";
echo"<input type=checkbox name=$check_name $checked $disabled/>$postlabel<br />";
}
function createRadioField($field_title,$radio_name,$option_values,$option_titles,$td_width,$disabled=NULL,$selected=NULL)
{
//pre: all parameters are strings option selected value is at pos 0.
//post: creates in selectField based on parameters.
echo "
<tr bgcolor=$this->row_color>
<td width='$td_width'><font color='$this->text_color'>$field_title</font></td>
<td>";
if($option_values[0]!='')
{
echo"<input type=radio name=$radio_name value=$option_values[0] $disabled>$option_titles[0]<br>";
}
for($k=1;$k< count($option_values); $k++)
{
if($option_values[$k]!=$option_values[0] )
{
if($selected==$option_values[$k]){
echo "<input type=radio name=$radio_name value=$option_values[$k] $disabled CHECKED>$option_titles[$k]<br>";
}
else {
echo"<input type=radio name=$radio_name value=$option_values[$k] $disabled>$option_titles[$k]<br>";;
}
}
}
echo '</select>
</td>
</tr>'."\n";
}
function createSelectField($field_title,$select_name,$option_values,$option_titles,$td_width,$disabled=NULL,$selected=NULL)
{
//pre: all parameters are strings option selected value is at pos 0.
//post: creates in selectField based on parameters.
echo "
<tr bgcolor=$this->row_color>
<td width='$td_width'><font color='$this->text_color'>$field_title</font></td>
<td><select name='$select_name' $disabled>";
if($option_values[0]!='')
{
echo"<option value=\"$option_values[0]\">$option_titles[0]</option>";
}
for($k=1;$k< count($option_values); $k++)
{
if($option_values[$k]!=$option_values[0] )
{
if($selected==$option_values[$k]){ echo "<option value='$option_values[$k]' SELECTED>$option_titles[$k]</option>"; }
else { echo "<option value='$option_values[$k]'>$option_titles[$k]</option>"; }
}
}
echo '</select>
</td>
</tr>'."\n";
}
function createDateSelectField()
{
?>
<tr bgcolor=<?php echo $this->row_color ?> ><td><b><font color=<?php echo $this->text_color ?>><?php echo" {$this->lang->fromMonth}"; ?>:</font></b> <select name=month1>
<?php
for($k=1;$k<=12;$k++)
if($k==date("n"))
echo "<option selected value=\"".$k."\">".date("M",mktime(0,0,0,$k,1,0))."</option>";
else
echo "<option value=\"".$k."\">".date("M",mktime(0,0,0,$k,1,0))."</option>";
?>
</select></td>
<td><b><font color=<?php echo $this->text_color ?>><?php echo" {$this->lang->day}"; ?>:</font></b> <select name=day1>
<?php
for($k=1;$k<=31;$k++)
if($k==date("j"))
echo "<option selected value=\"".$k."\">".$k."</option>";
else
echo "<option value=\"".$k."\">".$k."</option>";
?>
</select></td>
<td><b><font color=<?php echo $this->text_color ?>><?php echo" {$this->lang->year}"; ?>:</font></b> <select name=year1>
<?php
for($k=2003;$k<=date("Y");$k++)
if($k==date("Y"))
echo "<option selected value=\"".$k."\">".$k."</option>";
else
echo "<option value=\"".$k."\">".$k."</option>";
?>
</select></td>
<td><b><font color=<?php echo $this->text_color ?>><?php echo" {$this->lang->toMonth}"; ?>:</font> <select name=month2>
<?php
for($k=1;$k<=12;$k++)
if($k==date("n"))
echo "<option selected value=\"".$k."\">".date("M",mktime(0,0,0,$k,1,0))."</option>";
else
echo "<option value=\"".$k."\">".date("M",mktime(0,0,0,$k,1,0))."</option>";
?>
</select></td>
<td><b><font color=<?php echo $this->text_color ?>><?php echo" {$this->lang->day}"; ?>:</font></b> <select name=day2>
<?php
for($k=1;$k<=31;$k++)
if($k==date("j"))
echo "<option selected value=\"".$k."\">".$k."</option>";
else
echo "<option value=\"".$k."\">".$k."</option>";
?>
</select></td>
<td><b><font color=<?php echo $this->text_color ?>><?php echo" {$this->lang->year}"; ?>:</font></b> <select name=year2>
<?php
for($k=2003;$k<=date("Y");$k++)
if($k==date("Y"))
echo "<option selected value=\"".$k."\">".$k."</option>";
else
echo "<option value=\"".$k."\">".$k."</option>";
?>
</select></td></tr>
<?php
}
function createSingleDateSelectField($selname=NULL)
{
?>
<tr bgcolor=<?php echo $this->row_color ?> ><td width='$td_width'><font color='<?php echo $this->text_color ?>'><?php echo $selname ?></font></td>
<td><select name=month>
<?php
for($k=1;$k<=12;$k++)
if($k==date("n"))
echo "<option selected value=\"".$k."\">".date("M",mktime(0,0,0,$k,1,0))."</option>";
else
echo "<option value=\"".$k."\">".date("M",mktime(0,0,0,$k,1,0))."</option>";
?>
</select>
<select name=day>
<?php
for($k=1;$k<=31;$k++)
if($k==date("j"))
echo "<option selected value=\"".$k."\">".$k."</option>";
else
echo "<option value=\"".$k."\">".$k."</option>";
?>
</select>
<select name=year>
<?php
$thisyear = date("Y");
for($k=$thisyear;$k<=date("Y");$k++)
if($k==date("Y"))
echo "<option selected value=\"".$k."\">".$k."</option>";
else
echo "<option value=\"".$k."\">".$k."</option>";
?>
</select></td>
</tr>
<?php
}
function createTextareaField($field_title,$textarea_name,$textarea_rows,$textarea_cols,$textarea_value,$td_width)
{
//pre: all parameters are strings.
//post: creates a textarea field.
echo "
<tr bgcolor=$this->row_color>
<td width='$td_width' valign='top'><font color='$this->text_color'>$field_title</font></td>
<td><textarea name='$textarea_name' rows='$textarea_rows' cols='$textarea_cols'>$textarea_value</textarea>";
}
function endForm()
{
//adds submit button and ends remainings tags.
echo "
<tr>
<td colspan=2 align=center>$altbutton<input type=submit value=Submit></td>
</tr>
</table>
</center>
</form>";
}
function endLibraryForm()
{
//adds submit button and ends remainings tags.
echo "
<tr>
<td colspan=2 align=center><input type=submit name=signin value='Sign Bike In/Out'></td>
</tr>
</table>
</center>
</form>";
}
}
?>

258
classes/security_functions.php

@ -0,0 +1,258 @@
<?php
class security_functions
{
var $conn;
var $lang;
var $tblprefix;
//defalt constructor which first checks if page is accessable.
function security_functions($dbf,$page_type,$language)
{
//pre: $dbf must be a db_functions object and $page_type must be a string
//post: denies access to page and stops php processing
//$page_type will be either: Public, Admin, Sales Clerk or Report Viewer.
//$usertype will be either: Admin, Sales Clerk or Report Viewer.
//Their must be a session present in order to execute authoization.
//sets class variables.
$this->conn=$dbf->conn;
$this->lang=$language;
$this->tblprefix=$dbf->tblprefix;
if(isset($_SESSION['session_user_id']))
{
$user_id=$_SESSION['session_user_id'];
$tablename="$this->tblprefix".'users';
$result = mysql_query("SELECT * FROM $tablename WHERE id=\"$user_id\"",$this->conn);
//echo "$result";
$row = mysql_fetch_assoc($result);
$usertype= $row['type'];
//echo "stupid";
//If the page is not public or the user is not an Admin, investigation must continue.
if($page_type!='Public' or $usertype!='Admin')
{
if($usertype!='Admin' and $usertype!='Sales Clerk' and $usertype!='Report Viewer')
{
//makes sure $usertype is not anything but Admin, Sales Clerk, Report Viewer
echo "{$this->lang->attemptedSecurityBreech}";
exit();
}
elseif($page_type!='Public' and $page_type!='Admin' and $page_type!='Sales Clerk' and $page_type!='Report Viewer')
{
//makes sure $page_type is not anything but Public, Admin, Sales Clerk or Report Viewer.
echo "{$this->lang->attemptedSecurityBreech}";
exit();
}
elseif($usertype!='Admin' and $page_type=='Admin')
{
//if page is only intented for Admins but the user is not an admin, access is denied.
echo "{$this->lang->mustBeAdmin}";
exit();
}
elseif(($usertype=='Sales Clerk') and $page_type =='Report Viewer')
{
//Page is only intented for Report Viewers and Admins.
echo "{$this->lang->mustBeReportOrAdmin}";
exit();
}
elseif(($usertype=='Report Viewer') and $page_type =='Sales Clerk')
{
//Page is only intented for Sales Clerks and Admins.
echo "{$this->lang->mustBeSalesClerkOrAdmin}";
exit();
}
}
}
/*if(!$this->isLoggedIn()){
header("location: ../login.php");
exit();
}
if(!$this->isOpen()){
header("location: ../books/openshop.php");
exit();
}*/
}
function isLoggedIn()
{
//returns boolean based on if user is logged in.
if(isset($_SESSION['session_user_id']))
{
$user_id=$_SESSION['session_user_id'];
$tablename="$this->tblprefix".'users';
$result = mysql_query ("SELECT * FROM $tablename WHERE id=\"$user_id\"",$this->conn);
$num = @mysql_num_rows($result);
if($num> 0)
{
return true;
}
else
{
return false;
}
}
return false;
}
function checkLogin($username,$password)
{
//pre: $username and $password must be strings. ($password is encrypted)
//post: returns boolean based on if their login was succesfull.
$tablename="$this->tblprefix".'users';
$result = mysql_query ("SELECT * FROM $tablename WHERE username=\"$username\" and password=\"$password\"",$this->conn);
$num = @mysql_num_rows($result);
if($num > 0)
{
return true;
}
return false;
}
function closeSale()
{
//deletes sessions vars
session_unregister('items_in_sale');
session_unregister('current_sale_customer_id');
session_unregister('current_item_search');
session_unregister('current_customer_search');
}
function checkMembership($userID)
{
global $cfg_membershipID;
// Construct the join query
$memquery = "SELECT sales.id, sales_items.sale_id, sales_items.item_id, DATE_ADD( sales.date, INTERVAL 1 YEAR ) AS expires
FROM sales, sales_items
WHERE sales.id = sales_items.sale_id
AND sales_items.item_id=$cfg_membershipID
AND sales.customer_id=$userID
ORDER BY sales.date DESC
LIMIT 1;";
//"SELECT sales.id, sales_items.sale_id, sales_items.item_id, DATE_ADD(sales.date, INTERVAL 1 YEAR) as expires ".
//"FROM sales, sales_items "."WHERE sales.id = sales_items.sale_id AND sales_items.item_id = '$cfg_membershipID' AND sales.customer_id = '$userID'";
$memresult = mysql_query($memquery) or die(mysql_error());
if(mysql_num_rows($memresult) < 1){
return false;
}
// Get expiry date
$today = date('Y-m-d');
$row = mysql_fetch_array($memresult);
$expires = $row['expires'];
if($row[item_id] == "1" && $expires >= $today){
return true;
}else{
return false;
}
}
function checkWaiver($userID)
{
// If Membership is ok, check waiver
$waiverresult = mysql_query("SELECT waiver FROM customers WHERE id='$userID'");
if (!$waiverresult) { die("Query to check on status of liability waiver failed"); }
while ($waiverrow = mysql_fetch_array($waiverresult)) {
if ($waiverrow[waiver] == 0 || $waiverrow[waiver] == ""){ return false; } else { return true; }
}
}
function signinMember($userID, $intime, $activity)
{
global $cfg_reqmembership;
$isinresult = mysql_query("SELECT userID FROM visits WHERE endout IS NULL");
if (!$isinresult) { die("Query to show fields from table failed"); }
while($isinrow = mysql_fetch_array($isinresult)){
if($userID == "$isinrow[userID]"){
die("<b>Bike Error!! User is already signed in...</b>");
}
}
// MAKE SURE THEY'VE PAID THEIR MEMBERSHIP (IF REQUIRED BY CONFIG FILE)
if($cfg_reqmembership == "1" && !$this->checkMembership($userID)){
echo "Membership not paid or expired!<br /><a href=\"../home.php\">Go Home --&gt;</a>";
die('');
}
// Have you been a naughty schoolchild and not signed your waiver? PUNISH!
if(!$this->checkWaiver($userID)){
echo "Waiver not signed. Sign waiver, or no shop access you naughty boy!<br /><a href=\"../home.php\">Go Home --&gt;</a>";
die('');
}
// ADD IT TO THE VISITS DATABASE
$in = mktime($_POST[hour], $_POST[minute], 0, $_POST[month], $_POST[day], $_POST[year]);
$tdin = date('Y-m-d H:i:s');
//$activity = $_POST[activity];
if($userID){
$query = "INSERT INTO `visits` (`userID` ,`intime` ,`activity`) VALUES ('$userID', '$tdin', '$activity')";
// echo "IT FJDSFDSA $query";
mysql_query($query);
}
}
function isOpen()
{
//include("settings.php");
//echo "must open = $cfg_company";
//if($cfg_mustOpen == "yes"){
//echo "$this->conn";
//return false;
//}
//return false;
//$tablename="$this->tblprefix".'users';
//$result = mysql_query("SELECT * FROM $tablename WHERE id=\"$user_id\"",$this->conn);
/*$today = date("Y-m-d");
$le = mysql_query("SELECT event, date FROM books WHERE event='1' OR event='2' ORDER BY listID DESC LIMIT 1", $this->conn);
//$le = mysql_query("SELECT * FROM books");//, $this->conn) or die(mysql_error());// WHERE event='1' OR event='2' ORDER BY listID DESC LIMIT 1", $this->conn);
$lastevent = mysql_fetch_assoc($le);
if(!$lastevent || $lastevent['event'] == 2 || $lastevent[date] != $today){// || !mysql_num_rows(mysql_query("SELECT * FROM books WHERE date='$today' AND event='1'"))){
return false;
}*/return true;
//}
return true;
}
function isMechanicHere()
{
return mysql_fetch_array(mysql_query("SELECT userID FROM visits WHERE endout IS NULL AND activity='Mechanic'"));
}
function vaildMailman ($host)
{
$valid = @fsockopen("$host", 80, $errno, $errstr, 30);
if ($valid) return TRUE;
}
}
?>

59
customers/customers_barcode.php

@ -0,0 +1,59 @@
<?php session_start();
include ("../settings.php");
include("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/display.php");
include ("../classes/security_functions.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(isset($_GET['generateWith']))
{
$generateWith=$_GET['generateWith'];
}
else
{
$generateWith='id';
}
$display->displayTitle("$lang->customersBarcode"." ($generateWith)");
echo "<a href='customers_barcode.php?generateWith=account_number'>$lang->accountNumber</a> / <a href='customers_barcode.php?generateWith=id'>id</a>";
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$customers_table=$cfg_tableprefix.'customers';
$result=mysql_query("SELECT * FROM $customers_table ORDER by last_name",$dbf->conn);
echo '<table border=0 width=85% align=center cellspacing=5 cellpadding=12>
<tr>';
$counter=0;
while($row=mysql_fetch_assoc($result))
{
if($counter%2==0)
{
echo '</tr><tr>';
}
echo "<td align='center'><img src='../classes/barcode.php?barcode=$row[$generateWith]&width=227&text=*$row[last_name], $row[first_name]*'></td>";
$counter++;
}
echo '</tr></table>';
$dbf->closeDBlink();
?>

15
customers/error_log

@ -0,0 +1,15 @@
[10-Mar-2017 00:43:46 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24
[10-Mar-2017 00:43:48 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24
[10-Mar-2017 00:43:51 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24
[10-Mar-2017 00:44:28 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24
[10-Mar-2017 00:44:28 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24
[10-Mar-2017 00:44:31 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24
[10-Mar-2017 00:44:33 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24
[10-Mar-2017 00:56:19 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24
[10-Mar-2017 00:56:25 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24
[10-Mar-2017 00:56:30 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24
[10-Mar-2017 00:57:44 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24
[10-Mar-2017 00:57:44 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24
[10-Mar-2017 00:57:47 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24
[10-Mar-2017 01:05:43 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24
[10-Mar-2017 01:07:10 America/Toronto] PHP Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/variousa/public_html/pos/classes/db_functions.php on line 24

102
customers/form_customers.php

@ -0,0 +1,102 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../settings.php");
include("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
include ("../classes/form.php");
include ("../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
//set default values, these will change if $action==update.
$first_name_value='';
$last_name_value='';
$account_number_value='';
$phone_number_value='';
$email_value='';
$street_address_value='';
$comments_value='';
$id=-1;
//decides if the form will be used to update or add a user.
if(isset($_GET['action']))
{
$action=$_GET['action'];
}
else
{
$action="insert";
}
//if action is update, sets variables to what the current users data is.
if($action=="update")
{
$display->displayTitle("Update a Member");
if(isset($_GET['id']))
{
$id=$_GET['id'];
$tablename = "$cfg_tableprefix".'customers';
$result = mysql_query("SELECT * FROM $tablename WHERE id=\"$id\"",$dbf->conn);
$row = mysql_fetch_assoc($result);
$first_name_value=$row['first_name'];
$last_name_value=$row['last_name'];
$account_number_value=$row['account_number'];
$phone_number_value=$row['phone_number'];
$email_value=$row['email'];
$street_address_value=$row['street_address'];
$comments_value=$row['comments'];
}
}
else
{
$display->displayTitle("Add a Member");
}
//creates a form object
$f1=new form('process_form_customers.php','POST','customers','450',$cfg_theme,$lang);
//creates form parts.
$f1->createInputField("<b>$lang->firstName:</b> ",'text','first_name',"$first_name_value",'24','150');
$f1->createInputField("<b>$lang->lastName:</b> ",'text','last_name',"$last_name_value",'24','150');
$f1->createInputField("$lang->accountNumber: ",'text','account_number',"$account_number_value",'24','150');
$f1->createInputField("<b>$lang->phoneNumber</b> ",'text','phone_number',"$phone_number_value",'24','150');
$f1->createInputField("$lang->email:",'text','email',"$email_value",'24','150');
$f1->createInputField("$lang->streetAddress:",'text','street_address',"$street_address_value",'24','150');
$f1->createInputField("$lang->commentsOrOther:",'text','comments',"$comments_value",'40','150');
//sends 2 hidden varibles needed for process_form_users.php.
echo "
<input type='hidden' name='action' value='$action'>
<input type='hidden' name='id' value='$id'>";
$f1->endForm();
$dbf->closeDBlink();
?>
</body>
</html>

57
customers/index.php

@ -0,0 +1,57 @@
<?php session_start();
include ("../settings.php");
include("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$tablename = $cfg_tableprefix.'users';
$auth = $dbf->idToField($tablename,'type',$_SESSION['session_user_id']);
$first_name = $dbf->idToField($tablename,'first_name',$_SESSION['session_user_id']);
$last_name= $dbf->idToField($tablename,'last_name',$_SESSION['session_user_id']);
$today = date("Y-m-d");
if($auth=="Sales Clerk"){
if(!$sec->isOpen()){
header("location: ../books/openshop.php");
exit();
}
}
echo "
<html>
<body>
<head>
</head>
<table border=\"0\" width=\"500\">
<tr>
<td><img border=\"0\" src=\"../images/customers.gif\" width=\"41\" height=\"33\" valign='top'><font color='#005B7F' size='4'>&nbsp;<b>Members</b></font><br>
<br>
<font face=\"Verdana\" size=\"2\">Welcome to the Members panel! Here you can manage our members database. What would you like to do?</font>
<ul>
<li><font face=\"Verdana\" size=\"2\"><a href=\"../members/add.php?action=insert\">New Member</a></font></li>
<li><font face=\"Verdana\" size=\"2\"><a href=\"manage_customers.php\">Edit or remove Members</a></font></li>
<br /><br />
<li><font face=\"Verdana\" size=\"2\"><a href=\"customers_barcode.php\">Member Barcode Sheet (don't even bother...)</a></font></li>
</ul>
</td>
</tr>
</table>
</body>
</html>";
$dbf->closeDBlink();
?>

74
customers/manage_customers.php

@ -0,0 +1,74 @@
<?php session_start(); ?>
<html>
<head>
<SCRIPT LANGUAGE="Javascript">
<!---
function decision(message, url)
{
if(confirm(message) )
{
location.href = url;
}
}
// --->
</SCRIPT>
</head>
<body>
<?php
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
include ("../classes/display.php");
include ("../classes/form.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
$display->displayTitle("Manage Members");
$f1=new form('manage_customers.php','POST','customers','450',$cfg_theme,$lang);
$f1->createInputField("<b>$lang->searchForCustomer</b>",'text','search','','24','150');
$option_values2=array('first_name','last_name','account_number','id');
$option_titles2=array("$lang->firstName","$lang->lastName","$lang->accountNumber",'ID');
$f1->createSelectField("<b>$lang->searchBy</b>",'searching_by',$option_values2,$option_titles2,100);
$f1->endForm();
$tableheaders=array("$lang->rowID","$lang->lastName","$lang->firstName","$lang->phoneNumber","$lang->email","$lang->streetAddress","Update/Edit Member","Remove Member","Get User Info/Records");
$tablefields=array('id','last_name','first_name','phone_number','email','street_address');
if(isset($_POST['search']))
{
$search=$_POST['search'];
$searching_by =$_POST['searching_by'];
echo "<center>$lang->searchedForItem: <b>$search</b> $lang->searchBy <b>$searching_by</b></center>";
$display->displayManageTable("$cfg_tableprefix",'customers',$tableheaders,$tablefields,"$searching_by","$search",'last_name');
}
else
{
$display->displayManageTable("$cfg_tableprefix",'customers',$tableheaders,$tablefields,'','','last_name');
}
$dbf->closeDBlink();
?>
</body>
</html>

111
customers/process_form_customers.php

@ -0,0 +1,111 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
//creates 3 objects needed for this script.
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
//checks if user is logged in.
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit ();
}
//variables needed globably in this file.
$tablename="$cfg_tableprefix".'customers';
$field_names=null;
$field_data=null;
$id=-1;
//checks to see if action is delete and an ID is specified. (only delete uses $_GET.)
if(isset($_GET['action']) and isset($_GET['id']))
{
$action=$_GET['action'];
$id=$_GET['id'];
}
//checks to make sure data is comming from form ($action is either delete or update)
elseif(isset($_POST['first_name']) and isset($_POST['last_name']) and isset($_POST['account_number'])
and isset($_POST['phone_number']) and isset($_POST['email']) and isset($_POST['street_address']) and isset($_POST['comments']) and isset($_POST['id']) and isset($_POST['action']) )
{
$action=$_POST['action'];
$id = $_POST['id'];
//gets variables entered by user.
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$account_number = $_POST['account_number'];
$phone_number = $_POST['phone_number'];
$email = $_POST['email'];
$street_address = $_POST['street_address'];
$comments = $_POST['comments'];
//insure all fields are filled in.
if($first_name=='' or $last_name=='' or $phone_number=='')
{
echo "$lang->forgottenFields";
exit();
}
else
{
$field_names=array('first_name','last_name','account_number','phone_number','email','street_address','comments');
$field_data=array("$first_name","$last_name","$account_number","$phone_number","$email","$street_address","$comments");
}
}
else
{
//outputs error message because user did not use form to fill out data.
echo "$lang->mustUseForm";
exit();
}
switch ($action)
{
//finds out what action needs to be taken and preforms it by calling methods from dbf class.
case $action=="insert":
$dbf->insert($field_names,$field_data,$tablename,true);
break;
case $action=="update":
$dbf->update($field_names,$field_data,$tablename,$id,true);
break;
case $action=="delete":
$dbf->deleteRow($tablename,$id);
break;
default:
echo "$lang->noActionSpecified";
break;
}
$dbf->closeDBlink();
?>
<br>
<a href="manage_customers.php">Manage Members--></a>
<br>
<a href="../biketree/users/add.php?action=insert">Add a New Member--></a>
</body>
</html>

BIN
docker/.Dockerfile.swp

Binary file not shown.

20
docker/Dockerfile

@ -0,0 +1,20 @@
#############
# biketree #
#############
# Password is password for &
# docker run -d --name bikebike --env VIRTUAL_HOST=bikebike.wvcompletestreets.org --expose 80 -v /home/freesource/public_html/bikebike:/usr/share/nginx/html nginx:1.11-alpine
FROM nginx:1.11-alpine
MAINTAINER Jonathan Rosenbaum <gnuser@gmail.com>
RUN rm -rf /usr/share/nginx/html; apk update; apk add git; apk add php5-mysql
RUN git clone https://github.com/fspc/biketree.git /usr/share/nginx/html
COPY settings.php /usr/share/nginx/html
COPY default.conf /etc/nginx/conf.d
RUN chown -R nginx:nginx /usr/share/nginx/html; mkdir /var/www; ln -sf /usr/share/nginx/html/ /var/www/html
RUN chown -R nginx:nginx /var/www/html/images/
VOLUME /usr/share/nginx/html

16
docker/Dockerfile-fpm

@ -0,0 +1,16 @@
#############
# biketree #
#############
# Password is password for &
FROM php:5-fpm-alpine
MAINTAINER Jonathan Rosenbaum <gnuser@gmail.com>
# better hardwire www-data in the future in /etc/password
# and make sure nginx also starts with same user
RUN chown -R www-data:www-data /var/www/html; apk update; \
apk add php5-mysql; \
cp -a /etc/php5/* /usr/local/etc/php; \
cp /usr/lib/php5/modules/mysql.so `php-config --extension-dir`/; \

BIN
docker/codeforbikebike.tar.gz

Binary file not shown.

69
docker/default.conf

@ -0,0 +1,69 @@
server {
listen 80;
#server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
location / {
root /var/www/html;
index index.php index.html index.htm;
}
# location ~ \.(gif)$ {
# root /var/www/html;
# }
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
# location ~ \.php$ {
#@ root html;
# fastcgi_pass fpm:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
# }
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass fpm:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
# location ~ \.php$ {
# fastcgi_pass fpm:9000;
# fastcgi_index index.php;
# include fastcgi_params;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_param HTTPS off;
# }
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}

71
docker/docker-compose.yml

@ -0,0 +1,71 @@
version: '2'
# git clone https://github.com/fspc/biketree.git
# This compose file uses jrcs/letsencrypt-nginx-proxy-companion
# using nginx-alpine
services:
biketree:
container_name: biketree
build: .
network_mode: "bridge"
#restart: always
environment:
- VIRTUAL_HOST=biketree.bikelover.org
- LETSENCRYPT_HOST=biketree.bikelover.org
- LETSENCRYPT_EMAIL="bike@bikelover.org"
links:
- fpm
volumes:
- fpm:/usr/share/nginx/html
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
# https://hub.docker.com/_/php/
fpm:
container_name: biketree-fpm
build:
context: ./
dockerfile: Dockerfile-fpm
#image: php:5-fpm-alpine
network_mode: "bridge"
#restart: always
environment:
- PHP_INI_DIR=/etc/php/
links:
- mysql
volumes:
- fpm:/var/www/html
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
# https://hub.docker.com/_/mysql/
mysql:
container_name: biketree-mysql
image: mysql:5.5
network_mode: "bridge"
#restart: always
environment:
- MYSQL_ROOT_PASSWORD=whatever
- MYSQL_USER=biketree
- MYSQL_PASSWORD=password
- MYSQL_DATABASE=biketree
volumes:
- data:/var/lib/mysql
- ./sql:/docker-entrypoint-initdb.d
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
volumes:
data:
fpm:

42
docker/settings.php

@ -0,0 +1,42 @@
<?php
$cfg_company="The Bike Root";
$cfg_address="Positive Spin,
Morgantown,
WV, USA";
$cfg_phone="123-456-7890";
$cfg_email="jr@bikelover.org";
$cfg_fax="";
$cfg_website="http://biketree.wvcompletestreets.org";
$cfg_other="";
$cfg_server="mysql";
$cfg_database="biketree";
$cfg_username="biketree";
$cfg_password="password";
$cfg_tableprefix="";
$cfg_default_tax_rate="0";
$cfg_currency_symbol="$";
$cfg_theme="serious";
$cfg_numberForBarcode="Row ID";
$cfg_language="english.php";
$cfg_reqmembership="1";
$cfg_membershipID="1";
$cfg_sellToNonMembers="1";
$cfg_emailFromAddress="jr@bikelover.org";
$cfg_dailyLateFee="2";
$cfg_mailmanLocation="bikelover.org";
$cfg_mailmanListName1="newsletter";
$cfg_mailmanListName2="volunteers";
$cfg_mailmanListName3="steering";
$cfg_mailmanPass="yourpassword";
$cfg_adminAutoSignin="1";
$cfg_mechAutoSignin="option";
$cfg_administratorTitle="Administrator";
$cfg_mechanicTitle="Mechanic";
$cfg_mustOpen="0";
# weird stuff has to use mysql host, this time 172.17.0.32
$db_host = "localhost";
$db_user = "biketree";
$db_pwd = "password";
$database = "biketree";
?>

8368
docker/sql/biketree.sql

File diff suppressed because it is too large

340
general_public_license.txt

@ -0,0 +1,340 @@
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.
59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Library General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Library General
Public License instead of this License.

43
generaltodo.php

@ -0,0 +1,43 @@
<h3>&nbsp; General To-Do</h3>
<?
$querytwo = "SELECT * FROM todolist WHERE completed=0";
$todoquery = mysql_query("$querytwo",$dbf->conn);
echo mysql_error();
while($todoarray = mysql_fetch_array($todoquery)){
echo "
<div style=\"background: #cccccc; text-align: center;\">
<b><em>To Do: $todoarray[name]</em></b>
</div><div style=\"width: 180px; background: #eeeeee; border: 1px solid #aaaaaa\">
<a href=\"javascript:toggleDivOL('todo$todoarray[id]');\">[Info/Edit +/-]</a>";
echo "<div id=\"todo$todoarray[id]\" class=\"repairDiv\" style=\"position: absolute; left: -4000px;\">";
echo "<form name=todo$todoarray[id] enctype=\"multipart/form-data\" method=\"POST\" action=\"todosubmit.php?id=$todoarray[id]&action=update\">";
echo "<textarea name=\"content\" rows=\"12\" style=\"margin: 0px; padding: 0px;\">$todoarray[content]</textarea>";
echo "<input type=\"submit\" value=\"Save Changes\"><br /></form>";
echo "<a href=\"todosubmit.php?action=update&completed=yes&id=$todoarray[id]\">[Task Completed]</a>";
echo "</div>";
//FORM FOR NEW TO DO ITEMS
echo " </div><br />";
}
echo "
<div style=\"background: #cccccc; text-align: center;\">
<b><em>To Do: Add a new item</em></b>
</div><div style=\"width: 180px; background: #eeeeee; border: 1px solid #aaaaaa\">";
echo "<form name=addtodo enctype=\"multipart/form-data\" method=\"POST\" action=\"todosubmit.php?action=insert\">";
echo "<input type=\"text\" value=\"...name goes here\" name=\"name\" size=\"16\">";
echo "<div id=\"addtodo\" class=\"repairDiv\">";
echo "<textarea name=\"content\" rows=\"8\" style=\"margin: 0px; padding: 0px;\">Description goes here..</textarea>";
echo "<input type=\"submit\" value=\"Add Item\"><br /></form>";
echo "</div>";
echo " </div><br />";
?>

382
home.php

@ -0,0 +1,382 @@
<?php session_start();
include ("settings.php");
include ("language/$cfg_language");
include ("classes/db_functions.php");
include ("classes/security_functions.php");
function getdailycash() {
$today = date("Y-m-d");
$total = 0;
$cashresult = mysql_query("SELECT sale_total_cost FROM sales WHERE date='$today'");
while ($casharray = mysql_fetch_array($cashresult)){ $total = $total + $casharray[sale_total_cost]; }
return $total;
}
function getdailyvisits() {
$today = date("Y-m-d");
return mysql_num_rows(mysql_query("SELECT DISTINCT userID FROM visits WHERE DATE_FORMAT(intime, '%Y-%m-%d')='$today' AND activity NOT IN ('Mechanic', 'Administrator')"));
}
function getmembercount() {
return mysql_num_rows(mysql_query("SELECT DISTINCT sales.customer_id FROM sales, sales_items WHERE sales_items.item_id=1 AND sales.id=sales_items.sale_id AND DATE_ADD(sales.date, INTERVAL 1 YEAR)>=NOW()"));//SELECT id FROM customers"));
}
function getvolunteerhours() {
/*$vquery = "SELECT *, DATE_FORMAT(endout,'%l:%i %p') as humanout, DATE_FORMAT(intime,'%b %e, %Y') as humanindate, DATE_FORMAT(intime,'%l:%i %p') as humanintime, UNIX_TIMESTAMP(intime) as unixin, UNIX_TIMESTAMP(endout) as unixout FROM visits WHERE endout IS NOT NULL AND activity!='dogfucking' AND activity!='using'";* /
$vresult = mysql_query($vquery);
if (!$vresult) { echo mysql_error(); }
$totalseconds=0;
while($row = mysql_fetch_array($vresult)){
$timespent = $row[unixout] - $row[unixin];
$totalseconds = $totalseconds + $timespent;
}
return round($totalseconds/3600);*/
$vquery = "SELECT ROUND(SUM(TIMESTAMPDIFF(MINUTE,intime,endout))/60) AS total FROM visits WHERE activity NOT IN ('volunteering', 'Administrator', 'Mechanic');";
$vresult = mysql_query($vquery);
$row = mysql_fetch_array($vresult);
return $row[total];
}
function getmonth($m=0) {
return (($m==0 ) ? date("F") : date("F", mktime(0,0,0,$m)));
}
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Public',$lang);
if(!$sec->isLoggedIn()){
header ("location: login.php");
exit();
}
$tablename = $cfg_tableprefix.'users';
$auth = $dbf->idToField($tablename,'type',$_SESSION['session_user_id']);
$first_name = $dbf->idToField($tablename,'first_name',$_SESSION['session_user_id']);
$last_name= $dbf->idToField($tablename,'last_name',$_SESSION['session_user_id']);
if(cfg_mustOpen && !$sec->isOpen()){
header("location: books/openshop.php");
exit();
}
$name=$first_name.' '.$last_name;
$dbf->optimizeTables();
?>
<HTML>
<head>
<style type="text/css">
body{
font-family: verdana;
font-size: 12px;
margin:0;
padding:0;
line-height: 2em;
}
h3{
font-family: verdana;
font-size: 16px;
font-weight: bold;
background: #9aadd0;
}
#maincontainer{
width: 1000px; /*Width of main container*/
margin: 0 auto; /*Center container on page*/
}
#topsection{
background: #91a4ac;
height: 60px; /*Height of top section*/
width: 998px;
border-right: 1px dotted #000000;
border-left: 1px dotted #000000;
border-bottom: 1px dotted #000000;
}
#topsection h1{
margin: 0;
padding-top: 15px;
}
#contentwrapper{
float: left;
width: 100%;
}
#contentcolumn{
margin-left: 200px; /*Margin for content column. Should be (RightColumnWidth + LeftColumnWidth)*/
margin-right: 200px;
}
#leftcolumn{
border-right: 1px dotted black;
float: left;
width: 200px; /*Width of left column in pixel*/
margin-left: -1000px; /*Set left margin to -(MainContainerWidth)*/
background: #FFFFFF;
}
#rightcolumn{
border-left: 1px dotted black;
float: left;
width: 199px; /*Width of right column in pixels*/
margin-left: -400px; /*Set right margin to -(MainContainerWidth - LeftColumnWidth)*/
background: #FFFFFF;
}
#rightercolumn{
border-left: 1px dotted black;
float: left;
width: 198px; /*Width of right column in pixels*/
margin-left: -200px; /*Set right margin to -(MainContainerWidth - LeftColumnWidth)*/
background: #FFFFFF;
}
#footer{
clear: left;
width: 100%;
background: black;
color: #FFF;
text-align: center;
padding: 4px 0;
}
#footer a{
color: #FFFF80;
}
.innertube{
margin: 10px; /*Margins for inner DIV inside each column (to provide padding)*/
margin-top: 0;
}
.lateDiv {
width: 180px;
padding: 2px 2px 8px 2px;
background-color: #BBBBBB;
color: #000000;
border-top: 4px solid #000000;
border-right: 1px solid #000000;
border-bottom: 0px solid #000000;
border-left: 1px solid #000000;
}
.testDiv {
width: 180px;
padding: 2px;
margin-left: -2px;
background-color: #FFFFFF;
color: #000000;
border-top: 1px dashed #000000;
border-right: 0px solid #000000;
border-bottom: 1px solid #000000;
border-left: 0px solid #000000;
}
.repairDiv {
width: 176px;
padding: 2px;
margin-left: -1px;
background-color: #FFFFFF;
color: #000000;
border-top: 1px dashed #000000;
border-right: 1px solid #000000;
border-bottom: 1px solid #000000;
border-left: 1px solid #000000;
}
</style>
<script type="text/javascript">
function toggleDivOL( elemID )
{
var elem = document.getElementById( elemID );
if( elem.style.position != 'absolute' )
{
elem.style.position = 'absolute';
elem.style.left = '-4000px';
}
else
{
elem.style.position = 'relative';
elem.style.left = '0px';
}
}
</script>
</head>
<body>
<?php
if($auth=="Admin")
{
?>
<p>
<img border="0" src="images/home_print.gif" width="33" height="29" valign="top"><font color="#005B7F" size="4">&nbsp;<b><?php echo $lang->home ?></b></font></p>
<p><font face="Verdana" size="2"><?php echo "$lang->welcomeTo $cfg_company's -BikeTree- bike co-op management software."; ?> </font></p>
<ul>
<li><font face="Verdana" size="2"><a href="<?php echo "backupDB.php?onlyDB=$cfg_database&StartBackup=complete&nohtml=1"?>" ><?php echo $lang->backupDatabase ?></a></font></li>
<li><font face="Verdana" size="2"><a href="sales/sale_ui.php"><?php echo $lang->processSale ?></a></font></li>
<li><font face="Verdana" size="2"><a href="users/index.php"><?php echo $lang->addRemoveManageUsers ?></a></font></li>
<li><font face="Verdana" size="2"><a href="customers/index.php"><?php echo $lang->addRemoveManageCustomers ?></a></font></li>
<li><font face="Verdana" size="2"><a href="items/index.php"><?php echo $lang->addRemoveManageItems ?></a></font></li>
<li><font face="Verdana" size="2"><a href="reports/index.php"><?php echo $lang->viewReports ?></a></font></li>
<li><font face="Verdana" size="2"><a href="settings/index.php"><?php echo $lang->configureSettings ?></a></font></li>
<li><font face="Verdana" size="2"><a href="http://forums.phppointofsale.com"><?php echo $lang->viewOnlineSupport ?></a><br>&nbsp;</font></li>
</ul>
<?php } elseif($auth=="Sales Clerk") { ?>
<!---
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse"
bordercolor="#111111" width="550" id="AutoNumber1">
<tr>
<td width="37">
<img border="0" src="images/home_print.gif" width="33" height="29"></td>
<td width="513"><font face="Verdana" size="4" color="#336699"><?php echo "$name
$lang->home" ?></font></td>
</tr>
</table>
--->
<div id="maincontainer">
<div id="topsection"><div class="innertube"><b style="
border-top: 1px solid #FFFFFF;
border-left: 1px solid #FFFFFF;
border-right: 1px solid #000000;
border-bottom: 1px solid #000000;
background: #CCCCCC;
padding: 0px 2px 2px 2px;">Quick Tasks & Stats</b>
<span style="font-weight: bold; text-align: left; padding-left: 50px;">Today's Cash: $<? echo getdailycash(); ?></span><span style="font-weight: bold; text-align: left; padding-left: 50px;">Visitors Today: <? echo getdailyvisits(); ?></span><span style="font-weight: bold; text-align: left; padding-left: 50px;">Current Member Count: <? echo getmembercount(); ?></span><span style="font-weight: bold; text-align: left; padding-left: 50px;">Total Volunteer Hours: <? echo getvolunteerhours(); ?></span><div style="width: 980px; line-height: 0; border-bottom: 1px dashed #000000"> </div>
<?
// sending query
$userLogin = $_SESSION['session_user_id'];
$data = $dbf->idToField($cfg_tableprefix.'users', 'settings', $userLogin);
$firstlast = $data;// & 1);
$query = "SELECT id,first_name,last_name FROM customers ORDER BY ";
$sortedlink = "<a href=\"settingsupdate.php?mask=1";
//echo "$firstlast";
if($firstlast){
$query.= "first_name ASC";
$sortedlink.= "&op=1\">First
Last</a>";
}else{
$query.= "last_name ASC";
$sortedlink.= "\">Last, First</a>";
}
$result = mysql_query($query);
if (!$result) {
die("Query to show fields from table failed");
}
$fields_num = mysql_num_fields($result);
?>
<!--div style="text-align: left;margin-top=-5px;padding-top=-10px;font-size=5px;">Last, First</div-->
<div width="450px" style="float: left;">
<form name=booking enctype="multipart/form-data" method="POST" action="members/signinsubmit.php" style="text-align: right; margin-bottom: 0px; padding-bottom: 0px">
<font face="Verdana" size="2">Sign In (<span style="font-size: 9px;"><? echo "$sortedlink"; ?></span>):</font>
<select name="userID">
<?
while($field = mysql_fetch_array($result)) {
if($firstlast){
echo "<option value=\"$field[id]\">$field[first_name] $field[last_name] </option> ";
}else{
echo "<option value=\"$field[id]\">$field[last_name], $field[first_name] </option> ";
}
}
?>
</select>
<font face="Verdana" size="2">Doing:</font>
<select name="activity">
<? if(!$sec->isMechanicHere()){ echo "<option value=\"Mechanic\" SELECTED>Mechanic</option><option value=\"using\">";}else{echo "<option value=\"using\" SELECTED>";} ?>
Using the Shop</option>
<option value="volunteering">Volunteering</option>
<!--option value="Working">Mechanic/Admin</option-->
<option value="dogfucking">Hanging Out</option>
<option value="train_mech">Mechanic Training</option>
</select>
<input type="submit" name="submit" value="Sign IN" >
</form>
</div>
<div width="450px"><form name=booking enctype="multipart/form-data" method="POST" action="library/form_library.php" style="text-align: right;">
<font face="Verdana" size="2">Library sign in/out</font>
&nbsp;<input type="text" name="bikeID" value="Bike Number..." size="10" onfocus="this.value = '';">
<input type="submit" name="submit" value="Ok Go!">
</form>
</div></div>
<div id="contentwrapper">
<div id="contentcolumn">
<div class="innertube"> <br /><? include('membersin.php'); ?></div>
</div>
</div>
<div id="leftcolumn">
<div class="innertube"><br /><? include('latebikes.php'); ?></div>
<!--div class="innertube"><br /><? include('repairsneeded.php'); ?></div -->
</div>
<!--div id="rightcolumn">
<div class="innertube"><br /><? include('repairsneeded.php'); ?></div>
</div-->
<div id="rightercolumn">
<div class="innertube"><br /><? include('generaltodo.php'); ?></div>
</div>
</div>
<?php
}
else
{
?>
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse"
bordercolor="#111111" width="550" id="AutoNumber1">
<tr>
<td width="37">
<img border="0" src="images/home_print.gif" width="33" height="29"></td>
<td width="513"><font face="Verdana" size="4" color="#336699"><?php echo "$name
$lang->home"?></font></td>
</tr>
</table>
<p><font face="Verdana" size="2"><?php echo "$lang->welcomeTo $cfg_company $lang->reportViewerHomeWelcomeMessage"; ?>
<?php
}
$dbf->closeDBlink();
?>

BIN
images/config.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 997 B

BIN
images/customers.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 998 B

BIN
images/home_print.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.1 KiB

BIN
images/install_pos.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.4 KiB

BIN
images/items.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 983 B

BIN
images/login.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 21 KiB

BIN
images/login_01.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.0 KiB

BIN
images/login_02.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 319 B

BIN
images/login_03.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
images/login_04.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 974 B

BIN
images/login_05.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 195 B

BIN
images/login_06.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 951 B

BIN
images/login_07.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.5 KiB

BIN
images/login_08.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 882 B

BIN
images/login_09.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 405 B

BIN
images/login_10.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 116 B

BIN
images/login_bg.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 174 B

BIN
images/menubar_01.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.9 KiB

BIN
images/menubar_02.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.0 KiB

BIN
images/menubar_03.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.5 KiB

BIN
images/menubar_04.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.8 KiB

BIN
images/menubar_05.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.8 KiB

BIN
images/menubar_06.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.7 KiB

BIN
images/menubar_07.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.8 KiB

BIN
images/menubar_bg.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
images/menubar_bottom.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.5 KiB

BIN
images/menubar_reports_01.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 994 B

BIN
images/menubar_reports_02.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 997 B

BIN
images/menubar_reports_03.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 914 B

BIN
images/menubar_reports_04.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 918 B

BIN
images/menubar_reports_05.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.8 KiB

BIN
images/menubar_reports_06.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.8 KiB

BIN
images/menubar_sales_01.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.3 KiB

BIN
images/menubar_sales_02.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.6 KiB

BIN
images/menubar_sales_03.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 914 B

BIN
images/menubar_sales_04.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.5 KiB

BIN
images/menubar_sales_05.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.2 KiB

BIN
images/menubar_sales_06.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.2 KiB

BIN
images/reports.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 986 B

BIN
images/sales.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 977 B

BIN
images/spacer.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 799 B

BIN
images/uhohbg.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.6 KiB

45
index.php

@ -0,0 +1,45 @@
<?php session_start();
include ("settings.php");
if(empty($cfg_language) or empty($cfg_database))
{
echo "It appears that you have not installed PHP Point Of Sale, please
go to the <a href='install/index.php'>install page</a>.";
exit;
}
include ("language/$cfg_language");
include ("classes/db_functions.php");
include ("classes/security_functions.php");
//create 3 objects that are needed in this script.
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Public',$lang);
if(!$sec->isLoggedIn())
{
header ("location: login.php");
exit();
}
$dbf->optimizeTables();
$dbf->closeDBlink();
?>
<HTML>
<head>
<title>The Bike Tree :: Bike Co-op Management</title>
</head>
<frameset border="0" frameborder="no" framespacing="0" rows="100,*">
<frame name="TopFrame" noresize scrolling="no" src="menubar.php">
<frame name="MainFrame" noresize src="home.php">
</frameset>
<noframes>
<body bgcolor="#FFFFFF" text="#000000">
</body>
</noframes>
</HTML>

31
install/index.php

@ -0,0 +1,31 @@
<html>
<head>
<title>Language Select</title>
</head>
<body>
<center>
<form name="language" action="installer.php" method="POST">
Language Select: <select name="language" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1">
<?php
$handle = opendir('../language');
while (false !== ($file = readdir($handle)))
{
if ($file {0}!='.')
{
$temp_lang=ucfirst(substr($file,0,strpos($file,'.')));
echo "<option value='$file'>$temp_lang</option>";
}
}
closedir($handle);
?>
</select>
<input type="submit">
</form>
</center>
</body>
</html>

181
install/installer.php

@ -0,0 +1,181 @@
<?php
$language=$_POST['language'];
$info="
<?php
\$cfg_language=\"$language\";
?>";
$open = fopen( "../settings.php", "w+" ) or die ( "Operation Failed!" );
fputs( $open, "$info" );
fclose( $open );
include("../settings.php");
include("../language/$cfg_language");
$lang=new language();
?>
<html>
<head>
<title>PHP Point of Sale <?php echo $lang->installation ?></title>
</head>
<body leftmargin="0">
<p>
<img border="0" src="../images/install_pos.gif" width="202" height="73"></p>
<form method="POST" action="makeinstall.php" name=install>
<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<font face="Verdana" size="2"><?php echo $lang->installerWelcomeMessage ?></font></p>
<div align="left">
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="432" id="AutoNumber1">
<tr>
<td width="190">
<p align="right"><b><font face="Verdana" size="2"><?php echo $lang->companyName ?>:</font></b></td>
<td width="242">
<p align="center"><font face="Verdana" size="2">
<input type="text" name="companyName" size="30" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1"></font></td>
</tr>
<tr>
<td width="190">
<p align="right"><font face="Verdana" size="2"><?php echo $lang->address ?>:</font></td>
<td width="242" align="center"><font face="Verdana" size="2">
<textarea name="companyAddress" rows="4" cols="27" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1"></textarea></font></td>
</tr>
<tr>
<td width="190">
<p align="right"><b><font face="Verdana" size="2"><?php echo $lang->phoneNumber ?>:</font></b></td>
<td width="242" align="center"><font face="Verdana" size="2">
<input type="text" name="companyPhone" size="30" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1"></font></td>
</tr>
<tr>
<td width="190">
<p align="right"><font face="Verdana" size="2"><?php echo $lang->email ?>:<i> </i></font>
</td>
<td width="242" align="center"><font face="Verdana" size="2">
<input type="text" name="companyEmail" size="30" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1"></font></td>
</tr>
<tr>
<td width="190">
<p align="right"><font face="Verdana" size="2"><?php echo $lang->fax ?>:<i> </i></font>
</td>
<td width="242" align="center"><font face="Verdana" size="2">
<input type="text" name="companyFax" size="30" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1"></font></td>
</tr>
<tr>
<td width="190">
<p align="right"><font face="Verdana" size="2"><?php echo $lang->website ?>:<i> </i></font>
</td>
<td width="242" align="center"><font face="Verdana" size="2">
<input type="text" name="companyWebsite" size="30" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1"></font></td>
</tr>
<td width="190">
<p align="right"><font face="Verdana" size="2"><?php echo $lang->other ?>:<i> </i></font>
</td>
<td width="242" align="center"><font face="Verdana" size="2">
<input type="text" name="companyOther" size="30" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1"></font></td>
</tr>
<tr>
<td width="190">&nbsp;</td>
<td width="242" align="center">&nbsp;</td>
</tr>
<tr>
<td width="190">
<p align="right"><b><font face="Verdana" size="2"><?php echo $lang->databaseServer ?>:</font></b></td>
<td width="242" align="center"><font face="Verdana" size="2">
<input type="text" name="databaseServer" onClick="document.install.databaseServer.value=''" size="30" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1" value="localhost"></font></td>
</tr>
<tr>
<td width="190">
<p align="right"><b><font face="Verdana" size="2"><?php echo $lang->databaseName ?>:</font></b></td>
<td width="242" align="center"><font face="Verdana" size="2">
<input type="text" name="databaseName" value="<?php echo $lang->mustExist ?>" onClick="document.install.databaseName.value=''" size="30" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1"></font></td>
</tr>
<tr>
<td width="190">
<p align="right"><b><font face="Verdana" size="2"><?php echo $lang->databaseUsername ?>:</font></b></td>
<td width="242" align="center"><font face="Verdana" size="2">
<input type="text" name="databaseUsername" size="30" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1"></font></td>
</tr>
<tr>
<td width="190">
<p align="right"><b><font face="Verdana" size="2"><?php echo $lang->databasePassword ?>:</font></b></td>
<td width="242" align="center"><font face="Verdana" size="2">
<input type="password" name="databasePassword" size="30" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1"></font></td>
</tr>
<tr>
<td width="190">
<p align="right"><b><font face="Verdana" size="2"><?php echo $lang->defaultTaxRate ?>:</font></b></td>
<td width="242" align="left">&nbsp;<font face="Verdana" size="2">
<input type="text" name="settingsTaxRate" size="4" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1"> <i>%</i></font></td>
</tr>
<tr>
<td width="190">
<p align="right"><b><font face="Verdana" size="2"><?php echo $lang->currencySymbol ?>:</font></b></td>
<td width="242" align="left">&nbsp;<font face="Verdana" size="2">
<input type="text" name="currencySymbol" size="2" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1"></font></td>
</tr>
<tr>
<td width="190">
<p align="right"><b><font face="Verdana" size="2"><?php echo $lang->theme ?>:</font></b></td>
<td width="242" align="left">&nbsp;<font face="Verdana" size="2">
<select size="1" name="settingsDefaultTheme" style="border-style: solid; border-width: 1">
<option value="big blue"><?php echo $lang->bigBlue ?></option>
<option value="serious"><?php echo $lang->serious ?></option>
</select></font></td>
</tr>
<tr>
<td width="190">
<p align="right"><font face="Verdana" size="2"><?php echo $lang->tablePrefix ?>:</font></td>
<td width="242" align="left">&nbsp;<font face="Verdana" size="5">
<input type="text" name="tableprefix" size="5" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1">_</font></td>
</tr>
<tr>
<td width="190">
<p align="right"><font face="Verdana" size="2"><b><?php echo $lang->numberToUseForBarcode ?>:</b></font></td>
<td width="242" align="left">&nbsp;<font face="Verdana" size="5">
<select size="1" name="numberForBarcode" style="border-style: solid; border-width: 1">
<option value="Row ID"><?php echo $lang->rowID ?></option>
<option value="Account/Item Number"><?php echo "$lang->accountNumber/$lang->itemNumber"?></option>
</select>
</tr>
<tr>
<td width="190">
<p align="right"><font face="Verdana" size="2"><b><?php echo $lang->language ?>:</b></font></td>
<td width="242" align="left">&nbsp;<font face="Verdana" size="5">
<select name="language" style="border-style: solid; border-width: 1; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1">
<?php
$temp_lang=ucfirst(substr($cfg_language,0,strpos($cfg_language,'.')));
echo "<option selected value='$cfg_language'>$temp_lang</option>";
$handle = opendir('../language');
while (false !== ($file = readdir($handle)))
{
if ($file {0}!='.' && $file!=$cfg_language)
{
$temp_lang=ucfirst(substr($file,0,strpos($file,'.')));
echo "<option value='$file'>$temp_lang</option>";
}
}
closedir($handle);
?>
</select></font></td>
</tr>
</table>
<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*<?php echo $lang->whenYouFirstLogIn ?>:<b>admin</b> <?php echo $lang->and ?> <?php echo $lang->yourPasswordIs ?>:<b>pointofsale</b></p>
</div>
<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <b><font face="Verdana" size="2">*<?php echo $lang->itemsInBoldRequired ?></font></b><br>
<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<input type="submit" value="<?php echo $lang->install ?>" name="installPOS" style="color: #006699; font-family: Verdana; font-size: 10pt; font-weight: bold; border: 1px solid #006699; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1; background-color: #C0C0C0"></p>
</form>
<p><font face="Verdana" size="2"><br>
<br>
&nbsp;&nbsp;&nbsp;&nbsp; </font></p>
</body>
</html>

332
install/makeinstall.php

@ -0,0 +1,332 @@
<html>
<head>
<title>PHP Point Of Sale</title>
</head>
<body>
<?php
//Gets the info that was typed in on the form.
$companyName=$_POST['companyName'];
$companyAddress=$_POST['companyAddress'];
$companyPhone=$_POST['companyPhone'];
$companyEmail=$_POST['companyEmail'];
$companyFax=$_POST['companyFax'];
$companyWebsite=$_POST['companyWebsite'];
$companyOther=$_POST['companyOther'];
$databaseServer=$_POST['databaseServer'];
$databaseName=$_POST['databaseName'];
$databaseUsername=$_POST['databaseUsername'];
$databasePassword=$_POST['databasePassword'];
$settingsDefaultTheme=$_POST['settingsDefaultTheme'];
$settingsCurrencySymbol=$_POST['currencySymbol'];
$settingsTaxPercent=$_POST['settingsTaxRate'];
$tableprefix=$_POST['tableprefix']!='' ? $_POST['tableprefix'].'_' :'';
$numberForBarcode=$_POST['numberForBarcode'];
$language=$_POST['language'];
include ("../language/$language");
$lang=new language();
//Checks to make sure the required fields were filled out.
if($companyName=='' or $companyPhone=='' or $databaseServer=='' or $databaseName=='' or $databaseUsername=='' or $databasePassword=='' or $settingsCurrencySymbol=='' or $settingsTaxPercent=='' or $language=='')
{
echo "<b>$lang->forgottenFields</b>";
exit;
}
else
{
if(!(@mysql_connect("$databaseServer", "$databaseUsername", "$databasePassword")) or !(@mysql_select_db($databaseName)))
{
echo"<center>
<table border='0'>
<tr>
<td background='message.gif' width='430' height='82'>
<center><font face='verdana' color='white'>$lang->problemConnectingToDB</center>
</td>
</tr>
</table></center>";
exit;
}
else
{
/*Writes the info to a settings file which the program needs for all database connections
and displaying info about the company.
*/
$info="<?php
\$cfg_company=\"$companyName\";
\$cfg_address=\"$companyAddress\";
\$cfg_phone=\"$companyPhone\";
\$cfg_email=\"$companyEmail\";
\$cfg_fax=\"$companyFax\";
\$cfg_website=\"$companyWebsite\";
\$cfg_other=\"$companyOther\";
\$cfg_server=\"$databaseServer\";
\$cfg_database=\"$databaseName\";
\$cfg_username=\"$databaseUsername\";
\$cfg_password=\"$databasePassword\";
\$cfg_tableprefix=\"$tableprefix\";
\$cfg_default_tax_rate=\"$settingsTaxPercent\";
\$cfg_currency_symbol=\"$settingsCurrencySymbol\";
\$cfg_theme=\"$settingsDefaultTheme\";
\$cfg_numberForBarcode=\"$numberForBarcode\";
\$cfg_language=\"$language\";
?>";
$open = fopen( "../settings.php", "w+" ) or die ( "Operation Failed!" );
fputs( $open, "$info" );
fclose( $open );
//Creates the Database the user wants
include ("../settings.php");
$db = mysql_connect("$databaseServer", "$databaseUsername", "$databasePassword");
mysql_select_db("$databaseName",$db);
//Puts the correct table structure in the database, so the user can begin to use the program!
$brands=$tableprefix.'brands';
$categories=$tableprefix.'categories';
$customers=$tableprefix.'customers';
$discounts=$tableprefix.'discounts';
$items=$tableprefix.'items';
$sales=$tableprefix.'sales';
$sales_items=$tableprefix.'sales_items';
$suppliers=$tableprefix.'suppliers';
$users=$tableprefix.'users';
$MAKETABLES="
# phpMyAdmin SQL Dump
# version 2.5.6
# http://www.phpmyadmin.net
#
# Host: localhost
# Generation Time: Aug 17, 2004 at 05:30 PM
# Server version: 4.0.15
# PHP Version: 4.3.6
#
# Database : `pos`
#
# --------------------------------------------------------
#
# Table structure for table `brands`
#
CREATE TABLE $brands (
brand varchar(30) NOT NULL default '',
id int(8) NOT NULL auto_increment,
PRIMARY KEY (id)
) TYPE=MyISAM COMMENT='Contains brands that items use to be more descriptive';
#
# Dumping data for table `brands`
#
# --------------------------------------------------------
#
# Table structure for table `categories`
#
CREATE TABLE $categories (
category varchar(30) NOT NULL default '',
id int(8) NOT NULL auto_increment,
PRIMARY KEY (id)
) TYPE=MyISAM COMMENT='Contains categories that items use to be more descriptive';
#
# Dumping data for table `categories`
#
# --------------------------------------------------------
#
# Table structure for table `customers`
#
CREATE TABLE $customers (
first_name varchar(75) NOT NULL default '',
last_name varchar(75) NOT NULL default '',
account_number varchar(10) NOT NULL default '',
phone_number varchar(25) NOT NULL default '',
email varchar(40) NOT NULL default '',
street_address varchar(150) NOT NULL default '',
comments blob NOT NULL,
id int(8) NOT NULL auto_increment,
PRIMARY KEY (id)
) TYPE=MyISAM COMMENT='Customer Info.';
#
# Dumping data for table `customers`
#
# --------------------------------------------------------
#
# Table structure for table `discounts`
#
CREATE TABLE $discounts (
item_id int(8) NOT NULL default '0',
percent_off varchar(60) NOT NULL default '' ,
comment blob NOT NULL,
id int(8) NOT NULL auto_increment,
PRIMARY KEY (id)
) TYPE=MyISAM COMMENT='This table keeps track of item discounts';
#
# Dumping data for table `discounts`
#
# --------------------------------------------------------
#
# Table structure for table `items`
#
CREATE TABLE $items (
item_name varchar(30) NOT NULL default '',
item_number varchar(15) NOT NULL default '',
description blob NOT NULL,
brand_id int(8) NOT NULL default '0',
category_id int(8) NOT NULL default '0',
supplier_id int(8) NOT NULL default '0',
buy_price varchar(30) NOT NULL default '',
unit_price varchar(30) NOT NULL default '',
supplier_catalogue_number varchar(60) NOT NULL default '',
tax_percent varchar(5) NOT NULL default '',
total_cost varchar(40) NOT NULL default '',
quantity int(8) NOT NULL default '0',
reorder_level int(8) NOT NULL default '0',
id int(8) NOT NULL auto_increment,
PRIMARY KEY (id)
) TYPE=MyISAM COMMENT='Item Info.';
#
# Dumping data for table `items`
#
# --------------------------------------------------------
#
# Table structure for table `sales`
#
CREATE TABLE $sales (
date date NOT NULL default '0000-00-00',
customer_id int(8) NOT NULL default '0',
sale_sub_total varchar(12) NOT NULL default '',
sale_total_cost varchar(30) NOT NULL default '',
paid_with varchar(25) NOT NULL default '',
items_purchased int(8) NOT NULL default '0',
sold_by int(8) NOT NULL default '0',
comment varchar(100) NOT NULL default '',
id int(8) NOT NULL auto_increment,
PRIMARY KEY (id)
) TYPE=MyISAM COMMENT='Contains overall sale details';
#
# Dumping data for table `sales`
#
# --------------------------------------------------------
#
# Table structure for table `sales_items`
#
CREATE TABLE $sales_items (
sale_id int(8) NOT NULL default '0',
item_id int(8) NOT NULL default '0',
quantity_purchased int(8) NOT NULL default '0',
item_unit_price varchar(15) NOT NULL default '',
item_buy_price varchar(30) NOT NULL default '',
item_tax_percent varchar(10) NOT NULL default '',
item_total_tax varchar(12) NOT NULL default '',
item_total_cost varchar(12) NOT NULL default '',
id int(8) NOT NULL auto_increment,
PRIMARY KEY (id)
) TYPE=MyISAM COMMENT='Table that holds item information for sales';
#
# Dumping data for table `sales_items`
#
# --------------------------------------------------------
#
# Table structure for table `suppliers`
#
CREATE TABLE $suppliers (
supplier varchar(60) NOT NULL default '',
address varchar(100) NOT NULL default '',
phone_number varchar(40) NOT NULL default '',
contact varchar(60) NOT NULL default '',
email varchar(50) NOT NULL default '',
other varchar(150) NOT NULL default '',
id int(8) NOT NULL auto_increment,
PRIMARY KEY (id)
) TYPE=MyISAM COMMENT='Hold information about suppliers';
#
# Dumping data for table `suppliers`
#
# --------------------------------------------------------
#
# Table structure for table `users`
#
CREATE TABLE $users (
first_name varchar(50) NOT NULL default '',
last_name varchar(50) NOT NULL default '',
username varchar(20) NOT NULL default '',
password varchar(60) NOT NULL default '',
type varchar(30) NOT NULL default '',
id int(8) NOT NULL auto_increment,
PRIMARY KEY (id)
) TYPE=MyISAM COMMENT='User info. that the program needs';
#
# Dumping data for table `users`
#
INSERT INTO $users VALUES ('John', 'Doe', 'admin', '439a6de57d475c1a0ba9bcb1c39f0af6', 'Admin', 1);
";
//Does the query to put it in the database.
$array =explode (';' ,$MAKETABLES );
foreach($array as $single_query )
{
$result =mysql_query ($single_query ,$db );
}
echo"<center>
<table border='0'>
<tr>
<td background='message.gif' width='430' height='82'>
<center><font face='verdana' color='white' size='2'>$lang->installSuccessfull</center>
</td>
</tr>
</table></center>";
exit;
}
}
?>
</body>
</html>

BIN
install/message.gif

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.8 KiB

85
items/brands/form_brands.php

@ -0,0 +1,85 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../../settings.php");
include ("../../language/$cfg_language");
include ("../../classes/db_functions.php");
include ("../../classes/security_functions.php");
include ("../../classes/form.php");
include ("../../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../../login.php");
exit();
}
//set default values, these will change if $action==update.
$brand_value='';
$id=-1;
//decides if the form will be used to update or add a user.
if(isset($_GET['action']))
{
$action=$_GET['action'];
}
else
{
$action="insert";
}
//if action is update, sets variables to what the current users data is.
if($action=="update")
{
$display->displayTitle("$lang->updateBrand");
if(isset($_GET['id']))
{
$id=$_GET['id'];
$tablename = "$cfg_tableprefix".'brands';
$result = mysql_query("SELECT * FROM $tablename WHERE id=\"$id\"",$dbf->conn);
$row = mysql_fetch_assoc($result);
$brand_value=$row['brand'];
}
}
else
{
$display->displayTitle("$lang->addBrand");
}
//creates a form object
$f1=new form('process_form_brands.php','POST','brands','300',$cfg_theme,$lang);
//creates form parts.
$f1->createInputField("<b>$lang->brandName:</b>",'text','brand',"$brand_value",'24','150');
//sends 2 hidden varibles needed for process_form_users.php.
echo "
<input type='hidden' name='action' value='$action'>
<input type='hidden' name='id' value='$id'>";
$f1->endForm();
$dbf->closeDBlink();
?>
</body>
</html>

68
items/brands/manage_brands.php

@ -0,0 +1,68 @@
<?php session_start(); ?>
<html>
<head>
<SCRIPT LANGUAGE="Javascript">
<!---
function decision(message, url)
{
if(confirm(message) )
{
location.href = url;
}
}
// --->
</SCRIPT>
</head>
<body>
<?php
include ("../../settings.php");
include ("../../language/$cfg_language");
include ("../../classes/db_functions.php");
include ("../../classes/security_functions.php");
include ("../../classes/display.php");
include ("../../classes/form.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../../login.php");
exit();
}
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
$display->displayTitle("$lang->manageBrands");
$f1=new form('manage_brands.php','POST','brands','425',$cfg_theme,$lang);
$f1->createInputField("<b>$lang->searchForBrand</b>",'text','search','','24','350');
$f1->endForm();
$tableheaders=array("$lang->rowID","$lang->brandName","$lang->updateBrand","$lang->deleteBrand");
$tablefields=array('id','brand');
if(isset($_POST['search']))
{
$search=$_POST['search'];
echo "<center>$lang->searchedForBrand: <b>$search</b></center>";
$display->displayManageTable("$cfg_tableprefix",'brands',$tableheaders,$tablefields,'brand',"$search",'brand');
}
else
{
$display->displayManageTable("$cfg_tableprefix",'brands',$tableheaders,$tablefields,'','','brand');
}
$dbf->closeDBlink();
?>
</body>
</html>

106
items/brands/process_form_brands.php

@ -0,0 +1,106 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../../settings.php");
include ("../../language/$cfg_language");
include ("../../classes/db_functions.php");
include ("../../classes/security_functions.php");
//creates 3 objects needed for this script.
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
//checks if user is logged in.
if(!$sec->isLoggedIn())
{
header ("location: ../../login.php");
exit ();
}
//variables needed globably in this file.
$tablename="$cfg_tableprefix".'brands';
$field_names=null;
$field_data=null;
$id=-1;
//checks to see if action is delete and an ID is specified. (only delete uses $_GET.)
if(isset($_GET['action']) and isset($_GET['id']))
{
$action=$_GET['action'];
$id=$_GET['id'];
}
//checks to make sure data is comming from form ($action is either delete or update)
elseif(isset($_POST['brand']) and isset($_POST['id']) and isset($_POST['action']) )
{
$action=$_POST['action'];
$id = $_POST['id'];
//gets variables entered by user.
$brand = $_POST['brand'];
//insure all fields are filled in.
if($brand=='')
{
echo "$lang->forgottenFields";
exit();
}
else
{
$field_names=array('brand');
$field_data=array("$brand");
}
}
else
{
//outputs error message because user did not use form to fill out data.
echo "$lang->mustUseForm";
exit();
}
switch ($action)
{
//finds out what action needs to be taken and preforms it by calling methods from dbf class.
case $action=="insert":
$dbf->insert($field_names,$field_data,$tablename,true);
break;
case $action=="update":
$dbf->update($field_names,$field_data,$tablename,$id,true);
break;
case $action=="delete":
$dbf->deleteRow($tablename,$id);
break;
default:
echo "$lang->noActionSpecified";
break;
}
$dbf->closeDBlink();
?>
<br>
<a href="manage_brands.php"><?php echo "$lang->manageBrands" ?>--></a>
<br>
<a href="form_brands.php?action=insert"><?php echo "$lang->createBrand" ?>--></a>
</body>
</html>

86
items/categories/form_categories.php

@ -0,0 +1,86 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../../settings.php");
include ("../../language/$cfg_language");
include ("../../classes/db_functions.php");
include ("../../classes/security_functions.php");
include ("../../classes/form.php");
include ("../../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
$display= new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../../login.php");
exit();
}
//set default values, these will change if $action==update.
$category_value='';
$id=-1;
//decides if the form will be used to update or add a user.
if(isset($_GET['action']))
{
$action=$_GET['action'];
}
else
{
$action="insert";
}
//if action is update, sets variables to what the current users data is.
if($action=="update")
{
$display->displayTitle("$lang->updateCategory");
if(isset($_GET['id']))
{
$id=$_GET['id'];
$tablename = "$cfg_tableprefix".'categories';
$result = mysql_query("SELECT * FROM $tablename WHERE id=\"$id\"",$dbf->conn);
$row = mysql_fetch_assoc($result);
$category_value=$row['category'];
}
}
else
{
$display->displayTitle("$lang->addCategory");
}
//creates a form object
$f1=new form('process_form_categories.php','POST','categories','300',$cfg_theme,$lang);
//creates form parts.
$f1->createInputField("<b>$lang->categoryName:</b>",'text','category',"$category_value",'24','150');
//sends 2 hidden varibles needed for process_form_users.php.
echo "
<input type='hidden' name='action' value='$action'>
<input type='hidden' name='id' value='$id'>";
$f1->endForm();
$dbf->closeDBlink();
?>
</body>
</html>

67
items/categories/manage_categories.php

@ -0,0 +1,67 @@
<?php session_start(); ?>
<html>
<head>
<SCRIPT LANGUAGE="Javascript">
<!---
function decision(message, url)
{
if(confirm(message) )
{
location.href = url;
}
}
// --->
</SCRIPT>
</head>
<body>
<?php
include ("../../settings.php");
include ("../../language/$cfg_language");
include ("../../classes/db_functions.php");
include ("../../classes/security_functions.php");
include ("../../classes/display.php");
include ("../../classes/form.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../../login.php");
exit();
}
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
$display->displayTitle("$lang->manageCategories");
$f1=new form('manage_categories.php','POST','categories','475',$cfg_theme,$lang);
$f1->createInputField("<b>$lang->searchForCategory</b>",'text','search','','24','375');
$f1->endForm();
$tableheaders=array("$lang->rowID","$lang->categoryName","$lang->updateCategory","$lang->deleteCategory");
$tablefields=array('id','category');
if(isset($_POST['search']))
{
$search=$_POST['search'];
echo "<center>$lang->searchedForCategory: <b>$search</b></center>";
$display->displayManageTable("$cfg_tableprefix",'categories',$tableheaders,$tablefields,'category',"$search",'category');
}
else
{
$display->displayManageTable("$cfg_tableprefix",'categories',$tableheaders,$tablefields,'','','category');
}
$dbf->closeDBlink();
?>
</body>
</html>

106
items/categories/process_form_categories.php

@ -0,0 +1,106 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../../settings.php");
include ("../../language/$cfg_language");
include ("../../classes/db_functions.php");
include ("../../classes/security_functions.php");
//creates 3 objects needed for this script.
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
//checks if user is logged in.
if(!$sec->isLoggedIn())
{
header ("location: ../../login.php");
exit ();
}
//variables needed globably in this file.
$tablename="$cfg_tableprefix".'categories';
$field_names=null;
$field_data=null;
$id=-1;
//checks to see if action is delete and an ID is specified. (only delete uses $_GET.)
if(isset($_GET['action']) and isset($_GET['id']))
{
$action=$_GET['action'];
$id=$_GET['id'];
}
//checks to make sure data is comming from form ($action is either delete or update)
elseif(isset($_POST['category']) and isset($_POST['id']) and isset($_POST['action']) )
{
$action=$_POST['action'];
$id = $_POST['id'];
//gets variables entered by user.
$category = $_POST['category'];
//insure all fields are filled in.
if($category=='')
{
echo "$lang->forgottenFields";
exit();
}
else
{
$field_names=array('category');
$field_data=array("$category");
}
}
else
{
//outputs error message because user did not use form to fill out data.
echo "$lang->mustUseForm";
exit();
}
switch ($action)
{
//finds out what action needs to be taken and preforms it by calling methods from dbf class.
case $action=="insert":
$dbf->insert($field_names,$field_data,$tablename,true);
break;
case $action=="update":
$dbf->update($field_names,$field_data,$tablename,$id,true);
break;
case $action=="delete":
$dbf->deleteRow($tablename,$id);
break;
default:
echo "$lang->noActionSpecified";
break;
}
$dbf->closeDBlink();
?>
<br>
<a href="manage_categories.php"><?php echo $lang->manageCategories ?>--></a>
<br>
<a href="form_categories.php?action=insert"><?php echo $lang->createCategory ?>--></a>
</body>
</html>

101
items/discounts/form_discounts.php

@ -0,0 +1,101 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../../settings.php");
include ("../../language/$cfg_language");
include ("../../classes/db_functions.php");
include ("../../classes/security_functions.php");
include ("../../classes/form.php");
include ("../../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
$display= new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../../login.php");
exit();
}
//set default values, these will change if $action==update.
$item_id_value='';
$percent_off_value='';
$comment_value='';
$id=-1;
//decides if the form will be used to update or add a user.
if(isset($_GET['action']))
{
$action=$_GET['action'];
}
else
{
$action="insert";
}
//if action is update, sets variables to what the current users data is.
if($action=="update")
{
$display->displayTitle("$lang->updateDiscount");
if(isset($_GET['id']))
{
$id=$_GET['id'];
$tablename = "$cfg_tableprefix".'discounts';
$result = mysql_query("SELECT * FROM $tablename WHERE id=\"$id\"",$dbf->conn);
$row = mysql_fetch_assoc($result);
$item_id_value=$row['item_id'];
$percent_off_value=$row['percent_off'];
$comment_value=$row['comment'];
}
}
else
{
$display->displayTitle("$lang->addDiscount");
}
//creates a form object
$f1=new form('process_form_discounts.php','POST','discounts','300',$cfg_theme,$lang);
//creates form parts.
$itemtable = "$cfg_tableprefix".'items';
$item_option_titles=$dbf->getAllElements("$itemtable",'item_name','item_name');
$item_option_titles[0] = $dbf->idToField("$itemtable",'item_name',"$item_id_value");
$item_option_values=$dbf->getAllElements("$itemtable",'id','item_name');
$item_option_values[0] = $item_id_value;
$f1->createSelectField("<b>$lang->itemName:</b>",'item_id',$item_option_values,$item_option_titles,'160');
$f1->createInputField("<b>$lang->percentOff: (%)</b> ",'text','percent_off',"$percent_off_value",'24','150');
$f1->createInputField("$lang->comment: ",'text','comment',"$comment_value",'24','150');
//sends 2 hidden varibles needed for process_form_discounts.php.
echo "
<input type='hidden' name='action' value='$action'>
<input type='hidden' name='id' value='$id'>";
$f1->endForm();
$dbf->closeDBlink();
?>
</body>
</html>

67
items/discounts/manage_discounts.php

@ -0,0 +1,67 @@
<?php session_start(); ?>
<html>
<head>
<SCRIPT LANGUAGE="Javascript">
<!---
function decision(message, url)
{
if(confirm(message) )
{
location.href = url;
}
}
// --->
</SCRIPT>
</head>
<body>
<?php
include ("../../settings.php");
include ("../../language/$cfg_language");
include ("../../classes/db_functions.php");
include ("../../classes/security_functions.php");
include ("../../classes/display.php");
include ("../../classes/form.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../../login.php");
exit();
}
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
$display->displayTitle("$lang->manageDiscounts");
$f1=new form('manage_discounts.php','POST','discounts','475',$cfg_theme,$lang);
$f1->createInputField("<b>$lang->searchForDiscount</b>",'text','search','','24','375');
$f1->endForm();
$tableheaders=array("$lang->rowID","$lang->itemName","$lang->percentOff","$lang->comment","$lang->updateDiscount","$lang->deleteDiscount");
$tablefields=array('id','item_id','percent_off','comment');
if(isset($_POST['search']))
{
$search=$_POST['search'];
echo "<center>$lang->searchedForDiscount: <b>$search</b></center>";
$display->displayManageTable("$cfg_tableprefix",'discounts',$tableheaders,$tablefields,'percent_off',"$search",'percent_off');
}
else
{
$display->displayManageTable("$cfg_tableprefix",'discounts',$tableheaders,$tablefields,'','','percent_off');
}
$dbf->closeDBlink();
?>
</body>
</html>

108
items/discounts/process_form_discounts.php

@ -0,0 +1,108 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../../settings.php");
include ("../../language/$cfg_language");
include ("../../classes/db_functions.php");
include ("../../classes/security_functions.php");
//creates 2 objects needed for this script.
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
//checks if user is logged in.
if(!$sec->isLoggedIn())
{
header ("location: ../../login.php");
exit ();
}
//variables needed globably in this file.
$tablename="$cfg_tableprefix".'discounts';
$field_names=null;
$field_data=null;
$id=-1;
//checks to see if action is delete and an ID is specified. (only delete uses $_GET.)
if(isset($_GET['action']) and isset($_GET['id']))
{
$action=$_GET['action'];
$id=$_GET['id'];
}
//checks to make sure data is comming from form ($action is either delete or update)
elseif(isset($_POST['item_id']) and isset($_POST['percent_off']) and isset($_POST['comment']) and isset($_POST['id']) and isset($_POST['action']) )
{
$action=$_POST['action'];
$id = $_POST['id'];
//gets variables entered by user.
$item_id=$_POST['item_id'];
$percent_off=$_POST['percent_off'];
$comment=$_POST['comment'];
//insure all fields are filled in.
if($item_id=='' or $percent_off=='')
{
echo "$lang->forgottenFields";
exit();
}
else
{
$field_names=array('item_id','percent_off','comment');
$field_data=array("$item_id","$percent_off","$comment");
}
}
else
{
//outputs error message because user did not use form to fill out data.
echo "$lang->mustUseForm";
exit();
}
switch ($action)
{
//finds out what action needs to be taken and preforms it by calling methods from dbf class.
case $action=="insert":
$dbf->insert($field_names,$field_data,$tablename,true);
break;
case $action=="update":
$dbf->update($field_names,$field_data,$tablename,$id,true);
break;
case $action=="delete":
$dbf->deleteRow($tablename,$id);
break;
default:
echo "$lang->noActionSpecified";
break;
}
$dbf->closeDBlink();
?>
<br>
<a href="manage_discounts.php"><?php echo $lang->manageDiscounts ?>--></a>
<br>
<a href="form_discounts.php?action=insert"><?php echo $lang->discountAnItem ?>--></a>
</body>
</html>

164
items/form_items.php

@ -0,0 +1,164 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
include ("../classes/form.php");
include ("../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$brandtable=$cfg_tableprefix.'brands';
$categorytable=$cfg_tableprefix.'categories';
$suppliertable=$cfg_tableprefix.'suppliers';
$tb1=mysql_query("SELECT id FROM $brandtable",$dbf->conn);
$tb2=mysql_query("SELECT id FROM $categorytable",$dbf->conn);
$tb3=mysql_query("SELECT id FROM $suppliertable",$dbf->conn);
if(mysql_num_rows($tb1)==0 or mysql_num_rows($tb2)==0 or mysql_num_rows($tb3)==0)
{
echo "$lang->brandsCategoriesSupplierError";
exit();
}
//set default values, these will change if $action==update.
$item_name_value='';
$description_value='';
$item_number_value='';
$brand_id_value='';
$category_id_value='';
$supplier_id_value='';
$buy_price_value='';
$unit_price_value='';
$supplier_catalogue_number_value='';
$tax_percent_value="$cfg_default_tax_rate";
$total_cost_value='';
$quantity_value='';
$reorder_level_value='';
$id='unknown';
//decides if the form will be used to update or add a user.
if(isset($_GET['action']))
{
$action=$_GET['action'];
}
else
{
$action="insert";
}
//if action is update, sets variables to what the current users data is.
if($action=="update")
{
$display->displayTitle("$lang->updateItem");
if(isset($_GET['id']))
{
$id=$_GET['id'];
$tablename = "$cfg_tableprefix".'items';
$result = mysql_query("SELECT * FROM $tablename WHERE id=\"$id\"",$dbf->conn);
$row = mysql_fetch_assoc($result);
$item_name_value=$row['item_name'];
$item_number_value=$row['item_number'];
$description_value=$row['description'];
$brand_id_value=$row['brand_id'];
$category_id_value=$row['category_id'];
$supplier_id_value=$row['supplier_id'];
$buy_price_value=$row['buy_price'];
$unit_price_value=$row['unit_price'];
$supplier_catalogue_number_value=$row['supplier_catalogue_number'];
$tax_percent_value=$row['tax_percent'];
$total_cost_value=$row['total_cost'];
$quantity_value=$row['quantity'];
$reorder_level_value=$row['reorder_level'];
$id=$row['id'];
}
}
else
{
$display->displayTitle("$lang->addItem");
}
//creates a form object
$f1=new form('process_form_items.php','POST','items','400',$cfg_theme,$lang);
//creates form parts.
$f1->createInputField("<b>$lang->itemName:</b> ",'text','item_name',"$item_name_value",'24','160');
$f1->createInputField("$lang->description: ",'text','description',"$description_value",'24','160');
$f1->createInputField("$lang->itemNumber: ",'text','item_number',"$item_number_value",'24','160');
$brandtable = "$cfg_tableprefix".'brands';
$brand_option_titles=$dbf->getAllElements("$brandtable",'brand','brand');
$brand_option_titles[0] = $dbf->idToField("$brandtable",'brand',"$brand_id_value");
$brand_option_values=$dbf->getAllElements("$brandtable",'id','brand');
$brand_option_values[0] = $brand_id_value;
$f1->createSelectField("<b>$lang->brand:</b>",'brand_id',$brand_option_values,$brand_option_titles,'160');
$categorytable = "$cfg_tableprefix".'categories';
$category_option_titles=$dbf->getAllElements("$categorytable",'category','category');
$category_option_titles[0] = $dbf->idToField("$categorytable",'category',"$category_id_value");
$category_option_values=$dbf->getAllElements("$categorytable",'id','category');
$category_option_values[0] = $category_id_value;
$f1->createSelectField("<b>$lang->category:</b>",'category_id',$category_option_values,$category_option_titles,'160');
$suppliertable = "$cfg_tableprefix".'suppliers';
$supplier_option_titles=$dbf->getAllElements("$suppliertable",'supplier','supplier');
$supplier_option_titles[0] = $dbf->idToField("$suppliertable",'supplier',"$supplier_id_value");
$supplier_option_values=$dbf->getAllElements("$suppliertable",'id','supplier');
$supplier_option_values[0] = $supplier_id_value;
$f1->createSelectField("<b>$lang->supplier:</b>",'supplier_id',$supplier_option_values,$supplier_option_titles,'160');
$f1->createInputField("<b>$lang->buyingPrice:</b>",'text','buy_price',"$buy_price_value",'10','160');
$f1->createInputField("<b>$lang->sellingPrice ($lang->wo $lang->tax):</b>",'text','unit_price',"$unit_price_value",'10','160');
$f1->createInputField("<b>$lang->tax (%):</b> ",'text','tax_percent',"$tax_percent_value",'4','160');
$f1->createInputField("$lang->supplierCatalogue: ",'text','supplier_catalogue_number',"$supplier_catalogue_number_value",'24','160');
$f1->createInputField("<b>$lang->quantityStock:</b> ",'text','quantity',"$quantity_value",'3','160');
$f1->createInputField("<b>$lang->reorderLevel:</b> ",'text','reorder_level',"$reorder_level_value",'3','160');
//sends 2 hidden varibles needed for process_form_users.php.
echo "
<input type='hidden' name='action' value='$action'>
<input type='hidden' name='id' value='$id'>";
$f1->endForm();
$dbf->closeDBlink();
?>
</body>
</html>

58
items/index.php

@ -0,0 +1,58 @@
<?php session_start();
include ("../settings.php");
include("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
echo "
<html>
<body>
<table border=\"0\" width=\"500\">
<tr>
<td><img border=\"0\" src=\"../images/items.gif\" width=\"32\" height=\"33\" valign='top'><font color='#005B7F' size='4'>&nbsp;<b>$lang->items</b></font><br>
<br>
<font face=\"Verdana\" size=\"2\">$lang->itemsWelcomeScreen</font>
<ul>
<li><font face=\"Verdana\" size=\"2\"><a href=\"form_items.php?action=insert\">$lang->createNewItem</a></font></li>
<ul>
<li><font face=\"Verdana\" size=\"2\"><a href=\"discounts/form_discounts.php?action=insert\">$lang->discountAnItem</a></font></li>
<li><font face=\"Verdana\" size=\"2\"><a href=\"discounts/manage_discounts.php\">$lang->manageDiscounts</a></font></li>
</ul>
<li><font face=\"Verdana\" size=\"2\"><a href=\"manage_items.php\">$lang->manageItems</a></font></li>
<li><font face=\"Verdana\" size=\"2\"><a href=\"items_barcode.php\">$lang->itemsBarcode</a></font></li>
</ul>
<ul>
<li><font face=\"Verdana\" size=\"2\"><a href=\"brands/form_brands.php?action=insert\">$lang->createBrand</a></font></li>
<li><font face=\"Verdana\" size=\"2\"><a href=\"brands/manage_brands.php\">$lang->manageBrands</a></font></li>
</ul>
<ul>
<li><font face=\"Verdana\" size=\"2\"><a href=\"categories/form_categories.php?action=insert\">$lang->createCategory</a></font></li>
<li><font face=\"Verdana\" size=\"2\"><a href=\"categories/manage_categories.php\">$lang->manageCategories</a></font></li>
</ul>
<ul>
<li><font face=\"Verdana\" size=\"2\"><a href=\"suppliers/form_suppliers.php?action=insert\">$lang->createSupplier</a></font></li>
<li><font face=\"Verdana\" size=\"2\"><a href=\"suppliers/manage_suppliers.php\">$lang->manageSuppliers</a></font></li>
</ul>
<p>&nbsp;</td>
</tr>
</table>
</body>
</html>";
$dbf->closeDBlink();
?>

59
items/items_barcode.php

@ -0,0 +1,59 @@
<?php session_start();
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/display.php");
include ("../classes/security_functions.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(isset($_GET['generateWith']))
{
$generateWith=$_GET['generateWith'];
}
else
{
$generateWith='id';
}
$display->displayTitle("$lang->itemsBarcode"." ($generateWith)");
echo "<a href='items_barcode.php?generateWith=item_number'>$lang->itemNumber</a> / <a href='items_barcode.php?generateWith=id'>id</a>";
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$items_table=$cfg_tableprefix.'items';
$result=mysql_query("SELECT * FROM $items_table ORDER by item_name",$dbf->conn);
echo '<table border=0 width=85% align=center cellspacing=5 cellpadding=12>
<tr>';
$counter=0;
while($row=mysql_fetch_assoc($result))
{
if($counter%2==0)
{
echo '</tr><tr>';
}
echo "<td align='center'><img src='../classes/barcode.php?barcode=$row[$generateWith]&width=256&text=*$row[item_name]*'></td>";
$counter++;
}
echo '</tr></table>';
$dbf->closeDBlink();
?>

87
items/manage_items.php

@ -0,0 +1,87 @@
<?php session_start(); ?>
<html>
<head>
<SCRIPT LANGUAGE="Javascript">
<!---
function decision(message, url)
{
if(confirm(message) )
{
location.href = url;
}
}
// --->
</SCRIPT>
</head>
<body>
<?php
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
include ("../classes/display.php");
include ("../classes/form.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
$display->displayTitle("$lang->manageItems");
$f1=new form('manage_items.php','POST','items','400',$cfg_theme,$lang);
$f1->createInputField("<b>$lang->searchForItemBy</b>",'text','search','','24','150');
$option_values2=array('item_name','item_number','id','quantity','supplier_catalogue_number');
$option_titles2=array("$lang->itemName","$lang->itemNumber",'ID',"$lang->quantityStock","$lang->supplierCatalogue");
$f1->createSelectField("<b>$lang->searchBy</b>",'searching_by',$option_values2,$option_titles2,100);
$f1->endForm();
echo "<a href='manage_items.php?outofstock=go'>$lang->showOutOfStock</a><br>";
echo "<a href='manage_items.php?reorder=go'>$lang->showReorder</a>";
$tableheaders=array("$lang->rowID","$lang->itemName","$lang->itemNumber","$lang->description","$lang->brand","$lang->category","$lang->supplier","$lang->buyingPrice","$lang->sellingPrice","$lang->tax $lang->percent","$lang->finalSellingPricePerUnit","$lang->quantityStock","$lang->reorderLevel","$lang->supplierCatalogue","$lang->updateItem","$lang->deleteItem");
$tablefields=array('id','item_name','item_number','description','brand_id','category_id','supplier_id','buy_price','unit_price','tax_percent','total_cost','quantity','reorder_level','supplier_catalogue_number');
if(isset($_POST['search']))
{
$search=$_POST['search'];
$searching_by =$_POST['searching_by'];
echo "<center>$lang->searchedForItem: <b>$search</b> $lang->searchBy <b>$searching_by</b></center>";
$display->displayManageTable("$cfg_tableprefix",'items',$tableheaders,$tablefields,"$searching_by","$search",'id');
}
elseif(isset($_GET['outofstock']))
{
echo "<center>$lang->outOfStock</b></center>";
$display->displayManageTable("$cfg_tableprefix",'items',$tableheaders,$tablefields,'quantity',"outofstock",'id');
}
elseif(isset($_GET['reorder']))
{
echo "<center>$lang->reorder</b></center>";
$display->displayManageTable("$cfg_tableprefix",'items',$tableheaders,$tablefields,'quantity',"reorder",'id');
}
else
{
$display->displayManageTable("$cfg_tableprefix",'items',$tableheaders,$tablefields,'','','id');
}
$dbf->closeDBlink();
?>
</body>
</html>

124
items/process_form_items.php

@ -0,0 +1,124 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
//creates 3 objects needed for this script.
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
//checks if user is logged in.
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit ();
}
//variables needed globably in this file.
$tablename="$cfg_tableprefix".'items';
$field_names=null;
$field_data=null;
$id=-1;
//checks to see if action is delete and an ID is specified. (only delete uses $_GET.)
if(isset($_GET['action']) and isset($_GET['id']))
{
$action=$_GET['action'];
$id=$_GET['id'];
}
//checks to make sure data is comming from form ($action is either delete or update)
elseif(isset($_POST['item_name']) and isset($_POST['description']) and isset($_POST['item_number']) and isset($_POST['brand_id'])
and isset($_POST['category_id']) and isset($_POST['supplier_id']) and isset($_POST['buy_price']) and isset($_POST['unit_price']) and isset($_POST['tax_percent'])
and isset($_POST['supplier_catalogue_number']) and isset($_POST['quantity']) and isset($_POST['id']) and isset($_POST['action']) )
{
$action=$_POST['action'];
$id = $_POST['id'];
//gets variables entered by user.
$item_name = $_POST['item_name'];
$description = $_POST['description'];
$item_number = $_POST['item_number'];
$brand_id = $_POST['brand_id'];
$category_id = $_POST['category_id'];
$supplier_id = $_POST['supplier_id'];
$buy_price = number_format($_POST['buy_price'],2,'.', '');
$unit_price = number_format($_POST['unit_price'],2,'.', '');
$tax_percent = $_POST['tax_percent'];
$supplier_catalogue_number = $_POST['supplier_catalogue_number'];
$quantity = $_POST['quantity'];
$reorder_level= $_POST['reorder_level'];
//insure all fields are filled in.
if($item_name=='' or $brand_id=='' or $category_id=='' or $supplier_id=='' or $buy_price=='' or $unit_price=='' or $tax_percent=='' or $quantity=='' or $reorder_level=='' )
{
echo "$lang->forgottenFields";
exit();
}
elseif( (!is_numeric($buy_price)) or (!is_numeric($unit_price)) or (!is_numeric($tax_percent)) or (!is_numeric($quantity)) or (!is_numeric($reorder_level)))
{
echo "$lang->mustEnterNumeric";
exit();
}
else
{
$total_cost = number_format($unit_price*(1+($tax_percent/100)),2,'.', '');
$field_names=array('item_name','description','item_number','brand_id','category_id','supplier_id','buy_price','unit_price','tax_percent','supplier_catalogue_number','total_cost','quantity','reorder_level');
$field_data=array("$item_name","$description","$item_number","$brand_id","$category_id","$supplier_id","$buy_price","$unit_price","$tax_percent","$supplier_catalogue_number","$total_cost","$quantity","$reorder_level");
}
}
else
{
//outputs error message because user did not use form to fill out data.
echo "$lang->mustUseForm";
exit();
}
switch ($action)
{
//finds out what action needs to be taken and preforms it by calling methods from dbf class.
case $action=="insert":
$dbf->insert($field_names,$field_data,$tablename,true);
break;
case $action=="update":
$dbf->update($field_names,$field_data,$tablename,$id,true);
break;
case $action=="delete":
$dbf->deleteRow($tablename,$id);
break;
default:
echo "lang->noActionSpecified";
break;
}
$dbf->closeDBlink();
?>
<br>
<a href="manage_items.php"><?php echo $lang->manageItems ?>--></a>
<br>
<a href="form_items.php?action=insert"><?php echo $lang->createNewItem ?>--></a>
</body>
</html>

100
items/suppliers/form_suppliers.php

@ -0,0 +1,100 @@
<?php session_start(); ?>
<html>
<head>
</head>
<body>
<?php
include ("../../settings.php");
include ("../../language/$cfg_language");
include ("../../classes/db_functions.php");
include ("../../classes/security_functions.php");
include ("../../classes/form.php");
include ("../../classes/display.php");
$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Admin',$lang);
$display= new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../../login.php");
exit();
}
//set default values, these will change if $action==update.
$supplier_value='';
$address_value='';
$phone_number_value='';
$contact_value='';
$email_value='';
$other_value='';
$id=-1;
//decides if the form will be used to update or add a user.
if(isset($_GET['action']))
{
$action=$_GET['action'];
}
else
{
$action="insert";
}
//if action is update, sets variables to what the current users data is.
if($action=="update")
{
$display->displayTitle("$lang->updateSupplier");
if(isset($_GET['id']))
{
$id=$_GET['id'];
$tablename = "$cfg_tableprefix".'suppliers';
$result = mysql_query("SELECT * FROM $tablename WHERE id=\"$id\"",$dbf->conn);
$row = mysql_fetch_assoc($result);
$supplier_value=$row['supplier'];
$address_value=$row['address'];
$phone_number_value=$row['phone_number'];
$contact_value=$row['contact'];
$email_value=$row['email'];
$other_value=$row['other'];
}
}
else
{
$display->displayTitle("$lang->addSupplier");
}
//creates a form object
$f1=new form('process_form_suppliers.php','POST','suppliers','300',$cfg_theme,$lang);
//creates form parts.
$f1->createInputField("<b>$lang->supplierName:</b>",'text','supplier',"$supplier_value",'24','150');
$f1->createInputField("<b>$lang->address:</b>",'text','address',"$address_value",'24','150');
$f1->createInputField("<b>$lang->phoneNumber:</b>",'text','phone_number',"$phone_number_value",'24','150');
$f1->createInputField("<b>$lang->contact:</b>",'text','contact',"$contact_value",'24','150');
$f1->createInputField("$lang->email: ",'text','email',"$email_value",'24','150');
$f1->createInputField("$lang->other: ",'text','other',"$other_value",'24','150');
//sends 2 hidden varibles needed for process_form_suppliers.php.
echo "
<input type='hidden' name='action' value='$action'>
<input type='hidden' name='id' value='$id'>";
$f1->endForm();
$dbf->closeDBlink();
?>
</body>
</html>

Some files were not shown because too many files changed in this diff

Loading…
Cancel
Save