tblprefix=$tableprefix; $this->lang=$language; $this->conn = mysql_connect("$server", "$username", "$password") or die("Could not connect : " . mysql_error()); mysql_select_db("$database",$this->conn) or die("Could not select database $database"); switch($theme) { //add more themes case $theme=='serious': $this->table_bgcolor='white'; $this->cellspacing='1'; $this->cellpadding='0'; $this->border_style='solid'; $this->border_width='1'; $this->border_color='black'; $this->header_rowcolor='black'; $this->header_text_color='white'; $this->headerfont_face='arial'; $this->headerfont_size='2'; $this->rowcolor='#DDDDDD'; $this->rowcolor_text='black'; $this->rowfont_face='geneva'; $this->rowfont_size='2'; break; case $theme=='big blue': $this->table_bgcolor='white'; $this->cellspacing='1'; $this->cellpadding='0'; $this->border_style='solid'; $this->border_width='1'; $this->border_color='black'; $this->header_rowcolor='navy'; $this->header_text_color='white'; $this->headerfont_face='arial'; $this->headerfont_size='2'; $this->rowcolor='#15759B'; $this->rowcolor_text='white'; $this->rowfont_face='geneva'; $this->rowfont_size='2'; break; } } function getUserID($username,$password) { //pre: $username is a string and $password (encrypted) is the user's encrypted password. //post: returns the id of the user with the specific username and password supplied. $tablename = "$this->tblprefix".'users'; $result = mysql_query("SELECT * FROM $tablename WHERE username=\"$username\" and password=\"$password\"",$this->conn); $row = mysql_fetch_assoc($result); return $row['id']; } function getAllElements($tablename,$field,$orderby) { //pre: $tablename,$field,$orderby must be valid /*post: returns all elements in an array of specified table and sets first position to an empty string. This function will be used for filling select fields, which requires the first position for the selected value */ $result = mysql_query("SELECT $field FROM $tablename ORDER BY $orderby",$this->conn); $numRows = mysql_num_rows($result); $data = array(); $data[0]=''; for($k=1; $k< $numRows+1; $k++) { $data[$k]= mysql_result($result,$k-1); } return $data; } function idToField($tablename,$field,$id) { //pre: $tablename, field, and id all must be valid //post: returns a specified field based on the ID from a specified table. $result = mysql_query("SELECT $field FROM $tablename WHERE id=\"$id\"",$this->conn); $row = mysql_fetch_assoc($result); return $row[$field]; } function fieldToid($tablename,$field,$value) { //pre: $tablename, field, and value all must be valid //post: returns a specified id based on the field from a specified table. $result = mysql_query("SELECT * FROM $tablename WHERE $field=\"$value\"",$this->conn); $row=mysql_fetch_assoc($result); return $row['id']; } function getFields($database,$tablename) { //returns fields in table $fields=array(); $fieldsRef=mysql_list_fields ($database, $tablename); $columns=mysql_num_fieldsfieldsRef; for($k=0;$k<$columns;$k++) { $fields[]=mysql_field_name($fieldsRef,$k); } return $fields; } function insert($field_names,$field_data,$tablename,$output) { //pre: $field_names and $field_data are pararell arrays and $tablename is a string. //post: creates a query then executes it. if(!($this->isValidData($field_data))) { echo "{$this->lang->invalidCharactor}"; exit(); } $query = "INSERT INTO $tablename ($field_names[0]"; for($k=1;$k< count($field_names);$k++) { $query.=', '."$field_names[$k]"; } $query.=") VALUES (\"$field_data[0]\""; for($k=1;$k< count($field_data);$k++) { $query.=', '."\"$field_data[$k]\""; } $query.=')'; mysql_query($query,$this->conn); if($output) { echo "{$this->lang->successfullyAdded} $tablename
"; echo "cellspacing cellpadding=$this->cellpadding bgcolor=$this->table_bgcolor style=\"border: $this->border_style $this->border_color $this->border_width px\"> header_rowcolor> "; for($k=0;$krowcolor>'."\n"; } else { echo "rowcolor>'."\n"; } } echo '

{$this->lang->field}	{$this->lang->data}
$field_names[$k]". '	$field_data[$k]
$field_names[$k]". '	*******

'; } } function update($field_names,$field_data,$tablename,$id,$output) { //pre: $field_names and $field_data are pararell arrays and tablename and id are strings. //post: creates a query then executes it limites based on id. if($id=='') { echo "{$this->lang->didNotEnterID}"; exit(); } if(!($this->isValidData($field_data))) { echo "{$this->lang->invalidCharactor}"; exit(); } $query="UPDATE $tablename SET $field_names[0]=\"$field_data[0]\""; for($k=1;$k< count($field_names);$k++) { $query.=', '."$field_names[$k]=\"$field_data[$k]\""; } $sales_items_table=$this->tblprefix.'sales_items'; if($output) { $query.=" WHERE id=\"$id\""; //echo "Here: $query"; } else { $query.=" WHERE sale_id=\"$id\""; } mysql_query($query,$this->conn); if($output) { echo "{$this->lang->successfullyUpdated} $tablename
"; echo "cellspacing cellpadding=$this->cellpadding bgcolor=$this->table_bgcolor style=\"border: $this->border_style $this->border_color $this->border_width px\"> header_rowcolor> "; for($k=0;$krowcolor>'."\n"; } else { echo "rowcolor>'."\n"; } } echo '

{$this->lang->field}	{$this->lang->data}
$field_names[$k]". '	$field_data[$k]
$field_names[$k]". '	*******

'; } } function deleteRow($tablename,$id) { //pre: $tablename and id are strings. //post: Does extensive error checking and then deletes row is allowed. if($this->tblprefix=='') { $baseTable=$tablename; } else { $splitTable= explode ("$this->tblprefix",$tablename); $baseTable=$splitTable[1]; } $canDelete=true; $errmessage=''; if($id=='') { echo "{$this->lang->didNotEnterID}"; exit(); } elseif($baseTable=='brands') { $checkTable = "$this->tblprefix".'items'; $result = mysql_query("SELECT brand_id FROM $checkTable WHERE brand_id=\"$id\"",$this->conn); if(@mysql_num_rows($result) >= 1) { $canDelete=false; $errmessage="{$this->lang->cantDeleteBrand}"; } } elseif($baseTable=='categories') { $checkTable = "$this->tblprefix".'items'; $result = mysql_query("SELECT category_id FROM $checkTable WHERE category_id=\"$id\"",$this->conn); if(@mysql_num_rows($result) >= 1) { $canDelete=false; $errmessage="{$this->lang->cantDeleteCategory}"; } } elseif($baseTable=='customers') { $checkTable = "$this->tblprefix".'sales'; $result = mysql_query("SELECT customer_id FROM $checkTable WHERE customer_id=\"$id\"",$this->conn); if(@mysql_num_rows($result) >= 1) { $canDelete=false; $errmessage="{$this->lang->cantDeleteCustomer}"; } } elseif($baseTable=='items') { $checkTable = "$this->tblprefix".'sales_items'; $result = mysql_query("SELECT item_id FROM $checkTable WHERE item_id=\"$id\"",$this->conn); if(@mysql_num_rows($result) >= 1) { $canDelete=false; $errmessage="{$this->lang->cantDeleteItem}"; } } elseif($baseTable=='suppliers') { $checkTable = "$this->tblprefix".'items'; $result = mysql_query("SELECT supplier_id FROM $checkTable WHERE supplier_id=\"$id\"",$this->conn); if(@mysql_num_rows($result) >= 1) { $canDelete=false; $errmessage="{$this->lang->cantDeleteSupplier}"; } } elseif($baseTable=='sales') { $sales_items_table="$this->tblprefix".'sales_items'; $items_table="$this->tblprefix".'items'; $result=mysql_query("SELECT * FROM $sales_items_table WHERE sale_id=\"$id\""); while($row=mysql_fetch_assoc($result)) { $quantityToAdd =$row['quantity_purchased']; $newQuantity=$this->idToField($items_table,'quantity',"$row[item_id]")+$quantityToAdd; $this->updateItemQuantity($row['item_id'],$newQuantity); } mysql_query("DELETE FROM $sales_items_table WHERE sale_id=\"$id\"",$this->conn); } elseif($baseTable=='users') { $checkTable = "$this->tblprefix".'sales'; $result = mysql_query("SELECT sold_by FROM $checkTable WHERE sold_by=\"$id\"",$this->conn); if($_SESSION['session_user_id']==$id) { $canDelete=false; $errmessage="{$this->lang->cantDeleteUserLoggedIn}"; } elseif(@mysql_num_rows($result) >= 1) { $canDelete=false; $errmessage="{$this->lang->cantDeleteUserEnteredSales}"; } } if($canDelete==true) { $query="DELETE FROM $tablename WHERE id=\"$id\""; mysql_query($query,$this->conn); echo "{$this->lang->successfullyDeletedRow} $id {$this->lang->fromThe} $tablename {$this->lang->table}"; } else { echo "$errmessage
"; } } function isValidData($data_to_check) { //checks data for errors for($k=0;$k',$data_to_check[$k]) ) { return false; } } return true; } function isValidItem($item) { $table=$this->tblprefix.'items'; $result=mysql_query("SELECT id FROM $table WHERE id=\"$item\"",$this->conn); if(mysql_num_rows($result)==0) { return false; } return true; } function isItemOnDiscount($itemID) { $table=$this->tblprefix.'discounts'; $query="SELECT item_id FROM $table WHERE item_id=\"$itemID\""; $result=mysql_query($query,$this->conn); if(mysql_num_rows($result) >0) { return true; } return false; } function getPercentDiscount($itemID) { $table=$this->tblprefix.'discounts'; $query="SELECT percent_off FROM $table WHERE item_id=\"$itemID\""; $result=mysql_query($query,$this->conn); if(mysql_num_rows($result) >0) { $row=mysql_fetch_assoc($result); return $row['percent_off']; } return -1; } function getDiscountedPrice($itemID) { $itemtable=$this->tblprefix.'items'; $discounttable=$this->tblprefix.'discounts'; $query1="SELECT * FROM $discounttable WHERE item_id=\"$itemID\""; $row=mysql_fetch_assoc(mysql_query($query1,$this->conn)); $percent_off=$row['percent_off']; $query2="SELECT * FROM $itemtable WHERE id=\"$itemID\""; $row=mysql_fetch_assoc(mysql_query($query2,$this->conn)); $discounted_price=$row['unit_price']*(1-($percent_off/100)); return number_format($discounted_price,2,'.', ''); } function isValidCustomer($customer) { $table=$this->tblprefix.'customers'; $result=mysql_query("SELECT id FROM $table WHERE id=\"$customer\"",$this->conn); if(mysql_num_rows($result)==0) { return false; } return true; } function getNumRows($table) { //gets the number of rows in a table $query="SELECT id FROM $table"; $result=mysql_query($query,$this->conn); return mysql_num_rows($result); } function updateSaleTotals($sale_id) { //updates the totals for a sale $sales_items_table=$this->tblprefix.'sales_items'; $sales_table=$this->tblprefix.'sales'; $query="SELECT item_total_cost,item_total_tax,quantity_purchased FROM $sales_items_table WHERE sale_id=\"$sale_id\""; $result=mysql_query($query,$this->conn); if(@mysql_num_rows($result) > 0) { $sale_sub_total=0; $sale_total_cost=0; $items_purchased=0; while($row=mysql_fetch_assoc($result)) { $sale_sub_total+=$row['item_total_cost']-$row['item_total_tax']; $sale_total_cost+=$row['item_total_cost']; $items_purchased+=$row['quantity_purchased']; } $sale_sub_total=number_format($sale_sub_total,2,'.', ''); $sale_total_cost=number_format($sale_total_cost,2,'.', ''); $query2="UPDATE $sales_table SET sale_sub_total=\"$sale_sub_total\",sale_total_cost=\"$sale_total_cost\",items_purchased=\"$items_purchased\" WHERE id=\"$sale_id\""; mysql_query($query2,$this->conn); } else { $this->deleteRow($sales_table,$sale_id); } } function updateItemQuantity($item_id,$newQuantity) { $items_table=$this->tblprefix.'items'; $query="UPDATE $items_table SET quantity=\"$newQuantity\" WHERE id=\"$item_id\""; mysql_query($query,$this->conn); } function optimizeTables() { //optimizes the sales $tableprefix=$this->tblprefix; $brandsTable="$tableprefix".'brands'; $categorieTable="$tableprefix".'categories'; $customersTable="$tableprefix".'customers'; $itemsTable="$tableprefix".'items'; $salesTable="$tableprefix".'sales'; $sales_itemsTable="$tableprefix".'sales_items'; $suppliersTable="$tableprefix".'suppliers'; $usersTable="$tableprefix".'users'; $booksTable="$tableprefix".'books'; $query="OPTIMIZE TABLE $brandsTable, $categorieTable, $customersTable, $itemsTable, $salesTable, $sales_itemsTable,$suppliersTable, $usersTable, $booksTable"; mysql_query($query,$this->conn); } function closeDBlink() { mysql_close($this->conn); } } ?>