set up show_helptext as a user preference; add name field
This commit is contained in:
parent
a55db3c545
commit
582c53a5fd
13 changed files with 210 additions and 106 deletions
|
|
@ -19,11 +19,12 @@ class MySmarty extends Smarty {
|
|||
$opt["pdo_password"]);
|
||||
}
|
||||
|
||||
public function opt() {
|
||||
public function opt($session = NULL) {
|
||||
static $opt;
|
||||
if (!isset($opt)) {
|
||||
$opt = getGlobalOptions();
|
||||
}
|
||||
$opt['show_helptext'] = isset($_SESSION['show_helptext']) ? $_SESSION['show_helptext'] : $opt['show_helptext'];
|
||||
return $opt;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -113,28 +113,28 @@ if (!empty($_GET["mysort"]))
|
|||
$_SESSION["mysort"] = $_GET["mysort"];
|
||||
|
||||
if (!isset($_SESSION["mysort"])) {
|
||||
$sortby = "rankorder DESC, i.description";
|
||||
$sortby = "rankorder DESC, i.name";
|
||||
$_SESSION["mysort"] = "ranking";
|
||||
}
|
||||
else {
|
||||
switch ($_SESSION["mysort"]) {
|
||||
case "ranking":
|
||||
$sortby = "rankorder DESC, i.description";
|
||||
$sortby = "rankorder DESC, i.name";
|
||||
break;
|
||||
case "description":
|
||||
$sortby = "i.description";
|
||||
case "name":
|
||||
$sortby = "i.name";
|
||||
break;
|
||||
case "price":
|
||||
$sortby = "price, rankorder DESC, i.description";
|
||||
$sortby = "price, rankorder DESC, i.name";
|
||||
break;
|
||||
case "category":
|
||||
$sortby = "c.category, rankorder DESC, i.description";
|
||||
$sortby = "c.category, rankorder DESC, i.name";
|
||||
break;
|
||||
default:
|
||||
$sortby = "rankorder DESC, i.description";
|
||||
$sortby = "rankorder DESC, i.name";
|
||||
}
|
||||
}
|
||||
$stmt = $smarty->dbh()->prepare("SELECT itemid, description, c.category, price, url, rendered, comment, image_filename FROM {$opt["table_prefix"]}items i LEFT OUTER JOIN {$opt["table_prefix"]}categories c ON c.categoryid = i.category LEFT OUTER JOIN {$opt["table_prefix"]}ranks r ON r.ranking = i.ranking WHERE userid = ? ORDER BY " . $sortby);
|
||||
$stmt = $smarty->dbh()->prepare("SELECT itemid, name, description, c.category, price, url, rendered, comment, image_filename FROM {$opt["table_prefix"]}items i LEFT OUTER JOIN {$opt["table_prefix"]}categories c ON c.categoryid = i.category LEFT OUTER JOIN {$opt["table_prefix"]}ranks r ON r.ranking = i.ranking WHERE userid = ? ORDER BY " . $sortby);
|
||||
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
$myitems_count = 0;
|
||||
|
|
|
|||
173
src/item.php
173
src/item.php
|
|
@ -51,43 +51,102 @@ if (!empty($_REQUEST["action"])) {
|
|||
|
||||
if ($action == "insert" || $action == "update") {
|
||||
/* validate the data. */
|
||||
$description = trim($_REQUEST["description"]);
|
||||
$price = str_replace(",","",trim($_REQUEST["price"]));
|
||||
$source = trim($_REQUEST["source"]);
|
||||
$url = trim($_REQUEST["url"]);
|
||||
$category = trim($_REQUEST["category"]);
|
||||
$ranking = $_REQUEST["ranking"];
|
||||
$comment = $_REQUEST["comment"];
|
||||
$quantity = (int) $_REQUEST["quantity"];
|
||||
$name = trim($_REQUEST["name"]);
|
||||
$bookmarklet = isset($_REQUEST["bookmarklet"]) ? trim($_REQUEST["bookmarklet"]) : "";
|
||||
$image_url = isset($_REQUEST["image_url"]) ? trim($_REQUEST["image_url"]) : "";
|
||||
$description = isset($_REQUEST["description"]) ? trim($_REQUEST["description"]) : "";
|
||||
$price = isset($_REQUEST["price"]) ? str_replace(",","",trim($_REQUEST["price"])) : "0";
|
||||
$source = isset($_REQUEST["source"]) ? trim($_REQUEST["source"]) : "";
|
||||
$url = isset($_REQUEST["url"]) ? trim($_REQUEST["url"]) : "";
|
||||
$category = isset($_REQUEST["category"]) ? trim($_REQUEST["category"]) : "1";
|
||||
$ranking = isset($_REQUEST["ranking"]) ? $_REQUEST["ranking"] : "3";
|
||||
$comment = isset($_REQUEST["comment"]) ? $_REQUEST["comment"] : "";
|
||||
$quantity = isset($_REQUEST["quantity"]) ? (int) $_REQUEST["quantity"] : 1;
|
||||
|
||||
$haserror = false;
|
||||
if ($description == "") {
|
||||
if ($name == "") {
|
||||
$haserror = true;
|
||||
$description_error = "A description is required.";
|
||||
$name_error = "A name is required.";
|
||||
}
|
||||
if ($image_url != "" && preg_match("/^http(s)?:\/\/([^\/]+)/i",$image_url)) {
|
||||
$image_file_data = file_get_contents($image_url);
|
||||
if ($image_file_data !== false) {
|
||||
$temp_image = tempnam("/tmp","");
|
||||
file_put_contents($temp_image, $image_file_data);
|
||||
error_log("MWE: temp_image: $temp_image");
|
||||
$fh = fopen($temp_image, 'rb');
|
||||
if ($fh) {
|
||||
$header = fread($fh, 8);
|
||||
fclose($fh);
|
||||
$ext = "";
|
||||
if (bin2hex(substr($header, 0, 8)) === '89504e470d0a1a0a') {
|
||||
$ext = 'png';
|
||||
} elseif (bin2hex(substr($header, 0, 2)) === 'ffd8') {
|
||||
$ext = 'jpg';
|
||||
} elseif (in_array(bin2hex(substr($header, 0, 6)), ['474946383761', '474946383961'])) {
|
||||
$ext = 'gif';
|
||||
} elseif (bin2hex(substr($header, 0, 2)) === '424d') {
|
||||
$ext = 'bmp';
|
||||
} elseif (in_array(bin2hex(substr($header, 0, 4)), ['49492a00', '4d4d002a'])) {
|
||||
$ext = 'tiff';
|
||||
} elseif (bin2hex(substr($header, 0, 12)) === '524946462a00000057454250') {
|
||||
$ext = 'webp';
|
||||
}
|
||||
}
|
||||
error_log("MWE: ext: $ext");
|
||||
if ($ext != "") {
|
||||
$parts = pathinfo($_SERVER["SCRIPT_FILENAME"]);
|
||||
$upload_dir = $parts['dirname'];
|
||||
// generate a temporary file in the configured directory.
|
||||
$temp_name = tempnam($upload_dir . "/" . $opt["image_subdir"],"");
|
||||
// unlink it, we really want an extension on that.
|
||||
unlink($temp_name);
|
||||
// here's the name we really want to use. full path is included.
|
||||
$image_filename = $temp_name . "." . $ext;
|
||||
error_log("MWE: image_filename: $image_filename");
|
||||
// move the PHP temporary file to that filename.
|
||||
rename($temp_image, $image_filename);
|
||||
// the name we're going to record in the DB is the filename without the path.
|
||||
$image_base_filename = basename($image_filename);
|
||||
error_log("MWE: image_base_filename: $image_base_filename");
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($bookmarklet == "1") {
|
||||
if ($source == "" && preg_match("/^Amazon.com:/", $name)) {
|
||||
$source = "Amazon";
|
||||
}
|
||||
if ($source == "" && $url != "") {
|
||||
$source = preg_replace("/^(https?:\/\/)?([^\/]+)(\/.*)?$/", "$2", $url);
|
||||
}
|
||||
$name = preg_replace("/^Amazon.com: /", "", $name);
|
||||
$name = preg_replace("/ : [A-Za-z0-9 &_,-]+/", "", $name);
|
||||
}
|
||||
if (strlen($name) > 100 && $description == "") {
|
||||
$description = $name;
|
||||
}
|
||||
if (strlen($name) > 100) {
|
||||
$name = substr($name, 0, 100);
|
||||
}
|
||||
if ($price == "" || !preg_match("/^\d*(\.\d{2})?$/i",$price)) {
|
||||
$haserror = true;
|
||||
$price_error = "Price format is not valid.<br />Price is required and must be a number, either accurate or approximate.<br />Do not enter the currency symbol.";
|
||||
}
|
||||
if ($source == "") {
|
||||
$haserror = true;
|
||||
$source_error = "A source is required (i.e., where it can be purchased).";
|
||||
$price = 0;
|
||||
}
|
||||
if ($url != "" && !preg_match("/^http(s)?:\/\/([^\/]+)/i",$url)) {
|
||||
$haserror = true;
|
||||
$url_error = "A well-formed URL is required in the format <i>http://www.somesite.net/somedir/somefile.html</i>.";
|
||||
}
|
||||
if ($category == "") {
|
||||
$category = 1;
|
||||
}
|
||||
if ($ranking == "") {
|
||||
$haserror = true;
|
||||
$ranking_error = "A ranking is required.";
|
||||
$ranking = 3;
|
||||
}
|
||||
if ($quantity == "" || (int) $quantity < 1) {
|
||||
$haserror = true;
|
||||
$quantity_error = "A positive quantity is required.";
|
||||
$quantity = 1;
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($haserror) && !$haserror && isset($_REQUEST["image"])) {
|
||||
if (!isset($image_url) && isset($haserror) && !$haserror && isset($_REQUEST["image"])) {
|
||||
if ($_REQUEST["image"] == "remove" || $_REQUEST["image"] == "replace") {
|
||||
deleteImageForItem((int) $_REQUEST["itemid"], $smarty->dbh(), $smarty->opt());
|
||||
}
|
||||
|
|
@ -115,19 +174,20 @@ if (!empty($_REQUEST["action"])) {
|
|||
if ($action == "delete") {
|
||||
try {
|
||||
/* find out if this item is bought or reserved. */
|
||||
$stmt = $smarty->dbh()->prepare("SELECT a.userid, a.quantity, a.bought, i.description FROM {$opt["table_prefix"]}allocs a LEFT OUTER JOIN {$opt["table_prefix"]}items i ON i.itemid = a.itemid WHERE a.itemid = ?");
|
||||
$stmt = $smarty->dbh()->prepare("SELECT a.userid, a.quantity, a.bought, i.name, i.description FROM {$opt["table_prefix"]}allocs a LEFT OUTER JOIN {$opt["table_prefix"]}items i ON i.itemid = a.itemid WHERE a.itemid = ?");
|
||||
$stmt->bindValue(1, (int) $_REQUEST["itemid"], PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
$description = ""; // need this outside of the while block.
|
||||
$name = ""; // need this outside of the while block.
|
||||
while ($row = $stmt->fetch()) {
|
||||
$buyerid = $row["userid"];
|
||||
$quantity = $row["quantity"];
|
||||
$bought = $row["bought"];
|
||||
$name = $row["name"]; // need this for descriptions.
|
||||
$description = $row["description"]; // need this for descriptions.
|
||||
if ($buyerid != null) {
|
||||
sendMessage($userid,
|
||||
$buyerid,
|
||||
"$description that you " . (($bought == 1) ? "bought" : "reserved") . " $quantity of for {$_SESSION["fullname"]} has been deleted. Check your reservation/purchase to ensure it's still needed.",
|
||||
"$name that you " . (($bought == 1) ? "bought" : "reserved") . " $quantity of for {$_SESSION["fullname"]} has been deleted. Check your reservation/purchase to ensure it's still needed.",
|
||||
$smarty->dbh(),
|
||||
$smarty->opt());
|
||||
}
|
||||
|
|
@ -142,7 +202,7 @@ if (!empty($_REQUEST["action"])) {
|
|||
// TODO: are we leaking allocs records here?
|
||||
|
||||
stampUser($userid, $smarty->dbh(), $smarty->opt());
|
||||
processSubscriptions($userid, $action, $description, $smarty->dbh(), $smarty->opt());
|
||||
processSubscriptions($userid, $action, $name, $smarty->dbh(), $smarty->opt());
|
||||
|
||||
header("Location: " . getFullPath("index.php?message=Item+deleted."));
|
||||
exit;
|
||||
|
|
@ -152,11 +212,12 @@ if (!empty($_REQUEST["action"])) {
|
|||
}
|
||||
}
|
||||
else if ($action == "edit") {
|
||||
$stmt = $smarty->dbh()->prepare("SELECT description, price, source, category, url, ranking, comment, quantity, image_filename FROM {$opt["table_prefix"]}items WHERE itemid = ?");
|
||||
$stmt = $smarty->dbh()->prepare("SELECT name, description, price, source, category, url, ranking, comment, quantity, image_filename FROM {$opt["table_prefix"]}items WHERE itemid = ?");
|
||||
$stmt->bindValue(1, (int) $_REQUEST["itemid"], PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
|
||||
if ($row = $stmt->fetch()) {
|
||||
$name = $row["name"];
|
||||
$description = $row["description"];
|
||||
$price = number_format($row["price"],2,".",",");
|
||||
$source = $row["source"];
|
||||
|
|
@ -169,37 +230,39 @@ if (!empty($_REQUEST["action"])) {
|
|||
}
|
||||
}
|
||||
else if ($action == "add") {
|
||||
$name = "";
|
||||
$description = "";
|
||||
$price = 0.00;
|
||||
$source = "";
|
||||
$url = "";
|
||||
$category = NULL;
|
||||
$ranking = NULL;
|
||||
$category = 1;
|
||||
$ranking = 3;
|
||||
$comment = "";
|
||||
$quantity = 1;
|
||||
$image_filename = "";
|
||||
}
|
||||
else if ($action == "insert") {
|
||||
if (!$haserror) {
|
||||
$stmt = $smarty->dbh()->prepare("INSERT INTO {$opt["table_prefix"]}items(userid,description,price,source,category,url,ranking,comment,quantity,image_filename) " .
|
||||
"VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
||||
$stmt = $smarty->dbh()->prepare("INSERT INTO {$opt["table_prefix"]}items(userid,name,description,price,source,category,url,ranking,comment,quantity,image_filename) " .
|
||||
"VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
||||
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
|
||||
$stmt->bindParam(2, $description, PDO::PARAM_STR);
|
||||
$stmt->bindParam(3, $price);
|
||||
$stmt->bindParam(4, $source, PDO::PARAM_STR);
|
||||
$stmt->bindParam(5, $category, PDO::PARAM_INT);
|
||||
$stmt->bindParam(6, $url, PDO::PARAM_STR);
|
||||
$stmt->bindParam(7, $ranking, PDO::PARAM_INT);
|
||||
$stmt->bindParam(8, $comment, PDO::PARAM_STR);
|
||||
$stmt->bindParam(9, $quantity, PDO::PARAM_INT);
|
||||
$stmt->bindParam(2, $name, PDO::PARAM_STR);
|
||||
$stmt->bindParam(3, $description, PDO::PARAM_STR);
|
||||
$stmt->bindParam(4, $price);
|
||||
$stmt->bindParam(5, $source, PDO::PARAM_STR);
|
||||
$stmt->bindParam(6, $category, PDO::PARAM_INT);
|
||||
$stmt->bindParam(7, $url, PDO::PARAM_STR);
|
||||
$stmt->bindParam(8, $ranking, PDO::PARAM_INT);
|
||||
$stmt->bindParam(9, $comment, PDO::PARAM_STR);
|
||||
$stmt->bindParam(10, $quantity, PDO::PARAM_INT);
|
||||
if (!isset($image_base_filename) || $image_base_filename == "") {
|
||||
$image_base_filename = NULL;
|
||||
}
|
||||
$stmt->bindParam(10, $image_base_filename, PDO::PARAM_STR);
|
||||
$stmt->bindParam(11, $image_base_filename, PDO::PARAM_STR);
|
||||
$stmt->execute();
|
||||
|
||||
stampUser($userid, $smarty->dbh(), $smarty->opt());
|
||||
processSubscriptions($userid, $action, $description, $smarty->dbh(), $smarty->opt());
|
||||
processSubscriptions($userid, $action, $name, $smarty->dbh(), $smarty->opt());
|
||||
|
||||
header("Location: " . getFullPath("index.php"));
|
||||
exit;
|
||||
|
|
@ -209,6 +272,7 @@ if (!empty($_REQUEST["action"])) {
|
|||
if (!$haserror) {
|
||||
// TODO: if the quantity is updated, send a message to everyone who has an allocation for it.
|
||||
$stmt = $smarty->dbh()->prepare("UPDATE {$opt["table_prefix"]}items SET " .
|
||||
"name = ?, " .
|
||||
"description = ?, " .
|
||||
"price = ?, " .
|
||||
"source = ?, " .
|
||||
|
|
@ -219,25 +283,26 @@ if (!empty($_REQUEST["action"])) {
|
|||
"quantity = ? " .
|
||||
($image_base_filename != "" ? ", image_filename = ? " : "") .
|
||||
"WHERE itemid = ?");
|
||||
$stmt->bindParam(1, $description, PDO::PARAM_STR);
|
||||
$stmt->bindParam(2, $price);
|
||||
$stmt->bindParam(3, $source, PDO::PARAM_STR);
|
||||
$stmt->bindParam(4, $category, PDO::PARAM_INT);
|
||||
$stmt->bindParam(5, $url, PDO::PARAM_STR);
|
||||
$stmt->bindParam(6, $ranking, PDO::PARAM_INT);
|
||||
$stmt->bindParam(7, $comment, PDO::PARAM_STR);
|
||||
$stmt->bindParam(8, $quantity, PDO::PARAM_INT);
|
||||
$stmt->bindParam(1, $name, PDO::PARAM_STR);
|
||||
$stmt->bindParam(2, $description, PDO::PARAM_STR);
|
||||
$stmt->bindParam(3, $price);
|
||||
$stmt->bindParam(4, $source, PDO::PARAM_STR);
|
||||
$stmt->bindParam(5, $category, PDO::PARAM_INT);
|
||||
$stmt->bindParam(6, $url, PDO::PARAM_STR);
|
||||
$stmt->bindParam(7, $ranking, PDO::PARAM_INT);
|
||||
$stmt->bindParam(8, $comment, PDO::PARAM_STR);
|
||||
$stmt->bindParam(9, $quantity, PDO::PARAM_INT);
|
||||
if ($image_base_filename != "") {
|
||||
$stmt->bindParam(9, $image_base_filename, PDO::PARAM_STR);
|
||||
$stmt->bindValue(10, (int) $_REQUEST["itemid"], PDO::PARAM_INT);
|
||||
$stmt->bindParam(10, $image_base_filename, PDO::PARAM_STR);
|
||||
$stmt->bindValue(11, (int) $_REQUEST["itemid"], PDO::PARAM_INT);
|
||||
}
|
||||
else {
|
||||
$stmt->bindValue(9, (int) $_REQUEST["itemid"], PDO::PARAM_INT);
|
||||
$stmt->bindValue(10, (int) $_REQUEST["itemid"], PDO::PARAM_INT);
|
||||
}
|
||||
$stmt->execute();
|
||||
|
||||
stampUser($userid, $smarty->dbh(), $smarty->opt());
|
||||
processSubscriptions($userid, $action, $description, $smarty->dbh(), $smarty->opt());
|
||||
processSubscriptions($userid, $action, $name, $smarty->dbh(), $smarty->opt());
|
||||
|
||||
header("Location: " . getFullPath("index.php"));
|
||||
exit;
|
||||
|
|
@ -269,6 +334,10 @@ $smarty->assign('haserror', isset($haserror) ? $haserror : false);
|
|||
if (isset($_REQUEST['itemid'])) {
|
||||
$smarty->assign('itemid', (int) $_REQUEST['itemid']);
|
||||
}
|
||||
$smarty->assign('name', $name);
|
||||
if (isset($descripton_error)) {
|
||||
$smarty->assign('name_error', $name_error);
|
||||
}
|
||||
$smarty->assign('description', $description);
|
||||
if (isset($descripton_error)) {
|
||||
$smarty->assign('description_error', $description_error);
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ if (!empty($_POST["username"])) {
|
|||
$password = $_POST["password"];
|
||||
|
||||
try {
|
||||
$stmt = $smarty->dbh()->prepare("SELECT userid, fullname, admin FROM {$opt["table_prefix"]}users WHERE username = ? AND password = {$opt["password_hasher"]}(?) AND approved = 1");
|
||||
$stmt = $smarty->dbh()->prepare("SELECT userid, fullname, admin, show_helptext FROM {$opt["table_prefix"]}users WHERE username = ? AND password = {$opt["password_hasher"]}(?) AND approved = 1");
|
||||
$stmt->bindParam(1, $username, PDO::PARAM_STR);
|
||||
$stmt->bindParam(2, $password, PDO::PARAM_STR);
|
||||
|
||||
|
|
@ -40,6 +40,8 @@ if (!empty($_POST["username"])) {
|
|||
$_SESSION["userid"] = $row["userid"];
|
||||
$_SESSION["fullname"] = $row["fullname"];
|
||||
$_SESSION["admin"] = $row["admin"];
|
||||
$_SESSION["show_helptext"] = $row["show_helptext"];
|
||||
$opt['show_helptext'] = $row["show_helptext"];
|
||||
|
||||
header("Location: " . getFullPath("index.php"));
|
||||
exit;
|
||||
|
|
|
|||
|
|
@ -54,18 +54,21 @@ if (!empty($_POST["action"])) {
|
|||
$email = $_POST["email"];
|
||||
$comment = $_POST["comment"];
|
||||
$email_msgs = ($_POST["email_msgs"] == "on" ? 1 : 0);
|
||||
$show_helptext = ($_POST["show_helptext"] == "on" ? 1 : 0);
|
||||
|
||||
try {
|
||||
$stmt = $smarty->dbh()->prepare("UPDATE {$opt["table_prefix"]}users SET fullname = ?, email = ?, email_msgs = ?, comment = ? WHERE userid = ?");
|
||||
$stmt = $smarty->dbh()->prepare("UPDATE {$opt["table_prefix"]}users SET fullname = ?, email = ?, email_msgs = ?, show_helptext = ?, comment = ? WHERE userid = ?");
|
||||
$stmt->bindParam(1, $fullname, PDO::PARAM_STR);
|
||||
$stmt->bindParam(2, $email, PDO::PARAM_STR);
|
||||
$stmt->bindParam(3, $email_msgs, PDO::PARAM_BOOL);
|
||||
$stmt->bindParam(4, $comment, PDO::PARAM_STR);
|
||||
$stmt->bindParam(5, $userid, PDO::PARAM_INT);
|
||||
$stmt->bindParam(4, $show_helptext, PDO::PARAM_BOOL);
|
||||
$stmt->bindParam(5, $comment, PDO::PARAM_STR);
|
||||
$stmt->bindParam(6, $userid, PDO::PARAM_INT);
|
||||
|
||||
$stmt->execute();
|
||||
|
||||
$_SESSION["fullname"] = $fullname;
|
||||
$_SESSION['show_helptext'] = $show_helptext;
|
||||
|
||||
header("Location: " . getFullPath("index.php?message=Profile+updated."));
|
||||
exit;
|
||||
|
|
@ -80,7 +83,7 @@ if (!empty($_POST["action"])) {
|
|||
}
|
||||
|
||||
try {
|
||||
$stmt = $smarty->dbh()->prepare("SELECT fullname, email, email_msgs, comment FROM {$opt["table_prefix"]}users WHERE userid = ?");
|
||||
$stmt = $smarty->dbh()->prepare("SELECT fullname, email, email_msgs, show_helptext, comment FROM {$opt["table_prefix"]}users WHERE userid = ?");
|
||||
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
|
||||
|
||||
$stmt->execute();
|
||||
|
|
@ -88,6 +91,8 @@ try {
|
|||
$smarty->assign('fullname', $row["fullname"]);
|
||||
$smarty->assign('email', $row["email"]);
|
||||
$smarty->assign('email_msgs', $row["email_msgs"]);
|
||||
$smarty->assign('show_helptext', $row["show_helptext"]);
|
||||
$_SESSION['show_helptext'] = $row["show_helptext"];
|
||||
$smarty->assign('comment', $row["comment"]);
|
||||
$smarty->display('profile.tpl');
|
||||
}
|
||||
|
|
|
|||
44
src/shop.php
44
src/shop.php
|
|
@ -27,6 +27,8 @@ else {
|
|||
$userid = $_SESSION["userid"];
|
||||
}
|
||||
|
||||
$opt['show_helptext'] = $_SESSION['show_helptext'];
|
||||
|
||||
$action = "";
|
||||
if (!empty($_GET["action"])) {
|
||||
$action = $_GET["action"];
|
||||
|
|
@ -55,10 +57,11 @@ if (!empty($_GET["action"])) {
|
|||
$query = "INSERT INTO items(userid,description,price,source,url,category) SELECT $userid, description, price, source, url, category FROM items WHERE itemid = " . $_GET["itemid"];
|
||||
*/
|
||||
/* TODO: copy the image too? */
|
||||
$stmt = $smarty->dbh()->prepare("SELECT userid, description, price, source, url, category, comment FROM {$opt["table_prefix"]}items WHERE itemid = ?");
|
||||
$stmt = $smarty->dbh()->prepare("SELECT userid, name, description, price, source, url, category, comment FROM {$opt["table_prefix"]}items WHERE itemid = ?");
|
||||
$stmt->bindParam(1, $itemid, PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
if ($row = $stmt->fetch()) {
|
||||
$name = $row["name"];
|
||||
$desc = $row["description"];
|
||||
$source = $row["source"];
|
||||
$url = $row["url"];
|
||||
|
|
@ -66,19 +69,20 @@ if (!empty($_GET["action"])) {
|
|||
$price = (float) $row["price"];
|
||||
$cat = (int) $row["category"];
|
||||
|
||||
$stmt = $smarty->dbh()->prepare("INSERT INTO {$opt["table_prefix"]}items(userid,description,price,source,url,comment,category,ranking,quantity) VALUES(?, ?, ?, ?, ?, ?, ?, 1, 1)");
|
||||
$stmt = $smarty->dbh()->prepare("INSERT INTO {$opt["table_prefix"]}items(userid,name,description,price,source,url,comment,category,ranking,quantity) VALUES(?, ?, ?, ?, ?, ?, ?, 1, 1)");
|
||||
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
|
||||
$stmt->bindParam(2, $desc, PDO::PARAM_STR);
|
||||
$stmt->bindParam(3, $price);
|
||||
$stmt->bindParam(4, $source, PDO::PARAM_STR);
|
||||
$stmt->bindParam(5, $url, PDO::PARAM_STR);
|
||||
$stmt->bindParam(6, $comment, PDO::PARAM_STR);
|
||||
$stmt->bindParam(7, $cat, PDO::PARAM_INT);
|
||||
$stmt->bindParam(2, $name, PDO::PARAM_STR);
|
||||
$stmt->bindParam(3, $desc, PDO::PARAM_STR);
|
||||
$stmt->bindParam(4, $price);
|
||||
$stmt->bindParam(5, $source, PDO::PARAM_STR);
|
||||
$stmt->bindParam(6, $url, PDO::PARAM_STR);
|
||||
$stmt->bindParam(7, $comment, PDO::PARAM_STR);
|
||||
$stmt->bindParam(8, $cat, PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
|
||||
stampUser($userid, $smarty->dbh(), $smarty->opt());
|
||||
|
||||
$message = "Added '" . $desc . "' to your gift list.";
|
||||
$message = "Added '" . $name . "' to your gift list.";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -98,34 +102,34 @@ if (!($stmt->fetch())) {
|
|||
}
|
||||
|
||||
if (!isset($_GET["sort"])) {
|
||||
$sortby = "rankorder DESC, description";
|
||||
$sortby = "rankorder DESC, name";
|
||||
}
|
||||
else {
|
||||
$sort = $_GET["sort"];
|
||||
switch ($sort) {
|
||||
case "ranking":
|
||||
$sortby = "rankorder DESC, description";
|
||||
$sortby = "rankorder DESC, name";
|
||||
break;
|
||||
case "description":
|
||||
$sortby = "description";
|
||||
case "name":
|
||||
$sortby = "name";
|
||||
break;
|
||||
case "source":
|
||||
$sortby = "source, rankorder DESC, description";
|
||||
$sortby = "source, rankorder DESC, name";
|
||||
break;
|
||||
case "price":
|
||||
$sortby = "price, rankorder DESC, description";
|
||||
$sortby = "price, rankorder DESC, name";
|
||||
break;
|
||||
case "url":
|
||||
$sortby = "url, rankorder DESC, description";
|
||||
$sortby = "url, rankorder DESC, name";
|
||||
break;
|
||||
case "status":
|
||||
$sortby = "reservedid DESC, boughtid DESC, rankorder DESC, description";
|
||||
$sortby = "reservedid DESC, boughtid DESC, rankorder DESC, name";
|
||||
break;
|
||||
case "category":
|
||||
$sortby = "c.category, rankorder DESC, description";
|
||||
$sortby = "c.category, rankorder DESC, name";
|
||||
break;
|
||||
default:
|
||||
$sortby = "rankorder DESC, description";
|
||||
$sortby = "rankorder DESC, name";
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -133,7 +137,7 @@ else {
|
|||
for those items with a quantity of 1. if the item's quantity > 1 we'll query alloc when we
|
||||
get to that record. the theory is that most items will have quantity = 1 so we'll make the least
|
||||
number of trips. */
|
||||
$stmt = $smarty->dbh()->prepare("SELECT i.itemid, description, price, source, c.category, url, image_filename, " .
|
||||
$stmt = $smarty->dbh()->prepare("SELECT i.itemid, name, description, price, source, c.category, url, image_filename, " .
|
||||
"ub.fullname AS bfullname, ub.userid AS boughtid, " .
|
||||
"ur.fullname AS rfullname, ur.userid AS reservedid, " .
|
||||
"rendered, i.comment, i.quantity " .
|
||||
|
|
|
|||
|
|
@ -27,6 +27,8 @@ else {
|
|||
$userid = $_SESSION["userid"];
|
||||
}
|
||||
|
||||
$opt['show_helptext'] = $_SESSION['show_helptext'];
|
||||
|
||||
if (empty($_GET["sort"]))
|
||||
$sort = "source";
|
||||
else
|
||||
|
|
|
|||
|
|
@ -90,26 +90,27 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
<table class="table table-bordered table-striped">
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="colheader"><a href="index.php?mysort=description">Description</a></th>
|
||||
<th class="colheader"><a href="index.php?mysort=name">Name</a></th>
|
||||
<th class="colheader"><a href="index.php?mysort=ranking">Ranking</a></th>
|
||||
<th class="colheader"><a href="index.php?mysort=category">Category</a></th>
|
||||
<th class="rcolheader"><a href="index.php?mysort=price">Price</a></th>
|
||||
<th> </th>
|
||||
<th class="colheader"><a href="index.php?mysort=price">Price</a></th>
|
||||
<th class="rcolheader">Actions</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{foreach from=$myitems item=row}
|
||||
<tr valign="top">
|
||||
<td>
|
||||
{$row.description|escape:'htmlall'}
|
||||
<span title="{$row.description|escape:'htmlall'}">
|
||||
<a href="item.php?action=edit&itemid={$row.itemid}">{$row.name|escape:'htmlall'}</a></span>
|
||||
{if $row.comment != ''}
|
||||
<a class="btn btn-small" rel="popover" href="#" data-placement="right" data-original-title="Comment" data-content="{$row.comment|escape:'htmlall'}">...</a>
|
||||
<a class="btn btn-small" rel="popover" href="#" data-placement="right" data-original-title="Comment" data-content="{$row.comment|escape:'htmlall'}">...</a>
|
||||
{/if}
|
||||
{if $row.url != ''}
|
||||
<a href="{$row.url|escape:'htmlall'}" target="_blank"><img src="images/link.png" border="0" alt="URL" title="URL"></a>
|
||||
<a rel="lightbox" href="{$row.url}" title="{$row.url}"><img src="images/link.png" border="0" alt="Image" /></a>
|
||||
{/if}
|
||||
{if $row.image_filename != '' && $opt.allow_images}
|
||||
<a rel="lightbox" href="{$opt.image_subdir}/{$row.image_filename}" title="{$row.description|escape:'htmlall'}"><img src="images/image.png" border="0" alt="Image" /></a>
|
||||
<a rel="lightbox" href="{$opt.image_subdir}/{$row.image_filename}" title="{$row.name|escape:'htmlall'}"><img src="images/image.png" border="0" alt="Image" /></a>
|
||||
{/if}
|
||||
</td>
|
||||
<td nowrap>{$row.rendered}</td>
|
||||
|
|
@ -118,7 +119,7 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
<td align="right" nowrap>
|
||||
<a href="receive.php?itemid={$row.itemid}"><img alt="Mark Item Received" src="images/return.png" border="0" title="Mark Item Received" /></a>
|
||||
<a href="item.php?action=edit&itemid={$row.itemid}"><img alt="Edit Item" src="images/pencil.png" border="0" title="Edit Item" /></a>
|
||||
<a rel="confirmitemdelete" data-content="{$row.description|escape:'htmlall'}" href="item.php?action=delete&itemid={$row.itemid}"><img alt="Delete Item" src="images/bin.png" border="0" alt="Delete" title="Delete Item" /></a>
|
||||
<a rel="confirmitemdelete" data-content="{$row.name|escape:'htmlall'}" href="item.php?action=delete&itemid={$row.itemid}"><img alt="Delete Item" src="images/bin.png" border="0" alt="Delete" title="Delete Item" /></a>
|
||||
</td>
|
||||
</tr>
|
||||
{/foreach}
|
||||
|
|
|
|||
|
|
@ -36,8 +36,11 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
highlight: validate_highlight,
|
||||
success: validate_success,
|
||||
rules: {
|
||||
description: {
|
||||
name: {
|
||||
required: true,
|
||||
maxlength: 100
|
||||
},
|
||||
description: {
|
||||
maxlength: 255
|
||||
},
|
||||
category: {
|
||||
|
|
@ -49,7 +52,6 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
"number": true
|
||||
},
|
||||
source: {
|
||||
required: true,
|
||||
maxlength: 255
|
||||
},
|
||||
ranking: {
|
||||
|
|
@ -65,8 +67,11 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
}
|
||||
},
|
||||
messages: {
|
||||
name: {
|
||||
required: "The item's name is required.",
|
||||
maxlength: "The item's name must be 100 characters or less."
|
||||
},
|
||||
description: {
|
||||
required: "The item's description is required.",
|
||||
maxlength: "The item's description must be 255 characters or less."
|
||||
},
|
||||
category: {
|
||||
|
|
@ -78,7 +83,6 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
"number": "Price must be a valid number."
|
||||
},
|
||||
source: {
|
||||
required: "A source to buy the item is required.",
|
||||
maxlength: "The source must be 255 characters or less."
|
||||
},
|
||||
ranking: {
|
||||
|
|
@ -130,10 +134,19 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
{elseif $action == "add" || (isset($haserror) && $action == 'insert')}
|
||||
<input type="hidden" name="action" value="insert">
|
||||
{/if}
|
||||
<div class="control-group {if isset($name_error)}warning{/if}">
|
||||
<label class="control-label" for="name">Name</label>
|
||||
<div class="controls">
|
||||
<input id="name" name="name" type="text" value="{$name|escape:'htmlall'}" class="input-xlarge" placeholder="Name" maxlength="100">
|
||||
{if isset($name_error)}
|
||||
<span class="help-inline">{$name_error}</span>
|
||||
{/if}
|
||||
</div>
|
||||
</div>
|
||||
<div class="control-group {if isset($description_error)}warning{/if}">
|
||||
<label class="control-label" for="description">Description</label>
|
||||
<div class="controls">
|
||||
<input id="description" name="description" type="text" value="{$description|escape:'htmlall'}" class="input-xlarge" placeholder="Description" maxlength="255">
|
||||
<textarea id="description" name="description" class="input-xlarge" rows="2" cols="40">{$description|escape:'htmlall'}</textarea>
|
||||
{if isset($description_error)}
|
||||
<span class="help-inline">{$description_error}</span>
|
||||
{/if}
|
||||
|
|
@ -143,7 +156,6 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
<label class="control-label" for="category">Category</label>
|
||||
<div class="controls">
|
||||
<select id="category" name="category" class="input-xlarge">
|
||||
<option value="">Uncategorized</option>
|
||||
{foreach from=$categories item=row}
|
||||
<option value="{$row.categoryid}" {if $row.categoryid == $category}SELECTED{/if}>{$row.category|escape:'htmlall'}</option>
|
||||
{/foreach}
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
<tr>
|
||||
<th><a href="mylist.php?sort=ranking">Ranking</a></th>
|
||||
<th><a href="mylist.php?sort=source">Source</a></th>
|
||||
<th><a href="mylist.php?sort=description">Description</a></th>
|
||||
<th><a href="mylist.php?sort=name">Name</a></th>
|
||||
<th><a href="mylist.php?sort=category">Category</a></th>
|
||||
<th><a href="mylist.php?sort=price">Price</a></th>
|
||||
</tr>
|
||||
|
|
@ -66,7 +66,7 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
<tr>
|
||||
<td>{$row.rendered}</td>
|
||||
<td>{$row.source|escape:'htmlall'}</td>
|
||||
<td>{$row.description|escape:'htmlall'}</td>
|
||||
<td>{$row.name|escape:'htmlall'}</td>
|
||||
<td>{$row.category|escape:'htmlall'}</td>
|
||||
<td>{$row.price}</td>
|
||||
</tr>
|
||||
|
|
|
|||
|
|
@ -47,6 +47,7 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
</li>
|
||||
{/if}
|
||||
<li><a href="login.php?action=logout">Logout</a></li>
|
||||
<li><a href="help.php">Help</a></li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -139,6 +139,13 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
E-mail me a copy of every message
|
||||
</div>
|
||||
</div>
|
||||
<div class="control-group">
|
||||
<label class="control-label" for="show_helptext">Show help text</label>
|
||||
<div class="controls">
|
||||
<input type="checkbox" id="show_helptext" name="show_helptext" {if $show_helptext}CHECKED{/if}>
|
||||
Show help messages on pages
|
||||
</div>
|
||||
</div>
|
||||
<div class="control-group">
|
||||
<label class="control-label" for="comment">Comments / shipping address / etc. (optional)</label>
|
||||
<div class="controls">
|
||||
|
|
|
|||
|
|
@ -87,13 +87,13 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
<table class="table table-bordered table-striped">
|
||||
<thead>
|
||||
<tr>
|
||||
<th><a href="shop.php?shopfor={$shopfor}&sort=description">Description</a></th>
|
||||
<th><a href="shop.php?shopfor={$shopfor}&sort=name">Name</a></th>
|
||||
<th><a href="shop.php?shopfor={$shopfor}&sort=ranking">Rank</a></th>
|
||||
<th><a href="shop.php?shopfor={$shopfor}&sort=category">Category</a></th>
|
||||
<th><a href="shop.php?shopfor={$shopfor}&sort=price">Price</a></th>
|
||||
<th><a href="shop.php?shopfor={$shopfor}&sort=source">Store/Location</a></th>
|
||||
<th><a href="shop.php?shopfor={$shopfor}&sort=status">Status</a></th>
|
||||
<th> </th>
|
||||
<th>Actions</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
|
|
@ -103,7 +103,7 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
{if $row.url != ''}
|
||||
<a href="{$row.url}" target="_blank">
|
||||
{/if}
|
||||
{$row.description|escape:'htmlall'}
|
||||
<span title="{$row.description|escape:'htmlall'}">{$row.name|escape:'htmlall'}</span>
|
||||
{if $row.url != ''}
|
||||
</a>
|
||||
{/if}
|
||||
|
|
@ -114,7 +114,7 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|||
<a rel="lightbox" href="{$opt.image_subdir}/{$row.image_filename}" title="{$row.description|escape:'htmlall'}"><img src="images/image.png" border="0" alt="Image" /></a>
|
||||
{/if}
|
||||
</td>
|
||||
<td nowrap>{$row.rendered}</td>
|
||||
<td nowrap>{$row.rendered} </td>
|
||||
<td>{$row.category|default:" "}</td>
|
||||
<td align="right">{$row.price}</td>
|
||||
<td>{$row.source|escape:'htmlall'}</td>
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue