[go: up one dir, main page]
Menu

[95b4ce]: / prlDepartments.php  Maximize  Restore  History

Download this file

194 lines (144 with data), 7.0 kB 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
<?php



include('includes/session.inc');



$Title = _('Department of Company Section');



include('includes/header.inc');

include('includes/SQL_CommonFunctions.inc');

include('includes/prlFunctions.php');



if (isset($_GET['DepartmentID'])) {

	$DepartmentID = $_GET['DepartmentID'];

} elseif (isset($_POST['DepartmentID'])) {



	$DepartmentID = $_POST['DepartmentID'];

} else {

	unset($DepartmentID);

}

echo '<a href="prlUserSettings.php">' . _('Back to User Settings') . '</a>';



if (isset($_POST['submit'])) {



	//initialise no input errors assumed initially before we test



	$InputError = 0;



	/* actions to take once the user has clicked the submit button

	ie the page has called itself with some user input */



	//first off validate inputs sensible



	if (strpos(isset($_POST['departmentname']), '&') > 0 OR strpos(isset($_POST['departmentname']), "'") > 0) {

		$InputError = 1;

		prnMsg(_('The department name cannot contain the character') . " '&' " . _('or the character') . " '", 'error');

	}

	if (trim(isset($_POST['departmentname'])) == '') {

		$InputError = 1;

		prnMsg(_('The department name may not be empty'), 'error');

	}



	if (strlen(isset($DepartmentID)) == 0) {

		$InputError = 1;

		prnMsg(_('The department id cannot be empty'), 'error');

	}



	if ($InputError != 1) {



		if (!isset($_POST["New"])) {



			$SQL = "UPDATE prldepartment SET departmentname='" . DB_escape_string($_POST['departmentname']) . "',

						companyname='" . DB_escape_string($_POST['companyname']) . "'

						WHERE departmentid = '$DepartmentID'";



			$ErrMsg = _('The department could not be updated because');

			$DbgMsg = _('The SQL that was used to update the department table but failed was');

			$Result = DB_query($SQL, $ErrMsg, $DbgMsg);

			prnMsg(_('The department table master record for') . ' ' . $DepartmentID . ' ' . _('has been updated'), 'success');



		} else { //its a new cost center record



			$SQL = "INSERT INTO prldepartment (

							departmentid,

							departmentname,

							companyname)

					 VALUES ('$DepartmentID',

					 	'" . DB_escape_string($_POST['departmentname']) . "',

						'" . DB_escape_string($_POST['companyname']) . "')";

			$ErrMsg = _('The Department') . ' ' . $_POST['departmentname'] . ' ' . _('could not be added because');

			$DbgMsg = _('The SQL that was used to insert the Department table but failed was');

			$Result = DB_query($SQL, $ErrMsg, $DbgMsg);



			prnMsg(_('A newDepartment table for') . ' ' . $_POST['departmentname'] . ' ' . _('has been added to the database'), 'success');



			unset($DepartmentID);

			unset($_POST['departmentname']);

			unset($_POST['companyname']);



		}



	} else {



		prnMsg(_('Validation failed') . _('no updates or deletes took place'), 'warn');



	}



} elseif (isset($_POST['delete']) AND $_POST['delete'] != '') {



	//the link to delete a selected record was clicked instead of the submit button



	$CancelDelete = 0;



	// PREVENT DELETES IF DEPENDENT RECORDS FOUND

	if ($CancelDelete == 0) {

		$SQL = "DELETE FROM prldepartment WHERE departmentid='$DepartmentID'";

		$Result = DB_query($SQL);

		prnMsg(_('Department table record for') . ' ' . $DepartmentID . ' ' . _('has been deleted'), 'success');

		unset($DepartmentID);

		unset($_SESSION['DepartmentID']);

	}

}





if (!isset($DepartmentID)) {



	echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';



	echo '<input type="hidden" name="New" value="Yes">';



	echo '<table>';

	echo '<tr><td>' . _('Department ID') . ":</td><td><input type='text' name='DepartmentID' SIZE=5 MAXLENGTH=4></td></tr>";

	echo '<tr><td>' . _('Department Name') . ":</td><td><input type='text' name='departmentname' SIZE=41 MAXLENGTH=40></td></tr>";

	echo '<tr><td>' . _('Company Name') . ":</td><td><input type='text' name='companyname' SIZE=41 MAXLENGTH=40></td></tr>";

	echo "</select></td></tr>'</table><p><input type='Submit' name='submit' value='" . _('Insert New Department') . "'>";

	echo '</form>';



	$SQL = "SELECT departmentid,

			     departmentname,

				 companyname

			     FROM prldepartment

			     ORDER BY departmentid";



	$ErrMsg = _('Could not get cost center because');

	$Result = DB_query($SQL, $ErrMsg);



	echo '<table border=1>';

	echo "<tr>

		<th>" . _('Department ID') . "</td>

		<th>" . _('Department Name') . "</td>

		<th>" . _('Company Name') . "</td>

	</tr>";





	$k = 0; //row colour counter

	while ($MyRow = DB_fetch_row($Result)) {



		if ($k == 1) {

			echo "<tr bgcolor='#CCCCCC'>";

			$k = 0;

		} else {

			echo "<tr bgcolor='#EEEEEE'>";

			$k++;

		}

		echo '<td>' . $MyRow[0] . '</td>';

		echo '<td>' . $MyRow[1] . '</td>';

		echo '<td>' . $MyRow[2] . '</td>';

		echo '<td><a href="' . $_SERVER['PHP_SELF'] . '?&DepartmentID=' . $MyRow[0] . '">' . _('Edit') . '</a></td>';

		echo '<td><a href="' . $_SERVER['PHP_SELF'] . '?&DepartmentID=' . $MyRow[0] . '&delete=1">' . _('Delete') . '</a></td>';

		echo '</tr>';



	} //END WHILE LIST LOOP

	echo '</table><p>';





} else {



	echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';

	echo '<table>';



	//if (!isset($_POST["New"])) {

	if (!isset($_POST["New"])) {

		$SQL = "SELECT departmentid,

				departmentname,

				companyname

			FROM prldepartment

			WHERE departmentid = '$DepartmentID'";



		$Result = DB_query($SQL);

		$MyRow = DB_fetch_array($Result);



		$_POST['departmentname'] = $MyRow['departmentname'];

		$_POST['companyname'] = $MyRow['companyname'];

		echo '<input type="hidden" name="DepartmentID" value="' . $DepartmentID . '">';



	} else {

		// its a new cost center being added

		echo '<input type="hidden" name="New" value="Yes">';

		echo '<tr><td>' . _('Department ID') . ":</td><td><input type='text' name='DepartmentID' value='$DepartmentID' SIZE=5 MAXLENGTH=4></td></tr>";

	}

	echo "<tr><td>" . _('Department Name') . ':' . "</td><td><input type='Text' name='departmentname' SIZE=41 MAXLENGTH=40 value='" . $_POST['departmentname'] . "'></td></tr>";

	echo "<tr><td>" . _('Company Name') . ':' . "</td><td><input type='Text' name='companyname' SIZE=41 MAXLENGTH=40 value='" . $_POST['companyname'] . "'></td></tr>";

	echo '</select></td></tr>';



	if (isset($_POST["New"])) {

		echo "</table><p><input type='Submit' name='submit' value='" . _('Add These New Department Details') . "'></form>";

	} else {

		echo "</table><p><input type='Submit' name='submit' value='" . _('Update Department Table') . "'>";

		echo '<p><font color=red><B>' . _('WARNING') . ': ' . _('There is no second warning if you hit the delete button below') . '. ' . _('However checks will be made to ensure before the deletion is processed') . '<br /></FONT></B>';

		echo '<input type="Submit" name="delete" value="' . _('Delete Department Table') . '"  confirm("' . _('Are you sure you wish to delete this Department?') . '");"></form>';

	}



} // end of main ifs



include('includes/footer.inc');

?>