<?php
/**
* @author Bettina Schwarzer, Fritz-Haber-Institut
* @copyright 12/2011
*/
error_reporting(E_ALL ^ E_NOTICE);
session_start();
if (! isset($_SESSION["userid"]))
{
include_once ("inc/func_lib.inc.php");
login($_SERVER["PHP_SELF"]);
exit;
}
if (is_null($_SESSION["recht"]) || (!is_null($_SESSION["recht"]) && !in_array("ar",$_SESSION["recht"]) && !in_array("ae",$_SESSION["recht"])))
{
header("Location: start.php");
exit;
}
include_once($_SERVER["DOCUMENT_ROOT"]."/fhiiqm/inc/dbconnect.inc.php");
if (!isset($dbc) || !$dbc) $dbc = new dbconnection();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<link type="text/css" href="/fhiiqm/css/db.css" rel="Stylesheet" />
<link type="text/css" href="/fhiiqm/css/jquery/ui-lightness/jquery-ui-1.8.16.custom.css" rel="Stylesheet" />
<script type="text/javascript" src="/fhiiqm/js/jquery/jquery-1.6.2.min.js"></script>
<script type="text/javascript" src="/fhiiqm/js/jquery/jquery-ui-1.8.16.custom.min.js"></script>
<title>Risiko Anlage</title>
</head>
<body>
<?php
echo " ";
echo "<div class=\"float-br smaller\" valign='top'>";
echo " user: " . $_SESSION["userid"];
echo " <a class='sc' href='/fhiiqm/logout.php' title='Session beenden'>logout</a></div>\n";
echo "<div class=\"float-r\"><img src=\"img/rotate_01.png\" border=\"0\" alt=\"Anlage\" title=\"Anlage\"/></div>\n";
?>
<div align='center'>
<script>
$(document).ready(function() {
$("#arbez").focus();
$("#arbez").autocomplete({
source: "/fhiiqm/inc/al_list_ac.inc.php",
minLength: 2,
select: function(event,ui){$("#arid").val(ui.item.id);}
});
$("input").albez("long20").addClass("long20");
});
</script>
<?php
$ar = $_POST["ar"];
$arid = $_GET["i"];
$sub = $_POST["eintragen"];
$del = $_POST["del"];
$ok = $_POST["ok"];
if (!$ar['okn']) $ok=false;
// print_r($al);
if ($arid) $text = "editieren"; else $text = "erfassen";
echo "<h3>Risiko Anlage $text<h3>";
echo "</div>\n";
if (!$ok || (!$sub && !$del))
{
if ($arid && (!$sub || !$del) && !isset($ar))
{ // update
$sql = "SELECT risk_ID,r.al_ID,al_bez,risk_name,risk_probability,risk_damage,risk_sci_importance
FROM `fhiiqm`.`A_Risiko` r INNER JOIN
fhiiqm.Anlage a ON r.al_ID=a.al_ID
WHERE risk_ID = $arid";
if ($result = $dbc -> queryObjectArray($sql))
{
foreach ($result as $row)
{
$ar["bez"] = $row->al_bez;
$ar["risk"] = $row->risk_name;
$ar["rprob"]= str_replace(".",",",$row->risk_probability*100);
$ar["rdam"] = str_replace(".",",",$row->risk_damage);
$ar["rimp"] = str_replace(".",",",$row->risk_sci_importance);
$ar["id"] = $row->al_ID;
}
}
}
include ($_SERVER["DOCUMENT_ROOT"]."/fhiiqm/form/alrisk_form.inc.php");
if ($sub || $del)
{
if ($sub)
$frage = "Alle Angaben ok?";
elseif ($del)
$frage = "Risiko wirklich löschen?";
echo "<tr>
<td class=\"red\" valign=\"top\" align=\"left\">$frage</td>
<td><input type=\"checkbox\" name=\"ok\" value=\"1\"";
if ($ok) echo "checked";
echo "></td>\n</tr>\n";
}
if (!is_null($_SESSION["recht"]) && in_array("ae",$_SESSION["recht"]))
{
echo "
<tr><td> </td>\n
<td><input class=\"button\" type=\"submit\" name=\"eintragen\" value=\" eintragen \" />";
if ($arid)
echo " <input class=\"button\" type=\"submit\" value=\"löschen\" name=\"del\" title=\"delete\" />";
echo "</td></tr>\n";
}
echo "</table>\n";
echo "</div>\n";
if (!is_null($_SESSION["recht"]) && !in_array("ae", $_SESSION["recht"]))
echo "<p> <a href=\"alrisk_flist.php\" target=\"_self\" title=\"Risiko Anlagen\">« Liste Risiko Anlagen</a></p>\n";
echo "</form>\n";
}
else
{
echo "<div align='center'>\n";
$sql = "SELECT al_bez FROM fhiiqm.Anlage WHERE al_ID=".$ar[id];
$albez = $dbc->querySingleItem($sql);
if ($del)
{
$sql = "DELETE FROM A_Risiko WHERE risk_ID=$arid";
$res = $dbc -> execute($sql);
if ($res)
echo "<p class='green'><b>DELETE: Risiko '".substr($ar["risk"],0,20)." ' zu '$albez' wurde erfolgreich gelöscht.</b></p>\n";
else
echo "<p class='red'><b>DELETE: Risiko '".substr($ar["risk"],0,20)." ' zu '$albez' konnte nicht gelöscht werden!</b></p>\n";
}
else //INSERT oder UPDATE
{
$ar["rprob"]= str_replace(",",".",$ar["rprob"])/100;
$ar["rdam"] = str_replace(",",".",$ar["rdam"]);
$ar["rimp"] = str_replace(",",".",$ar["rimp"]);
$stmt = $dbc -> stmtinit();
if (is_object($stmt))
{
if ($arid)
{
//edit
$stmt->prepare("UPDATE fhiiqm.A_Risiko SET
al_ID = ?,
risk_name = ?,
risk_probability = ?,
risk_damage = ?,
risk_sci_importance = ?
WHERE risk_ID = $arid");
$stmt->bind_param("isddd",$ar["id"],$ar["risk"],$ar["rprob"],$ar["rdam"],$ar["rimp"]);
$res = $stmt -> execute();
// print_r($stmt);
if ($stmt->error) echo "UPDATE Anlagenrisiko, error: " . $stmt->errno . " - ". $stmt->error . "<br><br>\n";
if ($res)
echo "<p class='green'><b>UPDATE: Risiko '".substr($ar["risk"],0,20)." ' zu '$albez' wurde erfolgreich gespeichert.</b></p>\n";
else
echo "<p class='red'><b>UPDATE: Risiko '".substr($ar["risk"],0,20)." ' zu '$albez' konnte nicht gespeichert werden!</b></p>\n";
}
else
{
//insert
$stmt->prepare("INSERT INTO fhiiqm.A_Risiko (al_ID,risk_name,risk_probability,risk_damage,risk_sci_importance) VALUES(?,?,?,?,?)");
$stmt->bind_param("isddd",$ar["id"],$ar["risk"],$ar["rprob"],$ar["rdam"],$ar["rimp"]);
$res = $stmt -> execute();
// print_r($stmt);
if ($stmt->error) echo "INSERT Anlagenrisiko, error: " . $stmt->errno . " - ". $stmt->error . "<br><br>\n";
if ($res)
{
// risk_ID ermitteln
$arid = $dbc -> insertId();
echo "<p class='green'><b>INSERT: Risiko '".substr($ar["risk"],0,20)." ' zu '$albez' wurde erfolgreich gespeichert.</b></p>\n";
}
else
echo "<p class='red'><b>INSERT: Risiko '".substr($ar["risk"],0,20)." ' zu '$albez' konnte nicht gespeichert werden!</b></p>\n";
}
}
}
if ($res)
{
// Daten zeigen
echo "<table>\n";
echo "<tr><td>Risiko-ID: </td><td>" . $arid . "<td></td></tr>\n";
echo "<tr><td>Risikobezeichnung: </td><td>" . $ar['risk'] . "<td></td></tr>\n";
echo "<tr><td>Anlagenbezeichnung: </td><td>$albez<td></td></tr>\n";
echo "<tr><td>Risikowahrscheinlichkeit: </td><td>" . str_replace(".",",",$ar['rprob']*100) . " %<td></td></tr>\n";
echo "<tr><td>geschätze Schadenshöhe: </td><td>" . number_format($ar['rdam'],2,",",".") . " €<td></td></tr>\n";
echo "<tr><td>Wichtung der Bedeutung<br />für Forschungsbetrieb: </td><td class='valignb'>" . str_replace(".",",",$ar['rimp']) . "<td></td></tr>\n";
echo "</table>\n";
}
echo "</div>\n";
echo "<p> <a href=\"alrisk_flist.php\" target=\"_self\" title=\"Anlagenrisiko\">Risiko-Anlagen-Liste</a>\n";
}
?>
</body>
</html>