Stand v. 31.08.2011
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<link href="css/db.css" rel="STYLESHEET" type="TEXT/CSS" />
<title>Eingabe Raumdaten</title>
</head>
<body>
<div class="float-r"><img src="img/house.png" border="0" alt="Raumdaten eingeben" title="Raumdaten eingeben"/></div>
<?php
/**
* @author Bettina Schwarzer, Fritz-Haber-Institut
* @copyright 07/2011
*
* INSERT Raumdaten
*/
error_reporting(E_ALL ^ E_NOTICE);
include_once($_SERVER['DOCUMENT_ROOT'] ."/fhiiqm/inc/dbconnect.inc.php");
//$dbc = new dbconnection();
$ok = $_POST["ok"];
$ins = $_POST["ins"];
$raum = $_POST["raum"];
if (!$raum['okn']) $ok=false;
// print_r($vtr);
// echo "<br><br>\n";
// echo "Vertragsbezeichnung: " . $vtr['cname'] ."<br><br>\n";
if (!$ok || !$ins || ($ins && is_uploaded_file($_FILES["rfile"]["tmp_name"]) && $raum['rfname']<'!'))
{
$upd = $ins; // wegen filename-Pruefung bei Upload
include_once("form/raum_form.inc.php");
if ($ins == "eingeben" )
{
echo
"<tr>
<td>Upload Raumplan </td>
<td><input type=\"file\" name=\"rfile\" size=\"50\" maxlength=\"50\" value=\"" .
$_FILES["rfile"]["name"] . "\"/></td>
</tr>";
$frage = "Alle Angaben ok?<br>
erst wenn Haken gesetzt, Upload-File wählen!";
echo "<tr>
<td class=\"red\" valign=\"top\" align=\"left\">$frage</td>
<td><input type=\"checkbox\" name=\"ok\" value=\"1\"";
if ($ok) echo "checked";
echo "></td>\n</tr>\n";
}
echo "<tr>\n";
echo "
<td> </td>
<td><input class=\"button\" type=\"submit\" value=\"eingeben\" name=\"ins\" title=\"insert\" /></td>\n";
echo "</tr>\n";
echo "</table>\n";
echo "</div>\n";
echo "</form>\n";
}
else
{
echo "<div align='center'>\n";
//daten speichern
// echo "1realer filename: " . $_FILES["vfile"]["name"] . "<br><br>\n";
//INSERT Raum
$raum['rbez'] = substr($raum['rbez'],0,50);
$raum['rnum'] = substr($raum['rnum'],0,10);
if ($raum['rtyp']== -1) $rtyp = "NULL"; else $rtyp = "'" . $raum['rtyp'] . "'";
// Filename Vertrag
$raum['rfname'] = substr($raum['rfname'],0,50);
if (isset($raum['rflae']) && $raum['rflae']>"0")
$raum['rflae'] = str_replace(",",".",$raum['rflae']);
else
$raum['rflae'] = null;
// $raum['rflae'] = "NULL";
if (!isset($dbc) || !$dbc)
$dbc = new dbconnection();
/*
$sql = "INSERT INTO Raum (raum_nr,raum_name,geb_ID,raumtyp_ID,raum_flaeche)
VALUES ('" . $raum['rnum'] . "', '" .
$raum['rbez'] . "', '" .
$raum['geb'] . "', '" .
$raum['rtyp'] . "', " .
$raum['rflae'] . ")";
echo "INSERT = $sql<br />\n";
$result=$dbc->execute($sql);
*/
// vermeiden von SQL-Injection
$stmt = $dbc -> stmtinit();
if (is_object($stmt))
{
if ($raum['rtyp']== -1) $raum['rtyp']=null;
$stmt -> prepare ("INSERT INTO Raum (raum_nr,raum_name,geb_ID,raumtyp_ID,raum_flaeche) VALUES (?,?,?,?,?)");
$stmt -> bind_param('ssssd', $raum['rnum'], $raum['rbez'], $raum['geb'], $raum['rtyp'], $raum['rflae']);
$result = $stmt -> execute();
}
if ($dbc->error) echo "error: " . $dbc->error . "<br><br>\n";
if ($result)
{ // INSERT o.k.
// raum_ID ermitteln
$rid = $dbc -> insertId();
// upload File
if (is_uploaded_file($_FILES["rfile"]["tmp_name"]) && isset($_FILES["rfile"]["name"]) && $_FILES["rfile"]["name"] )
{
include ("inc/file_upload.inc.php");
$fname = gen_filename($raum['rfname'],"rfile",$rid);
$retf = upload("rfile", $fname, $rid, "raeume"); // Datei prüfen und in Dokumentenverzeichnis verschieben
if ($retf)
{ // upload o.k.
//UPDATE des Filenamens
$sql = "UPDATE Raum SET raum_file = '" . $rid . "_" . $fname ."' WHERE raum_ID=$rid";
$retv=$dbc->execute($sql);
if (!$retv)
echo $dbc -> error . "<br>\n";
}
}
else $retf=1; //kein Raumplan hochgeladen
if ($result && $retf) // INSERT Raum
{
//Eingabe Daten, Upload File erfolgreich
echo "<p class='green'><b>Raumdaten zu ID '$rid' wurden erfolgreich gespeichert.</b></p>\n";
echo "<br /><br />\n";
// Anzeigen gespeicherte Raumdaten
if ($fname)
$rfile = $rid . "_" . $fname;
else
$rfile = $raum['rfname'];
include ("inc/raum_dat_show.inc.php");
}
}
$dbc -> close();
// Raumliste filtern mit zuletzt eingegeben Haus
$liste="?s=2&f=4&b=" . substr($raum["geb"],0,3);
echo "</div>\n";
echo "<p> <a href=\"raum_flist.php$liste\" target=\"_self\" title=\"Raumliste\">Zurück zur Raumliste</a></p>\n";
echo "<p> <a href=\"raum_ins.php\" target=\"_self\" title=\"Raum erfassen\">Weiteren Raum erfassen</a></p>\n";
}
?>
</body>
</html>