<?php
/**
* @author Bettina Schwarzer, Fritz-Haber-Institut
* @copyright 12/2012
*
* INSERT/UPDATE/(DELETE) Mitarbeiter
*
*/
error_reporting(E_ALL ^ E_NOTICE);
session_start();
if (! isset($_SESSION["userid"]))
{
include_once ("inc/func_lib.inc.php");
login($_SERVER["PHP_SELF"]);
exit;
}
if (is_null($_SESSION["recht"]) || (!is_null($_SESSION["recht"]) && !in_array("mtr",$_SESSION["recht"]) && !in_array("mte",$_SESSION["recht"])))
{
header("Location: start.php");
exit;
}
include_once($_SERVER['DOCUMENT_ROOT'] ."/fhiiqm/inc/dbconnect.inc.php");
if (!isset($dbc) || !$dbc) $dbc = new dbconnection();
$sub = $_POST["eintragen"];
$del = $_POST["del"];
$ma = $_POST["ma"];
$okn = $_POST["okn"];
$ok = $_POST["ok"];
if (!$okn) $ok=0;
$pid = $_GET["i"]; // persknr
$sort = $_GET["s"]; // Sortierung nach Spalte
$dir = $_GET["d"]; // Sortierrichtung
$fnum = $_GET["f"]; // Spaltennummer, nach der aktuell gefiltert wird
$filter = $_GET["b"]; // Filterbegriff
$getp = "&s=$sort&d=$dir&f=$fnum&b=$filter"; // Parameter Listenanzeige
// print_r ($ma); echo "<br />sub = $sub<br /><br />";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<link href="/fhiiqm/css/db.css" rel="STYLESHEET" type="TEXT/CSS" media="screen"/>
<link href="/fhiiqm/css/db_print.css" rel="STYLESHEET" type="TEXT/CSS" media="print"/>
<link type="text/css" href="/fhiiqm/css/jquery/ui-lightness-1.8.21/jquery-ui-1.8.21.custom.css" rel="Stylesheet" />
<script type="text/javascript" src="/fhiiqm/js/jquery/jquery-1.7.2.min.js"></script>
<script type="text/javascript" src="/fhiiqm/js/jquery/jquery-ui-1.8.21.custom.min.js"></script>
<title>MA/O bearbeiten</title>
<script type="text/javascript">
<!--
var counter = 0;
var limit = 99;
var arr = new Array();
var arra = new Array();
var arrg = new Array();
function addInput(divName){
if (counter == limit) {
alert("Das Limit von " + counter + " zusätzlichen inputs ist erreicht");
}
else
{
if (divName == 'addtel')
{
var newdiv = document.createElement('div');
var opt="<option value='-1'></option>";
var i;
for (var key in arr)
{
opt = opt.concat("<option value='",key,"'>",arr[key],"</option>\n" );
}
opt += "</select>\n";
newdiv.innerHTML = "<span></span><select name='ma[tel][]'>"+opt;
newdiv.innerHTML += " oder neu <input type='text' name='ma[ntel][]' size='20' maxlength='20' />";
opt = "<option value='-1'></option>";
for (i=1; i<10; i++)
{
opt = opt.concat("<option value=",i,">",i,"</option>\n");
}
opt += "</select>\n";
newdiv.innerHTML += " Priorität <select name='ma[so][]'>"+opt;
newdiv.innerHTML += " öffentlich <input type='checkbox' name='ma[pub][" + (counter+1) + "]' value='1' />\n";
document.getElementById(divName).appendChild(newdiv);
counter++;
}
else
{
var newdiv = document.createElement('div');
var opt="";
var optg="<option value='-1'></option>";
for (var key in arra)
{
opt = opt.concat("<option value='",key,"'>",arra[key],"</option>\n" );
}
opt += "</select>\n";
newdiv.innerHTML = "<span></span><select name='ma[abt][]'>"+opt;
for (var key in arrg)
{
optg = optg.concat("<option value='",key,"'>",arrg[key],"</option>\n" );
}
optg += "</select>\n";
newdiv.innerHTML += " Arbeitsgruppe <select name='ma[rag][]'>"+optg;
document.getElementById(divName).appendChild(newdiv);
counter++;
}
}
}
function delInput(divId){
var kn = document.getElementById(divId);
while (kn.childNodes.length>0 && kn.lastChild.nodeName != "SPAN" && kn.lastChild.nodeName != "A")
{
// alert ("vor "+kn.lastChild.nodeName+", nodetyp = "+ kn.lastChild.nodeType);
var knc = kn.lastChild;
document.getElementById(divId).removeChild(knc);
}
// if (kn.lastChild.nodeName == "SELECT") document.getElementById(divId).removeChild(kn.lastChild);
if (kn.lastChild.nodeName == "SPAN") document.getElementById(divId).removeChild(kn.lastChild);
}
//-->
</script>
</head>
<body>
<script type="text/javascript">
<!--
$(document).ready(function() {
$("#fhi").focus();
$("#nname").autocomplete({
source: "/fhiiqm/inc/ma_ldap_ac.inc.php",
minLength: 2,
select: function(event,ui){// $("#nname").val(ui.item.id);
$("#vname").val(ui.item.id2);
$("#email").val(ui.item.id3); }
});
});
//-->
</script>
<?php
echo " ";
echo "<div class=\"float-br smaller\" valign='top'>";
echo " user: " . $_SESSION["userid"];
echo " <a class='sc' href='/fhiiqm/logout.php' title='Session beenden'>logout</a></div>\n";
echo "<div class=\"float-r\"><img src=\"img/group.png\" border=\"0\" alt=\"Mitarbeiter bearbeiten\" title=\"Mitarbeiter bearbeiten\"/></div>\n";
if ($pid) $text = "editieren"; else $text = "erfassen";
echo "<div align=\"center\">";
echo "<h3>Mitarbeiter/Objekte $text</h3>";
echo "</div>\n";
if ((!$sub && !$del) || !isset($ma) || !$ok)
{
if ($pid && (!$sub || !$del) && !isset($ma))
{
$sql = "SELECT nachname,vorname,titel,abt_tel,email,aktiv,timestamp,userid FROM Mitarbeiter WHERE persknr=$pid";
if ($result = $dbc -> queryObjectArray($sql))
{
foreach ($result as $row)
{
$ma['name'] = $row->nachname;
$ma['vname'] = $row->vorname;
$ma['titel'] = $row->titel;
$ma['abtm'] = $row->abt_tel;
$ma['email'] = $row->email;
$ma['fhi'] = ($row->aktiv == 1)? 1 : 0;
$ma["tstmp"] = $row->timestamp;
$ma["uid"] = $row->userid;
}
}
// Arbeitsgruppe, Abteilung
$sql = "SELECT mr.rag_ID, abt_ID FROM fhiiqm.MA_RaumArbGruppe mr INNER JOIN RaumArb_Gruppe r ON mr.rag_ID=r.rag_ID
WHERE persknr=$pid";
if ($result = $dbc -> queryObjectArray($sql))
{
foreach ($result as $row)
{
$ma['abt'][] = $row->abt_ID;
$ma['rag'][] = $row->rag_ID;
}
}
if (count($ma['abt']) == 0) $ma['abt'][] = $ma['abtm'];
// Haus,Raum
$sql = "SELECT ma.raum_ID, geb_ID FROM Mitarbeiter_Raum ma INNER JOIN Raum r ON ma.raum_ID=r.raum_ID
WHERE persknr=$pid ORDER BY raum_ID";
if ($result = $dbc -> queryObjectArray($sql))
{
foreach ($result as $row)
{
$ma['geb'] = $row->geb_ID;
$ma['raum'] = $row->raum_ID;
}
}
// Telefon
$sql = "SELECT m.telefon_nr,public,sort
FROM fhiiqm.MA_Telefon m INNER JOIN Telefon t ON m.telefon_nr=t.telefon_nr
WHERE persknr = $pid ORDER BY IFNULL(sort,99)" ;
if ($result = $dbc -> queryObjectArray($sql))
{
foreach ($result as $row)
{
$ma['tel'][] = $row->telefon_nr;
$ma['pub'][] = ($row->public)? 1 : 0;
$ma['so'][] = $row->sort;
}
}
}
include ($_SERVER["DOCUMENT_ROOT"]."/fhiiqm/form/ma_ed_form.inc.php");
if ($sub || $del)
{
if ($sub)
$frage = "Alle Angaben ok?";
elseif ($del)
$frage = "Mitarbeiter wirklich löschen?";
echo "<tr>
<td class=\"red\" valign=\"top\" align=\"left\">$frage</td>
<td><input type=\"checkbox\" name=\"ok\" value=\"1\"";
if ($ok) echo "checked=\"checked\"";
echo " /></td>\n</tr>\n";
}
if (!is_null($_SESSION["recht"]) && in_array("mte",$_SESSION["recht"]))
{
echo "
<tr><td> </td>\n
<td><input class=\"button\" type=\"submit\" name=\"eintragen\" value=\" eintragen \" />";
if ($pid)
{
echo " <input class=\"buttonr\" type=\"submit\" value=\"löschen\" name=\"del\" title=\"delete\" />";
// echo " <input class=\"button\" type=\"submit\" value=\"duplizieren\" name=\"dup\" title=\"delete\" />";
}
echo "</td></tr>\n";
}
echo "</table>\n";
echo "</div>\n";
echo "<p class='sc'> <a href=\"ma_tel_flist.php?e=1$getp\" target=\"_self\" title=\"Telefon-Liste\">« zur Telefon-Liste</a></p>\n";
echo "</form>\n";
}
else
{
echo "<div align='center'>\n";
$userid = $_SESSION["userid"];
if ($del)
{
if ($ma["fhi"])
{
// nur aktiv auf 0 setzen
$sql = "UPDATE Mitarbeiter SET aktiv=0, userid=$userid WHERE persknr = $pid";
$retdi = $dbc -> execute($sql);
$sql = "DELETE FROM Mitarbeiter_Raum WHERE persknr = $pid";
$retdi = $dbc -> execute($sql);
$sql = "DELETE FROM MA_Telefon WHERE persknr = $pid";
$retdi = $dbc -> execute($sql);
$sql = "DELETE FROM MA_RaumArbGruppe WHERE persknr = $pid";
$retdi = $dbc -> execute($sql);
}
else
{
$sql = "DELETE FROM Mitarbeiter WHERE persknr = $pid";
$retdi = $dbc -> execute($sql);
}
if ($retdi)
{
echo "<p class='green'><b>DELETE: Daten zu '".$ma["name"]. ", ". $ma['vname'] ."' wurden erfolgreich gelöscht.</b></p>\n";
}
else
{
echo "<p class='red'><b>DELETE: Daten zu '".$ma["name"]. ", ". $ma['vname'] ."' konnten nicht gelöscht werden!</b></p>\n";
echo "sql = $sql<br />";
echo "error DELETE: " . $dbc->error . "<br />";
}
include ($_SERVER['DOCUMENT_ROOT'] ."/fhiiqm/inc/ma_tel_dat_show.inc.php");
}
else //INSERT oder UPDATE
{
$stmt = $dbc -> stmtinit();
if (is_object($stmt))
{
if ($ma['fhi']) $aktiv = 1; else $aktiv = 2;
if ($ma['email'])
{
if (strpos($ma['email'],"@") > 0) $ma['email'] = $ma['email']; else $ma['email'] = $ma['email'] . "@fhi-berlin.mpg.de";
}
foreach ($ma as &$elem) if (!$elem) $elem = null; // NULL-Eintrag in Leerfelder
if ($pid) //UPDATE
{
// Abt. alt in aktualisierten Abteilungen?
if (!in_array($ma['abtm'],$ma['abt'])) $ma['abtm'] = $ma['abt'][0];
$stmt -> prepare("UPDATE Mitarbeiter SET
nachname = ?,
vorname = ?,
titel = ?,
email = ?,
abt_tel = ?,
aktiv = ?,
userid = ?
WHERE persknr = $pid");
$stmt -> bind_param('ssssiis',$ma['name'],$ma['vname'],$ma['titel'],$ma['email'],$ma['abtm'], $aktiv, $userid);
// echo "UPDATE: ". var_dump($stmt);
$result = $stmt -> execute();
if ($stmt->error) echo "error UPDATE Mitarbeiter: " . $stmt->error . "<br><br>\n";
}
else
{
$sql = "SELECT MAX(persknr) FROM Mitarbeiter WHERE persknr < 9500";
$pid = $dbc -> querySingleItem($sql) + 1;
$stmt -> prepare ("INSERT INTO Mitarbeiter (persknr, nachname, vorname, titel,email,abt_tel,aktiv,userid) VALUES (?,?,?,?,?,?,?,?)");
$stmt -> bind_param('issssiis',$pid,$ma['name'],$ma['vname'],$ma['titel'],$ma['email'],$ma['abt'][0], $aktiv, $userid);
$result = $stmt -> execute();
if ($stmt->error) echo "error INSERT Mitarbeiter: " . $stmt->error . "<br><br>\n";
$ma['abtm'] = $ma['abt'][0];
}
if ($result)
{
$ret = 1;
// raum
if ($ma["raum"] > "-1")
{
$sql = "DELETE FROM Mitarbeiter_Raum WHERE persknr=$pid";
$redr = $dbc -> execute($sql);
if ($redr)
{
$sql = "INSERT INTO Mitarbeiter_Raum (persknr, raum_ID) VALUES ($pid, " . $ma["raum"] . ")";
$ret = $dbc -> execute($sql);
}
}
if (is_array($ma["rag"]) && count($ma["rag"])>0)
{
$sql = "DELETE FROM MA_RaumArbGruppe WHERE persknr=$pid";
$redr = $dbc -> execute($sql);
if ($redr)
{
foreach ($ma['rag'] as $rag)
{
if ($rag > 0)
{
$sql = "INSERT INTO MA_RaumArbGruppe (persknr, rag_ID) VALUES ($pid, $rag)";
$retn = $dbc -> execute($sql);
if ($retn && $ret) $ret = 1; else $ret = 0;
}
}
}
}
if (is_array($ma['ntel']))
{
foreach ($ma['ntel'] as $tel)
{
if ($tel > "!")
{
$sql = "SELECT COUNT(*) FROM Telefon WHERE telefon_nr ='$tel'";
$anz = $dbc -> querySingleItem($sql);
if ( $anz == 0)
{
$sql = "INSERT INTO Telefon (telefon_nr) VALUES('$tel')";
$rest = $dbc -> execute($sql);
if ($rest && $ret) $ret = 1; else $ret = 0;
}
}
}
}
if ($ret)
{
foreach ($ma['so'] as &$prio)
if ($prio == '-1') $prio = null;
$sql = "DELETE FROM MA_Telefon WHERE persknr = $pid";
$redmt = $dbc -> execute($sql);
if ($redmt)
{
$i=0;
foreach ($ma['tel'] as $tel)
{
if ($tel >"!" && $tel != "-1")
{
if (!isset($ma['pub'][$i])) $ma['pub'][$i] = 'NULL';
if (!isset($ma['so'][$i])) $ma['so'][$i] = 'NULL';
$sql = "INSERT INTO MA_Telefon (persknr, telefon_nr, public, sort) VALUES ($pid,'$tel'," . $ma['pub'][$i] . ",". $ma['so'][$i] . ")";
$rest = $dbc -> execute($sql);
if ($rest && $ret) $ret = 1; else $ret = 0;
}
$i++;
}
$i=0;
foreach ($ma['ntel'] as $tel)
{
if ($tel >"!")
{
if (!isset($ma['pub'][$i])) $ma['pub'][$i] = 'NULL';
if (!isset($ma['so'][$i])) $ma['so'][$i] = 'NULL';
$sql = "INSERT INTO MA_Telefon (persknr, telefon_nr, public, sort) VALUES ($pid,'$tel'," . $ma['pub'][$i] . ",". $ma['so'][$i] . ")";
$rest = $dbc -> execute($sql);
if ($rest && $ret) $ret = 1; else $ret = 0;
}
$i++;
}
}
}
}
}
if ($result && $redmt && $ret) // INSERT/UPDATE Info
{
//Eingabe Daten erfolgreich
echo "<p class='green'><b>Mitarbeiterdaten zu " . $ma['name']. ", ". $ma['vname'] . " wurden erfolgreich gespeichert.</b></p>\n";
echo "<br /><br />\n";
}
else
{
echo "<p class='red'><b>Mitarbeiterdaten zu " . $ma['name']. ", ". $ma['vname'] . " wurden nicht oder nur teilweise gespeichert.</b></p>\n";
echo "error: ". $dbc -> error;
echo "<br /><br />\n";
}
include ($_SERVER['DOCUMENT_ROOT'] ."/fhiiqm/inc/ma_tel_dat_show.inc.php");
}
echo "</div>";
echo "<p class='sc'> <a href=\"ma_tel_flist.php?e=1$getp\" target=\"_self\" title=\"Telefonliste\">« zur Telefon-Liste</a></p>\n";
echo "<p class='sc'> <a href=\"".$_SERVER["PHP_SELF"]."\" target=\"_self\" title=\"Mitarbeiter erfassen\">Neuen Mitarbeiter erfassen</a></p>\n";
}
?>
</body>
</html>