<?php
/**
* @author Bettina Schwarzer, Fritz-Haber-Institut
* @copyright 05/2011
*
* UPDATE/DELETE Vertragsdaten
*/
error_reporting(E_ALL ^ E_NOTICE);
session_start();
if (! isset($_SESSION["userid"]))
{
include_once ("inc/func_lib.inc.php");
login("vertrag_upd.php");
exit;
}
if (is_null($_SESSION["recht"]) || (!is_null($_SESSION["recht"]) && !in_array("vr",$_SESSION["recht"]) && !in_array("ve",$_SESSION["recht"])))
{
header("Location: start.php");
exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<link href="css/db.css" rel="STYLESHEET" type="TEXT/CSS" media="screen"/>
<link href="css/db_print.css" rel="STYLESHEET" type="TEXT/CSS" media="print"/>
<title>Aktualisieren Vertragsdaten</title>
</head>
<body>
<?php
echo " ";
echo "<div class=\"float-br smaller\" valign='top'>";
echo " user: " . $_SESSION["userid"];
echo " <a class='sc' href='/fhiiqm/logout.php' title='Session beenden'>logout</a></div>\n";
echo "<div class=\"float-r\"><img src=\"img/document_mark_as_final.png\" border=\"0\" alt=\"Vertragsdaten bearbeiten\" title=\"Vertragsdaten bearbeiten\"/></div>\n";
include_once($_SERVER['DOCUMENT_ROOT'] ."/fhiiqm/inc/dbconnect.inc.php");
include_once($_SERVER['DOCUMENT_ROOT'] ."/fhiiqm/inc/func_lib.inc.php");
$dbc = new dbconnection();
$cid = $_GET["uid"];
if (!$cid) $cid=3;
$zeil = $_GET["z"];
if (!$zeil) $zeil = 20; // Anzahl der gezeigten Zeilen
$start = $_GET["st"]; // Start bei DS $start+1
if (!$start) $start=0;
$sort = $_GET["s"]; // Sortierung nach Spalte
$dir = $_GET["d"]; // Sortierrichtung
$fnum = $_GET["f"]; // Spaltennummer, nach der aktuell gefiltert wird
$filter = $_GET["b"]; // Filterbegriff
$teil = $_GET["t"]; // t = 2 zu Vertragsliste Teil 2 zurueck
if ($teil == 2) $tlist = "vertrag_flist12.php"; else $tlist = "vertrag_flist1.php";
// $_GET-Parameter zurück zur Vertragliste mit den selben Einstellungen wie zuvor
$getp = "s=$sort&d=$dir&f=$fnum&b=$filter&st=$start&z=$zeil";
$ok = $_POST["ok"];
$upd = $_POST["upd"];
$del = $_POST["del"];
$vtr = $_POST["vertrag"];
if (!$vtr['okn']) $ok=false;
// print_r($vtr);
// echo "<br><br>\n";
// echo "Vertragsbezeichnung: " . $vtr['cname'] ."<br><br>\n";
if ($_FILES["vfile"]["error"] == 1 || $_FILES["vfile"]["error"] == 2)
{
if ($_FILES["vfile"]["error"] == 2)
echo "<p class='red'><b>Uploadfile zu ID '$cid' > 10 MByte!</b></p>\n";
$ok = 0;
}
if (!$ok && ((!$upd && !$del) || $upd || $del))
{
if (!$upd && !$del)
{
$sql = "SELECT contract_ID,contract_name,contract_s,contract_l,vtyp_ID,contract_begin,contract_end,
contract_autoend,contract_mon_notice,contract_file,Bemerkung,email_send
FROM fhiiqm.Vertrag WHERE contract_ID = $cid";
if ($result = $dbc ->queryObjectArray($sql))
{
foreach ($result as $row)
{
$vtr['cname'] = $row->contract_name;
// $vtr['cshort'] = $row->contract_s;
$vtr['clong'] = $row->contract_l;
$vtr['vtyp'] = $row->vtyp_ID;
$vtr['bjahr'] = substr($row->contract_begin,0,4);
$vtr['bmon'] = substr($row->contract_begin,5,2);
$vtr['btag'] = substr($row->contract_begin,8,2);
$vtr['ejahr'] = substr($row->contract_end,0,4);
$vtr['emon'] = substr($row->contract_end,5,2);
$vtr['etag'] = substr($row->contract_end,8,2);
$vtr['cautoend']= $row->contract_autoend;
$vtr['cnot'] = $row->contract_mon_notice;
$vtr['cfname'] = $row->contract_file;
$vtr['cbem'] = $row->Bemerkung;
$vtr['email'] = $row->email_send;
}
}
// Bearbeiter
$sql = "SELECT persknr FROM Vertrag_Bearbeiter WHERE contract_ID = $cid";
if ($result = $dbc ->queryObjectArray($sql))
{
foreach ($result as $row)
{
$vtr['cpers'][] = $row->persknr;
}
}
// Partner
$sql = "SELECT part_ID FROM Vertrag_Partner WHERE contract_ID = $cid";
if ($result = $dbc -> queryObjectArray($sql))
{
foreach ($result as $row)
{
$vtr['partid'] = $row->part_ID;
}
}
// Produkt
$sql = "SELECT produkt_ID FROM Produkt_Vertrag WHERE contract_ID = $cid";
if ($result = $dbc -> queryObjectArray($sql))
{
foreach ($result as $row)
{
$vtr['prodid'] = $row->produkt_ID;
}
}
// Kosten
if ($vtr['ejahr'])
$ejahr = $vtr['ejahr'];
elseif ($vtr["cautoend"] && !$vtr['ejahr']) // automatische Vertragsverlaengerung und kein Endjahr angegeben
$ejahr = date("Y");
else
$ejahr = $vtr['bjahr']; // Kosten nur im Startjahr
for ($i=(int)$vtr['bjahr']; $i< (int)$ejahr +1; $i++)
{ $ayear[] = $i; }
$sql = "SELECT k_year, kosten FROM Vertrag_Kosten WHERE contract_ID = $cid ORDER BY k_year ";
if ($result = $dbc -> queryObjectArray($sql))
{
foreach ($result as $row)
{
$j = array_search($row->k_year,$ayear);
if ( $j > -1 )
$vtr['kost'][$j] = str_replace('.',',',$row->kosten);
}
}
}
include_once("form/vertrag_form.inc.php");
if ($upd)
{
echo
"<tr>
<td>Upload Vertragsdokument </td>
<td><input type=\"file\" name=\"vfile\" size=\"50\" maxlength=\"50\" value=\"" .
$_FILES["vfile"]["name"] . "\"/></td>
</tr>";
}
if ($upd || $del)
{
if ($upd)
$frage = "Alle Angaben ok?<br>
erst wenn Haken gesetzt, Upload-File wählen!";
elseif ($del)
$frage = "Vertrag wirklich löschen?";
echo "<tr>
<td class=\"red\" valign=\"top\" align=\"left\">$frage</td>
<td><input type=\"checkbox\" name=\"ok\" value=\"1\"";
if ($ok) echo "checked";
echo "></td>\n</tr>\n";
}
if (!is_null($_SESSION["recht"]) && in_array("ve",$_SESSION["recht"]))
{
echo "<tr>\n";
echo "
<td> </td>
<td><input class=\"button\" type=\"submit\" value=\"ändern\" name=\"upd\" title=\"update\" />
<input class=\"buttonr\" type=\"submit\" value=\"löschen\" name=\"del\" title=\"delete\" /></td>\n";
echo "</tr>\n";
}
echo "</table>\n";
echo "</div>\n";
// if (!is_null($_SESSION["recht"]) && !in_array("ve",$_SESSION["recht"]))
echo "<p class='sc'> <a href=\"$tlist?$getp\" target=\"_self\" title=\"Vertragsliste\">« zur Vertragsliste</a></p>\n";
echo "</form>\n";
}
elseif ($ok && $upd)
{
echo "<div align='center'>\n";
//daten speichern
//UPDATE Vertrag
/*
if ($vtr['vtyp']== -1 || !(is_numeric($vtr['vtyp']))) $vtr['vtyp'] = "NULL";
if ($vtr['bjahr'] && $vtr['bmon'] && $vtr['btag'])
{
$vbegin = $vtr['bjahr'] . "-" . $vtr['bmon'] . "-" . $vtr['btag'];
$vbegin = "'$vbegin'";
$vbd = $vtr['btag'] . "." . $vtr['bmon'] . "." . $vtr['bjahr'];
}
else
$vbegin = "NULL";
if ($vtr['ejahr'] && $vtr['emon'] && $vtr['etag'])
{
$vend = $vtr['ejahr'] . "-" . $vtr['emon'] . "-" . $vtr['etag'];
$vend = "'$vend'";
$ved = $vtr['etag'] . "." . $vtr['emon'] . "." . $vtr['ejahr'];
}
else
$vend = "NULL";
if (!is_numeric($vtr['cnot'])) $vtr['cnot'] = "NULL";
if ($vtr['cbem']) $vtr['cbem'] = "'" . str_replace("'","\"",substr($vtr['cbem'],0,500)) . "'"; else $vtr['cbem']="NULL";
*/
$vtr['cname'] = substr($vtr['cname'],0,50);
// $vtr['cshort'] = substr($vtr['cshort'],0,50);
$vtr['clong'] = substr($vtr['clong'],0,100);
if ($vtr['vtyp']== -1 || !(is_numeric($vtr['vtyp']))) $vtr['vtyp'] = null;
$vbegin = date_obj($vtr['bjahr'], $vtr['bmon'], $vtr['btag']);
$vend = date_obj($vtr['ejahr'], $vtr['emon'], $vtr['etag']);
if (!is_numeric($vtr['cnot'])) $vtr['cnot'] = null;
if ($vtr['cbem']) $vtr['cbem'] = substr($vtr['cbem'],0,500); else $vtr['cbem']=null;
// Filename Vertrag
$vtr['cfname'] = substr($vtr['cfname'],0,50);
if (!isset($dbc) || !$dbc) $dbc = new dbconnection();
// alter Name Vertragsdocument
$sql = "SELECT contract_file FROM Vertrag WHERE contract_ID = $cid";
$vfile_old = $dbc -> querySingleItem($sql);
// upload File, wenn vorhanden
if (is_uploaded_file($_FILES["vfile"]["tmp_name"]) && isset($_FILES["vfile"]["name"]) && $_FILES["vfile"]["name"] )
{
include ("inc/file_upload.inc.php");
$fname = gen_filename($vtr['cfname'],"vfile",$cid); // Dateinamen generieren
$retdf = mod_file("/var/www/fhiiqm/documents",$cid,"","del"); // Loeschen alte Datei
$retf = upload("vfile", $fname, $cid); // Datei prüfen und in Dokumentenverzeichnis verschieben
}
else
{ // nur Aenderung Dateiname
include ("inc/file_upload.inc.php");
$fname = gen_filename($vtr['cfname'],$vfile_old,$cid,0);
$len = strlen($cid)+1;
if (substr($fname,0,$len) != "$cid" . "_") $fname = $cid . "_" . $fname;
if ($vtr['cfname'] != $vfile_old)
{
if ($vtr['cfname']>"!")
{
$retf = mod_file("/var/www/fhiiqm/documents",$cid,$fname,"upd"); // Umbenennen alte Datei
}
else
{ // Dateiname nicht angegeben, darf nicht vorkommen
$retf=1;
if ($vfile_old)
{ // Loeschen alte Datei
$retf = mod_file("/var/www/fhiiqm/documents",$cid,"","del");
}
}
}
else
{
//kein Upload, keine Dateinamenaenderung
$retf=1;
}
}
$len = strlen($cid)+1;
if (isset($fname) && $retf && (substr($fname,0,$len) != "$cid" . "_")) $cfile = $cid . "_" . $fname; else $cfile = $fname;
/*
if (isset($fname) && $retf) $cfile = "contract_file = '" . $cid . "_" . $fname . "', ";
$sql = "UPDATE fhiiqm.Vertrag SET
contract_name ='" . $vtr['cname'] ."',
-- contract_s ='" . $vtr['cshort'] ."',
contract_l ='" . $vtr['clong'] ."',
vtyp_ID = " . $vtr['vtyp'] . ",
contract_begin = $vbegin,
contract_end = $vend,
contract_mon_notice = " . $vtr['cnot'] . ", " .
$cfile .
"Bemerkung = " . $vtr['cbem'] ."
WHERE contract_ID = $cid" ;
$retv = $dbc -> execute($sql);
*/
$stmt = $dbc -> stmtinit();
if (is_object($stmt))
{
$stmt -> prepare("UPDATE fhiiqm.Vertrag SET
contract_name = ?,
contract_l = ?,
vtyp_ID = ?,
contract_begin = ?,
contract_end = ?,
contract_autoend = ?,
contract_mon_notice = ?,
contract_file = ?,
Bemerkung = ?,
email_send = ?
WHERE contract_ID = $cid") ;
$stmt -> bind_param('ssissiissi',$vtr["cname"],$vtr["clong"],$vtr['vtyp'],$vbegin,$vend,$vtr['cautoend'],$vtr['cnot'],$cfile,$vtr['cbem'],$vtr["email"]);
$retv = $stmt -> execute();
}
// echo "UPDATE-sql = \n";print_r($stmt); echo "<br />";
if (!$retv) echo "error update" . $dbc -> error ."<br />\n";
if ($retv)
{
// DELETE, INSERT n:m Tabellen
include ("inc/vertragtab_ins.inc.php");
}
// echo "retv=$retv, retb=$retb, retp=$retp, retd=$retd, retk=$retk<br />\n";
if ($retv && $retb && $retp && $retd && $retk)
{//Eingabe Daten, Upload File erfolgreich
echo "<p class='green'><b>Vertragsdaten zu ID '$cid' wurden erfolgreich gespeichert.</b></p>\n";
echo "<br /><br />\n";
// Anzeigen gespeicherte Vertragsdaten
/* if ($fname)
$cfile = $cid . "_" . $fname;
else
$cfile = $vtr['cfname'];
*/
include ("inc/vertrag_dat_show.inc.php");
}
}
elseif ($ok && $del)
{
// DELETE aus Tab Vertrag und abhaengigen Tabellen
echo "<div align='center'>\n";
$sql = "DELETE FROM Vertrag WHERE contract_ID = $cid";
$retvd = $dbc -> execute($sql);
if ($retvd)
{
include ("inc/file_upload.inc.php");
$retdf = mod_file("/var/www/fhiiqm/documents",$cid,"","del"); // Loeschen Dokument
if ($retdf) echo "<p class='green'><b>Vertragsdokument zu ID '$cid' wurde gelöscht.</b></p>\n";
echo "<p class='green'><b>Vertragsdaten zu ID '$cid' wurden gelöscht.</b></p>\n";
echo "<br /><br />\n";
// Anzeigen geloeschter Vertragsdaten
if ($fname)
$cfile = $cid . "_" . $fname;
else
$cfile = $vtr['cfname'];
include ("inc/vertrag_dat_show.inc.php");
}
}
if ($ok && ($upd || $del))
{
echo "</div><br /><br />\n";
echo "<p class='sc'> <a href=\"$tlist?$getp\" target=\"_self\" title=\"Vertragsliste\">Zurück zur Vertragsliste</a></p>\n";
echo "<p class='sc'> <a href=\"vertrag_ins.php\" target=\"_self\" title=\"Vertrag erfassen\">Weiteren Vertrag erfassen</a></p>\n";
}
?>
</body>
</html>