Subversion Repositories computer_asset_manager_v1

<?php

   define(VERSION,'1.6.2');

   define(BUILD_DATE,'$Date: 2017-07-28 15:26:29 -0500 (Fri, 28 Jul 2017) $');

   define(SVN_REV,'$Rev: 67 $' );

   include_once("database.php");

   include_once("library.php");

   include_once('reports.php');

   global $MODULE_REPORTS;

   $MODULE_REPORTS = array('main device screen' => 1);

   define ('SQL_GET_MODULES',

     "select a.key_name 'module',

             a.theValue 'script', 

             b.theValue 'path' 

      from _system a join _system b using ( key_name )

      where

         a.group_name = '<screen>' 

         and b.group_name = 'Modules' 

         and a.removed_date is null

         and b.removed_date is null"

   );

   define ('SQL_SHOW_SITES',

      "select concat('<a href=\"index.html?site_id=',site.site_id,'\">', site.name,'</a>') 'Site',

              count(*) 'Devices',

              concat('<a href=\"edit.html?site_id=',site.site_id,'\">Edit</a>') Action

       from client_site site left outer join current_systems device using (site_id)

       where <whereClause>

       group by site.site_id

       order by site.name"

   );

   define ('SQL_SHOW_DEVICES',

      "select concat('<a href=\"show_device.html?device_id=',device.device_id,'\">',device.name,'</a>') 'Device',

       device_type.name 'Type',

       concat('<a href=\"edit.html?device_id=',device.device_id,'\">Edit</a>') Action

       from device join device_type on device.device_type_id = device_type.device_type_id

            join site on device.site_id = site.site_id

            join client on site.client_id = client.client_id

       where device_type.show_as_system = 'Y' 

             and device.removed_date is null

             and <whereClause>

       order by device_type.name,device.name"

   );

   define ('SQL_SHOW_CLIENTS',

      "select max(concat('<a href=\"index.html?client_id=',client.client_id,'\">',client.name,'</a>')) 'Client', 

              count(*) 'Sites',

              concat('<a href=\"edit.html?client_id=',client.client_id,'\">Edit</a>') Action

       from client left outer join site using (client_id)

       where site.removed_date is null and

             <whereClause>

       group by client.client_id

       order by client.name"

   );

   define ('SQL_SHOW_DEVICE', '

      select device.device_id "ID",

             concat(client.name, \' - \', site.name) "Site",

             device_type.name "Type",

             device.name "Name",

             device.serial "Serial",

             device.notes "Notes",

             device.restrictions "Restrictions",

             partof.name "Part Of",

             date(device.added_date) "Added",

             date(device.removed_date) "Removed"

      from device join site on device.site_id = site.site_id 

           join client on site.client_id = client.client_id 

           join device_type on device.device_type_id = device_type.device_type_id 

           left outer join device as partof on partof.device_id = device.part_of

      where device.device_id = <device_id>

   ');

   $LOGIN_PAGE = $_SESSION['html root'] . '/login.html';

   function verifyLogin( $username, $password ) {

      $sql = "select login_id login_id, email, where_clause

              from login 

              where email = " . makeSafeSQLValue($username) . ' 

                    and pass = md5(' . makeSafeSQLValue($password) . ") 

                    and removed_date is null";

      $info = queryDatabaseExtended( $sql );

      if ( $info['count'] == 1 ) {

         $info = $info['data'][0];

         $_SESSION['login_id'] = ($info['login_id'] ? $info['login_id'] : -1);

         $_SESSION['email'] = $info['email'];

         $_SESSION['where_clause'] = $info['where_clause'];

         redirectPage('index.html');

      } else {

         return false;

      }

   }

   function setAuth ( $whereClause = 'true' ) {

      if ( iAmAdministrator() ) return $whereClause;

      $whereClause = " ($whereClause)"; // ensure that the whereClause passed will not override our limits

      switch ( $_SESSION['where_clause'] ) {

         case '' : $whereClause .= ' and false'; // no login allowed if empty string

                  break;

         default : $whereClause .= ' and ' . $_SESSION['where_clause'];

      }

      return $whereClause;

   }

   function iAmAdministrator () {

      return ($_SESSION['where_clause'] == 'ADMINISTRATOR');

   }

   /*

      function takes a screen name and looks it up in $MODULE_REPORTS to translate to a bit position.

      It will then search the report table in the database to determine which reports need to be run, passing the values in the 

      $parameters array to the run command, can capturing the output.

      function then returns the html output of the report(s) back to the calling program, which can then paste it into the current

      screen.

      The concept is that a particular screen may need some sub reports. For example, the display device screen in the Main module

      will want to display the information about the device taken from the device_attrib table. To do this, a report is defined

      using the query 

         select attrib.name,device_attrib.value 

         from device_attrib join attrib using (attrib_id) 

         where device_id = <device_id> and device_attrib.removed_date is null

      where <device_id> is replaced by the report class.

      The calling routine would pass 'device_id' => '1' in the parameters array (if the current device had a device_id of 1) and this

      routine would run the report and return the results.

      This allows newer modules to add reports to existing screens simply by creating a report and setting up parameters correctly.

      BY CONVENTION, the following parameters are passed, if applicable:

         device_id      - numeric ID of the device in question

         device_name    - ascii name of the device in question

         site_id        - numeric ID of the site in question

         client_id      - numeric ID of the client in question

         added_date     - value for added_date

         removed_date   - value for removed_date

     Not all reports will use the above values, but if they are passed in to the parameters array, they will not cause problems with

     the report

     NOTE: the reports will still run in interactive mode. In the above query, it will ask for the device.

   */

   function screenReports ( $screenName, $parameters = array(), $showTitle = false ) {

      global $MODULE_REPORTS;

      $result = '';

      if ($MODULE_REPORTS[$screenName]) {

         $sql = 'select report_id from report where screen_report = ' . $MODULE_REPORTS[$screenName];

         $reportIDs = sqlValuesToKeys ($sql);

         // print "<pre>"; print_r( $parameters ); print "</pre>";

         foreach ( $reportIDs as $thisReport => $data ) {

            $report = new Report;

            $report->loadFromDatabase ( $thisReport );

            $result .= $report->run($parameters, '', $showTitle );

         }

      }

      return $result;

   }

   if ($_SESSION['file system root']) { // this is only set if we have logged in

      $InstalledModules = array();

      // get module information

      $data = queryDatabaseExtended( "select theValue from _system where removed_date is null and group_name = 'Modules'");

      if ($data) {

         foreach ($data['data'] as $row) {

            $InstalledModules[] = $row['theValue'];

         }

         // note, we are only going to include the datagase.php. All other stuff is left to the individual modules

         // $_SESSION['file system root'] is set in login.php, and is the path to the root of this application, so all else is relative

         foreach ($InstalledModules as $directory) {

            include_once( $_SESSION['file system root'] . "/$directory/database.php" );

         }

      }

   }

   /* 

    * finds out if there is a callable script for this screen in the various modules.

    * if so, will call the script and return the output

    * index is an array of the form 'device_id' => $device_id

    * call this as

    * print callableOutput( 'device view', array( 'device_id' => $device_id );

    */

   function callableOutput( $screen, $index ) {

      $result = '';

      $sql = insertValuesIntoQuery(SQL_GET_MODULES,array( 'screen' => $screen ));

      $modules = queryDatabaseExtended( $sql );

      if ( $modules ) {

         $modules = $modules['data'];

         $parameters = $index;

/*         $output = array();

         $output = "$screen\n" . print_r( $index, true) . print_r( $modules, true ) . "\n$sql\n"

         file_put_contents( '/home/rodolico/www/web/computer_asset_manager_v1/modules/file/queryout.sql', implode( "\n", $output)  );

*/

         foreach ( $modules as $report ) {

            $module = $report['module'];

            list($library, $function ) = explode (':', $report['path'] . $report['script']);

            //print "$library - $function<br />\n";

            if ( file_exists( $library ) ) {

               require_once "$library";

               if ( is_callable( $function ) ) {

                  $content = call_user_func( $function, $parameters );

                  if ( $content )

                     $result .= "<div><h4>$module</h4>$content</div>\n";

               }

            }

         }

      }

      return $result;

   } // callableOutput

?>