Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[6992] trunk
|
From: <te...@us...> - 2014-11-18 02:23:27
|
Revision: 6992
http://sourceforge.net/p/web-erp/reponame/6992
Author: tehonu
Date: 2014-11-18 02:23:21 +0000 (Tue, 18 Nov 2014)
Log Message:
-----------
Added script UserLocations.php. Does the same thing as LocationUsers.php but the other way around. Selecting an user, can maintain the locations she is authorized to.
Modified Paths:
--------------
trunk/includes/MainMenuLinksArray.php
trunk/sql/mysql/upgrade4.11-4.12.sql
Added Paths:
-----------
trunk/UserLocations.php
Added: trunk/UserLocations.php
===================================================================
--- trunk/UserLocations.php (rev 0)
+++ trunk/UserLocations.php 2014-11-18 02:23:21 UTC (rev 6992)
@@ -0,0 +1,264 @@
+<?php
+/* $Id: LocationUsers.php 6806 2013-09-28 05:10:46Z daintree $*/
+
+include('includes/session.inc');
+$Title = _('User Authorised Inventory Locations Maintenance');
+$ViewTopic = 'Inventory';// Filename in ManualContents.php's TOC.
+$BookMark = 'LocationUsers';// Anchor's id in the manual's html document.
+include('includes/header.inc');
+
+echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/money_add.png" title="' . _('User Authorised Locations') . '" alt="" />' . ' ' . $Title . '</p>';
+
+if (isset($_POST['SelectedLocation'])) {
+ $SelectedLocation = mb_strtoupper($_POST['SelectedLocation']);
+} elseif (isset($_GET['SelectedLocation'])) {
+ $SelectedLocation = mb_strtoupper($_GET['SelectedLocation']);
+} else {
+ $SelectedLocation = '';
+}
+
+if (isset($_POST['SelectedUser'])) {
+ $SelectedUser = mb_strtoupper($_POST['SelectedUser']);
+} elseif (isset($_GET['SelectedUser'])) {
+ $SelectedUser = mb_strtoupper($_GET['SelectedUser']);
+}
+
+if (isset($_POST['Cancel'])) {
+ unset($SelectedUser);
+ unset($SelectedLocation);
+}
+
+if (isset($_POST['Process'])) {
+ if ($_POST['SelectedUser'] == '') {
+ prnMsg(_('You have not selected any User'), 'error');
+ echo '<br />';
+ unset($SelectedUser);
+ unset($_POST['SelectedUser']);
+ }
+}
+
+if (isset($_POST['submit'])) {
+
+ $InputError = 0;
+
+ if ($_POST['SelectedLocation'] == '') {
+ $InputError = 1;
+ prnMsg(_('You have not selected an inventory location to be authorised for this user'), 'error');
+ echo '<br />';
+ unset($SelectedUser);
+ }
+
+ if ($InputError != 1) {
+
+ // First check the user is not being duplicated
+
+ $CheckSql = "SELECT count(*)
+ FROM locationusers
+ WHERE loccode= '" . $_POST['SelectedLocation'] . "'
+ AND userid = '" . $_POST['SelectedUser'] . "'";
+
+ $CheckResult = DB_query($CheckSql);
+ $CheckRow = DB_fetch_row($CheckResult);
+
+ if ($CheckRow[0] > 0) {
+ $InputError = 1;
+ prnMsg(_('The location') . ' ' . $_POST['SelectedLocation'] . ' ' . _('is already authorised for this user'), 'error');
+ } else {
+ // Add new record on submit
+ $SQL = "INSERT INTO locationusers (loccode,
+ userid,
+ canview,
+ canupd)
+ VALUES ('" . $_POST['SelectedLocation'] . "',
+ '" . $_POST['SelectedUser'] . "',
+ '1',
+ '1')";
+
+ $msg = _('User') . ': ' . $_POST['SelectedUser'] . ' ' . _('authority to use the') . ' ' . $_POST['SelectedLocation'] . ' ' . _('location has been changed');
+ $Result = DB_query($SQL);
+ prnMsg($msg, 'success');
+ unset($_POST['SelectedLocation']);
+ }
+ }
+} elseif (isset($_GET['delete'])) {
+ $SQL = "DELETE FROM locationusers
+ WHERE loccode='" . $SelectedLocation . "'
+ AND userid='" . $SelectedUser . "'";
+
+ $ErrMsg = _('The Location user record could not be deleted because');
+ $Result = DB_query($SQL, $ErrMsg);
+ prnMsg(_('User') . ' ' . $SelectedUser . ' ' . _('has had their authority to use the') . ' ' . $SelectedLocation . ' ' . _('location removed'), 'success');
+ unset($_GET['delete']);
+} elseif (isset($_GET['ToggleUpdate'])) {
+ $SQL = "UPDATE locationusers
+ SET canupd='" . $_GET['ToggleUpdate'] . "'
+ WHERE loccode='" . $SelectedLocation . "'
+ AND userid='" . $SelectedUser . "'";
+
+ $ErrMsg = _('The Location user record could not be deleted because');
+ $Result = DB_query($SQL, $ErrMsg);
+ prnMsg(_('User') . ' ' . $SelectedUser . ' ' . _('has had their authority to update') . ' ' . $SelectedLocation . ' ' . _('location removed'), 'success');
+ unset($_GET['ToggleUpdate']);
+}
+
+if (!isset($SelectedUser)) {
+
+ /* It could still be the second time the page has been run and a record has been selected for modification - SelectedLocation will exist because it was sent with the new call. If its the first time the page has been displayed with no parameters
+ then none of the above are true. These will call the same page again and allow update/input or deletion of the records*/
+ echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">';
+ echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />
+ <table class="selection">
+ <tr>
+ <td>' . _('Select User') . ':</td>
+ <td><select name="SelectedUser">';
+
+ $Result = DB_query("SELECT userid,
+ realname
+ FROM www_users
+ ORDER BY userid");
+
+ echo '<option value="">' . _('Not Yet Selected') . '</option>';
+ while ($MyRow = DB_fetch_array($Result)) {
+ if (isset($SelectedUser) and $MyRow['userid'] == $SelectedUser) {
+ echo '<option selected="selected" value="';
+ } else {
+ echo '<option value="';
+ }
+ echo $MyRow['userid'] . '">' . $MyRow['userid'] . ' - ' . $MyRow['realname'] . '</option>';
+
+ } //end while loop
+
+ echo '</select></td></tr>';
+
+ echo '</table>'; // close main table
+ DB_free_result($Result);
+
+ echo '<div class="centre">
+ <input type="submit" name="Process" value="' . _('Accept') . '" />
+ <input type="submit" name="Cancel" value="' . _('Cancel') . '" />
+ </div>';
+
+ echo '</form>';
+
+}
+
+//end of ifs and buts!
+if (isset($_POST['process']) or isset($SelectedUser)) {
+ $SQLName = "SELECT realname
+ FROM www_users
+ WHERE userid='" . $SelectedUser . "'";
+ $Result = DB_query($SQLName);
+ $MyRow = DB_fetch_array($Result);
+ $SelectedUserName = $MyRow['realname'];
+
+ echo '<div class="centre"><a href="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">' . _('Authorised inventory locations for') . ' ' . $SelectedUserName . '</a></div>
+ <form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">
+ <input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />
+ <input type="hidden" name="SelectedUser" value="' . $SelectedUser . '" />';
+
+ $SQL = "SELECT locationusers.loccode,
+ canview,
+ canupd,
+ locations.locationname
+ FROM locationusers INNER JOIN locations
+ ON locationusers.loccode=locations.loccode
+ WHERE locationusers.userid='" . $SelectedUser . "'
+ ORDER BY locations.locationname ASC";
+
+ $Result = DB_query($SQL);
+
+ echo '<table class="selection">';
+ echo '<tr>
+ <th colspan="6"><h3>' . _('Authorised Inventory Locations for User') . ': ' . $SelectedUserName . '</h3></th>
+ </tr>';
+ echo '<tr>
+ <th>' . _('Code') . '</th>
+ <th>' . _('Name') . '</th>
+ <th>' . _('View') . '</th>
+ <th>' . _('Update') . '</th>
+ </tr>';
+
+ $k = 0; //row colour counter
+
+ while ($MyRow = DB_fetch_array($Result)) {
+ if ($k == 1) {
+ echo '<tr class="EvenTableRows">';
+ $k = 0;
+ } else {
+ echo '<tr class="OddTableRows">';
+ $k = 1;
+ }
+
+ if ($MyRow['canupd'] == 1) {
+ $ToggleText = '<td><a href="%s?SelectedLocation=%s&ToggleUpdate=0&SelectedUser=' . $SelectedUser . '" onclick="return confirm(\'' . _('Are you sure you wish to remove Update for this location?') . '\');">' . _('Remove Update') . '</a></td>';
+ } else {
+ $ToggleText = '<td><a href="%s?SelectedLocation=%s&ToggleUpdate=1&SelectedUser=' . $SelectedUser . '" onclick="return confirm(\'' . _('Are you sure you wish to add Update for this location?') . '\');">' . _('Add Update') . '</a></td>';
+ }
+
+ printf('<td>%s</td>
+ <td>%s</td>
+ <td>%s</td>
+ <td>%s</td>' .
+ $ToggleText . '
+ <td><a href="%s?SelectedLocation=%s&delete=yes&SelectedUser=' . $SelectedUser . '" onclick="return confirm(\'' . _('Are you sure you wish to un-authorise this location?') . '\');">' . _('Un-authorise') . '</a></td>
+ </tr>',
+ $MyRow['loccode'],
+ $MyRow['locationname'],
+ $MyRow['canview'],
+ $MyRow['canupd'],
+ htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8'),
+ $MyRow['loccode'],
+ htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8'),
+ $MyRow['loccode']);
+ }
+ //END WHILE LIST LOOP
+ echo '</table>';
+
+ if (!isset($_GET['delete'])) {
+
+
+ echo '<table class="selection">'; //Main table
+
+ echo '<tr>
+ <td>' . _('Select Location') . ':</td>
+ <td><select name="SelectedLocation">';
+
+ $Result = DB_query("SELECT loccode,
+ locationname
+ FROM locations
+ WHERE NOT EXISTS (SELECT locationusers.loccode
+ FROM locationusers
+ WHERE locationusers.userid='" . $SelectedUser . "'
+ AND locationusers.loccode=locations.loccode)
+ ORDER BY locationname");
+
+ if (!isset($_POST['SelectedLocation'])) {
+ echo '<option selected="selected" value="">' . _('Not Yet Selected') . '</option>';
+ }
+ while ($MyRow = DB_fetch_array($Result)) {
+ if (isset($_POST['SelectedLocation']) and $MyRow['loccode'] == $_POST['SelectedLocation']) {
+ echo '<option selected="selected" value="';
+ } else {
+ echo '<option value="';
+ }
+ echo $MyRow['loccode'] . '">' . $MyRow['locationname'] . '</option>';
+
+ } //end while loop
+
+ echo '</select>
+ </td>
+ </tr>
+ </table>'; // close main table
+ DB_free_result($Result);
+
+ echo '<div class="centre">
+ <input type="submit" name="submit" value="' . _('Accept') . '" />
+ <input type="submit" name="Cancel" value="' . _('Cancel') . '" />
+ </div>
+ </form>';
+
+ } // end if user wish to delete
+}
+
+include('includes/footer.inc');
+?>
Modified: trunk/includes/MainMenuLinksArray.php
===================================================================
--- trunk/includes/MainMenuLinksArray.php 2014-11-17 06:45:51 UTC (rev 6991)
+++ trunk/includes/MainMenuLinksArray.php 2014-11-18 02:23:21 UTC (rev 6992)
@@ -507,6 +507,7 @@
$MenuItems['system']['Maintenance']['Caption'] = array( _('Inventory Categories Maintenance'),
_('Inventory Locations Maintenance'),
_('Inventory Location Authorised Users Maintenance'),
+ _('User Authorised Inventory Locations Maintenance'),
_('Discount Category Maintenance'),
_('Units of Measure'),
_('MRP Available Production Days'),
@@ -518,6 +519,7 @@
$MenuItems['system']['Maintenance']['URL'] = array( '/StockCategories.php',
'/Locations.php',
'/LocationUsers.php',
+ '/UserLocations.php',
'/DiscountCategories.php',
'/UnitsOfMeasure.php',
'/MRPCalendar.php',
Modified: trunk/sql/mysql/upgrade4.11-4.12.sql
===================================================================
--- trunk/sql/mysql/upgrade4.11-4.12.sql 2014-11-17 06:45:51 UTC (rev 6991)
+++ trunk/sql/mysql/upgrade4.11-4.12.sql 2014-11-18 02:23:21 UTC (rev 6992)
@@ -1,6 +1,6 @@
INSERT INTO `config` VALUES ('InvoiceQuantityDefault','1');
ALTER TABLE `www_users` ADD `dashboard` TINYINT NOT NULL DEFAULT '0';
-UPDATE config SET confvalue='4.12' WHERE confname='VersionNumber';
+INSERT INTO `scripts` VALUES ('UserLocations.php', '15', 'Location User Maintenance');
-
+UPDATE config SET confvalue='4.12' WHERE confname='VersionNumber';
\ No newline at end of file
|
