<?php
/**
 * The Strangecode Codebase - a general application development framework for PHP
 * For details visit the project site: <http://trac.strangecode.com/codebase/>
 * Copyright 2001-2012 Strangecode, LLC
 *
 * This file is part of The Strangecode Codebase.
 *
 * The Strangecode Codebase is free software: you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as published by the
 * Free Software Foundation, either version 3 of the License, or (at your option)
 * any later version.
 *
 * The Strangecode Codebase is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
 * details.
 *
 * You should have received a copy of the GNU General Public License along with
 * The Strangecode Codebase. If not, see <http://www.gnu.org/licenses/>.
 */

/**
 * %ADMIN_SCRIPT%
 *
 * Generated by module_maker.cli.php on %DATE%
 */

require_once dirname(__FILE__) . '/_config.inc.php';

$auth->requireLogin();

require_once 'codebase/lib/PageNumbers.inc.php';
require_once 'codebase/lib/Cache.inc.php';
require_once 'codebase/lib/FormValidator.inc.php';
require_once 'codebase/lib/SortOrder.inc.php';
require_once 'codebase/lib/TemplateGlue.inc.php';
require_once 'codebase/lib/Prefs.inc.php';
require_once 'codebase/lib/Lock.inc.php';
require_once 'codebase/lib/Version.inc.php';
%ADMIN_UPLOAD_INCLUDE%

/********************************************************************
* CONFIG
********************************************************************/

// Titles and navigation header.
$nav->add(_("%TITLE%"), null);

// The object to validate form input.
$fv = new FormValidator();

// Configure the prefs object.
$tmp_prefs = new Prefs('%NAME_PLURAL%');
$tmp_prefs->setParam(array('persistent' => false));

// Configure the cache object.
$cache =& Cache::getInstance('%NAME_PLURAL%');
$cache->setParam(array('enabled' => true, 'expires' => 60));

%SORT_ORDER%

// Instantiate page numbers. Total items are set and calculation is done in the getCachedList function.
$page = new PageNumbers();
$page->setPerPage(getFormData('per_page'), 100);
$page->setPageNumber(getFormData('page_number', (getFormData('sort') ? 1 : null)));

// Query parameters to retain always.
$app->carryQuery(array(
    'filter___///__',
));

// Query parameters to retain only locally.
$locally_carried_queries = array(
    'search_query',
);
%ADMIN_UPLOAD_CONFIG%
/********************************************************************
* MAIN
********************************************************************/
 %ADMIN_UPLOAD_INIT%
// We may want to use the add/edit interface from another script, so this
// allows us to remember which page we came from so we can go back there.
if (getFormData('boomerang', false) && isset($_SERVER['HTTP_REFERER'])) {
    $app->setBoomerangURL($_SERVER['HTTP_REFERER'], '%NAME_PLURAL%');
}

if (getFormData('break_list_cache', false)) {
    // Remove any stale cached list data.
    $cache->delete('%NAME_SINGULAR% list');
}

// What action to take.
switch (getFormData('op')) {

case 'add':
    // Initialize variables for the form template.
    $frm = addRecordForm();
    $nav->add(_("Add %ITEM_TITLE%"));
    $main_template = '%ADMIN_FORM_TEMPLATE%';
    break;

case 'edit':
    // Initialize variables for the form template.
    $frm = editRecordForm(getFormData('%PRIMARY_KEY%'));
    $nav->add(_("Edit %ITEM_TITLE%"));
    $main_template = '%ADMIN_FORM_TEMPLATE%';
    break;

case 'del':
    deleteRecord(getFormData('%PRIMARY_KEY%'));%ADMIN_UPLOAD_DEL%
    if ($app->validBoomerangURL('%NAME_PLURAL%')) {
        // Display boomerang page.
        $app->dieBoomerangURL('%NAME_PLURAL%', $locally_carried_queries);
    }
    // Display default page.
    $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries);
    break;

case 'insert':
    if (getFormdata('cancel', false)) {
        if ($app->validBoomerangURL('%NAME_PLURAL%')) {
            // Display boomerang page.
            $app->dieBoomerangURL('%NAME_PLURAL%', $locally_carried_queries);
        }
        // Display default page.
        $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries);
    }
    validateInput();
    if ($fv->anyErrors()) {
        $frm = addRecordForm();
        $frm = array_merge($frm, getFormData());
        $nav->add(_("Add %ITEM_TITLE%"));
        $main_template = '%ADMIN_FORM_TEMPLATE%';
    } else {
        $%PRIMARY_KEY% = insertRecord(getFormData());%ADMIN_UPLOAD_INSERT%
        if (getFormdata('repeat', false)) {
            // Display function again.
            $app->dieURL($_SERVER['PHP_SELF'] . '?op=add', $locally_carried_queries);
        } else if ($app->validBoomerangURL('%NAME_PLURAL%')) {
            // Display boomerang page.
            $app->dieBoomerangURL('%NAME_PLURAL%', $locally_carried_queries);
        }
        // Display default page.
        $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries);
    }
    break;

case 'update':
    if (getFormdata('reset', false)) {
        $app->raiseMsg(_("Saved values have been reloaded."), MSG_NOTICE, __FILE__, __LINE__);
        $app->dieURL($_SERVER['PHP_SELF'] . '?op=edit&%PRIMARY_KEY%=' . getFormData('%PRIMARY_KEY%'), $locally_carried_queries);
    }
    if (getFormdata('cancel', false)) {
        // Remove lock
        $lock->select('%DB_TBL%', '%PRIMARY_KEY%', getFormData('%PRIMARY_KEY%'));
        $lock->remove();
        if ($app->validBoomerangURL('%NAME_PLURAL%')) {
            // Display boomerang page.
            $app->dieBoomerangURL('%NAME_PLURAL%', $locally_carried_queries);
        }
        // Display default page.
        $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries);
    }
    validateInput();
    if ($fv->anyErrors()) {
        $frm = editRecordForm(getFormData('%PRIMARY_KEY%'));
        $frm = array_merge($frm, getFormData());
        $nav->add(_("Edit %ITEM_TITLE%"));
        $main_template = '%ADMIN_FORM_TEMPLATE%';
    } else {%ADMIN_UPLOAD_UPDATE%
        updateRecord(getFormData());
        if (getFormdata('repeat', false)) {
            // Display edit function with next available ID.
            $qid = $db->query("SELECT %PRIMARY_KEY% FROM %DB_TBL% WHERE %PRIMARY_KEY% > '" . $db->escapeString(getFormData('%PRIMARY_KEY%')) . "' ORDER BY %PRIMARY_KEY% ASC LIMIT 1");
            if (list($next_id) = mysql_fetch_row($qid)) {
                $app->dieURL($_SERVER['PHP_SELF'] . '?op=edit&%PRIMARY_KEY%=' . $next_id, $locally_carried_queries);
            } else {
                $app->raiseMsg(_("Cannot edit next, the end of the list was reached"), MSG_NOTICE, __FILE__, __LINE__);
            }
        } else if ($app->validBoomerangURL('%NAME_PLURAL%')) {
            // Display boomerang page.
            $app->dieBoomerangURL('%NAME_PLURAL%', $locally_carried_queries);
        }
        // Display default page.
        $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries);
    }
    break;

case _("Save rank") :
    updateRank(getFormData('rank'));
    $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries);
    break;

default :
    $list =& getCachedList();
    $main_template = '%ADMIN_LIST_TEMPLATE%';
    break;
}

/********************************************************************
* OUTPUT
********************************************************************/

$nav->set('id', '%NAME_PLURAL%');

include 'header.ihtml';
$app->carryQuery($locally_carried_queries);
include $main_template;
include 'footer.ihtml';

/********************************************************************
* FUNCTIONS
********************************************************************/

%FORM_VALIDATION%

function addRecordForm()
{
    // Set default values for the reset of the fields.
    $frm = array(
        %SET_VALUES_DEFAULT%,
        'new_op' => 'insert',
        'submit_buttons' => array(
            array('name' => 'submit', 'value' => _("Add %ITEM_TITLE%"), 'accesskey' => 's'),
            array('name' => 'repeat', 'value' => _("Add &amp; repeat"), 'accesskey' => 'r'),
            array('name' => 'cancel', 'value' => _("Cancel"), 'accesskey' => 'c'),
        ),
    );

    return $frm;
}

function editRecordForm($id)
{
    global $lock, $locally_carried_queries;
    $db =& DB::getInstance();
    $app =& App::getInstance();

    $lock->select('%DB_TBL%', '%PRIMARY_KEY%', $id);
    if ($lock->isLocked() && !$lock->isMine()) {
        $lock->dieErrorPage();
    }

    // Get the information for the form.
    $qid = $db->query("
        SELECT *
        FROM %DB_TBL%
        WHERE %PRIMARY_KEY% = '" . $db->escapeString($id) . "'
    ");
    if (!$frm = mysql_fetch_assoc($qid)) {
        $app->logMsg('Could not find record with %PRIMARY_KEY%: ' . $id, LOG_WARNING, __FILE__, __LINE__);
        $app->raiseMsg(sprintf(_("The requested record %s could not be found."), $id), MSG_ERR, __FILE__, __LINE__);
        $app->dieBoomerangURL('%NAME_PLURAL%', $locally_carried_queries);
    }

    // Lock this record.
    $lock->set('%DB_TBL%', '%PRIMARY_KEY%', $id, $frm['__///__']);

    // Set misc values for the form.
    $frm = array_merge(array(
        %SET_VALUES_DEFAULT%,
        'new_op' => 'update',
        'submit_buttons' => array(
            array('name' => 'submit', 'value' => _("Save changes"), 'accesskey' => 's'),
            array('name' => 'repeat', 'value' => _("Save & edit next"), 'accesskey' => 'e'),
            array('name' => 'reset', 'value' => _("Reset"), 'accesskey' => 'r'),
            array('name' => 'cancel', 'value' => _("Cancel"), 'accesskey' => 'c'),
        ),
    ), $frm);

    return $frm;
}

function deleteRecord($id)
{
    global $lock, $cache, $locally_carried_queries;
    $db =& DB::getInstance();
    $app =& App::getInstance();

    $lock->select('%DB_TBL%', '%PRIMARY_KEY%', $id);
    if ($lock->isLocked() && !$lock->isMine()) {
        $lock->dieErrorPage();
    }

    // Remove any stale cached list data.
    $cache->delete('%NAME_SINGULAR% list');

    // Get the information for this object.
    $qid = $db->query("
        SELECT __///__
        FROM %DB_TBL%
        WHERE %PRIMARY_KEY% = '" . $db->escapeString($id) . "'
    ");
    if (! list($name) = mysql_fetch_row($qid)) {
        $app->logMsg('Could not find record with %PRIMARY_KEY%: ' . $id, LOG_WARNING, __FILE__, __LINE__);
        $app->raiseMsg(sprintf(_("The requested record %s could not be found."), $id), MSG_ERR, __FILE__, __LINE__);
        $app->dieBoomerangURL('%NAME_PLURAL%', $locally_carried_queries);
    }

    // Delete the record.
    $db->query("DELETE FROM %DB_TBL% WHERE %PRIMARY_KEY% = '" . $db->escapeString($id) . "'");

    $app->raiseMsg(sprintf(_("The %ITEM_TITLE% <em>%s</em> has been deleted."), $name), MSG_SUCCESS, __FILE__, __LINE__);

    // Unlock record.
    $lock->remove();
}

function insertRecord($frm)
{
    global $auth;
    global $cache;
    $db =& DB::getInstance();
    $app =& App::getInstance();

    // Remove any stale cached list data.
    $cache->delete('%NAME_SINGULAR% list');

%INSERT%
    $last_insert_id = mysql_insert_id($db->getDBH());

    // Create version.
    $version = Version::getInstance($auth);
    $version->create('%DB_TBL%', '%PRIMARY_KEY%', $last_insert_id, $frm['__///__']);

    $app->raiseMsg(sprintf(_("The %ITEM_TITLE% <em>%s</em> has been added."), $frm['__///__']), MSG_SUCCESS, __FILE__, __LINE__);

    return $last_insert_id;
}

function updateRecord($frm)
{
    global $auth;
    global $lock;
    global $cache;
    $db =& DB::getInstance();
    $app =& App::getInstance();

    $lock->select('%DB_TBL%', '%PRIMARY_KEY%', $frm['%PRIMARY_KEY%']);
    if ($lock->isLocked() && !$lock->isMine()) {
        $lock->dieErrorPage();
    }

    // Remove any stale cached list data.
    $cache->delete('%NAME_SINGULAR% list');

%UPDATE%

    // Create version.
    $version = Version::getInstance($auth);
    $version->create('%DB_TBL%', '%PRIMARY_KEY%', $frm['%PRIMARY_KEY%'], $frm['__///__']);

    $app->raiseMsg(sprintf(_("The %ITEM_TITLE% <em>%s</em> has been updated. <a href=\"%s\" class=\"small secondary button\">Edit again</a>"), $frm['__///__'], $app->ohref('?op=edit&%PRIMARY_KEY%=' . $frm['%PRIMARY_KEY%'])), MSG_SUCCESS, __FILE__, __LINE__);

    // Unlock record.
    $lock->remove();
}

function &getCachedList()
{
    global $page;
    global $so;
    global $tmp_prefs;
    global $cache;
    $db =& DB::getInstance();
    $app =& App::getInstance();

    $where_clause = '';

    // Build search query if available.
    if (getFormData('search_query', false)) {
        $qry_words = preg_split('/[^\w]/', getFormData('search_query'));
        for ($i=0; $i<sizeof($qry_words); $i++) {
%SEARCH%
        }
    }

    if (getFormData('filter___///__', false)) {
        // Limit by filter.
        $where_clause .= (empty($where_clause) ? 'WHERE' : ' AND') . " __///__ = '" . $db->escapeString(getFormData('filter___///__')) . "'";
    }

    // Count the total number of records so we can do something about the page numbers.
    $qid = $db->query("
        SELECT COUNT(*)
        FROM %DB_TBL%
        $where_clause
    ");
    list($num_results) = mysql_fetch_row($qid);

    // Set page numbers now we know (needed for next step).
    $page->setTotalItems($num_results);
    $page->calculate();

    // Final SQL, with sort and page limiters.
    $sql = "
        SELECT
            %DB_TBL%.*,
            a1.username AS added_by_username,
            a2.username AS modified_by_username
        FROM %DB_TBL%
        LEFT JOIN user_tbl a1 ON (%DB_TBL%.added_by_user_id = a1.user_id)
        LEFT JOIN user_tbl a2 ON (%DB_TBL%.modified_by_user_id = a2.user_id)
        $where_clause
        " . $so->getSortOrderSQL() . "
        " . $page->getLimitSQL() . "
    ";

    // Use a cache hash to determine if the result-set has changed.
    // A unique key for this query, with the total_items in case db records
    // were added since the last cache. This identifies a unique set of
    // cached data, but we must refer to the list that is cached by a more
    // generic name. so that we can flush the cache (if records updated)
    // without knowing the hash.
    $cache_hash = md5($sql . '|' . $page->total_items);
    if ($tmp_prefs->get('cache_hash') != $cache_hash) {
        $cache->delete('%NAME_SINGULAR% list');
        $tmp_prefs->set('cache_hash', $cache_hash);
    }

    // First try to return from the cache.
    if ($cache->exists('%NAME_SINGULAR% list')) {
        $list = $cache->get('%NAME_SINGULAR% list');
        return $list;
    }

    // The list was not cached, so issue the real query.
    $qid = $db->query($sql);
    while ($row = mysql_fetch_assoc($qid)) {
        $list[] = $row;
    }

    // Save this list into the cache.
    if (isset($list) && !empty($list)) {
        $cache->set('%NAME_SINGULAR% list', $list);
    }

    return $list;
}

function updateRank($ranks)
{
    global $cache;
    $db =& DB::getInstance();
    $app =& App::getInstance();

    if (!is_array($ranks)) {
        $app->logMsg('Saving rank failed, data posted is not an array: ' . $ranks, LOG_ERR, __FILE__, __LINE__);
        return false;
    }

    // Remove any stale cached list data.
    $cache->delete('%NAME_SINGULAR% list');

    // Count the ranks with invalid numbers
    $unspecified_counter = 0;

    // Go through the array of new ranks.
    foreach ($ranks as $id => $new_rank) {
        if ('' == trim($new_rank) || !is_numeric($new_rank) || $new_rank > 2147483646) {
            // Unspecified entries receive a sort order of 10000.
            $new_rank = 10000;
            $unspecified_counter++;
        }
        $db->query("
            UPDATE %DB_TBL% SET
                rank = '" . $db->escapeString($new_rank) . "'
            WHERE %PRIMARY_KEY% = '" . $db->escapeString($id) . "'
        ");
    }

    $app->raiseMsg(_("Records have been reordered with the new rank."), MSG_SUCCESS, __FILE__, __LINE__);
    if ($unspecified_counter > 0) {
        $app->raiseMsg(sprintf(_("%s items with unspecified ranks were automatically assigned a rank of 10000."), $unspecified_counter), MSG_NOTICE, __FILE__, __LINE__);
    }
}