requireLogin(); $app->sslOn(); require_once 'codebase/lib/PageNumbers.inc.php'; require_once 'codebase/lib/Cache.inc.php'; require_once 'codebase/lib/SortOrder.inc.php'; require_once 'codebase/lib/HTML.inc.php'; require_once 'models/Payment.inc.php'; /******************************************************************** * CONFIG ********************************************************************/ // Titles and navigation header. $nav->add(_("Payments"), null); // Instantiate a sorting object with the default sort and order. Add SQL for each column. $so = new SortOrder('payment_tbl.payment_date', 'DESC'); $so->asc_widget = ''; $so->desc_widget = ''; $so->setColumn('payment_tbl.payment_id', 'payment_tbl.payment_id ASC', 'payment_tbl.payment_id DESC'); $so->setColumn('payment_tbl.account_id', 'payment_tbl.account_id ASC', 'payment_tbl.account_id DESC'); $so->setColumn('payment_tbl.payment_date', 'payment_tbl.payment_date ASC', 'payment_tbl.payment_date DESC'); $so->setColumn('payment_tbl.amount', 'payment_tbl.amount ASC', 'payment_tbl.amount DESC'); $so->setColumn('payment_tbl.status', 'payment_tbl.status ASC', 'payment_tbl.status DESC'); $so->setColumn('payment_tbl.type', 'payment_tbl.type ASC', 'payment_tbl.type DESC'); $so->setColumn('payment_tbl.stripe_charge_id', 'payment_tbl.stripe_charge_id ASC', 'payment_tbl.stripe_charge_id DESC'); $so->setColumn('payment_tbl.added_datetime', 'payment_tbl.added_datetime ASC', 'payment_tbl.added_datetime DESC'); $so->setColumn('payment_tbl.added_by_user_id', 'payment_tbl.added_by_user_id ASC', 'payment_tbl.added_by_user_id DESC'); $so->setColumn('payment_tbl.modified_datetime', 'payment_tbl.modified_datetime ASC', 'payment_tbl.modified_datetime DESC'); $so->setColumn('payment_tbl.modified_by_user_id', 'payment_tbl.modified_by_user_id ASC', 'payment_tbl.modified_by_user_id DESC'); // Instantiate page numbers. Total items are set and calculation is done in the getList method. $page = new PageNumbers(); $page->setPerPage(getFormData('per_page'), 100); $page->setPageNumber(getFormData('page_number')); // Query parameters to retain always. $app->carryQuery(array( 'filter_account_id', )); // Query parameters to retain only locally. $locally_carried_queries = array( 'q', ); /******************************************************************** * MAIN ********************************************************************/ // We may want to use the add/edit interface from another script, so this // allows us to remember which page we came from so we can go back there. if (getFormData('boomerang', false) && isset($_SERVER['HTTP_REFERER'])) { $app->setBoomerangURL($_SERVER['HTTP_REFERER'], 'payment'); } if (getFormData('break_list_cache', false)) { // Remove any stale cached list data. $cache->delete('payment list'); } // What action to take. switch (getFormData('op')) { case 'add' : // Bounce the user if they don't have permission to create a record. Payment::requireAllow('create'); // Initialize variables for the form template. $frm = getAddFields(); $nav->add(_("Add Payment")); $main_template = 'payment_form.inc.html'; break; case 'edit' : // Bounce the user if they don't have permission to update a record. Payment::requireAllow('update'); // Initialize variables for the form template. $frm = getEditFields(getFormData('payment_id')); $nav->add(_("Edit Payment")); $main_template = 'payment_form.inc.html'; break; case 'del' : $app->requireValidCSRFToken(); // Bounce the user if they don't have permission to delete the specified record. Payment::requireAllow('delete', Payment::get(array('payment_id' => getFormData('payment_id')), 1)); if ($del_row = Payment::get(array('payment_id' => getFormData('payment_id')), 1)) { Payment::delete(getFormData('payment_id')); $app->raiseMsg(sprintf(_("The payment %s has been deleted."), $del_row['payment_id']), MSG_SUCCESS, __FILE__, __LINE__); } if ($app->validBoomerangURL('payment')) { // Display boomerang page. $app->dieBoomerangURL('payment', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); break; case 'insert' : $app->requireValidCSRFToken(); if (getFormData('account_id')) { // Bounce the user if they don't have permission to create a record under the specified account_id. Payment::requireAllow('create', array(array('account_id' => getFormData('account_id')))); } else { // Bounce the user if they don't have permission to create a record at all. Payment::requireAllow('create'); } if (getFormdata('btn_cancel', false)) { if ($app->validBoomerangURL('payment')) { // Display boomerang page. $app->dieBoomerangURL('payment', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); } $fv = validateInput($fv); if ($fv->anyErrors()) { $frm = getAddFields(); $frm = array_merge($frm, getFormData()); $nav->add(_("Add Payment")); $main_template = 'payment_form.inc.html'; } else { $payment_id = Payment::insert(getFormData()); $app->raiseMsg(sprintf(_("The payment %s has been added."), getFormData('payment_id')), MSG_SUCCESS, __FILE__, __LINE__); if (getFormdata('btn_repeat', false)) { // Display function again. $app->dieURL($_SERVER['PHP_SELF'] . '?op=add', $locally_carried_queries); } else if ($app->validBoomerangURL('payment')) { // Display boomerang page. $app->dieBoomerangURL('payment', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); } break; case 'update' : $app->requireValidCSRFToken(); if (getFormData('account_id')) { // Bounce the user if they don't have permission to update the specified record or don't have permission to assign this record to the specified account_id. $check_rows = array_merge(Payment::get(array('payment_id' => getFormData('payment_id')), 1), array(array('account_id' => getFormData('account_id')))); Payment::requireAllow('update', $check_rows); } else { // Bounce the user if they don't have permission to update the specified record. Payment::requireAllow('update', Payment::get(array('payment_id' => getFormData('payment_id')), 1)); } if (getFormdata('btn_reset', false)) { $app->raiseMsg(_("Saved values have been reloaded."), MSG_NOTICE, __FILE__, __LINE__); $app->dieURL($_SERVER['PHP_SELF'] . '?op=edit&payment_id=' . getFormData('payment_id'), $locally_carried_queries); } if (getFormdata('btn_cancel', false)) { // Remove lock $lock->select('payment_tbl', 'payment_id', getFormData('payment_id')); $lock->remove(); if ($app->validBoomerangURL('payment')) { // Display boomerang page. $app->dieBoomerangURL('payment', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); } $fv = validateInput($fv); if ($fv->anyErrors()) { $frm = getEditFields(getFormData('payment_id')); $frm = array_merge($frm, getFormData()); $nav->add(_("Edit Payment")); $main_template = 'payment_form.inc.html'; } else { Payment::update(getFormData()); $app->raiseMsg(sprintf(_("The payment %s has been updated."), getFormData('payment_id')), MSG_SUCCESS, __FILE__, __LINE__); if (getFormdata('btn_repeat', false)) { // Display edit function with next available ID. $qid = $db->query("SELECT payment_id FROM payment_tbl WHERE payment_id > '" . $db->escapeString(getFormData('payment_id')) . "' ORDER BY payment_id ASC LIMIT 1"); if (list($next_id) = mysql_fetch_row($qid)) { $app->dieURL($_SERVER['PHP_SELF'] . '?op=edit&payment_id=' . $next_id, $locally_carried_queries); } else { $app->raiseMsg(_("Cannot edit next, the end of the list was reached"), MSG_NOTICE, __FILE__, __LINE__); } } else if ($app->validBoomerangURL('payment')) { // Display boomerang page. $app->dieBoomerangURL('payment', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); } break; default : // Bounce the user if they don't have permission to list records. Payment::requireAllow('read'); // If the user does not have access to 'any' record, limit by their account_id. $where_clause = ''; if (!$acl->check('user_id:' . $auth->get('user_id'), 'payment:read', 'any')) { $where_clause = "WHERE payment_tbl.account_id = '" . $db->escapeString($auth->get('account_id')) . "'"; } $list = Payment::getPaginatedList($where_clause); $main_template = 'payment_list.inc.html'; break; } /******************************************************************** * OUTPUT ********************************************************************/ include 'header.inc.html'; $app->carryQuery($locally_carried_queries); include $main_template; include 'footer.inc.html'; /******************************************************************** * FUNCTIONS ********************************************************************/ /* * * * @access public * @param * @return * @author Quinn Comendant * @version 1.0 * @since 16 Nov 2014 17:45:40 */ function validateInput($fv) { $fv->numericRange('payment_id', 0, 65536, sprintf(_("%s must be a number between %d and %d."), _("Payment ID"), 0, 65536)); $fv->isInteger('payment_id', sprintf(_("%s must be an integer."), _("Payment ID"))); $fv->notEmpty('account_id', sprintf(_("%s cannot be blank."), _("Account"))); $fv->numericRange('account_id', 0, 65536, sprintf(_("%s must be a number between %d and %d."), _("Account"), 0, 65536)); $fv->isInteger('account_id', sprintf(_("%s must be an integer."), _("Account"))); $fv->notEmpty('payment_date', sprintf(_("%s cannot be blank."), _("Payment date"))); $fv->stringLength('payment_date', 0, 127, sprintf(_("%s must be %d-to-%d characters in length."), _("Payment date"), 0, 127)); $fv->validateStrDate('payment_date', sprintf(_("%s must be a valid date in YYYY-MM-DD format."), _("Payment date"))); $fv->checkRegex('payment_date', '/^\d{4}-\d{2}-\d{2}$/', true, sprintf(_("%s must be in YYYY-MM-DD format."), _("Payment date"))); $fv->notEmpty('amount', sprintf(_("%s cannot be blank."), _("Amount"))); $fv->numericRange('amount', -3.40282E+38, 3.40282E+38, sprintf(_("%s must be a number between %f and %f."), _("Amount"), -3.40282E+38, 3.40282E+38)); $fv->isFloat('amount', sprintf(_("%s must be a valid number."), _("Amount")), true); $fv->notEmpty('status', sprintf(_("%s cannot be blank."), _("Status"))); $fv->stringLength('status', 0, 255, sprintf(_("%s has an invalid selection."), _("Status"))); $fv->notEmpty('type', sprintf(_("%s cannot be blank."), _("Type"))); $fv->stringLength('type', 0, 255, sprintf(_("%s has an invalid selection."), _("Type"))); return $fv; } /* * * * @access public * @param * @return * @author Quinn Comendant * @version 1.0 * @since 16 Nov 2014 17:45:40 */ function getAddFields() { // Set default values for the reset of the fields. return Payment::merge(array( 'new_op' => 'insert', 'submit_buttons' => array( array('name' => 'btn_submit', 'value' => _("Add Payment"), 'class' => 'small button', 'accesskey' => 's'), array('name' => 'btn_repeat', 'value' => _("Add & repeat"), 'class' => 'small button secondary', 'accesskey' => 'r'), array('name' => 'btn_cancel', 'value' => _("Cancel"), 'class' => 'small button secondary', 'accesskey' => 'c'), ), )); } /* * * * @access public * @param * @return * @author Quinn Comendant * @version 1.0 * @since 16 Nov 2014 17:45:40 */ function getEditFields($id) { global $lock, $locally_carried_queries; $db =& DB::getInstance(); $app =& App::getInstance(); $lock->select('payment_tbl', 'payment_id', $id); if ($lock->isLocked() && !$lock->isMine()) { $lock->dieErrorPage(); } // Get the information for the form. if (!$frm = Payment::get(array('payment_id' => $id))) { $app->logMsg('Could not find record with payment_id: ' . $id, LOG_WARNING, __FILE__, __LINE__); $app->raiseMsg(sprintf(_("The requested record %s could not be found."), $id), MSG_ERR, __FILE__, __LINE__); $app->dieBoomerangURL('payment', $locally_carried_queries); } // Lock this record. $lock->set('payment_tbl', 'payment_id', $id, $frm['payment_id']); // Set misc values for the form. return Payment::merge(array( 'new_op' => 'update', 'submit_buttons' => array( array('name' => 'btn_submit', 'value' => _("Save changes"), 'class' => 'small button', 'accesskey' => 's'), array('name' => 'btn_repeat', 'value' => _("Save & edit next"), 'class' => 'small button secondary', 'accesskey' => 'e'), array('name' => 'btn_reset', 'value' => _("Reset"), 'class' => 'small button secondary', 'accesskey' => 'r'), array('name' => 'btn_cancel', 'value' => _("Cancel"), 'class' => 'small button secondary', 'accesskey' => 'c'), ), ), $frm); }