diff --git a/ajax.php b/ajax.php index b80c2fc..405b7b6 100644 --- a/ajax.php +++ b/ajax.php @@ -97,6 +97,49 @@ switch($_GET["action"]) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } $successmsg = "one item deleted"; + }else{ + $errormsg = "id not set"; + } + break; + case "edit_found_item": + if(hasval($_POST["id"]) && hasval($_POST["was"]) && hasval($_POST["wann"])) { + /* Prepared statement, stage 1: prepare */ + $was=$_POST["was"]; + if (!($stmt = $mysqli->prepare("UPDATE found_items SET was=?, wo=?, `date`=? WHERE id = ?"))) { + $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; + } + if (!$stmt->bind_param("sssi", $_POST["was"] , $_POST["wo"], $_POST["wann"], $_POST["id"])) { + $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; + } + if (!$stmt->execute()) { + $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; + } + + if(isset($_FILES["image"])){ + if(!file_exists ( "upload/")){ + mkdir("upload/"); + } + + $hash = md5($_FILES['image']['name'].time()); + if(move_uploaded_file($_FILES['image']['tmp_name'], "upload/".$hash)){ + if (!($stmt = $mysqli->prepare("INSERT INTO files(hash, item_id) VALUES (?, ?)"))) { + $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; + } + if (!$stmt->bind_param("si", $hash, $_POST["id"])) { + $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; + } + if (!$stmt->execute()) { + $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; + } + $successmsg = "one item edited"; + }else{ + $errormsg = "upload failed"; + } + }else{ + $errormsg = "upload failed"; + } + + }else{ $errormsg = "id not set"; } diff --git a/index.php b/index.php index 6bdf37d..8b12eb6 100644 --- a/index.php +++ b/index.php @@ -23,9 +23,9 @@ function auth(){ function get_founditems($onlyUnmatched = false){ global $mysqli; if ($onlyUnmatched) { - $res = $mysqli->query("SELECT found_items.*, files.hash FROM files, found_items LEFT JOIN matches ON found_items.id = matches.f_id WHERE files.item_id = found_items.id AND found_items.del = 0 AND matches.f_id IS NULL ORDER BY found_items.id DESC"); + $res = $mysqli->query("SELECT distinct found_items.*, files.hash FROM (SELECT files.* from files ORDER BY files.id DESC LIMIT 100000) as files, found_items LEFT JOIN matches ON found_items.id = matches.f_id WHERE found_items.del = 0 AND files.item_id = found_items.id AND matches.f_id IS NULL GROUP BY files.item_id ORDER BY found_items.id DESC"); } else { - $res = $mysqli->query("SELECT found_items.*, files.hash FROM files, found_items WHERE files.item_id = found_items.id AND found_items.del = 0 ORDER BY found_items.id ASC"); + $res = $mysqli->query("SELECT found_items.*, files.hash FROM (SELECT files.* from files ORDER BY files.id DESC LIMIT 100000) as files, found_items WHERE files.item_id = found_items.id AND found_items.del = 0 GROUP BY files.item_id ORDER BY found_items.id ASC"); } $ret = array(); while ($row = $res->fetch_assoc()) { @@ -48,6 +48,18 @@ function get_lostitems($onlyUnmatched = false){ return $ret; } +function get_founditem($id){ + global $mysqli; + + $res = $mysqli->query("SELECT * FROM found_items, files WHERE found_items.id = $id AND found_items.id = files.item_id ORDER BY files.id DESC"); + + $ret = array(); + while ($row = $res->fetch_assoc()) { + $ret[] = $row; + } + return $ret; +} + function get_matches(){ global $mysqli; $res = $mysqli->query("SELECT matches.id AS id, matches.f_id as f_id, matches.l_id as l_id, lost.was as l_desc, items.was as f_desc " diff --git a/templates/found_item_edit.php b/templates/found_item_edit.php new file mode 100644 index 0000000..8ec0977 --- /dev/null +++ b/templates/found_item_edit.php @@ -0,0 +1,232 @@ + + + + +
+ + +
    +
  1. + Dashboard +
    2. +
  2. Found
    3. +
  3. Edit
    4. +
+ + + + + + + +
+
+ + Edit Item +
+
+
+

+

">

+

">

+

">

+
+
+
+ + + +
+
+ "/> +
+

+
+
+
Updated yesterday at 11:59 PM
+
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file