265 lines
No EOL
11 KiB
PHP
265 lines
No EOL
11 KiB
PHP
<?php
|
|
/**
|
|
* Created by PhpStorm.
|
|
* User: jedi
|
|
* Date: 12/28/18
|
|
* Time: 6:13 PM
|
|
*/
|
|
|
|
include "backend.php";
|
|
include "functions.php";
|
|
|
|
function hasval($var){
|
|
return isset($var) && !empty($var);
|
|
}
|
|
|
|
$successmsg = "added one item";
|
|
|
|
switch($_GET["action"]) {
|
|
case "add_featurerequest":
|
|
if (hasval($_POST["title"]) && hasval($_POST["desc"])) {
|
|
/* Prepared statement, stage 1: prepare */
|
|
if (!($stmt = $mysqli->prepare("INSERT INTO feature_request(title, `desc`) VALUES (?, ?)"))) {
|
|
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
|
|
}else
|
|
if (!$stmt->bind_param("ss", $_POST["title"], $_POST["desc"])) {
|
|
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}else
|
|
if (!$stmt->execute()) {
|
|
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
}else{
|
|
$errormsg = "all values have to be set";
|
|
}
|
|
break;
|
|
case "add_found":
|
|
if (hasval($_POST["was"]) && hasval($_POST["wann"]) && hasval($_POST["wo"])&& hasval($_POST["container"])) {
|
|
/* Prepared statement, stage 1: prepare */
|
|
if (!($stmt = $mysqli->prepare("INSERT INTO found_items(was, wann, wo, container) VALUES (?, ?, ?, ?)"))) {
|
|
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
|
|
}
|
|
if (!$stmt->bind_param("ssss", $_POST["was"], $_POST["wann"], $_POST["wo"], $_POST["container"])) {
|
|
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
if (!$stmt->execute()) {
|
|
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
}else{
|
|
$errormsg = "all values have to be set";
|
|
}
|
|
|
|
break;
|
|
case "add_lost":
|
|
if (hasval($_POST["was"]) && hasval($_POST["wann"]) && hasval($_POST["wo"]) && hasval($_POST["contact"])) {
|
|
/* Prepared statement, stage 1: prepare */
|
|
if (!($stmt = $mysqli->prepare("INSERT INTO lost_items(was, wann, wo, contact) VALUES (?, ?, ?, ?)"))) {
|
|
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
|
|
}
|
|
if (!$stmt->bind_param("ssss", $_POST["was"], $_POST["wann"], $_POST["wo"], $_POST["contact"])) {
|
|
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
if (!$stmt->execute()) {
|
|
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
}else{
|
|
$errormsg = "all values have to be set";
|
|
}
|
|
break;
|
|
case "get_stats";
|
|
echo json_encode(array("status"=>"ok","stats"=>get_stats()));
|
|
break;
|
|
case "delete_found_item":
|
|
if(hasval($_POST["id"])) {
|
|
/* Prepared statement, stage 1: prepare */
|
|
if (!($stmt = $mysqli->prepare("UPDATE found_items SET del = 1 WHERE id = ?"))) {
|
|
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
|
|
}
|
|
if (!$stmt->bind_param("i", $_POST["id"])) {
|
|
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
if (!$stmt->execute()) {
|
|
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
$successmsg = "one item deleted";
|
|
}else{
|
|
$errormsg = "id not set";
|
|
}
|
|
break;
|
|
case "delete_lost_item":
|
|
if(hasval($_POST["id"])) {
|
|
/* Prepared statement, stage 1: prepare */
|
|
if (!($stmt = $mysqli->prepare("UPDATE lost_items SET del = 1 WHERE id = ?"))) {
|
|
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
|
|
}
|
|
if (!$stmt->bind_param("i", $_POST["id"])) {
|
|
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
if (!$stmt->execute()) {
|
|
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
$successmsg = "one item deleted";
|
|
}else{
|
|
$errormsg = "id not set";
|
|
}
|
|
break;
|
|
case "edit_found_item":
|
|
if(hasval($_POST["id"]) && hasval($_POST["was"])&& hasval($_POST["container"])) {
|
|
/* Prepared statement, stage 1: prepare */
|
|
$was=$_POST["was"];
|
|
if (!($stmt = $mysqli->prepare("UPDATE found_items SET was=?, wo=?, wann=?, container=? WHERE id = ?"))) {
|
|
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
|
|
}
|
|
if (!$stmt->bind_param("ssssi", $_POST["was"] , $_POST["wo"], $_POST["wann"], $_POST["container"], $_POST["id"])) {
|
|
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
if (!$stmt->execute()) {
|
|
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
|
|
$successmsg = "one item edited";
|
|
|
|
if(isset($_FILES["image"])&& hasval($_FILES["image"]["tmp_name"])){
|
|
if(!file_exists ( "upload/")){
|
|
mkdir("upload/");
|
|
}
|
|
|
|
$hash = md5($_FILES['image']['name'].time());
|
|
if(move_uploaded_file($_FILES['image']['tmp_name'], "upload/".$hash)){
|
|
if (!($stmt = $mysqli->prepare("INSERT INTO files(hash, item_id) VALUES (?, ?)"))) {
|
|
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
|
|
}
|
|
if (!$stmt->bind_param("si", $hash, $_POST["id"])) {
|
|
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
if (!$stmt->execute()) {
|
|
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
$successmsg = "one item edited";
|
|
|
|
}else{
|
|
$errormsg = "upload failed";
|
|
}
|
|
}else{
|
|
}
|
|
|
|
|
|
}else{
|
|
$errormsg = "id not set";
|
|
}
|
|
break;
|
|
case "add_found_item":
|
|
if (hasval($_POST["was"])&& hasval($_POST["container"])) {
|
|
/* Prepared statement, stage 1: prepare */
|
|
if (!($stmt = $mysqli->prepare("INSERT INTO found_items(was, container) VALUES (?, ?)"))) {
|
|
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
|
|
}
|
|
if (!$stmt->bind_param("ss", $_POST["was"], $_POST["container"])) {
|
|
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
if (!$stmt->execute()) {
|
|
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
$item_id = $mysqli->insert_id;
|
|
|
|
if(isset($_FILES["image"])){
|
|
if(!file_exists ( "upload/")){
|
|
mkdir("upload/");
|
|
}
|
|
|
|
$hash = md5($_FILES['image']['name'].time());
|
|
if(move_uploaded_file($_FILES['image']['tmp_name'], "upload/".$hash)){
|
|
if (!($stmt = $mysqli->prepare("INSERT INTO files(hash, item_id) VALUES (?, ?)"))) {
|
|
$errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
|
|
}
|
|
if (!$stmt->bind_param("si", $hash, $item_id)) {
|
|
$errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
if (!$stmt->execute()) {
|
|
$errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
|
|
}
|
|
$successmsg = "upload ok";
|
|
}else{
|
|
$errormsg = "upload failed";
|
|
}
|
|
}else{
|
|
}
|
|
}else{
|
|
$errormsg = "all values have to be set";
|
|
}
|
|
break;
|
|
case "get_found_table":
|
|
?>
|
|
<table class="table table-bordered" id="dataTable" width="100%" cellspacing="0">
|
|
<thead>
|
|
<tr>
|
|
<th>ID</th>
|
|
<th>was</th>
|
|
<th>wann</th>
|
|
<th>wo</th>
|
|
<th>kiste</th>
|
|
<th>foto</th>
|
|
<th></th>
|
|
</tr>
|
|
</thead>
|
|
<tfoot>
|
|
<tr>
|
|
<th>ID</th>
|
|
<th>was</th>
|
|
<th>wann</th>
|
|
<th>wo</th>
|
|
<th>kiste</th>
|
|
<th>foto</th>
|
|
<th></th>
|
|
</tr>
|
|
</tfoot>
|
|
<tbody>
|
|
<?php
|
|
foreach( get_founditems(true) as $item){
|
|
?>
|
|
<tr>
|
|
<td><?php echo $item["id"]; ?> </td>
|
|
<td><?php echo $item["was"]; ?></td>
|
|
<td><?php echo $item["wann"]; ?></td>
|
|
<td><?php echo $item["wo"]; ?></td>
|
|
<td><?php echo $item["container"]; ?></td>
|
|
<td><img style="height: 48px;" src="/upload/<?php echo $item["hash"]; ?>"></td>
|
|
<td>
|
|
<div class="btn-group" role="group">
|
|
<button type="button" class="btn btn-outline-secondary"><i class="fas fa-fw fa-check-circle"></i></button>
|
|
<!--<a href="/found_item_edit/<?php echo $item["id"]; ?>/" type="button" class="btn btn-outline-secondary"><i class="fas fa-fw fa-edit"></i></a>-->
|
|
<button type="button" class="btn btn-outline-secondary" data-toggle="modal" data-target="#exampleModal" onclick="fill_edit_form(<?php echo $item["id"]; ?>,'<?php echo $item["was"]; ?>','<?php echo $item["wann"]; ?>','<?php echo $item["wo"]; ?>','<?php echo $item["hash"]; ?>', '<?php echo $item["container"]?>')">
|
|
<i class="fas fa-fw fa-edit"></i>
|
|
</button>
|
|
<button type="button" class="btn btn-outline-danger" onclick="delete_item(<?php echo $item["id"]; ?>)"><i class="fas fa-fw fa-trash-alt"></i></button>
|
|
</div>
|
|
</td>
|
|
<!--td>
|
|
<?php
|
|
foreach(explode(",",$item["tags"]) as $tag){
|
|
?>
|
|
<span class="label label-default"><?php echo $tag; ?></span>
|
|
<?php
|
|
}
|
|
?>
|
|
</td>
|
|
<td><?php echo $item["id"]; ?></td-->
|
|
</tr>
|
|
<?php
|
|
}
|
|
?>
|
|
</tbody>
|
|
</table>
|
|
<?php
|
|
exit;
|
|
break;
|
|
default:
|
|
$errormsg = "action unknown";
|
|
break;
|
|
}
|
|
|
|
if(empty($errormsg))
|
|
echo json_encode(array("get"=>$_GET,"post"=>$_POST,"files"=>$_FILES,"status"=>"ok","message"=>$successmsg));
|
|
else
|
|
echo json_encode(array("get"=>$_GET,"post"=>$_POST,"files"=>$_FILES,"status"=>"error","message"=>$errormsg));
|
|
|
|
?>
|