pcwvanbeers/assetmgt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CMXX - Products_media

Browse Source
This commit is contained in:
“VeLiTi”
2025-02-06 18:46:33 +01:00
parent 07b5578895
commit 2072250072
6 changed files with 379 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

125
api/v2/get/products_media.php Normal file
View File

@@ -0,0 +1,125 @@
<?php
defined($security_key) or exit;
//------------------------------------------
// Products
//------------------------------------------
//Connect to DB
$pdo = dbConnect($dbname);
//SoldTo is empty
if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
//default whereclause
$whereclause = '';
//NEW ARRAY
$criterias = [];
$clause = '';
//Check for $_GET variables and build up clause
if(isset($get_content) && $get_content!=''){
//GET VARIABLES FROM URL
$requests = explode("&", $get_content);
//Check for keys and values
foreach ($requests as $y){
$v = explode("=", $y);
//INCLUDE VARIABLES IN ARRAY
$criterias[$v[0]] = $v[1];
if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='list' || $v[0] =='history'|| $v[0] =='success_msg'){
//do nothing
}
else {//create clause
$clause .= ' AND '.$v[0].' = :'.$v[0];
}
}
if ($whereclause == '' && $clause !=''){
$whereclause = 'WHERE '.substr($clause, 4);
} else {
$whereclause .= $clause;
}
}
//ENSURE PRODUCTROWID IS SEND
if (isset($criterias['product_id']) && $criterias['product_id'] != ''){
//CHECK IF ALLOWED TO CRUD VERSIONS
$sql = "SELECT * FROM products WHERE rowID = ? '.$whereclause.'";
$stmt = $pdo->prepare($sql);
$stmt->execute([$criterias['product_id']]);
$product_data = $stmt->fetch();
$product_owner = ($product_data['rowID'])? 1 : 0;
//IF PRODUCT IS OWNED THEN CRUD is ALLOWED
if ($product_owner === 1 ){
//Define Query
if(isset($criterias['totals']) && $criterias['totals'] ==''){
//Request for total rows
$sql = 'SELECT count(*) as count FROM products_media '.$whereclause.'';
}
elseif (isset($criterias['list']) && $criterias['list'] =='') {
//SQL for Paging
$sql = 'SELECT * FROM products_media '.$whereclause.'';
}
else {
//SQL for Paging
$sql = 'SELECT p_m.*, m.full_path FROM products_media p_m LEFT JOIN media m ON p_m.media_id = m.rowID '.$whereclause.'';
}
$stmt = $pdo->prepare($sql);
//Bind to query
if (str_contains($whereclause, ':condition')){
$stmt->bindValue('condition', $condition, PDO::PARAM_STR);
}
if (!empty($criterias)){
foreach ($criterias as $key => $value){
$key_condition = ':'.$key;
if (str_contains($whereclause, $key_condition)){
if ($key == 'search'){
$search_value = '%'.$value.'%';
$stmt->bindValue($key, $search_value, PDO::PARAM_STR);
}
else {
$stmt->bindValue($key, $value, PDO::PARAM_STR);
}
}
}
}
//Add paging details
if(isset($criterias['totals']) && $criterias['totals']==''){
$stmt->execute();
$messages = $stmt->fetch();
$messages = $messages[0];
}
elseif(isset($criterias['list']) && $criterias['list']==''){
//Excute Query
$stmt->execute();
//Get results
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
else {
//$current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1;
//$stmt->bindValue('page', ($current_page - 1) * $page_rows_products, PDO::PARAM_INT);
//$stmt->bindValue('num_products', $page_rows_products, PDO::PARAM_INT);
//Excute Query
$stmt->execute();
//Get results
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
//------------------------------------------
//JSON_ENCODE
//------------------------------------------
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE);
//Send results
echo $messages;
}
}
?>

93
api/v2/post/products_media.php Normal file
View File

@@ -0,0 +1,93 @@
<?php
defined($security_key) or exit;
//------------------------------------------
// Products
//------------------------------------------
//Connect to DB
$pdo = dbConnect($dbname);
//CONTENT FROM API (POST)
$post_content = json_decode($input,true);
//SoldTo is empty
if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
//default whereclause
$whereclause = '';
//ENSURE PRODUCTROWID IS SEND
if (isset($post_content['product_id']) && $post_content['product_id'] != ''){
//CHECK IF ALLOWED TO CRUD VERSIONS
$sql = "SELECT * FROM products WHERE rowID = ? '.$whereclause.'";
$stmt = $pdo->prepare($sql);
$stmt->execute([$post_content['product_id']]);
$product_data = $stmt->fetch();
$product_owner = ($product_data['rowID'])? 1 : 0;
//IF PRODUCT IS OWNED THEN CRUD is ALLOWED
if ($product_owner === 1 ){
//SET PARAMETERS FOR QUERY
$id = $post_content['rowID'] ?? ''; //check for rowID
$command = ($id == '')? 'insert' : 'update'; //IF rowID = empty then INSERT
if (isset($post_content['delete'])){$command = 'delete';} //change command to delete
//CREATE EMPTY STRINGS
$clause = '';
$clause_insert ='';
$input_insert = '';
if ($command == 'insert'){
$post_content['createdby'] = $username;
}
if ($command == 'update'){
$post_content['updatedby'] = $username;
}
//CREATE NEW ARRAY AND MAP TO CLAUSE
if(isset($post_content) && $post_content!=''){
foreach ($post_content as $key => $var){
if ($key == 'submit' || $key == 'rowID'){
//do nothing
}
else {
$criterias[$key] = $var;
$clause .= ' , '.$key.' = ?';
$clause_insert .= ' , '.$key.'';
$input_insert .= ', ?'; // ? for each insert item
$execute_input[]= $var; // Build array for input
}
}
}
//CLEAN UP INPUT
$clause = substr($clause, 2); //Clean clause - remove first comma
$clause_insert = substr($clause_insert, 2); //Clean clause - remove first comma
$input_insert = substr($input_insert, 1); //Clean clause - remove first comma
//QUERY AND VERIFY ALLOWED
if ($command == 'update' && isAllowed('products_media',$profile,$permission,'U') === 1){
$sql = 'UPDATE products_media SET '.$clause.' WHERE rowID = ? '.$whereclause.'';
$execute_input[] = $id;
$stmt = $pdo->prepare($sql);
$stmt->execute($execute_input);
}
elseif ($command == 'insert' && isAllowed('products_media',$profile,$permission,'C') === 1){
$sql = 'INSERT INTO products_media ('.$clause_insert.') VALUES ('.$input_insert.')';
$stmt = $pdo->prepare($sql);
$stmt->execute($execute_input);
}
elseif ($command == 'delete' && isAllowed('products_media',$profile,$permission,'D') === 1){
$stmt = $pdo->prepare('DELETE FROM products_media WHERE rowID = ? '.$whereclause.'');
$stmt->execute([ $id ]);
//Add deletion to changelog
changelog($dbname,'products_media',$id,'Delete','Delete',$username);
} else
{
//do nothing
}
}
}
?>

158
product.php
View File

@@ -31,6 +31,7 @@ $update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],
$update_allowed_edit = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
$media_update = isAllowed('products_media' ,$_SESSION['profile'],$_SESSION['permission'],'U');
//GET Details from URL
$GET_VALUES = urlGETdetails($_GET) ?? '';
@@ -74,6 +75,58 @@ $product['categories'] = ioServer($api_url,'');
//Decode Payload
if (!empty($product['categories'] )){$product['categories'] = json_decode($product['categories'] ,true);}else{$product['categories'] = null;}
//GET RELATED MEDIA
$api_url = '/v2/products_media/product_id='.$_GET['rowID'];
$products_media = ioServer($api_url,'');
//Decode Payload
if (!empty($products_media)){$products_media = json_decode($products_media ,true);}else{$products_media = null;}
if ($media_update == 1){
//GET ALL MEDIA
$api_url = '/v2/media/';
$media_responses_all = ioServer($api_url,'');
//Decode Payload
if (!empty($media_responses_all)){$media_responses_all = json_decode($media_responses_all,true);}else{$media_responses_all = null;}
}
if ($media_update == 1 && (isset($_POST['media']) || isset($_POST['delete']))){
//CHECK IF MEDIA IS AN ARRAY
if (isset($_POST['media']) && is_array($_POST['media'])){
foreach($_POST['media'] as $p_media){
//GET ALL POST DATA
$payload = json_encode(array("product_id" => $_POST['product_id'], "media_id" => $p_media), JSON_UNESCAPED_UNICODE);
//API call
$responses = ioServer('/v2/products_media', $payload);
}
if ($responses === 'NOK'){
} else {
header('Location: index.php?page=product&success_msg=2&rowID='.$_GET['rowID'].'');
exit;
}
}
if (isset($_POST['delete'])){
//GET ALL POST DATA
$payload = json_encode($_POST, JSON_UNESCAPED_UNICODE);
//API call
$responses = ioServer('/v2/products_media', $payload);
// Redirect and delete product
if ($responses === 'NOK'){
} else {
header('Location: index.php?page=product&success_msg=2&rowID='.$_GET['rowID'].'');
exit;
}
}
}
//------------------------------
// Variables
//------------------------------
@@ -352,6 +405,111 @@ $view .= '<div class="content-block">
</div>
';
$view .= '
<div class="content-block">
<h2 class="responsive-width-100">'.($products_media_header ?? 'Product media').' <button class="btn2" onClick="openDialog()" > + </button><input form="pictures" class="btn2" type="submit" name="update" value="Save" class="btn"></h2>
<div id="selectedImages">';
if(!empty($products_media)){
foreach ($products_media as $prod_media){
$view .= '
<div class="image-container" style="display: inline-block; position: relative; margin: 5px;">
<img src="'.$prod_media['full_path'].'" style="max-width: 100px; margin: 5px;">
<form method="POST" action="" style="position: absolute; top: 0; right: 0;">
<input type="hidden" name="rowID" value="'.$prod_media['rowID'].'">
<input type="hidden" name="product_id" value="'.$_GET['rowID'].'">
<input type="hidden" name="delete" value="delete">
<button type="submit" style="background-color: red; color: white; border: none; border-radius: 50%; width: 20px; height: 20px; padding: 0; font-size: 12px; cursor: pointer;">×</button>
</form>
</div>';
}
}
$view .='</div>
<form action="" id="pictures" method="post">
<input type="hidden" form="pictures" name="product_id" value="'.$_GET['rowID'].'">
<div id="selectedImagesID"></div>
</form>
<div id="selectedImagesPreview"></div>
</div>
</div>
<dialog id="imageSelector">
<h3>'.(isset($image_select) ? ${$image_select} : 'Select Images').'</h3>
<div id="imageGrid">';
if ($media_update == 1){
foreach ($media_responses_all as $media_response){
$view .= '
<img src="'.$media_response['full_path'].'" id="'.$media_response['rowID'].'" onclick="toggleImage(this)" style="width: 25%;cursor: pointer">
';
}
}
$view .= '
</div>
<br>
<button onclick="confirmSelection()">Confirm Selection</button>
<button onclick="closeImageSelector()">Cancel</button>
</dialog>
<script>
const dialog = document.getElementById(\'imageSelector\');
const openButton = document.getElementById(\'openSelectorBtn\');
const imageArrayInput = document.getElementById(\'imageArray\');
const previewContainer = document.getElementById(\'selectedImagesPreview\');
const previewID = document.getElementById(\'selectedImagesID\');
function openDialog(){
dialog.showModal();
document.querySelectorAll(\'#imageGrid img\').forEach(img => {img.style.border = \'none\';});
}
function toggleImage(img) {
if (img.style.border === \'2px solid blue\') {
img.style.border = \'none\';
} else {
img.style.border = \'2px solid blue\';
}
}
function confirmSelection() {
// Get all selected images with their details
const selectedImages = Array.from(document.querySelectorAll(\'#imageGrid img[style*="blue"]\'))
.map(img => ({
id: img.id,
src: img.src
}));
// Update preview
let preview = \'\';
previewContainer.innerHTML = \'\';
selectedImages.forEach(image => {
const previewImg = document.createElement(\'img\');
previewImg.src = image.src;
previewImg.id = image.id;
previewImg.style.maxWidth = \'100px\';
previewImg.style.margin = \'5px\';
previewContainer.appendChild(previewImg);
preview += \'<input name="media[]" form="pictures" type="hidden" value="\'+image.id+\'">\';
});
previewID.innerHTML = preview;
dialog.close();
}
function closeImageSelector() {
dialog.close();
}
</script>
';
$view .= '<div class="content-block">
<div class="block-header">
<i class="fa-solid fa-bars fa-sm"></i>'.$tab3.'

2
products_configurations.php
View File

@@ -161,7 +161,7 @@ $view .= '<div class="content-block tab-content active">
<label for=""><i class="required">*</i>'.($product_configuration_assignment ?? 'Product assignment').'</label>
<select name="assignment">';
foreach ($products as $product){
$view .= '<option value="'.$product['product_id'].'" '.($product['product_id']==$products_configurations['assignment'] ?' selected':'').'>'.(${$product['product_name']} ?? $product['product_name']).'</option>
$view .= '<option value="'.$product['product_id'].'" '.($product['product_id']==$products_configurations['assignment'] ?' selected':'').'>'.$product['product_id'].' - '.(${$product['product_name']} ?? $product['product_name']).'</option>
';}
$view .= ' </select>';

2
settings/settingsprofiles.php
View File

@@ -6,7 +6,7 @@ define('superuser_profile','dashboard,profile,assets,equipments,equipment,equipm
/*Admin*/
define('admin_profile','dashboard,profile,buildtool,sales,accounts,account,contracts,contract,contract_manage,cartests,cartest,cartest_manage,assets,equipments,equipment,equipment_healthindex,equipment_data,equipment_manage,equipment_manage_edit,equipments_mass_update,histories,history,history_manage,firmwaretool,rmas,rma,rma_manage,rma_history,rma_history_manage,buildtool,products,products_versions,products_software,product,product_manage,servicereports,servicereport,admin,partners,partner,users,user,user_manage,communications,communication,communication_send,marketing,reporting,report_build,report_contracts_billing,report_healthindex,changelog,application');
/*AdminPlus*/
define('adminplus_profile','dashboard,profile,buildtool,sales,accounts,account,contracts,contract,contract_manage,billing,cartests,cartest,cartest_manage,assets,equipments,equipment,equipment_healthindex,equipment_data,equipment_manage,equipment_manage_edit,equipments_mass_update,histories,history,history_manage,firmwaretool,rmas,rma,rma_manage,rma_history,rma_history_manage,buildtool,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,products_configurations,products_categories,product,product_manage,pricelists,pricelists_items,pricelists_manage,catalog,categories,category,servicereports,servicereport,admin,partners,partner,users,user,user_manage,communications,communication,communication_send,marketing,reporting,report_build,report_contracts_billing,report_healthindex,report_usage,config,settings,logfile,changelog,language,translations,translations_details,translation_manage,media,media_manage,application,maintenance,profiles,vin,shopping_cart');
define('adminplus_profile','dashboard,profile,buildtool,sales,accounts,account,contracts,contract,contract_manage,billing,cartests,cartest,cartest_manage,assets,equipments,equipment,equipment_healthindex,equipment_data,equipment_manage,equipment_manage_edit,equipments_mass_update,histories,history,history_manage,firmwaretool,rmas,rma,rma_manage,rma_history,rma_history_manage,buildtool,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,products_configurations,products_categories,products_media,product,product_manage,pricelists,pricelists_items,pricelists_manage,catalog,categories,category,servicereports,servicereport,admin,partners,partner,users,user,user_manage,communications,communication,communication_send,marketing,reporting,report_build,report_contracts_billing,report_healthindex,report_usage,config,settings,logfile,changelog,language,translations,translations_details,translation_manage,media,media_manage,application,maintenance,profiles,vin,shopping_cart');
/*Build*/
define('build','dashboard,profile,buildtool,firmwaretool,buildtool,products_software,application');
/*Distribution*/

1
settings/settingsviews.php
View File

@@ -43,6 +43,7 @@ $all_views = [
"products_attributes_manage",
"products_configurations",
"products_categories",
"products_media",
"product",
"product_manage",
"pricelists",