From 2dc21002694a2fbe0cdf43342bc3a6a8dd9cf452 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E2=80=9CVeLiTi=E2=80=9D?= <“info@veliti.nl”> Date: Thu, 16 Jan 2025 17:13:42 +0100 Subject: [PATCH] CMXX - Media --- api/v2/get/media.php | 118 ++++++++++++++++ api/v2/get/products_attributes_items.php | 12 +- api/v2/post/media.php | 120 ++++++++++++++++ assets/functions.php | 4 +- maintenance.php | 1 + media.php | 169 +++++++++++++++++++++++ media_manage.php | 161 +++++++++++++++++++++ product.php | 2 +- products_attributes_manage.php | 80 ++++++++++- settings/settingsmenu.php | 9 +- settings/settingsprofiles.php | 2 +- settings/settingsviews.php | 2 + 12 files changed, 668 insertions(+), 12 deletions(-) create mode 100644 api/v2/get/media.php create mode 100644 api/v2/post/media.php create mode 100644 media.php create mode 100644 media_manage.php diff --git a/api/v2/get/media.php b/api/v2/get/media.php new file mode 100644 index 0000000..08e010e --- /dev/null +++ b/api/v2/get/media.php @@ -0,0 +1,118 @@ +soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';} + +//default whereclause +$whereclause = ''; + +switch ($permission) { + case '4': + $whereclause = ''; + break; + case '3': + $whereclause = ''; + break; + default: + $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search; + $whereclause = 'WHERE accounthierarchy like "'.$condition.'"'; + break; +} + +//NEW ARRAY +$criterias = []; +$clause = ''; + +//Check for $_GET variables and build up clause +if(isset($get_content) && $get_content!=''){ + //GET VARIABLES FROM URL + $requests = explode("&", $get_content); + //Check for keys and values + foreach ($requests as $y){ + $v = explode("=", $y); + //INCLUDE VARIABLES IN ARRAY + $criterias[$v[0]] = $v[1]; + + if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='list' || $v[0] =='history'|| $v[0] =='success_msg'){ + //do nothing + } + elseif ($v[0] == 'search') { + //build up search + $clause .= ' AND title like :'.$v[0]; + } + else {//create clause + $clause .= ' AND '.$v[0].' = :'.$v[0]; + } + } + if ($whereclause == '' && $clause !=''){ + $whereclause = 'WHERE '.substr($clause, 4); + } else { + $whereclause .= $clause; + } +} +//Define Query +if(isset($criterias['totals']) && $criterias['totals'] ==''){ +//Request for total rows + $sql = 'SELECT count(*) as count FROM media '.$whereclause.''; +} +else { + //SQL for Paging + $sql = 'SELECT * FROM media '.$whereclause.' LIMIT :page,:num_products'; +} + +$stmt = $pdo->prepare($sql); + +//Bind to query +if (str_contains($whereclause, ':condition')){ + $stmt->bindValue('condition', $condition, PDO::PARAM_STR); +} + +if (!empty($criterias)){ + foreach ($criterias as $key => $value){ + $key_condition = ':'.$key; + if (str_contains($whereclause, $key_condition)){ + if ($key == 'search'){ + $search_value = '%'.$value.'%'; + $stmt->bindValue($key, $search_value, PDO::PARAM_STR); + } + else { + $stmt->bindValue($key, $value, PDO::PARAM_STR); + } + } + } +} + +//Add paging details +if(isset($criterias['totals']) && $criterias['totals']==''){ + $stmt->execute(); + $messages = $stmt->fetch(); + $messages = $messages[0]; +} +else { + $current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1; + $stmt->bindValue('page', ($current_page - 1) * $page_rows_media, PDO::PARAM_INT); + $stmt->bindValue('num_products', $page_rows_media, PDO::PARAM_INT); + + //Excute Query + $stmt->execute(); + //Get results + $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); +} + +//------------------------------------------ +//JSON_ENCODE +//------------------------------------------ +$messages = json_encode($messages, JSON_UNESCAPED_UNICODE); + +//Send results +echo $messages; + +?> \ No newline at end of file diff --git a/api/v2/get/products_attributes_items.php b/api/v2/get/products_attributes_items.php index bf4f0eb..4122bdf 100644 --- a/api/v2/get/products_attributes_items.php +++ b/api/v2/get/products_attributes_items.php @@ -41,7 +41,7 @@ if(isset($get_content) && $get_content!=''){ //INCLUDE VARIABLES IN ARRAY $criterias[$v[0]] = $v[1]; - if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='list' || $v[0] =='history'|| $v[0] =='success_msg'){ + if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='list' || $v[0] =='media'|| $v[0] =='success_msg'){ //do nothing } elseif ($v[0] == 'search') { @@ -62,7 +62,9 @@ if(isset($get_content) && $get_content!=''){ if(isset($criterias['totals']) && $criterias['totals'] ==''){ //Request for total rows $sql = 'SELECT count(*) as count FROM products_attributes_items '.$whereclause.''; -} +} elseif ($criterias['media'] && $criterias['media'] =='all'){ + $sql = 'SELECT pat.*, m.full_path FROM products_attributes_items pat LEFT JOIN media m ON pat.item_media = m.rowID '.$whereclause; +} else { //SQL for Paging $sql = 'SELECT * FROM products_attributes_items '.$whereclause.' LIMIT :page,:num_products'; @@ -96,6 +98,12 @@ if(isset($criterias['totals']) && $criterias['totals']==''){ $messages = $stmt->fetch(); $messages = $messages[0]; } +elseif($criterias['media'] && $criterias['media'] =='all'){ + //Excute Query + $stmt->execute(); + //Get results + $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); +} else { $current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1; $stmt->bindValue('page', ($current_page - 1) * $page_rows_products_attributes, PDO::PARAM_INT); diff --git a/api/v2/post/media.php b/api/v2/post/media.php new file mode 100644 index 0000000..c15ce55 --- /dev/null +++ b/api/v2/post/media.php @@ -0,0 +1,120 @@ +soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';} + +//default whereclause +$whereclause = ''; + +switch ($permission) { + case '4': + $whereclause = ''; + break; + case '3': + $whereclause = ''; + break; + default: + $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search; + $whereclause = ' AND accounthierarchy like "'.$condition.'"'; + break; +} + +//SET PARAMETERS FOR QUERY +$id = $post_content['rowID'] ?? ''; //check for rowID +$command = ($id == '')? 'insert' : 'update'; //IF rowID = empty then INSERT +if (isset($post_content['delete'])){$command = 'delete';} //change command to delete +$date = date('Y-m-d H:i:s'); + +//CREATE EMPTY STRINGS +$clause = ''; +$clause_insert =''; +$input_insert = ''; + +//BUILD UP PARTNERHIERARCHY FROM USER +$partner_product = json_encode(array("salesid"=>$partner->salesid,"soldto"=>$partner->soldto), JSON_UNESCAPED_UNICODE); + +//ADD STANDARD PARAMETERS TO ARRAY BASED ON INSERT OR UPDATE +if ($command == 'update'){ + $post_content['updatedby'] = $username ; + +} +elseif ($command == 'insert'){ + $post_content['createdby'] = $username; + $post_content['accounthierarchy'] = $partner_product; +} +else { + //do nothing +} + +//CREAT NEW ARRAY AND MAP TO CLAUSE +if(isset($post_content) && $post_content!=''){ + foreach ($post_content as $key => $var){ + if ($key == 'submit' || $key == 'rowID'){ + //do nothing + } + else { + $criterias[$key] = $var; + $clause .= ' , '.$key.' = ?'; + $clause_insert .= ' , '.$key.''; + $input_insert .= ', ?'; // ? for each insert item + $execute_input[]= $var; // Build array for input + } + } +} + +//CLEAN UP INPUT +$clause = substr($clause, 2); //Clean clause - remove first comma +$clause_insert = substr($clause_insert, 2); //Clean clause - remove first comma +$input_insert = substr($input_insert, 1); //Clean clause - remove first comma + +//QUERY AND VERIFY ALLOWED +if ($command == 'update' && isAllowed('media',$profile,$permission,'U') === 1){ + $sql = 'UPDATE media SET '.$clause.' WHERE rowID = ? '.$whereclause.''; + $execute_input[] = $id; + $stmt = $pdo->prepare($sql); + $stmt->execute($execute_input); +} +elseif ($command == 'insert' && isAllowed('media',$profile,$permission,'C') === 1){ + $sql = 'INSERT INTO media('.$clause_insert.') VALUES ('.$input_insert.')'; + $stmt = $pdo->prepare($sql); + $stmt->execute($execute_input); + // Return ID + echo json_encode(array('rowID'=> $pdo->lastInsertId())); +} +elseif ($command == 'delete' && isAllowed('media',$profile,$permission,'D') === 1){ + + //GET FILENAME AND REMOVE FROM SERVER + $sql = 'SELECT * FROM media WHERE rowID = ? '.$whereclause.''; + $stmt = $pdo->prepare($sql); + $stmt->execute([$id]); + //Get results + $files = $stmt->fetchAll(PDO::FETCH_ASSOC); + + foreach ($files as $file){ + $media_file = dirname(__FILE__,4).$file['full_path']; + $media_file_check = glob($media_file, GLOB_BRACE); + if (!empty($media_file_check)){ + unlink($media_file); + } + } + $stmt = $pdo->prepare('DELETE FROM media WHERE rowID = ? '.$whereclause.''); + $stmt->execute([ $id ]); + + //Add deletion to changelog + changelog($dbname,'media',$id,'Delete','Delete',$username); +} else +{ + //do nothing +} + +?> \ No newline at end of file diff --git a/assets/functions.php b/assets/functions.php index 6364ea8..43fe851 100644 --- a/assets/functions.php +++ b/assets/functions.php @@ -2952,8 +2952,8 @@ function generateLanguageFile($language_key,$token){ if ($language_key != ''){ generateFile($language_key,$token); } else { - include_once dirname(__FILE__,2).'/settings/settingsmenu.php'; - + include dirname(__FILE__,2).'/settings/settingsmenu.php'; + foreach ($supportedLanguages as $language){ generateFile($language,$token); } diff --git a/maintenance.php b/maintenance.php index f625356..c92d808 100644 --- a/maintenance.php +++ b/maintenance.php @@ -107,6 +107,7 @@ if ($update_allowed === 1){
+ '; +} + +$view .= ' +
+ +
+ '.$general_filters.' +
+ + +
+
'; +$view .= '
+ +
+
+
+'; + +$view .= ' +
+
'; + + foreach ($responses as $response){ + $view .= ' + + '; + } +$view .= '
+
+'; + +$view.=''; +//OUTPUT +echo $view; + +template_footer(); +?> \ No newline at end of file diff --git a/media_manage.php b/media_manage.php new file mode 100644 index 0000000..095d5c8 --- /dev/null +++ b/media_manage.php @@ -0,0 +1,161 @@ + '', + 'title' => '', + 'full_path' => '', + 'created' => '', + 'createdby' => '', + 'updated' => '', + 'updatedby' => '', + 'accounthierarchy' => '' +]; + +if (isset($_GET['rowID'])) { + //CALL TO API + $api_url = '/v2/media/rowID='.$_GET['rowID']; + $responses = ioServer($api_url,''); + //Decode Payload + if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = null;} + + $media = json_decode(json_encode($responses[0]), true); + + if ($update_allowed === 1){ + if (isset($_POST['submit'])) { + + //GET ALL POST DATA + $payload = json_encode($_POST, JSON_UNESCAPED_UNICODE); + //API call + $responses = ioServer('/v2/media', $payload); + + if ($responses === 'NOK'){ + + } else { + header('Location: index.php?page=media&success_msg=2'); + exit; + } + } + + } + + if ($delete_allowed === 1){ + if (isset($_POST['delete'])) { + //GET ALL POST DATA + $payload = json_encode($_POST, JSON_UNESCAPED_UNICODE); + //API call + $responses = ioServer('/v2/media', $payload); + // Redirect and delete product + if ($responses === 'NOK'){ + + } else { + header('Location: index.php?page=media&success_msg=3'); + exit; + } + } + } + +} else { + // Create a new variable + if (isset($_POST['submit']) && $create_allowed === 1) { + //GET ALL POST DATA + $payload = json_encode($_POST, JSON_UNESCAPED_UNICODE); + //API call + $responses = ioServer('/v2/media', $payload); + + if ($responses === 'NOK'){ + + } else { + header('Location: index.php?page=media&success_msg=1'); + exit; + } + } +} +//EMPTY VIEW +$view = ''; + +// Handle success messages +if (isset($_GET['success_msg'])) { + if ($_GET['success_msg'] == 0) { + $success_msg = $error_msg_0; + } +} + +template_header('Media', 'media', 'manage'); + +if (isset($success_msg)){ + $view .= '
+ +

'.$success_msg.'

+ +
'; +} + +$view .=' +
+
+

'.($media_h2 ?? 'Media').'

+ '.$button_cancel.' +'; + +if ($delete_allowed === 1){ + $view .= ''; +} +if ($update_allowed === 1){ + $view .= ''; +} + +$view .= '
'; + +$view .= '
+ '.$tab1 .' + '.$tab3.' +
+ '; + +//Define Service and User enabled +$view .= '
+
+ + + + + + '.$media['title'].' + '; + +$view .= '
+
'; + +$view .= '
+
+ + + + + + + + +
+
'; +$view .= '
'; + +//Output +echo $view; +template_footer() +?> \ No newline at end of file diff --git a/product.php b/product.php index 222448e..c53265a 100644 --- a/product.php +++ b/product.php @@ -152,7 +152,7 @@ $view .= '
'.$product_description.'
- '.$responses->productdescription.' + '.(${$responses->productdescription} ?? $responses->productdescription).'
'; diff --git a/products_attributes_manage.php b/products_attributes_manage.php index 6c2855b..f4daa0d 100644 --- a/products_attributes_manage.php +++ b/products_attributes_manage.php @@ -38,11 +38,17 @@ if (isset($_GET['rowID'])) { $products_attributes = json_decode(json_encode($responses[0]), true); //CALL TO API FOR RELATED TRANSLATIONS - $api_url = '/v2/products_attributes_items/group_id='.$_GET['rowID']; + $api_url = '/v2/products_attributes_items/media=all&group_id='.$_GET['rowID']; $products_attributes_items = ioServer($api_url,''); //Decode Payload if (!empty($products_attributes_items)){$products_attributes_items = json_decode($products_attributes_items,true);}else{$products_attributes_items = null;} + //CALL TO API + $api_url = '/v2/media/'; + $media_responses = ioServer($api_url,''); + + //Decode Payload + if (!empty($media_responses)){$media_responses = json_decode($media_responses,true);}else{$media_responses = null;} if ($update_allowed === 1){ if (isset($_POST['submit'])) { @@ -265,14 +271,34 @@ $view .= ' - + + + '.getRelativeTime($items['created']).' - + + + + '; } + + $view .= ' + +

Select an Image

+
'; + + foreach ($media_responses as $media_response){ + $view .= ' + + '; + } + $view .= '
+ + + '; } $view .= ' @@ -295,7 +321,11 @@ $view .= ' - + + + + + @@ -303,7 +333,47 @@ $view .= ' tbody.appendChild(newRow); } - + + //POPUP FOR IMAGE SELECTION + const dialog = document.getElementById(\'imageSelector\'); + image_source_id = 0; + //const openButton = document.getElementById(\'openSelectorBtn\'); + + function setSourceID(sourceid){ + image_source_id = "source_"+sourceid; + image_source_src = "image_"+sourceid; + } + + function openDialog(){ + dialog.showModal(); + } + + function selectImage(id,src) { + + if (image_source_id != 0){ + const selectedImageInput = document.getElementById(image_source_id); + const previewImage = document.getElementById(image_source_src); + + selectedImageInput.value = id; + previewImage.src = src; + + } + else { + const selectedImageInput = document.getElementById(\'selectedImage\'); + const previewImage = document.getElementById(\'previewImage\'); + + selectedImageInput.value = id; + previewImage.src = src; + previewImage.style.display = \'block\'; + } + + dialog.close(); + } + + function closeImageSelector() { + dialog.close(); + } + diff --git a/settings/settingsmenu.php b/settings/settingsmenu.php index a296a84..b10c8bf 100644 --- a/settings/settingsmenu.php +++ b/settings/settingsmenu.php @@ -14,7 +14,7 @@ $main_menu = array ('dashboard','sales','buildtool','cartests','marketing','equi $equipments_sub = array('equipments','servicereports','rmas','histories','firmwaretool','equipments_mass_update'); $sales_sub = array('accounts','contracts'); $products_sub = array('products','products_attributes'); -$admin_sub = array('users','communications','partners'); +$admin_sub = array('users','communications','partners','media'); $reporting_sub = array('report_build','report_contracts_billing','report_healthindex','report_usage'); $settings_sub = array('config','translations','logfile','maintenance','profiles'); @@ -110,6 +110,12 @@ $urls = array( "icon" => "fas fa-tachometer-alt", "name" => "menu_admin_communications" ), + "media" => array( + "url" => "media", + "selected" => "media", + "icon" => "fa-solid fa-photo-film", + "name" => "menu_media" + ), "partners" => array( "url" => "partners", "selected" => "partners", @@ -226,6 +232,7 @@ $page_rows_changelog = 50 ;// Number of changelogs returned $page_rows_rma = 25; // list RMA $page_rows_translations = 50; //list translation variables $page_rows_products_attributes = 50; //list product attributes +$page_rows_media = 25; // list media //------------------------------------------ // Languages supported diff --git a/settings/settingsprofiles.php b/settings/settingsprofiles.php index c98b44b..9a07ff2 100644 --- a/settings/settingsprofiles.php +++ b/settings/settingsprofiles.php @@ -6,7 +6,7 @@ define('superuser_profile','dashboard,profile,assets,equipments,equipment,equipm /*Admin*/ define('admin_profile','dashboard,profile,buildtool,sales,accounts,account,contracts,contract,contract_manage,cartests,cartest,cartest_manage,assets,equipments,equipment,equipment_healthindex,equipment_data,equipment_manage,equipment_manage_edit,equipments_mass_update,histories,history,history_manage,firmwaretool,rmas,rma,rma_manage,rma_history,rma_history_manage,buildtool,products,products_versions,products_software,product,product_manage,servicereports,servicereport,admin,partners,partner,users,user,user_manage,communications,communication,communication_send,marketing,reporting,report_build,report_contracts_billing,report_healthindex,changelog,application'); /*AdminPlus*/ -define('adminplus_profile','dashboard,profile,buildtool,sales,accounts,account,contracts,contract,contract_manage,billing,cartests,cartest,cartest_manage,assets,equipments,equipment,equipment_healthindex,equipment_data,equipment_manage,equipment_manage_edit,equipments_mass_update,histories,history,history_manage,firmwaretool,rmas,rma,rma_manage,rma_history,rma_history_manage,buildtool,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,product,product_manage,servicereports,servicereport,admin,partners,partner,users,user,user_manage,communications,communication,communication_send,marketing,reporting,report_build,report_contracts_billing,report_healthindex,report_usage,config,settings,logfile,changelog,language,translations,translations_details,translation_manage,application,maintenance,profiles,vin'); +define('adminplus_profile','dashboard,profile,buildtool,sales,accounts,account,contracts,contract,contract_manage,billing,cartests,cartest,cartest_manage,assets,equipments,equipment,equipment_healthindex,equipment_data,equipment_manage,equipment_manage_edit,equipments_mass_update,histories,history,history_manage,firmwaretool,rmas,rma,rma_manage,rma_history,rma_history_manage,buildtool,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,product,product_manage,servicereports,servicereport,admin,partners,partner,users,user,user_manage,communications,communication,communication_send,marketing,reporting,report_build,report_contracts_billing,report_healthindex,report_usage,config,settings,logfile,changelog,language,translations,translations_details,translation_manage,media,media_manage,application,maintenance,profiles,vin'); /*Build*/ define('build','dashboard,profile,buildtool,firmwaretool,buildtool,products_software,application'); /*Distribution*/ diff --git a/settings/settingsviews.php b/settings/settingsviews.php index f23c708..be32c85 100644 --- a/settings/settingsviews.php +++ b/settings/settingsviews.php @@ -68,6 +68,8 @@ $all_views = [ "translations", "translations_details", "translation_manage", + "media", + "media_manage", "application", "maintenance", "profiles",