pcwvanbeers/assetmgt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
18469fe9583bdfffa5a5f7c51027964fb945316a
assetmgt/products_versions.php
“VeLiTi” 18469fe958 Refactor authorization checks to use 'permissions' instead of 'profile' in multiple files 
- Updated authorization checks in product management, product attributes, configurations, software, and user management files to use 'permissions' for consistency.
- Ensured that all relevant pages correctly check user permissions for read, update, delete, and create actions.
- Adjusted session variable references to align with the new permissions structure across various modules.
2026-01-20 15:00:00 +01:00

205 lines
7.8 KiB
PHP
Raw Blame History

<?php
defined(page_security_key) or exit;
$page = 'products_versions';
//Check if allowed
if (isAllowed($page,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'R') === 0){
header('location: index.php');
exit;
}
//PAGE Security
$update_allowed = isAllowed($page ,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'U');
$delete_allowed = isAllowed($page ,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'D');
$create_allowed = isAllowed($page ,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'C');
// Default input product values
$products_versions = [
'rowID' => '',
'productrowid' => '',
'status' => '',
'version' => '',
'config' => '',
'created' => '',
'createdby' => $_SESSION['authorization']['clientID'],
'measurement' => '',
];
//productrowid is required by api
$productrowid = $_GET['productrowid'] ?? '';
if (isset($_GET['rowID'])) {
// ID param exists, edit an existing product
//CALL TO API
$api_url = '/v2/products_versions/rowID='.$_GET['rowID'].'&productrowid='.$productrowid;
$responses = ioServer($api_url,'');
//Decode Payload
if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = null;}
$products_versions = json_decode(json_encode($responses[0]), true);
if ($update_allowed === 1){
if (isset($_POST['submit'])) {
//GET ALL POST DATA
$payload = json_encode($_POST, JSON_UNESCAPED_UNICODE);
//API call
$responses = ioServer('/v2/products_versions', $payload);
if ($responses === 'NOK'){
} else {
header('Location: index.php?page=product&rowID='.$productrowid.'&success_msg=2');
exit;
}
}
}
if ($delete_allowed === 1){
if (isset($_POST['delete'])) {
//GET ALL POST DATA
$payload = json_encode($_POST, JSON_UNESCAPED_UNICODE);
//API call
$responses = ioServer('/v2/products_versions', $payload);
if ($responses === 'NOK'){
} else {
// Redirect and delete product
header('Location: index.php?page=product&rowID='.$productrowid.'&success_msg=3');
exit;
}
}
}
} else {
// Create a new product
if (isset($_POST['submit']) && $create_allowed === 1) {
//GET ALL POST DATA
$payload = json_encode($_POST , JSON_UNESCAPED_UNICODE);
//API call
$responses = ioServer('/v2/products_versions', $payload);
if ($responses === 'NOK'){
}
else {
header('Location: index.php?page=product&rowID='.$productrowid.'&success_msg=1');
exit;
}
}
}
template_header('Products versions', 'products_versions', 'manage');
$view ='
<form action="" method="post" enctype="multipart/form-data">
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100">'.$product_version_version.'</h2>
<a href="index.php?page=product&rowID='.$productrowid.'" class="btn alt mar-right-2">←</a>
';
if ($delete_allowed === 1){
$view .= '<input type="submit" name="delete" value="X" class="btn red mar-right-2" onclick="return confirm(\'Are you sure you want to delete this product?\')">';
}
if ($update_allowed === 1){
$view .= '<input type="submit" name="submit" value="💾" class="btn">';
}
$view .= '</div>';
$view .= '<div class="tabs">
<a href="#" class="active">'.$tab1.'</a>
</div>
';
$view .= '<div class="content-block tab-content active">
<div class="form responsive-width-100">
<label for="status">'.$product_status.'</label>
<select id="status" name="status">
<option value="1" '.($products_versions['status']==1?' selected':'').'>'.$prod_status_1 .'</option>
<option value="0" '.($products_versions['status']==0?' selected':'').'>'.$prod_status_0 .'</option>
</select>
<label for=""><i class="required">*</i>'.$product_version_version.'</label>
<input id="name" type="text" name="version" placeholder="'.$product_version_version.'" value="'.$products_versions['version'].'" required>
';
//VIEW FOR PRODUCT CONFIGURATION
if (isset($_GET['rowID']) && $_GET['rowID'] !=''){
$view .= '
<label for="">'.($product_version_config ?? 'Config').'</label>
<div class="table">
<textarea id="config" name="config" placeholder="'.($product_version_config ?? 'Config').'">'.$products_versions['config'].'</textarea>
</table>
</div>';
if (!is_array(json_decode($products_versions['measurement'],true))){
$view .= '
<label for="">'.($product_version_main_product_option ?? 'Main Product Option').'</label>
<input type="text" name="measurement" placeholder="'.($product_version_main_product_option ?? 'Main Product Option').'" value="'.$products_versions['measurement'].'">';
}
}
if (isset($_GET['rowID']) && $_GET['rowID'] !='' && !empty($products_versions['measurement']) && is_array(json_decode($products_versions['measurement'],true))){
$measurements = json_decode($products_versions['measurement'],true);
$view .= '
<label for="">'.$product_version_measurement.'</label>
<div class="table">
<table>
<thead>
<tr>
<td>Test</td>
<td>N</td>
<td>Average</td>
<td>Median</td>
<td>STdev</td>
</tr>
</thead>
<tbody>
';
foreach ($measurements as $name => $measurement){
$view .='
<tr>
<td>'.$name.'</td>
<td>'.$measurement['n'].'</td>
<td>'.$measurement['average'].'</td>
<td>'.$measurement['median'].'</td>
<td>'.$measurement['stdev'].'</td>
</tr>
';
}
$view .= '</tbody>
</table>
</div>';
}
$view .= '
<input type="hidden" name="rowID" value="'.$products_versions['rowID'].'">
<input type="hidden" name="productrowid" value="'.$productrowid.'">
</div>
</div>';
$view .= '<div class="tabs">
<a href="#">'.$tab3.'</a>
</div>
';
$view .= '<div class="content-block tab-content">
<div class="form responsive-width-100">
<label for="productcode">'.$general_created.'</label>
<input id="name" type="text" name="" placeholder="'.$general_created.'" value="'.$products_versions['created'].'" readonly>
<label for="productcode">'.$general_createdby.'</label>
<input id="name" type="text" name="" placeholder="'.$general_createdby.'" value="'.$products_versions['createdby'].'" readonly>
</div>
</div>';
$view .= '</form>';
//Output
echo $view;
template_footer()
?>
Reference in New Issue View Git Blame Copy Permalink