pcwvanbeers/assetmgt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
24481279d50e18994d9be88009d350df2378dee5
assetmgt/rmas.php
“VeLiTi” 24481279d5 Refactor user session handling and permissions management 
- Updated session variables to use 'authorization' array instead of 'username' for user identification across multiple files.
- Introduced a new function `getUserPermissions` to consolidate user permissions retrieval based on assigned roles.
- Modified API calls to use the new authorization structure and updated endpoints to v2.
- Enhanced language support by adding 'PL' to the list of supported languages.
- Cleaned up redundant code and improved session management during user login and registration processes.
- Added a new API endpoint for fetching user permissions based on user ID.
2026-01-19 15:29:16 +01:00

194 lines
6.5 KiB
PHP
Raw Blame History

<?php
defined(page_security_key) or exit;
if (debug && debug_id == $_SESSION['authorization']['id']){
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
}
include_once './assets/functions.php';
include_once './settings/settings_redirector.php';
$page = 'rmas';
//Check if allowed
if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
header('location: index.php');
exit;
}
//PAGE Security
$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');
//GET PARAMETERS
$pagination_page = isset($_GET['p']) ? $_GET['p'] : 1;
$search = isset($_GET['search']) ? '&search='.$_GET['search'] : '';
// Determine the URL
$url = 'index.php?page='.$page.$search;
//GET Details from URL
$GET_VALUES = urlGETdetails($_GET) ?? '';
//CALL TO API
$api_url = '/v2/rma/'.$GET_VALUES;
$responses = ioServer($api_url,'');
//Decode Payload
if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = null;}
//Return QueryTotal from API
$api_url = '/v2/rma/'.$GET_VALUES.'&totals=';
$query_total = ioServer($api_url,'');
//Decode Payload
if (!empty($query_total)){$query_total = json_decode($query_total,true);}else{$query_total = null;}
// Handle success messages
if (isset($_GET['success_msg'])) {
if ($_GET['success_msg'] == 1) {
$success_msg = $message_rma_1;
}
if ($_GET['success_msg'] == 2) {
$success_msg = $message_rma_2;
}
if ($_GET['success_msg'] == 3) {
$success_msg = $message_rma_3;
}
}
if (isset($_GET['download'])){
downloadToExcel('rma',$responses);
}
template_header('rma', 'rma' ,'view');
$view = '
<div class="content-title">
<div class="title">
<i class="fa-solid fa-car"></i>
<div class="txt">
<h2>'.($rmas_h2 ?? 'Return Material').' ('.$query_total.')</h2>
<p>'.($rmas_p ?? 'View, manage, and search RMA details.').'</p>
</div>
</div>
<div class="title-actions">';
if ($create_allowed === 1){
$view .= '<a href="index.php?page=rma_manage" class="btn">+</a>';
}
$view .= '<button id="filter-toggle" class="btn alt" onclick="toggleFilters()">
<i class="fa-solid fa-search"></i>
</button>
</div>
</div>';
if (isset($success_msg)){
$view .= ' <div class="msg success">
<i class="fas fa-check-circle"></i>
<p>'.$success_msg.'</p>
<i class="fas fa-times"></i>
</div>';
}
$view .= '
<div id="filter-panel" class="filter-panel" style="display: none;">
<div class="filter-content">
<form action="" method="get">
<input type="hidden" name="page" value="rmas">
<div class="filter-row">
<div class="filter-group">
<select name="status">
<option value="" disabled selected>Active</option>
<option value="0">'.$disabled.'</option>
<option value="1">'.$enabled.'</option>
</select>
</div>
<div class="filter-group search-group">
<input type="text" name="search" placeholder="'.($rma_search ?? 'Search RMA...').'" value="">
</div>
</div>
<div class="filter-actions">
<button type="submit" class="btn"><i class="fas fa-level-down-alt fa-rotate-90"></i></button>
<a class="btn alt" href="index.php?page=rmas">'.$general_filters_clear.'</a>';
//SHOW DOWNLOAD TO EXCELL OPTION ONLY TO ADMIN USERS
if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4){
$view .= '<a class="btn alt" href="index.php?page=rmas&download=">
<i class="fa-solid fa-download"></i> Download
</a>';
}
$view .= ' </div>
</form>
</div>
</div>
';
$view .= '
<div class="content-block">
<div class="table">
<table class="sortable">
<thead>
<tr>
<th class="responsive-hidden">'.($rma_rowID ?? 'Request number').'</th>
<th>'.($rma_status ?? 'Status').'</th>
<th>'.$general_created.'</th>
<th>'.$general_createdby.'</th>
<th>'.$general_updated.'</th>
</tr>
</thead>
<tbody>
';
if (empty($responses)){
$view .= '
<tr>
<td colspan="8" style="text-align:center;">'.($message_no_rma ?? 'There is no RMA').'</td>
</tr>';
}
else {
foreach ($responses as $response){
//------------------------------
//Variables
//------------------------------
$status_text = 'rma_status'.$response['status'].'_text';
$view .= '
<tr onclick="window.location.href=\'index.php?page=rma&rowID='.$response['rowID'].'\'" style="cursor: pointer;">
<td class="responsive-hidden">'.$response['rowID'].'</td>
<td>'.$$status_text.'</td>
<td>'.getRelativeTime($response['created']).'</td>
<td>'.$response['createdby'].'</td>
<td>'.getRelativeTime($response['updated']).'</td>
</tr>
';
}
}
$view .= '
</tbody>
</table>
</div>
</div>
';
$view.='<div class="pagination">';
if ($pagination_page > 1) {
$page = $pagination_page-1;
$view .= '<a href="'.$url.'&p=1">'.$general_first.'</a>';
$view .= '<a href="'.$url.'&p='.$page.'">'.$general_prev.'</a>';
}
$totals = ceil($query_total / $page_rows_rma) == 0 ? 1 : ceil($query_total / $page_rows_rma);
$view .= '<span> '.$general_page.$pagination_page.$general_page_of.$totals.'</span>';
if ($pagination_page * $page_rows_rma < $query_total){
$page = $pagination_page+1;
$view .= '<a href="'.$url.'&p='.$page.'">'.$general_next.'</a>';
$view .= '<a href="'.$url.'&p='.$totals.'">'.$general_last.'</a>';
}
$view .= '</div>';
//OUTPUT
echo $view;
template_footer();
?>
Reference in New Issue View Git Blame Copy Permalink