assetmgt/media_manage.php

<?php
defined(page_security_key) or exit;

$page = 'media_manage';
//Check if allowed
if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
    header('location: index.php');
    exit;
}


//PAGE Security
$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');

// Default input product values
$media = [
    'rowID' => '',
    'title' => '',
    'full_path' => '',
    'created' => '',
    'createdby' => '',
    'updated' => '',
    'updatedby' => '',
    'accounthierarchy' => ''
];

if (isset($_GET['rowID'])) {
    //CALL TO API
    $api_url = '/v2/media/rowID='.$_GET['rowID'];
    $responses = ioServer($api_url,'');
    //Decode Payload
    if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = null;}
    
    $media = json_decode(json_encode($responses[0]), true);

    if ($update_allowed === 1){
        if (isset($_POST['submit'])) {
           
            //GET ALL POST DATA
            $payload = json_encode($_POST, JSON_UNESCAPED_UNICODE);
            //API call
            $responses = ioServer('/v2/media', $payload);

            if ($responses === 'NOK'){

            } else {
            header('Location: index.php?page=media&success_msg=2');
            exit;
            }
        }

    }
    
    if ($delete_allowed === 1){
        if (isset($_POST['delete'])) {
            //GET ALL POST DATA
            $payload = json_encode($_POST, JSON_UNESCAPED_UNICODE);
            //API call
            $responses = ioServer('/v2/media', $payload);
            // Redirect and delete product
            if ($responses === 'NOK'){

            } else {
                header('Location: index.php?page=media&success_msg=3');
                exit;
            }
        }
    }
   
} else {
    // Create a new variable
    if (isset($_POST['submit']) && $create_allowed === 1) {
        //GET ALL POST DATA
        $payload = json_encode($_POST, JSON_UNESCAPED_UNICODE);
          //API call
        $responses = ioServer('/v2/media', $payload);
  
        if ($responses === 'NOK'){

        } else {
            header('Location: index.php?page=media&success_msg=1');
            exit;
        }
    }
}
//EMPTY VIEW
$view = '';

// Handle success messages
if (isset($_GET['success_msg'])) {
    if ($_GET['success_msg'] == 0) {
        $success_msg = $error_msg_0;
    }
}

template_header('Media', 'media', 'manage');

if (isset($success_msg)){
    $view .= ' <div class="msg error">
                    <i class="fas fa-check-circle"></i>
                    <p>'.$success_msg.'</p>
                    <i class="fas fa-times"></i>
                </div>';
}

$view .='
<form action="" method="post">
    <div class="content-title responsive-flex-wrap responsive-pad-bot-3">
        <h2 class="responsive-width-100">'.($media_h2 ?? 'Media').'</h2>
        <a href="index.php?page=translations" class="btn alt mar-right-2">←</a>
';

if ($delete_allowed === 1){
    $view .= '<input type="submit" name="delete" value="X" class="btn red mar-right-2" onclick="return confirm(\'Are you sure you want to delete this media?\')">';
}
if ($update_allowed === 1){
    $view .= '<input type="submit" name="submit" value="💾" class="btn">';
}
   
$view .= '</div>';

$view .= '<div class="tabs">
            <a href="#" class="active">'.$tab1 .'</a>
         </div>';

//Define Service and User enabled
$view .= '<div class="content-block tab-content active">
            <div class="form responsive-width-100">
            <label for="title">'.($media_title ?? 'Title').'</label>
            <input id="title" type="text" name="title" placeholder="'.($media_title ?? '').'" value="'.$media['title'].'">
            <label for="title">'.($media_full_path ?? 'Path').'</label>
            <input id="title" type="text" name="" placeholder="'.($media_full_path ?? '').'" value="'.$media['full_path'].'" readonly>
            <input type="hidden" name="rowID" value="'.$media['rowID'].'" readonly>
            <img id="" src="'.$media['full_path'].'" alt="'.$media['title'].'" style="display: block; max-width: 200px;">  
        ';

$view .= '</div>
        </div>';

$view .= '<div class="tabs">
            <a href="#">'.$tab3.'</a>
         </div>';

$view .= '<div class="content-block tab-content">
        <div class="form responsive-width-100">
            <label for="">'.$general_created.'</label>
            <input id="name" type="text" name="" placeholder="'.$general_created.'" value="'.getRelativeTime($media['created']).'" readonly>
            <label for="">'.$general_createdby.'</label>
            <input id="name" type="text" name="" placeholder="'.$general_createdby.'" value="'.$media['createdby'].'" readonly>
            <label for="productcode">'.$general_updated.'</label>
            <input id="name" type="text" name="" placeholder="'.$general_updated.'" value="'.getRelativeTime($media['updated']).'" readonly>
            <label for="productcode">'.$general_updatedby.'</label>
            <input id="name" type="text" name="" placeholder="'.$general_updatedby.'" value="'.$media['updatedby'].'" readonly>
        </div>
    </div>';
$view .= '</form>';

//Output
echo $view;
template_footer()
?>