asset_admin.php

这是一个用于资产管理的源码工具包

<?
/*****************************************************************************
*	SimpleAssets - an online web based asset management application.
*	Copyright (C) 2002 Jeff Gordon (jgordon81@users.sourceforge.net). All rights reserved.
*	Public Works and Government Services Canada (PWGSC)
*   Architecture and Standards Directorate
*
*	Released July 2002
*
*  	This program is free software licensed under the 
* 	GNU General Public License (GPL).
*
*	This file is part of SimpleAssets.
*
*	SimpleAssets is free software; you can redistribute it and/or modify
*	it under the terms of the GNU General Public License as published by
*	the Free Software Foundation; either version 2 of the License, or
*	(at your option) any later version.
*
*	SimpleAssets is distributed in the hope that it will be useful,
*	but WITHOUT ANY WARRANTY; without even the implied warranty of
*	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
*	GNU General Public License for more details.
*
*	You should have received a copy of the GNU General Public License
*	along with SimpleAssets; if not, write to the Free Software
*	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*******************************************************************************/

// contains functions:
// asset_admin_rules($insert,$assettag,$assettype,$os,$assetsupplier,$assetmodel,$assetserial,$assetprice)
// asset_admin($key, $insert, $complete)
// asset_admin_calendar($key)
// asset_admin_dates($key)
// asset_admin_erase($key)

function asset_admin_rules($assetid, $insert,$assettag,$assettype,$os,$assetsupplier,$assetmodel,$assetserial,$assetprice,$employee,$day_new,$month_new,$year_new) {
	global $my_access_level;
	// check duplicate assettag
	if ($insert == true) $sql = "SELECT Assets.AssetTag, Assets.AssetType, Assets.AssetSupplier, Assets.AssetModel, Assets.AssetSerial, Assets.AssetPrice, Assets.os, Assets.Id AS Assets_ID FROM Assets WHERE Assets.AssetTag='" . q_replace(dehtml($assettag)) . "';";
	else $sql = "SELECT Assets.AssetTag, Assets.AssetType, Assets.AssetSupplier, Assets.AssetModel, Assets.AssetSerial, Assets.AssetPrice, Assets.os, Assets.Id AS Assets_ID FROM Assets WHERE Assets.AssetTag='" . q_replace(dehtml($assettag)) . "' AND Assets.Id <> " . $assetid . ";";
	if (($result = doSql($sql)) && (mysql_num_rows($result))) $errcode = "1";
	else $errcode = "0";
	
	// check asset tag (must have length and be numeric)
	if ((strlen($assettag) < 1)) $errcode = $errcode . "1";
	else $errcode = $errcode . "0";

	// check asset type (must have length)
	if (strlen($assettype) < 1) $errcode = $errcode . "1";
	else $errcode = $errcode . "0";

	// check asset supplier (must have length)
	if (strlen($assetsupplier) < 1) $errcode = $errcode . "1";
	else $errcode = $errcode . "0";

	// check asset price (must have length, at most one decimal and be a float or integer)
	if (substr_count($assetprice, ".") > 1) $errcode = $errcode . "1";
	elseif ((strlen($assetprice) > 0) && (is_float($assetprice)) || (is_int($assetprice))) $errcode = $errcode . "1";	
	else $errcode = $errcode . "0";
	
	// employee
	if (($insert == true) && (strlen($employee) < 1) && ($my_access_level > 1)) $errcode = $errcode . "1";
	else $errcode = $errcode . "0";
	
	// date
	$day_now = date("d",time());
	$month_now = date("m",time());
	$year_now = date ("Y",time());
	$date_now = mktime(0,0,0,$month_now,$day_now,$year_now);
	$date_new = mktime(0,0,0,$month_new,$day_new,$year_new);
	
	if ((checkdate($month_new, $day_new, $year_new) == false) || ($date_now < $date_new)) {
		$errcode = $errcode . "1";
	} else {
		$errcode = $errcode . "0";
	}

	return $errcode;
}

// insert and/or update assets
function asset_admin($key, $insert) {
	global $print_screen;
	global $my_access_level;
	global $complete;
	global $hrcolor;
	global $my_emp_id;
	global $emp_db;

	$PHP_SELF = $_SERVER['PHP_SELF'];
	// Set Page Title Based On Insert/Update/Register	
	if ($insert == true) $insertupdatetext = "New Employee";
	else $insertupdatetext = "Update";


	// load the current asset data (either from db, a form submit or just blank info)
	global $assettag, $assettype, $os, $assetsupplier, $assetmodel, $assetserial, $assetprice, $employee, $assetsupplierlink, $notes;
	global $day_new, $month_new, $year_new;
	if (($insert == false) && ($complete != "1")) {
		$sql = "SELECT Assets.AssetTag, Assets.AssetType, Assets.AssetSupplier, Assets.AssetModel, Assets.AssetSerial, Assets.AssetPrice, Assets.os, Assets.notes FROM Assets WHERE Assets.Id=" . $key . ";";
		if (($result = doSql($sql)) && (mysql_num_rows($result)) && ($query_data = mysql_fetch_array($result))) {
			$assettag = substr($query_data["AssetTag"],1,6);
			$assettype = $query_data["AssetType"];
			$os = $query_data["os"];
			$assetsupplier = $query_data["AssetSupplier"];
			$assetmodel = $query_data["AssetModel"];
			$assetserial = $query_data["AssetSerial"];
			$assetprice = $query_data["AssetPrice"];
			$notes = $query_data["notes"];
		}
	}

	if ($complete != "1") {
		$sql2 = "SELECT supplier, link FROM Links WHERE supplier='" . $assetsupplier . "';";
		if (($result2 = doSql($sql2)) && (mysql_num_rows($result2)) && ($query_data2 = mysql_fetch_array($result2))) {
			$assetsupplierlink = $query_data2["link"];
		}
	}
	
	if (is_numeric($assetprice) == false) $assetprice = "0";

	if (($insert == true) && ($complete == "1")) {
		$date_new = mktime(0,0,0,$month_new,$day_new,$year_new);
	} else {
		$day_new = date("d",time());
		$month_new = date("m",time());
		$year_new = date("Y",time());
		$date_new = mktime(0,0,0,$month_new,$day_new,$year_new);
	}
	
	// verify data so that all rules in asset_admin_rules are followed
	while (strlen($assettag) <= 0) {
		$assettag = rand(100000,999999);
		$sql = "SELECT * FROM Assets WHERE Assets.AssetTag='" . $assettag . "';";
		if (($result = doSql($sql)) && (mysql_num_rows($result))) $assettag = "";
	}
	$errcode = asset_admin_rules($key,$insert,$assettag,$assettype,$os,$assetsupplier,$assetmodel,$assetserial,$assetprice,$employee,$day_new,$month_new,$year_new);
	if (($complete == "1") && ($errcode > 0)) {
		// print error messages
		$complete = "0";
		asset_menu_header(true,$insertupdatetext,"<font class=text18bold color='#ff0033'>ERROR: Incomplete or Invalid Data.</font>",$key);
		asset_tabs($key);
		asset_print_info($key);
		echo "<p><font class='text12bold' color='#ff0033'>";
		if ($errcode[0] == "1") echo "The asset tag you have entered is the same as another asset tag previously entered. ";
		if ($errcode[1] == "1") echo "The asset tag is missing. ";
		if ($errcode[2] == "1") echo "An asset type is missing. ";
		if ($errcode[3] == "1") echo "The asset supplier name is missing. ";
		if ($errcode[4] == "1") echo "The asset price must either be blank or consist of digits and one decimal point. ";
		if ($errcode[5] == "1") echo "A valid employee, general assets, surplus or retired must be selected. ";
		if ($errcode[6] == "1") echo "The initial date must be a valid date and before or on today. ";
		echo "</font><p>";
	} else {
		if ($complete != "1") {
			asset_menu_header(true,"",$insertupdatetext,$key);
			asset_tabs($key);
		}
	}
	
	// when asset_admin_rules is broken above, $complete is reset (above)
	// if rules were broken or this is the first time running the screen, print out the form
	if ($complete != "1") {	
		// html encode data for forms
		$assettag = q_replace($assettag);
		$assettype = q_replace($assettype);
		$os = q_replace($os);
		$assetsupplier = q_replace($assetsupplier);
		$assetmodel = q_replace($assetmodel);
		$assetserial = q_replace($assetserial);
		$assetprice = q_replace($assetprice);
		$assetsupplierlink = q_replace($assetsupplierlink);
		$notes = q_replace($notes);
		
		echo "<table width=100% bgcolor='#ffffee' class='assetborder'><tr><td>";
		echo "<form action='" . $PHP_SELF . "' method='get'>";
		if ($insert == true) echo "<input type='hidden' name='action' value='assetinsert'>";
		else echo "<input type='hidden' name='action' value='assetupdate'>";
		echo "<input type='hidden' name='complete' value='1'>";
		echo "<input type='hidden' name='key' value='" . $key . "'>";
		echo "<table width=100%>";
		echo "<tr>\n";			
		echo "<td valign='top'>";
		
		//Asset Tag
		echo "<font class='text11bold'>Asset Tag:<br> <input type='text' name='assettag' maxlength=6 size=6 value=\"" . $assettag . "\" class='boxtext13'><font color='#ff0033' face='arial' size='4'><b> *</b></font><br></font>";
		echo "</td>\n";
		echo "<td class='text11' valign='top'>";
		
		//Asset Type
		echo "<table>";
		echo "<tr><td align='right'><font class='text11bold'>Asset Type: </td><td><input type='text' name='assettype' class='boxtext13bold' size=20 value=\"" . $assettype . "\"></font><font color='#ff0033' face='arial' size='4'><b> *</b></font></td></tr>\n";
	
		//Asset OS
		echo "<tr><td align='right'><font class='text11bold'>Operating System: </td><td><input type='text' name='os' class='boxtext13bold' size=20  value=\"" . $os . "\"></font></td></tr>\n";
	
		// Supplier and Model
		echo "<tr><td colspan=2><p></td></tr>";
		echo "<tr><td align='right'><font class='text11bold'>Supplier: </font></td><td><input type='text' name='assetsupplier' class='boxtext13bold' size=40 value=\"" . $assetsupplier . "\"><font color='#ff0033' face='arial' size='4'><b> *</b></font></td></tr>\n";
		echo "<tr><td align='right'><font class='text11bold'>Supplier Link: </font></td><td><input type='text' name='assetsupplierlink' class='boxtext13bold' size=40 value=\"" . $assetsupplierlink . "\"></td></tr>\n";
		echo "<tr><td align='right'><font class='text11bold'>Model No: </font></td><td><input type='text' name='assetmodel' class='boxtext13bold' size=40 value=\"" . $assetmodel . "\"></td></tr>\n";
		echo "<tr><td align='right'><font class='text11bold'>s/n: </font></td><td><input type='text' name='assetserial' class='boxtext13' size=20 value=\"" . $assetserial . "\"></td></tr>\n";

		// Price
		echo "<tr><td align='right'><font class='text11bold'>Price: <font class='text12'>$</font></font></td><td><input type='text' name='assetprice' class='boxtext13' size=7 value=\"" . $assetprice . "\"></td></tr>\n";

		// Notes
		echo "<tr><td align='right' valign='top'><font class='text11bold'>Notes: <font class='text12'></font></font></td><td><textarea cols='50' rows='5' name='notes' class='boxtext13'>" . $notes . "</textarea></td></tr>\n";


		// Intially Assigned To (Insert Admin Only)
		if ($my_access_level > 1) {
			if ($insert == true) {
				echo "<tr><td align='right'><font class='text11bold'>Initially Assigned To: </td>";
				echo "<td>";
				echo "<select name='employee' size='1' class='boxtext13'>";
				$sql2 = "SELECT LastName, FirstName, Tel, Organization, Dept, Building, Floor, Workstation, Id AS Employees_ID FROM " . $emp_db . "Employees ORDER BY LastName;";
				if (($result2 = doSql($sql2)) && (mysql_num_rows($result2))) {
					echo "<option value='0'>General Assets</option>";
					echo "<option value='-1'>Surplus</option>";
					echo "<option value='-2'>Retired</option>";
					echo "<option value=''>----------------------------</option>";
					while ($query_data2 = mysql_fetch_array($result2)) {
						if (strcmp($curOwnerId,$query_data2["Employees_ID"]) == 0) $selected = " SELECTED";
						else $selected = "";
						echo "<option value='" . $query_data2["Employees_ID"] . "'" . $selected . ">" . $query_data2["LastName"] . ", " . $query_data2["FirstName"] . "</option>";
					}
				}
				echo "</select>";
				echo "</td></tr>\n";

				$month_selected = $month_new;
				$day_selected = $day_new;
				$year_selected = $year_new;

				if (($month_selected == "") || ($day_selected == "") || ($year_selected == "")) {
					$month_selected = date("m",time());
					$day_selected = date("d",time());
					$year_selected = date("Y",time());
				}
							
				$months_names = Array("","January","February","March","April","May","June","July","August","September","October","November","December");
				echo "<tr><td align='right'><font class='text11bold'>Purchase/Install Date: </td>";
				echo "<td>";
				echo "<select name='month_new' size='1' class='boxtext13'>";
				for ($i=1;$i<13;$i++) {
					if ($i == $month_selected) {
						echo "<option value='" . $i . "' SELECTED>" . $months_names[$i] . "</option>";
					} else {
						echo "<option value='" . $i . "'>" . $months_names[$i] . "</option>";
					}
				}
				echo "</select>";

				echo "<select name='day_new' size='1' class='boxtext13'>";
				for ($i=1;$i<32;$i++) {
					if ($i == $day_selected) {
						echo "<option value='" . $i . "' SELECTED>" . $i . "</option>";
					} else {
						echo "<option value='" . $i . "'>" . $i . "</option>";
					}
				}
				echo "</select>";
			
				echo "<select name='year_new' size='1' class='boxtext13'>";
				for ($i=date("Y",time())-30;$i<date("Y",time())+1;$i++) {
					if ($i == $year_selected) {
						echo "<option value='" . $i . "' SELECTED>" . $i . "</option>";
					} else {
						echo "<option value='" . $i . "'>" . $i . "</option>";
					}
				}
				echo "</select>";
				echo "</td></tr>\n";

			}
		}
		echo "</table>";
		echo "</td>\n";
		echo "</tr>\n";
		echo "</table>";
		echo "</td></tr></table>";
		echo "<hr size=0 color='" . $hrcolor . "'>";
		echo "<font color='#ff0033' face='arial' size='4'><b> *</b></font> <font class='text10bold'>denotes a required field</font>";
		echo "<p><center>";
		echo "<a href='javascript:history.back()'><img src='images/back.jpg' width=88 height=27 border=0></a>";
		if ($insert == true) echo "<input type='image' name='submit' src='images/add.jpg' border=0 width=88 height=27></center></form>";
		else echo "<input type='image' name='submit' src='images/update.jpg' border=0 width=88 height=27></center></form>";
		echo "<p><br>";
	} else {

		doSQL("DELETE FROM Links WHERE supplier='" . $assetsupplier . "'");
		if (strlen($assetsupplierlink) > 0) {
			doSQL("INSERT INTO Links (supplier,link) VALUES ('" . $assetsupplier . "','" .  $assetsupplierlink . "')");
		}
		
		// everything is ok and verfied, now perform the actual insert or update action
		if ($insert == true) {
			// insert asset
			$sql = "INSERT INTO Assets (assettag,assettype,os,assetsupplier,assetmodel,assetserial,assetprice,notes) VALUES ('A" . $assettag . "','" . $assettype . "','" . $os . "','" . $assetsupplier . "','" . $assetmodel . "','" . $assetserial . "'," . $assetprice . ",'" . $notes . "');";
			if ($result1 = doSql($sql)) {	
				if ($result2 = doSql("SELECT last_insert_id() as last FROM Assets;")) {
					$query_data = mysql_fetch_array($result2);
					$last_insert_id = $query_data[0];
					$newstartdate = $date_new;
					if ($my_access_level > 1) {
						$initial_employeeid = $employee;
					} else {
						$initial_employeeid = $my_emp_id;
					}
					if ($result3 = doSql("INSERT INTO Assignments (employeeid,assetid,startdate) VALUES (" . $initial_employeeid . "," . $last_insert_id . "," . $newstartdate . ")")) {
						asset_menu_header(true,"New Asset","Asset Added Successful",$key);
						asset_tabs($query_data[0]);
						asset_print_info($query_data[0]);
						echo "<table width=100% bgcolor='#ffeecc'><tr><td><br>";