reportcreator.php

java开源项目源代码

<?php
/* $Revision: 1.6 $ */

/*
This script has the responsibility to gather basic information necessary to retrieve data for reports. 
It is comprised of several steps designed to gather display preferences, database information, field 
information and filter/criteria information. The Report builder process is as follows:

Step 1: (or script entry): displays the current listing of reports. Uses form ReportsHome.html as a UI.
Step 2: (action=step2): After the user has selected an option, this step is followed to enter a report 
	name and the type of report it is for grouping purposes.
Step 3: Handles the page setup information.
Step 4: Handles the database setup and link information.
Step 5: Handles the database field selection.
Step 6: Handles the Criteria and filter selection.
Export: Handled in action=step2, calls ExportReport to save report as a text file.
Import: Handled in action=step8, calls an import function to read the setup information from a text file.
*/

$DirectoryLevelsDeep = 2;
$PathPrefix = '../../';
$PageSecurity = 2; // set security level for webERP
// Fetch necessary include files for webERP
require ($PathPrefix . 'includes/session.inc');

// Initialize some constants
$ReportLanguage = 'en_US';				// default language file 
define('DBReports','reports');		// name of the databse holding the main report information (ReportID)
define('DBRptFields','reportfields');	// name of the database holding the report fields
define ('DefRptPath',$PathPrefix . 'companies/' . $_SESSION['DatabaseName'] . '/reportwriter/');	// path to default reports
define ('MyDocPath',$PathPrefix . 'companies/' . $_SESSION['DatabaseName'] . '/reportwriter/');	// path to user saved documents


// Fetch necessary include files for report creator
require_once('../languages/' . $ReportLanguage . '/reports.php');
require_once('defaults.php');
require('RCFunctions.inc');

$usrMsg = ''; // initialize array for return messages
// a valid report id needs to be passed as a post field to do anything, except create new report
if (!isset($_POST['ReportID'])) { // entered for the first time or created new report
	$ReportID = ''; 
} else { 
	$ReportID = $_POST['ReportID'];
	if (isset($_POST['Type'])) { // then the type was passed from the previous form
		$Type=$_POST['Type'];
	} else { // we only have a reportid, we need to retrieve the type from thge db to set up the forms correctly
		$sql = "SELECT reporttype FROM ".DBReports." WHERE id='".$ReportID."'";
		$Result=DB_query($sql,$db,'','',false,true);
		$myrow = DB_fetch_array($Result);
		$Type = $myrow[0];
	}
}
switch ($_GET['action']) {
	default:
	case "step2": // entered from select an action (home) page
		// first check to see if a report was selected (except new report and import)
		if (!isset($_GET['action']) OR ($ReportID=='' AND $_POST['todo']<>RPT_BTN_ADDNEW AND $_POST['todo']<>RPT_BTN_IMPORT)) {
			// skip error message if back from import was pressed
			$DropDownString = RetrieveReports();
			if (isset($_GET['action'])) $usrMsg[] = array('message'=>FRM_NORPT, 'level'=>'error');
			$FormParams = PrepStep('1');
			break;
		}
		switch ($_POST['todo']) {
			case RPT_BTN_ADDNEW: // Fetch the defaults and got to select id screen
				$ReportID = '';
				$FormParams = PrepStep('2');
				break;
			case RPT_BTN_EDIT: // fetch the report information and go to the page setup screen
				$sql = "SELECT * FROM ".DBReports." WHERE id='".$ReportID."'";
				$Result=DB_query($sql,$db,'','',false,true);
				$myrow = DB_fetch_array($Result);
				$FormParams = PrepStep('3');
				break;
			case RPT_BTN_RENAME: // Rename a report was selected, fetch the report name and show rename form
				$sql = "SELECT reportname FROM ".DBReports." WHERE id='".$ReportID."'";
				$Result=DB_query($sql,$db,'','',false,true);
				$myrow = DB_fetch_array($Result);
				$_POST['ReportName'] = $myrow['reportname'];
				// continue like copy was pushed
			case RPT_BTN_COPY: // Copy a report was selected 
				$FormParams = PrepStep('2');
				break;
			case RPT_BTN_DEL: // after confirmation, delete the report and go to the main report admin menu
				$sql= "DELETE FROM ".DBReports." WHERE id = ".$ReportID.";";
				$Result=DB_query($sql,$db,'','',false,true);
				$sql= "DELETE FROM ".DBRptFields." WHERE reportid = ".$ReportID.";";
				$Result=DB_query($sql,$db,'','',false,true);
				// reload main entry form
			default:
				$DropDownString = RetrieveReports();
				$FormParams = PrepStep('1');
				break;
			case RPT_BTN_EXPORT:
				ExportReport($ReportID); // We don't return from here, we exit the script
				break;
			case RPT_BTN_IMPORT: // show the file import form
				$ReportName = '';
				$FormParams = PrepStep('imp');
				break;
		}
	break; // End Step 2
	
	case "step3": // entered from id setup page
		switch ($_POST['todo']) {
			case RPT_BTN_REPLACE: // Erase the default report and copy a new one with the same name
				if (isset($_POST['ReplaceReportID'])) { // then we need to delete the report to replace
					$sql= "DELETE FROM ".DBReports." WHERE id = ".$_POST['ReplaceReportID'].";";
					$Result=DB_query($sql,$db,'','',false,true);
					$sql= "DELETE FROM ".DBRptFields." WHERE reportid = ".$_POST['ReplaceReportID'].";";
					$Result=DB_query($sql,$db,'','',false,true);
				}
				// report has been deleted, continue to create or copy (in case 'Continue' below)
			case RPT_BTN_CONT: // fetch the report information and go to the page setup screen
				// input error check reportname, blank duplicate, bad characters, etc.
				if ($_POST['ReportName']=='') { // no report name was entered, error and reload form
					$usrMsg[] = array('message'=>RPT_NORPT, 'level'=>'error');
					$FormParams = PrepStep('2');
					break;
				}
				// check for duplicate report name
				$sql = "SELECT id FROM ".DBReports." WHERE reportname='".addslashes($_POST['ReportName'])."';";
				$Result=DB_query($sql,$db,'','',false,true);
				if (DB_num_rows($Result)>0) { // then we have a duplicate report name, error and reload
					$myrow = DB_fetch_array($Result);
					$ReplaceReportID = $myrow['id']; // save the duplicate report id
					$usrMsg[] = array('message'=>RPT_SAVEDUP, 'level'=>'error');
					$usrMsg[] = array('message'=>RPT_DEFDEL, 'level'=>'warn');
					$FormParams = PrepStep('2');
					break;
				}
				// Input validated perform requested operation
				if ($ReportID=='') { // then it's a new report
					// Check to see if a form or report to create
					if ($_POST['NewType']=='') { // then no type selected, error and re-display form
						$usrMsg[] = array('message'=>RPT_NORPTTYPE, 'level'=>'warn');
						$FormParams = PrepStep('2');
						break;
					} elseif ($_POST['NewType']=='rpt') { // a report, read the groupname
						$GroupName = $_POST['GroupName'];
					} elseif ($_POST['NewType']=='frm') { // a form, set the groupname
						$GroupName = $_POST['FormGroup'];
					}
					$Type = $_POST['NewType'];
					$sql = "INSERT INTO ".DBReports." (reportname, reporttype, groupname, defaultreport)
						VALUES ('".addslashes($_POST['ReportName'])."', '".$Type."', '".$GroupName."', '1')";
					$Result=DB_query($sql,$db,'','',false,true);
					$ReportID = DB_Last_Insert_ID($db,DBReports,'id');
					// Set some default report information: date display default choices to 'ALL'
					if ($Type<>'frm') { // set the truncate long descriptions default
						$sql = "INSERT INTO ".DBRptFields." (reportid, entrytype, params, displaydesc)
							VALUES (".$ReportID.", 'trunclong', '0', '');";
						$Result=DB_query($sql,$db,'','',false,true);
					} else { // it's a form so write a default form break record
						$sql = "INSERT INTO ".DBRptFields." (reportid, entrytype, params, displaydesc)
							VALUES (".$ReportID.", 'grouplist', '', '');";
						$Result=DB_query($sql,$db,'','',false,true);
					}
					$sql = "INSERT INTO ".DBRptFields." (reportid, entrytype, fieldname, displaydesc)
						VALUES (".$ReportID.", 'dateselect', '', 'a');";
					$Result=DB_query($sql,$db,'','',false,true);
				} else { // copy the report and all fields to the new report name
					$OrigID = $ReportID;
					// Set the report id to 0 to prepare to copy
					$sql = "UPDATE ".DBReports." SET id=0 WHERE id=".$ReportID.";";
					$Result=DB_query($sql,$db,'','',false,true);
					$sql = "INSERT INTO ".DBReports." SELECT * FROM ".DBReports." WHERE id = 0;";
					$Result=DB_query($sql,$db,'','',false,true);
					// Fetch the id entered
					$ReportID = DB_Last_Insert_ID($db,DBReports,'id');
					// Restore original report ID from 0
					$sql = "UPDATE ".DBReports." SET id=".$OrigID." WHERE id=0;";
					$Result=DB_query($sql,$db,'','',false,true);
					// Set the report name and group name per the form
					$sql = "UPDATE ".DBReports." SET 
							reportname = '" . DB_escape_string($_POST['ReportName']) . "' 
						WHERE id =".$ReportID.";";
					$Result=DB_query($sql,$db,'','',false,true);
					// fetch the fields and duplicate
					$sql = "SELECT * FROM ".DBRptFields." WHERE reportid=".$OrigID.";";
					$Result=DB_query($sql,$db,'','',false,true);
					while ($temp = DB_fetch_array($Result)) $field[] = $temp;
					foreach ($field as $row) {
						$sql = "INSERT INTO ".DBRptFields." (reportid, entrytype, seqnum, fieldname, 
								displaydesc, visible, columnbreak, params)
							VALUES (".$ReportID.", '".$row['entrytype']."', ".$row['seqnum'].",
								'".$row['fieldname']."', '".$row['displaydesc']."', '".$row['visible']."',
								'".$row['columnbreak']."', '".$row['params']."');";
						$Result=DB_query($sql,$db,'','',false,true);
					}
				}
				// read back in new data for next screen (will set defaults as defined in the db)
				$sql = "SELECT * FROM ".DBReports." WHERE id='".$ReportID."'";
				$Result=DB_query($sql,$db,'','',false,true);
				$myrow = DB_fetch_array($Result);
				$FormParams = PrepStep('3');
				break;
	
			case RPT_BTN_RENAME: // Rename a report was selected, fetch the report name and update
				// input error check reportname, blank duplicate, bad characters, etc.
				if ($_POST['ReportName']=='') { // no report name was entered, error and reload form
					$usrMsg[] = array('message'=>RPT_NORPT, 'level'=>'error');
					$FormParams = PrepStep('2');
					break;
				}
				// check for duplicate report name
				$sql = "SELECT id FROM ".DBReports." WHERE reportname='".addslashes($_POST['ReportName'])."';";
				$Result=DB_query($sql,$db,'','',false,true);
				if (DB_num_rows($Result)>0) { // then we have a duplicate report name, error and reload
					$myrow = DB_fetch_array($Result);
					if ($myrow['id']<>$ReportID) { // then the report has a duplicate name to something other than itself, error
						$usrMsg[] = array('message'=>RPT_REPDUP, 'level'=>'error');
						$FormParams = PrepStep('2');
						break;
					}
				}
				$sql = "UPDATE ".DBReports." SET reportname='".addslashes($_POST['ReportName'])."' WHERE id=".$ReportID.";";
				$Result=DB_query($sql,$db,'','',false,true);
				$usrMsg[] = array('message'=>RPT_UPDATED, 'level'=>'success');
				// continue with default to return to reports home
			case RPT_BTN_BACK:
			default:	// bail to reports home
				$DropDownString = RetrieveReports();
				$FormParams = PrepStep('1');
		}
	break;
	
	case "step4": // entered from page setup page
		switch ($_POST['todo']) {
			case RPT_BTN_UPDATE:
				$success = UpdatePageFields($ReportID);