AssetTrackDB - Add Image";
echo '';
echo '';
echo '';
echo '';
echo '';
echo '';
echo '';
echo "";
echo "";
//--START Menu Code and PULL PHP
include 'includes/menu.php';
include 'includes/pull.php';
//--END Menu Code--
echo "
";
echo "
";
//Disallow Read-Only Users Access to this page
if($rostate==1)
{
echo "
Read Only User: You do not have access to this page
";
}
else {
echo "
Add Image
";
echo "
";
$search = '';
if(!empty($_GET["search"])) {
$search = $_GET["search"];
};
//$result = mysql_query("SELECT name FROM asset ORDER BY name ASC") or die(mysql_error());
echo '
';
echo "
";
}
echo "
";
include 'footer.php';
echo '';
include 'includes/userinfo.php';
echo "";
echo "";
?>
addroom.php 100777 0 0 25531 12417073356 6371 0 .
*/
echo "";
echo "AssetTrackDB - Rooms";
echo "";
echo '';
echo "";
echo "";
//--START Menu Code and PULL PHP
include 'includes/menu.php';
include 'includes/pull.php';
//--END Menu Code--
//Disallow Read-Only Users Access to this page
if($rostate==1)
{
echo "
Read Only User: You do not have access to this page
";
//$query1 = mysql_query("UPDATE tracker SET location='$up' WHERE location='$oldroom' AND WHERE building='$select'") or $mysql_error = 1;
$query1 = "UPDATE tracker SET location='$up' WHERE location='$row1[roomnumber]' AND building='$row1[building]'";
mysql_query("$query1");
}
else{
echo "
";
$room = trim($_POST["roomnumber"]); //URL BASED METHOD
$building = $_POST["building"]; //URL BASED METHOD
$result1b = mysql_query("SELECT name FROM building WHERE number like $building") or die(mysql_error());
$rowa = mysql_fetch_array( $result1b );
$builda = $rowa['name'];
mysql_query("INSERT INTO room (roomnumber, building) VALUES('$room','$building')") or $mysql_error = 1;
if ($mysql_error == 1) {
echo "
";
echo "";
//LIST CURRENT PEOPLE:
$result1 = mysql_query("SELECT * FROM room ORDER BY building ASC, roomnumber") or die(mysql_error());
echo " ";
$result1b = mysql_query("SELECT * FROM building ORDER BY name ASC") or die(mysql_error());
while( $row = mysql_fetch_array($result1b, MYSQL_ASSOC) )
{
$data[] = array(
'name' => $row['name'],
'number' => $row['number']
);
}
//NEW METHOD START HERE
//DELETE SECTION
echo "
Use the import template file above to create a csv to import people. Do not delete the labels or descriptions, they will both be ignored during the import.
";
echo '
';
echo '
';
echo '
';
echo '
';
echo "
";
echo '
';
//LIST CURRENT PEOPLE:
$result1 = mysql_query("SELECT * FROM users ORDER BY uname ASC") or die(mysql_error());
echo "
";
echo "
Update / Delete People
";
echo "";
echo "
";
}
include 'footer.php';
echo '
';
include 'includes/userinfo.php';
echo "";
echo "";
?>
add_asset.php 100777 0 0 21646 12417073356 6676 0 .
*/
//PAGE INFO:
//This page processes the form data from add_assetnew.php, adds it to the database, and then show the "X Asset Added!" message
require_once 'config.php';
$owner="";
$newuser="";
$image="";
$newuser="";
// CHECK FORM FOR Required fields
$filled = true;
$required = array("namet", "serial", "owner"); //all the required fields
//Cycle through each field and make sure its filled
foreach ($required as &$value) {
if($value=="owner"){
if(!empty($_POST["owner"])) {
$owner = $_POST["owner"];
}
if(!empty($_POST["newuser"])) {
$newuser = trim($_POST["newuser"]);
}
if($owner==""){
$owner = $newuser;
}
if($owner==""){
$filled = false;
}
}
elseif($_POST[$value]==""){
$filled = false;
}
}
if(!empty($_POST["pdate"])){
$pdate = trim($_POST["pdate"]);
//remove dashes
$dlen = preg_replace("[-]", "", $pdate);
//get date length without the dashes
$len = strlen($dlen);
//check date length (without dashes)
if ($len != '8'){
$filled = false;
}
elseif (is_numeric ($dlen)){
//If numeric do nothing
}
else{
$filled = false;
}
}
//If there are any fields not filled out, send the user back to the form and send any filled in fields
if (!$filled){
$f_name = trim($_POST['namet']);
$serial = trim($_POST['serial']);
$loc = "Location: add_assetnew.php?error=yes&name=".$_POST['namet']."&serial=".$_POST['serial']."&bar_code=".$_POST['bar_code']."&model=".$_POST['model']."&form=".$_POST['form']."&brand=".$_POST['brand']."&use=".$_POST['use1']."&os=".$_POST['os']."&pdate=".$_POST['pdate']."¬es=".$_POST['notes']."&produkey=".$_POST['produkey']."&vendor=".$_POST['vendor']."&funding=".$_POST['funding']."&cost=".$_POST['cost']."&custom1=".$_POST['custom1']."&custom2=".$_POST['custom2']."&newuser=".$_POST['newuser']."&owner=".$_POST['owner']."&phyloc=".$_POST['phyloc'];
header($loc);
}
//Else processes if everything is correct (all required fields filled)
else{
//Check for pre-exsisting Serial/Name
$f_name = trim($_POST['namet']);
$serial = trim($_POST['serial']);
$q1 = "SELECT * from asset WHERE name='$f_name'";
$result1 = mysql_query("$q1");
$total_records = mysql_num_rows($result1);
if ($total_records > 0){ //If name already in database kick the user back
$loc = "Location: add_assetnew.php?etype=name&error=yes&name=".$_POST['namet']."&serial=".$_POST['serial']."&bar_code=".$_POST['bar_code']."&model=".$_POST['model']."&form=".$_POST['form']."&brand=".$_POST['brand']."&use=".$_POST['use1']."&os=".$_POST['os']."&pdate=".$_POST['pdate']."¬es=".$_POST['notes']."&produkey=".$_POST['produkey']."&vendor=".$_POST['vendor']."&funding=".$_POST['funding']."&cost=".$_POST['cost']."&custom1=".$_POST['custom1']."&custom2=".$_POST['custom2']."&newuser=".$_POST['newuser']."&owner=".$_POST['owner']."&phyloc=".$_POST['phyloc'];
header($loc);
echo $loc;
}
$q2 = "SELECT * from asset WHERE serial='$serial'";
$result2 = mysql_query("$q2");
$total_records2 = mysql_num_rows($result2);
if ($total_records2 > 0){ //If name already in database kick the user back
$loc = "Location: add_assetnew.php?etype=serial&error=yes&name=".$_POST['namet']."&serial=".$_POST['serial']."&bar_code=".$_POST['bar_code']."&model=".$_POST['model']."&form=".$_POST['form']."&brand=".$_POST['brand']."&use=".$_POST['use1']."&os=".$_POST['os']."&pdate=".$_POST['pdate']."¬es=".$_POST['notes']."&produkey=".$_POST['produkey']."&vendor=".$_POST['vendor']."&funding=".$_POST['funding']."&cost=".$_POST['cost']."&custom1=".$_POST['custom1']."&custom2=".$_POST['custom2']."&newuser=".$_POST['newuser']."&owner=".$_POST['owner']."&phyloc=".$_POST['phyloc'];
header($loc);
echo $loc;
}
echo "";
echo "AssetTrackDB";
echo '';
echo '';
echo "";
echo "";
//--START Menu Code and PULL PHP
include 'includes/menu.php';
include 'includes/pull.php';
//--END Menu Code--
$f_name = trim($_POST["namet"]);
//IMAGE PROCESSING
$allowedExts = array("jpg", "jpeg", "png", "JPG");
$extension = end(explode(".", $_FILES["file"]["name"]));
if (in_array($extension, $allowedExts))
{
//Generate Random
$ran = rand () ;
$ran2 = $ran.".";
$nname = $ran2.$extension;
move_uploaded_file($_FILES["file"]["tmp_name"] ,$uploc . $nname);
$nnamefull = $uploc . "$nname";
$image = $nname;
//RESIZE
$full = $uploc.$nname;
$output = shell_exec("convert -verbose $full -resize 1024x768 $full");
}
else
{
//echo "
';
//Check if image is blank, if it is do not insert into the Table for images
if ($image == ""){
$image = "";
}
else {
mysql_query("INSERT INTO images (serial, imagename) VALUES('$serial', '$image') ") or die(mysql_error());
}
echo "
";
}
//Disallow Read-Only Users Access to this page
if($rostate==1)
{
echo "
Read Only User: You do not have access to this page
";
}
else {
//Check if this is a return from submitting form with an error
if($error=="yes") {
if(!empty($_GET["etype"])){
$etype = $_GET["etype"];
if($etype == "name"){
echo "
ERROR: Duplicate Name, must be unique.
";
}
if($etype == "serial"){
echo "
ERROR: Duplicate Serial, must be unique.
";
}
}
else{
echo "
ERROR: Required Field Missing
";
}
}
else {};
//Start Main FORM
echo "
";
}
echo "
";
include 'footer.php';
echo '
';
include 'includes/userinfo.php';
echo "";
echo "";
?>
add_image.php 100777 0 0 5650 12417073356 6616 0 .
*/
echo "";
echo "AssetTrackDB - Add Image";
echo '';
echo '';
echo "";
echo "";
//--START Menu Code and PULL PHP
include 'includes/menu.php';
include 'includes/pull.php';
//--END Menu Code--
$f_name = $_POST["name"];
$result = mysql_query("SELECT serial FROM asset WHERE name='$f_name'") or die(mysql_error());
$row = mysql_fetch_array( $result );
$serial = $row['serial'];
$allowedExts = array("jpg", "jpeg", "png", "JPG");
$extension = end(explode(".", $_FILES["file"]["name"]));
if (in_array($extension, $allowedExts))
{
//Generate Random
$ran = rand () ;
$ran2 = $ran.".";
$nname = $ran2.$extension;
move_uploaded_file($_FILES["file"]["tmp_name"] ,$uploc . $nname);
$nnamefull = $uploc . "$nname";
$image = $nname;
mysql_query("INSERT INTO images (serial, imagename) VALUES('$serial', '$image') ") or die(mysql_error());
//RESIZE
$full = $uploc.$nname;
$output = shell_exec("convert -verbose $full -resize 1024x768 $full");
echo "
';
include 'includes/userinfo.php';
echo "";
echo "";
?>
assetsetup.sql 100777 0 0 25504 12417230260 7141 0 SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET NAMES utf8 */;
CREATE TABLE IF NOT EXISTS `asset` (
`bar_code` int(4) DEFAULT NULL,
`name` varchar(25) DEFAULT NULL,
`creation_date` varchar(19) DEFAULT NULL,
`serial` varchar(30) NOT NULL DEFAULT '',
`model` varchar(35) DEFAULT NULL,
`brand` varchar(25) DEFAULT NULL,
`owner` varchar(25) DEFAULT NULL,
`form` varchar(50) DEFAULT NULL,
`use1` varchar(15) DEFAULT NULL,
`notes` text,
`os` varchar(25) DEFAULT NULL,
`pdate` date DEFAULT NULL,
`co_status` tinyint(1) NOT NULL,
`produkey` varchar(29) NOT NULL,
`createdby` varchar(19) NOT NULL,
`updatetime` datetime NOT NULL,
`updateby` varchar(19) NOT NULL,
`vendor` varchar(25) NOT NULL,
`funding` varchar(25) NOT NULL,
`cost` varchar(10) NOT NULL,
`custom1` varchar(255) NOT NULL,
`custom2` varchar(255) NOT NULL,
`phyloc` int(11) DEFAULT NULL,
PRIMARY KEY (`serial`),
UNIQUE KEY `name` (`name`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `asset_retired`
--
CREATE TABLE IF NOT EXISTS `asset_retired` (
`bar_code` int(4) DEFAULT NULL,
`name` varchar(25) DEFAULT NULL,
`creation_date` varchar(19) DEFAULT NULL,
`serial` varchar(30) DEFAULT NULL,
`model` varchar(35) DEFAULT NULL,
`brand` varchar(25) DEFAULT NULL,
`owner` varchar(25) DEFAULT NULL,
`form` varchar(50) DEFAULT NULL,
`use1` varchar(15) DEFAULT NULL,
`notes` text,
`os` varchar(25) DEFAULT NULL,
`pdate` date DEFAULT NULL,
`co_status` tinyint(1) NOT NULL,
`produkey` varchar(29) NOT NULL,
`createdby` varchar(19) NOT NULL,
`updatetime` varchar(19) NOT NULL,
`updateby` varchar(19) NOT NULL,
`vendor` varchar(25) NOT NULL,
`funding` varchar(25) NOT NULL,
`cost` varchar(10) NOT NULL,
`custom1` varchar(255) NOT NULL,
`custom2` varchar(255) NOT NULL,
`phyloc` int(11) DEFAULT NULL,
UNIQUE KEY `serial` (`serial`),
UNIQUE KEY `name` (`name`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `building`
--
CREATE TABLE IF NOT EXISTS `building` (
`name` varchar(25) NOT NULL,
`number` int(11) NOT NULL AUTO_INCREMENT,
PRIMARY KEY (`number`),
KEY `number` (`number`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1;
-- --------------------------------------------------------
--
-- Table structure for table `dates`
--
CREATE TABLE IF NOT EXISTS `dates` (
`number` int(10) NOT NULL AUTO_INCREMENT,
`sdate` date NOT NULL,
`edate` date NOT NULL,
PRIMARY KEY (`number`),
UNIQUE KEY `number` (`number`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
--
-- Table structure for table `disposed`
--
CREATE TABLE IF NOT EXISTS `disposed` (
`bar_code` int(4) DEFAULT NULL,
`name` varchar(25) DEFAULT NULL,
`creation_date` varchar(19) DEFAULT NULL,
`serial` varchar(30) DEFAULT NULL,
`model` varchar(35) DEFAULT NULL,
`brand` varchar(25) DEFAULT NULL,
`owner` varchar(25) DEFAULT NULL,
`form` varchar(50) DEFAULT NULL,
`use1` varchar(15) DEFAULT NULL,
`notes` text,
`os` varchar(25) DEFAULT NULL,
`pdate` date DEFAULT NULL,
`co_status` tinyint(1) NOT NULL,
`produkey` varchar(29) NOT NULL,
`createdby` varchar(19) NOT NULL,
`updatetime` varchar(19) NOT NULL,
`updateby` varchar(19) NOT NULL,
`vendor` varchar(25) NOT NULL,
`funding` varchar(25) NOT NULL,
`cost` varchar(10) NOT NULL,
`ddate` date NOT NULL,
`custom1` varchar(255) NOT NULL,
`custom2` varchar(255) NOT NULL,
`dreason` varchar(55) NOT NULL,
`phyloc` int(11) DEFAULT NULL,
UNIQUE KEY `serial` (`serial`),
UNIQUE KEY `name` (`name`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `images`
--
CREATE TABLE IF NOT EXISTS `images` (
`index` int(11) NOT NULL AUTO_INCREMENT,
`serial` varchar(30) NOT NULL,
`imagename` varchar(60) NOT NULL,
PRIMARY KEY (`index`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=339 ;
-- --------------------------------------------------------
--
-- Table structure for table `members`
--
CREATE TABLE IF NOT EXISTS `members` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(70) NOT NULL,
`password` varchar(255) NOT NULL,
`ro` int(4) NOT NULL,
`createdby` varchar(25) NOT NULL,
`salt` varchar(255) NOT NULL,
`sadmin` tinyint(4) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `username` (`username`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=60 ;
INSERT INTO `members` (`id`, `username`, `password`, `ro`, `createdby`, `salt`, `sadmin`) VALUES
(1, 'admin', 'a1fae0d355700d2de0372601e939f071ada23b8a2661c555ef658576e6bfbb03e1bcaf0d42f3332e2cefdd9e10d527952706bb850f99a207f2f90f2683a13b42', 0, '', 'eMcp345X1znkXGv91no12VX1kxzvHF2WgF7Nm0Y812s=','1');
-- --------------------------------------------------------
--
-- Table structure for table `member_history`
--
CREATE TABLE IF NOT EXISTS `member_history` (
`member` varchar(50) NOT NULL,
`date` date NOT NULL,
`time` time NOT NULL,
`action` varchar(11) NOT NULL,
`index` int(11) NOT NULL AUTO_INCREMENT,
`ipadd` varchar(45) NOT NULL,
`ipfor` varchar(45) NOT NULL,
`valid` varchar(3) NOT NULL,
PRIMARY KEY (`index`),
KEY `index` (`index`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=222 ;
-- --------------------------------------------------------
--
-- Table structure for table `member_prefs`
--
CREATE TABLE IF NOT EXISTS `member_prefs` (
`id` int(4) NOT NULL,
`rpp` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`bar_code` tinyint(1) NOT NULL,
`name` tinyint(1) NOT NULL,
`serial` tinyint(1) NOT NULL,
`age` tinyint(1) NOT NULL,
`model` tinyint(1) NOT NULL,
`brand` tinyint(1) NOT NULL,
`owner` tinyint(1) NOT NULL,
`form` tinyint(1) NOT NULL,
`use1` tinyint(1) NOT NULL,
`co_location` tinyint(1) NOT NULL,
`pdate` tinyint(1) NOT NULL,
`images` tinyint(1) NOT NULL,
`os` tinyint(1) NOT NULL,
`co_status` tinyint(1) NOT NULL,
`produkey` tinyint(1) NOT NULL,
`notes` tinyint(1) NOT NULL,
`createdby` tinyint(1) NOT NULL,
`creation_date` tinyint(1) NOT NULL,
`updatetime` tinyint(1) NOT NULL,
`updateby` tinyint(1) NOT NULL,
`vendor` tinyint(1) NOT NULL,
`funding` tinyint(1) NOT NULL,
`cost` tinyint(1) NOT NULL,
`co_building` tinyint(1) NOT NULL,
`custom1` tinyint(1) NOT NULL,
`custom2` tinyint(1) NOT NULL,
`menup` tinyint(1) NOT NULL,
`co_user` tinyint(1) NOT NULL DEFAULT '1',
`defaultbuilding` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`phyloc` tinyint(4) NOT NULL,
`tsize` int(11) NOT NULL DEFAULT '80'
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
INSERT INTO `member_prefs` (`id`, `rpp`, `bar_code`, `name`, `serial`, `age`, `model`, `brand`, `owner`, `form`, `use1`, `co_location`, `pdate`, `images`, `os`, `co_status`, `produkey`, `notes`, `createdby`, `creation_date`, `updatetime`, `updateby`, `vendor`, `funding`, `cost`, `co_building`, `custom1`, `custom2`, `menup`, `co_user`) VALUES
(1, '250', 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1);
-- --------------------------------------------------------
--
-- Table structure for table `multisearch`
--
CREATE TABLE IF NOT EXISTS `multisearch` (
`f_name` varchar(25) NOT NULL,
`msn` int(11) NOT NULL,
`t1` varchar(25) NOT NULL,
`t2` varchar(25) NOT NULL,
`t3` varchar(25) NOT NULL,
`t4` varchar(25) NOT NULL,
`t5` varchar(25) NOT NULL,
`s1` varchar(25) NOT NULL,
`s2` varchar(25) NOT NULL,
`s3` varchar(25) NOT NULL,
`s4` varchar(25) NOT NULL,
`s5` varchar(25) NOT NULL,
`con1` varchar(5) NOT NULL,
`con2` varchar(5) NOT NULL,
`con3` varchar(5) NOT NULL,
UNIQUE KEY `f_name` (`f_name`),
UNIQUE KEY `f_name_2` (`f_name`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
-- --------------------------------------------------------
--
-- Table structure for table `room`
--
CREATE TABLE IF NOT EXISTS `room` (
`id` int(100) NOT NULL AUTO_INCREMENT,
`roomnumber` varchar(30) NOT NULL,
`building` varchar(4) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `id` (`id`),
UNIQUE KEY `roombuilding` (`roomnumber`,`building`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=468 ;
-- --------------------------------------------------------
--
-- Table structure for table `searches`
--
CREATE TABLE IF NOT EXISTS `searches` (
`f_name` varchar(25) NOT NULL,
`name` varchar(25) NOT NULL,
`type` varchar(25) NOT NULL,
UNIQUE KEY `name` (`name`),
UNIQUE KEY `f_name` (`f_name`),
UNIQUE KEY `f_name_2` (`f_name`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
INSERT INTO `searches` (`f_name`, `name`, `type`) VALUES
('Not Checked Out', '"0"', 'co_status'),
('Checked Out', '1', 'co_status');
-- --------------------------------------------------------
--
-- Table structure for table `settings`
--
CREATE TABLE IF NOT EXISTS `settings` (
`dbversion` varchar(25) COLLATE utf8_unicode_ci NOT NULL,
`updatecheck` tinyint(1) NOT NULL DEFAULT '1',
UNIQUE KEY `dbversion` (`dbversion`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
INSERT INTO `settings` (`dbversion`) VALUES ('R12');
-- --------------------------------------------------------
--
-- Table structure for table `tracker`
--
CREATE TABLE IF NOT EXISTS `tracker` (
`name` varchar(25) NOT NULL,
`serial` varchar(30) NOT NULL,
`user` varchar(25) NOT NULL,
`codate` date NOT NULL,
`cidate` date NOT NULL,
`creation_date` varchar(19) NOT NULL,
`location` varchar(25) NOT NULL,
`co_complete` tinyint(1) NOT NULL,
`building` int(10) NOT NULL,
`cond_out` varchar(255) NOT NULL,
`cond_in` varchar(255) NOT NULL,
KEY `serial` (`serial`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
-- --------------------------------------------------------
--
-- Table structure for table `users`
--
CREATE TABLE IF NOT EXISTS `users` (
`uname` varchar(25) NOT NULL,
`uroom` varchar(25) NOT NULL,
UNIQUE KEY `uname` (`uname`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
-- --------------------------------------------------------
--
-- Table structure for table `dates`
--
CREATE TABLE IF NOT EXISTS `dates` (
`number` int(10) NOT NULL AUTO_INCREMENT,
`sdate` date NOT NULL,
`edate` date NOT NULL,
PRIMARY KEY (`number`),
UNIQUE KEY `number` (`number`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1
asset_list.php 100777 0 0 142711 12417073356 7136 0 .
*/
$rn = '';
$show = '';
$string = '';
$string_f = '';
$cboxstatus = 'yes';
$urladd = '';
$faction = "asset_list.php?";
$report = "report_asset_list_$myusername.csv";
echo "AssetTrackDB - Assets";
echo '';
echo '';
echo '';
echo "";
//--START Menu Code and PULL PHP
include 'includes/menu.php';
include 'includes/pull.php';
//--END Menu Code--
//Determine if retired
if(!empty($_GET["retired"])) {
$rstatus = $_GET["retired"];
$report = "report_retired_asset_list_$myusername.csv";
}
else {
$rstatus = "no";
}
//Determine if disposed
if(!empty($_GET["disposed"])) {
$dstatus = $_GET["disposed"];
$report = "report_disposed_asset_list_$myusername.csv";
}
else {
$dstatus = "no";
}
//DETERMINE AND SET THE TABLE
if($rstatus=="yes"){
$table = "asset_retired";
$rurladd = '&retired=yes';
$cboxstatus = "no";
}
elseif($dstatus=="yes"){
$table = "disposed";
$rurladd = '&disposed=yes';
$cboxstatus = "no";
}
else {
$table = "asset";
$rurladd = '';
}
$result = mysql_query("SELECT sadmin FROM members WHERE username='$myusername'") or die(mysql_error());
while($row = mysql_fetch_array( $result )) {
$adminstat = $row['sadmin'];
}
//Get Strict statement for searches
if(!empty($_GET["strict"])) {
$strict = $_GET["strict"];
}
else{
$strict="no";
}
$fh = fopen($report, 'w') or die("can't open file");
$myusername = $_SESSION["myusername"];
$member_id = mysql_query("SELECT id FROM members WHERE username='$myusername'");
$member = mysql_fetch_array( $member_id );
$member_prefs = mysql_query("SELECT * FROM member_prefs WHERE id='$member[0]'");
$rowmp = mysql_fetch_array( $member_prefs );
$now = time();
$age = null;
$searchtype = '*';
$searchvar = '*';
//INIT RPP (Results Per Page)
$result7 = mysql_query("SELECT rpp FROM member_prefs WHERE id=$member[0]") or die(mysql_error());
$row7 = mysql_fetch_array( $result7 );
$rpp = $row7['rpp'] ;
//INIT tsize (table font size)
$result7 = mysql_query("SELECT tsize FROM member_prefs WHERE id=$memberid") or die(mysql_error());
$row7 = mysql_fetch_array( $result7 );
$tsize = $row7['tsize'] ;
if(!empty($_GET["rppu"])) {
$rppu = $_GET["rppu"];
$query = mysql_query("UPDATE member_prefs SET rpp='$rppu' WHERE id=$member[0]") or die(mysql_error());
$rpp = $rppu;
}
if($rpp == 'All'){
$rpp = '100000000';
}
//END THE MADNESS
if(!empty($_GET["size"])) {
$size = $_GET["size"];
if ($size == 'add'){
$tsize = $tsize + 5;
$q = "UPDATE member_prefs SET tsize='$tsize' WHERE id=$member[0]";
$query = mysql_query($q) or die(mysql_error());
}
if ($size == 'sub'){
$tsize = $tsize - 5;
$q = "UPDATE member_prefs SET tsize='$tsize' WHERE id=$member[0]";
$query = mysql_query($q) or die(mysql_error());
}
}
echo '';
//INIT tsize (table font size)
$result7 = mysql_query("SELECT tsize FROM member_prefs WHERE id=$memberid") or die(mysql_error());
$row7 = mysql_fetch_array( $result7 );
$tsize = $row7['tsize'] ;
//CHECK FOR MULTISEARCH
if(!empty($_GET["multisearch"])) {
$multisearch = $_GET["multisearch"]; //URL BASED METHOD
}
else
{$multisearch = 'no';}
if($multisearch == 'yes'){
//Get MultiSearch Number
$msn = $_GET['msn'];
if ($msn == '2') {
$t1 = "asset." . $_GET['t1'];
$t2 = "asset." . $_GET['t2'];
$t1a = $_GET['t1'];
$t2a = $_GET['t2'];
$s1 = $_GET['s1'];
$s2 = $_GET['s2'];
$con1 = $_GET['con1'];
$query = "AND $t1 LIKE '%$s1%' $con1 $t2 LIKE '%$s2%'";
$queryf = "AND $t1 LIKE $s1 $con1 $t2 LIKE $s2";
$searchtype = 'multisearch=yes&msn='.$msn.'&t1=';
//Line below is for DISPLAY at the bottom of the page
$searchvar = $t1a.'&s1='.$s1.'&t2='.$t2a.'&s2='.$s2.'&con1='.$con1;
//echo $searchvar;
//echo " ";
}
elseif($msn == '3'){
$t1 = "asset." . $_GET['t1'];
$t2 = "asset." . $_GET['t2'];
$t3 = "asset." . $_GET['t3'];
$s1 = $_GET['s1'];
$s2 = $_GET['s2'];
$s3 = $_GET['s3'];
$con1 = $_GET['con1'];
$con2 = $_GET['con2'];
$query = "AND $t1 LIKE '%$s1%' $con1 ( $t2 LIKE '%$s2%' $con2 $t3 LIKE '%$s3%')";
//Line below is for DISPLAY at the bottom of the page
$queryf = $query;
$searchtype = 'multisearch=yes&msn='.$msn.'&t1';
$searchvar = $t1.'&s1='.$s1.'&t2='.$t2.'&s2='.$s2.'&t3='.$t3.'&s3='.$s3.'&con1='.$con1.'&con2='.$con2;
}
elseif($msn == '4'){
$t1 = "asset." . $_GET['t1'];
$t2 = "asset." . $_GET['t2'];
$t3 = "asset." . $_GET['t3'];
$t4 = "asset." . $_GET['t4'];
$s1 = $_GET['s1'];
$s2 = $_GET['s2'];
$s3 = $_GET['s3'];
$s4 = $_GET['s4'];
$con1 = $_GET['con1'];
$con2 = $_GET['con2'];
$con3 = $_GET['con3'];
$query = "AND $t1 LIKE '%$s1%' $con1 ($t2 LIKE '%$s2%' $con2 $t3 LIKE '%$s3%' $con3 $t4 LIKE '%$s4%')";
//Line below is for DISPLAY at the bottom of the page
$queryf = $query;
//FIX BELOW HERE
$searchtype = 'multisearch=yes&msn='.$msn.'&t1';
$searchvar = $t1.'&s1='.$s1.'&t2='.$t2.'&s2='.$s2.'&t3='.$t3.'&s3='.$s3.'&con1='.$con1.'&con2='.$con2;
}
}
else
{
if(!empty($_GET["bar_code"])) {
$bar_code = $_GET["bar_code"]; //URL BASED METHOD
$query = "AND bar_code=$bar_code";
} elseif(!empty($_GET["search"])) {
$search = $_GET["search"];
if ($strict == 'yes'){$show = $show . "Strict ";
$query = "AND name='$search'";
}
else{
$query = "AND name LIKE '%$search%'";
}
$searchvar = $_GET["search"];
$searchtype = 'search';
$show = $show . "Name: " .$name;
} elseif(!empty($_GET["owner"])) {
$owner = $_GET["owner"];
if ($strict == 'yes'){$show = $show . "Strict ";
$query = "AND owner='$owner'";
}
else{
$query = "AND owner LIKE '$owner'";
}
$searchvar = $_GET["owner"];
$searchtype = 'owner';
$show = $show . "Owner: " .$owner;
} elseif(!empty($_GET["form"])) {
$form = $_GET["form"];
if ($strict == 'yes'){$show = $show . "Strict ";
$query = "AND form='$form'";
}
else{
$query = "AND form LIKE '%$form%'";
}
$searchvar = $_GET["form"];
$searchtype = 'form';
$show = $show. "Form: " .$form;
} elseif(!empty($_GET["phyloc"])) {
$phyloc = $_GET["phyloc"];
if ($strict == 'yes'){$show = $show . "Strict ";
$query = "AND phyloc='$phyloc'";
}
else{
$query = "AND phyloc = '$phyloc'";
}
$searchvar = $_GET["phyloc"];
$searchtype = 'phyloc';
$show = $show . "Physical Location: " .$phyloc;
} elseif(!empty($_GET["use"])) {
$use = $_GET["use"];
if ($strict == 'yes'){$show = $show . "Strict ";
$query = "AND use1='$use'";
}
else{
$query = "AND use1 LIKE '%$use%'";
}
$show = $show . "Use: " .$use;
} elseif(!empty($_GET["location"])) {
$location = $_GET["location"];
if ($strict == 'yes'){$show = $show . "Strict ";
$query = "AND location='$location'";
}
else{
$query = "AND location LIKE '%$location%'";
}
$searchvar = $_GET["location"];
$searchtype = 'location';
$show = $show . "Location: " .$location;
} elseif(!empty($_GET["os"])) {
$os = $_GET["os"];
if ($strict == 'yes'){$show = $show . "Strict ";
$query = "AND $table.os='$os'";
}
else{
$query = "AND $table.os LIKE '%$os%'";
}
$searchvar = $_GET["os"];
$searchtype = 'os';
$show = $show . "Operating System: " .$os;
} elseif(!empty($_GET["pdate"])) {
$pdate = $_GET["pdate"];
if ($strict == 'yes'){$show = $show . "Strict ";
$query = "AND $table.pdate='$pdate'";
}
else{
$query = "AND $table.pdate LIKE '%$pdate%'";
}
$searchvar = $_GET["pdate"];
$searchtype = 'pdate';
$show = $show . "Purchase Date: " .$pdate;
} elseif(!empty($_GET["model"])) {
$model = $_GET["model"];
if ($strict == 'yes'){$show = $show . "Strict ";
$query = "AND $table.model='$model'";
}
else{
$query = "AND $table.model LIKE '%$model%'";
}
$searchvar = $_GET["model"];
$searchtype = 'model';
$show = $show . "Model: " .$model;
} elseif(!empty($_GET["name"])) {
$name = $_GET["name"];
if ($strict == 'yes'){$show = $show . "Strict ";
$query = "AND $table.name='$name'";
}
else{
$query = "AND $table.name LIKE '%$name%'";
}
$searchvar = $_GET["name"];
$searchtype = 'name';
} elseif(!empty($_GET["brand"])) {
$brand = $_GET["brand"];
if ($strict == 'yes'){$show = $show . "Strict ";
$query = "AND $table.brand='$brand'";
}
else{
$query = "AND $table.brand LIKE '%$brand%'";
}
$searchvar = $_GET["brand"];
$searchtype = 'brand';
$show = $show . "Brand: " .$brand;
} elseif(!empty($_GET["co_status"])) {
$co_status = $_GET["co_status"];
$query = "AND co_status='$co_status'";
$searchvar = $_GET["co_status"];
$searchtype = 'co_status';
if ($co_status == '1'){
$show = $show . "CO Status: " .'Yes';
}
else
{
$show = $show . "CO Status: " .'No';
}
} elseif(!empty($_GET["cb"])) {
$cb = $_GET["cb"];
$query = "AND createdby='$cb'";
$searchvar = $_GET["cb"];
$searchtype = 'created';
$show = $show . "Created By: " .$cb;
} elseif(!empty($_GET["vend"])) {
$vend = $_GET["vend"];
if ($strict == 'yes'){$show = $show . "Strict ";
$query = "AND $table.vendor='$vend'";
}
else{
$query = "AND $table.vendor LIKE '%$vend%'";
}
$searchvar = $_GET["vend"];
$searchtype = 'vend';
$show = $show . "Vendor: " .$vend;
} elseif(!empty($_GET["fund"])) {
$fund = $_GET["fund"];
$query = "AND $table.funding='$fund'";
$searchvar = $_GET["fund"];
$searchtype = 'funding';
$show = $show . "Funding: " .$fund;
} elseif(!empty($_GET["cost"])) {
$cost = $_GET["cost"];
$query = "AND $table.cost='$cost'";
$searchvar = $_GET["cost"];
$searchtype = 'cost';
$show = $show . "Cost: " .$cost;
} elseif(!empty($_GET["custom1"])) {
$custom1 = $_GET["custom1"];
$query = "AND $table.custom1='$custom1'";
$searchvar = $_GET["custom1"];
$searchtype = 'custom1';
$show = $show . "Custom 1: " .$custom1;
} elseif(!empty($_GET["custom2"])) {
$custom2 = $_GET["custom2"];
$query = "AND $table.custom2='$custom2'";
$searchvar = $_GET["custom2"];
$searchtype = 'custom2';
$show = $show . "Custom 2: " .$custom2;
//CO USER and CO BLDG below
} elseif(!empty($_GET["co_user"])) {
$co_status = "1";
$co_user = $_GET["co_user"];
$searchvar = $_GET["co_user"];
$searchtype = 'co_user';
$qco = "SELECT * FROM tracker WHERE user=$co_user AND co_complete='0'";
$result22 = mysql_query($qco) or die(mysql_error());
//Line below is to start the query
//$query = "AND asset.serial='123XXX111XXX'"; //this line is a dummy to start the query
//loop below completes the query into one big line of if serial = or serial = or serial = ..... then continue and the query is run below
$query = 'AND (';
$query .= "asset.serial='DFSDFSD21343123'";
while($row = mysql_fetch_array( $result22 )) {
$query .= " OR asset.serial='";
$query .= $row['serial'];
$query .= "'";
$show = $show . "CO User: " .$co_user;
}
$query .= ")";
} elseif(!empty($_GET["bldg"])) {
$co_status = "1";
$bldg = $_GET["bldg"];
//$query = "WHERE co_status='$co_status'";
$searchvar = $_GET["bldg"];
$searchtype = 'bldg';
$result22 = mysql_query("SELECT * FROM tracker WHERE building=$bldg AND co_complete='0'") or die(mysql_error());
// $row = mysql_fetch_array( $result22 );
$query = "AND ($table.serial='123'";
while($row = mysql_fetch_array( $result22 )) {
$query .= " OR $table.serial='";
$query .= $row['serial'];
$query .= "'";
$show = $show . "CO Building: " .$bldg;
}
$query .= ")";
}
elseif(!empty($_GET["loc"])) {
$gloc = $_GET["loc"];
$query = "AND location='";
$query .= $gloc;
$query .= "'";
$show = $show . "CO Room: " .$gloc;
} elseif(!empty($_GET["updateby"])) {
$updateby = $_GET["updateby"];
$query = "AND updateby='$updateby'";
$searchvar = $_GET["updateby"];
$searchtype = 'updateby';
$show = $show . "Updated By: " .$updateby;
//IF None of the conditions for earches above work then just get everything from asset, images and tracker tables
} elseif(!empty($_GET["string"])){
$string = $_GET["string"];
$string = ltrim($string, '0');
$string_f = $_GET["string"];
$string_f = ltrim($string_f, '0');
$urladd = "&string=$string";
//Set Search Type and variable for Results per page change
//$searchtype = "string=";
//$searchvar = $string;
$query = "AND (bar_code LIKE '%$string%'
OR $table.name LIKE '%$string%'
OR $table.creation_date LIKE '%$string%'
OR $table.serial LIKE '%$string%'
OR $table.model LIKE '%$string%'
OR $table.brand LIKE '%$string%'
OR $table.owner LIKE '%$string%'
OR $table.form LIKE '%$string%'
OR $table.use1 LIKE '%$string%'
OR $table.notes LIKE '%$string%'
OR $table.os LIKE '%$string%'
OR $table.pdate LIKE '%$string%'
OR $table.cost LIKE '%$string%'
OR $table.funding LIKE '%$string%'
OR $table.vendor LIKE '%$string%'
OR $table.createdby LIKE '%$string%'
OR $table.produkey LIKE '%$string%'
OR $table.updateby LIKE '%$string%'
OR $table.custom1 LIKE '%$string%'
OR $table.custom2 LIKE '%$string%'
OR building.name LIKE '%$string%'
OR track.user LIKE '%$string%'
OR track.location LIKE '%$string%')
";
//
//echo $query;
//echo "
";
}
else {
$query = null;
}
if ($query == ""){
}
else{
//This was code to attempt the building search
$qbuild = "SELECT * from building WHERE name LIKE '%$string%'";
$resultqb = mysql_query($qbuild) or die(mysql_error());
$rn = '';
while($rowrb = mysql_fetch_array( $resultqb )) {
$rn .= " building='";
$rn .= $rowrb['number'];
$rn .= "' OR";
//$rn .= ',';
}
}
//Build query here
}
//Query to get pages and count
if ($query == ""){
$q2 = "SELECT * FROM $table $query";
}
else {
//NEW QUERY
//$q2 = "SELECT SQL_NO_CACHE $table.*, tracker.location,tracker.user, tracker.co_complete, building.name AS bname FROM $table LEFT JOIN `tracker` on $table.serial = tracker.serial LEFT JOIN `building` on tracker.building = building.number WHERE $table.serial <> -1111111 AND (tracker.co_complete = 0 OR tracker.co_complete = NULL) $query";
$q2 = "SELECT $table.*, track.location,track.user, track.co_complete, building.name AS bname FROM $table
LEFT JOIN (SELECT * FROM `tracker` WHERE co_complete=0 AND ($rn user LIKE '%$string%' OR location LIKE '%$string%') ) as track on asset.serial = track.serial
LEFT JOIN `building` on track.building = building.number
WHERE $table.serial <> -1111111 $query
";
}
//Uncomment to display query
//echo $query;
//echo "
";
//echo $q2;
//echo "
";
$result = mysql_query($q2) or die(mysql_error());
$total_records = mysql_num_rows($result);
$total_pages = ceil($total_records / $rpp);
//Deal with multiple pages
if (isset($_GET["page"])) { $page = $_GET["page"]; } else { $page=1; };
$start_from = ($page-1) * $rpp;
//Real Query
if ($query == ""){
$q1 = "SELECT * FROM $table $query ORDER BY name ASC LIMIT $start_from, $rpp";
}
else {
//NEW QUERY
//$q1 = "SELECT SQL_NO_CACHE $table.*, tracker.location,tracker.user, tracker.co_complete, building.name AS bname FROM $table LEFT JOIN `tracker` on $table.serial = tracker.serial LEFT JOIN `building` on tracker.building = building.number WHERE $table.serial <> -1111111 AND (tracker.co_complete = 0 OR tracker.co_complete = NULL) $query ORDER BY $table.name ASC LIMIT $start_from, $rpp";
$q1 = "SELECT $table.*, track.location,track.user, track.co_complete, building.name AS bname FROM $table
LEFT JOIN (SELECT * FROM `tracker` WHERE co_complete=0 AND ($rn user LIKE '%$string%' OR location LIKE '%$string%') ) as track on asset.serial = track.serial
LEFT JOIN `building` on track.building = building.number
WHERE $table.serial <> -1111111 $query ORDER BY name ASC LIMIT $start_from, $rpp
";
}
//date searches
if(!empty($_GET["datesearch"])) {
$datesearch = $_GET["datesearch"];
$searchtype = 'datesearch';
$searchvar = $datesearch;
$urladd = "&datesearch=$datesearch";
$qds = "SELECT * from dates WHERE number='$datesearch'";
$resultds = mysql_query($qds) or die(mysql_error());
while($row = mysql_fetch_array( $resultds )) {
$sdate = $row['sdate'];
$edate = $row['edate'];
}
$q1 = "SELECT * from $table WHERE pdate between '$sdate' and '$edate' ORDER BY pdate ASC LIMIT $start_from, $rpp";
$q2 = "SELECT * from $table WHERE pdate between '$sdate' and '$edate'";
$result = mysql_query($q2) or die(mysql_error());
$total_records = mysql_num_rows($result);
$total_pages = ceil($total_records / $rpp);
echo " ";
$string = "";
$string_f = "Purchase Date Range: $sdate to $edate";
}
//Get phyloc_c for quick search of physical location
if(!empty($_GET["phyloc_c"])) {
$phyloc_c = $_GET["phyloc_c"];
$result22 = mysql_query("SELECT * from building WHERE name LIKE '%$phyloc_c%'");
$query = '';
$cnt = '0';
$names = '';
while($row = mysql_fetch_array( $result22 )) {
$number = $row['number'];
if($cnt == '0'){
$query = $query. "(phyloc = '$number' ";
$cnt++;
$names = $names . $row['name'];
}
else{
$query = $query. "OR phyloc = '$number' ";
$names = $names . ", " . $row['name'];
}
}
$query = $query . ")";
$searchvar = $_GET["phyloc_c"];
$searchtype = 'phyloc_c';
$q1 = "SELECT * from $table WHERE $query ORDER BY pdate ASC LIMIT $start_from, $rpp";
$q2 = "SELECT * from $table WHERE $query";
$result = mysql_query($q2) or die(mysql_error());
$total_records = mysql_num_rows($result);
$total_pages = ceil($total_records / $rpp);
$string = "";
$string_f = "Physical Locations: $names";
}
//END phyloc_c for quick search of physical location
$result = mysql_query($q1) or die(mysql_error());
$result1 = mysql_query("SELECT * FROM images") or die(mysql_error());
$result2 = mysql_query("SELECT * FROM tracker") or die(mysql_error());
//Page Calcualtions START
//Calculate Previous Page Number
if ($page==1){
$pageprev='1';
}
else
{
$pageprev = $page - 1;
}
//Calculate Next Page Number
if ($page < $total_pages) {
$pagenext = $page + 1;
}
else{
$pagenext = $page;
}
//Page Calcualtions END
//Uncomment for Query Display
//echo " Query1: ";
//echo $q1;
//echo " ";
//Uncomment for Query Display
//echo " Query2: ";
//echo $q2;
//echo "
";
//Start Table for TPP and Text Size
echo '
';
//Start Table for RPP
echo '
Results Per Page:
"; //End Table for RPP
echo "
";
//$urladd = '&showall=' . $show . '&name=' . $name . '&nameu=' . $uname . '&action=' . $action .$specialadd;
//$rurladd = '';
//DETERMINE THE URLADD TO APPEND TO LINKS SO SEARCHES PASS BETWEEN PAGES
if(!empty($searchvar)) {
if ($multisearch == 'yes'){
//Works MLS
$urladd .= "&$searchtype$searchvar";
}
else
{
//WORKS Quick Search
$urladd .= "&$searchtype=$searchvar";
}
//$urladd .= "&string=$string";
}
else {
$urladd .='';
}
//Start Table for Text Size
echo '