AssetTrackDB - Add Image";
echo '';
echo '';
echo '';
echo '';
echo '';
echo '';
echo "";
echo "";
//--START Menu Code and PULL PHP
include 'includes/menu.php';
include 'includes/pull.php';
//--END Menu Code--
echo "
";
echo "
";
//Disallow Read-Only Users Access to this page
if($rostate==1)
{
echo "
Read Only User: You do not have access to this page
";
}
else {
echo "
Add Image
";
echo "
";
$search = '';
if(!empty($_GET["search"])) {
$search = $_GET["search"];
};
//$result = mysql_query("SELECT name FROM asset ORDER BY name ASC") or die(mysql_error());
echo '
';
echo "
";
}
echo "
";
include 'footer.php';
echo '';
include 'includes/userinfo.php';
echo "";
echo "";
?>
addroom.php 100777 0 0 22326 12312454227 6362 0 .
*/
echo "";
echo "AssetTrackDB - Rooms";
echo "";
echo '';
echo "";
echo "";
//--START Menu Code and PULL PHP
include 'includes/menu.php';
include 'includes/pull.php';
//--END Menu Code--
//Disallow Read-Only Users Access to this page
if($rostate==1)
{
echo "
Read Only User: You do not have access to this page
";
//$query1 = mysql_query("UPDATE tracker SET location='$up' WHERE location='$oldroom' AND WHERE building='$select'") or $mysql_error = 1;
$query1 = "UPDATE tracker SET location='$up' WHERE location='$row1[roomnumber]' AND building='$row1[building]'";
mysql_query("$query1");
}
else{
echo "
";
}
else{
$mysql_error = '0';
$building = $_POST["building"];
$query1a = mysql_query("SELECT roomnumber FROM room WHERE id='$select'");
$oldroom = mysql_fetch_array( $query1a );
$query1 = mysql_query("UPDATE room SET building='$building' WHERE id='$select'") or $mysql_error = 1;
$query1b = mysql_query("SELECT name FROM building WHERE number='$building'");
$bldname = mysql_fetch_array( $query1b );
if ($mysql_error == '0'){
echo "
Room: "; echo $oldroom[0]; echo " Building Updated to: "; echo $bldname[0]; echo "
";
}
else
{
echo "
Error: Building : "; echo $bldname[0]; echo " already has a room number: "; echo $oldroom[0]; echo "
";
}
}
}
$mysql_error = '0';
if(!empty($_POST["roomnumber"])){
$room = trim($_POST["roomnumber"]); //URL BASED METHOD
$building = $_POST["building"]; //URL BASED METHOD
$result1b = mysql_query("SELECT name FROM building WHERE number like $building") or die(mysql_error());
$rowa = mysql_fetch_array( $result1b );
$builda = $rowa['name'];
mysql_query("INSERT INTO room (roomnumber, building) VALUES('$room','$building')") or $mysql_error = 1;
if ($mysql_error == 1) {
echo "
";
echo "";
//LIST CURRENT PEOPLE:
$result1 = mysql_query("SELECT * FROM room ORDER BY building ASC, roomnumber") or die(mysql_error());
echo " ";
//DELETE SECTION
echo "
Use the import template file above to create a csv to import people. Do not delete the labels or descriptions, they will both be ignored during the import.
";
echo '
';
echo '
';
echo '
';
echo '
';
echo "
";
echo '
';
//LIST CURRENT PEOPLE:
$result1 = mysql_query("SELECT * FROM users ORDER BY uname ASC") or die(mysql_error());
echo "
";
echo "
Update / Delete People
";
echo "";
echo "
";
}
include 'footer.php';
echo '
';
include 'includes/userinfo.php';
echo "";
echo "";
?>
add_asset.php 100777 0 0 14660 12312454227 6666 0 .
*/
//PAGE INFO:
//This page processes the form data from add_assetnew.php, adds it to the database, and then show the "X Asset Added!" message
require_once 'config.php';
$owner="";
$newuser="";
$image="";
// CHECK FORM FOR Required fields
$filled = true;
$required = array("namet", "serial", "owner"); //all the required fields
//Cycle through each field and make sure its filled
foreach ($required as &$value) {
if($value=="owner"){
if(!empty($_POST["owner"])) {
$owner = $_POST["owner"];
}
if(!empty($_POST["newuser"])) {
$newuser = trim($_POST["newuser"]);
}
if($owner==""){
$owner = $newuser;
}
if($owner==""){
$filled = false;
}
}
elseif($_POST[$value]==""){
$filled = false;
}
}
if(!empty($_POST["pdate"])){
$pdate = trim($_POST["pdate"]);
//remove dashes
$dlen = preg_replace("[-]", "", $pdate);
//get date length without the dashes
$len = strlen($dlen);
//check date length (without dashes)
if ($len != '8'){
$filled = false;
}
elseif (is_numeric ($dlen)){
//If numeric do nothing
}
else{
$filled = false;
}
}
//If there are any fields not filled out, send the user back to the form and send any filled in fields
if (!$filled){
$f_name = trim($_POST['namet']);
$serial = trim($_POST['serial']);
$loc = "Location: add_assetnew.php?error=yes&name=".$_POST['namet']."&serial=".$_POST['serial']."&bar_code=".$_POST['bar_code']."&model=".$_POST['model']."&form=".$_POST['form']."&brand=".$_POST['brand']."&use=".$_POST['use1']."&os=".$_POST['os']."&pdate=".$_POST['pdate']."¬es=".$_POST['notes']."&produkey=".$_POST['produkey']."&vendor=".$_POST['vendor']."&funding=".$_POST['funding']."&cost=".$_POST['cost']."&custom1=".$_POST['custom1']."&custom2=".$_POST['custom2']."&newuser=".$_POST['newuser']."&owner=".$_POST['owner'];
header($loc);
}
//Else processes if everything is correct (all required fields filled)
else{
echo "";
echo "AssetTrackDB";
echo '';
echo '';
echo "";
echo "";
//--START Menu Code and PULL PHP
include 'includes/menu.php';
include 'includes/pull.php';
//--END Menu Code--
$f_name = trim($_POST["namet"]);
//IMAGE PROCESSING
$allowedExts = array("jpg", "jpeg", "png", "JPG");
$extension = end(explode(".", $_FILES["file"]["name"]));
if (in_array($extension, $allowedExts))
{
//Generate Random
$ran = rand () ;
$ran2 = $ran.".";
$nname = $ran2.$extension;
move_uploaded_file($_FILES["file"]["tmp_name"] ,$uploc . $nname);
$nnamefull = $uploc . "$nname";
$image = $nname;
//RESIZE
$full = $uploc.$nname;
$output = shell_exec("convert -verbose $full -resize 1024x768 $full");
}
else
{
//echo "
";
$mysql_error = '0';
mysql_query("INSERT INTO users (uname) VALUES('$owner') ") or $mysql_error = 1;
if ($mysql_error == '0'){
echo "
New Person Added
";
}
mysql_query("INSERT INTO asset (bar_code, name,creation_date,serial,model,brand,owner,form,use1,notes,os,pdate,produkey,createdby,funding,vendor,cost,custom1,custom2) VALUES('$bar_code', '$f_name', '$today','$serial','$model','$brand','$owner','$form','$use1','$notes','$os','$pdate','$produkey','$myusername','$funding','$vendor','$cost','$custom1','$custom2') ")
or die(mysql_error());
echo '
';
//Check if image is blank, if it is do not insert into the Table for images
if ($image == ""){
$image = "";
}
else {
mysql_query("INSERT INTO images (serial, imagename) VALUES('$serial', '$image') ") or die(mysql_error());
}
echo "
';
include 'footer.php';
echo '';
include 'includes/userinfo.php';
echo "";
echo "";
?>
assetsetup.sql 100777 0 0 24167 12316411223 7143 0 SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
CREATE TABLE IF NOT EXISTS `asset` (
`bar_code` int(4) DEFAULT NULL,
`name` varchar(25) DEFAULT NULL,
`creation_date` varchar(19) DEFAULT NULL,
`serial` varchar(30) NOT NULL DEFAULT '',
`model` varchar(35) DEFAULT NULL,
`brand` varchar(25) DEFAULT NULL,
`owner` varchar(25) DEFAULT NULL,
`form` varchar(15) DEFAULT NULL,
`use1` varchar(15) DEFAULT NULL,
`notes` text,
`os` varchar(25) DEFAULT NULL,
`pdate` date DEFAULT NULL,
`co_status` tinyint(1) NOT NULL,
`produkey` varchar(29) NOT NULL,
`createdby` varchar(19) NOT NULL,
`updatetime` varchar(19) NOT NULL,
`updateby` varchar(19) NOT NULL,
`vendor` varchar(25) NOT NULL,
`funding` varchar(25) NOT NULL,
`cost` varchar(10) NOT NULL,
`custom1` varchar(255) NOT NULL,
`custom2` varchar(255) NOT NULL,
PRIMARY KEY (`serial`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `asset_retired`
--
CREATE TABLE IF NOT EXISTS `asset_retired` (
`bar_code` int(4) DEFAULT NULL,
`name` varchar(25) DEFAULT NULL,
`creation_date` varchar(19) DEFAULT NULL,
`serial` varchar(30) DEFAULT NULL,
`model` varchar(35) DEFAULT NULL,
`brand` varchar(25) DEFAULT NULL,
`owner` varchar(25) DEFAULT NULL,
`form` varchar(15) DEFAULT NULL,
`use1` varchar(15) DEFAULT NULL,
`notes` text,
`os` varchar(25) DEFAULT NULL,
`pdate` date DEFAULT NULL,
`co_status` tinyint(1) NOT NULL,
`produkey` varchar(29) NOT NULL,
`createdby` varchar(19) NOT NULL,
`updatetime` varchar(19) NOT NULL,
`updateby` varchar(19) NOT NULL,
`vendor` varchar(25) NOT NULL,
`funding` varchar(25) NOT NULL,
`cost` varchar(10) NOT NULL,
`custom1` varchar(255) NOT NULL,
`custom2` varchar(255) NOT NULL,
UNIQUE KEY `serial` (`serial`),
UNIQUE KEY `name` (`name`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `building`
--
CREATE TABLE IF NOT EXISTS `building` (
`name` varchar(25) NOT NULL,
`number` int(11) NOT NULL AUTO_INCREMENT,
PRIMARY KEY (`number`),
KEY `number` (`number`),
KEY `number_2` (`number`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=20 ;
-- --------------------------------------------------------
--
-- Table structure for table `disposed`
--
CREATE TABLE IF NOT EXISTS `disposed` (
`bar_code` int(4) DEFAULT NULL,
`name` varchar(25) DEFAULT NULL,
`creation_date` varchar(19) DEFAULT NULL,
`serial` varchar(30) DEFAULT NULL,
`model` varchar(35) DEFAULT NULL,
`brand` varchar(25) DEFAULT NULL,
`owner` varchar(25) DEFAULT NULL,
`form` varchar(15) DEFAULT NULL,
`use1` varchar(15) DEFAULT NULL,
`notes` text,
`os` varchar(25) DEFAULT NULL,
`pdate` date DEFAULT NULL,
`co_status` tinyint(1) NOT NULL,
`produkey` varchar(29) NOT NULL,
`createdby` varchar(19) NOT NULL,
`updatetime` varchar(19) NOT NULL,
`updateby` varchar(19) NOT NULL,
`vendor` varchar(25) NOT NULL,
`funding` varchar(25) NOT NULL,
`cost` varchar(10) NOT NULL,
`ddate` date NOT NULL,
`custom1` varchar(255) NOT NULL,
`custom2` varchar(255) NOT NULL,
`dreason` varchar(55) NOT NULL,
UNIQUE KEY `serial` (`serial`),
UNIQUE KEY `name` (`name`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `images`
--
CREATE TABLE IF NOT EXISTS `images` (
`index` int(11) NOT NULL AUTO_INCREMENT,
`serial` varchar(30) NOT NULL,
`imagename` varchar(60) NOT NULL,
PRIMARY KEY (`index`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=339 ;
-- --------------------------------------------------------
--
-- Table structure for table `members`
--
CREATE TABLE IF NOT EXISTS `members` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(70) NOT NULL,
`password` varchar(255) NOT NULL,
`ro` int(4) NOT NULL,
`createdby` varchar(25) NOT NULL,
`salt` varchar(255) NOT NULL,
`sadmin` tinyint(4) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `username` (`username`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=60 ;
INSERT INTO `members` (`id`, `username`, `password`, `ro`, `createdby`, `salt`, `sadmin`) VALUES
(1, 'admin', 'a1fae0d355700d2de0372601e939f071ada23b8a2661c555ef658576e6bfbb03e1bcaf0d42f3332e2cefdd9e10d527952706bb850f99a207f2f90f2683a13b42', 0, '', 'eMcp345X1znkXGv91no12VX1kxzvHF2WgF7Nm0Y812s=','1');
-- --------------------------------------------------------
--
-- Table structure for table `member_history`
--
CREATE TABLE IF NOT EXISTS `member_history` (
`member` varchar(50) NOT NULL,
`date` date NOT NULL,
`time` time NOT NULL,
`action` varchar(11) NOT NULL,
`index` int(11) NOT NULL AUTO_INCREMENT,
`ipadd` varchar(45) NOT NULL,
`ipfor` varchar(45) NOT NULL,
`valid` varchar(3) NOT NULL,
PRIMARY KEY (`index`),
KEY `index` (`index`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=751 ;
-- --------------------------------------------------------
--
-- Table structure for table `member_prefs`
--
CREATE TABLE IF NOT EXISTS `member_prefs` (
`id` int(4) NOT NULL,
`rpp` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`bar_code` tinyint(1) NOT NULL,
`name` tinyint(1) NOT NULL,
`serial` tinyint(1) NOT NULL,
`age` tinyint(1) NOT NULL,
`model` tinyint(1) NOT NULL,
`brand` tinyint(1) NOT NULL,
`owner` tinyint(1) NOT NULL,
`form` tinyint(1) NOT NULL,
`use1` tinyint(1) NOT NULL,
`co_location` tinyint(1) NOT NULL,
`pdate` tinyint(1) NOT NULL,
`images` tinyint(1) NOT NULL,
`os` tinyint(1) NOT NULL,
`co_status` tinyint(1) NOT NULL,
`produkey` tinyint(1) NOT NULL,
`notes` tinyint(1) NOT NULL,
`createdby` tinyint(1) NOT NULL,
`creation_date` tinyint(1) NOT NULL,
`updatetime` tinyint(1) NOT NULL,
`updateby` tinyint(1) NOT NULL,
`vendor` tinyint(1) NOT NULL,
`funding` tinyint(1) NOT NULL,
`cost` tinyint(1) NOT NULL,
`co_building` tinyint(1) NOT NULL,
`custom1` tinyint(1) NOT NULL,
`custom2` tinyint(1) NOT NULL,
`menup` tinyint(1) NOT NULL,
`co_user` tinyint(1) NOT NULL DEFAULT '1'
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
INSERT INTO `member_prefs` (`id`, `rpp`, `bar_code`, `name`, `serial`, `age`, `model`, `brand`, `owner`, `form`, `use1`, `co_location`, `pdate`, `images`, `os`, `co_status`, `produkey`, `notes`, `createdby`, `creation_date`, `updatetime`, `updateby`, `vendor`, `funding`, `cost`, `co_building`, `custom1`, `custom2`, `menup`, `co_user`) VALUES
(1, '250', 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1);
-- --------------------------------------------------------
--
-- Table structure for table `multisearch`
--
CREATE TABLE IF NOT EXISTS `multisearch` (
`f_name` varchar(25) NOT NULL,
`msn` int(11) NOT NULL,
`t1` varchar(25) NOT NULL,
`t2` varchar(25) NOT NULL,
`t3` varchar(25) NOT NULL,
`t4` varchar(25) NOT NULL,
`t5` varchar(25) NOT NULL,
`s1` varchar(25) NOT NULL,
`s2` varchar(25) NOT NULL,
`s3` varchar(25) NOT NULL,
`s4` varchar(25) NOT NULL,
`s5` varchar(25) NOT NULL,
`con1` varchar(5) NOT NULL,
`con2` varchar(5) NOT NULL,
`con3` varchar(5) NOT NULL,
UNIQUE KEY `f_name` (`f_name`),
UNIQUE KEY `f_name_2` (`f_name`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
-- --------------------------------------------------------
--
-- Table structure for table `room`
--
CREATE TABLE IF NOT EXISTS `room` (
`id` int(100) NOT NULL AUTO_INCREMENT,
`roomnumber` varchar(30) NOT NULL,
`building` varchar(4) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `id` (`id`),
UNIQUE KEY `roombuilding` (`roomnumber`,`building`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=468 ;
-- --------------------------------------------------------
--
-- Table structure for table `searches`
--
CREATE TABLE IF NOT EXISTS `searches` (
`f_name` varchar(25) NOT NULL,
`name` varchar(25) NOT NULL,
`type` varchar(25) NOT NULL,
UNIQUE KEY `name` (`name`),
UNIQUE KEY `f_name` (`f_name`),
UNIQUE KEY `f_name_2` (`f_name`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
INSERT INTO `searches` (`f_name`, `name`, `type`) VALUES
('Not Checked Out', '"0"', 'co_status'),
('Checked Out', '1', 'co_status');
-- --------------------------------------------------------
--
-- Table structure for table `settings`
--
CREATE TABLE IF NOT EXISTS `settings` (
`dbversion` varchar(25) COLLATE utf8_unicode_ci NOT NULL,
`updatecheck` tinyint(1) NOT NULL DEFAULT '1',
UNIQUE KEY `dbversion` (`dbversion`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
INSERT INTO `settings` (`dbversion`) VALUES ('R9');
-- --------------------------------------------------------
--
-- Table structure for table `tracker`
--
CREATE TABLE IF NOT EXISTS `tracker` (
`name` varchar(25) NOT NULL,
`serial` varchar(30) NOT NULL,
`user` varchar(25) NOT NULL,
`codate` date NOT NULL,
`cidate` date NOT NULL,
`creation_date` varchar(19) NOT NULL,
`location` varchar(25) NOT NULL,
`co_complete` tinyint(1) NOT NULL,
`building` int(10) NOT NULL,
`cond_out` varchar(255) NOT NULL,
`cond_in` varchar(255) NOT NULL,
KEY `serial` (`serial`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
-- --------------------------------------------------------
--
-- Table structure for table `users`
--
CREATE TABLE IF NOT EXISTS `users` (
`uname` varchar(25) NOT NULL,
`uroom` varchar(25) NOT NULL,
UNIQUE KEY `uname` (`uname`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
asset_list.php 100777 0 0 122713 12314027476 7134 0 .
*/
$show = '';
$string = '';
$cboxstatus = 'yes';
$urladd = '';
$faction = "asset_list.php?";
$report = "report_asset_list_$myusername.csv";
$result = mysql_query("SELECT sadmin FROM members WHERE username='$myusername'") or die(mysql_error());
while($row = mysql_fetch_array( $result )) {
$adminstat = $row['sadmin'];
}
//Get Strict statement for searches
if(!empty($_GET["strict"])) {
$strict = $_GET["strict"];
}
else{
$strict="no";
}
//Determine if retired
if(!empty($_GET["retired"])) {
$rstatus = $_GET["retired"];
$report = "report_retired_asset_list_$myusername.csv";
}
else {
$rstatus = "no";
}
//Determine if disposed
if(!empty($_GET["disposed"])) {
$dstatus = $_GET["disposed"];
$report = "report_disposed_asset_list_$myusername.csv";
}
else {
$dstatus = "no";
}
if($rstatus=="yes"){
$table = "asset_retired";
$rurladd = '&retired=yes';
$cboxstatus = "no";
}
elseif($dstatus=="yes"){
$table = "disposed";
$rurladd = '&disposed=yes';
$cboxstatus = "no";
}
else {
$table = "asset";
$rurladd = '';
}
$fh = fopen($report, 'w') or die("can't open file");
$myusername = $_SESSION["myusername"];
$member_id = mysql_query("SELECT id FROM members WHERE username='$myusername'");
$member = mysql_fetch_array( $member_id );
$member_prefs = mysql_query("SELECT * FROM member_prefs WHERE id='$member[0]'");
$rowmp = mysql_fetch_array( $member_prefs );
$now = time();
$age = null;
$searchtype = '*';
$searchvar = '*';
//INIT RPP (Results Per Page)
$result7 = mysql_query("SELECT rpp FROM member_prefs WHERE id=$member[0]") or die(mysql_error());
$row7 = mysql_fetch_array( $result7 );
$rpp = $row7['rpp'] ;
if(!empty($_GET["rppu"])) {
$rppu = $_GET["rppu"];
$query = mysql_query("UPDATE member_prefs SET rpp='$rppu' WHERE id=$member[0]") or die(mysql_error());
$rpp = $rppu;
}
if($rpp == 'All'){
$rpp = '100000000';
}
//END THE MADNESS
echo "AssetTrackDB - Assets";
echo '';
echo '';
echo "";
//--START Menu Code and PULL PHP
include 'includes/menu.php';
include 'includes/pull.php';
//--END Menu Code--
echo '';
//CHECK FOR MULTISEARCH
if(!empty($_GET["multisearch"])) {
$multisearch = $_GET["multisearch"]; //URL BASED METHOD
}
else
{$multisearch = 'no';}
if($multisearch == 'yes'){
//Get MultiSearch Number
$msn = $_GET['msn'];
if ($msn == '2') {
$t1 = $_GET['t1'];
$t2 = $_GET['t2'];
$s1 = $_GET['s1'];
$s2 = $_GET['s2'];
$con1 = $_GET['con1'];
$query = "WHERE $t1 LIKE '%$s1%' $con1 $t2 LIKE '%$s2%'";
$queryf = "WHERE $t1 LIKE $s1 $con1 $t2 LIKE $s2";
$searchtype = 'multisearch=yes&msn='.$msn.'&t1=';
//Line below is for DISPLAY at the bottom of the page
$searchvar = $t1.'&s1='.$s1.'&t2='.$t2.'&s2='.$s2.'&con1='.$con1;
//echo $searchvar;
}
elseif($msn == '3'){
$t1 = $_GET['t1'];
$t2 = $_GET['t2'];
$t3 = $_GET['t3'];
$s1 = $_GET['s1'];
$s2 = $_GET['s2'];
$s3 = $_GET['s3'];
$con1 = $_GET['con1'];
$con2 = $_GET['con2'];
$query = "WHERE $t1 LIKE '%$s1%' $con1 ( $t2 LIKE '%$s2%' $con2 $t3 LIKE '%$s3%')";
//Line below is for DISPLAY at the bottom of the page
$queryf = $query;
$searchtype = 'multisearch=yes&msn='.$msn.'&t1';
$searchvar = $t1.'&s1='.$s1.'&t2='.$t2.'&s2='.$s2.'&t3='.$t3.'&s3='.$s3.'&con1='.$con1.'&con2='.$con2;
}
elseif($msn == '4'){
$t1 = $_GET['t1'];
$t2 = $_GET['t2'];
$t3 = $_GET['t3'];
$t4 = $_GET['t4'];
$s1 = $_GET['s1'];
$s2 = $_GET['s2'];
$s3 = $_GET['s3'];
$s4 = $_GET['s4'];
$con1 = $_GET['con1'];
$con2 = $_GET['con2'];
$con3 = $_GET['con3'];
$query = "WHERE $t1 LIKE '%$s1%' $con1 ($t2 LIKE '%$s2%' $con2 $t3 LIKE '%$s3%' $con3 $t4 LIKE '%$s4%')";
//Line below is for DISPLAY at the bottom of the page
$queryf = $query;
//FIX BELOW HERE
$searchtype = 'multisearch=yes&msn='.$msn.'&t1';
$searchvar = $t1.'&s1='.$s1.'&t2='.$t2.'&s2='.$s2.'&t3='.$t3.'&s3='.$s3.'&con1='.$con1.'&con2='.$con2;
}
}
else
{
if(!empty($_GET["bar_code"])) {
$bar_code = $_GET["bar_code"]; //URL BASED METHOD
$query = "AND bar_code=$bar_code";
} elseif(!empty($_GET["search"])) {
$search = $_GET["search"];
if ($strict == 'yes'){
$query = "AND name='$search'";
}
else{
$query = "AND name LIKE '%$search%'";
}
$searchvar = $_GET["search"];
$searchtype = 'search';
$show = "Name: " .$name;
} elseif(!empty($_GET["owner"])) {
$owner = $_GET["owner"];
$query = "AND owner='$owner'";
$searchvar = $_GET["owner"];
$searchtype = 'owner';
$show = "Owner: " .$owner;
} elseif(!empty($_GET["form"])) {
$form = $_GET["form"];
if ($strict == 'yes'){
$query = "AND form='$form'";
}
else{
$query = "AND form LIKE '%$form%'";
}
$searchvar = $_GET["form"];
$searchtype = 'form';
$show = "Form: " .$form;
} elseif(!empty($_GET["use"])) {
$use = $_GET["use"];
if ($strict == 'yes'){
$query = "AND use1='$use'";
}
else{
$query = "AND use1 LIKE '%$use%'";
}
$show = "Use: " .$use;
} elseif(!empty($_GET["location"])) {
$location = $_GET["location"];
if ($strict == 'yes'){
$query = "AND location='$location'";
}
else{
$query = "AND location LIKE '%$location%'";
}
$searchvar = $_GET["location"];
$searchtype = 'location';
$show = "Location: " .$location;
} elseif(!empty($_GET["os"])) {
$os = $_GET["os"];
if ($strict == 'yes'){
$query = "AND os='$os'";
}
else{
$query = "AND os LIKE '%$os%'";
}
$searchvar = $_GET["os"];
$searchtype = 'os';
$show = "Operating System: " .$os;
} elseif(!empty($_GET["pdate"])) {
$pdate = $_GET["pdate"];
if ($strict == 'yes'){
$query = "AND pdate='$pdate'";
}
else{
$query = "AND pdate LIKE '%$pdate%'";
}
$searchvar = $_GET["pdate"];
$searchtype = 'pdate';
$show = "Purchase Date: " .$pdate;
} elseif(!empty($_GET["model"])) {
$model = $_GET["model"];
if ($strict == 'yes'){
$query = "AND model='$model'";
}
else{
$query = "AND model LIKE '%$model%'";
}
$searchvar = $_GET["model"];
$searchtype = 'model';
$show = "Model: " .$model;
} elseif(!empty($_GET["name"])) {
$name = $_GET["name"];
if ($strict == 'yes'){
$query = "AND name='$name'";
}
else{
$query = "AND name LIKE '%$name%'";
}
$searchvar = $_GET["name"];
$searchtype = 'name';
} elseif(!empty($_GET["brand"])) {
$brand = $_GET["brand"];
if ($strict == 'yes'){
$query = "AND brand='$brand'";
}
else{
$query = "AND brand LIKE '%$brand%'";
}
$searchvar = $_GET["brand"];
$searchtype = 'brand';
$show = "Brand: " .$brand;
} elseif(!empty($_GET["co_status"])) {
$co_status = $_GET["co_status"];
$query = "AND co_status='$co_status'";
$searchvar = $_GET["co_status"];
$searchtype = 'co_status';
if ($co_status == '1'){
$show = "CO Status: " .'Yes';
}
else
{
$show = "CO Status: " .'No';
}
} elseif(!empty($_GET["cb"])) {
$cb = $_GET["cb"];
$query = "AND createdby='$cb'";
$searchvar = $_GET["cb"];
$searchtype = 'created';
$show = "Created By: " .$cb;
} elseif(!empty($_GET["vend"])) {
$vend = $_GET["vend"];
$query = "AND vendor='$vend'";
$searchvar = $_GET["vend"];
$searchtype = 'vend';
$show = "Vendor: " .$vend;
} elseif(!empty($_GET["fund"])) {
$fund = $_GET["fund"];
$query = "AND funding='$fund'";
$searchvar = $_GET["fund"];
$searchtype = 'funding';
$show = "Funding: " .$fund;
} elseif(!empty($_GET["cost"])) {
$cost = $_GET["cost"];
$query = "AND cost='$cost'";
$searchvar = $_GET["cost"];
$searchtype = 'cost';
$show = "Cost: " .$cost;
} elseif(!empty($_GET["custom1"])) {
$custom1 = $_GET["custom1"];
$query = "AND custom1='$custom1'";
$searchvar = $_GET["custom1"];
$searchtype = 'custom1';
$show = "Custom 1: " .$custom1;
} elseif(!empty($_GET["custom2"])) {
$custom2 = $_GET["custom2"];
$query = "AND custom2='$custom2'";
$searchvar = $_GET["custom2"];
$searchtype = 'custom2';
$show = "Custom 2: " .$custom2;
//CO USER and CO BLDG below (I'm not really sure how this works)
} elseif(!empty($_GET["co_user"])) {
$co_status = "1";
$co_user = $_GET["co_user"];
$searchvar = $_GET["co_user"];
$searchtype = 'co_user';
$qco = "SELECT * FROM tracker WHERE user=$co_user AND co_complete='0'";
$result22 = mysql_query($qco) or die(mysql_error());
//Line below is to start the query
//$query = "AND asset.serial='123XXX111XXX'"; //this line is a dummy to start the query
//loop below completes the query into one big line of if serial = or serial = or serial = ..... then continue and the query is run below
$query = 'AND (';
$query .= "asset.serial='DFSDFSD21343123'";
while($row = mysql_fetch_array( $result22 )) {
$query .= " OR asset.serial='";
$query .= $row['serial'];
$query .= "'";
$show = "CO User: " .$co_user;
}
$query .= ")";
} elseif(!empty($_GET["bldg"])) {
$co_status = "1";
$bldg = $_GET["bldg"];
//$query = "WHERE co_status='$co_status'";
$searchvar = $_GET["bldg"];
$searchtype = 'bldg';
$result22 = mysql_query("SELECT * FROM tracker WHERE building=$bldg AND co_complete='0'") or die(mysql_error());
// $row = mysql_fetch_array( $result22 );
$query = "AND ($table.serial='123'";
while($row = mysql_fetch_array( $result22 )) {
$query .= " OR $table.serial='";
$query .= $row['serial'];
$query .= "'";
$show = "CO Building: " .$bldg;
}
$query .= ")";
}
elseif(!empty($_GET["loc"])) {
$gloc = $_GET["loc"];
$query = "AND location='";
$query .= $gloc;
$query .= "'";
$show = "CO Room: " .$gloc;
//IF None of the conditions for earches above work then just get everything from asset, images and tracker tables
} elseif(!empty($_GET["string"])){
$string = $_GET["string"];
//Set Search Type and variable for Results per page change
$searchtype = "string";
$searchvar = $string;
$query = "AND (bar_code LIKE '%$string%'
OR $table.name LIKE '%$string%'
OR $table.creation_date LIKE '%$string%'
OR $table.serial LIKE '%$string%'
OR $table.model LIKE '%$string%'
OR $table.brand LIKE '%$string%'
OR $table.owner LIKE '%$string%'
OR $table.form LIKE '%$string%'
OR $table.use1 LIKE '%$string%'
OR $table.notes LIKE '%$string%'
OR $table.os LIKE '%$string%'
OR $table.pdate LIKE '%$string%'
OR $table.cost LIKE '%$string%'
OR $table.funding LIKE '%$string%'
OR $table.vendor LIKE '%$string%'
OR $table.createdby LIKE '%$string%'
OR $table.produkey LIKE '%$string%'
OR $table.updateby LIKE '%$string%'
OR $table.custom1 LIKE '%$string%'
OR $table.custom2 LIKE '%$string%'
OR building.name LIKE '%$string%'
OR track.user LIKE '%$string%'
OR track.location LIKE '%$string%')
";
//
//echo $query;
//echo "
";
}
else {
$query = null;
}
if ($query == ""){
}
else{
//This was code to attempt the building search
$qbuild = "SELECT * from building WHERE name LIKE '%$string%'";
$resultqb = mysql_query($qbuild) or die(mysql_error());
$rn = '';
while($rowrb = mysql_fetch_array( $resultqb )) {
$rn .= " building='";
$rn .= $rowrb['number'];
$rn .= "' OR";
//$rn .= ',';
}
//echo $rn;
}
//Build query here
}
//Query to get pages and count
if ($query == ""){
$q2 = "SELECT * FROM $table $query";
}
else {
//NEW QUERY
//$q2 = "SELECT SQL_NO_CACHE $table.*, tracker.location,tracker.user, tracker.co_complete, building.name AS bname FROM $table LEFT JOIN `tracker` on $table.serial = tracker.serial LEFT JOIN `building` on tracker.building = building.number WHERE $table.serial <> -1111111 AND (tracker.co_complete = 0 OR tracker.co_complete = NULL) $query";
$q2 = "SELECT $table.*, track.location,track.user, track.co_complete, building.name AS bname FROM $table
LEFT JOIN (SELECT * FROM `tracker` WHERE co_complete=0 AND ($rn user LIKE '%$string%' OR location LIKE '%$string%') ) as track on asset.serial = track.serial
LEFT JOIN `building` on track.building = building.number
WHERE $table.serial <> -1111111 $query
";
}
//Uncomment to display query
//echo $q2;
//echo "
";
$result = mysql_query($q2) or die(mysql_error());
$total_records = mysql_num_rows($result);
$total_pages = ceil($total_records / $rpp);
//Deal with multiple pages
if (isset($_GET["page"])) { $page = $_GET["page"]; } else { $page=1; };
$start_from = ($page-1) * $rpp;
//Real Query
if ($query == ""){
$q1 = "SELECT * FROM $table $query ORDER BY name ASC LIMIT $start_from, $rpp";
}
else {
//NEW QUERY
//$q1 = "SELECT SQL_NO_CACHE $table.*, tracker.location,tracker.user, tracker.co_complete, building.name AS bname FROM $table LEFT JOIN `tracker` on $table.serial = tracker.serial LEFT JOIN `building` on tracker.building = building.number WHERE $table.serial <> -1111111 AND (tracker.co_complete = 0 OR tracker.co_complete = NULL) $query ORDER BY $table.name ASC LIMIT $start_from, $rpp";
$q1 = "SELECT $table.*, track.location,track.user, track.co_complete, building.name AS bname FROM $table
LEFT JOIN (SELECT * FROM `tracker` WHERE co_complete=0 AND ($rn user LIKE '%$string%' OR location LIKE '%$string%') ) as track on asset.serial = track.serial
LEFT JOIN `building` on track.building = building.number
WHERE $table.serial <> -1111111 $query ORDER BY name ASC LIMIT $start_from, $rpp
";
}
$result = mysql_query($q1) or die(mysql_error());
$result1 = mysql_query("SELECT * FROM images") or die(mysql_error());
$result2 = mysql_query("SELECT * FROM tracker") or die(mysql_error());
//Page Calcualtions START
//Calculate Previous Page Number
if ($page==1){
$pageprev='1';
}
else
{
$pageprev = $page - 1;
}
//Calculate Next Page Number
if ($page < $total_pages) {
$pagenext = $page + 1;
}
else{
$pagenext = $page;
}
//Page Calcualtions END
//Uncomment for Query Display
//echo " Query1: ";
//echo $q1;
//echo " ";
//Uncomment for Query Display
//echo " Query2: ";
//echo $q2;
//echo "