Intranet | G&S database | email | www site
echo '
Intranet
'; echo '
G&S Stock database | maintenance
'; include ('../p/db_c.php'); if (!isset($_SESSION['count']) || ($_SESSION['count']==999)) { //Login required $_SESSION['count']=999; //Logged out state if ($_POST['a']=='v') { $sql = 'SELECT Auname, Apass FROM uA WHERE Auname = "'.$_POST['Funame'].'" AND Apass = "'.$_POST['Fpass'].'" '; $result = mysql_query($sql); if (!$result) echo 'Invalid query: ' . mysql_error() . "\n"; if (($num_rows = mysql_num_rows($result))==0) $_SESSION['count']=999; //Logged out state else { $row = mysql_fetch_array($result); $user = $row['Auname']; $pass = $row['Apass']; $IP = $_SERVER['REMOTE_ADDR']; echo '
User : '.$row['Auname'].' | Status : Connected to the live database. | IP ['.$IP.'] 
'; $_SESSION['count']=0; //Logged in state } } else { echo '

Login

'; echo '
'; echo ''; echo ''; echo ''; echo ''; echo ''; echo '
 Please login...
Username:
Password:
 
'; echo '
'; } } if ($_SESSION['count']==0) { //Logged in if ($_SESSION['count']>0) { unset($_SESSION['count']); $M='X'; } else { $M = $_GET['m']; //Mode echo '
Add | Delete | View | Logout
'; } $L = $_GET['l']; //Lvl $C = $_GET['c']; //Catalogue $D = $_GET['d']; //L1 $E = $_GET['e']; //L2 $F = $_GET['f']; //SKG $G = $_GET['g']; //SKU if (strlen($M)==0) $M='V'; //Default:List #echo '

Hello visitor, you have seen this page '.$_SESSION['count'].' times.

To continue, click here.

To log-out, click here.

'; if (($M==V) || ($M==E)) { $Q=''; $s='SELECT '; $f=' FROM '; $w=' WHERE '; $o=' ORDER BY '; if (strlen($C)==0) //Default, Erase WHERE clause { $s.='*'; $f.='(((C'; $w=''; $o.='C.Cord'; $L=0; } if (strlen($C)>0) { $s.='C.*'; $f.='(((C'; $w.='((C.Cid)="'.$C.'")'; $o.='C.Cord'; $L=1; } if (strlen($D)>0) { $s.=',L1.*'; $f.=' INNER JOIN L1 ON C.Cid = L1.L1C)'; $o.=', L1.L1ord'; if ($D>0) { $w.=' AND ((L1.L1id)="'.$D.'")'; $L=2; } } else $f.=')'; if (strlen($E)>0) { $s.=',L2.*'; $f.=' INNER JOIN L2 ON L1.L1id = L2.L2L1)'; $o.=', L2.L2ord'; if ($E>0) { $w.=' AND ((L2.L2id)="'.$E.'")'; $L=3; } } else $f.=')'; if (strlen($F)>0) { $s.=',SKG.*'; $f.=' LEFT JOIN SKG ON L2.L2id = SKG.SKGL2)'; $o.=', SKG.SKGord'; if ($F>0) { $w.=' AND ((SKG.SKGid)="'.$F.'")'; $L=4; } } else $f.=')'; if (strlen($G)>0) { $s.=',SKU.*'; $f.=' LEFT JOIN SKU ON SKG.SKGid = SKU.SKUSKG'; $o.=', SKU.SKUord'; if ($G>0) { $w.=' AND ((SKU.SKUid)="'.$G.'")'; $L=5; } } $Q = $s.$f.$w.$o; #echo '
debug | M=['.$M.'] | c='.$C.' | d='.$D.' | e='.$E.' | f='.$F.' | g='.$G.' | Lvl='.$L.'
Q=['.$Q.']
'; } switch ($M) { case 'A': //Add echo '

Add

'; #echo '
debug | M=['.$M.'] | c='.$C.' | d='.$D.' | e='.$E.' | f='.$F.' | g='.$G.' | Lvl='.$L.'
'; $db_table = mysql_list_tables(DB_name); $TheTableName=mysql_tablename($db_table, $L); $fields = mysql_list_fields(DB_name, $TheTableName); $columns = mysql_num_fields($fields); echo '
'; echo ' '; echo ''; echo ''; for ($i = 0; $i < $columns; $i++ ) { $arr = get_defined_vars(); $fieldName= mysql_field_name($fields,$i); $fieldType= mysql_field_type($fields,$i); $fieldNameValue= $arr[$fieldName."Val"]; echo ""; echo ''; if ($i==0) echo ''; //Assume Keyfield is always 1st field! else { switch ($fieldType) { case 'int': echo ''; break; case 'blob': echo ''; break; case 'real': echo ''; break; # case 'string': break; default : echo ''; } } echo ""; } echo '
Table'.$TheTableName.'
'.mysql_field_name($fields,$i).'Generated automatically
   Return to main list
'; echo "
"; break; case 'D': //Delete echo '

Delete

'; echo '

You are not allowed to delete records using this system, at this time.
'; /* // uniqueFieldName should be column 0 $uniqueFieldName= mysql_field_name($fields,0); $sql="DELETE FROM $TheTableName"." WHERE $uniqueFieldName = $IdForDelete"; $res=mysql_query($sql); if (!$res) giveError(mysql_error()); else echo "$IdForDelete deleted
"; */ break; //Delete...end case 'E': //Edit echo '

Edit

'; #echo '
debug | M=['.$M.'] | c='.$C.' | d='.$D.' | e='.$E.' | f='.$F.' | g='.$G.' | Lvl='.$L.'
'; #echo '
debug | Q=['.$Q.']
'; $PN = mysql_query($Q); $row=mysql_fetch_array($PN, MYSQL_BOTH); $cols = mysql_num_fields($PN); switch ($L) { case 1: //Catalogue # echo $row[ 0].'|'.$row[ 1].'|'.$row[ 2].'|'.$row[ 3].'|'.$row[ 4].'|'.$row[ 5].'|'.$row[ 6].'
'; $fldS=0; $fldE=6; break; case 2: //L1 # echo $row[ 7].'|'.$row[ 8].'|'.$row[ 9].'|'.$row[10].'|'.$row[11].'|'.$row[12].'|'.$row[13].'|'.$row[14].'
'; $fldS=7; $fldE=14; break; case 3: //L2 # echo $row[15].'|'.$row[16].'|'.$row[17].'|'.$row[18].'|'.$row[19].'|'.$row[20].'|'.$row[21].'|'.$row[22].'
'; $fldS=15; $fldE=22; break; case 4: //SKG # echo $row[23].'|'.$row[24].'|'.$row[25].'|'.$row[26].'|'.$row[27].'|'.$row[28].'|'.$row[29].'|'.$row[30].'|'.$row[31].'|'.$row[32].'
'; $fldS=23; $fldE=32; break; case 5: //SKU # echo $row[33].'|'.$row[34].'|'.$row[35].'|'.$row[36].'|'.$row[37].'|'.$row[38].'|'.$row[39].'|'.$row[40].'|'.$row[41].'|'.$row[42].'
'; $fldS=33; $fldE=42; break; default : echo '

Undefined table

'; } //Edit form... echo '
'; echo ' '; echo ' '; echo ''; echo ''; for ($i=$fldS; $i<=$fldE; $i++ ) { $arr = get_defined_vars(); $fieldName= mysql_field_name($PN,$i); $fieldType= mysql_field_type($PN,$i); $fieldNameValue= $arr[$fieldName."Val"]; echo ''; echo ''; if ($i==$fldS) echo ''; //Assume Keyfield is always 1st field! else { switch ($fieldType) { case 'int': echo ''; break; case 'blob': echo ''; break; case 'real': echo ''; break; # case 'string': break; default : echo ''; } } echo ''; } echo ''; echo '
'.$T.'
'.mysql_field_name($PN,$i).''.$row[$i].'
 
'; echo '
'; //Edit form...end break; case 'I': //Insert echo '

Insert

'; $L = $_POST['l']; //Lvl #echo '
debug | M=['.$M.'] | c='.$C.' | d='.$D.' | e='.$E.' | f='.$F.' | g='.$G.' | Lvl='.$L.'
'; $db_table = mysql_list_tables(DB_name); $TheTableName=mysql_tablename($db_table, $L); $fields = mysql_list_fields(DB_name, $TheTableName); $columns = mysql_num_fields($fields); $sql="INSERT INTO $TheTableName VALUES("; for ( $i = 0; $i < $columns; $i++ ) { $arr = get_defined_vars(); $fieldName= mysql_field_name($fields,$i); $fieldType= mysql_field_type($fields,$i); $fieldNameValue= $arr[$fieldName."Val"]; # $v=$_POST[mysql_field_name($fields,$i).'Val']; $v=addslashes($_POST[mysql_field_name($fields,$i).'Val']); if ($i == 0) { //For first column $uniqueFieldName=$fieldName; $uniqueId=$arr[$fieldName."Val"]; $uniqueFieldNameValue=$arr[$fieldName."Val"]; if (trim($uniqueFieldNameValue)=="") //If it is empty treat it as a autoincrement field and put value 0 { $uniqueFieldNameValue=0; } if (preg_match ("/int/i", $fieldType)) { $sql = $sql . $uniqueFieldNameValue . ', '; } else { $sql = $sql . '"' . $uniqueFieldNameValue . '", '; } } else if ($i == $columns-1) { if (preg_match ("/int/i", $fieldType)) { if (empty($v)) $v=0; $sql = $sql . $v.") "; # $sql = $sql . " $fieldName=".$_POST[mysql_field_name($fields,$i).'Val'].") "; } else # { $sql = $sql . " $fieldName=\"".$_POST[mysql_field_name($fields,$i).'Val']."\") "; } { $sql = $sql .'"'. addslashes($_POST[mysql_field_name($fields,$i).'Val']).'") '; } } else { if (preg_match ("/int/i", $fieldType)) { if (empty($v)) $v=0; $sql = $sql . $v.", "; # $sql = $sql . " $fieldName=".$_POST[mysql_field_name($fields,$i).'Val'].", "; } else # { $sql = $sql . " $fieldName=\"".$_POST[mysql_field_name($fields,$i).'Val']."\", "; } { $sql = $sql .'"'. addslashes($_POST[mysql_field_name($fields,$i).'Val']).'", '; } } } #echo '
debug | ['.$sql.']
'; $res=mysql_query($sql); if (!$res) echo '
Insert failed.
Sorry this record was not inserted.
'.$sql.'
'.mysql_error(); else echo "
Record inserted successfully.
Result code : $res
"; echo '

  Return to main list  Return to stock list'; break; //Insert...end case 'U': //Update echo '

Update

'; $L = $_POST['l']; //Lvl switch($L) { case 1: $k=$_POST['c']; break; case 2: $k=$_POST['d']; break; case 3: $k=$_POST['e']; break; case 4: $k=$_POST['f']; break; case 5: $k=$_POST['g']; break; default : echo 'Invalid level - can not determine table'; } # echo '
debug | M=['.$M.'] | c='.$C.' | d='.$D.' | e='.$E.' | f='.$F.' | g='.$G.' | Lvl='.$L.'
'; $db_table = mysql_list_tables(DB_name); $TheTableName=mysql_tablename($db_table, $L-1); #echo '
Tables:'; for($i = 0; $i < mysql_num_rows($db_table); $i++) { echo mysql_tablename($db_table, $i).'| '; } echo ' ['.mysql_tablename($db_table, $L-1).'] | '.$TheTableName.'
'; $fields = mysql_list_fields(DB_name, $TheTableName); $columns = mysql_num_fields($fields); #echo '
Fields:'; for ($i = 0; $i < $columns; $i++) { echo "" . mysql_field_name($fields, $i) . " - " . mysql_field_type($fields, $i) . ", " . mysql_field_flags($fields, $i) . "
";} echo '
'; //Dump field names #echo '
'; for ($i = 0; $i < $columns; $i++) { $x=mysql_field_name($fields,$i).'Val'; echo $i."|".$x."|".$_POST[mysql_field_name($fields,$i).'Val']."|
"; } echo '
'; //Dump field names $sql="UPDATE $TheTableName"; for ( $i = 0; $i < $columns; $i++ ) { $arr = get_defined_vars(); $fieldName= mysql_field_name($fields,$i); $fieldType= mysql_field_type($fields,$i); $fieldNameValue= $arr[$fieldName."Val"]; if ($i == 0) { $uniqueFieldName=$fieldName; $uniqueId=$arr[$fieldName."Val"]; if (preg_match ("/int/i", $fieldType)) { $sql = $sql . " SET $fieldName=".$k.", "; } else { $sql = $sql . " SET $fieldName=\"".$k."\", "; } } else if ($i == $columns-1) { if (preg_match ("/int/i", $fieldType)) # { $sql = $sql . " $fieldName=".$fieldNameValue." "; } { $sql = $sql . " $fieldName=".$_POST[mysql_field_name($fields,$i).'Val']." "; } else { $sql = $sql . " $fieldName=\"".addslashes($_POST[mysql_field_name($fields,$i).'Val'])."\" "; } } else { if (preg_match ("/int/i", $fieldType)) { $sql = $sql . " $fieldName=".$_POST[mysql_field_name($fields,$i).'Val'].", "; } else { $sql = $sql . " $fieldName=\"".addslashes($_POST[mysql_field_name($fields,$i).'Val'])."\", "; } } } $sql = $sql . " WHERE $uniqueFieldName=$k"; #echo '
debug | UPDATE sql=['.$sql.']
'; $res=mysql_query($sql); if (!$res) echo '
Update failed.
Sorry this record was not updated.
'.$sql.'
'.mysql_error(); else echo "
Record updated successfully.
Result code : $res
"; echo '

  Return to main list  Return to stock list'; break; //Update...end case 'V': //View echo '

View

'; $PN = mysql_query($Q); echo ''; echo ''; while ($row=mysql_fetch_array($PN, MYSQL_BOTH)) { echo ''; if ($L==0) echo ''; if ($L>0) echo ''; if ($L==1) echo ''; if ($L>1) { echo ''; } if ($L==2) echo ''; # if ($L>2) echo ''; if ($L>2) { echo ''; } if ($L==3) echo ''; if ($L>3) { echo ''; } echo ''; } #Add row echo ''; for ($i=0;$i<5; $i++) { if ($L==$i) echo ''; else echo ''; } echo ''; echo '
'.$row['Cname'].'L1'.$row['L1name'].'L2'; if (strlen($row['L2name'])==0) echo 'Various'; else echo $row['L2name']; echo 'SKG'.$row['SKGname'].''; if (strlen($row['SKGname'])==0) echo $row['SKGsize'].' | '.$row['SKGprice']; else echo $row['SKGname']; echo 'SKU'; if (strlen($row['SKUname'])==0) echo $row['SKUsize'].' | '.$row['SKUprice']; else echo $row['SKUname']; echo '
Add a new record 
'; echo '
 Records found:'.mysql_num_rows($PN); break; //List...end case 'X': //Login # echo ''; $_SESSION['count']==999; unset($_SESSION['count']); session_destroy(); echo '

Logged out




Click here to Login...'; break; default : echo '

Undefined function - game over

'; } //switch # mysql_free_results($PN); } //Logged in echo '


 G&S Stock database |'; if (isset($_SESSION['count']) && ($_SESSION['count']==0)) //Logged in state { echo ' Add | Delete | View | Logout'; echo '         Status : You are connected to the live database.'; } else echo ' Status : Logged out.  |  Login...'; echo '
'; ?>