File: D:/HostingSpaces/SBogers45/smuldersinterieurprojecten.nl/wwwroot/admin/php/documentManager.php
<?php
/* DOCUMENT MANAGER 1.0 */
function initDocumentManager(){
$output = '';
//get text
$siteText = getSiteText();
//header if action
if(isset($_GET['action']) && !isset($_POST['back'])){
$action = $_GET['action'];
$output .= '<div class="header-bar top-rounded content-bar">';
if($action == 'new'){
$output .= 'documents // '.$siteText['titleNewItem'];
}
else if($action == 'edit'){
$output .= 'documents // '.$siteText['titleEditItem'];
}
else if($action == 'delete'){
$output .= 'documents // '.$siteText['titleDeleteItem'];
}
$output .= '</div>';
}
//check
if(isset($_POST['back'])){
$output .= showDocumentList();
}
//shows the question if you really want to delete the stuf
else if(isset($_POST['deleteSelectedDoc'])){
$output .= deleteSelectedDocuments();
}
//moves selected to trash
else if(isset($_POST['moveSelectedToTrash'])){
$output .= moveSelectedDocumentsToTrash();
}
else if(isset($_POST['sbmAddDocument'])){
sbmAddEditDocument('add');
}
else if(isset($_POST['sbmEditDocument'])){
sbmAddEditDocument('edit');
}
else if(isset($_POST['moveDocumentToTrash'])){
moveDocumentToTrash();
}
else if(isset($_GET['action'])){
$action = $_GET['action'];
if($action == 'new'){
$output .= formAddEditDocument('add');
}
if($action == 'edit'){
$output .= formAddEditDocument('edit',$_GET['id']);
}
else if($action == 'delete'){
$output .= areYouSureRemove();
}
}
else{
$output .= showDocumentList();
}
return $output;
}
function showDocumentList(){
//get text
$siteText = getSiteText();
//get sub group
if(isset($_GET['sub'])){
$groupLinkname = $_GET['sub'];
}
else{
$groupLinkname = 'all';
}
//output
$output = '';
$output .= '<div class="header-bar top-rounded content-bar">';
$output .= 'documents';
if($groupLinkname != 'all') $output .= ' // '.strtolower($groupLinkname);
$output .= '</div>';
if($groupLinkname != 'all'){
$output .= '<div class="pages-group-options">';
$output .= 'Group options:';
//get groupId
$groupResult = mysql_query('SELECT id FROM documents_groups WHERE linkname = "'.$groupLinkname.'" LIMIT 1');
$groupRecord = mysql_fetch_assoc($groupResult);
$groupId = $groupRecord['id'];
$output .= '<a href="./documents/'.$groupLinkname.'/edit-group/'.$groupId.'/" /><img src="./images/icons/edit.png" class="mp-box-icon pages-group-icon" /></a>';
$output .= '<a href="./documents/'.$groupLinkname.'/delete-group/'.$groupId.'/" /><img src="./images/icons/trashcan.png" class="mp-box-icon pages-group-icon" /></a>';
$output .= '</div>';
}
//action menu
$output .= '<div class="pages-action-menu';
if($groupLinkname == 'all') $output .= ' full-action-menu ';
$output .= '">';
$output .= '<ul>
<li><a href="./documents/'.$groupLinkname.'/new/"><img src="./images/icons/plus.png" alt="add"/>'.$siteText['addDocument'].'</a></li>
<div class="clear"></div>
</ul>';
$output .= '</div>';
$output .= '<div class="clear"></div>';
//start form
$output .= '<form action="" name="chkFormDocuments" method="post">';
$output .= '<div class="med-sub-nav">';
//delete selected
$output .= '<input type="submit" id="deleteSelected" name="deleteSelectedDoc" value="'.$siteText['deleteSelected'].'" class="button fully-rounded med-delete-selected"/>';
//move selected
$output .= '<div class="med-hover-move">';
$output .= 'Move to <select name="selectToGroup">';
//first option
$output .= '<option value="all">All</option>';
// get all media groups and groupid's
//media groups
$movequery = 'SELECT DISTINCT d.id, d.title, d.linkname
FROM documents_groups AS d, status AS s
WHERE s.itemId = d.id
AND s.active = "1"
ORDER BY d.title ASC';
$moveresult = mysql_query($movequery);
while($moverecord = mysql_fetch_assoc($moveresult)){
$moveId = $moverecord['id'];
$moveTitle = $moverecord['title'];
$moveLinkname = $moverecord['linkname'];
$output .= '<option value="'.$moveId.'">'.$moveTitle.'</option>';
}
$output .= '</select>';
$output .= '<input type="submit" id="moveSelected" name="moveSelected" value="move"/>';
$output .= '</div>';
$output .= '</div>';
$output .= '<div class="clear"></div>';
$output .= '<div class="double-column-content">';
//top row
$output .= '<div class="doc-row doc-head-row">';
$output .= '<div class="doc-row-ext"><strong><input type="checkbox" name="checkCtrl" value="checkAll" onClick="check_all(this);" class="med-check-all-box"></strong></div>';
$output .= '<div class="doc-row-title"><strong>'.$siteText['headRowTitle'].'</strong></div>';
$output .= '<div class="doc-row-ext"><strong>'.$siteText['headRowExt'].'</strong></div>';
$output .= '<div class="doc-row-shortcode"><strong>'.$siteText['headRowShortcode'].'</strong></div>';
//$output .= '<div class="doc-row-moveto"><strong>'.$siteText['headRowMove'].'</strong></div>';
$output .= '<div class="doc-row-actions"><strong>'.$siteText['headRowActions'].'</strong></div>';
$output .= '<div class="clear"></div>';
$output .= '</div>';
//get total items
$query = 'SELECT DISTINCT d.id, d.title, d.ext, d.shortcode, d.url, d.timest
FROM documents as d, status as s
WHERE s.itemId = d.id
AND s.active = "1"
AND s.page = "documents"
ORDER BY timest DESC';
//if isset sub, then overwrite the query above
if(isset($_GET['sub'])){
if($_GET['sub'] != 'all'){
$query = 'SELECT DISTINCT d.id, d.title, d.ext, d.shortcode, d.url, d.timest
FROM documents AS d, status AS s, documents_groups AS dg, documents_grouprows AS dr
WHERE s.itemId = d.id
AND s.active = "1"
AND s.page = "documents"
AND dg.linkname = "'.$_GET['sub'].'"
AND dg.id = dr.groupId
AND d.id = dr.mediaId
ORDER BY d.id DESC';
}
}
$result = mysql_query($query);
$numTotalItems = mysql_num_rows($result);
//set max items
$maxItems = 10;
$numPages = ceil($numTotalItems / $maxItems);
if($numPages == 0) $numPages = 1;
$sessionName = 'documents__'.$groupLinkname.'_thisPage';
//set current page
if(isset($_SESSION[$sessionName])){
$thispage = $_SESSION[$sessionName];
}
else{
$thispage = 1;
}
$limitFrom = ($thispage * $maxItems)-$maxItems;
$query .= ' LIMIT '.$limitFrom.','.$maxItems;
$result = mysql_query($query);
//check if page is still needed
$newNumItems = mysql_num_rows($result);
if($newNumItems == 0 && $numTotalItems != 0){
$_SESSION[$sessionName] = $_SESSION[$sessionName] - 1;
header('location: ./');
}
while($record = mysql_fetch_assoc($result)){
$docId = $record['id'];
$docTitle = fromDatabase($record['title']);
$docExt = $record['ext'];
$docURL = $record['url'];
$docShortCode = $record['shortcode'];
if(strlen($docTitle) > 40){
$docTitle = substr($docTitle,0,40).'..';
}
$output .= '<div class="doc-row">';
$output .= '<div class="doc-row-ext"><input type="checkbox" name="option[]" id="option" value="'.$docId.'" class="med-thumb-img-cb"/></div>';
$output .= '<div class="doc-row-title"><a href="'.$docURL.'" target="_blank">'.$docTitle.'</a></div>';
$output .= '<div class="doc-row-ext">'.$docExt.'</div>';
$output .= '<div class="doc-row-shortcode">'.$docShortCode.'</div>';
/*$output .= '<div class="doc-row-moveto">';
//select menu
$output .= '<form action="" id="moveToGroupForm" name="moveToGroupForm" method=post>';
$output .= '<select name="selectToGroup" onChange="this.form.submit();" style="width: 100px;">';
//first option
$output .= '<option value="all">All</option>';
// get all media groups and groupid's
//media groups
$movequery = 'SELECT DISTINCT d.id, d.title, d.linkname
FROM documents_groups AS d, status AS s
WHERE s.itemId = d.id
AND s.active = "1"
ORDER BY title ASC';
$moveresult = mysql_query($movequery);
while($moverecord = mysql_fetch_assoc($moveresult)){
$moveId = $moverecord['id'];
$moveTitle = $moverecord['title'];
$moveLinkname = $moverecord['linkname'];
$groupIdResult = mysql_query('SELECT DISTINCT groupId FROM documents_grouprows WHERE mediaId = '.$docId.' LIMIT 1');
$groupIdRecord = mysql_fetch_assoc($groupIdResult);
$groupId = $groupIdRecord['groupId'];
$output .= '<option value="'.$moveId.'"';
if($moveId == $groupId ) $output .= ' selected ';
$output .= '>'.$moveTitle.'</option>';
}
$output .= '</select>';
$output .= '<input type="hidden" name="mediaIdToMove" value="'.$docId.'" />';
$output .= '</form>';
$output .= '</div>';*/
$output .= '<div class="doc-row-actions">';
$output .= '<a href="./documents/'.$groupLinkname.'/edit/'.$docId.'/"><img src="./images/icons/edit.png" alt="edit" class="mp-box-icon" /></a>';
$output .= '<a href="./documents/'.$groupLinkname.'/delete/'.$docId.'/"><img src="./images/icons/trashcan.png" alt="move to trash" class="mp-box-icon" /></a>';
$output .= '</div>';
$output .= '<div class="clear"></div>';
$output .= '</div>';
}
$output .= '</div>';
$output .= '</form>';
//page control
if($numPages > 1){
$output .= '<div class="mp-page-control-container">';
if($thispage != 1){ $output .= '<span class="mp-page-control-previous" onclick="pageControl(\''.$sessionName.'\','.($thispage-1).')">'.$siteText['prevPage'].'</a></span>'; }
if($thispage != $numPages){ $output .= '<span class="mp-page-control-next" onclick="pageControl(\''.$sessionName.'\','.($thispage+1).')">'.$siteText['nextPage'].'</a></span>'; }
$output .= '</div>';
}
return $output;
}
function formAddEditDocument($method, $editId = 0){
//get text
$siteText = getSiteText();
if($method == 'edit'){
//get info from database
$query = 'SELECT title FROM documents WHERE id = '.$editId.' LIMIT 1';
$result = mysql_query($query);
$record = mysql_fetch_assoc($result);
$title = $record['title'];
$_SESSION['addDocument']['value'] = $title;
}
//create vars
if(!isset($_SESSION['addDocument']['errors'])){
$_SESSION['addDocument']['errors'] = '';
}
if(!isset($_SESSION['addDocument']['value'])){
$_SESSION['addDocument']['value'] = '';
}
$output = '';
$output .= '<div class="double-column-content">';
$output .= '<form action="" method="post" enctype="multipart/form-data">';
//title
$output .= '<div class="input-total">';
$output .= '<div class="input-title">';
if(!empty($_SESSION['addDocument']['errors'])){ $output .= '<span class="errForm">'.$_SESSION['addDocument']['errors'].'</span>'; }
$output .= $siteText['formInputTitle'];
$output .= '</div>';
$output .= '<input type="text" name="documentTitle" value="'.$_SESSION['addDocument']['value'].'" />';
$output .= '</div>';
$output .= '<div class="clear"></div>';
//file
if($method == 'add'){
$output .= '<div class="input-total">';
$output .= '<div class="input-title">';
$output .= $siteText['formInputDocument'];
$output .= '</div>';
$output .= '<input type="file" name="documentFile" value="" />';
$output .= '</div>';
}
$output .= '<div class="clear"></div>';
if($method == 'edit') $output .= '<input type="hidden" name="editId" value="'.$editId.'"/>';
if($method == 'add') $output .= '<input type="submit" name="sbmAddDocument" value="'.$siteText['btnAddDocument'].'" class="button fully-rounded"/>';
if($method == 'edit') $output .= '<input type="submit" name="sbmEditDocument" value="'.$siteText['btnEditDocument'].'" class="button fully-rounded"/>';
$output .= '</form>';
$output .= '</div>';
return $output;
}
function sbmAddEditDocument($method){
$editId = 0;
$title = $_POST['documentTitle'];
if(!empty($title)){
if($method == 'add'){
$value = $_FILES['documentFile']['name'];
if(!empty($value)){
unset($_SESSION['addDocument']);
//get the filesize
$fileExtArr = explode('.', $value);
$fileExt = strtolower($fileExtArr[count($fileExtArr) - 1]);
$type = 4;
//create shortcode
$shortCode = time();
// $fileNameTitle = htmlentities($title);
//$fileNameTitle = urlencode($fileNameTitle);
$title = inDatabase($title);
$fileName = $shortCode.'.'.$fileExt;
$dirpad = '../docs/uploads/';
$pad = $dirpad.$fileName;
//upload image
move_uploaded_file($_FILES['documentFile']['tmp_name'], $pad);
//insert database
mysql_query('INSERT INTO documents(title, type, ext, url, shortcode, timest)
VALUES("'.$title.'","'.$type.'","'.$fileExt.'","'.$pad.'","'.$shortCode.'","'.time().'")');
$itemId = mysql_insert_id();
//into status
mysql_query('INSERT INTO status(itemId, page, active) VALUES("'.$itemId.'", "documents", "1")');
if(isset($_GET['sub'])){
$groupLinkname = $_GET['sub'];
if($groupLinkname != 'all'){
//get groupId
$groupResult = mysql_query('SELECT id FROM documents_groups WHERE linkname = "'.$groupLinkname.'" LIMIT 1');
$groupRecord = mysql_fetch_assoc($groupResult);
$groupId = $groupRecord['id'];
//insert into group database
mysql_query('INSERT INTO documents_grouprows (groupId, mediaId, timest) VALUES ("'.$groupId.'","'.$itemId.'","'.time().'")');
}
}
header('location: ../../');
}
}
else{
//unset sessions
unset($_SESSION['addDocument']);
//update database
$query = 'UPDATE documents SET title="'.$title.'" WHERE id="'.$_POST['editId'].'" LIMIT 1';
// echo $query;
mysql_query($query);
header('location: ../../');
}
}
else{
//set error
$_SESSION['addGroup']['errors'] = 'Please fill in this field.';
return addEditGroupForm($method, $editId);
}
}
function areYouSureRemove(){
//get text
$siteText = getSiteText();
$output = '';
$output .= '<div class="double-column-content">';
$deleteId = $_GET['id'];
$query = 'SELECT id, title, ext, shortcode, url, timest
FROM documents
WHERE id = '.$deleteId.' LIMIT 1';
$result = mysql_query($query);
$record = mysql_fetch_assoc($result);
$title = $record['title'];
$output .= '<form action="" method="post">';
$output .= $siteText['areYouSureDocument'].'<br /><br />';
$output .= '<input type="hidden" name="deleteId" value="'.$deleteId.'" />';
$output .= '<input type="submit" name="moveDocumentToTrash" value="'.$siteText['formBtnYes'].'" class="button fully-rounded" /> ';
$output .= '<input type="submit" name="back" value="'.$siteText['formBtnNo'].'" class="button fully-rounded" />';
$output .= '</form>';
$output .= '</div>';
return $output;
}
function moveDocumentToTrash(){
mysql_query('UPDATE status SET active="0" WHERE page="documents" AND itemId="'.$_POST['deleteId'].'";');
header('location: ../../');
}
function deleteSelectedDocuments(){
//get text
$siteText = getSiteText();
$numSelected = 0;
foreach($_POST['option'] as $key => $itemId){
if(isset($itemId)){
$query = 'SELECT title FROM documents WHERE id ="'.$itemId.'"';
$result = mysql_query($query);
$record = mysql_fetch_assoc($result);
$arr['id'][$numSelected] = $itemId;
$arr['title'][$numSelected] = fromDatabase($record['title']);
$numSelected++;
}
}
$output = '';
$output .= '<div class="triple-column-container">';
$output .= '<div class="header-bar top-rounded content-bar">documents // delete selected</div>';
$output .= '<div class="triple-column-content">';
$output .= '<form action="" method="post">';
$output .= $siteText['areYouSureDelete'].'<br /><br/>';
//column count
$colCount = 0;
//thumbs
for($i=0;$i<$numSelected;$i++){
$output .= $arr['title'][$i].'<br />';
}
$output .= '<div class="clear"></div>';
$output .= '<br /><br/>';
for($i=0;$i<$numSelected;$i++){
$output .= '<input type="hidden" name="idArray[]" value="'.$arr['id'][$i].'" />';
}
$output .= '<input type="submit" name="moveSelectedToTrash" value="'.$siteText['formBtnYes'].'" class="button fully-rounded" /> ';
$output .= '<input type="submit" name="back" value="'.$siteText['formBtnNo'].'" class="button fully-rounded" />';
$output .= '</form>';
$output .= '</div>';
$output .= '</div>';
return $output;
}
function moveSelectedDocumentsToTrash(){
foreach($_POST['idArray'] as $key => $itemId){
$updateQuery = 'UPDATE status SET active="0" WHERE page="documents" AND itemId="'.$itemId.'";';
mysql_query($updateQuery);
}
header('location: ./documents/');
}
?>