You dont have enough privileges to view this section'); } /* REMOVE IMAGE */ if (isset($_POST['removeImage']) && isset($_POST['mimg']) && isset($_POST['img'])) { $_delete = $dbs->query(sprintf('UPDATE member SET member_image=NULL WHERE member_id=%d', $_POST['mimg'])); if ($_delete) { @unlink(sprintf(IMGBS.'persons/%s',$_POST['img'])); exit(''); } exit(); } /* member update process */ if (isset($_POST['saveData']) AND $can_read AND $can_write) { // check form validity $memberID = trim($_POST['memberID']); $memberName = trim($_POST['memberName']); $mpasswd1 = trim($_POST['memberPasswd']); $mpasswd2 = trim($_POST['memberPasswd2']); if (empty($memberID) OR empty($memberName)) { utility::jsAlert(__('Member ID and Name can\'t be empty')); //mfc exit(); } else if (($mpasswd1 AND $mpasswd2) AND ($mpasswd1 !== $mpasswd2)) { utility::jsAlert(__('Password confirmation does not match. See if your Caps Lock key is on!')); exit(); } else { // include custom fields file if (file_exists(MDLBS.'membership/member_custom_fields.inc.php')) { include MDLBS.'membership/member_custom_fields.inc.php'; } /** * Custom fields */ if (isset($member_custom_fields)) { if (is_array($member_custom_fields) && $member_custom_fields) { foreach ($member_custom_fields as $fid => $cfield) { // custom field $cf_dbfield = $cfield['dbfield']; if (isset($_POST[$cf_dbfield]) AND trim($_POST[$cf_dbfield]) != '') { $data[$cf_dbfield] = trim($dbs->escape_string(strip_tags($_POST[$cf_dbfield], $sysconf['content']['allowable_tags']))); } } } } $data['member_id'] = $dbs->escape_string($memberID); $data['member_name'] = $dbs->escape_string($memberName); $data['member_type_id'] = (integer)$_POST['memberTypeID']; $data['inst_name'] = trim($dbs->escape_string(strip_tags($_POST['instName']))); $data['gender'] = trim($dbs->escape_string(strip_tags($_POST['gender']))); $data['birth_date'] = trim($dbs->escape_string(strip_tags($_POST['birthDate']))); $data['register_date'] = trim($dbs->escape_string(strip_tags($_POST['regDate']))); // member since date $member_since = trim($dbs->escape_string(strip_tags($_POST['sinceDate']))); if (isset($_POST['updateRecordID'])) { $data['member_since_date'] = $member_since; } else { if ($member_since) { $data['member_since_date'] = $member_since; } else { $data['member_since_date'] = $data['register_date']; } } $data['expire_date'] = trim($dbs->escape_string(strip_tags($_POST['expDate']))); // extending membership if (isset($_POST['extend']) AND !empty($_POST['extend'])) { // get membership periode from database $mtype_query = $dbs->query("SELECT member_periode FROM mst_member_type WHERE member_type_id=".$data['member_type_id']); $mtype_data = $mtype_query->fetch_row(); $data['register_date'] = date('Y-m-d'); $data['expire_date'] = simbio_date::getNextDate($mtype_data[0], $data['register_date']); } $data['pin'] = trim($dbs->escape_string(strip_tags($_POST['memberPIN']))); $data['member_address'] = trim($dbs->escape_string(strip_tags($_POST['memberAddress']))); $data['member_mail_address'] = trim($dbs->escape_string(strip_tags($_POST['memberMailAddress']))); $data['member_phone'] = trim($dbs->escape_string(strip_tags($_POST['memberPhone']))); $data['member_fax'] = trim($dbs->escape_string(strip_tags($_POST['memberFax']))); $data['postal_code'] = trim($dbs->escape_string(strip_tags($_POST['memberPostal']))); $data['member_notes'] = trim($dbs->escape_string(strip_tags($_POST['memberNotes']))); $data['member_email'] = trim($dbs->escape_string(strip_tags($_POST['memberEmail']))); $data['is_pending'] = isset($_POST['isPending'])? intval($_POST['isPending']) : '0'; $data['input_date'] = date('Y-m-d'); $data['last_update'] = date('Y-m-d'); if (!empty($_FILES['image']) AND $_FILES['image']['size']) { // create upload object $upload = new simbio_file_upload(); $upload->setAllowableFormat($sysconf['allowed_images']); $upload->setMaxSize($sysconf['max_image_upload']*1024); // approx. 100 kb $upload->setUploadDir(IMGBS.'persons'); // give new name for upload file $new_filename = 'member_'.$data['member_id']; $upload_status = $upload->doUpload('image', $new_filename); if ($upload_status == UPLOAD_SUCCESS) { $data['member_image'] = $dbs->escape_string($upload->new_filename); } } else if (!empty($_POST['base64picstring'])) { list($filedata, $filedom) = explode('#image/type#', $_POST['base64picstring']); $filedata = base64_decode($filedata); $fileinfo = getimagesizefromstring($filedata); $valid = strlen($filedata)/1024 < $sysconf['max_image_upload']; $valid = (!$fileinfo || $valid === false) ? false : in_array($fileinfo['mime'], $sysconf['allowed_images_mimetype']); $new_filename = 'member_'.$data['member_id'].'.'.strtolower($filedom); if ($valid AND file_put_contents(IMGBS.'persons/'.$new_filename, $filedata)) { $data['member_image'] = $dbs->escape_string($new_filename); if (!defined('UPLOAD_SUCCESS')) define('UPLOAD_SUCCESS', 1); $upload_status = UPLOAD_SUCCESS; } } // password confirmation if (($mpasswd1 AND $mpasswd2) AND ($mpasswd1 === $mpasswd2)) { $data['mpasswd'] = 'literal{MD5(\''.$mpasswd2.'\')}'; } // create sql op object $sql_op = new simbio_dbop($dbs); if (isset($_POST['updateRecordID'])) { /* UPDATE RECORD MODE */ // remove input date unset($data['input_date']); // filter update record ID $updateRecordID = $dbs->escape_string(trim($_POST['updateRecordID'])); $old_member_ID = $updateRecordID; // update the data $update = $sql_op->update('member', $data, "member_id='$updateRecordID'"); if ($update) { // update other tables contain this member ID @$dbs->query('UPDATE loan SET member_id=\''.$data['member_id'].'\' WHERE member_id=\''.$old_member_ID.'\''); @$dbs->query('UPDATE fines SET member_id=\''.$data['member_id'].'\' WHERE member_id=\''.$old_member_ID.'\''); utility::jsAlert(__('Member Data Successfully Updated')); // upload status alert if (isset($upload_status)) { if ($upload_status == UPLOAD_SUCCESS) { // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'membership', $_SESSION['realname'].' upload image file '.$upload->new_filename); utility::jsAlert(__('Image Uploaded Successfully')); } else { // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'membership', 'ERROR : '.$_SESSION['realname'].' FAILED TO upload image file '.$upload->new_filename.', with error ('.$upload->error.')'); utility::jsAlert(__('Image FAILED to upload')); } } // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'membership', $_SESSION['realname'].' update member data ('.$memberName.') with ID ('.$memberID.')'); if ($sysconf['webcam'] == 'html5') { echo ''; } else { echo ''; } } else { utility::jsAlert(__('Member Data FAILED to Save/Update. Please Contact System Administrator')."\nDEBUG : ".$sql_op->error); } exit(); } else { /* INSERT RECORD MODE */ if (!$mpasswd1 AND !$mpasswd2) { $data['mpasswd'] = 'literal{NULL}'; } // insert the data $insert = $sql_op->insert('member', $data); if ($insert) { utility::jsAlert(__('New Member Data Successfully Saved')); // upload status alert if (isset($upload_status)) { if ($upload_status == UPLOAD_SUCCESS) { // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'membership', $_SESSION['realname'].' upload image file '.$upload->new_filename); utility::jsAlert(__('Image Uploaded Successfully')); } else { // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'membership', 'ERROR : '.$_SESSION['realname'].' FAILED TO upload image file '.$upload->new_filename.', with error ('.$upload->error.')'); utility::jsAlert(__('Image FAILED to upload')); } } // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'membership', $_SESSION['realname'].' add new member ('.$memberName.') with ID ('.$memberID.')'); echo ''; } else { utility::jsAlert(__('Member Data FAILED to Save/Update. Please Contact System Administrator')."\nDEBUG : ".$sql_op->error); } exit(); } } exit(); } else if (isset($_POST['batchExtend']) && $can_read && $can_write) { /* BATCH extend membership proccessing */ $curr_date = date('Y-m-d'); $num_extended = 0; foreach ($_POST['itemID'] as $itemID) { $memberID = $dbs->escape_string(trim($itemID)); // get membership periode from database $mtype_q = $dbs->query('SELECT member_periode, m.member_name FROM member AS m LEFT JOIN mst_member_type AS mt ON m.member_type_id=mt.member_type_id WHERE m.member_id=\''.$memberID.'\''); $mtype_d = $mtype_q->fetch_row(); $expire_date = simbio_date::getNextDate($mtype_d[0], $curr_date); @$dbs->query('UPDATE member SET expire_date=\''.$expire_date.'\' WHERE member_id=\''.$memberID.'\''); // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'membership', $_SESSION['realname'].' extends membership for member ('.$mtype_d[1].') with ID ('.$memberID.')'); $num_extended++; } header('Location: '.MWB.'membership/index.php?expire=true&numExtended='.$num_extended); exit(); } else if (isset($_POST['itemID']) AND !empty($_POST['itemID']) AND isset($_POST['itemAction'])) { if (!($can_read AND $can_write)) { die(); } /* DATA DELETION PROCESS */ $sql_op = new simbio_dbop($dbs); $failed_array = array(); $error_num = 0; $still_have_loan = array(); if (!is_array($_POST['itemID'])) { // make an array $_POST['itemID'] = array($dbs->escape_string(trim($_POST['itemID']))); } // loop array foreach ($_POST['itemID'] as $itemID) { $itemID = $dbs->escape_string(trim($itemID)); // check if the member still have loan $loan_q = $dbs->query('SELECT DISTINCT m.member_id, m.member_name, COUNT(l.loan_id) FROM member AS m LEFT JOIN loan AS l ON (m.member_id=l.member_id AND l.is_lent=1 AND l.is_return=0) WHERE m.member_id=\''.$itemID.'\' GROUP BY m.member_id'); $loan_d = $loan_q->fetch_row(); if ($loan_d[2] < 1) { if (!$sql_op->delete('member', "member_id='$itemID'")) { $error_num++; } else { // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'membership', $_SESSION['realname'].' DELETE member data ('.$loan_d[1].') with ID ('.$loan_d[0].')'); } } else { $still_have_loan[] = $loan_d[0].' - '.$loan_d[1]; $error_num++; } } if ($still_have_loan) { $members = ''; foreach ($still_have_loan as $mbr) { $members .= $mbr."\n"; } utility::jsAlert(__('Below member data can\'t be deleted because still have unreturned item(s)').' : '."\n".$mbr); exit(); } // error alerting if ($error_num == 0) { utility::jsAlert(__('All Data Successfully Deleted')); echo ''; } else { utility::jsAlert(__('Some or All Data NOT deleted successfully!\nPlease contact system administrator')); echo ''; } exit(); } /* RECORD OPERATION END */ /* search form */ ?>
'.__('You don\'t have enough privileges to view this section').''); } /* RECORD FORM */ $itemID = $dbs->escape_string(trim(isset($_POST['itemID'])?$_POST['itemID']:'')); $rec_q = $dbs->query("SELECT * FROM member WHERE member_id='$itemID'"); $rec_d = $rec_q->fetch_assoc(); // create new instance $form = new simbio_form_table_AJAX('mainForm', $_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING'], 'post'); $form->submit_button_attr = 'name="saveData" value="'.__('Save').'" class="button"'; // form table attributes $form->table_attr = 'align="center" id="dataList" cellpadding="5" cellspacing="0"'; $form->table_header_attr = 'class="alterCell" style="font-weight: bold;"'; $form->table_content_attr = 'class="alterCell2"'; // edit mode flag set if ($rec_q->num_rows > 0) { $form->edit_mode = true; // record ID for delete process $form->record_id = $itemID; // form record title $form->record_title = $rec_d['member_name']; // submit button attribute $form->submit_button_attr = 'name="saveData" value="'.__('Update').'" class="button"'; } /* Form Element(s) */ if ($form->edit_mode) { // check if member expired $curr_date = date('Y-m-d'); $compared_date = simbio_date::compareDates($rec_d['expire_date'], $curr_date); $is_expired = ($compared_date == $curr_date); $expired_message = ''; if ($is_expired) { // extend membership $chbox_array[] = array('1', __('Extend')); $form->addCheckBox('extend', __('Extend Membership'), $chbox_array); $expired_message = '('.__('Membership Already Expired').')'; } } // include custom fields file if (file_exists(MDLBS.'membership/member_custom_fields.inc.php')) { include MDLBS.'membership/member_custom_fields.inc.php'; } // member code $str_input = simbio_form_element::textField('text', 'memberID', $rec_d['member_id'], 'id="memberID" onblur="ajaxCheckID(\''.SWB.'admin/AJAX_check_id.php\', \'member\', \'member_id\', \'msgBox\', \'memberID\')" style="width: 30%;"'); $str_input .= ' '; $form->addAnything(__('Member ID').'*', $str_input); // member name $form->addTextField('text', 'memberName', __('Member Name').'*', $rec_d['member_name'], 'style="width: 100%;"'); // member birth date $form->addDateField('birthDate', __('Birth Date'), $rec_d['birth_date']); // member since date $form->addDateField('sinceDate', __('Member Since').'*', $form->edit_mode?$rec_d['member_since_date']:date('Y-m-d')); // member register date $form->addDateField('regDate', __('Register Date').'*', $form->edit_mode?$rec_d['register_date']:date('Y-m-d')); // member expire date if ($form->edit_mode) { $form->addDateField('expDate', __('Expiry Date').'*', $rec_d['expire_date']); } else { $chbox_array[] = array('1', __('Auto Set')); $str_input = ''.__('or take a photo').'
'; $str_input .= ''; if ($sysconf['webcam'] == 'flex') { $str_input .= ''; } elseif ($sysconf['webcam'] == 'html5') { $str_input .= ' | '; $str_input .= __('Ratio:').' | '; $str_input .= __('Format:').' | '; $str_input .= ' | '; $str_input .= ''; $str_input .= '