Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
<?php
// we're potentially doing stuff with members here
include_once("../lib/members.php");
// who d'you have to be?
$permission = "librarian";
$librarian_mail = "librarian@sucs.org";
// don't try to convert existing html entities
// this could be broken out someplace else
function htmlentities2($myHTML) {
$translation_table=get_html_translation_table (HTML_ENTITIES,ENT_QUOTES);
$translation_table[chr(38)] = '&';
return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&" , strtr($myHTML, $translation_table));
}
$library_index = array_search("Library", $pathlist);
if (isset($session->groups[$permission])) {
$smarty->assign("librarian", TRUE);
}
// Default to browsing, empty search box, generic title
$mode = "browse";
$search = "";
$smarty->assign("title","Library");
$output2 = $smarty->fetch("library-search.tpl");
$smarty->assign("secondary", $output2);
if (isset($_REQUEST['search']) && (trim($_REQUEST['search']) != "")) {
// Pass the template some search results
$mode = "search";
} elseif (isset($pathlist[$library_index +1]) && ($pathlist[$library_index + 1] == "Tags")) {
if (isset($pathlist[$library_index + 2])) {
$tag = $pathlist[$library_index + 2];
// we're displaying books with a specific tag
$categories = $DB->GetOne("SELECT count(name) FROM bookcategories WHERE name=?", array($tag));
if ($categories['count'] == 1) {
$mode = "tagdisplay";
$query = "SELECT b.id, b.title FROM books AS b JOIN booktags AS bt ON b.id= bt.bookid";
$query .= " JOIN bookcategories AS bc ON bc.id = bt.tag WHERE bc.name=?";
$smarty->assign("results", $DB->GetAll($query, array($tag)));
} else {
// this tag doesn't exist...
$mode = "tagerror";
}
} else {
$mode = "taglist";
$smarty->assign("tags", $DB->GetAll("SELECT name FROM bookcategories"));
}
} elseif (isset($pathlist[$library_index + 1]) && is_numeric($pathlist[$library_index + 1])) {
// We're displaying a specific book
$mode = "display";
$checkout_request = false;
$book_index = intval($pathlist[$library_index + 1]);
// Check this book actually exists
$loans = $DB->GetAll("SELECT onloan FROM books WHERE id=? LIMIT 1", array($book_index));
if (sizeof($loans) != 1) {
$mode = "bookerror";
} else {
// See if we're supposed to be loaning or returning this book
if ($session->loggedin && isset($_REQUEST['action'])) {
if ($_REQUEST['action'] == "loan") {
if (isset($session->groups[$permission])) {
// update DB
$query = "UPDATE books SET onloan='t', loandate=now(), loanwho=? WHERE id=?";
$DB->Query($query, array($_REQUEST['member'], $book_index));
} else {
// send mail to librarians
// do this in a moment when we have more details about the book
$checkout_request = true;
}
} elseif (($_REQUEST['action'] == "return") && isset($session->groups[$permission])) {
// update DB
$DB->Query("UPDATE books SET onloan='f', loandate=NULL WHERE id=?", array($book_index));
}
}
$results = $DB->GetAll("SELECT * FROM books WHERE id=? LIMIT 1", array($book_index));
$book = $results[0];
if ($checkout_request) {
// someone wants to check out this book
$msgbody = "User {$session->username} would like to take out";
$msgbody .= " {$book['title']} by {$book['author']} from the library.\n\n";
$msgbody .= "Visit https://$preferred_hostname$path to process this request.";
mail($librarian_mail, "Book Request", $msgbody);
$smarty->assign("checkout_request", true);
}
// Clean up ready for output
$book['title'] = htmlentities2($book['title']);
$book['author'] = htmlentities2($book['author']);
$book['onloan'] = ($book['onloan'] == 't') ? true : false;
// Extract amazon data (maybe this should be stored in separate field in the db?)
$simple_xml = simplexml_load_string($book['amazon_data']);
//FIXME: figure out how to tell if there was usable amazon data after all
//$book['description'] = $simple_xml->Items->Item->EditorialReviews->EditorialReview->Content;
$smarty->assign("book", $book);
// Add loan interface to sidebar if we're logged in
if ($session->loggedin) {
$members = new Members;
$smarty->assign("memberlist", $members->getMemberList());
$secondary = $smarty->get_template_vars("secondary");
$secondary .= $smarty->fetch('library-loan.tpl');
$smarty->assign("secondary", $secondary);
}
// Edit the path list to make the breadcrumbs tastier
$pathlist[$library_index + 1] = $results[0]['title'];
}
} else {
//Nothing being requested, just find some random books to put on main page
$smarty->assign("tags", $DB->GetAll("SELECT name FROM bookcategories"));
$smarty->assign("randoms", $DB->GetAll("SELECT * FROM books WHERE image_url IS NOT NULL ORDER BY random() LIMIT 4"));
}
if ($mode == "search") {
$search = $_REQUEST['search'];
$query = "SELECT id, title, onloan FROM books WHERE (title || ' ' || author || ' ' || keywords) ~* ? ORDER BY title ASC";
$results = $DB->GetAll($query,array($search));
foreach ($results as &$result) {
$result['title'] = htmlentities2($result['title']);
$result['onloan'] = ($result['onloan'] == 't') ? true : false;
}
$pathlist[] = "Search";
$smarty->assign("results", $results);
} elseif ($mode == "display") {
}
$smarty->assign("mode", $mode);
$smarty->assign("search", $search);
$smarty->assign("pathlist", $pathlist);
$output = $smarty->fetch("library.tpl");
$smarty->assign("body",$output);
?>