junk.php

<?php

// Set defaults
$mode = "list";
$admin = false;

$admin_group="staff";

$admin = isset($session->groups[$admin_group]);

// If you're an admin and the path ends in Edit/ then a number put it into edit mode
// create canedit rules
$canedit=isset($pathlist[($component[depth]/2)+1]);
$canedit=$canedit && isset($pathlist[($component[depth]/2)+2]);
$canedit=$canedit && $pathlist[($component[depth]/2)+1]=='Edit';
$canedit=$canedit && is_numeric($pathlist[($component[depth]/2)+2]);
$canedit=$canedit && $admin;
// Apply canedit rules
if ($canedit){
	$id = $pathlist[($component[depth]/2)+2];
	$items = $DB->GetAll("SELECT id, title, category, description, donated_by, status FROM inventory WHERE id=? AND requested_by IS NULL",$id);
	if(sizeof($items) === 1){
		$item = $items[0];
		$smarty->assign("item", $item);
		$mode = "edit";
	}
}

// If you're an admin and the path ends in Add put it into add mode
// create canadd rules
$canadd=isset($pathlist[($component[depth]/2)+1]);
$canadd=$canadd && $pathlist[($component[depth]/2)+1]=='Add';
$canadd=$canadd && $admin;
// Apply canadd rules
if ($canadd){$mode = "add";}


// Process actions before retrieving the data
// List request data
if ($session->loggedin && isset($_REQUEST['action'])) {
	// Junk Requests
        if ($_REQUEST['action'] == "Request") {
		// Request Item if its available
                $query = "UPDATE inventory SET requested_by=?, requested_on=now() WHERE id=? AND requested_by IS NULL";
                $DB->Query($query, array($session->username, $_REQUEST['item']));
        }
	elseif ($_REQUEST['action'] == "Un-Request") {
		// Un-Request Item
		if ($admin){
			// if you're admin just do it
			$query = "UPDATE inventory SET requested_by=null, requested_on=null WHERE id=?";
                        $array = array($_REQUEST['item']);
		}
		else{
			// if not admin check if you requested it first
			$query = "UPDATE inventory SET requested_by=null, requested_on=null WHERE id=? AND requested_by=?";
			$array = array($_REQUEST['item'], $session->username);
		}
		$DB->Query($query, $array);
	}
	elseif ($_REQUEST['action'] == "Take" && $admin){
		// Take item, if you're admin
		$query = "UPDATE inventory SET taken_on=now() WHERE id=? AND requested_by IS NOT NULL";
		$DB->Query($query, $_REQUEST['item']);
	}
	elseif ($_REQUEST['action'] == "Remove" && $admin){
		// Remove item, if you're admin and its been taken
		$query = "DELETE FROM inventory WHERE id=? AND taken_on IS NOT NULL";
		$DB->Query($query, $_REQUEST['item']);
	}
	elseif ($_REQUEST['action'] == "Not Junk" && $admin){
		// Mark item as not junk if it's not been requested and you're admin
		$query = "UPDATE inventory SET status='unknown' WHERE id=? AND requested_by IS NULL";
		$DB->Query($query, $_REQUEST['item']);
	}
	elseif ($_REQUEST['action'] =="Junk" && $admin){
		// Mark item as junk, if you're admin
		$query = "UPDATE inventory SET status='junk' WHERE id=?";
                $DB->Query($query, $_REQUEST['item']);
	}

}
// Update/Add item
if ($session->loggedin && $admin && (isset($_REQUEST['update']) || isset($_REQUEST['add']))) {
         // Update/Add item if title and category are filled in else error
         if ($_REQUEST['title'] != "" && $_REQUEST['category'] != "") {
		// if the description is blank, return null
		if ($_REQUEST['description'] == ""){
			$description = null;
		}
		else{
			$description = $_REQUEST['description'];
		}
		// if the donated_by is blank, return null
		if ($_REQUEST['donated_by'] == ""){
                         $donated_by = null;
                }
                else{
                        $donated_by = $_REQUEST['donated_by'];
                }
		// run the query
		if(isset($_REQUEST['update'])){
			$query = "UPDATE inventory SET title=?, category=?, description=?, donated_by=?, status=? WHERE id=?";
			$array = array($_REQUEST['title'], $_REQUEST['category'], $description, $donated_by, $_REQUEST['status'], $_REQUEST['id']);
			message_flash("Item Updated");
		}
		elseif(isset($_REQUEST['add'])){
			$query = "INSERT INTO inventory (title, category, description, donated_by, status) VALUES (?, ?, ?, ?, ?)";
			$array = array($_REQUEST['title'], $_REQUEST['category'], $description, $donated_by, $_REQUEST['status']);
			message_flash("Item Added");
		}
		$DB->Query($query, $array);
	 }
	 else{
		 trigger_error("Required field(s) missing", E_USER_WARNING);
	 }
}


if ($mode == 'list'){
	// Get junk from database, and give admin the full list
	if ($admin == true){
		$junk = $DB->GetAll("SELECT * FROM inventory ORDER BY category, title, id");
	}
	else{
		$junk = $DB->GetAll("SELECT * FROM inventory WHERE status = 'junk' ORDER BY category, title, id");
	}

	// group the junk by status then by category 
	foreach($junk as $junkitem) {
		if ($junkitem['status'] != 'junk') {
			$status = "unknown";
		} else if ($junkitem['requested_by'] == null) {
			$status = "available"; 
		} else if ($junkitem['taken_on'] == null) {
			$status = "requested";
		} else {
			$status = "taken";
		} 
		
		$sortedjunk[$status][$junkitem['category']][] = $junkitem; 
	}

	$smarty->assign("junk", $sortedjunk);
	
	// Check there is some junk
	if (sizeof($junk) < 1) {
		$mode = "nojunk";
	}
}
// Generate output

$smarty->assign("statuses",array("unknown", "in use", "wanted", "junk"));
$smarty->assign("componentpath", $baseurl . $component[path]);
$smarty->assign("mode", $mode);
$smarty->assign("admin", $admin);

$output =  $smarty->fetch("junk.tpl");

$smarty->assign("title", "Junk List");
$smarty->assign("body", $output);

?>