From fd3ba314c85b9e6d2a0a42e67cebb829ec82ab84 Mon Sep 17 00:00:00 2001
From: Graham Cole <chckens@sucs.org>
Date: Sat, 27 Feb 2010 18:18:34 +0000
Subject: [PATCH] long overdue interface for editing library book data

---
 components/library.php          | 22 +++++++++++++++++++++-
 templates/library-book-edit.tpl | 32 ++++++++++++++++++++++++++++++++
 templates/library-book.tpl      | 13 +++++--------
 3 files changed, 58 insertions(+), 9 deletions(-)
 create mode 100644 templates/library-book-edit.tpl

diff --git a/components/library.php b/components/library.php
index 0dc2f05..b5b92a1 100644
--- a/components/library.php
+++ b/components/library.php
@@ -55,6 +55,7 @@ if (isset($_REQUEST['search']) && (trim($_REQUEST['search']) != "")) {
 	$mode = "display";
 	$checkout_request = false;
 	$book_index = intval($pathlist[$library_index + 1]);
+	if (isset($session->groups[$permission])) $smarty->assign('editable', true);
 
 // Check this book actually exists
 	$loans = $DB->GetAll("SELECT onloan FROM books WHERE id=? LIMIT 1", array($book_index));
@@ -62,7 +63,7 @@ if (isset($_REQUEST['search']) && (trim($_REQUEST['search']) != "")) {
 		$mode = "bookerror";
 	} else {
 
-	// See if we're supposed to be loaning or returning this book 
+	// See if we're supposed to be loaning/returning/editing/saving this book 
 		if ($session->loggedin && isset($_REQUEST['action'])) {
 			if ($_REQUEST['action'] == "loan") {
 				if (isset($session->groups[$permission])) {
@@ -77,6 +78,25 @@ if (isset($_REQUEST['search']) && (trim($_REQUEST['search']) != "")) {
 			} elseif (($_REQUEST['action'] == "return") && isset($session->groups[$permission])) {
 				// update DB
 				$DB->Query("UPDATE books SET onloan='f', loandate=NULL WHERE id=?", array($book_index));
+			} elseif (($_REQUEST['action'] == "edit") && isset($session->groups[$permission])) {
+				// we're an editor and want to edit this book
+				$smarty->assign("editing", true); 
+			} elseif (($_REQUEST['action'] == "save") && isset($session->groups[$permission])) {
+				// save edited book
+				$book['title'] = $_REQUEST['title'];
+				$book['author'] = $_REQUEST['author'];
+				$book['publisher'] = $_REQUEST['publisher'];
+				$book['description'] = $_REQUEST['description'];
+
+				if ($DB->AutoExecute('books', $book, 'UPDATE', "id=".$DB->qstr($book_index))) { 
+					message_flash_postponed("Book Updated!");
+					//redirect to prevent form resubmission
+					header('HTTP/1.1 303 See Other');
+					header("Location: $baseurl$path"); 
+				} else {
+					trigger_error("Error updating book: ".$DB->ErrorMsg(), E_USER_WARNING);
+				}
+
 			}
 		}
 
diff --git a/templates/library-book-edit.tpl b/templates/library-book-edit.tpl
new file mode 100644
index 0000000..32e7d2b
--- /dev/null
+++ b/templates/library-book-edit.tpl
@@ -0,0 +1,32 @@
+
+<div class="box">
+	<div class="boxhead"><h2>{$book.title}</h2></div>
+	<div class="boxcontent">
+
+		<strong>{if $book.onloan}On loan{else}Book Available{/if}</strong>
+		{if $book.image_url != ""}<img class="emblem" src="{$book.image_url|escape}" alt="{$book.title|escape}" />{/if}
+{if $editable == true}
+	<form class="admin" action="{$baseurl}{$path}?action=save" method="POST">
+		<div class="row">
+			<label for="title">Title</label>
+			<span class="textinput"><input type="text" name="title" value="{$book.title}" /></span>
+		</div>
+		<div class="row">
+			<label for="author">Author</label>
+			<span class="textinput"><input type="text" name="author" value="{$book.author}" /></span>
+		</div>
+		<div class="row">
+			<label for="publisher">Publisher</label>
+			<span class="textinput"><input type="text" name="publisher" value="{$book.publisher}" /></span>
+		</div>
+		<div class="row"><label for="description">Description</label><textarea cols="50" rows="20" name="description">{$book.description|escape}</textarea></div>
+		<input type="submit" value="Save" />
+	</form> 
+{else}
+	<p>You don't have permission to edit books</p>
+
+{/if}
+	<div class="clear"></div>
+	</div>
+	<div class="hollowfoot"><div><div></div></div></div>
+</div>
diff --git a/templates/library-book.tpl b/templates/library-book.tpl
index ecb16a9..6fda2f4 100644
--- a/templates/library-book.tpl
+++ b/templates/library-book.tpl
@@ -3,20 +3,17 @@
 	<div class="boxhead"><h2>{$book.title}</h2></div>
 	<div class="boxcontent">
 
-{if $editable == true}
-	<form action="" method="POST">
-		<input type="text" name="title" value="{$book.title}" />
-		<input type="text" name="author" value="{$book.author}" />
-		<input type="text" name="publisher" value="{$book.publisher}" />
-		<textarea name="description" value="{$book.description}" /> 
-	</form> 
-{/if}
 		<strong>{if $book.onloan}On loan{else}Book Available{/if}</strong>
 		{if $book.image_url != ""}<img class="emblem" src="{$book.image_url|escape}" alt="{$book.title|escape}" />{/if}
 		<p>Author: {$book.author}</p>
 	{if isset($book.description)}
 		<div>{$book.description}</div>
 	{/if}
+{if $editable == true}
+	<div class="edit">
+	<ul><li><a href="?action=edit">Edit</a></li></ul>
+	</div>
+{/if}
 	<div class="clear"></div>
 	</div>
 	<div class="hollowfoot"><div><div></div></div></div>
-- 
GitLab