You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
228 lines
8.2 KiB
228 lines
8.2 KiB
3 years ago
|
<?php
|
||
|
// This program is free software; you can redistribute it and/or modify
|
||
|
// it under the terms of the GNU General Public License as published by
|
||
|
// the Free Software Foundation; either version 2 of the License, or
|
||
|
// (at your option) any later version.
|
||
|
|
||
|
// This program is distributed in the hope that it will be useful,
|
||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
|
// GNU General Public License for more details.
|
||
|
|
||
|
// You should have received a copy of the GNU General Public License
|
||
|
// along with this program; if not, write to the Free Software
|
||
|
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||
|
|
||
|
require_once(dirname(__FILE__) . "/includes/funcLib.php");
|
||
|
require_once(dirname(__FILE__) . "/includes/MySmarty.class.php");
|
||
|
$smarty = new MySmarty();
|
||
|
$opt = $smarty->opt();
|
||
|
|
||
|
session_start();
|
||
|
if (!isset($_SESSION["userid"])) {
|
||
|
header("Location: " . getFullPath("login.php"));
|
||
|
exit;
|
||
|
}
|
||
|
else {
|
||
|
$userid = $_SESSION["userid"];
|
||
|
}
|
||
|
|
||
|
$action = "";
|
||
|
if (!empty($_GET["action"])) {
|
||
|
$action = $_GET["action"];
|
||
|
$itemid = (int) $_GET["itemid"];
|
||
|
if ($action == "reserve") {
|
||
|
adjustAllocQuantity($itemid,$userid,0,+1, $smarty->dbh(), $smarty->opt());
|
||
|
}
|
||
|
else if ($action == "purchase") {
|
||
|
// decrement reserved.
|
||
|
adjustAllocQuantity($itemid,$userid,0,-1, $smarty->dbh(), $smarty->opt());
|
||
|
// increment purchased.
|
||
|
adjustAllocQuantity($itemid,$userid,1,+1, $smarty->dbh(), $smarty->opt());
|
||
|
}
|
||
|
else if ($action == "return") {
|
||
|
// increment reserved.
|
||
|
adjustAllocQuantity($itemid,$userid,0,+1, $smarty->dbh(), $smarty->opt());
|
||
|
// decrement purchased.
|
||
|
adjustAllocQuantity($itemid,$userid,1,-1, $smarty->dbh(), $smarty->opt());
|
||
|
}
|
||
|
else if ($action == "release") {
|
||
|
adjustAllocQuantity($itemid,$userid,0,-1, $smarty->dbh(), $smarty->opt());
|
||
|
}
|
||
|
else if ($action == "copy") {
|
||
|
/*
|
||
|
can't do this because MySQL 3.x doesn't seem to support it (at least the version i was using).
|
||
|
$query = "INSERT INTO items(userid,description,price,source,url,category) SELECT $userid, description, price, source, url, category FROM items WHERE itemid = " . $_GET["itemid"];
|
||
|
*/
|
||
|
/* TODO: copy the image too? */
|
||
|
$stmt = $smarty->dbh()->prepare("SELECT userid, description, price, source, url, category, comment FROM {$opt["table_prefix"]}items WHERE itemid = ?");
|
||
|
$stmt->bindParam(1, $itemid, PDO::PARAM_INT);
|
||
|
$stmt->execute();
|
||
|
if ($row = $stmt->fetch()) {
|
||
|
$desc = $row["description"];
|
||
|
$source = $row["source"];
|
||
|
$url = $row["url"];
|
||
|
$comment = $row["comment"];
|
||
|
$price = (float) $row["price"];
|
||
|
$cat = (int) $row["category"];
|
||
|
|
||
|
$stmt = $smarty->dbh()->prepare("INSERT INTO {$opt["table_prefix"]}items(userid,description,price,source,url,comment,category,ranking,quantity) VALUES(?, ?, ?, ?, ?, ?, ?, 1, 1");
|
||
|
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
|
||
|
$stmt->bindParam(2, $desc, PDO::PARAM_STR);
|
||
|
$stmt->bindParam(3, $price);
|
||
|
$stmt->bindParam(4, $source, PDO::PARAM_STR);
|
||
|
$stmt->bindParam(5, $url, PDO::PARAM_STR);
|
||
|
$stmt->bindParam(6, $comment, PDO::PARAM_STR);
|
||
|
$stmt->bindParam(7, $cat, PDO::PARAM_INT);
|
||
|
$stmt->execute();
|
||
|
|
||
|
stampUser($userid, $smarty->dbh(), $smarty->opt());
|
||
|
|
||
|
$message = "Added '" . $desc . "' to your gift list.";
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
$shopfor = (int) $_GET["shopfor"];
|
||
|
if ($shopfor == $userid) {
|
||
|
echo "Nice try! (You can't shop for yourself.)";
|
||
|
exit;
|
||
|
}
|
||
|
$stmt = $smarty->dbh()->prepare("SELECT * FROM {$opt["table_prefix"]}shoppers WHERE shopper = ? AND mayshopfor = ? AND pending = 0");
|
||
|
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
|
||
|
$stmt->bindParam(2, $shopfor, PDO::PARAM_INT);
|
||
|
$stmt->execute();
|
||
|
if (!($stmt->fetch())) {
|
||
|
echo "Nice try! (You can't shop for someone who hasn't approved it.)";
|
||
|
exit;
|
||
|
}
|
||
|
|
||
|
if (!isset($_GET["sort"])) {
|
||
|
$sortby = "rankorder DESC, description";
|
||
|
}
|
||
|
else {
|
||
|
$sort = $_GET["sort"];
|
||
|
switch ($sort) {
|
||
|
case "ranking":
|
||
|
$sortby = "rankorder DESC, description";
|
||
|
break;
|
||
|
case "description":
|
||
|
$sortby = "description";
|
||
|
break;
|
||
|
case "source":
|
||
|
$sortby = "source, rankorder DESC, description";
|
||
|
break;
|
||
|
case "price":
|
||
|
$sortby = "price, rankorder DESC, description";
|
||
|
break;
|
||
|
case "url":
|
||
|
$sortby = "url, rankorder DESC, description";
|
||
|
break;
|
||
|
case "status":
|
||
|
$sortby = "reservedid DESC, boughtid DESC, rankorder DESC, description";
|
||
|
break;
|
||
|
case "category":
|
||
|
$sortby = "c.category, rankorder DESC, description";
|
||
|
break;
|
||
|
default:
|
||
|
$sortby = "rankorder DESC, description";
|
||
|
}
|
||
|
}
|
||
|
|
||
|
/* here's what we're going to do: we're going to pull back the shopping list along with any alloc record
|
||
|
for those items with a quantity of 1. if the item's quantity > 1 we'll query alloc when we
|
||
|
get to that record. the theory is that most items will have quantity = 1 so we'll make the least
|
||
|
number of trips. */
|
||
|
$stmt = $smarty->dbh()->prepare("SELECT i.itemid, description, price, source, c.category, url, image_filename, " .
|
||
|
"ub.fullname AS bfullname, ub.userid AS boughtid, " .
|
||
|
"ur.fullname AS rfullname, ur.userid AS reservedid, " .
|
||
|
"rendered, i.comment, i.quantity " .
|
||
|
"FROM {$opt["table_prefix"]}items i " .
|
||
|
"LEFT OUTER JOIN {$opt["table_prefix"]}categories c ON c.categoryid = i.category " .
|
||
|
"LEFT OUTER JOIN {$opt["table_prefix"]}ranks r ON r.ranking = i.ranking " .
|
||
|
"LEFT OUTER JOIN {$opt["table_prefix"]}allocs a ON a.itemid = i.itemid AND i.quantity = 1 " . // only join allocs for single-quantity items.
|
||
|
"LEFT OUTER JOIN {$opt["table_prefix"]}users ub ON ub.userid = a.userid AND a.bought = 1 " .
|
||
|
"LEFT OUTER JOIN {$opt["table_prefix"]}users ur ON ur.userid = a.userid AND a.bought = 0 " .
|
||
|
"WHERE i.userid = $shopfor " .
|
||
|
"ORDER BY " . $sortby);
|
||
|
$stmt->bindParam(1, $shopfor, PDO::PARAM_INT);
|
||
|
$stmt->execute();
|
||
|
$shoprows = array();
|
||
|
while ($row = $stmt->fetch()) {
|
||
|
$row['price'] = formatPrice($row['price'], $opt);
|
||
|
if ($row['quantity'] > 1) {
|
||
|
// check the allocs table to see what has been allocated.
|
||
|
$avail = $row['quantity'];
|
||
|
$substmt = $smarty->dbh()->prepare("SELECT a.quantity, a.bought, a.userid, " .
|
||
|
"ub.fullname AS bfullname, ub.userid AS boughtid, " .
|
||
|
"ur.fullname AS rfullname, ur.userid AS reservedid " .
|
||
|
"FROM {$opt["table_prefix"]}allocs a " .
|
||
|
"LEFT OUTER JOIN {$opt["table_prefix"]}users ub ON ub.userid = a.userid AND a.bought = 1 " .
|
||
|
"LEFT OUTER JOIN {$opt["table_prefix"]}users ur ON ur.userid = a.userid AND a.bought = 0 " .
|
||
|
"WHERE a.itemid = ? " .
|
||
|
"ORDER BY a.bought, a.quantity");
|
||
|
$substmt->bindValue(1, $row['itemid'], PDO::PARAM_INT);
|
||
|
$substmt->execute();
|
||
|
$ibought = 0;
|
||
|
$ireserved = 0;
|
||
|
$itemallocs = array();
|
||
|
while ($allocrow = $substmt->fetch()) {
|
||
|
if ($allocrow['bfullname'] != '') {
|
||
|
if ($allocrow['boughtid'] == $userid) {
|
||
|
$ibought += $allocrow['quantity'];
|
||
|
$itemallocs[] = ($allocrow['quantity'] . " bought by you.");
|
||
|
}
|
||
|
else {
|
||
|
if (!$opt["anonymous_purchasing"]) {
|
||
|
$itemallocs[] = ($allocrow['quantity'] . " bought by " . $allocrow['bfullname'] . ".");
|
||
|
}
|
||
|
else {
|
||
|
$itemallocs[] = ($allocrow['quantity'] . " bought.");
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
else {
|
||
|
if ($allocrow['reservedid'] == $userid) {
|
||
|
$ireserved += $allocrow['quantity'];
|
||
|
$itemallocs[] = ($allocrow['quantity'] . " reserved by you.");
|
||
|
}
|
||
|
else {
|
||
|
if (!$opt["anonymous_purchasing"]) {
|
||
|
$itemallocs[] = ($allocrow['quantity'] . " reserved by " . $allocrow['rfullname'] . ".");
|
||
|
}
|
||
|
else {
|
||
|
$itemallocs[] = ($allocrow['quanitity'] . " reserved.");
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
$avail -= $allocrow['quantity'];
|
||
|
}
|
||
|
$row['allocs'] = $itemallocs;
|
||
|
$row['avail'] = $avail;
|
||
|
$row['ibought'] = $ibought;
|
||
|
$row['ireserved'] = $ireserved;
|
||
|
}
|
||
|
$shoprows[] = $row;
|
||
|
}
|
||
|
|
||
|
/* okay, I *would* retrieve the shoppee's fullname from the items recordset,
|
||
|
except that I wouldn't get it if he had no items, so I *could* LEFT OUTER
|
||
|
JOIN, but then it would complicate the iteration logic, so let's just
|
||
|
hit the DB again. */
|
||
|
$stmt = $smarty->dbh()->prepare("SELECT fullname FROM {$opt["table_prefix"]}users WHERE userid = ?");
|
||
|
$stmt->bindParam(1, $shopfor, PDO::PARAM_INT);
|
||
|
$stmt->execute();
|
||
|
if ($row = $stmt->fetch()) {
|
||
|
$ufullname = $row["fullname"];
|
||
|
}
|
||
|
|
||
|
$smarty->assign('ufullname', $ufullname);
|
||
|
$smarty->assign('shopfor', $shopfor);
|
||
|
$smarty->assign('shoprows', $shoprows);
|
||
|
$smarty->assign('userid', $userid);
|
||
|
if (isset($message)) {
|
||
|
$smarty->assign('message', $message);
|
||
|
}
|
||
|
$smarty->display('shop.tpl');
|
||
|
?>
|