loviuz/openstamanager
loviuz
/
openstamanager
mirror of https://github.com/devcode-it/openstamanager.git
1
0
Fork 0
Code Issues Releases Activity
openstamanager/modules/gestione_documentale/actions.php

137 lines
3.9 KiB
PHP
Raw Normal View History

Nuovo modulo gestione documentale
2018-04-19 15:16:58 +02:00
<?php
if( $docroot == '' ){
die( _("Accesso negato!") );
}
switch( post('op') ){
case "add":
$nome = save( $_POST['nome'] );
$idcategoria = save( $_POST['idcategoria'] );
$data = saveDate( $_POST['data'] );
$dir_ok = true;
$nome_modulo = 'Gestione documentale';
$nome_allegato = save( $_POST['nome_allegato'] );
$filename = $_FILES['blob']['name'];
$src = $_FILES['blob']['tmp_name'];
$f = pathinfo( $filename );
//$q="SELECT idanagrafica FROM zz_utenti WHERE idutente=".$_SESSION['idutente'];
//$rs=$dbo->fetchArray($q);
//$idutente=$rs[0]['idanagrafica'];
$dst_file = sanitizeFilename( $f['filename'].".".$f['extension'] );
$dst_dir = $docroot."/files/gestione_documentale/";
$dst_dir = strtolower($dst_dir);
//Rinomino il file se non esiste già
$f = pathinfo($dst_file);
$i = 1;
while( file_exists($dst_dir."/".$dst_file) ){
$dst_file = sanitizeFilename($f['filename']."_".$i.".".$f['extension']);
$i++;
}
//Se la destinazione non esiste la creo
if( !is_dir($dst_dir) ){
if( !mkdir($dst_dir) ){
$dir_ok = false;
array_push( $_SESSION['errors'], "Non hai i permessi per creare directory!" );
header( "Location: ".$rootdir."/controller.php?id_module=".Modules::get('Gestione documentale')['id'] );
exit;
}
}
//Creazione file fisico
if( $dir_ok ){
if( move_uploaded_file( $src, $dst_dir."/".$dst_file) ){
$rs = $dbo->query("INSERT INTO `zz_documenti`( nome, idcategoria, data ) VALUES( '".$nome."','".$idcategoria."','".$data."' )");
$id_record = $dbo->last_inserted_id();
$rs = $dbo->query("INSERT INTO `zz_files`( nome, filename, id_module, id_record ) VALUES( \"".$nome_allegato."\", \"".$dst_file."\", \"".Modules::get('Gestione documentale')['id']."\", \"".$id_record."\" )");
array_push( $_SESSION['infos'], "File caricato correttamente!" );
//header( "Location: ".$rootdir."/controller.php?id_module=".$modules_info[$modulo_permessi]['id'] );
//exit;
}
else{
array_push( $_SESSION['errors'], "Errore durante il caricamento del file!" );
header( "Location: ".$rootdir."/controller.php?id_module=".Modules::get('Gestione documentale')['id'] );
exit;
}
}
break;
case "update":
if( $permessi[$module_name] == 'rw' ){
//leggo tutti i valori passati dal POST e li salvo in un array
$html_post = array();
foreach ($_POST as $key => $value) {
$html_post[$key] = save($value);
}
if( isset($_POST['id_record']) ){
$query = "UPDATE zz_documenti SET ".
"idcategoria=\"".$html_post['idcategoria']."\",".
"nome=\"".$html_post['nome']."\",".
"data=\"".saveDate($html_post['data'])."\"".
"WHERE id = '$id_record' ".$additional_where['Gestione documenti'];
$rs = $dbo->query( $query );
array_push( $_SESSION['infos'], "Informazioni per la scheda ''".$html_post['id']."'' salvate correttamente!");
}
}
break;
case "delete":
if( $permessi[$module_name] == 'rw' ){
$rs = $dbo->fetchArray("SELECT id FROM zz_files WHERE externalid = \"".$id_record."\" AND module = '".$module_name."' " );
$n = sizeof($rs);
//Per tutte le sessioni di lavoro trovate
for($i=0; $i<$n; $i++){
//Elimino fisicamente il file...
$rs2 = $dbo->fetchArray("SELECT filename FROM zz_files WHERE id = \"".$rs[$i]['id']."\" ");
unlink( $docroot."/files/".strtolower($module_name)."/".$rs2[0]['filename'] );
//array_push( $_SESSION['warnings'], $rs2[0]['filename']." eliminato!");
}
//...e da db
$dbo->query("DELETE FROM zz_files WHERE externalid = \"".$id_record."\" AND module = '".$module_name."' ");
$dbo->query("DELETE FROM zz_documenti WHERE id = \"".$id_record."\" ");
array_push( $_SESSION['infos'], "Scheda e relativi files eliminati!" );
}
break;
}
?>