109 lines
4.0 KiB
PHP
109 lines
4.0 KiB
PHP
<?php
|
|
|
|
include_once __DIR__.'/../../core.php';
|
|
|
|
switch (post('op')) {
|
|
case 'add':
|
|
|
|
$nome = save($_POST['nome']);
|
|
$idcategoria = save($_POST['idcategoria']);
|
|
$data = saveDate($_POST['data']);
|
|
|
|
$dir_ok = true;
|
|
$nome_modulo = 'Gestione documentale';
|
|
$nome_allegato = save($_POST['nome_allegato']);
|
|
$filename = $_FILES['blob']['name'];
|
|
$src = $_FILES['blob']['tmp_name'];
|
|
$f = pathinfo($filename);
|
|
|
|
//$q="SELECT idanagrafica FROM zz_utenti WHERE idutente=".$_SESSION['idutente'];
|
|
//$rs=$dbo->fetchArray($q);
|
|
//$idutente=$rs[0]['idanagrafica'];
|
|
|
|
$dst_file = sanitizeFilename($f['filename'].'.'.$f['extension']);
|
|
$dst_dir = $docroot.'/files/gestione_documentale/';
|
|
$dst_dir = strtolower($dst_dir);
|
|
|
|
//Rinomino il file se non esiste già
|
|
$f = pathinfo($dst_file);
|
|
$i = 1;
|
|
|
|
while (file_exists($dst_dir.'/'.$dst_file)) {
|
|
$dst_file = sanitizeFilename($f['filename'].'_'.$i.'.'.$f['extension']);
|
|
++$i;
|
|
}
|
|
|
|
//Se la destinazione non esiste la creo
|
|
if (!is_dir($dst_dir)) {
|
|
if (!mkdir($dst_dir)) {
|
|
$dir_ok = false;
|
|
array_push($_SESSION['errors'], 'Non hai i permessi per creare directory!');
|
|
header('Location: '.$rootdir.'/controller.php?id_module='.Modules::get('Gestione documentale')['id']);
|
|
exit;
|
|
}
|
|
}
|
|
|
|
//Creazione file fisico
|
|
if ($dir_ok) {
|
|
if (move_uploaded_file($src, $dst_dir.'/'.$dst_file)) {
|
|
$rs = $dbo->query("INSERT INTO `zz_documenti`( nome, idcategoria, data ) VALUES( '".$nome."','".$idcategoria."','".$data."' )");
|
|
|
|
$id_record = $dbo->last_inserted_id();
|
|
|
|
$rs = $dbo->query('INSERT INTO `zz_files`( nome, filename, id_module, id_record ) VALUES( "'.$nome_allegato.'", "'.$dst_file.'", "'.Modules::get('Gestione documentale')['id'].'", "'.$id_record.'" )');
|
|
|
|
array_push($_SESSION['infos'], 'File caricato correttamente!');
|
|
} else {
|
|
array_push($_SESSION['errors'], 'Errore durante il caricamento del file!');
|
|
header('Location: '.$rootdir.'/controller.php?id_module='.Modules::get('Gestione documentale')['id']);
|
|
exit;
|
|
}
|
|
}
|
|
break;
|
|
|
|
case 'update':
|
|
|
|
if ($permessi[$module_name] == 'rw') {
|
|
//leggo tutti i valori passati dal POST e li salvo in un array
|
|
$html_post = [];
|
|
foreach ($_POST as $key => $value) {
|
|
$html_post[$key] = save($value);
|
|
}
|
|
|
|
if (isset($_POST['id_record'])) {
|
|
$query = 'UPDATE zz_documenti SET '.
|
|
'idcategoria="'.$html_post['idcategoria'].'",'.
|
|
'nome="'.$html_post['nome'].'",'.
|
|
'data="'.saveDate($html_post['data']).'"'.
|
|
"WHERE id = '$id_record' ".$additional_where['Gestione documenti'];
|
|
|
|
$rs = $dbo->query($query);
|
|
|
|
array_push($_SESSION['infos'], "Informazioni per la scheda ''".$html_post['id']."'' salvate correttamente!");
|
|
}
|
|
}
|
|
|
|
break;
|
|
|
|
case 'delete':
|
|
if ($permessi[$module_name] == 'rw') {
|
|
$rs = $dbo->fetchArray('SELECT id FROM zz_files WHERE externalid = "'.$id_record."\" AND module = '".$module_name."' ");
|
|
$n = sizeof($rs);
|
|
|
|
//Per tutte le sessioni di lavoro trovate
|
|
for ($i = 0; $i < $n; ++$i) {
|
|
//Elimino fisicamente il file...
|
|
$rs2 = $dbo->fetchArray('SELECT filename FROM zz_files WHERE id = "'.$rs[$i]['id'].'" ');
|
|
unlink($docroot.'/files/'.strtolower($module_name).'/'.$rs2[0]['filename']);
|
|
}
|
|
|
|
//...e da db
|
|
$dbo->query('DELETE FROM zz_files WHERE externalid = "'.$id_record."\" AND module = '".$module_name."' ");
|
|
$dbo->query('DELETE FROM zz_documenti WHERE id = "'.$id_record.'" ');
|
|
|
|
array_push($_SESSION['infos'], 'Scheda e relativi files eliminati!');
|
|
}
|
|
|
|
break;
|
|
}
|