1 | <?php
2 | {
3 | ini_set("display_errors", "On");
4 | ini_set("mysql.trace_mode", "On");
5 |
6 | if (empty($_GET["fMode"]))
7 | {
8 | $_GET["fMode"]="view";
9 | $sign=strpos($_SERVER['REQUEST_URI'], "?")==false ? "?" : "&";
10 | $_SERVER['REQUEST_URI']=$_SERVER['REQUEST_URI'] . $sign . "fMode=view";
11 | }
12 |
13 | if (empty($_GET["fRunID"]))
14 | $_GET["fRunID"]="all";
15 |
16 | if (empty($_GET["fSequenceID"]))
17 | $_GET["fSequenceID"]="all";
18 |
19 | if (empty($_GET["fTable"]))
20 | {
21 | $_GET["fTable"]="RunComments";
22 | // $_GET["fTable"]="SequenceComments";
23 | $sign=strpos($_SERVER['REQUEST_URI'], "?")==false ? "?" : "&";
24 | $_SERVER['REQUEST_URI']=$_SERVER['REQUEST_URI'] . $sign . "fTable=RunComments";
25 | }
26 |
27 | if (empty($_GET["fNight"]))
28 | $_GET["fNight"]=date("Ymd", time()-(12*60*60));
29 |
30 | if (strcmp($_GET["fMode"], "tooltip")!=0)
31 | echo (file_get_contents("index-header.html"));
32 |
33 |
34 | //
35 | // insert/update part
36 | //
37 | include ("ldap_include.php");
38 | if (strcmp($_GET["fMode"], "insert")==0 || strcmp($_GET["fMode"], "update")==0)
39 | {
40 | if (!isset($_SERVER['PHP_AUTH_USER']))
41 | {
42 | header('WWW-Authenticate: Basic realm="Edit Run Comments"');
43 | header('HTTP/1.0 401 Unauthorized');
44 | return;
45 | }
46 | else
47 | {
48 | //echo "The password is not yet evaluated, but the username is inserted into the DB.<br>";
49 | if (!CheckUsernameAndPassword($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'], GetLDAPOptions()))
50 | return;
51 | }
52 | if (!empty($_GET["fComment"]))
53 | {
54 | include("db2.php");
55 | $db_id = mysql_pconnect($host, $user, $pw);
56 | if ($db_id==FALSE)
57 | {
58 | printf("mysql_connect returned the following error: %s\n", mysql_error());
59 | die("");
60 | }
61 | mysql_select_db($db);
62 | //for insert
63 | if (strcmp($_GET["fMode"], "insert")==0)
64 | $query0 = "INSERT " . $_GET["fTable"] . " SET ";
65 | //for update
66 | if (strcmp($_GET["fMode"], "update")==0)
67 | $query0 = "UPDATE " . $_GET["fTable"] . " SET ";
68 | //for both
69 | $query0.= " fComment='".str_replace("'", "\'", $_GET["fComment"])."'";
70 | $query0.= ", fUser='".$_SERVER['PHP_AUTH_USER']."'";
71 | //for insert
72 | if (strcmp($_GET["fMode"], "insert")==0)
73 | {
74 | $query0.=", fNight=".$_GET["fNight"];
75 | if (strcmp($_GET["fTable"], "RunComments")==0)
76 | $query0.= ", fRunID=".$_GET["fRunID"];
77 | if (strcmp($_GET["fTable"], "SequenceComments")==0)
78 | $query0.= ", fSequenceID=".$_GET["fSequenceID"];
79 | }
80 | //for update
81 | if (strcmp($_GET["fMode"], "update")==0)
82 | {
83 | $query2="SELECT fCommentKEY FROM " . $_GET["fTable"];
84 | $query2.=" WHERE fNight=".$_GET["fNight"];
85 | if (strcmp($_GET["fTable"], "RunComments")==0)
86 | $query2.=" AND fRunID=".$_GET["fRunID"];
87 | if (strcmp($_GET["fTable"], "SequenceComments")==0)
88 | $query2.=" AND fSequenceID=".$_GET["fSequenceID"];
89 | $query2.=" AND fComment='".str_replace("'", "\'", $_GET["fOldComment"])."'";
90 | $result2=mysql_query($query2, $db_id);
91 | $row2 = mysql_fetch_row($result2);
92 | $commentkey=$row2[0];
93 | mysql_free_result($result2);
94 | $query0.=" WHERE fCommentKEY=".$commentkey;
95 | }
96 | //echo "insert query: " . $query0 . "<br>";
97 | $result0=mysql_query($query0, $db_id);
98 | mysql_close($db_id);
99 | }
100 | }
101 |
102 |
103 |
104 | //
105 | // display part
106 | //
107 | include("db.php");
108 | if (strcmp($_GET["fMode"], "tooltip")!=0)
109 | {
110 | //mode
111 | printf("With this page, you can \n");
112 | //view mode
113 | if (strcmp($_GET["fMode"], "view")==0)
114 | printf("<b>view</b>,\n");
115 | else
116 | printf("<a href='%s'>view</a>,\n", str_replace($_GET["fMode"], 'view', $_SERVER['REQUEST_URI']));
117 | //update mode
118 | if (strcmp($_GET["fMode"], "update")==0)
119 | printf("<b>update</b> and\n");
120 | else
121 | printf("<a href='%s'>update</a> and \n", str_replace($_GET["fMode"], 'update', $_SERVER['REQUEST_URI']));
122 | //insert mode
123 | if (strcmp($_GET["fMode"], "insert")==0)
124 | printf("<b>insert</b>\n");
125 | else
126 | printf("<a href='%s'>insert</a> \n", str_replace($_GET["fMode"], 'insert', $_SERVER['REQUEST_URI']));
127 |
128 | //table
129 | printf("entries in the tables <b>%s</b> \n", $_GET["fTable"]);
130 | if (strcmp($_GET["fTable"], "RunComments")==0)
131 | printf(" and <a href='%s'>SequenceComments</a> \n", str_replace($_GET["fTable"], 'SequenceComments', $_SERVER['REQUEST_URI']));
132 | else
133 | printf(" and <a href='%s'>RunComments</a> \n", str_replace($_GET["fTable"], 'RunComments', $_SERVER['REQUEST_URI']));
134 | //database
135 | printf("from the DB %s.<br><br>\n", $db);
136 |
137 | //insert field for run/sequence number
138 | printf("<form action=\"run_comment.php\" METHOD=\"GET\">\n");
139 | if (strcmp($_GET["fTable"], "RunComments")==0)
140 | {
141 | printf("Run# (YYYYMMDD_FFF) <input title='Enter here Night in the format YYYYMMDD or \"all\" to query all comments.' name=\"fNight\" type=\"text\" size=\"8\" maxlength=\"8\" value=\"%s\">\n", $_GET["fNight"]);
142 | printf("_ <input title='Enter here RunID in the format FFF or \"all\" (only viewing mode) to query all comments of one night.' name=\"fRunID\" type=\"text\" size=\"3\" maxlength=\"3\" value=\"%s\">\n", $_GET["fRunID"]);
143 | }
144 | if (strcmp($_GET["fTable"], "SequenceComments")==0)
145 | {
146 | printf("Sequence# (YYYYMMDD_FFF) <input title='Enter here Night in the format YYYYMMDD or \"all\" to query all comments.' name=\"fNight\" type=\"text\" size=\"8\" maxlength=\"8\" value=\"%s\">\n", $_GET["fNight"]);
147 | printf("_ <input title='Enter here SequenceID in the format FFF or \"all\" (only viewing mode) to query all comments of one night.' name=\"fSequenceID\" type=\"text\" size=\"3\" maxlength=\"3\" value=\"%s\">\n", $_GET["fSequenceID"]);
148 | }
149 | printf("<input type='hidden' name='fMode' value='%s'>", $_GET["fMode"]);
150 | printf("<input type='hidden' name='fTable' value='%s'>", $_GET["fTable"]);
151 | printf("<input type='submit' value='Get Comments'><br><br>\n");
152 | printf("</form>\n");
153 | }
154 |
155 | if (!(preg_match("/20[0-9][0-9][01][0-9][0-3][0-9]/",$_GET["fNight"])
156 | || (preg_match("/all/",$_GET["fNight"]) && strcmp($_GET["fMode"], "view")==0)))
157 | {
158 | printf("-%s-<br>", $_GET["fMode"]);
159 | printf("Please enter a valid number for the Night (format: YYYYMMDD).");
160 | return;
161 | }
162 |
163 | if (strcmp($_GET["fTable"], "RunComments")==0 &&
164 | (!(preg_match("/[0-9][0-9][0-9]/",$_GET["fRunID"])
165 | || (preg_match("/all/",$_GET["fRunID"]) && strcmp($_GET["fMode"], "view")==0))))
166 | {
167 | printf("Please enter a valid number for the RunID (format: FFF, e.g. 001).");
168 | return;
169 | }
170 |
171 | if (strcmp($_GET["fTable"], "SequenceComments")==0 &&
172 | (!(preg_match("/[0-9][0-9][0-9]/",$_GET["fSequenceID"])
173 | || (preg_match("/all/",$_GET["fSequenceID"]) && strcmp($_GET["fMode"], "view")==0))))
174 | {
175 | printf("Please enter a valid number for the SequenceID (format: FFF, e.g. 001).");
176 | return;
177 | }
178 |
179 | $db_id = mysql_pconnect($host, $user, $pw);
180 | if ($db_id==FALSE)
181 | {
182 | printf("mysql_connect returned the following error: %s\n", mysql_error());
183 | die("");
184 | }
185 | mysql_select_db($db);
186 |
187 | if (strcmp($_GET["fTable"], "RunComments")==0)
188 | $query1 = "SELECT CONCAT(fNight,'_', LPAD(fRunID, 3, 0))";
189 | if (strcmp($_GET["fTable"], "SequenceComments")==0)
190 | $query1 = "SELECT CONCAT(fNight,'_', LPAD(fSequenceID, 3, 0))";
191 | $query1 .= ", fComment FROM " . $_GET["fTable"] . " ";
192 |
193 | if (strcmp($_GET["fNight"], "all")!=0)
194 | {
195 | $query1 .= "WHERE fNight=".$_GET["fNight"];
196 | if (strcmp($_GET["fTable"], "RunComments")==0)
197 | if (strcmp($_GET["fRunID"], "all")!=0)
198 | $query1 .=" AND fRunID=".$_GET["fRunID"];
199 | if (strcmp($_GET["fTable"], "SequenceComments")==0)
200 | if (strcmp($_GET["fSequenceID"], "all")!=0)
201 | $query1 .=" AND fSequenceID=".$_GET["fSequenceID"];
202 | }
203 | if (strcmp($_GET["fTable"], "RunComments")==0)
204 | $query1 .= " ORDER BY fNight, fRunID, fCommentKEY ";
205 | if (strcmp($_GET["fTable"], "SequenceComments")==0)
206 | $query1 .= " ORDER BY fNight, fSequenceID, fCommentKEY ";
207 |
208 | //printf("Query: %s <br>\n\n", $query1);
209 | $result1=mysql_query($query1, $db_id);
210 | printf("Found %d comment(s).\n\n", mysql_num_rows($result1));
211 | if (strcmp($_GET["fMode"], "tooltip")!=0)
212 | {
213 | printf("<br>\n");
214 | printf("<table BORDER='0' style='margin-top:1ex'>");
215 | $col = FALSE;
216 | printf("<tr BGCOLOR='#C0C0C0'><td>Run#</td><td>Comment</td></tr>");
217 | }
218 | while ($row1 = mysql_fetch_row($result1))
219 | {
220 | if (strcmp($_GET["fMode"], "tooltip")!=0)
221 | {
222 | if (!$col)
223 | printf("<tr BGCOLOR='#E0E0E0'>\n");
224 | else
225 | printf("<tr BGCOLOR='#D0D0D0'>\n");
226 | $col = !$col;
227 |
228 | if (strcmp($_GET["fMode"], "update")==0)
229 | printf("<form style='display:inline' action=\"run_comment.php\" METHOD=\"GET\">\n");
230 | printf("<td>\n%s\n</td>\n", $row1[0]);
231 | if (strcmp($_GET["fMode"], "update")==0)
232 | {
233 | printf("<td>\n");
234 | printf("<input type='text' size='50' maxlength='255' name='fComment' value='%s'>\n", htmlspecialchars($row1[1],ENT_QUOTES));
235 | printf("<input type='hidden' name='fOldComment' value='%s'>\n", htmlspecialchars($row1[1],ENT_QUOTES));
236 | printf("<input type='hidden' name='fMode' value='%s'>\n", $_GET["fMode"]);
237 | printf("<input type='hidden' name='fNight' value='%s'>\n", $_GET["fNight"]);
238 | printf("<input type='hidden' name='fRunID' value='%s'>\n", $_GET["fRunID"]);
239 | printf("<input type='hidden' name='fSequenceID' value='%s'>\n", $_GET["fSequenceID"]);
240 | printf("<input type='hidden' name='fTable' value='%s'>\n", $_GET["fTable"]);
241 | printf("<input type='submit' value='Update Comment'>\n");
242 | printf("</td>\n");
243 | printf("</form>\n");
244 | }
245 | else
246 | printf("<td>\n%s\n</td>\n", $row1[1]);
247 | printf("</tr>\n");
248 | }
249 | else
250 | {
251 | if (strcmp($_GET["fTable"], "RunComments")==0)
252 | printf("%s_%s: %s\n", $_GET["fNight"], $_GET["fRunID"], $row1[1]);
253 | if (strcmp($_GET["fTable"], "SequenceComments")==0)
254 | printf("%s_%s: %s\n", $_GET["fNight"], $_GET["fSequenceID"], $row1[1]);
255 | }
256 | }
257 | //insert mode
258 | if (strcmp($_GET["fMode"], "insert")==0)
259 | {
260 | printf("<tr BGCOLOR='#C0C0C0'>");
261 | if (strcmp($_GET["fTable"], "RunComments")==0)
262 | printf("<td>%s_%s</td>\n", $_GET["fNight"], $_GET["fRunID"]);
263 | if (strcmp($_GET["fTable"], "SequenceComments")==0)
264 | printf("<td>%s_%s</td>\n", $_GET["fNight"], $_GET["fSequenceID"]);
265 | printf("<td>\n");
266 | printf("<form style='display:inline' action=\"run_comment.php\" METHOD=\"GET\">\n");
267 | printf("<input type='text' size='50' maxlength='255' name='fComment'>\n");
268 | printf("<input type='hidden' name='fMode' value='%s'>\n", $_GET["fMode"]);
269 | printf("<input type='hidden' name='fNight' value='%s'>\n", $_GET["fNight"]);
270 | printf("<input type='hidden' name='fRunID' value='%s'>\n", $_GET["fRunID"]);
271 | printf("<input type='hidden' name='fSequenceID' value='%s'>\n", $_GET["fSequenceID"]);
272 | printf("<input type='hidden' name='fTable' value='%s'>\n", $_GET["fTable"]);
273 | printf("<input type='submit' value='Insert Comment'>\n");
274 | printf("</form>\n");
275 | printf("</td>\n");
276 | printf("</tr>\n");
277 | }
278 | if (strcmp($_GET["fMode"], "tooltip")!=0)
279 | printf("</table>");
280 |
281 | if (strcmp($_GET["fMode"], "update")==0)
282 | printf("Remark: You can update only one comment at once.");
283 |
284 | mysql_free_result($result1);
285 | mysql_close($db_id);
286 |
287 | if (strcmp($_GET["fMode"], "tooltip")!=0)
288 | echo (file_get_contents("index-footer.html"));
289 |
290 | ini_set("display_errors", "Off");
291 | ini_set("mysql.trace_mode", "Off");
292 | }
293 | ?>