dialup_admin/htdocs/accounting.php3

   1 <?php
   2
   3 require('../conf/config.php3');
   4 require('../lib/functions.php3');
   5 require('../lib/sql/functions.php3');
   6 require('../lib/acctshow.php3');
   7
   8 if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php3"))
   9         include_once("../lib/sql/drivers/$config[sql_type]/functions.php3");
  10 else{
  11         echo <<<EOM
  12 <html>
  13 <head>
  14 <title>Accounting Report Generator</title>
  15 <meta http-equiv="Content-Type" content="text/html; charset=$config[general_charset]">
  16 <link rel="stylesheet" href="style.css">
  17 </head>
  18 <body>
  19 <center>
  20 <b>Could not include SQL library functions. Aborting</b>
  21 </body>
  22 </html>
  23 EOM;
  24         exit();
  25 }
  26
  27 $operators=array( '=','<', '>', '<=', '>=', 'regexp', 'like' );
  28 if ($config[sql_type] == 'pg'){
  29         $operators=array( '=','<', '>', '<=', '>=', '~', 'like', '~*', '~~*', '<<=' );
  30 }
  31
  32 $link = @da_sql_pconnect ($config) or die('cannot connect to sql databse');
  33 $fields = @da_sql_list_fields($config[sql_accounting_table],$link,$config);
  34 $no_fields = @da_sql_num_fields($fields,$config);
  35
  36 unset($items);
  37
  38 for($i=0;$i<$no_fields;$i++){
  39         $key = strtolower(@da_sql_field_name($fields,$i,$config));
  40         $val = $sql_attrs[$key][desc];
  41         if ($val == '')
  42                 continue;
  43         $show = $sql_attrs[$key][show];
  44         $selected[$key] = ($show == 'yes') ? 'selected' : '';
  45         $items[$key] = "$val";
  46 }
  47 asort($items);
  48
  49 class Qi {
  50         var $name;
  51         var $item;
  52         var $_item;
  53         var $operator;
  54         var $type;
  55         var $typestr;
  56         var $value;
  57         function Qi($name,$item,$operator) {
  58                                 $this->name=$name;
  59                                 $this->item=$item;
  60                                 $this->operator=$operator;
  61         }
  62
  63         function show() {       global $operators;
  64                                 global $items;
  65                 $nam = $this->item;
  66                         echo <<<EOM
  67         <tr><td align=left>
  68         <i>$items[$nam]</i>
  69         <input type=hidden name="item_of_$this->name" value="$this->item">
  70         </td><td align=left>
  71         <select name=operator_of_$this->name>
  72 EOM;
  73                 foreach($operators as $operator){
  74                         if($this->operator == $operator)
  75                                 $selected=" selected ";
  76                         else
  77                                 $selected='';
  78                         print("<option value=\"$operator\" $selected>$operator</option>\n");
  79                  }
  80         echo <<<EOM
  81         </select>
  82         </td><td align=left>
  83         <input name="value_of_$this->name" type=text value="$this->value">
  84         </td><td align=left>
  85         <input type=hidden name="delete_$this->name" value=0>
  86         <input type=submit class=button size=5 value=del onclick="this.form.delete_$this->name.value=1">
  87         </td></tr>
  88 EOM;
  89         }
  90
  91         function get($designator) {     global ${"item_of_$designator"};
  92                         global ${"value_of_$designator"};
  93                         global ${"operator_of_$designator"};
  94                         if(${"item_of_$designator"}){
  95                                 $this->value= ${"value_of_$designator"};
  96                                 $this->operator=${"operator_of_$designator"};
  97                                 $this->item=${"item_of_$designator"};
  98                         }
  99                 }
 100         function query(){
 101                 global $operators;
 102                 global $items;
 103                 return $items[$this->item]."  $this->operator  '$this->value'";
 104         }
 105 }
 106
 107 ?>
 108 <html>
 109 <head>
 110 <title>Accounting Report Generator</title>
 111 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $config[general_charset]?>">
 112 <link rel="stylesheet" href="style.css">
 113 </head>
 114 <body>
 115
 116 <?php
 117 if(!$queryflag) {
 118         echo <<<EOM
 119 <form method=post>
 120 <table border=0 width=740 cellpadding=1 cellspacing=1>
 121 <tr>
 122 <td>
 123 <b>Show the following attributes:</b><br>
 124 <select name="accounting_show_attrs[]" size=5 multiple>
 125 EOM;
 126 foreach($items as $key => $val)
 127         echo <<<EOM
 128 <option $selected[$key] value="$key">$val</option>
 129 EOM;
 130
 131 echo <<<EOM
 132 </select>
 133 <br><br>
 134 <b>Order by:</b><br>
 135 <select name="order_by">
 136 EOM;
 137
 138 foreach($items as $key => $val)
 139         if ($val == 'username')
 140                 echo <<<EOM
 141         <option selected value="$key">$val</option>
 142 EOM;
 143         else
 144         echo <<<EOM
 145 <option value="$key">$val</option>
 146 EOM;
 147
 148 echo <<<EOM
 149 </select>
 150 <br><br>
 151 <b>Max results returned:</b><br>
 152 <input name=maxresults value=$config[sql_row_limit] size=5>
 153 </td>
 154 <td valign=top>
 155 <input type=hidden name=add value=0>
 156 <table border=0 width=340 cellpadding=1 cellspacing=1>
 157 <tr><td>
 158 <b>Selection criteria:</b>
 159 </td></tr>
 160 <tr><td>
 161 <select name=item_name onchange="this.form.add.value=1;this.form.submit()">
 162 <option>--Attribute--</option>
 163 EOM;
 164
 165 foreach($items as $key => $val)
 166         print("<option value=\"$key\">$val</option>");
 167
 168 echo <<<EOM
 169 </select>
 170 </td></tr>
 171 EOM;
 172
 173 $number=1;
 174 $offset=0;
 175 while (${"item_of_w$number"}) {
 176         if(${"delete_w$number"}==1) {$offset=1;$number++;}
 177                 else {
 178                 $designator=$number-$offset;
 179                 ${"w$designator"} = new Qi("w$designator","","");
 180                 ${"w$designator"}->get("w$number");
 181                 ${"w$designator"}->show();
 182                 $number++;
 183                 }
 184         }
 185 if($add==1) {
 186         ${"w$number"} = new Qi("w$number","$item_name","$operators[0]");
 187         ${"w$number"}->show();
 188         }
 189 echo <<<EOM
 190 </table>
 191 </td>
 192 <tr>
 193 <td>
 194 <input type=hidden name=queryflag value=0>
 195 <br><input type=submit class=button onclick="this.form.queryflag.value=1">
 196 </td>
 197 </tr>
 198 </table>
 199 </form>
 200 </body>
 201 </html>
 202 EOM;
 203
 204 }
 205
 206 if ($queryflag == 1){
 207 $i = 1;
 208 while (${"item_of_w$i"}){
 209         $op_found = 0;
 210         foreach ($operators as $operator){
 211                 if (${"operator_of_w$i"} == $operator){
 212                         $op_found = 1;
 213                         break;
 214                 }
 215         }
 216         if (!$op_found)
 217                 die("Operator passed is not valid. Exiting abnormaly.");
 218         ${"item_of_w$i"} = preg_replace('/\s/','',${"item_of_w$i"});
 219         ${"value_of_w$i"} = da_sql_escape_string(${"value_of_w$i"});
 220         $where .= ($i == 1) ? ' WHERE ' . ${"item_of_w$i"} . ' ' . ${"operator_of_w$i"} . " '" . ${"value_of_w$i"} . "'" :
 221                                 ' AND ' . ${"item_of_w$i"} . ' ' . ${"operator_of_w$i"} . " '" . ${"value_of_w$i"} . "'" ;
 222         $i++;
 223 }
 224
 225 $order = ($order_by != '') ? "$order_by" : 'username';
 226
 227 if (preg_match("/[\s;]/",$order))
 228         die("ORDER BY pattern is illegal. Exiting abnornally.");
 229
 230 if (!is_numeric($maxresults))
 231         die("Max Results is not in numeric form. Exiting abnormally.");
 232
 233 unset($query_view);
 234 foreach ($accounting_show_attrs as $val)
 235         $query_view .= $val . ',';
 236 $query_view = ereg_replace(',$','',$query_view);
 237 unset($sql_extra_query);
 238 if ($config[sql_accounting_extra_query] != '')
 239         $sql_extra_query = xlat($config[sql_accounting_extra_query],$login,$config);
 240         $sql_extra_query = da_sql_escape_string($sql_extra_query);
 241 $query="SELECT da_sql_limit($maxresults,0,$config) $query_view FROM $config[sql_accounting_table]
 242         $where $sql_extra_query da_sql_limit($maxresults,1,$config)
 243         ORDER BY $order da_sql_limit($maxresults,2,$config);";
 244
 245 echo <<<EOM
 246 <html>
 247 <head>
 248 <link rel="stylesheet" href="style.css">
 249 </head>
 250 <body>
 251 <br>
 252 <table border=0 width=940 cellpadding=1 cellspacing=1>
 253 <tr valign=top>
 254 <td width=740></td>
 255 <td bgcolor="black" width=200>
 256         <table border=0 width=100% cellpadding=2 cellspacing=0>
 257         <tr bgcolor="#907030" align=right valign=top><th>
 258         <font color="white">Accounting Report Generator</font>&nbsp;
 259         </th></tr>
 260         </table>
 261 </td></tr>
 262 <tr bgcolor="black" valign=top><td colspan=2>
 263         <table border=0 width=100% cellpadding=12 cellspacing=0 bgcolor="#ffffd0" valign=top>
 264         <tr><td>
 265 <p>
 266         <table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top>
 267         <tr bgcolor="#d0ddb0">
 268         </tr>
 269 EOM;
 270 foreach($accounting_show_attrs as $val){
 271         $desc = $sql_attrs[$val][desc];
 272         echo "<th>$desc</th>\n";
 273 }
 274 echo "</tr>\n";
 275
 276         $search = @da_sql_query($link,$config,$query);
 277         if ($search){
 278                 while( $row = @da_sql_fetch_array($search,$config) ){
 279                         $num++;
 280                         echo "<tr align=center>\n";
 281                         foreach($accounting_show_attrs as $val){
 282                                 $info = $row[$val];
 283                                 if ($info == '')
 284                                         $info = '-';
 285                                 $info = $sql_attrs[$val][func]($info);
 286                                 if ($val == 'username'){
 287                                         $Info = urlencode($info);
 288                                         $info = "<a href=\"user_admin.php3?login=$Info\" title=\"Edit user $info\">$info<a/>";
 289                                 }
 290                                 echo <<<EOM
 291                         <td>$info</td>
 292 EOM;
 293                         }
 294                         echo "</tr>\n";
 295                 }
 296         }
 297         else
 298                 echo "<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
 299 echo <<<EOM
 300         </table>
 301         </td></tr>
 302         </table>
 303 </td></tr>
 304 </table>
 305 </body>
 306 </html>
 307 EOM;
 308 }
 309 ?>