#include <infocon.style>
#include "hwdb.inc"

<page func=InfoCon title="Hardware Database">

<?
<dbconnect>

function db_select($dbh, $table, $fields, $where) {
   $query = sprintf("SELECT %s FROM %s", implode(',', $fields), $table);
   if ($where && strlen($where))
     $query .= " WHERE " . $where;

   $sth = pg_exec ($dbh, $query) or die_query("Cannot issue query!", $query);

   if (pg_NumRows ($sth) > 0) {
     $row = pg_fetch_array ($sth, 0);
     return $row;
   } else {
     return false;
   }
}

  if ($_POST[formtype] == "organisation") {
      if ($_POST[id]) {
	$query = sprintf ("UPDATE organisation SET name='%s',address='%s',email='%s',phone='%s',comment='%s' "
			 ."WHERE id = %d",
			 addslashes ($_POST[name]),
			 addslashes ($_POST[address]),
			 addslashes ($_POST[email]),
			 addslashes ($_POST[phone]),
			 addslashes ($_POST[comment]),
			 $_POST[id]);
      } else {
	$query = sprintf ("INSERT INTO organisation (name,address,email,phone,comment) "
			 ."VALUES ('%s','%s','%s','%s','%s')",
			 addslashes ($_POST[name]),
			 addslashes ($_POST[address]),
			 addslashes ($_POST[email]),
			 addslashes ($_POST[phone]),
			 addslashes ($_POST[comment]));
      }
      $sth = pg_exec ($dbh, $query) or die_query("Cannot update the database!", $query);
  } elseif ($_POST[formtype] == "compound") {
      if ($_POST[id]) {
	$query = sprintf ("UPDATE compound SET name='%s',hostname='%s',ip='%s',ident='%s',"
			 ."location=%d,status='%s',comment='%s' "
			 ."WHERE id = %d",
			 addslashes ($_POST[name]),
			 addslashes ($_POST[hostname]),
			 addslashes ($_POST[ip]),
			 addslashes ($_POST[ident]),
			 $_POST[location],
			 addslashes ($_POST[status]),
			 addslashes ($_POST[comment]),
			 $_POST[id]);
      } else {
	$query = sprintf ("INSERT INTO compound (name,hostname,ip,ident,location,status,comment) "
			 ."VALUES ('%s','%s','%s','%s',%d,'%s','%s')",
			 addslashes ($_POST[name]),
			 addslashes ($_POST[hostname]),
			 addslashes ($_POST[ip]),
			 addslashes ($_POST[ident]),
			 $_POST[location],
			 addslashes ($_POST[status]),
			 addslashes ($_POST[comment]));
      }
      $sth = pg_exec ($dbh, $query) or die_query("Cannot update the database!", $query);
  } elseif ($_POST[formtype] == "component") {
      pg_exec($dbh, "BEGIN TRANSACTION") or die ("Could not start transaction.");
      if (isset($_POST[endtime]) && strlen($_POST[endtime])) {
        $endtime = "'".addslashes($_POST[endtime])."'";
      } else {
        if ($_POST['status'] == 'defunct') {
	  $endtime = 'now()';
	} else {
	  $endtime = 'NULL';
	}
      }
      if ($_POST[price] == '')
	$_POST[price] = "0.0";

      if ($_POST[id]) {
        $id = $_POST[id];
	$query = sprintf ("UPDATE component SET name='%s',serno='%s',endtime=%s,"
			 ."owner=%d,hwtype=%d,price=%s,status='%s',comment='%s' "
			 ."WHERE id = %d",
			 addslashes ($_POST[name]),
			 addslashes ($_POST[serno]),
			 $endtime,
			 $_POST[owner],
			 $_POST[hwtype],
			 addslashes ($_POST[price]),
			 addslashes ($_POST[status]),
			 addslashes ($_POST[comment]),
			 $id);
        $sth = pg_exec ($dbh, $query) or die_query("Cannot update the database!", $query);

      } else {
        if (!isset($_POST[starttime]) || !strlen($_POST[starttime])) {
	  $starttime = 'now()';
	} else {
	  $starttime = $_POST[starttime];
	}
	$query = sprintf ("INSERT INTO component (name,serno,starttime,endtime,owner,hwtype,price,status,comment) "
			 ."VALUES ('%s','%s','%s',%s,%d,%d,%s,'%s','%s')",
			 addslashes ($_POST[name]),
			 addslashes ($_POST[serno]),
			 addslashes ($starttime),
			 $endtime,
			 $_POST[owner],
			 $_POST[hwtype],
			 addslashes ($_POST[price]),
			 addslashes ($_POST[status]),
			 addslashes ($_POST[comment]));
        $sth = pg_exec ($dbh, $query) or die_query("Cannot update the database!", $query);
	if ($_POST[compound] != 0) {
	  $info = db_select($dbh, 'component', array('id'), sprintf("oid = %d", pg_getlastoid ($sth)));
	  if ($info)
	    $id = $info['id'];
	  else
	    $id = 0;
	}
      }

      # Find the last active component
      $screw = db_select($dbh, 'screw', array('oid','compound','usage'),
			 sprintf("component = %d AND endtime is NULL "
				 ."ORDER BY starttime DESC LIMIT 1", $id));
      if ($screw === false) {
	if ($_POST['compound'] != 0) {
	  if (isset($_POST['starttime']) && strlen($_POST['starttime']))
	    $starttime = "'".addslashes($_POST['starttime'])."'";
	  else
	    $starttime = 'now()';
	  if (isset($_POST['endime']) && strlen($_POST['endtime']))
	    $endtime = "'".addslashes($_POST['endtime'])."'";
	  else
	    $endtime = 'NULL';

	  $query = sprintf ("INSERT INTO screw (component,compound,usage,starttime,endtime) "
			    ."VALUES (%d,%d,'%s',%s,%s)",
			    $id,
			    $_POST['compound'],
			    addslashes ($_POST['usage']),
			    $starttime, $endtime);
	  $sth = pg_exec ($dbh, $query) or die_query("Cannot insert component history!", $query);
	}
      } else {
	if ($_POST['compound'] == 0) {
	  $query = sprintf ("UPDATE screw SET endtime = now() WHERE oid = %d", $screw['oid']);
	  $sth = pg_exec ($dbh, $query) or die_query("Cannot update component history!", $query);
	} elseif (($_POST['compound'] != 0 && $screw['compound'] != $_POST['compound']) ||
		  (strlen($_POST['usage']) && $screw['usage'] != $_POST['usage'])) {
	  if (!isset($_POST['endtime']) || $_POST['endtime'] == '') {
	    if (isset($_POST['starttime']) && strlen($_POST['starttime']))
	      $endtime = "'".addslashes($_POST['starttime'])."'";
	    else
	      $endtime = 'now()';
	  } else {
	    $endtime = "'".addslashes($_POST[endtime])."'";
	  }

	  $query = sprintf ("UPDATE screw SET endtime = %s WHERE oid = %d", $endtime, $screw['oid']);
	  $sth = pg_exec ($dbh, $query) or die_query("Cannot update component history!", $query);

	  $query = sprintf ("INSERT INTO screw (component,compound,usage,starttime) "
			    ."VALUES (%d,%d,'%s',%s)",
			    $id,
			    $_POST[compound],
			    addslashes ($_POST[usage]),
			    $endtime);
	  $sth = pg_exec ($dbh, $query) or die_query("Cannot update component history!", $query);

	} elseif ($screw['compound'] === $_POST['compound'] &&
		  $screw['usage'] === $_POST['usage'] &&
		  (strlen($_POST['starttime']) || strlen($_POST['endtime']))) {
	  if (isset($_POST['starttime']) && strlen($_POST['starttime']))
	    $starttime = "'".addslashes($_POST['starttime'])."'";
	  else
	    $starttime = 'NULL';
	  if (isset($_POST['endime']) && strlen($_POST['endtime']))
	    $endtime = "'".addslashes($_POST['endtime'])."'";
	  else
	    $endtime = 'NULL';

	  $query = sprintf ("UPDATE screw SET starttime=%s,endtime=%s WHERE oid = %d",
			    $starttime, $endtime, $screw['oid']);
	  $sth = pg_exec ($dbh, $query) or die_query("Cannot update component history!", $query);
	}

      }

      pg_exec($dbh, "COMMIT") or die ("Could not finish transaction.");
  } elseif ($_POST[formtype] == "type") {
      if ($_POST[id]) {
	$query = sprintf ("UPDATE types SET name='%s' WHERE id = %d",
			 addslashes ($_POST[name]),
			 $_POST[id]);
      } else {
	$query = sprintf ("INSERT INTO types (name) VALUES ('%s')",
			 addslashes ($_POST[name]));
      }
      $sth = pg_exec ($dbh, $query) or die_query("Cannot update the database!", $query);
  }

  if ($error == "") {
    echo "<h3>Successfully updated.</h3>";
  } else {
    printf ("<h3>Not successfully updated.</h3>\n%s", $error);
  }
?>

</page>

# Local variables:
# mode: text
# mode: auto-fill
# end: