File: /home/mckernan/public_html/iJournal/includes/file/open.php
<?php
// open client
// init database name
$database = DB_PREFIX;
// process request
if ($sid != '')
{
// sid check
require "includes/session/sidck.php";
// init return value
$rv = '<root>' . PHP_EOL;
$rv .= '<openclient>' . PHP_EOL;
// fetch userid / workstation id
$userid = 0;
$ws = 0;
$query = "SELECT ses_ws FROM sessions WHERE ses_id = '". $sid . "'";
if ($result = $sysdb->query($query))
{
$row = $result->fetch_assoc();
$ws = $row['ses_ws'];
$query = "SELECT use_user FROM user_sessions WHERE use_session = '" . $sid . "'";
if ($result = $sysdb->query($query))
{
$row = $result->fetch_assoc();
$userid = $row['use_user'];
}
else
{
die();
}
}
else
{
die();
}
// fetch cliend id
$cid = 0;
if ( isset($_POST['cid']) ) $cid = intval($_POST['cid']);
if ( isset($_GET['cid']) ) $cid = intval($_GET['cid']);
if ($cid == 0) die();
// check client open status
$isopen = 0;
$query = "SELECT cln_openby FROM clients WHERE cln_id = " . $cid;
if ($result = $sysdb->query($query))
{
$row = $result->fetch_assoc();
$isopen = $row['cln_openby'];
}
else
{
die();
}
// flag client as opened
$query = "UPDATE clients set cln_open = NOW(), cln_openby = " . $userid . ", cln_openinstall = " . $ws . " WHERE cln_id = " . $cid . " AND cln_openby = 0";
if ($result = $sysdb->query($query))
{
if ($sysdb->affected_rows <= 1)
{
// fetch client database name
$query = "SELECT cln_id, cln_sort, cln_dbname FROM clients WHERE cln_id = " . $cid;
if ($result = $sysdb->query($query))
{
if ($sysdb->affected_rows > 0)
{
$row = $result->fetch_assoc();
$database .= $row['cln_dbname'];
$rv .= '<cid>' . $row['cln_id'] . '</cid>' . PHP_EOL;
$rv .= '<sort>' . $row['cln_sort'] . '</sort>' . PHP_EOL;
$rv .= '<dbname>' . $row['cln_dbname'] . '</dbname>' . PHP_EOL;
$rv .= '<isopen>' . $isopen . '</isopen>' . PHP_EOL;
// open db connection
require "includes/db.php";
// fetch client details
$query = "SELECT cli_fye, cli_freq, cli_type FROM client";
if ($result = $db->query($query))
{
if ($db->affected_rows == 1)
{
$row = $result->fetch_assoc();
$fye = $row['cli_fye'];
$freq = $row['cli_freq'];
$org = $row['cli_type'];
}
else
{
$fye = -1;
$freq = -1;
$org = '';
}
}
else
{
die();
}
// fetch current accounting year
$query = "SELECT yr_year FROM accounting_year ORDER BY yr_id DESC LIMIT 1";
if ($result = $db->query($query))
{
$row = $result->fetch_assoc();
$yr = $row['yr_year'];
}
else
{
$yr = '';
}
// fetch current period
$query = "SELECT per_id, per_per, per_statements, per_locked FROM periods WHERE per_current = 1";
if ($result = $db->query($query))
{
if ($db->affected_rows > 0)
{
$row = $result->fetch_assoc();
$perid = $row['per_id'];
$per = $row['per_per'];
$statements = $row['per_statements'];
$locked = $row['locked'];
}
else
{
$perid = 0;
$per = ' ';
$statements = 0;
$locked = 0;
}
}
else
{
die();
}
// fetch notes-count
$query = "SELECT COUNT(inot_id) as notect FROM notes_internal WHERE inot_active = 1";
if ($result = $db->query($query))
{
if ($db->affected_rows > 0)
{
$row = $result->fetch_assoc();
$notes = $row['notect'];
}
else
{
$notes = 0;
}
}
else
{
die();
}
// complete return var
$rv .= '<curryr>' . $yr . '</curryr>' . PHP_EOL;
$rv .= '<periodid>' . $perid . '</periodid>' . PHP_EOL;
$rv .= '<period>' . $per . '</period>' . PHP_EOL;
$rv .= '<statements>' . $statements . '</statements>' . PHP_EOL;
$rv .= '<locked>' . $locked . '</locked>' . PHP_EOL;
$rv .= '<notes>' . $notes . '</notes>' . PHP_EOL;
$rv .= '<fye>' . $fye . '</fye>' . PHP_EOL;
$rv .= '<freq>' . $freq . '</freq>' . PHP_EOL;
$rv .= '<org>' . $org . '</org>' . PHP_EOL;
}
else
{
$rv .= '<cid>0</cid>' . PHP_EOL;
$rv .= '<sort>na</sort>' . PHP_EOL;
$rv .= '<dbname>na</dbname>' . PHP_EOL;
$rv .= '<org>-1</org>' . PHP_EOL;
$rv .= '<isopen>' . $isopen . '</isopen>' . PHP_EOL;
$rv .= '<curryr></curryr>' . PHP_EOL;
$rv .= '<periodid>0</periodid>' . PHP_EOL;
$rv .= '<period></period>' . PHP_EOL;
$rv .= '<statements>0</statements>' . PHP_EOL;
$rv .= '<locked>0</locked>' . PHP_EOL;
$rv .= '<notes>0</notes>' . PHP_EOL;
$rv .= '<fye>-1</fye>' . PHP_EOL;
$rv .= '<freq>-1</freq>' . PHP_EOL;
$rv .= '<org></org>' . PHP_EOL;
}
}
}
else
{
$rv .= '<cid>0</cid>' . PHP_EOL;
$rv .= '<sort>na</sort>' . PHP_EOL;
$rv .= '<dbname>na</dbname>' . PHP_EOL;
$rv .= '<org>-1</org>' . PHP_EOL;
$rv .= '<isopen>' . $isopen . '</isopen>' . PHP_EOL;
$rv .= '<curryr></curryr>' . PHP_EOL;
$rv .= '<periodid>0</periodid>' . PHP_EOL;
$rv .= '<period></period>' . PHP_EOL;
$rv .= '<statements>0</statements>' . PHP_EOL;
$rv .= '<locked>0</locked>' . PHP_EOL;
$rv .= '<notes>0</notes>' . PHP_EOL;
$rv .= '<fye>-1</fye>' . PHP_EOL;
$rv .= '<freq>-1</freq>' . PHP_EOL;
$rv .= '<org></org>' . PHP_EOL;
}
}
else
{
$rv .= '<cid>0</cid>' . PHP_EOL;
$rv .= '<sort>na</sort>' . PHP_EOL;
$rv .= '<dbname>na</dbname>' . PHP_EOL;
$rv .= '<org>-1</org>' . PHP_EOL;
$rv .= '<isopen>' . $isopen . '</isopen>' . PHP_EOL;
$rv .= '<curryr></curryr>' . PHP_EOL;
$rv .= '<periodid>0</periodid>' . PHP_EOL;
$rv .= '<period></period>' . PHP_EOL;
$rv .= '<statements>0</statements>' . PHP_EOL;
$rv .= '<locked>0</locked>' . PHP_EOL;
$rv .= '<notes>0</notes>' . PHP_EOL;
$rv .= '<fye>-1</fye>' . PHP_EOL;
$rv .= '<freq>-1</freq>' . PHP_EOL;
$rv .= '<org></org>' . PHP_EOL;
}
// finish output
$rv .= '</openclient>' . PHP_EOL;
$rv .= '</root>' . PHP_EOL;
// return data
echo $rv;
die;
}
else
{
header('Server: ');
header('X-Powered-By: ');
header("HTTP/1.0 404 Not Found");
}
?>