approvazione.php | searchcode

/approvazione.php

https://bitbucket.org/amorello/changeover
PHP | 256 lines | 210 code | 35 blank | 11 comment | 35 complexity | 1b5ba93df97f5bdc91d1bd0146f07ade MD5 | raw file

<?php

session_start();

include 'CSS/templateTop.html';



require_once 'login.php';



if(!isset($_SESSION['changeover_IDutente'])){

    header("location: index.php");

}

else 

{

 /*   

/* per far accedere solo CAVALIERI

if($_SESSION['changeover_IDutente']=='4')

{

*/



include 'barramenu.php';







$query = "SELECT * FROM interventi WHERE STATO1=\"R\" && STATO2 =\"S\" && STATO3 =\"D\" ORDER BY datarichiesta";

$result = mysql_query($query);

if (!$result) die ("Database access failed: " . mysql_error());



echo <<<_END

<form action="approvazione.php" method="post" name="inserimento">

<p class="blue"> APPROVAZIONE: </p>

<table border="5" bordercolor= "#6FD1D2" rules="rows" cellspacing="5" width="900" >

    <tr bgcolor="#6FD1D2" bordercolor= "#6FD1D2" >

        <td>ID</td>

        <td >Tipologia</td>

        <td>bene</td>

        <td>Riferimento</td>

        <td>Struttura</td>

        <td width="5" >Note</td>

        <td width="5">Sopralluogo</td>

        <td bgcolor="#FF0000" bordercolor= "#FF0000" >APPROVAZIONE</td>

    </tr>

    

_END;

$righe = mysql_num_rows($result);           

for ($j = 0 ; $j < $righe ; ++$j)

    {   

    

        $row = mysql_fetch_row($result);

        $ID = $row[0];

        $tipo = $row[1];

        if($tipo=='sost'){

            $bene = $row[2];

            

            $query = "SELECT * FROM pc WHERE ID=$bene";

            $result2 = mysql_query($query);

            if (!$result2) die ("Database access failed: " . mysql_error());

            $row2 = mysql_fetch_row($result2);

            $ID_bene = $row2[1];

            $marcamodello= $row2[2];

            $ID_monitor = $row2[3];

            $pollici= $row2[4];

        }else{

            $bene = '';

            $ID_bene = '';

            $marcamodello= '';

            $ID_monitor = '';

            $pollici= '';

        }

        

        $collocazione= $row[3];

        

        $query = "SELECT * FROM collocazione WHERE ID=$collocazione";

        $result2 = mysql_query($query);

        if (!$result2) die ("Database access failed: " . mysql_error());

        $row2 = mysql_fetch_row($result2);

        $ubicazione = $row2[1];

        $sc= $row2[2];

        $ufficio = $row2[3];

        

        $query = "SELECT * FROM sc WHERE ID=$sc";

        $result2 = mysql_query($query);

        if (!$result2) die ("Database access failed: " . mysql_error());

        $row2 = mysql_fetch_row($result2);

        $sc = $row2[1];

        

        $cognome_nome_utente = $row[4];

        $telefono = $row[5];

        $n1 = $row[8];

        $n2 = $row[9];

        $n3 = $row[10];

        

        $presadirete=$row[6];

        $attiva=$row[5];

        

        $sopralluogo = $row[11];

        $esito= $row[13];

        

        $datarichiesta = $row[15];

        list($data_a,$data_m,$data_g) = explode("-",$datarichiesta);

        $time = mktime(0,0,0, $data_m, $data_g, $data_a);

        $datarichiesta= date ('d-m-Y',$time);

        

if($n1!=0)

{

    $query = "SELECT nota FROM note WHERE ID=$n1";

        $result2 = mysql_query($query);

        if (!$result2) die ("Database access failed: " . mysql_error());

        $row2 = mysql_fetch_row($result2);

        $nota1 = $row2[0];

}else{

    $nota1="";

}

if($n2!=0)

{

    $query = "SELECT nota FROM note WHERE ID=$n2";

        $result2 = mysql_query($query);

        if (!$result2) die ("Database access failed: " . mysql_error());

        $row2 = mysql_fetch_row($result2);

        $nota2 = $row2[0];   

}else{

    $nota2="";

}

if($n3!=0)

{

    $query = "SELECT nota FROM note WHERE ID=$n3";

        $result2 = mysql_query($query);

        if (!$result2) die ("Database access failed: " . mysql_error());

        $row2 = mysql_fetch_row($result2);

        $nota3 = $row2[0]; 

}else{

    $nota3="";

}



$query = "SELECT * FROM sopralluogo WHERE ID=\"$sopralluogo\"";

        $result2 = mysql_query($query);

        if (!$result2) die ("Database access failed: " . mysql_error());

        $row2 = mysql_fetch_row($result2);

        $presarete = $row2[1];

        $corrente = $row2[2];

        $nsop = $row2[3];

        $operatsop = $row2[4];

        

        $query = "SELECT nome FROM utenti WHERE ID=$operatsop";

        $result2 = mysql_query($query);

        if (!$result2) die ("Database access failed: " . mysql_error());

        $row2 = mysql_fetch_row($result2);

        $operatsop = $row2[0];

        

        

    if($nsop!=0)       

    {

        $query = "SELECT nota FROM note WHERE ID=\"$nsop\"";

        $result2 = mysql_query($query);

        if (!$result2) die ("Database access failed: " . mysql_error());

        $row2 = mysql_fetch_row($result2);

        $notasop = $row2[0];

    }

    else{

        $notasop='';

    }



  

        

echo <<<_END

    <tr>

    <td><font class="rosso">$ID</font></td>

    <td width="5">

_END;

if($tipo=='sost')

    echo "<font class=\"blue\">SOST</font>";

if($tipo=='nuovo')

    echo"<font class=\"blue\">NUOVO</font>";  

echo <<<_END

    </td>

    <td><u><a title="modello:$marcamodello  monitor:$ID_monitor da $pollici pollici"> $ID_bene</a></u></td>

    <td><u><a title="telefono $telefono">$cognome_nome_utente</a></u></td>

    <td><u><a title="$ubicazione ufficio: $ufficio">$sc</a></u></td>

_END;

if(!empty($nota1) || !empty($nota2) || !empty($nota3)){

echo <<<_END

    <td><a title="Programmi: $nota1 \nOrario: $nota2 \nVarie: $nota3"> <img src="CSS/note.JPG"  width="20" heigt="20"></a> </td>

_END;

}else{

    echo <<<_END

    <td></td>

_END;

    }

    echo <<<_END

    <td><u><a title="$operatsop\n

_END;

if($tipo=='nuovo'){

    echo "corrente:$corrente presarete:$presarete $presadirete $attiva\n";

}

echo <<<_END

        $notasop">S</a><u></td>

_END;

$appro='D';

if(isset($_POST["$ID"])){

        $appro= $_POST["$ID"];

if(isset($_POST['salva'])){

        if($appro=='S'){

            $stato1='A';   

        }

        if($appro=='N'){

            $stato1='S';   

        }

        $query = "UPDATE interventi SET  STATO1=\"$stato1\", STATO3=\"$appro\" WHERE ID=\"$ID\"";

        $result2 = mysql_query($query);

        if (!$result2) die ("Database access failed: " . mysql_error());

        echo "<td><font class=\"rossop\">SALVATO!</font></td>";

    }

}else{

echo <<<_END

    <td width="5"><table><tr><td><input 

_END;

if ($appro == 'S')

    echo "checked ";

echo <<<_END

type="radio" id="pos" name="$ID" value="S" /></td>

<td><label for="pos"><font class="rossop">APPROVATO</font></label></td>

<td><input 

_END;

if ($appro == 'N')

    echo "checked ";

echo <<<_END

type="radio" id="neg" name="$ID" value="N" /></td>

<td><label for="neg"><font class="rossop">SOSPESO</font></label></td>

</tr></table></td>



_END;

}

echo <<<_END

</tr>

_END;

    

}

    

echo <<<_END

</table>

<input type="submit" name="salva" value="SALVA" />

</form> 

_END;









/* 

}  else 

{

    echo "protezione pagina - no diritti ";

} 

*/

}



include 'CSS/templateEnd.html';





?>