<?php
/*****************************************************************************
IP Reg, a PHP/MySQL IPAM tool
Copyright (C) 2007-2009 Wietse Warendorff (up to v0.5)
Copyright (C) 2011-2023 Thomas Hooge

SPDX-License-Identifier: GPL-3.0-or-later
*****************************************************************************/

include("includes.php");

if ($_SESSION['suser_role_admin'] == 0) {
    header_location('comments.php?comments=accessdenied');
}

if (isset($_REQUEST['id'])) {
    $id = (int) $_REQUEST['id'] or $id = 0;
}

$ctypes = array('copper' => 'Copper', 'fibre' => 'Fibre',
                'laser' => 'Laserlink', 'radio' => 'Radiolink');

// ========== ACTIONS START ===================================================

switch ($submit = form_get_action()) {

    case NULL: break;

    case 'add':   $action = ACT_ADD; break;
    case 'view':  $action = ACT_VIEW; break;
    case 'edit':  $action = ACT_EDIT; break;
    case 'del':   $action = ACT_DELETE; break;

    case 'insert':
        $description = sanitize($_POST['description']);
        $color = sanitize($_POST['color']);
        $info = sanitize($_POST['info']);
        $sql = "INSERT INTO cable
                    (cable_description, cable_color, cable_info)
                VALUES
                    (:description, :color, :info)";
        $sth = $dbh->prepare($sql);
        $sth->bindValue(':description', $description, PDO::PARAM_STR);
        $sth->bindValue(':color', $color, PDO::PARAM_STR);
        $sth->bindValue(':info', $info, PDO::PARAM_STR);
        $sth->execute();
        $id = $dbh->lastInsertId();
        $action = ACT_VIEW;
        break;

    case 'update':
        $description = sanitize($_POST['description']);
        $color = sanitize($_POST['color']);
        $length = sanitize($_POST['length']);
        $type = sanitize($_POST['cable_type']);
        $info = sanitize($_POST['info']);
        $sql = "UPDATE cable
                SET cable_description=:desc,
                    cable_color=:color,
                    cable_length=:length,
                    cable_type=:type,
                    cable_info=:info
                WHERE cable_id=:id";
        $sth = $dbh->prepare($sql);
        $sth->bindValue(':id', $id, PDO::PARAM_INT);
        $sth->bindValue(':desc', $description, PDO::PARAM_STR);
        $sth->bindValue(':length', $length, PDO::PARAM_INT);
        $sth->bindValue(':color', $color, PDO::PARAM_STR);
        $sth->bindValue(':type', $type, PDO::PARAM_STR);
        $sth->bindValue(':info', $info, PDO::PARAM_STR);
        $sth->execute();
        $action = ACT_VIEW;
        break;

    case 'delete':
        $sth = $dbh->prepare("DELETE FROM cable WHERE cable_id=?");
        $sth->execute([$id]);
        $action = ACT_DEFAULT;
        break;

    default:
        $g_error->Add(submit_error($submit));
        $valid = FALSE;
}

// ========== ACTIONS END =====================================================

$smarty->assign("scripts", 'jscolor.js');
include("header.php");

// ========== PAGE CONTENT ====================================================

if ($action == ACT_DEFAULT):
// ========== VARIANT: default behavior =======================================

$sql = "SELECT cable_id AS id, cable_description AS description,
            cable_from_id, cable_to_id, cable_length, cable_links,
            cable_type, cable_color,
            CONCAT(LEFT(cable_info, 60), IF(CHAR_LENGTH(cable_info)>60,'...','')) AS info
        FROM cable
        ORDER BY cable_description";
$sth = $dbh->query($sql);
$smarty->assign("cables", $sth->fetchAll());

$smarty->display("cable.tpl");

elseif ($action == ACT_ADD):
// ========== VARIANT: add record =============================================

$smarty->assign('type_options', $ctypes);
$smarty->display('cableadd.tpl');

elseif ($action == ACT_VIEW):
// ========== VARIANT: view single record =====================================

$sql = "SELECT cable_id AS id, cable_description AS description,
            cable_from_id, cable_to_id, cable_length, cable_links,
            cable_type, cable_color AS color, cable_info AS info
        FROM cable
        WHERE cable_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$id]);
$smarty->assign('cable', $sth->fetch(PDO::FETCH_OBJ));

$smarty->display('cableview.tpl');

elseif ($action == ACT_EDIT):
// ========== VARIANT: edit single record =====================================

$sql = "SELECT cable_id AS id, cable_description AS description,
            cable_from_id, cable_to_id, cable_length, cable_links,
            cable_type, cable_color AS color, cable_info AS info
        FROM cable
        WHERE cable_id=?";
$sth = $dbh->prepare($sql);
$sth->execute([$id]);
$smarty->assign('cable', $sth->fetch(PDO::FETCH_OBJ));

$smarty->assign('type_options', $ctypes);
$smarty->display('cableedit.tpl');

elseif ($action == ACT_DELETE):
// ========== VARIANT: delete record ==========================================

$sth = $dbh->prepare("SELECT cable_description FROM cable WHERE cable_id=?");
$sth->execute([$id]);
$smarty->assign('id', $id);
$smarty->assign('description', $sth->fetchColumn());

$smarty->display('cabledel.tpl');

else:
// ========== UNBEKANNTE VARIANTE =============================================

echo "<p>Unknown function call: Please report to system development!</p>\n";

endif; // $action == ...
// ========== END OF VARIANTS =================================================

include("footer.php");
?>