Upload files to 'public_html/scripts'

public_html/scripts/config.php

@@ -0,0 +1,23 @@
+<?php
+/*  Authors         :   Carlos C. Corrada-Bravo
+                        David J. Ortiz-Rivera
+
+    Organization    :   Centro de Desarrollo y Consultoria Computacional
+    Project         :   OPASO Material Registry   
+    File            :   config.php
+    Description     :   Initialize database connection. */
+
+    /* Initiate values */ 
+	$server = 'localhost';
+	$username = 'david.ortiz11';
+	$password = 'John2815/';
+	$name = 'OPASO';
+
+	/* Create connection */
+	$db = new mysqli($server,$username,$password,$name);
+	/* Check connection */
+	if ($db->connect_error){
+	    die('Connection failed: ' . $db->connect_error);
+	}
+	// echo 'Connected successfully <br>' ;
+?>

public_html/scripts/extract.php

@@ -0,0 +1,175 @@
+<?php
+/*  Authors         :   Carlos C. Corrada-Bravo
+                        David J. Ortiz-Rivera
+
+    Organization    :   Centro de Desarrollo y Consultoria Computacional
+    Project         :   OPASO Material Registry   
+    File            :   extract.php
+    Description     :   Extract and insert data from tsv. */
+
+	/* Import database connection & display errors */
+	include_once "config.php";
+	error_reporting(E_ALL);
+	ini_set("display_errors",1);
+	/* For each file: open and explode each row by tabs */
+	foreach (glob("../ndata/*.txt") as $file){
+		/* Initiate laboratory/personnel/register dictionaries. */ 
+		$laboratory = array();
+		$pi = array();
+		$cho = array();
+		$register = array();
+		/* Initiate some values. */ 
+		$success = 0;
+		$null = "n/a";
+		$row = 1;	/* Start at row 1. */	
+		/* Parse tsv file */
+		if(($fhandle = fopen($file,"r")) !== FALSE){
+	  		while(($data = fgetcsv($fhandle,1000,"\t")) !== FALSE){
+				/* Extract department and personnel in columns B(1) and I(8) */ 
+				if($row > 6 and $row < 12){
+					/* Avoid null keys. */
+					if($data[0]){
+						$laboratory[$data[0]] = $data[1];
+					}
+					if($row < 10){
+						$pi[$data[7]] = $data[8];
+					}
+					else{
+						$cho[$data[7]] = $data[8];
+					}
+				}
+				/* Extract cho phone. */ 
+				elseif($row == 12){
+					$cho[$data[7]] = $data[8];
+				}
+				/* Insert laboratory/personnel info and generate register keys. */ 
+				elseif($row == 14){
+					for($index=0; $index < count($data); $index++){
+						/* Initiate keys with null values. */
+						if($data[$index]){
+							$register[$data[$index]] = "";
+						}
+					}
+					foreach($pi as $key=>&$value){
+						if(!$value){
+							$value = $null;
+						}
+					}
+					foreach($cho as $key=>&$value){
+						if(!$value){
+							$value = $null;
+						}
+					}
+					/* person entries. 
+					   Bind and insert pi data. */
+					$person = $db->stmt_init();
+					if($person = $db->prepare("INSERT INTO Person(pname,email,password,phone,privileges) VALUES (?,?,?,?,?)")){
+						$person->bind_param("sssss",$pi['pi'],$pi['piemail'],$null,$pi['piphone'],$null);
+						if($person->execute()){
+							$pi = $db->insert_id;	/* Extract generated pid. */
+						}
+						/* In case of duplicate entry. */ 
+						else{
+							$email = $pi['piemail'];
+							/* Extract id by email. */
+							if ($person = $db->prepare("SELECT pid FROM Person WHERE email=?")){
+							    /* Bind selector and execute. */
+							    $person->bind_param("s",$email);
+							    if($person->execute()){
+				    				/* Bind result variables and fetch. */
+								    $person->bind_result($pi);
+								    $person->fetch();
+							    }
+							}
+						}
+					}
+					/* Bind and insert cho data. */
+					$person = $db->stmt_init();
+					if($person = $db->prepare("INSERT INTO Person(pname,email,password,phone,privileges) VALUES (?,?,?,?,?)")){
+						$person->bind_param("sssss",$cho['cho'],$cho['choemail'],$null,$cho['chophone'],$null);
+						if($person->execute()){
+							$cho = $db->insert_id;	/* Extract generated pid. */
+						}
+						/* In case of duplicate entry. */ 
+						else{
+							$email = $cho['choemail'];
+							/* Extract id by email. */
+							if ($person = $db->prepare("SELECT pid FROM Person WHERE email=?")){
+							    /* Bind selector and execute. */
+							    $person->bind_param("s",$email);
+							    if($person->execute()){
+				    				/* Bind result variables and fetch. */
+								    $person->bind_result($cho);
+								    $person->fetch();
+							    }
+							}
+						}
+					}
+					$person->close();
+					/* lab entry
+					   Bind and insert lab data. */ 
+					$lab = $db->stmt_init();
+					if($lab = $db->prepare("INSERT INTO Laboratory(lname,lab,department,building,extension,pi,cho) VALUES (?,?,?,?,?,?,?)")){
+						$lab->bind_param("sssssii",$laboratory['lname'],$laboratory['lab'],$laboratory['department'],$laboratory['building'],$laboratory['extension'],$pi,$cho);
+						$lab->execute();
+						$lab->close();
+						$lab = $db->insert_id;	/* Extract generated lid. */
+					}
+				}
+				/* Extract register data by row. */ 
+				elseif($row > 15){
+					$d = 0;	/* Reset index. */
+					foreach($register as $key=>&$value){
+						/* Replace null entries with identifiable string. */ 
+						if($data[$d]){
+							$value = $data[$d];
+						}
+						else{
+							$value = $null;
+						}
+						$d++;
+						/* Avoid segmentation fault. */ 
+						if($d >= count($register)){
+							break;	
+						}
+					}
+					/* inventory entries
+					   Bind and insert inventory data. */ 
+					$inventory = $db->stmt_init();
+					if($register['chemical'] != "null entry"){
+						if($inventory = $db->prepare("INSERT INTO Inventory(chemical,manufacturer,sds,cas,state,hazard,type,amount,quantity,total,location,ghs,lid) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)")){
+					 		$inventory->bind_param("ssssssssssssi",$register['chemical'],$register['manufacturer'],$register['sds'],$register['cas'],$register['state'],$register['hazard'],$register['type'],$register['amount'],$register['quantity'],$register['total'],$register['location'],$register['ghs'],$lab);
+							/* Query failed, display error. */ 
+							if(!($inventory->execute())){
+								echo "Entry error:";
+								echo "<br>";
+					 			print_r($inventory);
+					 			echo "<br>";
+					 			print_r($register);
+					 			echo "<br>";
+								echo "PI id: " . $pi . "<br>";
+								echo "CHO id: " . $cho . "<br>";
+								echo "LAB id: " . $lab . "<br>";
+							}
+							/* Track number of successful entries. */ 
+							else{
+								$success++;
+								$inventory->close();
+							}
+						}
+					}
+				}
+		    	$row++;		/* Update row. */ 
+		  	}
+		  	/* Close all remaining connections/streams. */ 
+		  	fclose($fhandle);
+			echo "<br>FILE: " . $file . "<br>";
+			echo "PI id: " . $pi . "<br>";
+			echo "CHO id: " . $cho . "<br>";
+			echo "LAB id: " . $lab . "<br>";
+			echo $success . " successful entries." . "<br><br>";
+		}
+	}
+	/* Close db connection. */ 
+	$db->close();
+?>

public_html/scripts/main.js

@@ -0,0 +1,70 @@
+/*  Authors         :   Carlos C. Corrada-Bravo
+                        David J. Ortiz-Rivera
+                        José A. Quiñones-Flores
+
+    Organization    :   Centro de Desarrollo y Consultoria Computacional
+    Project         :   OPASO Material Registry   
+    File            :   main.js
+    Description     :   Compile mainly used functions */
+
+/* current() - highlight current page in navbar */ 
+function current(){
+    var current = window.location.pathname;
+    $(".link").each(function(){
+        if($(this).attr("href") == current){
+            $(this).addClass("current");
+        }
+    });
+}
+/* get_arg(arg: string) - fetches argument from url if set, else returns null */ 
+function get_arg(arg){
+    /* Get arg by id */ 
+    var url = new URL(window.location.href);
+    arg = url.searchParams.get(arg);
+    return arg;
+}
+/* loading_screen(flag: bool) - hide/show loading screen */
+function loading_screen(flag){
+    if(flag){   /* show */
+        $(".content").css("overflow","hidden");
+        $(".loading-screen").show();
+    }
+    else{       /* hide */
+        $(".loading-screen").hide();
+        $(".content").css("overflow","auto");
+    }
+}
+/* create_button(text: string,icon: object,cname: string,id: string,val: string) - generates button */ 
+function create_button(text,icon,cname,id,val){
+    var button = document.createElement("button");
+    /* set attributes */ 
+    button.setAttribute("class",cname);
+    button.setAttribute("id",id);
+    if(is_defined(val)){
+        button.setAttribute("val",val);
+    }
+    /* set content */ 
+    button.textContent = text;
+    button.append(create_element("i",icon));
+    return  button;
+}
+/* create_element(type: string,cname: string,content: string) - generates an html element */ 
+function create_element(type,cname,content){
+    var element = document.createElement(type);
+    /* set class */ 
+    element.setAttribute("class",cname);
+    /* set content */
+    if(is_defined(content)){
+        element.textContent = content;
+    }
+    return element;
+}
+/* display_error(error: string) - display error to user */ 
+function display_error(message){
+    var error = create_element("div","error",message);
+    $(".main").html(error);
+}
+/* is_defined(arg: any) - return true if an argument is defined */
+function is_defined(arg){
+    return typeof arg != undefined;
+} 

public_html/scripts/materials.js

@@ -0,0 +1,5 @@
+let user = "david.ortiz";
+let q = "all";
+$.post("/scripts/materials.php",{user:user,type:type},function(response){
+	console.log(response);
+});

public_html/scripts/opaso.php

@@ -0,0 +1,164 @@
+<?php
+/*  Authors         :   Carlos C. Corrada-Bravo
+                        David J. Ortiz-Rivera
+                        José A. Quiñones-Flores
+
+    Organization    :   Centro de Desarrollo y Consultoria Computacional
+    Project         :   OPASO Material Registry   
+    File            :   opaso.php
+    Description     :   Handle API requests for OPASO */
+	require "config.php";
+	error_reporting(E_ALL);
+	ini_set("display_errors",1);
+	
+
+	/* extract api call */
+	if(isset($_POST["query"])){
+		$query = $_POST["query"];
+		$response = array();	/* response array */
+		$error = false;
+		/* handle query */ 
+		switch($query){
+			case 0:		/* Register user */
+				break;
+			case 1:		/* Login user */
+				break;
+			case 2:		/* Get laboratories */
+				break;
+			case 3:		/* Get materials */
+				break;
+			case 4:		/* Get inventory by lab */
+				/* extract args */ 
+				if(isset($_POST["laboratory"])){
+					$laboratory = $_POST["laboratory"];
+					if($lab_name = $db->prepare("SELECT lname FROM Laboratory WHERE lid=?")){
+						$lab_name->bind_param("i",$laboratory);		/* bind laboratory to query and execute */
+						if($lab_name->execute()){
+							$lab_name->bind_result($lname);
+							$lab_name->store_result();
+							if($lab_name->num_rows > 0){
+								while($lab_name->fetch()){
+									$response["laboratory"] = $lname;
+								}
+							}
+							else{
+								$error = true;
+								$message = "Lab not found.";
+							}
+						}
+						else{
+							$error = true;
+							$message = "Something went wrong.";
+						}
+					}
+					else{
+						$error = true;
+						$message = "Something went wrong.";
+					}
+					/* prepare query */ 
+					if($inventory = $db->prepare("SELECT eid,chemical,cas,manufacturer,sds,ghs,hazard,state,type,amount,quantity,total,uom,location FROM Inventory WHERE lid=?")){
+						$inventory->bind_param("i",$laboratory);		/* bind laboratory to query and execute */
+						if($inventory->execute()){
+							$inventory->bind_result($eid,$chemical,$cas,$manufacturer,$sds,$ghs,$hazard,$state,$type,$amount,$quantity,$total,$uom,$location);
+							$inventory->store_result();
+							if($inventory->num_rows > 0){
+								$response["status"] = "success";
+								$response["inventory"] = [];
+								$options = [
+								    "cost" => 8,
+								];
+								while($inventory->fetch()){
+									$response["inventory"][password_hash($eid,PASSWORD_DEFAULT,$options)] = ["chemical" => $chemical,"cas" => $cas,"manufacturer" => $manufacturer,"sds" => $sds,"ghs" => $ghs,"hazard" => $hazard,"state" => $state,"type" => $type,"amount" => $amount,"quantity" => $quantity,"total" => $total,"uom" => $uom,"location" => $location];
+								}
+							}
+							else{
+								$error = true;
+								$message = "No results found.";
+							}
+							$inventory->close();
+						}
+						else{
+							$error = true;
+							$message = "Something went wrong.";
+						}
+					}
+					else{
+						$error = true;
+						$message = "Something went wrong.";
+					}
+				}
+				/* missing args */ 
+				else{
+					$error = true;
+					$message = "One ore more arguments missing.";
+				}
+				break;
+			case 5:		/* */
+				break;
+			case 6:		/* edit row */
+				/* extract args */
+				if(isset($_POST["eid"]) and isset($_POST["laboratory"]) and isset($_POST["fields"])){
+					$eid = $_POST["eid"];
+					$laboratory = $_POST["laboratories"];
+					$fields = $_POST["fields"];
+					/* match row with authorized rows */ 
+					$uid = "";
+					$labs = array();
+					for($l=0; $l < sizeof($labs); $l++){
+						if($rows = $db->prepare("SELECT eid FROM Laboratory WHERE lid=?")){
+							$rows->bind_param("i",$labs[$l]);		/* bind laboratory to query and execute */
+							if($rows->execute()){
+								$rows->bind_result($rid);
+								$rows->store_result();
+								if($rows->num_rows > 0){
+									while($rows->fetch()){
+										/* if ids match, update row */ 
+										if(password_verify($rid,$_POST["eid"])){
+											if($update_row = $db->prepare("UPDATE Inventory SET chemical=?,manufacturer=?,sds=?,cas=?,state=?,hazard=?,type=?,amount=?,quantity=?,total=?,location=?,ghs=?,uom=? WHERE eid=?")){
+												$update_row->bind_param("sssssssssssssi",$fields["chemical"],$fields["manufacturer"],$fields["sds"],$fields["cas"],$fields["state"],$fields["hazard"],$fields["type"],$fields["amount"],$fields["quantity"],$fields["total"],$fields["ghs"],$fields["uom"],$rid);
+												if($update_row->execute()){
+													$response["status"] = "success";
+												}
+											}
+										}	
+									}
+								}
+
+								else{
+									$error = true;
+									$message = "No results found.";
+								}
+							}
+						}
+					}
+				}
+				/* missing args */ 
+				else{
+					$error = true;
+					$message = "One ore more arguments missing.";
+				}
+				break;
+			case 7: 	/* edit inventory row */
+				print_r($_POST);
+				break;
+			case 8: 	/* copy inventory row */
+				print_r($_POST);
+				break;
+			default:	/* non defined requests */
+				print_r($_POST);
+
+				echo "request not defined";
+				break;
+		}
+		if($error){
+			$response = array();
+			$response["status"] = "error";
+			$response["error"] = $message;
+		}
+		echo json_encode($response);
+	}
+	/* missing api call */ 
+	else{
+		echo "one or more arguments are missing";
+	}
+?>