Your IP : 216.73.216.40

Current Path : /var/www/html/mmishra/erp/models/
Current File : /var/www/html/mmishra/erp/models/erpa_model.php
<?php
//if (!class_exists($erpModel)) {
	require_once __DIR__."/erp_model.php";
//}
class erpaModel extends erpModel {
	
	public function __construct() {
        // mysql connection using PDO
        try {
 		   	$this->pdo 	= new PDO('mysql:host=' .DB_SERVER. ';dbname=' .DB_NAME, DB_USER, DB_PASSWD, $options);
			$this->pdo->query("use erp_core");
		} catch (PDOException $e) {
    		die("Error!: " .$e->getMessage());
		}
   	}

    public function __destruct() {
        //print mysql_error();
        $this->dbStmt 	= null;
        $this->pdo 		= null;
	}

	//***********************************************************************
	//*					erp country functions								*
	//***********************************************************************

    function saveCountry($countryCode,$countryName) {
        if ($this->pdo->query("SELECT * FROM " .$this->tableID. " WHERE countryID=" .$this->tupleID)->rowCount()) {
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET countryCode='$countryCode',countryName='$countryName'
            WHERE countryID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
        } else {
            $this->sqlStmt = "INSERT INTO " .$this->tableID. "(countryCode,countryName)
            VALUES('$countryCode','$countryName')";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $this->pdo->lastInsertId();
        } 
    }
	
	function deleteCountry() {
       	$this->sqlStmt = "DELETE FROM " .$this->tableID. " WHERE countryID=" .$this->tupleID;
       	$this->pdo->exec($this->sqlStmt);
	}
	
    function getCountry($countryID=0) {
		if ($countryID) {
			$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_countrys WHERE countryID=$countryID");
        	return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
        }
    }

 	
	//***********************************************************************
	//*					erp state functions									*
	//***********************************************************************

    function saveState($stateCode,$stateName,$countryID) {
        if ($this->pdo->query("SELECT * FROM " .$this->tableID. " WHERE stateID=" .$this->tupleID)->rowCount()) {
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET countryID=$countryID,stateName='$stateyName'
            WHERE stateID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
        } else {
            $this->sqlStmt = "INSERT INTO " .$this->tableID. "(countryID,stateName)
            VALUES($countryID,'$stateName')";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $this->pdo->lastInsertId();
        }
    }
	
	function deleteState() {
       	$this->sqlStmt = "DELETE FROM " .$this->tableID. " WHERE stateID=" .$this->tupleID;
       	$this->pdo->exec($this->sqlStmt);
	}
	
    function getState($stateID=0) {
		if ($stateID) {
			$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_states WHERE stateID=$stateID");
        	return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
        }
    }

	//***********************************************************************
	//*							erp board/university functions				*
	//***********************************************************************

    function saveBoard($boardCode,$boardName,$boardLevel,$address) {
       	if ($this->pdo->query("SELECT * FROM " .$this->tableID. " WHERE boardID=" .$this->tupleID)->rowCount()) {
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET boardCode='$boardCode',boardName='$boardName',boardLevel=$boardLevel,address='$address'
            WHERE boardID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
        } else{
            $this->sqlStmt = "INSERT INTO " .$this->tableID. "(boardCode,boardName,boardLevel,address)
            values('$boardCode','$boardName',$boardLevel,'$address')";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $this->pdo->lastInsertId();
        }
    }

    function upperBoard() {
        $this->dbStmt = $this->pdo->query("SELECT boardID FROM " .$this->tableID. " WHERE boardID<" .$this->tupleID. " ORDER BY boardID DESC LIMIT 0,1");
		if ($this->dbStmt->rowCount()) {
            $row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
			$id = $row['boardID'];		
            //shift one step up by swapping boardID with previous one
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET boardID=0 WHERE boardID=$id";
            $this->pdo->exec($this->sqlStmt);
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET boardID=$id WHERE boardID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET boardID=" .$this->tupleID. " WHERE boardID=0";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $id;
        }
    }

    function lowerBoard() {
        $this->dbStmt = $this->pdo->query("SELECT boardID FROM " .$this->tableID. " WHERE boardID>" .$this->tupleID. " ORDER BY boardID limit 0,1");
		if ($this->dbStmt->rowCount()) {
            $row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
			$id = $row['boardID'];		
            //shift one step down by swapping boardID with next one
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET boardID=0 WHERE boardID=$id";
            $this->pdo->exec($this->sqlStmt);
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET boardID=$id WHERE boardID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET boardID=" .$this->tupleID. " WHERE boardID=0";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $id;
        }
    }

    function enableBoard() {
    	$status = 'Enabled';
		// set status of board to enabled
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='$status' WHERE boardID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
		// cascade status upto apps (except universal apps)
        $this->sqlStmt = "UPDATE erp_core.erp_apps SET status='$status' WHERE universal=0 AND boardID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
        // cascade status upto menus
        $this->sqlStmt = "UPDATE erp_core.erp_menus SET status='$status' WHERE appID IN (SELECT appID FROM erp_core.erp_apps WHERE universal=0 AND boardID=" . $this->tupleID. ")";
        $this->pdo->exec($this->sqlStmt);
    }

    function disableBoard() {
    	$status = 'Disabled';
		// set status of board to disabled
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='$status' WHERE boardID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
		// cascade status upto apps (except universal apps)
        $this->sqlStmt = "UPDATE erp_core.erp_apps SET status='$status' WHERE universal=0 AND boardID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
        // cascade status upto menus
        $this->sqlStmt = "UPDATE erp_core.erp_menus SET status='$status' WHERE appID IN (SELECT appID FROM erp_core.erp_apps WHERE universal=0 AND boardID=" . $this->tupleID. ")";
        $this->pdo->exec($this->sqlStmt);
    }

    function deleteBoard() {
        if ($this->tupleID > 1) {
        	$this->sqlStmt = "DELETE FROM " .$this->tableID. " WHERE boardID=" .$this->tupleID;
        	$this->pdo->exec($this->sqlStmt);
    	}
	}
	
    function getBoard($boardID=0) {
		if ($boardID) {
			$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_boards WHERE boardID=$boardID");
	    	return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
    	}
	}
	
    function listBoards($boardLevel=0) {
		if ($boardLevel) {
			$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_boards WHERE boardLevel=$boardLevel ORDER BY boardID");
			return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);		
		}
	}
	
    function selectBoard($boardLevel=0) {
		if ($boardLevel) {
			// list only enebled records
			$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_boards WHERE boardLevel=$boardLevel AND status='Enabled' ORDER BY boardName");
			return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);		
		}
	}
	
	//***********************************************************************
	//*							erp configuration functions					*
	//***********************************************************************

    function saveConfiguration($ownerName,$ownerAddress,$ownerPhone,$ownerEmail,$ownerWWW,$supportTeam,$supportPhone,$supportEmail,$copyrightInfo,$erpBaseURL,$autoMailing,$remark) {
        if ($this->pdo->query("SELECT * FROM " .$this->tableID. " WHERE configID=" .$this->tupleID)->rowCount()) {
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET ownerName='$ownerName',ownerAddress='$ownerAddress',ownerPhone='$ownerPhone',ownerEmail='$ownerEmail',ownerWWW='$ownerWWW',supportTeam='$supportTeam',supportPhone='$supportPhone',supportEmail='$supportEmail',
            copyrightInfo='$copyrightInfo',erpBaseURL='$erpBaseURL',autoMailing='$autoMailing',remark='$remark'
            WHERE configID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
        } else {
            $this->sqlStmt = "INSERT INTO " .$this->tableID. "(ownerName,ownerAddress,ownerPhone,ownerEmail,ownerWWW,supportTeam,supportPhone,supportEmail,copyrightInfo,erpBaseURL,autoMailing,remark)
            VALUES('$ownerName','$ownerAddress','$ownerPhone','$ownerEmail','$ownerWWW','$supportTeam','$supportPhone','$supportEmail','$copyrightInfo','$erpBaseURL','$autoMailing','$remark')";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $this->pdo->lastInsertId();
        }
		//echo $this->sqlStmt;
    }
	/* moved to erp_model.php
    function getConfiguration($configID=0) {
		if ($configID) {
			$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_configurations WHERE configID=$configID");
        	return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
        }
    }
	*/
	//***********************************************************************
	//*							erp institute functions						*
	//***********************************************************************

    function saveInstitute($instituteCode,$instituteName,$nameHindi,$address,$phoneNo,$email,$website,$departments,$programs,$instituteHead,$logoImage,$brandTagline,$idSignatory,$idAddressee,$signImage) {
        if ($this->pdo->query("SELECT * FROM " .$this->tableID. " WHERE instituteID=" .$this->tupleID)->rowCount()) {
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET instituteCode='$instituteCode',instituteName='$instituteName',nameHindi='$nameHindi',address='$address',phoneNo='$phoneNo',email='$email',website='$website',
            departments=$departments,programs=$programs,instituteHead='$instituteHead',logoImage='$logoImage',brandTagline='$brandTagline',idSignatory='$idSignatory',idAddressee='$idAddressee',signImage='$signImage'
            WHERE instituteID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
        } else {
            $this->sqlStmt = "INSERT INTO " .$this->tableID. "(instituteCode,instituteName,nameHindi,address,phoneNo,email,website,departments,programs,instituteHead,logoImage,brandTagline,idSignatory,idAddressee,signImage)
            VALUES('$instituteCode','$instituteName','$nameHindi','$address','$phoneNo','$email','$website',$departments,$programs,'$instituteHead','$logoImage','$brandTagline','$idSignatory','$idAddressee','$signImage')";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $this->pdo->lastInsertId();
        }
    }

    function upperInstitute() {
        $this->dbStmt = $this->pdo->query("SELECT instituteID FROM " .$this->tableID. " WHERE instituteID<" .$this->tupleID. " ORDER BY instituteID DESC LIMIT 0,1");
        if ($this->dbStmt->rowCount()) {
			$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
            $id = $row['instituteID'];
            //shift one step up by swapping aclID with previous one
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET instituteID=0 WHERE instituteID=$id; UPDATE " .$this->tableID. " SET instituteID=$id WHERE instituteID=" .$this->tupleID. "; UPDATE " .$this->tableID. " SET instituteID=" .$this->tupleID. " WHERE instituteID=0";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $id;
        }
    }

    function lowerInstitute() {
        $this->dbStmt = $this->pdo->query("SELECT instituteID FROM " .$this->tableID. " WHERE instituteID>" .$this->tupleID. " ORDER BY instituteID LIMIT 0,1");
        if ($this->dbStmt->rowCount()) {            
			$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
            $id = $row['instituteID'];
            //shift one step down by swapping aclID with next one
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET instituteID=0 WHERE instituteID=$id; UPDATE " .$this->tableID. " SET instituteID=$id WHERE instituteID=" .$this->tupleID. "; UPDATE " .$this->tableID. " SET instituteID=" .$this->tupleID. " WHERE instituteID=0";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $id;
        }
    }

    function enableInstitute() {
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='Enabled' WHERE instituteID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
    }

    function disableInstitute() {
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='Disabled' WHERE instituteID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
    }

    function deleteInstitute() {
       	$this->sqlStmt = "DELETE FROM " .$this->tableID. " WHERE instituteID=" .$this->tupleID;
       	$this->pdo->exec($this->sqlStmt);
	}
	
    //function listInsitutes() { defined in erp_model       
	//	$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_institutes ORDER BY instituteCode");
    //    return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
    //}
    
	
	//***********************************************************************
	//*							erp institute functions						*
	//***********************************************************************

    function saveDepartment($deptCode,$instituteID,$deptName,$hodID) {
        if ($this->pdo->query("SELECT * FROM " .$this->tableID. " WHERE deptID=" .$this->tupleID)->rowCount()) {
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET instituteID=$instituteID,deptCode='$deptCode',deptName='$deptName',hodID=$hodID
            WHERE instituteID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
        } else {
            $this->sqlStmt = "INSERT INTO " .$this->tableID. "(instituteID,deptCode,deptName,hodID)
            VALUES($instituteID,'$deptCode','$deptName',$hodID)";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $this->pdo->lastInsertId();
        }
    }

    function upperDepartmment() {
        $this->dbStmt = $this->pdo->query("SELECT deptID FROM " .$this->tableID. " WHERE deptID<" .$this->tupleID. " ORDER BY deptID DESC LIMIT 0,1");
        if ($this->dbStmt->rowCount()) {
			$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
            $id = $row['deptID'];
            //shift one step up by swapping aclID with previous one
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET deptID=0 WHERE deptID=$id; UPDATE " .$this->tableID. " SET deptID=$id WHERE deptID=" .$this->tupleID. "; UPDATE " .$this->tableID. " SET deptID=" .$this->tupleID. " WHERE deptID=0";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $id;
        }
    }

    function lowerDepartmment() {
        $this->dbStmt = $this->pdo->query("SELECT deptID FROM " .$this->tableID. " WHERE deptID>" .$this->tupleID. " ORDER BY deptID LIMIT 0,1");
        if ($this->dbStmt->rowCount()) {            
			$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
            $id = $row['deptID'];
            //shift one step down by swapping aclID with next one
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET deptID=0 WHERE deptID=$id; UPDATE " .$this->tableID. " SET deptID=$id WHERE deptID=" .$this->tupleID. "; UPDATE " .$this->tableID. " SET deptID=" .$this->tupleID. " WHERE deptID=0";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $id;
        }
    }

    function enableDepartmment() {
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='Enabled' WHERE deptID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
    }

    function disableDepartmment() {
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='Disabled' WHERE deptID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
    }

    function deleteDepartmment() {
       	$this->sqlStmt = "DELETE FROM " .$this->tableID. " WHERE deptID=" .$this->tupleID;
       	$this->pdo->exec($this->sqlStmt);
	}
	
    function getDepartmment($deptID=0) {
		if ($deptID) {
			$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_departmments WHERE deptID=$deptID");
        	return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
        }
    }

    function listDepartments() {        
		$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_departments ORDER BY deptID");
        return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
    }
    
    function selectDepartment($instituteID) {
		// list only enabled records
		if ($instituteID) {
			$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_departments WHERE instituteID=$instituteID AND status='Enabled' ORDER BY deptName");
			return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
		}
	}
	
    function getDepartmentCodeByDepartmentID($instituteID, $deptID) {
		if ($instituteID && $deptID) {
			$this->dbStmt = $this->pdo->query("SELECT deptCode FROM erp_core.erp_departments WHERE instituteID=$instituteID AND deptID=$deptID");
			$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
			return $row['deptCode'];
		}
    }

	function getDepartmentNameByDepartmentID($instituteID, $deptID) {
		if ($instituteID && $deptID) {
			$this->dbStmt = $this->pdo->query("SELECT deptName FROM erp_core.erp_departments WHERE instituteID=$instituteID AND deptID=$deptID");
			$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
			return $row['deptName'];
		}
	}


	//***********************************************************************
	//*					erp message functions									*
	//***********************************************************************

    function saveMessage($subject,$message,$sender,$recipient) {
        if ($this->pdo->query("SELECT * FROM " .$this->tableID. " WHERE messageID=" .$this->tupleID)->rowCount()) {
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET subject='$subject',message='$message',sender='$sender',recipient='$recipient'
            WHERE messageID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
        } else {
            $this->sqlStmt = "INSERT INTO " .$this->tableID. "(subject,message,sender,recipient)
            VALUES('$subject','$message','$sender','$recipient')";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $this->pdo->lastInsertId();
        }
    }
	
	function deleteMessage() {
       	$this->sqlStmt = "DELETE FROM " .$this->tableID. " WHERE messageID=" .$this->tupleID;
       	$this->pdo->exec($this->sqlStmt);
	}
	
    function getMessage($messageID=0) {
		if ($messageID) {
			$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_messages WHERE messageID=$messageID");
        	return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
        }
    }

    function listMessages() {
		$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_messages ORDER BY subject");
       	return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
    }

    function selectMessage() {
		$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_messages WHERE status='Enabled' ORDER BY subject");
       	return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
    }

	//***********************************************************************
	//*							erp module functions						*
	//***********************************************************************

    function saveModule($moduleName,$description,$moduleIcon,$iconColor,$moduleDept,$moduleAdmin,$adminEmail) {
        $adminEmail = filter_var($adminEmail, FILTER_SANITIZE_EMAIL);
		$adminEmail = filter_var($adminEmail, FILTER_VALIDATE_EMAIL);
		$description = filter_var($description, FILTER_SANITIZE_STRING);
		
       	if ($this->pdo->query("SELECT * FROM " .$this->tableID. " WHERE moduleID=" .$this->tupleID)->rowCount()) {
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET moduleName='$moduleName',description='$description',moduleDept='$moduleDept',
            moduleIcon='$moduleIcon',iconColor='$iconColor',moduleAdmin='$moduleAdmin',adminEmail='$adminEmail'
            WHERE moduleID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
        } else{
            $this->sqlStmt = "INSERT INTO " .$this->tableID. "(moduleName,description,moduleIcon,iconColor,moduleDept,moduleAdmin,adminEmail)
            values('$moduleName','$description','$moduleIcon','$iconColor','$moduleDept','$moduleAdmin','$adminEmail')";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $this->pdo->lastInsertId();
        }
    }

    function upperModule() {
        $this->dbStmt = $this->pdo->query("SELECT moduleID FROM " .$this->tableID. " WHERE moduleID<" .$this->tupleID. " ORDER BY moduleID DESC LIMIT 0,1");
		if ($this->dbStmt->rowCount()) {
            $row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
			$id = $row['moduleID'];		
            //shift one step up by swapping moduleID with previous one
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET moduleID=0 WHERE moduleID=$id; UPDATE " .$this->tableID. " SET moduleID=$id WHERE moduleID=" .$this->tupleID. "; UPDATE " .$this->tableID. " SET moduleID=" .$this->tupleID. " WHERE moduleID=0";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $id;
        }
    }

    function lowerModule() {
        $this->dbStmt = $this->pdo->query("SELECT moduleID FROM " .$this->tableID. " WHERE moduleID>" .$this->tupleID. " ORDER BY moduleID limit 0,1");
		if ($this->dbStmt->rowCount()) {
            $row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
			$id = $row['moduleID'];		
            //shift one step down by swapping moduleID with next one
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET moduleID=0 WHERE moduleID=$id; UPDATE " .$this->tableID. " SET moduleID=$id WHERE moduleID=" .$this->tupleID. ";UPDATE " .$this->tableID. " SET moduleID=" .$this->tupleID. " WHERE moduleID=0";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $id;
        }
    }

    function enableModule() {
    	$status = 'Enabled';
		// set status of module to enabled
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='$status' WHERE moduleID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
		// cascade status upto apps (except universal apps)
        $this->sqlStmt = "UPDATE erp_core.erp_apps SET status='$status' WHERE universal=0 AND moduleID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
        // cascade status upto menus
        $this->sqlStmt = "UPDATE erp_core.erp_menus SET status='$status' WHERE appID IN (SELECT appID FROM erp_core.erp_apps WHERE universal=0 AND moduleID=" . $this->tupleID. ")";
        $this->pdo->exec($this->sqlStmt);
    }

    function disableModule() {
    	$status = 'Disabled';
		// set status of module to disabled
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='$status' WHERE moduleID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
		// cascade status upto apps (except universal apps)
        $this->sqlStmt = "UPDATE erp_core.erp_apps SET status='$status' WHERE universal=0 AND moduleID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
        // cascade status upto menus
        $this->sqlStmt = "UPDATE erp_core.erp_menus SET status='$status' WHERE appID IN (SELECT appID FROM erp_core.erp_apps WHERE universal=0 AND moduleID=" . $this->tupleID. ")";
        $this->pdo->exec($this->sqlStmt);
    }

    function deleteModule() {
        if ($this->tupleID > 1) {
        	$this->sqlStmt = "DELETE FROM " .$this->tableID. " WHERE moduleID=" .$this->tupleID;
        	$this->pdo->exec($this->sqlStmt);
    	}
	}
	
    function getModule($moduleID=0) {
		if ($moduleID) {
			$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_modules WHERE moduleID=$moduleID");
	    	return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
    	}
	}
	
    function listModules() {
		$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_modules ORDER BY moduleID");
		return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);		
    }

    function selectModule() {
		// list only enebled records
		$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_modules WHERE status='Enabled' ORDER BY moduleName");
		return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);		
    }


	//***********************************************************************
	//*							erp app functions							*
	//***********************************************************************

    function saveApp($moduleID,$appName,$description,$appCode,$appURL,$appIcon,$iconColor,$appDept,$appAdmin,$adminEmail,$universal) {
        $adminEmail = filter_var($adminEmail, FILTER_SANITIZE_EMAIL);
		$adminEmail = filter_var($adminEmail, FILTER_VALIDATE_EMAIL);
		$appURL = filter_var($appURL, FILTER_SANITIZE_URL);
		$description = filter_var($description, FILTER_SANITIZE_STRING);

		if ($this->pdo->query("SELECT * FROM " .$this->tableID. " WHERE appID=" .$this->tupleID)->rowCount()) {
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET moduleID=$moduleID,appName='$appName',description='$description',appCode='$appCode',appURL='$appURL',
            appIcon='$appIcon',iconColor='$iconColor',appDept='$appDept',appAdmin='$appAdmin',adminEmail='$adminEmail',universal=$universal
            WHERE appID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
        } else {
            $this->sqlStmt = "INSERT INTO " .$this->tableID. "(moduleID,appName,description,appCode,appURL,appIcon,iconColor,
            appDept,appAdmin,adminEmail,universal)
            values($moduleID,'$appName','$description','$appCode','$appURL','$appIcon','$iconColor','$appDept','$appAdmin','$adminEmail',$universal)";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $this->pdo->lastInsertId();
        }
    }

    function upperApp() {
        $this->dbStmt = $this->pdo->query("SELECT appID FROM " .$this->tableID. " WHERE moduleID=(SELECT moduleID FROM " .$this->tableID. " WHERE appID=" .$this->tupleID. ") AND appID<" .$this->tupleID. " ORDER BY appID DESC LIMIT 0,1");
		if ($this->dbStmt->rowCount()) {            
			$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
            $id = $row['appID'];		
            //shift one step up by swapping appID with previous one
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET appID=0 WHERE appID=$id; UPDATE " .$this->tableID. " SET appID=$id WHERE appID=" .$this->tupleID."; UPDATE " .$this->tableID. " SET appID=" .$this->tupleID. " WHERE appID=0";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $id;
        }
    }

    function lowerApp() {
        $this->dbStmt = $this->pdo->query("SELECT appID FROM " .$this->tableID. " WHERE moduleID=(SELECT moduleID FROM " .$this->tableID. " WHERE appID=" .$this->tupleID. ") AND appID>" .$this->tupleID. " ORDER BY appID limit 0,1");
		if ($this->dbStmt->rowCount()) {
			$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
            $id = $row['appID'];		
            //shift one step down by swapping appID with next one
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET appID=0 WHERE appID=$id; UPDATE " .$this->tableID. " SET appID=$id WHERE appID=" .$this->tupleID. "; UPDATE " .$this->tableID. " SET appID=" .$this->tupleID. " WHERE appID=0";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $id;
        }
    }

    function enableApp() {
		$status = 'Enabled';
		// set status of apps to enabled 
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='$status' WHERE universal='0' AND appID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
        // cascade status upto menus
        $this->sqlStmt = "UPDATE erp_core.erp_menus SET status='$status' WHERE appID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
    }

    function disableApp() {
		$status = 'Disabled';
		// set status of apps to disabled 
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='$status' WHERE universal='0' AND appID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
        // cascade status upto menus
        $this->sqlStmt = "UPDATE erp_core.erp_menus SET status='$status' WHERE appID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
    }

    function deleteApp() {
        $this->sqlStmt = "DELETE FROM " .$this->tableID. " WHERE appID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
    }

    function getApp($appID=0) {
        if ($appID) {
        	$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_apps WHERE appID=$appID");
        	return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
		}
	}
	
    function listApps($moduleID=0) {
        if ($moduleID) {
			$this->dbStmt = $this->pdo->query("SELECT a.*,m.moduleName FROM erp_core.erp_apps AS a, erp_core.erp_modules AS m WHERE a.moduleID=$moduleID AND a.moduleID=m.moduleID AND m.status='Enabled' ORDER BY a.moduleID, a.appID");
			return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
		}
	}
	
    function selectApp($moduleID=0) {
		// list enabled records only
		$this->dbStmt = $this->pdo->query("SELECT a.*,m.moduleName FROM erp_core.erp_apps AS a, erp_core.erp_modules AS m WHERE a.moduleID=m.moduleID" .($moduleID ? " AND a.moduleID=$moduleID" : ''). " AND a.status='Enabled' ORDER BY a.moduleID, a.appID");
		return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
	}
	
    function getAppNameByAppID($appID) {
        $this->dbStmt = $this->pdo->query("SELECT appName FROM erp_core.erp_apps WHERE appID=$appID");
        $row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
		return $row['appName'];
    }


	//***********************************************************************
	//*							erp menu functions							*
	//***********************************************************************

    function saveMenu($appID,$interface,$parentID,$menuName,$description,$menuURL,$menuIcon,$menuHelp,$protection) {
        //$menuURL = filter_var($menuURL, FILTER_SANITIZE_URL);
		$menuHelp = filter_var($menuHelp, FILTER_SANITIZE_STRING);
		if ($this->pdo->query("SELECT * FROM " .$this->tableID. " WHERE menuID=" .$this->tupleID)->rowCount()) {
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET appID=$appID,interface='$interface',parentID=$parentID,menuName='$menuName',
            description='$description',menuURL='$menuURL',menuIcon='$menuIcon',menuHelp='$menuHelp',protection=$protection
            WHERE menuID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
        } else {
            $this->sqlStmt = "INSERT INTO " .$this->tableID. "(appID,interface,parentID,menuName,description,menuURL,menuIcon,menuHelp,protection)
            values($appID,'$interface',$parentID,'$menuName','$description','$menuURL','$menuIcon','$menuHelp',$protection)";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $this->pdo->lastInsertId();
        }
    }

    function upperMenu() {
/*
		shift one step up by swapping menuID with previous one
		$this->sqlStmt = "SELECT @id := menuID FROM " .$this->tableID. " WHERE menuID<" .$this->tupleID. " AND appID=(SELECT appID FROM " .$this->tableID. " WHERE menuID=" .$this->tupleID. ") AND interface=(SELECT interface FROM " .$this->tableID. " WHERE menuID=" .$this->tupleID. ") ORDER BY menuID DESC LIMIT 0,1; UPDATE " .$this->tableID. " SET menuID=0 WHERE menuID=@id; UPDATE " .$this->tableID. " SET menuID=@id WHERE menuID=" .$this->tupleID. "; UPDATE " .$this->tableID. " SET menuID=" .$this->tupleID. " WHERE menuID=0";
		$this->pdo->exec($this->sqlStmt);
*/
        $this->dbStmt = $this->pdo->query("SELECT menuID FROM " .$this->tableID. " WHERE appID=(SELECT appID FROM " .$this->tableID. " WHERE menuID=" .$this->tupleID. ") AND interface=(SELECT interface FROM " .$this->tableID. " WHERE menuID=" .$this->tupleID. ") AND parentID=(SELECT parentID FROM " .$this->tableID. " WHERE menuID=" .$this->tupleID. ") AND menuID<" .$this->tupleID. " ORDER BY menuID DESC LIMIT 0,1");
        if ($this->dbStmt->rowCount()) {
			$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
            $id = $row['menuID'];
            //shift one step up by swapping menuID with previous one
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET menuID=0 WHERE menuID=$id; UPDATE " .$this->tableID. " SET menuID=$id WHERE menuID=" .$this->tupleID. "; UPDATE " .$this->tableID. " SET menuID=" .$this->tupleID. " WHERE menuID=0";
            $this->pdo->exec($this->sqlStmt);
			// reset parent ID
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET parentID=" .$this->tupleID. " WHERE parentID=$id";
            $this->pdo->exec($this->sqlStmt);
			// reset group ACL
            $this->sqlStmt = "UPDATE erp_core.erp_gacls SET menuID=0 WHERE menuID=$id; UPDATE erp_core.erp_gacls SET menuID=$id WHERE menuID=" .$this->tupleID. "; UPDATE erp_core.erp_gacls SET menuID=" .$this->tupleID. " WHERE menuID=0";
            $this->pdo->exec($this->sqlStmt);
			// reset user ACL
            $this->sqlStmt = "UPDATE erp_core.erp_uacls SET menuID=0 WHERE menuID=$id; UPDATE erp_core.erp_uacls SET menuID=$id WHERE menuID=" .$this->tupleID. "; UPDATE erp_core.erp_uacls SET menuID=" .$this->tupleID. " WHERE menuID=0";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $id;
        }
    }

    function lowerMenu() {
/*
		$this->sqlStmt = "SELECT @id := menuID FROM " .$this->tableID. " WHERE menuID>" .$this->tupleID. " AND appID=(SELECT appID FROM " .$this->tableID. " WHERE menuID=" .$this->tupleID. ") AND interface=(SELECT interface FROM " .$this->tableID. " WHERE menuID=" .$this->tupleID. ") ORDER BY menuID LIMIT 0,1; UPDATE " .$this->tableID. " SET menuID=0 WHERE menuID=@id; UPDATE " .$this->tableID. " SET menuID=@id WHERE menuID=" .$this->tupleID. "; UPDATE " .$this->tableID. " SET menuID=" .$this->tupleID. " WHERE menuID=0";
		$this->pdo->exec($this->sqlStmt);
*/
        $this->dbStmt = $this->pdo->query("SELECT menuID FROM " .$this->tableID. " WHERE appID=(SELECT appID FROM " .$this->tableID. " WHERE menuID=" .$this->tupleID. ") AND interface=(SELECT interface FROM " .$this->tableID. " WHERE menuID=" .$this->tupleID. ") AND parentID=(SELECT parentID FROM " .$this->tableID. " WHERE menuID=" .$this->tupleID. ") AND menuID>" .$this->tupleID. " ORDER BY menuID limit 0,1");
        if ($this->dbStmt->rowCount()) {            
			$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
            $id = $row['menuID'];
            //shift one step down by swapping menuID with next one
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET menuID=0 WHERE menuID=$id; UPDATE " .$this->tableID. " SET menuID=$id WHERE menuID=" .$this->tupleID. "; UPDATE " .$this->tableID. " SET menuID=" .$this->tupleID. " WHERE menuID=0";
            $this->pdo->exec($this->sqlStmt);
			// reset parent ID
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET parentID=" .$this->tupleID. " WHERE parentID=$id";
            $this->pdo->exec($this->sqlStmt);
			// reset group ACL
            $this->sqlStmt = "UPDATE erp_core.erp_gacls SET menuID=0 WHERE menuID=$id; UPDATE erp_core.erp_gacls SET menuID=$id WHERE menuID=" .$this->tupleID. "; UPDATE erp_core.erp_gacls SET menuID=" .$this->tupleID. " WHERE menuID=0";
            $this->pdo->exec($this->sqlStmt);
			// reset user ACL
            $this->sqlStmt = "UPDATE erp_core.erp_uacls SET menuID=0 WHERE menuID=$id; UPDATE erp_core.erp_uacls SET menuID=$id WHERE menuID=" .$this->tupleID. "; UPDATE erp_core.erp_uacls SET menuID=" .$this->tupleID. " WHERE menuID=0";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $id;
        }
    }

    function enableMenu() {
        $status = 'Enabled';
        // set status of menu to enabled
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='$status' WHERE menuID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
    }

    function disableMenu() {
        $status = 'Disabled';
        // set status of menu to disabled
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='$status' WHERE menuID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
    }

    function deleteMenu() {
        $this->sqlStmt = "DELETE FROM " .$this->tableID. " WHERE menuID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
		// delete gacl, if any
		$this->sqlStmt = "DELETE FROM erp_core.erp_gacls WHERE menuID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
		// delete uacl, if any
		$this->sqlStmt = "DELETE FROM erp_core.erp_uacls WHERE menuID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
    }

    function getMenu($menuID=0) {
		if ($menuID) {
			$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_menus WHERE menuID=$menuID");
            return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
        }
    }

    function listMenus($appID=0) {
		if ($appID) {
			$this->dbStmt = $this->pdo->query("SELECT m.*, a.appName FROM erp_core.erp_menus AS m, erp_core.erp_apps AS a WHERE m.appID=a.appID AND m.appID=$appID AND a.status='Enabled' ORDER BY m.appID,m.interface,m.menuID");
			return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
		}
	}
	
    function selectMenu($appID=0) {
        $this->dbStmt = $this->pdo->query("SELECT m.*, a.appCode, a.appName FROM erp_core.erp_menus AS m, erp_core.erp_apps AS a WHERE m.appID=a.appID" .($appID ? " AND m.appID=$appID" : ''). " AND m.status='Enabled' ORDER BY m.appID, m.interface, m.menuURL");
        return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
    }

    function listProtectedMenus() {
        $this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_menus WHERE protection=1 ORDER BY appID,interface,menuName");
        return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
    }


	//***********************************************************************
	//*							erp group functions							*
	//***********************************************************************

    function saveGroup($groupName,$description,$dashboard) {
		if ($this->pdo->query("SELECT * FROM " .$this->tableID. " WHERE groupID=" .$this->tupleID)->rowCount()) {			
			// get member count
			$this->dbStmt = $this->pdo->query("SELECT count(userID) AS no FROM erp_core.erp_users WHERE groupID=" .$this->tupleID);
			$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
			$memberCount= $row['no'];

			$this->sqlStmt = "UPDATE " .$this->tableID. " SET groupName='$groupName',description='$description',dashboard='$dashboard',memberCount=$memberCount
            WHERE groupID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
        } else {
            $this->sqlStmt = "INSERT INTO " .$this->tableID. "(groupName,description,dashboard) 
            values('$groupName','$description','$dashboard')";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $this->pdo->lastInsertId();
        } 
    }

    function enableGroup() {
		$status = 'Enabled';
		// set status of group to enabled
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='$status' WHERE groupID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
		// cascade status upto gacls
        $this->sqlStmt = "UPDATE erp_core.erp_gacls SET status='$status' WHERE groupID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
		// cascade status upto users
        $this->sqlStmt = "UPDATE erp_core.erp_users SET status='$status' WHERE groupID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
		// cascade status upto uacls		
        $this->sqlStmt = "UPDATE erp_core.erp_uacls SET status='$status' WHERE userID IN (SELECT userID FROM erp_core.erp_users WHERE groupID=" .$this->tupleID. ")";
        $this->pdo->exec($this->sqlStmt);
    }

    function disableGroup() {
		$status = 'Disabled';
		// set status of group to enabled
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='$status' WHERE groupID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
		// cascade status upto gacls
        $this->sqlStmt = "UPDATE erp_core.erp_gacls SET status='$status' WHERE groupID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
		// cascade status upto users
        $this->sqlStmt = "UPDATE erp_core.erp_users SET status='$status' WHERE groupID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
		// cascade status upto uacls		
        $this->sqlStmt = "UPDATE erp_core.erp_uacls SET status='$status' WHERE userID IN (SELECT userID FROM erp_core.erp_users WHERE groupID=" .$this->tupleID. ")";
        $this->pdo->exec($this->sqlStmt);
    }

    function deleteGroup() {
        // delete users, if any
		$this->sqlStmt = "DELETE FROM erp_core.erp_users WHERE groupID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
		// delete group
		$this->sqlStmt = "DELETE FROM " .$this->tableID. " WHERE groupID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
    }

    function getuGroup($groupID=0) {
        if ($groupID) {
        	$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_groups WHERE groupID=$groupID");
			return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
    	}
	}
	
    function listGroups() {
        $this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_groups ORDER BY groupName");
        return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
    }

    function selectGroup() {
        $this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_groups WHERE status='Enabled' ORDER BY groupName");
        return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
    }

    function printGroups() {
        $this->dbStmt = $this->pdo->query("SELECT groupName,description,dashboard,status FROM erp_core.erp_groups ORDER BY groupName");
        return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
    }

    function getGroupIDByUserID($userID=0) {
        if ($userID) {
			$this->dbStmt = $this->pdo->query("SELECT groupID FROM erp_core.erp_users WHERE userID=$userID");
			$row = $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
			return $row['groupID'];
		}
    }

	function getGroupIDByGroupName($groupName) {
		$this->dbStmt = $this->pdo->query("SELECT groupID FROM erp_core.erp_groups WHERE groupName='$groupName'");
		$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
		return $row['groupID'];
    }

    function getGroupNameByGroupID($groupID) {
		$this->dbStmt = $this->pdo->query("SELECT groupName FROM erp_core.erp_groups WHERE groupID=$groupID");
		$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
		return $row['groupName'];
    }

    //*******************************group ACL functions
    function saveGacl($groupID,$menuID,$aclRead,$aclInsert,$aclUpdate,$aclDelete) {
        if ($this->pdo->query("SELECT * FROM " .$this->tableID. " WHERE aclID=" .$this->tupleID)->rowCount()) {
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET groupID=$groupID,menuID=$menuID,aclRead=$aclRead,aclInsert=$aclInsert,aclUpdate=$aclUpdate,aclDelete=$aclDelete
            WHERE aclID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
      } else {
            $this->sqlStmt = "INSERT INTO " .$this->tableID. "(groupID,menuID,aclRead,aclInsert,aclUpdate,aclDelete)
            VALUES($groupID,$menuID,$aclRead,$aclInsert,$aclUpdate,$aclDelete)";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $this->pdo->lastInsertId();

		}	
	}

    function deleteGacl() {
		// delete uacls, if any
		$this->sqlStmt = "DELETE FROM erp_core.erp_uacls WHERE menuID IN (SELECT menuID FROM " .$this->tableID. " WHERE aclID=" .$this->tupleID. ") AND userID IN (SELECT userID FROM erp_core.erp_users WHERE groupID=(SELECT groupID FROM " .$this->tableID. " WHERE aclID=" .$this->tupleID. "))";
		$this->pdo->exec($this->sqlStmt);
		// delete gacl
		$this->sqlStmt = "DELETE FROM " .$this->tableID. " WHERE aclID=" .$this->tupleID;
		$this->pdo->exec($this->sqlStmt);
    }

    function getGacl($aclID=0) {
        $this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_gacls WHERE aclID=$aclID");
		return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
    }
    
	function listGacls($groupID, $appID) {
		if ($groupID && $appID) {
			$this->dbStmt = $this->pdo->query("SELECT m.menuID,menuName,menuIcon,interface,aclID,aclRead,aclInsert,aclUpdate,aclDelete 
			FROM erp_core.erp_menus AS m LEFT JOIN erp_core.erp_gacls AS g ON m.menuID=g.menuID AND groupID=$groupID
			WHERE appID=$appID AND protection=1
			ORDER BY interface, menuName");
			return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
		}
	}

	//***********************************************************************
	//*							erp user functions							*
	//***********************************************************************

    function saveUser($loginID,$userName,$groupID,$authMode,$secretCode) {
        if ($this->pdo->query("SELECT * FROM " .$this->tableID. " WHERE userID=" .$this->tupleID)->rowCount()) {
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET loginID='$loginID',userName='$userName',groupID=$groupID,authMode='$authMode'
            WHERE userID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
			// don't set password here on every update
	    } else {
            $this->sqlStmt = "INSERT INTO " .$this->tableID. "(loginID,userName,groupID,authMode,secretCode)
            values('$loginID','$userName',$groupID,'$authMode',password('$secretCode'))";
            $this->pdo->exec($this->sqlStmt);
            $userID = $this->pdo->lastInsertId();
			
			// increment member count in group
			$this->sqlStmt = "UPDATE erp_core.erp_groups SET memberCount=memberCount+1 WHERE groupID=$groupID";
            $this->pdo->exec($this->sqlStmt);
        }
    }

    function enableUser() {
    	$status = 'Enabled';
    	// set status of user to enabled
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='$status' WHERE userID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
        // cascade status upto uacl
        $this->sqlStmt = "UPDATE erp_core.erp_uacls SET status='$status' WHERE userID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
    }

    function disableUser() {
    	$status = 'Disabled';
    	// set status of user to disabled
        $this->sqlStmt = "UPDATE " .$this->tableID. " SET status='$status' WHERE userID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
        // cascade status upto uacl
        $this->sqlStmt = "UPDATE erp_core.erp_uacls SET status='$status' WHERE userID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
    }

    function deleteUser() {
       	// delete user account
		$this->sqlStmt = "DELETE FROM " .$this->tableID. " WHERE userID=" .$this->tupleID;
       	$this->pdo->exec($this->sqlStmt);

		// delete user ACL
		$this->sqlStmt = "DELETE FROM erp_core.erp_uacls WHERE userID=" .$this->tupleID;
		$this->pdo->exec($this->sqlStmt);

		// decrement member count in group
		$this->sqlStmt = "UPDATE erp_core.erp_groups SET memberCount=memberCount-1 WHERE groupID=(SELECT groupID FROM " .$this->tableID. " WHERE userID=" .$this->tupleID. ")";
		$this->pdo->exec($this->sqlStmt);
    }

    function getUser($userID) {
		$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_users WHERE userID=$userID");
		return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
	}
	
    function listUsers($groupID) {
        if ($groupID) {
			$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_users WHERE groupID=$groupID ORDER BY loginID");
			return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
		}
	}
	
    function selectUser($groupID) {
        if ($groupID) {
			$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_users WHERE groupID=$groupID AND status='Enabled' ORDER BY loginID");
			return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
		}
	}

    function printUsers($groupID) {
        if ($groupID) {
			$this->dbStmt = $this->pdo->query("SELECT loginID,userName,authMode,status FROM erp_core.erp_users WHERE groupID=$groupID ORDER BY loginID");
			return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
		}
	}

    function getUserIDByLoginID($loginID) {
		$this->dbStmt = $this->pdo->query("SELECT userID FROM erp_core.erp_users WHERE loginID='$loginID'");
		$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
		return $row['userID'];
    }

	//***********************************************************************
	//*							erp user ACL functions						*
	//***********************************************************************

    function saveUacl($userID,$menuID,$aclRead,$aclInsert,$aclUpdate,$aclDelete) {
        if ($this->pdo->query("SELECT * FROM " .$this->tableID. " WHERE aclID=" .$this->tupleID)->rowCount()) {
            $this->sqlStmt = "UPDATE " .$this->tableID. " SET userID=$userID,menuID=$menuID,aclRead=$aclRead,aclInsert=$aclInsert,aclUpdate=$aclUpdate,aclDelete=$aclDelete
            WHERE aclID=" .$this->tupleID;
            $this->pdo->exec($this->sqlStmt);
        } else {
            $this->sqlStmt = "INSERT INTO " .$this->tableID. "(userID,menuID,aclRead,aclInsert,aclUpdate,aclDelete)
            values($userID,$menuID,$aclRead,$aclInsert,$aclUpdate,$aclDelete)";
            $this->pdo->exec($this->sqlStmt);
            $this->tupleID = $this->pdo->lastInsertId();
        }
    }
	
    function deleteUacl() {
		$this->sqlStmt = "DELETE FROM " .$this->tableID. " WHERE aclID=" .$this->tupleID;
        $this->pdo->exec($this->sqlStmt);
	}

    function getUacl($userID, $menuID) {
        $this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_uacls WHERE userID=$userID AND menuID=$menuID");
        return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
    }
    
	function listUacls($userID, $appID) {
		if ($userID && $appID) {
			$this->dbStmt = $this->pdo->query("SELECT m.menuID,menuName,menuIcon,interface,aclID,aclRead,aclInsert,aclUpdate,aclDelete 
			FROM erp_core.erp_menus AS m LEFT JOIN erp_core.erp_uacls AS u ON m.menuID=u.menuID AND userID=$userID 
			WHERE appID=$appID AND protection=1
			ORDER BY interface, menuName");
			return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
		}
	}
	function selectUacl() {
        $this->dbStmt = $this->pdo->query("SELECT a.*,u.loginID,m.menuName FROM erp_core.erp_uacls AS a, erp_core.erp_users AS u, erp_core.erp_menus AS m WHERE a.userID=u.userID AND a.menuID=m.menuID AND m.status='Enabled' ORDER BY u.userID, a.aclID");
        return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
    }

	function listUserACLs($userID, $appID) {
        $this->dbStmt = $this->pdo->query("SELECT a.*,m.menuName FROM erp_core.erp_uacls AS a, erp_core.erp_menus AS m WHERE a.menuID=m.menuID AND m.appID IN (SELECT appID from erp_core.erp_apps WHERE status='Enabled') ORDER BY m.appID, m.menuID");
        return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
    }
 }

?>