yey
This commit is contained in:
159
public/export.php
Normal file
159
public/export.php
Normal file
@@ -0,0 +1,159 @@
|
||||
<?php
|
||||
session_start();
|
||||
require_once '../config.php';
|
||||
|
||||
// Only allow logged-in users to export
|
||||
if (!isset($_SESSION['user_email'])) {
|
||||
header('HTTP/1.1 403 Forbidden');
|
||||
echo 'Access denied';
|
||||
exit();
|
||||
}
|
||||
|
||||
$company = $_SESSION['company'] ?? '';
|
||||
if ($company === '') {
|
||||
die('No company assigned in session.');
|
||||
}
|
||||
$userTableName = 'assets';
|
||||
|
||||
// Check admin status from session
|
||||
$role = $_SESSION['role'] ?? 'user';
|
||||
$isAdmin = ($role === 'admin');
|
||||
|
||||
// Base columns matching your main.php + asset.php (all visible for export)
|
||||
$base_columns = [
|
||||
'Id',
|
||||
'UUID',
|
||||
'SN',
|
||||
'OS',
|
||||
'OSVersion',
|
||||
'Hostname',
|
||||
'Mobile',
|
||||
'Manufacturer',
|
||||
'Term',
|
||||
'LastSeen',
|
||||
'UserEmail',
|
||||
'BYOD',
|
||||
'Status',
|
||||
'Warranty',
|
||||
'Asset',
|
||||
'PurchaseDate'
|
||||
];
|
||||
|
||||
// Admin-only columns
|
||||
$admin_columns = ['CypherID', 'CypherKey'];
|
||||
|
||||
// Read-only additional columns included for everyone (some admin-only?), from asset.php insertion logic
|
||||
$additional_read_only = [
|
||||
'CPUs',
|
||||
'HDs',
|
||||
'HDsTypes',
|
||||
'HDsSpacesGB',
|
||||
'NetworkAdapters',
|
||||
'MACAddresses',
|
||||
'ESETComponents',
|
||||
'PrimaryLocalIP',
|
||||
'PrimaryRemoteIP'
|
||||
];
|
||||
|
||||
// Build columns for export respecting admin rights
|
||||
$columns_to_export = $base_columns;
|
||||
if ($isAdmin) {
|
||||
// Insert admin columns after 'Asset' (somewhere in middle, here after base)
|
||||
$columns_to_export = array_merge($columns_to_export, $admin_columns);
|
||||
}
|
||||
$columns_to_export = array_merge($columns_to_export, $additional_read_only);
|
||||
|
||||
$fields_param = implode(',', $columns_to_export);
|
||||
|
||||
// Get filter and sort parameters from GET to match the table view
|
||||
$search_field = $_GET['search_field'] ?? '';
|
||||
$search_text = $_GET['search_text'] ?? '';
|
||||
$sort_by = $_GET['sort_by'] ?? '';
|
||||
$sort_dir = strtolower($_GET['sort_dir'] ?? 'asc');
|
||||
$sort_dir = in_array($sort_dir, ['asc', 'desc'], true) ? $sort_dir : 'asc';
|
||||
|
||||
$filterParamStr = '';
|
||||
if ($search_field !== '' && $search_text !== '') {
|
||||
$filterParamStr = '&where=(' . rawurlencode($search_field) . ',like,' . rawurlencode('%' . $search_text . '%') . ')';
|
||||
}
|
||||
|
||||
$sortParamStr = '';
|
||||
if ($sort_by !== '' && in_array($sort_by, $columns_to_export, true)) {
|
||||
$prefix = ($sort_dir === 'desc') ? '-' : '+';
|
||||
$sortParamStr = '&sort=' . rawurlencode($prefix . $sort_by);
|
||||
}
|
||||
|
||||
// Helper: DB Connection
|
||||
try {
|
||||
$pdo = new PDO(
|
||||
"mysql:host=" . DB_HOST . ";dbname=" . DB_NAME . ";charset=utf8mb4",
|
||||
DB_USER,
|
||||
DB_PASS,
|
||||
[PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]
|
||||
);
|
||||
} catch (PDOException $e) {
|
||||
die("DB Connection failed: " . $e->getMessage());
|
||||
}
|
||||
|
||||
// Build Query
|
||||
$whereClauses = [];
|
||||
$params = [];
|
||||
|
||||
if ($search_field !== '' && $search_text !== '') {
|
||||
$whereClauses[] = "`$search_field` LIKE :searchText";
|
||||
$params[':searchText'] = '%' . $search_text . '%';
|
||||
}
|
||||
|
||||
// Always filter by company
|
||||
$whereClauses[] = "`company` = :company";
|
||||
$params[':company'] = $company;
|
||||
|
||||
$whereSql = '';
|
||||
if (!empty($whereClauses)) {
|
||||
$whereSql = 'WHERE ' . implode(' AND ', $whereClauses);
|
||||
}
|
||||
|
||||
// Sorting
|
||||
$orderSql = '';
|
||||
if ($sort_by !== '' && in_array($sort_by, $columns_to_export, true)) {
|
||||
$orderSql = "ORDER BY `$sort_by` " . ($sort_dir === 'desc' ? 'DESC' : 'ASC');
|
||||
} else {
|
||||
$orderSql = "ORDER BY Id DESC";
|
||||
}
|
||||
|
||||
// Fetch All Rows
|
||||
$sql = "SELECT * FROM `$userTableName` $whereSql $orderSql";
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute($params);
|
||||
$allRows = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
|
||||
// Send headers to prompt download as CSV file
|
||||
header('Content-Type: text/csv; charset=UTF-8');
|
||||
header('Content-Disposition: attachment; filename="cmdb_export_' . date('Ymd_His') . '.csv"');
|
||||
header('Cache-Control: no-cache, no-store, must-revalidate');
|
||||
header('Pragma: no-cache');
|
||||
header('Expires: 0');
|
||||
|
||||
$output = fopen('php://output', 'w');
|
||||
|
||||
// Write UTF-8 BOM for Excel compatibility
|
||||
fwrite($output, "\xEF\xBB\xBF");
|
||||
|
||||
// Write CSV header row
|
||||
fputcsv($output, $columns_to_export);
|
||||
|
||||
// Write all rows
|
||||
foreach ($allRows as $row) {
|
||||
$exportRow = [];
|
||||
foreach ($columns_to_export as $colName) {
|
||||
$val = $row[$colName] ?? '';
|
||||
if (is_array($val)) {
|
||||
$val = implode('; ', $val); // Flatten arrays if any
|
||||
}
|
||||
$exportRow[] = $val;
|
||||
}
|
||||
fputcsv($output, $exportRow);
|
||||
}
|
||||
|
||||
fclose($output);
|
||||
exit();
|
||||
Reference in New Issue
Block a user