<body>
<font size=0>
<table><td bgcolor=#ffffdd>
<form action=borrowvdo.php method=post>Borrow VDO :<br>
Empl id: <input type=text name=geid value=e4401><br>
Password: <input type=password name=gpasswd value=abc><br>
Customer id: <input type=text name=gcid value=c440001><br>
VDO: <input type=text name=gvid value=t4400002m0001><br>
<input type=submit name=action value=borrow>
</form>
</td><td bgcolor=#ddffff>
<form action=borrowvdo.php method=post>Send VDO :<br>
Empl id: <input type=text name=geid value=e4401><br>
Password: <input type=password name=gpasswd value=abc><br>
Borrow id: <input type=text name=gbid value=r4400000152><br>
VDO: <input type=text name=gvid value=t4400001m0001><br>
<input type=submit name=action value=send>
</form>
</td></table>
<?
require("connect.php");
require("checkeid.php");
switch ($action) {
case "borrow":
  echo "List all vdo :<br>";
  $sql="select * from vdo";
  $result = mysql_db_query($db,$sql);  
  while ($object = mysql_fetch_object($result)) {
    if ($object->vid==$gvid && $object->flag=="A") { 
      $found="1"; 
      echo "<b>$object->vid  $object->flag</b><br>";
    } else {
      echo $object->vid."  ".$object->flag."<br>";
    }
  }
  if ($found == "1") {
    # calculate money
    $gvid9 = substr($gvid,8,1);
    if ($gvid9 == "m") { $vtype=30; } else { $vtype=15; }
    echo "<hr>You pay $vtype for ";
    # select story
    $gvid8 = substr($gvid,0,8);
    $sql="select * from story where vid8='$gvid8'";
    $result = mysql_db_query($db,$sql);  
    $object = mysql_fetch_object($result);
	echo $object->vname."<br>";
    # update vdo
    $sql="update vdo set flag='B' where vid='$gvid'";
    $result = mysql_db_query($db,$sql);    
    # insert borrow	
    $sql="select * from borrow order by bid desc";
    $result = mysql_db_query($db,$sql);  
    $object = mysql_fetch_object($result);
    $lbid = substr($object->bid,0,1).(substr($object->bid,1,10)+1);  
    $dd=date("j"); $mm=date("n"); $yy=date("Y");
    $dmy="$yy-$mm-$dd";
    $newvalue = "'$lbid','#$dmy#','$gcid','$geid'";
    echo "Borrow : OK - $newvalue <br>";
    $sql="insert into borrow (bid,bdate,cid,eid)";
    $sql=$sql."values($newvalue)";
    $result = mysql_db_query($db,$sql);  
    # insert borrowd	
	$tm = time()+(60*60*24*7);
    $dd=date("j",$tm); $mm=date("n",$tm); $yy=date("Y",$tm);
    $dmy="$yy-$mm-$dd";  
    $newvalue = "'$lbid','$gvid','B','#$dmy#'";
    echo "Borrowd : OK - $newvalue <br>";
    $sql="insert into borrowd (bid,vid,bflag,sdate)";
    $sql=$sql."values($newvalue)";
    $result = mysql_db_query($db,$sql);    
  } else {
    echo "Can not Borrow this VDO";
  }
  break;
case "send":
  $sql="select * from vdo";
  $result = mysql_db_query($db,$sql);  
  while ($object = mysql_fetch_object($result)) {
    if ($object->vid==$gvid && $object->flag=="B") { $found="1"; }
  }
  if ($found == "1") {
    # select borrowd	
    $sql="select * from borrowd ";
    $sql=$sql."where bid='$gbid' and vid='$gvid' and bflag ='B'";	
    $result = mysql_db_query($db,$sql);  
    if (!$result) { echo "Invalid in borrowd"; exit; }
    # update borrowd	
    $dd=date("j"); $mm=date("n"); $yy=date("Y");
    $dmy="#$yy-$mm-$dd#";    
    echo "Send : OK - $dmy <br>";
    $sql="update borrowd set sdate='$dmy',bflag='S' ";
    $sql=$sql."where bid='$gbid' and vid='$gvid'";
    $result = mysql_db_query($db,$sql);  
	echo "$sql<br>";
    if (!$result) { 
      echo "Can not Send this VDO (Not found in borrowd)"; 
    } else {
      # update vdo
      $sql="update vdo set flag='A' where vid='$gvid'";
      $result = mysql_db_query($db,$sql);    
    }    
  } else {
    echo "Can not Send this VDO (Not found in VDO)";
  } 
  break;
}
mysql_close($connect);
?>
</body>