File manager - Edit - /home/autoph/public_html/connect/home/PRF_POInsertItemToOpenPOBAKMar06.php
Back
<?php include_once 'core/init.php'; $prfDate = date_create() ->format("Y-m-d"); $myUID = $user_data['u_id']; if(isset($_POST['done'])){ $itemID = mysql_escape_string($_POST['itemID']); $selectedItem = mysql_escape_string($_POST['selectedItem']); $itemRefCode = mysql_escape_string($_POST['itemRefCode']); $termsOfPayment = mysql_escape_string($_POST['termsOfPayment']); $notifyReq = mysql_escape_string($_POST['notifyReq']); $notifyVendor = mysql_escape_string($_POST['notifyVendor']); $poToVendor = mysql_escape_string($_POST['poToVendor']); $poByCompany = mysql_escape_string($_POST['poByCompany']); $myPONumberR = mysql_escape_string($_POST['myPONumber']); $myPONumber =str_replace(" ","",$myPONumberR); $chkIfMax = mysql_result(mysql_query("SELECT COUNT(1) FROM `prf_request_detl` WHERE `po_code`='$myPONumber'"),0); if($chkIfMax >= 12){ echo '<script>alert("MAX LIMIT: You have reached the maximum line items for this PO. Please create another PO for the remaining items. Thank you!")</script>'; exit(); } //exit; $deliveryDate = date("Y-m-d", strtotime($_POST['deliveryDate'])); //mysql_escape_string($_POST['deliveryDate']) ; //$DateNeeded = date("Y-m-d", strtotime($ReqDateNeeded)); $myInstructions = mysql_escape_string($_POST['myInstructions']); $dealerID = mysql_result(mysql_query("SELECT `deal_id` FROM `prf_request_hdr` WHERE `reference_code`='$itemRefCode'"),0); $canvassID = mysql_result(mysql_query("SELECT `approved_proposal_code` FROM `prf_request_detl` WHERE `id`='$itemID'"),0); if($termsOfPayment==0){ $terms = mysql_result(mysql_query("SELECT `terms` FROM `prf_suppliers` WHERE `id`='$poToVendor'"),0); }else{ $terms = $termsOfPayment; } mysql_query("UPDATE `prf_request_detl` SET `po_code`='$myPONumber',`item_description`='$selectedItem' WHERE id='$itemID'"); $chkIfHeaderExist = mysql_result(mysql_query("SELECT COUNT(id) FROM `prf_purchase_order` WHERE `po_number`='$myPONumber'"),0); if($chkIfHeaderExist > 0){ }else{ mysql_query("INSERT INTO `prf_purchase_order`(delivery_date,comp_id,dealer_id,canvass_id,vendor_id,po_number,date_created,terms,time_created,created_by,remarks) VALUES('{$deliveryDate}','{$poByCompany}','{$dealerID}','{$canvassID}','{$poToVendor}','{$myPONumber}','{$prfDate}','{$terms}','{$currentTime}','{$myUID}','{$myInstructions}')"); } ?> <table> <?php $getItemHdr = mysql_query("SELECT * FROM `prf_request_detl` WHERE `awarded`= 1 AND `deleted`=0 AND `execom_approval_ts`!= '' AND `for_execom_canvass_approval`=1 AND `comp_id`='$poByCompany' AND `award_to_vendor_id`='$poToVendor' AND `po_code`=''"); while($row=mysql_fetch_array($getItemHdr)){ $cID = $row['comp_id']; $venID = $row['award_to_vendor_id']; $vendorName = mysql_result(mysql_query("SELECT `sup_name` FROM `prf_suppliers` WHERE `id`='$venID'"),0); $reqCompName = mysql_result(mysql_query("SELECT `comp_name` FROM `vts_company` WHERE `comp_id`='$cID'"),0); $canvassID = $row['approved_proposal_code']; $fileCode = mysql_result(mysql_query("SELECT `file_code` FROM `prf_uploadedcanvass` WHERE `id`='$canvassID'"),0); ?><tr onclick="javascript:getItemInfo(this);" onDblclick="javascript:showActionForm(this);"><?php echo "<td style='width:5%;padding:3px'>".$row['id']."</td>"; echo "<td style='width:10%;padding:3px'>".$row['header_ref_code']."</td>"; echo "<td style='width:15%;padding:3px'>".$reqCompName."</td>"; echo "<td style='width:20%;padding:3px'>".$vendorName."</td>"; echo "<td style='width:30%;padding:3px'>".$row['item_description']."</td>"; echo "<td style='width:5%;padding:3px'>".$row['approved_qty']."</td>"; echo "<td style='width:10%;padding:3px'>".$row['approved_amount']."</td>"; echo "<td style='width:5%;text-align:center;padding:3px'><a href='https://www.autohub.ph/connect/home/FILES/canvass/".$fileCode."' target='_blank'>📋</a></td>"; echo "</tr>"; } ?> </table> <?php }?>
| ver. 1.4 |
.
| PHP 7.3.33 | Generation time: 0 |
proxy
|
phpinfo
|
Settings