File manager

File manager - Edit - /home/autoph/public_html/connect/uimages/PRF_validatePO.php

Back
<?php include_once 'core/init.php'; $prfDate = date_create() ->format("Y-m-d"); if(isset($_POST['done'])){ $SignedDate = mysql_escape_string($_POST['SignedDate']); $SignedTime = mysql_escape_string($_POST['SignedTime']); $myUID = mysql_escape_string($_POST['myUID']); $MyTOPCodeA = mysql_escape_string($_POST['MyTOPCode']); $MyTOPCode = TRIM($MyTOPCodeA); $tokenKey = mysql_escape_string($_POST['tokenKey']); $myPONumberG = mysql_escape_string($_POST['myPONumber']); $myKeyID = mysql_escape_string($_POST['myKeyID']); $myPONumber = TRIM($myPONumberG); $valLink ="prfpoapproval.php"; $MyTOPCodeA = md5($MyTOPCode); //$getOTPCode = mysql_result(mysql_query("SELECT `otp_validation` FROM `prf_purchase_order` WHERE `po_number`=$myPONumber AND `token`='$tokenKey'"),0); $getUSRPass = mysql_result(mysql_query("SELECT `u_password` FROM `vts_users` WHERE `u_id`='$myUID'"),0); if($MyTOPCodeA === $getUSRPass){ $MyAPIcode = mysql_result(mysql_query("SELECT `SMSAPICode` FROM `asa_versioning_db` WHERE `type`='Live'"),0); $MyPasswd = mysql_result(mysql_query("SELECT `SMSAPIPass` FROM `asa_versioning_db` WHERE `type`='Live'"),0); mysql_query("UPDATE `prf_purchase_order` SET `checked_by`='$myUID',`date_checked`='$SignedDate', `time_checked`='$SignedTime', `po_status`='2' WHERE `po_number`='$myPONumber' AND `token`='$tokenKey'"); //################################################################################################################### mysql_query("UPDATE `prf_validate_links` SET `completed` = '1' WHERE `po_code`='$myPONumber' "); //mysql_query("UPDATE `prf_validate_links` SET `completed` = '1' WHERE code='$myKeyID'"); //################################################################################################################### $getPODetl = mysql_query("SELECT * FROM `prf_request_detl` WHERE `po_code`='$myPONumber' AND `deleted`=0"); while($row=mysql_fetch_array($getPODetl)){ $Message ="Your request for ".$row['item_description']." has been validated and routed for final PO Approval."; $refCodeID = $row['header_ref_code']; $uniqueRefID = $myUID; $requestorID = mysql_result(mysql_query("SELECT `request_by` FROM `prf_request_hdr` WHERE `reference_code`='$refCodeID'"),0); mysql_query("INSERT INTO prf_ff_message(ref_code,sender_id,message,send_to,sms,email,date,time) VALUES('{$refCodeID}','{$uniqueRefID}','{$Message}','{$requestorID}','sms','email','{$signedDate}','{$signedTime}')"); mysql_query("UPDATE `prf_request_hdr` SET `current_status`='8' WHERE `reference_code`='$refCodeID'"); } //################################################################################################################### //################################################################################################################### $getPOApprovingOfficers=mysql_query("SELECT vts_users.`u_id`,vts_users.`u_fname`,vts_users.`u_lname`,vts_users.`usr_mobile`,vts_users.`usr_mobile`,vts_users.`email`, prf_poapprover.`comp_id`,prf_poapprover.`po_officer_id`,prf_poapprover.`trans_type`,prf_poapprover.`authority` FROM prf_poapprover JOIN vts_users ON vts_users.`u_id` = prf_poapprover.`po_officer_id` WHERE prf_poapprover.`deleted`=0 AND prf_poapprover.`trans_type`='Approver'"); while($xRow = mysql_fetch_array($getPOApprovingOfficers)){ $exID = $xRow['u_id']; $randomCodeXXX = rand(10001,999999999); $randomCode = $randomCodeXXX ."".$exID; $SMSMessage = "PO#".$myPONumber . " has been routed to you for FINAL APPROVAL. Click here... https://autohub.ph/apr.php?c=".$randomCode; $slsmLink = "https://autohub.ph/apr.php?c=".$randomCode; $empMobile = $xRow['usr_mobile']; $empEmail = $xRow['email']; $empFName = $xRow['u_fname']; $result = itexmoAA($empMobile, $SMSMessage,$MyAPIcode,$MyPasswd); if ($result == ""){ //echo '<script>alert("No response from SMS server. SMS failed to send")</script>'; }else if ($result == 0){ //echo "SMS Sent!"; } else{ //echo "Error Num ". $result . " was encountered!"; } echo "<div id='OTPStatus' style='width:100%;height:20px;float:left;padding:5px;font-family:Yu Gothic Light;font-size:16px;background:yellow;padding:20px;font-weight:bold;color:red'> PO Number ".$myPONumber." has been checked and validated. </div>"; //####################################################################### //####################################################################### mysql_query("INSERT INTO `prf_validate_links`(`code`,`link`,`po_code`,`uid`,`sms_link`) VALUES('{$randomCode}','{$valLink}','{$myPONumber}','{$exID}','{$slsmLink}')"); //####################################################################### //####################################################################### //######################################PAGINATION####################################################### //######################################PAGINATION####################################################### $from = "support@autohub.ph"; $to = $empEmail; $subject = "NEW PO FOR APPROVAL"; $msgBox = "Hi ".$empFName."! PO#".$myPONumber . " has been routed to you for FINAL APPROVAL. Click the link below to process the request: https://autohub.ph/apr.php?c=".$randomCode; $headers = "From:" . $from; mail($to,$subject,$msgBox, $headers); //######################################PAGINATION####################################################### //######################################PAGINATION####################################################### } echo '<script>alert("Transaction complete.")</script>'; /* Swal.fire({ position: 'top-start', icon: 'success', title: 'Transaction complete.', showConfirmButton: false, timer: 2000 }) / }else{ //echo "<div id='OTPStatus' style='width:100%;height:20px;float:left;padding:5px;font-family:Yu Gothic Light;font-size:16px;background:yellow;padding:20px;font-weight:bold;color:red'> // ERROR: Invalid OTP Code. Please contact your system admin for assistance. //</div>"; echo '<script>alert("ERROR: Invalid AUTOHIRIZATIONI Code. Please type your valid authorization code.")</script>'; / Swal.fire({ position: 'top-start', icon: 'error', title: 'Invalid OTP Code. Please input the latest OTP sent to your registered mobile device', showConfirmButton: false, timer: 2000 }) */ } } ?>

| ver. 1.4 | . | PHP 7.3.33 | Generation time: 0 | proxy | phpinfo | Settings