File manager - Edit - /home/autoph/public_html/connect/home/PRF_POInsertItemToOpenPO.php
Back
<?php include_once 'core/init.php'; $prfDate = date_create() ->format("Y-m-d"); $myUID = $user_data['u_id']; if(isset($_POST['done'])){ $itemID = mysql_escape_string($_POST['itemID']); $selectedItem = mysql_escape_string($_POST['selectedItem']); $itemRefCode = mysql_escape_string($_POST['itemRefCode']); $termsOfPayment = mysql_escape_string($_POST['termsOfPayment']); $notifyReq = mysql_escape_string($_POST['notifyReq']); $notifyVendor = mysql_escape_string($_POST['notifyVendor']); $poToVendor = mysql_escape_string($_POST['poToVendor']); $poByCompany = mysql_escape_string($_POST['poByCompany']); $myPONumberR = mysql_escape_string($_POST['myPONumber']); $myPONumber =str_replace(" ","",$myPONumberR); $chkIfMax = mysql_result(mysql_query("SELECT COUNT(1) FROM `prf_request_detl` WHERE `po_code`='$myPONumber'"),0); if($chkIfMax >= 12){ echo '<script>alert("MAX LIMIT: You have reached the maximum line items for this PO. Please create another PO for the remaining items. Thank you!")</script>'; exit(); } //exit; $deliveryDate = date("Y-m-d", strtotime($_POST['deliveryDate'])); //mysql_escape_string($_POST['deliveryDate']) ; //$DateNeeded = date("Y-m-d", strtotime($ReqDateNeeded)); $myInstructions = mysql_escape_string($_POST['myInstructions']); $dealerID = mysql_result(mysql_query("SELECT `deal_id` FROM `prf_request_hdr` WHERE `reference_code`='$itemRefCode'"),0); $canvassID = mysql_result(mysql_query("SELECT `approved_proposal_code` FROM `prf_request_detl` WHERE `id`='$itemID'"),0); if($termsOfPayment==0){ $terms = mysql_result(mysql_query("SELECT `terms` FROM `prf_suppliers` WHERE `id`='$poToVendor'"),0); }else{ $terms = $termsOfPayment; } mysql_query("UPDATE `prf_request_detl` SET `po_code`='$myPONumber',`item_description`='$selectedItem' WHERE id='$itemID'"); $chkIfHeaderExist = mysql_result(mysql_query("SELECT COUNT(id) FROM `prf_purchase_order` WHERE `po_number`='$myPONumber'"),0); if($chkIfHeaderExist > 0){ }else{ mysql_query("INSERT INTO `prf_purchase_order`(delivery_date,comp_id,dealer_id,canvass_id,vendor_id,po_number,date_created,terms,time_created,created_by,remarks) VALUES('{$deliveryDate}','{$poByCompany}','{$dealerID}','{$canvassID}','{$poToVendor}','{$myPONumber}','{$prfDate}','{$terms}','{$currentTime}','{$myUID}','{$myInstructions}')"); } ?> <?php }?>
| ver. 1.4 |
.
| PHP 7.3.33 | Generation time: 0 |
proxy
|
phpinfo
|
Settings