File manager

File manager - Edit - /home/autoph/public_html/connect/home/PRF/PRF_validatePO.php

Back
<?php include_once 'core/init.php'; $prfDate = date_create() ->format("Y-m-d"); $myUID = $user_data['u_id']; if(isset($_POST['done'])){ $SignedDate = mysql_escape_string($_POST['SignedDate']); $SignedTime = mysql_escape_string($_POST['SignedTime']); $MyTOPCode = mysql_escape_string($_POST['MyTOPCode']); $tokenKey = mysql_escape_string($_POST['tokenKey']); $myPONumber = mysql_escape_string($_POST['myPONumber']); $valLink ="prfpoapproval.php"; $getOTPCode = mysql_result(mysql_query("SELECT `otp_validation` FROM `prf_purchase_order` WHERE `po_number`='$myPONumber' AND `token`='$tokenKey'"),0); if($getOTPCode == $MyTOPCode){ $MyAPIcode = mysql_result(mysql_query("SELECT `SMSAPICode` FROM `asa_versioning_db` WHERE `type`='Live'"),0); $MyPasswd = mysql_result(mysql_query("SELECT `SMSAPIPass` FROM `asa_versioning_db` WHERE `type`='Live'"),0); mysql_query("UPDATE `prf_purchase_order` SET `date_checked`='$SignedDate', `time_checked`='$SignedTime', `po_status`='2' WHERE `po_number`='$myPONumber' AND `token`='$tokenKey'"); //################################################################################################################### //################################################################################################################### $getPODetl = mysql_query("SELECT * FROM `prf_request_detl` WHERE `po_code`='$myPONumber' AND `deleted`=0"); while($row=mysql_fetch_array($getPODetl)){ $Message ="Your request for ".$row['item_description']." has been validated and routed for final PO Approval."; $refCodeID = $row['header_ref_code']; $uniqueRefID = $myUID; $requestorID = mysql_result(mysql_query("SELECT `request_by` FROM `prf_request_hdr` WHERE `reference_code`='$refCodeID'"),0); mysql_query("INSERT INTO prf_ff_message(ref_code,sender_id,message,send_to,sms,email,date,time) VALUES('{$refCodeID}','{$uniqueRefID}','{$Message}','{$requestorID}','sms','email','{$signedDate}','{$signedTime}')"); mysql_query("UPDATE `prf_request_hdr` SET `current_status`='8' WHERE `reference_code`='$refCodeID'"); } //################################################################################################################### //################################################################################################################### $getPOApprovingOfficers=mysql_query("SELECT vts_users.`u_id`,vts_users.`u_fname`,vts_users.`u_lname`,vts_users.`usr_mobile`,vts_users.`usr_mobile`,vts_users.`email`, prf_poapprover.`comp_id`,prf_poapprover.`po_officer_id`,prf_poapprover.`trans_type`,prf_poapprover.`authority` FROM prf_poapprover JOIN vts_users ON vts_users.`u_id` = prf_poapprover.`po_officer_id` WHERE prf_poapprover.`deleted`=0 AND prf_poapprover.`trans_type`='Approver'"); while($xRow = mysql_fetch_array($getPOApprovingOfficers)){ $randomCode = rand(10001,99999); $exID = $xRow['u_id']; $SMSMessage = "Purchase Order has been routed to you for FINAL APPROVAL. Click the link below to preocess the request: https://autohub.ph/apr.php?c=".$randomCode; //$SMSMessage = "Purchase Order has been routed to you for your Approval //https://www.autohub.ph/connect/home/prfpoapproval.php?uid=".$exID."&id=".$myPONumber."&token=".$tokenKey; $empMobile = $xRow['usr_mobile']; $empEmail = $xRow['email']; $empFName = $xRow['u_fname']; //$result = itexmo($empMobile, $SMSMessage,$MyAPIcode,$MyPasswd); $result = itexmoAA($empMobile, $SMSMessage,$MyAPIcode,$MyPasswd); if ($result == ""){ //echo '<script>alert("No response from SMS server. SMS failed to send")</script>'; }else if ($result == 0){ //echo "SMS Sent!"; } else{ //echo "Error Num ". $result . " was encountered!"; } echo "<div id='OTPStatus' style='width:100%;height:20px;float:left;padding:5px;font-family:Yu Gothic Light;font-size:16px;background:yellow;padding:20px;font-weight:bold;color:red'> PO Number ".$myPONumber." has been checked and validated. </div>"; //####################################################################### //####################################################################### mysql_query("INSERT INTO `prf_validate_links`(`code`,`link`,`po_code`,`uid`) VALUES('{$randomCode}','{$valLink}','{$myPONumber}','{$exID}')"); //####################################################################### //####################################################################### //######################################PAGINATION####################################################### //######################################PAGINATION####################################################### $from = "support@autohub.ph"; $to = $empEmail; $subject = "NEW PO FOR APPROVAL"; $msgBox = "Hi ".$empFName."! New Purchase Order has been routed to you for FINAL APPROVAL. Click the link below to preocess the request: https://autohub.ph/apr.php?c=".$randomCode; $headers = "From:" . $from; mail($to,$subject,$msgBox, $headers); //######################################PAGINATION####################################################### //######################################PAGINATION####################################################### } }else{ echo "<div id='OTPStatus' style='width:100%;height:20px;float:left;padding:5px;font-family:Yu Gothic Light;font-size:16px;background:yellow;padding:20px;font-weight:bold;color:red'> ERROR: Invalid OTP Code. Please contact your system admin for assistance. </div>"; } } ?>

| ver. 1.4 | . | PHP 7.3.33 | Generation time: 0 | proxy | phpinfo | Settings