File manager - Edit - /home/autoph/public_html/data03252025consolidation/app/employee/process_signup.php
Back
<?php include_once("../../cfg/db.php"); $return_arr["status"]=0; $return_arr["message"]=" No Action."; if(isset($_POST['employeeid'], $_POST['firstname'], $_POST['middlename'], $_POST['lastname'], // $_POST['suffixname'], $_POST['gender'], $_POST['birthday'], $_POST['contactno'], $_POST['email'], // $_POST['address'], // $_POST['state'], // $_POST['city'], // $_POST['company'], // $_POST['dealer'], // $_POST['department'], // $_POST['position'], $_POST['username'], $_POST['password'], $_POST['cpassword'])){ //check if theres selected pcture //if exist reduce size and rename base on timestamp //else use default photo name $post_employeeid = $db -> escape(trim($_POST['employeeid'])); $post_firstname = $db -> escape(trim($_POST['firstname'])); $post_middlename = $db -> escape(trim($_POST['middlename'])); $post_lastname = $db -> escape(trim($_POST['lastname'])); // $post_suffixname = $db -> escape(trim($_POST['suffixname'])); $post_gender = $db -> escape(trim($_POST['gender'])); $post_birthday = $db -> escape(trim($_POST['birthday'])); $post_contactno = $db -> escape(trim($_POST['contactno'])); $post_username =$db -> escape(trim($_POST['username'])); $post_email = $db -> escape(trim($_POST['email'])); // $post_address = $db -> escape(trim(strtoupper($_POST['address']))); // $post_state = $db -> escape(trim($_POST['state'])); // $post_city = $db -> escape(trim($_POST['city'])); // $post_company = $db -> escape(trim($_POST['company'])); // $post_dealer = $db -> escape(trim($_POST['dealer'])); // $post_department = $db -> escape(trim($_POST['department'])); // $post_position = $db -> escape(trim($_POST['position'])); $post_password =$db -> escape(trim($_POST['password'])); $post_password_two =$db -> escape(trim($_POST['cpassword'])); if($post_password == $post_password_two){ if(intval($db -> select("SELECT count(1) FROM `employee` WHERE `employee_id` = '$post_employeeid'")) == 0){ }else{ $return_arr["status"]=0; $return_arr["message"]=" Employee ID already registered."; echo json_encode($return_arr); return; } // echo "SELECT count(1) FROM `employee_contact` WHERE `contact_number` = '$post_contactno'";exit; if(intval($db -> select("SELECT count(1) FROM `employee_contact` WHERE `contact_number` = '$post_contactno'")) == 0){ }else{ $return_arr["status"]=0; $return_arr["message"]=" Contact number already registered."; echo json_encode($return_arr); return; } if(intval($db -> select("SELECT count(1) FROM `employee_account` WHERE `username` = '$post_username'")) == 0){ }else{ $return_arr["status"]=0; $return_arr["message"]=" Username already registered."; echo json_encode($return_arr); return; } if(intval($db -> select("SELECT count(1) FROM `employee_contact` WHERE `email_address` = '$post_email'")) == 0){}else{ $return_arr["status"]=0; $return_arr["message"]=" Email address already registered."; echo json_encode($return_arr); return; } if(isNotEmpty($_FILES['upload_picture']['name'])){ // Getting file name $filename = $_FILES['upload_picture']['name']; $maxsize = 6097152; if($_FILES['upload_picture']['size'] >= $maxsize || $_FILES['upload_picture']['size'] == 0 ){ $return_arr["status"]=0; $return_arr["message"]=" Image file too large. Image must less than 2 megabytes."; echo json_encode($return_arr); return; } $quality = 60; if($_FILES['upload_picture']['size'] >= $maxsize/2){ $quality = 30; } // Valid extension $valid_ext = array('png','jpeg','jpg'); // file extension $file_extension = pathinfo($filename, PATHINFO_EXTENSION); $file_extension = strtolower($file_extension); $RandomAccountNumber = uniqid(); $post_picture = $RandomAccountNumber.'.'.$file_extension; // Location $location = "../../dist/img/".$post_picture; // Check extension if(in_array($file_extension,$valid_ext)){ // Compress Image compressImage($_FILES['upload_picture']['tmp_name'],$location,60); }else{ $return_arr["status"]=0; $return_arr["message"]=" Invalid file type."; } }else{ $post_picture = 'default.png'; } // $company_dealer_id = 1; // $get_company_dealer_id_query = $db -> sql_query("SELECT id FROM `source_company_dealer` WHERE `company_id` = '$post_company' and `dealer_id` = '$post_dealer' and type= '1' and status = '1' LIMIT 1"); // $get_company_dealer_id_query_count = $get_company_dealer_id_query -> num_rows; // if($get_company_dealer_id_query_count > 0){ // while($row1 = $get_company_dealer_id_query->fetch_assoc()) { // $company_dealer_id = $row1['id']; // } // }else{ // $company_dealer_id = $db -> sql_query_id("INSERT INTO source_company_dealer (`company_id`, `dealer_id`, `type`, `status`) VALUES ('$post_company','$post_dealer','1','1')"); // } // $query_personal_info = "INSERT INTO `employee`(`employee_id`, `company_dealer_id`, `first_name`, `middle_name`, `last_name`, `suffix_id`, `date_of_birth`, `gender_id`, `department_id`, `position_id`, `photo`) VALUES ('$post_employeeid','$company_dealer_id', '$post_firstname','$post_middlename','$post_lastname','$post_suffixname','$post_birthday','$post_gender','$post_department','$post_position','$post_picture')"; //remove suffix // $query_personal_info = "INSERT INTO `employee`(`employee_id`, `company_dealer_id`, `first_name`, `middle_name`, `last_name`, `suffix_id`, `date_of_birth`, `gender_id`, `department_id`, `position_id`, `photo`) VALUES ('$post_employeeid','$company_dealer_id', '$post_firstname','$post_middlename','$post_lastname','0','$post_birthday','$post_gender','$post_department','$post_position','$post_picture')"; //remove company,dealer,dept,position $query_personal_info = "INSERT INTO `employee`(`employee_id`, `company_dealer_id`, `first_name`, `middle_name`, `last_name`, `suffix_id`, `date_of_birth`, `gender_id`, `department_id`, `position_id`, `photo`) VALUES ('$post_employeeid','0', '$post_firstname','$post_middlename','$post_lastname','0','$post_birthday','$post_gender','0','0','$post_picture')"; $db -> sql_query($query_personal_info); // $query_contact_info = "INSERT INTO `employee_contact`(`employee_id`, `email_address`, `contact_number`, `address`, `provCode`, `city_id`) VALUES ('$post_employeeid','$post_email','$post_contactno','$post_address','$post_state','$post_city')"; //address remove $query_contact_info = "INSERT INTO `employee_contact`(`employee_id`, `email_address`, `contact_number`, `address`, `provCode`, `city_id`) VALUES ('$post_employeeid','$post_email','$post_contactno','','0','0')"; $db -> sql_query($query_contact_info); $bcrypt_pass = $db -> b_crypt(md5($post_password)); $query_contact_info = "INSERT INTO `employee_account`( `employee_id`, `username`, `password`, `status`, `locked`) VALUES ('$post_employeeid','$post_username','$bcrypt_pass','0','0')"; $db -> sql_query($query_contact_info); $account_key = md5(uniqid()); $account_code = mt_rand(100000, 999999); $db -> sql_query("DELETE FROM `employee_account_key` WHERE `employee_id` = '$post_employeeid' AND `type` = '1'"); $query_account_key = "INSERT INTO `employee_account_key`(`employee_id`, `account_key`, `account_code`,`type`) VALUES ('$post_employeeid','$account_key','$account_code','1')"; $db -> sql_query($query_account_key); // ToDo Insert activation Here $site_link = str_replace("https","http",$variable['site_link']); $url = $site_link.'app/mail/mail.php'; $data = array('email' => $post_email,'subject' => $db->select("SELECT value FROM `settings_notification` WHERE `name` = 'activation_email_subject'"),'message' => $db->select("SELECT value FROM `settings_notification` WHERE `name` = 'activation_email_message'").'<br><br>'.$variable['site_link'].'activate.php?account='.$account_key); // use key 'http' even if you send the request to https://... $options = array( 'http' => array( 'header' => "Content-type: application/x-www-form-urlencoded\r\n", 'method' => 'POST', 'content' => http_build_query($data) ) ); $context = stream_context_create($options); $result = file_get_contents($url, false, $context); if ($result === FALSE) { /* Handle error */ } // var_dump($result); $return_arr["status"]=1; $return_arr["message"]=" Account successfully created, activation link sent to your email."; }else{ $return_arr["status"]=0; $return_arr["message"]=" Password not match."; } }else{ $return_arr["status"]=0; $return_arr["message"]=" Invalid Request. Please try again."; } // Compress image function compressImage($source, $destination, $quality) { $info = getimagesize($source); if ($info['mime'] == 'image/jpeg') $image = imagecreatefromjpeg($source); elseif ($info['mime'] == 'image/jpg') $image = imagecreatefromgif($source); elseif ($info['mime'] == 'image/png') $image = imagecreatefrompng($source); imagejpeg($image, $destination, $quality); } function isNotEmpty($data){ return preg_match('/\S/', $data); } echo json_encode($return_arr); ?>
| ver. 1.4 |
.
| PHP 7.3.33 | Generation time: 0 |
proxy
|
phpinfo
|
Settings