File manager - Edit - /home/autoph/public_html/connectv1/app/employee/update_employee.php
Back
<?php include_once("../../cfg/db.php"); $return_arr["status"]=0; $return_arr["message"]=" No Action."; if(isset( $_POST['employeeid'], $_POST['original-employeeid'], $_POST['firstname'], $_POST['middlename'], $_POST['lastname'], $_POST['suffixname'], $_POST['gender'], $_POST['birthday'], $_POST['company'], $_POST['dealer'], $_POST['department'], $_POST['position'], $_POST['contactno'], $_POST['original-contactno'], $_POST['contactno2'], $_POST['fax'], $_POST['business'], $_POST['residential'], $_POST['landline'], $_POST['email'], $_POST['email2'], $_POST['address'], $_POST['state'], $_POST['city'], $_POST['postal'], $_POST['username'], $_POST['original-username'], $_POST['access-level'], $_POST['password'] )){ //check if theres selected pcture //if exist reduce size and rename base on timestamp //else use default photo name $post_previous_photo = $db -> escape(trim($_POST['original-photo'])); $post_employeeid = $db -> escape(trim($_POST['employeeid'])); $post_previous_employeeid = $db -> escape(trim($_POST['original-employeeid'])); $post_firstname = $db -> escape(trim($_POST['firstname'])); $post_middlename = $db -> escape(trim($_POST['middlename'])); $post_lastname = $db -> escape(trim($_POST['lastname'])); $post_suffixname = $db -> escape(trim($_POST['suffixname'])); $post_gender = $db -> escape(trim($_POST['gender'])); $post_birthday = $db -> escape(trim($_POST['birthday'])); $post_company = $db -> escape(trim($_POST['company'])); $post_dealer = $db -> escape(trim($_POST['dealer'])); $post_department = $db -> escape(trim($_POST['department'])); $post_position = $db -> escape(trim($_POST['position'])); $post_contactno = $db -> escape(trim($_POST['contactno'])); $post_previous_contactno = $db -> escape(trim($_POST['original-contactno'])); $post_contactno2 = $db -> escape(trim($_POST['contactno2'])); $post_fax = $db -> escape(trim($_POST['fax'])); $post_business = $db -> escape(trim($_POST['business'])); $post_residential = $db -> escape(trim($_POST['residential'])); $post_landline = $db -> escape(trim($_POST['landline'])); $post_email = $db -> escape(trim($_POST['email'])); $post_previous_email = $db -> escape(trim($_POST['original-email'])); $post_email2 = $db -> escape(trim($_POST['email2'])); $post_address = $db -> escape(trim(strtoupper($_POST['address']))); $post_state = $db -> escape(trim($_POST['state'])); $post_city = $db -> escape(trim($_POST['city'])); $post_postal = $db -> escape(trim($_POST['postal'])); $post_username =$db -> escape(trim($_POST['username'])); $post_previous_username = $db -> escape(trim($_POST['original-username'])); $post_password =$db -> escape(trim($_POST['password'])); $post_access_level =$db -> escape(trim($_POST['access-level'])); if($post_employeeid != $post_previous_employeeid){ if($db -> select("SELECT count(*) FROM `employee` WHERE `employee_id` = '$post_employeeid'") > 0 ){ $return_arr["status"]=0; $return_arr["message"]=" Employee ID already registered."; echo json_encode($return_arr); return; } } if($post_contactno != $post_previous_contactno){ if($db -> select("SELECT count(*) FROM `employee_contact` WHERE `contact_number` = '$post_contactno'") > 0){ $return_arr["status"]=0; $return_arr["message"]=" Contact number already registered."; echo json_encode($return_arr); return; } } if($post_username != $post_previous_username){ if($db -> select("SELECT count(*) FROM `employee_account` WHERE `username` = '$post_username'") > 0){ $return_arr["status"]=0; $return_arr["message"]=" Username already registered."; echo json_encode($return_arr); return; } } if($post_email != $post_previous_email){ if($db -> select("SELECT count(*) FROM `employee_contact` WHERE `email_address` = '$post_email'") > 0){ $return_arr["status"]=0; $return_arr["message"]=" Email address already registered."; echo json_encode($return_arr); return; } } if(isNotEmpty($_FILES['upload_picture']['name'])){ // Getting file name $filename = $_FILES['upload_picture']['name']; $maxsize = 2097152; if($_FILES['upload_picture']['size'] >= $maxsize || $_FILES['upload_picture']['size'] == 0 ){ $return_arr["status"]=0; $return_arr["message"]=" Image file too large. Image must less than 2 megabytes."; echo json_encode($return_arr); return; } // Valid extension $valid_ext = array('png','jpeg','jpg'); // file extension $file_extension = pathinfo($filename, PATHINFO_EXTENSION); $file_extension = strtolower($file_extension); $RandomAccountNumber = uniqid(); $post_picture = $RandomAccountNumber.'.'.$file_extension; // Location $location = "../../dist/img/".$post_picture; // Check extension if(in_array($file_extension,$valid_ext)){ // Compress Image compressImage($_FILES['upload_picture']['tmp_name'],$location,60); }else{ $return_arr["status"]=0; $return_arr["message"]=" Invalid file type."; } }else{ $post_picture = $post_previous_photo; } $company_dealer_id = 0; $get_company_dealer_id_query = $db -> sql_query("SELECT id FROM `source_company_dealer` WHERE `company_id` = '$post_company' and `dealer_id` = '$post_dealer' and type= '1' LIMIT 1"); while($row1 = $get_company_dealer_id_query->fetch_assoc()) { $company_dealer_id = $row1['id']; } $query_employee_personal_info = "UPDATE `employee` SET `employee_id`='$post_employeeid', `company_dealer_id`='$company_dealer_id', `first_name`='$post_firstname',`middle_name`='$post_middlename', `last_name`='$post_lastname', `suffix_id`='$post_suffixname', `date_of_birth`='$post_birthday', `gender_id`='$post_gender', `department_id`='$post_department', `position_id`='$post_position', `photo`='$post_picture' WHERE employee_id = '$post_previous_employeeid'"; $db -> sql_query($query_employee_personal_info); $query_employee_contact_info = "UPDATE `employee_contact` SET `employee_id`='$post_employeeid',`email_address`='$post_email', `email_address_2`='$post_email2', `contact_number`='$post_contactno', `contact_number_2`='$post_contactno2', `fax`='$post_fax', `business`='$post_business', `residential`='$post_residential', `landline`='$post_landline', `address`='$post_address', `provCode`='$post_state ', `city_id`='$post_city', `postal`='$post_postal' WHERE employee_id = '$post_previous_employeeid'"; $db -> sql_query($query_employee_contact_info); $update_password = ""; if(isNotEmpty($post_password)){ $bcrypt_pass = $db -> b_crypt(md5($post_password)); $update_password = ",`password`='$bcrypt_pass'"; } $query_employee_account_info = "UPDATE `employee_account` SET `employee_id`='$post_employeeid',`employee_role_id`='$post_access_level', `username`='$post_username'".$update_password." WHERE employee_id = '$post_previous_employeeid'"; $db -> sql_query($query_employee_account_info); //IF EMPLOYEE ID CHANGE, CHANGE ALSO ALL CONNECTED EMPLOYEE ID $return_arr["status"]=1; $return_arr["photo"]=$post_picture; $return_arr["username"]=$post_username; $return_arr["email"]=$post_email; $return_arr["employeeid"]=$post_employeeid; $return_arr["contactno"]=$post_contactno; $return_arr["message"]=" Account successfully updated."; }else{ $return_arr["status"]=0; $return_arr["message"]=" Invalid Request. Please try again."; } // Compress image function compressImage($source, $destination, $quality) { $info = getimagesize($source); if ($info['mime'] == 'image/jpeg') $image = imagecreatefromjpeg($source); elseif ($info['mime'] == 'image/jpg') $image = imagecreatefromgif($source); elseif ($info['mime'] == 'image/png') $image = imagecreatefrompng($source); imagejpeg($image, $destination, $quality); } function isNotEmpty($data){ return preg_match('/\S/', $data); } echo json_encode($return_arr); ?>
| ver. 1.4 |
.
| PHP 7.3.33 | Generation time: 0 |
proxy
|
phpinfo
|
Settings