$usercode = Cls::session('usercode'); if (isset($_POST["SearchName"])) { $obj = $_POST["SearchName"]; $key = '"%' . $obj['cust_name'] . '%"'; $sql = "SELECT * FROM `bo_customer` where `cust_name` like {$key} and user_id={$usercode}"; $stm = $con->prepare($sql); $stm->execute(); $result = $stm->fetchAll(PDO::FETCH_OBJ); Cls::responeJson($result); } if (Cls::post('bamount') && intval($_POST['bamount']) > 0) { $bamount = str_replace(',', '', Cls::post('bamount')); $brate = str_replace(',', '', Cls::post('brate')); $sql = "insert into bo_lending (cust_id, user_id, lend_start, lend_stop, lend_amount, lend_status, lend_rate)\n\tvalue (?,?,?,?,?,?,?)"; $stm = $con->prepare($sql); $result = $stm->execute(array(Cls::post('custId'), Cls::session('usercode'), Cls::post('startdate'), Cls::post('stopdate'), $bamount, 1, $brate)); Cls::responeJson($result); } if (Cls::post('ShowData')) { $dat = $_POST['ShowData']; //echo ("dddddddddddddddddddddddddddddd" . $dat['txtname']); //$sql= "SELECT * from bo_lending"; $sql = "SELECT\n\t(@row_number :=@row_number + 1) AS rownum,\n\tA.lend_id,\n\tA.cust_id,\n\tA.user_id,\n\tA.lend_start,\n\tA.lend_amount,\n\t(\n\t\tCASE\n\t\tWHEN (\n\t\t\tA.lend_status = 1) THEN\n\t\t\t\t'បន្ត'\n\t\t\tELSE\n\t\t\t\t'បញ្ចប់'\n\t\tend\n\t\t) AS lend_status,\n\t\tA.lend_rate,\n\t\tB.cust_name,\n\t(A.lend_amount + A.lend_rate) as total ,\n\tA.perday\n\tFROM\n\t\tbo_lending A\n\tINNER JOIN bo_customer B ON A.cust_id = B.cust_id,\n\t(SELECT @row_number := 0) AS t where A.user_id = " . $usercode . " and B.cust_name like '%" . $dat['txtname'] . "%'"; if ($dat['txtstatus'] != '') { $sql = $sql . " and A.lend_status = " . $dat['txtstatus']; } $stm = $con->prepare($sql); $stm->execute(); $result = $stm->fetchAll(PDO::FETCH_OBJ); Cls::responeJson($result); }
$query = $con->prepare($sql); $query->execute(array($dat['userid'])); $result = $query->fetchAll(PDO::FETCH_ASSOC); return Cls::responeJson($result); } if (isset($_POST['SearchName'])) { $dat = $_POST['SearchName']; $sql = "SELECT (@row_number:=@row_number + 1) AS rownum, cust_id, cust_name, cust_sex, cust_phone, cust_address, cust_photo, cust_id_card, cust_start_date FROM bo_saving_cust,(SELECT @row_number:=0) AS t where cust_name like ?"; $query = $con->prepare($sql); $query->execute(array('%' . $dat['txtname'] . '%')); $result = $query->fetchAll(PDO::FETCH_ASSOC); return Cls::responeJson($result); } if (isset($_POST['insertData'])) { $dat = $_POST['insertData']; $sql = "INSERT INTO bo_saving_cust (cust_name, cust_sex, cust_phone, cust_address, cust_photo, cust_id_card, cust_start_date, cust_status) VALUES (?,?,?,?,?,?,now(),?)"; $query = $con->prepare($sql); $row = $query->execute(array($dat['txtname'], $dat['txtsex'], $dat['txtphone'], $dat['txtaddress'], $dat['txtphoto'], $dat['txtidcard'], '1')); $obj['info'] = 'success'; return Cls::responeJson($obj); } if (isset($_POST['updateData'])) { $dat = $_POST['updateData']; $sql = "UPDATE bo_saving_cust SET cust_sex=?,cust_phone=?,cust_address=?,cust_photo=?,cust_id_card=? WHERE cust_id=?"; $query = $con->prepare($sql); $row = $query->execute(array($dat['txtsex'], $dat['txtphone'], $dat['txtaddress'], $dat['txtpasswd'], $dat['txtphoto'], $dat['txtidcard'], $dat['txtid'])); $obj['info'] = 'success'; return Cls::responeJson($obj); } Cls::responeJson($_REQUEST);
<?php require_once 'common.php'; require_once 'db.php'; $result = []; $obj = []; if (isset($_POST['username']) && isset($_POST['password'])) { $sql = "SELECT user_id FROM bo_user where user_name = ? and user_passwd = ?"; $query = $con->prepare($sql); $query->execute(array($_POST['username'], $_POST['password'])); $login = $query->fetch(PDO::FETCH_OBJ); if (isset($login->user_id)) { Cls::session('usercode', $login->user_id); if ($login->user_id == 1) { Cls::responeJson(['url' => URL . 'user_info.php']); } else { Cls::responeJson(['url' => URL . 'cust_info.php']); } // Cls::redirect('../user_info.html'); } else { Cls::responeJson(['url' => '']); } } if (isset($_GET['logout'])) { Cls::removeSession('usercode'); Cls::redirect(URL . 'index.php'); // echo '<pre>'; // print_r($_SESSION); }