<script type="text/javascript" src="js/common.js"></script> <script type="text/javascript" src="js/moment.min.js"></script> <script type="text/javascript" src="js/jquery-ui-1.10.2.nonwidget.min.js"></script> <link rel="stylesheet" type="text/css" href="css/jquery.fileupload.css" /> <link rel="stylesheet" href="css/bootstrap.min.css"> <script type="text/javascript" src="js/jquery.iframe-transport.js"></script> <script type="text/javascript" src="js/jquery.fileupload.js"></script> <script type="text/javascript" src="js/gbox.ui.js"></script> <script type="text/javascript" src="js/bo_person_register.js"></script> <link href="css/style.css" rel="stylesheet"> </head> <body> <?php if (Cls::session('usercode') == 1) { include 'headerAdmin.php'; } else { include 'headerUser.php'; } ?> <!-- <div style="padding-top: 8px;"> <div style="float: left;"> <ul class="nav nav-pills"> <li id="user_info" class="active"><a href="user_info.php">User Information</a></li> <li id="cust_info"><a href="cust_info.php">Customer Information</a></li> <li id="saving_info"><a href="saving_info.php">Saving Customer</a></li> <li id="borrow_info"><a href="borrow_info.php">Lending</a></li> </ul> </div>
$usercode = Cls::session('usercode'); if (isset($_POST["SearchName"])) { $obj = $_POST["SearchName"]; $key = '"%' . $obj['cust_name'] . '%"'; $sql = "SELECT * FROM `bo_customer` where `cust_name` like {$key} and user_id={$usercode}"; $stm = $con->prepare($sql); $stm->execute(); $result = $stm->fetchAll(PDO::FETCH_OBJ); Cls::responeJson($result); } if (Cls::post('bamount') && intval($_POST['bamount']) > 0) { $bamount = str_replace(',', '', Cls::post('bamount')); $brate = str_replace(',', '', Cls::post('brate')); $sql = "insert into bo_lending (cust_id, user_id, lend_start, lend_stop, lend_amount, lend_status, lend_rate)\n\tvalue (?,?,?,?,?,?,?)"; $stm = $con->prepare($sql); $result = $stm->execute(array(Cls::post('custId'), Cls::session('usercode'), Cls::post('startdate'), Cls::post('stopdate'), $bamount, 1, $brate)); Cls::responeJson($result); } if (Cls::post('ShowData')) { $dat = $_POST['ShowData']; //echo ("dddddddddddddddddddddddddddddd" . $dat['txtname']); //$sql= "SELECT * from bo_lending"; $sql = "SELECT\n\t(@row_number :=@row_number + 1) AS rownum,\n\tA.lend_id,\n\tA.cust_id,\n\tA.user_id,\n\tA.lend_start,\n\tA.lend_amount,\n\t(\n\t\tCASE\n\t\tWHEN (\n\t\t\tA.lend_status = 1) THEN\n\t\t\t\t'បន្ត'\n\t\t\tELSE\n\t\t\t\t'បញ្ចប់'\n\t\tend\n\t\t) AS lend_status,\n\t\tA.lend_rate,\n\t\tB.cust_name,\n\t(A.lend_amount + A.lend_rate) as total ,\n\tA.perday\n\tFROM\n\t\tbo_lending A\n\tINNER JOIN bo_customer B ON A.cust_id = B.cust_id,\n\t(SELECT @row_number := 0) AS t where A.user_id = " . $usercode . " and B.cust_name like '%" . $dat['txtname'] . "%'"; if ($dat['txtstatus'] != '') { $sql = $sql . " and A.lend_status = " . $dat['txtstatus']; } $stm = $con->prepare($sql); $stm->execute(); $result = $stm->fetchAll(PDO::FETCH_OBJ); Cls::responeJson($result); }
</td> <td> <input type="button" id='btndetail' style="width: 80px;" value="មើល"> </td> </tr> </tbody> </table> <div class="col-sm-6" style="text-align:right;"> <ul class="pagination" style="margin:0px;"> <li> <span id="page"></span> </li> </ul> </div> <div style="float: right; margin-right: 10px;"> <input type="button" id="btnprint" class="btn btn-default" value="ទាញយក" /> <input type="button" id="btnsave" disabled class="btn btn-default" value="រក្សាទុក"/> <button type="reset" id="btncancel" class="btn btn-default">បោះបង់</button> </div> </body> <script type="text/javascript"> var user_id = <?php echo Cls::session('usercode'); ?> ; </script> </html>
$query = $con->prepare($sql); $query->execute(array($dat['userid'])); $result = $query->fetchAll(PDO::FETCH_ASSOC); return responeJson($result); } if (isset($_POST['SearchName'])) { $dat = $_POST['SearchName']; $sql = "SELECT (@row_number:=@row_number + 1) AS rownum, cust_id, cust_name, cust_sex, cust_phone, cust_address, cust_photo, cust_id_card, cust_start_date FROM bo_customer,(SELECT @row_number:=0) AS t where cust_name like ?"; $sql = $sql . " and user_id = " . Cls::session('usercode'); $query = $con->prepare($sql); $query->execute(array('%' . $dat['txtname'] . '%')); $result = $query->fetchAll(PDO::FETCH_ASSOC); return responeJson($result); } if (isset($_POST['insertData'])) { $dat = $_POST['insertData']; $sql = "INSERT INTO bo_customer (cust_name, cust_sex, cust_phone, cust_address, cust_photo, cust_id_card, cust_start_date, cust_status, user_id) VALUES (?,?,?,?,?,?,now(),?,?)"; $query = $con->prepare($sql); $row = $query->execute(array($dat['txtname'], $dat['txtsex'], $dat['txtphone'], $dat['txtaddress'], $dat['txtphoto'], $dat['txtidcard'], '1', Cls::session('usercode'))); $obj['info'] = 'success'; return responeJson($obj); } if (isset($_POST['updateData'])) { $dat = $_POST['updateData']; $sql = "UPDATE bo_customer SET cust_sex=?,cust_phone=?,cust_address=?,cust_photo=?,cust_id_card=? WHERE cust_id=?"; $query = $con->prepare($sql); $row = $query->execute(array($dat['txtsex'], $dat['txtphone'], $dat['txtaddress'], $dat['txtphoto'], $dat['txtidcard'], $dat['txtid'])); $obj['info'] = 'success'; return responeJson($obj); } responeJson($_REQUEST);
<?php require_once 'common.php'; require_once 'db.php'; $result = []; $obj = []; if (isset($_POST['username']) && isset($_POST['password'])) { $sql = "SELECT user_id FROM bo_user where user_name = ? and user_passwd = ?"; $query = $con->prepare($sql); $query->execute(array($_POST['username'], $_POST['password'])); $login = $query->fetch(PDO::FETCH_OBJ); if (isset($login->user_id)) { Cls::session('usercode', $login->user_id); if ($login->user_id == 1) { Cls::responeJson(['url' => URL . 'user_info.php']); } else { Cls::responeJson(['url' => URL . 'cust_info.php']); } // Cls::redirect('../user_info.html'); } else { Cls::responeJson(['url' => '']); } } if (isset($_GET['logout'])) { Cls::removeSession('usercode'); Cls::redirect(URL . 'index.php'); // echo '<pre>'; // print_r($_SESSION); }