$sql = "INSERT INTO {$table} \n\t\t\t\t(CompCode, SuppCode, SuppGroup, Name, ContPers ,Addr1,Addr2, Addr3, Addr4, TelNo, Faxno, TermOthers, TermNonDisp, TermDisp, CostCode, GlAccNo, AccNo, AddUser, AddDate, SuppFlg, recstatus) \n\t\t\tVALUES \n\t\t\t\t('{$compcode}','" . clr($_POST['SuppCode']) . "','" . clr($_POST['SuppGroup']) . "', '" . clr($_POST['Name']) . "', '" . clr($_POST['ContPers']) . "', '" . clr($_POST['Addr1']) . "', '" . clr($_POST['Addr2']) . "', '" . clr($_POST['Addr3']) . "', '" . clr($_POST['Addr4']) . "', '" . clr($_POST['TelNo']) . "', '" . clr($_POST['Faxno']) . "', '" . clr($_POST['TermOthers']) . "', '" . clr($_POST['TermNonDisp']) . "', '" . clr($_POST['TermDisp']) . "', '" . clr($_POST['CostCode']) . "', '" . clr($_POST['GlAccNo']) . "', '" . clr($_POST['AccNo']) . "', '{$user}', NOW(), '" . clr($_POST['SuppFlg']) . "', '" . clr($_POST['recstatus']) . "')";
// OutAmt, DepAmt, MiscAmt, Advccode, AdvGlaccnorecstatus
echo "{$sql}";
} else {
if ($_POST['oper'] == 'edit') {
if ($_POST['recstatus'] == 'D') {
$sql = "UPDATE {$table} SET\n\t\t\t\tSuppGroup = '" . clr($_POST['SuppGroup']) . "', \n\t\t\t\tName = '" . clr($_POST['Name']) . "',\n\t\t\t\tContPers = '" . clr($_POST['ContPers']) . "',\n\t\t\t\tAddr1 = '" . clr($_POST['Addr1']) . "',\n\t\t\t\tAddr2 = '" . clr($_POST['Addr2']) . "',\n\t\t\t\tAddr3 = '" . clr($_POST['Addr3']) . "',\n\t\t\t\tAddr1 = '" . clr($_POST['Addr1']) . "',\n\t\t\t\tAddr4 = '" . clr($_POST['Addr4']) . "',\n\t\t\t\tTelNo = '" . clr($_POST['TelNo']) . "',\n\t\t\t\tFaxno = '" . clr($_POST['Faxno']) . "',\n\t\t\t\tTermOthers = '" . clr($_POST['TermOthers']) . "',\n\t\t\t\tTermNonDisp = '" . clr($_POST['TermNonDisp']) . "',\n\t\t\t\tTermDisp = '" . clr($_POST['TermDisp']) . "',\n\t\t\t\tCostCode = '" . clr($_POST['CostCode']) . "',\n\t\t\t\tGlAccNo = '" . clr($_POST['GlAccNo']) . "',\n\t\t\t\tAccNo = '" . clr($_POST['AccNo']) . "',\n\t\t\t\trecstatus ='D',\n\t\t\t\tDelUser = '******',\n\t\t\t\tDelDate = NOW()\n\t\t\t\tWHERE \n\t\t\t\tcompcode = '{$compcode}' AND SuppCode='{$_POST['SuppCode']}'";
} else {
$sql = "UPDATE {$table} SET\n\t\t\t\tSuppGroup = '" . clr($_POST['SuppGroup']) . "', \n\t\t\t\tName = '" . clr($_POST['Name']) . "',\n\t\t\t\tContPers = '" . clr($_POST['ContPers']) . "',\n\t\t\t\tAddr1 = '" . clr($_POST['Addr1']) . "',\n\t\t\t\tAddr2 = '" . clr($_POST['Addr2']) . "',\n\t\t\t\tAddr3 = '" . clr($_POST['Addr3']) . "',\n\t\t\t\tAddr1 = '" . clr($_POST['Addr1']) . "',\n\t\t\t\tAddr4 = '" . clr($_POST['Addr4']) . "',\n\t\t\t\tTelNo = '" . clr($_POST['TelNo']) . "',\n\t\t\t\tFaxno = '" . clr($_POST['Faxno']) . "',\n\t\t\t\tTermOthers = '" . clr($_POST['TermOthers']) . "',\n\t\t\t\tTermNonDisp = '" . clr($_POST['TermNonDisp']) . "',\n\t\t\t\tTermDisp = '" . clr($_POST['TermDisp']) . "',\n\t\t\t\tCostCode = '" . clr($_POST['CostCode']) . "',\n\t\t\t\tGlAccNo = '" . clr($_POST['GlAccNo']) . "',\n\t\t\t\tAccNo = '" . clr($_POST['AccNo']) . "',\n\t\t\t\trecstatus = '" . clr($_POST['recstatus']) . "',\n\t\t\t\tUpdUser = '******',\n\t\t\t\tUpdDate = NOW()\n\t\t\t\tWHERE \n\t\t\t\tcompcode = '{$compcode}' AND SuppCode='{$_POST['SuppCode']}'";
}
//echo "$sql";
} else {
if ($_POST['oper'] == 'del') {
$sql = "UPDATE {$table} SET recstatus = 'D', DelUser= '******', DelDate = NOW()\n\t\t WHERE compcode = '{$compcode}' AND SuppCode='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('SuppCode', $table, clr($_POST['SuppCode']))) {
throw new Exception('Duplicate key');
}
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
$mysqli->autocommit(FALSE);
if ($_POST['oper'] == 'add') {
$sql = "INSERT INTO {$table} \n\t\t\t\t(compcode,uomcode,description,convfactor,adduser,adddate,recstatus)\n\t\t\tVALUES \n\t\t\t\t('{$compcode}', \n\t\t\t\t'" . clr($_POST['uomcode']) . "',\n\t\t\t\t'" . clr($_POST['description']) . "', \n\t\t\t\t'" . clr($_POST['convfactor']) . "', \n\t\t\t\t'{$user}', \n\t\t\t\tNOW(), \n\t\t\t\t'" . clr($_POST['recstatus']) . "')";
} else {
if ($_POST['oper'] == 'edit') {
if ($_POST['recstatus'] == 'D') {
$sql = "UPDATE {$table} SET \t\n\t\t\t\tconvfactor = '" . clr($_POST['convfactor']) . "',\n\t\t\t\tupduser = '******',\n\t\t\t\tupddate = NOW(),\n\t\t\t\tdeluser= '******',\n\t\t\t\tdeldate = NOW(),\n\t\t\t\trecstatus = 'D'\n\t\t\tWHERE \n\t\t\t\tcompcode = '{$compcode}' AND uomcode='{$_POST['uomcode']}'";
} else {
$sql = "UPDATE {$table} SET\n\t\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\t\tconvfactor = '" . clr($_POST['convfactor']) . "', \n\t\t\t\t\tupduser = '******',\n\t\t\t\t\tupddate = NOW(),\n\t\t\t\t\trecstatus = '" . clr($_POST['recstatus']) . "'\n\t\t\t\tWHERE \n\t\t\t\t\tcompcode = '{$compcode}' AND uomcode='{$_POST['uomcode']}'";
}
//echo "$sql";break;
} else {
if ($_POST['oper'] == 'del') {
$sql = "UPDATE {$table} SET recstatus = 'D', deluser= '******', deldate = NOW()\n\t\t WHERE compcode = '{$compcode}' AND uomcode='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('uomcode', $table, clr($_POST['uomcode']))) {
throw new Exception('Duplicate key');
}
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
}
*/
if ($_POST['oper'] == 'add') {
$sql = "INSERT INTO {$table} \n\t (compcode,source,paymode,description,ccode,glaccno,paytype,cardflag,recstatus,valexpdate,\n\t\t\t lastuser,drpayment) \n\t\t\t \n\t\t\tVALUES \n\t\t\t\t( '{$compcode}',\n\t\t\t\t'{$s}', \n\t\t\t\t'" . clr($_POST['paymode']) . "', \n\t\t\t\t'" . clr($_POST['description']) . "',\n\t\t\t\t'" . clr($_POST['ccode']) . "',\n\t\t\t\t'" . clr($_POST['glaccno']) . "', \n\t\t\t\t'" . clr($_POST['paytype']) . "', \n\t\t\t\t'" . clr($_POST['cardflag']) . "', \n\t\t\t\t'" . clr($_POST['recstatus']) . "', \n\t\t\t\t'" . clr($_POST['valexpdate']) . "',\n\t\t\t\t'" . clr($_POST['lastuser']) . "',\n\t\t\t\t'" . clr($_POST['drpayment']) . "'\n\t\t\t\t)";
//'".clr($_POST['comrate'])."',
//'".clr($_POST['lastupdate'])."',
//'".clr($_POST['drcommrate'])."',
//'".clr($_POST['cardcent'])."'
} else {
if ($_POST['oper'] == 'edit') {
$sql = "UPDATE {$table} SET\n\t\t\t\t\n\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\tccode = '" . clr($_POST['ccode']) . "',\n\t\t\t\tglaccno = '" . clr($_POST['glaccno']) . "',\n\t\t\t\tpaytype = '" . clr($_POST['paytype']) . "',\n\t\t\t\tcardflag = '" . clr($_POST['cardflag']) . "',\n\t\t\t\trecstatus = '" . clr($_POST['recstatus']) . "',\n\t\t\t\tvalexpdate = '" . clr($_POST['valexpdate']) . "',\n\t\t\t\tlastupdate = '{$user}',\n\t\t\t\tdrcommrate = '" . clr($_POST['drcommrate']) . "',\t\n\t\t\t\tdrpayment = '" . clr($_POST['drpayment']) . "',\n\t\t\t\tcardcent = '" . clr($_POST['cardcent']) . "'\n\t\t\t\t\t\t\n\t\t\tWHERE \n\t\t\t\tpaymode='{$_POST['paymode']}'";
} else {
if ($_POST['oper'] == 'del') {
$sql = "DELETE FROM {$table} WHERE paymode='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('paymode', $table, clr($_POST['paymode']))) {
throw new Exception('Duplicate key');
}
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
$lineno_ = 1;
} else {
$lineno_++;
}
$sql = "INSERT INTO {$table} \n\t\t\t\t(compcode, suppcode, lineno_, pricecode, itemcode , uomcode, purqty, unitprice, perdiscount, amtdisc, amtslstax, perslstax, expirydate, sitemcode, recstatus, adduser, adddate) \n\t\t\tVALUES \n\t\t\t\t('{$compcode}','" . clr($_POST['suppcode']) . "','{$lineno_}', '" . clr($_POST['pricecode']) . "', '" . clr($_POST['itemcode']) . "', '" . clr($_POST['uomcode']) . "', '" . clr($_POST['purqty']) . "', '" . clr($_POST['unitprice']) . "', '" . clr($_POST['perdiscount']) . "', '" . clr($_POST['amtdisc']) . "', '" . clr($_POST['amtslstax']) . "', '" . clr($_POST['perslstax']) . "', '" . clr($_POST['expirydate']) . "', '" . clr($_POST['sitemcode']) . "', '" . clr($_POST['recstatus']) . "', '{$user}', NOW())";
} else {
if ($_POST['operItem'] == 'edit') {
if ($_POST['recstatus'] == 'D') {
$sql = "UPDATE {$table} SET\n\t\t\t\tpricecode = '" . clr($_POST['pricecode']) . "',\n\t\t\t\titemcode = '" . clr($_POST['itemcode']) . "',\n\t\t\t\tuomcode = '" . clr($_POST['uomcode']) . "',\n\t\t\t\tpurqty = '" . clr($_POST['purqty']) . "',\n\t\t\t\tunitprice = '" . clr($_POST['unitprice']) . "',\n\t\t\t\tperdiscount = '" . clr($_POST['perdiscount']) . "',\n\t\t\t\tamtdisc = '" . clr($_POST['amtdisc']) . "',\n\t\t\t\tperslstax = '" . clr($_POST['perslstax']) . "',\n\t\t\t\tamtslstax = '" . clr($_POST['amtslstax']) . "',\n\t\t\t\texpirydate = '" . clr($_POST['expirydate']) . "',\n\t\t\t\tsitemcode = '" . clr($_POST['sitemcode']) . "',\n\t\t\t\trecstatus = 'D',\n\t\t\t\tdeluser = '******',\n\t\t\t\tdeldate = NOW()\n\t\t\t\tWHERE compcode = '{$compcode}' AND suppcode='" . clr($_POST['suppcode']) . "'\n\t\t\t\tAND lineno_='" . clr($_POST['lineno_']) . "'";
echo "{$sql}";
} else {
$sql = "UPDATE {$table} SET\n\t\t\t\tpricecode = '" . clr($_POST['pricecode']) . "',\n\t\t\t\titemcode = '" . clr($_POST['itemcode']) . "',\n\t\t\t\tuomcode = '" . clr($_POST['uomcode']) . "',\n\t\t\t\tpurqty = '" . clr($_POST['purqty']) . "',\n\t\t\t\tunitprice = '" . clr($_POST['unitprice']) . "',\n\t\t\t\tperdiscount = '" . clr($_POST['perdiscount']) . "',\n\t\t\t\tamtdisc = '" . clr($_POST['amtdisc']) . "',\n\t\t\t\tperslstax = '" . clr($_POST['perslstax']) . "',\n\t\t\t\tamtslstax = '" . clr($_POST['amtslstax']) . "',\n\t\t\t\texpirydate = '" . clr($_POST['expirydate']) . "',\n\t\t\t\tsitemcode = '" . clr($_POST['sitemcode']) . "',\n\t\t\t\trecstatus = '" . clr($_POST['recstatus']) . "',\n\t\t\t\tupduser = '******',\n\t\t\t\tupddate = NOW()\n\t\t\t\tWHERE compcode = '{$compcode}' AND suppcode='" . clr($_POST['suppcode']) . "'\n\t\t\t\tAND lineno_='" . clr($_POST['lineno_']) . "'";
}
} else {
if ($_POST['operItem'] == 'del') {
$sql = "UPDATE {$table} SET \n\t\t\t\trecstatus = 'D',\n\t\t\t\tdeluser = '******',\n\t\t\t\tdeldate = NOW()\n\t\t\t\tWHERE compcode = '{$compcode}' AND suppcode='" . clr($_POST['suppcode']) . "'\n\t\t\t\tAND lineno_='{$_POST['id']}'";
//echo "$sql";
}
}
}
try {
/*if($_POST['operItem']=='add' && duplicate('suppcode','itemcode',$table,clr($_POST['suppcode']),clr($_POST['itemcode']))){
throw new Exception('Duplicate key');
}*/
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
if ($_POST['active'] == 'Yes') {
$active = '1';
} else {
$active = '0';
}
if ($_POST['oper'] == 'add') {
$sql = "INSERT INTO {$table} \n\t\t\t\t(compcode,authorid,name,password,deptcode, active, adddate,adduser, upddate,\n\t\t\t\tupduser) \n\t\t\tVALUES \n\t\t\t\t('" . clr($compcode) . "',\n\t\t\t\t'" . clr($_POST['authorid']) . "',\n\t\t\t\t'" . clr($_POST['name']) . "', \n\t\t\t\t'" . clr($_POST['password']) . "',\n\t\t\t\t'" . clr($_POST['deptcode']) . "', \n\t\t\t\t'{$active}', \n\t\t\t\tNOW(),\n\t\t\t\t'" . clr($user) . "', \n\t\t\t\tNOW(),\n\t\t\t\t'" . clr($user) . "'\n\t\t\t\t)";
} else {
if ($_POST['oper'] == 'edit') {
$sql = "UPDATE {$table} SET\n\t\t\t\tname = '" . clr($_POST['name']) . "',\n\t\t\t\tpassword = '******'password']) . "',\n\t\t\t\tdeptcode ='" . clr($_POST['deptcode']) . "',\n\t\t\t\tactive = '{$active}',\n\t\t\t\tadddate = NOW(), \n\t\t\t\tadduser = '******', \n\t\t\t\tadddate = NOW(), \n\t\t\t\tadduser = '******'\n\t\t\t\t\n\t\t\t\t\n\t\t\tWHERE \n\t\t\t\tauthorid='{$_POST['authorid']}'";
// debtortycode= '".clr($_POST['debtortycode'])."',
} else {
if ($_POST['oper'] == 'del') {
$sql = "DELETE FROM {$table} WHERE authorid='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('authorid', $table, clr($_POST['authorid']))) {
throw new Exception('Duplicate key');
}
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
global $mysqli, $compcode, $bankcode, $startno;
$sqlDuplicate = "select {$code} from {$table} where {$code} = '{$codetext}' AND compcode = '{$compcode}'";
$resultDuplicate = $mysqli->query($sqlDuplicate);
return $resultDuplicate->num_rows;
}
function duplicate2($field, $code, $code2, $table)
{
global $mysqli, $compcode, $bankcode, $startno;
$sqlDuplicate = "select {$code},{$code2} from {$table} where {$code} = '{$codetext}' AND compcode = '{$compcode}' AND bankcode='{$field}'";
$res == $mysqli->query($sqlDuplicate);
$row = $mysqli->query($sqlDuplicate)->fetch_row();
echo $row;
}
$mysqli->autocommit(FALSE);
if ($_POST['oper'] == 'add') {
$sql = "INSERT INTO {$table} \n\t\t\t\t(compcode,bankcode,startno,endno,cheqqty,stat,adduser,adddate) \n\t\t\tVALUES \n\t\t\t\t('{$compcode}',\n\t\t\t\t'" . clr($_POST['bankcode']) . "',\n\t\t\t\t'" . clr($_POST['startno']) . "',\n\t\t\t\t'" . clr($_POST['endno']) . "',\n\t\t\t\t'" . clr($_POST['endno'] - $_POST['startno'] + 1) . "',\n\t\t\t\t'ACTIVE',\n\t\t\t\t'{$user}',\n\t\t\t\tNOW())";
$bankcode = $_REQUEST['bankcode'];
$startno = $_REQUEST['startno'];
$endno = $_REQUEST['endno'];
$a = "INSERT INTO {$table2} \n\t\t\t\t\t(compcode, bankcode, cheqno, stat, lastuser) VALUES ";
while ($startno < $endno) {
$a .= "('{$compcode}', '{$bankcode}', '{$startno}', 'ACTIVE', '{$user}'), ";
$startno++;
}
$a .= "('{$compcode}', '{$bankcode}', '{$startno}', 'ACTIVE', '{$user}')";
echo "{$sql}";
echo "{$a}";
} else {
if ($_POST['oper'] == 'edit') {
/* $sql="UPDATE {$table} SET
startno = '".clr($_POST['startno'])."',
function autoSyntaxUpd(array $fixColName, array $fixColValue)
{
global $column, $table, $columnid;
$string = 'UPDATE ' . $table . ' SET ';
for ($x = 0; $x < count($column); $x++) {
$string .= $column[$x] . ' = ';
$key = array_search($column[$x], $fixColName);
if ($key > -1) {
if (!strcmp($fixColValue[$key], 'NOW()')) {
$string .= clr($fixColValue[$key]);
} else {
$string .= "'" . clr($fixColValue[$key]) . "'";
}
} else {
if (isset($_POST[$column[$x]])) {
$string .= "'" . clr($_POST[$column[$x]]) . "'";
} else {
$string .= "NULL";
}
}
if ($x != count($column) - 1) {
$string .= ',';
}
}
$string .= " WHERE " . $columnid . " = '" . $_POST[$columnid] . "'";
return $string;
}
$sql = "INSERT INTO {$table} \n\t\t\t\t(compcode,glaccount,description,accgroup, recstatus, adduser,adddate) \n\t\t\tVALUES \n\t\t\t\t('{$compcode}', '" . clr($_POST['glaccount']) . "', '" . clr($_POST['description']) . "', '" . clr($_POST['accgroup']) . "', '" . clr($_POST['recstatus']) . "', '{$user}', NOW())";
//(compcode,glaccount,description,acttype,repgroup,accgroup, recstatus, adduser,adddate, nprefid)
} else {
if ($_POST['oper'] == 'edit') {
if ($_POST['recstatus'] == 'D') {
$sql = "UPDATE {$table} SET\n\t\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\t\trecstatus = 'D',\n\t\t\t\t\taccgroup = '" . clr($_POST['accgroup']) . "',\n\t\t\t\t\tdeluser= '******', \n\t\t\t\t\tdeldate = NOW()\n\t\t\t\tWHERE \n\t\t\t\t\tsysno='{$_POST['sysno']}'";
} else {
$sql = "UPDATE {$table} SET\n\t\t\t\t\tdescription = '" . clr($_POST['description']) . "', \n\t\t\t\t\trecstatus = '" . clr($_POST['recstatus']) . "',\n\t\t\t\t\taccgroup = '" . clr($_POST['accgroup']) . "',\n\t\t\t\t\tupduser = '******',\n\t\t\t\t\tupddate = NOW()\n\t\t\t\tWHERE \n\t\t\t\t\tsysno='{$_POST['sysno']}'";
//echo"$sql";
}
} else {
if ($_POST['oper'] == 'del') {
$sql = "UPDATE {$table} SET recstatus = 'D', deluser= '******', deldate = NOW()\n\t\t WHERE sysno='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('glaccount', $table, clr($_POST['glaccount']))) {
throw new Exception('Duplicate key');
}
//if($_POST['oper']=='add' && duplicate('compcode',$table,'$compcode') && duplicate('glaccount',$table,clr($_POST['glaccount']))){
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
// disable autocommit 'admin',NOW()
if ($_POST['oper'] == 'add') {
$sql = "INSERT INTO {$table} \n\t\t\t\t(compcode,debtortycode,description,depccode,depglacc, actdebccode, actdebglacc,lastuser, lastupdate,\n\t\t\t\tregfees, typegrp, updpayername, updepisode, recstatus) \n\t\t\tVALUES \n\t\t\t\t('" . clr($compcode) . "',\n\t\t\t\t'" . clr($_POST['debtortycode']) . "',\n\t\t\t\t'" . clr($_POST['description']) . "', \n\t\t\t\t'" . clr($_POST['depccode']) . "',\n\t\t\t\t'" . clr($_POST['depglacc']) . "', \n\t\t\t\t'" . clr($_POST['actdebccode']) . "', \n\t\t\t\t'" . clr($_POST['actdebglacc']) . "', \n\t\t\t\t'" . clr($user) . "', \n\t\t\t\tNOW(),\n\t\t\t\t'" . clr($_POST['regfees']) . "', \n\t\t\t\t'" . clr($_POST['typegrp']) . "', \n\t\t\t\t'{$user}',\n\t\t\t\t'" . clr($_POST['updepisode']) . "',\n\t\t\t\t'{$recstatus}'\n\t\t\t\t)";
} else {
if ($_POST['oper'] == 'edit') {
if ($_POST['recstatus'] == 'D') {
$sql = "UPDATE {$table} SET\n\t\t\t\tcompcode= '" . clr($compcode) . "',\n\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\tdepccode = '" . clr($_POST['depccode']) . "',\n\t\t\t\tdepglacc ='" . clr($_POST['depglacc']) . "',\n\t\t\t\tactdebccode = '" . clr($_POST['actdebccode']) . "',\n\t\t\t\tactdebglacc ='" . clr($_POST['actdebglacc']) . "',\n\t\t\t\tlastuser = '******', \n\t\t\t\tlastupdate = NOW(), \n\t\t\t\ttypegrp= '" . clr($_POST['typegrp']) . "', \n\t\t\t\trecstatus = 'D'\n\t\t\tWHERE \n\t\t\t\tdebtortycode='{$_POST['debtortycode']}'";
} else {
$sql = "UPDATE {$table} SET\n\t\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\t\tdepccode = '" . clr($_POST['depccode']) . "',\n\t\t\t\t\tdepglacc ='" . clr($_POST['depglacc']) . "',\n\t\t\t\t\tactdebccode = '" . clr($_POST['actdebccode']) . "',\n\t\t\t\t\tactdebglacc ='" . clr($_POST['actdebglacc']) . "',\n\t\t\t\t\tlastuser = '******', \n\t\t\t\t\tlastupdate = NOW(),\n\t\t\t\t\ttypegrp= '" . clr($_POST['typegrp']) . "',\n\t\t\t\t\trecstatus = '" . clr($_POST['recstatus']) . "'\n\t\t\t\tWHERE \n\t\t\t\t\tdebtortycode='{$_POST['debtortycode']}'";
echo "{$sql}";
}
} else {
if ($_POST['oper'] == 'del') {
$sql = "DELETE FROM {$table} WHERE debtortycode='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('debtortycode', $table, clr($_POST['debtortycode']))) {
throw new Exception('Duplicate key');
}
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
global $mysqli;
$sqlDuplicate = "select {$code} from {$table} where {$code} = '{$codetext}'";
$resultDuplicate = $mysqli->query($sqlDuplicate);
return $resultDuplicate->num_rows;
}
$mysqli->autocommit(FALSE);
if ($_POST['oper'] == 'add') {
$sql = "INSERT INTO {$table} \n\t\t\t\t(sysno, compcode, trantype, description, isstype, trbyiv, updqty, crdbfl, updamt, accttype, recstatus,\n\t\t\t\t adduser, adddate, upduser, upddate) \n\t\t\tVALUES \n\t\t\t\t('" . clr($_POST['sysno']) . "', '{$compcode}', '" . clr($_POST['trantype']) . "', '" . clr($_POST['description']) . "',\n\t\t\t\t '" . clr($_POST['isstype']) . "', '" . clr($_POST['trbyiv']) . "', '" . clr($_POST['updqty']) . "', \n\t\t\t\t '" . clr($_POST['crdbfl']) . "', '" . clr($_POST['updamt']) . "', '" . clr($_POST['accttype']) . "', '{$recstatus}', \n\t\t\t\t '{$user}', NOW(), '{$user}', NOW())";
} else {
if ($_POST['oper'] == 'edit') {
$sql = "UPDATE {$table} SET\n\t\t\t\ttrantype = '" . clr($_POST['trantype']) . "',\n\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\tisstype = '" . clr($_POST['isstype']) . "',\n\t\t\t\taccttype = '" . clr($_POST['accttype']) . "'\t\n\t\t\tWHERE \n\t\t\t\tsysno='{$_POST['sysno']}'";
} else {
if ($_POST['oper'] == 'del') {
$sql = "UPDATE {$table} SET recstatus = 'D'\n\t\t WHERE sysno='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('sysno', $table, clr($_POST['sysno']))) {
throw new Exception('Duplicate key');
}
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
}
$mysqli->autocommit(FALSE);
if ($_POST['oper'] == 'add') {
$sql = "INSERT INTO {$table} \n\t\t\t\t(compcode,source,trantype,description,updpayername,updepisode,depccode, depglacc, manualalloc, recstatus, adduser, adddate) \n\t\t\tVALUES \n\t\t\t\t('{$compcode}','{$source}','" . clr($_POST['trantype']) . "', '" . clr($_POST['description']) . "', '{$vUpdpayername}', '{$vUpdepisode}', '" . clr($_POST['depccode']) . "', '" . clr($_POST['depglacc']) . "', '{$vManualalloc}', '" . clr($_POST['recstatus']) . "', '{$user}', NOW())";
} else {
if ($_POST['oper'] == 'edit') {
if ($_POST['recstatus'] == 'D') {
$sql = "UPDATE {$table} SET \n\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\tupdpayername = '{$vUpdpayername}',\n\t\t\t\tupdepisode = '{$vUpdepisode}',\n\t\t\t\tdepccode = '" . clr($_POST['depccode']) . "',\n\t\t\t\tdepglacc = '" . clr($_POST['depglacc']) . "',\n\t\t\t\tmanualalloc = '{$vManualalloc}',\n\t\t\t\tdeluser = '******',\n\t\t\t\tdeldate = NOW(),\n\t\t\t\trecstatus = 'D'\n\t\t\tWHERE \n\t\t\t\tsysno='{$_POST['sysno']}'";
} else {
$sql = "UPDATE {$table} SET \n\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\tupdpayername = '{$vUpdpayername}',\n\t\t\t\tupdepisode = '{$vUpdepisode}',\n\t\t\t\tdepccode = '" . clr($_POST['depccode']) . "',\n\t\t\t\tdepglacc = '" . clr($_POST['depglacc']) . "',\n\t\t\t\tmanualalloc = '{$vManualalloc}',\n\t\t\t\tupduser = '******',\n\t\t\t\tupddate = NOW(),\n\t\t\t\trecstatus = '" . clr($_POST['recstatus']) . "'\n\t\t\tWHERE \n\t\t\t\tsysno='{$_POST['sysno']}'";
}
} else {
if ($_POST['oper'] == 'del') {
$sql = "UPDATE {$table} SET recstatus = 'D', deluser= '******', deldate = NOW()\n\t\t WHERE sysno='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('trantype', $table, clr($_POST['trantype']))) {
throw new Exception('Duplicate key');
}
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
} else {
if ($_POST['oper'] == 'edit') {
if ($_POST['recstatus'] == 'D') {
$sql = "UPDATE {$table} SET \n\t\t\t\t\t\tcostcode = '" . clr($_POST['costcode']) . "', \n\t\t\t\t\t\tglaccno = '" . clr($_POST['glaccno']) . "',\n\t\t\t\t\t\tadvccode = '" . clr($_POST['advccode']) . "',\n\t\t\t\t\t\tadvglaccno = '" . clr($_POST['advglaccno']) . "',\n\t\t\t\t\t\trecstatus = 'D',\n\t\t\t\t\t\tupduser = '******',\n\t\t\t\t\t\tupddate = NOW(),\n\t\t\t\t\t\tdeluser= '******',\n\t\t\t\t\t\tdeldate = NOW()\n\t\t\t\t\tWHERE \n\t\t\t\t\tcompcode = '{$compcode}' AND suppgroup='{$_POST['suppgroup']}'";
} else {
if ($_POST['recstatus'] == 'D') {
$sql = "UPDATE {$table} SET\n\t\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\t\tcostcode = '" . clr($_POST['costcode']) . "', \n\t\t\t\t\tglaccno = '" . clr($_POST['glaccno']) . "',\n\t\t\t\t\tadvccode = '" . clr($_POST['advccode']) . "',\n\t\t\t\t\tadvglaccno = '" . clr($_POST['advglaccno']) . "',\n\t\t\t\t\trecstatus = 'D',\n\t\t\t\t\tdeluser = '******',\n\t\t\t\t\tdeldate = NOW()\n\t\t\t\tWHERE \n\t\t\t\t\tcompcode = '{$compcode}' AND suppgroup='{$_POST['suppgroup']}'";
} else {
$sql = "UPDATE {$table} SET\n\t\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\t\tcostcode = '" . clr($_POST['costcode']) . "', \n\t\t\t\t\tglaccno = '" . clr($_POST['glaccno']) . "',\n\t\t\t\t\tadvccode = '" . clr($_POST['advccode']) . "',\n\t\t\t\t\tadvglaccno = '" . clr($_POST['advglaccno']) . "',\n\t\t\t\t\trecstatus = '" . clr($_POST['recstatus']) . "',\n\t\t\t\t\tupduser = '******',\n\t\t\t\t\tupddate = NOW()\n\t\t\t\tWHERE \n\t\t\t\t\tcompcode = '{$compcode}' AND suppgroup='{$_POST['suppgroup']}'";
}
}
} else {
if ($_POST['oper'] == 'del') {
$sql = "UPDATE {$table} SET recstatus = 'D', deluser= '******', deldate = NOW()\n\t\t WHERE compcode = '{$compcode}' AND suppgroup='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('suppgroup', $table, clr($_POST['suppgroup']))) {
throw new Exception('Duplicate key');
}
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
