Example #1
0
            //unset($_SESSION['posted_form']);
            // ak je objednávka iba rozpracovaná, tak pošle mail iba zakaznikovy
            if ($_POST[submit_save]) {
                send_email_revision($revizia_id, "", "rozpracovana");
            }
            if ($_POST[submit_confirm]) {
                send_email_revision($revizia_id);
            }
            header("location: index.php?message=OK");
            die;
        } else {
            echo "<div id=error_message>" . implode("<br>", $error_msg) . "</div>";
        }
    }
    echo "<div id=\"form_data\">";
    display_form_data($fieldsets_c, $secure_key);
    echo "</div>";
}
// ===========================================================
// 2 stránka formulára - koniec
if ($page == 3) {
}
function display_form_data($fieldsets_c, $secure_key = "")
{
    $data = $_SESSION["posted_form"];
    $fieldsets_c = count($data["ks_all"]);
    //var_dump($data);
    //var_dump($_SESSION["csrf_key"]);
    if ($_SESSION["csrf_key"] != $data["secure_csrf"]) {
        echo "ACCESS_dennied!!";
        header("location: ?vyber={$vyber}&page=1");
                    $m2m3 = sec_input(sec_sql($data["m2_all"][$i]));
                } else {
                    $m2m3 = sec_input(sec_sql($data["m3_all"][$i]));
                }
                $sum = 0;
                $sum = $cena_dekor * $m2m3;
                $sum_all = $sum_all + $sum;
                $query = "INSERT INTO porez_velkoobchod \n                              (id_revizia, id_material, id_vyrobca, id_dekor, id_dekor_cena, m2, m3, sum)\n                              VALUES \n                              ({$revizia_id},\n                                  " . sec_input(sec_sql($data["material_all"][$i])) . ",\n                                  " . sec_input(sec_sql($data["vyrobca_all"][$i])) . ",\n                                  " . sec_input(sec_sql($data["dekor_all"][$i])) . ",\n                                  " . $id_dekor . ",\n                                  \"" . sec_input(sec_sql($data["m2_all"][$i])) . "\",\n                                  \"" . sec_input(sec_sql($data["m3_all"][$i])) . "\",\n                                  \"" . $sum . "\"    \n                                  )";
                $sql_porez = sql_insert($query);
                $porez_id = $sql_porez["inserted_id"];
            }
            $query = "UPDATE revizia_velkoobchod\n                      SET sum=" . $sum_all . "\n                      WHERE id=\"{$revizia_id}\"";
            sql_update($query);
            mysql_query("COMMIT");
            unset($_SESSION['posted_form']);
            // ak je objednávka iba rozpracovaná, tak pošle mail iba zakaznikovy
            header("location: ?vyber=velkoobchod&message=OK");
            die;
        } else {
            echo "<div id=error_message>" . implode("<br>", $error_msg) . "</div>";
        }
    }
    echo "<div id=\"form_data\">";
    display_form_data($fieldsets_c, $secure_key, $vyber);
    echo "</div>";
}
// ===========================================================
// 2 stránka formulára - koniec
if ($page == 3) {
}
echo "</div>";