function list_messages()
{
    global $_GET;
    $Display = "";
    $PDisplay = "";
    if (isset($_GET["key"]) && isset($_GET["id"])) {
        // if we should read, read
        if ($_GET["key"] == "view") {
            $rslt = db_exec("\r\n\t\t\t\tSELECT sender, message, EXTRACT(month from timesent) as month, \r\n\t\t\t\t\tEXTRACT(day from timesent) as day, EXTRACT(year from timesent) as year, \r\n\t\t\t\t\tEXTRACT(hour from timesent) as hour, EXTRACT(minute from timesent) as minute \r\n\t\t\t\tFROM req \r\n\t\t\t\tWHERE id='{$_GET['id']}'");
            if (pg_num_rows($rslt) > 0) {
                $row = pg_fetch_array($rslt);
                $time = date("j F, Y  -  H:i", mktime($row["hour"], $row["minute"], 0, $row["month"], $row["day"], $row["year"]));
                $PDisplay .= "\r\n\t\t\t\t\t<h3>Output</h3>\r\n\t\t\t\t\t<table cellpadding='2' cellspacing='0' class='shtable'>\r\n\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t<td width='50'>Sender</td>\r\n\t\t\t\t\t\t\t<td width='200'>{$row['sender']}</td>\r\n\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t<td width='50'>Time Sent:</td>\r\n\t\t\t\t\t\t\t<td width='200'>{$time}</td>\r\n\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t<td width='50'>Message:</td>\r\n\t\t\t\t\t\t\t<td width='200'>{$row['message']}</td>\r\n\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t</table>\r\n\t\t\t\t\t<br>";
                // mark as read
                db_exec("UPDATE req SET viewed='1' WHERE id='{$_GET['id']}'");
            }
        }
        // if we should delete... delete
        if ($_GET["key"] == "del") {
            $rslt = db_exec("DELETE FROM req WHERE id='{$_GET['id']}'");
            if (pg_cmdtuples($rslt) > 0) {
                $PDisplay .= "<h3>Output</h3>Message Successfully Deleted.<br><br>";
            }
        }
    }
    $user = USER_NAME;
    // clear the message notify que
    db_exec("DELETE FROM req_new WHERE for_user='{$user}' ");
    db_exec("UPDATE req SET alerted='1' WHERE recipient='{$user}'");
    // $dep =USER_DPT;
    db_conn('cubit');
    $n = 0;
    $Sql = "\r\n\t\tSELECT id,sender,message,reference, \r\n\t\t\tEXTRACT(month from timesent) as month,\r\n\t\t\tEXTRACT(day from timesent) as day, \r\n\t\t\tEXTRACT(year from timesent) as year,viewed\r\n\t\tFROM req \r\n\t\tWHERE recipient='{$user}' ORDER BY timesent";
    $Exs = db_exec($Sql) or errDie("Unable to select cases from database.");
    if (pg_numrows($Exs) < 1) {
        return "\r\n\t\t\t<table cellpadding='2' cellspacing='0' class='shtable'>\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<th>No Outstanding Messages</th>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr class='odd'>\r\n\t\t\t\t\t<td>You have no outstanding messages</td>\r\n\t\t\t\t</tr>\r\n\t\t\t</table>\r\n\t\t\t<p><p>\r\n\t\t\t<table " . TMPL_tblDflts . ">\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<th>Quick Links</th>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr class='even'>\r\n\t\t\t\t\t<td><a href='req_gen.php'>Add Message</a></td>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr class='odd'>\r\n\t\t\t\t\t<td><a href='../doc-index.php'>Main Menu</a></td>\r\n\t\t\t\t</tr>\r\n\t\t\t<table>";
    }
    while ($depts = pg_fetch_array($Exs)) {
        $Date = date("j F, Y", mktime(0, 0, 0, $depts["month"], $depts["day"], $depts["year"]));
        $n = $n + 1;
        $msgid = $depts['id'];
        // created the new msg cell data
        if ($depts["viewed"] == '0') {
            $newmsg = "<li>&nbsp</li>";
        } else {
            $newmsg = "&nbsp;";
        }
        $Display .= "\r\n\t\t\t\t<tr class='even'>\r\n\t\t\t\t\t<td align='center'>{$newmsg}</td>\r\n\t\t\t\t\t<td>{$Date}</td><td>{$depts['sender']}</td>\r\n\t\t\t\t\t<td>{$depts['message']}</td>\r\n\t\t\t\t\t<td><a href='" . SELF . "?key=view&id={$msgid}'>view</a> / <a href='" . SELF . "?key=del&id={$msgid}'>delete</a></td>\r\n\t\t\t\t</tr>";
    }
    $list_messages = "\r\n\t\t{$PDisplay}\r\n\t\t<h3>Messages for {$user}</h3>\r\n\t\t<br>\r\n\t\t<table cellpadding='2' cellspacing='0' class='shtable'>\r\n\t\t\t<tr>\r\n\t\t\t\t<th>New</th>\r\n\t\t\t\t<th>Date sent</th>\r\n\t\t\t\t<th>From</th>\r\n\t\t\t\t<th>Details</th>\r\n\t\t\t\t<th>Option</th>\r\n\t\t\t</tr>\r\n\t\t\t{$Display}\r\n\t\t\t<tr>\r\n\t\t\t\t<th colspan='7' align='right'>Total messages: {$n}</th>\r\n\t\t\t</tr>\r\n\t\t</table>\r\n\t\t<p>\r\n\t\t<table " . TMPL_tblDflts . ">\r\n\t\t\t<tr>\r\n\t\t\t\t<th>Quick Links</th>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='even'>\r\n\t\t\t\t<td><a href='req_gen.php'>Add Message</a></td>\r\n\t\t\t</tr>\r\n\t\t</table>";
    return $list_messages;
}
function remPaye($_POST)
{
    # clean vars
    $id = preg_replace("/[^\\d]/", "", substr($_POST["id"], 0, 9));
    # connect to db
    db_connect();
    # remove job
    $sql = "DELETE FROM paye WHERE id='{$id}'";
    $payeRslt = db_exec($sql) or errDie("Unable to remove PAYE bracket.", SELF);
    if (pg_cmdtuples($payeRslt) < 1) {
        return "Failed to delete PAYE bracket.";
    }
    $remPaye = "<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width='50%'>\r\n\t<tr><th>PAYE bracket removed</th></tr>\r\n\t<tr class=datacell><td>PAYE bracket has been successfully removed.</td></tr>\r\n\t</table>";
    return $remPaye;
}
function remPaye($_POST)
{
    # clean vars
    $id = preg_replace("/[^\\d]/", "", substr($_POST["id"], 0, 9));
    # connect to db
    db_connect();
    # remove job
    $sql = "DELETE FROM paye WHERE id='{$id}'";
    $payeRslt = db_exec($sql) or errDie("Unable to remove PAYE bracket.", SELF);
    if (pg_cmdtuples($payeRslt) < 1) {
        return "Failed to delete PAYE bracket.";
    }
    $remPaye = "\r\n<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width='50%'>\r\n<tr><th>PAYE bracket removed</th></tr>\r\n<tr class=datacell><td>PAYE bracket has been successfully removed.</td></tr>\r\n</table>\r\n<p>\r\n<table border=0 cellpadding='2' cellspacing='1'>\r\n<tr><th>Quick Links</th></tr>\r\n<tr bgcolor='#88BBFF'><td><a href='admin-paye-view.php'>View Paye</a></td></tr>\r\n<tr bgcolor='#88BBFF'><td><a href='admin-paye-add.php'>Add Paye</a></td></tr>\r\n<script>document.write(getQuicklinkSpecial());</script>\r\n<tr bgcolor='#88BBFF'><td><a href='main.php'>Main Menu</a></td></tr>\r\n</tr>\r\n\r\n";
    return $remPaye;
}
//ALTERA A SENHA QUANDO JÁ EXISTE CADASTRO
if (isset($HTTP_POST_VARS["alt_senha"])) {
    postmemory($HTTP_POST_VARS);
    if ($senha_c1 == '' || $senha_c2 == '') {
        msgbox('Nova senha não pode ser em branco.');
        redireciona("digitafornecedor.php");
        exit;
    }
    $result = @db_query("select senha from db_usuarios where senha = '{$senha}' ");
    if (@pg_num_rows($result) == 0) {
        msgbox("ERRO: Senha Inválida.");
        redireciona("digitafornecedor.php");
        exit;
    }
    $result = @db_query("update db_usuarios set senha = '" . Encriptacao::encriptaSenha($senha_c1) . "' where login = '{$cgccpf}'") or die(@pg_errormessage());
    if (@pg_cmdtuples($result) > 0) {
        db_logs("", "", 0, "Solicitação de senha: senha alterada: {$cgccpf}");
        msgbox("Senha Alterada com sucesso");
        redireciona("digitafornecedor.php");
        exit;
    } else {
        db_logs("", "", 0, "Solicitação de senha: erro alterando senha: {$cgccpf}");
    }
    //MANDA UM E-MAIL DE CONFIRMAÇÃO
} else {
    if (isset($HTTP_POST_VARS["cria_senha"])) {
        postmemory($HTTP_POST_VARS);
        if ($email == "") {
            msgbox("Email em branco");
            redireciona("digitafornecedor.php");
            exit;
Example #5
0
 /**
  * Send a query to PostgreSQL and return the results as a
  * PostgreSQL resource identifier.
  *
  * @param $query the SQL query
  *
  * @return int returns a valid PostgreSQL result for successful SELECT
  * queries, DB_OK for other successful queries.  A DB error code
  * is returned on failure.
  */
 function simpleQuery($query)
 {
     $ismanip = DB::isManip($query);
     $this->last_query = $query;
     $query = $this->modifyQuery($query);
     if (!$this->autocommit && $ismanip) {
         if ($this->transaction_opcount == 0) {
             $result = @pg_exec($this->connection, 'begin;');
             if (!$result) {
                 return $this->pgsqlRaiseError();
             }
         }
         $this->transaction_opcount++;
     }
     $result = @pg_exec($this->connection, $query);
     if (!$result) {
         return $this->pgsqlRaiseError();
     }
     // Determine which queries that should return data, and which
     // should return an error code only.
     if ($ismanip) {
         $this->affected = @pg_cmdtuples($result);
         return DB_OK;
     } elseif (preg_match('/^\\s*\\(?\\s*(SELECT(?!\\s+INTO)|EXPLAIN|SHOW)\\s/si', $query)) {
         /* PostgreSQL commands:
               ABORT, ALTER, BEGIN, CLOSE, CLUSTER, COMMIT, COPY,
               CREATE, DECLARE, DELETE, DROP TABLE, EXPLAIN, FETCH,
               GRANT, INSERT, LISTEN, LOAD, LOCK, MOVE, NOTIFY, RESET,
               REVOKE, ROLLBACK, SELECT, SELECT INTO, SET, SHOW,
               UNLISTEN, UPDATE, VACUUM
            */
         $this->row[(int) $result] = 0;
         // reset the row counter.
         $numrows = $this->numrows($result);
         if (is_object($numrows)) {
             return $numrows;
         }
         $this->num_rows[(int) $result] = $numrows;
         $this->affected = 0;
         return $result;
     } else {
         $this->affected = 0;
         return DB_OK;
     }
 }
function write($_POST)
{
    # Get vars
    global $DOCLIB_DOCTYPES;
    foreach ($_POST as $key => $value) {
        ${$key} = $value;
    }
    # Validate input
    require_lib("validate");
    $v = new validate();
    $v->isOk($docid, "string", 1, 20, "Invalid document number.");
    # Display errors, if any
    if ($v->isError()) {
        $confirmCust = "";
        $errors = $v->getErrors();
        foreach ($errors as $e) {
            $confirmCust .= "<li class=err>" . $e["msg"];
        }
        $confirmCust .= "<p><input type=button onClick='JavaScript:history.back();' value='&laquo; Correct submission'>";
        return $confirmCust;
    }
    # Connect to db
    db_conn("cubit");
    $docRs = get("cubit", "*", "documents", "docid", $docid);
    $doc = pg_feTch_array($docRs);
    # Write to db
    $sql = "DELETE FROM documents WHERE docid = '{$docid}' AND div = '" . USER_DIV . "'";
    $docRslt = db_exec($sql) or errDie("Unable to remove {$doc['docname']} from system.", SELF);
    if (pg_cmdtuples($docRslt) < 1) {
        return "<li class=err>Unable to remove {$doc['docname']} from Cubit.";
    }
    /*
    //new
    db_conn('cubit');
    */
    # write to db
    $Sql = "INSERT INTO document(typeid,typename,xin,docref,docdate,docname,filename,mimetype,descrip,docu,div)  VALUES ('{$doc['typeid']}', '{$doc['typename']}', '{$doc['xin']}', '{$doc['docref']}', '{$doc['docdate']}', '{$doc['docname']}', '{$doc['filename']}', '{$doc['mimetype']}', '{$doc['descrip']}', '{$doc['docu']}', '" . USER_DIV . "')";
    $Rslt = db_exec($Sql) or errDie("Unable to access database.");
    $write = "<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width='50%'>\r\n\t\t<tr><th>Document removed</th></tr>\r\n\t\t<tr class=datacell><td>Document <b>{$doc['docname']}</b>, has been successfully removed from the system.</td></tr>\r\n\t</table>\r\n\t<p>\r\n\t<table border=0 cellpadding='2' cellspacing='1'>\r\n\t\t<tr><th>Quick Links</th></tr>\r\n\t\t<tr class='bg-odd'><td><a href='tdocadd.php'>Add Document</a></td></tr>\r\n\t\t<tr class='bg-odd'><td><a href='tdocview.php'>View Documents</a></td></tr>\r\n\t\t<tr class='bg-odd'><td><a href='../main.php'>Main Menu</a></td></tr>\r\n\t</table>";
    return $write;
}
function write_req($_POST)
{
    global $_SESSION;
    # get vars
    foreach ($_POST as $key => $value) {
        ${$key} = $value;
    }
    $user = $_SESSION["USER_NAME"];
    # validate input
    require_lib("validate");
    $v = new validate();
    if (!isset($to)) {
        $v->addError("", "No user specified");
    } else {
        foreach ($to as $arr => $arrval) {
            $v->isOk($arrval, "string", 1, 200, "Invalid recipient: {$arrval}");
        }
    }
    $v->isOk($des, "string", 1, 200, "Invalid description.");
    $v->isOk($user, "string", 1, 200, "Invalid user.");
    # display errors, if any
    if ($v->isError()) {
        $confirmCust = "";
        $errors = $v->getErrors();
        foreach ($errors as $e) {
            $confirmCust .= "<li class=err>" . $e["msg"];
        }
        return "{$confirmCust}</li></li>" . get_req();
    }
    $id += 0;
    $date = date("Y-m-d");
    $time = date("H:i:s");
    db_conn('cubit');
    if (in_array("_ALL_", $to)) {
        $to = "";
        $rslt = db_exec("SELECT username FROM users");
        // if users found
        if (pg_num_rows($rslt) > 0) {
            while ($row = pg_fetch_array($rslt)) {
                $to[] = $row["username"];
            }
        }
    }
    # write to db
    // create the list of users the messages should get sent to
    $msg_results = "";
    foreach ($to as $arr => $arrval) {
        db_conn('cubit');
        $Sql = "INSERT INTO req (sender, recipient, message, timesent, viewed)\r\n\t\t\tVALUES ('{$user}','{$arrval}','{$des}',CURRENT_TIMESTAMP, 0)";
        $Rslt = db_exec($Sql) or errDie("Unable to add to database.", SELF);
        if (pg_cmdtuples($Rslt) < 1) {
            return "Unable to access database.";
        } else {
            // if it isn't noticed that person has new messages, notify him
            $rslt = db_exec("SELECT * from req_new WHERE for_user='{$arrval}' ");
            if (pg_num_rows($rslt) == 0) {
                db_exec("INSERT INTO req_new VALUES('{$arrval}')");
            }
            $msg_results .= "<tr class=datacell><td>Your message has been sent to {$arrval}</td></tr>";
        }
        db_conn('crm');
        $Sl = "INSERT INTO token_actions (token,action,donedate,donetime,doneby,donebyid)\r\n\t\tVALUES ('{$id}','Sent message to {$arrval}','{$date}','{$time}','" . USER_NAME . "','" . USER_ID . "')";
        $Ry = db_exec($Sl) or errDie("Unable to insert query action.");
    }
    $OUTPUT .= "<script> window.opener.parent.mainframe.location.reload(); window.close(); </script>";
    return $OUTPUT;
    $write_req = "\r\n\t<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width='50%'>\r\n\t<tr><th>Message proccessed</th></tr>\r\n\t{$msg_results}\r\n\t</table>";
    return $write_req;
}
Example #8
0
         // Need to figure out a way to determine whether the primary key for the table has been selected
         // If not, then we need to pull it in.  This is for use with the actions.
         // }
         $pri_keys[] = $my_pri_key;
     }
     $sql_query = isset($sql_query) ? stripslashes($sql_query) : '';
     $sql_order = isset($sql_order) ? stripslashes($sql_order) : '';
     if (!($result = @pg_exec($link, pre_query($sql_query . $sql_order)))) {
         include "header.inc.php";
         pg_die(pg_errormessage($link), $sql_query . $sql_order, __FILE__, __LINE__);
     }
     $num_rows = @pg_numrows($result);
 }
 if ($num_rows < 1 || $rel_type == "sequence" && eregi($sql_query, "setval")) {
     if (eregi("delete|insert|update", $sql_query)) {
         $affected_rows = @pg_cmdtuples($result);
     } else {
         unset($affected_rows);
     }
     if (file_exists("./{$goto}")) {
         include "header.inc.php";
         if (isset($zero_rows) && !empty($zero_rows)) {
             $message = $zero_rows;
         } else {
             $message = $strEmptyResultSet;
         }
         include preg_replace('/\\.\\.*/', '.', $goto);
     } else {
         $message = $zero_rows;
         Header("Location: {$goto}");
     }
function remPaye($_POST)
{
    # get vars
    foreach ($_POST as $key => $value) {
        ${$key} = $value;
    }
    # validate input
    require_lib("validate");
    $v = new validate();
    $v->isOk($id, "num", 1, 20, "Invalid PAYE ID.");
    # display errors, if any
    if ($v->isError()) {
        $confirmCust = "";
        $errors = $v->getErrors();
        foreach ($errors as $e) {
            $confirmCust .= "<li class=err>" . $e["msg"];
        }
        $confirmCust .= "<p><input type=button onClick='JavaScript:history.back();' value='&laquo; Correct submission'>";
        return $confirmCust;
    }
    # connect to db
    db_connect();
    # remove job
    $sql = "DELETE FROM paye WHERE id='{$id}'";
    $payeRslt = db_exec($sql) or errDie("Unable to remove PAYE bracket.", SELF);
    if (pg_cmdtuples($payeRslt) < 1) {
        return "Failed to delete PAYE bracket.";
    }
    $remPaye = "\n<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width='50%'>\n<tr><th>PAYE bracket removed</th></tr>\n<tr class=datacell><td>PAYE bracket has been successfully removed.</td></tr>\n</table>" . mkQuickLinks(ql("../admin-employee-add.php", "Add Employee"), ql("../admin-employee-view.php", "View Employees"));
    return $remPaye;
}
Example #10
0
 function sql_affectedrows($query_id = 0)
 {
     if (!$query_id) {
         $query_id = $this->query_result;
     }
     return $query_id ? @pg_cmdtuples($query_id) : false;
 }
function write($_POST)
{
    # get vars
    foreach ($_POST as $key => $value) {
        ${$key} = $value;
    }
    # validate input
    require_lib("validate");
    $v = new validate();
    $v->isOk($accno, "string", 1, 20, "Invalid Account number.");
    $v->isOk($surname, "string", 0, 255, "Invalid surname/company.");
    $v->isOk($title, "string", 0, 10, "Invalid title.");
    $v->isOk($init, "string", 0, 10, "Invalid initials.");
    $v->isOk($firstname, "string", 0, 255, "Invalid Customer name.");
    $v->isOk($catid, "num", 1, 255, "Invalid Category.");
    $v->isOk($clasid, "num", 1, 255, "Invalid Classification.");
    $v->isOk($paddr, "string", 0, 255, "Invalid Postal Address.");
    $v->isOk($daddr, "string", 0, 255, "Invalid Delivery Address.");
    $v->isOk($contname, "string", 0, 255, "Invalid contact name.");
    $v->isOk($bustel, "string", 1, 20, "Invalid Bussines telephone.");
    $v->isOk($hometel, "string", 1, 20, "Invalid Home telephone.");
    $v->isOk($cellno, "string", 0, 20, "Invalid Cell number.");
    $v->isOk($faxno, "string", 0, 20, "Invalid Fax number.");
    $v->isOk($email, "email", 0, 255, "Invalid email name.");
    $v->isOk($saleterm, "num", 1, 20, "Invalid Sale Term.");
    $v->isOk($traddisc, "float", 0, 20, "Invalid trade discount.");
    $v->isOk($setdisc, "float", 0, 20, "Invalid settlement discount.");
    $v->isOk($listid, "num", 1, 20, "Invalid price list.");
    $v->isOk($chrgint, "float", 0, 20, "Invalid Charge interest.");
    $v->isOk($overdue, "float", 0, 20, "Invalid overdue.");
    $v->isOk($chrgvat, "string", 1, 4, "Invalid charge vat.");
    $v->isOk($vatinc, "string", 1, 3, "Invalid vat inclusive selection.");
    $v->isOk($credterm, "num", 0, 20, "Invalid Credit term.");
    $v->isOk($odate, "date", 1, 14, "Invalid account open date.");
    $v->isOk($credlimit, "float", 0, 20, "Invalid credit limit.");
    $v->isOk($block, "string", 1, 3, "Invalid Block acc selection.");
    # display errors, if any
    if ($v->isError()) {
        $confirmCust = "";
        $errors = $v->getErrors();
        foreach ($errors as $e) {
            $confirmCust .= "<li class=err>" . $e["msg"];
        }
        $confirmCust .= "<p><input type=button onClick='JavaScript:history.back();' value='&laquo; Correct submission'>";
        return $confirmCust;
    }
    # connect to db
    db_conn("toms");
    # fix numeric
    $saleterm += 0;
    $traddisc += 0;
    $setdisc += 0;
    $listid += 0;
    $chrgint += 0;
    $overdue += 0;
    $credterm += 0;
    $credlimit += 0;
    # write to db
    $sql = "INSERT INTO  customers(accno, surname, title, init, firstname, category, class, paddr, daddr, contname, bustel, hometel, cellno, faxno, email, saleterm, traddisc, setdisc, pricelist, chrgint, overdue, chrgvat, vatinc, credterm, odate, credlimit, blocked)\r\n\tVALUES ('{$accno}', '{$surname}', '{$title}', '{$init}', '{$firstname}', '{$catid}', '{$clasid}', '{$paddr}', '{$daddr}', '{$contname}', '{$bustel}', '{$hometel}', '{$cellno}', '{$faxno}', '{$email}', '{$saleterm}', '{$traddisc}', '{$setdisc}', '{$listid}', '{$chrgint}', '{$overdue}', '{$chrgvat}', '{$vatinc}', '{$credterm}', '{$odate}', '{$credlimit}', '{$block}')";
    $custRslt = db_exec($sql) or errDie("Unable to add fringe benefit to system.", SELF);
    if (pg_cmdtuples($custRslt) < 1) {
        return "<li class=err>Unable to add customer to database.";
    }
    $write = "<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width='50%'>\r\n\t<tr><th>Customer added to system</th></tr>\r\n\t<tr class=datacell><td>New Customer <b>{$firstname} {$surname}</b>, has been successfully added to the system.</td></tr>\r\n\t</table>\r\n\t<p>\r\n\t<table border=0 cellpadding='2' cellspacing='1'>\r\n\t<tr><th>Quick Links</th></tr>\r\n\t<tr class='bg-odd'><td><a href='cust-view.php'>View Customers</a></td></tr>\r\n\t<tr class='bg-odd'><td><a href='index.php'>Index</a></td></tr>\r\n\t<tr class='bg-odd'><td><a href='toms-settings.php'>Settings</a></td></tr>\r\n\t<tr class='bg-odd'><td><a href='../main.php'>Main Menu</a></td></tr>\r\n\t</table>";
    return $write;
}
function write($_POST)
{
    # get vars
    foreach ($_POST as $key => $value) {
        ${$key} = $value;
    }
    # validate input
    require_lib("validate");
    $v = new validate();
    $v->isOk($grpid, "num", 1, 50, "Invalid Asset Group id.");
    $v->isOk($grpname, "string", 1, 255, "Invalid Asset Group name or Asset Group name is too long.");
    # display errors, if any
    if ($v->isError()) {
        $confirmCust = "";
        $errors = $v->getErrors();
        foreach ($errors as $e) {
            $confirmCust .= "<li class=err>" . $e["msg"];
        }
        $confirmCust .= "<p><input type=button onClick='JavaScript:history.back();' value='&laquo; Correct submission'>";
        return $confirmCust;
    }
    # connect to db
    db_connect();
    # write to db
    $sql = "UPDATE assetgrp SET  grpname = '{$grpname}' WHERE grpid = '{$grpid}' AND div = '" . USER_DIV . "'";
    $grpRslt = db_exec($sql) or errDie("Unable to add edit Asset Group to system.", SELF);
    if (pg_cmdtuples($grpRslt) < 1) {
        return "<li class=err>Unable to edit Asset Group to database.";
    }
    $write = "<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width='50%'>\r\n\t<tr><th>Asset Group edited</th></tr>\r\n\t<tr class=datacell><td>Asset Group <b>{$grpname}</b>, has been edited.</td></tr>\r\n\t</table>\r\n\t<p>\r\n\t<table border=0 cellpadding='2' cellspacing='1'>\r\n\t\t<tr><th>Quick Links</th></tr>\r\n\t\t<tr class='bg-odd'><td><a href='assetgrp-new.php'>Add Asset Group</a></td></tr>\r\n\t\t<tr class='bg-odd'><td><a href='assetgrp-view.php'>View Asset Groups</a></td></tr>\r\n\t\t<tr class='bg-odd'><td><a href='main.php'>Main Menu</a></td></tr>\r\n\t</table>";
    return $write;
}
function write($_POST)
{
    # get vars
    extract($_POST);
    # validate input
    require_lib("validate");
    $v = new validate();
    $v->isOk($classcode, "string", 1, 255, "Invalid Classification code.");
    $v->isOk($classname, "string", 1, 255, "Invalid Classification name.");
    # display errors, if any
    if ($v->isError()) {
        $confirmCust = "";
        $errors = $v->getErrors();
        foreach ($errors as $e) {
            $confirmCust .= "<li class='err'>" . $e["msg"] . "</li>";
        }
        $confirmCust .= "<p><input type='button' onClick='JavaScript:history.back();' value='&laquo; Correct submission'>";
        return $confirmCust;
    }
    # check stock code
    db_connect();
    $sql = "SELECT classcode FROM stockclass WHERE lower(classcode) = lower('{$classcode}') AND div = '" . USER_DIV . "'";
    $cRslt = db_exec($sql);
    if (pg_numrows($cRslt) > 0) {
        $error = "<li class='err'> A Classification with code : <b>{$classcode}</b> already exists.</li>";
        $error .= "<p><input type=button onClick='JavaScript:history.back();' value='&laquo; Correct submission'>";
        return $error;
    }
    # connect to db
    db_connect();
    # write to db
    $sql = "INSERT INTO stockclass(classcode, classname, div) VALUES ('{$classcode}', '{$classname}', '" . USER_DIV . "')";
    $catRslt = db_exec($sql) or errDie("Unable to add class to system.", SELF);
    if (pg_cmdtuples($catRslt) < 1) {
        return "<li class='err'>Unable to add classname to database.</li>";
    }
    if (frmupdate_passon()) {
        $newlst = new dbSelect("stockclass", "cubit", grp(m("cols", "clasid, classname"), m("where", "div='" . USER_DIV . "'"), m("order", "classname ASC")));
        $newlst->run();
        $a = array();
        if ($newlst->num_rows() > 0) {
            while ($row = $newlst->fetch_array()) {
                $a[$row["clasid"]] = $row["classname"];
            }
        }
        $js = frmupdate_exec(array($a), true);
    } else {
        $js = "";
    }
    $write = "\n\t\t\t\t{$js}\n\t\t\t\t<table " . TMPL_tblDflts . " width='50%'>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<th>Classification added to system</th>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t\t<td>New Classification <b>{$classname}</b>, has been successfully added to the system.</td>\n\t\t\t\t\t</tr>\n\t\t\t\t</table>\n\t\t\t\t<p>\n\t\t\t\t<table border=0 cellpadding='2' cellspacing='1'>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<th>Quick Links</th>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t\t<td><a href='stockclass-view.php'>View Classifications</a></td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t\t<td><a href='main.php'>Main Menu</a></td>\n\t\t\t\t\t</tr>\n\t\t\t\t</table>";
    return $write;
}
function write($_POST)
{
    # get vars
    extract($_POST);
    # validate input
    require_lib("validate");
    $v = new validate();
    $v->isOk($listname, "string", 1, 255, "Invalid Price list name.");
    if (isset($stkids)) {
        foreach ($stkids as $key => $value) {
            $v->isOk($stkids[$key], "num", 1, 20, "Invalid Stock Item number.");
            $v->isOk($prices[$key], "float", 1, 20, "Invalid Stock Item price.");
        }
    } else {
        return "<li class='err'> there is not stock for the price list.</li>";
    }
    # display errors, if any
    if ($v->isError()) {
        $confirmCust = "";
        $errors = $v->getErrors();
        foreach ($errors as $e) {
            $confirmCust .= "<li class='err'>" . $e["msg"] . "</li>";
        }
        $confirmCust .= "<p><input type='button' onClick='JavaScript:history.back();' value='&laquo; Correct submission'>";
        return $confirmCust;
    }
    # connect to db
    db_conn("exten");
    # write to db
    $sql = "INSERT INTO spricelist(listname, div) VALUES ('{$listname}', '" . USER_DIV . "')";
    $catRslt = db_exec($sql) or errDie("Unable to price list to system.", SELF);
    if (pg_cmdtuples($catRslt) < 1) {
        return "<li class='err'>Unable to add price list to database.</li>";
    }
    # get next ordnum
    $listid = pglib_lastid("spricelist", "listid");
    # Insert price list items
    foreach ($stkids as $key => $value) {
        db_connect();
        $sql = "SELECT stkid, prdcls, catid FROM stock WHERE stkid = '{$stkids[$key]}' AND div = '" . USER_DIV . "'";
        $stkRslt = db_exec($sql) or errDie("Unable to retrieve stocks from database.");
        $stk = pg_fetch_array($stkRslt);
        db_conn("exten");
        $sql = "\r\n\t\t\tINSERT INTO splist_prices (\r\n\t\t\t\tlistid, stkid, catid, clasid, price, div\r\n\t\t\t) VALUES (\r\n\t\t\t\t'{$listid}', '{$stkids[$key]}', '{$stk['catid']}', '{$stk['prdcls']}', '{$prices[$key]}', '" . USER_DIV . "'\r\n\t\t\t)";
        $rslt = db_exec($sql) or errDie("Unable to insert price list items to Cubit.", SELF);
    }
    // Layout
    $write = "\r\n\t\t<table " . TMPL_tblDflts . " width='50%'>\r\n\t\t\t<tr>\r\n\t\t\t\t<th>Supplier Price list added to system</th>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='datacell'>\r\n\t\t\t\t<td>New Supplier Price list <b>{$listname}</b>, has been successfully added to the system.</td>\r\n\t\t\t</tr>\r\n\t\t</table>\r\n\t\t<p>\r\n\t\t<table border='0' cellpadding='2' cellspacing='1'>\r\n\t\t\t<tr>\r\n\t\t\t\t<th>Quick Links</th>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td><a href='sup-pricelist-view.php'>View Supplier Price Lists</a></td>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td><a href='../main.php'>Main Menu</a></td>\r\n\t\t\t</tr>\r\n\t\t</table>";
    return $write;
}
function writeLoan($_POST)
{
    # get vars
    extract($_POST);
    # validate input
    require_lib("validate");
    $v = new validate();
    $v->isOk($empnum, "num", 1, 20, "Invalid employee number.");
    $v->isOk($loanid, "num", 1, 20, "Invalid loan ID.");
    $v->isOk($loanamt, "float", 1, 10, "Invalid loan amount.");
    $v->isOk($loanint, "float", 1, 5, "Invalid loan interest.");
    $v->isOk($loanperiod, "num", 1, 3, "Invalid payback period.");
    $v->isOk($loaninstall, "float", 1, 10, "Invalid monthly installment.");
    $v->isOk($fringebenefit, "float", 1, 10, "Invalid fringe benefit amount.");
    $v->isOk($accid, "num", 1, 9, "Invalid bank account selected.");
    $v->isOk($account, "num", 1, 9, "Invalid contra account selected.");
    $v->isOk($loan_account, "num", 1, 9, "Invalid loan account selected.");
    $v->isOk($loan_type, "num", 1, 9, "Invalid loan type selected.");
    $ldate = mkdate($lyear, $lmonth, $lday);
    $v->isOk($ldate, "date", 1, 1, "Invalid loan date.");
    $archdate = mkdate($arch_year, $arch_month, $arch_day);
    $v->isOk($archdate, "date", 1, 1, "Invalid approval/denial date.");
    if (!checkdate($lmonth, $lday, $lyear)) {
        $v->addError("", "Invalid date.");
    }
    if ($account > 0 && isb($account) || isb($loan_account)) {
        $v->addError("", "Main accounts blocked. Please select sub accounts.");
    }
    # display errors, if any
    if ($v->isError()) {
        $confirmCust = "";
        $errors = $v->getErrors();
        foreach ($errors as $e) {
            $confirmCust .= "<li class='err'>" . $e["msg"] . "</li>";
        }
        return enterLoan($confirmCust);
    }
    # CHECK IF THIS DATE IS IN THE BLOCKED RANGE
    $blocked_date_from = getCSetting("BLOCKED_FROM");
    $blocked_date_to = getCSetting("BLOCKED_TO");
    if (strtotime($ldate) >= strtotime($blocked_date_from) and strtotime($ldate) <= strtotime($blocked_date_to) and !user_is_admin(USER_ID)) {
        return "<li class='err'>Period Range Is Blocked. Only an administrator can process entries within this period.</li>";
    }
    # CHECK IF THIS DATE IS IN THE BLOCKED RANGE
    $blocked_date_from = getCSetting("BLOCKED_FROM");
    $blocked_date_to = getCSetting("BLOCKED_TO");
    if (strtotime($archdate) >= strtotime($blocked_date_from) and strtotime($archdate) <= strtotime($blocked_date_to) and !user_is_admin(USER_ID)) {
        return "<li class='err'>Period Range Is Blocked. Only an administrator can process entries within this period.</li>";
    }
    # get employee details
    db_connect();
    $sql = "SELECT * FROM employees WHERE empnum='{$empnum}' AND div = '" . USER_DIV . "'";
    $empRslt = db_exec($sql) or errDie("Unable to select employees from database.");
    if (pg_numrows($empRslt) < 1) {
        return "Invalid employee ID.";
    }
    $myEmp = pg_fetch_array($empRslt);
    if (!isset($deny)) {
        # check for previous loan
        $sql = "SELECT empnum FROM employees WHERE empnum='{$empnum}' AND div = '" . USER_DIV . "' AND gotloan='t'::bool";
        $chkRslt = db_exec($sql) or errDie("Unable to check existing loans for employee.");
        if (pg_numrows($chkRslt) > 0) {
            return "<li class='err'>Loan already exists for employee number: {$empnum}.</li>";
        }
    }
    $date = date("Y-m-d");
    pglib_transaction("BEGIN");
    $totamount = sprint($loanperiod * $loaninstall);
    $loanint_amt = $totamount - $loanamt;
    $sql = "\n\t\tINSERT INTO emp_loanarchive (\n\t\t\tempnum, loanamt, loaninstall, loanint, loanperiod, loandate, archdate, loan_type, \n\t\t\tdiv, status\n\t\t) VALUES (\n\t\t\t'{$empnum}', '{$totamount}', '{$loaninstall}', '{$loanint}', '{$loanperiod}', '{$ldate}', '{$archdate}', '{$loan_type}', \n\t\t\t'" . USER_DIV . "', '" . (isset($deny) ? "D" : "A") . "'\n\t\t)";
    $rslt = db_exec($sql) or errDie("Unable to pre archive loan.");
    $loanaid = pglib_lastid('emp_loanarchive', 'id');
    $rem_sql = "DELETE FROM loan_requests WHERE id = '{$loanid}'";
    $run_rem = db_exec($rem_sql) or errDie("Unable to get loan requests information.");
    if (!isset($deny)) {
        $refnum = getrefnum();
        if ($accid > 0) {
            $bankacc = getbankaccid($accid);
        }
        if ($account > 0) {
            $bankacc = $account;
        }
        writetrans($loan_account, $bankacc, $archdate, $refnum, $loanamt, "Loan granted to employee {$myEmp['fnames']} {$myEmp['sname']}.");
        if ($accid > 0) {
            banktrans($accid, "withdrawal", $archdate, "{$myEmp['fnames']} {$myEmp['sname']}", "Loan granted to employee {$myEmp['fnames']} {$myEmp['sname']}.", 0, $loanamt, $loan_account);
        }
        # write to db
        $sql = "\n\t\t\tUPDATE cubit.employees \n\t\t\tSET loanamt = '{$totamount}', loanint = '{$loanint}', loanint_amt = '{$loanint_amt}', loanint_unpaid = '{$loanint_amt}', \n\t\t\t\tloanperiod = '{$loanperiod}', loaninstall = '{$loaninstall}', gotloan = 't'::bool, loanpayslip = '{$loanamt}', \n\t\t\t\tloanfringe = '{$fringebenefit}', loandate = '{$archdate}', expacc_loan = '{$loan_account}', \n\t\t\t\tloanamt_tot = '{$totamount}', loanid = '{$loanaid}' \n\t\t\tWHERE empnum = '{$empnum}' AND div = '" . USER_DIV . "'";
        $loanRslt = db_exec($sql) or errDie("Unable to add loan to system.", SELF);
        if (pg_cmdtuples($loanRslt) < 1) {
            return "Unable to add loan to system.";
        }
    }
    pglib_transaction("COMMIT");
    $OUT = "<table " . TMPL_tblDflts . ">";
    if (isset($deny)) {
        $OUT .= "\n\t\t\t<tr>\n\t\t\t\t<th>Loan Denied And Request Archived.</th>\n\t\t\t</tr>";
    } else {
        $OUT .= "\n\t\t\t<tr>\n\t\t\t\t<th>Loan Granted And Added To System</th>\n\t\t\t</tr>";
    }
    $OUT .= "\n\t\t<tr class='datacell'>\n\t\t\t<td>Loan information successfully updated.</td>\n\t\t</tr>\n\t\t" . TBL_BR;
    if (!isset($deny)) {
        $OUT .= "\n\t\t\t<tr>\n\t\t\t\t<td><input type='button' onclick=\"document.location='../reporting/loan_approval.php?id={$loanaid}'\" value='Generate Approval Report'></td>\n\t\t\t</tr>";
    }
    $OUT .= "\n\t\t</table><br>" . mkQuickLinks(ql("loan_apply.php", "Add Loan Application"), ql("loan_apply_view.php", "View Loan Applications"), ql("../admin-employee-add.php", "Add Employee"), ql("../admin-employee-view.php", "View Employees"));
    return $OUT;
}
function write_req($_POST)
{
    global $_SESSION;
    # get vars
    extract($_POST);
    $user = $_SESSION["USER_NAME"];
    # validate input
    require_lib("validate");
    $v = new validate();
    if (!isset($to)) {
        $v->addError("", "No user specified");
    } else {
        foreach ($to as $arr => $arrval) {
            $v->isOk($arrval, "string", 1, 200, "Invalid recipient: {$arrval}");
        }
    }
    //	$v->isOk ($des,"string", 1,200, "Invalid message.");
    $v->isOk($des, "text", 1, 200, "Invalid message.");
    $v->isOk($user, "string", 1, 200, "Invalid user.");
    # display errors, if any
    if ($v->isError()) {
        $confirmCust = "";
        $errors = $v->getErrors();
        foreach ($errors as $e) {
            $confirmCust .= "<li class='err'>" . $e["msg"] . "</li>";
        }
        return $confirmCust . get_req();
    }
    db_conn('cubit');
    // if should send to all, clear the $to list, and add all users
    // it is cleared just incase sum1 selected All option together with another one
    // since this could cause the same message sent to the same users twice!!!!
    if (in_array("_ALL_", $to)) {
        $to = "";
        $rslt = db_exec("SELECT username FROM users");
        // if users found
        if (pg_num_rows($rslt) > 0) {
            while ($row = pg_fetch_array($rslt)) {
                $to[] = $row["username"];
            }
        }
    }
    # write to db
    // create the list of users the messages should get sent to
    $msg_results = "";
    foreach ($to as $arr => $arrval) {
        $Sql = "\n\t\t\tINSERT INTO req (\n\t\t\t\tsender, recipient, message, timesent, viewed\n\t\t\t) VALUES (\n\t\t\t\t'{$user}', '{$arrval}', '{$des}', CURRENT_TIMESTAMP, 0\n\t\t\t)";
        $Rslt = db_exec($Sql) or errDie("Unable to add to database.", SELF);
        if (pg_cmdtuples($Rslt) < 1) {
            return "Unable to access database.";
        } else {
            // if it isn't noticed that person has new messages, notify him
            $rslt = db_exec("SELECT * from req_new WHERE for_user='{$arrval}' ");
            if (pg_num_rows($rslt) == 0) {
                db_exec("INSERT INTO req_new VALUES('{$arrval}')");
            }
            $msg_results .= "<tr class='datacell'><td>Your message has been sent to {$arrval}</td></tr>";
        }
    }
    $write_req = "\n\t\t<table cellpadding='2' cellspacing='0' class='shtable'>\n\t\t\t<tr>\n\t\t\t\t<th>Message proccessed</th>\n\t\t\t</tr>\n\t\t\t<tr class='even'>\n\t\t\t\t<td>{$msg_results}</td>\n\t\t\t</tr>\n\t\t</table>\n\t\t<p>\n\t\t<table cellpadding='2' cellspacing='0' class='shtable'>\n\t\t\t<tr>\n\t\t\t\t<th>Quick Links</th>\n\t\t\t</tr>\n\t\t\t<tr class='odd'>\n\t\t\t\t<td><a href='" . SELF . "'>Send another message</a></td>\n\t\t\t</tr>\n\t\t\t<tr class='odd'>\n\t\t\t\t<td><a href='view_req.php'>View Messages</a></td>\n\t\t\t</tr>\n\t\t</table>";
    return $write_req;
}
function receiveMessages()
{
    $OUTPUT = "";
    // retrieve all accounts this user has access to
    $sql = "SELECT account_id, account_name, server_host, server_user, server_pass, leave_msgs\r\n\t\t\tFROM mail_accounts\r\n\t\t\tWHERE ( username = '" . USER_NAME . "' OR \"public\" = '1' ) AND active = '1'\r\n\r\n\t\tUNION\r\n\t\tSELECT mail_accounts.account_id, account_name, server_host, server_user, server_pass, leave_msgs\r\n\t\t\tFROM mail_accounts,mail_priv_accounts\r\n\t\t\tWHERE ( mail_accounts.account_id = mail_priv_accounts.account_id\r\n\t\t\t\tAND priv_owner = '" . USER_NAME . "' ) AND active = '1'";
    $rslt = db_exec($sql);
    // go through each account and retrieve the messages
    $pop =& new clsPOPMail();
    $msg =& new clsMailMsg();
    if (pg_num_rows($rslt) <= 0) {
        $OUTPUT .= "No active accounts found.";
    } else {
        while ($account = pg_fetch_array($rslt)) {
            $accid = $account["account_id"];
            $accname = $account["account_name"];
            $host = $account["server_host"];
            $port = 110;
            $user = $account["server_user"];
            $pass = $account["server_pass"];
            $leave_msgs = $account["leave_msgs"];
            // if the retrieveMessages returned true, it means an error has been found.
            // Print and continue with next server.
            if ($connection = $pop->retrieveMessages($host, $port, $user, $pass, $leave_msgs)) {
                $OUTPUT .= "({$accname}) {$connection}<br>";
                continue;
            }
            // get each received message, pass to processor, and store in database
            $msgcount = 0;
            while ($buf = $pop->enumGetMessage()) {
                // get the data to be inserted
                if ($msg->processMessage($buf) == FALSE) {
                    continue;
                }
                $type_id = getMsgType($msg->type);
                // data and header is base64_encoded so weird characters can also be stored
                $data = base64_encode($buf);
                // insert body into Cubit
                if (!pglib_transaction("BEGIN")) {
                    continue;
                }
                $rslt = db_exec("INSERT INTO mail_msgbodies (type_id, data)\r\n\t\t\t\t\tVALUES( {$type_id}, '{$data}' )");
                if (pg_cmdtuples($rslt) <= 0) {
                    continue;
                }
                $msgbody_id = pglib_lastid("mail_msgbodies", "msgbody_id");
                if (!pglib_transaction("COMMIT")) {
                    continue;
                }
                // get the folder this message should be inserted into
                $rslt = db_exec("SELECT fid_inbox FROM mail_account_settings WHERE account_id={$accid}");
                if (pg_num_rows($rslt) > 0) {
                    $infolder = pg_fetch_result($rslt, 0, 0);
                } else {
                    $infolder = 0;
                }
                // move to no folder, but store, this way all is not lost
                // check if the user even MAY add to this folder (account of folder they have
                // privileges to, folder.username = their's, they have privileges to this folder
                // it is a public folder, public account
                $sql = "\r\n\t\t\t\tSELECT 1 FROM mail_folders WHERE folder_id = {$infolder}\r\n\t\t\t\t\tAND (\"public\" = '1' OR username='" . USER_NAME . "')\r\n\t\t\t\tUNION\r\n\t\t\t\tSELECT 1 FROM mail_accounts, mail_folders WHERE folder_id = {$infolder}\r\n\t\t\t\t\tAND mail_accounts.account_id=mail_folders.account_id\r\n\t\t\t\t\tAND (mail_accounts.username = '" . USER_NAME . "' OR mail_accounts.\"public\" = '1')\r\n\t\t\t\tUNION\r\n\t\t\t\tSELECT 1 FROM mail_priv_accounts, mail_folders WHERE folder_id = {$infolder}\r\n\t\t\t\t\tAND mail_priv_accounts.account_id = mail_folders.account_id\r\n\t\t\t\t\tAND priv_owner = '" . USER_NAME . "'\r\n\t\t\t\tUNION\r\n\t\t\t\tSELECT 1 FROM mail_priv_folders WHERE folder_id = {$infolder}\r\n\t\t\t\t\tAND priv_owner = '" . USER_NAME . "'";
                $rslt = db_exec($sql);
                if (pg_num_rows($rslt) <= 0) {
                    continue;
                }
                // you may not add to this folder (inbox folder for account);
                // insert the message linked to body
                $sql = " INSERT INTO mail_messages ( account_id, folder_id, subject, add_from, add_to, add_cc,\r\n\t\t\t\t\t\t\tadd_bcc, priority, attachments, msgbody_id, flag, date)\r\n\t\t\t\t\t\tVALUES ( '{$accid}', '{$infolder}', '{$msg->subject}', '{$msg->from}', '{$msg->to}',\r\n\t\t\t\t\t\t\t'{$msg->cc}', '{$msg->bcc}', '1', '0', '{$msgbody_id}', '1', CURRENT_TIMESTAMP)";
                $rslt = db_exec($sql);
                if (pg_cmdtuples($rslt) <= 0) {
                    continue;
                }
                $msgcount++;
            }
            $OUTPUT .= "Received {$msgcount} messages for {$accname}.<br>";
        }
    }
    return $OUTPUT;
}
function write($_POST)
{
    # get vars
    foreach ($_POST as $key => $value) {
        ${$key} = $value;
    }
    # validate input
    require_lib("validate");
    $v = new validate();
    $v->isOk($classname, "string", 1, 255, "Invalid Classification name.");
    $v->isOk($clasid, "num", 1, 50, "Invalid Classification id.");
    # display errors, if any
    if ($v->isError()) {
        $confirmCust = "";
        $errors = $v->getErrors();
        foreach ($errors as $e) {
            $confirmCust .= "<li class=err>" . $e["msg"];
        }
        $confirmCust .= "<p><input type=button onClick='JavaScript:history.back();' value='&laquo; Correct submission'>";
        return $confirmCust;
    }
    # connect to db
    db_connect();
    # write to db
    $sql = "DELETE FROM stockclass WHERE clasid = '{$clasid}' AND div = '" . USER_DIV . "'";
    $clasRslt = db_exec($sql) or errDie("Unable to remove classification from system.", SELF);
    if (pg_cmdtuples($clasRslt) < 1) {
        return "<li class=err>Unable to remove classification.";
    }
    $write = "<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width='50%'>\r\n\t<tr><th>Classification Removed</th></tr>\r\n\t<tr class=datacell><td>Classification <b> ({$classcode}) {$classname}</b>, has been removed from Cubit.</td></tr>\r\n\t</table>\r\n\t<p>\r\n\t<table border=0 cellpadding='2' cellspacing='1'>\r\n\t<tr><th>Quick Links</th></tr>\r\n\t<tr class='bg-odd'><td><a href='stockclass-view.php'>View Classifications</a></td></tr>\r\n\t<tr class='bg-odd'><td><a href='main.php'>Main Menu</a></td></tr>\r\n\t</table>";
    return $write;
}
function sendMsg()
{
    global $_GET;
    if (isset($_GET["save"])) {
        return saveMsg($_GET);
    }
    $v =& new validate();
    $OUTPUT = "";
    // restore the variables
    extract($_GET);
    extract($_FILES);
    // check if account is valid
    if (isset($_GET["aid"])) {
        if (!$v->isOk($_GET["aid"], "num", 0, 9, "")) {
            return "Invalid account number specified";
        }
        // check if you may send mail from here
        $sql = "SELECT 1\n\t\t\t FROM mail_accounts WHERE ( username='" . USER_NAME . "' OR \"public\"='1' )\n\t\t\t \tAND enable_smtp = '1' AND account_id='{$aid}'\n\n\t\tUNION\n\t\tSELECT 1\n\t\t\tFROM mail_accounts,mail_priv_accounts\n\t\t\tWHERE mail_accounts.account_id = mail_priv_accounts.account_id AND\n\t\t\tmail_accounts.account_id='{$aid}'\n\t\t\t\tAND priv_owner = '" . USER_NAME . "' AND enable_smtp = '1'";
        $rslt = db_exec($sql);
        if (pg_num_rows($rslt) <= 0) {
            return "You may not send mail from this account<br>";
        }
    } else {
        return "No account specified<br>";
    }
    if ($lead_id) {
        $sql = "SELECT email FROM cubit.cons WHERE id='{$lead_id}'";
        $rslt = db_exec($sql) or errDie("Unable to retrieve email address for contact.");
        $email = pg_fetch_result($rslt, 0);
        $_GET["send_to"] = $email;
    }
    if (!isset($_GET["send_to"])) {
        $send_to = "";
    }
    if (!isset($_GET["send_bcc"])) {
        $send_bcc = "";
    }
    if (!isset($_GET["send_cc"])) {
        $send_cc = "";
    }
    if (!isset($_GET["subject"])) {
        $subject = "";
    }
    if (!isset($_FILES["attachment"])) {
        $attachment = "";
    }
    if (!isset($_GET["body"])) {
        $body = "";
    }
    $v->resetErrors();
    // $v->isOK($send_to, "email", 1, 255, "Invalid recipient.");
    //if ( strlen($send_to) <= 0 ) $v->addError("", "Invalid recipient");
    // $v->isOK($send_cc, "email", 0, 255, "Invalid cc recipient.");
    // $v->isOK($send_bcc, "email", 0, 255, "Invalid bcc recipient.");
    //if ( ! $v->isOK($bodydata, "string", 1, 255, "Invalid text in body.") ) {
    //	$_GET["body"] = htmlspecialchars($body); // makes sure we dont get cross site scripting
    //}
    // ok now print errors if any
    if ($v->isError()) {
        $errs = $v->getErrors();
        foreach ($errs as $arr => $errval) {
            $OUTPUT .= "{$errval['msg']}<br>";
        }
        $OUTPUT .= writeMsg();
        return $OUTPUT;
    }
    $bodydata = "<html>{$bodydata}</html>";
    // get the smtp data
    $rslt = db_exec("SELECT smtp_from, smtp_reply, signature, smtp_host, smtp_auth, smtp_user, smtp_pass\n\t\t\t\t\tFROM mail_accounts WHERE account_id={$_GET['aid']}");
    $smtp_data = pg_fetch_array($rslt);
    // build msg body
    $body = "{$body}\n\n{$smtp_data['signature']}";
    // determine whether or not here is an attachment
    $has_attachment = is_uploaded_file($attachment["tmp_name"]);
    // modify message and create content_type header depending on whether or not an attachment was posted
    if ($has_attachment == FALSE) {
        $msgtype = $content_type = "text/html";
        $transfer_encoding = "8bit";
    } else {
        // has attachment
        $msgtype = $content_type = "multipart/mixed";
        // create the main body
        $body_text = "Content-Type: text/html; charset=US-ASCII\n";
        $body_text .= "Content-Transfer-Encoding: base64\n";
        $body_text .= "\n" . chunk_split(base64_encode($bodydata));
        // get the attachment data
        if (($fd = fopen($attachment["tmp_name"], "r")) == TRUE) {
            $attachment_data = "";
            while (!feof($fd)) {
                $attachment_data .= fgets($fd, 4096);
            }
            fclose($fd);
            // delete the temporary file
            unlink($attachment["tmp_name"]);
            $attachment_data = chunk_split(base64_encode($attachment_data));
            $attachment_headers = "Content-Type: {$attachment['type']}; name=\"{$attachment['name']}\"\n";
            $attachment_headers .= "Content-Transfer-Encoding: base64\n";
            $attachment_headers .= "Content-Disposition: attachment; filename=\"{$attachment['name']}\"\n";
            $attachment_data = "{$attachment_headers}\n{$attachment_data}";
        } else {
            // error opening the attachment file
            $attachment_data = "";
        }
        // generate a unique boundary ( md5 of filename + ":=" + filesize )
        $boundary = md5($attachment["name"]) . "=:" . $attachment["size"];
        $content_type .= "; boundary=\"{$boundary}\"";
        // put together the body
        $bodydata = "\n--{$boundary}\n{$body_text}\n\n--{$boundary}\n{$attachment_data}\n\n--{$boundary}--\n";
    }
    // generate the msg id
    list($buf, $domain) = explode("@", $smtp_data["smtp_from"]);
    // build headers
    $headers[] = "From: {$smtp_data['smtp_from']}";
    $headers[] = "To: {$send_to}";
    $headers[] = "Date: " . date("Y-m-d");
    $headers[] = "Reply-To: {$smtp_data['smtp_reply']}";
    $headers[] = "X-Mailer: Cubit Mail";
    $headers[] = "Return-Path: {$smtp_data['smtp_reply']}";
    $headers[] = "Message-ID: <" . date("YmdHi") . "." . md5($bodydata) . "@{$domain}>";
    $headers[] = "MIME-Version: 1.0";
    $headers[] = "Content-Type: {$content_type}; charset=US-ASCII";
    $headers[] = "cc: {$send_cc}";
    $headers[] = "bcc: {$send_bcc}";
    // create the header variable (it is done this way, to make management of headers easier, since there
    // may be no tabs and unnecesary whitespace in mail headers)
    //$headers[] = "\n"; // add another new line to finish the headers
    $headers = implode("\n", $headers);
    // send the message
    $sendmail =& new clsSMTPMail();
    $OUTPUT = $sendmail->sendMessages($smtp_data["smtp_host"], 25, $smtp_data["smtp_auth"], $smtp_data["smtp_user"], $smtp_data["smtp_pass"], $send_to, $smtp_data["smtp_from"], $subject, $bodydata, $headers);
    if ($sendmail->bool_success) {
        $account_id = "{$_GET['aid']}";
        $type_id = getMsgType($msgtype);
        // data and header is base64_encoded so weird characters can also be stored
        $buf = "{$headers}\n\n{$bodydata}";
        $data = chunk_split(base64_encode($buf));
        db_conn("cubit");
        // insert body into Cubit
        if (!pglib_transaction("BEGIN")) {
            continue;
        }
        $rslt = db_exec("INSERT INTO mail_msgbodies (type_id, data)\n\t\t\tVALUES( {$type_id}, '{$data}' )");
        if (pg_cmdtuples($rslt) <= 0) {
            continue;
        }
        $msgbody_id = pglib_lastid("mail_msgbodies", "msgbody_id");
        pglib_transaction("COMMIT");
        // get the folder this message should be inserted into
        $rslt = db_exec("\n\t\t\tSELECT fid_sent FROM mail_account_settings\n\t\t\tWHERE account_id='{$account_id}'");
        if (pg_num_rows($rslt) > 0) {
            $infolder = pg_fetch_result($rslt, 0, 0);
        } else {
            $infolder = 0;
        }
        // move to no folder, but store, this way all is not lost
        // insert the message linked to body
        $sql = "\n\t\tINSERT INTO mail_messages (account_id, folder_id, subject,\n\t\t\tadd_from, add_to, add_cc, add_bcc, priority, attachments, msgbody_id,\n\t\t\tflag, date)\n\t\tVALUES ('{$account_id}', '{$infolder}', '{$subject}', '{$smtp_data['smtp_from']}',\n\t\t\t'{$send_to}', '{$send_cc}', '{$send_bcc}', '1',\n\t\t\t'" . ($has_attachment ? "1" : "0") . "', '{$msgbody_id}',\t'1', CURRENT_TIMESTAMP)";
        $rslt = db_exec($sql) or errDie("Error saving message in Sent Items.");
        $message_id = pglib_lastid("mail_messages", "message_id");
    }
    /*if ( mail($send_to, $subject, $body, $headers) == TRUE )
    		$OUTPUT = "Successfully sent mail to $send_to.<br>";
    	else
    		$OUTPUT = "Error sending mail.<br>";*/
    return writeMsg($OUTPUT);
}
function write($_POST)
{
    # get vars
    extract($_POST);
    # validate input
    require_lib("validate");
    $v = new validate();
    $v->isOk($calloutp, "string", 1, 255, "Invalid Call Out Person name.");
    $v->isOk($telno, "string", 1, 255, "Invalid Call Out Person Contact Number.");
    # display errors, if any
    if ($v->isError()) {
        $confirmCust = "";
        $errors = $v->getErrors();
        foreach ($errors as $e) {
            $confirmCust .= "<li class=err>" . $e["msg"];
        }
        $confirmCust .= "<p><input type=button onClick='JavaScript:history.back();' value='&laquo; Correct submission'>";
        return $confirmCust;
    }
    # connect to db
    db_conn("exten");
    # write to db
    $sql = "INSERT INTO calloutpeople(calloutp,telno,div) VALUES ('{$calloutp}','{$telno}','" . USER_DIV . "')";
    $salespRslt = db_exec($sql) or errDie("Unable to add warehouse to system.", SELF);
    if (pg_cmdtuples($salespRslt) < 1) {
        return "<li class=err>Unable to add Call Out Person to database.";
    }
    $write = "\r\n\t\t<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width='50%'>\r\n\t\t\t<tr><th>Call Out Person added to system</th></tr>\r\n\t\t\t<tr class=datacell><td>New Call Out Person <b>{$calloutp}</b>, has been successfully added to the system.</td></tr>\r\n\t\t</table>\r\n\t\t<p>\r\n\t\t<table border=0 cellpadding='2' cellspacing='1'>\r\n\t\t\t<tr><th>Quick Links</th></tr>\r\n\t\t\t<tr class='bg-odd'><td><a href='calloutp-view.php'>View Call Out People</a></td></tr>\r\n\t\t\t<tr class='bg-odd'><td><a href='../callout-new.php'>New Call Out Document</a></td></tr>\r\n\t\t\t<tr class='bg-odd'><td><a href='../main.php'>Main Menu</a></td></tr>\r\n\t\t</table>";
    return $write;
}
function write($_POST)
{
    # Get vars
    global $DOCLIB_DOCTYPES;
    foreach ($_POST as $key => $value) {
        ${$key} = $value;
    }
    # Validate input
    require_lib("validate");
    $v = new validate();
    $v->isOk($docid, "string", 1, 20, "Invalid document number.");
    $v->isOk($typeid, "string", 1, 20, "Invalid type code.");
    if (isset($xin)) {
        $v->isOk($xin, "num", 1, 20, "Invalid {$DOCLIB_DOCTYPES[$typeid]} number.");
    }
    $v->isOk($docname, "string", 1, 255, "Invalid Document name.");
    $v->isOk($docref, "string", 0, 255, "Invalid Document reference.");
    $date = $year . "-" . $mon . "-" . $day;
    if (!checkdate($mon, $day, $year)) {
        $v->isOk($date, "num", 1, 1, "Invalid date.");
    }
    $v->isOk($descrip, "string", 0, 255, "Invalid Document Description.");
    # Display errors, if any
    if ($v->isError()) {
        $confirmCust = "";
        $errors = $v->getErrors();
        foreach ($errors as $e) {
            $confirmCust .= "<li class=err>" . $e["msg"];
        }
        $confirmCust .= "<p><input type=button onClick='JavaScript:history.back();' value='&laquo; Correct submission'>";
        return $confirmCust;
    }
    if (!isset($xin)) {
        $typRs = get("yr2", "*", "doctypes", "typeid", $typeid);
        $typ = pg_fetch_array($typRs);
        $typename = $typ['typename'];
        $xin = 0;
    } else {
        $typename = $DOCLIB_DOCTYPES[$typeid];
    }
    # Connect to db
    db_conn("yr2");
    # Write to db
    $sql = "UPDATE documents SET typeid = '{$typeid}', docref = '{$docref}', docname = '{$docname}', typename = '{$typename}', xin = '{$xin}', docdate = '{$date}', descrip = '{$descrip}' WHERE docid = '{$docid}' AND div = '" . USER_DIV . "'";
    $docRslt = db_exec($sql) or errDie("Unable to edit {$docname}.", SELF);
    if (pg_cmdtuples($docRslt) < 1) {
        return "<li class=err>Unable to edit {$docname} to database.";
    }
    $write = "<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width='50%'>\r\n\t\t<tr><th>Document edited</th></tr>\r\n\t\t<tr class=datacell><td>Document <b>{$docname}</b>, has been successfully edited to the system.</td></tr>\r\n\t</table>";
    return $write;
}
function write($_POST)
{
    extract($_POST);
    db_conn('cubit');
    $Sl = "SELECT * FROM import_data";
    $Rt = db_exec($Sl);
    $i = 0;
    $odate = date("Y-m-d");
    if (!isset($department) or strlen($department) < 1) {
        $department = "2";
    }
    while ($fd = pg_fetch_array($Rt)) {
        //$out.="<tr class='".bg_class()."'><td>$fd[des1]</td><td>$fd[des2]</td><td>$fd[des3]</td></tr>";
        $i++;
        db_conn('cubit');
        # Write to db
        $sql = "\n\t\t\tINSERT INTO suppliers (\n\t\t\t\tdeptid, supno, supname, location, fcid, \n\t\t\t\tcurrency, vatnum, supaddr, contname, tel, \n\t\t\t\tfax, email, url, listid, bankname, \n\t\t\t\tbranname, brancode, bankaccno, balance, fbalance, \n\t\t\t\tdiv, lead_source\n\t\t\t) VALUES (\n\t\t\t\t'{$department}', '{$fd['des1']}', '{$fd['des2']}', 'loc', '2', \n\t\t\t\t'R', '{$fd['des4']}', '{$fd['des3']}', '{$fd['des5']}', '{$fd['des6']}', \n\t\t\t\t'{$fd['des7']}', '', '{$fd['des8']}', '2', '', \n\t\t\t\t'', '', '', 0, 0, \n\t\t\t\t'" . USER_DIV . "', ''\n\t\t\t)";
        $supRslt = db_exec($sql) or errDie("Unable to add supplier to the system.", SELF);
        if (pg_cmdtuples($supRslt) < 1) {
            return "<li class='err'>Unable to add supplier to database.</li>";
        }
        if (($supp_id = pglib_lastid("suppliers", "supid")) == 0) {
            return "<li class='err'>Unable to add supplier to contact list.</li>";
        }
        $Date = date("Y-m-d");
        db_conn('audit');
        $Sl = "SELECT * FROM closedprd ORDER BY id";
        $Ri = db_exec($Sl);
        while ($pd = pg_fetch_array($Ri)) {
            db_conn($pd['prdnum']);
            $Sl = "\n\t\t\t\tINSERT INTO suppledger (\n\t\t\t\t\tsupid, contra, edate, sdate, eref, descript, \n\t\t\t\t\tcredit, debit, div, dbalance, cbalance\n\t\t\t\t) VALUES (\n\t\t\t\t\t'{$supp_id}', '0', '{$Date}', '{$Date}', '0', 'Balance', \n\t\t\t\t\t'0', '0', '" . USER_DIV . "', '0', '0'\n\t\t\t\t)";
            $Rj = db_exec($Sl) or errDie("Unable to insert cust balances");
        }
    }
    $out = "Done";
    return $out;
}
Example #23
0
 function pg_affected_rows($resource)
 {
     return pg_cmdtuples($resource);
 }
function write($_POST)
{
    # get vars
    extract($_POST);
    # validate input
    require_lib("validate");
    $v = new validate();
    $v->isOk($calloutpid, "num", 1, 50, "Invalid Call Out Person id.");
    # display errors, if any
    if ($v->isError()) {
        $confirmCust = "";
        $errors = $v->getErrors();
        foreach ($errors as $e) {
            $confirmCust .= "<li class=err>" . $e["msg"];
        }
        $confirmCust .= "<p><input type=button onClick='JavaScript:history.back();' value='&laquo; Correct submission'>";
        return $confirmCust;
    }
    # connect to db
    db_conn("exten");
    # write to db
    $sql = "DELETE FROM calloutpeople WHERE calloutpid = '{$calloutpid}' AND div = '" . USER_DIV . "'";
    $calloutpRslt = db_exec($sql) or errDie("Unable to remove Sales Person from system.", SELF);
    if (pg_cmdtuples($calloutpRslt) < 1) {
        return "<li class=err>Unable to remove Call Out Person from database.";
    }
    $write = "\r\n\t\t\t<table border='0' cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width='50%'>\r\n\t\t\t<tr><th>Call Out Person Removed</th></tr>\r\n\t\t\t\t<tr class=datacell><td>Call Out Person <b>{$calloutp}</b>, has been removed.</td></tr>\r\n\t\t\t</table>\r\n\t\t\t<p>\r\n\t\t\t<table border='0' cellpadding='2' cellspacing='1'>\r\n\t\t\t\t<tr><th>Quick Links</th></tr>\r\n\t\t\t\t<tr class='bg-odd'><td><a href='calloutp-view.php'>View Call Out Persons</a></td></tr>\r\n\t\t\t\t<tr class='bg-odd'><td><a href='../main.php'>Main Menu</a></td></tr>\r\n\t\t\t</table>";
    return $write;
}
 function _affectedrows()
 {
     if (!is_resource($this->_resultid)) {
         return false;
     }
     return pg_cmdtuples($this->_resultid);
 }
Example #26
0
 function _affectedrows()
 {
     return pg_cmdtuples($this->_resultid);
 }
Example #27
0
function deleteFolder()
{
    global $_GET, $_SESSION;
    global $user_admin;
    $OUTPUT = "";
    if (isset($_GET["key"]) && isset($_GET["id"])) {
        $id = $_GET["id"];
        $key = $_GET["key"];
        // first make sure it is this person's contact, or that the user is root
        if (!$user_admin) {
            $rslt = db_exec("SELECT * FROM foladd WHERE id='{$id}' AND\r\n\t\t\t\t( by='{$_SESSION['USER_NAME']}' )");
            if (pg_num_rows($rslt) <= 0) {
                return "You are not allowed to delete this folder entry!";
            }
        }
        //two butons
        // check if a confirmation or deletion should occur (confirm_delete let's the cofirmation display)
        if ($key == "confirm_delete") {
            $Sl = "SELECT * FROM foladd WHERE id='{$id}'";
            $Ri = db_exec($Sl) or errDie("Unable to get folder details.");
            $cdata = pg_fetch_array($Ri);
            $OUTPUT .= "<font size=2><b>Are you sure you want to delete this folder:</b></font><br>";
            $OUTPUT .= viewFolder();
            $OUTPUT .= "\r\n\t\t\t\t<table><tr><td align=center>\r\n\t\t\t\t\t<form method=post action='" . SELF . "'>\r\n\t\t\t\t\t\t<input type=hidden name=key value='delete'>\r\n\t\t\t\t\t\t<input type=hidden name=id value='{$id}'>\r\n\t\t\t\t\t\t<input type=submit value=yes>\r\n\t\t\t\t\t\t\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</td></tr></table>";
        } else {
            if ($key == "delete") {
                // delete it !!!!!!!
                $Ri = db_exec("DELETE FROM foladd WHERE id='{$id}' ");
                if (pg_cmdtuples($Ri) <= 0) {
                    $OUTPUT .= "Error Deleting Entry<br> Please check that it exists, else contact Cubit<br>";
                } else {
                    $OUTPUT .= "<script> window.opener.parent.mainframe.location.reload(); window.close(); </script>";
                }
            }
        }
    } else {
        $OUTPUT .= "<script> window.opener.parent.mainframe.location.reload(); window.close(); </script>";
    }
    $link = "<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "'>\r\n\t\r\n\t<tr><th>Quick Links</th></tr>\r\n\t<tr class='bg-odd'><td><a href='docman-index.php'>Document Management</a></td></tr>";
    print $link;
    return $OUTPUT;
}
function write($_POST)
{
    # get vars
    foreach ($_POST as $key => $value) {
        ${$key} = $value;
    }
    # validate input
    require_lib("validate");
    $v = new validate();
    $v->isOk($deptno, "num", 1, 10, "Invalid Department number.");
    $v->isOk($deptname, "string", 1, 255, "Invalid Department name.");
    $v->isOk($incacc, "num", 1, 20, "Invalid Account number.");
    $v->isOk($debtacc, "num", 1, 20, "Invalid Account number.");
    $v->isOk($credacc, "num", 1, 20, "Invalid Account number.");
    $v->isOk($pia, "num", 1, 20, "Invalid Account number.");
    $v->isOk($pca, "num", 1, 20, "Invalid Account number.");
    # display errors, if any
    if ($v->isError()) {
        $confirmCust = "";
        $errors = $v->getErrors();
        foreach ($errors as $e) {
            $confirmCust .= "<li class=err>" . $e["msg"];
        }
        $confirmCust .= "<p><input type=button onClick='JavaScript:history.back();' value='&laquo; Correct submission'>";
        return $confirmCust;
    }
    # connect to db
    db_conn("exten");
    # write to db
    $sql = "INSERT INTO departments(deptno, deptname, incacc, debtacc, credacc, pia, pca, div) VALUES ('{$deptno}', '{$deptname}', '{$incacc}', '{$debtacc}', '{$credacc}', '{$pia}', '{$pca}', '" . USER_DIV . "')";
    $deptRslt = db_exec($sql) or errDie("Unable to add deparment to system.", SELF);
    if (pg_cmdtuples($deptRslt) < 1) {
        return "<li class=err>Unable to add deparment to database.";
    }
    $write = "<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width='50%'>\r\n\t<tr><th>Department added to system</th></tr>\r\n\t<tr class=datacell><td>New Department <b>{$deptname}</b>, has been successfully added to the system.</td></tr>\r\n\t</table>\r\n\t<p>\r\n\t<table border=0 cellpadding='2' cellspacing='1'>\r\n\t<tr><th>Quick Links</th></tr>\r\n\t<tr class='bg-odd'><td><a href='dept-view.php'>View Departments</a></td></tr>\r\n\t<tr class='bg-odd'><td><a href='../core/acc-new2.php'>Add Account</a></td></tr>\r\n\t<tr class='bg-odd'><td><a href='../main.php'>Main Menu</a></td></tr>\r\n\t</table>";
    return $write;
}
 function _affectedrows()
 {
     if (!is_resource($this->_resultid) || get_resource_type($this->_resultid) !== 'pgsql result') {
         return false;
     }
     return pg_cmdtuples($this->_resultid);
 }
Example #30
0
File: db.php Project: jnaxo/bd13
 function numAffected()
 {
     if ($this->result == null) {
         return 0;
     } else {
         return pg_cmdtuples($this->result);
     }
 }