Example #1
0
    } elseif ($_GET["status"] == "Proofed") {
        $fieldnames[] = "card";
        $newvalues[] = 'Proofed';
        queryLog($fieldnames, $newvalues, $_table, $_field, $_GET["propID"], "Update");
        header("Location:" . urldecode($searchLink));
    } elseif ($_GET["status"] == "Insufficient") {
        $fieldnames[] = "card";
        $newvalues[] = 'Insufficient Images';
        queryLog($fieldnames, $newvalues, $_table, $_field, $_GET["propID"], "Update");
        header("Location:" . urldecode($searchLink));
    } elseif ($_GET["status"] == "Mistakes") {
        $fieldnames[] = "card";
        $newvalues[] = 'Mistakes';
        $fieldnames[] = "card_notes";
        $newvalues[] = $_GET["card_notes"];
        queryLog($fieldnames, $newvalues, $_table, $_field, $_GET["propID"], "Update");
        header("Location:" . urldecode($searchLink));
    }
} elseif ($_GET["action"] == "Search") {
    $strPageLink = "?action=Search";
    $sql = "SELECT * FROM property, area, state_of_trade, proptype, branch WHERE ";
    if ($_GET["Keyword"]) {
        $sqlKeyword = " ( ";
        $arrayKeyword = explode(",", $_GET["Keyword"]);
        for ($i = 0; $i < count($arrayKeyword); $i++) {
            $sqlKeyword .= " property.prop_ID LIKE '%" . trim($arrayKeyword[$i]) . "%' OR property.Address1 LIKE '%" . trim($arrayKeyword[$i]) . "%' OR property.house_number LIKE '%" . trim($arrayKeyword[$i]) . "%' OR property.postcode LIKE '%" . $arrayKeyword[$i] . "%' OR area.area_title LIKE '%" . $arrayKeyword[$i] . "%' OR ";
        }
        $sqlKeyword = substr($sqlKeyword, 0, -3);
        $sqlKeyword .= " ) AND ";
        $strPageLink .= "&Keyword=" . $_GET["Keyword"];
        $sql .= $sqlKeyword;
Example #2
0
<?php 
} elseif ($_GET["page"] == 3 || $_POST["page"] == 3) {
    if ($_POST["action"] == "update") {
        if ($_POST["not_subject"]) {
            $fieldnames[] = "not_subject";
            $newvalues[] = trim($_POST["not_subject"]);
        }
        if ($_POST["not_subject2"]) {
            $fieldnames[] = "not_subject2";
            $newvalues[] = trim($_POST["not_subject2"]);
        }
        $fieldnames[] = "not_note";
        $newvalues[] = trim($_POST["not_note"]);
        $fieldnames[] = "not_flag";
        $newvalues[] = trim($_POST["not_flag"]);
        queryLog($fieldnames, $newvalues, 'note', 'not_id', $_POST["not_id"], 'Update');
        echo '<p align="center">Changes saved, <a href="?page=3&amp;not_id=' . $_POST["not_id"] . '">click here to continue</a></p>';
        exit;
    } else {
        $sql_not = "SELECT * FROM note WHERE not_id = " . $_GET["not_id"];
        $q_not = $db->query($sql_not);
        if (DB::isError($q_not)) {
            die("error: " . $q_not->getMessage());
        }
        while ($row = $q_not->fetchRow()) {
            $table = $row["not_table"];
            $not_subject = $row["not_subject"];
            $not_subject2 = $row["not_subject2"];
            $not_note = $row["not_note"];
            $not_flag = $row["not_flag"];
        }
Example #3
0
        }
        $BranchSQL = removeCharacter($selected_branches, ",");
        $fieldnames[] = "Branch";
        $newvalues[] = $BranchSQL;
    }
    //$fieldnames[] = "DateModified";
    //$newvalues[] = $dateToday;
    #print_r($fieldnames);
    #echo "<br>";
    #print_r($newvalues);
    if ($errors) {
        echo html_header("Error");
        echo error_message($errors);
        exit;
    }
    queryLog($fieldnames, $newvalues, 'clients', 'Client_ID', $_POST["cli_id"], 'Update');
    #print_r($fieldnames);
    #print_r($newvalues);
    header("Location:?cli_id=" . $_POST["cli_id"] . "&view=" . $_POST["view"] . "&searchLink=" . $_POST["searchLink"] . "&changes=Update+Successful");
} else {
    // form is not submitted
    if (!$_GET["view"]) {
        $_GET["view"] = "contact";
    }
    $cli_id = $_GET["cli_id"];
    // 25782;
    $sql = "SELECT\nclients.*,\nfoundby.*,\nstaff.*,\nCONCAT(staff.Staff_Fname,' ',Staff_Sname) AS Staff_Name\n\nFROM clients\n\nLEFT JOIN foundby ON clients.HeardBy = foundby.FoundBy_ID\nLEFT JOIN staff ON clients.neg = staff.Staff_ID\n\nWHERE clients.Client_ID = {$cli_id}";
    $q = $db->query($sql);
    if (DB::isError($q)) {
        die("error: " . $q->getMessage());
    }
Example #4
0
    } else {
        $fieldnames[] = "service_charge";
        $newvalues[] = trim($_POST["service_charge"]);
    }
    if (!$_POST["other_details"]) {
        //
    } else {
        $fieldnames[] = "other_details";
        $newvalues[] = trim($_POST["other_details"]);
    }
    if ($errors) {
        echo html_header("Error");
        echo error_message($errors);
        exit;
    }
    queryLog($fieldnames, $newvalues, $_table, $_field, $intPropID, $_POST["action"]);
    header("Location:?propID={$intPropID}&view={$view}&searchLink=" . urlencode($searchLink) . "&changes=Update%20Successful");
} elseif ($_POST["action"] == "Insert") {
    if (!$_POST["Branch"]) {
        $errors[] = "Branch is a required field";
    } else {
        $Branch = trim($_POST["Branch"]);
    }
    if (!$_POST["Neg"]) {
        $errors[] = "Negotiator is a required field";
    } else {
        $Neg = trim($_POST["Neg"]);
    }
    if (!$_POST["Address1"]) {
        $errors[] = "Street Name is a required field";
    } else {