function updatecsc($_POST)
{
extract($_POST);
$cat += 0;
$listcat += 0;
$qteam += 0;
# validate input
require_lib("validate");
$v = new validate();
$v->isOk($id, "num", 1, 9, "Invalid Query ID.");
$v->isOk($sub, "string", 1, 300, "Invalid subject.");
$v->isOk($notes, "string", 0, 500, "Invalid notes.");
$v->isOk($name, "string", 1, 300, "Invalid name.");
$v->isOk($con, "string", 0, 300, "Invalid contact.");
$v->isOk($tel, "string", 0, 300, "Invalid tel.");
$v->isOk($cel, "string", 0, 300, "Invalid cell.");
$v->isOk($fax, "string", 0, 300, "Invalid fax.");
$v->isOk($email, "email", 0, 300, "Invalid email.");
$v->isOk($address, "string", 0, 300, "Invalid address.");
$v->isOk($oaction, "string", 0, 100, "Invalid action .");
$v->isOk($action, "string", 0, 100, "Invalid action.");
# display errors, if any
if ($v->isError()) {
$confirm = "";
$errors = $v->getErrors();
foreach ($errors as $e) {
$confirm .= "<li class=err>" . $e["msg"];
}
return manage($_POST, $confirm . "</li>");
}
$date = date("Y-m-d");
db_conn('crm');
$Sl = "SELECT * FROM tokens WHERE id='{$id}'";
$Ry = db_exec($Sl) or errDie("Unable to get query information from system.");
if (pg_numrows($Ry) < 1) {
return manage($_POST, "<li class=err>Invalid query</li>");
}
$tokendata = pg_fetch_array($Ry);
$Sl = "SELECT * FROM crms WHERE userid='" . USER_ID . "'";
$Ri = db_exec($Sl) or errDie("Unable to get data.");
$cdata = pg_fetch_array($Ri);
$teams = explode("|", $cdata['teams']);
if (!in_array($tokendata['teamid'], $teams)) {
return "The query number you typed in does not belong to your team." . seltoken();
}
$Sl = "SELECT * FROM tcats WHERE id='{$cat}'";
$Ry = db_exec($Sl) or errDie("Unable to get cat from system.");
if (pg_numrows($Ry) < 1) {
return "Invalid cat.";
}
$catdata = pg_fetch_array($Ry);
$catname = $catdata['name'];
$Sl = "UPDATE tokens SET name='{$name}',con='{$con}',tel='{$tel}',cell='{$cel}',fax='{$fax}',email='{$email}',address='{$address}',cat='{$catname}',catid='{$cat}',\r\n\tsub='{$sub}',notes='{$notes}',lastuser='******',lastdate='{$date}',teamid='{$qteam}' WHERE id='{$id}'";
$Ry = db_exec($Sl) or errDie("Unable to update query information.");
$Sl = "UPDATE crms SET listcat='{$listcat}' WHERE userid='" . USER_ID . "'";
$Ry = db_exec($Sl) or errDie("Unable to update crm.");
$time = date("H:i:s");
if (strlen($oaction) > 0) {
$Sl = "INSERT INTO token_actions(token,action,donedate,donetime,doneby,donebyid)\r\n\t\tVALUES ('{$id}','{$oaction}','{$date}','{$time}','" . USER_NAME . "','" . USER_ID . "')";
$Ry = db_exec($Sl) or errDie("Unable to insert record.");
}
if ($action != "0") {
$Sl = "INSERT INTO token_actions(token,action,donedate,donetime,doneby,donebyid)\r\n\t\tVALUES ('{$id}','{$action}','{$date}','{$time}','" . USER_NAME . "','" . USER_ID . "')";
$Ry = db_exec($Sl) or errDie("Unable to insert record.");
}
if (isset($closetoken)) {
header("Location: tokens-close.php?id={$id}");
exit;
}
db_conn('crm');
if (isset($search)) {
$find += 0;
$Sl = "SELECT * FROM tokens WHERE id='{$find}'";
$Ry = db_exec($Sl) or errDie("Unable to find query.");
if (pg_numrows($Ry) < 1) {
return manage($_POST, "<li class=err>Query number: '{$find}' cannnot be found</li>");
}
header("Location: tokens-manage.php?id={$find}");
exit;
}
header("Location: tokens-manage.php?id={$id}");
exit;
return manage($_POST, "<li>Query information updated.</li>");
}
function find($_POST)
{
extract($_POST);
$id += 0;
db_conn('crm');
$Sl = "SELECT * FROM closedtokens WHERE tid='{$id}'";
$Ry = db_exec($Sl) or errDie("Unable to get query from system.");
if (pg_numrows($Ry) < 1) {
return seltoken();
}
$data = pg_fetch_array($Ry);
$id = $data['id'];
header("Location: tokens-closed-details.php?id={$id}");
exit;
}
