if (isset($_REQUEST["PID"])) { $ProposalID = $_REQUEST["PID"]; } if (isset($_POST["ProposalID"])) { $ProposalID = $_POST["ProposalID"]; } if (isset($_POST['Submit'])) { if ($_POST['Submit'] == "Save") { $conn = odbc_connect($ini_array["DSN"], $ini_array["UN"], $ini_array["PWD"]); $sql = "usp_Insert_ProposalInformation " . $_POST["ProposalID"] . ", " . $_POST["JobSiteID"] . ", " . $_POST["PlantMarkup"] . ", " . $_POST["LaborCostPerHour"] . ", '" . sqlsafe($_POST["ProposalName"]) . "', '" . $_POST["DueDate"] . "', '" . $_POST["ShowDetail"] . "'"; $rs = odbc_exec($conn, $sql) or die_well(__FILE__, __LINE__, odbc_errormsg()); odbc_close($conn); } if ($_POST['Submit'] == "Add") { $conn = odbc_connect($ini_array["DSN"], $ini_array["UN"], $ini_array["PWD"]); $sql = "usp_Insert_ProposalDetail " . $_POST["ProposalID"] . ", " . $_POST["WorkItemID"] . ", " . $_POST["Units"] . ", " . $_POST["Cost"] . ", '" . SQLSafe($_POST["Detail"]) . "'"; $rs = odbc_exec($conn, $sql) or die_well(__FILE__, __LINE__, odbc_errormsg()); odbc_close($conn); } //if ($_POST['Submit'] == "Note") { // $conn=odbc_connect($ini_array["DSN"],$ini_array["UN"],$ini_array["PWD"]); // $sql = "usp_Insert_ProposalText ".$_POST["ProposalID"].", '".SQLSafe($_POST["Description"])."'"; // $rs=odbc_exec($conn,$sql) or die_well(__FILE__, __LINE__,odbc_errormsg()); // odbc_close($conn); //} } if (isset($_POST['ProposalDetailID'])) { $conn = odbc_connect($ini_array["DSN"], $ini_array["UN"], $ini_array["PWD"]); $sql = "usp_Delete_ProposalDetail " . $_POST["ProposalDetailID"]; $rs = odbc_exec($conn, $sql) or die_well(__FILE__, __LINE__, odbc_errormsg()); odbc_close($conn);
// Delete a message //------------------------------------------------------------------------------------------------- if ($Action == 10) { $conn = odbc_connect($ini_array["DSN"], $ini_array["UN"], $ini_array["PWD"]); $sql = "usp_Delete_Message " . $_REQUEST["MID"]; $rs = odbc_exec($conn, $sql); LogHistory($Action, $_SESSION["UserID"], 0); odbc_close($conn); $Action = 8; } //------------------------------------------------------------------------------------------------- // Insert a message //------------------------------------------------------------------------------------------------- if ($Action == 11) { $conn = odbc_connect($ini_array["DSN"], $ini_array["UN"], $ini_array["PWD"]); $sql = "usp_Insert_Message " . $_POST["ToUserID"] . ", " . $_SESSION["UserID"] . ", '" . SQLSafe($_POST["Message"]) . "'"; $rs = odbc_exec($conn, $sql); LogHistory($Action, $_SESSION["UserID"], 0); odbc_close($conn); $Action = 8; } if (isset($_REQUEST["TID"])) { $TID = $_REQUEST["TID"]; } else { $TID = 1; } ?> <!-- --> <div class="sidebox" id="sidebox1"> <?php //-------------------------------------------------------------------------------------------------
case "save": $act = "list"; if ($i_actionID > 0) { $s_sql = 'update log_timetrack set projectID = ' . intval($i_projectID) . ', timeTypeID = ' . intval($i_timeTypeID) . ', actionDateTime = "' . $s_actionDateTime . '", duration = ' . intval($i_duration) . ', action = "' . SQLSafe($s_action) . '", description = "' . SQLSafe($s_description) . '", miles = ' . intval($i_miles) . ' where actionID = ' . intval($i_actionID) . ';'; } else { if ($i_projectID > 0 && $i_timeTypeID > 0) { $s_sql = 'insert into log_timetrack (projectID, timeTypeID, actionDateTime, duration, action, description, miles) values (' . intval($i_projectID) . ',' . intval($i_timeTypeID) . ',"' . $s_actionDateTime . '",' . intval($i_duration) . ',"' . SQLSafe($s_action) . '","' . SQLSafe($s_description) . '",' . intval($i_miles) . ');'; } } if ($s_sql > "") { $q_update = mysql_query($s_sql); if (!$q_update) { die_well(__LINE__, mysql_error(), $s_sql); } } header("Location: {$s_fileName}"); break; case "list": echo $s_header; $act = $s_act; $s_sql = 'select T.actionID, T.projectID, T.timeTypeID, T.actionDateTime, T.duration, T.action, T.description, T.miles, P.project, A.timeType, (T.duration*60) as "eseconds" from cms.log_timetrack T