function find($search) { global $conn, $users; $search = $search; $sql = "select userid,fname,sname,loginname,pass,phone,mobile,fax,email,countrycode,admin,\n\t\tguest,reservation,booking,agents,rooms,billing,rates,lookup,reports\n\t\tFrom users where userid='{$search}'"; $results = mkr_query($sql, $conn); $users = fetch_object($results); }
function find($search) { global $conn, $agent; $search = $search; $sql = "Select agentname,agents_ac_no,contact_person,telephone,fax,email,billing_address,town,postal_code,road_street,building From agents where agents_ac_no='{$search}'"; $results = mkr_query($sql, $conn); $agent = fetch_object($results); }
function Login() { $username = $_POST['username']; $password = $_POST['password']; if ($username && $password) { $conn = mysql_connect(HOST, USER, PASS) or die("Whoops"); // Connect to the database, or if connection fails print error message. $password = md5($password); // encode submited password with MD5 encryption and store it back in the same variable. If not on a windows box, I suggest you use crypt() $sql = "select * from users where loginname='{$username}'"; // query statment that gets the username/password from 'login' where the username is the same as the one you submited $r = mysql_db_query(DB, $sql); // Execute Query // if no rows for that database come up, redirect. if (!mysql_num_rows($r)) { mysql_close($conn); header("Location: index.php"); // This is the redirection, notice it uses $SCRIPT_NAME which is a predefined variable with the name of the script in it. } else { $passed = @mysql_connect(HOST, USER, PASS); } mysql_select_db(DB); if (!$passed) { //echo 'Could not connect: ' . mysql_error(); echo "<center><font color=\"#FF0000\"><b>Invalid User Name or Password</b></font></center>"; $_SESSION["logged"] = 0; $_SESSION["userid"] = ""; } else { //$sql="select pass('$password') as pass, fname, sname from users"; $sql = "select pass, fname, sname, loginname, userid from users where loginname='{$username}'"; $password = mkr_query($sql, $passed); $password = mysql_fetch_array($password); $_SESSION["employee"] = $password['fname'] . " " . $password['sname']; $_SESSION["loginname"] = $password['loginname']; $_SESSION["userid"] = $password['userid']; $password = $password['pass']; //****************************************************************** //*Not the best option but produce the required results - unencrypted password saved to a cookie //****************************************************************** setcookie("data_login", "{$username} {$password}", time() + 60 * 30); // Set the cookie named 'candle_login' with the value of the username (in plain text) and the password (which has been encrypted and serialized.) $_SESSION["logged"] = 1; // set variable $msg with an HTML statement that basically says redirect to the next page. The reason we didn't use header() is that using setcookie() and header() at the sametime isn't 100% compatible with all browsers, this is more compatible. $msg = "<meta http-equiv=\"Refresh\" content=\"0;url=./index.php\">"; //put index.php } } else { echo "<center><font color=\"#FF0000\"><b>Enter your UserName and Password to login on to the system</b></font></center>"; $_SESSION["logged"] = 0; } if ($msg) { echo $msg; } //if $msg is set echo it, resulting in a redirect to the next page. //} }
function find($search) { global $conn, $guests; $search = $search; $strOffSet = !empty($_POST["strOffSet"]) ? $_POST["strOffSet"] : 0; //check on wether search is being done on idno/ppno/guestid/guestname $sql = "Select guests.guestid,concat_ws(' ',guests.firstname,guests.middlename,guests.lastname) as guest,guests.pp_no,\n\t\tguests.idno,guests.countrycode,guests.pobox,guests.town,guests.postal_code,guests.phone,\n\t\tguests.email,guests.mobilephone,countries.country\n\t\tFrom guests\n\t\tInner Join countries ON guests.countrycode = countries.countrycode where guests.guestid='{$search}'\n\t\tLIMIT {$strOffSet},1"; $results = mkr_query($sql, $conn); $guests = fetch_object($results); }
function getdata() { global $sql, $conn; $results = mkr_query($sql, $conn); /*$totRows = mysql_query("SELECT FOUND_ROWS()"); //get total number of records in the select query irrespective of the LIMIT clause $totRows = mysql_result($totRows , 0); $_SESSION["nRecords"]=$totRows; $_SESSION["totPages"]=ceil($totRows/$strRows); $_SESSION["RowsDisplayed"]=$strRows;*/ echo "<table align=\"center\">"; //get field names to create the column header echo "<tr bgcolor=\"#009999\">\n\t\t<th>Action</th>"; while ($i < mysql_num_fields($results)) { $meta = mysql_fetch_field($results, $i); $field = $meta->name; echo "<th>" . $field . "</th>"; $i++; } "</tr>"; //end of field header if ((int) $results !== 0) { //get data from selected table on the selected fields while ($row = fetch_object($results)) { //alternate row colour $j++; if ($j % 2 == 1) { echo "<tr id=\"row{$j}\" onmouseover=\"javascript:setColor('{$j}')\" onmouseout=\"javascript:origColor('{$j}')\" bgcolor=\"#CCCCCC\">"; } else { echo "<tr id=\"row{$j}\" onmouseover=\"javascript:setColor('{$j}')\" onmouseout=\"javascript:origColor('{$j}')\" bgcolor=\"#EEEEF8\">"; } echo "<td><a href=\"reportqueries.php?search={$row->ID}\"><img src=\"images/button_view.png\" width=\"16\" height=\"16\" border=\"0\" title=\"view\"/></a></td>"; $i = 0; while ($i < mysql_num_fields($results)) { $meta = mysql_fetch_field($results, $i); $field = $meta->name; echo "<td>" . $row->{$field} . "</td>"; $i++; } // echo "</tr>"; //end of - data rows } //end of while row echo "</table>"; } free_result($results); }
function updatebill() { $billno = !empty($_POST['search']) ? $_POST['search'] : 0; //$billno=!empty($_POST['billid']) ? $_POST['billid'] : 1; $sql = "Select transactions.doc_date,details.item,transactions.dr,transactions.cr,transactions.doc_no,transactions.doc_type,details.itemid\n\t\tFrom transactions\n\t\tInner Join details ON transactions.details = details.itemid\n\t\tWhere transactions.billno = '{$search}'"; $results = mkr_query($sql, $conn); echo "<table width=\"100%\" border=\"0\" cellpadding=\"1\">\n\t <tr bgcolor=\"#FF9900\">\n\t\t<th></th>\n\t\t<th>Date</th>\n\t\t<th>Details</th>\n\t\t<th>DR</th>\n\t\t<th>CR</th>\n\t\t<th>Balance</th>\n\t\t<th>Doc. No. </th>\n\t\t<th>Doc. Type</th>\n\t </tr>"; //get data from selected table on the selected fields while ($trans = fetch_object($results)) { $balance = $balance - $trans->cr + $trans->dr; //alternate row colour $j++; if ($j % 2 == 1) { echo "<tr id=\"row{$j}\" onmouseover=\"javascript:setColor('{$j}')\" onmouseout=\"javascript:origColor('{$j}')\" bgcolor=\"#CCCCCC\">"; } else { echo "<tr id=\"row{$j}\" onmouseover=\"javascript:setColor('{$j}')\" onmouseout=\"javascript:origColor('{$j}')\" bgcolor=\"#EEEEF8\">"; } echo "<td><a href=\"billings.php?search={$guest->guestid}&action=search\"><img src=\"images/button_signout.png\" width=\"16\" height=\"16\" border=\"0\" title=\"bill guest\"/></a></td>"; echo "<td>" . $trans->doc_date . "</td>"; echo "<td>" . $trans->item . "</td>"; echo "<td>" . $trans->dr . "</td>"; echo "<td>" . $trans->cr . "</td>"; echo "<td>" . $balance . "</td>"; echo "<td>" . $trans->doc_no . "</td>"; echo "<td>" . $trans->doc_type . "</td>"; //calucate running balance echo "</tr>"; //end of - data rows } //end of while row echo "<tr><td colspan=\"3\" align=\"center\"><b>TOTAL</b></td><td><b>DR Total</b></td><td><b>CR Total</b></td><td><b>Total Bal.</b></td><tr>"; echo "</table>"; }
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA or check for license.txt at the root folder /***************************************************************************** For any details please feel free to contact me at taifa@users.sourceforge.net Or for snail mail. P. O. Box 938, Kilifi-80108, East Africa-Kenya. /*****************************************************************************/ error_reporting(E_ALL & ~E_NOTICE); include_once "queryfunctions.php"; include_once "functions.php"; $loginname = $_SESSION["loginname"]; $sql = "select userid,admin,guest,reservation,booking,agents,rooms,billing,rates,lookup,reports from users where loginname='{$loginname}'"; $conn = db_connect(HOST, USER, PASS, DB, PORT); $results = mkr_query($sql, $conn); $msg[0] = ""; $msg[1] = ""; AddSuccess($results, $conn, $msg); $access = fetch_object($results); //will be used to set access on pages /*if !isset($_SESSION["access"]){ $_SESSION["access"] }*/ if ($access->admin == 1) { echo "<tr><td><a href=\"admin.php\">Admin</a></td></tr>"; } if ($access->guest == 1) { echo "<tr><td><a href=\"guests.php\">Guests</a></td></tr>"; } if ($access->reservation == 1) {
function find($search) { global $conn, $bookings; $search = $search; $strOffSet = !empty($_POST["strOffSet"]) ? $_POST["strOffSet"] : 0; //offset value peacked on all pages with pagination - logical error //check on wether search is being done on idno/ppno/guestid/guestname $sql = "Select guests.guestid,concat_ws(' ',guests.firstname,guests.middlename,guests.lastname) as guest,guests.pp_no,\n\t\tguests.idno,guests.countrycode,guests.pobox,guests.town,guests.postal_code,guests.phone,guests.email,guests.mobilephone,\n\t\tcountries.country,booking.book_id,booking.guestid,booking.booking_type,booking.meal_plan,booking.no_adults,booking.no_child,\n\t\tbooking.checkin_date,booking.checkout_date,booking.residence_id,booking.payment_mode,booking.agents_ac_no,booking.roomid,\n\t\tbooking.checkedin_by,booking.invoice_no,booking.billed,booking.checkoutby,booking.codatetime,DATEDIFF(booking.checkout_date,booking.checkin_date) as no_nights\n\t\tFrom guests\n\t\tInner Join countries ON guests.countrycode = countries.countrycode\n\t\tInner Join booking ON guests.guestid = booking.guestid\n\t\twhere booking.book_id='{$search}'"; $results = mkr_query($sql, $conn); $bookings = fetch_object($results); }
function findguest($search) { global $conn, $guests; $search = $search; //check on wether search is being done on idno/ppno/guestid/guestname $sql = "Select guests.guestid,guests.lastname,guests.firstname,guests.middlename,guests.pp_no,\n\t\tguests.idno,guests.countrycode,guests.pobox,guests.town,guests.postal_code,guests.phone,\n\t\tguests.email,guests.mobilephone,countries.country\n\t\tFrom guests\n\t\tInner Join countries ON guests.countrycode = countries.countrycode where guests.guestid='{$search}'"; $results = mkr_query($sql, $conn); $guests = fetch_object($results); }
function find($search) { global $conn, $bill; $search = $search; //search on booking //check on wether search is being done on idno/ppno/guestid/guestname $sql = "Select bills.bill_id,bills.book_id,bills.date_billed,bills.billno,bills.`status`,bills.date_checked,\n\t\tconcat_ws(' ',guests.firstname,guests.middlename,guests.lastname) as guest,guests.pobox,guests.town,guests.postal_code,\n\t\tbooking.checkin_date,booking.checkout_date,booking.roomid,rooms.roomno\n\t\tFrom bills\n\t\tInner Join booking ON bills.book_id = booking.book_id\n\t\tInner Join guests ON booking.guestid = guests.guestid\n\t\tInner Join rooms ON booking.roomid = rooms.roomid where bills.bill_id='{$search}'"; //need a search on reservation - todo not (tested) /*$sql="Select bills.bill_id,bills.book_id,bills.date_billed,bills.billno,bills.`status`,bills.date_checked, concat_ws(' ',guests.firstname,guests.middlename,guests.lastname) as guest,guests.pobox,guests.town,guests.postal_code, reservation.reserve_checkindate,reservation.reserve_checkoutdate,reservation.roomid,rooms.roomno From bills Inner Join reservation ON bills.book_id = reservation.reservation_id Inner Join guests ON reservation.guestid = guests.guestid Inner Join rooms ON reservation.roomid = rooms.roomid where bills.bill_id='$search'";*/ $results = mkr_query($sql, $conn); $bill = fetch_object($results); }