$usercode = Cls::session('usercode');
if (isset($_POST["SearchName"])) {
$obj = $_POST["SearchName"];
$key = '"%' . $obj['cust_name'] . '%"';
$sql = "SELECT * FROM `bo_customer` where `cust_name` like {$key} and user_id={$usercode}";
$stm = $con->prepare($sql);
$stm->execute();
$result = $stm->fetchAll(PDO::FETCH_OBJ);
Cls::responeJson($result);
}
if (Cls::post('bamount') && intval($_POST['bamount']) > 0) {
$bamount = str_replace(',', '', Cls::post('bamount'));
$brate = str_replace(',', '', Cls::post('brate'));
$sql = "insert into bo_lending (cust_id, user_id, lend_start, lend_stop, lend_amount, lend_status, lend_rate)\n\tvalue (?,?,?,?,?,?,?)";
$stm = $con->prepare($sql);
$result = $stm->execute(array(Cls::post('custId'), Cls::session('usercode'), Cls::post('startdate'), Cls::post('stopdate'), $bamount, 1, $brate));
Cls::responeJson($result);
}
if (Cls::post('ShowData')) {
$dat = $_POST['ShowData'];
//echo ("dddddddddddddddddddddddddddddd" . $dat['txtname']);
//$sql= "SELECT * from bo_lending";
$sql = "SELECT\n\t(@row_number :=@row_number + 1) AS rownum,\n\tA.lend_id,\n\tA.cust_id,\n\tA.user_id,\n\tA.lend_start,\n\tA.lend_amount,\n\t(\n\t\tCASE\n\t\tWHEN (\n\t\t\tA.lend_status = 1) THEN\n\t\t\t\t'បន្ត'\n\t\t\tELSE\n\t\t\t\t'បញ្ចប់'\n\t\tend\n\t\t) AS lend_status,\n\t\tA.lend_rate,\n\t\tB.cust_name,\n\t(A.lend_amount + A.lend_rate) as total ,\n\tA.perday\n\tFROM\n\t\tbo_lending A\n\tINNER JOIN bo_customer B ON A.cust_id = B.cust_id,\n\t(SELECT @row_number := 0) AS t where A.user_id = " . $usercode . " and B.cust_name like '%" . $dat['txtname'] . "%'";
if ($dat['txtstatus'] != '') {
$sql = $sql . " and A.lend_status = " . $dat['txtstatus'];
}
$stm = $con->prepare($sql);
$stm->execute();
$result = $stm->fetchAll(PDO::FETCH_OBJ);
Cls::responeJson($result);
}
$query = $con->prepare($sql);
$query->execute(array($dat['userid']));
$result = $query->fetchAll(PDO::FETCH_ASSOC);
return Cls::responeJson($result);
}
if (isset($_POST['SearchName'])) {
$dat = $_POST['SearchName'];
$sql = "SELECT (@row_number:=@row_number + 1) AS rownum, cust_id, cust_name, cust_sex, cust_phone, cust_address, cust_photo, cust_id_card, cust_start_date FROM bo_saving_cust,(SELECT @row_number:=0) AS t where cust_name like ?";
$query = $con->prepare($sql);
$query->execute(array('%' . $dat['txtname'] . '%'));
$result = $query->fetchAll(PDO::FETCH_ASSOC);
return Cls::responeJson($result);
}
if (isset($_POST['insertData'])) {
$dat = $_POST['insertData'];
$sql = "INSERT INTO bo_saving_cust (cust_name, cust_sex, cust_phone, cust_address, cust_photo, cust_id_card, cust_start_date, cust_status) VALUES (?,?,?,?,?,?,now(),?)";
$query = $con->prepare($sql);
$row = $query->execute(array($dat['txtname'], $dat['txtsex'], $dat['txtphone'], $dat['txtaddress'], $dat['txtphoto'], $dat['txtidcard'], '1'));
$obj['info'] = 'success';
return Cls::responeJson($obj);
}
if (isset($_POST['updateData'])) {
$dat = $_POST['updateData'];
$sql = "UPDATE bo_saving_cust SET cust_sex=?,cust_phone=?,cust_address=?,cust_photo=?,cust_id_card=? WHERE cust_id=?";
$query = $con->prepare($sql);
$row = $query->execute(array($dat['txtsex'], $dat['txtphone'], $dat['txtaddress'], $dat['txtpasswd'], $dat['txtphoto'], $dat['txtidcard'], $dat['txtid']));
$obj['info'] = 'success';
return Cls::responeJson($obj);
}
Cls::responeJson($_REQUEST);
<?php
require_once 'common.php';
require_once 'db.php';
$result = [];
$obj = [];
if (isset($_POST['username']) && isset($_POST['password'])) {
$sql = "SELECT user_id FROM bo_user where user_name = ? and user_passwd = ?";
$query = $con->prepare($sql);
$query->execute(array($_POST['username'], $_POST['password']));
$login = $query->fetch(PDO::FETCH_OBJ);
if (isset($login->user_id)) {
Cls::session('usercode', $login->user_id);
if ($login->user_id == 1) {
Cls::responeJson(['url' => URL . 'user_info.php']);
} else {
Cls::responeJson(['url' => URL . 'cust_info.php']);
}
// Cls::redirect('../user_info.html');
} else {
Cls::responeJson(['url' => '']);
}
}
if (isset($_GET['logout'])) {
Cls::removeSession('usercode');
Cls::redirect(URL . 'index.php');
// echo '<pre>';
// print_r($_SESSION);
}
