<?php if (@$_POST['submit']) { //collecting userinfo $pId = formItemValidation($_POST['pId']); $cName = formItemValidation($_POST['cName']); $cContactNumber = formItemValidation($_POST['cContactNumber']); $cAddress = formItemValidation($_POST['cAddress']); $pQuantity = formItemValidation($_POST['pQuantity']); //current time now $nowTime = date("Y-m-d H:i:s"); //geenrate invoice number $invNum = generateInvoiceId(8); //logged in user ID $loggedInUser = $_SESSION['cId']; $qry = mysql_query("INSERT INTO customer VALUES(\n '',\n '" . $invNum . "',\n '" . $cName . "',\n '" . $cContactNumber . "',\n '" . $cAddress . "',\n '" . $pId . "',\n '" . $pQuantity . "',\n '" . $nowTime . "'\n \n \n )") or die(mysql_error()); if ($qry) { $insertSuccess = 1; } else { $insertError = 1; } } ?> <div id="page-wrapper"> <div class="row">
<?php $getUId = $_GET['uId']; //collect all informaion from database $qry = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE uID = '{$getUId}' ")); $existingUName = $qry->uName; if (@$_POST['submit']) { //collecting userinfo $uName = formItemValidation($_POST['uName']); $uType = formItemValidation($_POST['uType']); if ($existingUName != $uName) { if (!checkUniqueUsername($uName)) { $update = "UPDATE users SET uName = '" . $uName . "' , uType = '" . $uType . "' WHERE uId = '" . $getUId . "' "; $qry = mysql_query($update) or die(mysql_error()); if ($qry) { $insertSuccess = 1; } else { $insertError = 1; } } else { //set used variable $uniquenessError = 1; } } else { //current time now $update = "UPDATE users SET uType = '" . $uType . "' WHERE uId = '" . $getUId . "' "; $qry = mysql_query($update) or die(mysql_error()); if ($qry) { $insertSuccess = 1; } else { $insertError = 1;
<?php $getPId = $_GET['pId']; //collect all informaion from database $qry = mysql_fetch_object(mysql_query("SELECT * FROM product WHERE pID = '{$getPId}' ")); $existingPName = $qry->pName; if (@$_POST['submit']) { //collecting userinfo $pName = formItemValidation($_POST['pName']); $pBarCode = formItemValidation($_POST['pBarCode']); $pQuantity = formItemValidation($_POST['pQuantity']); $pBuyingPrice = formItemValidation($_POST['pBuyingPrice']); $pSellingPrice = formItemValidation($_POST['pSellingPrice']); if ($existingPName != $pName) { if (!checkUniqueUsername($pName)) { $update = "UPDATE product SET pName = '" . $pName . "' , pBarCode = '" . $pBarCode . "', pQuantity = '" . $pQuantity . "' , pBuyingPrice = '" . $pBuyingPrice . "', pSellingPrice = '" . $pSellingPrice . "' WHERE pId = '" . $getPId . "' "; $qry = mysql_query($update) or die(mysql_error()); if ($qry) { $insertSuccess = 1; } else { $insertError = 1; } } else { //set used variable $uniquenessError = 1; } } else { $update = "UPDATE product SET pBarCode = '" . $pBarCode . "' WHERE pId = '" . $getPId . "' "; $qry = mysql_query($update) or die(mysql_error()); if ($qry) { $insertSuccess = 1;
<?php $getCId = $_GET['cId']; mysql_connect("localhost", "root", "root"); mysql_select_db("inventory"); //collect all informaion from database $qry = mysql_fetch_object(mysql_query("SELECT * FROM category WHERE cID = '{$getCId}' ")); $existingCName = $qry->cName; if (@$_POST['submit']) { //collecting categoryinfo $cName = formItemValidation($_POST['cName']); if ($existingCName != $cName) { if (true) { $update = "UPDATE category SET cName = '" . $cName . "' WHERE cId = '" . $getCId . "' "; $qry = mysql_query($update) or die(mysql_error()); if ($qry) { $insertSuccess = 1; } else { $insertError = 1; } } else { //set used variable $uniquenessError = 1; } } else { //current time now $update = "UPDATE category SET uType = '" . $cType . "' WHERE cId = '" . $getCId . "' "; $qry = mysql_query($update) or die(mysql_error()); if ($qry) { $insertSuccess = 1; } else {