function edit($table, $vyber, $id)
{
$error_msg = array();
if ($_POST[submit]) {
$meno = sec_sql(sec_input($_POST["meno"]));
$hodnota = sec_sql(sec_input($_POST["hodnota"]));
if (strlen($meno) > 30 or strlen($meno) < 3) {
$error_msg[] = "Meno môže mať od 4 do 30 znakov";
}
if (strlen($hodnota) > 30 or strlen($hodnota) < 3) {
$error_msg[] = "Hodnota môže mať od 4 do 30 znakov";
}
//var_dump($error_msg);
if (empty($error_msg)) {
echo "ok";
} else {
echo "<div id=error_message>" . implode("<br>", $error_msg) . "</div>";
}
}
$id = sec_sql($id);
$query = "Select id, hodnota, meno from " . PREFIX . "{$table} WHERE id={$id}";
$value = sql_query($query);
$value = $value[0];
echo "<form method=\"POST\">";
hidden("id", $value[id]);
textfield("meno", $value[meno], "Meno", 50, 20);
textfield("hodnota", $value[hodnota], "Hodnota", 40, 20);
submit("submit", "Odoslať");
echo "</form>";
}
session_start();
$safe = "U,,5Enc!";
$root = $_SERVER['DOCUMENT_ROOT'];
include_once "config/datab.php";
// subor s nastaveniami databaz
include_once "config/fnc.php";
// vloženie hlavičky stránky
if (isset($_GET["select_product_type"])) {
$skryt_zakaznikom = "AND skryt_zakaznikom=0";
if ($_SESSION["logged"] == 1) {
$skryt_zakaznikom = "";
}
$product_atribute = sec_sql(sec_input($_GET["select_product_type"]));
$product = sec_sql(sec_input($_GET["product"]));
$query = "SELECT pa.id, pa.meno FROM `product_atribute` pa INNER JOIN product_atribute_product_types pt ON pt.id_product_atribute = pa.id\r\n WHERE pa.vymaz=0 AND id_product_type=" . (empty($product_atribute) ? def_value("default_product_type", "hodnota") : $product_atribute) . "\r\n ORDER BY pa.def DESC, pa.meno";
$atributes = sql_query($query);
$key = sec_sql(sec_input($_GET["key"]));
$query = "SELECT id FROM product \r\n WHERE id = {$product} AND skryt_atributy = \"1\" \r\n ";
$producter = sql_query($query);
//print_r($query);
if (empty($producter)) {
foreach ($atributes as $atribute) {
echo "<div class=\"atribute-row\">";
echo hidden("product_atribute[]", $atribute[id]);
echo select("product_atribute_option[{$key}][{$atribute['id']}]", $atribute[meno], "SELECT id, meno FROM product_atribute_option WHERE id_product_atribute=" . $atribute[id] . " AND vymaz=0 ORDER BY def DESC, def DESC, meno ASC", $product_type_all[$i], "-vyberte si-", "product_atribute_option_v", "", "NO");
echo "</div>";
}
}
//var_dump($_SESSION);
}
<?php
$safe = "U,,5Enc!";
$root = $_SERVER['DOCUMENT_ROOT'];
include_once "config/datab.php";
// subor s nastaveniami databaz
include_once "config/fnc.php";
// vloženie hlavičky stránky
if (isset($_GET["select_material"])) {
$material = sec_sql(sec_input($_GET["select_material"]));
$def_hrana_duplak = def_value("default_duplak_hrana_value", "hodnota");
echo select("hrana", "Hrúbka", "SELECT id, hodnota, meno FROM hrana WHERE vymaz=0 {$where} ORDER BY hodnota", def_value("default_hrubka", "hodnota"), "", "hrubka", "", "NO");
}
// subor s nastaveniami databaz
include_once "config/fnc.php";
// vloženie hlavičky stránky
include_once "config/config.php";
$minimized = "minimized";
$tasker = "ghost";
//var_dump($vyber);
if (!empty($_POST["dodavatel"]) and !empty($_POST["text"]) and !empty($_POST["zakaznik"])) {
$dodavatel = sec_sql(sec_input($_POST["dodavatel"]));
$ks = str_replace(',', '.', sec_sql(sec_input($_POST["ks"])));
$ks = floatval($ks);
$text = sec_sql(sec_input($_POST["text"]));
$jednotka = sec_sql(sec_input($_POST["jednotky"]));
$zakaznik = sec_sql(sec_input($_POST["zakaznik"]));
$objednavka = sec_sql(sec_input($_POST["order"]));
$from = sec_sql(sec_input($_POST["from"]));
mysql_query("BEGIN");
$produkt = sql_query("Select id from do_produkt\r\n WHERE meno = \"{$text}\" ");
if (count($produkt) == 0) {
$sql_obj = sql_insert("INSERT INTO do_produkt (meno)\r\n VALUES (\"{$text}\") ");
$produkt = $sql_obj["inserted_id"];
} else {
$produkt = $produkt[0]["id"];
}
//dd($produkt);
$sql_obj = sql_insert("INSERT INTO do_objednavka (datum_zmeny, id_dodavatel, objednavka)\r\n VALUES (now(), \"{$dodavatel}\", \"{$objednavka}\" )\r\n ");
$obj_id = $sql_obj["inserted_id"];
sql_insert("INSERT INTO do_objednavka_row (id_do_objednavka, datum, ks, jednotka, text, id_do_produkt, objednavka, zakaznik, vytvoril, zadal)\r\n VALUES (\"{$obj_id}\", now(), \"{$ks}\", \"{$jednotka}\", \"{$text}\", \"{$produkt}\", \"{$objednavka}\", \"{$zakaznik}\", {$_SESSION["username"]}, {$from} )\r\n ");
sql_insert("INSERT INTO do_objednavka_row_search (id_obj, zakaznik, text)\r\n VALUES (\"{$obj_id}\", \"{$zakaznik}\", \"{$text}\" )\r\n ");
mysql_query("COMMIT");
}
<?php
if ($_POST["filter"]) {
//var_dump($_POST);
$_SESSION["filter_vyroba_od"] = sec_sql(sec_input($_POST["filter_vyroba_od"]));
$_SESSION["filter_vyroba_do"] = sec_sql(sec_input($_POST["filter_vyroba_do"]));
$_SESSION["filter_vyroba_zakaznik"] = sec_sql(sec_input($_POST["filter_vyroba_zakaznik"]));
$_SESSION["filter_vyroba_zakaznik_no"] = sec_sql(sec_input($_POST["filter_vyroba_zakaznik_no"]));
$_SESSION["filter_vyroba_product_type"] = sec_sql(sec_input($_POST["filter_vyroba_product_type"]));
$_SESSION["filter_vyroba_product"] = sec_sql(sec_input($_POST["filter_vyroba_product"]));
$_SESSION["filter_vyroba_dl"] = sec_sql(sec_input($_POST["filter_vyroba_dl"]));
$_SESSION["filter_vyroba_matrac_rozmer"] = sec_sql(sec_input($_POST["filter_vyroba_matrac_rozmer"]));
}
$day_limit = 30;
$where = array();
$where[] = "vp.vymaz=0";
$where[] = "vp.status=5";
if (!empty($_SESSION["filter_vyroba_od"])) {
$where[] = "datum_vyroby >= \"{$_SESSION["filter_vyroba_od"]} 00:00:00\"";
} else {
$where[] = "datum_vyroby >= DATE_SUB(CURDATE(), INTERVAL {$day_limit} DAY)";
}
if (!empty($_SESSION["filter_vyroba_do"])) {
$where[] = "datum_vyroby <= \"{$_SESSION["filter_vyroba_do"]} 23:59:59\"";
}
echo "<h1>Výroba</h1>";
echo "<form method=\"POST\">";
echo "<div class=\"filter_vyroba clearfix\">";
echo textfield("filter_vyroba_od", $_SESSION["filter_vyroba_od"], "od:", 15, 10, "filter_vyroba_od datetime");
echo textfield("filter_vyroba_do", $_SESSION["filter_vyroba_do"], "do:", 15, 10, "filter_vyroba_do datetime");
echo select("filter_vyroba_zakaznik", "Filtruj zákazníkov:", "SELECT id, CONCAT(meno, ', ', doruc_mesto) meno FROM uzivatel WHERE skupina=2 AND vymaz=0 ORDER BY meno", $_SESSION["filter_vyroba_zakaznik"], "", "", "");
echo "<div id=error_message>" . implode("<br>", $error_msg) . "</div>";
}
}
// zobrazenie pridaných súborov
echo "<div id=\"added_files\">\r\n <h2>Nahraté súbory</h2>";
$directory = "files/obj-{$order}/rev-{$revision}";
$files = sql_query("SELECT meno, meno_old, pripona \r\n FROM subor\r\n WHERE id_obj=\"{$order}\" AND id_revizia=\"{$revision}\"");
//var_dump($files);
for ($i = 0; $i < count($files); $i++) {
echo "<a href=\"{$directory}/" . $files[$i]["meno"] . "." . $files[$i]["pripona"] . "\" target=\"_blank\">" . substr($files[$i]["meno_old"], 0, 20) . "</a><br>";
}
echo "</div>";
// tlačítko na generovanie csv súboru
echo "<div id=\"revision_buttons\">";
$directory = "files/csv_new/obj-{$order}/rev-{$revision}";
$meno_csv = sec_input(rep_dia($form_data[meno]));
$meno_csv = str_replace(" ", "", $meno_csv);
$meno_csv = str_replace('/', "", $meno_csv);
$meno_csv = str_replace('.', "", $meno_csv);
if (strlen($meno_csv) > 10) {
$meno_csv = substr($meno_csv, 0, 10);
}
$file = "{$c_obj}-{$meno_csv}.csv";
$file_pasy = "{$c_obj}-{$meno_csv}-pasy.csv";
echo "<div id=\"add_csv_button\">";
//var_dump("subor ".$directory."/".$file);
if (!file_exists($directory . "/" . $file)) {
echo "<a href=\"?vyber=objednavky&order={$order}&revision={$revision}&action=generate_csv_new\" class=\"download_csv\" data-url=\"?vyber=objednavky&order={$order}&revision={$revision}\">Vytvor .csv</a>";
} else {
echo "<a href=\"{$directory}/{$file}\" data-url=\"?vyber=objednavky&order={$order}&revision={$revision}\">Stiahni .csv</a><br>";
echo "<a href=\"?vyber=objednavky&order={$order}&revision={$revision}&action=generate_csv_new\">Pregeneruj .csv</a>";
function print_revision_cp_vyrobny_plan($cp, $revision)
{
$data = sql_query("SELECT id_vyrobny_plan, DATE_FORMAT(datum, '%d. %m. %Y, %H:%i') AS datum\r\n FROM revizia_vyrobny_plan \r\n WHERE id={$revision} \r\n LIMIT 1")[0];
$data_row = sql_query("SELECT vyr.*, obr.*, rev.meno, rev.mesto, rev.doruc_mesto, rev.email, \r\n rev.komentar, rev.komentar_private, rev.vlastne_cislo_obj, obj.id_zakaznik, obj.c_obj, obj.datum \r\n FROM vyrobny_plan_row vyr\r\n INNER JOIN objednavka_row obr\r\n ON vyr.id_objednavka_row = obr.id\r\n INNER JOIN revizia rev\r\n ON obr.id_revizia = rev.id\r\n INNER JOIN objednavka obj\r\n ON rev.id_obj = obj.id\r\n WHERE id_revizia_vyrobny_plan = " . $revision . "\r\n AND vyr.vymaz = 0;\r\n ");
foreach ($data_row as $key => $row) {
$data_row_option = sql_query("SELECT id_product_atribute, id_product_atribute_option \r\n FROM objednavka_row_atribute \r\n WHERE id_revizia=\"{$row['id_revizia']}\" AND id_objednavka_row=\"{$row[id]}\"");
//var_dump($data_row_option);
foreach ($data_row_option as $option) {
$data_row[$key]["product_atribute_options_all"][$option["id_product_atribute"]] = $option["id_product_atribute_option"];
}
if ($row["id_zakaznik"] == 0) {
$data_zak[$row["id_zakaznik"]][$row["id_revizia"]][] = $data_row[$key];
} else {
$data_zak[$row["id_zakaznik"]][] = $data_row[$key];
}
}
//var_dump($data_zak);
$data_obj = sql_query("SELECT id, meno, popis, DATE_FORMAT(datum_vyvozu, '%d. %m. %Y') AS datum, \r\n DATE_FORMAT(datum, '%Y') AS rok\r\n FROM vyrobny_plan \r\n WHERE id=" . $data["id_vyrobny_plan"] . " LIMIT 1");
$data_obj = $data_obj[0];
$message = "";
$message .= "<h1>Cenová ponuka <br> Výrobný Plán č. " . $data_obj["id"] . "/" . $data_obj["rok"] . " - " . $data_obj["meno"] . " </h1>";
$message .= "<h5>Dátum vývozu: " . $data_obj["datum"] . "</h5>";
$message .= !empty($data_obj["popis"]) ? "<h5>Popis: " . $data_obj["popis"] . "</h5>" : "";
/*
$data_row = sql_query("SELECT *
FROM vyrobny_plan_row vyr
INNER JOIN objednavka_row obr
ON vyr.id_objednavka_row = obr.id
WHERE id_revizia_vyrobny_plan = ".$revision."
");
*/
$message .= "<div class=\"print_hlavicka3\">\r\n <table>\r\n <tr>\r\n \r\n <th style=\"width: 460px;\">produkt</th> \r\n <th style=\"width: 90px;\">j.cena</th> \r\n <th style=\"width: 100px;\">zľava % / j.cena po</th>\r\n <th style=\"width: 80px;\">Spolu</th>\r\n <th style=\"width: 80px;\"></th>\r\n <th style=\"width: 100px;\">komentár</th>\r\n </tr>";
foreach ($data_zak as $key => $zakaznik) {
//var_dump($key);
$data_z = array();
if ($key > 0) {
if ($sum_zakaznik > 0) {
$message .= "<tr>";
$message .= "<td colspan=3 class=\"right\">Spolu pre zákazníka / objednávku</td>";
$message .= "<td colspan=3 class=\"bold\">{$sum_zakaznik} €</td>";
$message .= "</tr>";
}
$sum_zakaznik = 0;
$message .= "<tr class=\"silver\">";
$query = "SELECT meno, mesto, doruc_mesto, email FROM uzivatel WHERE id=" . $key . " LIMIT 1";
$zakaz = sql_query($query)[0];
//dd($zakaz);
$data_z["meno"] = $zakaz["meno"];
$data_z["doruc_mesto"] = $zakaz["doruc_mesto"];
$data_z["mesto"] = $zakaz["mesto"];
$data_z["email"] = $zakaz["email"];
$odberatel = $data_z["meno"];
if (empty($data_z["doruc_mesto"])) {
$odberatel .= empty($data_z["mesto"]) ? "" : ", " . $data_z["mesto"];
} else {
$odberatel .= ", " . $data_z["doruc_mesto"];
}
$odberatel = "<span class=\"bold\">" . $odberatel . "</span>" . (!empty($data_z["email"]) ? " (" . $data_z["email"] . ")" : "") . "";
$message .= "<td colspan=6>{$odberatel}</td>";
$message .= "</tr>";
}
//var_dump($zakaznik);
foreach ($zakaznik as $keyer => $riadok) {
//var_dump($riadok);
//var_dump($sum_zakaznik);
if ($key > 0) {
$message .= "<tr>";
$product_type = sql_query("SELECT meno FROM product_type WHERE id=" . sec_sql(sec_input($riadok["id_product_type"])) . " LIMIT 1");
$product_type = $product_type[0];
$product = sql_query("SELECT id, meno FROM product WHERE id=" . sec_sql(sec_input($riadok["id_product"])) . " LIMIT 1")[0];
$options_str = array();
//var_dump($data);
if (!isset($riadok["product_atribute_options_all"]) or empty($riadok["product_atribute_options_all"])) {
$riadok["product_atribute_options_all"] = array();
}
foreach ($riadok["product_atribute_options_all"] as $option) {
//var_dump($option);
$options_str[] = sql_query("SELECT meno FROM product_atribute_option WHERE id=" . sec_sql(sec_input($option)) . " LIMIT 1")[0]["meno"];
}
$vlastne_cislo_obj = "";
if (!empty($riadok["vlastne_cislo_obj"])) {
$vlastne_cislo_obj = " (" . $riadok["vlastne_cislo_obj"] . ") ";
}
$options_str = empty($options_str) ? "" : " (" . join(", ", $options_str) . ")";
//var_dump($options_str);
$message .= "<td class=\"form_nazov_siroky\"><span class=\"bold\">" . sec_input($riadok["ks"]) . "x</span> " . $product_type["meno"] . " <span class=\"bold\">" . $product["meno"] . "</span>\r\n " . $options_str . "\r\n <span class=\"smaller\"><br>obj. č. {$riadok["c_obj"]}/" . dateYear($riadok["datum"]) . " {$vlastne_cislo_obj} z " . dateDate($riadok["datum"]) . "</span>\r\n " . (empty($riadok["atyp_text"]) ? "" : "<br>Atyp: " . sec_input($riadok["atyp_text"])) . "\r\n " . (empty($riadok["komentar"]) ? "" : "<br>- " . sec_input($riadok["komentar"])) . "\r\n " . (empty($riadok["komentar_private"]) ? "" : "<br>- " . sec_input($riadok["komentar_private"])) . "</td>";
$ks_sum = $ks_sum + $riadok["ks"];
$query = "SELECT * from cp_vyrobny_plan_row WHERE id_cp_vyrobny_plan=" . sec_input(sec_sql($_GET["cp"])) . " AND id_objednavka_row=" . $riadok[id] . "";
$cp_row = sql_query($query)[0];
//var_dump($cp_row);
$cena = $cp_row[cena];
$zlava = $cp_row[zlava];
$black = $cp_row[black];
$ppd = $cp_row[ppd];
$komis = $cp_row[komis];
$koment = $cp_row[koment];
$id_cp_product = $cp_row[id_cp_product];
if (!isset($riadok["product_atribute_options_all"]) or empty($riadok["product_atribute_options_all"])) {
$riadok["product_atribute_options_all"] = array();
}
$option_c_hladina = 1;
$options_str = array();
foreach ($riadok["product_atribute_options_all"] as $option) {
//var_dump($option);
$options = sql_query("SELECT id, meno, id_c_hladina FROM product_atribute_option WHERE id=" . sec_sql(sec_input($option)) . " LIMIT 1");
$options_str[] = $options[0]["meno"];
if ($options[0]["id_c_hladina"] > $option_c_hladina) {
$option_c_hladina = $options[0]["id_c_hladina"];
}
//$options["price"] = sql_query("SELECT id, cena FROM product_atribute_option WHERE id=".sec_sql(sec_input($option))." LIMIT 1");
}
$product_prices = sql_query("SELECT id, cena FROM cp_product WHERE id=" . $id_cp_product . " AND id_product=" . $product["id"] . " ORDER BY id DESC LIMIT 1")[0];
$regular_price = $product_prices[cena] . " €";
if (empty($cena)) {
$product_price = $product_prices[cena];
} else {
$product_price = $cena;
}
$product_ks_sum = $product_ks_sum + sec_input($riadok["ks"]);
$product_price_sum = $product_price * sec_input($riadok["ks"]);
// spocitanie ceny spolu za vsetky produkty
$products_prices_sums = $products_prices_sums + $product_price_sum;
$zlava_J = $product_price * $zlava / 100;
$zlava_E = $zlava_J * sec_input($riadok["ks"]);
$po_zlave_J = $product_price - $zlava_J;
$po_zlave = $product_price_sum - $zlava_E;
$po_zlave_sum = $po_zlave_sum + $po_zlave;
$sum_zakaznik = $sum_zakaznik + $po_zlave;
$product_price = $product_price . " €";
$message .= "<td class=\"form_nazov ali-center product-price bold\">" . $product_price . "</td>";
$message .= "<td class=\"form_nazov ali-center\">" . ($zlava > 0 ? "<span class=\"zlava-E bold\">" . $zlava . "%</span> <span class=\"smaller\">(" . $po_zlave_J . "€)</span>" : "") . "</span></td>";
$po_zlave = $po_zlave . " €";
$extra = array();
if ($ppd == 1) {
$extra[] = "PPD";
}
if ($black == 1) {
$extra[] = "DL";
}
if ($komis == 1) {
$extra[] = "KMS";
}
$message .= "<td class=\"form_nazov ali-center po-zlave-sum\">" . $po_zlave . "</td>";
$message .= "<td class=\"\">" . join(", ", $extra) . "</td>";
$message .= "<td><span class=\"smaller\">{$koment}</span></td>";
$message .= "</tr>";
} else {
if ($sum_zakaznik > 0) {
$message .= "<tr>";
$message .= "<td colspan=3 class=\"right\">Spolu pre zákazníka / objednávku</td>";
$message .= "<td colspan=3 class=\"bold\">{$sum_zakaznik} €</td>";
$message .= "</tr>";
}
$sum_zakaznik = 0;
$message .= "<tr class=\"silver\">";
$data_z["meno"] = $riadok[0]["meno"];
$data_z["doruc_mesto"] = $riadok[0]["doruc_mesto"];
$data_z["mesto"] = $riadok[0]["mesto"];
$data_z["email"] = $riadok[0]["email"];
$odberatel = $data_z["meno"];
if (empty($data_z["doruc_mesto"])) {
$odberatel .= empty($data_z["mesto"]) ? "" : ", " . $data_z["mesto"];
} else {
$odberatel .= ", " . $data_z["doruc_mesto"];
}
$odberatel = "<span class=\"bold\">" . $odberatel . "</span>" . (!empty($data_z["email"]) ? " (" . $data_z["email"] . ")" : "") . "";
$message .= "<td colspan=6>{$odberatel}</td>";
$message .= "</tr>";
foreach ($riadok as $riadok_without) {
$message .= "<tr>";
$product_type = sql_query("SELECT meno FROM product_type WHERE id=" . sec_sql(sec_input($riadok_without["id_product_type"])) . " LIMIT 1");
$product_type = $product_type[0];
$product = sql_query("SELECT id, meno FROM product WHERE id=" . sec_sql(sec_input($riadok_without["id_product"])) . " LIMIT 1")[0];
$options_str = array();
//var_dump($data);
if (!isset($riadok_without["product_atribute_options_all"]) or empty($riadok_without["product_atribute_options_all"])) {
$riadok_without["product_atribute_options_all"] = array();
}
foreach ($riadok_without["product_atribute_options_all"] as $option) {
//var_dump($option);
$options_str[] = sql_query("SELECT meno FROM product_atribute_option WHERE id=" . sec_sql(sec_input($option)) . " LIMIT 1")[0]["meno"];
}
$vlastne_cislo_obj = "";
if (!empty($riadok_without["vlastne_cislo_obj"])) {
$vlastne_cislo_obj = " (" . $riadok_without["vlastne_cislo_obj"] . ") ";
}
$options_str = empty($options_str) ? "" : " (" . join(", ", $options_str) . ")";
//var_dump($options_str);
$message .= "<td class=\"form_nazov_siroky\"><span class=\"bold\">" . sec_input($riadok_without["ks"]) . "x</span> " . $product_type["meno"] . " <span class=\"bold\">" . $product["meno"] . "</span>\r\n " . $options_str . "\r\n <span class=\"smaller\"><br>obj. č. {$riadok_without["c_obj"]}/" . dateYear($riadok_without["datum"]) . " {$vlastne_cislo_obj} z " . dateDate($riadok_without["datum"]) . "</span>\r\n " . (empty($riadok_without["atyp_text"]) ? "" : "<br>Atyp: " . sec_input($riadok_without["atyp_text"])) . "\r\n " . (empty($riadok_without["komentar"]) ? "" : "<br>- " . sec_input($riadok_without["komentar"])) . "\r\n " . (empty($riadok_without["komentar_private"]) ? "" : "<br>- " . sec_input($riadok_without["komentar_private"])) . "</td>";
$ks_sum = $ks_sum + $riadok_without["ks"];
$query = "SELECT * from cp_vyrobny_plan_row WHERE id_cp_vyrobny_plan=" . sec_input(sec_sql($_GET["cp"])) . " AND id_objednavka_row=" . $riadok_without[id] . "";
//echo $query;
$cp_row = sql_query($query)[0];
//var_dump($cp_row);
$cena = $cp_row[cena];
$zlava = $cp_row[zlava];
$black = $cp_row[black];
$ppd = $cp_row[ppd];
$komis = $cp_row[komis];
$koment = $cp_row[koment];
$id_cp_product = $cp_row[id_cp_product];
$option_c_hladina = 1;
$options_str = array();
foreach ($riadok_without["product_atribute_options_all"] as $option) {
//var_dump($option);
$options = sql_query("SELECT id, meno, id_c_hladina FROM product_atribute_option WHERE id=" . sec_sql(sec_input($option)) . " LIMIT 1");
$options_str[] = $options[0]["meno"];
if ($options[0]["id_c_hladina"] > $option_c_hladina) {
$option_c_hladina = $options[0]["id_c_hladina"];
}
//$options["price"] = sql_query("SELECT id, cena FROM product_atribute_option WHERE id=".sec_sql(sec_input($option))." LIMIT 1");
}
//echo "SELECT id, cena FROM cp_product WHERE id=".$id_cp_product." AND id_product=".$product["id"]." ORDER BY id DESC LIMIT 1<br>";
$product_prices = sql_query("SELECT id, cena FROM cp_product WHERE id=" . $id_cp_product . " AND id_product=" . $product["id"] . " ORDER BY id DESC LIMIT 1")[0];
$regular_price = $product_prices[cena] . " €";
if (empty($cena)) {
$product_price = $product_prices[cena];
} else {
$product_price = $cena;
}
$product_ks_sum = $product_ks_sum + sec_input($riadok_without["ks"]);
$product_price_sum = $product_price * sec_input($riadok_without["ks"]);
// spocitanie ceny spolu za vsetky produkty
$products_prices_sums = $products_prices_sums + $product_price_sum;
$zlava_J = $product_price * $zlava / 100;
$zlava_E = $zlava_J * sec_input($riadok["ks"]);
$po_zlave_J = $product_price - $zlava_J;
$po_zlave = $product_price_sum - $zlava_E;
$po_zlave_sum = $po_zlave_sum + $po_zlave;
$sum_zakaznik = $sum_zakaznik + $po_zlave;
$product_price = $product_price . " €";
$message .= "<td class=\"form_nazov ali-center product-price bold\">" . $product_price . "</td>";
$message .= "<td class=\"form_nazov ali-center\">" . ($zlava > 0 ? "<span class=\"zlava-E bold\">" . $zlava . "%</span> <span class=\"smaller\">(" . $po_zlave_J . "€)</span>" : "") . "</span></td>";
$po_zlave = $po_zlave . " €";
$extra = array();
if ($ppd == 1) {
$extra[] = "PPD";
}
if ($black == 1) {
$extra[] = "DL";
}
if ($komis == 1) {
$extra[] = "KMS";
}
$message .= "<td class=\"form_nazov ali-center po-zlave-sum\">" . $po_zlave . "</td>";
$message .= "<td class=\"\">" . join(", ", $extra) . "</td>";
$message .= "<td><span class=\"smaller\">{$koment}</span></td>";
$message .= "</tr>";
}
}
}
}
if ($sum_zakaznik > 0) {
$message .= "<tr>";
$message .= "<td colspan=3 class=\"right\">Spolu pre zákazníka / objednávku</td>";
$message .= "<td colspan=3 class=\"bold\">{$sum_zakaznik} €</td>";
$message .= "</tr>";
}
$message .= "<tr class=\"cp_spolu bold\">\r\n \r\n <td>Spolu: " . $product_ks_sum . " ks</td> \r\n <td></td> \r\n <td></td>\r\n <td class=\"ali-center po-zlave-sum-all\">" . $po_zlave_sum . " €</td>\r\n <td></td>\r\n <td></td>\r\n <tr>";
$message .= "</table></div>";
/// koniec riadkov cenovej ponuky
$message .= "</table>";
$message .= "dokument vytvorený: " . date("j. n. Y - H:i") . "<br><br>";
return $message;
}
function display_form_data($fieldsets_c, $secure_key = "")
{
$data = $_SESSION["posted_form"];
$fieldsets_c = count($data["ks_all"]);
//var_dump($data);
//var_dump($_SESSION["csrf_key"]);
if ($_SESSION["csrf_key"] != $data["secure_csrf"]) {
echo "ACCESS_dennied!!";
header("location: ?vyber={$vyber}&page=1");
die;
}
//var_dump($data);
echo "<table id=\"form_data_objednavatel\" class=\"form_data_objednavatel\">\r\n <tr>\r\n <td class=\"hlavicka\">Meno / Firma</td><td class=\"objednavatel obj_meno\">" . sec_input($data["meno"]) . "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">Adresa</td><td class=\"objednavatel\">" . sec_input($data["adresa"]) . "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">Mesto</td><td class=\"objednavatel\">" . sec_input($data["psc"]) . " " . sec_input($data["mesto"]) . "</td>\r\n </tr>\r\n \r\n <tr>\r\n <td class=\"hlavicka\">IČO</td><td class=\"objednavatel\">" . sec_input($data["ico"]) . "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">DIČ</td><td class=\"objednavatel\">" . sec_input($data["dic"]) . "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">telefon</td><td class=\"objednavatel\">" . sec_input($data["telefon"]) . "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">email</td><td class=\"objednavatel\">" . sec_input($data["email"]) . "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">Vaše číslo obj.</td><td class=\"objednavatel\">" . sec_input($data["vlastne_cislo_obj"]) . "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">Vystavil</td><td class=\"objednavatel\">" . sec_input($data["vystavil"]) . "</td>\r\n </tr>";
echo "</table>";
echo "<table id=\"form_data_doruc\" class=\"form_data_objednavatel\">\r\n <tr>\r\n <td class=\"hlavicka\"></td><td class=\"objednavatel obj_meno\">Adresa doručenia</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">Meno / Firma</td><td class=\"objednavatel obj_meno\">" . sec_input($data["doruc_meno"]) . "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">Adresa</td><td class=\"objednavatel\">" . sec_input($data["doruc_adresa"]) . "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">Mesto</td><td class=\"objednavatel\">" . sec_input($data["doruc_psc"]) . " " . sec_input($data["doruc_mesto"]) . "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">Telefón</td><td class=\"objednavatel\">" . sec_input($data["doruc_telefon"]) . "</td>\r\n </tr>\r\n \r\n ";
echo "</table>";
//dd($data);
echo "<table id=\"form_data_table\">\r\n <tr>\r\n <th></th> \r\n <th>produkt</th>\r\n <th>množstvo</th>\r\n <th>doprava</th>\r\n <th>atyp text</th> \r\n <th></th>\r\n </tr>";
for ($i = 0; $i < $fieldsets_c; $i++) {
$poradie = 0;
$poradie = $i + 1;
echo "<tr>\r\n <td class=\"form_poradie\">{$poradie}. </td>\r\n ";
$product_type = sql_query("SELECT meno FROM product_type WHERE id=" . sec_sql(sec_input($data["product_type_all"][$i])) . " LIMIT 1");
$product_type = $product_type[0];
$product = sql_query("SELECT meno FROM product WHERE id=" . sec_sql(sec_input($data["product_all"][$i])) . " LIMIT 1")[0];
$options_str = array();
//dd($data);
if (!isset($data["product_atribute_options_all"][$i]) or empty($data["product_atribute_options_all"][$i])) {
$data["product_atribute_options_all"][$i] = array();
}
foreach ($data["product_atribute_options_all"][$i] as $option) {
//var_dump($option);
$options_str[] = sql_query("SELECT meno FROM product_atribute_option WHERE id=" . sec_sql(sec_input($option)) . " LIMIT 1")[0]["meno"];
}
//var_dump($options_str);
$options_str = empty($options_str) ? "" : " (" . join(" / ", $options_str) . ")";
echo "<td class=\"form_nazov_siroky\">" . $product_type["meno"] . " " . $product["meno"] . "" . $options_str . "</td>";
$product_delivery = sql_query("SELECT meno FROM product_delivery WHERE id=" . sec_sql(sec_input($data["product_delivery_all"][$i])) . " LIMIT 1");
$product_delivery = $product_delivery[0];
echo "<td class=\"form_ks\">" . sec_input($data["ks_all"][$i]) . " ks</td>";
echo "<td class=\"form_nazov ali-center\">" . $product_delivery["meno"] . "</td>";
echo "<td class=\"form_nazov\">" . sec_input($data["atyp_text_all"][$i]) . "</td>";
echo "<td class=\"td_vypocet\">" . ($vypocet > 0 ? $vypocet_final : "") . "</td>";
echo "</tr>";
}
echo "</table>";
echo "<div id=\"form_komentar\">\r\n " . sec_input($data["komentar"]) . " \r\n </div>";
echo "<div id=\"form_komentar\">\r\n " . sec_input($data["komentar_private"]) . " \r\n </div>";
echo "<form method=\"POST\" id=\"formular\" enctype=\"multipart/form-data\">";
echo "<div class=\"formular_buttons clearfix\">";
echo submit("submit_confirm", "Odoslať objednávku");
echo submit("submit_save", "Uložiť objednávku");
echo "<div class=\"confirm_order_another\"><a href=\"?vyber=formular&page=1\">Vrátiť sa Späť k úprave</a></div>";
echo "</div>";
echo "</form>\r\n \r\n ";
echo "<div class=\"help_text clearfix\">";
echo "<ul>";
echo "<li>Po odoslaní objednávky Vám bude doručený potvrdzujúci email</li>";
echo "<li>Ak si prajete objednávku ešte opraviť použite tlačítko <strong>Vrátiť sa Späť</strong></li>";
echo "<li>Ak Vaša objednávka ešte nie je v tejto chvíli kompletná a v jej dokončení chcete pokračovať neskôr, použite tlačítko <strong>Uložiť objednávku</strong>.<br>\r\n Po uložení Vám bude na Vašu adresu doručený email s potvrdením a inštukciami, ako pokračovať vo vypĺňaní uloženej objednávky.\r\n </li>";
echo "</ul>";
echo "</div>";
}
function send_email_revision_velkoobchod($revision)
{
//var_dump($revision);
//die();
require_once 'include/PHPMailer/PHPMailerAutoload.php';
$email_to_kraf = def_value("default_email", "hodnota");
mysql_query("BEGIN");
$data = sql_query("SELECT id_velkoobchod, komentar, sum,\r\n DATE_FORMAT(datum_vlastny, '%d. %m. %Y') AS datum\r\n FROM revizia_velkoobchod \r\n WHERE id={$revision} \r\n LIMIT 1");
$data_narez = sql_query("SELECT id_revizia as revizia, id_material as material, id_vyrobca as vyrobca, \r\n id_dekor as dekor, id_dekor_cena as dekor_cena, m2, m3, sum\r\n FROM porez_velkoobchod \r\n WHERE id_revizia={$revision}");
$data = $data[0];
$fieldsets_c = count($data_narez);
for ($i = 0; $i < $fieldsets_c; $i++) {
$m2[$i] = $data_narez[$i][m2];
$m3[$i] = $data_narez[$i][m3];
$material[$i] = $data_narez[$i][material];
$vyrobca[$i] = $data_narez[$i][vyrobca];
$dekor[$i] = $data_narez[$i][dekor];
$dekor_cena[$i] = $data_narez[$i][dekor_cena];
$sum[$i] = $data_narez[$i][sum];
}
$data[m2_all] = $m2;
$data[m3_all] = $m3;
$data[material_all] = $material;
$data[vyrobca_all] = $vyrobca;
$data[dekor_all] = $dekor;
$data[dekor_cena_all] = $dekor_cena;
$data[sum_all] = $sum;
//var_dump($data);
$data_obj = sql_query("SELECT id, DATE_FORMAT(datum_vlastny, '%d. %m. %Y') AS datum,\r\n DATE_FORMAT(datum, '%Y') AS rok\r\n FROM velkoobchod \r\n WHERE id=" . $data["id_velkoobchod"] . " LIMIT 1");
$data_obj = $data_obj[0];
//var_dump($data_obj); die();
$message = "<html><body>";
$message .= "<img src=\"http://" . def_value("default_url", "hodnota") . "/assets/images/logo.jpg\">";
$message .= "<h1>Objednávka č. " . $data_obj["id"] . "/" . $data_obj["rok"] . "</h1>";
$message .= "zo dňa: " . $data_obj["datum"] . "<br><br>";
$message .= "<table style=\"font-size: 10pt;\">\r\n <tr style=\"border-bottom: solid 1px darkslategrey ;\">\r\n <th style=\"background-color: lightsteelblue; color: white; padding:5px; font-size: 90%; width: 20px;\"></th>\r\n <th style=\"background-color: lightsteelblue; color: white; padding:5px; font-size: 90%; width: 130px;\">materiál</th>\r\n <th style=\"background-color: lightsteelblue; color: white; padding:5px; font-size: 90%; width: 150px;\">výrobca</th>\r\n <th style=\"background-color: lightsteelblue; color: white; padding:5px; font-size: 90%; width: 200px;\">dekor</th>\r\n <th style=\"background-color: lightsteelblue; color: white; padding:5px; font-size: 90%; width: 40px;\">ks</th>\r\n <th style=\"background-color: lightsteelblue; color: white; padding:5px; font-size: 90%; width: 40px;\">m3</th>\r\n <th style=\"background-color: lightsteelblue; color: white; padding:5px; font-size: 90%; width: 60px;\">j.cena</th>\r\n <th style=\"background-color: lightsteelblue; color: white; padding:5px; font-size: 90%; width: 50px;\">spolu</th>\r\n \r\n </tr>";
for ($i = 0; $i < $fieldsets_c; $i++) {
$poradie = 0;
$poradie = $i + 1;
$message .= "<tr>\r\n <td class=\"form_poradie\">{$poradie}. </td>";
$material = sql_query("SELECT meno FROM material WHERE id=" . sec_sql(sec_input($data["material_all"][$i])) . " LIMIT 1");
$material = $material[0];
$message .= "\r\n <td class=\"form_nazov\">" . $material["meno"] . "</td>";
$vyrobca = sql_query("SELECT meno FROM vyrobca WHERE id=" . sec_sql(sec_input($data["vyrobca_all"][$i])) . " LIMIT 1");
$vyrobca = $vyrobca[0];
$message .= "\r\n <td class=\"form_nazov\">" . $vyrobca["meno"] . "</td>";
$dekor = sql_query("SELECT meno FROM dekor WHERE id=" . sec_sql(sec_input($data["dekor_all"][$i])) . " LIMIT 1");
$dekor = $dekor[0];
$message .= "<td class=\"form_nazov\">" . $dekor[meno] . "</td>";
$message .= "\r\n <td class=\"form_hrana\">" . sec_input($data["m2_all"][$i]) . "</td>\r\n <td class=\"form_hrana\">" . sec_input($data["m3_all"][$i]) . "</td>";
$dekor_cena = sql_query("SELECT cena FROM cp_dekor_ks WHERE id=" . sec_sql(sec_input($data["dekor_cena_all"][$i])) . " LIMIT 1");
$dekor_cena = $dekor_cena[0];
$message .= "<td class=\"form_hrana\">" . round($dekor_cena[cena], 2) . "</td>";
$message .= "<td class=\"form_data_material\">" . round(sec_input($data["sum_all"][$i]), 2) . "</td>";
//var_dump($vypocet_paska_sum);
//$message .= "<td class=\"td_vypocet\">".($vypocet>0 ? $vypocet_final : "" )."</td>";
$message .= "</tr>";
}
$message .= "</table><br>";
$message .= "<div class=\"form_vypocet_sum\">Spolu: " . round($data["sum"], 2) . " </div>";
$message .= "<br>" . $data["komentar"] . "<br><br>";
$message .= "email vytvorený: " . date("j. n. Y - H:i") . "<br>";
$message .= "</body></html>";
mysql_query("COMMIT");
$headers = "From: \"KRaF - Veľkoobchod\" <" . $email_to_kraf . ">\r\n";
$headers .= "Reply-To: " . $email_to_kraf . "\r\n";
//$headers .= "CC: scooti@stonline.sk\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=UTF-8\r\n";
//print_r($message);
//exit();
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->CharSet = "UTF-8";
$mail->SMTPDebug = 0;
$mail->SMTPAuth = true;
//$mail->SMTPSecure = 'ssl';
$mail->Host = def_value("default_email_host", "hodnota");
$mail->Port = def_value("default_email_port", "hodnota");
$mail->Username = def_value("default_email_username", "hodnota");
$mail->Password = def_value("default_email_password", "hodnota");
$mail->isHTML(true);
$mail->setLanguage('sk', 'language/');
$mail->SetFrom(def_value("default_email", "hodnota"), def_value("default_firma", "hodnota"));
$email_to = $email_to_kraf;
$email_subject = "Velkoobchod č. " . $data_obj["id"] . "/" . $data_obj["rok"] . " zo dňa " . $data_obj["datum"] . "";
$mail->Subject = $email_subject;
$mail->Body = $message;
$mail->AddAddress($email_to);
$mail->Send();
//mail($email_to, $email_subject, $message, $headers);
//var_dump($email_to);
//var_dump($data["email"]);
//echo "Email bol úspešne odoslaný na adresu: $email_to";
}
function delete($table, $vyber, $id, $sub)
{
$id = sec_sql(sec_input($id));
$query = "Select vymaz from {$table} WHERE id={$id}";
$value = sql_query($query);
if ($value[0][vymaz] == 0) {
$vymaz = 1;
} else {
$vymaz = 0;
}
if (!is_numeric($id) or empty($id)) {
$error_msg[] = "ID ma nesprávnu hodnotu";
}
//var_dump($error_msg);
if (empty($error_msg)) {
$query = "UPDATE {$table}\r\n SET vymaz = {$vymaz}\r\n WHERE id = {$id}";
sql_update($query);
header("location: index.php?vyber={$vyber}&sub={$table}");
} else {
echo "<div id=error_message>" . implode("<br>", $error_msg) . "</div>";
}
echo "<h2>Skutočne chcete vymazať položku " . $value[0][meno] . "?</h2>";
echo "<form method=\"POST\">";
echo hidden("id", $value[id]);
echo submit("submit", "Vymazať");
echo "</form>";
}
}
if (isset($_GET["id"])) {
$id = sec_input($_GET["id"]);
}
if (isset($_GET["rok"])) {
$rok = sec_input($_GET["rok"]);
}
if (isset($_GET["mesiac"])) {
$mesiac = sec_input($_GET["mesiac"]);
}
if (isset($_GET["message"])) {
$message = sec_input($_GET["message"]);
}
if (isset($_POST["meno"])) {
$meno = sec_input($_POST["meno"]);
}
if (isset($_POST["adresa"])) {
$adresa = sec_input($_POST["adresa"]);
}
if (isset($_POST["ico_icdph"])) {
$ico_icdph = sec_input($_POST["ico_icdph"]);
}
if (isset($_POST["telefon"])) {
$telefon = sec_input($_POST["telefon"]);
}
if (isset($_POST["email"])) {
$email = sec_input($_POST["email"]);
}
if (isset($_POST["vyrobca"])) {
$vyrobca = sec_input(sec_sql($_POST["vyrobca"]));
}
$mtime = microtime();
$mtime = explode(" ", $mtime);
$mtime = $mtime[1] + $mtime[0];
$starttime = $mtime;
//var_dump($_SESSION);
if (isset($_GET["search_text"])) {
$search_text = sec_input($_GET["search_text"]);
}
if (isset($_GET["search_dodavatel"])) {
$search_dodavatel = sec_input($_GET["search_dodavatel"]);
}
if (isset($_GET["search_date_od"])) {
$search_date_od = sec_input($_GET["search_date_od"]);
}
if (isset($_GET["search_date_do"])) {
$search_date_do = sec_input($_GET["search_date_do"]);
}
//var_dump($search_date_od);
if ($search_text == "undefined") {
$search_text = "";
}
if ($search_zakaznik == "undefined") {
$search_zakaznik = "";
}
if (!isset($search_status)) {
$search_status = $_SESSION["search_status_do_objednavka"];
} else {
$_SESSION["search_status_do_objednavka"] = $search_status;
}
if (!isset($search_date_od)) {
$search_date_od = $_SESSION["search_date_od_do_objednavka"];
if (empty($error_msg)) {
//var_dump($_POST);
$_SESSION["posted_form_edit_rev"] = $form_data;
$data = $_SESSION["posted_form_edit_rev"];
//var_dump($data);
// vlozenie do revizii
mysql_query("BEGIN");
$query = "INSERT INTO revizia \n (id_obj, meno, adresa, mesto, psc, ico, dic, telefon, email, komentar, komentar_private,\n vystavil, vlastne_cislo_obj, doruc_meno, doruc_adresa, doruc_mesto, \n doruc_psc, doruc_telefon, datum, upravil)\n VALUES \n ({$order},\n \"" . sec_input(sec_sql($data["meno"])) . "\",\n \"" . sec_input(sec_sql($data["adresa"])) . "\",\n \"" . sec_input(sec_sql($data["mesto"])) . "\",\n \"" . sec_input(sec_sql($data["psc"])) . "\",\n \"" . sec_input(sec_sql($data["ico"])) . "\",\n \"" . sec_input(sec_sql($data["dic"])) . "\",\n \"" . sec_input(sec_sql($data["telefon"])) . "\",\n \"" . sec_input(sec_sql($data["email"])) . "\", \n \"" . sec_input(sec_sql($data["komentar"])) . "\",\n \"" . sec_input(sec_sql($data["komentar_private"])) . "\",\n \"" . sec_input(sec_sql($data["vystavil"])) . "\",\n \"" . sec_input(sec_sql($data["vlastne_cislo_obj"])) . "\",\n \"" . sec_input(sec_sql($data["doruc_meno"])) . "\",\n \"" . sec_input(sec_sql($data["doruc_adresa"])) . "\",\n \"" . sec_input(sec_sql($data["doruc_mesto"])) . "\",\n \"" . sec_input(sec_sql($data["doruc_psc"])) . "\",\n \"" . sec_input(sec_sql($data["doruc_telefon"])) . "\",\n now(), {$_SESSION['username']})";
$sql_revizia = sql_insert($query);
$revizia_id = $sql_revizia["inserted_id"];
$fieldsets_c = count($data["ks_all"]);
// vlozenie do porezu
$obj_delivery = 1;
for ($i = 0; $i < $fieldsets_c; $i++) {
$data_for_count = array("ks_all" => $data["ks_all"][$i], "product_type_all" => $data["product_type_all"][$i], "product_all" => $data["product_all"][$i], "product_delivery_all" => $data["product_delivery_all"][$i], "atyp_text_all" => $data["atyp_text_all"][$i], "vlastna_cena_all" => $data["vlastna_cena_all"][$i], "vyrobny_plan_all" => $data["vyrobny_plan_all"][$i]);
$query = "INSERT INTO objednavka_row \n (id_revizia, ks, id_product_type, id_product, id_product_delivery, atyp_text, vlastna_cena, vyrobny_plan)\n VALUES \n ({$revizia_id},\n " . sec_input(sec_sql($data["ks_all"][$i])) . ",\n " . sec_input(sec_sql($data["product_type_all"][$i])) . ",\n " . sec_input(sec_sql($data["product_all"][$i])) . ", \n \"" . sec_input(sec_sql($data["product_delivery_all"][$i])) . "\",\n \"" . sec_input(sec_sql($data["atyp_text_all"][$i])) . "\",\n \"" . sec_input(sec_sql($data["vlastna_cena_all"][$i])) . "\",\n \"" . sec_input(sec_sql($data["vyrobny_plan_all"][$i])) . "\"\n )";
$sql_porez = sql_insert($query);
$porez_id = $sql_porez["inserted_id"];
if ($data["product_delivery_all"][$i] == 4) {
$obj_delivery = $data["product_delivery_all"][$i];
}
if (!isset($data[product_atribute_options_all][$i]) or empty($data[product_atribute_options_all][$i])) {
$data[product_atribute_options_all][$i] = array();
}
foreach ($data[product_atribute_options_all][$i] as $key => $option) {
$query = "INSERT INTO objednavka_row_atribute \n (id_revizia, id_objednavka_row, id_product_atribute, id_product_atribute_option)\n VALUES ({$revizia_id}, {$porez_id}, {$key}, {$option})";
//var_dump($query);
$sql_porez_hrana = sql_insert($query);
}
}
sql_update("UPDATE objednavka SET delivery=\"{$obj_delivery}\"\n WHERE id=\"{$order}\"");
function display_form_data($fieldsets_c, $secure_key = "")
{
$data = $_SESSION["posted_form"];
$fieldsets_c = count($data["ks_all"]);
//dd($data);
//var_dump($_SESSION["csrf_key"]);
//df($data["secure_csrf"]);
//df($_SESSION["csrf_key"]);
if ($_SESSION["csrf_key"] != $data["secure_csrf"]) {
echo "ACCESS_dennied!!";
header("location: ?vyber={$vyber}&page=1");
die;
}
//var_dump($data);
echo "<table id=\"form_data_objednavatel\">\r\n <tr>\r\n <td class=\"hlavicka\">Meno / Firma</td><td class=\"objednavatel obj_meno\">" . sec_input($data["meno"]) . "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">Adresa</td><td class=\"objednavatel\">" . sec_input($data["adresa"]) . "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">IČO / IČ DPH</td><td class=\"objednavatel\">" . sec_input($data["ico_icdph"]) . "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">telefon</td><td class=\"objednavatel\">" . sec_input($data["telefon"]) . "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">email</td><td class=\"objednavatel\">" . sec_input($data["email"]) . "</td>\r\n </tr>";
echo "</table>";
echo "<table id=\"form_data_material\">\r\n <tr>\r\n <td class=\"hlavicka\">Rozmer</td>";
echo "<td class=\"objednavatel obj_meno\">\r\n " . sec_input($data["sirka"]) . " x " . sec_input($data["vyska"]) . " mm \r\n ";
echo "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">Počet dverí</td>";
echo "<td class=\"objednavatel\">\r\n " . sec_input($data["dvere_ks"]) . "";
echo "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">Madlo</td>";
$madlo = sql_query("SELECT meno, dvere, orez FROM madlo WHERE id=" . sec_sql(sec_input($data["madlo"])) . " LIMIT 1")[0];
$farba = sql_query("SELECT meno FROM farba WHERE id=" . sec_sql(sec_input($data["farba"])) . " LIMIT 1")[0];
echo "<td class=\"objednavatel\">" . $madlo["meno"] . "";
echo "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">Farba</td>";
echo "<td class=\"objednavatel\">" . $farba["meno"] . "";
echo "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"hlavicka\">Hrúbka</td>";
echo "<td class=\"objednavatel\">" . sec_input($data["hrubka_skrine"]) . "";
echo "</td>\r\n </tr>\r\n ";
echo "</table>";
echo "\r\n <script src=\"assets/addons/Snapsvg/dist/snap.svg-min.js\" type=\"text/javascript\"></script>\r\n <script src=\"assets/script/script_skrine.js?" . filemtime("assets/script/script_skrine.js") . "\" type=\"text/javascript\"></script>\r\n \r\n <div id=\"snap_skrine_display\">\r\n " . $data["svg"] . "\r\n </div>";
echo "<table id=\"form_data_table\">\r\n ";
for ($i = 1; $i <= $data["dvere_ks"]; $i++) {
//var_dump($data["dvere".$i]);
if (empty($data["hrana1_all"][$i])) {
$data["hrana1_all"][$i] = "0";
}
echo "<tr>\r\n <td class=\"skrine_middle\">{$i}. dvere </td> \r\n <td class=\"form_rozmer\">" . (!empty($data["dvere" . $i]["sirka"]) ? round(sec_input($data["dvere" . $i]["sirka"]), 2) . "mm" : $data["sirka"] / $data["dvere_ks"] . "") . "</td>\r\n <td class=\"form_dvere\">";
echo "<table class=\"predel\">";
echo "<tr><th></th><th></th><th></th></tr>";
foreach ($data["dvere" . $i]["predel"] as $key => $predel) {
//var_dump($predel);
echo "<tr>";
echo "<td class=\"predel_ks\">{$key}. </td>";
echo "<td class=\"predel_middle\">výška: <span class=\"bold\">" . $predel["vyska"] . "mm</span> </td>";
echo "<td class=\"\">";
if (!empty($predel["zrkadlo"])) {
echo "zrkadlo";
}
if (!empty($predel["lakobel"])) {
echo "lakobel";
}
$dekor_text = array();
if (!empty($predel["vyrobca"])) {
$vyrobca = sql_query("SELECT meno FROM vyrobca WHERE id=\"" . sec_sql(sec_input($predel["vyrobca"])) . "\" LIMIT 1")[0];
$dekor_text[] = $vyrobca["meno"];
}
if (!empty($predel["dekor"])) {
$dekor = sql_query("SELECT meno FROM dekor WHERE id=" . sec_sql(sec_input($predel["dekor"])) . " LIMIT 1")[0];
$dekor_text[] = $dekor["meno"];
}
if (!empty($predel["iny_dekor"])) {
$dekor_text[] = $predel["iny_dekor"];
}
echo implode(",", $dekor_text);
if (!empty($predel["vertikalne"])) {
echo ", vertikálne";
}
echo "</td>";
echo "</tr>";
}
echo "</table>";
echo "</td>";
echo "</tr>";
}
echo "</table>";
echo "<div class=\"form_vypocet_sum\"></div>";
echo "<div id=\"form_komentar\">\r\n " . sec_input($data["komentar"]) . " \r\n </div>";
echo "<form method=\"POST\" id=\"formular\">";
echo "<div class=\"formular_buttons clearfix\">";
echo submit("submit_confirm", "Odoslať objednávku");
echo submit("submit_save", "Uložiť objednávku");
echo "<div class=\"confirm_order_another\"><a href=\"?vyber=formular_skrine&page=1\">Vrátiť sa Späť k úprave</a></div>";
echo "</div>";
echo "</form>\r\n \r\n ";
echo "<div class=\"help_text clearfix\">";
echo "<ul>";
echo "<li>Po odoslaní objednávky Vám bude doručený potvrdzujúci email</li>";
echo "<li>Ak si prajete objednávku ešte opraviť použite tlačítko <strong>Vrátiť sa Späť</strong></li>";
echo "<li>Ak Vaša objednávka ešte nie je v tejto chvíli kompletná a v jej dokončení chcete pokračovať neskôr, použite tlačítko <strong>Uložiť objednávku</strong>.<br>\r\n Po uložení Vám bude na Vašu adresu doručený email s potvrdením a inštukciami, ako pokračovať vo vypĺňaní uloženej objednávky.\r\n </li>";
echo "</ul>";
echo "</div>";
}
function generate_csv_new($order, $revision, $sub = "")
{
mysql_query("BEGIN");
$rev = empty($revision) ? 0 : $revision;
sql_insert("INSERT INTO revizia_aktivita (uzivatel_id, revizia, status) \r\n VALUES ({$_SESSION[username]}, {$rev}, \"vytvorenie CSV\")");
$obj = sql_query("SELECT id, DATE_FORMAT(datum, '%d. %m. %Y, %H:%i') AS datum, status, c_obj\r\n FROM objednavka \r\n WHERE id=\"{$order}\"\r\n LIMIT 1");
$obj = $obj[0];
$rev = sql_query("SELECT DATE_FORMAT(datum, '%d. %m. %Y, %H:%i') AS datum,\r\n meno, adresa, ico_icdph, telefon, email, id_material, id_vyrobca, id_hrubka, id_dekor,\r\n dekor_vlastny, komentar\r\n FROM revizia \r\n WHERE id_obj=\"{$order}\" AND id=\"{$revision}\"\r\n LIMIT 1");
$rev = $rev[0];
$c_obj = $obj["c_obj"];
$material = sql_query("SELECT meno, max_dlzka, max_sirka\r\n FROM material \r\n WHERE id=\"" . $rev["id_material"] . "\" \r\n LIMIT 1")[0];
$hrubka = sql_query("SELECT id, hodnota\r\n FROM hrubka \r\n WHERE id=\"" . $rev["id_hrubka"] . "\" \r\n LIMIT 1")[0];
if (is_duplak($hrubka["id"])) {
$hrubka["hodnota"] = "18";
}
$meno_csv = sec_input(rep_dia($rev[meno]));
$meno_csv = str_replace('/', "", $meno_csv);
$meno_csv = str_replace(" ", "", $meno_csv);
$meno_csv = str_replace(".", "", $meno_csv);
//$material[meno] = str_replace(" ", "", $material[meno]);
$vyrobca[meno] = str_replace(" ", "", $vyrobca[meno]);
if (strlen($meno_csv) > 10) {
$meno_csv = substr($meno_csv, 0, 10);
}
$directory = "files/csv_new/obj-{$order}/rev-{$revision}";
if (!file_exists($directory)) {
mkdir($directory, 0777, true);
}
if (!empty($sub) && $sub == "pasy") {
$meno_csv = $meno_csv . "-pasy";
}
$fp = fopen("{$directory}/{$c_obj}-{$meno_csv}.csv", "w+");
$rev[meno] = rep_dia($rev[meno]);
$rev[meno] = str_replace(" ", "_", $rev[meno]);
$meno_suboru = $rev[meno] . "" . (strlen($dekor[hodnota]) > 1 ? "_{$dekor['hodnota']}" : "") . "";
$meno_suboru = mb_substr($meno_suboru, 0, 20, "UTF-8");
//$rev[meno] = str_replace("/", "", $rev[meno]);
/*
$hlavicka = "0;".rep_dia($material["meno"]).";2800;2070;18;*;10;10;10;10;1
"; */
$hlavicka = "";
$hlavicka2 = "";
$nar = sql_query("SELECT ks, dlzka, sirka, nazov, poznamka, duplak, hrubka, orientacia,\r\n hrana1, hrana2, hrana3, hrana4, duplak_paska\r\n FROM porez \r\n WHERE id_revizia=\"{$revision}\"\r\n ");
$hrana = sql_query("SELECT id, hodnota, hodnota_csv, meno\r\n FROM hrana \r\n ");
if (empty($material["max_dlzka"])) {
$max_dlzka = def_value("max_dlzka", "hodnota");
} else {
$max_dlzka = $material["max_dlzka"];
}
if (empty($material["max_sirka"])) {
$max_sirka = def_value("max_sirka", "hodnota");
} else {
$max_sirka = $material["max_sirka"];
}
//dd($material);
foreach ($nar as $value) {
//var_dump($value);
$value[nazov] = str_replace(" ", "_", rep_dia($value[nazov]));
$value[poznamka] = str_replace(" ", "_", rep_dia($value[poznamka]));
$value[nazov] = preg_replace("/[^A-Z0-9a-z\\w ]/u", '', $value[nazov]);
$value[poznamka] = preg_replace("/[^A-Z0-9a-z\\w ]/u", '', $value[poznamka]);
//if ($value[orientacia]==0) $value[orientacia] = "";
/*
if (!empty($value[nazov])) {
$value[nazov] = $value[nazov];
} else {
$value[nazov] = $rev[meno];
}
if (!empty($value[poznamka])) {
$value[poznamka] = $value[poznamka];
} else {
$value[poznamka] = $rev[meno];
}
*/
if (strlen($value[nazov]) > 30) {
$value[nazov] = substr($value[nazov], 0, 30);
}
if (strlen($value[poznamka]) > 40) {
$value[poznamka] = substr($value[poznamka], 0, 40);
}
//var_dump($value[nazov]);
foreach ($hrana as $value_hrana) {
//var_dump($value_hrana);
for ($i = 1; $i < 5; $i++) {
if ($value_hrana[id] == $value["hrana" . $i]) {
$value["hrana" . $i] = $value_hrana[meno];
$value["hrana" . $i . "_hodnota"] = $value_hrana[hodnota];
}
if ($value["hrana" . $i] == "0") {
$value["hrana" . $i] = "";
}
if ($value["hrana" . $i] != "" and is_duplak($value[hrubka]) or $value["hrana" . $i] != "" and $value[duplak_paska] == 1) {
$value["hrana" . $i] = "42/2";
}
}
}
/*
$orientacia = sql_query("SELECT meno, hodnota FROM orientacia WHERE id=\"$value[orientacia]\" LIMIT 1");
$orientacia = $orientacia[0][hodnota];
*/
$orientacia = $value["orientacia"];
if ($orientacia == 3) {
$orientacia = 0;
} else {
$orientacia = 1;
}
// nastavenie pre duplak
// ak hrubka je totozna s prednastavenou hodnotou pre duplak,
// automaticky zmeni pocet kusov * 2,
// dlzku a sirku predlzi o 20 a znovu ich prevedie na string
//var_dump(def_value("default_duplak", "hodnota"));
//dd($value["hrubka"]);
if (is_duplak($value[hrubka])) {
$value[ks] = $value[ks] * 2;
$value[ks] = "{$value['ks']}";
$value[poznamka] = $value[poznamka] . " Dup " . $value[dlzka] . "x" . $value[sirka] . " (rez " . ($value[dlzka] + 15) . "x" . ($value[sirka] + 15) . ")";
$value[dlzka] = $value[dlzka] + 30;
$value[dlzka] = "{$value['dlzka']}";
$value[sirka] = $value[sirka] + 30;
$value[sirka] = "{$value['sirka']}";
}
$meno_materialu = rep_dia($material["meno"] . $hrubka["hodnota"]);
if (!empty($sub) && $sub == "pasy") {
$meno_materialu = "NaPasy" . $hrubka["hodnota"];
} else {
if ($value[dlzka] > $max_dlzka - 20) {
$value[dlzka] = $max_dlzka - 20;
}
if ($value[sirka] > $max_sirka - 20) {
$value[sirka] = $max_sirka - 20;
}
}
//if (count($value[hrana1_hodnota])<1) $value[hrana1_hodnota] = " ";
//dd($value);
$narezovka[] = array("ks" => $value[ks], "dlzka" => $value[dlzka], "sirka" => $value[sirka], "nazov" => $value[nazov] . "", "poznamka" => "{$value['poznamka']}", "orientacia" => "{$orientacia}", "{$value['hrana1']}", "{$value['hrana2']}", "{$value['hrana3']}", "{$value['hrana4']}", $meno_materialu);
}
//var_dump($narezovka);
//die();
if ($fp) {
fwrite($fp, $hlavicka);
//fputcsv($fp, array_values($row), ";");
//fwrite($fp, $hlavicka2);
foreach ($narezovka as $fields) {
fputcsv($fp, $fields, ";");
}
}
$status_obj = def_value("default_obj_status_spracovana", "hodnota");
if ($obj["status"] == def_value("default_obj_status_cp", "hodnota")) {
$status_obj = def_value("default_obj_status_cp_spracovana", "hodnota");
}
$query = "UPDATE objednavka\r\n SET status={$status_obj}\r\n WHERE id=\"{$order}\"";
sql_update($query);
mysql_query("COMMIT");
ob_end_clean();
header('Content-Type: application/download');
header('Content-Disposition: attachment; filename="' . $c_obj . '-' . $meno_csv . '.csv"');
//header("Content-Length: " . filesize("{$c_obj}-{$meno_csv}.csv"));
header('Pragma: no-cache');
readfile("{$directory}/{$c_obj}-{$meno_csv}.csv");
//header("location: {$directory}/{$c_obj}-{$meno_csv}.csv");
exit;
}
$hrubka = sql_query("SELECT meno FROM hrubka WHERE id=" . sec_sql(sec_input($data["hrubka_all"][$i])) . " LIMIT 1");
$hrubka = $hrubka[0];
$message .= "\r\n <td class=\"form_hrana\">" . $hrubka["meno"] . "</td>";
$orientacia = sql_query("SELECT meno, hodnota FROM orientacia WHERE id=" . sec_sql(sec_input($data["orientacia_all"][$i])) . " LIMIT 1");
$orientacia = $orientacia[0];
$message .= "\r\n <td class=\"form_hrana\">" . $orientacia["meno"] . "</td>";
$hrana = sql_query("SELECT meno FROM hrana WHERE id=" . sec_sql(sec_input($data["hrana1_all"][$i])) . " LIMIT 1");
$hrana = $hrana[0];
$message .= "<td class=\"form_hrana\">" . $hrana[meno] . "</td>";
$hrana = sql_query("SELECT meno FROM hrana WHERE id=" . sec_sql(sec_input($data["hrana2_all"][$i])) . " LIMIT 1");
$hrana = $hrana[0];
$message .= "<td class=\"form_hrana\">" . $hrana[meno] . "</td>";
$hrana = sql_query("SELECT meno FROM hrana WHERE id=" . sec_sql(sec_input($data["hrana3_all"][$i])) . " LIMIT 1");
$hrana = $hrana[0];
$message .= "\r\n <td class=\"form_hrana\">" . $hrana[meno] . "</td>";
$hrana = sql_query("SELECT meno FROM hrana WHERE id=" . sec_sql(sec_input($data["hrana4_all"][$i])) . " LIMIT 1");
$hrana = $hrana[0];
$message .= "\r\n <td class=\"form_hrana\">" . $hrana[meno] . "</td>";
$vypocet = $data["dlzka_all"][$i] * $data["sirka_all"][$i] / 1000000;
$vypocet = $vypocet * $data["ks_all"][$i];
if ($data["hrubka_all"][$i] == def_value("default_duplak", "hodnota")) {
$paska = 0;
if ($data[hrana1_all][$i] > 0) {
$paska = $paska + $data[dlzka_all][$i];
}
if ($data[hrana3_all][$i] > 0) {
$paska = $paska + $data[dlzka_all][$i];
}
if ($data[hrana2_all][$i] > 0) {
$paska = $paska + $data[sirka_all][$i];
}
<?php
session_start();
$safe = "U,,5Enc!";
$root = $_SERVER['DOCUMENT_ROOT'];
include_once "config/datab.php";
// subor s nastaveniami databaz
include_once "config/fnc.php";
// vloženie hlavičky stránky
if (isset($_GET["select_vyrobca"])) {
$skryt_zakaznikom = "AND skryt_zakaznikom=0";
if ($_SESSION["logged"] == 1) {
$skryt_zakaznikom = "";
}
$vyrobca = sec_sql(sec_input($_GET["select_vyrobca"]));
echo select("dekor", "Dekor", "SELECT id, hodnota, meno FROM dekor WHERE id_vyrobca='{$vyrobca}' and vymaz=0 {$skryt_zakaznikom}\r\n ORDER BY meno");
}
function print_revision_cp($cp, $revision)
{
$data = sql_query("SELECT id_obj, meno, adresa, ico_icdph, telefon, email, id_material as material,\r\n id_vyrobca as vyrobca, id_dekor as dekor, dekor_vlastny, komentar,\r\n DATE_FORMAT(datum, '%d. %m. %Y, %H:%i') AS datum\r\n FROM revizia \r\n WHERE id={$revision} \r\n LIMIT 1");
//var_dump($data);
$data = $data[0];
$data_obj = sql_query("SELECT DATE_FORMAT(datum, '%d. %m. %Y, %H:%i') AS datum, c_obj, id_zakaznik,\r\n DATE_FORMAT(datum, '%Y') AS rok\r\n FROM objednavka \r\n WHERE id=" . $data["id_obj"] . " LIMIT 1");
$data_obj = $data_obj[0];
$message = "";
$message .= "<h1>Cenová ponuka k obj č. " . $data_obj["c_obj"] . " / " . $data_obj["rok"] . " rev. " . $revision . " </h1>";
$message .= "<h5>zo dňa: " . $data_obj["datum"] . "</h5>";
$message .= "<div class=\"print_hlavicka\">";
$message .= "<table class=\"print_dodavatel\"><tr><td></td><td><strong>Dodávateľ</strong></td></tr>";
$message .= "<tr><td></td><td>" . def_value("default_firma", "hodnota") . "</td></tr>";
$message .= "<tr><td></td><td>" . def_value("default_adresa", "hodnota") . "</td></tr>";
$message .= "<tr><td></td><td>" . def_value("default_mesto", "hodnota") . "</td></tr>";
$message .= "<tr><td>IČO:</td><td>" . def_value("default_ico", "hodnota") . "</td></tr>";
$message .= "<tr><td>DIČ:</td><td>" . def_value("default_dic", "hodnota") . "</td></tr>";
$message .= "<tr><td>tel.:</td><td>" . def_value("default_telefon", "hodnota") . "</td></tr>";
$message .= "<tr><td>mobil:</td><td>" . def_value("default_mobil", "hodnota") . "</td></tr>";
$message .= "<tr><td>email:</td><td>" . def_value("default_email", "hodnota") . ", " . def_value("default_email_2", "hodnota") . "</td></tr>";
$message .= "</table>";
if ($data_obj[id_zakaznik] > 0) {
$meno_zakaznika = sql_query("SELECT meno, adresa, ico_icdph, telefon, email FROM uzivatel WHERE id={$data_obj['id_zakaznik']} LIMIT 1");
$meno_zakaznika = $meno_zakaznika[0];
$data[meno] = $meno_zakaznika[meno];
$data[adresa] = $meno_zakaznika[adresa];
$data[ico_icdph] = $meno_zakaznika[ico_icdph];
$data[telefon] = $meno_zakaznika[telefon];
$data[email] = $meno_zakaznika[email];
}
$message .= "<div class=\"print_odberatel\"><table class=\"print_odberatel\"><tr><td></td><td>Objednávateľ:</td></tr>";
$message .= "<tr><td></td><td class=\"print_bigger\">" . $data["meno"] . "</td></tr>";
$message .= "<tr><td></td><td>" . $data["adresa"] . "</td></tr>";
$message .= "<tr><td>IČO:</td><td>" . $data["ico_icdph"] . "</td></tr>";
$message .= "<tr><td>tel.:</td><td>" . $data["telefon"] . "</td></tr>";
$message .= "<tr><td>email:</td><td>" . $data["email"] . "</td></tr>";
$message .= "</table>";
$message .= "</div>";
$message .= "<div class=\"print_hlavicka2\">";
$material = sql_query("SELECT meno FROM material WHERE id=" . sec_sql(sec_input($data["material"])) . " LIMIT 1");
$material = $material[0];
$message .= "<table><tr><td>materiál:</td><td class=\"print_bigger\">" . $material["meno"] . "</td></tr>";
$vyrobca = sql_query("SELECT meno FROM vyrobca WHERE id=\"" . sec_sql(sec_input($data["vyrobca"])) . "\" LIMIT 1");
$vyrobca = $vyrobca[0];
$dekor = sql_query("SELECT meno FROM dekor WHERE id=" . sec_sql(sec_input($data["dekor"])) . " LIMIT 1");
$dekor = $dekor[0];
$message .= "<tr><td>dekor:</td><td class=\"print_bigger\">" . $vyrobca["meno"] . " " . $dekor["meno"] . "</td></tr>";
$message .= "<tr><td>vlastný dekor:</td><td>" . $data["dekor_vlastny"] . "</td></tr>";
$message .= "</table><br></div>";
$message .= "<div class=\"print_hlavicka3\">\r\n <table class=\"c_ponuka\">\r\n <tr>\r\n \r\n <th style=\"width: 270px;\">položka CP</th>\r\n <th style=\"width: 60px;\">množstvo</th>\r\n <th style=\"width: 70px;\">jedn. cena</th>\r\n <th style=\"width: 70px;\">Celkom</th>\r\n </tr>";
//var_dump(sql_query("SELECT * from cp WHERE id=$cp"));
$data_narez = sql_query("SELECT c.vlastna_cena, c.dekor_ks, d.cena dekor_ks_cena, c.dekor_ks_sum,\r\n c.dekor_m2, c.dekor_m2_jedn dekor_m2_cena, c.dekor_m2_sum,\r\n c.porez, p.cena porez_cena, c.porez_sum,\r\n c.lepenie, l.cena lepenie_cena, c.lepenie_sum,\r\n c.cnc_priprava, c1.cena cnc_priprava_cena, c.cnc_priprava_sum,\r\n c.cnc_praca, c2.cena cnc_praca_cena, c.cnc_praca_sum,\r\n c.olep_obluk, o.cena olep_obluk_cena, c.olep_obluk_sum\r\n FROM cp c\r\n LEFT JOIN cp_dekor_ks d ON c.id_dekor_ks = d.id \r\n LEFT JOIN cp_porez p ON c.id_porez = p.id\r\n LEFT JOIN cp_lepenie l ON c.id_lepenie = l.id\r\n LEFT JOIN cp_cnc_opracovanie c1 ON c.id_cnc_priprava = c1.id\r\n LEFT JOIN cp_cnc_praca c2 ON c.id_cnc_praca = c2.id\r\n LEFT JOIN cp_olep_obluk o ON c.id_olep_obluk = o.id\r\n \r\n WHERE c.id={$cp} LIMIT 1");
$data_narez = $data_narez[0];
$fieldsets_c = count($data_narez);
for ($i = 0; $i < $fieldsets_c; $i++) {
$ks[$i] = $data_narez[$i][ks];
$dlzka[$i] = $data_narez[$i][dlzka];
$sirka[$i] = $data_narez[$i][sirka];
}
$data[ks_all] = $ks;
$data[dlzka_all] = $dlzka;
//var_dump($data_narez);
if ($data_narez[dekor_ks_cena] <= 0) {
$data_narez[dekor_ks_cena] = $data_narez[vlastna_cena];
}
$full_sum = 0;
$message .= riadok_print_cp($data_narez[dekor_ks], $data_narez[dekor_ks_cena], $data_narez[dekor_ks_sum], "Material ks");
$full_sum += $data_narez[dekor_ks_sum];
$message .= riadok_print_cp($data_narez[dekor_m2], $data_narez[dekor_m2_cena], $data_narez[dekor_m2_sum], "Material m2");
$full_sum += $data_narez[dekor_m2_sum];
$message .= riadok_print_cp($data_narez[porez], $data_narez[porez_cena], $data_narez[porez_sum], "Porez");
$full_sum += $data_narez[porez_sum];
$num_hrana = sql_query("SELECT id, hodnota FROM hrana WHERE vymaz=0 ORDER BY id");
foreach ($num_hrana as $hrana) {
$hrana_abs = sql_query("SELECT a.cena abs, b.cena, a.sum, c.hodnota from cp_hrana a \r\n LEFT JOIN cp_abs b\r\n ON a.id_abs = b.id\r\n LEFT JOIN hrana c\r\n ON b.id_hrana = c.id\r\n WHERE a.id_cp={$cp} AND c.id={$hrana['id']}");
$hrana_abs = $hrana_abs[0];
//var_dump($hrana);
if (!empty($hrana_abs[hodnota])) {
$message .= riadok_print_cp($hrana_abs[abs], $hrana_abs[cena], $hrana_abs[sum], $hrana_abs[hodnota]);
$full_sum += $hrana_abs[sum];
}
$hrana_sluzba = sql_query("SELECT a.cena abs, b.cena, a.sum, c.hodnota from cp_hrana_sluzba a \r\n LEFT JOIN cp_abs_sluzba b\r\n ON a.id_abs = b.id\r\n LEFT JOIN hrana c\r\n ON b.id_hrana = c.id\r\n WHERE a.id_cp={$cp} AND c.id={$hrana['id']}");
$hrana_sluzba = $hrana_sluzba[0];
//var_dump($hrana);
if (!empty($hrana_sluzba[hodnota])) {
$message .= riadok_print_cp($hrana_sluzba[abs], $hrana_sluzba[cena], $hrana_sluzba[sum], "- olepenie " . $hrana_sluzba[hodnota]);
$full_sum += $hrana_sluzba[sum];
}
}
$message .= riadok_print_cp($data_narez[lepenie], $data_narez[lepenie_cena], $data_narez[lepenie_sum], "Lepenie");
$full_sum += $data_narez[lepenie_sum];
$message .= riadok_print_cp($data_narez[cnc_priprava], $data_narez[cnc_priprava_cena], $data_narez[cnc_priprava_sum], "CNC programovanie");
$full_sum += $data_narez[cnc_priprava_sum];
$message .= riadok_print_cp($data_narez[cnc_praca], $data_narez[cnc_praca_cena], $data_narez[cnc_praca_sum], "CNC práca");
$full_sum += $data_narez[cnc_praca_sum];
$message .= riadok_print_cp($data_narez[olep_obluk], $data_narez[olep_obluk_cena], $data_narez[olep_obluk_sum], "Olep oblúkov");
$full_sum += $data_narez[olep_obluk_sum];
$num_sluzba = sql_query("SELECT popis, hodnota, cena, sum FROM cp_sluzba WHERE id_cp={$cp} ORDER BY id");
foreach ($num_sluzba as $sluzba) {
//var_dump($sluzba);
if (!empty($sluzba[popis])) {
$message .= riadok_print_cp($sluzba[hodnota], $sluzba[cena], $sluzba[sum], $sluzba[popis]);
//var_dump($hrana[sum]);
$full_sum = $full_sum + $sluzba[sum];
}
}
$full_sum = ceil(($full_sum + $full_sum * 0.2) * 100) / 100;
$message .= "</table>";
$message .= "<div class=\"cp_spolu\"><strong>Cena spolu: </strong>{$full_sum} €</div>";
$message .= "dokument vytvorený: " . date("j. n. Y - H:i") . "<br>\r\n Ceny sú uvádzané s DPH<br>";
return $message;
}
function edit($table, $vyber, $id)
{
$error_msg = array();
if ($_POST[submit]) {
$meno = sec_sql(sec_input($_POST["meno"]));
$adresa = sec_sql(sec_input($_POST["adresa"]));
$dic = sec_sql(sec_input($_POST["dic"]));
$telefon = sec_sql(sec_input($_POST["telefon"]));
$email = sec_sql(sec_input($_POST["email"]));
$email2 = sec_sql(sec_input($_POST["email2"]));
$old_password = sec_sql(sec_input($_POST["old_password"]));
$password = sec_sql(sec_input($_POST["password"]));
$password_confirm = sec_sql(sec_input($_POST["password_confirm"]));
//if(strlen($meno)>30 OR strlen($meno)<2) $error_msg[] = "Meno môže mať od 4 do 30 znakov";
if ($table == "uzivatel") {
//var_dump($skupina);
if (!empty($email)) {
if (strlen($email) > 50 or strlen($email) < 8) {
$error_msg[] = "email je povinný údaj a môže mať od 8 do 50 znakov";
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error_msg[] = "email je v nesprávnom tvare";
}
}
if (!empty($adresa)) {
if (strlen($adresa) > 40 or strlen($adresa) < 6) {
$error_msg[] = "adresa je povinný údaj a môže mať od 8 do 50 znakov";
}
}
if (!empty($telefon)) {
if (strlen($telefon) > 20 or strlen($telefon) < 5) {
$error_msg[] = "telefon je povinný údaj a môže mať od 8 do 50 znakov";
}
}
if (!is_numeric($id) or empty($id)) {
$error_msg[] = "ID ma nesprávnu hodnotu";
}
if (!empty($password) and !empty($old_password) and !empty($password_confirm)) {
$old_password_original = sql_query("SELECT heslo FROM {$table} WHERE id={$id} AND heslo=\"" . md5($old_password) . "\" LIMIT 1");
if (count($old_password_original) < 1) {
$error_msg[] = "Staré heslo nie je správne";
}
if (strlen($password) < 4 or strlen($password) > 30) {
$error_msg[] = "Heslo môže mať od 5 do 30 znakov";
}
if ($password != $password_confirm) {
$error_msg[] = "Heslá nie sú identické";
}
}
}
if (empty($error_msg)) {
if ($table == "uzivatel") {
if (empty($password) or empty($old_password) or empty($password_confirm)) {
$query = "UPDATE {$table}\r\n SET adresa = \"{$adresa}\", dic = \"{$dic}\", \r\n email = \"{$email}\", email2 = \"{$email2}\", telefon = \"{$telefon}\"\r\n WHERE id = {$id}";
} else {
$password = md5($password);
$query = "UPDATE {$table}\r\n SET heslo = \"{$password}\"\r\n WHERE id = {$id}";
}
}
sql_update($query);
//echo $id_perm_uroven;
header("location: index.php?vyber={$vyber}");
} else {
echo "<div id=error_message>" . implode("<br>", $error_msg) . "</div>";
}
}
$id = sec_sql($id);
$query = "Select id, hodnota, meno from " . PREFIX . "{$table} WHERE id={$id}";
if ($table == "uzivatel") {
$query = "Select id, meno, adresa, dic, telefon, email, email2, skupina, id_c_hladina, perm_uroven_id from {$table} WHERE id={$id}";
}
$value = sql_query($query);
$value = $value[0];
echo "<form method=\"POST\" enctype=\"multipart/form-data\">";
//hidden("id", $value[id]);
echo "<div class=\"bold\">" . $value[meno] . "</div>";
if ($table != "uzivatel") {
echo textfield("hodnota", $value[hodnota], "Hodnota", 40, 30);
}
if ($table == "uzivatel") {
echo textfield("adresa", $value[adresa], "adresa", 40, 20);
echo textfield("dic", $value[dic], "dič", 40, 20);
echo textfield("telefon", $value[telefon], "telefón", 40, 20);
echo textfield("email", $value[email], "email", 40, 20);
echo textfield("email2", $value[email2], "email2", 40, 20);
echo "<div class=\"help_form\">Zmena hesla:</div>";
echo textfield("old_password", $value[password], "Staré heslo", 40, 20, "", "", 1);
echo textfield("password", $value[password], "Nové heslo", 40, 20, "", "", 1);
echo textfield("password_confirm", "", "zopakujte heslo", 40, 20, "", "", 1);
}
echo submit("submit", "Odoslať");
echo "</form>";
}
<?php
header('Content-Type: application/json');
session_start();
$safe = "U,,5Enc!";
$root = $_SERVER['DOCUMENT_ROOT'];
include_once "config/datab.php";
// subor s nastaveniami databaz
include_once "config/fnc.php";
// vloženie hlavičky stránky
if ($_SESSION["logged"] != 1) {
return false;
}
if (isset($_GET["dekor"])) {
$dekor = sec_sql(sec_input($_GET["dekor"]));
//dd($dekor);
if ($dekor > 0) {
$query = "SELECT nahrada \r\n FROM dekor\r\n WHERE id=\"" . $dekor . "\"";
$nahrada = sql_query($query)[0]["nahrada"];
$query = "SELECT d.id, d.meno, v.id as id_vyrobca, v.meno as meno_vyrobca \r\n FROM dekor d\r\n INNER JOIN vyrobca v\r\n ON d.id_vyrobca=v.id\r\n WHERE d.id=\"" . $nahrada . "\"";
$nahrada = sql_query($query)[0];
//dd($nahrada);
echo json_encode($nahrada);
}
}
if (!empty($predel["zrkadlo"])) {
$predel["zrkadlo"] = 1;
$predel["vyrobca"] = "";
$predel["dekor"] = "";
$predel["vertikalne"] = 0;
}
if (!empty($predel["lakobel"])) {
$predel["lakobel"] = 1;
$predel["vyrobca"] = "";
$predel["dekor"] = "";
$predel["vertikalne"] = 0;
}
if (!empty($predel["vertikalne"])) {
$predel["vertikalne"] = 1;
}
$query = "INSERT INTO skrine \r\n (id_revizia, dvere, predel, sirka, vyska, zrkadlo, lakobel, \r\n vyrobca, dekor, iny_dekor, vertikalne)\r\n VALUES \r\n ({$revizia_id},\r\n {$i}, {$predel_num},\r\n " . sec_input(sec_sql($data["dvere" . $i]["sirka"])) . ",\r\n " . sec_input(sec_sql($predel["vyska"])) . ",\r\n \"" . sec_input(sec_sql($predel["zrkadlo"])) . "\",\r\n \"" . sec_input(sec_sql($predel["lakobel"])) . "\",\r\n \"" . sec_input(sec_sql($predel["vyrobca"])) . "\",\r\n \"" . sec_input(sec_sql($predel["dekor"])) . "\",\r\n \"" . sec_input(sec_sql($predel["iny_dekor"])) . "\",\r\n \"" . sec_input(sec_sql($predel["vertikalne"])) . "\"\r\n )";
//var_dump($query);
$sql_porez = sql_insert($query);
$predel_num = $predel_num + 1;
}
}
mysql_query("COMMIT");
unset($_SESSION["posted_form_edit_rev"]);
header("location: ?vyber=objednavky_skrine&order={$order}");
echo "<div id=\"form_data\">úspešne odoslané";
//var_dump($_SESSION["posted_form_edit_rev"]);
echo "</div>";
} else {
echo "<div id=error_message>" . implode("<br>", $error_msg) . "</div>";
}
}
function print_revision_cp($cp, $revision)
{
$data = sql_query("SELECT id_obj, meno, adresa, mesto, psc, ico, dic, telefon, email, vystavil, vlastne_cislo_obj,\r\n komentar, doruc_meno, doruc_adresa, doruc_mesto, doruc_psc,\r\n DATE_FORMAT(datum, '%d. %m. %Y, %H:%i') AS datum\r\n FROM revizia \r\n WHERE id={$revision} \r\n LIMIT 1");
$data_row = sql_query("SELECT * \r\n FROM objednavka_row\r\n WHERE id_revizia = " . $revision . "\r\n ");
$data = $data[0];
$fieldsets_c = count($data_row);
for ($i = 0; $i < $fieldsets_c; $i++) {
$ks[$i] = $data_row[$i][ks];
$product_type[$i] = $data_row[$i][id_product_type];
$product[$i] = $data_row[$i][id_product];
$product_delivery[$i] = $data_row[$i][id_product_delivery];
$atyp_text[$i] = $data_row[$i][atyp_text];
$data_row_option = sql_query("SELECT id_product_atribute, id_product_atribute_option \r\n FROM objednavka_row_atribute \r\n WHERE id_revizia=\"{$revision}\" AND id_objednavka_row=\"{$data_row[$i][id]}\"");
//dd($form_data_row_option);
foreach ($data_row_option as $option) {
$data_rows[$i][$option["id_product_atribute"]] = $option["id_product_atribute_option"];
}
}
$data[ks_all] = $ks;
$data[product_type_all] = $product_type;
$data[product_all] = $product;
$data[product_delivery_all] = $product_delivery;
$data[atyp_text_all] = $atyp_text;
$data[product_atribute_options_all] = $data_rows;
$files = sql_query("SELECT meno, meno_old, pripona \r\n FROM subor\r\n WHERE id_obj=" . $data["id_obj"] . "");
//var_dump($files);
$data_obj = sql_query("SELECT DATE_FORMAT(datum, '%d. %m. %Y, %H:%i') AS datum, c_obj, id_zakaznik,\r\n DATE_FORMAT(datum, '%Y') AS rok\r\n FROM objednavka \r\n WHERE id=" . $data["id_obj"] . " LIMIT 1");
$data_obj = $data_obj[0];
$message = "";
$message .= "<h1>Objednávka č. " . $data_obj["c_obj"] . "/" . $data_obj["rok"] . "</h1>";
$message .= "<h5>zo dňa: " . $data_obj["datum"] . "</h5>";
$message .= "<div class=\"print_hlavicka\">";
$message .= "<table class=\"print_dodavatel\"><tr><td></td><td><strong>Dodávateľ</strong></td></tr>";
$message .= "<tr><td></td><td>" . def_value("default_firma", "hodnota") . "</td></tr>";
$message .= "<tr><td></td><td>" . def_value("default_adresa", "hodnota") . "</td></tr>";
$message .= "<tr><td></td><td>" . def_value("default_mesto", "hodnota") . "</td></tr>";
$message .= "<tr><td>IČO:</td><td>" . def_value("default_ico", "hodnota") . "</td></tr>";
$message .= "<tr><td>DIČ:</td><td>" . def_value("default_dic", "hodnota") . "</td></tr>";
$message .= "<tr><td>tel.:</td><td>" . def_value("default_telefon", "hodnota") . "</td></tr>";
$message .= "<tr><td>mobil:</td><td>" . def_value("default_mobil", "hodnota") . "</td></tr>";
$message .= "<tr><td>email:</td><td>" . def_value("default_email", "hodnota") . "<br> " . def_value("default_email_2", "hodnota") . "</td></tr>";
$message .= "</table>";
if ($data_obj[id_zakaznik] > 0) {
$meno_zakaznika = sql_query("SELECT meno, adresa, ico, telefon, email FROM uzivatel WHERE id={$data_obj['id_zakaznik']} LIMIT 1");
$meno_zakaznika = $meno_zakaznika[0];
$data[meno] = $meno_zakaznika[meno];
$data[adresa] = $meno_zakaznika[adresa];
$data[ico] = $meno_zakaznika[ico];
$data[telefon] = $meno_zakaznika[telefon];
$data[email] = $meno_zakaznika[email];
}
$message .= "<div class=\"print_odberatel\"><table class=\"print_odberatel\"><tr><td></td><td>Objednávateľ:</td></tr>";
$message .= "<tr><td></td><td class=\"print_bigger\">" . $data["meno"] . "</td></tr>";
$message .= "<tr><td></td><td>" . $data["adresa"] . "</td></tr>";
$message .= "<tr><td></td><td>" . $data["psc"] . " " . $data["mesto"] . "</td></tr>";
$message .= "<tr><td>IČO:</td><td>" . $data["ico"] . "</td></tr>";
$message .= "<tr><td>DIČ:</td><td>" . $data["dic"] . "</td></tr>";
$message .= "<tr><td>tel.:</td><td>" . $data["telefon"] . "</td></tr>";
$message .= "<tr><td>email:</td><td>" . $data["email"] . "</td></tr>";
$message .= "</table>";
$message .= "</div>\r\n <div style=\"clear: both\"></div>\r\n </div>";
$data_row = sql_query("SELECT * \r\n FROM objednavka_row\r\n WHERE id_revizia = " . $revision . "\r\n ");
//var_dump($data_row);
$fieldsets_c = count($data_row);
for ($i = 0; $i < $fieldsets_c; $i++) {
$ks[$i] = $data_row[$i][ks];
$id[$i] = $data_row[$i][id];
$product_type[$i] = $data_row[$i][id_product_type];
$product[$i] = $data_row[$i][id_product];
$product_delivery[$i] = $data_row[$i][id_product_delivery];
$atyp_text[$i] = $data_row[$i][atyp_text];
$data_row_option = sql_query("SELECT id_product_atribute, id_product_atribute_option \r\n FROM objednavka_row_atribute \r\n WHERE id_revizia=\"{$revision}\" AND id_objednavka_row=\"{$data_row[$i][id]}\"");
//dd($form_data_row_option);
foreach ($data_row_option as $option) {
$data_rows[$i][$option["id_product_atribute"]] = $option["id_product_atribute_option"];
}
$query = "SELECT * from cp_row WHERE id_cp=" . sec_input(sec_sql($_GET["cp"])) . " AND id_objednavka_row=" . $data_row[$i][id] . "";
$cp_row = sql_query($query)[0];
$cena[$i] = $cp_row[cena];
$zlava[$i] = $cp_row[zlava];
//var_dump($cp_row);
}
$data[id_all] = $id;
$data[ks_all] = $ks;
$data[product_type_all] = $product_type;
$data[product_all] = $product;
$data[product_delivery_all] = $product_delivery;
$data[atyp_text_all] = $atyp_text;
$data[product_atribute_options_all] = $data_rows;
$data[product_price_all] = $cena;
$data[zlava_all] = $zlava;
/// riadky cenovej ponuky
$message .= "<div class=\"print_hlavicka3\">\r\n <table>\r\n <tr>\r\n \r\n <th style=\"width: 450px;\">produkt</th> \r\n <th style=\"width: 100px;\">doprava</th> \r\n <th style=\"width: 50px;\">j.cena</th>\r\n <th style=\"width: 50px;\">Spolu</th>\r\n <th style=\"width: 120px;\">zľava %</th>\r\n <th style=\"width: 80px;\">po zľave</th>\r\n </tr>";
//echo hidden("name", "value");
//var_dump($data);
$fieldsets_c = count($data["ks_all"]);
for ($i = 0; $i < $fieldsets_c; $i++) {
$poradie = 0;
$poradie = $i + 1;
$message .= "<tr>\r\n \r\n ";
$product_type = sql_query("SELECT meno FROM product_type WHERE id=" . sec_sql(sec_input($data["product_type_all"][$i])) . " LIMIT 1");
$product_type = $product_type[0];
$product = sql_query("SELECT id, meno FROM product WHERE id=" . sec_sql(sec_input($data["product_all"][$i])) . " LIMIT 1")[0];
$message .= hidden("id[]", $data["id_all"][$i]);
$options_str = array();
//var_dump($data);
if (!isset($data["product_atribute_options_all"][$i]) or empty($data["product_atribute_options_all"][$i])) {
$data["product_atribute_options_all"][$i] = array();
}
$option_c_hladina = 1;
foreach ($data["product_atribute_options_all"][$i] as $option) {
//var_dump($option);
$options = sql_query("SELECT id, meno, id_c_hladina FROM product_atribute_option WHERE id=" . sec_sql(sec_input($option)) . " LIMIT 1");
$options_str[] = $options[0]["meno"];
if ($options[0]["id_c_hladina"] > $option_c_hladina) {
$option_c_hladina = $options[0]["id_c_hladina"];
}
//$options["price"] = sql_query("SELECT id, cena FROM product_atribute_option WHERE id=".sec_sql(sec_input($option))." LIMIT 1");
}
$options_str = empty($options_str) ? "" : " (" . join(", ", $options_str) . ")";
$message .= "<td class=\"form_nazov_siroky\">" . sec_input($data["ks_all"][$i]) . "x " . $product_type["meno"] . " " . $product["meno"] . "" . $options_str . "" . (empty($data["atyp_text_all"][$i]) ? "" : "<br>Atyp: " . sec_input($data["atyp_text_all"][$i])) . "</td>";
$product_delivery = sql_query("SELECT meno FROM product_delivery WHERE id=" . sec_sql(sec_input($data["product_delivery_all"][$i])) . " LIMIT 1");
$product_delivery = $product_delivery[0];
$message .= "<td class=\"form_hrana\">" . $product_delivery["meno"] . "</td>";
$message .= hidden("ks[]", $data["ks_all"][$i]);
if (empty($data[product_price_all][$i])) {
$product_prices = sql_query("SELECT id, cena FROM cp_product WHERE id_c_hladina=" . $option_c_hladina . " AND id_product=" . $product["id"] . " ORDER BY id DESC LIMIT 1")[0];
$product_price = $product_prices[cena];
} else {
$product_price = $data[product_price_all][$i];
}
$product_ks_sum = $product_ks_sum + sec_input($data["ks_all"][$i]);
$product_price_sum = $product_price * sec_input($data["ks_all"][$i]);
$message .= hidden("id_cp_product[]", $product_prices[id]);
// spocitanie ceny spolu za vsetky produkty
$products_prices_sums = $products_prices_sums + $product_price_sum;
$zlava_E = $product_price_sum * $data[zlava_all][$i] / 100;
$po_zlave = $product_price_sum - $zlava_E;
$po_zlave_sum = $po_zlave_sum + $po_zlave;
if (!empty($data["atyp_text_all"][$i])) {
$product_price = $data[product_price_all][$i] . " €";
} else {
$product_price = $product_price . " €";
}
$message .= "<td class=\"form_nazov ali-center product-price\">" . $product_price . "</td>";
$message .= "<td class=\"form_nazov ali-center\"><span class=\"cena-spolu-product\">" . $product_price_sum . "</span> €</td>";
$message .= "<td class=\"form_nazov ali-center\"><span class=\"zlava-E bold\">" . ($zlava_E > 0 ? "-" . $zlava_E . " €" : "") . "</span>" . ($data[zlava_all][$i] > 0 ? " (" . $data[zlava_all][$i] . "%)" : "") . "</td>";
$message .= "<td class=\"form_nazov ali-center po-zlave-sum bold\">" . $po_zlave . " €</td>";
$message .= "</tr>";
}
$message .= "<tr class=\"cp_spolu bold\">\r\n \r\n <td>Spolu:</td>\r\n <td class=\"ali-center\">" . $product_ks_sum . " ks</td>\r\n <td></td>\r\n <td class=\"ali-center\">" . $products_prices_sums . " €</td>\r\n <td></td>\r\n <td class=\"ali-center po-zlave-sum-all\">" . $po_zlave_sum . " €</td>\r\n \r\n <tr>";
$message .= "</table></div>";
/// koniec riadkov cenovej ponuky
$message .= "</table>";
$message .= "dokument vytvorený: " . date("j. n. Y - H:i") . "<br><br>";
return $message;
}
<?php
session_start();
$safe = "U,,5Enc!";
$root = $_SERVER['DOCUMENT_ROOT'];
include_once "config/datab.php";
// subor s nastaveniami databaz
include_once "config/fnc.php";
// vloženie hlavičky stránky
if (isset($_GET["select_product_type"])) {
$skryt_zakaznikom = "AND pd.skryt_zakaznikom=0";
if ($_SESSION["logged"] == 1) {
$skryt_zakaznikom = "";
}
$product_type = sec_sql(sec_input($_GET["select_product_type"]));
echo select("product_delivery[]", "Doprava", "SELECT pd.id, pd.meno FROM product_delivery pd \r\n INNER JOIN product_delivery_product_types pt ON pt.id_product_delivery = pd.id \r\n WHERE pd.vymaz=0 AND id_product_type='{$product_type}' {$skryt_zakaznikom}\r\n ORDER BY def DESC, meno", "", "", "product_delivery_v", "", "NO");
//var_dump($_SESSION);
}
$heslo = sec_sql(sec_input($_POST[heslo]));
//echo "$meno / $heslo <br>";
$heslo = md5($heslo);
$login = sql_query("SELECT * FROM uzivatel WHERE meno=\"{$meno}\" AND heslo=\"{$heslo}\" AND vymaz=0 LIMIT 1 ");
//dd("SELECT id, meno, perm_uroven_id FROM uzivatel WHERE meno=\"$meno\" AND heslo=\"$heslo\" AND vymaz=0 LIMIT 1");
//var_dump($_SESSION);
if (count($login) == 1) {
sql_insert("INSERT INTO uzivatel_aktivita (uzivatel_id, status) \r\n VALUES ({$login[0][id]}, 1)");
$_SESSION["logged"] = 1;
$_SESSION["username"] = $login[0][id];
$_SESSION["perm_uroven"] = $login[0][perm_uroven_id];
$_SESSION["name"] = $login[0][meno];
$_SESSION["logged_user_details"] = array();
}
}
if (sec_input($_GET[logout]) == "logout") {
sql_insert("INSERT INTO uzivatel_aktivita (uzivatel_id, status) \r\n VALUES ({$_SESSION[username]}, 0)");
session_destroy();
redirect();
}
include_once "config/vrch.php";
// vloženie hlavičky stránky
echo "<img src=\"http://{$_SERVER['HTTP_HOST']}/assets/images/logo.jpg\" class=\"logo\">";
if ($_SESSION["logged"] == 1) {
if (empty($_SESSION["perm_uroven"])) {
$_SESSION["perm_uroven"] = 0;
}
echo "<div class=\"user\">\r\n Prihlásený: <strong>" . $_SESSION["name"] . "</strong> / <a href=\"?logout=logout\">Odhlásiť sa</a><br>\r\n <a href=\"?vyber=edit_profile\">Upraviť profil</a>\r\n </div>";
echo "<div class=\"tasker_wrapper\">";
include "task_ajax.php";
echo "</div>";
}
include_once "config/datab.php";
// subor s nastaveniami databaz
include_once "config/fnc.php";
// vloženie hlavičky stránky
include_once "config/config.php";
// vloženie hlavičky stránky
$mtime = microtime();
$mtime = explode(" ", $mtime);
$mtime = $mtime[1] + $mtime[0];
$starttime = $mtime;
$id = sec_sql(sec_input($_GET["id"]));
$revision = sec_sql(sec_input($_GET["revision"]));
if (isset($_GET["product"]) and !empty($_GET["product"])) {
$product = sec_sql(sec_input($_GET["product"]));
$vyrobny_plan = sec_sql(sec_input($_GET["id"]));
mysql_query("BEGIN");
sql_update("UPDATE objednavka_row\r\n SET\r\n vyrobny_plan = 0\r\n WHERE id = {$product}\r\n ");
$id_obj = sql_query("SELECT r.id_obj FROM revizia r\r\n INNER JOIN objednavka_row o\r\n ON r.id = o.id_revizia\r\n WHERE o.id = {$product} ")[0]["id_obj"];
sql_update("UPDATE objednavka SET status = 0 \r\n WHERE id={$id_obj}");
sql_delete("DELETE from vyrobny_plan_row \r\n WHERE id_vyrobny_plan = \"{$id}\" AND\r\n id_revizia_vyrobny_plan = \"{$revision}\" AND\r\n id_objednavka_row = \"{$product}\"\r\n ");
mysql_query("COMMIT");
}
$query = "SELECT r.id, r.ks, r.atyp_text, r.id_revizia, pt.meno product_type, p.meno product\r\n FROM objednavka_row r\r\n INNER JOIN product p\r\n ON r.id_product = p.id\r\n INNER JOIN product_type pt\r\n ON r.id_product_type = pt.id\r\n INNER JOIN vyrobny_plan_row vpr\r\n ON r.id = vpr.id_objednavka_row\r\n WHERE vpr.id_vyrobny_plan = {$id} AND\r\n vpr.id_revizia_vyrobny_plan = {$revision}\r\n AND r.vymaz = 0\r\n ORDER BY r.id DESC";
$products = sql_query($query);
//var_dump($products);
foreach ($products as $key => $product) {
$query = "SELECT * from revizia r\r\n INNER JOIN objednavka o\r\n ON r.id_obj = o.id\r\n WHERE r.id = {$product["id_revizia"]}\r\n limit 1";
$products[$key]["revizia"] = sql_query($query)[0];
$products[$key]["options"] = sql_query("\r\n SELECT o.meno\r\n FROM objednavka_row_atribute as a \r\n INNER JOIN product_atribute_option as o\r\n ON a.id_product_atribute_option = o.id \r\n WHERE a.id_revizia = {$product["id_revizia"]}\r\n AND a.id_objednavka_row = {$product["id"]}\r\n ORDER BY a.id_product_atribute\r\n ");
}
<?php
if ($_GET[id] and $janko == "janko") {
//var_dump($_POST);
$id = sec_sql(sec_input($_GET["id"]));
$table = "cp_abs";
$original_id_c_hladina = 3;
$new_id_c_hladina = 1;
$original = sql_query("SELECT * from {$table} where id = {$id}")[0];
var_dump($original);
$percent = 25;
$percentage = $original["cena"] * $percent / 100;
$percentage = number_format($original["cena"] - $percentage, 2);
//var_dump($percentage);
$query = "INSERT INTO {$table} (id_hrana, id_abs_vyrobca, id_c_hladina, id_c_hladina_typ, cena, datum, vytvoril)\r\n VALUES (\"" . $original["id_hrana"] . "\", \"" . $original["id_abs_vyrobca"] . "\", \"{$new_id_c_hladina}\", \"" . $original["id_c_hladina_typ"] . "\", \r\n \"{$percentage}\", now(), {$_SESSION['username']})\r\n ";
echo $query;
sql_insert($query);
/*
$query = "INSERT INTO $table (id_c_hladina, id_c_hladina_typ, cena, datum, vytvoril)
VALUES (\"$c_hladina\", \"$c_hladina_typ\", \"$cena\", now(), $_SESSION[username])
";
if ($table=="cp_abs") {
$query = "INSERT INTO $table (id_hrana, id_abs_vyrobca, id_c_hladina, id_c_hladina_typ, cena, datum, vytvoril)
VALUES (\"$id_hrana\", \"$cp_abs_vyrobca\", \"$c_hladina\", \"$c_hladina_typ\",
\"$cena\", now(), $_SESSION[username])
";
}
sql_insert($query);
function print_do_objednavka()
{
if (isset($_POST["filter_by_dodavatel"])) {
$filter_dodavatel = sec_input($_POST["filter_by_dodavatel"]);
}
if (isset($_POST["filter_date_od"])) {
$filter_date_od = sec_input($_POST["filter_date_od"]);
}
if (isset($_POST["search_date_do"])) {
$search_date_do = sec_input($_POST["search_date_do"]);
}
$where[] = "o.vymaz=0";
if (!empty($filter_dodavatel)) {
$where[] = "o.id_dodavatel = {$filter_dodavatel}";
}
if (!empty($filter_date_od)) {
$where[] = "o.datum >= \"{$filter_date_od}\"";
}
if (!empty($search_date_do)) {
$where[] = "o.datum <= \"{$search_date_do}\"";
}
$query = "SELECT * from dodavatel WHERE id={$filter_dodavatel}";
$dodavatel = sql_query($query)[0];
$query = "SELECT o.id, DATE_FORMAT(datum, '%d. %m. %Y, %H:%i:%s') AS dat_upr, komplet, dod.meno as dodavatel, o.poznamka \r\n FROM do_objednavka o\r\n INNER JOIN dodavatel dod\r\n ON o.id_dodavatel = dod.id\r\n WHERE " . implode(" AND ", $where) . " ";
$query .= "ORDER BY datum DESC";
//var_dump($query);
echo "<table id=\"all_orders\">";
echo "<thead> <tr>\r\n \r\n <th>dátum</th>\r\n <th>produkt</th>\r\n <th>dodávateľ</th>\r\n <th>zákazník</th> \r\n \r\n </tr></thead><tbody>";
//var_dump($where);
$objednavka = sql_query($query);
//$objednavka = $objednavka[0];
//var_dump($objednavka);
if (count($objednavka) > 0) {
foreach ($objednavka as $obj) {
$revizia = sql_query("\r\n SELECT objr.*, p.meno, p.email_meno\r\n FROM do_objednavka_row objr\r\n INNER JOIN do_produkt p\r\n ON objr.id_do_produkt = p.id\r\n WHERE objr.id_do_objednavka = " . $obj["id"] . "\r\n ORDER BY objr.datum DESC LIMIT 1\r\n ");
$revizia = $revizia[0];
echo "\r\n <tr class=\"obj_" . $obj[nastavenie] . "\">\r\n ";
echo "<td class=\"obj_datum do_obj_datum\">" . $obj["dat_upr"] . " </td>\r\n <td class=\"obj_datum do_obj_produkt\"><a href=\"?vyber=do_objednavka&order=" . $obj[id] . "\">\r\n " . (!empty($revizia[ks]) ? $revizia["ks"] . $revizia["jednotka"] . " " : "") . "\r\n " . (!empty($revizia[email_meno]) ? $revizia[email_meno] : $revizia[meno]) . "\r\n </a></td>\r\n <td class=\"obj_datum\"><a href=\"?vyber=do_objednavka&order=" . $obj[id] . "\">{$obj['dodavatel']}</a></td>";
//var_dump($vyroba2);
echo "<td class=\"obj_status\">" . $revizia[zakaznik] . "</td> \r\n \r\n </tr>\r\n ";
}
}
echo "</tbody></table>";
echo "dokument vytvorený: " . date("j. n. Y - H:i") . "<br><br>";
//dd($_POST);
}
function send_email_revision_cp($revision, $cp)
{
require_once 'include/PHPMailer/PHPMailerAutoload.php';
$email_to_kraf = def_value("default_email", "hodnota");
mysql_query("BEGIN");
$data = sql_query("SELECT id_obj, meno, adresa, ico_icdph, telefon, email, id_material as material,\r\n id_vyrobca as vyrobca, id_dekor as dekor, dekor_vlastny, komentar,\r\n DATE_FORMAT(datum, '%d. %m. %Y, %H:%i') AS datum\r\n FROM revizia \r\n WHERE id={$revision} \r\n LIMIT 1");
$data_narez = sql_query("SELECT ks, dlzka, sirka, nazov, poznamka, hrubka, orientacia,\r\n hrana1, hrana2, hrana3, hrana4\r\n FROM porez \r\n WHERE id_revizia={$revision}");
$data = $data[0];
$fieldsets_c = count($data_narez);
for ($i = 0; $i < $fieldsets_c; $i++) {
$ks[$i] = $data_narez[$i][ks];
$dlzka[$i] = $data_narez[$i][dlzka];
$sirka[$i] = $data_narez[$i][sirka];
$nazov[$i] = $data_narez[$i][nazov];
$poznamka[$i] = $data_narez[$i][poznamka];
$hrubka[$i] = $data_narez[$i][hrubka];
$orientacia[$i] = $data_narez[$i][orientacia];
$hrana1[$i] = $data_narez[$i][hrana1];
$hrana2[$i] = $data_narez[$i][hrana2];
$hrana3[$i] = $data_narez[$i][hrana3];
$hrana4[$i] = $data_narez[$i][hrana4];
}
$data[ks_all] = $ks;
$data[dlzka_all] = $dlzka;
$data[sirka_all] = $sirka;
$data[nazov_all] = $nazov;
$data[poznamka_all] = $poznamka;
$data[hrubka_all] = $hrubka;
$data[orientacia_all] = $orientacia;
$data[hrana1_all] = $hrana1;
$data[hrana2_all] = $hrana2;
$data[hrana3_all] = $hrana3;
$data[hrana4_all] = $hrana4;
$files = sql_query("SELECT meno, meno_old, pripona \r\n FROM subor\r\n WHERE id_obj=" . $data["id_obj"] . "");
//var_dump($data);
$data_obj = sql_query("SELECT DATE_FORMAT(datum, '%d. %m. %Y, %H:%i') AS datum, c_obj,\r\n DATE_FORMAT(datum, '%Y') AS rok\r\n FROM objednavka \r\n WHERE id=" . $data["id_obj"] . " LIMIT 1");
$data_obj = $data_obj[0];
$message = "<html><body>";
$message .= "<img src=\"http://" . def_value("default_url", "hodnota") . "/assets/images/logo.jpg\">";
$message .= "<h1>Cenová ponuka k objednávke č. " . $data_obj["c_obj"] . " / " . $data_obj["rok"] . "</h1>";
$message .= "zo dňa: " . $data_obj["datum"] . "<br><br>";
$message .= "<table><tr>";
$message .= "<td style=\"width: 400px;\"><strong>Dodávateľ</strong><br>";
$message .= "<table><tr><td>" . def_value("default_firma", "hodnota") . "</td></tr>";
$message .= "<tr><td>" . def_value("default_adresa", "hodnota") . "<br>" . def_value("default_mesto", "hodnota") . "</td></tr>";
$message .= "<tr><td>IČO: " . def_value("default_ico", "hodnota") . "<br> DIČ: " . def_value("default_dic", "hodnota") . "</td></tr>";
$message .= "<tr><td>" . def_value("default_telefon", "hodnota") . "<br> " . def_value("default_mobil", "hodnota") . "</td></tr>";
$message .= "<tr><td>" . def_value("default_email", "hodnota") . "<br> " . def_value("default_email_2", "hodnota") . "</td></tr>";
$message .= "</table><br><br></td>";
$message .= "<td style=\"width: 50%;\"><strong>Objednávateľ:</strong>";
$message .= "<table><tr><td>" . $data["meno"] . "</td></tr>";
$message .= "<tr><td>" . $data["adresa"] . "</td></tr>";
$message .= "<tr><td>" . $data["ico_icdph"] . "</td></tr>";
$message .= "<tr><td>" . $data["telefon"] . "</td></tr>";
$message .= "<tr><td>" . $data["email"] . "</td></tr>";
$message .= "</table><br><br></td>";
$message .= "</tr></table>";
$message .= "<strong>Materiál:</strong>";
$material = sql_query("SELECT meno FROM material WHERE id=" . sec_sql(sec_input($data["material"])) . " LIMIT 1");
$material = $material[0];
$message .= "<table><tr><td>" . $material["meno"] . "</td></tr>";
$vyrobca = sql_query("SELECT meno FROM vyrobca WHERE id=" . sec_sql(sec_input($data["vyrobca"])) . " LIMIT 1");
$vyrobca = $vyrobca[0];
$dekor = sql_query("SELECT meno FROM dekor WHERE id=" . sec_sql(sec_input($data["dekor"])) . " LIMIT 1");
$dekor = $dekor[0];
$message .= "<tr><td>" . $vyrobca["meno"] . " " . $dekor["meno"] . "</td></tr>";
$message .= "<tr><td>" . $data["dekor_vlastny"] . "</td></tr>";
$message .= "</table><br><br>";
$message .= "<div class=\"print_hlavicka3\">\r\n <table style=\"font-size: 100%;\">\r\n <tr style=\"background-color: #efefef; font-size: 9pt;\">\r\n \r\n <th style=\"width: 350px;\">položka</th>\r\n <th style=\"width: 80px;\">množstvo</th>\r\n <th style=\"width: 80px;\">jedn. cena</th>\r\n <th style=\"width: 80px;\">Celkom</th>\r\n </tr>";
//var_dump(sql_query("SELECT * from cp WHERE id=$cp"));
$data_narez = sql_query("SELECT c.vlastna_cena, c.dekor_ks, d.cena dekor_ks_cena, c.dekor_ks_sum,\r\n c.dekor_m2, c.dekor_m2_jedn dekor_m2_cena, c.dekor_m2_sum,\r\n c.porez, p.cena porez_cena, c.porez_sum,\r\n c.lepenie, l.cena lepenie_cena, round(lepenie_sum, 2) lepenie_sum,\r\n c.cnc_priprava, c1.cena cnc_priprava_cena, c.cnc_priprava_sum,\r\n c.cnc_praca, c2.cena cnc_praca_cena, c.cnc_praca_sum,\r\n c.olep_obluk, o.cena olep_obluk_cena, c.olep_obluk_sum\r\n FROM cp c\r\n LEFT JOIN cp_dekor_ks d ON c.id_dekor_ks = d.id \r\n LEFT JOIN cp_porez p ON c.id_porez = p.id\r\n LEFT JOIN cp_lepenie l ON c.id_lepenie = l.id\r\n LEFT JOIN cp_cnc_opracovanie c1 ON c.id_cnc_priprava = c1.id\r\n LEFT JOIN cp_cnc_praca c2 ON c.id_cnc_praca = c2.id\r\n LEFT JOIN cp_olep_obluk o ON c.id_olep_obluk = o.id\r\n \r\n WHERE c.id={$cp} LIMIT 1");
$data_narez = $data_narez[0];
$fieldsets_c = count($data_narez);
for ($i = 0; $i < $fieldsets_c; $i++) {
$ks[$i] = $data_narez[$i][ks];
$dlzka[$i] = $data_narez[$i][dlzka];
$sirka[$i] = $data_narez[$i][sirka];
}
$data[ks_all] = $ks;
$data[dlzka_all] = $dlzka;
//var_dump($data_narez);
if ($data_narez[dekor_ks_cena] <= 0) {
$data_narez[dekor_ks_cena] = $data_narez[vlastna_cena];
}
$full_sum = 0;
$message .= riadok_print_cp($data_narez[dekor_ks], $data_narez[dekor_ks_cena], $data_narez[dekor_ks_sum], "Material ks");
$full_sum += $data_narez[dekor_ks_sum];
$message .= riadok_print_cp($data_narez[dekor_m2], $data_narez[dekor_m2_cena], $data_narez[dekor_m2_sum], "Material m2");
$full_sum += $data_narez[dekor_m2_sum];
$message .= riadok_print_cp($data_narez[porez], $data_narez[porez_cena], $data_narez[porez_sum], "Porez");
$full_sum += $data_narez[porez_sum];
$num_hrana = sql_query("SELECT id, hodnota FROM hrana WHERE vymaz=0 ORDER BY id");
foreach ($num_hrana as $hrana) {
$hrana_abs = sql_query("SELECT a.cena abs, b.cena, a.sum, c.hodnota from cp_hrana a \r\n LEFT JOIN cp_abs b\r\n ON a.id_abs = b.id\r\n LEFT JOIN hrana c\r\n ON b.id_hrana = c.id\r\n WHERE a.id_cp={$cp} AND c.id={$hrana['id']}");
$hrana_abs = $hrana_abs[0];
//var_dump($hrana);
if (!empty($hrana_abs[hodnota])) {
$message .= riadok_print_cp($hrana_abs[abs], $hrana_abs[cena], $hrana_abs[sum], $hrana_abs[hodnota]);
$full_sum += $hrana_abs[sum];
}
$hrana_sluzba = sql_query("SELECT a.cena abs, b.cena, a.sum, c.hodnota from cp_hrana_sluzba a \r\n LEFT JOIN cp_abs_sluzba b\r\n ON a.id_abs = b.id\r\n LEFT JOIN hrana c\r\n ON b.id_hrana = c.id\r\n WHERE a.id_cp={$cp} AND c.id={$hrana['id']}");
$hrana_sluzba = $hrana_sluzba[0];
//var_dump($hrana);
if (!empty($hrana_sluzba[hodnota])) {
$message .= riadok_print_cp($hrana_sluzba[abs], $hrana_sluzba[cena], $hrana_sluzba[sum], "- olepenie " . $hrana_sluzba[hodnota]);
$full_sum += $hrana_sluzba[sum];
}
}
$message .= riadok_print_cp($data_narez[lepenie], $data_narez[lepenie_cena], $data_narez[lepenie_sum], "Lepenie");
$full_sum += $data_narez[lepenie_sum];
$message .= riadok_print_cp($data_narez[cnc_priprava], $data_narez[cnc_priprava_cena], $data_narez[cnc_priprava_sum], "CNC programovanie");
$full_sum += $data_narez[cnc_priprava_sum];
$message .= riadok_print_cp($data_narez[cnc_praca], $data_narez[cnc_praca_cena], $data_narez[cnc_praca_sum], "CNC práca");
$full_sum += $data_narez[cnc_praca_sum];
$message .= riadok_print_cp($data_narez[olep_obluk], $data_narez[olep_obluk_cena], $data_narez[olep_obluk_sum], "Olep oblúkov");
$full_sum += $data_narez[olep_obluk_sum];
$num_sluzba = sql_query("SELECT popis, hodnota, cena, sum FROM cp_sluzba WHERE id_cp={$cp} ORDER BY id");
foreach ($num_sluzba as $sluzba) {
//var_dump($sluzba);
if (!empty($sluzba[popis])) {
$message .= riadok_print_cp($sluzba[hodnota], $sluzba[cena], $sluzba[sum], $sluzba[popis]);
//var_dump($hrana[sum]);
$full_sum = $full_sum + $sluzba[sum];
}
}
$full_sum = ceil($full_sum * 100) / 100;
$message .= "</table><br><br>";
$message .= "<div style=\"margin: 1em; font-size: 130%;\"><strong>Cena spolu: </strong>{$full_sum} €</div><br><br>";
$message .= "email vytvorený: " . date("j. n. Y - H:i") . "<br>";
$message .= "</body></html>";
mysql_query("COMMIT");
//echo $message;
if ($data["email"] != $email_to) {
$email_to = $data["email"];
$email_subject = "Cenová ponuka k objednávke č. " . $data_obj["c_obj"] . " / " . $data_obj["rok"] . " - " . def_value("default_firma", "hodnota") . "";
$headers = "From: \"" . def_value("default_firma", "hodnota") . "\" <" . def_value("default_email", "hodnota") . ">\r\n";
$headers .= "Reply-To: " . def_value("default_email", "hodnota") . "\r\n";
//$headers .= "CC: scooti@stonline.sk\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=UTF-8\r\n";
$mail = new PHPMailer();
//$mail->IsSMTP();
$mail->CharSet = "UTF-8";
$mail->SMTPDebug = 0;
$mail->SMTPAuth = true;
//$mail->SMTPSecure = 'ssl';
$mail->Host = def_value("default_email_host", "hodnota");
$mail->Port = def_value("default_email_port", "hodnota");
$mail->Username = def_value("default_email_username", "hodnota");
$mail->Password = def_value("default_email_password", "hodnota");
$mail->isHTML(true);
$mail->setLanguage('sk', 'language/');
$mail->SetFrom(def_value("default_email", "hodnota"), def_value("default_firma", "hodnota"));
$mail->Subject = $email_subject;
$mail->Body = $message;
$mail->AddAddress($email_to);
$mail->Send();
//mail($email_to, $email_subject, $message, $headers);
//var_dump($email_to);
//var_dump($data["email"]);
}
echo "Email bol úspešne odoslaný na adresu: {$email_to}";
}
function send_email_revision_cp($revision, $cp)
{
require_once 'include/PHPMailer/PHPMailerAutoload.php';
$email_to_default = def_value("default_email", "hodnota");
mysql_query("BEGIN");
$data = sql_query("SELECT id_obj, meno, adresa, mesto, psc, ico, dic, telefon, email, komentar,\r\n vystavil, vlastne_cislo_obj, doruc_meno, doruc_adresa, doruc_mesto, \r\n doruc_psc,\r\n DATE_FORMAT(datum, '%d. %m. %Y, %H:%i') AS datum\r\n FROM revizia \r\n WHERE id={$revision} \r\n LIMIT 1");
$data_row = sql_query("SELECT id, ks, id_product_type, id_product, id_product_delivery, atyp_text\r\n FROM objednavka_row \r\n WHERE id_revizia={$revision}");
$data = $data[0];
$fieldsets_c = count($data_row);
for ($i = 0; $i < $fieldsets_c; $i++) {
$ks[$i] = $data_row[$i][ks];
$product_type[$i] = $data_row[$i][id_product_type];
$product[$i] = $data_row[$i][id_product];
$product_delivery[$i] = $data_row[$i][id_product_delivery];
$atyp_text[$i] = $data_row[$i][atyp_text];
$data_row_option = sql_query("SELECT id_product_atribute, id_product_atribute_option \r\n FROM objednavka_row_atribute \r\n WHERE id_revizia=\"{$revision}\" AND id_objednavka_row=\"{$data_row[$i][id]}\"");
//dd($form_data_row_option);
foreach ($data_row_option as $option) {
$data_rows[$i][$option["id_product_atribute"]] = $option["id_product_atribute_option"];
}
}
$data[ks_all] = $ks;
$data[product_type_all] = $product_type;
$data[product_all] = $product;
$data[product_delivery_all] = $product_delivery;
$data[atyp_text_all] = $atyp_text;
$data[product_atribute_options_all] = $data_rows;
$files = sql_query("SELECT meno, meno_old, pripona \r\n FROM subor\r\n WHERE id_obj=" . $data["id_obj"] . "");
//var_dump($data);
$data_obj = sql_query("SELECT DATE_FORMAT(datum, '%d. %m. %Y, %H:%i') AS datum, c_obj, status,\r\n DATE_FORMAT(datum, '%Y') AS rok\r\n FROM objednavka \r\n WHERE id=" . $data["id_obj"] . " LIMIT 1");
$data_obj = $data_obj[0];
$secure_key = sql_query("SELECT secure_key\r\n FROM objednavka_secure\r\n WHERE id_obj=" . $data["id_obj"] . " AND \r\n id_revizia={$revision} LIMIT 1");
$secure_key = $secure_key[0][secure_key];
$message = "<html>";
$message .= "<head>";
$message .= "<style>\r\n table.items {\r\n border-collapse: collapse;\r\n border-spacing: 0;\r\n }\r\n table.items td {\r\n border: 1px solid #c1c1c1;\r\n }\r\n </style>";
$message .= "</head>";
$message .= "<body>";
$message .= "<img src=\"http://" . $_SERVER['HTTP_HOST'] . "/assets/images/logo.jpg\">";
$message .= "<h1>Cenová ponuka k objednávke č. " . $data_obj["c_obj"] . "/" . $data_obj["rok"] . "</h1>";
if (!empty($data["vlastne_cislo_obj"])) {
$message .= "Vaše číslo objednávky: " . $data["vlastne_cislo_obj"] . "<br>";
}
$message .= "zo dňa: " . $data_obj["datum"] . "<br><br>";
$message .= "<table><tr>";
$message .= "<td style=\"width: 400px;\"><strong>Dodávateľ</strong><br>";
$message .= "<table><tr><td>" . def_value("default_firma", "hodnota") . "</td></tr>";
$message .= "<tr><td>" . def_value("default_adresa", "hodnota") . "<br>" . def_value("default_mesto", "hodnota") . "</td></tr>";
$message .= "<tr><td>IČO: " . def_value("default_ico", "hodnota") . "<br> DIČ: " . def_value("default_dic", "hodnota") . "</td></tr>";
$message .= "<tr><td>" . def_value("default_telefon", "hodnota") . "<br> " . def_value("default_mobil", "hodnota") . "</td></tr>";
$message .= "<tr><td>" . def_value("default_email", "hodnota") . "<br> " . def_value("default_email_2", "hodnota") . "</td></tr>";
$message .= "</table><br><br></td>";
$message .= "<td style=\"width: 50%;\"><strong>Objednávateľ:</strong>";
$message .= "<table><tr><td></td><td>" . $data["meno"] . "</td></tr>";
$message .= "<tr><td></td><td>" . $data["adresa"] . "</td></tr>";
$message .= "<tr><td></td><td>" . $data["psc"] . " " . $data["mesto"] . "</td></tr>";
$message .= "<tr><td>IČO</td><td>" . $data["ico"] . "</td></tr>";
$message .= "<tr><td>DIČ</td><td>" . $data["dic"] . "</td></tr>";
$message .= "<tr><td>tel.</td><td>" . $data["telefon"] . "</td></tr>";
$message .= "<tr><td>email:</td><td>" . $data["email"] . "</td></tr>";
$message .= "<tr><td>vystavil:</td><td>" . $data["vystavil"] . "</td></tr>";
$message .= "</table><br><strong>Adresa doručenia:</strong>";
$message .= "<table><tr><td>" . $data["doruc_meno"] . "</td></tr>";
$message .= "<tr><td>" . $data["doruc_adresa"] . "</td></tr>";
$message .= "<tr><td>" . $data["doruc_psc"] . " " . $data["doruc_mesto"] . "</td></tr>";
$message .= "</table><br></td>";
$message .= "</tr></table><br><br>";
$fieldsets_c = count($data_row);
for ($i = 0; $i < $fieldsets_c; $i++) {
$ks[$i] = $data_row[$i][ks];
$id[$i] = $data_row[$i][id];
$product_type[$i] = $data_row[$i][id_product_type];
$product[$i] = $data_row[$i][id_product];
$product_delivery[$i] = $data_row[$i][id_product_delivery];
$atyp_text[$i] = $data_row[$i][atyp_text];
$data_row_option = sql_query("SELECT id_product_atribute, id_product_atribute_option \r\n FROM objednavka_row_atribute \r\n WHERE id_revizia=\"{$revision}\" AND id_objednavka_row=\"{$data_row[$i][id]}\"");
//dd($form_data_row_option);
foreach ($data_row_option as $option) {
$data_rows[$i][$option["id_product_atribute"]] = $option["id_product_atribute_option"];
}
$query = "SELECT * from cp_row WHERE id_cp=" . sec_input(sec_sql($_GET["cp"])) . " AND id_objednavka_row=" . $data_row[$i][id] . "";
$cp_row = sql_query($query)[0];
$cena[$i] = $cp_row[cena];
$zlava[$i] = $cp_row[zlava];
//var_dump($cp_row);
}
$data[id_all] = $id;
$data[ks_all] = $ks;
$data[product_type_all] = $product_type;
$data[product_all] = $product;
$data[product_delivery_all] = $product_delivery;
$data[atyp_text_all] = $atyp_text;
$data[product_atribute_options_all] = $data_rows;
$data[product_price_all] = $cena;
$data[zlava_all] = $zlava;
$message .= "<div class=\"print_hlavicka3\">\r\n <table style=\"font-size: 80%;\" class=\"items\">\r\n <tr style=\"background-color: #efefef; font-size: 9pt;\">\r\n <th></th>\r\n <th style=\"width: 380px;\">produkt</th>\r\n <th style=\"width: 40px;\">množstvo</th>\r\n <th style=\"width: 100px;\">doprava</th> \r\n <th style=\"width: 50px;\">j.cena</th>\r\n <th style=\"width: 50px;\">Spolu</th>\r\n <th style=\"width: 100px;\">zľava %</th>\r\n <th style=\"width: 80px;\">po zľave</th>\r\n </tr>";
//var_dump(sql_query("SELECT * from cp WHERE id=$cp"));
//var_dump($data);
$fieldsets_c = count($data["ks_all"]);
for ($i = 0; $i < $fieldsets_c; $i++) {
$poradie = 0;
$poradie = $i + 1;
$message .= "<tr>\r\n <td class=\"form_poradie\">{$poradie}. </td>\r\n ";
$product_type = sql_query("SELECT meno FROM product_type WHERE id=" . sec_sql(sec_input($data["product_type_all"][$i])) . " LIMIT 1");
$product_type = $product_type[0];
$product = sql_query("SELECT id, meno FROM product WHERE id=" . sec_sql(sec_input($data["product_all"][$i])) . " LIMIT 1")[0];
$message .= hidden("id[]", $data["id_all"][$i]);
$options_str = array();
//var_dump($data);
if (!isset($data["product_atribute_options_all"][$i]) or empty($data["product_atribute_options_all"][$i])) {
$data["product_atribute_options_all"][$i] = array();
}
$option_c_hladina = 1;
foreach ($data["product_atribute_options_all"][$i] as $option) {
//var_dump($option);
$options = sql_query("SELECT id, meno, id_c_hladina FROM product_atribute_option WHERE id=" . sec_sql(sec_input($option)) . " LIMIT 1");
$options_str[] = $options[0]["meno"];
if ($options[0]["id_c_hladina"] > $option_c_hladina) {
$option_c_hladina = $options[0]["id_c_hladina"];
}
//$options["price"] = sql_query("SELECT id, cena FROM product_atribute_option WHERE id=".sec_sql(sec_input($option))." LIMIT 1");
}
$options_str = empty($options_str) ? "" : " (" . join(", ", $options_str) . ")";
$message .= "<td class=\"form_nazov_siroky\">" . $product_type["meno"] . " " . $product["meno"] . "" . $options_str . "" . (empty($data["atyp_text_all"][$i]) ? "" : "<br>Atyp: " . sec_input($data["atyp_text_all"][$i])) . "</td>";
$product_delivery = sql_query("SELECT meno FROM product_delivery WHERE id=" . sec_sql(sec_input($data["product_delivery_all"][$i])) . " LIMIT 1");
$product_delivery = $product_delivery[0];
$message .= "<td class=\"form_ks\">" . sec_input($data["ks_all"][$i]) . " ks</td>";
$message .= "<td class=\"form_hrana\">" . $product_delivery["meno"] . "</td>";
$message .= hidden("ks[]", $data["ks_all"][$i]);
if (empty($data[product_price_all][$i])) {
$product_prices = sql_query("SELECT id, cena FROM cp_product WHERE id_c_hladina=" . $option_c_hladina . " AND id_product=" . $product["id"] . " ORDER BY id DESC LIMIT 1")[0];
$product_price = $product_prices[cena];
} else {
$product_price = $data[product_price_all][$i];
}
$product_ks_sum = $product_ks_sum + sec_input($data["ks_all"][$i]);
$product_price_sum = $product_price * sec_input($data["ks_all"][$i]);
$message .= hidden("id_cp_product[]", $product_prices[id]);
// spocitanie ceny spolu za vsetky produkty
$products_prices_sums = $products_prices_sums + $product_price_sum;
$zlava_E = $product_price_sum * $data[zlava_all][$i] / 100;
$po_zlave = $product_price_sum - $zlava_E;
$po_zlave_sum = $po_zlave_sum + $po_zlave;
if (!empty($data["atyp_text_all"][$i])) {
$product_price = $data[product_price_all][$i] . " €";
} else {
$product_price = $product_price . " €";
}
$message .= "<td class=\"form_nazov ali-center product-price\">" . $product_price . "</td>";
$message .= "<td class=\"form_nazov ali-center\"><span class=\"cena-spolu-product\">" . $product_price_sum . "</span> €</td>";
$message .= "<td class=\"form_nazov ali-center\"><span class=\"zlava-E bold\">" . ($zlava_E > 0 ? "-" . $zlava_E . " €" : "") . "</span>" . ($data[zlava_all][$i] > 0 ? " (" . $data[zlava_all][$i] . "%)" : "") . "</td>";
$message .= "<td class=\"form_nazov ali-center po-zlave-sum bold\">" . $po_zlave . " €</td>";
$message .= "</tr>";
}
$message .= "<tr class=\"cp_spolu bold\">\r\n <td></td>\r\n <td>Spolu:</td>\r\n <td class=\"ali-center\">" . $product_ks_sum . " ks</td>\r\n <td></td>\r\n <td></td>\r\n <td class=\"ali-center\">" . $products_prices_sums . " €</td>\r\n <td></td>\r\n <td class=\"ali-center po-zlave-sum-all\">" . $po_zlave_sum . " €</td>\r\n \r\n <tr>";
$message .= "</table></div>";
$message .= "</table><br><br>";
$message .= "email vytvorený: " . date("j. n. Y - H:i") . "<br>";
$message .= "</body></html>";
mysql_query("COMMIT");
//echo $message;
//dd("");
if ($data["email"] != $email_to) {
$email_to = $data["email"];
$email_subject = "Cenová ponuka k objednávke č. " . $data_obj["c_obj"] . " / " . $data_obj["rok"] . " - " . def_value("default_firma", "hodnota") . "";
$headers = "From: \"" . def_value("default_firma", "hodnota") . "\" <" . def_value("default_email", "hodnota") . ">\r\n";
$headers .= "Reply-To: " . def_value("default_email", "hodnota") . "\r\n";
//$headers .= "CC: scooti@stonline.sk\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=UTF-8\r\n";
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->CharSet = "UTF-8";
$mail->SMTPDebug = 0;
$mail->SMTPAuth = true;
//$mail->SMTPSecure = 'ssl';
$mail->Host = def_value("default_email_host", "hodnota");
$mail->Port = def_value("default_email_port", "hodnota");
$mail->Username = def_value("default_email_username", "hodnota");
$mail->Password = def_value("default_email_password", "hodnota");
$mail->isHTML(true);
$mail->setLanguage('sk', 'language/');
$mail->SetFrom(def_value("default_email", "hodnota"), def_value("default_firma", "hodnota"));
$mail->Subject = $email_subject;
$mail->Body = $message;
$mail->AddAddress($email_to);
$mail->Send();
//mail($email_to, $email_subject, $message, $headers);
//var_dump($email_to);
//var_dump($data["email"]);
}
echo "Email bol úspešne odoslaný na adresu: {$email_to}";
}
function edit($table, $vyber, $id, $sub, $page = 1)
{
$error_msg = array();
//dd($_POST);
//exit();
if ($_POST[submit]) {
$meno = sec_sql(sec_input($_POST["meno"]));
$email = sec_sql(sec_input($_POST["email"]));
$email_potvrdenie = sec_sql(sec_input($_POST["email_potvrdenie"]));
$meno_potvrdenie = sec_sql(sec_input($_POST["meno_potvrdenie"]));
$email_meno = sec_sql(sec_input($_POST["email_meno"]));
if (strlen($meno) > 50 or strlen($meno) < 1) {
$error_msg[] = "Meno môže mať od 1 do 50 znakov";
}
if (empty($error_msg)) {
if ($table == "dodavatel") {
$query = "UPDATE {$table}\r\n SET meno = \"{$meno}\", email=\"{$email}\"\r\n WHERE id = {$id}";
}
if ($table == "do_produkt") {
$query = "UPDATE {$table}\r\n SET meno = \"{$meno}\", email_meno=\"{$email_meno}\"\r\n WHERE id = {$id}";
}
sql_update($query);
//echo $id_perm_uroven;
header("location: index.php?vyber={$vyber}&sub={$table}&page={$page}");
exit;
} else {
echo "<div id=error_message>" . implode("<br>", $error_msg) . "</div>";
}
}
$id = sec_sql($id);
$query = "Select * from {$table} WHERE id={$id}";
$value = sql_query($query);
$value = $value[0];
$zobraz_vo = array(1 => "skryť", 0 => "zobraz");
echo "<form method=\"POST\">";
hidden("id", $value[id]);
echo textfield("meno", $value[meno], "Meno", 50, 30);
if ($table == "dodavatel") {
echo textfield("email", $value[email], "Email", 50, 40);
}
if ($table == "do_produkt") {
echo textfield("email_meno", $value[email_meno], "Email meno", 50, 40);
}
echo submit("submit", "Odoslať");
echo "<a href=\"?vyber={$vyber}&sub={$sub}\">Späť</a>";
echo "</form>";
}