public static function permissions_SelectRow($id)
{
$sql = 'CALL `sp_permissions_SelectRow`(:id)';
$params = array(':id' => $id);
DatabaseHandler::Close();
return DatabaseHandler::GetRow($sql, $params);
}
public static function favorite_user_SelectRow($id)
{
$sql = 'CALL `sp_favorite_user_SelectRow`(:id)';
$params = array(':id' => $id);
DatabaseHandler::Close();
return DatabaseHandler::GetRow($sql, $params);
}
public static function blog_audience_SelectRow($id)
{
$sql = 'CALL `sp_blog_audience_SelectRow`(:id)';
$params = array(':id' => $id);
DatabaseHandler::Close();
return DatabaseHandler::GetRow($sql, $params);
}
public function getTagById($tag_id)
{
$params[] = $tag_id;
$sql = 'SELECT $this->table_name.*
FROM $this->table_name
WHERE tag_id = ?
';
$arr = DatabaseHandler::GetRow($sql, $params);
return $arr;
}
private function load()
{
$sql = 'SELECT * FROM events WHERE id = "' . $this->eventId . '"';
// Execute the query and return the results
$res = DatabaseHandler::GetRow($sql);
foreach ($res as $key => $value) {
//is this even legal - apparently yes!
$this->{$key} = $value;
//$this->__set($key, $value);
}
}
public function getOneAuthor($login, $pass)
{
$loginArr[] = $login;
$sql = 'SELECT * FROM authors WHERE login = ?';
$params = DatabaseHandler::GetRow($sql, $loginArr);
//var_dump($params);exit;
if (isset($params['login']) and $params['login'] == $login and (isset($params['pass']) and $params['pass'] == $pass)) {
//var_dump($params);exit;
$this->setAll($params);
return true;
}
return false;
}
public static function GetPLStatament($date, $period)
{
$ledgers = Ledger::GetPLLedgers();
$today = date('d/m/Y');
if ($date) {
if ($date == $today) {
foreach ($ledgers as &$ledger) {
$ledger->amount = $ledger->balance->amount;
}
return $ledgers;
} else {
$d1 = explode('/', $date);
$stamp = $d1[2] . $d1[0] . $d1[1] . '000000' + 0;
foreach ($ledgers as &$ledger) {
try {
$sql = 'SELECT * FROM general_ledger_entries WHERE ledger_id = ' . $ledger->id . ' AND stamp <= ' . $stamp . ' ORDER BY stamp DESC LIMIT 0,1';
$res = DatabaseHandler::GetRow($sql);
if ($res) {
$amount = $res['ledger_bal'];
} else {
$amount = 0;
}
$ledger->amount = $amount;
} catch (Exception $e) {
}
}
return $ledgers;
}
} else {
$split = explode(' - ', $period);
$d1 = explode('/', $split[0]);
$d2 = explode('/', $split[1]);
$lower = $d1[2] . $d1[1] . $d1[0] . '000000' + 0;
$upper = $d2[2] . $d2[1] . $d2[0] . '999999' + 0;
$sql = 'SELECT * FROM general_ledger_entries WHERE account_no = ' . intval($cid) . ' AND stamp BETWEEN ' . $lower . ' AND ' . $upper . ' ORDER BY id ASC';
foreach ($ledgers as &$ledger) {
try {
$sql = 'SELECT * FROM general_ledger_entries WHERE ledger_id = ' . $ledger->id . ' AND stamp BETWEEN ' . $lower . ' AND ' . $upper . ' ORDER BY stamp ASC';
$res = DatabaseHandler::GetAll($sql);
$amount = 0.0;
foreach ($res as $tx) {
$amount += $tx['amount'];
}
$ledger->amount = $amount;
} catch (Exception $e) {
}
}
return $ledgers;
}
}
public function GetOnePost($post_id)
{
$params[] = $post_id;
$sql = 'SELECT * FROM (SELECT * FROM posts WHERE post_id = ?) as t_posts
LEFT JOIN authors ON t_posts.author_id = authors.author_id;';
$arr = DatabaseHandler::GetRow($sql, $params);
return $arr;
}
public static function quotations_SelectOneRandom()
{
$sql = 'CALL `sp_quotations_SelectOneRandom`()';
DatabaseHandler::Close();
return DatabaseHandler::GetRow($sql);
}
public static function Create($name)
{
$phenomena = 'Number';
$sql2 = 'SELECT * FROM units WHERE name = "' . $name . '" AND phenomena = "' . $phenomena . '"';
$res = DatabaseHandler::GetRow($sql2);
if (empty($res)) {
$sql = 'INSERT INTO units (name, phenomena, symbol) VALUES ("' . $name . '", "' . $phenomena . '", "' . $symbol . '")';
DatabaseHandler::Execute($sql);
$res = DatabaseHandler::GetRow($sql2);
}
return new Enumerable($res['id'], $res['phenomena'], $res['name'], $res['symbol']);
}
public static function MakePayment($party, $scope, $supplierid, $amount, $ledgerId, $mode, $voucher, $descr)
{
try {
$supplier = Supplier::GetSupplier($supplierid);
$grns = "";
/*foreach ($payments as $key => $payment) {
$grns .= $key.",";
}*/
$descr .= ' (' . $voucher . ')';
$sql = 'INSERT INTO payments (party_id, grns, amount, ledger_id, mode, voucher_no, description, status) VALUES
(' . $supplierid . ', "' . $grns . '", ' . $amount . ', ' . $ledgerId . ', "' . $mode . '", "' . $voucher . '", "' . $descr . '", 0)';
DatabaseHandler::Execute($sql);
$sql2 = 'SELECT * FROM payments WHERE party_id = ' . $supplierid . ' ORDER BY id DESC LIMIT 0,1';
$res = DatabaseHandler::GetRow($sql2);
$acc = Account::GetAccountByNo($supplierid, 'suppliers', 'Creditors');
$expv = ExpenseVoucher::CreateSupplierProjectExpense($party, $scope, $amount, $acc->ledgerId, $voucher, $descr);
if ($expv) {
$tx = self::initialize($res);
$tx->expVoucher = $expv;
return $tx;
} else {
return false;
}
return self::initialize($res);
} catch (Exception $e) {
}
}
public static function GetSlip($id)
{
try {
$sql = 'SELECT * FROM payslips WHERE id = ' . $id;
$entry = DatabaseHandler::GetRow($sql);
$slip = new PaySlip(Employee::GetEmployee($entry['party_id']), $entry['month'], $entry['paid']);
$slip->populate($entry['id']);
return $slip;
} catch (Exception $e) {
return false;
}
}
<?php
/**
* Created by PhpStorm.
* User: pooya
* Date: 9/7/15
* Time: 5:20 PM
*/
require_once "../core/core.php";
if (isset($_GET["title"])) {
$blog = DatabaseHandler::GetRow("SELECT * FROM `blogs` WHERE `title_en` = '{$_GET['title']}' ; ");
if (!isset($blog["id"])) {
die("پست مورد نظر وجود ندارد.");
}
$page_title = "Talentyab | {$blog['title_en']}";
$keywords = "";
$keywords_array = DatabaseHandler::GetAll("SELECT * FROM `blog_keywords` WHERE `blog_id` = '{$blog['id']}' ; ");
foreach ($keywords_array as $keyword) {
$keywords .= $keyword["keyword"] . " , ";
}
$author = ADMINS::admins_SelectRow($blog["admin_id"]);
$author_name = $author["first_name"] . " " . $author["last_name"];
$comments = DatabaseHandler::GetAll("SELECT * FROM `comments` WHERE `activate` = '1' AND `blog_id` = '{$blog['id']}' AND `comment_id` = '0' ; ");
$comments_echo = '';
foreach ($comments as $comment) {
$avatar = "";
if ($comment["admin_id"] == "1") {
$avatar = '<a class="profile-pic" href="#"><img src="../view/images/logo_thumb.png"></a>';
} else {
$avatar = '<a class="profile-pic avatar-letter" style="background-color:' . G::randomColor($comment["id"]) . '; " href="#">' . G::convertToAvatar($comment["full_name"]) . '</a>';
}
public static function Get($id)
{
try {
$sql = 'SELECT * FROM land_docs WHERE id = ' . $id . '';
$res = DatabaseHandler::GetRow($sql);
return self::initialize($res);
} catch (Exception $e) {
}
}
public static function GetBlogDetails($blogId)
{
// Build SQL query
$sql = 'CALL blog_get_blog_details(:blog_id)';
// Build the parameters array
$params = array(':blog_id' => $blogId);
// Execute the query and return the results
return DatabaseHandler::GetRow($sql, $params);
}
public static function ReceivePayment($clientId, $purpose, $ledgerId, $amount, $voucherno, $descr)
{
try {
$datetime = new DateTime();
if ($purpose == "G") {
$ref = $descr;
$purp = 0;
} else {
$prj = Project::GetProject(intval($purpose));
$ref = $prj->name . " - " . $descr;
$purp = $purpose;
}
$sql = 'INSERT INTO receipts (client_id, project_id, voucher_no, amount, ledger_id, description, status) VALUES
(' . $clientId . ', ' . $purp . ', "' . $voucherno . '", ' . $amount . ', ' . $ledgerId . ', "' . $ref . '", 0)';
DatabaseHandler::Execute($sql);
$sql2 = 'SELECT * FROM receipts WHERE client_id = ' . $clientId . ' ORDER BY id DESC LIMIT 0,1';
$res = DatabaseHandler::GetRow($sql2);
return self::initialize($res);
} catch (Exception $e) {
}
}
public static function GetProductInfo($productId)
{
// Build SQL query
$sql = 'CALL catalog_get_product_info(:product_id)';
// Build the parameters array
$params = array(':product_id' => $productId);
// Execute the query and return the results
return DatabaseHandler::GetRow($sql, $params);
}
if(isset($_SESSION['valid_user'])){
$username=$_SESSION['valid_user'];
$result =mysql_query("select * from users where name='".$username."'");
$row=mysql_fetch_array($result);
$usertype=stripslashes($row['position']);
$userid=stripslashes($row['userid']);
include('functions.php');
}
else{echo"<script>window.location.href = \"index.php\";</script>";}
?>
<?php*/
//$id=$_POST['id'];
$sql = 'SELECT * FROM company';
$row = DatabaseHandler::GetRow($sql);
$comname = $row['CompanyName'];
$tel = $row['Tel'];
$add = $row['Address'];
$web = $row['Website'];
$email = $row['Email'];
$logo = $row['Logo'];
$slip = json_decode($_POST['payslip']);
?>
<!DOCTYPE html>
<html lang="en">
<!-- Mirrored from egemem.com/theme/kode/v1.1/invoice.html by HTTrack Website Copier/3.x [XR&CO'2013], Thu, 30 Jul 2015 15:49:08 GMT -->
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
public function executeReturn()
{
$result = DatabaseHandler::Prepare($this->sql);
$result = DatabaseHandler::GetRow($result);
return $result;
}
public function GetOneComentsByUser($coment_id, $user_id)
{
$params[] = intval($coment_id);
$params[] = intval($user_id);
$sql = 'SELECT *
FROM coments
WHERE coment_id = ? AND $user_id = ?';
$params[] = intval($coment_id);
$params[] = intval($user_id);
$arr = DatabaseHandler::GetRow($sql, $params);
return $arr;
}
<?php
require_once "../core/core.php";
$msg = '';
function toSafeString($string)
{
$string = htmlentities($string, ENT_QUOTES, "utf-8");
$string = trim($string);
return $string;
}
if (isset($_POST['submit'])) {
$mobile = toSafeString($_POST['mobile']);
$password = toSafeString($_POST['password']);
$password_hash = sha1($password);
$admins_fetch_rows = DatabaseHandler::GetRow("SELECT * FROM admins WHERE mobile='{$mobile}' AND password='******' LIMIT 1;");
if ($admins_fetch_rows) {
$_SESSION['MM_admin_first_name'] = $admins_fetch_rows['first_name'];
$_SESSION['MM_admin_last_name'] = $admins_fetch_rows['last_name'];
$_SESSION['MM_admin_id'] = $admins_fetch_rows['id'];
$_SESSION['MM_admin_mobile'] = $admins_fetch_rows['mobile'];
$roles_id = $admins_fetch_rows['roles_id'];
$roles_result = DatabaseHandler::GetAll("SELECT\n\t\t\t\t\t\t\t\t\t rolespermissions.id\n\t\t\t\t\t\t\t\t\t,rolespermissions.roles_id\n\t\t\t\t\t\t\t\t\t,rolespermissions.permissions_id\n\t\t\t\t\t\t\t\t\t,permissions.ENtitle\n\t\t\t\t\t\t\t\t\t,permissions.id\n\t\t\t\t\t\t\t\t\t,permissions.title\n\t\t\t\t\t\t\t\t\t\tFROM rolespermissions\n\t\t\t\t\t\t\t\t\t\t\tINNER JOIN permissions\n\t\t\t\t\t\t\t\t\t\t\t\tON rolespermissions.permissions_id = permissions.id\n\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE rolespermissions.roles_id = '{$roles_id}' ; ");
$check = array();
foreach ($roles_result as $roles_row) {
$permissions_name = $roles_row['ENtitle'];
array_push($check, $permissions_name);
$_SESSION['permissions'] = $check;
}
header("Location: index.php");
} else {
$msg = '
public static function GetUserDetailsOauth($id)
{
$sql = 'SELECT user_id, email, username, package, subscription_expiry, paymode, standing_order FROM users WHERE oauth_uid = "' . $id . '"';
// Execute the query and return the results
return DatabaseHandler::GetRow($sql);
}
public static function GetLatestItems($number)
{
//$sql = 'UPDATE products SET pack_size = '.$packsize.', featured = '.$featured.', availability = '.$availability.', catalog_bal = '.$openstock.', stock_bal = '.$openstock.', optimum_bal = '.$optstock.', low_bal = '.$lowstock.' WHERE id = '.$item->itemId;
$stock_accounts = array();
$sql = 'SELECT * FROM stock_accounts ORDER BY tstamp DESC LIMIT 0,' . intval($number);
$stocks = DatabaseHandler::GetAll($sql);
foreach ($stocks as $stock) {
$sql = 'SELECT * FROM products WHERE resource_id = ' . $stock['resource_id'];
$sqlf = 'SELECT * FROM features WHERE resource_id = ' . $stock['resource_id'];
$product = DatabaseHandler::GetRow($sql);
$features = DatabaseHandler::GetAll($sqlf);
//$sqlf = 'SELECT * FROM item_features WHERE item_id = '.$product['id'];
$typedata = ResourceType::GetTypeData($product['type_id']);
$unit = Unit::GetUnitById($typedata['unit_id']);
$item = new Product($product['resource_id'], $product['type_id'], $typedata['type'], $product['name'], $product['reference'], $unit, $product['description'], $features, $product['manufacturer'], $product['retail_price'], $product['wholesale_price'], $product['tax_code'], $product['img_url'], $product['plength'], $product['pwidth'], $product['pheight'], $product['pweight'], $product['pshape']);
$stockAccount = new StockAccount($stock['account_id'], $item, $stock['pack_size'], $stock['featured'], $stock['availability'], $stock['catalog_bal'], $stock['stock_bal'], $stock['optimum_bal'], $stock['low_bal'], $stock['cost_price'], $stock['retail_price'], $stock['wholesale_price'], $stock['vat_code'], $stock['date_added'], $stock['tstamp']);
$stock_accounts[] = $stockAccount;
}
//do something as an inventory objects
return $stock_accounts;
}
public static function GetVoucher($vid)
{
try {
$sql = 'SELECT * FROM expense_vouchers WHERE id = ' . $vid;
$res = DatabaseHandler::GetRow($sql);
return self::initialize($res);
} catch (Exception $e) {
return false;
}
}
public static function GetCashFlows($date, $period)
{
$ledgers = Ledger::GetAllLedgers();
$today = date('d/m/Y');
if ($date) {
if ($date == $today) {
foreach ($ledgers as &$ledger) {
$ledger->amount = $ledger->balance->amount;
}
return $ledgers;
} else {
$d1 = explode('/', $date);
$stamp = $d1[2] . $d1[1] . $d1[0] . '999999' + 0;
foreach ($ledgers as &$ledger) {
try {
$sql = 'SELECT * FROM general_ledger_entries WHERE ledger_id = ' . $ledger->id . ' AND stamp <= ' . $stamp . ' ORDER BY stamp DESC LIMIT 0,1';
$res = DatabaseHandler::GetRow($sql);
if ($res) {
$amount = $res['ledger_bal'];
} else {
$amount = 0;
}
$ledger->amount = $amount;
} catch (Exception $e) {
}
}
return $ledgers;
}
} else {
//Get changes in the ledger balances within prescribed periods
$split = explode(' - ', $period);
$d1 = explode('/', $split[0]);
$d2 = explode('/', $split[1]);
$lower = $d1[2] . $d1[1] . $d1[0] . '000000' + 0;
$upper = $d2[2] . $d2[1] . $d2[0] . '999999' + 0;
foreach ($ledgers as &$ledger) {
try {
$sql = 'SELECT * FROM general_ledger_entries WHERE ledger_id = ' . $ledger->id . ' AND stamp BETWEEN ' . $lower . ' AND ' . $upper . ' ORDER BY stamp ASC';
$res = DatabaseHandler::GetAll($sql);
$amount = 0.0;
$keys = count($res);
//echo json_encode(value);
$init = 0.0;
$final = 0.0;
$count = 0;
foreach ($res as $key => $tx) {
if ($count == 0) {
$init = $tx['ledger_bal'];
} elseif ($count == $keys - 1) {
$final = $tx['ledger_bal'];
}
$count++;
}
$ledger->amount = $final - $init;
//$ledger->amount = $amount;
} catch (Exception $e) {
}
}
return $ledgers;
}
}
public static function GetOneUserById($user_id)
{
$sql = 'SELECT * FROM users WHERE user_id = ?';
return DatabaseHandler::GetRow($sql, $user_id);
}
public static function CustomerCheck($email)
{
// Build SQL query
//$sql = 'CALL blog_get_comments_list(:blog_id)';
$sql = 'SELECT * FROM customers WHERE email = "' . $email . '"';
return DatabaseHandler::GetRow($sql);
}
public static function PurchaseOrders()
{
$collection = PurchaseOrder::GetAllOrders($_GET['period'], $_GET['all']);
echo '
<div class="logo">
<h5 style="margin-bottom:-15px;margin-top:0px;font-size:14px;">Date: ' . date('d/m/Y') . '</h5>
<h4>ALL PURCHASE ORDERS</h4>';
if ($_GET['period'] != '' && $_GET['period']) {
echo '<h5 style="margin-top:-10px">Period: ' . $_GET['period'] . '</h5>';
}
echo '</div>
<table class="table table-bordered table-striped" style="text-align:center;margin-left:0;margin-right:0;width:760px;font-size:12px;">
<thead class="title">
<tr>
<td>DATE</td>
<td>ORDER ID</td>
<td>COMPANY</td>
<td>PURPOSE</td>
<td>STATUS</td>
<td>TOTAL</td>
</tr>
</thead>
<tbody>';
$total = 0.0;
$invoiced = 0.0;
$itms = 0;
foreach ($collection as $item) {
echo '<tr>
<td>' . $item->date . '</td>
<td>' . $item->id . '</td>
<td>' . $item->party->name . '</td>';
$sql = 'SELECT * FROM purchase_orders WHERE id = ' . $item->id;
$res = DatabaseHandler::GetRow($sql);
$vc = PurchaseOrderVoucher::initialize($res);
echo '<td>' . $vc->description . '</td>';
if ($item->status == 1) {
echo '<td style="color:#232836">CREATED</td>';
} else {
echo '<td style="color:#27c97b">ORDERED</td>';
$invoiced += $item->total;
}
echo '<td class="text-right" style="padding: 0 5px;"><script>document.writeln((' . $item->total . ').formatMoney(2, \'.\', \',\'));</script></td>
</tr>';
$total += $item->total;
++$itms;
}
echo '</tbody>
</table>
<div class="logo">
<p style="margin: 5px 0 0 5px">Total Quotes: <b>' . $itms . '</b></p>
<p style="margin: 5px 0 0 5px">Total Quoted: <b>Ksh. <script>document.writeln((' . $total . ').formatMoney(2, \'.\', \',\'));</script></b></p>
<p style="margin: 5px 0 0 5px">Total Invoiced: <b>Ksh. <script>document.writeln((' . $invoiced . ').formatMoney(2, \'.\', \',\'));</script></b></p>
</div>';
}
function __construct()
{
parent::__construct('DirectorsDashboard');
$datetime = new DateTime();
self::$todayStamp = $datetime->format('Ymd');
try {
$sql = 'SELECT * FROM daily_totals ORDER BY daystamp DESC LIMIT 0,1';
$res = DatabaseHandler::GetRow($sql);
self::$lastStamp = intval($res['daystamp']);
} catch (Exception $e) {
}
$this->postUnpostedDays();
$this->thirtydaydata = $this->processDays(30);
$this->sevendaydata = $this->processDays(7);
$this->yesterdaydata = $this->processDays(1);
$this->todaydata = $this->processToday();
$this->processLatestProjects();
$this->processLatestInvoices();
$this->processLatestEnquiries();
//$this->processLatestMessages();
return $this;
}
