function displayLeaveForm($config) { $mysqli = $config->mysqli; //check if we're coming from an edit button on the submitted report $totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : false; $updatingRequest = isset($_POST['formName']) ? $_POST['formName'] : false; $updatingRequest = isset($_POST['duplicateBtn']) ? "duplicateRequest" : $updatingRequest; $findBtn = isset($_POST['findBtn']) ? true : false; $requestAccepted = false; //echo "updatingRequest = $updatingRequest"; //DEBUG if ($totalRows && $updatingRequest && !$findBtn) { for ($i = 0; $i < $totalRows; $i++) { if (isset($_POST['editBtn' . $i])) { $referNum = $_POST['requestID' . $i]; } } if (!empty($referNum)) { $myq = 'SELECT REQUEST.IDNUM, TIMETYPEID, BEGTIME, ENDTIME, NOTE, CALLOFF, USEDATE, SUBTYPE, LNAME, FNAME FROM REQUEST, EMPLOYEE WHERE EMPLOYEE.IDNUM=REQUEST.IDNUM AND REFER=' . $config->mysqli->real_escape_string($referNum); $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); $row = $result->fetch_assoc(); //set posts to pre-fill form from record we want to edit $_POST['referNum'] = $referNum; $_POST['type'] = $row['TIMETYPEID']; $_POST['ID'] = $row['IDNUM']; $_POST['beg1'] = substr($row['BEGTIME'], 0, 2); $_POST['beg2'] = substr($row['BEGTIME'], 3, 2); $_POST['end1'] = substr($row['ENDTIME'], 0, 2); $_POST['end2'] = substr($row['ENDTIME'], 3, 2); $_POST['comment'] = $row['NOTE']; $_POST['calloff'] = $row['CALLOFF']; $_POST['usedate'] = $row['USEDATE']; $_POST['subtype'] = $row['SUBTYPE']; $foundUserFNAME = $row['FNAME']; $foundUserLNAME = $row['LNAME']; $foundUserID = $row['IDNUM']; //var_dump($_POST); } } //Get all passed variables $postID = isset($_POST['ID']) ? $_POST['ID'] : $_SESSION['userIDnum']; $postThruDate = isset($_POST['thrudate']) ? $_POST['thrudate'] : false; $shiftLength = isset($_POST['shift']) ? $_POST['shift'] : ''; $postBeg1 = isset($_POST['beg1']) ? $_POST['beg1'] : null; $postBeg2 = isset($_POST['beg2']) ? $_POST['beg2'] : null; if (!empty($postBeg1) && !empty($postBeg2)) { $postBegin = $postBeg1 . $postBeg2; } else { $postBegin = false; } $postEnd1 = isset($_POST['end1']) ? $_POST['end1'] : null; $postEnd2 = isset($_POST['end2']) ? $_POST['end2'] : null; if (!empty($postEnd1) && !empty($postEnd2)) { $postEnding = $postEnd1 . $postEnd2; } else { $postEnding = false; } if (!isset($_POST['shift'])) { if ($postBegin == $postEnding) { $postBegin = false; $postEnding = false; } } $type = isset($_POST['type']) ? $mysqli->real_escape_string($_POST['type']) : false; $comment = isset($_POST['comment']) ? $mysqli->real_escape_string($_POST['comment']) : false; $calloff = isset($_POST['calloff']) ? $_POST['calloff'] : 'NO'; $auditid = $_SESSION['userIDnum']; $postUseDate = isset($_POST['usedate']) ? $_POST['usedate'] : false; if (!$postUseDate) { $isDateUse = false; } else { $isDateUse = true; } $subtype = isset($_POST['subtype']) ? $mysqli->real_escape_string($_POST['subtype']) : 'NONE'; //Submit Button Pressed. Add record to the database if (isset($_POST['submit']) || isset($_POST['update'])) { $ID = $mysqli->real_escape_string(strtoupper($postID)); $usedate = new DateTime($mysqli->real_escape_string($postUseDate)); if (!$postThruDate) { $daysOff = 0; } else { $thrudate = new DateTime($mysqli->real_escape_string($postThruDate)); $daysOffInterval = $usedate->diff($thrudate); //number days in given range $daysOff = $daysOffInterval->format("%d"); } $beg = new DateTime($mysqli->real_escape_string($postBegin)); //setting end to beginning so I can add a shift to it if need be $end = new DateTime($mysqli->real_escape_string($postBegin)); if (empty($shiftLength)) { //not using a shift length so take the entered time $end = new DateTime($mysqli->real_escape_string($postEnding)); } else { //add a shift to the start time $end->add(new DateInterval('PT' . $shiftLength . 'H')); } if ($end < $beg) { //add a day to $end if the times crossed midnight $end = $end->add(new DateInterval("P1D")); } //interval calculation in hours $endSec = strtotime($end->format("Y-m-d H:i:s")); $begSec = strtotime($beg->format("Y-m-d H:i:s")); $hours = ($endSec - $begSec) / 3600; //SQL TIME format $beg = $beg->format("H:i:s"); $end = $end->format("H:i:s"); if ($isDateUse) { if (!empty($postEnding) || !empty($postBegin)) { //query to insert the record. loops until number of days is reached if (!isset($_POST['update'])) { $confirmBtn = isset($_POST['confirmBtn']) ? true : false; $noBtn = isset($_POST['noBtn']) ? true : false; for ($i = 0; $i <= $daysOff; $i++) { //Check if useDate is already submitted $myq = "SELECT `REFER` , `IDNUM`, `TIMETYPEID` , `USEDATE` , `ENDTIME` , `BEGTIME` , `SUBTYPE`\r\n FROM `REQUEST`\r\n WHERE `TIMETYPEID` LIKE '" . $type . "'\r\n AND `IDNUM` = '" . $ID . "'\r\n AND `USEDATE` = '" . $usedate->format('Y-m-d') . "'"; $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); if ($result->num_rows > 0 && !$confirmBtn && !$noBtn) { $refNums = ""; while ($row = $result->fetch_assoc()) { $refNums .= $row['REFER'] . ', '; } popUpMessage('<div align="center"><form method="POST" action="' . $_SERVER['REQUEST_URI'] . '"> You already submitted for this type of request on ' . $usedate->format('Y-m-d') . '<br/> Please see Reference Numbers: <br/>' . $refNums . '<br/><br/><h4>Are you sure you want to submit another?</h4> <input type="submit" name="confirmBtn" value="Yes" /> <input type="submit" name="noBtn" value="No" /> <input type="hidden" name="type" value="' . $type . '" /> <input type="hidden" name="subtype" value="' . $subtype . '" /> <input type="hidden" name="shift" value="' . $shiftLength . '" /> <input type="hidden" name="ID" value="' . $ID . '" /> <input type="hidden" name="usedate" value="' . $postUseDate . '" /> <input type="hidden" name="thrudate" value="' . $postThruDate . '" /> <input type="hidden" name="beg1" value="' . $postBeg1 . '" /> <input type="hidden" name="beg2" value="' . $postBeg2 . '" /> <input type="hidden" name="end1" value="' . $postEnd1 . '" /> <input type="hidden" name="end2" value="' . $postEnd2 . '" /> <input type="hidden" name="comment" value="' . $comment . '" /> <input type="hidden" name="calloff" value="' . $calloff . '" /> <input type="hidden" name="submit" value="true" /> </form></div>'); } else { if ($noBtn) { echo 'Canceled Submitting Request.'; } else { if (($type == 'OT' || $type == 'AG') && strtotime($usedate->format('Y-m-d')) > strtotime(date('Y-m-d'))) { echo '<font color="red">Can not submit for Overtime or Comp Time Gain unless it is on or after the date of use</font>'; } else { $myq = "INSERT INTO REQUEST (IDNUM, USEDATE, BEGTIME, ENDTIME, \r\n HOURS, TIMETYPEID, SUBTYPE, NOTE, STATUS, REQDATE, \r\n AUDITID, IP, CALLOFF)\r\n VALUES ('{$ID}', '" . $usedate->format('Y-m-d') . "', '{$beg}', '{$end}', '{$hours}', '{$type}', '{$subtype}', \r\n '{$comment}', 'PENDING', NOW(),'{$auditid}',INET_ATON('{$_SERVER['REMOTE_ADDR']}'), '{$calloff}')"; //echo $myq; //DEBUG $usedate->modify("+1 day"); //add one more day for the next iteration if multiple days off $result = $mysqli->query($myq); //show SQL error msg if query failed if (SQLerrorCatch($mysqli, $result)) { echo 'Request not accepted.'; } else { $refInsert = $mysqli->insert_id; addLog($config, 'New Time Request Submitted with Ref# ' . $refInsert); echo '<h3>Request accepted. The reference number for this request is <b>' . $refInsert . '</b>.</h3>'; $requestAccepted = true; } } } } //end validation check } //end for loop } } else { echo '<font color="red" >Must provide a valid Start and End time!</font><br /><br />'; } } else { echo '<font color="red" >Must provide a valid Date!</font><br /><br />'; } //update an existing record instead of inserting a new one if (isset($_POST['update'])) { $myq = "UPDATE REQUEST SET USEDATE='" . $config->mysqli->real_escape_string($usedate->format('Y-m-d')) . "', \r\n BEGTIME='" . $config->mysqli->real_escape_string($beg) . "', \r\n ENDTIME='" . $config->mysqli->real_escape_string($end) . "', \r\n HOURS='" . $config->mysqli->real_escape_string($hours) . "', \r\n TIMETYPEID='" . $config->mysqli->real_escape_string($type) . "', \r\n SUBTYPE='" . $config->mysqli->real_escape_string($subtype) . "', \r\n NOTE='" . $config->mysqli->real_escape_string($comment) . "', \r\n AUDITID='" . $config->mysqli->real_escape_string($auditid) . "', \r\n IP=INET_ATON('" . $config->mysqli->real_escape_string($_SERVER['REMOTE_ADDR']) . "'), \r\n CALLOFF='" . $config->mysqli->real_escape_string($calloff) . "'\r\n WHERE REFER=" . $config->mysqli->real_escape_string($_POST['referNum']); //echo $myq; //DEBUG $result = $mysqli->query($myq); //show SQL error msg if query failed if (SQLerrorCatch($mysqli, $result)) { echo 'Error: Request not updated.'; } else { addLog($config, 'Updated Time Request with Ref# ' . $_POST['referNum']); echo '<h3>Request updated successfully.</h3>'; } } //end of "is update button pressed?" } //end of 'is submit or update pressed?' if (!isset($_POST['searchBtn'])) { ?> <h2>Employee Request</h2> <?php } else { echo '<h3>Lookup User</h3>'; } ?> <form name="leave" id="leave" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?> "> <input type='hidden' name='formName' value='leave' /> <?php if (isset($_POST['referNum'])) { echo 'Reference Request #' . $_POST['referNum'] . '<input type="hidden" name="referNum" value="' . $_POST['referNum'] . '" />'; } $type = isset($_POST['type']) ? $_POST['type'] : ''; $myq = "SELECT DESCR FROM TIMETYPE WHERE TIMETYPEID='" . $config->mysqli->real_escape_string($type) . "'"; $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); $typeDescr = $result->fetch_assoc(); if (!empty($type)) { //$_POST['type'] is set //hidden field with type set echo "<input type='hidden' name='type' value='" . $type . "'>"; //Lookup Users button pressed if (isset($_POST['searchBtn']) || isset($_POST['findBtn'])) { //Save any inputed values echo '<input type="hidden" name="subtype" value="' . $subtype . '" />'; echo '<input type="hidden" name="ID" value="' . $postID . '" />'; echo '<input type="hidden" name="usedate" value="' . $postUseDate . '" />'; echo '<input type="hidden" name="thrudate" value="' . $postThruDate . '" />'; echo '<input type="hidden" name="beg1" value="' . $postBeg1 . '" />'; echo '<input type="hidden" name="beg2" value="' . $postBeg2 . '" />'; echo '<input type="hidden" name="end1" value="' . $postEnd1 . '" />'; echo '<input type="hidden" name="end2" value="' . $postEnd2 . '" />'; echo '<input type="hidden" name="comment" value="' . $comment . '" />'; echo '<input type="hidden" name="calloff" value="' . $calloff . '" />'; //Get additional search inputs $searchUser = isset($_POST['searchUser']) ? $_POST['searchUser'] : ''; $isFullTime = isset($_POST['fullTime']) ? true : false; $isReserve = isset($_POST['reserve']) ? true : false; echo '<input type="checkbox" name="fullTime" '; if ($isFullTime) { echo 'CHECKED'; } echo ' />Full Time Employee '; echo '<input type="checkbox" name="reserve" '; if ($isReserve) { echo 'CHECKED'; } echo ' />Reserves<br />'; echo '<input type="text" name="searchUser" value="' . $searchUser . '" /><input type="submit" name="findBtn" value="Search" /><br /><br />'; if (isset($_POST['findBtn'])) { $rowCount = 0; if (!empty($searchUser) && $isFullTime) { $rowCount = selectUserSearch($config, $searchUser, $rowCount, true); } if ($isReserve) { $rowCount2 = searchReserves($config, $searchUser, $rowCount); } else { $rowCount2 = $rowCount; } $rowCount3 = searchDatabase($config, $searchUser, $rowCount2); $totalRowsFound = $rowCount + $rowCount2 + $rowCount3; echo '<input type="hidden" name="totalRows" value="' . $totalRowsFound . '" />'; } //end lookup button pressed } else { $foundUserFNAME = isset($foundUserFNAME) ? $foundUserFNAME : ''; $foundUserLNAME = isset($foundUserLNAME) ? $foundUserLNAME : ''; $foundUserName = isset($foundUserName) ? $foundUserName : ''; $foundUserID = isset($foundUserID) ? $foundUserID : ''; $totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : ''; if ($totalRows > 0) { //get post info providied from search results for ($i = 0; $i <= $totalRows; $i++) { if (isset($_POST['foundUser' . $i])) { $foundUserFNAME = $_POST['foundUserFNAME' . $i]; $foundUserLNAME = $_POST['foundUserLNAME' . $i]; $foundUserName = $_POST['foundUserName' . $i]; $foundUserID = $_POST['foundUserID' . $i]; if (isset($_POST['isReserve' . $i])) { echo '<input type="hidden" name="isReserve" value="true" />'; } break; } //end if } //end for } //echo "<p><h3>Type of Request: </h3>" . $typeDescr['DESCR'] . "</p>"; echo "<p><h3>Type of Request: </h3>"; selectTimeType($config, "type", $type); echo "</p>"; //subtype choice echo "Subtype: "; $myq = "SELECT NAME FROM SUBTYPE"; $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); ?> <select name="subtype"> <?php while ($row = $result->fetch_assoc()) { if (strcmp($row['NAME'], $subtype) == 0) { echo '<option value="' . $row["NAME"] . '" SELECTED >' . $row["NAME"] . '</option>'; } else { echo '<option value="' . $row["NAME"] . '">' . $row["NAME"] . '</option>'; } } echo "</select> </br>"; if ($_SESSION['admin'] < 25) { //if normal user, allow only their own user name echo "<p>User ID: " . $_SESSION['userName'] . "<input type='hidden' name='ID' value='" . $_SESSION['userIDnum'] . "'></p>"; } else { //allow any user to be picked for a calloff entry $isCallOff = ""; if (isset($_POST['calloff'])) { echo '<input type="checkbox" id="calloff" name="calloff" value="YES" CHECKED />'; } else { echo '<input type="checkbox" id="calloff" name="calloff" value="YES" />'; } //echo 'onclick=\'addLookupButton("leave");\''; echo 'Call Off (ie. REPORT OFF)<br/>'; echo "Employee: "; //user ID passed from search if ($totalRows > 0) { echo '<input type="hidden" name="ID" value="' . $foundUserID . '" />' . $foundUserLNAME . ', ' . $foundUserFNAME; } else { //dropDownMenu($mysqli, 'FULLNAME', 'EMPLOYEE', $postID, 'ID'); $myq = "SELECT `IDNUM` , `LNAME` , `FNAME` \r\n FROM `EMPLOYEE`\r\n WHERE `IDNUM` = " . $config->mysqli->real_escape_string($postID); $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); $row = $result->fetch_assoc(); echo $row['LNAME'] . ', ' . $row['FNAME'] . "<input type='hidden' name='ID' value='" . $postID . "'>"; } echo ' <input type="submit" name="searchBtn" value="Lookup Employee" />'; ?> <script language="JavaScript" type="text/javascript"> function addLookupButton(formName) { // var _form = document.getElementById(formName); // var _calloff = document.getElementById('calloff'); // if(_calloff.checked){ // if(document.getElementById('jsearchBtn')){} // else{ // var _search = document.createElement('input'); // _search.type = "submit"; // _search.name = "searchBtn"; // _search.value = "Lookup Employee"; // _search.id = "jsearchBtn"; // _search.onclick = function(){_form.submit()}; // //_form.appendChild(_search); // _form.insertBefore(_search, _calloff); // } // } // else{ // if(document.getElementById('jsearchBtn')){ // var _oldSearch = document.getElementById('jsearchBtn'); // _form.removeChild(_oldSearch); // } // } } </script> <?php } ?> <p>Date of use/accumulation: <?php displayDateSelect('usedate', 'date_1', $postUseDate, true, !$isDateUse); ?> Through date (optional): <?php displayDateSelect('thrudate', 'date_2'); ?> </p> <p>Start time: <?php showTimeSelector("beg", $postBeg1, $postBeg2); ?> <?php if ($type == 'PR') { echo "<input type='radio' name='shift' value='8'>8 hour shift"; echo "<input type='radio' name='shift' value='12'>12 hour shift"; echo "</br>(Personal time must be used for an entire shift.)"; } else { ?> End time: <?php showTimeSelector("end", $postEnd1, $postEnd2); ?> </p> <?php } ?> </br> <p>Comment: <textarea rows="3" cols="40" name="comment" ><?php echo $comment; ?> </textarea></p> <?php //popUpMessage($updatingRequest); if ($updatingRequest === 'submittedRequests' || $requestAccepted) { echo '<p><input type="hidden" name="formName" value="submittedRequests" /> <input type="submit" name="update" value="Update Request"> <input type="submit" name="duplicateBtn" value="Duplicate Request" /> <INPUT TYPE="button" value="Back to My Requests" onClick="parent.location=\'wts_index.php?myReq=true\'"></p>'; } else { if (strpos($updatingRequest, 'hrEmpRep=true')) { echo '<p><input type="hidden" name="formName" value="submittedRequests" /> <input type="submit" name="update" value="Update Request"> <input type="submit" name="duplicateBtn" value="Duplicate Request" /> <INPUT TYPE="button" value="Back to Approvals" onClick="parent.location=\'' . $updatingRequest . '\'"></p>'; } else { echo '<p><input type="submit" name="submit" value="Submit for Approval"></p>'; } } ?> </form> <?php } } else { //intitial choice of type echo "<p><h3>Type of Request: </h3>"; dropDownMenu($mysqli, 'DESCR', 'TIMETYPE', FALSE, 'type'); echo "</p>"; } }
function resultTable($mysqli, $result, $isEditable = true) { //get the current page name to use as form action $action = $_SERVER['REQUEST_URI']; $numOfCols = $mysqli->field_count; //get number of columns $isEditBtn = isset($_POST['editBtn']); //echo '<table border="1" ><tr>'; echo '<link rel="stylesheet" href="templetes/DarkTemp/styles/tableSort.css" /> <script type="text/javascript" src="bin/jQuery/js/tableSort.js"></script> <div id="wrapper"> <table class="sortable" id="sorter">'; //fetch and write field names $i = 0; $fieldNameArray = array(); //to store original column names as in SQL $fieldNameAliasArray = array(); //to store column aliases applied in a query $tableNameArray = array(); //to store original table name $result->data_seek(0); while ($finfo = mysqli_fetch_field($result)) { echo "<th>" . $finfo->name . "</th>"; // original names of formatted columns switch ($finfo->name) { case 'Requested': $fieldNameArray[$i] = 'REQDATE'; break; case 'Used': $fieldNameArray[$i] = 'USEDATE'; break; case 'Start': $fieldNameArray[$i] = 'BEGTIME'; break; case 'End': $fieldNameArray[$i] = 'ENDTIME'; break; default: $fieldNameArray[$i] = $finfo->orgname; } $fieldNameAliasArray[$i] = $finfo->name; $tableNameArray[$i] = $finfo->orgtable; $i++; } //print_r($fieldNameArray); //DEBUG echo '</tr>'; //end the table heading record $result->data_seek(0); while ($row = $result->fetch_assoc()) { echo "<tr>"; if ($isEditBtn) { echo "<form action='" . $action . "' method='post' name='saveBtn'>"; } //begin data record and form for ($fieldCounter = 0; $numOfCols > $fieldCounter; $fieldCounter++) { if ($isEditBtn) { if (!dropDownMenu($mysqli, $fieldNameArray[$fieldCounter], $tableNameArray[$fieldCounter], $row["{$fieldNameAliasArray[$fieldCounter]}"], $fieldNameAliasArray[$fieldCounter])) { echo "<td><input type='text' name='{$fieldNameAliasArray[$fieldCounter]}' value='{$row["{$fieldNameAliasArray[$fieldCounter]}"]}'></td>"; } } else { //one cell of data echo "<td style='white-space: nowrap'>{$row["{$fieldNameAliasArray[$fieldCounter]}"]}</td>"; //echo "<td><a href='".$_SERVER['REQUEST_URI']."&editRecord=true'>${row["$fieldNameAliasArray[$fieldCounter]"]}</a></td>"; } } //loop through fields if ($isEditBtn) { echo '<td><input type="submit" name="saveBtn" value="Save" /></td>'; echo '</tr></form>'; //end data record and form } echo '</tr>'; //end data record } //loop through records echo '</tr>'; echo '</table></div> <script type="text/javascript"> var sorter=new table.sorter("sorter"); sorter.init("sorter",1); </script>'; ?> <form action="<?php echo $action; ?> " method="post" name="editBtn"> <?php //only let supervisors or higher edit requests if ($_SESSION['admin'] > 0 && $isEditable) { echo "<p><input type='submit' name='editBtn' value='Edit'></p></form>"; } //write any updates to DB when Save is pressed if (isset($_POST['saveBtn'])) { //$result = $mysqli->query($myq); //construct assoc array of user provided values in a format useful for SQL $values = array(); //print_r($fieldNameArray); //DEBUG for ($i = 0; $i < $numOfCols; $i++) { //fields that are not allowed to be edited if (!($fieldNameArray[$i] == 'AUDITID' || $fieldNameArray[$i] == 'IP' || $fieldNameArray[$i] == 'STATUS' || $fieldNameArray[$i] == 'APPROVEDBY' || $fieldNameArray[$i] == 'REQDATE' || $fieldNameArray[$i] == 'TSTAMP' || $fieldNameArray[$i] == 'Employee' || $tableNameArray[0] == 'REQUEST' && $fieldNameArray[$i] == 'LNAME')) { if ($fieldNameArray[$i] == 'DESCR') { //append ID to the table name to get correct fieldname (this requires a DB naming convention to be followed $values["{$fieldNameArray[$i]}"] = $tableNameArray[$i] . "ID=" . "'" . $mysqli->real_escape_string($_POST["{$fieldNameAliasArray[$i]}"]) . "'"; } else { if (!(strpos($fieldNameArray[$i], 'DATE') === false)) { //assign it as a datetime obj for formatting if it's a date $tempDate = new DateTime($mysqli->real_escape_string($_POST["{$fieldNameAliasArray[$i]}"])); $values["{$fieldNameArray[$i]}"] = $fieldNameArray[$i] . "=" . "'" . $tempDate->format('Y-m-d') . "'"; } else { if (!(strpos($fieldNameArray[$i], 'TIME') === false)) { //assign it as a datetime obj for formatting if it's a date $tempDate = new DateTime($mysqli->real_escape_string($_POST["{$fieldNameAliasArray[$i]}"])); $values["{$fieldNameArray[$i]}"] = $fieldNameArray[$i] . "=" . "'" . $tempDate->format('H:i') . "'"; } else { $values["{$fieldNameArray[$i]}"] = $fieldNameArray[$i] . "=" . "'" . $mysqli->real_escape_string($_POST["{$fieldNameAliasArray[$i]}"]) . "'"; } } } } } //print_r($fieldNameArray); //DEBUG $csvValues = implode(',', $values); $updateQuery = "UPDATE " . $tableNameArray[0] . " SET " . $csvValues . " \n WHERE " . $values["{$fieldNameArray['0']}"]; echo "<br>" . $updateQuery; //DEBUG //send the update $updateResult = $mysqli->query($updateQuery); SQLerrorCatch($mysqli, $updateResult); //update the AUDITID $auditQuery = "UPDATE " . $tableNameArray[0] . " SET AUDITID=" . $_SESSION['userIDnum']; $auditResult = $mysqli->query($auditQuery); } }