function write(&$frm) { if (isset($_REQUEST["btn_back"])) { return enter($frm); } if ($frm->validate("write")) { return confirm($frm); } $upd = new dbUpdate("suppstock", "cubit"); $del = new dbDelete("suppstock", "cubit"); foreach ($_REQUEST["stkcod"] as $suppid => $stkcod) { if (empty($stkcod)) { $del->setOpt("suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'"); $del->run(); continue; } $cols = grp(m("suppid", $suppid), m("stkid", $_REQUEST["id"]), m("stkcod", $stkcod)); $upd->setOpt($cols, "suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'"); $upd->run(DB_REPLACE); } foreach ($_REQUEST["stkdes"] as $suppid => $stkdes) { if (empty($stkcod)) { $del->setOpt("suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'"); $del->run(); continue; } $cols = grp(m("suppid", $suppid), m("stkid", $_REQUEST["id"]), m("stkdes", $stkdes)); $upd->setOpt($cols, "suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'"); $upd->run(DB_REPLACE); } $OUT = "<script>window.close();</script>"; return $OUT; }
function confirm($_POST) { # get vars extract($_POST); # validate input require_lib("validate"); $v = new validate(); $v->isOk($dept, "string", 1, 50, "Invalid User Department."); # display errors, if any if ($v->isError()) { $theseErrors = ""; $errors = $v->getErrors(); foreach ($errors as $e) { $theseErrors .= "-" . $e["msg"] . "<br>"; } $Errors = "\n \t<tr>\n \t\t<td class='err' colspan='2'>{$theseErrors}</td>\n \t</tr>\n\t\t\t<tr><td colspan='2'><br></td></tr>"; return enter($dept, $Errors); } $confirm = "\n\t\t<h3>Add User Department</h3>\n\t\t<h4>Confirm entry</h4>\n\t\t<table " . TMPL_tblDflts . " width='300'>\n\t\t<form action='" . SELF . "' method='POST'>\n\t\t\t<input type='hidden' name='key' value='write'>\n\t\t\t<input type='hidden' name='dept' value='{$dept}'>\n\t\t\t<tr>\n\t\t\t\t<th>Field</th>\n\t\t\t\t<th>Value</th>\n\t\t\t</tr>\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td>User Department</td>\n\t\t\t\t<td>{$dept}</td>\n\t\t\t</tr>\n\t\t\t<tr><td colspan='2'><br></td></tr>\n\t\t\t<tr>\n\t\t\t\t<th colspan='2'>Select Permissions</th>\n\t\t\t</tr>"; // list scripts db_connect(); $sql = "SELECT DISTINCT name, script FROM scripts ORDER BY script"; $rslt = db_exec($sql); $i = 0; while ($scr = pg_fetch_array($rslt)) { $confirm .= "\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td colspan='2' nowrap><input type='checkbox' name='perm[]' value='{$scr['name']}'>" . strtoupper($scr['script']) . "</td>\n\t\t\t</tr>"; $i++; } $confirm .= "\n\t\t\t<tr>\n\t\t\t\t<td align='right' colspan='3'><input type='submit' value='Add Dept »'></td>\n\t\t\t</tr>\n\t\t</form>\n\t\t</table>\n\t\t<p>\n\t\t<table " . TMPL_tblDflts . ">\n\t\t\t<tr>\n\t\t\t\t<th>Quick Links</th>\n\t\t\t</tr>\n\t\t\t<script>document.write(getQuicklinkSpecial());</script>\n\t\t</table>"; return $confirm; }
function search() { global $_GET; extract($_GET); require_lib("validate"); $v =& new Validate(); $v->isOk($idnum, "string", 0, 100, "Invalid id / registration number."); if ($v->isError()) { $err = ""; foreach ($v->getErrors() as $key => $value) { $err .= "<li class=err>{$value['msg']}</li>"; } return enter($err); } // post the search request $search_request = @file(urler(BLACKLIST_SEARCH_URL . "?idnum={$idnum}&" . sendhash())); if ($search_request == false) { $site_msg = "<li class=err>Connection to server failed. Check you internet connection and try again.</li>"; } else { $site_msg = ""; $status = 0; // 0 = none, 1 = read message foreach ($search_request as $value) { $value = str_replace("\n", "", $value); switch ($value) { case "<DR_E>": break; case "<DR_M>": $status = 1; break; case "</DR_M>": $status = 0; break; case "</DR_E>": $status = 0; break; default: if ($status == 1) { $site_msg .= "{$value}\n"; } } } } $OUTPUT = "\r\n\t<h3>Search Black / White List Registry</h3>"; foreach ($_GET as $key => $value) { if ($key != "key") { $OUTPUT .= "<input type=hidden name='{$key}' value='{$value}'>"; } } $OUTPUT .= "\r\n\t<table cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "'>\r\n\t<tr>\r\n\t\t<th>Data Returned</th>\r\n\t</tr>\r\n\t<tr class='bg-odd'>\r\n\t\t<td valign=top>{$site_msg}</td>\r\n\t</tr>\r\n\t</table>"; return $OUTPUT; }
function write() { extract($_REQUEST); require_lib("validate"); $v = new validate(); $v->isOk($wh_id, "num", 1, 9, "Invalid store id."); if ($v->isError()) { return enter($v->genErrors()); } $sql = "UPDATE hire.hire_settings SET value='{$wh_id}' WHERE field='wh_id'"; db_exec($sql) or errDie("Unable to save store id."); $OUTPUT = "<h3>Hire Settings</h3>\r\n\t<table " . TMPL_tblDflts . ">\r\n\t\t<tr><th colspan='2'>Write</th></tr>\r\n\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t<td><li>Successfully saved settings.</li></td>\r\n\t\t</tr>\r\n\t</table>"; return $OUTPUT; }
function write() { extract($_REQUEST); require_lib("validate"); $v = new validate(); $v->isOk($id, "num", 1, 9, "Invalid booking selection."); if ($v->isError()) { return enter($v->genErrors()); } $sql = "DELETE FROM hire.bookings WHERE id='{$id}'"; db_exec($sql) or errDie("Unable to retrieve bookings."); $OUTPUT = "<h3>Remove Booking</h3>\r\n\t<table " . TMPL_tblDflts . ">\r\n\t\t<tr>\r\n\t\t\t<th>Remove</th>\r\n\t\t</tr>\r\n\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t<td><li>Booking successfully removed</li></td>\r\n\t\t</tr>\r\n\t</table>"; return $OUTPUT; }
function update() { extract($_REQUEST); if (isset($remove)) { foreach ($remove as $id => $value) { $sql = "DELETE FROM cubit.pslip_reasons WHERE id='{$id}'"; db_exec($sql) or errDie("Unable to remove reasons."); } } if (!empty($reason)) { $sql = "INSERT INTO cubit.pslip_reasons (reason) VALUES ('{$reason}')"; db_exec($sql) or errDie("Unable to add reason."); } return enter(); }
function create($map, $set, $xSize) { foreach ($map as $k => $value) { if (in_array($value, $set)) { spot(); list($n) = explode('-', $value); if ($n == $xSize - 1) { enter(); } } else { blank(); if ($value[0] == $xSize - 1) { enter(); } } } }
function validate() { extract($_REQUEST); require_lib("validate"); $v = new validate(); $v->isOk($type_name, "string", 1, 255, "Invalid type name."); if ($v->isError()) { return enter($v->genErrors()); } // Make sure we don't have another entry with the same name $sql = "SELECT * FROM cubit.document_types WHERE type_name='{$type_name}'"; $dt_rslt = db_exec($sql) or errDie("Unable to retrieve document types."); if (pg_num_rows($dt_rslt)) { $errmsg = "<li class='err'>A document type with the same name exists.</li>"; return enter($errmsg); } }
function write() { extract($_REQUEST); require_lib("validate"); $v = new validate(); $v->isOk($name, "string", 1, 80, "Invalid type name."); $v->isOk($descr, "string", 0, 255, "Invalid description."); if ($v->isError()) { return enter($v->genErrors()); } if ($page_option == "Edit") { $sql = "UPDATE cubit.asset_types SET name='{$name}', description='{$descr}' WHERE id='{$id}'"; } else { $sql = "INSERT INTO cubit.asset_types (name, description) VALUES ('{$name}', '{$descr}')"; } db_exec($sql) or errDie("Unable to save asset type."); $OUTPUT = "\r\n\t\t<h3>{$page_option} Asset Type</h3>\r\n\t\t<form method='post' action='" . SELF . "'>\r\n\t\t<table " . TMPL_tblDflts . ">\r\n\t\t\t<tr>\r\n\t\t\t\t<th>Write</th>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td>Successfully Saved the Asset Type.</td>\r\n\t\t\t</tr>\r\n\t\t</table>\r\n\t\t</form>"; return $OUTPUT; }
function confirm() { extract($_REQUEST); require_lib("validate"); $v = new validate(); $v->isOk($title, "string", 1, 255, "Invalid title."); $v->isOk($team_id, "num", 1, 9, "Invalid team selection."); if ($v->isError()) { return enter($v->genErrors()); } // Retrieve team name $sql = "SELECT name FROM crm.teams WHERE id='{$team_id}'"; $team_rslt = db_exec($sql) or errDie("Unable to retrieve team."); $team_name = pg_fetch_result($team_rslt, 0); if (empty($team_name)) { $team_name = "[None]"; } $OUTPUT = "<h3>{$page_option} Main Todo</h3>\n\t<form method='post' action='" . SELF . "'>\n\t" . frmupdate_passon() . "\n\t<input type='hidden' name='key' value='write' />\n\t<input type='hidden' name='page_option' value='{$page_option}' />\n\t<input type='hidden' name='id' value='{$id}' />\n\t<input type='hidden' name='title' value='{$title}' />\n\t<input type='hidden' name='team_id' value='{$team_id}' />\n\t<table cellpadding='2' cellspacing='0' class='shtable'>\n\t\t<tr>\n\t\t\t<th colspan='2'>Confirm</th>\n\t\t</tr>\n\t\t<tr class='odd'>\n\t\t\t<td>Title</td>\n\t\t\t<td>{$title}</td>\n\t\t</tr>\n\t\t<tr class='even'>\n\t\t\t<td>Team Permissions</td>\n\t\t\t<td>{$team_name}</td>\n\t\t</tr>\n\t</table>\n\t<input type='submit' value='Write »' />\n\t</form>"; return $OUTPUT; }
function write() { extract($_REQUEST); require_lib("validate"); $v = new validate(); $v->isOk($name, "string", 1, 255, "Invalid team name."); $v->isOk($description, "string", 1, 255, "Invalid team description."); if ($v->isError()) { return enter($v->genErrors()); } if (strtolower($page_option) == "edit") { $sql = "\n\t\tUPDATE project.teams SET name='{$name}', description='{$description}'\n\t\tWHERE id='{$id}'"; db_exec($sql) or errDie("Unable to update team."); } else { $sql = "\n\t\tINSERT INTO project.teams (name, description)\n\t\tVALUES ('{$name}', '{$description}')"; db_exec($sql) or errDie("Unable to add team."); } $OUTPUT = "\n\t\t\t\t<h3>{$page_option} Project Management Team</h3>\n\t\t\t\t<table " . TMPL_tblDflts . ">\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<th>Write</th>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t\t<td><li>Successfully saved the team.</li></td>\n\t\t\t\t\t</tr>\n\t\t\t\t</table>"; return $OUTPUT; }
function write() { extract($_REQUEST); require_lib("validate"); $v = new validate(); $v->isOk($user_id, "num", 1, 20, "Invalid cubit user selection."); $v->isOk($description, "string", 0, 255, "Invalid person description."); if ($v->isError()) { return enter($v->genErrors()); } if (strtolower($page_option) == "edit") { $sql = "\n\t\tUPDATE project.people SET user_id='{$user_id}', description='{$description}'\n\t\tWHERE id='{$id}'"; db_exec($sql) or errDie("Unable to add person"); } else { $sql = "\n\t\tINSERT INTO project.people (user_id, description)\n\t\tVALUES ('{$user_id}', '{$description}')"; db_exec($sql) or errDie("Unable to add person."); } $OUTPUT = "<h3>{$page_option} Person</h3>\n\t<table " . TMPL_tblDflts . ">\n\t\t<tr>\n\t\t\t<th colspan='2'>Write</th>\n\t\t</tr>\n\t\t<tr class='" . bg_class() . "'>\n\t\t\t<td><li>Successfully saved the person to cubit.</li></td>\n\t\t</tr>\n\t</table>"; return $OUTPUT; }
function write() { extract($_REQUEST); require_lib("validate"); $v = new validate(); $v->isOk($hd_perc, "num", 1, 9, "Invalid half day rate."); if ($v->isError()) { return enter($v->genErrors()); } $sql = "SELECT value FROM cubit.settings WHERE constant='HD_PERC'"; $rslt = db_exec($sql) or errDie("Unable to retrieve percentage."); if (pg_num_rows($rslt)) { $sql = "\n\t\tUPDATE cubit.settings SET value='{$hd_perc}'\n\t\tWHERE constant='HD_PERC'"; } else { $sql = "\n\t\tINSERT INTO cubit.settings (constant, value)\n\t\t\tVALUES ('HD_PERC', '{$hd_perc}')"; } db_exec($sql) or errDie("Unable to update half day rate."); $msg = "<li class='yay'>Successfully saved half day rate.</li>"; return enter($msg); }
function confirm($_POST) { extract($_POST); // Validate require_lib("validate"); $v = new validate(); $v->isOk($ws_cond, "string", 1, 1024, "Invalid display notice."); // Did we get any errors? if ($v->isError()) { $confirm = ""; $errors = $v->getErrors(); foreach ($errors as $e) { $confirm .= "<li class=err>{$e['msg']}</li>"; } return enter($confirm); } // Layout $OUTPUT = "<h3>Workshop Settings</h3>\n\t<form method=post action='" . SELF . "'>\n\t<input type=hidden name=key value='write'>\n\t<input type=hidden name=ws_cond value='{$ws_cond}'>\n\t<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "'>\n\t <tr>\n\t <th colspan=2>Confirm</td>\n\t </tr>\n\t <tr class='bg-odd'>\n\t <td>Default workshop conditions</td>\n\t <td>" . nl2br($ws_cond) . "</td>\n\t </tr>\n\t <tr>\n\t <td colspan=2 align=right>\n\t <input type=submit name=key value='« Correction'>\n\t <input type=submit value='Write »'>\n\t </td>\n\t </tr>\n\t</table>"; return $OUTPUT; }
function write() { extract($_REQUEST); if (!preg_match("/(png|jpg|gif)\$/", $_FILES["file"]["name"])) { $msg = "<li class='err'>We only accept images of type png, jpg or gif</li>"; return enter($sorder_num, $msg); } $fp = fopen($_FILES["file"]["tmp_name"], "rb"); $buf = ""; while (!feof($fp)) { $buf .= fread($fp, 1024); } $file = base64_encode($buf); $sql = "INSERT INTO cubit.pslip_signed_files (file) VALUES ('{$file}')"; db_exec($sql) or errDie("Unable to add signed invoice."); $id = pglib_lastid("cubit.pslip_signed_files", "id"); $sql = "\n\t\tINSERT INTO cubit.pslip_signed_index (\n\t\t\tid, file_name, file_type, sordid\n\t\t) VALUES (\n\t\t\t'{$id}', '" . $_FILES["file"]["name"] . "', '" . $_FILES["file"]["type"] . "', '{$sordid}'\n\t\t)"; db_exec($sql) or errDie("Unable to add signed invoice index."); $OUTPUT = "\n\t\t<h3>Signed Invoice</h3>\n\t\t<table " . TMPL_tblDflts . ">\n\t\t\t<tr>\n\t\t\t\t<th>Write</th>\n\t\t\t</tr>\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td><li>Signed Invoice Successfully Added.</li></td>\n\t\t\t</tr>\n\t\t</table>"; return $OUTPUT; }
function write() { extract($_REQUEST); require_lib("validate"); $v = new validate(); $v->isOk($name, "string", 1, 255, "Invalid name."); $v->isOk($description, "string", 0, 255, "Invalid description."); $v->isOk($extension, "string", 0, 65, "Invalid extension."); if ($v->isError()) { return enter($v->genErrors()); } if (strtolower($page_option) == "edit") { $sql = "UPDATE project.doc_types SET name='{$name}', description='{$description}', extension='{$extension}' WHERE id='{$id}'"; db_exec($sql) or errDie("Unable to update document type."); } else { $sql = "INSERT INTO project.doc_types (name, description, extension) VALUES ('{$name}', '{$description}', '{$extension}')"; db_exec($sql) or errDie("Unable to add document type."); } $OUTPUT = "\n\t\t<h3>{$page_option} Project Document Type</h3>\n\t\t<table " . TMPL_tblDflts . ">\n\t\t\t<tr>\n\t\t\t\t<th>Write</th>\n\t\t\t</tr>\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td><li>Successfully added the document type.</li></td>\n\t\t\t</tr>\n\t\t</table>"; return $OUTPUT; }
function request($frm) { if (isset($_POST["btn_back"])) { return enter($frm); } if ($frm->validate("request")) { return confirm($frm); } $newkey = genkey(); if (isset($_REQUEST["suppid"])) { $suppid = $_REQUEST["suppid"]; $custid = "0"; } else { $custid = $_REQUEST["custid"]; $suppid = "0"; } $cols = grp(m("introtime", raw("CURRENT_TIMESTAMP")), m("introip", "0.0.0.0"), m("email", $_REQUEST["email"]), m("custid", $custid), m("suppid", $suppid), m("key", dbrow("0.0.0.0/0", "", $newkey)), m("userid", USER_ID)); $upd = new dbUpdate("keys", "trh", $cols); $upd->run(DB_INSERT); if ($upd->affected() > 0) { if (isset($_REQUEST["suppid"])) { if (($r = send_trhmsg("supp", $_REQUEST["suppid"], $_REQUEST["email"], "reqkey", $newkey)) === true) { $OUT = "Sent request for communication to supplier. On response you will be notified."; } else { $OUT = "Error sending request for communication: {$r}"; } } else { if (($r = send_trhmsg("cust", $_REQUEST["custid"], $_REQUEST["email"], "reqkey", $newkey)) === true) { $OUT = "Sent request for communication to customer. On response you will be notified."; } else { $OUT = "Error sending request for communication: {$r}"; } } } else { $OUT = "Error sending request for communication: Error updating database."; } return $OUT; }
function confirm($_POST) { extract($_POST); require_lib("validate"); $v = new validate(); $v->isOk("{$retrtries}", "num", 0, 3, "Invalid value for tries."); $v->isOk("{$retrmins}", "num", 0, 3, "Invalid value for minutes."); if ($retrtries != 0 && $retrmins == 0) { $v->addError('', "Tries needs a value"); } elseif ($retrmins != 0 && $retrtries == 0) { $v->addError('', "Minutes needs a value"); } if ($v->isError()) { $confirm = ""; $errors = $v->getErrors(); foreach ($errors as $e) { $confirm .= "<li class=err>{$e['msg']}</li>"; } return enter($confirm); } $OUTPUT = "<form method=post action='" . SELF . "'>\n\n\t<input type=hidden name=key value='write'>\n\t<input type=hidden name=retrtries value='{$retrtries}'>\n\t<input type=hidden name=retrminutes value='{$retrmins}'>\n\n\t<table border=0 cellspacing='" . TMPL_tblCellSpacing . "' cellpadding='" . TMPL_tblCellPadding . "'>\n\t\t<th>Setting</th>\n\t\t<th>Value</th>\n\t\t<tr class='bg-odd'>\n\t\t\t<td>Login retries:</td>\n\t\t\t<td>{$retrtries}</td>\n\t\t</tr>\n\t\t<tr class='bg-even'>\n\t\t\t<td>Blocked Time:</td>\n\t\t\t<td>{$retrmins}</td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td align=right colspan=2><input type=submit value='Write »'></td>\n\t\t</tr>\n\t\t<tr><td> </td></tr>\n\t\t<tr><th>Quick Links</th></tr>\n\t\t<script>document.write(getQuicklinkSpecial());</script>\n\t</table>\n\t</form>"; require 'template.php'; }
function write($_POST) { extract($_POST); require_lib("validate"); $v = new validate(); $v->isOk($id, "num", 1, 255, "Invalid group id."); if ($v->isError()) { return enter($_POST, $v->genErrors()); } $get_grp = "SELECT grouptitle FROM egroups WHERE id = '{$id}' LIMIT 1"; $run_grp = db_exec($get_grp) or errDie("Unable to get email group information (0)"); if (pg_numrows($run_grp) < 1) { #no group found ??? return confirm($_POST, "<li class='err'>Email group not found.</li>"); } $gtitle = pg_fetch_result($run_grp, 0, 0); $write_sql = "DELETE FROM egroups WHERE id = '{$id}'"; $run_write = db_exec($write_sql) or errDie("Unable to remove group information."); $write_sql2 = "DELETE FROM email_groups WHERE email_group = '{$gtitle}'"; $run_write2 = db_exec($write_sql2) or errDie("Unable to remove email group email addresses."); $OUTPUT = "<h3>Write Group</h3>\n\t<table " . TMPL_tblDflts . ">\n\t\t<tr>\n\t\t\t<th>Write</th>\n\t\t</tr>\n\t\t<tr class='" . bg_class() . "'>\n\t\t\t<td><li>Successfully removed the group.</li></td>\n\t\t</tr>\n\t</table>"; return $OUTPUT; }
function PDITT_UserConnect($data){ $username = $data['username']; $password = $data['password']; $idnumber = $data['idnumber']; $cek = cek_user_pditt($username,$password); if (!$cek){ return array('errcode'=>100, 'reason'=>'user cannot login'); } $username_moodle = $cek['userid']; $password_moodle = $cek['d']; $result = find_course_pditt($idnumber); if ($result==-1){ return array('errcode'=>100, 'courseid'=>0, 'reason'=>'course not found'); } enter($username,$password_moodle); return array('errcode'=>0, 'cmd'=>'GO','url'=> $result['url']); }
function write($_POST) { extract($_POST); require_lib("validate"); $v = new validate(); $v->isOk($group, "string", 1, 255, "Invalid group name."); if ($v->isError()) { return enter($_POST, $v->genErrors()); } #clean and prepare vars $grouptitle = strtolower($group); $grouptitle = str_replace("'", "", $grouptitle); $grouptitle = str_replace("\\", "", $grouptitle); $grouptitle = str_replace("|", "", $grouptitle); $grouptitle = str_replace("@", "", $grouptitle); $grouptitle = str_replace("!", "", $grouptitle); $grouptitle = str_replace("?", "", $grouptitle); $grouptitle = str_replace("%", "", $grouptitle); $grouptitle = str_replace(" ", "", $grouptitle); $write_sql = "INSERT INTO egroups (grouptitle,groupname) VALUES ('{$grouptitle}','{$group}')"; $run_write = db_exec($write_sql) or errDie("Unable to add group information."); $OUTPUT = "<h3>Write Group</h3>\n\t<table " . TMPL_tblDflts . ">\n\t\t<tr>\n\t\t\t<th>Write</th>\n\t\t</tr>\n\t\t<tr class='" . bg_class() . "'>\n\t\t\t<td><li>Successfully saved the group.</li></td>\n\t\t</tr>\n\t</table>"; return $OUTPUT; }
#The full software license can be found here: #http://www.accounting-123.com/a.php?a=153/GPLv3 # # # # # # # # # # # require "../settings.php"; require "../core-settings.php"; $OUTPUT = enter($_POST); require "../template.php"; function enter($_POST) { $shownewaccount = ""; extract($_POST); if (isset($ledger) && $ledger != "sel") { $ledgers = $ledger . "<input type='hidden' name='ledger' value='{$ledger}'>"; if ($ledger == "Customer Ledger") { db_conn('cubit'); $Sl = "SELECT cusnum,accno,surname FROM customers WHERE location='loc' ORDER BY surname"; $Ri = db_exec($Sl) or errDie("Unable to select customer"); $accounts = "\n\t\t\t\t<select name='account' onchange='if (this.value==\"multi\") document.form.submit();'>\n\t\t\t\t\t<option value='sel'>Select Customer</option>\n\t\t\t\t\t<option value='multi'>Multiple Customers/One Receipt</option>"; while ($data = pg_fetch_array($Ri)) { if (isset($account) && $account == $data['cusnum']) { $sel = "selected";
<?php require "settings.php"; require "sales_forecast.lib.php"; if (isset($_REQUEST["key"])) { switch ($_REQUEST["key"]) { case "enter": $OUTPUT = enter(); break; case "compare": $OUTPUT = compare(); break; } } else { $OUTPUT = enter(); } require "template.php"; function enter() { extract($_REQUEST); $fields = array(); $fields["prd"] = "month"; extract($fields, EXTR_SKIP); if ($prd == "month") { $prd_month = "checked"; $prd_week = ""; } else { $prd_month = ""; $prd_week = "checked"; } // Retrieve list of sales forecasts
function write() { global $_GET; extract($_GET); require_lib("validate"); $v =& new Validate(); $v->isOk($privilege_owner, "string", 0, 100, "Invalid privilege username."); if ($privilege != 'R' && $privilege != 'W') { $v->addError("", "Invalid privilege."); } if (isset($del) && is_array($del)) { foreach ($del as $key => $value) { $v->isOk($key, "num", 1, 9, "Invalid delete option selected."); } } else { $del = array(); } if ($v->isError()) { $err = ""; foreach ($v->getErrors() as $key => $value) { $err .= "<li class=err>{$value['msg']}</li>"; } return enter($err); } if ($privilege_owner != "0") { db_conn("cubit"); $sql = "INSERT INTO diary_privileges (diary_owner, priv_owner, privilege)\r\n\t\t\tVALUES('" . USER_NAME . "', '{$privilege_owner}', '{$privilege}')"; $rslt = db_exec($sql) or errDie("Error creating privilege."); } foreach ($del as $user => $value) { db_conn("cubit"); $sql = "DELETE FROM diary_privileges WHERE id='{$user}'"; $rslt = db_exec($sql) or errDie("Error deleting diary privileges."); } unset($_GET["privilege_owner"]); $OUTPUT = enter("Successfully updated privileges."); return $OUTPUT; }
function validate($data) { extract($data); require_lib("validate"); $v = new validate(); $v->isOk($pricelist, "num", 1, 20, "Invalid pricelist selection."); $v->isOk($category, "num", 1, 20, "Invalid category selection."); $v->isOk($classification, "num", 1, 20, "Invalid classification selection."); $v->isOk($increase, "float", 1, 20, "Invalid increase percentage."); $v->isOk($decrease, "float", 1, 20, "Invalid decrease percentage."); if (is_numeric($pricelist) && $pricelist) { $sql = "SELECT listid FROM exten.pricelist WHERE listid='{$pricelist}'"; $pricelist_rslt = db_exec($sql) or errDie("Unable to retrieve pricelist."); if (!pg_num_rows($pricelist_rslt)) { $v->addError("", "Selected pricelist does not exist."); } } if (is_numeric($category) && $category) { $sql = "SELECT catid FROM cubit.stockcat WHERE catid='{$category}'"; $category_rslt = db_exec($sql) or errDie("Unable to retrieve category."); if (!pg_num_rows($category_rslt)) { $v->addError("", "Selected category does not exist."); } } if (is_numeric($classification) && $classification) { $sql = "SELECT clasid FROM cubit.stockclass WHERE clasid='{$classification}'"; $classification_rslt = db_exec($sql) or errDie("Unable to retrieve classification."); if (!pg_num_rows($classification_rslt)) { $v->addError("", "Selected classification does not exist."); } } if ($v->isError()) { return enter($v->genErrors()); } return true; }
function write($_POST) { # get vars extract($_POST); # validate input require_lib("validate"); $v = new validate(); $v->isOk($type, "string", 1, 255, "Invalid Transaction type switch."); $v->isOk($typename, "string", 1, 255, "Invalid Transaction type."); $edate = $v->chkrDate($edate, "Invalid date."); $v->isOk($amount, "float", 1, 13, "Invalid Amount."); $v->isOk($descrip, "string", 0, 255, "Invalid description."); if (isset($ccids)) { foreach ($ccids as $key => $value) { $v->isOk($ccperc[$key], "float", 1, 20, "Invalid Cost center percentage."); } } else { return enter($_POST, "<li class=err> There are no Cost centers found."); } # display errors, if any if ($v->isError()) { $confirmCust = ""; $errors = $v->getErrors(); foreach ($errors as $e) { $confirmCust .= "<li class='err'>" . $e["msg"] . "</li>"; } return enter($_POST, $confirm); $confirmCust .= "<p><input type='button' onClick='JavaScript:history.back();' value='« Correct submission'>"; return $confirmCust; } $type = strtolower($type); $edate = ext_rdate($edate); $edarr = explode("-", $edate); $prd = $edarr[1]; ## start transaction pglib_transaction("BEGIN") or errDie("Unable to start transaction."); $ccenters = ""; foreach ($ccids as $key => $value) { db_connect(); $sql = "SELECT * FROM costcenters_links WHERE id = '{$ccids[$key]}'"; $ccRslt = db_exec($sql) or errDie("Unable to retrieve Cost centers from database."); $cc = pg_fetch_array($ccRslt); $ccamts[$key] = sprint($amount * ($ccperc[$key] / 100)); #we need to connect to the actual period db db_conn($prd); if ($type == "dtct") { $sql = "\n\t\t\t\t\tINSERT INTO cctran \n\t\t\t\t\t\t(ccid, trantype, typename, edate, description, amount, username, div, project) \n\t\t\t\t\tVALUES \n\t\t\t\t\t\t('{$ccids[$key]}', 'dt', '{$typename}', '{$edate}', '{$descrip}', '{$ccamts[$key]}', '" . USER_NAME . "', '" . USER_DIV . "', '{$ccidpro[$key]}')"; $insRslt = db_exec($sql) or errDie("Unable to retrieve insert Cost center amounts into database."); $sql = "\n\t\t\t\t\tINSERT INTO cctran \n\t\t\t\t\t\t(ccid, trantype, typename, edate, description, amount, username, div, project) \n\t\t\t\t\tVALUES \n\t\t\t\t\t\t('{$ccids[$key]}', 'ct', '{$typename}', '{$edate}', '{$descrip}', '{$ccamts[$key]}', '" . USER_NAME . "', '" . USER_DIV . "', '{$ccidpro[$key]}')"; $insRslt = db_exec($sql) or errDie("Unable to retrieve insert Cost center amounts into database."); } else { $sql = "\n\t\t\t\t\tINSERT INTO cctran \n\t\t\t\t\t\t(ccid, trantype, typename, edate, description, amount, username, div, project) \n\t\t\t\t\tVALUES \n\t\t\t\t\t\t('{$ccids[$key]}', '{$type}', '{$typename}', '{$edate}', '{$descrip}', '{$ccamts[$key]}', '" . USER_NAME . "', '" . USER_DIV . "', '{$ccidpro[$key]}')"; $insRslt = db_exec($sql) or errDie("Unable to retrieve insert Cost center amounts into database."); } } db_connect(); #now remove the temp entry $rem_sql = "DELETE FROM cc_popup_data WHERE id = '{$writeid}'"; $run_rem = db_exec($rem_sql) or errDie("Unable to remove temporary cost center information."); pglib_transaction("COMMIT") or errDie("Unable to complete transaction."); // Layout $write = "\n\t\t<center>\n\t\t<table " . TMPL_tblDflts . " width='300'>\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td align='center'><b>( i )</b> Amount has been allocated to Cost Centers. <b>( i )</b></td>\n\t\t\t</tr>\n\t\t</table>\n\t\t<p>\n\t\t<input type=button value=' [X] Close ' onClick='javascript:window.close();'>\n\t\t</center>"; return $write; }
function write($_POST) { extract($_POST); $id += 0; # validate input require_lib("validate"); $v = new validate(); $v->isOk($name, "string", 1, 100, "Invalid name."); $v->isOk($pos, "string", 0, 100, "Invalid position."); $v->isOk($tell, "string", 0, 100, "Invalid tel."); $v->isOk($cell, "string", 0, 100, "Invalid cel."); $v->isOk($fax, "string", 0, 100, "Invalid fax."); $v->isOk($email, "email", 0, 100, "Invalid email."); $v->isOk($notes, "string", 0, 200, "Invalid notes."); # display errors, if any if ($v->isError()) { $confirm = ""; $errors = $v->getErrors(); foreach ($errors as $e) { $confirm .= "<li class='err'>" . $e["msg"] . "</li>"; } return $confirm . enter($_POST); } db_conn('cubit'); $Sl = "SELECT * FROM cons WHERE id='{$id}'"; $Ry = db_exec($Sl) or errDie("Unable to get con info."); if (pg_num_rows($Ry) < 1) { return "Invalid contact."; } $Sl = "INSERT INTO conpers (con,name,pos,tell,cell,fax,email,notes,div) VALUES('{$id}','{$name}','{$pos}','{$tell}','{$cell}','{$fax}','{$email}','{$notes}','" . USER_DIV . "')"; $Ry = db_exec($Sl) or errDie("Unable to insert conper."); $conid = pglib_lastid("conpers", "id"); if (isset($crm)) { header("Location: crm/tokens-new.php?id={$id}&conper={$conid}"); exit; } // Write the image (if any) if ($upload_img == "yes") { if (preg_match("/(image\\/jpeg|image\\/png|image\\/gif)/", $_FILES["img_file"]["type"], $extension)) { $img = ""; $fp = fopen($_FILES["img_file"]["tmp_name"], "rb"); while (!feof($fp)) { $img .= fread($fp, 1024); } fclose($fp); $img = base64_encode($img); $sql = "INSERT INTO cubit.scons_img (con_id, type, file, size)\r\n\t\t\tVALUES ('{$con_id}', '" . $_FILES["img_file"]["type"] . "', '{$img}',\r\n\t\t\t\t'" . $_FILES["img_file"]["size"] . "')"; $ci_rslt = db_exec($sql) or errDie("Unable to add contact image."); } else { return "<li class='err'>\r\n\t\t\t\tPlease note we only accept PNG, GIF and JPEG images.\r\n\t\t\t</li>"; } } $out = "\r\n\t\t\t\t<table " . TMPL_tblDflts . " width='50%'>\r\n\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t<th>Contact added</th>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t\t<tr class='datacell'>\r\n\t\t\t\t\t\t<td>{$name} has been added to Cubit.</td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t</table>\r\n\t\t\t\t<p>\r\n\t\t\t\t<table " . TMPL_tblDflts . ">\r\n\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t<th>Quick Links</th>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t\t\t<td><a href='conper-add.php?type=conn&id={$id}'>Add another contact</a></td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t\t\t<td><a href='list_cons.php'>Contacts</a></td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t\t\t<td><a href='main.php'>Main Menu</a></td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t</table>"; return $out; }
<?php echo '<html>'; echo '<!-- Latest compiled and minified CSS --> <link rel="stylesheet" href="public/css/bootstrap.min.css" integrity="sha512-dTfge/zgoMYpP7QbHy4gWMEGsbsdZeCXz7irItjcC3sPUFtf0kuFbDz/ixG7ArTxmDjLXDmezHubeNikyKGVyQ==" crossorigin="anonymous"> <!-- Optional theme --> <link rel="stylesheet" href="public/css/bootstrap-theme.min.css" integrity="sha384-aUGj/X2zp5rLCbBxumKTCw2Z50WgIr1vs/PFN4praOTvYXWlVyh2UtNUU0KAUhAX" crossorigin="anonymous"> <!-- Latest compiled and minified JavaScript --> <script src="public/js/bootstrap.min.js" integrity="sha512-K1qjQ+NcF2TYO/eI3M6v8EiNYZfA95pQumfvcVrTHtwQVDG+aHRqLi/ETn2uB+1JqwYqVG3LIvdm9lj6imS/pQ==" crossorigin="anonymous"></script>'; enter(); echo '<form method="POST" action="http://localhost:8000"> <div class="form-group"> <label for="exampleInputLogin">Login:</label> <input type="text" class="form-control" id="exampleInputLogin" name="login"/><br/>' . validateLogin($_REQUEST['login']) . ' </div> <div class="form-group"> <label for="exampleInputPassword1">Password</label> <input type="text" class="form-control" id="exampleInputPassword" name="password"/></br>' . validatePassword($_REQUEST['password']) . ' </div> <input type="submit" class="btn btn-default" value="Send"/> </form>'; enter(); echo '<a href="/src/reg.php">Зарегистрируйтесь</a>'; echo '</html>'; /* http://getbootstrap.com/getting-started/#template - Sign-in page http://getbootstrap.com/examples/signin/ */ /*сделать форму регистрации*/
# # require "settings.php"; if ($_POST) { switch ($_POST["key"]) { case "confirm": $OUTPUT = confirm($_POST); break; case "write": $OUTPUT = write($_POST); break; default: $OUTPUT = enter($_GET); } } else { $OUTPUT = enter($_GET); } require "template.php"; function enter($_GET) { # get vars extract($_GET); if (!isset($terms)) { db_connect(); $sql = "SELECT terms FROM compinfo"; $rs = db_exec($sql) or errDie("Unable To Read Terms"); if (pg_numrows($rs) < 1) { $terms = ""; } else { $compdata = pg_fetch_array($rs); $terms = $compdata['terms'];
function enter2($_POST) { extract($_POST); $description = safe($description); $pn = safe($pn); $type = safe($type); $action = safe($action); if ($action == "Customer Payment" && $pn == "-") { return "<li class='err'>You cannot have a 'Payment from customer' on your statement for a negative amount.</li>" . enter($_POST); } if ($action == "Supplier Payment" && $pn == "+") { return "<li class='err'>You cannot have a 'Payment to supplier' on your statement for a positive amount.</li>" . enter($_POST); } if ($action == "Insert into cashbook") { $details = "\r\n\t\t\t<select name='account'>\r\n\t\t\t\t<option value=''>Select Account</option>"; db_conn('core'); $Sl = "SELECT * FROM accounts WHERE div = '" . USER_DIV . "' ORDER BY accname"; $Rl = db_exec($Sl) or errDie("Unable to get account data."); if (pg_numrows($Rl) < 1) { return "<li>There are No accounts in Cubit."; } while ($ad = pg_fetch_array($Rl)) { if (isDisabled($ad['accid'])) { continue; } $details .= "<option value='{$ad['accid']}'>{$ad['accname']}</option>"; } $details .= "</select>"; } elseif ($action == "Customer Payment") { db_conn('cubit'); $Sl = "SELECT cusnum,surname FROM customers WHERE div='" . USER_DIV . "' AND location='loc' ORDER BY surname"; $Rl = db_exec($Sl) or errDie("Unable to get customers."); $details = "\r\n\t\t\t<select name='account'>\r\n\t\t\t\t<option value='0'>Select Customer</option>"; while ($cd = pg_fetch_array($Rl)) { $details .= "<option value='{$cd['cusnum']}'>{$cd['surname']}</option>"; } $details .= "</select>"; } elseif ($action == "Supplier Payment") { db_conn('cubit'); $Sl = "SELECT supid,supname FROM suppliers WHERE div='" . USER_DIV . "' AND location='loc' ORDER BY supname"; $Rl = db_exec($Sl) or errDie("Unable to get suppliers."); $details = "\r\n\t\t\t<select name='account'>\r\n\t\t\t\t<option value=0>Select Supplier</option>"; while ($cd = pg_fetch_array($Rl)) { $details .= "<option value='{$cd['supid']}'>{$cd['supname']}</option>"; } $details .= "</select>"; } elseif ($action == "Ignore") { $details = "<input type=hidden name=account value=0>"; } elseif ($action == "Delete") { $details = "<input type=hidden name=account value=0>"; } $out = "\r\n\t\t<h3>Add statement description details</h3>\r\n\t\t<table " . TMPL_tblDflts . ">\r\n\t\t<form action='" . SELF . "' method='POST'>\r\n\t\t\t<input type='hidden' name='key' value='confirm'>\r\n\t\t\t<input type='hidden' name='description' value='{$description}'>\r\n\t\t\t<input type='hidden' name='pn' value='{$pn}'>\r\n\t\t\t<input type='hidden' name='type' value='{$type}'>\r\n\t\t\t<input type='hidden' name='action' value='{$action}'>\r\n\t\t\t<tr>\r\n\t\t\t\t<th colspan='2'>Details</th>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td>Description</td>\r\n\t\t\t\t<td>{$description}</td>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td>+/-</td>\r\n\t\t\t\t<td>{$pn}</td>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td>Type</td>\r\n\t\t\t\t<td>{$type}</td>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td>Action</td>\r\n\t\t\t\t<td>{$action}</td>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td>Action Details</td>\r\n\t\t\t\t<td>{$details}</td>\r\n\t\t\t</tr>\r\n\t\t\t<tr><td><br></td></tr>\r\n\t\t\t<tr>\r\n\t\t\t\t<td colspan='2' align='right'><input type='submit' value='Confirm »'></td>\r\n\t\t\t</tr>\r\n\t\t</form>\r\n\t\t</table>"; return $out; }