function write(&$frm)
{
if (isset($_REQUEST["btn_back"])) {
return enter($frm);
}
if ($frm->validate("write")) {
return confirm($frm);
}
$upd = new dbUpdate("suppstock", "cubit");
$del = new dbDelete("suppstock", "cubit");
foreach ($_REQUEST["stkcod"] as $suppid => $stkcod) {
if (empty($stkcod)) {
$del->setOpt("suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'");
$del->run();
continue;
}
$cols = grp(m("suppid", $suppid), m("stkid", $_REQUEST["id"]), m("stkcod", $stkcod));
$upd->setOpt($cols, "suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'");
$upd->run(DB_REPLACE);
}
foreach ($_REQUEST["stkdes"] as $suppid => $stkdes) {
if (empty($stkcod)) {
$del->setOpt("suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'");
$del->run();
continue;
}
$cols = grp(m("suppid", $suppid), m("stkid", $_REQUEST["id"]), m("stkdes", $stkdes));
$upd->setOpt($cols, "suppid='{$suppid}' AND stkid='{$_REQUEST['id']}'");
$upd->run(DB_REPLACE);
}
$OUT = "<script>window.close();</script>";
return $OUT;
}
function confirm($_POST)
{
# get vars
extract($_POST);
# validate input
require_lib("validate");
$v = new validate();
$v->isOk($dept, "string", 1, 50, "Invalid User Department.");
# display errors, if any
if ($v->isError()) {
$theseErrors = "";
$errors = $v->getErrors();
foreach ($errors as $e) {
$theseErrors .= "-" . $e["msg"] . "<br>";
}
$Errors = "\n \t<tr>\n \t\t<td class='err' colspan='2'>{$theseErrors}</td>\n \t</tr>\n\t\t\t<tr><td colspan='2'><br></td></tr>";
return enter($dept, $Errors);
}
$confirm = "\n\t\t<h3>Add User Department</h3>\n\t\t<h4>Confirm entry</h4>\n\t\t<table " . TMPL_tblDflts . " width='300'>\n\t\t<form action='" . SELF . "' method='POST'>\n\t\t\t<input type='hidden' name='key' value='write'>\n\t\t\t<input type='hidden' name='dept' value='{$dept}'>\n\t\t\t<tr>\n\t\t\t\t<th>Field</th>\n\t\t\t\t<th>Value</th>\n\t\t\t</tr>\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td>User Department</td>\n\t\t\t\t<td>{$dept}</td>\n\t\t\t</tr>\n\t\t\t<tr><td colspan='2'><br></td></tr>\n\t\t\t<tr>\n\t\t\t\t<th colspan='2'>Select Permissions</th>\n\t\t\t</tr>";
// list scripts
db_connect();
$sql = "SELECT DISTINCT name, script FROM scripts ORDER BY script";
$rslt = db_exec($sql);
$i = 0;
while ($scr = pg_fetch_array($rslt)) {
$confirm .= "\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td colspan='2' nowrap><input type='checkbox' name='perm[]' value='{$scr['name']}'>" . strtoupper($scr['script']) . "</td>\n\t\t\t</tr>";
$i++;
}
$confirm .= "\n\t\t\t<tr>\n\t\t\t\t<td align='right' colspan='3'><input type='submit' value='Add Dept »'></td>\n\t\t\t</tr>\n\t\t</form>\n\t\t</table>\n\t\t<p>\n\t\t<table " . TMPL_tblDflts . ">\n\t\t\t<tr>\n\t\t\t\t<th>Quick Links</th>\n\t\t\t</tr>\n\t\t\t<script>document.write(getQuicklinkSpecial());</script>\n\t\t</table>";
return $confirm;
}
function search()
{
global $_GET;
extract($_GET);
require_lib("validate");
$v =& new Validate();
$v->isOk($idnum, "string", 0, 100, "Invalid id / registration number.");
if ($v->isError()) {
$err = "";
foreach ($v->getErrors() as $key => $value) {
$err .= "<li class=err>{$value['msg']}</li>";
}
return enter($err);
}
// post the search request
$search_request = @file(urler(BLACKLIST_SEARCH_URL . "?idnum={$idnum}&" . sendhash()));
if ($search_request == false) {
$site_msg = "<li class=err>Connection to server failed. Check you internet connection and try again.</li>";
} else {
$site_msg = "";
$status = 0;
// 0 = none, 1 = read message
foreach ($search_request as $value) {
$value = str_replace("\n", "", $value);
switch ($value) {
case "<DR_E>":
break;
case "<DR_M>":
$status = 1;
break;
case "</DR_M>":
$status = 0;
break;
case "</DR_E>":
$status = 0;
break;
default:
if ($status == 1) {
$site_msg .= "{$value}\n";
}
}
}
}
$OUTPUT = "\r\n\t<h3>Search Black / White List Registry</h3>";
foreach ($_GET as $key => $value) {
if ($key != "key") {
$OUTPUT .= "<input type=hidden name='{$key}' value='{$value}'>";
}
}
$OUTPUT .= "\r\n\t<table cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "'>\r\n\t<tr>\r\n\t\t<th>Data Returned</th>\r\n\t</tr>\r\n\t<tr class='bg-odd'>\r\n\t\t<td valign=top>{$site_msg}</td>\r\n\t</tr>\r\n\t</table>";
return $OUTPUT;
}
function write()
{
extract($_REQUEST);
require_lib("validate");
$v = new validate();
$v->isOk($wh_id, "num", 1, 9, "Invalid store id.");
if ($v->isError()) {
return enter($v->genErrors());
}
$sql = "UPDATE hire.hire_settings SET value='{$wh_id}' WHERE field='wh_id'";
db_exec($sql) or errDie("Unable to save store id.");
$OUTPUT = "<h3>Hire Settings</h3>\r\n\t<table " . TMPL_tblDflts . ">\r\n\t\t<tr><th colspan='2'>Write</th></tr>\r\n\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t<td><li>Successfully saved settings.</li></td>\r\n\t\t</tr>\r\n\t</table>";
return $OUTPUT;
}
function write()
{
extract($_REQUEST);
require_lib("validate");
$v = new validate();
$v->isOk($id, "num", 1, 9, "Invalid booking selection.");
if ($v->isError()) {
return enter($v->genErrors());
}
$sql = "DELETE FROM hire.bookings WHERE id='{$id}'";
db_exec($sql) or errDie("Unable to retrieve bookings.");
$OUTPUT = "<h3>Remove Booking</h3>\r\n\t<table " . TMPL_tblDflts . ">\r\n\t\t<tr>\r\n\t\t\t<th>Remove</th>\r\n\t\t</tr>\r\n\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t<td><li>Booking successfully removed</li></td>\r\n\t\t</tr>\r\n\t</table>";
return $OUTPUT;
}
function update()
{
extract($_REQUEST);
if (isset($remove)) {
foreach ($remove as $id => $value) {
$sql = "DELETE FROM cubit.pslip_reasons WHERE id='{$id}'";
db_exec($sql) or errDie("Unable to remove reasons.");
}
}
if (!empty($reason)) {
$sql = "INSERT INTO cubit.pslip_reasons (reason) VALUES ('{$reason}')";
db_exec($sql) or errDie("Unable to add reason.");
}
return enter();
}
function create($map, $set, $xSize)
{
foreach ($map as $k => $value) {
if (in_array($value, $set)) {
spot();
list($n) = explode('-', $value);
if ($n == $xSize - 1) {
enter();
}
} else {
blank();
if ($value[0] == $xSize - 1) {
enter();
}
}
}
}
function validate()
{
extract($_REQUEST);
require_lib("validate");
$v = new validate();
$v->isOk($type_name, "string", 1, 255, "Invalid type name.");
if ($v->isError()) {
return enter($v->genErrors());
}
// Make sure we don't have another entry with the same name
$sql = "SELECT * FROM cubit.document_types WHERE type_name='{$type_name}'";
$dt_rslt = db_exec($sql) or errDie("Unable to retrieve document types.");
if (pg_num_rows($dt_rslt)) {
$errmsg = "<li class='err'>A document type with the same name exists.</li>";
return enter($errmsg);
}
}
function write()
{
extract($_REQUEST);
require_lib("validate");
$v = new validate();
$v->isOk($name, "string", 1, 80, "Invalid type name.");
$v->isOk($descr, "string", 0, 255, "Invalid description.");
if ($v->isError()) {
return enter($v->genErrors());
}
if ($page_option == "Edit") {
$sql = "UPDATE cubit.asset_types SET name='{$name}', description='{$descr}' WHERE id='{$id}'";
} else {
$sql = "INSERT INTO cubit.asset_types (name, description) VALUES ('{$name}', '{$descr}')";
}
db_exec($sql) or errDie("Unable to save asset type.");
$OUTPUT = "\r\n\t\t<h3>{$page_option} Asset Type</h3>\r\n\t\t<form method='post' action='" . SELF . "'>\r\n\t\t<table " . TMPL_tblDflts . ">\r\n\t\t\t<tr>\r\n\t\t\t\t<th>Write</th>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td>Successfully Saved the Asset Type.</td>\r\n\t\t\t</tr>\r\n\t\t</table>\r\n\t\t</form>";
return $OUTPUT;
}
function confirm()
{
extract($_REQUEST);
require_lib("validate");
$v = new validate();
$v->isOk($title, "string", 1, 255, "Invalid title.");
$v->isOk($team_id, "num", 1, 9, "Invalid team selection.");
if ($v->isError()) {
return enter($v->genErrors());
}
// Retrieve team name
$sql = "SELECT name FROM crm.teams WHERE id='{$team_id}'";
$team_rslt = db_exec($sql) or errDie("Unable to retrieve team.");
$team_name = pg_fetch_result($team_rslt, 0);
if (empty($team_name)) {
$team_name = "[None]";
}
$OUTPUT = "<h3>{$page_option} Main Todo</h3>\n\t<form method='post' action='" . SELF . "'>\n\t" . frmupdate_passon() . "\n\t<input type='hidden' name='key' value='write' />\n\t<input type='hidden' name='page_option' value='{$page_option}' />\n\t<input type='hidden' name='id' value='{$id}' />\n\t<input type='hidden' name='title' value='{$title}' />\n\t<input type='hidden' name='team_id' value='{$team_id}' />\n\t<table cellpadding='2' cellspacing='0' class='shtable'>\n\t\t<tr>\n\t\t\t<th colspan='2'>Confirm</th>\n\t\t</tr>\n\t\t<tr class='odd'>\n\t\t\t<td>Title</td>\n\t\t\t<td>{$title}</td>\n\t\t</tr>\n\t\t<tr class='even'>\n\t\t\t<td>Team Permissions</td>\n\t\t\t<td>{$team_name}</td>\n\t\t</tr>\n\t</table>\n\t<input type='submit' value='Write »' />\n\t</form>";
return $OUTPUT;
}
function write()
{
extract($_REQUEST);
require_lib("validate");
$v = new validate();
$v->isOk($name, "string", 1, 255, "Invalid team name.");
$v->isOk($description, "string", 1, 255, "Invalid team description.");
if ($v->isError()) {
return enter($v->genErrors());
}
if (strtolower($page_option) == "edit") {
$sql = "\n\t\tUPDATE project.teams SET name='{$name}', description='{$description}'\n\t\tWHERE id='{$id}'";
db_exec($sql) or errDie("Unable to update team.");
} else {
$sql = "\n\t\tINSERT INTO project.teams (name, description)\n\t\tVALUES ('{$name}', '{$description}')";
db_exec($sql) or errDie("Unable to add team.");
}
$OUTPUT = "\n\t\t\t\t<h3>{$page_option} Project Management Team</h3>\n\t\t\t\t<table " . TMPL_tblDflts . ">\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<th>Write</th>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t\t<td><li>Successfully saved the team.</li></td>\n\t\t\t\t\t</tr>\n\t\t\t\t</table>";
return $OUTPUT;
}
function write()
{
extract($_REQUEST);
require_lib("validate");
$v = new validate();
$v->isOk($user_id, "num", 1, 20, "Invalid cubit user selection.");
$v->isOk($description, "string", 0, 255, "Invalid person description.");
if ($v->isError()) {
return enter($v->genErrors());
}
if (strtolower($page_option) == "edit") {
$sql = "\n\t\tUPDATE project.people SET user_id='{$user_id}', description='{$description}'\n\t\tWHERE id='{$id}'";
db_exec($sql) or errDie("Unable to add person");
} else {
$sql = "\n\t\tINSERT INTO project.people (user_id, description)\n\t\tVALUES ('{$user_id}', '{$description}')";
db_exec($sql) or errDie("Unable to add person.");
}
$OUTPUT = "<h3>{$page_option} Person</h3>\n\t<table " . TMPL_tblDflts . ">\n\t\t<tr>\n\t\t\t<th colspan='2'>Write</th>\n\t\t</tr>\n\t\t<tr class='" . bg_class() . "'>\n\t\t\t<td><li>Successfully saved the person to cubit.</li></td>\n\t\t</tr>\n\t</table>";
return $OUTPUT;
}
function write()
{
extract($_REQUEST);
require_lib("validate");
$v = new validate();
$v->isOk($hd_perc, "num", 1, 9, "Invalid half day rate.");
if ($v->isError()) {
return enter($v->genErrors());
}
$sql = "SELECT value FROM cubit.settings WHERE constant='HD_PERC'";
$rslt = db_exec($sql) or errDie("Unable to retrieve percentage.");
if (pg_num_rows($rslt)) {
$sql = "\n\t\tUPDATE cubit.settings SET value='{$hd_perc}'\n\t\tWHERE constant='HD_PERC'";
} else {
$sql = "\n\t\tINSERT INTO cubit.settings (constant, value)\n\t\t\tVALUES ('HD_PERC', '{$hd_perc}')";
}
db_exec($sql) or errDie("Unable to update half day rate.");
$msg = "<li class='yay'>Successfully saved half day rate.</li>";
return enter($msg);
}
function confirm($_POST)
{
extract($_POST);
// Validate
require_lib("validate");
$v = new validate();
$v->isOk($ws_cond, "string", 1, 1024, "Invalid display notice.");
// Did we get any errors?
if ($v->isError()) {
$confirm = "";
$errors = $v->getErrors();
foreach ($errors as $e) {
$confirm .= "<li class=err>{$e['msg']}</li>";
}
return enter($confirm);
}
// Layout
$OUTPUT = "<h3>Workshop Settings</h3>\n\t<form method=post action='" . SELF . "'>\n\t<input type=hidden name=key value='write'>\n\t<input type=hidden name=ws_cond value='{$ws_cond}'>\n\t<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "'>\n\t <tr>\n\t <th colspan=2>Confirm</td>\n\t </tr>\n\t <tr class='bg-odd'>\n\t <td>Default workshop conditions</td>\n\t <td>" . nl2br($ws_cond) . "</td>\n\t </tr>\n\t <tr>\n\t <td colspan=2 align=right>\n\t <input type=submit name=key value='« Correction'>\n\t <input type=submit value='Write »'>\n\t </td>\n\t </tr>\n\t</table>";
return $OUTPUT;
}
function write()
{
extract($_REQUEST);
if (!preg_match("/(png|jpg|gif)\$/", $_FILES["file"]["name"])) {
$msg = "<li class='err'>We only accept images of type png, jpg or gif</li>";
return enter($sorder_num, $msg);
}
$fp = fopen($_FILES["file"]["tmp_name"], "rb");
$buf = "";
while (!feof($fp)) {
$buf .= fread($fp, 1024);
}
$file = base64_encode($buf);
$sql = "INSERT INTO cubit.pslip_signed_files (file) VALUES ('{$file}')";
db_exec($sql) or errDie("Unable to add signed invoice.");
$id = pglib_lastid("cubit.pslip_signed_files", "id");
$sql = "\n\t\tINSERT INTO cubit.pslip_signed_index (\n\t\t\tid, file_name, file_type, sordid\n\t\t) VALUES (\n\t\t\t'{$id}', '" . $_FILES["file"]["name"] . "', '" . $_FILES["file"]["type"] . "', '{$sordid}'\n\t\t)";
db_exec($sql) or errDie("Unable to add signed invoice index.");
$OUTPUT = "\n\t\t<h3>Signed Invoice</h3>\n\t\t<table " . TMPL_tblDflts . ">\n\t\t\t<tr>\n\t\t\t\t<th>Write</th>\n\t\t\t</tr>\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td><li>Signed Invoice Successfully Added.</li></td>\n\t\t\t</tr>\n\t\t</table>";
return $OUTPUT;
}
function write()
{
extract($_REQUEST);
require_lib("validate");
$v = new validate();
$v->isOk($name, "string", 1, 255, "Invalid name.");
$v->isOk($description, "string", 0, 255, "Invalid description.");
$v->isOk($extension, "string", 0, 65, "Invalid extension.");
if ($v->isError()) {
return enter($v->genErrors());
}
if (strtolower($page_option) == "edit") {
$sql = "UPDATE project.doc_types SET name='{$name}', description='{$description}', extension='{$extension}' WHERE id='{$id}'";
db_exec($sql) or errDie("Unable to update document type.");
} else {
$sql = "INSERT INTO project.doc_types (name, description, extension) VALUES ('{$name}', '{$description}', '{$extension}')";
db_exec($sql) or errDie("Unable to add document type.");
}
$OUTPUT = "\n\t\t<h3>{$page_option} Project Document Type</h3>\n\t\t<table " . TMPL_tblDflts . ">\n\t\t\t<tr>\n\t\t\t\t<th>Write</th>\n\t\t\t</tr>\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td><li>Successfully added the document type.</li></td>\n\t\t\t</tr>\n\t\t</table>";
return $OUTPUT;
}
function request($frm)
{
if (isset($_POST["btn_back"])) {
return enter($frm);
}
if ($frm->validate("request")) {
return confirm($frm);
}
$newkey = genkey();
if (isset($_REQUEST["suppid"])) {
$suppid = $_REQUEST["suppid"];
$custid = "0";
} else {
$custid = $_REQUEST["custid"];
$suppid = "0";
}
$cols = grp(m("introtime", raw("CURRENT_TIMESTAMP")), m("introip", "0.0.0.0"), m("email", $_REQUEST["email"]), m("custid", $custid), m("suppid", $suppid), m("key", dbrow("0.0.0.0/0", "", $newkey)), m("userid", USER_ID));
$upd = new dbUpdate("keys", "trh", $cols);
$upd->run(DB_INSERT);
if ($upd->affected() > 0) {
if (isset($_REQUEST["suppid"])) {
if (($r = send_trhmsg("supp", $_REQUEST["suppid"], $_REQUEST["email"], "reqkey", $newkey)) === true) {
$OUT = "Sent request for communication to supplier. On response you will be notified.";
} else {
$OUT = "Error sending request for communication: {$r}";
}
} else {
if (($r = send_trhmsg("cust", $_REQUEST["custid"], $_REQUEST["email"], "reqkey", $newkey)) === true) {
$OUT = "Sent request for communication to customer. On response you will be notified.";
} else {
$OUT = "Error sending request for communication: {$r}";
}
}
} else {
$OUT = "Error sending request for communication: Error updating database.";
}
return $OUT;
}
function confirm($_POST)
{
extract($_POST);
require_lib("validate");
$v = new validate();
$v->isOk("{$retrtries}", "num", 0, 3, "Invalid value for tries.");
$v->isOk("{$retrmins}", "num", 0, 3, "Invalid value for minutes.");
if ($retrtries != 0 && $retrmins == 0) {
$v->addError('', "Tries needs a value");
} elseif ($retrmins != 0 && $retrtries == 0) {
$v->addError('', "Minutes needs a value");
}
if ($v->isError()) {
$confirm = "";
$errors = $v->getErrors();
foreach ($errors as $e) {
$confirm .= "<li class=err>{$e['msg']}</li>";
}
return enter($confirm);
}
$OUTPUT = "<form method=post action='" . SELF . "'>\n\n\t<input type=hidden name=key value='write'>\n\t<input type=hidden name=retrtries value='{$retrtries}'>\n\t<input type=hidden name=retrminutes value='{$retrmins}'>\n\n\t<table border=0 cellspacing='" . TMPL_tblCellSpacing . "' cellpadding='" . TMPL_tblCellPadding . "'>\n\t\t<th>Setting</th>\n\t\t<th>Value</th>\n\t\t<tr class='bg-odd'>\n\t\t\t<td>Login retries:</td>\n\t\t\t<td>{$retrtries}</td>\n\t\t</tr>\n\t\t<tr class='bg-even'>\n\t\t\t<td>Blocked Time:</td>\n\t\t\t<td>{$retrmins}</td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td align=right colspan=2><input type=submit value='Write »'></td>\n\t\t</tr>\n\t\t<tr><td> </td></tr>\n\t\t<tr><th>Quick Links</th></tr>\n\t\t<script>document.write(getQuicklinkSpecial());</script>\n\t</table>\n\t</form>";
require 'template.php';
}
function write($_POST)
{
extract($_POST);
require_lib("validate");
$v = new validate();
$v->isOk($id, "num", 1, 255, "Invalid group id.");
if ($v->isError()) {
return enter($_POST, $v->genErrors());
}
$get_grp = "SELECT grouptitle FROM egroups WHERE id = '{$id}' LIMIT 1";
$run_grp = db_exec($get_grp) or errDie("Unable to get email group information (0)");
if (pg_numrows($run_grp) < 1) {
#no group found ???
return confirm($_POST, "<li class='err'>Email group not found.</li>");
}
$gtitle = pg_fetch_result($run_grp, 0, 0);
$write_sql = "DELETE FROM egroups WHERE id = '{$id}'";
$run_write = db_exec($write_sql) or errDie("Unable to remove group information.");
$write_sql2 = "DELETE FROM email_groups WHERE email_group = '{$gtitle}'";
$run_write2 = db_exec($write_sql2) or errDie("Unable to remove email group email addresses.");
$OUTPUT = "<h3>Write Group</h3>\n\t<table " . TMPL_tblDflts . ">\n\t\t<tr>\n\t\t\t<th>Write</th>\n\t\t</tr>\n\t\t<tr class='" . bg_class() . "'>\n\t\t\t<td><li>Successfully removed the group.</li></td>\n\t\t</tr>\n\t</table>";
return $OUTPUT;
}
function PDITT_UserConnect($data){
$username = $data['username'];
$password = $data['password'];
$idnumber = $data['idnumber'];
$cek = cek_user_pditt($username,$password);
if (!$cek){
return array('errcode'=>100, 'reason'=>'user cannot login');
}
$username_moodle = $cek['userid'];
$password_moodle = $cek['d'];
$result = find_course_pditt($idnumber);
if ($result==-1){
return array('errcode'=>100, 'courseid'=>0, 'reason'=>'course not found');
}
enter($username,$password_moodle);
return array('errcode'=>0, 'cmd'=>'GO','url'=> $result['url']);
}
function write($_POST)
{
extract($_POST);
require_lib("validate");
$v = new validate();
$v->isOk($group, "string", 1, 255, "Invalid group name.");
if ($v->isError()) {
return enter($_POST, $v->genErrors());
}
#clean and prepare vars
$grouptitle = strtolower($group);
$grouptitle = str_replace("'", "", $grouptitle);
$grouptitle = str_replace("\\", "", $grouptitle);
$grouptitle = str_replace("|", "", $grouptitle);
$grouptitle = str_replace("@", "", $grouptitle);
$grouptitle = str_replace("!", "", $grouptitle);
$grouptitle = str_replace("?", "", $grouptitle);
$grouptitle = str_replace("%", "", $grouptitle);
$grouptitle = str_replace(" ", "", $grouptitle);
$write_sql = "INSERT INTO egroups (grouptitle,groupname) VALUES ('{$grouptitle}','{$group}')";
$run_write = db_exec($write_sql) or errDie("Unable to add group information.");
$OUTPUT = "<h3>Write Group</h3>\n\t<table " . TMPL_tblDflts . ">\n\t\t<tr>\n\t\t\t<th>Write</th>\n\t\t</tr>\n\t\t<tr class='" . bg_class() . "'>\n\t\t\t<td><li>Successfully saved the group.</li></td>\n\t\t</tr>\n\t</table>";
return $OUTPUT;
}
#The full software license can be found here:
#http://www.accounting-123.com/a.php?a=153/GPLv3
#
#
#
#
#
#
#
#
#
#
#
require "../settings.php";
require "../core-settings.php";
$OUTPUT = enter($_POST);
require "../template.php";
function enter($_POST)
{
$shownewaccount = "";
extract($_POST);
if (isset($ledger) && $ledger != "sel") {
$ledgers = $ledger . "<input type='hidden' name='ledger' value='{$ledger}'>";
if ($ledger == "Customer Ledger") {
db_conn('cubit');
$Sl = "SELECT cusnum,accno,surname FROM customers WHERE location='loc' ORDER BY surname";
$Ri = db_exec($Sl) or errDie("Unable to select customer");
$accounts = "\n\t\t\t\t<select name='account' onchange='if (this.value==\"multi\") document.form.submit();'>\n\t\t\t\t\t<option value='sel'>Select Customer</option>\n\t\t\t\t\t<option value='multi'>Multiple Customers/One Receipt</option>";
while ($data = pg_fetch_array($Ri)) {
if (isset($account) && $account == $data['cusnum']) {
$sel = "selected";
<?php
require "settings.php";
require "sales_forecast.lib.php";
if (isset($_REQUEST["key"])) {
switch ($_REQUEST["key"]) {
case "enter":
$OUTPUT = enter();
break;
case "compare":
$OUTPUT = compare();
break;
}
} else {
$OUTPUT = enter();
}
require "template.php";
function enter()
{
extract($_REQUEST);
$fields = array();
$fields["prd"] = "month";
extract($fields, EXTR_SKIP);
if ($prd == "month") {
$prd_month = "checked";
$prd_week = "";
} else {
$prd_month = "";
$prd_week = "checked";
}
// Retrieve list of sales forecasts
function write()
{
global $_GET;
extract($_GET);
require_lib("validate");
$v =& new Validate();
$v->isOk($privilege_owner, "string", 0, 100, "Invalid privilege username.");
if ($privilege != 'R' && $privilege != 'W') {
$v->addError("", "Invalid privilege.");
}
if (isset($del) && is_array($del)) {
foreach ($del as $key => $value) {
$v->isOk($key, "num", 1, 9, "Invalid delete option selected.");
}
} else {
$del = array();
}
if ($v->isError()) {
$err = "";
foreach ($v->getErrors() as $key => $value) {
$err .= "<li class=err>{$value['msg']}</li>";
}
return enter($err);
}
if ($privilege_owner != "0") {
db_conn("cubit");
$sql = "INSERT INTO diary_privileges (diary_owner, priv_owner, privilege)\r\n\t\t\tVALUES('" . USER_NAME . "', '{$privilege_owner}', '{$privilege}')";
$rslt = db_exec($sql) or errDie("Error creating privilege.");
}
foreach ($del as $user => $value) {
db_conn("cubit");
$sql = "DELETE FROM diary_privileges WHERE id='{$user}'";
$rslt = db_exec($sql) or errDie("Error deleting diary privileges.");
}
unset($_GET["privilege_owner"]);
$OUTPUT = enter("Successfully updated privileges.");
return $OUTPUT;
}
function validate($data)
{
extract($data);
require_lib("validate");
$v = new validate();
$v->isOk($pricelist, "num", 1, 20, "Invalid pricelist selection.");
$v->isOk($category, "num", 1, 20, "Invalid category selection.");
$v->isOk($classification, "num", 1, 20, "Invalid classification selection.");
$v->isOk($increase, "float", 1, 20, "Invalid increase percentage.");
$v->isOk($decrease, "float", 1, 20, "Invalid decrease percentage.");
if (is_numeric($pricelist) && $pricelist) {
$sql = "SELECT listid FROM exten.pricelist WHERE listid='{$pricelist}'";
$pricelist_rslt = db_exec($sql) or errDie("Unable to retrieve pricelist.");
if (!pg_num_rows($pricelist_rslt)) {
$v->addError("", "Selected pricelist does not exist.");
}
}
if (is_numeric($category) && $category) {
$sql = "SELECT catid FROM cubit.stockcat WHERE catid='{$category}'";
$category_rslt = db_exec($sql) or errDie("Unable to retrieve category.");
if (!pg_num_rows($category_rslt)) {
$v->addError("", "Selected category does not exist.");
}
}
if (is_numeric($classification) && $classification) {
$sql = "SELECT clasid FROM cubit.stockclass WHERE clasid='{$classification}'";
$classification_rslt = db_exec($sql) or errDie("Unable to retrieve classification.");
if (!pg_num_rows($classification_rslt)) {
$v->addError("", "Selected classification does not exist.");
}
}
if ($v->isError()) {
return enter($v->genErrors());
}
return true;
}
function write($_POST)
{
# get vars
extract($_POST);
# validate input
require_lib("validate");
$v = new validate();
$v->isOk($type, "string", 1, 255, "Invalid Transaction type switch.");
$v->isOk($typename, "string", 1, 255, "Invalid Transaction type.");
$edate = $v->chkrDate($edate, "Invalid date.");
$v->isOk($amount, "float", 1, 13, "Invalid Amount.");
$v->isOk($descrip, "string", 0, 255, "Invalid description.");
if (isset($ccids)) {
foreach ($ccids as $key => $value) {
$v->isOk($ccperc[$key], "float", 1, 20, "Invalid Cost center percentage.");
}
} else {
return enter($_POST, "<li class=err> There are no Cost centers found.");
}
# display errors, if any
if ($v->isError()) {
$confirmCust = "";
$errors = $v->getErrors();
foreach ($errors as $e) {
$confirmCust .= "<li class='err'>" . $e["msg"] . "</li>";
}
return enter($_POST, $confirm);
$confirmCust .= "<p><input type='button' onClick='JavaScript:history.back();' value='« Correct submission'>";
return $confirmCust;
}
$type = strtolower($type);
$edate = ext_rdate($edate);
$edarr = explode("-", $edate);
$prd = $edarr[1];
## start transaction
pglib_transaction("BEGIN") or errDie("Unable to start transaction.");
$ccenters = "";
foreach ($ccids as $key => $value) {
db_connect();
$sql = "SELECT * FROM costcenters_links WHERE id = '{$ccids[$key]}'";
$ccRslt = db_exec($sql) or errDie("Unable to retrieve Cost centers from database.");
$cc = pg_fetch_array($ccRslt);
$ccamts[$key] = sprint($amount * ($ccperc[$key] / 100));
#we need to connect to the actual period db
db_conn($prd);
if ($type == "dtct") {
$sql = "\n\t\t\t\t\tINSERT INTO cctran \n\t\t\t\t\t\t(ccid, trantype, typename, edate, description, amount, username, div, project) \n\t\t\t\t\tVALUES \n\t\t\t\t\t\t('{$ccids[$key]}', 'dt', '{$typename}', '{$edate}', '{$descrip}', '{$ccamts[$key]}', '" . USER_NAME . "', '" . USER_DIV . "', '{$ccidpro[$key]}')";
$insRslt = db_exec($sql) or errDie("Unable to retrieve insert Cost center amounts into database.");
$sql = "\n\t\t\t\t\tINSERT INTO cctran \n\t\t\t\t\t\t(ccid, trantype, typename, edate, description, amount, username, div, project) \n\t\t\t\t\tVALUES \n\t\t\t\t\t\t('{$ccids[$key]}', 'ct', '{$typename}', '{$edate}', '{$descrip}', '{$ccamts[$key]}', '" . USER_NAME . "', '" . USER_DIV . "', '{$ccidpro[$key]}')";
$insRslt = db_exec($sql) or errDie("Unable to retrieve insert Cost center amounts into database.");
} else {
$sql = "\n\t\t\t\t\tINSERT INTO cctran \n\t\t\t\t\t\t(ccid, trantype, typename, edate, description, amount, username, div, project) \n\t\t\t\t\tVALUES \n\t\t\t\t\t\t('{$ccids[$key]}', '{$type}', '{$typename}', '{$edate}', '{$descrip}', '{$ccamts[$key]}', '" . USER_NAME . "', '" . USER_DIV . "', '{$ccidpro[$key]}')";
$insRslt = db_exec($sql) or errDie("Unable to retrieve insert Cost center amounts into database.");
}
}
db_connect();
#now remove the temp entry
$rem_sql = "DELETE FROM cc_popup_data WHERE id = '{$writeid}'";
$run_rem = db_exec($rem_sql) or errDie("Unable to remove temporary cost center information.");
pglib_transaction("COMMIT") or errDie("Unable to complete transaction.");
// Layout
$write = "\n\t\t<center>\n\t\t<table " . TMPL_tblDflts . " width='300'>\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td align='center'><b>( i )</b> Amount has been allocated to Cost Centers. <b>( i )</b></td>\n\t\t\t</tr>\n\t\t</table>\n\t\t<p>\n\t\t<input type=button value=' [X] Close ' onClick='javascript:window.close();'>\n\t\t</center>";
return $write;
}
function write($_POST)
{
extract($_POST);
$id += 0;
# validate input
require_lib("validate");
$v = new validate();
$v->isOk($name, "string", 1, 100, "Invalid name.");
$v->isOk($pos, "string", 0, 100, "Invalid position.");
$v->isOk($tell, "string", 0, 100, "Invalid tel.");
$v->isOk($cell, "string", 0, 100, "Invalid cel.");
$v->isOk($fax, "string", 0, 100, "Invalid fax.");
$v->isOk($email, "email", 0, 100, "Invalid email.");
$v->isOk($notes, "string", 0, 200, "Invalid notes.");
# display errors, if any
if ($v->isError()) {
$confirm = "";
$errors = $v->getErrors();
foreach ($errors as $e) {
$confirm .= "<li class='err'>" . $e["msg"] . "</li>";
}
return $confirm . enter($_POST);
}
db_conn('cubit');
$Sl = "SELECT * FROM cons WHERE id='{$id}'";
$Ry = db_exec($Sl) or errDie("Unable to get con info.");
if (pg_num_rows($Ry) < 1) {
return "Invalid contact.";
}
$Sl = "INSERT INTO conpers (con,name,pos,tell,cell,fax,email,notes,div) VALUES('{$id}','{$name}','{$pos}','{$tell}','{$cell}','{$fax}','{$email}','{$notes}','" . USER_DIV . "')";
$Ry = db_exec($Sl) or errDie("Unable to insert conper.");
$conid = pglib_lastid("conpers", "id");
if (isset($crm)) {
header("Location: crm/tokens-new.php?id={$id}&conper={$conid}");
exit;
}
// Write the image (if any)
if ($upload_img == "yes") {
if (preg_match("/(image\\/jpeg|image\\/png|image\\/gif)/", $_FILES["img_file"]["type"], $extension)) {
$img = "";
$fp = fopen($_FILES["img_file"]["tmp_name"], "rb");
while (!feof($fp)) {
$img .= fread($fp, 1024);
}
fclose($fp);
$img = base64_encode($img);
$sql = "INSERT INTO cubit.scons_img (con_id, type, file, size)\r\n\t\t\tVALUES ('{$con_id}', '" . $_FILES["img_file"]["type"] . "', '{$img}',\r\n\t\t\t\t'" . $_FILES["img_file"]["size"] . "')";
$ci_rslt = db_exec($sql) or errDie("Unable to add contact image.");
} else {
return "<li class='err'>\r\n\t\t\t\tPlease note we only accept PNG, GIF and JPEG images.\r\n\t\t\t</li>";
}
}
$out = "\r\n\t\t\t\t<table " . TMPL_tblDflts . " width='50%'>\r\n\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t<th>Contact added</th>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t\t<tr class='datacell'>\r\n\t\t\t\t\t\t<td>{$name} has been added to Cubit.</td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t</table>\r\n\t\t\t\t<p>\r\n\t\t\t\t<table " . TMPL_tblDflts . ">\r\n\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t<th>Quick Links</th>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t\t\t<td><a href='conper-add.php?type=conn&id={$id}'>Add another contact</a></td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t\t\t<td><a href='list_cons.php'>Contacts</a></td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t\t\t<td><a href='main.php'>Main Menu</a></td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t</table>";
return $out;
}
<?php
echo '<html>';
echo '<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="public/css/bootstrap.min.css" integrity="sha512-dTfge/zgoMYpP7QbHy4gWMEGsbsdZeCXz7irItjcC3sPUFtf0kuFbDz/ixG7ArTxmDjLXDmezHubeNikyKGVyQ==" crossorigin="anonymous">
<!-- Optional theme -->
<link rel="stylesheet" href="public/css/bootstrap-theme.min.css" integrity="sha384-aUGj/X2zp5rLCbBxumKTCw2Z50WgIr1vs/PFN4praOTvYXWlVyh2UtNUU0KAUhAX" crossorigin="anonymous">
<!-- Latest compiled and minified JavaScript -->
<script src="public/js/bootstrap.min.js" integrity="sha512-K1qjQ+NcF2TYO/eI3M6v8EiNYZfA95pQumfvcVrTHtwQVDG+aHRqLi/ETn2uB+1JqwYqVG3LIvdm9lj6imS/pQ==" crossorigin="anonymous"></script>';
enter();
echo '<form method="POST" action="http://localhost:8000">
<div class="form-group">
<label for="exampleInputLogin">Login:</label>
<input type="text" class="form-control" id="exampleInputLogin" name="login"/><br/>' . validateLogin($_REQUEST['login']) . '
</div>
<div class="form-group">
<label for="exampleInputPassword1">Password</label>
<input type="text" class="form-control" id="exampleInputPassword" name="password"/></br>' . validatePassword($_REQUEST['password']) . '
</div>
<input type="submit" class="btn btn-default" value="Send"/>
</form>';
enter();
echo '<a href="/src/reg.php">Зарегистрируйтесь</a>';
echo '</html>';
/* http://getbootstrap.com/getting-started/#template - Sign-in page http://getbootstrap.com/examples/signin/ */
/*сделать форму регистрации*/
#
#
require "settings.php";
if ($_POST) {
switch ($_POST["key"]) {
case "confirm":
$OUTPUT = confirm($_POST);
break;
case "write":
$OUTPUT = write($_POST);
break;
default:
$OUTPUT = enter($_GET);
}
} else {
$OUTPUT = enter($_GET);
}
require "template.php";
function enter($_GET)
{
# get vars
extract($_GET);
if (!isset($terms)) {
db_connect();
$sql = "SELECT terms FROM compinfo";
$rs = db_exec($sql) or errDie("Unable To Read Terms");
if (pg_numrows($rs) < 1) {
$terms = "";
} else {
$compdata = pg_fetch_array($rs);
$terms = $compdata['terms'];
function enter2($_POST)
{
extract($_POST);
$description = safe($description);
$pn = safe($pn);
$type = safe($type);
$action = safe($action);
if ($action == "Customer Payment" && $pn == "-") {
return "<li class='err'>You cannot have a 'Payment from customer' on your statement for a negative amount.</li>" . enter($_POST);
}
if ($action == "Supplier Payment" && $pn == "+") {
return "<li class='err'>You cannot have a 'Payment to supplier' on your statement for a positive amount.</li>" . enter($_POST);
}
if ($action == "Insert into cashbook") {
$details = "\r\n\t\t\t<select name='account'>\r\n\t\t\t\t<option value=''>Select Account</option>";
db_conn('core');
$Sl = "SELECT * FROM accounts WHERE div = '" . USER_DIV . "' ORDER BY accname";
$Rl = db_exec($Sl) or errDie("Unable to get account data.");
if (pg_numrows($Rl) < 1) {
return "<li>There are No accounts in Cubit.";
}
while ($ad = pg_fetch_array($Rl)) {
if (isDisabled($ad['accid'])) {
continue;
}
$details .= "<option value='{$ad['accid']}'>{$ad['accname']}</option>";
}
$details .= "</select>";
} elseif ($action == "Customer Payment") {
db_conn('cubit');
$Sl = "SELECT cusnum,surname FROM customers WHERE div='" . USER_DIV . "' AND location='loc' ORDER BY surname";
$Rl = db_exec($Sl) or errDie("Unable to get customers.");
$details = "\r\n\t\t\t<select name='account'>\r\n\t\t\t\t<option value='0'>Select Customer</option>";
while ($cd = pg_fetch_array($Rl)) {
$details .= "<option value='{$cd['cusnum']}'>{$cd['surname']}</option>";
}
$details .= "</select>";
} elseif ($action == "Supplier Payment") {
db_conn('cubit');
$Sl = "SELECT supid,supname FROM suppliers WHERE div='" . USER_DIV . "' AND location='loc' ORDER BY supname";
$Rl = db_exec($Sl) or errDie("Unable to get suppliers.");
$details = "\r\n\t\t\t<select name='account'>\r\n\t\t\t\t<option value=0>Select Supplier</option>";
while ($cd = pg_fetch_array($Rl)) {
$details .= "<option value='{$cd['supid']}'>{$cd['supname']}</option>";
}
$details .= "</select>";
} elseif ($action == "Ignore") {
$details = "<input type=hidden name=account value=0>";
} elseif ($action == "Delete") {
$details = "<input type=hidden name=account value=0>";
}
$out = "\r\n\t\t<h3>Add statement description details</h3>\r\n\t\t<table " . TMPL_tblDflts . ">\r\n\t\t<form action='" . SELF . "' method='POST'>\r\n\t\t\t<input type='hidden' name='key' value='confirm'>\r\n\t\t\t<input type='hidden' name='description' value='{$description}'>\r\n\t\t\t<input type='hidden' name='pn' value='{$pn}'>\r\n\t\t\t<input type='hidden' name='type' value='{$type}'>\r\n\t\t\t<input type='hidden' name='action' value='{$action}'>\r\n\t\t\t<tr>\r\n\t\t\t\t<th colspan='2'>Details</th>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td>Description</td>\r\n\t\t\t\t<td>{$description}</td>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td>+/-</td>\r\n\t\t\t\t<td>{$pn}</td>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td>Type</td>\r\n\t\t\t\t<td>{$type}</td>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td>Action</td>\r\n\t\t\t\t<td>{$action}</td>\r\n\t\t\t</tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td>Action Details</td>\r\n\t\t\t\t<td>{$details}</td>\r\n\t\t\t</tr>\r\n\t\t\t<tr><td><br></td></tr>\r\n\t\t\t<tr>\r\n\t\t\t\t<td colspan='2' align='right'><input type='submit' value='Confirm »'></td>\r\n\t\t\t</tr>\r\n\t\t</form>\r\n\t\t</table>";
return $out;
}
