$resultAccount = mysql_query($queryAccount); } // if ($intID && $_REQUEST['frm_supplier_account_name']) // Insert the Territory Contacts if ($intID && ($_REQUEST['frm_supplier_territory_name_1'] || $_REQUEST['frm_supplier_territory_name_2'] || $_REQUEST['frm_supplier_territory_name_3'] || $_REQUEST['frm_supplier_territory_name_4'] || $_REQUEST['frm_supplier_territory_name_5'] || $_REQUEST['frm_supplier_territory_name_6'])) { for ($i = 1; $i <= 6; $i++) { $queryTerritory = "INSERT INTO `mbs_suppliers_territory_contacts` (`supplier_territory_id`, \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t `supplier_id`, \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t `territory_id`, \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t `territory_name`, \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t `supplier_territory_name`, \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t `supplier_territory_phone_number`, \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t `supplier_territory_active`, \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t `supplier_territory_store`, \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t `supplier_territory_created_date`, \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t `supplier_territory_created_by`, \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t `supplier_territory_modified_date`, \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t `supplier_territory_modified_by`) \n\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tVALUES (NULL, \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'" . $intID . "', \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_territory_id_' . $i]) . "', \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_territory_name_' . $i]) . "', \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_supplier_territory_name_' . $i]) . "', \t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_supplier_territory_phone_number_' . $i]) . "', \t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'yes', \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string(implode(",", $_REQUEST['frm_supplier_territory_store_' . $i])) . "', \t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'" . date('Y-m-d H:i:s') . "', \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'" . $_SESSION['user']['login_name'] . "',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'" . date('Y-m-d H:i:s') . "', \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'" . $_SESSION['user']['login_name'] . "')"; $resultTerritory = mysql_query($queryTerritory); echo mysql_error(); } // for ($i = 1; $i <= 6; $i++) } // if ($intID && ($_REQUEST['frm_supplier_territory_name_1'] || ... $strAlert = '<p>Supplier named "' . stripslashes($_REQUEST['frm_supplier_name']) . '" is successfuly added!</p>'; $strAlert .= "<br />\n"; if ($admin->getModulePrivilege('suppliers', 'view') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"supplier_view.php?supplier_id=" . $intID . "&action=view\" title=\"View Supplier\"><img src=\"img/view_icon.png\" /> View</a> \n"; } if ($admin->getModulePrivilege('suppliers', 'edit') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"supplier.php?supplier_id=" . $intID . "&action=edit\" title=\"Edit Supplier\"><img src=\"img/edit_icon.png\" /> Edit</a> \n"; } if ($admin->getModulePrivilege('suppliers', 'delete') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"supplier.php?supplier_id=" . $intID . "&action=delete\" title=\"Delete Supplier\" onclick=\"return confirmDeleteSupplier(this.form)\"><img src=\"img/delete_icon.png\" /> Delete</a> \n"; } $strAlert .= "<br /><br />\n"; if ($admin->getModulePrivilege('suppliers', 'add') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"supplier.php?action=add\" title=\"Add Supplier\"><img src=\"img/add_icon.png\" /> Add</a> \n"; } if ($admin->getModulePrivilege('suppliers', 'list') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"supplier_list.php\" title=\"Supplier List\"><img src=\"img/list_icon.png\" /> List</a> \n"; }
// filter input if (!$_REQUEST['frm_activity_store_related']) { $_REQUEST['frm_activity_store_related'] = "no"; } if (!$_REQUEST['frm_activity_active']) { $_REQUEST['frm_activity_active'] = "no"; } // the query $db->dbConnect(); $query = "INSERT INTO `mbs_activities` (`activity_id`, \n\t\t\t\t\t\t\t\t\t\t\t`activity_name`, \n\t\t\t\t\t\t\t\t\t\t\t`activity_category`, \n\t\t\t\t\t\t\t\t\t\t\t`activity_description`, \n\t\t\t\t\t\t\t\t\t\t\t`activity_price`, \n\t\t\t\t\t\t\t\t\t\t\t`activity_store_related`, \n\t\t\t\t\t\t\t\t\t\t\t`activity_active`, \n\t\t\t\t\t\t\t\t\t\t\t`size_id`, \n\t\t\t\t\t\t\t\t\t\t\t`year`, \n\t\t\t\t\t\t\t\t\t\t\t`activity_created_date`, \n\t\t\t\t\t\t\t\t\t\t\t`activity_created_by`, \n\t\t\t\t\t\t\t\t\t\t\t`activity_modified_date`, \n\t\t\t\t\t\t\t\t\t\t\t`activity_modified_by`) \n\n\t\t\t\tVALUES (NULL, \n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_activity_name']) . "', \n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_activity_category']) . "', \n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_activity_description']) . "', \t\n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_activity_price']) . "', \t\n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_activity_store_related']) . "', \t\n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_activity_active']) . "', \n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_size_id']) . "', \n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_year']) . "', \n\t\t\t\t\t\t'" . date('Y-m-d H:i:s') . "', \n\t\t\t\t\t\t'" . $_SESSION['user']['login_name'] . "',\n\t\t\t\t\t\t'" . date('Y-m-d H:i:s') . "', \n\t\t\t\t\t\t'" . $_SESSION['user']['login_name'] . "')"; $result = mysql_query($query); $intID = mysql_insert_id(); if ($result) { $strAlert = '<p>Activity named "' . stripslashes($_REQUEST['frm_activity_name']) . '" is successfuly added!</p>'; $strAlert .= "<br />\n"; if ($admin->getModulePrivilege('activities', 'view') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"activity_view.php?activity_id=" . $intID . "&action=view\" title=\"View Activity\"><img src=\"img/view_icon.png\" /> View</a> \n"; } if ($admin->getModulePrivilege('activities', 'edit') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"activity.php?activity_id=" . $intID . "&action=edit\" title=\"Edit Activity\"><img src=\"img/edit_icon.png\" /> Edit</a> \n"; } if ($admin->getModulePrivilege('activities', 'delete') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"activity.php?activity_id=" . $intID . "&action=delete\" title=\"Delete Activity\" onclick=\"return confirmDeleteActivity(this.form)\"><img src=\"img/delete_icon.png\" /> Delete</a> \n"; } $strAlert .= "<br /><br />\n"; if ($admin->getModulePrivilege('activities', 'add') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"activity.php?action=add\" title=\"Add Activity\"><img src=\"img/add_icon.png\" /> Add</a> \n"; } if ($admin->getModulePrivilege('activities', 'list') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"activity_list.php\" title=\"Activity List\"><img src=\"img/list_icon.png\" /> List</a> \n"; }
function deleteEmail() { $this->conn = $this->dbConnect(); $query = "SELECT * FROM `mbs_emails` WHERE `email_id` = '" . $_REQUEST['email_id'] . "' LIMIT 1"; $result = mysql_query($query, $this->conn); $row = mysql_fetch_assoc($result); if ($row) { // delete user group $queryDel = "DELETE FROM `mbs_emails` WHERE `email_id` = '" . $_REQUEST['email_id'] . "' LIMIT 1"; $resultDel = mysql_query($queryDel, $this->conn); if ($resultDel) { $strAlert = "Email <strong>\"" . stripslashes($row['email_address']) . "\"</strong> is successfully deleted!"; $strAlert .= "<br /><br />\n"; if (ADMIN::getModulePrivilege('emails', 'add') > 0) { $strAlert .= "<a href=\"email_add.php\" title=\"Add Email\"><img src=\"img/add_icon.png\" /> Add</a> \n"; } if (ADMIN::getModulePrivilege('emails', 'list') > 0) { $strAlert .= "<a href=\"email_list.php\" title=\"Email List\"><img src=\"img/list_icon.png\" /> List</a> \n"; } $strLog = "Email \"" . stripslashes($row['email_address']) . "\" is successfully deleted."; $queryLog = "INSERT INTO `logs` (`log_id`, \n\t\t\t\t\t\t\t\t\t\t\t `log_user`, \n\t\t\t\t\t\t\t\t\t\t\t `log_action`, \n\t\t\t\t\t\t\t\t\t\t\t `log_time`, \n\t\t\t\t\t\t\t\t\t\t\t `log_from`, \n\t\t\t\t\t\t\t\t\t\t\t `log_logout`)\n\t\n\t\t\t\t\t\t\tVALUES (NULL, \n\t\t\t\t\t\t\t\t\t'" . $_SESSION['user']['login_name'] . "',\n\t\t\t\t\t\t\t\t '" . mysql_real_escape_string($strLog) . "',\n\t\t\t\t\t\t\t\t\tNOW( ),\n\t\t\t\t\t\t\t\t\t'" . $_SESSION['user']['ip_address'] . "', \n\t\t\t\t\t\t\t\t\tNULL)"; $resultLog = mysql_query($queryLog, $this->conn); HTML::showAlert($strAlert, FALSE); } } else { $strAlert = "Email <strong>\"" . stripslashes($row['email_address']) . "\"</strong> tidak kosong!"; $strAlert .= "<br /><br />\n"; if (ADMIN::getModulePrivilege('emails', 'list') > 0) { $strAlert .= "<a href=\"email_list.php\" title=\"Email List\"><img src=\"img/list_icon.png\" /> List</a> \n"; } HTML::showAlert($strAlert, FALSE); } }
function viewBooking() { global $arrSiteConfig; global $STR_URL, $STR_PATH; $this->conn = DB::dbConnect(); $query = "SELECT * FROM `mbs_bookings` WHERE `booking_id` = '" . mysql_real_escape_string($_REQUEST['booking_id']) . "' LIMIT 1"; $result = mysql_query($query); if ($result) { $row = mysql_fetch_assoc($result); // get some variables $intBookingYear = substr($row['booking_date'], 0, 4); $strFilePath = $STR_PATH . $row['booking_file_path'] . $row['booking_file_name']; // get supplier data $strQuerySupplier = "SELECT * FROM `mbs_suppliers` WHERE `supplier_id` = '" . mysql_real_escape_string($row['supplier_id']) . "'"; $resultSupplier = mysql_query($strQuerySupplier); if ($resultSupplier) { $rowSupplier = mysql_fetch_assoc($resultSupplier); // get marketing contact $strQueryContact = "SELECT * FROM `mbs_suppliers_marketing_contacts` WHERE `supplier_id` = '" . mysql_real_escape_string($rowSupplier['supplier_id']) . "'"; $resultContact = mysql_query($strQueryContact); if ($resultContact) { $rowContact = mysql_fetch_assoc($resultContact); } } ?> <?php if ($_REQUEST['pop'] == "yes") { ?> <div align="center"> <form name="myformTop" action="<?php if (preg_match("/_exec/", $_SERVER['HTTP_REFERER'])) { if ($_SESSION['user']['type'] == 'admin') { echo "booking_list.php"; } else { echo "booking_search.php"; } } else { echo $_SERVER['HTTP_REFERER']; } ?> "> <input type="hidden" name="booking_id" value="<?php echo $_REQUEST['booking_id']; ?> "> <input type="hidden" name="page_num" value="<?php echo $_REQUEST['page_num']; ?> "> <input type="hidden" name="frm_search_text" value="<?php echo $_REQUEST['frm_search_text']; ?> "> <input class="btn" type="submit" value="Close" onclick="this.value='Loading...'"> </form> </div> <?php } ?> <div class="container-fluid"> <div class="row-fluid"> <div class="span12" style="text-align:center;margin-top:20px;"> <h2>Booking » <?php echo stripslashes(htmlspecialchars($row['booking_name'])); ?> </h2> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span12" style="text-align:center;margin-top:20px;"> <?php if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'add') !== 0) { ?> <a class="btn btn-popover" href="booking.php?action=add" rel="popover" data-content="Insert new Booking to the database" data-original-title="New Booking" title="New Booking"><img src="<?php echo $STR_URL; ?> img/add_icon.png" /> New Booking</a> <?php } ?> <?php if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'edit') !== 0) { ?> <a class="btn btn-popover" href="booking.php?booking_id=<?php echo $row['booking_id']; ?> &action=edit" rel="popover" data-content="Edit Booking including the Promotional Activities included" data-original-title="Edit Booking" title="Edit Booking"><img src="<?php echo $STR_URL; ?> img/edit_icon.png" /> Edit</a> <?php } ?> <?php if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'delete') !== 0) { ?> <a id="frm_delete_button_<?php echo $row['booking_id']; ?> " class="btn btn-popover" href="booking_list.php?booking_id=<?php echo $row['booking_id']; ?> &action=delete" rel="popover" data-content="Delete Booking from the database" data-original-title="Delete Booking" title="Delete Booking" /><img src="<?php echo $STR_URL; ?> img/delete_icon.png" /> Delete</a> <?php } ?> <?php if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'list') !== 0) { ?> <a class="btn btn-popover" href="booking_list.php" rel="popover" data-content="Refresh the Booking List to the latest update" data-original-title="Booking List" title="Booking List"><img src="<?php echo $STR_URL; ?> img/list_icon.png" /> List</a> <?php } ?> <a class="btn btn-popover" href="documentation_list.php#bookings" rel="popover" data-content="Look up for the Documentation about Booking module" data-original-title="Help" title="Help"><i class="icon-info-sign"></i> Help</a> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span12" style="text-align:center;margin-top:20px;"> <?php if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModuleFile('bookings', 'add') !== 0) { ?> <!--<a class="btn" href="booking.php?booking_id=<?php echo $row['booking_id']; ?> &action=edit" title="New Promo Activity"><img src="<?php echo $STR_URL; ?> img/add_icon.png" /> New Promo Activity</a>--> <?php } ?> <a class="btn btn-popover ajax callbacks cboxElement" href="booking_view_upload.php?action=upload&booking_id=<?php echo $row['booking_id']; ?> " rel="popover" data-content="Upload the scanned Booking document to server. Please upload in JPG, GIF, PNG or PDF format!" data-original-title="Upload Booking" title="Upload Booking"><img src="<?php echo $STR_URL; ?> img/upload_icon.png" /> Attach</a> <?php if ($row['booking_file_name'] && file_exists($strFilePath)) { ?> <a class="btn btn-popover" href="booking_view_download.php?action=download&booking_id=<?php echo $row['booking_id']; ?> " rel="popover" data-content="Download attached scanned Booking document from server" data-original-title="Download Booking" title="Download Booking"><img src="<?php echo $STR_URL; ?> img/download_icon.png" /> Download</a> <?php } ?> <a class="btn btn-popover" href="booking_view_print.php?action=print&booking_id=<?php echo $row['booking_id']; ?> " target="_blank" rel="popover" data-content="Print the Booking from the browser. A new tab and a Print dialog will be popped up" data-original-title="Print Booking" title="Print Booking"><img src="<?php echo $STR_URL; ?> img/print_icon.png" /> Print</a> <a class="btn btn-popover ajax callbacks cboxElement" href="booking_view_email.php?action=email&booking_id=<?php echo $row['booking_id']; ?> " rel="popover" data-content="Send the Booking to a certain email" data-original-title="Email Booking" title="Email Booking"><img src="<?php echo $STR_URL; ?> img/email_icon.png" /> Email</a> </div> </div> </div> <fieldset> <div class="container-fluid"> <div class="row-fluid"> <div class="span12" style="text-align:center;margin-top:20px;"> <h3>Promotional Activity <?php echo $intBookingYear; ?> </h3> </div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span5"> <p><strong>Supplier Name: <?php echo htmlspecialchars($rowSupplier['supplier_name']); ?> </strong></p> </div> <div class="span3 offset4"> <p><strong>Date: <?php echo HTML::convertDateTime($row['booking_date']); ?> </strong></p> </div> </div> </div> <script> $(document).ready(function () { $('#frm_delete_button_<?php echo $row['booking_id']; ?> ').click(function () { if (confirmDeleteBooking()) { var dataString = 'action=delete&booking_id=<?php echo $row['booking_id']; ?> '; var request = $.ajax({ url: 'ajax/booking_proc.php', type: 'post', data: dataString, success: function(msg) { $.gritter.add({ title: 'Info', text: '<p>' + msg + '</p>', image: '<?php echo $STR_URL; ?> img/accepted.png', sticky: false, time: '3000' }); } }); } return false; }); }); </script> <?php // Get the booking activity $queryBookingActivity = "SELECT * FROM `mbs_bookings_activities` WHERE `booking_id` = '" . mysql_real_escape_string($_REQUEST['booking_id']) . "' ORDER BY `booking_activity_month`"; $resultBookingActivity = mysql_query($queryBookingActivity); $arrBookingActivityData = array(); while ($rowBookingActivity = mysql_fetch_assoc($resultBookingActivity)) { $arrBookingActivityData[] = $rowBookingActivity; } // Get the booking activity amount $queryBookingActivityAmount = "SELECT COUNT(*) FROM `mbs_bookings_activities` WHERE `booking_id` = '" . mysql_real_escape_string($_REQUEST['booking_id']) . "'"; $resultBookingActivityAmount = mysql_query($queryBookingActivityAmount); $rowBookingActivityAmount = mysql_fetch_row($resultBookingActivityAmount); $intBookingActivityAmount = $rowBookingActivityAmount[0]; ?> <?php if ($intBookingActivityAmount > 0) { ?> <script> $(document).ready(function() { <?php for ($i = 0; $i < count($arrBookingActivityData); $i++) { ?> $('#frm_activity_edit_<?php echo $arrBookingActivityData[$i]['booking_activity_id']; ?> ').click(function() { window.location = "<?php echo $STR_URL; ?> booking.php?booking_id=<?php echo $row['booking_id']; ?> &action=edit&booking_activity_id=<?php echo $arrBookingActivityData[$i]['booking_activity_id']; ?> &child_action=edit-activity"; }); $('#frm_activity_delete_<?php echo $arrBookingActivityData[$i]['booking_activity_id']; ?> ').click(function() { if (confirmDeleteBookingActivity()) { $(this).closest('tr').remove(); var dataString = 'action=delete&booking_id=<?php echo $row['booking_id']; ?> &booking_activity_id=<?php echo $arrBookingActivityData[$i]['booking_activity_id']; ?> '; var request = $.ajax({ url: 'ajax/booking_proc.php', type: 'post', data: dataString, success: function(msg) { $.gritter.add({ title: 'Info', text: '<p>' + msg + '</p>', image: '<?php echo $STR_URL; ?> img/accepted.png', sticky: false, time: '3000' }); $('#frm_preview').load('ajax/booking_activity_preview.php?booking_id=<?php echo $row['booking_id']; ?> '); } }); } return false; }); <?php } ?> }); </script> <script> $(function () { $('.btn-popover').popover({ trigger: 'hover', placement: 'top' }); }); </script> <?php } ?> <div id="frm_preview"> <table class="table table-bordered table-hover"> <thead class="well"> <tr> <th style="text-align:center;"><strong>Month/Year</strong></th> <th style="text-align:center;"><strong>Promotional Agreement</strong></th> <th style="text-align:center;"><strong>Price</strong></th> <th style="text-align:center;"><strong>Action</strong></th> </tr> </thead> <tbody> <?php if ($intBookingActivityAmount > 0) { ?> <?php for ($i = 0; $i < count($arrBookingActivityData); $i++) { ?> <?php if ($arrBookingActivityData[$i]['store_id']) { $arrStoreID = explode(',', $arrBookingActivityData[$i]['store_id']); $intStoreCount = count($arrStoreID); } ?> <?php if ($arrBookingActivityData[$i]['store_id']) { $strPrice = $arrBookingActivityData[$i]['booking_activity_price'] * $intStoreCount; } else { $strPrice = $arrBookingActivityData[$i]['booking_activity_price']; } ?> <tr id="id<?php echo $arrBookingActivityData[$i]['booking_activity_id']; ?> "> <td><?php echo HTML::getMonthName($arrBookingActivityData[$i]['booking_activity_month']); ?> <?php echo stripslashes($arrBookingActivityData[$i]['booking_activity_year']); ?> </td> <td><?php echo stripslashes($arrBookingActivityData[$i]['booking_activity_description']); ?> </td> <td style="width:10%;"><div style="text-align:right;">$<?php echo number_format($strPrice, 2); ?> </div></td> <?php if ($_SESSION['user']['type'] == 'admin') { ?> <td style="width:20%;"><div align="center"> <?php if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'edit') !== 0 && $_SESSION['user']['type'] == 'user') { ?> <!--<button class="btn" type="button" id="frm_activity_edit_<?php echo $arrBookingActivityData[$i]['booking_activity_id']; ?> "><img src="<?php echo $STR_URL; ?> img/edit_icon.png" /> Edit</button>--> <?php } ?> <?php if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'delete') !== 0 && $_SESSION['user']['type'] == 'user') { ?> <button class="btn" type="button" id="frm_activity_delete_<?php echo $arrBookingActivityData[$i]['booking_activity_id']; ?> "><img src="<?php echo $STR_URL; ?> img/delete_icon.png" /> Remove</button> <?php } ?> </div></td> <?php } ?> </tr> <?php $intTotalAmount += $strPrice; ?> <?php } ?> <?php } else { ?> <tr> <td colspan="4"><div align="center">No Promo Activity yet. Please <a class="btn" href="booking.php?booking_id=<?php echo $row['booking_id']; ?> &action=edit">add</a></div></td> </tr> <?php } ?> <tr> <td colspan="2"><div style="text-align:right;"><strong>Total</strong></div></td> <td><div style="text-align:right;"><strong>$<?php echo number_format($intTotalAmount, 2); ?> </strong></div></td> <td></td> </tr> </tbody> </table> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="row-fluid"> <div class="span2 offset6"> <p style="text-align:right;">Purchases in <?php echo intval($intBookingYear) - 1; ?> :</p> </div> <div class="span4" style="border-bottom:1px solid #ddd;"> <p><?php echo $rowSupplier['supplier_last_year_purchase']; ?> </p> </div> </div> <div class="row-fluid"> <div class="span2 offset6"> <p style="text-align:right;"><?php echo intval($intBookingYear); ?> Target:</p> </div> <div class="span4" style="border-bottom:1px solid #ddd;"> <p><?php echo stripslashes(htmlspecialchars($rowSupplier['supplier_target'])); ?> </p> </div> </div> <div class="row-fluid"> <div class="span2 offset6"> <p style="text-align:right;">Growth Incentives:</p> </div> <div class="span4" style="border-bottom:1px solid #ddd;"> <p><?php echo stripslashes(htmlspecialchars($rowSupplier['supplier_growth_incentives'])); ?> </p> </div> </div> <div class="row-fluid"> <div class="span2 offset6"> <p style="text-align:right;">Co-op Budget:</p> </div> <div class="span4" style="border-bottom:1px solid #ddd;"> <p><?php echo stripslashes(htmlspecialchars($rowSupplier['supplier_budget'])); ?> </p> </div> </div> </div> </div> <div class="container-fluid" style="margin-top:80px;"> <div class="row-fluid"> <div class="span2"><p>Signed:</p></div> <div class="span4" style="border-bottom:1px solid #ddd;"></div> <div class="span2"></div> <div class="span4" style="border-bottom:1px solid #ddd;"></div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2"></div> <div class="span4" style="text-align:center;"><p style="color:#999;">For & on behalf of supplier</p></div> <div class="span2"></div> <div class="span4" style="text-align:center;"><p style="color:#999;">For & on behalf of Pharmacy 4 Less</p></div> </div> </div> <div class="container-fluid" style="margin-top:40px;"> <div class="row-fluid"> <div class="span2" style="text-align:right;"><p>Name :</p></div> <div class="span2" style="border-bottom:1px solid #ddd;"><p><?php echo htmlspecialchars($rowContact['supplier_contact_name']); ?> </p></div> <div class="span2"></div> <div class="span2" style="text-align:right;"><p>Name :</p></div> <div class="span4" style="border-bottom:1px solid #ddd;"><p><?php echo stripslashes(htmlspecialchars($arrSiteConfig['mbs_p4l_on_behalf_name'])); ?> </p></div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2" style="text-align:right;"><p>Title :</p></div> <div class="span2" style="border-bottom:1px solid #ddd;"><p><?php echo htmlspecialchars($rowContact['supplier_contact_position']); ?> </p></div> <div class="span2"></div> <div class="span2" style="text-align:right;"><p>Title :</p></div> <div class="span4" style="border-bottom:1px solid #ddd;"><p><?php echo stripslashes(htmlspecialchars($arrSiteConfig['mbs_p4l_on_behalf_position'])); ?> </p></div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2" style="text-align:right;"><p>Date :</p></div> <div class="span2" style="border-bottom:1px solid #ddd;"><p><?php echo HTML::convertDateTime($row['booking_date']); ?> </p></div> <div class="span2"></div> <div class="span2" style="text-align:right;"><p>Date :</p></div> <div class="span4" style="border-bottom:1px solid #ddd;"><p><?php echo HTML::convertDateTime($row['booking_date']); ?> </p></div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2" style="text-align:right;"><p>Phone :</p></div> <div class="span2" style="border-bottom:1px solid #ddd;"><p><?php echo htmlspecialchars($rowContact['supplier_contact_phone_number']); ?> </p></div> <div class="span2"></div> <div class="span2" style="text-align:right;"></div> <div class="span4"></div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2" style="text-align:right;"><p>Mobile :</p></div> <div class="span2" style="border-bottom:1px solid #ddd;"><p><?php echo htmlspecialchars($rowContact['supplier_contact_mobile_number']); ?> </p></div> <div class="span2"></div> <div class="span2" style="text-align:right;"></div> <div class="span4"></div> </div> </div> <div class="container-fluid"> <div class="row-fluid"> <div class="span2" style="text-align:right;"><p>Billing Address :</p></div> <div class="span2" style="border-bottom:1px solid #ddd;"><p><?php echo htmlspecialchars($rowContact['supplier_contact_postal_address']); ?> </p></div> <div class="span2"></div> <div class="span2" style="text-align:right;"></div> <div class="span4"><?php if ($row['booking_file_name'] && file_exists($strFilePath)) { ?> <strong>Attachment</strong> <img src="<?php echo $STR_URL; ?> img/attachment_icon.png" title="Attachment" /><p><?php echo $row['booking_file_name']; ?> <em>(<?php echo HTML::getFileSize($strFilePath); ?> )</em></p><?php } ?> </div> </div> </div> </fieldset> <ul style="margin-top:40px;"> <li><strong>Created on:</strong> <?php echo HTML::convertDateTime($row['booking_created_date']); ?> by <strong><?php echo stripslashes($row['booking_created_by']); ?> </strong></li> <li><strong>Last modified on:</strong> <?php echo HTML::convertDateTime($row['booking_modified_date']); ?> by <strong><?php echo stripslashes($row['booking_modified_by']); ?> </strong></li> </ul> <?php if ($_REQUEST['pop'] == "yes") { ?> <div align="center" style="margin-top:20px;"> <form name="myformBottom" action="<?php if (preg_match("/_exec/", $_SERVER['HTTP_REFERER'])) { if ($_SESSION['user']['type'] == 'admin') { echo "booking_list.php"; } else { echo "booking_search.php"; } } else { echo $_SERVER['HTTP_REFERER']; } ?> "> <input type="hidden" name="booking_id" value="<?php echo $_REQUEST['booking_id']; ?> "> <input type="hidden" name="page_num" value="<?php echo $_REQUEST['page_num']; ?> "> <input type="hidden" name="frm_search_text" value="<?php echo $_REQUEST['frm_search_text']; ?> "> <input class="btn" type="submit" value="Close" onclick="this.value='Loading...'"> </form> </div> <?php } ?> <?php // The Log $strLog = "View Booking named \"" . $row['booking_name'] . "\""; $queryLog = "INSERT INTO `logs` (`log_id`, \n\t\t\t\t\t\t\t\t\t\t `log_user`, \n\t\t\t\t\t\t\t\t\t\t `log_action`, \n\t\t\t\t\t\t\t\t\t\t `log_time`, \n\t\t\t\t\t\t\t\t\t\t `log_from`, \n\t\t\t\t\t\t\t\t\t\t `log_logout`)\n\n\t\t\t\t\tVALUES (NULL, \n\t\t\t\t\t\t\t'" . $_SESSION['user']['login_name'] . "',\n\t\t\t\t\t\t\t'" . mysql_real_escape_string($strLog) . "',\n\t\t\t\t\t\t\t'" . date('Y-m-d H:i:s') . "',\n\t\t\t\t\t\t\t'" . $_SESSION['user']['ip_address'] . "', \n\t\t\t\t\t\t\tNULL)"; $resultLog = mysql_query($queryLog); } }
if (!$_REQUEST['frm_product_active']) { $_REQUEST['frm_product_active'] = "no"; } // the query $db->dbConnect(); $query = "INSERT INTO `mbs_products` (`product_id`, \n\t\t\t\t\t\t\t\t\t\t `product_code`, \n\t\t\t\t\t\t\t\t\t\t `product_name`, \n\t\t\t\t\t\t\t\t\t\t `product_size`, \n\t\t\t\t\t\t\t\t\t\t `product_normal_retail_price`, \n\t\t\t\t\t\t\t\t\t\t `product_promo_price`, \n\t\t\t\t\t\t\t\t\t\t `product_special_offer_details`, \n\t\t\t\t\t\t\t\t\t\t `product_description`, \n\t\t\t\t\t\t\t\t\t\t `product_active`, \n\t\t\t\t\t\t\t\t\t\t `product_created_date`, \n\t\t\t\t\t\t\t\t\t\t `product_created_by`, \n\t\t\t\t\t\t\t\t\t\t `product_modified_date`, \n\t\t\t\t\t\t\t\t\t\t `product_modified_by`) \n\n\t\t\t\tVALUES (NULL, \n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_product_code']) . "', \n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_product_name']) . "', \n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_size_id']) . "', \n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_product_normal_retail_price']) . "', \t\n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_product_promo_price']) . "', \t\n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_product_special_offer_details']) . "',\n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_product_name']) . "', \t\n\t\t\t\t\t\t'" . mysql_real_escape_string($_REQUEST['frm_product_active']) . "', \t\t\t\t\t\t\n\t\t\t\t\t\t'" . date('Y-m-d H:i:s') . "', \n\t\t\t\t\t\t'" . $_SESSION['user']['login_name'] . "',\n\t\t\t\t\t\t'" . date('Y-m-d H:i:s') . "', \n\t\t\t\t\t\t'" . $_SESSION['user']['login_name'] . "')"; $result = mysql_query($query); $intID = mysql_insert_id(); if ($result) { $strAlert = '<p>Product named "' . stripslashes($_REQUEST['frm_product_name']); if ($_REQUEST['frm_product_code']) { $strAlert .= ' (Code: ' . stripslashes($_REQUEST['frm_product_code']) . ')'; } $strAlert .= '" is successfuly added!</p>'; $strAlert .= "<br />\n"; if ($admin->getModulePrivilege('products', 'view') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"product_view.php?product_id=" . $intID . "&action=view\" title=\"View Product\"><img src=\"img/view_icon.png\" /> View</a> \n"; } if ($admin->getModulePrivilege('products', 'edit') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"product.php?product_id=" . $intID . "&action=edit\" title=\"Edit Product\"><img src=\"img/edit_icon.png\" /> Edit</a> \n"; } if ($admin->getModulePrivilege('products', 'delete') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"product.php?product_id=" . $intID . "&action=delete\" title=\"Delete Product\" onclick=\"return confirmDeleteProduct(this.form)\"><img src=\"img/delete_icon.png\" /> Delete</a> \n"; } $strAlert .= "<br /><br />\n"; if ($admin->getModulePrivilege('products', 'add') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"product.php?action=add\" title=\"Add Product\"><img src=\"img/add_icon.png\" /> Add</a> \n"; } if ($admin->getModulePrivilege('products', 'list') > 0) { $strAlert .= "<a class=\"link_proc\" href=\"product_list.php\" title=\"Product List\"><img src=\"img/list_icon.png\" /> List</a> \n"; }
function listBooking() { global $arrSiteConfig; global $STR_URL; global $TABLE_MAX_ROW_PER_PAGE; DB::dbConnect(); // If page number not set, set it to 1 if (!$_REQUEST['page_num']) { $_REQUEST['page_num'] = 1; } // Setting queries and pages $offset = ($_REQUEST['page_num'] - 1) * $TABLE_MAX_ROW_PER_PAGE; $this->conn = DB::dbConnect(); $strSearchText = stripslashes($_REQUEST['frm_search_text']); // sort variables if (!$_REQUEST['sortmode']) { $_REQUEST['sortmode'] = "asc"; } $strSortMode = $_REQUEST['sortmode']; if ($_REQUEST['frm_search_text']) { // search query ********************************************************************************* $query = "SELECT * FROM `mbs_bookings` \n\t\t\t\t\t \t\t WHERE (`booking_name` LIKE '%" . mysql_real_escape_string($strSearchText) . "%'\n\t\t\t\t\t \t\t \t\t OR `booking_code` LIKE '%" . mysql_real_escape_string($strSearchText) . "%' \n\t\t\t\t\t \t\t\t OR `booking_description` LIKE '%" . mysql_real_escape_string($strSearchText) . "%')\n\t\t\t\t\t \t\t\t ORDER BY "; if ($_REQUEST['sortby']) { $query .= "`" . mysql_real_escape_string($_REQUEST['sortby']) . "` " . $strSortMode . ", `booking_id`"; } else { $query .= "`booking_code` ASC, `booking_name` ASC, `booking_created_date` DESC"; } $query .= " LIMIT " . $offset . "," . $TABLE_MAX_ROW_PER_PAGE; // search query total *************************************************************************** $queryTotal = "SELECT COUNT(*) FROM `mbs_bookings` \n\t\t\t\t\t \t\t\t WHERE (`booking_name` LIKE '%" . mysql_real_escape_string($strSearchText) . "%' \n\t\t\t\t\t \t\t\t \t OR `booking_code` LIKE '%" . mysql_real_escape_string($strSearchText) . "%'\n\t\t\t\t\t \t\t\t OR `booking_description` LIKE '%" . mysql_real_escape_string($strSearchText) . "%')"; } else { // the query ************************************************************************************ $query = "SELECT * FROM `mbs_bookings` ORDER BY "; if ($_REQUEST['sortby']) { $query .= " `" . mysql_real_escape_string($_REQUEST['sortby']) . "` " . $strSortMode . ", `booking_id`"; } else { $query .= " `booking_code`, `booking_name`"; } $query .= " LIMIT " . $offset . "," . $TABLE_MAX_ROW_PER_PAGE; // the query total ****************************************************************************** $queryTotal = "SELECT COUNT(*) FROM `mbs_bookings`"; } $result = mysql_query($query, $this->conn); $resultTotal = mysql_query($queryTotal, $this->conn); $rowTotal = mysql_fetch_row($resultTotal); $totalPage = ceil($rowTotal[0] / $TABLE_MAX_ROW_PER_PAGE); $strResult = ""; #echo "<div style=\"padding:15px; background-color:#eee;\">"; #echo "<strong>Query:</strong> " . $query . "<br /><br />"; #echo "<strong>Query Total:</strong> " . $queryTotal . "<br /><br />"; #echo "</div>"; // javascript to pop up message $strResult .= "\n\t\t\n\t\t\t\t\t"; // search form $strResult .= "\n\t\t\t<form name=\"search_booking_data\" method=\"post\" action=\"" . $STR_URL . "booking_list.php\">\n\t\t\t\t<input type=\"hidden\" name=\"frm_search_referer\" value=\"" . $_SERVER['PHP_SELF'] . "\" />\n\t\t\t\t<input type=\"text\" name=\"frm_search_text\" size=\"40\" maxlength=\"128\" value=\""; if ($_REQUEST['frm_search_text']) { $strResult .= stripslashes($_REQUEST['frm_search_text']); } $strResult .= "\" />\t\t\t\t\n\t\t\t\t<input class=\"btn\" type=\"submit\" name=\"frm_search_submit\" value=\"Search Bookings\" onclick=\"return validateSearch(this.form)\" /><br />\n\t\t\t</form>\n\t\t\t"; // the form $strResult .= "\n\t\t\t<form id=\"frm_booking\" method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\" />\n\t\t\t"; $strResult .= "<div align=\"right\">"; // the refresh link if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'list') !== 0) { $strResult .= "<a class=\"btn\" href=\"" . $STR_URL . ADMIN::getModuleFile('bookings', 'list') . "\" title=\"Booking List\"><img src=\"" . $STR_URL . "img/refresh_icon.png\" /> Refresh</a>"; } $strResult .= " "; // the add link if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'add') !== 0) { $strResult .= "<a class=\"btn ajax callbacks cboxElement\" href=\"" . $STR_URL . ADMIN::getModuleFile('bookings', 'add') . "?pop=yes\" title=\"New Booking\"><img src=\"" . $STR_URL . "img/add_icon.png\" /> New Booking</a>"; } $strResult .= "\t</div>"; if ($strSortMode == "asc") { $strSortMode = "desc"; } elseif ($strSortMode == "desc") { $strSortMode = "asc"; } // the table $strResult .= "\t\t\t\n\t\t\t<div align=\"center\"><h2>Booking List</h2></div>\n\t\t\t<div align=\"right\">" . HTML::showPaging($rowTotal[0], $totalPage, 4, array(array('frm_search_text', urlencode($_REQUEST['frm_search_text'])), array('pop', urlencode('yes')), array('sortby', urlencode($_REQUEST['sortby'])), array('sortmode', urlencode($_REQUEST['sortmode'])))) . "</div>\n\n\t\t\t<section id=\"table_booking_list\">\n\t\t\t<table class=\"table table-bordered table-hover\" summary=\"Booking List\">\n\t\t\t<caption>Booking List</caption>\n\t\t\t<thead>\n\t\t\t\t<tr>\t\t\t\t\t\n\t\t\t\t\t<th scope=\"col\" width=\"5%\"><div align=\"center\">No</div></th>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t<th scope=\"col\"><div align=\"center\"><a href=\"" . $_SERVER['PHP_SELF'] . "?page_num=" . intval($_REQUEST['page_num']) . "&frm_search_text=" . urlencode($_REQUEST['frm_search_text']) . "&sortby=booking_name&sortmode=" . $strSortMode . "\">Code/Name</a></div></th>\n\t\t\t\t\t<th scope=\"col\"><div align=\"center\"><a href=\"" . $_SERVER['PHP_SELF'] . "?page_num=" . intval($_REQUEST['page_num']) . "&frm_search_text=" . urlencode($_REQUEST['frm_search_text']) . "&sortby=booking_normal_retail_price&sortmode=" . $strSortMode . "\">Normal Retail Price</a></div></th>\n\t\t\t\t\t<th scope=\"col\"><div align=\"center\"><a href=\"" . $_SERVER['PHP_SELF'] . "?page_num=" . intval($_REQUEST['page_num']) . "&frm_search_text=" . urlencode($_REQUEST['frm_search_text']) . "&sortby=booking_promo_price&sortmode=" . $strSortMode . "\">Promo Price</a></div></th>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t"; // edit / delete column if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'edit') !== 0 && $_SESSION['user']['type'] == 'user' || ADMIN::getModulePrivilege('bookings', 'delete') !== 0 && $_SESSION['user']['type'] == 'user') { $strResult .= "\t\n\t\t\t\t\t<th scope=\"col\" width=\"20%\"><div align=\"center\">Edit/Delete</div></th>\n\t\t\t\t\t"; } $strResult .= "\n\t\t\t\t</tr>\n\t\t\t</thead>\t\n\t\t\t\n\t\t\t<tbody>\n\t\t\t"; if ($rowTotal[0] > 0) { $no = $offset; while ($row = mysql_fetch_assoc($result)) { $no++; // link $strLink = ADMIN::getModuleFile('bookings', 'view') . "?booking_id=" . urlencode($row['booking_id']) . "&frm_search_text=" . urlencode($_REQUEST['frm_search_text']) . "&page_num=" . $_REQUEST['page_num'] . "&pop=yes"; $strResult .= "\n\t\t\t\t\t\t<tr "; if ($no % 2 == 0) { $strResult .= "class=\"odd\""; } $strResult .= ">\n\t\t\t\t\t\t\t<td id=\"r" . $row['booking_id'] . "\"><div align=\"right\">" . $no . ".</div></td>\t\t\t\t\t\t\n\t\t\t\t\t\t\t<td><div align=\"left\">"; if ($_SESSION['user']['type'] == 'admin' || $strPrivView == "yes") { $strResult .= "<a class=\"ajax callbacks cboxElement\" href=\"" . $STR_URL . $strLink . "\" title=\"" . html_entity_decode(strtoupper($row['booking_name'])) . "\">"; } $strResult .= "<strong>" . html_entity_decode(stripslashes($row['booking_code'])) . " / " . html_entity_decode(stripslashes($row['booking_name'])) . "</strong>"; if ($_SESSION['user']['type'] == 'admin' || $strPrivView == "yes") { "</a>"; } $strResult .= "</div></td>\n\t\t\t\t\t\t\t<td><div align=\"right\"><strong>\$" . html_entity_decode(stripslashes($row['booking_normal_retail_price'])) . "</strong></div></td>\n\t\t\t\t\t\t\t<td><div align=\"right\"><strong>\$" . html_entity_decode(stripslashes($row['booking_promo_price'])) . "</strong></div></td>\t\t\t\t\t\t\t\n\t\t\t\t\t\t"; // action column if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'edit') !== 0 && $_SESSION['user']['type'] == 'user' || ADMIN::getModulePrivilege('bookings', 'delete') !== 0 && $_SESSION['user']['type'] == 'user') { $strResult .= "<td><div align=\"center\">"; // edit if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'edit') !== 0 && $_SESSION['user']['type'] == 'user') { $strResult .= "<a class=\"btn ajax callbacks cboxElement\" href=\"" . $STR_URL . "booking.php?booking_id=" . html_entity_decode($row['booking_id']) . "&action=edit&pop=yes\" title=\"Edit Booking\"><img src=\"" . $STR_URL . "img/edit_icon.png\" /> Edit</a>"; } $strResult .= " "; // delete if ($_SESSION['user']['type'] == 'admin' || ADMIN::getModulePrivilege('bookings', 'delete') !== 0 && $_SESSION['user']['type'] == 'user') { $strResult .= "<a id=\"frm_delete_button_" . $row['booking_id'] . "\" class=\"btn\" href=\"" . $STR_URL . "booking_list.php?booking_id=" . $row['booking_id'] . "&action=delete\" title=\"Delete Booking\"><img src=\"" . $STR_URL . "img/delete_icon.png\" /> Delete</a> "; } $strResult .= "</div></td>"; } $strResult .= "\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t"; } // end while($row = ) } else { $strResult .= "<tr><td colspan=\"5\"><div align=\"center\">Found no data</div></td></tr>"; } $strResult .= "\n\t\t\t</tbody>\n\t\t\t<tfoot>\n\t\t\t\t<tr>\n\t\t\t\t\t<th scope=\"row\" colspan=\"2\">Total: " . $rowTotal[0] . "</th>\t\t\t\t\t\n\t\t\t\t\t<td colspan=\"3\">" . HTML::showPaging($rowTotal[0], $totalPage, 4, array(array('frm_search_text', urlencode($_REQUEST['frm_search_text'])), array('pop', urlencode('yes')), array('sortby', urlencode($_REQUEST['sortby'])), array('sortmode', urlencode($_REQUEST['sortmode'])))) . "</td>\n\t\t\t\t</tr>\n\t\t\t</tfoot>\n\t\t\t</table>\n\t\t\t</section>\n\t\t\t</form>\n\t\t\t<a class=\"btn\" href=\"#content\"><i class=\"icon-arrow-up\"></i> Back to top</a>\n\n\n\t\t\t<script>\n\t\t\t\t\$(document).ready(function () {\n\t\t\t\t\tvar strID;\n\t\t\t\t\tvar intID;\n\t\t\t\t\tvar deleteConf;\t\n\t\t\t\n\t\t\t\t\t\$('a').click(function(event) {\n \t\t\t\tstrID = event.target.id; \t\t\t\t \t\t\t\t\n\t\t\t\t\t\tintID = strID.replace('frm_delete_button_', '');\t\t\t\t\t\t\n\n\t\t\t\t\t\tif (intID && intID !== '')\n\t\t\t\t\t\t{\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tif (confirmDeleteBooking())\n\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\t\$(this).closest('tr').remove();\t\n\n\t\t\t\t\t\t\t\tvar dataString = 'action=delete&booking_id=' + intID;\t\t\t\t\t\t\t\n\t\t \t\t\t\t \n\t\t\t\t\t\t\t\tvar request = \$.ajax({\t\t\t\t\t\t\t \n\t\t\t\t\t\t\t\t\turl: 'ajax/booking_proc.php',\n\t\t\t\t\t\t\t\t\ttype: 'post', \n\t\t\t\t\t\t\t\t\tdata: dataString,\n\t\t\t\t\t\t\t\t\tsuccess: function(msg) {\n\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\$.gritter.add({\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\ttitle: 'Info',\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\ttext: '<p>' + msg + '</p>',\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\timage: '" . $STR_URL . "img/accepted.png',\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\tsticky: false,\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\ttime: '3000'\n\t\t\t\t\t\t\t\t\t\t});\n\n\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t\t\t \n\t\t\t\t\t\t\t\t});\t\t\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t}\n\n\t\t\t\t\t\t\treturn false;\t\n\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t}\t\t\t\n\t\t\t\t\t\t\n \t\t\t\t});\n \n\t\t\t\t});\n\t\t\t</script>\n\t\t\t"; // The Log $strLog = "View the Booking List"; $queryLog = "INSERT INTO `logs` (`log_id`, \n\t\t\t\t\t\t\t\t\t\t `log_user`, \n\t\t\t\t\t\t\t\t\t\t `log_action`, \n\t\t\t\t\t\t\t\t\t\t `log_time`, \n\t\t\t\t\t\t\t\t\t\t `log_from`, \n\t\t\t\t\t\t\t\t\t\t `log_logout`)\n\n\t\t\t\t\tVALUES (NULL, \n\t\t\t\t\t\t\t'" . $_SESSION['user']['login_name'] . "',\n\t\t\t\t\t\t\t'" . mysql_real_escape_string($strLog) . "',\n\t\t\t\t\t\t\t'" . date('Y-m-d H:i:s') . "',\n\t\t\t\t\t\t\t'" . $_SESSION['user']['ip_address'] . "', \n\t\t\t\t\t\t\tNULL)"; $resultLog = mysql_query($queryLog); echo $strResult; }