function updatecsc($_POST) { extract($_POST); $cat += 0; $listcat += 0; $qteam += 0; # validate input require_lib("validate"); $v = new validate(); $v->isOk($id, "num", 1, 9, "Invalid Query ID."); $v->isOk($sub, "string", 1, 300, "Invalid subject."); $v->isOk($notes, "string", 0, 500, "Invalid notes."); $v->isOk($name, "string", 1, 300, "Invalid name."); $v->isOk($con, "string", 0, 300, "Invalid contact."); $v->isOk($tel, "string", 0, 300, "Invalid tel."); $v->isOk($cel, "string", 0, 300, "Invalid cell."); $v->isOk($fax, "string", 0, 300, "Invalid fax."); $v->isOk($email, "email", 0, 300, "Invalid email."); $v->isOk($address, "string", 0, 300, "Invalid address."); $v->isOk($oaction, "string", 0, 100, "Invalid action ."); $v->isOk($action, "string", 0, 100, "Invalid action."); # display errors, if any if ($v->isError()) { $confirm = ""; $errors = $v->getErrors(); foreach ($errors as $e) { $confirm .= "<li class=err>" . $e["msg"]; } return manage($_POST, $confirm . "</li>"); } $date = date("Y-m-d"); db_conn('crm'); $Sl = "SELECT * FROM tokens WHERE id='{$id}'"; $Ry = db_exec($Sl) or errDie("Unable to get query information from system."); if (pg_numrows($Ry) < 1) { return manage($_POST, "<li class=err>Invalid query</li>"); } $tokendata = pg_fetch_array($Ry); $Sl = "SELECT * FROM crms WHERE userid='" . USER_ID . "'"; $Ri = db_exec($Sl) or errDie("Unable to get data."); $cdata = pg_fetch_array($Ri); $teams = explode("|", $cdata['teams']); if (!in_array($tokendata['teamid'], $teams)) { return "The query number you typed in does not belong to your team." . seltoken(); } $Sl = "SELECT * FROM tcats WHERE id='{$cat}'"; $Ry = db_exec($Sl) or errDie("Unable to get cat from system."); if (pg_numrows($Ry) < 1) { return "Invalid cat."; } $catdata = pg_fetch_array($Ry); $catname = $catdata['name']; $Sl = "UPDATE tokens SET name='{$name}',con='{$con}',tel='{$tel}',cell='{$cel}',fax='{$fax}',email='{$email}',address='{$address}',cat='{$catname}',catid='{$cat}',\r\n\tsub='{$sub}',notes='{$notes}',lastuser='******',lastdate='{$date}',teamid='{$qteam}' WHERE id='{$id}'"; $Ry = db_exec($Sl) or errDie("Unable to update query information."); $Sl = "UPDATE crms SET listcat='{$listcat}' WHERE userid='" . USER_ID . "'"; $Ry = db_exec($Sl) or errDie("Unable to update crm."); $time = date("H:i:s"); if (strlen($oaction) > 0) { $Sl = "INSERT INTO token_actions(token,action,donedate,donetime,doneby,donebyid)\r\n\t\tVALUES ('{$id}','{$oaction}','{$date}','{$time}','" . USER_NAME . "','" . USER_ID . "')"; $Ry = db_exec($Sl) or errDie("Unable to insert record."); } if ($action != "0") { $Sl = "INSERT INTO token_actions(token,action,donedate,donetime,doneby,donebyid)\r\n\t\tVALUES ('{$id}','{$action}','{$date}','{$time}','" . USER_NAME . "','" . USER_ID . "')"; $Ry = db_exec($Sl) or errDie("Unable to insert record."); } if (isset($closetoken)) { header("Location: tokens-close.php?id={$id}"); exit; } db_conn('crm'); if (isset($search)) { $find += 0; $Sl = "SELECT * FROM tokens WHERE id='{$find}'"; $Ry = db_exec($Sl) or errDie("Unable to find query."); if (pg_numrows($Ry) < 1) { return manage($_POST, "<li class=err>Query number: '{$find}' cannnot be found</li>"); } header("Location: tokens-manage.php?id={$find}"); exit; } header("Location: tokens-manage.php?id={$id}"); exit; return manage($_POST, "<li>Query information updated.</li>"); }
function find($_POST) { extract($_POST); $id += 0; db_conn('crm'); $Sl = "SELECT * FROM closedtokens WHERE tid='{$id}'"; $Ry = db_exec($Sl) or errDie("Unable to get query from system."); if (pg_numrows($Ry) < 1) { return seltoken(); } $data = pg_fetch_array($Ry); $id = $data['id']; header("Location: tokens-closed-details.php?id={$id}"); exit; }