/**
* Show login page
*
* @return void
*/
function showLogin()
{
showHeader();
?>
<form name="login" method="post" action="">
<table class="form">
<tr>
<th class="title" colspan="2">Authentification administrateur obligatoire</th>
</tr>
<tr>
<th><label for="username">Nom d'utilisateur :</label></th>
<td><input type="text" name="username" autofocus="autofocus" /></td>
</tr>
<tr>
<th><label for="password">Mot de passe :</label></th>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td class="button" colspan="2"><button class="submit" type="submit">Valider</button></td>
</tr>
</table>
</form>
<?php
showFooter();
}
function display($title, $content)
{
print showHeader($title);
print $content;
print showFooter();
exit;
}
function showHead($loggedin)
{
if ($loggedin) {
include "modules/home/userhome.php";
showHeader();
} else {
include "login/login.php";
showLoginHeader();
}
}
/**
* This method returns the connection object.
* If it has not been yet created, this method
* instantiates it based on the $connStr, $user and $pass
* global variables defined in common.inc.php
* @return PDO the connection object
*/
static function getConn()
{
if (!self::$conn) {
global $connStr, $user, $pass;
try {
self::$conn = new PDO($connStr, $user, $pass);
self::$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
showHeader('Error');
showError("Sorry, an error has occurred. Please\n\t\t\t\t\ttry your request later\n" . $e->getMessage());
}
}
return self::$conn;
}
function showLogin($error = '')
{
showHeader();
if ($error) {
print $error;
}
print <<<LOGINFORM
\t\t<form action="{$_SERVER['PHP_SELF']}" method="post">
\t\t<table>
\t\t\t<tr><td><b>Username:</b></td><td><input type="text" name="username" /></td></tr>
\t\t\t<tr><td><b>Password:</b></td><td><input type="password" name="password" /></td></tr>
\t\t\t<tr><td colspan="2"><button name="Login" value="Login" type="submit">Login</button></td></tr>
\t\t</table>
\t\t</form>
LOGINFORM;
showFooter();
}
<?php
include_once "../Controller/functions.php";
/**
* Created by Latendresse Antoine && Yannick Delaire.
* Date: 11/16/15
*/
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
showHeader("Identifiant Depot d'images");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//FR" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr">
<head>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<title>All your photos organized and easy to find</title>
<link href='https://fonts.googleapis.com/css?family=Roboto:500' rel='stylesheet' type='text/css'>
<link href="../Styles/style.css" rel="stylesheet" media="all" type="text/css">
<link rel="apple-touch-icon" sizes="57x57" href="ico/apple-icon-57x57.png">
<link rel="apple-touch-icon" sizes="60x60" href="ico/apple-icon-60x60.png">
<link rel="apple-touch-icon" sizes="72x72" href="ico/apple-icon-72x72.png">
<link rel="apple-touch-icon" sizes="76x76" href="ico/apple-icon-76x76.png">
<link rel="apple-touch-icon" sizes="114x114" href="ico/apple-icon-114x114.png">
<link rel="apple-touch-icon" sizes="120x120" href="ico/apple-icon-120x120.png">
<link rel="apple-touch-icon" sizes="144x144" href="ico/apple-icon-144x144.png">
<link rel="apple-touch-icon" sizes="152x152" href="ico/apple-icon-152x152.png">
<link rel="apple-touch-icon" sizes="180x180" href="ico/apple-icon-180x180.png">
<link rel="icon" type="image/png" sizes="192x192" href="ico/android-icon-192x192.png">
<link rel="icon" type="image/png" sizes="32x32" href="ico/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="96x96" href="ico/favicon-96x96.png">
<?php
include_once "../Controller/functions.php";
/**
* Created by Latendresse Antoine && Yannick Delaire.
* Date: 11/16/15
*/
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
getSessionVar();
showHeader("Gestionnaire d'images");
verifyConnected();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//FR" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr">
<head>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<title>All your photos organized and easy to find</title>
<link href='https://fonts.googleapis.com/css?family=Roboto:500' rel='stylesheet' type='text/css'>
<link href="../Styles/style.css" rel="stylesheet" media="all" type="text/css">
<link rel="apple-touch-icon" sizes="57x57" href="ico/apple-icon-57x57.png">
<link rel="apple-touch-icon" sizes="60x60" href="ico/apple-icon-60x60.png">
<link rel="apple-touch-icon" sizes="72x72" href="ico/apple-icon-72x72.png">
<link rel="apple-touch-icon" sizes="76x76" href="ico/apple-icon-76x76.png">
<link rel="apple-touch-icon" sizes="114x114" href="ico/apple-icon-114x114.png">
<link rel="apple-touch-icon" sizes="120x120" href="ico/apple-icon-120x120.png">
<link rel="apple-touch-icon" sizes="144x144" href="ico/apple-icon-144x144.png">
<link rel="apple-touch-icon" sizes="152x152" href="ico/apple-icon-152x152.png">
<link rel="apple-touch-icon" sizes="180x180" href="ico/apple-icon-180x180.png">
<link rel="icon" type="image/png" sizes="192x192" href="ico/android-icon-192x192.png">
function showPage($username = '', $accessLvl = '', $errors = '')
{
showHeader($username, $accessLvl);
global $db;
if ($errors) {
//show errors at top of page
print '<h2 class = "error"> The following errors were encountered:</h2>';
print '<ul><li>';
print implode('</li><li>', $errors);
print '</li></ul>';
}
$parts_emailName_30 = explode("@", $_SESSION['mailto_over30']);
$parts_emailName_15 = explode("@", $_SESSION['mailto_over15']);
print <<<ADDUSERPAGE
\t\t\t<h2 align="center">Configure Email Settings</h2>
\t\t\t<form method="POST" action="{$_SERVER['PHP_SELF']}" name="add_user">
\t\t <table style="width: 100%" border="1">
\t\t\t<tbody>
\t\t\t <tr>
\t\t\t\t<td>Email After 30 Days</td>
\t\t\t\t<td>
\t <select name="30_days_overdue">
ADDUSERPAGE;
$query_users = 'SELECT user_id, first_name, last_name, username FROM users';
$result_users = mysqli_query($db, $query_users);
$selected = 1;
while ($row_users = mysqli_fetch_array($result_users)) {
$selected = $row_users['username'] === $parts_emailName_30[0] ? ' selected="selected"' : '';
print "<option value=\"{$row_users['user_id']}\" {$selected} ";
print ">{$row_users['first_name']} {$row_users['last_name']}</option>";
}
print <<<ADDUSERPAGE
</select>
<br>
</td>
</tr>
<tr>
\t\t <td>Email After 15 Days</td>
\t\t <td>
\t\t <select name="15_days_overdue">
ADDUSERPAGE;
$result_users_15 = mysqli_query($db, $query_users);
//$selected=1;
while ($row_users_15 = mysqli_fetch_array($result_users_15)) {
$selected = $row_users_15['username'] === $parts_emailName_15[0] ? ' selected="selected"' : '';
print "<option value=\"{$row_users_15['user_id']}\" {$selected} ";
print ">{$row_users_15['first_name']} {$row_users_15['last_name']}</option>";
}
print <<<ADDUSERPAGE
</select>
<br>
</td>
</tr>
<tr>
\t\t
\t\t</tbody>
</table>
<input type="hidden" name="_submit_check" value="1" />
\t <br>
<button formmethod="post" formaction="{$_SERVER['PHP_SELF']}" value="submit" name="Submit">Add User</button></form>
ADDUSERPAGE;
print '<h4 align="center"><a href="admin.php">Return to User Administration Page</a></h4>';
showFooter();
}
function showPage($username = '', $accessLvl = '', $errors = '')
{
showHeader($username, $accessLvl);
global $db;
include 'connectToDB.php';
if ($errors) {
//show errors at top of page
print '<h2 class = "error"> The following errors were encountered:</h2>';
print '<ul><li>';
print implode('</li><li>', $errors);
print '</li></ul>';
}
//if(isset($_POST['first_name']) && isset($_POST['last_name']) && isset($_POST['username'])){
print <<<ADDUSERPAGE
\t\t\t<h2 align="center">Add/Edit Accounting Recipients</h2>
\t\t\t<form method="POST" action="{$_SERVER['PHP_SELF']}" name="add_acc_rec">
\t\t <table style="width: 100%" border="1">
\t\t\t<tbody>
\t\t\t <tr>
\t\t\t\t<td>Accounting Recipient 1</td>
\t\t\t\t<td><input maxlength="50" name="accounting_recipient_1" type="text" value ="{$_POST['accounting_recipient_1']}"><br>
\t\t\t\t</td>
\t\t\t </tr>
\t\t\t \t<tr>
\t\t\t\t<td>Accounting Recipient 2</td>
\t\t\t\t<td><input maxlength="50" name="accounting_recipient_2" type="text" value ="{$_POST['accounting_recipient_2']}"><br>
\t\t\t\t</td>
\t\t\t </tr>
\t\t\t \t<tr>
\t\t\t\t<td>Accounting Recipient 3</td>
\t\t\t\t<td><input maxlength="50" name="accounting_recipient_3" type="text" value ="{$_POST['accounting_recipient_3']}"><br>
\t\t\t\t</td>
\t\t\t </tr>
\t\t\t
\t\t\t <tr>
\t\t\t\t<td>Billing Recipient 1</td>
\t\t\t\t<td><input maxlength="50" name="par1_recipient_1" type="text" value ="{$_POST['par1_recipient_1']}"><br>
\t\t\t\t</td>
\t\t\t </tr>
\t\t\t<tr>
\t\t\t\t<td>Billing Recipient 2</td>
\t\t\t\t<td><input maxlength="50" name="par1_recipient_2" type="text" value ="{$_POST['par1_recipient_2']}"><br>
\t\t\t\t</td>
\t\t\t </tr>
\t\t\t <tr>
\t\t\t\t<td>Billing Recipient 3</td>
\t\t\t\t<td><input maxlength="50" name="par1_recipient_3" type="text" value ="{$_POST['par1_recipient_3']}"><br>
\t\t\t\t</td>
\t\t\t </tr>
\t\t\t \t\t
\t\t\t\t\t
\t\t\t\t\t <tr>
\t\t\t\t<td>Overdue 15 Days Recipient 1</td>
\t\t\t\t<td><input maxlength="50" name="over15_recipient_1" type="text" value ="{$_POST['over15_recipient_1']}"><br>
\t\t\t\t</td>
\t\t\t </tr>
\t\t\t<tr>
\t\t\t\t<td>Overdue 15 Days Recipient 2</td>
\t\t\t\t<td><input maxlength="50" name="over15_recipient_2" type="text" value ="{$_POST['over15_recipient_2']}"><br>
\t\t\t\t</td>
\t\t\t </tr>
\t\t\t <tr>
\t\t\t\t<td>Overdue 15 Days Recipient 3</td>
\t\t\t\t<td><input maxlength="50" name="over15_recipient_3" type="text" value ="{$_POST['over15_recipient_3']}"><br>
\t\t\t\t</td>
\t\t\t </tr>
\t\t\t
\t\t\t\t\t <tr>
\t\t\t\t<td>Overdue 30 Days Recipient 1</td>
\t\t\t\t<td><input maxlength="50" name="over30_recipient_1" type="text" value ="{$_POST['over30_recipient_1']}"><br>
\t\t\t\t</td>
\t\t\t </tr>
\t\t\t<tr>
\t\t\t\t<td>Overdue 30 Days Recipient 2</td>
\t\t\t\t<td><input maxlength="50" name="over30_recipient_2" type="text" value ="{$_POST['over30_recipient_2']}"><br>
\t\t\t\t</td>
\t\t\t </tr>
\t\t\t <tr>
\t\t\t\t<td>Overdue 30 Days Recipient 3</td>
\t\t\t\t<td><input maxlength="50" name="over30_recipient_3" type="text" value ="{$_POST['over30_recipient_3']}"><br>
\t\t\t\t</td>
\t\t\t </tr>\t\t\t
\t\t\t\t\t
\t\t\t\t
\t\t\t\t\t <tr>
\t\t\t\t<td>Completed Recipient 1</td>
\t\t\t\t<td><input maxlength="50" name="completed_recipient_1" type="text" value ="{$_POST['completed_recipient_1']}"><br>
\t\t\t\t</td>
\t\t\t </tr>
\t\t\t
\t\t\t \t\t <tr>
<td>Re-Assign Refund To: </td>
<td>
<select name="assignee">
ADDUSERPAGE;
$query_users = 'SELECT user_id, first_name, last_name FROM users';
$result_users = mysqli_query($db, $query_users);
$selected = 1;
while ($row_users = mysqli_fetch_array($result_users)) {
print "<option value=\"{$row_users['user_id']}\"";
print ">{$row_users['first_name']} {$row_users['last_name']}</option>";
}
$query_users = 'SELECT user_id, first_name, last_name FROM users';
$result_users = mysqli_query($db, $query_users);
$selected = 1;
print <<<EDITUSERPAGE
</select>
<br>
</td>
</tr>
\t\t\t
\t\t\t<tr>
\t\t\t\t<td>Completed Recipient 2</td>
\t\t\t\t<td><input maxlength="50" name="completed_recipient_2" type="text" value ="{$_POST['completed_recipient_2']}"><br>
\t\t\t\t</td>
\t\t\t </tr>
\t\t\t <tr>
\t\t\t\t<td>Completed Recipient 3</td>
\t\t\t\t<td><input maxlength="50" name="completed_recipient_3" type="text" value ="{$_POST['completed_recipient_3']}"><br>
\t\t\t\t</td>
\t\t\t </tr>\t\t\t
\t\t\t\t\t <tr> Select A Name:
\t\t <select name="refund_search_term">
EDITUSERPAGE;
while ($row_users = mysqli_fetch_array($result_users)) {
print "<option value=\"{$row_users['user_id']}\"";
print $selected;
">{$row_users['first_name']} {$row_users['last_name']}</option>";
}
print <<<EDITUSERPAGE
\t\t </select>
\t\t <br>
\t\t</td>
\t </tr>\t
</tbody>
</table>
<input type="hidden" name="_submit_check" value="1" />
\t <br>
<button formmethod="post" formaction="{$_SERVER['PHP_SELF']}" value="submit" name="Submit">Submit Changes</button></form>
\t
EDITUSERPAGE;
//}
print '<h4 align="center"><a href="admin.php">Return to User Administration Page</a></h4>';
showFooter();
}
$row = mysql_fetch_assoc($results);
return composePaymentMethod($row['card_company'], $card_number);
}
function placeOrder()
{
// TODO: Do not die, display some useful links.
$books = $_COOKIE['books'];
if ($_SERVER['REQUEST_METHOD'] != 'POST' || empty($books)) {
echo "<p class='center'>There is no order to place.</p>";
return;
}
$connection = connect();
if (!updateInventory($connection, $books)) {
return;
}
$order_id = insertOrder($connection, $books);
if (empty($order_id)) {
return;
}
clearCart();
// NOTE: this has to be called prior to any output.
$payment_method = getPaymentMethodFromCardNumber($connection, $_POST['card_number']);
$total_price_string = $_POST['total_price_string'];
echo "\n <p class='center'>Your credit card\n <em><strong>{$payment_method}</strong></em>\n is charged <em><strong>\${$total_price_string}</strong></em>.</p>\n <p class='center'>\n <a href='show_order.php?order_id={$order_id}'>\n <em><strong>Order {$order_id}</strong></em></a>\n is placed successfully.</p>";
echo "<h2>Order Details</h2>";
showOrderFromOrderId($connection, $order_id);
mysql_close($connection);
}
showHeader('Place Order');
placeOrder();
showFooter();
<!-- Custom styles for this template -->
<link href="../css/navbar.css" rel="stylesheet">
<link href="../css/index.css" rel="stylesheet">
<!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body>
<?php
showHeader($lang);
?>
<div class="container" id="container_index">
<?php
if ($page == "main") {
main_page($data, $json_url);
} else {
if ($page == "video") {
video_page($data, $json_url);
} else {
if ($page == "main_server_error") {
main_page_error();
}
}
function showPage($username = '', $accessLvl = '', $errors = '')
{
//page where user will select user to edit
global $db;
showHeader($username, $accessLvl);
include 'connectToDB.php';
include 'pagination_functionality.php';
//include 'dump_all_page_contents.php';
if ($errors) {
//show errors at top of page
print '<h2 class = "error"> The following errors were encountered:</h2>';
print '<ul><li>';
print implode('</li><li>', $errors);
print '</li></ul>';
}
$query_dept = "SELECT dept_id FROM users WHERE user_id={$_SESSION['userid']}";
$result_dept = mysqli_query($db, $query_dept);
$dept_row = mysqli_fetch_array($result_dept);
$query_dept = "SELECT name FROM departments WHERE dept_id={$dept_row['dept_id']}";
$result_deptName = mysqli_query($db, $query_dept);
$dept_rowName = mysqli_fetch_array($result_deptName);
if ($accessLvl == 'U') {
//is access is only at the user level, then must match the refunds pulled to display only the current users created refunds
if ($dept_rowName['name'] == "Accounting") {
if (isset($_GET['refund_id'])) {
$query = "SELECT NG_enc_id, U.first_name, U.last_name, dt_request, status, dt_required, payable, \n\t\t\taddr_ln_1, addr_ln_2, city, state, zip, purpose, amount, status, comments, assigned_to,created_by,check_date,check_nbr \n\t\t\tFROM refund AS R \n\t\t\tINNER JOIN users AS U \n\t\t\tON R.created_by= U.user_id \n\t\t\tWHERE refund_id = '{$_GET['refund_id']}' \n\t\t\tAND (status='ACCOUNTING APPROVAL') \n\t\t\tAND assigned_to='{$_SESSION['userid']}' LIMIT " . $_SESSION['initialOffset'] . "," . $_SESSION['RowsPerPage'];
} else {
$query = "SELECT NG_enc_id, U.first_name, U.last_name, dt_request, status, dt_required, payable, \n\t\t\taddr_ln_1, addr_ln_2, city, state, zip, purpose, amount, status, comments, assigned_to,created_by,check_date,check_nbr \n\t\t\tFROM refund AS R INNER JOIN users AS U ON R.created_by= U.user_id WHERE refund_id = '{$_POST['refund_id']}' \n\t\t\tAND (status='ACCOUNTING APPROVAL') \n\t\t\tAND assigned_to='{$_SESSION['userid']}' LIMIT " . $_SESSION['initialOffset'] . "," . $_SESSION['RowsPerPage'];
}
} elseif ($dept_rowName['name'] == "Billing") {
if (isset($_GET['refund_id'])) {
$query = "SELECT NG_enc_id, U.first_name, U.last_name, dt_request, status, dt_required, payable, \n\t\t\taddr_ln_1, addr_ln_2, city, state, zip, purpose, amount, status, comments, assigned_to,created_by,check_date,check_nbr \n\t\t\tFROM refund AS R \n\t\t\tINNER JOIN users AS U \n\t\t\tON R.created_by= U.user_id \n\t\t\tWHERE refund_id = '{$_GET['refund_id']}' \n\t\t\tAND assigned_to='{$_SESSION['userid']}' LIMIT " . $_SESSION['initialOffset'] . "," . $_SESSION['RowsPerPage'];
} else {
$query = "SELECT NG_enc_id, U.first_name, U.last_name, dt_request, status, dt_required, payable, \n\t\t\taddr_ln_1, addr_ln_2, city, state, zip, purpose, amount, status, comments, assigned_to,created_by,check_date,check_nbr \n\t\t\tFROM refund AS R INNER JOIN users AS U ON R.created_by= U.user_id \n\t\t\tWHERE refund_id = '{$_POST['refund_id']}' \n\t\t\tAND assigned_to='{$_SESSION['userid']}' LIMIT " . $_SESSION['initialOffset'] . "," . $_SESSION['RowsPerPage'];
}
}
if (!isset($_SESSION['order'])) {
if ($dept_rowName['name'] == "Accounting") {
$query = "SELECT NG_enc_id, U.first_name, U.last_name, dt_request,amount, status,refund_id, payable,assigned_to \n\t\t\t\t\tFROM refund AS R \n\t\t\t\t\tINNER JOIN \n\t\t\t\t\tusers AS U \n\t\t\t\t\tON R.created_by = U.user_id \n\t\t\t\t\tWHERE status !='deleted' AND status !='VOIDED' AND (status='ACCOUNTING APPROVAL') AND assigned_to='{$_SESSION['userid']}' \n\t\t\t\t\tORDER BY dt_request,U.last_name,status LIMIT " . $_SESSION['initialOffset'] . "," . $_SESSION['RowsPerPage'];
} elseif ($dept_rowName['name'] == "Billing") {
$query = "SELECT NG_enc_id, U.first_name, U.last_name, dt_request,amount, status,refund_id, payable,assigned_to \n\t\t\t\t\tFROM refund AS R \n\t\t\t\t\tINNER JOIN \n\t\t\t\t\tusers AS U \n\t\t\t\t\tON R.created_by = U.user_id \n\t\t\t\t\tWHERE status !='deleted' AND status !='VOIDED' AND (status='ACCOUNTING APPROVED' OR status='NEW') assigned_to='{$_SESSION['userid']}' \n\t\t\t\t\tORDER BY dt_request,U.last_name,status AND LIMIT " . $_SESSION['initialOffset'] . "," . $_SESSION['RowsPerPage'];
}
} else {
if ($dept_rowName['name'] == "Accounting") {
$query = "SELECT NG_enc_id, U.first_name, U.last_name, dt_request,amount, status,refund_id, payable,assigned_to \n\t\t\t\t\tFROM refund AS R \n\t\t\t\t\tINNER JOIN \n\t\t\t\t\tusers AS U \n\t\t\t\t\tON R.created_by = U.user_id \n\t\t\t\t\tWHERE status !='deleted' AND status !='VOIDED' AND (status='ACCOUNTING APPROVAL') AND assigned_to='{$_SESSION['userid']}' \n\t\t\t\t\tORDER BY " . $_SESSION['order'] . " LIMIT " . $_SESSION['initialOffset'] . "," . $_SESSION['RowsPerPage'];
} elseif ($dept_rowName['name'] == "Billing") {
$query = "SELECT NG_enc_id, U.first_name, U.last_name, dt_request,amount, status,refund_id, payable,assigned_to \n\t\t\t\t\tFROM refund AS R \n\t\t\t\t\tINNER JOIN \n\t\t\t\t\tusers AS U \n\t\t\t\t\tON R.created_by = U.user_id \n\t\t\t\t\tWHERE status !='deleted' AND status !='VOIDED' AND (status='ACCOUNTING APPROVED' OR status='NEW') AND assigned_to='{$_SESSION['userid']}' \n\t\t\t\t\tORDER BY " . $_SESSION['order'] . " LIMIT " . $_SESSION['initialOffset'] . "," . $_SESSION['RowsPerPage'];
}
}
} else {
//else access levels
if (!isset($_SESSION['order'])) {
if ($dept_rowName['name'] == "Accounting") {
$query = "SELECT NG_enc_id, U.first_name, U.last_name, dt_request,amount, status,refund_id, payable,assigned_to,\n\t\t\t\t\taccounting_approval,billing_initial_approval,billing_final_approval,urgent \n\t\t\t\t\tFROM refund AS R \n\t\t\t\t\tINNER JOIN \n\t\t\t\t\tusers AS U \n\t\t\t\t\tON R.created_by = U.user_id \n\t\t\t\t\tWHERE status !='deleted' AND status !='VOIDED' AND (status='ACCOUNTING APPROVAL') AND assigned_to='{$_SESSION['userid']}' \n\t\t\t\t\tORDER BY dt_request,U.last_name,status LIMIT " . $_SESSION['initialOffset'] . "," . $_SESSION['RowsPerPage'];
} elseif ($dept_rowName['name'] == "Billing") {
$query = "SELECT NG_enc_id, U.first_name, U.last_name, dt_request,amount, status,refund_id, payable,assigned_to,\n\t\t\t\t\taccounting_approval,billing_initial_approval,billing_final_approval,urgent \n\t\t\t\t\tFROM refund AS R \n\t\t\t\t\tINNER JOIN \n\t\t\t\t\tusers AS U \n\t\t\t\t\tON R.created_by = U.user_id \n\t\t\t\t\tWHERE status !='deleted' AND status !='VOIDED' AND (status='ACCOUNTING APPROVED' OR status='NEW') AND assigned_to='{$_SESSION['userid']}' \n\t\t\t\t\tORDER BY dt_request,U.last_name,status LIMIT " . $_SESSION['initialOffset'] . "," . $_SESSION['RowsPerPage'];
}
} else {
if ($dept_rowName['name'] == "Accounting") {
$query = "SELECT NG_enc_id, U.first_name, U.last_name, dt_request,amount, status,refund_id, payable,assigned_to,\n\t\t\t\t\taccounting_approval,billing_initial_approval,billing_final_approval,urgent \t\t\t\n\t\t\t\t\tFROM refund AS R \n\t\t\t\t\tINNER JOIN \n\t\t\t\t\tusers AS U \n\t\t\t\t\tON R.created_by = U.user_id \n\t\t\t\t\tWHERE status !='deleted' AND status !='VOIDED' AND (status='ACCOUNTING APPROVAL') AND assigned_to='{$_SESSION['userid']}' \n\t\t\t\t\tORDER BY " . $_SESSION['order'] . " LIMIT " . $_SESSION['initialOffset'] . "," . $_SESSION['RowsPerPage'];
} elseif ($dept_rowName['name'] == "Billing") {
$query = "SELECT NG_enc_id, U.first_name, U.last_name, dt_request,amount, status,refund_id, payable,assigned_to,\n\t\t\t\t\taccounting_approval,billing_initial_approval,billing_final_approval,urgent \n\t\t\t\t\tFROM refund AS R \n\t\t\t\t\tINNER JOIN \n\t\t\t\t\tusers AS U \n\t\t\t\t\tON R.created_by = U.user_id \n\t\t\t\t\tWHERE status !='deleted' AND status !='VOIDED' and (status='ACCOUNTING APPROVED' OR status='NEW') AND assigned_to='{$_SESSION['userid']}' \n\t\t\t\t\tORDER BY dt_request,U.last_name,status LIMIT " . $_SESSION['initialOffset'] . "," . $_SESSION['RowsPerPage'];
}
}
}
echo 'new query <br>';
echo $query;
echo '<br>';
$result = mysqli_query($db, $query);
$arrayRefundUsers = array();
$queryUserIDs = "SELECT user_id, first_name, last_name FROM users";
$resultUserIDs = mysqli_query($db, $queryUserIDs);
$ctr = 0;
while ($row = mysqli_fetch_array($resultUserIDs)) {
$arrayRefundUsers[$row['user_id']] = $row['first_name'] . ' ' . $row['last_name'];
}
$row = mysqli_fetch_array($result);
print '<br /><br /><div align = "center"><b><h2>Assigned Refunds </h2></b>';
if (sizeof($row)) {
///////HEADINGS FROM THE REFUNDS PAGE//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
print '<div align = "center"><p>Refund Requests Currently Assigned to you: </p><br>';
print '<table border="1" cellpadding = "3">
<tr>
<td><center><b><a href=' . $_SERVER['PHP_SELF'] . '?encounter_num=y>Encounter Number</a></b></center></td>
<td><center><b><a href=' . $_SERVER['PHP_SELF'] . '?refund_id=y>Refund ID</a></b></center></td>
<td><center><b><a href=' . $_SERVER['PHP_SELF'] . '?encounter_date=y>Date Requested</a></b></center></td>
<td><center><b><a href=' . $_SERVER['PHP_SELF'] . '?urgent=y>Urgent</a></b></center></td>
<td><center><b><a href=' . $_SERVER['PHP_SELF'] . '?requested_by=y>Requested By</a></b></center></td>
<td><center><b><a href=' . $_SERVER['PHP_SELF'] . '?payable_order=y>Payable To</a></b></center></td>
<td><center><b><a href=' . $_SERVER['PHP_SELF'] . '?amount_order=y>Amount</a></b></center></td>
<td><center><b><a href=' . $_SERVER['PHP_SELF'] . '?status_order=y>Status</a></b></center></td>
<td><center><b><a href=' . $_SERVER['PHP_SELF'] . '?status_order=y>Assigned To</a></b></center></td>';
///////END HEADINGS FROM THE REFUNDS PAGE////////////////////?////////////////////////////////////////////////////////////////////////////////////////////////////////
/*
<td><b><center>Actions</center></b></td>
*/
$result_display_ctr = 0;
$current_date = date("Y-m-d H:i:s");
$result = mysqli_query($db, $query);
while ($row = mysqli_fetch_array($result)) {
$today_dt = $entered_dt = $interval = $refund_requested_by = $date_requested = $refund_assigned_to = $interval = "";
calculateInterval($row, $refund_requested_by, $date_requested, $today_dt, $entered_dt, $interval, $refund_assigned_to);
$refund_assigned_to = "";
$queryUserIDs = "SELECT first_name, last_name FROM users WHERE user_id= '{$row['assigned_to']}'";
$resultUserIDs = mysqli_query($db, $queryUserIDs);
while ($rowUserIds = mysqli_fetch_array($resultUserIDs)) {
//build up the assigned to username
$refund_assigned_to = $rowUserIds['first_name'] . ' ' . $rowUserIds['last_name'];
}
if ($result_display_ctr < $_SESSION['RowsPerPage']) {
$result_display_ctr++;
if ($row['urgent']) {
print '<tr bgcolor=#EE0000 height=50>';
} elseif ($interval->days > 30 && $row['status'] != "COMPLETED") {
print '<tr bgcolor=#FF69B4>';
} elseif ($interval->days >= 15 && $interval->days < 30 && $row['status'] != "COMPLETED") {
print '<tr bgcolor=yellow>';
} elseif ($interval->days <= 1 && $row['status'] != "COMPLETED") {
print '<tr bgcolor=#00BB00>';
} else {
print '<tr>';
}
//print '<tr>
print '<td><a href="' . $_SERVER['PHP_SELF'] . '?refund_id=' . $row['refund_id'] . '&action=edit">' . $row['NG_enc_id'] . '</a></td>
<td><a href="' . $_SERVER['PHP_SELF'] . '?refund_id=' . $row['refund_id'] . '&action=edit">' . $row['refund_id'] . '</a></td>
<td>' . $row['dt_request'] . '</td>
<td>' . ($row['urgent'] ? 'Yes' : 'No') . '</td>
<td>' . $row['first_name'] . ' ' . $row['last_name'] . '</td>
<td>' . $row['payable'] . '</td>';
print '<td>$ ' . $row['amount'] . '</td>';
if (!$row['accounting_approval'] && !$row['billing_initial_approval'] && !$row['billing_final_approval']) {
print '<td>NEW</td>';
} elseif (!$row['accounting_approval'] && $row['billing_initial_approval']) {
print '<td>ACCOUNTING APPROVAL</td>';
} elseif ($row['accounting_approval'] && $row['billing_initial_approval'] && !$row['billing_final_approval']) {
print '<td>ACCOUNTING APPROVED</td>';
} elseif ($row['accounting_approval'] && $row['billing_initial_approval'] && $row['billing_final_approval']) {
print '<td>ACCOUNTING VERIFIED</td>';
} elseif ($row['status'] == "REJECTED") {
print '<td>REJECTED</td>';
} elseif ($row['status'] == "VOIDED") {
print '<td>VOIDED</td>';
}
print '<td>' . $refund_assigned_to . '</td>';
print '</td></tr>';
}
instantiate_page_variables($row, $tempOrigStartPosition, $page, $URL_String_BACK, $URL_String_FORWARD);
}
print '</table></div>';
if (sizeof($row) > $_SESSION['RowsPerPage']) {
//only conditionally display the pagination
displayPagination($row, $tempOrigStartPosition, $URL_String_BACK, $URL_String_FORWARD);
}
} else {
//end if they have refunds
echo '<br><br>';
echo '<center><b> You currently have no refunds assigned to you! </b></center>';
}
showFooter();
}
function showPage($username = '', $accessLvl = '', $errors = '')
{
showHeader($username, $accessLvl);
global $db;
include 'connectToDB.php';
if ($errors) {
//show errors at top of page
print '<h2 class = "error"> The following errors were encountered:</h2>';
print '<ul><li>';
print implode('</li><li>', $errors);
print '</li></ul>';
}
//if(isset($_POST['first_name']) && isset($_POST['last_name']) && isset($_POST['username'])){
print <<<ADDUSERPAGE
\t\t\t<h2 align="center">Add/Edit PAR1 Recipients</h2>
\t\t\t<form method="POST" action="{$_SERVER['PHP_SELF']}" name="add_acc_rec">
\t\t <table style="width: 100%" border="1">
\t\t\t<tbody>
\t\t\t \t\t
\t\t\t <tr>
<td>PAR1 Recipient 1 </td>
<td>
<select name="par1_recipient_1">
ADDUSERPAGE;
$query_users = 'SELECT user_id, first_name, last_name FROM users';
$result_users = mysqli_query($db, $query_users);
$query_users_rec_1 = "SELECT recipient_1 FROM email_recipients WHERE step='par1' ";
$result_users_rec_1 = mysqli_query($db, $query_users_rec_1);
$rec_1 = mysqli_fetch_array($result_users_rec_1);
while ($row_users = mysqli_fetch_array($result_users)) {
$selected = $row_users['user_id'] === $rec_1['recipient_1'] ? ' selected="selected"' : '';
print "<option value=\"{$row_users['user_id']}\"";
print " {$selected} >{$row_users['first_name']} {$row_users['last_name']}</option>";
}
$query_users = 'SELECT user_id, first_name, last_name FROM users';
$result_users = mysqli_query($db, $query_users);
print <<<EDITUSERPAGE
</select>
<br>
</td>
</tr>
\t\t\t <tr>
<td>PAR1 Recipient 2</td>
<td>
<select name="par1_recipient_2">\t\t
\t\t\t
EDITUSERPAGE;
$query_users = 'SELECT user_id, first_name, last_name FROM users';
$result_users = mysqli_query($db, $query_users);
$query_users_rec_2 = "SELECT recipient_2 FROM email_recipients WHERE step='par1' ";
$result_users_rec_2 = mysqli_query($db, $query_users_rec_2);
$rec_2 = mysqli_fetch_array($result_users_rec_2);
print "<option value=\"\"></option>";
while ($row_users = mysqli_fetch_array($result_users)) {
$selected = $row_users['user_id'] === $rec_2['recipient_2'] ? ' selected="selected"' : '';
print "<option value=\"{$row_users['user_id']}\"";
print " {$selected}>{$row_users['first_name']} {$row_users['last_name']}</option>";
}
$query_users = 'SELECT user_id, first_name, last_name FROM users';
$result_users = mysqli_query($db, $query_users);
print <<<EDITUSERPAGES
</select>
<br>
</td>
</tr>
\t\t
\t\t <td>PAR1 Recipient 3</td>
\t\t <td>
\t\t <select name="par1_recipient_3">\t\t
EDITUSERPAGES;
$query_users = 'SELECT user_id, first_name, last_name FROM users';
$result_users = mysqli_query($db, $query_users);
$selected = 1;
$query_users_rec_3 = "SELECT recipient_3 FROM email_recipients WHERE step='par1' ";
$result_users_rec_3 = mysqli_query($db, $query_users_rec_3);
$rec_3 = mysqli_fetch_array($result_users_rec_3);
print "<option value=\"\"></option>";
while ($row_users = mysqli_fetch_array($result_users)) {
$selected = $row_users['user_id'] === $rec_3['recipient_3'] ? ' selected="selected"' : '';
print "<option value=\"{$row_users['user_id']}\"";
print " {$selected}>{$row_users['first_name']} {$row_users['last_name']}</option>";
}
print <<<EDITUSERPAGES
</select>
<br>
</td>
</tr>\t\t
\t\t
</tbody>
</table>
<input type="hidden" name="_submit_check" value="1" />
\t <br>
<center><button formmethod="post" formaction="{$_SERVER['PHP_SELF']}" value="submit" name="Submit">Submit Changes</button></center>
\t </form>
\t
EDITUSERPAGES;
//}
echo '<br><br>';
print '<h4 align="center"><a href="admin.php">Return to User Administration Page</a></h4>';
showFooter();
}
function showEditPage($username = '', $accessLvl = '', $errors = '')
{
//page where user will actually edit user information
//echo 'hi';
showHeader($username, $accessLvl);
global $db;
?>
<html lang="en">
<head>
<meta charset="utf-8">
<title>jQuery UI Datepicker - Default functionality</title>
<link rel="stylesheet" href="//code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css">
<script src="//code.jquery.com/jquery-1.10.2.js"></script>
<script src="//code.jquery.com/ui/1.11.4/jquery-ui.js"></script>
<link rel="stylesheet" href="/resources/demos/style.css">
<script>
$(function() {
$( "#datepickerSTART" ).datepicker();
});
$(function() {
$( "#datepickerEND" ).datepicker();
});
</script>
</head>
<body>
</body>
</html>
<?php
if ($errors) {
//show errors at top of page
print '<h2 class = "error"> The following errors were encountered:</h2>';
print '<ul><li>';
print implode('</li><li>', $errors);
print '</li></ul>';
}
$query = "SELECT NG_enc_id, U.first_name, U.last_name, dt_request, dt_required, payable, addr_ln_1, addr_ln_2, city, \n\tstate, zip, purpose, amount, status, comments \n\tFROM refund AS R INNER JOIN users AS U \n\tON R.created_by= U.user_id WHERE refund_id = '{$_GET['refund_id']}'";
$result = mysqli_query($db, $query);
$row = mysqli_fetch_array($result);
//echo $query;
//echo '<br>';
print <<<EDITUSERPAGE
<h2 align="center">Edit Refund INDEX PAGE</h2>
<a href="index.php">Back to Refunds</a>
\t\t<form method="POST" action="{$_SERVER['PHP_SELF']}" name="update_refund">
<table style="width: 100%" border="1">
<tbody>
<tr>
<td>Date Required</td>
\t\t\t<td><input type="text" name="dt_request" id="datepickerSTART" value ="{$row['dt_request']}"></td>
</tr>
<tr>
\t<td>Amount</td>
\t<td>\$<input maxlength="50" name="amount" type="text" value ="{$row['amount']}"><br />
</tr>
<tr>
<td>Check Payable To:</td>
<td><input name="payable" type="text" value="{$row['payable']}">
</td>
</tr>
<tr>
<td>Address Line 1</td>
<td><input name="addr_ln_1" type="text" value="{$row['addr_ln_1']}">
</td>
</tr>
<tr>
<td>Address Line 2</td>
<td><input name="addr_ln_2" type="text" value="{$row['addr_ln_2']}">
</td>
</tr>
<tr>
<td>City</td>
<td><input name="city" type="text" value="{$row['city']}">
</td>
<tr>
<td>State</td>
<td><input maxlength="2" name="state" type="text" value="{$row['state']}">
</td>
</tr>
<tr>
<td>Zip</td>
<td><input maxlength="10" name="zip" type="text" value="{$row['zip']}">
</td>
</tr>
<tr>
<td>Encounter Number</td>
<td><input name="enc_nbr" type="text" readonly value="{$row['NG_enc_id']}">
</td>
</tr>
\t\t <tr>
<td>Refund ID</td>
<td><input name="refund_id" type="text" value="{$row['refund_id']}">
</td>
</tr>
<tr>
<td>Purpose</td>
<td><input name="purpose" type="text" value="{$row['purpose']}">
</td>
</tr>
<tr>
<td>Comments</td>
<td><input name="comments" type="text" value="{$row['comments']}">
</td>
</tr>
</tbody>
</table>
<input type="hidden" name="_edit_submit" value="1" />
<input type="hidden" name="refund_id" value = "{$_GET['refund_id']}">
<button formmethod="post" formaction="{$_SERVER['PHP_SELF']}" value="submit" name="Submit">Update Refund</button></form>
EDITUSERPAGE;
showFooter();
}
echo "\n <form action='manager_database.php' method='post' id='{$description}'>\n <input type='hidden' name='query' value='{$query}'>\n <a href='#' onclick='submitQuery(\"{$description}\"); return false;'>\n {$description}\n </a>\n </form>";
}
function showExampleQueries()
{
echo "\n <br>\n <fieldset>\n <legend>Example Queries</legend>";
showExampleQuery("Show Books", "SELECT * FROM books JOIN inventory on books.isbn = inventory.isbn;");
showExampleQuery("Show Customers", "SELECT * FROM customers;");
showExampleQuery("Show Employees", "SELECT * FROM employees;");
showExampleQuery("Show Orders", "SELECT * FROM orders;");
showExampleQuery("Show Customer Addresses", "SELECT customer_id, street_number, street_name, city, state, zip_code " . "FROM customer_address INNER JOIN address USING " . "(street_number, street_name, city, state);");
showExampleQuery("Show Employee Addresses", "SELECT employee_id, street_number, street_name, city, state, zip_code " . "FROM employee_address INNER JOIN address USING " . "(street_number, street_name, city, state);");
showExampleQuery("Show Customer Reviews", "SELECT * FROM comments;");
showExampleQuery("Show Suppliers", "SELECT * FROM suppliers;");
echo "</fieldset>";
}
showHeader('Direct Access to Database');
?>
<form action="<?php
echo $_SERVER['PHP_SELF'];
?>
" method="post">
<fieldset>
<legend>Enter the query below</legend>
<p class="form">
<label>Query: </label>
<textarea name="query" style='vertical-align: middle;'
cols='50' rows='2'><?php
echo $_POST['query'];
?>
</textarea>
</p>
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Obter Notícias</title>
<link rel="stylesheet" href="common/style.css">
<link rel="stylesheet" href="http://code.jquery.com/ui/1.9.2/themes/base/jquery-ui.css" />
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"></script>
<script src="//ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js"></script>
<script src="https://raw.github.com/jquery/jquery-ui/master/ui/i18n/jquery.ui.datepicker-pt.js"></script>
<script src="common/get_news.js"></script>
</head>
<body>
<?php
showHeader('Obter notícias de outros servidores');
?>
<div id="menu">
<ul>
<a href="./"><img src="common/home.png"></a>
</ul>
<ul style="display:inline;" class="login"> <!-- had to define style because there was a bug in Chrome where the display:inline wouldnt work from the css file-->
<?php
echo "<li>Bem-vindo <a href=ver_perfil_utilizador.php?id=" . $_SESSION['user_id'] . ">" . $_SESSION['username'] . "</a></li><li><a href=\"logout.php\">Logout</a></li>";
?>
</ul>
</div>
<div id="conteudo">
<?php
if ($_SERVER['REQUEST_METHOD'] != "POST") {
$stmt = $db->query('SELECT count(*) as count FROM server');
<?php
/**
* This page lists all the equipment
* @author Joe Lotz
*/
// Don't forget the include
include 'common.inc.php';
// Display the header
showHeader('Books');
// Get the count of books and issue the query
$sql = "SELECT authors.id AS authorId, firstName, lastName, books.*\n FROM authors, books WHERE author=authors.id ORDER BY title";
$totalBooks = getRowCount($sql);
$q = $conn->query($sql);
$q->setFetchMode(PDO::FETCH_ASSOC);
// now create the table
?>
Total books: <?php
echo $totalBooks;
?>
<table width="100%" border="1" cellpadding="3">
<tr style="font-weight: bold">
<td>Cover</td>
<td>Author and Title</td>
<td>ISBN</td>
<td>Publisher</td>
<td>Year</td>
<td>Summary</td>
<td>Edit</td>
</tr>
<?php
function showMeassage($message, $urlForward = '', $type = 'message', $success = 0)
{
showHeader();
if ($type == 'message') {
echo '<div class="status-tip status-tip-' . ($success ? 'success' : 'error') . '">' . $message . '</div>';
} elseif ($type == 'redirect') {
echo "{$message} ...";
echo "<br /><br /><br /><a href=\"{$urlForward}\">浏览器会自动跳转页面,无需人工干预。除非当您的浏览器长时间没有自动跳转时,请点击这里</a>";
echo "<script>setTimeout(\"redirect('{$urlForward}');\", 1250);</script>";
} elseif ($type == 'confirm') {
echo "{$message}";
echo "<br /><br /><br /><button class=\"btn btn-primary\" id=\"confirmbtn\" onclick=\"redirect('{$urlForward}')\">确定</button><button class=\"btn\" id=\"cancelbtn\" onclick=\"redirect('restore.php')\">取消</button>";
}
showFooter();
}
} else {
echo "<p class='center'>Found {$num_rows} books.</p>";
}
}
function searchBooks()
{
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
return;
}
$query = composeQuery();
$connection = connect();
$results = mysql_query($query, $connection);
showResults($results);
mysql_close($connection);
}
showHeader('Search Books');
?>
<form action="<?php
echo $_SERVER['PHP_SELF'];
?>
" method="post">
<fieldset>
<legend>Enter the search criteria below</legend>
<p class="form">
<label>ISBN: </label>
<input type="text" name="isbn" value="<?php
echo $_POST['isbn'];
?>
">
</p>
<p class="form">
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<?php
includeCss();
includeJs();
?>
<title>
List Postoffice
</title>
</head>
<body>
<?php
showHeader();
showLeftColLayout();
showLeftCol($authorise);
showMdlColLayout();
showMdlCol($authorise, $filterValue);
showFooter();
?>
</body>
</html>
<?php
function showLeftCol($authorise)
{
showLeftMenuBar($authorise);
}
function showMdlCol($authorise, $filterValue)
/**
* Run all tests at once, outputting all results
* @package Test
* @author Alan Hardman <*****@*****.**>
*/
/**
* Show a header formatted for CLI or web
* @param string $title
*/
function showHeader($title)
{
if (PHP_SAPI == 'cli') {
echo "\n--- {$title} ---\n";
} else {
echo "<h2>{$title}</h2>\n";
}
}
if (PHP_SAPI != 'cli') {
?>
<!DOCTYPE html>
<html lang="en">
<meta charset="utf-8">
<meta name="viewport" content="initial-scale=1, minimum-scale=1, width=device-width">
<title>Unit Test Results</title>
<h1>Unit Test Results</h1>
<?php
}
showHeader("Issues");
include "issues.php";
showHeader("Strings");
include "strings.php";
<!-- Bootstrap -->
<link href="../css/bootstrap.min.css" rel="stylesheet">
<link href="../css/style.css" rel="stylesheet">
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body>
<?php
showHeader("register");
?>
<div class="row row-centered">
<form class="form-horizontal reg-form" action="../php/registration.php" method="POST">
<fieldset>
<div id="legend">
<legend class="">Регистрация</legend>
</div>
<div class="control-group">
<!-- Username -->
<label class="control-label" for="user_login">Логин</label>
<div class="controls">
<input type="text" id="user_login" name="user_login" placeholder="" class="input-xlarge">
<p class="help-block"></p>
</div>
function showPage($username = '', $accessLvl = '', $errors = '')
{
showHeader($username, $accessLvl);
global $db;
if ($errors) {
//show errors at top of page
print '<h2 class = "error"> The following errors were encountered:</h2>';
print '<ul><li>';
print implode('</li><li>', $errors);
print '</li></ul>';
}
if (isset($_POST['amount'])) {
print <<<ADDREFUNDPAGE
\t\t<h2 align="center">Add a New Refund</h2>
\t\t<a href="refunds.php">Back to Refunds</a>
\t<br/><br/>
\t
\t\t<form method="POST" action="{$_SERVER['PHP_SELF']}" name="add_refund" enctype="multipart/form-data">
<table style="width: 100%" border="1">
<tbody>
<tr>
<td>Urgent</td>
<td><input maxlength="50" name="urgent" type="checkbox" value ="1"><br>
</td>
</tr>
<tr>
\t<td>Amount</td>
\t\t\t
\t<td><input maxlength="50" name="amount" type="text" value ="{$_POST['amount']}"><br />
</tr>
<tr>
<td>Check Payable To:</td>
<td><input name="payable" type="text" value="{$_POST['payable']}">
</td>
</tr>
<tr>
<td>Address Line 1</td>
<td><input name="addr_ln_1" type="text" value="{$_POST['addr_ln_1']}">
</td>
</tr>
<tr>
<td>Address Line 2</td>
<td><input name="addr_ln_2" type="text" value="{$_POST['addr_ln_2']}">
</td>
</tr>
<tr>
<td>City</td>
<td><input name="city" type="text" value="{$_POST['city']}">
</td>
<tr>
<td>State</td>
<td><input maxlength="2" name="state" type="text" value="{$_POST['state']}">
</td>
</tr>
<tr>
<td>Zip</td>
<td><input maxlength="10" name="zip" type="text" value="{$_POST['zip']}">
</td>
</tr>
<tr>
<td>Encounter Number</td>
<td><input name="enc_nbr" type="text" value="{$_POST['enc_nbr']}">
</td>
</tr>
<tr>
<td>Purpose</td>
<td><input name="purpose" type="text" value="{$_POST['purpose']}">
</td>
</tr>
<tr>
<td>Comments</td>
<td><textarea name="comments" cols="20" rows="4" value="{$_POST['comments']}" ></textarea>
</td>
</tr>
<tr>
\t<td>Attachment 1</td>
\t<td><input type="file" name="file1" ></td>
</tr>
<tr>
\t<td>Attachment 2</td>
\t<td><input type="file" name="file2"></td>
</tr>
<tr>
\t<td>Attachment 3</td>
\t<td><input type="file" name="file3"></td>
</tr>
<tr>
\t<td>Attachment 4</td>
\t<td><input type="file" name="file4"></td>
</tr>
<tr>
\t<td>Attachment 5</td>
\t<td><input type="file" name="file5"></td>
</tr>
</tbody>
</table>
<input type="hidden" name="_submit_check" value="1" />
\t <br/>
<button formmethod="post" formaction="{$_SERVER['PHP_SELF']}" value="submit" name="Submit">Request Refund</button></form>
ADDREFUNDPAGE;
} else {
print <<<ADDREFUNDPAGE
\t\t<h2 align="center">Add a New Refund</h2>
\t\t\t<a href="refunds.php">Back to Refunds</a>
\t<br/><br/>
\t\t<form method="POST" action="{$_SERVER['PHP_SELF']}" name="add_refund" enctype="multipart/form-data">
<table style="width: 100%" border="1">
<tbody>
<tr>
<td>Urgent</td>
<td><input maxlength="50" name="urgent" type="checkbox" value ="1"><br>
</td>
</tr>
<tr>
\t<td>Amount</td>
\t\t\t
\t<td><input maxlength="50" name="amount" type="text" value =""><br />
</tr>
<tr>
<td>Check Payable To:</td>
<td><input name="payable" type="text" value="">
</td>
</tr>
<tr>
<td>Address Line 1</td>
<td><input name="addr_ln_1" type="text" value="">
</td>
</tr>
<tr>
<td>Address Line 2</td>
<td><input name="addr_ln_2" type="text" value="">
</td>
</tr>
<tr>
<td>City</td>
<td><input name="city" type="text" value="">
</td>
<tr>
<td>State</td>
<td><input maxlength="2" name="state" type="text" value="">
</td>
</tr>
<tr>
<td>Zip</td>
<td><input maxlength="10" name="zip" type="text" value="">
</td>
</tr>
<tr>
<td>Encounter Number</td>
<td><input name="enc_nbr" type="text" value="">
</td>
</tr>
<tr>
<td>Purpose</td>
<td><input name="purpose" type="text" value="">
</td>
</tr>
<tr>
<td>Comments</td>
<td><textarea name="comments" cols="20" rows="4" value="" ></textarea>
</td>
</tr>
<tr>
\t<td>Attachment 1</td>
\t<td><input type="file" name="file1" ></td>
</tr>
<tr>
\t<td>Attachment 2</td>
\t<td><input type="file" name="file2"></td>
</tr>
<tr>
\t<td>Attachment 3</td>
\t<td><input type="file" name="file3"></td>
</tr>
<tr>
\t<td>Attachment 4</td>
\t<td><input type="file" name="file4"></td>
</tr>
<tr>
\t<td>Attachment 5</td>
\t<td><input type="file" name="file5"></td>
</tr>
</tbody>
</table>
<input type="hidden" name="_submit_check" value="1" />
\t <br/>
<button formmethod="post" formaction="{$_SERVER['PHP_SELF']}" value="submit" name="Submit">Request Refund</button></form>
ADDREFUNDPAGE;
}
showFooter();
}
function showPost($title, $url, $path, $tags, $pdate)
{
showHeader($title);
showPostContent($title, $url, $path, $tags, $pdate, false);
showFooter();
return true;
}
}
if ($action == "edit" && $id) {
$sql = "SELECT Name, Note FROM restaurants WHERE id='{$id}' LIMIT 1;";
$db->query($sql);
if ($row = $db->fetchrow()) {
list($name, $note) = $row;
$button = "Save";
$action = "save";
$task = "Edit";
$idInput = '<input type="hidden" name="id" value="' . $id . '"/>';
}
}
if (!$name || !$task || !$button) {
$button = "Create";
$action = "add";
$task = "Add New";
$idInput = "";
}
$db->query("SELECT ID,Name,Note from restaurants ORDER BY Name DESC");
$body .= "<table><thead><tr><td>Name</td><td>Note</td><td>Delete</td></tr></thead><tbody>";
while (list($id, $rName, $rNote) = $db->fetchrow()) {
$body .= "<tr><td><a href=\"?action=edit&id={$id}\">{$rName}</a></td><td>{$rNote}</td><td><a href=\"?action=delete&id={$id}\" onclick=\"return confirm('Deleting this restaurant will destroy all history and preference data stored with it. Are you sure?!')\"><img src=\"delete.png\" alt=\"delete\"/></a></td></tr>";
}
$body .= "</tbody></table>";
$body .= '<br/><form method="get"><input type="hidden" name="action" value="' . $action . '"/>' . $idInput . '
<h2>' . $task . ' Restaurant:</h2> <input type="text" placeholder="Restaurant Name" name="name" value="' . $name . '"/><br/>Notes:<br/>
<textarea name="note" style="width:400px;height:100px;">' . htmlentities($note) . '</textarea><br/><button type="submit">' . $button . '</button></form>';
// Render to Screen
print showHeader("Restaurants");
print $body;
print showFooter();
document.getElementById("city").value = geoip_city();
document.getElementById("state").value = geoip_region_name();
}
function init(){
setLocDetails();
}
</script>
</head>
<body onload="init()">
<div class="mainArea">
<?php
showHeader($uid, "");
?>
<div class="rest">
<div class="personalDetailsArea">
<div id="dialogRegister" style="">
<?php
if ($uid != null) {
?>
<form id="orderForm1" action="orderComplete.php" method="post" onsubmit="return formValidate(this.id,'oe',0,0,0);">
<div style="width: 100%; height: 40px; background: rgb(255,201,14); border-radius: 10px 10px 0px 0px; box-shadow: 0px 0px 5px 1px gray inset; font-weight: bold; text-align: center; color: black; font-size: 24px; padding-top: 5px;">
Order Details
</div>
<div style="width: 100%;">
<div style="display: inline-block; width: 50%; padding: 10px 10px 10px 10px; color: white; border-right: 1px solid white;">
<?php
$res = mysql_query("select Email,Username from customerdetails where CID='{$uid}'");
<?php
if (!empty($id)) {
echo "<script src=\"common/alertnews.js\"></script>";
}
?>
</head>
<body>
<?php
if (!empty($tag)) {
//tag search
showHeader('#' . $tag);
} elseif (!empty($fav)) {
//favorites
showHeader('Favoritos');
} else {
showHeader('');
}
?>
<div id="menu">
<ul>
<?php
if (loggedIn()) {
echo "<a href=\"./\"><img src=\"common/home.png\"></a><li><a href=\"./?fav=1\">Meus favoritos</a></li>";
if (editor() || admin()) {
echo "<li><a href=\"nova_noticia.php\">Inserir notícia</a></li>";
}
if (admin()) {
echo "<li><a href=\"procurar_utilizador.php\">Gerir utilizadores</a></li>" . "<li><a href=\"gerir_servidor.php\">Gerir servidores</a></li>" . "<li><a href=\"obter_noticias.php\">Obter notícias</a></li>";
}
} else {
echo "<li></li>";
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*
* see http://www.gnu.org/licenses/gpl.html for more information
*/
require "functions.inc.php";
requireUser();
if ($_POST["action"] == "new") {
$body = newHistory();
} else {
if ($_GET["action"] == "delete") {
$body = deleteHistory();
}
}
$body .= main();
print showHeader("History");
echo $body;
print showFooter();
function main()
{
$body .= '
<script><!--
$(document).ready(function(){
$("#visit").datepicker({
firstDay: 1
});
});
-->
</script>
<fieldset><legend>Add a new visit</legend><form method="post">
<label>Restaurant <select name="restaurant">';
<?php
require_once 'shared_functions.php';
requireEmployeeLogin();
showHeader('Main Menu for Managers');
?>
<fieldset>
<h2><a href='manager_database.php'>Direct Access to Database</a></h2>
<h2><a href='manager_sales_summary.php'>Show Monthly Sales Summary</a></h2>
<h2><a href='search_books.php'>Search Books</a></h2>
<h2><a href='search_orders.php'>Search Orders</a></h2>
<h2><a href='logout.php'>Logout</a></h2>
</fieldset>
<?php
showEmptyFooter();
?>
redirectMsg("./", 'Operação não permitida');
}
if ($_SERVER['REQUEST_METHOD'] != "POST" || !isset($_POST['username']) || empty($_POST['username']) || !isset($_POST['password']) || empty($_POST['password'])) {
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Login</title>
<link rel="stylesheet" href="common/style.css">
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"></script>
<script src="common/messages.js"></script>
</head>
<body>
<?php
showHeader('Login');
?>
<div id="menu">
<ul>
<a href="./"><img src="common/home.png"></a>
</ul>
</div>
<?php
showMessage();
?>
<div id="conteudo">
<form method="post">
<table style="margin: auto;">
<tr>
<td>Username</td>
<td><input type="text" name="username"></td>
