$data['postal_code'] = trim($dbs->escape_string(strip_tags($_POST['memberPostal']))); $data['member_notes'] = trim($dbs->escape_string(strip_tags($_POST['memberNotes']))); $data['member_email'] = trim($dbs->escape_string(strip_tags($_POST['memberEmail']))); $data['is_pending'] = intval($_POST['isPending']); $data['input_date'] = date('Y-m-d'); $data['last_update'] = date('Y-m-d'); if (!empty($_FILES['image']) and $_FILES['image']['size']) { // create upload object $upload = new simbio_file_upload(); $upload->setAllowableFormat($sysconf['allowed_images']); $upload->setMaxSize($sysconf['max_image_upload'] * 1024); // approx. 100 kb $upload->setUploadDir(IMAGES_BASE_DIR . 'persons'); // give new name for upload file $new_filename = 'member_' . $data['member_id']; $upload_status = $upload->doUpload('image', $new_filename); if ($upload_status == UPLOAD_SUCCESS) { $data['member_image'] = $dbs->escape_string($upload->new_filename); } } // password confirmation if ($mpasswd1 and $mpasswd2 and $mpasswd1 === $mpasswd2) { $data['mpasswd'] = 'literal{MD5(\'' . $mpasswd2 . '\')}'; } // create sql op object $sql_op = new simbio_dbop($dbs); if (isset($_POST['updateRecordID'])) { /* UPDATE RECORD MODE */ // remove input date unset($data['input_date']); // filter update record ID
// biblio topic save proccess if (isset($_POST['upload']) and trim(strip_tags($_POST['fileTitle'])) != '') { $uploaded_file_id = 0; $title = trim(strip_tags($_POST['fileTitle'])); $url = trim(strip_tags($_POST['fileURL'])); // create new sql op object $sql_op = new simbio_dbop($dbs); // FILE UPLOADING if (isset($_FILES['file2attach']) and $_FILES['file2attach']['size']) { // create upload object $file_dir = trim($_POST['fileDir']); $file_upload = new simbio_file_upload(); $file_upload->setAllowableFormat($sysconf['allowed_file_att']); $file_upload->setMaxSize($sysconf['max_upload'] * 1024); $file_upload->setUploadDir(REPO_BASE_DIR . DIRECTORY_SEPARATOR . str_replace('/', DIRECTORY_SEPARATOR, $file_dir)); $file_upload_status = $file_upload->doUpload('file2attach'); if ($file_upload_status === UPLOAD_SUCCESS) { $file_ext = substr($file_upload->new_filename, strrpos($file_upload->new_filename, '.') + 1); $fdata['uploader_id'] = $_SESSION['uid']; $fdata['file_title'] = $dbs->escape_string($title); $fdata['file_name'] = $dbs->escape_string($file_upload->new_filename); $fdata['file_url'] = $dbs->escape_string($url); $fdata['file_dir'] = $dbs->escape_string($file_dir); $fdata['file_desc'] = $dbs->escape_string(trim(strip_tags($_POST['fileDesc']))); $fdata['mime_type'] = $sysconf['mimetype'][$file_ext]; $fdata['input_date'] = date('Y-m-d H:i:s'); $fdata['last_update'] = $fdata['input_date']; // insert file data to database @$sql_op->insert('files', $fdata); $uploaded_file_id = $sql_op->insert_id; utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' upload file (' . $file_upload->new_filename . ')');
} } $data['labels'] = $arr_label ? serialize($arr_label) : 'literal{NULL}'; $data['frequency_id'] = $_POST['frequencyID'] == '0' ? 'literal{0}' : (int) $_POST['frequencyID']; $data['spec_detail_info'] = trim($dbs->escape_string(strip_tags($_POST['specDetailInfo']))); $data['input_date'] = date('Y-m-d H:i:s'); $data['last_update'] = date('Y-m-d H:i:s'); // image uploading if (!empty($_FILES['image']) and $_FILES['image']['size']) { // create upload object $image_upload = new simbio_file_upload(); $image_upload->setAllowableFormat($sysconf['allowed_images']); $image_upload->setMaxSize($sysconf['max_image_upload'] * 1024); $image_upload->setUploadDir(IMAGES_BASE_DIR . 'docs'); // upload the file and change all space characters to underscore $img_upload_status = $image_upload->doUpload('image', preg_replace('@\\s+@i', '_', $_FILES['image']['name'])); if ($img_upload_status == UPLOAD_SUCCESS) { $data['image'] = $dbs->escape_string($image_upload->new_filename); // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' upload image file ' . $image_upload->new_filename); utility::jsAlert(__('Image Uploaded Successfully')); } else { // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', 'ERROR : ' . $_SESSION['realname'] . ' FAILED TO upload image file ' . $image_upload->new_filename . ', with error (' . $image_upload->error . ')'); utility::jsAlert(__('Image Uploaded Successfully')); } } // create sql op object $sql_op = new simbio_dbop($dbs); if (isset($_POST['updateRecordID'])) { /* UPDATE RECORD MODE */
exit; } else { // set PHP time limit set_time_limit(7200); // set ob implicit flush ob_implicit_flush(); // create upload object $upload = new simbio_file_upload(); // get system temporary directory location $temp_dir = sys_get_temp_dir(); // set max size $max_size = $sysconf['max_upload'] * 1024; $upload->setAllowableFormat(array('.csv')); $upload->setMaxSize($max_size); $upload->setUploadDir($temp_dir); $upload_status = $upload->doUpload('importFile'); if ($upload_status != UPLOAD_SUCCESS) { utility::jsAlert(__('Upload failed! File type not allowed or the size is more than') . ' ' . $sysconf['max_upload'] / 1024 . ' MB'); //mfc exit; } // uploaded file path $uploaded_file = $temp_dir . DIRECTORY_SEPARATOR . $_FILES['importFile']['name']; $row_count = 0; // check for import setting $record_num = intval($_POST['recordNum']); $field_enc = trim($_POST['fieldEnc']); $field_sep = trim($_POST['fieldSep']); $record_offset = intval($_POST['recordOffset']); $record_offset = $record_offset - 1; // get current datetime
// check if there is any active stock take proccess $stk_query = $dbs->query('SELECT * FROM stock_take WHERE is_active=1'); if ($stk_query->num_rows < 1) { echo '<div class="errorBox">' . __('NO stock taking proccess initialized yet!') . '</div>'; die; } // file upload if (isset($_POST['stUpload']) && isset($_FILES['stFile'])) { require SIMBIO_BASE_DIR . 'simbio_FILE/simbio_file_upload.inc.php'; // create upload object $upload = new simbio_file_upload(); $upload->setAllowableFormat(array('.txt')); $upload->setMaxSize($sysconf['max_upload'] * 1024); $upload->setUploadDir(FILES_UPLOAD_DIR); // upload the file and change all space characters to underscore $upload_status = $upload->doUpload('stFile'); if ($upload_status == UPLOAD_SUCCESS) { // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'stock_take', $_SESSION['realname'] . ' upload stock take file ' . $upload->new_filename); // open file $stfile = @fopen(FILES_UPLOAD_DIR . $upload->new_filename, 'r'); if (!$stfile) { echo '<script type="text/javascript">' . "\n"; echo 'parent.$(\'#stUploadMsg\').html(\'Failed to open stock take file ' . $upload->new_filename . '. Please check permission for directory ' . FILES_UPLOAD_DIR . '\')'; echo '.toggleClass(\'errorBox\').css( {\'display\': \'block\'} );' . "\n"; echo '</script>'; exit; } // start loop $i = 0; while (!feof($stfile)) {
// check form validity if (empty($labelDesc) or empty($labelName)) { utility::jsAlert('Label Name OR Label Description must be filled!'); exit; } else { $data['label_desc'] = $dbs->escape_string($labelDesc); $data['label_name'] = 'label-' . strtolower(str_ireplace(array(' ', 'label-', '_'), array('-', '', '-'), $dbs->escape_string($labelName))); // image uploading if (!empty($_FILES['labelImage']) and $_FILES['labelImage']['size']) { // create upload object $image_upload = new simbio_file_upload(); $image_upload->setAllowableFormat($sysconf['allowed_images']); $image_upload->setMaxSize($sysconf['max_image_upload'] * 1024); $image_upload->setUploadDir(IMAGES_BASE_DIR . 'labels'); // upload $img_upload_status = $image_upload->doUpload('labelImage', $data['label_name']); if ($img_upload_status == UPLOAD_SUCCESS) { $data['label_image'] = $dbs->escape_string($image_upload->new_filename . '.png'); // resize the image if (function_exists('imagecopyresampled')) { // we use phpthumb class to resize image include LIB . 'phpthumb/ThumbLib.inc.php'; // create phpthumb object $src = IMAGES_BASE_DIR . 'labels/' . $image_upload->new_filename; $phpthumb = PhpThumbFactory::create($src); $w = $h = 24; $phpthumb->resize($w, $h); $phpthumb->save(IMAGES_BASE_DIR . 'labels/' . $data['label_name'] . '.png', 'PNG'); } // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' upload label image file ' . $image_upload->new_filename);