$headerInclude = "ordermanagement";
include 'includes/topheader.php';
$username = isset($HTTP_POST_VARS['username']) ? Trim($HTTP_POST_VARS['username']) : "";
$prev_username = isset($HTTP_POST_VARS['hid_username']) ? Trim($HTTP_POST_VARS['hid_username']) : "";
$password = isset($HTTP_POST_VARS['password']) ? Trim($HTTP_POST_VARS['password']) : "";
$repassword = isset($HTTP_POST_VARS['repassword']) ? Trim($HTTP_POST_VARS['repassword']) : "";
$user_id = isset($HTTP_POST_VARS['userid']) ? Trim($HTTP_POST_VARS['userid']) : "";
$company_id = isset($HTTP_POST_VARS['companyid']) ? Trim($HTTP_POST_VARS['companyid']) : "";
if ($username == "") {
$msgtodisplay = "Please enter user name.";
$outhtml = "Y";
message($msgtodisplay, $outhtml, $headerInclude);
exit;
}
if ($prev_username != $username) {
if (func_checkUsernameExistInAnyTable($username, $cnn_cs)) {
$msgtodisplay = "User name already exist.";
$outhtml = "Y";
message($msgtodisplay, $outhtml, $headerInclude);
exit;
}
}
if ($password == "") {
$msgtodisplay = "Please enter Password.";
$outhtml = "Y";
message($msgtodisplay, $outhtml, $headerInclude);
exit;
}
if ($user_id == "") {
$qry_insert = "Insert into cs_companyusers (username,password,userid,teleusertype) values ('{$username}','{$password}',{$company_id},'1')";
if (!mysql_query($qry_insert, $cnn_cs)) {
$msgtodisplay = "";
if ($transaction_type == "tele") {
$send_ecommercemail = 0;
} else {
$send_ecommercemail = 1;
}
$qry_select1 = "Select companyname,email ,url1 from cs_companydetails where userid='{$gatewayid}'";
$rst_select1 = mysql_query($qry_select1, $cnn_cs);
$rst_result1 = mysql_fetch_array($rst_select1);
$companyname1 = $rst_result1['companyname'];
$email1 = $rst_result1['email'];
$url1 = $rst_result1['url1'];
$current_date_time = func_get_current_date_time();
$user_nameexist = 0;
if ($company) {
$user_nameexist = func_checkUsernameExistInAnyTable($username, $cnn_cs);
$user_companyexist = func_checkCompanynameExistInAnyTable($companyname, $cnn_cs);
$user_mailidexist = func_checkEmailExistInAnyTable($email, $cnn_cs);
$qry_select_user = "******";
//print $qry_select_user;
if ($user_nameexist == 1) {
$msgtodisplay = "<table width='350' height='100' align='center' valign='middle' style='border:1px solid black'><tr><td align='center' valign='middle'><font face='verdana' size='1' color='red'>Existing username !! </font></td></tr><tr><td align='center'><a href='javascript:window.history.back();'><img border='0' src='images/back.jpg'></a></td></tr></table>";
} elseif ($user_companyexist == 1) {
$msgtodisplay = "<table width='350' height='100' align='center' valign='middle' style='border:1px solid black'><tr><td align='center' valign='middle'><font face='verdana' size='1' color='red'>Existing Company name !! </font></td></tr><tr><td align='center'><a href='javascript:window.history.back();'><img border='0' src='images/back.jpg'></a></td></tr></table>";
} elseif ($user_mailidexist == 1) {
$msgtodisplay = "<table width='350' height='100' align='center' valign='middle' style='border:1px solid black'><tr><td align='center' valign='middle'><font face='verdana' size='1' color='red'>Existing Mail ID !! </font></td></tr><tr><td align='center'><a href='javascript:window.history.back();'><img border='0' src='images/back.jpg'></a></td></tr></table>";
} else {
$qry_insert_user = "******";
$qry_insert_user .= " values('{$username}','{$password}','{$companyname}','{$email}','{$voulmeNumber}',0,'{$transaction_type}','{$how_about_us}','{$reseller}','{$current_date_time}',{$send_ecommercemail},{$gatewayid})";
if (!($show_sql = mysql_query($qry_insert_user))) {
print mysql_errno() . ": " . mysql_error() . "<BR>";
$sUserName = mysql_result($rstSelect, 0, 5);
$sPassword = mysql_result($rstSelect, 0, 6);
$dAmount = mysql_result($rstSelect, 0, 7);
$dVoiceAuthFee = mysql_result($rstSelect, 0, 8);
}
}
// *************** TSR user adding part ******************************
if (isset($HTTP_POST_VARS["txtFirstName"]) && isset($HTTP_POST_VARS["txtLastName"]) && isset($HTTP_POST_VARS["txtUserName"]) && isset($HTTP_POST_VARS["txtPassword"])) {
if ($_SESSION["sessionlogin_type"] == "tele") {
$sAddedUser = "******";
} else {
$sAddedUser = "******";
}
$qryInsert = "insert into cs_tsrusers (tsr_added_by,tsr_added_user_id,tsr_first_name,tsr_last_name,tsr_user_name,tsr_password,tsr_amount_per_sale,tsr_voice_auth_fee)";
$qryInsert .= " values ('{$sAddedUser}','{$sessioncompanyid}','{$sFirstName}','{$sLastName}','{$sUserName}','{$sPassword}',{$dAmount},{$dVoiceAuthFee})";
$bIsUserExist = func_checkUsernameExistInAnyTable($sUserName, $cnn_cs);
$qryUpdate = "update cs_tsrusers set tsr_first_name = '{$sFirstName}',tsr_last_name = '{$sLastName}',tsr_password = '******',tsr_amount_per_sale ={$dAmount},tsr_voice_auth_fee = {$dVoiceAuthFee} where tsr_user_id = {$iEditTsrId} ";
$qrySelect = "select * from cs_tsrusers where tsr_user_name ='{$sUserName}'";
if ($iEditTsrId == "") {
if ($bIsUserExist) {
$sError = "This user name already exist";
} else {
if (!mysql_query($qryInsert, $cnn_cs)) {
print "Can not execute query";
exit;
} else {
header('location:addtsrusermessage.php?msg=add');
}
}
} else {
if (!mysql_query($qryUpdate)) {
