$mail->MsgHTML($Content);
$mail->Send();
$email_sent = true;
} catch (phpmailerException $e) {
$email_sent = false;
} catch (Exception $e) {
$email_sent = false;
}
if ($email_sent == true) {
$Notes = '\\r' . date('d-m-Y H:i:s') . ' - Email Sent: ' . $Subject;
$query = "update Students set Notes = concat(ifnull(Notes, ''),'" . $Notes . "') where StudentNo = " . $StudentNo;
$result = mysql_query($query) or die("SQL Error 1: " . mysql_error());
$query = "insert Correspondence (StudentNo, Subject, Content, Email) values ({$StudentNo}, '" . $Subject . "', '" . $Content . "', '" . $Email . "')";
$result = mysql_query($query) or die("SQL Error 1: " . mysql_error());
if ($result == true && $email_sent == true) {
getSuccessCreateResponse('Email sent Successfully', $StudentNo);
} else {
getErrorResponse("Email Sent, Correspondence failed!");
}
} else {
getErrorResponse("Email Failed!");
}
} else {
$pagenum = $_GET['pagenum'];
$pagesize = $_GET['pagesize'];
$start = $pagenum * $pagesize;
$query = "SELECT SQL_CALC_FOUND_ROWS * from Email_Content order by ID LIMIT {$start}, {$pagesize} ";
$result = mysql_query($query) or die("SQL Error 1: " . mysql_error());
$sql = "SELECT FOUND_ROWS() AS `found_rows`;";
$rows = mysql_query($sql);
$rows = mysql_fetch_assoc($rows);
}
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'DET_SAVE') {
$ID = $_REQUEST['ID'];
$Fund_Size = $_REQUEST['Fund_Size'];
$Strategy_Size = $_REQUEST['Strategy_Size'];
$Investment_Term = $_REQUEST['Investment_Term'];
$BuySell_Spread = $_REQUEST['BuySell_Spread'];
$Management_Fees = $_REQUEST['Management_Fees'];
$Performance_Fees = $_REQUEST['Performance_Fees'];
$Contribution_Fees = $_REQUEST['Contribution_Fees'];
$Other_Fees = $_REQUEST['Other_Fees'];
$query = "update Products set Fund_Size = {$Fund_Size} , Strategy_Size = {$Strategy_Size} , Investment_Term = {$Investment_Term} , BuySell_Spread = {$BuySell_Spread} , Management_Fees = {$Management_Fees}, Performance_Fees = {$Performance_Fees} , Contribution_Fees = {$Contribution_Fees} , Other_Fees = {$Other_Fees} where ID = {$ID}";
$result = $mysqli->query($query);
if ($result == true) {
getSuccessCreateResponse('Updated Successfully', $Id);
} else {
getErrorResponse("Update Failed !");
}
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'ISSUER') {
$User_ID = $_REQUEST["User_ID"];
$query = "SELECT p.*, i.Name as Issuer from Products p inner join Issuer i on p.Issuer_ID = i.ID inner join Users u on u.User_ID = '" . $User_ID . "' where u.Category_ID = p.Issuer_ID order by p.Issuer_ID, p.Name";
$result = $mysqli->query($query);
while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
$products[] = array('ID' => $row['ID'], 'Issuer_ID' => $row['Issuer_ID'], 'Issuer' => $row['Issuer'], 'Name' => $row['Name'], 'APIR' => $row['APIR'], 'ARSN' => $row['ARSN'], 'Meta_Data' => $row['Meta_Data'], 'PDS_Location' => $row['PDS_Location'], 'Fund_Manager' => $row['Fund_Manager'], 'Category' => $row['Category'], 'Structure' => $row['Structure'], 'Benchmark' => $row['Benchmark'], 'Min_Investment' => $row['Min_Investment'], 'Inception_Date' => $row['Inception_Date'], 'Image_Location' => $row['Image_Location'], 'Meta_Data' => $row['Meta_Data'], 'PDS_Location' => $row['PDS_Location'], 'Month1_Fund' => $row['Month1_Fund'], 'Month1_Index' => $row['Month1_Index'], 'Month3_Fund' => $row['Month3_Fund'], 'Month3_Index' => $row['Month3_Index'], 'Month6_Fund' => $row['Month6_Fund'], 'Month6_Index' => $row['Month6_Index'], 'Year1_Fund' => $row['Year1_Fund'], 'Year1_Index' => $row['Year1_Index'], 'Year2_Fund' => $row['Year2_Fund'], 'Year2_Index' => $row['Year2_Index'], 'Year3_Fund' => $row['Year3_Fund'], 'Year3_Index' => $row['Year3_Index'], 'Year5_Fund' => $row['Year5_Fund'], 'Year5_Index' => $row['Year5_Index'], 'Year7_Fund' => $row['Year7_Fund'], 'Year7_Index' => $row['Year7_Index'], 'Inception_Fund' => $row['Inception_Fund'], 'Inception_Index' => $row['Inception_Index'], 'Fund_Size' => $row['Fund_Size'], 'Investment_Size' => $row['Investment_Size'], 'Strategy_Size' => $row['Strategy_Size'], 'Investment_Term' => $row['Investment_Term'], 'BuySell_Spread' => $row['BuySell_Spread'], 'Management_Fees' => $row['Management_Fees'], 'Performance_Fees' => $row['Performance_Fees'], 'Contribution_Fees' => $row['Contribution_Fees'], 'Other_Fees' => $row['Other_Fees']);
}
echo json_encode($products);
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'FEES') {
$Product_ID = $_REQUEST["Product_ID"];
$query = "update SalesPerson set Name = '" . $Name . "' where ID = '" . $Id . "'";
$result = mysql_query($query) or die("SQL Error 1: " . mysql_error());
if ($result == true) {
getSuccessCreateResponse('Updated Successfully', $Id);
} else {
getErrorResponse("Update Failed!");
}
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'DEL') {
$Id = strtoupper($_REQUEST['ID']);
$In_Use = checkIDinUse('Students', 'SalesPerson', $Id);
if ($In_Use == false) {
$query = "delete from SalesPerson where ID = '" . $Id . "'";
$result = mysql_query($query) or die("SQL Error 1: " . mysql_error());
if ($result == true) {
getSuccessCreateResponse('Deleted Successfully', $Id);
} else {
getErrorResponse("Delete Failed!");
}
} else {
getErrorResponse("Delete Failed! ID still in use.");
}
} else {
$query = "SELECT * FROM SalesPerson order by ID";
$result = mysql_query($query) or die("SQL Error 1: " . mysql_error());
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$source[] = array('ID' => $row['ID'], 'Name' => $row['Name']);
}
echo json_encode($source);
}
}
function do_login($user_id)
{
global $mysqli;
session_start();
$response = "";
$query = "SELECT u.User_ID, u.Facebook_ID, Password, User_Level, Category, Colour,\n\t\t\t\t\tCase \n\t\t\t\t\t\twhen (u.Category = 'CONSUMER' or u.Category = 'SELF-DIRECTED' or u.Category = 'ADVISER-DIRECTED') then concat(c.GivenName, ' ',c.Surname) \n\t\t\t\t\t\twhen Category = 'ADVISER' then concat(a.Given_Name, ' ', a.Surname) \n\t\t\t\t\t\twhen Category = 'GROUP' then ag.Group_Description \n\t\t\t\t\t\twhen Category = 'ISSUER' then i.Name \n\t\t\t\t\t\telse u.User_Name end AS User_Name \n\t\t\t\tFROM Users u \n\t\t\t\tleft join Clients c on c.User_ID = u.id \n\t\t\t\tleft join Adviser a on a.User_ID = u.ID \n\t\t\t\tleft join Adviser_Groups ag on ag.ID = u.Category_ID \n\t\t\t\tleft join Issuer i on i.ID = u.Category_ID \n\t\t\t\twhere u.ID = '" . $user_id . "' and u.Status = 'ACTIVE' ";
$result = $mysqli->query($query);
if ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
$loginData = array("user_id" => $row["User_ID"], "facebook_id" => $row["Facebook_ID"], "user_name" => $row["User_Name"], "user_level" => $row["User_Level"], "category" => $row["Category"], "colour" => $row["Colour"], "theme" => "bootstrap");
$myDomain = $_SERVER['SERVER_NAME'];
if ($myDomain != "www.sunwindwater.com.au") {
$myDomain = "inferwise.com.au";
}
$cookie_name = "user_id";
$cookie_value = base64_encode(json_encode($loginData));
setcookie($cookie_name, $cookie_value, time() + 60 * 30, "/", $myDomain);
/* //rememberMe not used by Facebook
$rememberMe = array(
"user_id" => $row["User_ID"],
"password" => $row["Password"],
"facebook_id" => $row["Facebook_ID"],
);
if ($_REQUEST['rememberMe'] == "true") {
$cookie_name = "infer_wid";
$cookie_value = base64_encode(json_encode($rememberMe));
setcookie($cookie_name, $cookie_value, time() + (60 * 200000), "/",$myDomain);
}
*/
/* //the user_log at the moment doesn't support facebook users (need to ALTER User_Log table first)
$query = 'insert into User_Log (User_ID, Login_Time) values ("'.$row["User_ID"].'",now())';
$result = $mysqli->query($query);
*/
getSuccessCreateResponse('Logged in Successfully', $loginData);
} else {
getErrorResponse("Login Failed!");
}
}
session_start();
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, GET, PUT, DELETE');
header('Content-type: application/json');
include_once 'Connect.php';
include_once 'UtilFunctions.php';
$formData = array("username" => $_REQUEST["User_ID"], "password" => $_REQUEST["Password"], "rememberMe" => $_REQUEST["rememberMe"]);
$response = "";
$query = "SELECT u.User_ID, Password, User_Level, Category, Colour,Case when (u.Category = 'CONSUMER' or u.Category = 'SELF-DIRECTED' or u.Category = 'ADVISER-DIRECTED') then concat(c.GivenName, ' ',c.Surname) when Category = 'ADVISER' \n\tthen concat(a.Given_Name, ' ', a.Surname) when Category = 'GROUP' then ag.Group_Description when Category = 'ISSUER' then i.Name else u.User_Name end as User_Name FROM Users u \n\tleft join Clients c on c.User_ID = u.ID left join Adviser a on a.User_ID = u.ID left join Adviser_Groups ag on ag.ID = u.Category_ID left join Issuer i on i.ID = u.Category_ID where \n\tu.User_Id = '" . $formData['username'] . "' and Password = '******'password']) . "' and u.Status = 'ACTIVE'";
$result = $mysqli->query($query);
if ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
$loginData = array("user_id" => $row["User_ID"], "user_name" => $row["User_Name"], "user_level" => $row["User_Level"], "category" => $row["Category"], "colour" => $row["Colour"], "theme" => "bootstrap");
$rememberMe = array("user_id" => $row["User_ID"], "password" => $row["Password"]);
$myDomain = $_SERVER['SERVER_NAME'];
//if ($myDomain != "www.dev.sunwindwater.com.au") { $myDomain = "inferwise.com.au" ; }
$cookie_name = "user_id";
$cookie_value = base64_encode(json_encode($loginData));
setcookie($cookie_name, $cookie_value, time() + 60 * 30, "/", $myDomain);
if ($formData['rememberMe'] == "Y") {
$cookie_name = "infer_wid";
$cookie_value = base64_encode(json_encode($rememberMe));
setcookie($cookie_name, $cookie_value, time() + 60 * 200000, "/", $myDomain);
}
$query = 'insert into User_Log (User_ID, Login_Time) values ("' . $row["User_ID"] . '",now())';
$result = $mysqli->query($query);
getSuccessCreateResponse('Logged in Successfully', $loginData);
} else {
getErrorResponse("Login Failed!");
}
$mysqli->close();
<?php
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, GET, PUT, DELETE');
header('Content-type: application/json');
include_once 'UtilFunctions.php';
$myDomain = $_SERVER['SERVER_NAME'];
//if ($myDomain != "www.dev.sunwindwater.com.au") { $myDomain = "inferwise.com.au" ; }
setcookie("user_id", "", time() - 3600, "/", $myDomain);
getSuccessCreateResponse('Logged out Successfully', "user_id");
getErrorResponse("Post Code does not exists!");
} else {
getSuccessCreateResponse('', $Post_Code);
}
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'DETAILS') {
$User_ID = $_REQUEST['User_ID'];
$query = "SELECT a.* from Adviser a inner join Users u on u.ID = a.User_ID where u.User_ID = '" . $User_ID . "' limit 1";
//echo $query;
$result = $mysqli->query($query);
$advisers = array();
while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
//echo $row['ID'];
$advisers[] = array('ID' => checkNull($row['ID'], ''), 'Given_Name' => checkNull($row['Given_Name'], ''), 'Surname' => checkNull($row['Surname'], ''), 'LicenseNo' => checkNull($row['LicenseNo'], ''), 'AR_Number' => checkNull($row['AR_Number'], ''), 'Email' => checkNull($row['Email'], ''), 'Mobile' => checkNull($row['Mobile'], ''), 'Phone' => checkNull($row['Phone'], ''), 'DOB' => checkNull($row['DOB'], ''), 'Referral' => checkNull($row['Referral'], ''), 'Practise_Name' => checkNull($row['Practise_Name'], ''), 'Address' => checkNull($row['Address'], ''), 'PostCode' => checkNull($row['PostCode'], ''), 'Expertise_Areas' => checkNull($row['Expertise_Areas'], ''));
}
getSuccessCreateResponse('', $advisers);
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'CREDENTIALS') {
$User_ID = $_REQUEST['User_ID'];
$query = "SELECT * FROM Adviser a inner join Users u on u.ID = a.User_ID where u.User_ID = '" . $User_ID . "' Limit 1";
$result = $mysqli->query($query);
$row = mysqli_fetch_array($result, MYSQL_ASSOC);
$valid = false;
if ($row["LicenseNo"] && $row["Practise_Name"] && $row["Practise_Email"]) {
$valid = true;
}
$response[] = array('success' => $valid, 'LicenseNo' => $row["LicenseNo"], 'Practise_Name' => $row["Practise_Name"], 'Practise_Email' => $row["Practise_Email"]);
echo json_encode($response[0]);
} else {
$User_ID = $_REQUEST['User_ID'];
$Category = $_REQUEST['Category'];
$Category = $_REQUEST['Category'];
$Percentage = $_REQUEST['Percentage'];
$query = 'update Product_Shareholders set Shareholder = "' . $Shareholder . '", Category = "' . $Category . '", Percentage = ' . $Percentage . ' where ID = ' . $ID;
$result = $mysqli->query($query);
if ($result == true) {
getSuccessCreateResponse('Updated Successfully', $Product_ID);
} else {
getErrorResponse($query);
}
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'DEL') {
$ID = $_REQUEST['ID'];
$query = 'delete from Product_Shareholders where ID = ' . $ID;
$result = $mysqli->query($query);
if ($result == true) {
getSuccessCreateResponse('Deleted Successfully', $Product_ID);
} else {
getErrorResponse("Delete Failed!");
}
} else {
if (!isset($_REQUEST["type"])) {
$Product_ID = $_REQUEST['Product_ID'];
$pagenum = $_GET['pagenum'];
$pagesize = $_GET['pagesize'];
$start = $pagenum * $pagesize;
$query = "SELECT * from Product_Shareholders where Product_ID = " . $Product_ID;
//echo $query;
$result = $mysqli->query($query);
$query1 = "SELECT sum(Percentage) as totalPercentage from Product_Shareholders where Product_ID = " . $Product_ID;
//echo $query;
$result1 = $mysqli->query($query1);
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, GET, PUT, DELETE');
header('Content-type: application/json');
include_once 'Connect.php';
include_once 'UtilFunctions.php';
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'LIST') {
$Category = strtoupper($_REQUEST['Category']) . ",";
$query = "SELECT * FROM Menu where instr(Category, '{$Category}') > 0 order by ID";
//echo $query;
$result = $mysqli->query($query);
while ($row = mysqli_fetch_array($result, MYSQL_ASSOC)) {
$Link = $row["Description"];
$Link = str_replace("\\'", "'", $Link);
//echo $Link."\n\r";
$menu_items[] = array('id' => $row['ID'], 'parentid' => $row['Parent_ID'], 'text' => $Link, 'subMenuWidth' => '250px', 'Path' => $row["Path"]);
}
echo json_encode($menu_items);
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'LOOKUP') {
$ID = $_REQUEST['ID'];
$query = "SELECT * FROM Menu where ID = {$ID} limit 1";
$result = $mysqli->query($query);
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
if ($result == true) {
getSuccessCreateResponse('Updated Successfully', $row["Path"]);
} else {
getErrorResponse("Add Failed!");
}
}
}
$Response = $_REQUEST['Response'];
$query = "update Followup set Completed = '" . $Completed . "', Response = '" . $Response . "' where ID = " . $ID . "";
$result = $mysqli->query($query);
if ($result == '1') {
getSuccessCreateResponse('Updated Successfully', $Id);
}
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'SGN') {
$docKey = $_REQUEST['Document_ID'];
try {
$result = $api->getLatestDocumentUrl($docKey);
} catch (Exception $e) {
print '<h3>An exception occurred:</h3>';
var_dump($e);
}
getSuccessCreateResponse('URL received Successfully', $result);
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'UPLOAD') {
$Client_ID = $_REQUEST["Client_ID"];
$target_dir = "Documents/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$name = basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file, PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
// Check if file already exists
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}
// Check file size
} else {
getErrorResponse("Delete Failed!");
}
} else {
getErrorResponse("Delete Failed! ID still in use.");
}
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'LOOKUP') {
$Term = strtolower($_REQUEST['Term']);
$query = "SELECT * from Glossary where lower(Term) = '" . $Term . "'";
//echo $query;
$result = $mysqli->query($query);
if ($result == true) {
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
//echo $row["Definition"];
getSuccessCreateResponse('Lookup Successfull', addslashes($row["Definition"]));
} else {
getErrorResponse($query);
}
} else {
$pagenum = $_GET['pagenum'];
$pagesize = $_GET['pagesize'];
$start = $pagenum * $pagesize;
$query = "SELECT SQL_CALC_FOUND_ROWS * from Glossary order by Term LIMIT {$start}, {$pagesize} ";
$result = $mysqli->query($query);
$sql = "SELECT FOUND_ROWS() AS `found_rows`;";
$rows = $mysqli->query($sql);
$rows = mysqli_fetch_array($rows, MYSQLI_ASSOC);
$total_rows = $rows['found_rows'];
$filterquery = "";
// filter data.
try {
$mail->AddAddress($User_ID);
$mail->SetFrom('*****@*****.**', 'info @ inferwise.com.au');
$mail->AddReplyTo('*****@*****.**', 'info @ inferwise.com.au');
$mail->Subject = $EmailSubject;
$mail->AltBody = 'To view the message, please use an HTML compatible email viewer!';
$mail->MsgHTML($MESSAGE_BODY);
$mail->Send();
$email_sent = true;
} catch (phpmailerException $e) {
$email_sent = false;
} catch (Exception $e) {
$email_sent = false;
}
if ($email_sent) {
getSuccessCreateResponse('Email successfully sent', $Email);
}
} else {
getErrorResponse("We have no record of this email address");
}
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'LIST') {
$query = "SELECT u.User_ID, Password, User_Level, Category, Case when (u.Category = 'CONSUMER' or u.Category = 'SELF-DIRECTED' or u.Category = 'ADVISER-DIRECTED') then concat(c.GivenName, ' ',c.Surname) when Category = 'ADVISER' \n\tthen concat(a.Given_Name, ' ',a.Surname) when Category = 'ISSUER' then i.Name else u.User_Name end as User_Name FROM Users u left join Clients c on c.User_ID = u.User_ID left join Adviser a on a.Adviser_ID = u.User_ID \n\tleft join Issuer i on i.ID = u.Category_ID order by User_ID";
$result = $mysqli->query($query);
while ($row = mysqli_fetch_array($result, MYSQL_ASSOC)) {
$source[] = array('User_ID' => $row['User_ID'], 'User_Name' => $row['User_Name']);
}
echo json_encode($source);
} else {
$pagenum = $_GET['pagenum'];
$pagesize = $_GET['pagesize'];
if ($Salesperson != '') {
$html = $html . '<tr><td></td><td></td><td></td><td></td><td></td><td><strong>Total Paid</strong></td><td align="right">' . money_format('%=*(#10.2n', $Total_Balance) . '</td></tr></table>';
$pdf->writeHTMLCell(0, 0, '', '', $html, 0, 1, 0, true, '', true);
$pdf->AddPage();
$Total_Balance = 0.0;
}
$Salesperson = $row["Salesperson"];
$html = '<p>' . $Salesperson . '</p><table border="1"><tr><td width="80"><h3>Student No</h3></td><td width="120"><h3>Given Name</h3></td><td width="120"><h3>Surname</h3></td><td width="120"><h3>Receipt Date</h3></td><td width="150"><h3>Receipt Details</h3></td><td width="180"><h3>Course</h3></td><td width="100"><h3>Amount</h3></td><td width="100"><h3>How Paid</h3></td></tr>';
$line_number = 5;
}
$Receipt_Date = new DateTime($row["Receipt_Date"]);
$html .= '<tr><td>' . $row["StudentNo"] . '</td><td>' . $row["GivenName"] . '</td><td>' . $row["Surname"] . '</td><td>' . date_format($Receipt_Date, 'd/m/Y') . '</td><td>' . $row["Receipt_Details"] . '</td><td>' . $row["Course"] . '</td><td align="right">' . $row["Credit_Amt"] . '</td><td>' . $row["How_Paid"] . '</td></tr>';
$line_number = $line_number + 1;
$Total_Balance = (double) $Total_Balance + (double) $row["Credit_Amt"];
}
// Set some content to print
$html = $html . '<tr><td></td><td></td><td></td><td></td><td></td><td><strong>Total Paid</strong></td><td align="right">' . money_format('%=*(#10.2n', $Total_Balance) . '</td></tr></table>';
//echo $html;
// Print text using writeHTMLCell()
$pdf->writeHTMLCell(0, 0, '', '', $html, 0, 1, 0, true, '', true);
// ---------------------------------------------------------
// Close and output PDF document
// This method has several options, check the source code documentation for more information.
$outputFile = 'Reports/Commission_Report_' . $Report_User . '.pdf';
$output = $pdf->Output($outputFile, 'F');
//echo "This is value of output = ".$output;
if ($output != NULL) {
getErrorResponse("Could not create file!");
} else {
getSuccessCreateResponse('', $Report_User);
}
$query = "delete from Product_Categories where ID = '" . $Id . "'";
$result = $mysqli->query($query);
if ($result == true) {
getSuccessCreateResponse('Deleted Successfully', $Id);
} else {
getErrorResponse("Delete Failed!");
}
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'UPD_DEFINITION') {
$ID = $_REQUEST['ID'];
$Content = $_REQUEST['Content'];
$Content = htmlspecialchars(addslashes($Content));
$query = "update Product_Categories set Definition = '" . $Content . "' where ID = " . $ID;
$result = $mysqli->query($query);
if ($result == true) {
getSuccessCreateResponse('Updated Successfully', $query);
} else {
getErrorResponse($query);
}
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'LIST') {
$query = "SELECT * FROM Product_Categories order by ID";
$result = $mysqli->query($query);
while ($row = mysqli_fetch_array($result, MYSQL_ASSOC)) {
$categories[] = array('ID' => $row['ID'], 'Description' => $row['Description']);
}
echo json_encode($categories);
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'DETAILS') {
$Product_ID = $_REQUEST['Product_ID'];
$query = "SELECT c.* FROM Product_Categories c inner join Products p on p.Category_ID = c.ID where p.ID = {$Product_ID} ";
$topic_row = mysqli_fetch_array($topic_result, MYSQLI_ASSOC);
$Topic_ID = $topic_row["Topic_ID"];
$prevTopic = $Topic;
}
if ($Question_ID != $row["ID"]) {
$query = 'insert into Topic_Questions (Topic_ID, Question, Question_Order, Answer_1, Answer_2, Answer_3, Answer_4, Answer_5, Correct_Answer, Supporting_Documentation) values (' . $Topic_ID . ', "' . $Question . '",' . $Question_Order . ',"' . $Answer1 . '","' . $Answer2 . '","' . $Answer3 . '","' . $Answer4 . '","' . $Answer5 . '",' . $Correct_Answer . ',"")';
echo $query;
$question_result = $mysqli->query($query);
$Answer_No = 1;
$Answer1 = "";
$Answer2 = "";
$Answer3 = "";
$Answer4 = "";
$Answer5 = "";
$Correct_Answer = 0;
$Question_ID = $row["ID"];
}
${'Answer' . $Answer_No} = $row["answer"];
if ($row["correct"] == 1) {
$Correct_Answer = $Answer_No;
}
$Question_Order = $row["sort_order"];
$Answer_No = $Answer_No + 1;
}
if ($Question_result == true) {
getSuccessCreateResponse('Updated Successfully', $Student_Cost);
} else {
getErrorResponse("Add Failed!");
}
}
$mysqli->close();
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'SIGN_UP') {
$User_ID = getnextClientNo($mysqli);
$Password = $_REQUEST['Password'];
$GivenName = strtoupper($_REQUEST['GivenName']);
$Surname = strtoupper($_REQUEST['Surname']);
$Email = strtoupper($_REQUEST['Email']);
$DOB = $_REQUEST['DOB'];
$Post_Code = $_REQUEST['PostCode'];
$Client_Type = $_REQUEST['Client_Type'];
$query = "insert into Clients (User_ID, Client_Type, GivenName, Surname, Email, PostCode, DOB) values (" . $User_ID . ", '" . $Client_Type . "','" . $GivenName . "', '" . $Surname . "', '" . $Email . "','" . $PostCode . "','" . $DOB . "')";
//echo $query;
$result = $mysqli->query($query);
$query1 = "insert into Users (User_ID, Password, Category, Access_Level) values\n\t ('" . $User_ID . "', '" . sha1($Password) . "', '" . $Client_Type . "', 3)";
$result1 = $mysqli->query($query1);
if ($result1) {
getSuccessCreateResponse('Inserted Successfully', $User_ID);
} else {
getErrorResponse($query);
}
} else {
$User_ID = $_REQUEST['User_ID'];
$Category = $_REQUEST['Category'];
$pagenum = $_GET['pagenum'];
$pagesize = $_GET['pagesize'];
$start = $pagenum * $pagesize;
if ($User_ID == "ADMIN") {
$base_query = "SELECT SQL_CALC_FOUND_ROWS c.* from Clients c ";
} else {
if ($Category == 'ADVISER') {
$base_query = "SELECT SQL_CALC_FOUND_ROWS c.* from Clients c where Adviser_ID = '" . $User_ID . "' and Client_Type='ADVISER-DIRECTED'";
} else {
$mail->AddReplyTo('*****@*****.**', 'Harry @ Sunwindwater');
$mail->Subject = $Subject;
$mail->AltBody = 'To view the message, please use an HTML compatible email viewer!';
$mail->MsgHTML($Content);
$mail->Send();
$email_sent = true;
} catch (phpmailerException $e) {
$email_sent = false;
} catch (Exception $e) {
$email_sent = false;
}
if ($email_sent == true) {
$query = "insert Correspondence (StudentNo, Subject, Content, Email) values ({$StudentNo}, '" . $Subject . "', '" . $Content . "', '" . $Email . "')";
$result = mysql_query($query) or die("SQL Error 1: " . mysql_error());
if ($result == true && $email_sent == true) {
getSuccessCreateResponse('Email sent Successfully', $Id);
} else {
getErrorResponse("Email Sent, Correspondence failed!");
}
} else {
getErrorResponse("Email Failed!");
}
} else {
getErrorResponse("No Schedule to send!");
}
} else {
if (isset($_REQUEST["type"]) && trim($_REQUEST["type"]) == 'INSTRUCTOR') {
$query = "SELECT cb.StudentNo, cb.Receipt_No, CONCAT(s.GivenName,' ',s.Surname) as Student_Name, cb.Course_Date as Course_Date_No, cda.Course_Date, cb.Course_No, cb.Lesson_No, cd.Description as Course, cb.Lesson_No, l.Description as Lesson, cb.Instructor_No, i.Name as Instructor, cb.Boat_No, b.Name as Boat from Course_Bookings cb inner join Students s on s.StudentNo = cb.StudentNo inner join Course_Details cd on cd.ID = cb.Course_No left join Course_Dates cda on cda.ID = cb.Course_Date inner join Lessons l on l.Course_No = cb.Course_No and l.Lesson_No = cb.Lesson_No inner join Instructor i on i.ID = cb.Instructor_No inner join Boats b on b.Id = cb.Boat_No where cda.Course_Date >= now() order by cda.Course_Date, cb.Instructor_No, cb.StudentNo, cb.Course_No, cb.Lesson_No";
//echo $query;
$result = mysql_query($query) or die("SQL Error 1: " . mysql_error());
$courses = null;
if ($line_number >= 50) {
if ($html != '') {
$html = $html . '</table>';
$pdf->writeHTMLCell(0, 0, '', '', $html, 0, 1, 0, true, '', true);
$pdf->AddPage();
}
$line_number = 5;
$html = '<h2>INSTRUCTOR: ' . $row["Instructor"] . '</h2></br>';
$html = $html . '<h2>DATE: ' . $row["Course_Date"] . '</h2></br>';
$html = $html . '<h2>BOAT: ' . $row["Boat"] . '</h2></br>';
$html = $html . '<table border="0" cellpadding="10"><tr><td width="140"><h4>Name</h4></td><td width="100"><h4>Course</h4></td><td width="100"><h4>Lesson</h4></td><td width="100"><h4>Course Balance</h4></td><td width="140"><h4>Next Lesson</h4></td></tr>';
}
$query = "select Concat(date_format(cda1.Course_Date,'%d/%m/%Y %H:%i:%s'),' ',l1.Description) as Next_Lesson from Course_Bookings cb1 \n inner join Course_Details c1 on c1.Id = cb1.Course_No\n inner join Lessons l1 on l1.Lesson_No = cb1.Lesson_No \n inner join Course_Dates cda1 on cda1.ID = cb1.Course_Date where cb1.StudentNo = " . $row["StudentNo"] . " and cb1.Course_No = " . $row["Course_No"] . " and l1.Description > '" . $row["Lesson"] . "' limit 1";
$next_Lesson = mysql_query($query) or die("SQL Error 1: " . mysql_error());
$nl = mysql_fetch_array($next_Lesson, MYSQL_ASSOC);
$html = $html . '<tr><td>' . $row["Name"] . '</td><td>' . $row["Course"] . '</td><td>' . $row["Lesson"] . '</td><td align="right">' . $row["Course_Balance"] . '</td><td>' . $nl["Next_Lesson"] . '</td></tr>';
$line_number = $line_number + 2;
}
// Print text using writeHTMLCell()
$html = $html . '</table>';
$pdf->writeHTMLCell(0, 0, '', '', $html, 0, 1, 0, true, '', true);
// ---------------------------------------------------------
// Close and output PDF document
// This method has several options, check the source code documentation for more information.
$outputFile = 'Reports/Instructor_Sheets_' . $Report_User . '.pdf';
$output = $pdf->Output($outputFile, 'F');
if ($output != NULL) {
getErrorResponse("Could not create file!");
} else {
getSuccessCreateResponse('', $User);
}
