session_start(); $notes = $_POST['notes']; $room = $_POST['rooms']; $total = $_POST['total']; $user = $_POST['user']; //echo $_POST['mokka']; $dbobj = new dbconnection(); if (!isset($_SESSION['uid'])) { echo "You are not authoriezed to enter this page. You have to login first"; exit; } $arr = $dbobj->Select("select pname from product where available=1"); //print_r($arr); $product = array(); for ($i = 0; $i < count($arr); $i++) { $x = $arr[$i]['pname']; if (isset($_POST[$x])) { $product[$x] = $_POST[$x]; } } //print_r($product); $res = $dbobj->Select("select uid from user where uname='" . $user . "'"); $dbobj->Insert("insert into orders (uid,odate,notes,processing,totalamount,otime) values('" . $res[0]['uid'] . "',CURDATE(),'" . $notes . "',1,'" . $total . "',CURTIME())"); foreach ($product as $key => $value) { $arr = $dbobj->Select("select pid,price from product where pname = '" . $key . "'"); $arr2 = $dbobj->Select("select oid from orders order by oid desc limit 1"); //print_r($arr[0]); echo $arr[0]['pid']; $dbobj->Insert("insert into order_detail (oid,pid,qty,pamount) values('" . $arr2[0]['oid'] . "','" . $arr[0]['pid'] . "','" . $value . "','" . $arr[0]['price'] . "')"); } header('location: ../layout/ManualOrders.php');
if ($check !== false) { echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { echo "File is not an image."; $uploadOk = 0; } } echo $imageFileType . "<br>"; // Allow certain file formats if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") { echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed."; $uploadOk = 0; exit; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { echo "Sorry, your file was not uploaded."; exit; // if everything is ok, try to upload file } else { if (!move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) { echo "Sorry, there was an error uploading your file."; exit; } } $dbobj->Insert("insert into `product` values(null,'{$pname}','{$price}','{$cid}','{$imgname}',true,true)"); header("location:" . $_product . "?uid=" . $uid); ?>
<?php error_reporting(E_ALL); ini_set('display_errors', 1); require_once "../include/Validation.php"; // deconnection already included in Validation session_start(); print_r($_POST); $dbobj = new dbconnection(); $vobj = new Validation(); if (!isset($_SESSION['uid'])) { echo "You are not authoriezed to enter this page. You have to login first"; exit; } $uid = $_SESSION['uid']; if (!$vobj->ifSuperUserId($uid)) { echo "You are not authoriezed to enter this page. Only for admins."; exit; } if (!isset($_POST['rname'])) { echo "Please enter the room name"; exit; } $_product = "../layout/add_user.php"; $rname = $_POST['rname']; $dbobj->Insert("insert into `room` values(null,'{$rname}')"); header("location:" . $_product . "?uid=" . $uid);
<?php error_reporting(E_ALL); ini_set('display_errors', 1); require_once "../include/Validation.php"; // deconnection already included in Validation session_start(); print_r($_POST); $dbobj = new dbconnection(); $vobj = new Validation(); if (!isset($_SESSION['uid'])) { echo "You are not authoriezed to enter this page. You have to login first"; exit; } $uid = $_SESSION['uid']; if (!$vobj->ifSuperUserId($uid)) { echo "You are not authoriezed to enter this page. Only for admins."; exit; } if (!isset($_POST['cname'])) { echo "Please enter the category name"; } $_product = "../layout/add_product.php"; $category = $_POST['cname']; $dbobj->Insert("insert into category (cname) values('" . $category . "')"); header("location:" . $_product . "?uid=" . $uid);
echo "File is not an image."; $uploadOk = 0; } } // Allow certain file formats if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") { echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed."; $uploadOk = 0; exit; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { echo "Sorry, your file was not uploaded."; exit; // if everything is ok, try to upload file } else { if (!move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) { echo "Sorry, there was an error uploading your file."; exit; } } $hpwd = md5($pwd); if ($suser == 'true') { $dbobj->Insert("insert into user values(null,'{$uname}','{$email}','{$hpwd}','{$imgname}',{$rid},'{$ext}',1,'{$fname}','{$lname}',0)"); } else { $dbobj->Insert("insert into user values(null,'{$uname}','{$email}','{$hpwd}','{$imgname}',{$rid},'{$ext}',0,'{$fname}','{$lname}',1)"); } // echo "regular"; header("location:" . $_user . "?uid=" . $uid); ?> 1