PageRenderTime 80ms CodeModel.GetById 25ms RepoModel.GetById 0ms app.codeStats 0ms

/manager/auth/order/quotation/generate.php

https://bitbucket.org/nav_subhamkumar/crm
PHP | 297 lines | 163 code | 97 blank | 37 comment | 19 complexity | 1c08e0a394f27eca62d2f46d2c83f32f MD5 | raw file
Possible License(s): Unlicense, GPL-2.0, GPL-3.0 
    

  1. <?php
    2. 

  2. session_start();
    3. 

  3. error_reporting(E_PARSE | E_ERROR);
    4. 

  4. $id=$_SESSION['id'];
    5. 

  5. if(!$_SESSION['id'])
    6. 

  6. {
    7. 

  7. 	echo '<script>location.replace("../../../../../index.php");</script>';
    8. 

  8. }
    9. 

  9. 

  10. require_once "../../../conn/conn.php";
    11. 

  11. $chk=mysqli_query($dbc,"select * from team where email='$id'");
    12. 

  12. while($fchk=mysqli_fetch_assoc($chk))
    13. 

  13. {
    14. 

  14. 	$type=$fchk['EmployeeType'];
    15. 

  15. 	if( $type !="Manager")
    16. 

  16. 	{
    17. 

  17. 		echo '<script>location.replace("../../../../index.php");</script>';
    18. 

  18. 	}
    19. 

  19. }
    20. 

  20. 

  21. 

  22. ?>
    23. 

  23. 

  24. <?php
    25. 

  25. 

  26. if(isset($_POST['submit']))
    27. 

  27. {
    28. 

  28.     $rep=$_SESSION['n'];
    29. 

  29.     $rmail=$id;
    30. 

  30. 

  31.     $company=$_POST['company'];
    32. 

  32.     /*$array =  explode('.', $companywfid);
    33. 

    34. 

  34.     $fid=$array[0];
    35. 

  35.     $company=$array[1];*/
    36. 

  36.     
    37. 

  37.     $quotationnumber=$_POST['quotationnumber'];
    38. 

  38.     $_SESSION['quotationnumber']=$quotationnumber;
    39. 

  39. 

  40.     $revisedno=$_POST['revisedno'];
    41. 

  41. 

  42.     $currency=$_POST['currency'];
    43. 

  43.     
    44. 

  44.     $validity=$_POST['validity'];
    45. 

  45.     $delivery=$_POST['delivery'];
    46. 

  46.     $service=$_POST['service'];
    47. 

  47.     $payment=$_POST['payment'];
    48. 

  48. 

  49.     $servicename=$_POST['servicename'];
    50. 

  50.     $servicecost=$_POST['servicecost'];
    51. 

  51.     $servicetax=$_POST['servicetax'];
    52. 

  52.     $freightname=$_POST['freightname'];
    53. 

  53.     $freightcost=$_POST['freightcost'];
    54. 

  54.     $freighttax=$_POST['freighttax'];
    55. 

  55. 

  56.     $expectedclosure=$_POST['expectedclosure'];
    57. 

  57. 

  58.     $addreq=$_POST['addreq'];
    59. 

  59. 

  60.     $quotformname=$_POST['quotformname'];
    61. 

  61. 

  62. 

  63.     $remarks=$_POST['remarks'];
    64. 

  64.     /*for($m=0;$m<=3;$m++)
    65. 

  65.     {
    66. 

  66.     for($l=0;$l<=3;$l++)
    67. 

  67.     {
    68. 

  68.         echo $tax=$_POST['tax'];
    69. 

  69.     }
    70. 

  70. }*/
    71. 

  71. 

  72. $tax=implode(",",$_POST['tax']);
    73. 

  73. 

  74. 

  75.     
    76. 

  76.     
    77. 

  77.     
    78. 

  78. 

  79.     $_SESSION['fid']=null;
    80. 

  80. 

  81.     $_SESSION['fid']=$fid;
    82. 

  82.     
    83. 

  83. 

  84.     $_SESSION['qcompany']=$company;
    85. 

  85.     /*$_SESSION['qproduct']=$product;*/
    86. 

  86. 

  87.     // Generate Guid - unique id 
    88. 

  88. function NewGuid() { 
    89. 

  89.     $s = strtoupper(md5(uniqid(rand(),true))); 
    90. 

  90.     
    91. 

  91.     date_default_timezone_set('Asia/Kolkata');
    92. 

  92.     $timestamp = date('dmYHis', time());
    93. 

  93.     $guidText = 
    94. 

  94.         substr($timestamp,0,18) . '-' . 
    95. 

  95.         substr($s,18,4) . '-' . 
    96. 

  96.         substr($s,22,4). '-' . 
    97. 

  97.         substr($s,26,4). '-' . 
    98. 

  98.         substr($s,30); 
    99. 

  99.     return $guidText;
    100. 

  100. }
    101. 

  101. // End Generate Guid 
    102. 

  102. 

  103. $quotuniqueid = NewGuid();
    104. 

  104. 

  105. $_SESSION['quotuniqueid']=$quotuniqueid;
    106. 

  106. 

  107. 

  108. 

  109. 

  110.     $pathquot=null;
    111. 

  111.     $pathattachment=null;
    112. 

  112. 

  113.     $allowed = array('png', 'jpg','jpeg', 'pdf', 'doc', 'docx', 'xls','xlsx','csv');
    114. 

  114. 

  115.     
    116. 

  116. /*check columns available start*/
    117. 

  117.     
    118. 

  118.     $result=mysqli_query($dbc,"show columns from quotation");
    119. 

  119.                                     $k=0;
    120. 

  120.                                     $c=0;
    121. 

  121.                                     while($row = mysqli_fetch_array($result)){
    122. 

  122.                                         $str=$row['Field'];
    123. 

  123.                                        
    124. 

  124.                                        $newstr = filter_var($str, FILTER_SANITIZE_STRING);
    125. 

  125.                                        if($newstr="Product")
    126. 

  126.                                        {
    127. 

  127. 

  128. 

  129.                                        $int_id = filter_var($str, FILTER_SANITIZE_NUMBER_INT);
    130. 

  130.                                        
    131. 

  131.                                        if($int_id > $k)
    132. 

  132.                                        {
    133. 

  133.                                           global $c;
    134. 

  134.                                           $c=$int_id;
    135. 

  135.                                           $k=$int_id;
    136. 

  136.          
    137. 

  137.                                           }
    138. 

  138.                                        }
    139. 

  139.                                        
    140. 

  140.                                     }
    141. 

  141. /*check columns available end*/                                    
    142. 

  142.     
    143. 

  143.     for ($i = 0; $i < 500; $i++) 
    144. 

  144.     {
    145. 

  145.         /*if (isset($_POST['partdesc'][$i], $_POST['qty'][$i],$_POST['unitprice'][$i])) { // Make sure both are filled in*/
    146. 

  146.             // Do stuff with this row of the form
    147. 

  147.             $product=$_POST['product'][$i];
    148. 

  148. 

  149.             $partd=$_POST['partdesc'][$i];
    150. 

  150.             $qt=$_POST['qty'][$i];
    151. 

  151.             $unitp=$_POST['unitprice'][$i];
    152. 

  152.             $licencefor=$_POST['licencefor'][$i];
    153. 

  153.             $hsnsac=$_POST['hsnsac'][$i];
    154. 

  154. 

  155.             
    156. 

  156. 

  157.             if(!empty($product))
    158. 

  158.             {
    159. 

  159. 

  160. 

  161. 

  162.             
    163. 

  163.             if($i=='0')
    164. 

  164.             {
    165. 

  165. 

  166.                 //Get the temp file path
    167. 

  167.                 $tmpFilePath = $_FILES['uplfiles']['tmp_name'][$i];
    168. 

  168. 

  169.                 //Make sure we have a file path
    170. 

  170.                 if ($tmpFilePath != ""){
    171. 

  171.                 //Setup our new file path
    172. 

  172.                 $newFilePath = "../../../../uploadfiles/quotation/".$quotuniqueid."-".$_FILES['uplfiles']['name'][$i];
    173. 

  173. 

  174.                 //Upload the file into the temp dir
    175. 

  175.                 if(move_uploaded_file($tmpFilePath, $newFilePath)) {
    176. 

  176. 

  177.                 //Handle other code here
    178. 

  178.                     $newFilePathq = $quotuniqueid."-".$_FILES['uplfiles']['name'][$i];
    179. 

  179. 

  180.                     }
    181. 

  181.                 }
    182. 

  182. 

  183.                  //Get the temp attachment path
    184. 

  184.                 $tmpFilePath = $_FILES['attachment']['tmp_name'][$i];
    185. 

  185. 

  186.                 //Make sure we have a file path
    187. 

  187.                 if ($tmpFilePath != ""){
    188. 

  188.                 //Setup our new file path
    189. 

  189.                 $newFilePath1 = "../../../../uploadfiles/quotation/".$quotuniqueid."-".$_FILES['attachment']['name'][$i];
    190. 

  190. 

  191.                 //Upload the file into the temp dir
    192. 

  192.                 if(move_uploaded_file($tmpFilePath, $newFilePath1)) {
    193. 

  193. 

  194.                 //Handle other code here
    195. 

  195.                     $newFilePatha = $quotuniqueid."-".$_FILES['attachment']['name'][$i];
    196. 

  196. 

  197.                     }
    198. 

  198.                 }
    199. 

  199. 

  200. 

  201.                 
    202. 

  202. 

  203.            $ad=mysqli_query($dbc,"insert into `quotation` (`Representive`,`RMail`,`UniqueId`,`Company`,`Product1`,`Tax`,`Currency`,`HSNSAC1`,`ServiceName`,`ServiceCost`,`ServiceTax`,`FreightName`,`FreightCost`,`FreightTax`,`PartDescription1`,`Quantity1`,`UnitPrice1`,`Validity`,`Delivery`,`Payment`,`QuotationPath1`,`Attachment1`,`Remarks`,`AddressReq`,`LicenceFor1`,`ExpectedClosure`,`QuotFormName`) values ('$rep','$rmail','$quotuniqueid','$company','$product','$tax','$currency','$hsnsac','$servicename','$servicecost','$servicetax','$freightname','$freightcost','$freighttax','$partd','$qt','$unitp','$validity','$delivery','$payment','$newFilePathq','$newFilePatha','$remarks','$addreq','$licencefor','$expectedclosure','$quotformname')");
    204. 

  204. 

  205.            /*$ad=mysqli_query($dbc,"insert into `quotation_all` (`Representive`,`RMail`,`UniqueId`,`Company`,`Product1`,`Tax`,`Currency`,`HSNSAC1`,`ServiceName`,`ServiceCost`,`ServiceTax`,`FreightName`,`FreightCost`,`FreightTax`,`PartDescription1`,`Quantity1`,`UnitPrice1`,`Validity`,`Delivery`,`Payment`,`QuotationPath1`,`Attachment1`,`Remarks`,`AddressReq`,`LicenceFor1`,`ExpectedClosure`,`QuotFormName`) values ('$rep','$rmail','$quotuniqueid','$company','$product','$tax','$currency','$hsnsac','$servicename','$servicecost','$servicetax','$freightname','$freightcost','$freighttax','$partd','$qt','$unitp','$validity','$delivery','$payment','$newFilePathq','$newFilePatha','$remarks','$addreq','$licencefor','$expectedclosure','$quotformname')");*/
    206. 

  206. 

  207.             
    208. 

  208.             }
    209. 

  209.             elseif($i>=1)
    210. 

  210.             {
    211. 

  211.                 if($i==$c)
    212. 

  212.                 {
    213. 

  213.                     $productnew="Product".($c+1);
    214. 

  214.                                     $partdescnew="PartDescription".($c+1);
    215. 

  215.                                     $quantitynew="Quantity".($c+1);
    216. 

  216.                                     $unitpricenew="UnitPrice".($c+1);
    217. 

  217.                                     
    218. 

  218.                                     $hsnsacnew="HSNSAC".($c+1);
    219. 

  219.                                     $quotationpathnew="QuotationPath".($c+1);
    220. 

  220.                                     $attachmentnew="Attachment".($c+1);
    221. 

  221.                                     $licencefornew="LicenceFor".($c+1);
    222. 

  222.                                     mysqli_query($dbc,"ALTER TABLE `quotation` ADD `$productnew` TEXT NULL, ADD `$partdescnew` TEXT NULL,ADD `$quantitynew` TEXT NULL,ADD `$unitpricenew` TEXT NULL,ADD `$hsnsacnew` TEXT NULL,ADD `$quotationpathnew` TEXT NULL,ADD `$attachmentnew` TEXT NULL,ADD `$licencefornew` TEXT NULL");
    223. 

  223.                                     
    224. 

  224.                                     mysqli_query($dbc,"ALTER TABLE `quotation_all` ADD `$productnew` TEXT NULL, ADD `$partdescnew` TEXT NULL,ADD `$quantitynew` TEXT NULL,ADD `$unitpricenew` TEXT NULL,ADD `$hsnsacnew` TEXT NULL,ADD `$quotationpathnew` TEXT NULL,ADD `$attachmentnew` TEXT NULL,ADD `$licencefornew` TEXT NULL");
    225. 

  225.                                     $c=$c+1;
    226. 

  226.                 }
    227. 

  227. 

  228.                 
    229. 

  229.                 //Get the temp file path
    230. 

  230.                 $tmpFilePath = $_FILES['uplfiles']['tmp_name'][$i];
    231. 

  231. 

  232.                 //Make sure we have a file path
    233. 

  233.                 if ($tmpFilePath != ""){
    234. 

  234.                 //Setup our new file path
    235. 

  235.                 $newFilePath = "../../../../uploadfiles/quotation/".$quotuniqueid."-".$_FILES['uplfiles']['name'][$i];
    236. 

  236. 

  237.                 //Upload the file into the temp dir
    238. 

  238.                 if(move_uploaded_file($tmpFilePath, $newFilePath)) {
    239. 

  239. 

  240.                 //Handle other code here
    241. 

  241.                     $newFilePathtwo = $quotuniqueid."-".$_FILES['uplfiles']['name'][$i];
    242. 

  242. 

  243.                     }
    244. 

  244.                 }
    245. 

  245.                 $ii=$i+1;
    246. 

  246.                 $productcolumn="Product".$ii;
    247. 

  247.                 $partdescolumn="PartDescription".$ii;
    248. 

  248.                 $quantitycolumn="Quantity".$ii;
    249. 

  249.                 $unitpricecolumn="UnitPrice".$ii;
    250. 

  250.                 $quotationpathcolumn="QuotationPath".$ii;
    251. 

  251.                 $hsnsaccolumn="HSNSAC".$ii;
    252. 

  252.                 $licenceforcolumn="LicenceFor".$ii;
    253. 

  253.                 $ad=mysqli_query($dbc,"update `quotation` set `$productcolumn`='$product',`$partdescolumn`='$partd',`$quantitycolumn`='$qt',`$unitpricecolumn`='$unitp',`$quotationpathcolumn`='$newFilePathtwo',`$hsnsaccolumn`='$hsnsac',`$licenceforcolumn`='$licencefor' where  `RMail`='$rmail' and `UniqueId`='$quotuniqueid' ");
    254. 

  254.                 /*$ad=mysqli_query($dbc,"update `quotation_all` set `$productcolumn`='$product',`$partdescolumn`='$partd',`$quantitycolumn`='$qt',`$unitpricecolumn`='$unitp',`$quotationpathcolumn`='$newFilePathtwo',`$hsnsaccolumn`='$hsnsac',`$licenceforcolumn`='$licencefor' where  `RMail`='$rmail' and `UniqueId`='$quotuniqueid' ");*/
    255. 

  255.                 
    256. 

  256.   
    257. 

  257.             }
    258. 

  258.             else
    259. 

  259.             {
    260. 

  260.                 echo '<script>alert("Sorry!! Maximum Description Reached");location.replace("../../../opr/quotgen.php");</script>';
    261. 

  261.             }
    262. 

  262. 

  263.         }
    264. 

  264.         else
    265. 

  265.         {
    266. 

  266.             break;
    267. 

  267.         }
    268. 

  268. 

  269.         
    270. 

  270.         
    271. 

  271.     }
    272. 

  272. 

  273.     
    274. 

  274. 

  275.     if($ad>0)
    276. 

  276.     {
    277. 

  277.         //echo '<script>alert("Data Inserted Successfully");location.replace("../../../opr/quotgen.php");</script>';
    278. 

  278.         
    279. 

  279.         
    280. 

  280.            echo '<script>location.replace("../../../opr/quotverify.php");</script>';
    281. 

  281. 

  282.            /*echo '<script>location.replace("quotation.php");</script>';*/
    283. 

  283. 

  284.             
    285. 

  285.        
    286. 

  286.     }
    287. 

  287.     else
    288. 

  288.     {
    289. 

  289.         echo '<script>alert("Data not Inserted ");location.replace("../../../opr/quotgen.php");</script>';
    290. 

  290.     }
    291. 

  291. 

  292.     }
    293. 

  293. echo '<script>location.replace("../../../opr/quotgen.php");</script>';
    294. 

  294. 

  295. ?>
    296. 

  296. 

  297. 

  298.