PageRenderTime 67ms CodeModel.GetById 33ms RepoModel.GetById 1ms app.codeStats 0ms

/manager/auth/order/quotation/updquot.php

https://bitbucket.org/nav_subhamkumar/crm
PHP | 354 lines | 169 code | 112 blank | 73 comment | 20 complexity | f8a39244b98bbd2a1c21e829c45e516a MD5 | raw file
Possible License(s): Unlicense, GPL-2.0, GPL-3.0 
    

  1. <?php
    2. 

  2. session_start();
    3. 

  3. error_reporting(E_PARSE | E_ERROR);
    4. 

  4. $id=$_SESSION['id'];
    5. 

  5. if(!$_SESSION['id'])
    6. 

  6. {
    7. 

  7.     echo '<script>location.replace("../../../../../index.php");</script>';
    8. 

  8. }
    9. 

  9. 

  10. require_once "../../../conn/conn.php";
    11. 

  11. $chk=mysqli_query($dbc,"select * from team where email='$id'");
    12. 

  12. while($fchk=mysqli_fetch_assoc($chk))
    13. 

  13. {
    14. 

  14.     $type=$fchk['EmployeeType'];
    15. 

  15.     if( $type !="Manager")
    16. 

  16.     {
    17. 

  17.         echo '<script>location.replace("../../../../index.php");</script>';
    18. 

  18.     }
    19. 

  19. }
    20. 

  20. 

  21. 

  22. ?>
    23. 

  23. 

  24. 

  25. <?php
    26. 

  26. 

  27. if(isset($_POST['submit']))
    28. 

  28. {
    29. 

  29.     $rep=$_SESSION['n'];
    30. 

  30.     $rmail=$id;
    31. 

  31. 

  32.     $quotno=$_POST['quotno'];
    33. 

  33.   
    34. 

  34. 

  35.     $company=$_POST['company'];
    36. 

  36.     /*$array =  explode('.', $companywfid);
    37. 

    38. 

  38.     $fid=$array[0];
    39. 

  39.     $company=$array[1];*/
    40. 

  40.     
    41. 

  41.     /*$quotationnumber=$_POST['quotationnumber'];
    42. 

  42.     $_SESSION['quotationnumber']=$quotationnumber;*/
    43. 

  43. 

  44.     $qtype=$_POST['qtype'];
    45. 

  45.     
    46. 

  46.         //$_SESSION['qtype']=$qtype;
    47. 

  47. 

  48.         $quotuniqueid=$_POST['uniqueid'];
    49. 

  49.         
    50. 

  50.         $_SESSION['qu']=$quotuniqueid;
    51. 

  51.     
    52. 

  52.     
    53. 

  53. 

  54.     /*$quotuniqueid=$_POST['uniqueid'];
    55. 

  55.     $_SESSION['quotuniqueid']=$quotuniqueid;*/
    56. 

  56. 

  57.     $currency=$_POST['currency'];
    58. 

  58.     $hsnsac=$_POST['hsnsac'];
    59. 

  59.     $validity=$_POST['validity'];
    60. 

  60.     $delivery=$_POST['delivery'];
    61. 

  61.     $service=$_POST['service'];
    62. 

  62.     $payment=$_POST['payment'];
    63. 

  63. 

  64.     $servicename=$_POST['servicename'];
    65. 

  65.     $servicecost=$_POST['servicecost'];
    66. 

  66.     $servicetax=$_POST['servicetax'];
    67. 

  67.     $freightname=$_POST['freightname'];
    68. 

  68.     $freightcost=$_POST['freightcost'];
    69. 

  69.     $freighttax=$_POST['freighttax'];
    70. 

  70. 

  71.     $expectedclosure=$_POST['expectedclosure'];
    72. 

  72. 

  73.     $addreq=$_POST['addreq'];
    74. 

  74. 

  75.     $quotformname=$_POST['quotformname'];
    76. 

  76. 

  77. 

  78. 

  79.     $remarks=$_POST['remarks'];
    80. 

  80. 

  81.     $tax=implode(',', $_POST['tax']);
    82. 

  82.     
    83. 

  83. 

  84.     $_SESSION['fid']=null;
    85. 

  85. 

  86.     
    87. 

  87. 

  88.     $_SESSION['qcompany']=$company;
    89. 

  89.     /*$_SESSION['qproduct']=$product;*/
    90. 

  90. 

  91.     // Generate Guid - unique id 
    92. 

  92. function NewGuid() { 
    93. 

  93.     $s = strtoupper(md5(uniqid(rand(),true))); 
    94. 

  94.     
    95. 

  95.     date_default_timezone_set('Asia/Kolkata');
    96. 

  96.     $timestamp = date('dmYHis', time());
    97. 

  97.     $guidText = 
    98. 

  98.         substr($timestamp,0,18) . '-' . 
    99. 

  99.         substr($s,18,4) . '-' . 
    100. 

  100.         substr($s,22,4). '-' . 
    101. 

  101.         substr($s,26,4). '-' . 
    102. 

  102.         substr($s,30); 
    103. 

  103.     return $guidText;
    104. 

  104. }
    105. 

  105. // End Generate Guid 
    106. 

  106. 

  107. if($qtype>1)
    108. 

  108. {
    109. 

  109. $quotuniqueid = NewGuid();
    110. 

  110. }
    111. 

  111. 

  112. $_SESSION['quotuniqueid']=$quotuniqueid;
    113. 

  113. 

  114. 

  115. 

  116. 

  117.     $pathquot=null;
    118. 

  118.     $pathattachment=null;
    119. 

  119. 

  120.     $allowed = array('png', 'jpg','jpeg', 'pdf', 'doc', 'docx', 'xls','xlsx','csv');
    121. 

  121. 

  122.     /*upload quotation*/
    123. 

  123.     /*if(isset($_FILES['uplfiles']) && $_FILES['uplfiles']['error'] == 0){
    124. 

    125. 

  125.     $extension = pathinfo($_FILES['uplfiles']['name'], PATHINFO_EXTENSION);
    126. 

    127. 

  127.     if(!in_array(strtolower($extension), $allowed)){
    128. 

    129. 

  129.         
    130. 

  130.         
    131. 

  131.         
    132. 

  132.     }
    133. 

    134. 

  134.     if(move_uploaded_file($_FILES['uplfiles']['tmp_name'], '../../../../../uploadfiles/quotation/'.$company.'.'.$fid.'.'.$_FILES['uplfiles']['name'])){
    135. 

  135.         global $path;
    136. 

  136.         $pathquot=$company.'.'.$fid.'.'.$_FILES['uplfiles']['name'];
    137. 

    138. 

    139. 

    140. 

  140.         }
    141. 

    142. 

    143. 

    144. 

    145. 

  145.     }
    146. 

  146. */
    147. 

  147.     // Count # of uploaded files in array
    148. 

  148. /*$total = count($_FILES['uplfiles']['name']);*/
    149. 

  149. 

  150. // Loop through each file
    151. 

  151. /*for( $i=0 ; $i < $total ; $i++ ) {*/
    152. 

  152. 

  153.   //Get the temp file path
    154. 

  154.   /*$tmpFilePath = $_FILES['uplfiles']['tmp_name'][$i];*/
    155. 

  155. 

  156.   //Make sure we have a file path
    157. 

  157.   /*if ($tmpFilePath != ""){*/
    158. 

  158.     //Setup our new file path
    159. 

  159.     /*$newFilePath = "../../../../../uploadfiles/quotation/" . $_FILES['uplfiles']['name'][$i];*/
    160. 

  160. 

  161.     //Upload the file into the temp dir
    162. 

  162.     /*if(move_uploaded_file($tmpFilePath, $newFilePath)) {*/
    163. 

  163. 

  164.       //Handle other code here
    165. 

  165. 

  166.    /* }
    167. 

  167.   }
    168. 

  168. }*/
    169. 

  169. 

  170. /*check columns available start*/
    171. 

  171.     
    172. 

  172.     $result=mysqli_query($dbc,"show columns from quotation");
    173. 

  173.                                     $k=0;
    174. 

  174.                                     $c=0;
    175. 

  175.                                     while($row = mysqli_fetch_array($result)){
    176. 

  176.                                         $str=$row['Field'];
    177. 

  177.                                        
    178. 

  178.                                        $newstr = filter_var($str, FILTER_SANITIZE_STRING);
    179. 

  179.                                        if($newstr="Product")
    180. 

  180.                                        {
    181. 

  181. 

  182. 

  183.                                        $int_id = filter_var($str, FILTER_SANITIZE_NUMBER_INT);
    184. 

  184.                                        
    185. 

  185.                                        if($int_id > $k)
    186. 

  186.                                        {
    187. 

  187.                                           global $c;
    188. 

  188.                                           $c=$int_id;
    189. 

  189.                                           $k=$int_id;
    190. 

  190.          
    191. 

  191.                                           }
    192. 

  192.                                        }
    193. 

  193.                                        
    194. 

  194.                                     }
    195. 

  195. /*check columns available end*/    
    196. 

  196. 

  197. 

  198.     
    199. 

  199. 

  200.         //echo $_POST['qty'];
    201. 

  201.     
    202. 

  202.     for ($i = 0; $i < 500; $i++) 
    203. 

  203.     {
    204. 

  204.         /*if (isset($_POST['partdesc'][$i], $_POST['qty'][$i],$_POST['unitprice'][$i])) { // Make sure both are filled in*/
    205. 

  205.             // Do stuff with this row of the form
    206. 

  206.             $product=$_POST['product'][$i];
    207. 

  207. 

  208.             $partd=$_POST['partdesc'][$i];
    209. 

  209.             $qt=$_POST['qty'][$i];
    210. 

  210.             $unitp=$_POST['unitprice'][$i];
    211. 

  211.             $licencefor=$_POST['licencefor'][$i];
    212. 

  212.             $hsnsac=$_POST['hsnsac'][$i];
    213. 

  213. 

  214.             
    215. 

  215. 

  216.             if(!empty($product) and !empty($unitp))
    217. 

  217.             {
    218. 

  218. 

  219. 

  220. 

  221.             
    222. 

  222.             if($i=='0')
    223. 

  223.             {
    224. 

  224. 

  225.                 //Get the temp file path
    226. 

  226.                 $tmpFilePath = $_FILES['uplfiles']['tmp_name'][$i];
    227. 

  227. 

  228.                 //Make sure we have a file path
    229. 

  229.                 if ($tmpFilePath != ""){
    230. 

  230.                 //Setup our new file path
    231. 

  231.                 $newFilePath = "../../../../uploadfiles/quotation/".$quotuniqueid."-".$_FILES['uplfiles']['name'][$i];
    232. 

  232. 

  233.                 //Upload the file into the temp dir
    234. 

  234.                 if(move_uploaded_file($tmpFilePath, $newFilePath)) {
    235. 

  235. 

  236.                 //Handle other code here
    237. 

  237.                     $newFilePathq = $quotuniqueid."-".$_FILES['uplfiles']['name'][$i];
    238. 

  238. 

  239.                     }
    240. 

  240.                 }
    241. 

  241. 

  242.                  //Get the temp attachment path
    243. 

  243.                 $tmpFilePath = $_FILES['attachment']['tmp_name'][$i];
    244. 

  244. 

  245.                 //Make sure we have a file path
    246. 

  246.                 if ($tmpFilePath != ""){
    247. 

  247.                 //Setup our new file path
    248. 

  248.                 $newFilePath1 = "../../../../uploadfiles/quotation/".$quotuniqueid."-".$_FILES['attachment']['name'][$i];
    249. 

  249. 

  250.                 //Upload the file into the temp dir
    251. 

  251.                 if(move_uploaded_file($tmpFilePath, $newFilePath1)) {
    252. 

  252. 

  253.                 //Handle other code here
    254. 

  254.                     $newFilePatha = $quotuniqueid."-".$_FILES['attachment']['name'][$i];
    255. 

  255. 

  256.                     }
    257. 

  257.                 }
    258. 

  258. 

  259. 

  260.                 
    261. 

  261. 

  262.            $ad=mysqli_query($dbc,"insert into `quotation_all` (`Representive`,`RMail`,`UniqueId`,`QuotNo`,`Company`,`Product1`,`Tax`,`Currency`,`HSNSAC1`,`ServiceName`,`ServiceCost`,`ServiceTax`,`FreightName`,`FreightCost`,`FreightTax`,`PartDescription1`,`Quantity1`,`UnitPrice1`,`Validity`,`Delivery`,`Payment`,`QuotationPath1`,`Attachment1`,`Remarks`,`AddressReq`,`LicenceFor1`,`ExpectedClosure`,`QuotFormName`) values ('$rep','$rmail','$quotuniqueid','$quotno','$company','$product','$tax','$currency','$hsnsac','$servicename','$servicecost','$servicetax','$freightname','$freightcost','$freighttax','$partd','$qt','$unitp','$validity','$delivery','$payment','$newFilePathq','$newFilePatha','$remarks','$addreq','$licencefor','$expectedclosure','$quotformname')");
    263. 

  263. 

  264.            $ad=mysqli_query($dbc,"update `quotation` set `UniqueId`='$quotuniqueid',`Company`='$company',`Product1`='$product',`Tax`='$tax',`Currency`='$currency',`HSNSAC1`='$hsnsac',`ServiceName`='$servicename',`ServiceCost`='$servicecost',`ServiceTax`='$servicetax',`FreightName`='$freightname',`FreightCost`='$freightcost',`FreightTax`='$freighttax',`PartDescription1`='$partd',`Quantity1`='$qt',`UnitPrice1`='$unitp',`Validity`='$validity',`Delivery`='$delivery',`Payment`='$payment',`QuotationPath1`='$newFilePathq',`Attachment1`='$newFilePatha',`Remarks`='$remarks',`AddressReq`='$addreq',`LicenceFor1`='$licencefor',`ExpectedClosure`='$expectedclosure',`QuotFormName`='$quotformname' where `QuotNo`='$quotno' ");
    265. 

  265. 

  266.             
    267. 

  267.             }
    268. 

  268.             elseif($i>=1)
    269. 

  269.             {
    270. 

  270.                 if($i==$c)
    271. 

  271.                 {
    272. 

  272.                     $productnew="Product".($c+1);
    273. 

  273.                                     $partdescnew="PartDescription".($c+1);
    274. 

  274.                                     $quantitynew="Quantity".($c+1);
    275. 

  275.                                     $unitpricenew="UnitPrice".($c+1);
    276. 

  276.                                     
    277. 

  277.                                     $hsnsacnew="HSNSAC".($c+1);
    278. 

  278.                                     $quotationpathnew="QuotationPath".($c+1);
    279. 

  279.                                     $attachmentnew="Attachment".($c+1);
    280. 

  280.                                     $licencefornew="LicenceFor".($c+1);
    281. 

  281.                                     mysqli_query($dbc,"ALTER TABLE `quotation` ADD `$productnew` TEXT NULL, ADD `$partdescnew` TEXT NULL,ADD `$quantitynew` TEXT NULL,ADD `$unitpricenew` TEXT NULL,ADD `$hsnsacnew` TEXT NULL,ADD `$quotationpathnew` TEXT NULL,ADD `$attachmentnew` TEXT NULL,ADD `$licencefornew` TEXT NULL");
    282. 

  282.                                     mysqli_query($dbc,"ALTER TABLE `quotation_all` ADD `$productnew` TEXT NULL, ADD `$partdescnew` TEXT NULL,ADD `$quantitynew` TEXT NULL,ADD `$unitpricenew` TEXT NULL,ADD `$hsnsacnew` TEXT NULL,ADD `$quotationpathnew` TEXT NULL,ADD `$attachmentnew` TEXT NULL,ADD `$licencefornew` TEXT NULL");
    283. 

  283.                                     $c=$c+1;
    284. 

  284.                 }
    285. 

  285. 

  286.                 
    287. 

  287.                 //Get the temp file path
    288. 

  288.                 $tmpFilePath = $_FILES['uplfiles']['tmp_name'][$i];
    289. 

  289. 

  290.                 //Make sure we have a file path
    291. 

  291.                 if ($tmpFilePath != ""){
    292. 

  292.                 //Setup our new file path
    293. 

  293.                 $newFilePath = "../../../../uploadfiles/quotation/".$quotuniqueid."-".$_FILES['uplfiles']['name'][$i];
    294. 

  294. 

  295.                 //Upload the file into the temp dir
    296. 

  296.                 if(move_uploaded_file($tmpFilePath, $newFilePath)) {
    297. 

  297. 

  298.                 //Handle other code here
    299. 

  299.                     $newFilePathtwo = $quotuniqueid."-".$_FILES['uplfiles']['name'][$i];
    300. 

  300. 

  301.                     }
    302. 

  302.                 }
    303. 

  303.                 $ii=$i+1;
    304. 

  304.                 $productcolumn="Product".$ii;
    305. 

  305.                 $partdescolumn="PartDescription".$ii;
    306. 

  306.                 $quantitycolumn="Quantity".$ii;
    307. 

  307.                 $unitpricecolumn="UnitPrice".$ii;
    308. 

  308.                 $quotationpathcolumn="QuotationPath".$ii;
    309. 

  309.                 $hsnsaccolumn="HSNSAC".$ii;
    310. 

  310.                 $licenceforcolumn="LicenceFor".$ii;
    311. 

  311.                 $ad=mysqli_query($dbc,"update `quotation` set `$productcolumn`='$product',`$partdescolumn`='$partd',`$quantitycolumn`='$qt',`$unitpricecolumn`='$unitp',`$quotationpathcolumn`='$newFilePathtwo',`$hsnsaccolumn`='$hsnsac',`$licenceforcolumn`='$licencefor' where  `RMail`='$rmail' and `UniqueId`='$quotuniqueid' ");
    312. 

  312.                 $ad=mysqli_query($dbc,"update `quotation_all` set `$productcolumn`='$product',`$partdescolumn`='$partd',`$quantitycolumn`='$qt',`$unitpricecolumn`='$unitp',`$quotationpathcolumn`='$newFilePathtwo',`$hsnsaccolumn`='$hsnsac',`$licenceforcolumn`='$licencefor' where  `RMail`='$rmail' and `UniqueId`='$quotuniqueid' ");
    313. 

  313.                 
    314. 

  314.   
    315. 

  315.             }
    316. 

  316.             else
    317. 

  317.             {
    318. 

  318.                 echo '<script>alert("Sorry!! Maximum Description Reached");location.replace("../../../opr/quotgen.php");</script>';
    319. 

  319.             }
    320. 

  320. 

  321.         }
    322. 

  322.         else
    323. 

  323.         {
    324. 

  324.             break;
    325. 

  325.         }
    326. 

  326. 

  327.         
    328. 

  328.         
    329. 

  329.     }
    330. 

  330. 

  331.     
    332. 

  332. 

  333.     if($ad>0)
    334. 

  334.     {
    335. 

  335.         
    336. 

  336.         
    337. 

  337.         
    338. 

  338.            echo '<script>location.replace("../../../opr/quotverify.php");</script>';
    339. 

  339. 

  340.            
    341. 

  341. 

  342.             
    343. 

  343.        
    344. 

  344.     }
    345. 

  345.     else
    346. 

  346.     {
    347. 

  347.         echo '<script>alert("Data not Updated ");location.replace("../../../opr/quotdash.php");</script>';
    348. 

  348.     }
    349. 

  349. 

  350.     }
    351. 

  351. echo '<script>location.replace("../../../opr/quotdash.php");</script>';
    352. 

  352. 

  353. ?>
    354. 

  354. 

  355.