format("Y-m-d"); $signedTime =date('H:i:s'); if(isset($_GET['id'])){ $myKey=$_GET['key']; echo ""; $chkIfPosted = mysql_result(mysql_query("SELECT COUNT(1) FROM `prf_validate_links` WHERE `code`='$myKey' AND `completed`=0"),0); if($chkIfPosted == 0 || $chkIfPosted =='' ){ echo "
ERROR: Purchase Order is no longer exist.
"; exit; } $myUID = $_GET['uid']; $poNumber=$_GET['id']; $myToken=$_GET['token']; $companyID = mysql_result(mysql_query("SELECT `comp_id` FROM `prf_purchase_order` WHERE `po_number`=$poNumber"),0); $companyName = mysql_result(mysql_query("SELECT `comp_name` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyAddress = mysql_result(mysql_query("SELECT `comp_address` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyTIN = mysql_result(mysql_query("SELECT `comp_tin` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyFax = mysql_result(mysql_query("SELECT `comp_fax` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyTel = mysql_result(mysql_query("SELECT `comp_tel` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyEmail = mysql_result(mysql_query("SELECT `comp_email` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $PODate = mysql_result(mysql_query("SELECT `date_posted` FROM `prf_purchase_order` WHERE `po_number`=$poNumber"),0); $POTerms = mysql_result(mysql_query("SELECT `terms` FROM `prf_purchase_order` WHERE `po_number`=$poNumber"),0); $POInstructions = mysql_result(mysql_query("SELECT `remarks` FROM `prf_purchase_order` WHERE `po_number`=$poNumber"),0); $deliverDate = mysql_result(mysql_query("SELECT `delivery_date` FROM `prf_purchase_order` WHERE `po_number`=$poNumber"),0); $supplierID = mysql_result(mysql_query("SELECT `vendor_id` FROM `prf_purchase_order` WHERE `po_number`=$poNumber"),0); $SupplierName = mysql_result(mysql_query("SELECT `sup_name` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierTIN = mysql_result(mysql_query("SELECT `tin_number` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierAddress = mysql_result(mysql_query("SELECT `address` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierContact = mysql_result(mysql_query("SELECT `contact_person` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierTel = mysql_result(mysql_query("SELECT `landline` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierContactMobile = mysql_result(mysql_query("SELECT `contact_person_mobile` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $chkBy = mysql_result(mysql_query("SELECT `checked_by` FROM `prf_purchase_order` WHERE `po_number`=$poNumber"),0); $MyAPIcode = mysql_result(mysql_query("SELECT `SMSAPICode` FROM `asa_versioning_db` WHERE `type`='Live'"),0); $MyPasswd = mysql_result(mysql_query("SELECT `SMSAPIPass` FROM `asa_versioning_db` WHERE `type`='Live'"),0); $ckhToken = $_GET['token']; $liveToken = mysql_result(mysql_query("SELECT `token` FROM `prf_purchase_order` WHERE `po_number`=$poNumber"),0); if($liveToken != $ckhToken){ echo "

This record does not exist. Reason: Invalid Token ID

Please contact your system administrator for assistance. Thank you

Date: ".date("m/d/Y")." | ".date("h:m:s AM/PM")."

"; exit; } $otpDate = mysql_result(mysql_query("SELECT `otp_approval_start` FROM `prf_purchase_order` WHERE `po_number`=$poNumber AND `token`='$myToken'"),0); //echo "SELECT `otp_approval_start` FROM `prf_purchase_order` WHERE `po_number`=$poNumber AND `token`='$myToken'"; //echo $signedDate; //exit; //echo $otpDate ." -".$signedDate; //if($signedDate != $otpDate){ $otp= Rand(100001, 999999); //echo $otp; mysql_query("UPDATE `prf_purchase_order` SET `max_otp_approval`='0',`otp_approval`='$otp',`otp_approval_start`='$signedDate' WHERE `po_number`=$poNumber AND `token`='$myToken'"); $SMSMessage = "Your OTP Code is ".$otp. ". Valid within 24 hours for PO Ref:#".$poNumber ; //$empMobile = mysql_result(mysql_query("SELECT `usr_mobile` FROM `vts_users` WHERE `u_id`='$chkBy'"),0); ///$getPOChecker = mysql_query("SELECT * FROM prf_poapprover WHERE trans_type ='Approver' AND deleted =0 "); //$result = itexmo($empMobile, $SMSMessage,$MyAPIcode,$MyPasswd); //while($aRow = mysql_fetch_array($getPOChecker)){ //$myFID =$aRow['po_officer_id']; $empMobile = mysql_result(mysql_query("SELECT `usr_mobile` FROM `vts_users` WHERE `u_id`='$myUID'"),0); $result = itexmoAA($empMobile, $SMSMessage,$MyAPIcode,$MyPasswd); if ($result == ""){ //echo ''; }else if ($result == 0){ //echo "SMS Sent!"; } else{ //echo "Error Num ". $result . " was encountered!"; } //} //} $myOTPC = mysql_result(mysql_query("SELECT `otp_validation` FROM `prf_purchase_order` WHERE `po_number`=$poNumber AND `token`='$myToken'"),0); ?>

Website: https://www.autohubgroup.com

".$companyAddress.""; echo "Tel. No.".$companyTel." Fax." .$companyFax.""; echo "E-mail: ".$companyEmail.""; ?>
- PURCHASE ORDER APPROVAL -
Supplier Name: PO Number:
Address: PO Date:
Contact Person: Terms:
Tel. Number: Contact Mobile#:
Please Invoice To:
TIN Number:
Delivery Date:
Look For:
QTY UNIT DESCRIPTION UNIT COST AMOUNT
"; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; $CostPrice = $row['approved_amount']* $row['approved_qty']; $totalAmount = $totalAmount + $CostPrice; } ?>
".$row['approved_qty']."".$row['uom']."".strtoupper($row['item_description'])."".number_format($row['approved_amount'],2,'.',',')."".number_format(($row['approved_amount'] * $row['approved_qty']),2,'.',',') ."

* * * NOTHING FOLLOWS * * *

PRF NUMBER:

"; while($prf = mysql_fetch_array($getPRFNumber)){ $refCode= $prf['header_ref_code']; echo "

#".$refCode.",

"; } ?>
TOTAL
Prepared By:
Checked By:
Approved By: