format("Y-m-d"); $signedTime =date('H:i:s'); $myUID = $user_data['u_id']; if(isset($_GET['id'])){ $poNumber=$_GET['id']; $myToken=$_GET['token']; $myKey=$_GET['key']; $userID = $_GET['uid']; $companyID = mysql_result(mysql_query("SELECT `comp_id` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $companyName = mysql_result(mysql_query("SELECT `comp_name` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyAddress = mysql_result(mysql_query("SELECT `comp_address` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyTIN = mysql_result(mysql_query("SELECT `comp_tin` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyFax = mysql_result(mysql_query("SELECT `comp_fax` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyTel = mysql_result(mysql_query("SELECT `comp_tel` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyEmail = mysql_result(mysql_query("SELECT `comp_email` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $PODate = mysql_result(mysql_query("SELECT `date_posted` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $POTerms = mysql_result(mysql_query("SELECT `terms` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $POInstructions = mysql_result(mysql_query("SELECT `remarks` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $deliverDate = mysql_result(mysql_query("SELECT `delivery_date` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $supplierID = mysql_result(mysql_query("SELECT `vendor_id` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $SupplierName = mysql_result(mysql_query("SELECT `sup_name` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierTIN = mysql_result(mysql_query("SELECT `tin_number` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierAddress = mysql_result(mysql_query("SELECT `address` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierContact = mysql_result(mysql_query("SELECT `contact_person` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierTel = mysql_result(mysql_query("SELECT `landline` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierContactMobile = mysql_result(mysql_query("SELECT `contact_person_mobile` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $chkBy = mysql_result(mysql_query("SELECT `checked_by` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $MyAPIcode = mysql_result(mysql_query("SELECT `SMSAPICode` FROM `asa_versioning_db` WHERE `type`='Live'"),0); $MyPasswd = mysql_result(mysql_query("SELECT `SMSAPIPass` FROM `asa_versioning_db` WHERE `type`='Live'"),0); $chkIfPosted = mysql_result(mysql_query("SELECT `date_posted` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); if($chkIfPosted == ''){ echo "
ERROR: Purchase Order hasn't been posted yet. Please POST this PO before your proceed with PO Validation.
"; exit; } $ckhToken = $_GET['token']; $liveToken = mysql_result(mysql_query("SELECT `token` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); if($liveToken != $ckhToken){ echo "

This record does not exist. Reason: Invalid Token ID

Please contact your system administrator for assistance. Thank you

Date: ".date("m/d/Y")." | ".date("h:m:s AM/PM")."

"; exit; } $otpDate = mysql_result(mysql_query("SELECT `otp_validation_start` FROM `prf_purchase_order` WHERE `po_number`='$poNumber' AND `token`='$myToken'"),0); //echo $otpDate ." -".$signedDate; if($signedDate != $otpDate){ $otp= Rand(100001, 999999); //echo $otp; mysql_query("UPDATE `prf_purchase_order` SET `max_otp_validate`='0',`otp_validation`='$otp',`otp_validation_start`='$signedDate' WHERE `po_number`='$poNumber' AND `token`='$myToken'"); $SMSMessage = "Your OTP Code is ".$otp. ". Valid within 24 hours only."; $empMobile = mysql_result(mysql_query("SELECT `usr_mobile` FROM `vts_users` WHERE `u_id`='$chkBy'"),0); $empEmail = mysql_result(mysql_query("SELECT `email` FROM `vts_users` WHERE `u_id`='$chkBy'"),0); //$result = itexmo($empMobile, $SMSMessage,$MyAPIcode,$MyPasswd); $result = itexmoAA($empMobile, $SMSMessage,$MyAPIcode,$MyPasswd); if ($result == ""){ //echo ''; }else if ($result == 0){ //echo "SMS Sent!"; } else{ //echo "Error Num ". $result . " was encountered!"; } //######################################################################################################################### //######################################################################################################################### } $myOTPC = mysql_result(mysql_query("SELECT `otp_validation` FROM `prf_purchase_order` WHERE `po_number`='$poNumber' AND `token`='$myToken'"),0); ?>

Website: https://www.autohubgroup.com

".$companyAddress.""; echo "Tel. No.".$companyTel." Fax." .$companyFax.""; echo "E-mail: ".$companyEmail.""; ?>
PURCHASE ORDER VALIDATION
Supplier Name: PO Number:
Address: PO Date:
Contact Person: Terms:
Tel. Number: Contact Mobile#:
Please Invoice To:
TIN Number:
Delivery Date:
Look For:
QTY UNIT DESCRIPTION UNIT COST AMOUNT
"; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; $CostPrice = $row['approved_amount']* $row['approved_qty']; $totalAmount = $totalAmount + $CostPrice; } ?>
".$row['approved_qty']."".$row['uom']."".strtoupper($row['item_description'])."".number_format($row['approved_amount'],2,'.',',')."".number_format(($row['approved_amount'] * $row['approved_qty']),2,'.',',') ."

* * * NOTHING FOLLOWS * * *

PRF NUMBER:

"; while($prf = mysql_fetch_array($getPRFNumber)){ $refCode= $prf['header_ref_code']; echo "

#".$refCode.",

"; } ?>
TOTAL
Prepared By:
Checked By:
0){ if($dateChecked!=''){ echo "Signed: ".$dateChecked." - ".$timeChecked; }else{ ?>
Approved By: