format("Y-m-d"); $signedTime =date('H:i:s'); $ts = $signedDate ." ".$signedTime; if(isset($_GET['pid'])){ $myUID = $_GET['vid']; $poNumber=$_GET['pid']; $myToken=$_GET['token']; $key = $_GET['key']; $companyID = mysql_result(mysql_query("SELECT `comp_id` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $companyName = mysql_result(mysql_query("SELECT `comp_name` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyAddress = mysql_result(mysql_query("SELECT `comp_address` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyTIN = mysql_result(mysql_query("SELECT `comp_tin` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyFax = mysql_result(mysql_query("SELECT `comp_fax` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyTel = mysql_result(mysql_query("SELECT `comp_tel` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $companyEmail = mysql_result(mysql_query("SELECT `comp_email` FROM `vts_company` WHERE `comp_id`='$companyID'"),0); $PODate = mysql_result(mysql_query("SELECT `date_posted` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $POTerms = mysql_result(mysql_query("SELECT `terms` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $POInstructions = mysql_result(mysql_query("SELECT `remarks` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $deliverDate = mysql_result(mysql_query("SELECT `delivery_date` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $supplierID = mysql_result(mysql_query("SELECT `vendor_id` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $SupplierName = mysql_result(mysql_query("SELECT `sup_name` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierTIN = mysql_result(mysql_query("SELECT `tin_number` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierAddress = mysql_result(mysql_query("SELECT `address` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierContact = mysql_result(mysql_query("SELECT `contact_person` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierTel = mysql_result(mysql_query("SELECT `landline` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $SupplierContactMobile = mysql_result(mysql_query("SELECT `contact_person_mobile` FROM `prf_suppliers` WHERE `id`='$supplierID'"),0); $poApprovedByID =mysql_result(mysql_query("SELECT `approved_by` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $poApprovedByFName=mysql_result(mysql_query("SELECT `u_fname` FROM `vts_users` WHERE `u_id`='$poApprovedByID'"),0); $poApprovedByLName=mysql_result(mysql_query("SELECT `u_lname` FROM `vts_users` WHERE `u_id`='$poApprovedByID'"),0); $chkBy = mysql_result(mysql_query("SELECT `checked_by` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); $MyAPIcode = mysql_result(mysql_query("SELECT `SMSAPICode` FROM `asa_versioning_db` WHERE `type`='Live'"),0); $MyPasswd = mysql_result(mysql_query("SELECT `SMSAPIPass` FROM `asa_versioning_db` WHERE `type`='Live'"),0); $ckhToken = $_GET['token']; $liveToken = mysql_result(mysql_query("SELECT `token` FROM `prf_purchase_order` WHERE `po_number`='$poNumber'"),0); //echo $ckhToken ." - ".$liveToken; if($liveToken != $ckhToken){ echo "

This record does not exist.

Please contact your system administrator for assistance. Thank you

Date: ".date("m/d/Y")." | ".date("h:m:s AM/PM")."

"; exit; } $sendKey = mysql_result(mysql_query("SELECT COUNT(id) FROM `prf_validate_links` WHERE `uid`='$myUID' AND `code`='$key' AND `po_code`='$poNumber'"),0); if($sendKey == 0){ echo "

This record does not exist.

Please contact your system administrator for assistance. Thank you

Date: ".date("m/d/Y")." | ".date("h:m:s AM/PM")."

"; exit; } mysql_query("UPDATE `prf_purchase_order` SET `vendor_confirm_ts`='$ts' WHERE `po_number`='$poNumber' AND `vendor_confirm_ts`=''"); $otpDate = mysql_result(mysql_query("SELECT `otp_approval_start` FROM `prf_purchase_order` WHERE `po_number`='$poNumber' AND `token`='$myToken'"),0); //echo $otpDate ." -".$signedDate; if($signedDate != $otpDate){ $otp= Rand(100001, 999999); //echo $otp; mysql_query("UPDATE `prf_purchase_order` SET `max_otp_approval`='0',`otp_approval`='$otp',`otp_approval_start`='$signedDate' WHERE `po_number`='$poNumber' AND `token`='$myToken'"); $SMSMessage = "Your OTP Code is ".$otp. ". Valid within 24 hours only."; $empMobile = mysql_result(mysql_query("SELECT `usr_mobile` FROM `vts_users` WHERE `u_id`='$chkBy'"),0); //$result = itexmo($empMobile, $SMSMessage,$MyAPIcode,$MyPasswd); $result = itexmoAA($empMobile, $SMSMessage,$MyAPIcode,$MyPasswd); if ($result == ""){ //echo ''; }else if ($result == 0){ //echo "SMS Sent!"; } else{ //echo "Error Num ". $result . " was encountered!"; } } $myOTPC = mysql_result(mysql_query("SELECT `otp_validation` FROM `prf_purchase_order` WHERE `po_number`='$poNumber' AND `token`='$myToken'"),0); ?>

Website: https://www.autohubgroup.com

".$companyAddress.""; echo "Tel. No.".$companyTel." Fax." .$companyFax.""; echo "E-mail: ".$companyEmail.""; ?>
- PURCHASE ORDER -
Supplier Name: PO Number:
Address: PO Date:
Contact Person: Terms:
Tel. Number: Contact Mobile#:
Please Invoice To:
TIN Number:
Delivery Date:
Look For:
QTY UNIT DESCRIPTION UNIT COST AMOUNT
"; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; $CostPrice = $row['approved_amount']* $row['approved_qty']; $totalAmount = $totalAmount + $CostPrice; } ?>
".$row['approved_qty']."".$row['uom']."".strtoupper($row['item_description'])."".number_format($row['approved_amount'],2,'.',',')."".number_format(($row['approved_amount'] * $row['approved_qty']),2,'.',',') ."

* * * NOTHING FOLLOWS * * *

PRF NUMBER:

"; while($prf = mysql_fetch_array($getPRFNumber)){ $refCode= $prf['header_ref_code']; echo "

#".$refCode.",

"; } ?>
TOTAL
Prepared By:
Checked By:
Approved By:
***This is a System Generated document. Physical Signature might not be required***