File manager - Edit - /home/autoph/public_html/data03252025consolidation/app/report/insert_report.php
Back
<?php include_once("../../cfg/db.php"); include_once("../notification/notification.php"); include_once("../sms/send_sms.php"); include_once("../mail/send_mail.php"); include_once("../language/en-US.php"); include_once("../../api/controllers/utility.php"); if(!isset($_SESSION['user'])){ exit(); } $utility = new Utility(); $granted_company_ids = $utility->isNotEmpty($_SESSION['user']['company_permissions_implode']) ? $_SESSION['user']['company_permissions_implode'] : '-1' ; // print_r($_POST['checkboxArray']); // exit; // $report_type = $db->escape(($_POST['report-type'])); if(isset($_POST['checkboxArray'])){ $report_type_arr = $_POST['checkboxArray']; }else{ $return_arr["status"]=0; $return_arr["message"]=" Select report type."; echo json_encode($return_arr); exit; } $upload_employee_id = $db->escape(($_POST['uploaded-by'])); // $where_upload_employee_id = clean($upload_by_full); // if(isNotEmpty($where_upload_employee_id)){ // $upload_employee_id = $db -> select("SELECT id FROM employee WHERE employee_id = '$where_upload_employee_id' "); // }else{ // $upload_employee_id = ""; // } $reg_from = $db->escape(($_POST['reg-from'])); $reg_to = $db->escape(($_POST['reg-to'])); $dms = $db->escape(($_POST['dms'])); $company = $db->escape(($_POST['company'])); $dealer = $db->escape(($_POST['dealer'])); $state = $db->escape(($_POST['state'])); $city = $db->escape(($_POST['city'])); $upload_from = $db->escape(($_POST['upload-from'])); $upload_to = $db->escape(($_POST['upload-to'])); $report_description= $db->escape(($_POST['report-description'])); // echo $report_description;exit; $type = $db->escape(($_POST['type'])); $brand_id = $db->escape(($_POST['brand'])); $model_id = $db->escape(($_POST['model'])); $filter_data = $db->escape(($_POST['filter-data'])); $gender = $db->escape(($_POST['gender'])); $age_from = $db->escape(($_POST['age-from'])); $age_to = $db->escape(($_POST['age-to'])); $sort_by = $db->escape(($_POST['sort-by'])); $order_by = $db->escape(($_POST['order'])); $downloadable = $db->escape(($_POST['downloadable'])); $date_of_birth = $db->escape(($_POST['date-of-birth'])); $customer_category = $db->escape(($_POST['category'])); $customer_status = $db->escape(($_POST['active-status'])); $finance_company = $db->escape(($_POST['finance-company'])); $insurance_company = $db->escape(($_POST['insurance-company'])); $insurance_type = $db->escape(($_POST['insurance-type'])); $employee_id = $_SESSION['user']['id']; // echo $filter_data // exit; foreach($report_type_arr as $report_type){ $employee_id_approver_list = $db -> sql_query("SELECT `employee_id` FROM `report_approver` WHERE `report_type_id` = '$report_type' "); if($employee_id_approver_list -> num_rows > 0){ $control_number = date("Y").'-'.uniqid(); $query = "INSERT INTO `report`( `control_number`, `employee_id`, `report_type_id`, `description`, `company_id`, `dealer_id`, `state_id`, `city_id`, `report_date`, `report_time`, `upload_by_employee_id`, `customer_type`, `age_from`, `age_to`, `gender_id`, `customer_data_type`, `dms_id`, `activity_date_from`, `activity_date_to`, `uploaded_date_from`, `uploaded_date_to`, `expire`, `brand_id`, `model_id`, `sort_by`, `order_by`, `date_of_birth`, `customer_category`, `customer_status`, `insurance_company_id`, `insurance_type_id`, `finance_company_id`, `is_downloadable`, `company_list` ) VALUES ( (select concat(YEAR(NOW()),'-', conv( concat( substring(uid,16,3), substring(uid,10,4), substring(uid,1,8)) ,16,10) div 10000 - (141427 * 24 * 60 * 60 * 1000)) as current_mills from (select uuid() uid) as alias), '$employee_id', '$report_type', '$report_description', '$company', '$dealer', '$state', '$city', NOW(), NOW(), '$upload_employee_id', '$type', '$age_from', '$age_to', '$gender', '$filter_data', '$dms', '$reg_from', '$reg_to', '$upload_from', '$upload_to', DATE_ADD(NOW(), INTERVAL 30 DAY), '$brand_id', '$model_id', '$sort_by', '$order_by', '$date_of_birth', '$customer_category', '$customer_status', '$insurance_company', '$insurance_type', '$finance_company', '$downloadable', '$granted_company_ids' )"; // echo $query;exit(); $report_id = $db -> sql_query_id($query); while($row = $employee_id_approver_list->fetch_assoc()){ $employee_id_approver = $row['employee_id']; if($employee_id_approver == $employee_id){ $db -> sql_query_id("INSERT INTO `report_status`(`report_id`, `employee_id`,`date`,`status`) VALUES ('$report_id','$employee_id_approver',NOW(),'1')"); }else{ $db -> sql_query_id("INSERT INTO `report_status`(`report_id`, `employee_id`) VALUES ('$report_id','$employee_id_approver')"); switch($report_type){ case "1": $notification_email_subject = sprintf($_GLOBALS['report_mail_subject'],'Customer'); $notification_system = sprintf($_GLOBALS['request_report_system'],'customer'); $notification_sms = sprintf($_GLOBALS['request_report'],'customer',"\r\n"); $notification_mail =sprintf($_GLOBALS['request_report'],'customer',"<br>"); break; case "2": $notification_email_subject = sprintf($_GLOBALS['report_mail_subject'],'Vehicle'); $notification_system = sprintf($_GLOBALS['request_report_system'],'vehicle'); $notification_sms = sprintf($_GLOBALS['request_report'],'vehicle',"\r\n"); $notification_mail =sprintf($_GLOBALS['request_report'],'vehicle',"<br>"); break; case "3": $notification_email_subject = sprintf($_GLOBALS['report_mail_subject'],'Service'); $notification_system = sprintf($_GLOBALS['request_report_system'],'service'); $notification_sms = sprintf($_GLOBALS['request_report'],'service',"\r\n"); $notification_mail =sprintf($_GLOBALS['request_report'],'service',"<br>"); break; case "4": $notification_email_subject = sprintf($_GLOBALS['report_mail_subject'],'Sales'); $notification_system = sprintf($_GLOBALS['request_report_system'],'sales'); $notification_sms = sprintf($_GLOBALS['request_report'],'sales',"\r\n"); $notification_mail =sprintf($_GLOBALS['request_report'],'sales',"<br>"); break; } //notify employee $suffix = ""; if($_SESSION['user']['suffix_name'] != 'None'){ $suffix = $_SESSION['user']['suffix_name']; } $employee_name_approver = $_SESSION['user']['first_name'].' '.$_SESSION['user']['middle_name'].' '.$_SESSION['user']['last_name'].' '.$suffix; $notification = new Notification(); $notification::insertNotification('1', $report_id/*record id of specific record */ , $employee_id_approver, /*employee_id of person who recieve the notif*/ $employee_id, $_SESSION['user']['employee_fullname'].$notification_system, /*Notification Content*/ $db); $employee_contact_approver = ""; $employee_email_approver = ""; $employee_contact = $db -> sql_query("SELECT ec.`email_address`,ec.`contact_number` FROM `employee_contact` ec INNER JOIN employee e ON ec.employee_id=e.employee_id WHERE e.id = '$employee_id_approver'"); while($row1 = $employee_contact->fetch_assoc()) { $employee_contact_approver = $row1['contact_number']; $employee_email_approver = $row1['email_address']; } //sms $send_sms = new SMS(); $send_sms::sendSMS( $employee_contact_approver, $employee_name_approver.$notification_sms.$variable['site_link'].'reports.php'. $_GLOBALS['sms_footer'],$variable); // echo ($employee_email_approver);exit(); $send_mail = new Mail(); $send_mail::sendMail( $employee_email_approver, $notification_email_subject, $employee_name_approver.$notification_mail.$variable['site_link'].'reports.php'.$_GLOBALS['email_footer'], $variable); }//end of if } $return_arr["status"]=1; $return_arr["message"]=" Report Successfully Requested."; }else{ $return_arr["status"]=0; $return_arr["message"]=" No available approver for this report."; } }//end of foreach echo json_encode($return_arr); function clean($s){ return preg_replace( "/\r|\n/", "", $s ); } function isNotEmpty($data){ return preg_match('/\S/', $data); } ?>
| ver. 1.4 |
.
| PHP 8.1.32 | Generation time: 0 |
proxy
|
phpinfo
|
Settings