1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
<?php
$formid = "Operation";
require_once "inc/configure.php";
$refid = filter_var($_REQUEST['refid'], FILTER_SANITIZE_NUMBER_INT);
//(int)$_REQUEST['productID'];
//vdump($_REQUEST);
if( $_REQUEST['action']=="master_operation_modifyform" && !empty($refid) ){
$code = strtoupper(filter_var($_REQUEST['code'], FILTER_SANITIZE_STRING));
$unit_price = filter_var($_REQUEST['unit_price'], FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
$codedesc_en = filter_var($_REQUEST['codedesc_en'], FILTER_SANITIZE_STRING);
$codedesc_sc = filter_var($_REQUEST['codedesc_sc'], FILTER_SANITIZE_STRING);
$uom_cy = filter_var($_REQUEST['uom_cy'], FILTER_SANITIZE_STRING);
$uom_svc = filter_var($_REQUEST['uom_svc'], FILTER_SANITIZE_STRING);
$workplace = filter_var($_REQUEST['workplace'], FILTER_SANITIZE_STRING);
$settingcategy = filter_var($_REQUEST['settingcategy'], FILTER_SANITIZE_STRING);
$createby = filter_var($_SESSION['user'], FILTER_SANITIZE_STRING);
$lastupby = filter_var($_SESSION['user'], FILTER_SANITIZE_STRING);
/*
// check existance of SVC before insert
$sql = "SELECT count(*) as count from master_svc_cost
where code=:code and refid<>:refid";
$sth = $dbh->prepare($sql);
$sth->execute( array(':code'=> $code,
':refid'=> $refid) );
$row = $sth->fetch();
if( $row['count']>0 ){
$msg="Master Service already existed";
header("Location: master_operation_modifyform.php?id=$refid&error=$msg");
exit;
}
unset($sth);*/
if(havePermission("GNu")){
//update operation master table
$sql = "UPDATE master_operation SET
codedesc_en = :codedesc_en,
codedesc_sc = :codedesc_sc,
workplace = :workplace,
settingcategy = :settingcategy,
lastupby = :lastupby,
lastupdate = getdate()
WHERE refid = :refid";
$sth = $dbh->prepare($sql);
$q= $sth->execute( array(':refid' => $refid,
':codedesc_en' => $codedesc_en,
':codedesc_sc' => $codedesc_sc,
':workplace' => $workplace,
':settingcategy' => $settingcategy,
':lastupby' => $lastupby) );
pdo_showerror($sth, $q);
//remove old operation cost
$sql = "DELETE from master_svc_cost WHERE opr_refid = :opr_refid";
$sth = $dbh->prepare($sql);
$q= $sth->execute( array(':opr_refid' => $refid) );
pdo_showerror($sth, $q);
//add operation cost
$sql = "INSERT INTO master_svc_cost (
opr_refid,
unit_price,
uom_cy,
uom_svc,
createby,
createdate,
lastupby,
lastupdate
) VALUES (
:opr_refid,
:unit_price,
:uom_cy,
:uom_svc,
:createby,
getdate(),
:lastupby,
getdate()
)";
$sth = $dbh->prepare($sql);
$q= $sth->execute( array(':opr_refid' => $refid,
':unit_price' => $unit_price,
':uom_cy' => $uom_cy,
':uom_svc' => $uom_svc,
':createby' => $createby,
':lastupby' => $lastupby) );
pdo_showerror($sth, $q);
/*echo $sth->getSQL( ) . HTML_EOL;*/
}
//exit;
header("Location: master_operation_modifyform.php?refid=$refid&msg=Saved.");
print "Saved.";
exit;
}
print "Invalid Request";
|