1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
<?php
$formid = "Order";
require_once "inc/configure.php";
require_once "inc/ord_dtl_func.php";
$refid = (int) filter_var($_REQUEST['refid'], FILTER_SANITIZE_STRING);
if( $_POST['action']=="ord_rpr_modifyform" && !empty($refid) ){
//vdump($_REQUEST); exit;
$custcode = filter_var($_REQUEST['custcode'], FILTER_SANITIZE_STRING);
$order_nbr = filter_var($_REQUEST['order_nbr'], FILTER_SANITIZE_STRING);
$vendor = filter_var($_REQUEST['vendor'], FILTER_SANITIZE_STRING);
$launch_date = filter_var($_REQUEST['launch_date'], FILTER_SANITIZE_STRING);
$custorder_ref = filter_var($_REQUEST['custorder_ref'], FILTER_SANITIZE_STRING);
$status = filter_var($_REQUEST['status'], FILTER_SANITIZE_STRING);
$del_date = filter_var($_REQUEST['del_date'], FILTER_SANITIZE_STRING);
$confirm_date = filter_var($_REQUEST['confirm_date'], FILTER_SANITIZE_STRING);
$remark = filter_var($_REQUEST['remark'], FILTER_SANITIZE_STRING);
$discount = (float)filter_var($_REQUEST['discount'], FILTER_SANITIZE_NUMBER_FLOAT,FILTER_FLAG_ALLOW_FRACTION);
$paymethod = filter_var($_REQUEST['paymethod'], FILTER_SANITIZE_STRING);
$createby = filter_var($_SESSION['user'], FILTER_SANITIZE_STRING);
$lastupby = filter_var($_SESSION['user'], FILTER_SANITIZE_STRING);
$sql_param = array(':vendor' => $vendor,
':launch_date' => $launch_date,
':custorder_ref' => $custorder_ref,
':status' => $status,
':del_date' => $del_date,
':confirm_date' => $confirm_date,
':remark' => $remark,
':discount' => $discount,
':paymethod' => $paymethod,
':lastupby' => $lastupby,
':refid' => $refid);
/* if(havePermission("PPu")){
$sql_PPu_field="sellingprice = :sellingprice,
uom_cy = :uom_cy,";
$sql_param[':sellingprice'] = $sellingprice;
$sql_param[':uom_cy'] = $uom_cy;
}*/
//modify product
$sql = "UPDATE ord_main SET
vendor = :vendor,
launch_date = :launch_date,
custorder_ref = :custorder_ref,
status = :status,
del_date = :del_date,
confirm_date = :confirm_date,
remark = :remark,
discount = :discount,
paymethod = :paymethod,
$sql_PPu_field
lastupby = :lastupby,
lastupdate = GETDATE()
WHERE refid = :refid";
$sth = $dbh->prepare($sql);
$q = $sth->execute( $sql_param );
/*echo $sth->getSQL( $sql_param ) . HTML_EOL; */
pdo_showerror($sth, $q);
//$k = generateFlag();
//if(havePermission("BMu")){
$dbh->beginTransaction();
if(!empty($_REQUEST['product'])){
markallProduct($refid);
foreach($_REQUEST['product'] as $key=>$prod_item){
if($key>0){ //valid row
if($prod_item['refid']>0){ //existing product
updateProduct($refid, $prod_item, true);
}else{ //new product
addProduct($refid, $prod_item, true);
}
}
}
removeDeletedProduct($refid);
}
updateMainValue($refid);
//}
ord_updateOrderPureMaterial($refid);
//exit;
$dbh->commit();
//$dbh->rollBack();
form_dest($_REQUEST['godest'], $_REQUEST['formdest']);
header("Location: ord_rpr_dtl_modifyform.php?refid=$refid&msg=Saved.");
print "Saved.";
exit;
}
print "Invalid Request";
?>
|