1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
<?
require("inc/configure.php");
require("inc/global.php");
require("inc/checklogin.php");
if ($logged_in == 0) {
//echo 'Not logged in. <a href="login.php">Login</a>';
header('Window-target: _parent');
header('Location: login.php');
exit();
}
if (checkObject(2) <> 1){
die("Unauthorized Access");
exit();
}
?>
<?
$pono = $_POST['pono'];
$vendid = $_POST['vendid'];
$vendno = $_POST['vendno'];
$catid = $_POST['catid'];
$vendnameeng = htmlspecialchars($_POST['vendnameeng'], ENT_QUOTES);
$vendnamechi = htmlspecialchars($_POST['vendnamechi'], ENT_QUOTES);
$telno = $_POST['telno'];
$faxno = $_POST['faxno'];
$email = $_POST['email'];
$billaddress = htmlspecialchars($_POST['billaddress'], ENT_QUOTES);
$shipaddress = htmlspecialchars($_POST['shipaddress'], ENT_QUOTES);
$remarks = htmlspecialchars($_POST['remarks'], ENT_QUOTES);
$buyerid = $_POST['buyerid'];
$paymentmethodid = $_POST['paymentmethodid'];
$paymenttermid = $_POST['paymenttermid'];
$discount = isnull($_POST['discount'],0);
$deliverymethod = $_POST['deliverymethod'];
$attn = htmlspecialchars($_POST['attn'], ENT_QUOTES);
$orderdate = $_POST['orderdate'];
$status = $_POST['status'];
$creationdate = date("YmdGis");
if ($pono == "")
{
//**addnew
$sql = "select max(pono) as maxpono from AP_PURCHASE_HDR";
$result = mysql_query($sql);
if ($row = mysql_fetch_array($result,MYSQL_ASSOC))
{
if (strlen($row{'maxpono'}) == 0)
{
$pono = 100001;
}
else
{
$pono = $row{'maxpono'} + 1;
}
}
else
{
$pono = 100001;
}
$sql = "insert into AP_PURCHASE_HDR
(pono, vendno, catid, vendnameeng, vendnamechi, telno, faxno, email, billaddress, shipaddress, attn, remarks
, buyerid, paymentmethodid, paymenttermid, status, discount, deliverymethod, creationdate, creationby, orderdate)
values($pono, '$vendno', $catid, '$vendnameeng', '$vendnamechi', '$telno', '$faxno', '$email', '$billaddress', '$shipaddress', '$attn', '$remarks'
, $buyerid, $paymentmethodid, $paymenttermid, 1, $discount, '$deliverymethod', '$creationdate', '$creationby', '$orderdate')";
// echo $sql;
$result = mysql_query($sql);
if (!$result) {
die('Invalid query: ' . mysql_error());
}
}
else
{
//**update
$sql = "update AP_PURCHASE_HDR
set vendno = '$vendno'
, catid = $catid
, vendnameeng = '$vendnameeng'
, vendnamechi = '$vendnamechi'
, telno = '$telno'
, faxno = '$faxno'
, email = '$email'
, billaddress = '$billaddress'
, shipaddress = '$shipaddress'
, attn = '$attn'
, remarks = '$remarks'
, buyerid = $buyerid
, paymentmethodid = $paymentmethodid
, paymenttermid = $paymenttermid
, status = 1
, discount = $discount
, deliverymethod = '$deliverymethod'
, updateddate = '$creationdate'
, updatedby = '$creationby'
, orderdate = '$orderdate'
where pono = $pono
";
// echo $sql;
$result = mysql_query($sql);
if (!$result) {
die('Invalid query: ' . mysql_error());
}
}
header("Location: purchaseheader.php?pono=$pono");
?>
|