1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
<?
require("inc/configure.php");
require("inc/global.php");
require("inc/checklogin.php");
if ($logged_in == 0) {
//echo 'Not logged in. <a href="login.php">Login</a>';
header('Window-target: _parent');
header('Location: login.php');
exit();
}
if (checkObject(15) <> 1){
die("Unauthorized Access");
exit();
}
?>
<?
$quotationno = $_POST['quotationno'];
$custid = $_POST['custid'];
$custno = $_POST['custno'];
$catid = $_POST['catid'];
$custnameeng = htmlspecialchars($_POST['custnameeng'], ENT_QUOTES);
$custnamechi = htmlspecialchars($_POST['custnamechi'], ENT_QUOTES);
$telno = $_POST['telno'];
$faxno = $_POST['faxno'];
$email = $_POST['email'];
$billaddress = htmlspecialchars($_POST['billaddress'], ENT_QUOTES);
$shipaddress = htmlspecialchars($_POST['shipaddress'], ENT_QUOTES);
$remarks = htmlspecialchars($_POST['remarks'], ENT_QUOTES);
$salesid = $_POST['salesid'];
$paymentmethodid = $_POST['paymentmethodid'];
$paymenttermid = $_POST['paymenttermid'];
$discount = isnull($_POST['discount'],0);
$deliverymethod = $_POST['deliverymethod'];
$attn = htmlspecialchars($_POST['attn'], ENT_QUOTES);
$status = $_POST['status'];
$creationdate = date("YmdGis");
$orderdate = $_POST['orderdate'];
$carid = $_POST['carid'];
$licno = $_POST['licno'];
$modelno = $_POST['modelno'];
$chassisno = $_POST['chassisno'];
$caryear = isnull($_POST['caryear'],'');
$mileage = $_POST['mileage'];
$creationby = $_SESSION['userid'];
if ($quotationno == "")
{
//**addnew
$sql = "select max(quotationno) as maxquotationno from OM_QUOTATION_HDR";
$result = mysql_query($sql);
if ($row = mysql_fetch_array($result,MYSQL_ASSOC))
{
if (strlen($row{'maxquotationno'}) == 0)
{
$quotationno = 100001;
}
else
{
$quotationno = $row{'maxquotationno'} + 1;
}
}
else
{
$quotationno = 100001;
}
$sql = "insert into OM_QUOTATION_HDR
(quotationno, custno, catid, custnameeng, custnamechi, telno, faxno, email, billaddress, shipaddress, attn, remarks
, salesid, paymentmethodid, paymenttermid, status, discount, deliverymethod, creationdate, creationby, orderdate
, carid, licno, modelno, chassisno, caryear, mileage)
values($quotationno, '$custno', $catid, '$custnameeng', '$custnamechi', '$telno', '$faxno', '$email', '$billaddress', '$shipaddress', '$attn', '$remarks'
, $salesid, $paymentmethodid, $paymenttermid, 1, $discount, '$deliverymethod', '$creationdate', '$creationby', '$orderdate'
, $carid, '$licno', '$modelno', '$chassisno', '$caryear', '$mileage')";
echo $sql;
$result = mysql_query($sql);
if (!$result) {
die('Invalid query: ' . mysql_error());
}
}
else
{
//**update
$sql = "update OM_QUOTATION_HDR
set custno = '$custno'
, catid = $catid
, custnameeng = '$custnameeng'
, custnamechi = '$custnamechi'
, telno = '$telno'
, faxno = '$faxno'
, email = '$email'
, billaddress = '$billaddress'
, shipaddress = '$shipaddress'
, attn = '$attn'
, remarks = '$remarks'
, salesid = $salesid
, paymentmethodid = $paymentmethodid
, paymenttermid = $paymenttermid
, status = 1
, discount = $discount
, deliverymethod = '$deliverymethod'
, updateddate = '$creationdate'
, updatedby = '$creationby'
, orderdate = '$orderdate'
, carid = $carid
, licno = '$licno'
, modelno = '$modelno'
, chassisno = '$chassisno'
, caryear = '$caryear'
, mileage = '$mileage'
where quotationno = $quotationno
";
echo $sql;
$result = mysql_query($sql);
if (!$result) {
die('Invalid query: ' . mysql_error());
}
}
header("Location: quotationheader.php?quotationno=$quotationno");
?>
|