/var/www/onesolution.com.hk/support/jobupdate_bk.php

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88

<?php require("checkuser.php"); ?>
<?
$jobid            $_POST['jobid'];
$staffid        $_POST['staffid'];
$custid            $_POST['custid'];
$email            $_POST['email'];
$jobtimefr        $_POST['jobtimefr'];
$jobtimeto        $_POST['jobtimeto'];
$jobdate        $_POST['jobdate'];
$calldate        $_POST['calldate'];
$calltime        $_POST['calltime'];
$jobdetail        htmlspecialchars($_POST['jobdetail'], ENT_QUOTES);
$jobaction        htmlspecialchars($_POST['jobaction'], ENT_QUOTES);
$jobstatus        $_POST['jobstatus'];
$remarks        htmlspecialchars($_POST['remarks'], ENT_QUOTES);
$creationby        $_SESSION['userid'];
$creationdate    date("Ymdgis");
$updatedby        $_SESSION['userid'];
$updateddate    date("Ymdgis");
$acceptedby        $_POST['acceptedby'];
$filename        $_FILES['filename']['name'];

if (strlen($jobstatus) == 0)
{
    $jobstatus 1;
}
include("configure.php");

if (strlen($_FILES['filename']['name']) <> 0)
{
    if ($_FILES['filename']['size'] < 10000000)
    {
        copy ($_FILES['filename']['tmp_name'], "docs/"$jobid."_".$_FILES['filename']['name']) 
                    or die("<br>Can't copy");
        $filename $jobid."_".$_FILES['filename']['name'];
    }
    else
    {
        die("<br>File size error");
    }
}


$sql "SELECT * ";
$sql .= "FROM CM_CUSTOMER_HDR ";
$sql .= "where custid = "$custid ." ";

$result mysql_query($sql);
if ($row mysql_fetch_array($result,MYSQL_ASSOC))
{
    $custname        $row{'custname'};
    $address        htmlspecialchars($row{'address'}, ENT_QUOTES);
    $contactperson    $row{'contactperson'};
    $telno            $row{'telno'};
}

if (strlen($_FILES['filename']['name']) <> 0)
{
    $sql "update SYS_JOB ";
    $sql .= "set staffid=$staffid, custid=$custid, email='$email', jobtimefr='$jobtimefr', jobtimeto='$jobtimeto', jobdate='$jobdate', calldate='$calldate', calltime='$calltime', jobdetail='$jobdetail', jobaction='$jobaction', jobstatus=$jobstatus, remarks='$remarks', updatedby='$updatedby', updateddate='$updateddate', custname='$custname', address='$address', contactperson='$contactperson', telno='$telno', acceptedby='$acceptedby', accepteddate='$updateddate', filename='$filename' ";
    $sql .= "where jobid = $jobid";
    $result mysql_query($sql);
    if (!$result) {
        die('Invalid query: ' mysql_error());
    }
}
else
{
    $sql "update SYS_JOB ";
    $sql .= "set staffid=$staffid, custid=$custid, email='$email', jobtimefr='$jobtimefr', jobtimeto='$jobtimeto', jobdate='$jobdate', calldate='$calldate', calltime='$calltime', jobdetail='$jobdetail', jobaction='$jobaction', jobstatus=$jobstatus, remarks='$remarks', updatedby='$updatedby', updateddate='$updateddate', custname='$custname', address='$address', contactperson='$contactperson', telno='$telno', acceptedby='$acceptedby', accepteddate='$updateddate' ";
    $sql .= "where jobid = $jobid";
    $result mysql_query($sql);
    if (!$result) {
        die('Invalid query: ' mysql_error());
    }
}
header("Location: jobdetail.php?id=".md5($jobid));
/*
if (strlen($_SESSION['roleid']) == 0)
{
    header("Location: jobdetail.php?id=".md5($jobid));
}
else
{
    header("Location: jobdetail.php?id=$jobid");
}
*/
?>