Submit
Path:
~
/
home
/
caratcollect
/
domains
/
24caratcollection.com
/
private_html
/
admin
/
code
/
File Content:
update.php
<?php include("../library.php");?> <!--Masters--> <?php if(!empty($_REQUEST['updateRole'])) { $names=mysql_real_escape_string($_REQUEST['names']); $updateId = $_REQUEST['updateId']; $sql="update tblward set name='$names' where id=$updateId"; $result=$mysql->m_Query($sql); header("location:../Master-Ward.php?updateId=$updateId&msg=update"); } ?> <?php if(!empty($_REQUEST['updatePassword'])) { $password=md5($_REQUEST['password']); $updateId = $_REQUEST['adminId']; $sql="update admin set password='$password' where id=$updateId"; $result=$mysql1->m_Query($sql); header("location:../Master-Employee.php?updateId=$updateId&msg=change"); } ?> <?php if(!empty($_REQUEST['updatePasswords'])) { $password=md5($_REQUEST['password']); $updateId = $_REQUEST['adminId']; $sql="update admin set password='$password' where id=$updateId"; $result=$mysql1->m_Query($sql); header("location:../home.php?updateId=$updateId&msg=change"); } ?> <?php if(!empty($_REQUEST['updateDepartment'])) { $names=mysql_real_escape_string($_REQUEST['names']); $updateId = $_REQUEST['updateId']; $sql="update tbldepartment set name='$names' where id=$updateId"; $result=$mysql->m_Query($sql); header("location:../Master-Department.php?updateId=$updateId&msg=update"); } ?> <?php if(!empty($_REQUEST['updateRoom'])) { $wardId=$_REQUEST['wardId']; $bedNo=$_REQUEST['bedNo']; $bedStatus=$_REQUEST['bedStatus']; $updateId = $_REQUEST['updateId']; $sql="update tblbed set wardId='$wardId', bedNo='$bedNo',bedStatus='$bedStatus' where id=$updateId"; $result=$mysql->m_Query($sql); header("location:../Master-Bed.php?updateId=$updateId&msg=update"); } ?> <?php if(!empty($_REQUEST['updateIPD'])) { $names=mysql_real_escape_string($_REQUEST['names']); $fnames=mysql_real_escape_string($_REQUEST['fname']); $age=$_REQUEST['age']; $mobileNo=$_REQUEST['mobileNo']; $regNo=$_REQUEST['regNo']; $gender=$_REQUEST['gender']; $aadharNo=$_REQUEST['aadharNo']; $wardId=$_REQUEST['wardId']; $bedNo=$_REQUEST['bedNo']; $advanceAmt=$_REQUEST['advanceAmt']; $address=mysql_real_escape_string($_REQUEST['address']); $doctor=mysql_real_escape_string($_REQUEST['doctor']); $updateId = $_REQUEST['updateId']; $sql="update tblindoorpatient set wardId='$wardId', bedNo='$bedNo',name='$names',fatherName='$fnames',doctor='$doctor',mobileNo='$mobileNo',age='$age',gender='$gender',address='$address',aadharNo='$aadharNo' where regNo=$regNo"; $result=$mysql->m_Query($sql); header("location:../Master-IPD.php?msg=update"); } ?> <?php if(!empty($_REQUEST['updateEmployee'])) { $names=mysql_real_escape_string($_REQUEST['names']); $emailId=$_REQUEST['email']; $adminId=$_REQUEST['adminId']; $empId=$_REQUEST['empId']; $mobileNo=$_REQUEST['mobileNo']; $phoneNo=$_REQUEST['phoneNo']; $dob=$_REQUEST['dob']; $doj=$_REQUEST['doj']; $branchId=$_REQUEST['branchId']; $roleId=$_REQUEST['roleId']; $departmentId=$_REQUEST['departmentId']; $ext=$_REQUEST['ext']; $employeeStatus=$_REQUEST['employeeStatus']; $updateId=$_REQUEST['updateId']; echo $sql="update tblemployee set name='$names',emailId='$emailId',mobileNo='$mobileNo',mobileNos='$phoneNo',branchId='$branchId',roleId='$roleId',doj='$doj',departmentId='$departmentId',dob='$dob',ext='$ext',employeeStatus='$employeeStatus' where id=$updateId"; $result=$mysql->m_Query($sql); $result=$mysql2->m_Query("update admin set adminStatus='Block' where id=$adminId"); header("location:../Master-Employee.php?updateId=$updateId&msg=update"); } ?> <?php if(!empty($_REQUEST['updateBranch'])) { $names=mysql_real_escape_string($_REQUEST['names']); $emailId=$_REQUEST['email']; $mobileNo=$_REQUEST['mobileNo']; $phoneNo=$_REQUEST['phoneNo']; $address=mysql_real_escape_string($_REQUEST['address']); $location= $location=mysql_real_escape_string($_REQUEST['location']); if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "application/pdf") || ($_FILES["file"]["type"] == "image/bmp"))) { $logo = createRandomPassword().$_FILES['file']['name']; $logo = str_replace(' ', '', $logo); move_uploaded_file($_FILES["file"]["tmp_name"],"../upload/" . $_FILES["file"]["name"]); rename("../upload".'/'.$_FILES["file"]["name"],"../upload".'/'.$logo); $sql1="update tblbranch set logo='$logo' where id=$updateId"; $result=$mysql1->m_Query($sql1); } $employeeStatus=$_REQUEST['employeeStatus']; $updateId=$_REQUEST['updateId']; echo $sql="update tblbranch set name='$names',emailId='$emailId',mobileNo='$mobileNo',phoneNo='$phoneNo',address='$address',location='$location' where id=$updateId"; $result=$mysql->m_Query($sql); header("location:../Master-Branch.php?updateId=$updateId&msg=update"); } ?> <?php if(!empty($_REQUEST['updateHotel'])) { $hotel_id = $_REQUEST['hotel_id']; $hotel_name =mysql_real_escape_string($_REQUEST['hotel_name']); $city = $_REQUEST['city']; $reservation_email = $_REQUEST['reservation_email']; $reservation_contact = $_REQUEST['reservation_contact']; $mobile = $_REQUEST['mobile']; $change_de = $_REQUEST['change_de']; $address =mysql_real_escape_string($_REQUEST['address']); $contact_finance = $_REQUEST['contact_finance']; $finance_email = $_REQUEST['finance_email']; $contra_sign = $_REQUEST['contra_sign']; $payment_terms = $_REQUEST['payment_terms']; $code = $_REQUEST['code']; $location =mysql_real_escape_string($_REQUEST['location']); $hotelStatus=$_REQUEST['hotelStatus']; $updateId=$_REQUEST['updateId']; if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png")|| ($_FILES["file"]["type"] == "application/pdf") || ($_FILES["file"]["type"] == "image/bmp"))) { $logo = createRandomPassword().$_FILES['file']['name']; $logo = str_replace(' ', '', $logo); move_uploaded_file($_FILES["file"]["tmp_name"],"../upload/" . $_FILES["file"]["name"]); rename("../upload".'/'.$_FILES["file"]["name"],"../upload".'/'.$logo); $sql1="update tblhotel set document='$logo' where id=$updateId"; $result=$mysql1->m_Query($sql1); } $sql="update tblhotel set name='$hotel_name',hotelcode='$code',address='$address',mobileNo='$mobile',city='$city',reservationcontact='$reservation_contact',reservationemail='$reservation_email',chargede='$change_de',contactFinance='$contact_finance',financeEmail='$finance_email',contrasign='$contra_sign',paymentterm='$payment_terms',hotelLocation='$location',hotelStatus='$hotelStatus' where id=$updateId"; $result=$mysql->m_Query($sql); header("location:../Master-Hotel.php?updateId=$updateId&msg=update"); } ?><?php if(!empty($_REQUEST['updateClient'])) { $client_id = $_REQUEST['client_id']; $client_name = $_REQUEST['client_name']; $category = $_REQUEST['category']; $address = $_REQUEST['address']; $agent_name = $_REQUEST['agent_name']; $contract_status = $_REQUEST['contract_status']; $contract_expiry_date = $_REQUEST['contract_expiry_date']; $creditLimit = $_REQUEST['credit_limit']; $creditFacility = $_REQUEST['credit_facility']; $branchId = $_REQUEST['branch_name']; $joiningYear = $_REQUEST['joining_year']; $iceNumber = $_REQUEST['ice_number']; $emailId = $_REQUEST['email_address']; $city = $_REQUEST['city']; $country = $_REQUEST['country']; $phone = $_REQUEST['phone']; $mobile = $_REQUEST['mobile']; $clientStatus = $_REQUEST['client_status']; $attachment = ""; if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "application/pdf") || ($_FILES["file"]["type"] == "image/bmp"))) { $logo = createRandomPassword().$_FILES['file']['name']; $logo = str_replace(' ', '', $logo); move_uploaded_file($_FILES["file"]["tmp_name"],"../upload/" . $_FILES["file"]["name"]); rename("../upload".'/'.$_FILES["file"]["name"],"../upload".'/'.$logo); $sql1="update tblclient set document='$logo' where id=$updateId"; $result=$mysql1->m_Query($sql1); } $updateId=$_REQUEST['updateId']; echo $sql="update tblclient set name='$client_name',category='$category',address='$address',mobileNo='$mobile',city='$city',country='$country',agentname='$agent_name',contractStatus='$contract_status',contractExp='$contract_expiry_date',creditLimit='$creditLimit',creditFacility='$creditFacility',branchId='$branchId',joiningYear='$joiningYear',iceNumber='$iceNumber',emailId='$emailId' ,clientStatus='$clientStatus' where id=$updateId"; $result=$mysql->m_Query($sql); header("location:../Master-Client.php?updateId=$updateId&msg=update"); } ?> <?php if(!empty($_REQUEST['updateVoucher'])) { $id = $_REQUEST['id']; $client_id=$_REQUEST['client_id']; $hotel_id=$_REQUEST['hotel_id']; $supplier_number=$_REQUEST['supplier_number']; $booking_status=$_REQUEST['booking_status']; $issuedby=""; $emergencyContact=""; $emergencyEmail=""; $mainguest=$_REQUEST['mainguest']; $guests=$_REQUEST['guests']; $adults=$_REQUEST['adults']; $children=$_REQUEST['children']; $infants=$_REQUEST['infants']; $checkin=$_REQUEST['checkin']; $checkout=$_REQUEST['checkout']; $extrabed=$_REQUEST['extrabed']; $noofrooms=$_REQUEST['noofrooms']; $totalpax=$_REQUEST['totalpax']; $supplier_name=$_REQUEST['supplier_name']; $paymentmode=""; $roomcategory=$_REQUEST['roomcategory']; $mealplan=$_REQUEST['mealplan']; $inclusions=$_REQUEST['inclusions']; $logo=""; if($client_id=="0") { $client_ids = $_POST['client_ids']; $client_name = $_POST['client_name']; $category = ""; $address = $_POST['address']; $agent_name = ""; $contract_status = ""; $contract_expiry_date = ""; $credit_limit =""; $credit_facility = ""; $branch_name = ""; $joining_year =""; $ice_number = ""; $email_address = ""; $city = $_POST['city']; $country = ""; $phone = ""; $mobile = ""; $client_status = ""; $snap=""; } else { $clients_id=$client_id; } if($hotel_id=="0") { } else { $hotela_id=$hotel_id; } if($roomcategory=="0") { $hotelki_id = $_POST['hotelki_id']; $room_types = $_POST['room_types']; $status='Approved'; } else { $roomcategory=$roomcategory; } $result=$mysql2->m_Query("SELECT * FROM tblclient WHERE id='$clients_id'"); $row=$mysql2->m_FetchObject(); $client_name=$row->name; $client_address=$row->address; $client_ice_number=$row->iceNumber; $client_country=$row->country; $client_mobile=$row->mobileNo; $result=$mysql2->m_Query("SELECT * FROM tblhotel WHERE id='$hotela_id'"); $row=$mysql2->m_FetchArray(); $hotel_name=$row['name']; $hotel_mobile=$row['mobileNo']; $hotel_address=$row['address']; $date1=date_create($checkin); $date2=date_create($checkout); $diff=date_diff($date1,$date2); $difference= $diff->format("%a"); $noofnight=$difference; $userIds=$_SESSION['userId']; $result=$mysql2->m_Query("SELECT * FROM admin WHERE id='$userId'"); $row=$mysql2->m_FetchArray(); $usersRole=$row['userType']; if($usersRole == "User" ) { $result=$mysql2->m_Query("SELECT * FROM users where userId=$userIds"); $row=$mysql2->m_FetchArray(); $branch=$row['branch_name']; $userName=$row['userName']; $userEmail=$row['userEmail']; echo $recorderdBy=$row['recorderdBy']; $role=$row['userRole']; } elseif($usersRole == "Group" ) { $result=$mysql2->m_Query("SELECT * FROM users where userId=$userIds"); $row=$mysql2->m_FetchArray(); $branch=$row['branch_name']; $userName=$row['userName']; $userEmail=$row['userEmail']; $recorderdBy=$userIds; $role=$row['userRole']; } else { $result=$mysql2->m_Query("SELECT * FROM users where userId=$userIds"); $row=$mysql2->m_FetchArray(); $branch=$row['branch_name']; $userName=$row['userName']; $userEmail=$row['userEmail']; $recorderdBy=$userIds; $role=$row['userRole']; } $result=$mysql2->m_Query("SELECT * FROM tblbranch where branch_name='$branch'"); $row=$mysql2->m_FetchArray(); $issuedby=$row['branch_name']; $branch_address =$row['branch_address']; $date=date('Y-m-d'); $time=date('H:i:s'); $result=$mysql2->m_Query("SELECT * FROM tblvoucher order by id desc"); if($mysql2->m_NumRows()==0) { $voucherIds=100001; } else { $row=$mysql2->m_FetchArray(); $voucherId=$row['voucherId']; $voucherIds=$voucherId+1; } $ratePerNight=$_REQUEST['ratePerNight']; $taxPerNight=$_REQUEST['taxPerNight']; $sellingPrice=$_REQUEST['sellingPrice']; $comm=$sellingPrice-$ratePerNight; $purchasePrice=$ratePerNight/($noofnight*$noofrooms); $createdDate=date('Y-m-d'); echo $sql="update tblvoucher set hotel_id='$hotel_id', supplier_number='$supplier_number', booking_status='$booking_status', mainguest='$mainguest', guests='$guests', totalpax='$totalpax', adults='$adults', children='$children', infants='$infants',checkin='$checkin',checkout='$checkout',noofnight='$noofnight',paymentmode='$paymentmode',roomcategory='$roomcategory',mealplan='$mealplan',inclusions='$inclusions',hotel_name='$hotel_name',hotel_mobile='$hotel_mobile',branch='$branch',extrabed='$extrabed',noofrooms='$noofrooms',branch_address='$branch_address',hotel_address='$hotel_address',ratePerNight='$ratePerNight',taxPerNight='$taxPerNight',comm='$comm',sellingPrice='$sellingPrice',purchasePrice='$purchasePrice',supplier_name='$supplier_name',voucherlock='Yes' where id=$id"; $result = $mysql->m_Query($sql); header("location:../Master-Voucher.php?updateId=$updateId&msg=update"); } ?> <?php if(!empty($_REQUEST['updateReceipt'])) { $id=$_REQUEST['id']; $client_id=$_REQUEST['client_id']; $agentsemp=$_REQUEST['agentsemp']; $receipt_date = date('Y-m-d'); $invoice = $_REQUEST['invoice']; $type_of_payment = $_REQUEST['type_of_payment']; $amount = $_REQUEST['amount']; $currency = $_REQUEST['currency']; $cheque_number = $_REQUEST['cheque_number']; $bank_name = $_REQUEST['bank_name']; $intermediary_bank =""; $description = $_REQUEST['description']; $billet = $_REQUEST['billet']; $facture_number = $_REQUEST['facture_number']; $recorded_by =$userId; $result=$mysql->m_Query("select * from tblemployee where adminId=$recorded_by && status='Approved'"); $user=$mysql->m_FetchObject(); $branch_id =$user->branchId; $agent_name=$user->name; $result=$mysql2->m_Query("select * from tblbranch where id=$branch_id && status='Approved'"); $user2=$mysql2->m_FetchObject(); $branch_name=$user2->name; $branch_address =$user2->address; $branch_contacts =$user2->mobileNo; $userRole=$userType; $result=$mysql3->m_Query("select * from tblclient where id=$client_id && status='Approved'"); $user3=$mysql3->m_FetchObject(); $client_name=$user->name; $createdDate=date('Y-m-d',strtotime($_REQUEST['date'])); $sql="update tblreceipt set receipt_date='$createdDate', type_of_payment='$type_of_payment', description='$description', amount='$amount', currency='$currency', bank_name='$bank_name', cheque_number='$cheque_number', invoice='$invoice' , agentsemp='$agentsemp' where id=$id"; $result = $mysql->m_Query($sql); header("location:../Master-Receipt.php?updateId=$updateId&msg=update"); } ?>
Edit
Rename
Chmod
Delete
FILE
FOLDER
Name
Size
Permission
Action
delete.php
1677 bytes
0644
insert.php
1355 bytes
0644
insertorder.php
1411 bytes
0644
inserts.php
1318 bytes
0644
invoice.php
2382 bytes
0644
room_inventorysingle.php
372 bytes
0644
save_Booking.php
1580 bytes
0644
save_BookingBlock.php
674 bytes
0644
save_BookingE.php
1314 bytes
0644
save_BookingRate.php
824 bytes
0644
save_Gallery.php
1586 bytes
0644
save_Homes.php
802 bytes
0644
save_ProductImage.php
904 bytes
0644
save_Testimonials.php
832 bytes
0644
save_category.php
1403 bytes
0644
save_product.php
1763 bytes
0644
save_productcategory.php
535 bytes
0644
save_roomInventory.php
1200 bytes
0644
save_user.php
1258 bytes
0644
save_users.php
1491 bytes
0644
setRate.php
545 bytes
0644
setRatesF.php
581 bytes
0644
setRatesI.php
569 bytes
0644
track.php
360 bytes
0644
update.php
16071 bytes
0644
update_Homes.php
899 bytes
0644
update_Testimonials.php
401 bytes
0644
update_category.php
1572 bytes
0644
update_inventoryActive.php
575 bytes
0644
update_inventoryBlock.php
462 bytes
0644
update_inventoryRate.php
562 bytes
0644
update_orderproduct.php
579 bytes
0644
update_product.php
1618 bytes
0644
update_productDetail.php
1079 bytes
0644
update_productDetails.php
1045 bytes
0644
update_productcategory.php
333 bytes
0644
N4ST4R_ID | Naxtarrr
