File Content: update.php <?php include("../library.php");?> <!--Masters--> <?php if(!empty($_REQUEST['updateRole'])) { $names=mysql_real_escape_string($_REQUEST['names']); $updateId = $_REQUEST['updateId']; $sql="update tblward set name='$names' where id=$updateId"; $result=$mysql->m_Query($sql); header("location:../Master-Ward.php?updateId=$updateId&msg=update"); } ?> <?php if(!empty($_REQUEST['updatePassword'])) { $password=md5($_REQUEST['password']); $updateId = $_REQUEST['adminId']; $sql="update admin set password='$password' where id=$updateId"; $result=$mysql1->m_Query($sql); header("location:../Master-Employee.php?updateId=$updateId&msg=change"); } ?> <?php if(!empty($_REQUEST['updatePasswords'])) { $password=md5($_REQUEST['password']); $updateId = $_REQUEST['adminId']; $sql="update admin set password='$password' where id=$updateId"; $result=$mysql1->m_Query($sql); header("location:../home.php?updateId=$updateId&msg=change"); } ?> <?php if(!empty($_REQUEST['updateDepartment'])) { $names=mysql_real_escape_string($_REQUEST['names']); $updateId = $_REQUEST['updateId']; $sql="update tbldepartment set name='$names' where id=$updateId"; $result=$mysql->m_Query($sql); header("location:../Master-Department.php?updateId=$updateId&msg=update"); } ?> <?php if(!empty($_REQUEST['updateRoom'])) { $wardId=$_REQUEST['wardId']; $bedNo=$_REQUEST['bedNo']; $bedStatus=$_REQUEST['bedStatus']; $updateId = $_REQUEST['updateId']; $sql="update tblbed set wardId='$wardId', bedNo='$bedNo',bedStatus='$bedStatus' where id=$updateId"; $result=$mysql->m_Query($sql); header("location:../Master-Bed.php?updateId=$updateId&msg=update"); } ?> <?php if(!empty($_REQUEST['updateIPD'])) { $names=mysql_real_escape_string($_REQUEST['names']); $fnames=mysql_real_escape_string($_REQUEST['fname']); $age=$_REQUEST['age']; $mobileNo=$_REQUEST['mobileNo']; $regNo=$_REQUEST['regNo']; $gender=$_REQUEST['gender']; $aadharNo=$_REQUEST['aadharNo']; $wardId=$_REQUEST['wardId']; $bedNo=$_REQUEST['bedNo']; $advanceAmt=$_REQUEST['advanceAmt']; $address=mysql_real_escape_string($_REQUEST['address']); $doctor=mysql_real_escape_string($_REQUEST['doctor']); $updateId = $_REQUEST['updateId']; $sql="update tblindoorpatient set wardId='$wardId', bedNo='$bedNo',name='$names',fatherName='$fnames',doctor='$doctor',mobileNo='$mobileNo',age='$age',gender='$gender',address='$address',aadharNo='$aadharNo' where regNo=$regNo"; $result=$mysql->m_Query($sql); header("location:../Master-IPD.php?msg=update"); } ?> <?php if(!empty($_REQUEST['updateEmployee'])) { $names=mysql_real_escape_string($_REQUEST['names']); $emailId=$_REQUEST['email']; $adminId=$_REQUEST['adminId']; $empId=$_REQUEST['empId']; $mobileNo=$_REQUEST['mobileNo']; $phoneNo=$_REQUEST['phoneNo']; $dob=$_REQUEST['dob']; $doj=$_REQUEST['doj']; $branchId=$_REQUEST['branchId']; $roleId=$_REQUEST['roleId']; $departmentId=$_REQUEST['departmentId']; $ext=$_REQUEST['ext']; $employeeStatus=$_REQUEST['employeeStatus']; $updateId=$_REQUEST['updateId']; echo $sql="update tblemployee set name='$names',emailId='$emailId',mobileNo='$mobileNo',mobileNos='$phoneNo',branchId='$branchId',roleId='$roleId',doj='$doj',departmentId='$departmentId',dob='$dob',ext='$ext',employeeStatus='$employeeStatus' where id=$updateId"; $result=$mysql->m_Query($sql); $result=$mysql2->m_Query("update admin set adminStatus='Block' where id=$adminId"); header("location:../Master-Employee.php?updateId=$updateId&msg=update"); } ?> <?php if(!empty($_REQUEST['updateBranch'])) { $names=mysql_real_escape_string($_REQUEST['names']); $emailId=$_REQUEST['email']; $mobileNo=$_REQUEST['mobileNo']; $phoneNo=$_REQUEST['phoneNo']; $address=mysql_real_escape_string($_REQUEST['address']); $location= $location=mysql_real_escape_string($_REQUEST['location']); if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "application/pdf") || ($_FILES["file"]["type"] == "image/bmp"))) { $logo = createRandomPassword().$_FILES['file']['name']; $logo = str_replace(' ', '', $logo); move_uploaded_file($_FILES["file"]["tmp_name"],"../upload/" . $_FILES["file"]["name"]); rename("../upload".'/'.$_FILES["file"]["name"],"../upload".'/'.$logo); $sql1="update tblbranch set logo='$logo' where id=$updateId"; $result=$mysql1->m_Query($sql1); } $employeeStatus=$_REQUEST['employeeStatus']; $updateId=$_REQUEST['updateId']; echo $sql="update tblbranch set name='$names',emailId='$emailId',mobileNo='$mobileNo',phoneNo='$phoneNo',address='$address',location='$location' where id=$updateId"; $result=$mysql->m_Query($sql); header("location:../Master-Branch.php?updateId=$updateId&msg=update"); } ?> <?php if(!empty($_REQUEST['updateHotel'])) { $hotel_id = $_REQUEST['hotel_id']; $hotel_name =mysql_real_escape_string($_REQUEST['hotel_name']); $city = $_REQUEST['city']; $reservation_email = $_REQUEST['reservation_email']; $reservation_contact = $_REQUEST['reservation_contact']; $mobile = $_REQUEST['mobile']; $change_de = $_REQUEST['change_de']; $address =mysql_real_escape_string($_REQUEST['address']); $contact_finance = $_REQUEST['contact_finance']; $finance_email = $_REQUEST['finance_email']; $contra_sign = $_REQUEST['contra_sign']; $payment_terms = $_REQUEST['payment_terms']; $code = $_REQUEST['code']; $location =mysql_real_escape_string($_REQUEST['location']); $hotelStatus=$_REQUEST['hotelStatus']; $updateId=$_REQUEST['updateId']; if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png")|| ($_FILES["file"]["type"] == "application/pdf") || ($_FILES["file"]["type"] == "image/bmp"))) { $logo = createRandomPassword().$_FILES['file']['name']; $logo = str_replace(' ', '', $logo); move_uploaded_file($_FILES["file"]["tmp_name"],"../upload/" . $_FILES["file"]["name"]); rename("../upload".'/'.$_FILES["file"]["name"],"../upload".'/'.$logo); $sql1="update tblhotel set document='$logo' where id=$updateId"; $result=$mysql1->m_Query($sql1); } $sql="update tblhotel set name='$hotel_name',hotelcode='$code',address='$address',mobileNo='$mobile',city='$city',reservationcontact='$reservation_contact',reservationemail='$reservation_email',chargede='$change_de',contactFinance='$contact_finance',financeEmail='$finance_email',contrasign='$contra_sign',paymentterm='$payment_terms',hotelLocation='$location',hotelStatus='$hotelStatus' where id=$updateId"; $result=$mysql->m_Query($sql); header("location:../Master-Hotel.php?updateId=$updateId&msg=update"); } ?><?php if(!empty($_REQUEST['updateClient'])) { $client_id = $_REQUEST['client_id']; $client_name = $_REQUEST['client_name']; $category = $_REQUEST['category']; $address = $_REQUEST['address']; $agent_name = $_REQUEST['agent_name']; $contract_status = $_REQUEST['contract_status']; $contract_expiry_date = $_REQUEST['contract_expiry_date']; $creditLimit = $_REQUEST['credit_limit']; $creditFacility = $_REQUEST['credit_facility']; $branchId = $_REQUEST['branch_name']; $joiningYear = $_REQUEST['joining_year']; $iceNumber = $_REQUEST['ice_number']; $emailId = $_REQUEST['email_address']; $city = $_REQUEST['city']; $country = $_REQUEST['country']; $phone = $_REQUEST['phone']; $mobile = $_REQUEST['mobile']; $clientStatus = $_REQUEST['client_status']; $attachment = ""; if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "application/pdf") || ($_FILES["file"]["type"] == "image/bmp"))) { $logo = createRandomPassword().$_FILES['file']['name']; $logo = str_replace(' ', '', $logo); move_uploaded_file($_FILES["file"]["tmp_name"],"../upload/" . $_FILES["file"]["name"]); rename("../upload".'/'.$_FILES["file"]["name"],"../upload".'/'.$logo); $sql1="update tblclient set document='$logo' where id=$updateId"; $result=$mysql1->m_Query($sql1); } $updateId=$_REQUEST['updateId']; echo $sql="update tblclient set name='$client_name',category='$category',address='$address',mobileNo='$mobile',city='$city',country='$country',agentname='$agent_name',contractStatus='$contract_status',contractExp='$contract_expiry_date',creditLimit='$creditLimit',creditFacility='$creditFacility',branchId='$branchId',joiningYear='$joiningYear',iceNumber='$iceNumber',emailId='$emailId' ,clientStatus='$clientStatus' where id=$updateId"; $result=$mysql->m_Query($sql); header("location:../Master-Client.php?updateId=$updateId&msg=update"); } ?> <?php if(!empty($_REQUEST['updateVoucher'])) { $id = $_REQUEST['id']; $client_id=$_REQUEST['client_id']; $hotel_id=$_REQUEST['hotel_id']; $supplier_number=$_REQUEST['supplier_number']; $booking_status=$_REQUEST['booking_status']; $issuedby=""; $emergencyContact=""; $emergencyEmail=""; $mainguest=$_REQUEST['mainguest']; $guests=$_REQUEST['guests']; $adults=$_REQUEST['adults']; $children=$_REQUEST['children']; $infants=$_REQUEST['infants']; $checkin=$_REQUEST['checkin']; $checkout=$_REQUEST['checkout']; $extrabed=$_REQUEST['extrabed']; $noofrooms=$_REQUEST['noofrooms']; $totalpax=$_REQUEST['totalpax']; $supplier_name=$_REQUEST['supplier_name']; $paymentmode=""; $roomcategory=$_REQUEST['roomcategory']; $mealplan=$_REQUEST['mealplan']; $inclusions=$_REQUEST['inclusions']; $logo=""; if($client_id=="0") { $client_ids = $_POST['client_ids']; $client_name = $_POST['client_name']; $category = ""; $address = $_POST['address']; $agent_name = ""; $contract_status = ""; $contract_expiry_date = ""; $credit_limit =""; $credit_facility = ""; $branch_name = ""; $joining_year =""; $ice_number = ""; $email_address = ""; $city = $_POST['city']; $country = ""; $phone = ""; $mobile = ""; $client_status = ""; $snap=""; } else { $clients_id=$client_id; } if($hotel_id=="0") { } else { $hotela_id=$hotel_id; } if($roomcategory=="0") { $hotelki_id = $_POST['hotelki_id']; $room_types = $_POST['room_types']; $status='Approved'; } else { $roomcategory=$roomcategory; } $result=$mysql2->m_Query("SELECT * FROM tblclient WHERE id='$clients_id'"); $row=$mysql2->m_FetchObject(); $client_name=$row->name; $client_address=$row->address; $client_ice_number=$row->iceNumber; $client_country=$row->country; $client_mobile=$row->mobileNo; $result=$mysql2->m_Query("SELECT * FROM tblhotel WHERE id='$hotela_id'"); $row=$mysql2->m_FetchArray(); $hotel_name=$row['name']; $hotel_mobile=$row['mobileNo']; $hotel_address=$row['address']; $date1=date_create($checkin); $date2=date_create($checkout); $diff=date_diff($date1,$date2); $difference= $diff->format("%a"); $noofnight=$difference; $userIds=$_SESSION['userId']; $result=$mysql2->m_Query("SELECT * FROM admin WHERE id='$userId'"); $row=$mysql2->m_FetchArray(); $usersRole=$row['userType']; if($usersRole == "User" ) { $result=$mysql2->m_Query("SELECT * FROM users where userId=$userIds"); $row=$mysql2->m_FetchArray(); $branch=$row['branch_name']; $userName=$row['userName']; $userEmail=$row['userEmail']; echo $recorderdBy=$row['recorderdBy']; $role=$row['userRole']; } elseif($usersRole == "Group" ) { $result=$mysql2->m_Query("SELECT * FROM users where userId=$userIds"); $row=$mysql2->m_FetchArray(); $branch=$row['branch_name']; $userName=$row['userName']; $userEmail=$row['userEmail']; $recorderdBy=$userIds; $role=$row['userRole']; } else { $result=$mysql2->m_Query("SELECT * FROM users where userId=$userIds"); $row=$mysql2->m_FetchArray(); $branch=$row['branch_name']; $userName=$row['userName']; $userEmail=$row['userEmail']; $recorderdBy=$userIds; $role=$row['userRole']; } $result=$mysql2->m_Query("SELECT * FROM tblbranch where branch_name='$branch'"); $row=$mysql2->m_FetchArray(); $issuedby=$row['branch_name']; $branch_address =$row['branch_address']; $date=date('Y-m-d'); $time=date('H:i:s'); $result=$mysql2->m_Query("SELECT * FROM tblvoucher order by id desc"); if($mysql2->m_NumRows()==0) { $voucherIds=100001; } else { $row=$mysql2->m_FetchArray(); $voucherId=$row['voucherId']; $voucherIds=$voucherId+1; } $ratePerNight=$_REQUEST['ratePerNight']; $taxPerNight=$_REQUEST['taxPerNight']; $sellingPrice=$_REQUEST['sellingPrice']; $comm=$sellingPrice-$ratePerNight; $purchasePrice=$ratePerNight/($noofnight*$noofrooms); $createdDate=date('Y-m-d'); echo $sql="update tblvoucher set hotel_id='$hotel_id', supplier_number='$supplier_number', booking_status='$booking_status', mainguest='$mainguest', guests='$guests', totalpax='$totalpax', adults='$adults', children='$children', infants='$infants',checkin='$checkin',checkout='$checkout',noofnight='$noofnight',paymentmode='$paymentmode',roomcategory='$roomcategory',mealplan='$mealplan',inclusions='$inclusions',hotel_name='$hotel_name',hotel_mobile='$hotel_mobile',branch='$branch',extrabed='$extrabed',noofrooms='$noofrooms',branch_address='$branch_address',hotel_address='$hotel_address',ratePerNight='$ratePerNight',taxPerNight='$taxPerNight',comm='$comm',sellingPrice='$sellingPrice',purchasePrice='$purchasePrice',supplier_name='$supplier_name',voucherlock='Yes' where id=$id"; $result = $mysql->m_Query($sql); header("location:../Master-Voucher.php?updateId=$updateId&msg=update"); } ?> <?php if(!empty($_REQUEST['updateReceipt'])) { $id=$_REQUEST['id']; $client_id=$_REQUEST['client_id']; $agentsemp=$_REQUEST['agentsemp']; $receipt_date = date('Y-m-d'); $invoice = $_REQUEST['invoice']; $type_of_payment = $_REQUEST['type_of_payment']; $amount = $_REQUEST['amount']; $currency = $_REQUEST['currency']; $cheque_number = $_REQUEST['cheque_number']; $bank_name = $_REQUEST['bank_name']; $intermediary_bank =""; $description = $_REQUEST['description']; $billet = $_REQUEST['billet']; $facture_number = $_REQUEST['facture_number']; $recorded_by =$userId; $result=$mysql->m_Query("select * from tblemployee where adminId=$recorded_by && status='Approved'"); $user=$mysql->m_FetchObject(); $branch_id =$user->branchId; $agent_name=$user->name; $result=$mysql2->m_Query("select * from tblbranch where id=$branch_id && status='Approved'"); $user2=$mysql2->m_FetchObject(); $branch_name=$user2->name; $branch_address =$user2->address; $branch_contacts =$user2->mobileNo; $userRole=$userType; $result=$mysql3->m_Query("select * from tblclient where id=$client_id && status='Approved'"); $user3=$mysql3->m_FetchObject(); $client_name=$user->name; $createdDate=date('Y-m-d',strtotime($_REQUEST['date'])); $sql="update tblreceipt set receipt_date='$createdDate', type_of_payment='$type_of_payment', description='$description', amount='$amount', currency='$currency', bank_name='$bank_name', cheque_number='$cheque_number', invoice='$invoice' , agentsemp='$agentsemp' where id=$id"; $result = $mysql->m_Query($sql); header("location:../Master-Receipt.php?updateId=$updateId&msg=update"); } ?> Submit