Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("connects.php");
- error_reporting(0);
- $act=$_REQUEST['action'];
- ////////CHECK FORM PROCESS FOR NEW CUSTOMERS//////
- if($act=='runform'){
- $fname=mysql_real_escape_string($_REQUEST['fname']);
- $lname=mysql_real_escape_string($_REQUEST['lname']);
- $company=mysql_real_escape_string($_REQUEST['company']);
- $taxid=mysql_real_escape_string($_REQUEST['taxid']);
- $billingaddress=mysql_real_escape_string($_REQUEST['billingaddress']);
- $billingcity=mysql_real_escape_string($_REQUEST['billingcity']);
- $billingstate=mysql_real_escape_string($_REQUEST['billingstate']);
- $billingzip=mysql_real_escape_string($_REQUEST['billingzip']);
- $billingsuite=mysql_real_escape_string($_REQUEST['billingsuite']);
- $billingphone=mysql_real_escape_string($_REQUEST['billingphone']);
- $billingfax=mysql_real_escape_string($_REQUEST['billingfax']);
- $email=mysql_real_escape_string($_REQUEST['email']);
- $confname=mysql_real_escape_string($_REQUEST['confname']);
- $conlname=mysql_real_escape_string($_REQUEST['conlname']);
- $conemail=mysql_real_escape_string($_REQUEST['conemail']);
- $conphone=mysql_real_escape_string($_REQUEST['conphone']);
- $confname1=mysql_real_escape_string($_REQUEST['confname1']);
- $conlname1=mysql_real_escape_string($_REQUEST['conlname1']);
- $conemail1=mysql_real_escape_string($_REQUEST['conemail1']);
- $conphone1=mysql_real_escape_string($_REQUEST['conphone1']);
- $confname2=mysql_real_escape_string($_REQUEST['confname2']);
- $conlname2=mysql_real_escape_string($_REQUEST['conlname2']);
- $conemail2=mysql_real_escape_string($_REQUEST['conemail2']);
- $conphone2=mysql_real_escape_string($_REQUEST['conphone2']);
- $shipcompany=mysql_real_escape_string($_REQUEST['shipcompany']);
- $issame=mysql_real_escape_string($_REQUEST['issame']);
- $shipphone=mysql_real_escape_string($_REQUEST['shipphone']);
- $shipaddress=mysql_real_escape_string($_REQUEST['shipaddress']);
- $shipcity=mysql_real_escape_string($_REQUEST['shipcity']);
- $shipstate=mysql_real_escape_string($_REQUEST['shipstate']);
- $shipzip=mysql_real_escape_string($_REQUEST['shipzip']);
- $salesasso=mysql_real_escape_string($_REQUEST['salesasso']);
- $collector=mysql_real_escape_string($_REQUEST['collector']);
- $creditlimit=mysql_real_escape_string($_REQUEST['creditlimit']);
- $creditstat=mysql_real_escape_string($_REQUEST['creditstat']);
- $agingmethod=mysql_real_escape_string($_REQUEST['agingmethod']);
- $cusnum=$_REQUEST['cusnum'];
- if($fname==''){echo 'First Name<br>'; $er='1';}
- if($lname==''){echo 'Last Name<br>'; $er='1';}
- if($company==''){echo 'Company<br>'; $er='1';}
- if($billingaddress==''){echo 'Billing Address<br>'; $er='1';}
- if($billingcity==''){echo 'Billing City<br>'; $er='1';}
- if($billingstate==''){echo 'Billing State<br>'; $er='1';}
- if($billingzip==''){echo 'Billing Zip<br>'; $er='1';}
- if($billingphone==''){echo 'Billing Phone<br>'; $er='1';}
- if($email==''){echo 'Email<br>'; $er='1';}
- if($issame=='true'){
- }else{
- if($shipcompany==''){echo 'Shipping Company Name<br>'; $er='1';}
- if($shipaddress==''){echo 'Shipping Address<br>'; $er='1';}
- if($shipcity==''){echo 'Shipping City<br>'; $er='1';}
- if($shipstate==''){echo 'Shipping State<br>'; $er='1';}
- if($shipzip==''){echo 'Shipping Zip<br>'; $er='1';}
- }
- if($er==''){
- ////////IF DATA IS FULL INSERT INTO DB//////
- $fullConname="$confname $conlname";/////JOINS FIRST AND LAST NAME OF NEW CLIENT.
- if($billingsuite == ''){
- $billingsuite='Add Suite';
- }
- if($billingfax == ''){
- $billingfax='Add Fax';
- }
- $curdt=date('m/d/Y');
- mysql_query("INSERT INTO customers SET custnum='$cusnum', fname='$fname', lname='$lname', compname='$company', taxid='$taxid', billadd='$billingaddress', billsuit='$billingsuite', billcity='$billingcity', billstate='$billingstate', billzip='$billingzip', billphone='$billingphone', billfax='$billingfax', email='$email', contactname='$fullConname', conemail='$conemail', contactphone='$conphone', shipadd='$shipaddress', shipcity='$shipcity', shipstate='$shipstate', shipzip='$shipzip', shipcom='$shipcompany', shipphone='$shipphone', salesass='$salesasso', collector='$collector', credlim='$creditlimit', creditstat='$creditstat', paymentage='$agingmethod', active='true', isbillsame='$issame', namto='$fname $lname', adddat='$curdt'")or die('Data Entry Error, Review Client Entry!');
- echo 'good';
- ///////ADDITONALS CONTACT ENTRY HERE.
- $g=mysql_query("SELECT * FROM customers WHERE fname='$fname' AND lname='$lname' AND active='true' ORDER BY cusid DESC");
- $r=mysql_fetch_array($g);
- $cusid=$r["cusid"];
- if($confname1!=''){
- if($confname1==''){$confname1='None';}
- if($conlname1==''){$conlname1='None';}
- if($conemail1==''){$conemail1='None';}
- if($conphone1==''){$conphone1='None';}
- mysql_query(" INSERT INTO addcontacts SET blong='$cusid', cfname='$confname1', clname='$conlname1', cemail='$conemail1', chphone='$conphone1', listtype='1'")or die(mysql_error());
- }
- if($confname2!=''){
- if($confname2==''){$confname2='None';}
- if($conlname2==''){$conlname2='None';}
- if($conemail2==''){$conemail2='None';}
- if($conphone2==''){$conphone2='None';}
- mysql_query(" INSERT INTO addcontacts SET blong='$cusid', cfname='$confname2', clname='$conlname2', cemail='$conemail2', chphone='$conphone2', listtype='2'")or die(mysql_error());
- }
- }
- }
- $som='false';
- if($som=='true'){
- $cusid=$b["cusid"];
- $fname=$b["fname"];
- $lname=$b["lname"];
- $compname=$b["compname"];
- $taxid=$b["taxid"];
- $billadd=$b["billadd"];
- $billsuit=$b["billsuit"];
- $billcity=$b["billcity"];
- $billstate=$b["billstate"];
- $billzip=$b["billzip"];
- $billphone=$b["billphone"];
- $billfax=$b["billfax"];
- $email=$b["email"];
- $contactname=$b["contactname"];
- $conemail=$b["conemail"];
- $contactphone=$b["contactphone"];
- $shipadd=$b["shipadd"];
- $shipsuit=$b["shipsuit"];
- $shipcity=$b["shipcity"];
- $shipstate=$b["shipstate"];
- $shipzip=$b["shipzip"];
- }
- ///EDIT CUSTOMERS///
- if($act=='editcust'){
- $fname=mysql_real_escape_string($_REQUEST['fname']);
- $lname=mysql_real_escape_string($_REQUEST['lname']);
- $company=mysql_real_escape_string($_REQUEST['company']);
- $taxid=mysql_real_escape_string($_REQUEST['taxid']);
- $billingaddress=mysql_real_escape_string($_REQUEST['billingaddress']);
- $billingcity=mysql_real_escape_string($_REQUEST['billingcity']);
- $billingstate=mysql_real_escape_string($_REQUEST['billingstate']);
- $billingzip=mysql_real_escape_string($_REQUEST['billingzip']);
- $billingsuite=mysql_real_escape_string($_REQUEST['billingsuite']);
- $billingphone=mysql_real_escape_string($_REQUEST['billingphone']);
- $billingfax=mysql_real_escape_string($_REQUEST['billingfax']);
- $email=mysql_real_escape_string($_REQUEST['email']);
- $confname=mysql_real_escape_string($_REQUEST['confname']);
- $conlname=mysql_real_escape_string($_REQUEST['conlname']);
- $conemail=mysql_real_escape_string($_REQUEST['conemail']);
- $conphone=mysql_real_escape_string($_REQUEST['conphone']);
- $confname1=mysql_real_escape_string($_REQUEST['confname1']);
- $conlname1=mysql_real_escape_string($_REQUEST['conlname1']);
- $conemail1=mysql_real_escape_string($_REQUEST['conemail1']);
- $conphone1=mysql_real_escape_string($_REQUEST['conphone1']);
- $confname2=mysql_real_escape_string($_REQUEST['confname2']);
- $conlname2=mysql_real_escape_string($_REQUEST['conlname2']);
- $conemail2=mysql_real_escape_string($_REQUEST['conemail2']);
- $conphone2=mysql_real_escape_string($_REQUEST['conphone2']);
- $shipcompany=mysql_real_escape_string($_REQUEST['shipcompany']);
- $issame=mysql_real_escape_string($_REQUEST['issame']);
- $shipphone=mysql_real_escape_string($_REQUEST['shipphone']);
- $shipaddress=mysql_real_escape_string($_REQUEST['shipaddress']);
- $shipcity=mysql_real_escape_string($_REQUEST['shipcity']);
- $shipstate=mysql_real_escape_string($_REQUEST['shipstate']);
- $shipzip=mysql_real_escape_string($_REQUEST['shipzip']);
- $salesasso=mysql_real_escape_string($_REQUEST['salesasso']);
- $collector=mysql_real_escape_string($_REQUEST['collector']);
- $creditlimit=mysql_real_escape_string($_REQUEST['creditlimit']);
- $creditstat=mysql_real_escape_string($_REQUEST['creditstat']);
- $agingmethod=mysql_real_escape_string($_REQUEST['agingmethod']);
- $direct=$_REQUEST['cusnum'];
- //echo "This is $issame";
- if($fname==''){echo 'First Name<br>'; $er='1';}
- if($lname==''){echo 'Last Name<br>'; $er='1';}
- if($company==''){echo 'Company<br>'; $er='1';}
- if($billingaddress==''){echo 'Billing Address<br>'; $er='1';}
- if($billingcity==''){echo 'Billing City<br>'; $er='1';}
- if($billingstate==''){echo 'Billing State<br>'; $er='1';}
- if($billingzip==''){echo 'Billing Zip<br>'; $er='1';}
- if($billingphone==''){echo 'Billing Phone<br>'; $er='1';}
- if($email==''){echo 'Email<br>'; $er='1';}
- if($issame=='true'){
- }else{
- if($shipcompany==''){echo 'Shipping Company Name<br>'; $er='1';}
- if($shipaddress==''){echo 'Shipping Address<br>'; $er='1';}
- if($shipcity==''){echo 'Shipping City<br>'; $er='1';}
- if($shipstate==''){echo 'Shipping State<br>'; $er='1';}
- if($shipzip==''){echo 'Shipping Zip<br>'; $er='1';}
- }
- if($er==''){
- ////////IF DATA IS FULL INSERT INTO DB//////
- $fullConname="$confname $conlname";/////JOINS FIRST AND LAST NAME OF NEW CLIENT.
- if($billingsuite == ''){
- $billingsuite='Add Suite';
- }
- if($billingfax == ''){
- $billingfax='Add Fax';
- }
- $curdt=date('m/d/Y');
- mysql_query("UPDATE customers SET fname='$fname', lname='$lname', compname='$company', taxid='$taxid', billadd='$billingaddress', billsuit='$billingsuite', billcity='$billingcity', billstate='$billingstate', billzip='$billingzip', billphone='$billingphone', billfax='$billingfax', email='$email', contactname='$fullConname', conemail='$conemail', contactphone='$conphone', shipadd='$shipaddress', shipcity='$shipcity', shipstate='$shipstate', shipzip='$shipzip', salesass='$salesasso', collector='$collector', credlim='$creditlimit', creditstat='$creditstat', paymentage='$agingmethod', active='true', isbillsame='$issame', namto='$fname $lname', adddat='$curdt', shipphone='$shipphone', shipcom='$shipcompany' WHERE custnum='$direct'")or die('Data Entry Error, Review Client Entry!');
- echo 'good';
- ///////ADDITONALS CONTACT ENTRY HERE.
- $g=mysql_query("SELECT * FROM customers WHERE fname='$fname' AND lname='$lname' ORDER BY cusid DESC");
- $r=mysql_fetch_array($g);
- $cusid=$r["cusid"];
- if($confname1!=''){
- //echo "this is the bomb $confname1";
- if($confname1==''){$confname1='None';}
- if($conlname1==''){$conlname1='None';}
- if($conemail1==''){$conemail1='None';}
- if($conphone1==''){$conphone1='None';}
- mysql_query("UPDATE addcontacts SET cfname='$confname1', clname='$conlname1', cemail='$conemail1', chphone='$conphone1' WHERE blong='$cusid' AND listtype='1'")or die(mysql_error());
- }
- if($confname2!=''){
- if($confname2==''){$confname2='None';}
- if($conlname2==''){$conlname2='None';}
- if($conemail2==''){$conemail2='None';}
- if($conphone2==''){$conphone2='None';}
- mysql_query(" UPDATE addcontacts SET cfname='$confname2', clname='$conlname2', cemail='$conemail2', chphone='$conphone2' WHERE blong='$cusid' AND listtype='2'")or die(mysql_error());
- }
- }
- }
- ///DELETE USER////
- if($act=='delete'){
- $whome=$_REQUEST['whome'];
- mysql_query("UPDATE customers SET active='false' WHERE custnum='$whome'")or die(mysql_error());
- echo $whome;
- }
- ////MAINTAIN EMPLOYEES///
- if($act=='addemp'){
- $username=mysql_real_escape_string($_REQUEST['username']);
- $pass=mysql_real_escape_string($_REQUEST['pass']);
- $pass2=mysql_real_escape_string($_REQUEST['pass2']);
- $efname=mysql_real_escape_string($_REQUEST['efname']);
- $elname=mysql_real_escape_string($_REQUEST['elname']);
- $phone=mysql_real_escape_string($_REQUEST['phone']);
- $fax=mysql_real_escape_string($_REQUEST['fax']);
- $cell=mysql_real_escape_string($_REQUEST['cell']);
- $email=mysql_real_escape_string($_REQUEST['email']);
- $read=mysql_real_escape_string($_REQUEST['read']);
- $write=mysql_real_escape_string($_REQUEST['write']);
- $emptyp=$_REQUEST['emptyp'];
- $sessin=date('msdYi');
- $truesession=md5($sessin);
- $cipsession=substr($truesession, 0, -18);
- $indate=date('m/d/Y');
- if($username==''){$er1='Username'; }else{$er1='';}
- if($pass==''){$er2='Password'; }else{$er2='';}
- if($efname==''){$er3='First Name'; }else{$er3='';}
- if($elname==''){$er4='Last Name'; }else{$er4='';}
- if($phone==''){$er5='Phone'; }else{$er5='';}
- if($er1=='' && $er2=='' && $er3=='' && $er4=='' && $er5==''){$key='processed';
- }else{
- die("<div>$er1</div><div>$er2</div><div>$er3</div><div>$er4</div><div>$er5</div>");
- }
- $ty=mysql_query("SELECT * FROM empusers WHERE username='$username'");
- $rt=mysql_num_rows($ty);
- if($rt>0){
- die("Usename Already Exists in Database!");
- }
- if($pass==$pass2){$rem='good';}else{die("Passwords do not match");}
- mysql_query("INSERT INTO empusers SET username='$username', pass='$pass', efname='$efname', elname='$elname', phone='$phone', fax='$fax', cell='$cell', email='$email', writes='$write', readss='$read', active='true', sessin='$cipsession', acdate='$indate', emtype='$emptyp'")or die(mysql_error());
- echo 'good';
- }
- /////EDIT EMPLOYEE///////
- if($act=='editemp'){
- $shout=$_REQUEST['shout'];
- $username=mysql_real_escape_string($_REQUEST['username']);
- $pass=mysql_real_escape_string($_REQUEST['pass']);
- $pass2=mysql_real_escape_string($_REQUEST['pass2']);
- $efname=mysql_real_escape_string($_REQUEST['efname']);
- $elname=mysql_real_escape_string($_REQUEST['elname']);
- $phone=mysql_real_escape_string($_REQUEST['phone']);
- $fax=mysql_real_escape_string($_REQUEST['fax']);
- $cell=mysql_real_escape_string($_REQUEST['cell']);
- $email=mysql_real_escape_string($_REQUEST['email']);
- $read=mysql_real_escape_string($_REQUEST['read']);
- $write=mysql_real_escape_string($_REQUEST['write']);
- $emtype=$_REQUEST['emtype'];
- //$sessin=date('msdYi');
- //$truesession=md5($sessin);
- //$cipsession=substr($truesession, 0, -18);
- //$indate=date('m/d/Y');
- if($username==''){$er1='Username'; }else{$er1='';}
- if($pass==''){$er2='Password'; }else{$er2='';}
- if($efname==''){$er3='First Name'; }else{$er3='';}
- if($elname==''){$er4='Last Name'; }else{$er4='';}
- if($phone==''){$er5='Phone'; }else{$er5='';}
- if($er1=='' && $er2=='' && $er3=='' && $er4=='' && $er5==''){$key='processed';
- }else{
- die("<div>$er1</div><div>$er2</div><div>$er3</div><div>$er4</div><div>$er5</div>");
- }
- //$ty=mysql_query("SELECT * FROM empusers WHERE username='$username'");
- //$rt=mysql_num_rows($ty);
- //if($rt>0){
- // die("Usename Already Exists in Database!");
- //}
- //echo $emtype;
- mysql_query("UPDATE empusers SET username='$username', pass='$pass', efname='$efname', elname='$elname', phone='$phone', fax='$fax', cell='$cell', email='$email', writes='$write', readss='$read', emtype='$emtype' WHERE empid='$shout'")or die(mysql_error());
- echo 'good';
- }
- ///////////INSERT NEW VENDORS///////
- if($act=='newven'){
- $company=mysql_real_escape_string($_REQUEST["company"]);
- $address=mysql_real_escape_string($_REQUEST["address"]);
- $city=mysql_real_escape_string($_REQUEST["city"]);
- $state=mysql_real_escape_string($_REQUEST["state"]);
- $zip=mysql_real_escape_string($_REQUEST["zip"]);
- $phone=mysql_real_escape_string($_REQUEST["phone"]);
- $fax=mysql_real_escape_string($_REQUEST['fax']);
- $email=mysql_real_escape_string($_REQUEST["email"]);
- $hourrate=mysql_real_escape_string($_REQUEST["hourrate"]);
- $vennumber=mysql_real_escape_string($_REQUEST["vennumber"]);
- $confname=mysql_real_escape_string($_REQUEST['confname']);
- $conlname=mysql_real_escape_string($_REQUEST['conlname']);
- $conemail=mysql_real_escape_string($_REQUEST['conemail']);
- $conphone=mysql_real_escape_string($_REQUEST['conphone']);
- $confname1=mysql_real_escape_string($_REQUEST['confname1']);
- $conlname1=mysql_real_escape_string($_REQUEST['conlname1']);
- $conemail1=mysql_real_escape_string($_REQUEST['conemail1']);
- $conphone1=mysql_real_escape_string($_REQUEST['conphone1']);
- $confname2=mysql_real_escape_string($_REQUEST['confname2']);
- $conlname2=mysql_real_escape_string($_REQUEST['conlname2']);
- $conemail2=mysql_real_escape_string($_REQUEST['conemail2']);
- $conphone2=mysql_real_escape_string($_REQUEST['conphone2']);
- if($company==''){$err1='<div>Company</div>';}else{$err1='';}
- if($address==''){$err2='<div>Address</div>';}else{$err2='';}
- if($city==''){$err3='<div>City</div>';}else{$err3='';}
- if($state=='none'){$err4='<div>State</div>';}else{$err4='';}
- if($zip==''){$err5='<div>Zip</div>';}else{$err5='';}
- if($err1=='' && $err2=='' && $err3=='' && $err4=='' && $err5==''){
- if($phone==''){$phone='None';}
- if($email==''){$email='None';}
- if($hourrate==''){$hourrate='0.00';}
- if($fax==''){$hourrate='None';}
- }else{
- die("$err1 $err2 $err3 $err4 $err5");
- }
- $thatdate=date('m/d/Y');
- mysql_query("INSERT INTO vendors SET compname='$company', address='$address', city='$city', state='$state', zip='$zip', phone='$phone', fax='$fax', email='$email', hourrate='$hourrate', vennumber='$vennumber', active='true', entdate='$thatdate'");
- //echo "this is the bomb $confname1";
- if($confname==''){$confname='None';}
- if($conlname==''){$conlname='None';}
- if($conemail==''){$conemail='None';}
- if($conphone==''){$conphone='None';}
- mysql_query("INSERT INTO vencontacts SET cfname='$confname', clname='$conlname', cemail='$conemail', cphone='$conphone', blong='$vennumber', listtype='1'")or die(mysql_error());
- if($confname1==''){$confname1='None';}
- if($conlname1==''){$conlname1='None';}
- if($conemail1==''){$conemail1='None';}
- if($conphone1==''){$conphone1='None';}
- mysql_query(" INSERT INTO vencontacts SET blong='$vennumber', cfname='$confname1', clname='$conlname1', cemail='$conemail1', cphone='$conphone1', listtype='2'")or die(mysql_error());
- if($confname2==''){$confname2='None';}
- if($conlname2==''){$conlname2='None';}
- if($conemail2==''){$conemail2='None';}
- if($conphone2==''){$conphone2='None';}
- mysql_query("INSERT vencontacts SET cfname='$confname2', clname='$conlname2', cemail='$conemail2', cphone='$conphone2', blong='$vennumber', listtype='3'")or die(mysql_error());
- echo'done';
- }
- ///////EDIT VENDORS//////
- if($act=='editven'){
- $company=mysql_real_escape_string($_REQUEST["company"]);
- $address=mysql_real_escape_string($_REQUEST["address"]);
- $city=mysql_real_escape_string($_REQUEST["city"]);
- $state=mysql_real_escape_string($_REQUEST["state"]);
- $zip=mysql_real_escape_string($_REQUEST["zip"]);
- $phone=mysql_real_escape_string($_REQUEST["phone"]);
- $fax=mysql_real_escape_string($_REQUEST['fax']);
- $email=mysql_real_escape_string($_REQUEST["email"]);
- $hourrate=mysql_real_escape_string($_REQUEST["hourrate"]);
- $vennumber=mysql_real_escape_string($_REQUEST["vennumber"]);
- $confname=mysql_real_escape_string($_REQUEST['confname']);
- $conlname=mysql_real_escape_string($_REQUEST['conlname']);
- $conemail=mysql_real_escape_string($_REQUEST['conemail']);
- $conphone=mysql_real_escape_string($_REQUEST['conphone']);
- $confname1=mysql_real_escape_string($_REQUEST['confname1']);
- $conlname1=mysql_real_escape_string($_REQUEST['conlname1']);
- $conemail1=mysql_real_escape_string($_REQUEST['conemail1']);
- $conphone1=mysql_real_escape_string($_REQUEST['conphone1']);
- $confname2=mysql_real_escape_string($_REQUEST['confname2']);
- $conlname2=mysql_real_escape_string($_REQUEST['conlname2']);
- $conemail2=mysql_real_escape_string($_REQUEST['conemail2']);
- $conphone2=mysql_real_escape_string($_REQUEST['conphone2']);
- if($company==''){$err1='<div>Company</div>';}else{$err1='';}
- if($address==''){$err2='<div>Address</div>';}else{$err2='';}
- if($city==''){$err3='<div>City</div>';}else{$err3='';}
- if($state=='none'){$err4='<div>State</div>';}else{$err4='';}
- if($zip==''){$err5='<div>Zip</div>';}else{$err5='';}
- if($err1=='' && $err2=='' && $err3=='' && $err4=='' && $err5==''){
- if($phone==''){$phone='None';}
- if($email==''){$email='None';}
- if($hourrate==''){$hourrate='0.00';}
- if($fax==''){$hourrate='None';}
- }else{
- die("$err1 $err2 $err3 $err4 $err5");
- }
- $thatdate=date('m/d/Y');
- mysql_query("UPDATE vendors SET compname='$company', address='$address', city='$city', state='$state', zip='$zip', phone='$phone', fax='$fax', email='$email', hourrate='$hourrate' WHERE vennumber='$vennumber'");
- //echo "this is the bomb $confname1";
- if($confname==''){$confname='None';}
- if($conlname==''){$conlname='None';}
- if($conemail==''){$conemail='None';}
- if($conphone==''){$conphone='None';}
- mysql_query("UPDATE vencontacts SET cfname='$confname', clname='$conlname', cemail='$conemail', cphone='$conphone', blong='$vennumber' WHERE listtype='1' AND blong='$vennumber'")or die(mysql_error());
- if($confname1==''){$confname1='None';}
- if($conlname1==''){$conlname1='None';}
- if($conemail1==''){$conemail1='None';}
- if($conphone1==''){$conphone1='None';}
- mysql_query("UPDATE vencontacts SET cfname='$confname1', clname='$conlname1', cemail='$conemail1', cphone='$conphone1' WHERE listtype='2' AND blong='$vennumber'")or die(mysql_error());
- if($confname2==''){$confname2='None';}
- if($conlname2==''){$conlname2='None';}
- if($conemail2==''){$conemail2='None';}
- if($conphone2==''){$conphone2='None';}
- mysql_query("UPDATE vencontacts SET cfname='$confname2', clname='$conlname2', cemail='$conemail2', cphone='$conphone2' WHERE listtype='3' AND blong='$vennumber'")or die(mysql_error());
- echo'done';
- }
- if($act=='deleteven'){
- $whome=$_REQUEST['whome'];
- mysql_query("UPDATE vendors SET active='false' WHERE vennumber='$whome'");
- }
- ///////ADD PRODUCTS//////
- if($act=='addpro'){
- $productname=mysql_real_escape_string($_REQUEST['productname']);
- $price=mysql_real_escape_string($_REQUEST['price']);
- $cost=mysql_real_escape_string($_REQUEST['cost']);
- $vendor=mysql_real_escape_string($_REQUEST['vendor']);
- $sku=mysql_real_escape_string($_REQUEST['sku']);
- $prodec=mysql_real_escape_string($_REQUEST['prodec']);
- $venid=$_REQUEST['venid'];
- if($productname==''){$err1='Product Name';}else{$err1='';}
- if($price==''){$err2='Product Price';}else{$err2='';}
- if($cost==''){$err3='Cost';}else{$err3='';}
- if($vendor=='none'){$err4='Vendor';}else{$err4='';}
- if($err1=='' || $err2=='' || $err3=='' || $err4==''){
- mysql_query("INSERT INTO products SET productname='$productname', price='$price', cost='$cost', vendor='$vendor', sku='$sku', prodec='$prodec', venid='$venid'")or die(mysql_error());
- echo "good";
- }else{
- //echo 'hi';
- die('<div>'.$err1.'</div><div>'.$err2.'</div><div>'.$err3.'</div><div>'.$err4.'</div>');
- }
- }
- ///EDIT PRODUCTS////
- if($act=='editpro'){
- $productname=mysql_real_escape_string($_REQUEST['productname']);
- $price=mysql_real_escape_string($_REQUEST['price']);
- $cost=mysql_real_escape_string($_REQUEST['cost']);
- $vendor=mysql_real_escape_string($_REQUEST['vendor']);
- $sku=mysql_real_escape_string($_REQUEST['sku']);
- $prodec=mysql_real_escape_string($_REQUEST['prodec']);
- $venid=$_REQUEST['venid'];
- $pronum=$_REQUEST['pronum'];
- if($productname==''){$err1='Product Name';}else{$err1='';}
- if($price==''){$err2='Product Price';}else{$err2='';}
- if($cost==''){$err3='Cost';}else{$err3='';}
- if($vendor=='none'){$err4='Vendor';}else{$err4='';}
- if($err1=='' || $err2=='' || $err3=='' || $err4==''){
- mysql_query("UPDATE products SET productname='$productname', price='$price', cost='$cost', vendor='$vendor', sku='$sku', prodec='$prodec', venid='$venid' WHERE proid='$pronum'")or die(mysql_error());
- echo "good";
- }else{
- //echo 'hi';
- die('<div>'.$err1.'</div><div>'.$err2.'</div><div>'.$err3.'</div><div>'.$err4.'</div>');
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement