0xV3NOMx
Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64

Your IP : 18.218.63.176

Current Path : /var/www/html/oums/api/
Upload File :
Current File : /var/www/html/oums/api/expenses.php

<?php
    include("sys_connect.php");

    $type = $_GET['type'];
    $user = $_GET['userType'];
    if($type == 'exp'){
        if($user == '1000'){
            $mysql = "select em.femplcode,em.femplname,em.fdeptcode,dp.fdeptname,dp.fdeptshrt 
                      from masempl em inner join masdept dp on em.fdeptcode = dp.fdeptcode
                      where em.fexpnentr='T' and em.femplstat='T' order by em.femplname;";
        }
        $res = mysqli_query($mycon, $mysql);
        $count = mysqli_num_rows($res);
        if($count>0){
            $i=0;
            $data=[];
            while($fetch = mysqli_fetch_assoc($res)){
                $data[$i] = $fetch;
                $i++;
            }
            echo json_encode(array("error_code"=>0, "data"=>$data));
            return;
        }
    }

    if($type == "loc"){
        $empcode = $_GET['empcode'];
        $query = "select * from masdept where fdeptcode in 
                  (select fdeptcode from masempl where femplcode='{$empcode}');";
        $res = mysqli_query($mycon, $query);
        $count = mysqli_num_rows($res);
        if($count>0){
            $fetch = mysqli_fetch_assoc($res);
            echo json_encode(array("error_code"=>0, "data"=>$fetch));
            return;
        }else{
            echo json_encode(array("error_code"=>-1, "data"=>"No Location Found"));
            return;
        }    
    }

    if($type == "desc"){
        $query = "select fheaddesc from mashead;";
        $res = mysqli_query($mycon,$query);
        $count = mysqli_num_rows($res);
        if($count > 0){
            $data=[];
            $i=0;
            while($fetch = mysqli_fetch_assoc($res)){
                $data[$i] = $fetch;
                $i++;
            }
            echo json_encode(array("error_code"=>0, "data"=>$data));
            return;
        }
    }

    if($type == "clnt"){
        $query = "select fclntcode, fclntname, fclntshrt from masclient order by fclntname";
        $res = mysqli_query($mycon, $query);
        $count = mysqli_num_rows($res);
        if($count>0){
            $data=[];
            $i=0;
            while($fetch = mysqli_fetch_assoc($res)){
                $data[$i] = $fetch;
                $i++;
            }
            echo json_encode(array("error_code"=>0, "data"=>$data));
            return;
        }
    }

    if($type == 'savexp'){
        $date = $_POST['date'];
        $deptcode = $_POST['deptcode'];
        $clntcode = $_POST['clntcode'];
        $ptype = $_POST['ptype'];
        $desc = $_POST['desc'];
        $emplcode = $_POST['emplcode'];
        $amt = $_POST['amt'];
        $remarks = $_POST['remarks'];
        $upduser = $_POST['upduser'];

        $query = "insert into expenses(fexpndate, fdeptcode, femplcode, fclntcode,
                  facnttype, fheaddesc, fexpnamnt, fexpnremk, fupdtuser, fupdttime)
                  values('{$date}', '{$deptcode}', '{$emplcode}', '{$clntcode}', 
                  '{$ptype}', '{$desc}', '{$amt}', '{$remarks}', '{$emplcode}', now());";
        $res = mysqli_query($mycon, $query);
        if($res){
            echo json_encode(array("error_code"=>0, "data"=>"Data Saved"));
            return;
        }else{
            echo json_encode(array("error_code"=>-1, "data"=>"Something Went Wrong...!"));
            return;
        }  
    }

    if($type == 'data'){
        $month = $_GET['month'];
        $year = $_GET['year'];
        $dept = $_GET['dept'];
        $emplcode = $_GET['emplcode'];

        $queryHead = "select fusertype from masempl where femplcode='{$emplcode}'";
        $res = mysqli_query($mycon, $queryHead);
        $resRow = mysqli_fetch_assoc($res);
        $usertype = $resRow['fusertype'];

        $qry = "select fclntcode from masclient where fclntshrt = '{$dept}'";
        $res = mysqli_query($mycon, $qry);
        $row = mysqli_fetch_assoc($res);
        $deptnt = $row['fclntcode'];

        if($dept == "ALL"){
            $cond = " ";
        }else{
            $cond = "and e.fdeptcode='{$deptnt}'";
        }

        if($usertype === "admin"){
            $cnd = "";
        }else{
            $cnd = "and e.femplcode = '{$emplcode}'";
        }

        $query = "select e.*, femplname, date_format(fexpndate,'%d/%m/%Y')as fexpdate, fclntshrt
                  from expenses e inner join masempl m on 
                  m.femplcode = e.femplcode and m.fdeptcode = e.fdeptcode 
                  inner join masclient c on c.fclntcode = e.fdeptcode 
                  where  month(fexpndate) = '{$month}' 
                  and year(fexpndate) = '{$year}' {$cond} {$cnd}
                  order by e.facnttype";
        $res = mysqli_query($mycon, $query);
        $count = mysqli_num_rows($res);
        if($count > 0){
            $data = [];
            $i = 0;
            while($row = mysqli_fetch_assoc($res)){
                $data[$i] = $row;
                $i++;
            }
            echo json_encode(array("error_code"=>0, "data"=>$data));
            return;
        }
    }
?>