0xV3NOMx
Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64

Your IP : 3.16.78.146

Current Path : /var/www/html/oums/src/
Upload File :
Current File : /var/www/html/oums/src/expense.php

<?php
include("sys_session.php");
include("sys_connect.php");

$resp_mesg = "";
$resp_stat = "";
$resp_file = "";

if ($_POST["load_data"] == 'empl_data') {
    if ($type_id == 'ADMIN') {
        echo "<option value=0>--Select--</option>";
        $mysql = "select em.femplcode,em.femplname,em.fdeptcode,dp.fdeptname,dp.fdeptshrt from masempl em
        inner join masdept dp on em.fdeptcode = dp.fdeptcode
        where em.femplstat='T' order by em.femplname;";
    } else {
        $mysql = "select em.femplcode,em.femplname,em.fdeptcode,dp.fdeptname,dp.fdeptshrt from masempl em
        inner join masdept dp on em.fdeptcode = dp.fdeptcode
        where em.fexpnentr='T' and em.femplstat='T' and em.femplcode='$empl_id' order by em.femplname";
    }
    
    $myres = mysqli_query($mycon, $mysql);
    if (mysqli_num_rows($myres) == 0) {
        echo "<option value='XXXX'>ENTRY NOT ALLOWED!</option>";
    } else {
        while ($myrow = mysqli_fetch_assoc($myres)) {
            echo "<option value='$myrow[femplcode]'>$myrow[femplname] [$myrow[femplcode]]</option>";
        }
    }
}

if ($_POST["load_data"] == 'dept_data') {
    $empl_code = $_POST["empl_code"];
    $mysql = "select * from masdept where fdeptcode in (select fdeptcode from masempl where femplcode='$empl_code')";
    $myres = mysqli_query($mycon, $mysql);
    while ($myrow = mysqli_fetch_assoc($myres)) {
        echo "<option value='$myrow[fdeptcode]'>$myrow[fdeptname] [$myrow[fdeptcode]]</option>";
    }
}


if ($_POST["load_data"] == 'clnt_data') {
    $mysql = "select * from masclient order by fclntname";
    $myres = mysqli_query($mycon, $mysql);
    if (mysqli_num_rows($myres) > 1) {
        echo "<option value=0>--Select--</option>";
    }
    while ($myrow = mysqli_fetch_assoc($myres)) {
        echo "<option value='$myrow[fclntcode]'>$myrow[fclntname]</option>";
    }
}


if ($_POST["load_data"] == 'disp_data') {
    $i = 1;
    $dept_code = $_POST['dept_code'];
    $empl_code = $_POST['empl_code'];
    $acnt_type = $_POST['acnt_type'];
    $expn_date = $_POST['expn_date'];

    $head_desc = "0";
    $expn_amnt = "0.00";
    $clnt_code = "0";
    $expn_remk = "";
    $expn_file = "";
    $i = 1;

    // ---START CHECK FOR OLD ENTRIES / FUTURE ENTRIES---
    if ($type_id != 'ADMIN') {
        $mysql = "select if(str_to_date('$expn_date','%d/%m/%Y')>curdate(),'new','') as fdateremk";
        $myres = mysqli_query($mycon, $mysql);
        $myrow = mysqli_fetch_assoc($myres);
        if ($myrow['fdateremk'] == "new") {
            echo "<div class='alert alert-danger'>Entry not allowed for this date [New]</div>";
            exit();
        } elseif (substr($expn_date, 3) != date('m/Y')) {
            echo "<div class='alert alert-danger'>Entry not allowed for this date [Old]</div>";
            exit();
        }
    }
    // ---END CHECK FOR OLD ENTRIES / FUTURE ENTRIES---

    echo "<table id='dataTable' class='table_list' align='center'>";
    echo "<th width='5%'> # </th>";
    echo "<th width='30%'> Description </th>";
    echo "<th width='10%'> Amount </th>";
    echo "<th width='20%'> Client </th>";
    echo "<th width='30%'> Remarks </th>";
    echo "<th width='5%'> Action</th>";

    $mysql1 = "select * from expenses where femplcode='$empl_code' and facnttype='$acnt_type' and fexpndate=str_to_date('$expn_date','%d/%m/%Y') order by fheaddesc,fexpnremk";
    $myres1 = mysqli_query($mycon, $mysql1);
    $mycnt1 = mysqli_num_rows($myres1);
    if ($mycnt1 == 0) {
        echo "<tr>";
        echo "<td width='5%' align='center'>";
        echo "<input type=text id='txtslnolist[]' name='txtslnolist[]' class='form-control' disabled=disabled value='$i' style='text-align:center;'>";
        echo "</td>";
        echo "<td width='30%' align='left'>";
        echo "<select id='txtheaddesc[]' name='txtheaddesc[]' class='form-control'>";
        echo "<option value='0'>-Select-</option>";
        $mysql2 = "select * from mashead where facnttype='$acnt_type' order by fheaddesc";
        $myres2 = mysqli_query($mycon, $mysql2);
        while ($myrow2 = mysqli_fetch_assoc($myres2)) {
?>
<option value="<?php echo $myrow2["fheaddesc"]; ?>" <?php if ($head_desc == $myrow2["fheaddesc"]) {
                                                                    echo 'selected="selected"';
                                                                } ?>><?php echo $myrow2["fheaddesc"]; ?></option>
<?php
        }
        echo "</select>";
        echo "</td>";
        echo "<td width='10%' align='left'>";
        echo "<input type='text' id='txtexpnamnt[]' name='txtexpnamnt[]' class='form-control' value='$expn_amnt' maxlenght='12' style='text-align:right;'/>";
        echo "</td>";
        echo "<td width='20%' align='left'>";
        echo "<select id='txtclntcode[]' name='txtclntcode[]' class='form-control'>";
        echo "<option value='0'>-Select-</option>";
        $mysql2 = "select * from masclient order by fclntname";
        $myres2 = mysqli_query($mycon, $mysql2);
        while ($myrow2 = mysqli_fetch_assoc($myres2)) {
        ?>
<option value="<?php echo $myrow2["fclntcode"]; ?>" <?php if ($clnt_code == $myrow2["fclntcode"]) {
                                                                    echo 'selected="selected"';
                                                                } ?>><?php echo $myrow2["fclntshrt"] . ' - ' . $myrow2["fclntname"] . ' [' . $myrow2["fclntcode"] . ']'; ?></option>
<?php
        }
        echo "</select>";
        echo "</td>";
        echo "<td width='30%' align='left'>";
        echo "<input type='text' id='txtexpnremk[]' name='txtexpnremk[]' class='form-control' value='$expn_remk' onBlur='validate_row(this)'/>";
        echo "</td>";
        echo "<td width='5%' align='center'>";
        echo "<a class='btn btn-danger btn-sm' href=# onClick='deleteRow(this)')><span class='glyphicon glyphicon-trash'></span></a>";
        echo "</td>";
        echo "</tr>";
    } else {
        while ($myrow1 = mysqli_fetch_assoc($myres1)) {
            $head_desc = strtoupper($myrow1['fheaddesc']);
            $expn_amnt = $myrow1['fexpnamnt'];
            $clnt_code = $myrow1['fclntcode'];
            $expn_remk = $myrow1['fexpnremk'];
            $expn_file = $myrow1['fexpnfile'];

            echo "<tr>";
            echo "<td width='5%' align='center'>";
            echo "<input type=text id='txtslnolist[]' name='txtslnolist[]' class='form-control' disabled=disabled value='$i' style='text-align:center;'>";
            echo "</td>";
            echo "<td width='30%' align='left'>";
            echo "<select id='txtheaddesc[]' name='txtheaddesc[]' class='form-control'>";
            echo "<option value='0'>-Select-</option>";
            $mysql2 = "select * from mashead where facnttype='$acnt_type' order by fheaddesc";
            $myres2 = mysqli_query($mycon, $mysql2);
            while ($myrow2 = mysqli_fetch_assoc($myres2)) {
            ?>
<option value="<?php echo $myrow2["fheaddesc"]; ?>" <?php if ($head_desc == $myrow2["fheaddesc"]) {
                                                                        echo 'selected="selected"';
                                                                    } ?>><?php echo $myrow2["fheaddesc"]; ?></option>
<?php
            }
            echo "</select>";
            echo "</td>";
            echo "<td width='10%' align='left'>";
            echo "<input type='text' id='txtexpnamnt[]' name='txtexpnamnt[]' class='form-control' value='$expn_amnt' maxlength='12' style='text-align:right;'/>";
            echo "</td>";
            echo "<td width='20%' align='left'>";
            echo "<select id='txtclntcode[]' name='txtclntcode[]' class='form-control'>";
            echo "<option value='0'>-Select-</option>";
            $mysql2 = "select * from masclient order by fclntname";
            $myres2 = mysqli_query($mycon, $mysql2);
            while ($myrow2 = mysqli_fetch_assoc($myres2)) {
            ?>
<option value="<?php echo $myrow2["fclntcode"]; ?>" <?php if ($clnt_code == $myrow2["fclntcode"]) {
                                                                        echo 'selected="selected"';
                                                                    } ?>><?php echo $myrow2["fclntshrt"] . ' - ' . $myrow2["fclntname"] . ' [' . $myrow2["fclntcode"] . ']'; ?></option>
<?php
            }
            echo "</select>";
            echo "</td>";
            echo "<td width='30%' align='left'>";
            echo "<input type='text' id='txtexpnremk[]' name='txtexpnremk[]' class='form-control' value='$expn_remk' onBlur='validate_row(this)'/>";
            echo "</td>";
            echo "<td width='5%' align='center'>";
            echo "<a class='btn btn-danger btn-sm' href=# onClick='deleteRow(this)')><span class='glyphicon glyphicon-trash'></span></a>";
            echo "</td>";
            echo "</tr>";
            $i++;
        }
    }
    echo "</table>";
}

if ($_POST["load_data"] == 'save_data') {
    $dept_code = $_POST['dept_code'];
    $empl_code = $_POST['empl_code'];
    $acnt_type = $_POST['acnt_type'];
    $expn_date = $_POST['expn_date'];
    $head_desc = $_POST['head_desc'];
    $expn_amnt = $_POST['expn_amnt'];
    $clnt_code = $_POST['clnt_code'];
    $expn_remk = $_POST['expn_remk'];

    // ---START CHECK FOR OLD ENTRIES / FUTURE ENTRIES---
    if ($type_id != 'ADMIN') {
        $mysql = "select if(str_to_date('$expn_date','%d/%m/%Y')>curdate(),'new','') as fdateremk";
        $myres = mysqli_query($mycon, $mysql);
        $myrow = mysqli_fetch_assoc($myres);
        if ($myrow['fdateremk'] == "new") {
            echo "<div class='alert alert-danger'>Entry not allowed for this date [New]</div>";
            exit();
        } elseif (substr($expn_date, 3) != date('m/Y')) {
            echo "<div class='alert alert-danger'>Entry not allowed for this date [Old]</div>";
            exit();
        }
    }
    // ---END CHECK FOR OLD ENTRIES / FUTURE ENTRIES---

    $mysql = "delete from expenses where femplcode='$empl_code' and fexpndate=str_to_date('$expn_date','%d/%m/%Y') and facnttype='$acnt_type'";
    $myres = mysqli_query($mycon, $mysql);

    for ($i = 0; $i < sizeof($head_desc); $i++) {
        if (strval($expn_amnt[$i]) != 0) {
            $mysql = "insert into expenses (fexpndate, fdeptcode, femplcode, facnttype, fheaddesc, fexpnamnt, fclntcode, fexpnremk, fupdtuser, fupdttime) values(str_to_date('$expn_date','%d/%m/%Y'), '$dept_code', '$empl_code', '$acnt_type', '$head_desc[$i]', '$expn_amnt[$i]', '$clnt_code[$i]', '$expn_remk[$i]', '$user_id', now())";
            $myres = mysqli_query($mycon, $mysql);
        }
    }
    $resp_mesg = "Expenses updated!";
    echo json_encode(array("mesg" => $resp_mesg, "stat" => $resp_stat, "file" => $resp_file));
}
?>