|
Server IP : 162.214.80.37 / Your IP : 216.73.216.83 Web Server : Apache System : Linux sh013.webhostingservices.com 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64 User : imyrqtmy ( 2189) PHP Version : 8.2.18 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0755) : /home2/imyrqtmy/public_html/localapp/admin/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
include("inc/config.php");
if(isset($_POST['add_task'])){
$project_name = $_POST['project_name'];
// $project_cost = $_POST['project_cost'];
$task_name = $_POST['task_name'];
$start_datetime = $_POST['start_datetime'];
$end_datetime = $_POST['end_datetime'];
$total_time = $_POST['total_time'];
$emp_name = $_POST['emp_name'];
$erh = $_POST['erh'];
$total_amt = $_POST['total_amt'];
$pro_id = $_POST['pro_id'];
$status = $_POST['status'];
// Sanitize input data (for example, you can use mysqli_real_escape_string)
$project_name = mysqli_real_escape_string($conn, $project_name);
// $project_cost = mysqli_real_escape_string($conn, $project_cost);
$task_name = mysqli_real_escape_string($conn, $task_name);
$start_datetime = mysqli_real_escape_string($conn, $start_datetime);
$end_datetime = mysqli_real_escape_string($conn, $end_datetime);
$total_time = mysqli_real_escape_string($conn, $total_time);
$emp_name = mysqli_real_escape_string($conn, $emp_name);
$erh = mysqli_real_escape_string($conn, $erh);
$total_amt = mysqli_real_escape_string($conn, $total_amt);
// Construct the SQL query with sanitized input data
$query = "INSERT INTO `tasks` (`project_name`, `task_name`, `start_datetime`, `end_datetime`, `total_time`, `emp_name`, `erh`, `total_amt`,`pro_id` ,`status`)
VALUES ('$project_name', '$task_name', '$start_datetime', '$end_datetime', '$total_time', '$emp_name', '$erh', '$total_amt','$pro_id' ,'$status')";
// $query = "INSERT INTO `projects` (`project_name`, `task_name`, `start_datetime`, `end_datetime`, `total_time`, `emp_name`, `erh`, `total_amt`) VALUES ('$project_name', '$task_name', '$start_datetime', '$end_datetime', '$total_time', $emp_name', $erh',$total_amt')";
$query_run = mysqli_query($conn, $query);
if($query_run){
$_SESSION['status'] = "Data Uploaded Successfully";
header('Location: view-task.php');
exit;
} else {
$_SESSION['status'] = "Data Not Uploaded Successfully";
header('Location: task.php');
exit;
}
}
if (isset($_POST['update_task'])) {
$id = $_POST['id'];
$project_name = $_POST['project_name'];
$task_name = $_POST['task_name'];
$start_datetime = $_POST['start_datetime'];
$end_datetime = $_POST['end_datetime'];
$total_time = $_POST['total_time'];
$emp_name = $_POST['emp_name'];
$erh = $_POST['erh'];
$total_amt = $_POST['total_amt'];
$status = $_POST['status'];
// Update the project information in the database
$query = "UPDATE tasks
SET project_name='$project_name',
task_name='$task_name',
start_datetime='$start_datetime',
end_datetime='$end_datetime',
total_time='$total_time',
emp_name='$emp_name',
erh='$erh',
total_amt='$total_amt',
status='$status'
WHERE id='$id'";
$query_run = mysqli_query($conn, $query);
if ($query_run) {
$_SESSION['status'] = " Updated Successfully";
header('Location: view-task.php');
} else {
$_SESSION['status'] = "Project Not Updated Successfully";
header('Location: view-task.php');
}
}
// delete
if (isset($_POST['delete_project'])) {
$id = $_POST['delete_id'];
$query = "DELETE FROM projects WHERE id = '$id'";
$query_run = mysqli_query($conn, $query);
if ($query_run) {
$_SESSION['status'] = "Deleted Successfully";
header('Location: view-project.php');
} else {
$_SESSION['status'] = "Not Deleted Successfully";
header('Location: view-project.php');
}
}
?>