|
Server IP : 162.214.80.37 / Your IP : 216.73.216.83 Web Server : Apache System : Linux sh013.webhostingservices.com 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64 User : imyrqtmy ( 2189) PHP Version : 8.2.18 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0750) : /home2/imyrqtmy/public_html/thesmarthands/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
include("inc/config.php");
if(isset($_POST['add_task'])){
$project_name = $_POST['project_name'];
$task_name = $_POST['task_name'];
$start_datetime = $_POST['start_datetime'];
$end_datetime = $_POST['end_datetime'];
$total_time = $_POST['total_time'];
$emp_name = $_POST['emp_name'];
$erh = $_POST['erh'];
$onbh_rate = $_POST['onbh_rate'];
$total_amt = $_POST['total_amt'];
$po_no = $_POST['po_no'];
$trvl_time_rate = $_POST['trvl_time_rate'];
$milage_rate = $_POST['milage_rate'];
$total_trvl_time = $_POST['total_trvl_time'];
$total_trvl_amt = $_POST['total_trvl_amt'];
$total_milage_time = $_POST['total_milage_time'];
$total_milage_amt = $_POST['total_milage_amt'];
$extra_expenses = $_POST['extra_expenses'];
$remark = $_POST['remark'];
// $total_task_value = $_POST['total_task_value'];
$grand_total = $_POST['grand_total'];
$status = $_POST['status'];
$project_name = mysqli_real_escape_string($conn, $_POST['project_name']);
$task_name = mysqli_real_escape_string($conn, $_POST['task_name']);
$start_datetime = mysqli_real_escape_string($conn, $_POST['start_datetime']);
$end_datetime = mysqli_real_escape_string($conn, $_POST['end_datetime']);
$total_time = mysqli_real_escape_string($conn, $_POST['total_time']);
$emp_name = mysqli_real_escape_string($conn, $_POST['emp_name']);
$erh = mysqli_real_escape_string($conn, $_POST['erh']);
$onbh_rate = mysqli_real_escape_string($conn, $_POST['onbh_rate']);
$total_amt = mysqli_real_escape_string($conn, $_POST['total_amt']);
$po_no = mysqli_real_escape_string($conn, $_POST['po_no']);
$trvl_time_rate = mysqli_real_escape_string($conn, $_POST['trvl_time_rate']);
$milage_rate = mysqli_real_escape_string($conn, $_POST['milage_rate']);
$total_trvl_time = mysqli_real_escape_string($conn, $_POST['total_trvl_time']);
$total_trvl_amt = mysqli_real_escape_string($conn, $_POST['total_trvl_amt']);
$total_milage_time = mysqli_real_escape_string($conn, $_POST['total_milage_time']);
$total_milage_amt = mysqli_real_escape_string($conn, $_POST['total_milage_amt']);
$extra_expenses = mysqli_real_escape_string($conn, $_POST['extra_expenses']);
$remark = mysqli_real_escape_string($conn, $_POST['remark']);
// $total_task_value = mysqli_real_escape_string($conn, $_POST['total_task_value']);
$grand_total = mysqli_real_escape_string($conn, $_POST['grand_total']);
$status = mysqli_real_escape_string($conn, $_POST['status']);
// Handling File Upload
$attachment = "";
if (!empty($_FILES['attachment']['name'])) {
$target_dir = "attachment/"; // Folder where the files will be stored
if (!is_dir($target_dir)) {
mkdir($target_dir, 0777, true); // Create the directory if it doesn't exist
}
$file_name = basename($_FILES['attachment']['name']);
$target_file = $target_dir . time() . "_" . $file_name; // Unique filename
$file_type = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
// Check file type (only allow PDF)
if ($file_type != "pdf") {
$_SESSION['status'] = "Only PDF files are allowed.";
header('Location: task.php');
exit;
}
// Move uploaded file
if (move_uploaded_file($_FILES['attachment']['tmp_name'], $target_file)) {
$attachment = $target_file; // Store the file path in the database
} else {
$_SESSION['status'] = "File upload failed.";
header('Location: task.php');
exit;
}
}
$erh = isset($_POST['erh']) ? $_POST['erh'] : null;
$onbh_rate = isset($_POST['onbh_rate']) ? $_POST['onbh_rate'] : null;
// Construct the SQL query
$query = "INSERT INTO `tasks` (`po_no`, `project_name`, `task_name`, `start_datetime`, `end_datetime`, `total_time`, `emp_name`, `erh`, `onbh_rate`, `total_amt`, `trvl_time_rate`, `milage_rate`, `total_trvl_time`, `total_trvl_amt`, `total_milage_time`, `total_milage_amt`, `extra_expenses`, `remark`, `attachment`, `grand_total`, `status`)
VALUES ('$po_no', '$project_name', '$task_name', '$start_datetime', '$end_datetime', '$total_time', '$emp_name', '$erh', '$onbh_rate', '$total_amt', '$trvl_time_rate', '$milage_rate', '$total_trvl_time', '$total_trvl_amt', '$total_milage_time', '$total_milage_amt', '$extra_expenses', '$remark', '$attachment', '$grand_total', '$status')";
$query_run = mysqli_query($conn, $query);
if ($query_run) {
$_SESSION['status'] = "Data Uploaded Successfully";
header('Location: view-task.php');
exit;
} else {
$_SESSION['status'] = "Data Not Uploaded Successfully";
header('Location: task.php');
exit;
}
}
if (isset($_POST['update_task'])) {
$id = $_POST['id'];
$project_name = mysqli_real_escape_string($conn, $_POST['project_name']);
$task_name = mysqli_real_escape_string($conn, $_POST['task_name']);
$start_datetime = mysqli_real_escape_string($conn, $_POST['start_datetime']);
$end_datetime = mysqli_real_escape_string($conn, $_POST['end_datetime']);
$total_time = mysqli_real_escape_string($conn, $_POST['total_time']);
$emp_name = mysqli_real_escape_string($conn, $_POST['emp_name']);
$erh = mysqli_real_escape_string($conn, $_POST['erh']);
$onbh_rate = mysqli_real_escape_string($conn, $_POST['onbh_rate']);
$total_amt = mysqli_real_escape_string($conn, $_POST['total_amt']);
$po_no = mysqli_real_escape_string($conn, $_POST['po_no']);
$trvl_time_rate = mysqli_real_escape_string($conn, $_POST['trvl_time_rate']);
$milage_rate = mysqli_real_escape_string($conn, $_POST['milage_rate']);
$total_trvl_time = mysqli_real_escape_string($conn, $_POST['total_trvl_time']);
$total_trvl_amt = mysqli_real_escape_string($conn, $_POST['total_trvl_amt']);
$total_milage_time = mysqli_real_escape_string($conn, $_POST['total_milage_time']);
$total_milage_amt = mysqli_real_escape_string($conn, $_POST['total_milage_amt']);
$extra_expenses = mysqli_real_escape_string($conn, $_POST['extra_expenses']);
$remark = mysqli_real_escape_string($conn, $_POST['remark']);
$grand_total = mysqli_real_escape_string($conn, $_POST['grand_total']);
$status = mysqli_real_escape_string($conn, $_POST['status']);
$attachment = $_POST['old_attachment']; // Preserve old attachment by default
if (!empty($_FILES['attachment']['name'])) {
$target_dir = "attachment/";
if (!is_dir($target_dir)) {
mkdir($target_dir, 0777, true);
}
$file_name = basename($_FILES['attachment']['name']);
$target_file = $target_dir . time() . "_" . $file_name;
$file_type = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
if ($file_type != "pdf") {
$_SESSION['status'] = "Only PDF files are allowed.";
header('Location: task.php');
exit;
}
if (move_uploaded_file($_FILES['attachment']['tmp_name'], $target_file)) {
$attachment = $target_file;
} else {
$_SESSION['status'] = "File upload failed.";
header('Location: task.php');
exit;
}
}
// Conditionally update the attachment field only if a new file was uploaded
if (!empty($_FILES['attachment']['name'])) {
$query = "UPDATE `tasks` SET
`po_no` = '$po_no',
`project_name` = '$project_name',
`task_name` = '$task_name',
`start_datetime` = '$start_datetime',
`end_datetime` = '$end_datetime',
`total_time` = '$total_time',
`emp_name` = '$emp_name',
`erh` = '$erh',
`onbh_rate` = '$onbh_rate',
`total_amt` = '$total_amt',
`trvl_time_rate` = '$trvl_time_rate',
`milage_rate` = '$milage_rate',
`total_trvl_time` = '$total_trvl_time',
`total_trvl_amt` = '$total_trvl_amt',
`total_milage_time` = '$total_milage_time',
`total_milage_amt` = '$total_milage_amt',
`extra_expenses` = '$extra_expenses',
`remark` = '$remark',
`attachment` = '$attachment',
`grand_total` = '$grand_total',
`status` = '$status'
WHERE `id` = '$id'";
} else {
$query = "UPDATE `tasks` SET
`po_no` = '$po_no',
`project_name` = '$project_name',
`task_name` = '$task_name',
`start_datetime` = '$start_datetime',
`end_datetime` = '$end_datetime',
`total_time` = '$total_time',
`emp_name` = '$emp_name',
`erh` = '$erh',
`onbh_rate` = '$onbh_rate',
`total_amt` = '$total_amt',
`trvl_time_rate` = '$trvl_time_rate',
`milage_rate` = '$milage_rate',
`total_trvl_time` = '$total_trvl_time',
`total_trvl_amt` = '$total_trvl_amt',
`total_milage_time` = '$total_milage_time',
`total_milage_amt` = '$total_milage_amt',
`extra_expenses` = '$extra_expenses',
`remark` = '$remark',
`grand_total` = '$grand_total',
`status` = '$status'
WHERE `id` = '$id'";
}
$query_run = mysqli_query($conn, $query);
if ($query_run) {
$_SESSION['status'] = "Task Updated Successfully";
header('Location: view-task.php');
exit;
} else {
$_SESSION['status'] = "Task Update Failed";
header('Location: task.php');
exit;
}
}
// delete
if(isset($_POST['delete_task'])){
$id = $_POST['delete_id'];
$photo = $_POST['del_task'];
$query = "DELETE FROM tasks WHERE id = '$id'";
$query_run = mysqli_query($conn, $query);
if($query_run){
if(unlink("attachment/".$photo)) {
$_SESSION['status'] = "Deleted Successfully";
header('Location: view-task.php');
} else {
$_SESSION['status'] = "Error deleting files";
header('Location: view-task.php');
}
} else {
$_SESSION['status'] = "Not Deleted Successfully";
header('Location: view-task.php');
}
}
?>