AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 02:44:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added select2 libs, started transactions, added additiona fields to vendor, new DB dump removed balance on invoices list

Browse Source
This commit is contained in:
root
2019-04-27 12:10:12 -04:00
parent 095def07a1
commit ee7a7f0ad7
259 changed files with 51996 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
post.php
View File

@@ -319,8 +319,16 @@ if(isset($_POST['add_vendor'])){
$name = strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']));
$description = strip_tags(mysqli_real_escape_string($mysqli,$_POST['description']));
$account_number = strip_tags(mysqli_real_escape_string($mysqli,$_POST['account_number']));
mysqli_query($mysqli,"INSERT INTO vendors SET vendor_name = '$name', vendor_description = '$description', vendor_account_number = '$account_number', vendor_created_at = UNIX_TIMESTAMP()");
$address = strip_tags(mysqli_real_escape_string($mysqli,$_POST['address']));
$city = strip_tags(mysqli_real_escape_string($mysqli,$_POST['city']));
$state = strip_tags(mysqli_real_escape_string($mysqli,$_POST['state']));
$zip = strip_tags(mysqli_real_escape_string($mysqli,$_POST['zip']));
$phone = strip_tags(mysqli_real_escape_string($mysqli,$_POST['phone']));
$phone = preg_replace("/[^0-9]/", '',$phone);
$email = strip_tags(mysqli_real_escape_string($mysqli,$_POST['email']));
$website = strip_tags(mysqli_real_escape_string($mysqli,$_POST['website']));
mysqli_query($mysqli,"INSERT INTO vendors SET vendor_name = '$name', vendor_description = '$description', vendor_address = '$address', vendor_city = '$city', vendor_state = '$state', vendor_zip = '$zip', vendor_phone = '$phone', vendor_email = '$email', vendor_website = '$website', vendor_account_number = '$account_number', vendor_created_at = UNIX_TIMESTAMP()");
$vendor_id = mysqli_insert_id($mysqli);
@@ -339,8 +347,16 @@ if(isset($_POST['edit_vendor'])){
$name = strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']));
$description = strip_tags(mysqli_real_escape_string($mysqli,$_POST['description']));
$account_number = strip_tags(mysqli_real_escape_string($mysqli,$_POST['account_number']));
$address = strip_tags(mysqli_real_escape_string($mysqli,$_POST['address']));
$city = strip_tags(mysqli_real_escape_string($mysqli,$_POST['city']));
$state = strip_tags(mysqli_real_escape_string($mysqli,$_POST['state']));
$zip = strip_tags(mysqli_real_escape_string($mysqli,$_POST['zip']));
$phone = strip_tags(mysqli_real_escape_string($mysqli,$_POST['phone']));
$phone = preg_replace("/[^0-9]/", '',$phone);
$email = strip_tags(mysqli_real_escape_string($mysqli,$_POST['email']));
$website = strip_tags(mysqli_real_escape_string($mysqli,$_POST['website']));
mysqli_query($mysqli,"UPDATE vendors SET vendor_name = '$name', vendor_description = '$description', vendor_account_number = '$account_number', vendor_updated_at = UNIX_TIMESTAMP() WHERE vendor_id = $vendor_id");
mysqli_query($mysqli,"UPDATE vendors SET vendor_name = '$name', vendor_description = '$description', vendor_address = '$address', vendor_city = '$city', vendor_state = '$state', vendor_zip = '$zip', vendor_phone = '$phone', vendor_email = '$email', vendor_website = '$website', vendor_account_number = '$account_number', vendor_updated_at = UNIX_TIMESTAMP() WHERE vendor_id = $vendor_id");
$_SESSION['alert_message'] = "Vendor modified";