File "update_forms.php"
Full Path: /home/analogde/www/00000/P1/forms/update_forms.php
File size: 6.55 KB
MIME-type: text/x-php
Charset: utf-8
<?php
session_start();
include '../includes/db.php';
$action = $_GET['action'];
if($action == 'user'){
$uid = $_POST['uid'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$u_type = $_POST['u_type'];
$status = $_POST['status'];
if($query = mysqli_query($conn,"UPDATE users SET username = '$user',
password = '$pass',
user_type = '$u_type',
io = '$status' where uid = '$uid' ")){
echo '<div class="alert alert-success" id="msg2"><i class="fa fa-check"></i> Data successfully updated. </div>
<script>$("#msg2").show("SlideDown");
</script>';
}else{
echo "<script>alert('updating data failed!.')</script>";
}
}
if($action == 'user2'){
$uid = $_POST['uid'];
$query20= mysqli_query($conn,"SELECT * FROM users where uid ='$uid'");
$row20 = mysqli_fetch_assoc($query20);
$cpass = $_POST['current'];
$user = $_POST['user'];
$npass = $_POST['npass'];
if($cpass == $row20['password']){
if($query = mysqli_query($conn,"UPDATE users SET username = '$user',
password = '$npass' where uid = '$uid' ")){
echo '<script>$("#msg20").show("SlideDown");
$("#msg21").hide();
var delay = 2000;
setTimeout(function(){ window.location.reload(); }, delay);
</script>';
}else{
echo "<script>alert('updating data failed!.')</script>";
}}else{
echo '<script>$("#msg21").show("SlideDown");
</script>';
}
}
if($action == 'position'){
$id= $_POST['id'];
$pos= $_POST['pos'];
$dr= $_POST['dr'];
if(mysqli_query($conn,"UPDATE position SET daily_rate = '$dr' , position = '$pos' where pid = '$id'")){
echo '<h4 class="alert alert-success"><i class="fa fa-fw fa-check"></i> Data Succesfully Updated.</h4>';
}else{
echo "<script>alert('Updating data failed!.')</script>";
}
}
if($action == 'division'){
$id = $_POST['id'];
$division = $_POST['division'];
$p_type = $_POST['p_type'];
if($query = mysqli_query($conn,"UPDATE project_division set division = '$division', project_type = '$p_type' where pd_id = '$id'")){
include '../includes/msg_box.php';
echo '<script>$("#msg").html("Data successfully updated.")</script>';
}else{
echo "<script>alert('Saving data failed!.')</script>";
}
}
if($action == 'change_pic'){
$id = $_GET['id'];
$rd2 = mt_rand(1000, 9999);
$filename = basename($_FILES['file']['name']);
$ext = substr($filename, strrpos($filename, '.') + 1);
$file = $rd2. "_" .$filename;
(move_uploaded_file($_FILES['file']['tmp_name'],'../images/'.$file));
$query = mysqli_query($conn,"UPDATE employee set e_pic = '$file' where eid = '$id'");
if($query){
echo '<script> location.replace(document.referrer);</script>';
}
}if($action == 'change_pic2'){
$id = $_GET['id'];
$rd2 = mt_rand(1000, 9999);
$filename = basename($_FILES['file']['name']);
$ext = substr($filename, strrpos($filename, '.') + 1);
$file = $rd2. "_" .$filename;
(move_uploaded_file($_FILES['file']['tmp_name'],'../images/'.$file));
$query = mysqli_query($conn,"UPDATE projects set site_pic = '$file' where project_id = '$id'");
if($query){
echo '<script> location.replace(document.referrer);</script>';
}
}
if($action == 'employee'){
$id =$_POST['id'];
$fname =$_POST['fname'];
$lname =$_POST['lname'];
$mname =$_POST['mname'];
$address =$_POST['address'];
$gender =$_POST['gender'];
$bday =$_POST['bday'];
$cn =$_POST['cn'];
$position =$_POST['position'];
$status =$_POST['status'];
$ps =$_POST['ps'];
$query = mysqli_query($conn,"UPDATE employee SET lastname = '$lname',
firstname = '$fname',
midname = '$mname',
bday = '$bday',
contact_no = '$cn',
address = '$address',
pid = '$position',
status = '$status',
gender = '$gender',
io = '$ps' where eid = '$id' ");
if($query){
echo '<script>$("#suc_msg1").show("slidedown");
var delay = 1500;
setTimeout(function(){ window.location = "index.php?page=employee_profile&id='. $id.'"; }, delay);
</script>';
}else{
echo '<script>$("#err_msg1").show("slidedown");</script>';
}
}
if($action == 'project'){
$id =$_POST['id'];
$pname =$_POST['pname'];
$location =$_POST['location'];
$cost =$_POST['cost'];
$deadline =$_POST['deadline'];
$sdate =$_POST['sdate'];
$tid =$_POST['tid'];
$p_type =$_POST['p_type'];
$stats =$_POST['stats'];
$query = mysqli_query($conn,"UPDATE projects SET project = '$pname',
location = '$location',
overall_cost = '$cost',
deadline = '$deadline',
start_date = '$sdate',
tid = '$tid',
io = '$stats',
proposed_project ='$p_type' where project_id = '$id' ");
if($query ){
echo '<script>$("#suc_msg2").show("slidedown");
var delay = 1500;
setTimeout(function(){ window.location = "index.php?page=project_detail&id='. $id.'&stats='.$stats.' "; }, delay);
</script>';
}else{
echo $query;
}
}
if($action == 'progress'){
foreach($_POST as $var=>$value)
$$var = $value;
$query = mysqli_query($conn,"UPDATE project_progress set pp_id = '$div',progress = '$prog' where prog_id = '$id' ");
if($query){
echo '<script>location.replace(document.referrer);</script>';
}
}
if($action == 'team'){
$id = $_POST['id'];
$fid = $_POST['fid'];
$q1 = mysqli_query($conn,"UPDATE project_team SET eid = $fid where tid = '$id' ");
if(isset($_POST['mid'])){
$mid = $_POST['mid'];
$mc=count($mid);
for($i = 0 ; $i < $mc;$i++){
$q2 = mysqli_query($conn,"INSERT INTO team_member (tid,eid) VALUES('$id','$mid[$i]')");
}
}
if($q1){
echo "true";
}
}
if($action == 'team_stats'){
$io = $_GET['io'];
$id = $_GET['id'];
$update=mysqli_query($conn,"UPDATE project_team set pio = '$io' where tid='$id' ");
if($update){
echo '<script>location.replace(document.referrer);</script>';
}
}
if($action == 'attendance'){
foreach($_GET as $var=>$value)
$$var =$value;
if($task == 'out'){
$query2 = mysqli_query($conn,"UPDATE attendance set time_out = now() where eid ='$id' and date_today = '$d' ");
}
if($task == 'odel'){
$query2 = mysqli_query($conn,"UPDATE attendance set time_out = '' where eid ='$id' and date_today = '$d' ");
}
if($query2){
echo '<script>
window.location.reload();
</script>';
}else{
echo "<script>alert('Employee haven't time in yet.')</script>";
echo '<script>
window.location.reload();
</script>';
}
}
?>