SMS/_functions.php at master · ashenjay/SMS · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
<?php

/*
 * To change this license header, choose License Headers in Project Properties.
 * To change this template file, choose Tools | Templates
 * and open the template in the editor.
 */
getDBConnection();

function getDBConnection() {
    /**/
    $servername = "db";
    $username = "root";
    $password = "LKJlkj123@@";
    $db = "aspms_db";


    /* //PEEK
      $servername = "localhost";
      $username = "smsenter_root";
      $password = "123@com";
      $db = "smsenter_aspms_db";
     */

// Create connection
    $conn = mysqli_connect($servername, $username, $password, $db);
// Check connection
    if (!$conn) {
        die("Connection failed: " . mysqli_connect_error());
    } else {
        return $conn;
    }
}

function doLogin() {
    $conn = getDBConnection();


    //login hard-corded
    if ($_POST['username'] == 'admin' && $_POST['password'] == 'a') {
        $_SESSION['islog'] = true;
        $_SESSION['username'] = "admin";
        $_SESSION['role'] = "ADM";
        return true;
    } else if ($_POST['username'] == 'emp' && $_POST['password'] == 'a') {
        $_SESSION['islog'] = true;
        $_SESSION['username'] = "emp";
        $_SESSION['role'] = "EMP";
        return true;
    }
    return false;


    /*
      $sql = "SELECT * FROM USERS WHERE username = '".$_POST['username']."' AND password = PASSWORD('".$_POST['password']."')";
      echo 'sql:'.$sql;
      $result = mysqli_query($conn, $sql);
      if (mysqli_num_rows($result) > 0) {
      // output data of each row
      while ($row = mysqli_fetch_assoc($result)) {
      echo "id: " . $row["id"] . " - Name: " . $row["firstname"] . " " . $row["lastname"] . "<br>";
      }
      } else {
      echo "0 results";
      }

      mysqli_close($conn);

     */
}

function addItem($file_name) {
    //insert into table
    $conn = getDBConnection();

    //get next barcode number
   $bcn =  getNextBarcodeNumber($conn);

    $sql = " INSERT INTO item
            (category_id,
             brand_id,
             model,
             selling_price,
             min_price,
             description,
             image_path,
             store_area,
			 stock,
             bcn)
VALUES ('" . $_POST['category_id'] . "',
        '" . $_POST['brand_id'] . "',
        '" . $_POST['model'] . "',
        '" . $_POST['selling_price'] . "',
        '" . $_POST['min_price'] . "',
        '" . $_POST['description'] . "',
        '$file_name',
        '" . $_POST['store_area'] . "',
        '" . $_POST['qty'] . "',
		'" . $bcn . "'); ";

    if (mysqli_query($conn, $sql)) {
        $last_id = mysqli_insert_id($conn);
        echo "<p class=\"bg-success\">New record created successfully " . $last_id . "</p>";
    } else {
        echo "<p class=\"bg-danger\">Error: " . $sql . "<br>" . mysqli_error($conn) . "</p>";
    }

    mysqli_close($conn);

    return $last_id;
}

function getNextBarcodeNumber($conn) {
    $barcode = "";
    $sql = "SELECT * FROM barcode WHERE status = 'ACT' ORDER BY id ASC LIMIT 1";
    $result = mysqli_query($conn, $sql);

    if (mysqli_num_rows($result) > 0) {
        // output data of each row
        while ($row = mysqli_fetch_assoc($result)) {
//            echo "id: " . $row["id"] . " - Name: " . $row["firstname"] . " " . $row["lastname"] . "<br>";
            $id = $row["id"];
            $barcode = $row["bcn"];
            $sql_update = " UPDATE barcode SET status = 'DAC' WHERE id = $id ";
            mysqli_query($conn, $sql_update);
        }
    } else {
        echo "0 results";
    }
    return $barcode;
}

?>