/
var
/
www
/
barefootlaw.org
/
bios2
/
Upload File
HOME
<?php require_once('../Connections/fleetMan.php'); ?> <?php require_once("functions.php"); $api = new fleet(); ?> <?php if (!isset($_SESSION)) { session_start(); } $MM_authorizedUsers = ""; $MM_donotCheckaccess = "true"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && true) { $isValid = true; } } return $isValid; } $MM_restrictGoTo = "signin.php"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) $MM_referrer .= "?" . $_SERVER['QUERY_STRING']; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?> <?php mysql_select_db($database_fleetMan, $fleetMan); //Posted Values if(isset($_POST['submit'])) { $api->error_msg = ""; $query = array(); $query2 = ""; //Submitted Form Items $keys = array_merge(array_keys($_FILES),array_keys($_POST)); $comparison = $_SESSION['RecordParameters_'.$_GET['module']]['form_fields']; foreach($comparison as $item) { if(in_array(sha1($item['field']),$keys)) { $bits = explode(".",$item['field']); if(substr($bits[1],0,5) == "file_") { //Upload File if(isset($_FILES[sha1($item['field'])]['name'])) { $temp_name = md5($_SESSION['MM_Username'].date("Y-m-d H:i:s")); $file_extension = substr($_FILES[sha1($item['field'])]['name'],strrpos($_FILES[sha1($item['field'])]['name'],".")+1); if(move_uploaded_file($_FILES[sha1($item['field'])]['tmp_name'], 'temp/'.$temp_name.'.'.$file_extension)) { $dbValue = 'temp/'.$temp_name.'.'.$file_extension; } else { $dbValue = ""; } } else { $dbValue = ""; } } else { $dbValue = $api->format_data($bits[0],$bits[1],$_POST[sha1($item['field'])]); } if(!in_array($bits[0], $query)) { $query[] = $bits[0]; $query2 .= "insert into `".$bits[0]."` set "; $query2 .= "`".$bits[1]."` = ".$dbValue.", "; //if($api->error_msg != "") { goto error; } } else { $query2 .= "`".$bits[1]."` = ".$dbValue.", "; //if($api->error_msg != "") { goto error; } } } } //Non Submitable Items foreach($query as $item) { $get_cols = mysql_query("SHOW FULL COLUMNS FROM ".$item); $get_cols_data = mysql_fetch_assoc($get_cols); do { if(substr($get_cols_data['Field'],0,1) == "_") { //Special Data Types switch($get_cols_data['Type']) { case 'datetime': $query2 .= "`".$get_cols_data['Field']."` = '".date("Y-m-d H:i:s")."', "; break; case 'date': $query2 .= "`".$get_cols_data['Field']."` = '".date("Y-m-d")."', "; break; case 'time': $query2 .= "`".$get_cols_data['Field']."` = '".date("H:i:s")."', "; break; } //Special Columns switch($get_cols_data['Field']) { case '_who_added': $query2 .= "`".$get_cols_data['Field']."` = '".$api->get_record("bios_sys_user","id","where email = '".$_SESSION['MM_Username']."' and _status = '1'")."', "; break; } } } while ($get_cols_data = mysql_fetch_assoc($get_cols)); } $go = mysql_query(substr($query2,0,-2)); if($go) { //Add Record Action $status = "<strong>Record has succesfully been added!</strong>"; } else { error: if($api->error_msg != "") { $status = $api->error_msg; } else { $status = '<strong>Error: Please try again later: '.mysql_error().'</strong>'; } } } if(isset($_SESSION['RecordParameters_'.$_GET['module']]) && isset($_SESSION['RecordParameters_'.$_GET['module']]['form_title'])) { $params = $_SESSION['RecordParameters_'.$_GET['module']]; } else { echo "This module is not active.<br />Please try again soon."; exit; } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!--<link rel="shortcut icon" href="../images/favicon.png" type="image/png">--> <title>Add Record</title> <link rel="stylesheet" href="../lib/jquery-ui/jquery-ui.css"> <link rel="stylesheet" href="../lib/select2/select2.css"> <link rel="stylesheet" href="../lib/dropzone/dropzone.css"> <link rel="stylesheet" href="../lib/jquery-toggles/toggles-full.css"> <link rel="stylesheet" href="../lib/fontawesome/css/font-awesome.css"> <link rel="stylesheet" href="../lib/timepicker/jquery.timepicker.css"> <link rel="stylesheet" href="../lib/bootstrapcolorpicker/css/bootstrap-colorpicker.css"> <link rel="stylesheet" href="../lib/bootstrap3-wysihtml5-bower/bootstrap3-wysihtml5.css"> <link rel="stylesheet" href="../css/quirk.css"> <script src="../lib/modernizr/modernizr.js"></script> <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries --> <!--[if lt IE 9]> <script src="../lib/html5shiv/html5shiv.js"></script> <script src="../lib/respond/respond.src.js"></script> <![endif]--> </head> <body> <section><!-- leftpanel --> <div class="mainpanel"> <div class="contentpanel"> <div class="row"> <div class="col-sm-6"> <div class="panel"> <div class="panel-heading"> <h4 class="panel-title"><?php echo $params['form_title']; ?></h4> <p><?php echo isset($status) ? $status : $params['form_desc']; ?></p> </div> <form name="new_appointment" method="POST" action="" enctype="multipart/form-data"> <div class="panel-body"> <?php foreach($params['form_fields'] as $field) { if(isset($field['field']) && $field['field'] != "") { ?> <div class="form-group"> <label><?php echo $field['label']; ?></label> <?php //$foreign = isset($field['foreign_table_keys']) ? $field['foreign_table_keys'] : ""; //$extras = isset($field['extras']) ? $field['extras'] : ""; echo $api->form_field_html($field['field'],$api->get_record("fleet_personel","id","where email = '".$_SESSION['MM_Username']."'")); ?> </div> <?php } ?> <?php } ?> <div class="form-group"> <button class="btn btn-info" type="submit" name="submit">Submit</button> </div> </div> </form> </div><!-- panel --><!-- panel --><!-- panel --><!-- panel --> </div><!-- col-sm-6 --> <!-- ####################################################### --> <div class="col-sm-6"><!-- panel --><!-- panel --><!-- panel --><!-- panel --> </div><!-- col-sm-6 --> </div><!-- row --> </div><!-- contentpanel --> </div><!-- mainpanel --> </section> <script src="../lib/jquery/jquery.js"></script> <script src="../lib/jquery-ui/jquery-ui.js"></script> <script src="../lib/bootstrap/js/bootstrap.js"></script> <script src="../lib/jquery-autosize/autosize.js"></script> <script src="../lib/select2/select2.js"></script> <script src="../lib/jquery-toggles/toggles.js"></script> <script src="../lib/jquery-maskedinput/jquery.maskedinput.js"></script> <script src="../lib/timepicker/jquery.timepicker.js"></script> <script src="../lib/dropzone/dropzone.js"></script> <script src="../lib/bootstrapcolorpicker/js/bootstrap-colorpicker.js"></script> <script src="../lib/bootstrap3-wysihtml5-bower/bootstrap3-wysihtml5.all.js"></script> <script src="../js/quirk.js"></script> <script> $(function() { // Textarea Auto Resize autosize($('#autosize')); // Select2 Box $('#select1, #select2, #select3').select2(); $("#select4").select2({ maximumSelectionLength: 2 }); $("#select5").select2({ minimumResultsForSearch: Infinity }); $("#select6").select2({ tags: true }); // Toggles $('.toggle').toggles({ on: true, height: 26 }); // Input Masks $("#date").mask("99/99/9999"); $("#phone").mask("(999) 999-9999"); $("#ssn").mask("999-99-9999"); // Date Picker $('#datepicker').datepicker(); $('#datepicker-inline').datepicker(); $('#datepicker-multiple').datepicker({ numberOfMonths: 2 }); // Time Picker $('#tpBasic').timepicker(); $('#tp2').timepicker({'scrollDefault': 'now'}); $('#tp3').timepicker(); $('#setTimeButton').on('click', function (){ $('#tp3').timepicker('setTime', new Date()); }); // Colorpicker $('#colorpicker1').colorpicker(); $('#colorpicker2').colorpicker({ customClass: 'colorpicker-lg', sliders: { saturation: { maxLeft: 200, maxTop: 200 }, hue: { maxTop: 200 }, alpha: { maxTop: 200 } } }); }); </script> <script type="text/javascript"> function filter_values(field, value) { $.getJSON( "json_async.php?action=filter_select&field="+field+"&value="+value, function( data ) { for(var i = 0; i < data.length; i++) { //data[i].icon } }); } </script> </body> </html>