MSV FM

dot.antimicrobial@66.96.161.157: ~ $
Path : /hermes/bosweb/b1705/absoluteresultstechnologies.net/public_html/kwchallenge.com/
File Upload :
Current < : /hermes/bosweb/b1705/absoluteresultstechnologies.net/public_html/kwchallenge.com/sales.php

<?php
 session_save_path("/home/users/web/b2021/nf.legacymotivation/cgi-bin/tmp");
	session_start();
	
	if(isset($_GET['logout']))
	{
		unset($_SESSION['kwchallenge']);
		header("location: index.php");
		exit;
	}
	if(!isset($_SESSION['kwchallenge']['loggedIn']) || !$_SESSION['kwchallenge']['loggedIn'])
	{
		unset($_SESSION['kwchallenge']);
		header("location: login.php");
		exit;
	}
	
	if(isset($_GET['back'])) $_SESSION['kwchallenge']['page']--;
	if(isset($_GET['forward'])) $_SESSION['kwchallenge']['page']++;
	
	include_once('mysqlUtils.php');
	
	if(isset($_GET['del']))
	{
		mysql_query('DELETE FROM kwchallenge_sales WHERE salesID = ' . $_GET['del']);
		header("location: sales.php");
		exit;		
	}
	
	if(isset($_POST['firstname']))
	{
		if(trim($_POST['firstname']) == "" ) $_SESSION['kwchallenge']['error'] = '* Please enter the customer\'s first name';
		else if(trim($_POST['lastname']) == "" ) $_SESSION['kwchallenge']['error'] = '* Please enter the customer\'s last name';
		else if(trim($_POST['postalCode']) == "" ) $_SESSION['kwchallenge']['error'] = '* Please enter the customer\'s postal code';
		else if(trim($_POST['salesman']) == "" ) $_SESSION['kwchallenge']['error'] = '* Please enter the salesperson';
		else
		{
			$sql = 'INSERT INTO kwchallenge_sales (firstname,
												lastname,
												postalCode,
												phone,
												year,
												description,
												newUsed,
												salesman) VALUES ("' . trim($_POST['firstname']) . '",
																  "' . trim($_POST['lastname']) . '",
																  "' . trim($_POST['postalCode']) . '",
																  "' . trim($_POST['phone']) . '",
																  "' . trim($_POST['year']) . '",
																  "' . trim($_POST['description']) . '",
																  "' . trim($_POST['newUsed']) . '",
																  "' . $_POST['salesman'] . '")';
			if(mysql_query($sql))
			{
				$_SESSION['kwchallenge']['page'] = 1;
				$_SESSION['kwchallenge']['error'] = '* The entry was added successfully.';
			}	
			else
			{
				$_SESSION['kwchallenge']['error'] = $sql.'* An error occurred. The entry was not added';
			}																			   
		}
		
		header("location: sales.php");
		exit;
	}
	
	$salespersonResults = mysql_query('SELECT * FROM kwchallenge_salesperson WHERE dealer = "' . $_SESSION['kwchallenge']['dealer'] . '" ORDER BY dealer,name ASC');
	$salesmanArray = array();
	while($salesman = mysql_fetch_assoc($salespersonResults)) $salesmanArray[$salesman['salespersonID']] = $salesman;
	
	$perPage = 40;
	$salesResults = mysql_query('SELECT * FROM kwchallenge_sales WHERE salesman in (' . implode(',',array_keys($salesmanArray)). ')');
	//$salesResults = mysql_query('SELECT * FROM kwchallenge_sales');
	$totalSales = mysql_num_rows($salesResults);
	$maxPage = ceil(mysql_num_rows($salesResults)/$perPage);
	$maxPage = max($maxPage,1);
	
	if(!isset($_SESSION['kwchallenge']['page'])) $_SESSION['kwchallenge']['page'] = 0;
	if($_SESSION['kwchallenge']['page'] > $maxPage) $_SESSION['kwchallenge']['page'] = $maxPage;
	if($_SESSION['kwchallenge']['page'] < 1) $_SESSION['kwchallenge']['page'] = 1;
	
	$salesResults = mysql_query('SELECT * FROM kwchallenge_sales WHERE salesman in (' . implode(',',array_keys($salesmanArray)). ') ORDER BY salesID DESC LIMIT ' . $perPage*($_SESSION['kwchallenge']['page']-1) . ',' . $perPage);
	echo 'SELECT * FROM kwchallenge_sales WHERE salespersonID in (' . implode(',',array_keys($salesmanArray)). ') ORDER BY salesID DESC LIMIT ' . $perPage*($_SESSION['kwchallenge']['page']-1) . ',' . $perPage;
	mysql_data_seek($salespersonResults,0);
	
	include_once('header.php');
	
	

?>
<script>
	function deleteEntry(salesID)
	{
		if(confirm("Are you sure you want to delete this entry?"))
		{
			location.href = "?del=" + salesID;
		}
		return false;
	}
</script>	
<style>	
	.formTbl th {color:#eeeeee;text-align:left;font-size:10pt;vertical-align:middle;padding:5px 5px;font-weight:normal}
	.formTbl input {font-size:8pt}
	.headerTbl {}
	.headerTbl a{color:white;text-decoration:none;}
	.pageTbl a,.listTbl a {color:white;text-decoration:none;font-weight:bold}
	.pageTbl td {color:white;width:20px;text-align:center;font-weight:bold}
	.listTbl {width:800px;border:1px solid #333333;}
	.listTbl th {color:#eeeeee;background-image:url('images/thBG.jpg');font-size:9pt;height:20px;vertical-align:middle}
	.listTbl td {color:white;border-bottom:1px solid #cccccc;height:20px;vertical-align:middle;text-align:center}
	.addTbl td {padding:5px 10px 5px 0px;text-align:left;border:0px}
	.addTbl td input {width:125px}
</style>	
<table cellspacing="0" cellpadding="0" class="contentTbl">
	<tr>
		<td style="width:800px;text-align:center">
			<!--
			<img src="images/eastwest.jpg">
			<br><br>
			<table cellspacing="0" cellpadding="0" class="headerTbl">
				<tr>
					<td style="font-weight:bold;vertical-align:bottom;color:white">
						&nbsp;
						<a href="index.php">Salesperson Board</a>
						
<?php
	if($_SESSION['kwchallenge']['loggedInAdmin'])
	{
?>									
						&nbsp;|&nbsp;
						<a href="sales.php">Sales Log</a>
<?php
	}
?>									
						&nbsp;|&nbsp;
						<a href="?logout">Logout</a>
					</td>
				</tr>
			</table>
			-->
			
			<br><br>
						<img src="images/challenger.jpg" usemap="#arlink" border="0">
						<map name="arlink">
  							<area shape="rect" coords="201,59,349,110" href="http://www.absoluteresults.com" alt="Sun" />
  						</map>
		</td>
	</tr>
</table>
<br>
<br>		
<table cellspacing="0" cellpadding="0" style="width:100%">
	<tr>
		<td style="text-align:left;font-weight:bold;color:red">
			<?= $_SESSION['kwchallenge']['error'] ?>
			<?php unset($_SESSION['kwchallenge']['error']) ?>
		</td>
	</tr>	
</table>
<form method="POST">
	<table cellspacing="0" cellpadding="0" class="listTbl">	
		<tr>
			<th style="text-align:left;padding-left:10px">Add A New Sale</td>
		</tr>
		<tr>
			<td style="text-align:left;float:left;padding:10px">
				<table cellspacing="0" cellpadding="0" style="width:100%">	
					<tr>
						<td style="border:0px">
							<table cellspacing="0" cellpadding="0" class="addTbl">	
								<tr>
									<td>First Name</td>
									<td><input type="text" name="firstname"></td>
								</tr>
								<tr>
									<td>Last Name</td>
									<td><input type="text" name="lastname"></td>
								</tr>
							</table>
						</td>
						<td style="border:0px">
							<table cellspacing="0" cellpadding="0" class="addTbl">	
								<tr>
									<td>Phone</td>
									<td><input style="width:100px" type="text" name="phone"></td>
								</tr>
								<tr>
									<td>Postal Code</td>
									<td><input style="width:100px" type="text" name="postalCode"></td>
								</tr>
							</table>
						</td>
						<td style="border:0px;text-align:left">
							<table cellspacing="0" cellpadding="0" class="addTbl">	
								<tr>
									<td>Year</td>
									<td><input style="width:50px" type="text" name="year"></td>
									<td>Vehicle</td>
									<td><input style="width:200px" type="text" name="description"></td>
								</tr>
							</table>
							<table cellspacing="0" cellpadding="0" class="addTbl">	
								<tr>
									<td>New/Used</td>
									<td>
										<select name="newUsed">
											<option></option>
											<option value="new">New</option>
											<option value="used">Used</option>
										</select>
									</td>
									<td>Salesperson</td>
									<td>
										<select name="salesman">
											<option></option>
							<?php
								while($salesperson = mysql_fetch_assoc($salespersonResults))
								{
							?>
											<option value="<?= $salesperson['salespersonID'] ?>"><?= $salesperson['dealer'] . ' - ' . $salesperson['name'] ?></option>
							<?php
								}
								mysql_data_seek($salespersonResults,0);
							?>
										</select>
									</td>
								</tr>
							</table>
						</td>
					</tr>
					<tr>
						<td style="text-align:center;border:0px;padding-top:5px" colspan="3"><input type="submit" value="Add" style="width:100px"></td>
					</tr>
				</table>
			</td>
		</tr>
	</table>
</form>
			<br><br>
				<table cellspacing="0" cellpadding="0" class="headerTbl">
					<tr>
						<td style="font-weight:bold;vertical-align:bottom;color:white">
							&nbsp;
							<a href="index.php">Salesperson Board</a>		
							&nbsp;|&nbsp;
							<a href="sales.php">Sales Log</a>	
							&nbsp;|&nbsp;
							<a href="?logout">Logout</a>
						</td>
					</tr>
				</table>
<br><br>
<table cellspacing="0" cellpadding="0" style="width:100%">	
	<tr>
		<td style="font-weight:bold">Total: <?= $totalSales ?> sales</td>
		<td style="text-align:right;font-weight:bold">
			<table cellspacing="0" cellpadding="0" class="pageTbl">	
				<tr>
					<td>
<?php
	if($_SESSION['kwchallenge']['page'] > 1)
	{
?>
			<a href="?back"><<</a>
<?php
	}
?>		
					</td>
					<td style="width:80px">
						Page <?= $_SESSION['kwchallenge']['page'] . ' / ' . $maxPage ?>
					</td>
					<td>
<?php
	if($_SESSION['kwchallenge']['page'] < $maxPage)
	{
?>
			<a href="?forward">>></a>
<?php
	}
?>	
					</td>
				</tr>
			</table>		
		</td>
	</tr>
</table>

<div style="height:<?= ($perPage * 20) +25 ?>px">
<table cellspacing="0" cellpadding="0" class="listTbl">	
	<tr>
		<th style="width:15%">First Name</th>
		<th style="width:15%">Last Name</th>
		<th style="width:10%">Phone</th>
		<th style="width:15%">Postal Code</th>
		<th style="width:25%">Vehicle</th>
		<th style="width:15%">Salesman</th>
		<th style="width:5%">&nbsp;</th>		
	</tr>
<?php
	while($sale = mysql_fetch_assoc($salesResults))
	{
?>
	<tr>
		<td><?= $sale['firstname'] ?></td>
		<td><?= $sale['lastname'] ?></td>
		<td><?= $sale['phone'] ?></td>
		<td><?= $sale['postalCode'] ?></td>
		<td><?= trim($sale['year'] . ' ' . $sale['description']) ?></td>
		<td><?= $salesmanArray[$sale['salesman']]['name'] ?></td>
		<td style="padding-right:5px"><a href="#" onClick="return deleteEntry(<?= $sale['salesID'] ?>)">X</a></td>
	</tr>
<?php
	}
?>	
</table>
</div>



<?php
	include_once('footer.php');
?>