Whole Life Times SALES DATABASE

[+] Email $v) $_REQUEST[$k] = trim($v); foreach($_POST as $k => $v) $_POST[$k] = trim($v); foreach($_GET as $k => $v) $_GET[$k] = trim($v); // set missing page # to 1 if($_REQUEST['page']=='') $page = 1; else $page = intval($_REQUEST['page']); $qs = $_SERVER["QUERY_STRING"]; // submit if($_POST['submit']=='submit') { //prepare $updates = $_POST; $updates['scheduled'] = $updates['sh_year'].$updates['sh_month'].$updates['sh_day']; foreach(array('sh_month','sh_day','sh_year','submit') as $remove) unset($updates[$remove]); // update if($_POST['customer_number']!='') { _DATABASE::update('companies',$updates,"customer_number=".$updates['customer_number']); //_UTILS::print_a($updates); } // insert else { unset($updates['customer_number']); _DATABASE::insert('companies',$updates); } } // filtered search $where = array(); if($_REQUEST['searchNumber']!='') $where[] = "customer_number = '".intval($_REQUEST['searchNumber'])."'"; if($_REQUEST['searchCompany']!='') $where[] = "concat(' ',company) LIKE '% "._DATABASE::escape($_REQUEST['searchCompany'])."%'"; if($_REQUEST['searchCity']!='') $where[] = "city LIKE '"._DATABASE::escape($_REQUEST['searchCity'])."%'"; if($_REQUEST['searchState']!='') $where[] = "state = '"._DATABASE::escape($_REQUEST['searchState'])."'"; if($_REQUEST['searchZip']!='') $where[] = "zip LIKE '"._DATABASE::escape($_REQUEST['searchZip'])."%'"; if($_REQUEST['searchOwner']!='') $where[] = "owner = '"._DATABASE::escape($_REQUEST['searchOwner'])."'"; if($_REQUEST['searchHistory']!='') $where[] = "history = '"._DATABASE::escape($_REQUEST['searchHistory'])."'"; if($_REQUEST['searchStatus']!='') $where[] = "status = '"._DATABASE::escape($_REQUEST['searchStatus'])."'"; if($_REQUEST['searchScheduled']!='') { $where[] = "scheduled <> ''"; $order[] = "scheduled"; } // paging if($_REQUEST['search']=='<< prev') { $page--; $qs = str_replace("page=".$_REQUEST['page'],"page=".$page,$qs); $qs = str_replace("search=".urlencode($_REQUEST['search']),"search=SEARCH",$qs); } if($_REQUEST['search']=='next >>') { $page++; $qs = str_replace("page=".$_REQUEST['page'],"page=".$page,$qs); $qs = str_replace("search=".urlencode($_REQUEST['search']),"search=SEARCH",$qs); } // if(count($where)>0) $where = 'WHERE '.implode(" AND ",$where); else $where = ''; if(count($order)>0) $order = 'ORDER BY '.implode(",",$order); else $order = ''; // count pages $limit = 30; if($page==1) $prev_disabled = 'disabled="disabled"'; else $prev_disabled==''; $result = _DATABASE::query("SELECT * FROM companies $where $order"); $count_rows = _DATABASE::count_rows($result); $pages_count = ceil($count_rows/$limit); if($page>$pages_count) $page=$pages_count; if($page<1) $page=1; if($page==$pages_count) $next_disabled = 'disabled="disabled"'; else $next_disabled==''; // real request $offset = $limit*($page-1); //echo "$page/$pages_count ($offset/$count_rows)"; $query = "SELECT * FROM companies $where $order LIMIT $offset,$limit"; //echo "

$query

"; $result = _DATABASE::query($query); $rows = _DATABASE::fetch($result); // output html echo "\n".''."\n"; // filter $states_list = array_merge(array(''),_DATABASE::unique('companies','state')); $owners_list = array_merge(array('','--UNASSIGNED--'),_DATABASE::unique('users','user')); $history_list = array_merge(array(''),_DATABASE::unique('companies','history')); $status_list = array_merge(array(''),_DATABASE::unique('companies','status')); echo ' '."\n"; echo ' '."\n"; echo ' '."\n"; echo ' '."\n"; echo ' '."\n"; echo ' '."\n"; echo ' '."\n"; echo ' '; //number echo ' '; //company echo ' '; //city echo ' '; //state echo ' '; //zip echo ' '; //owner echo ' '; //history echo ' '; //status echo ' '; //scheduled echo ' '; echo ' '; // header echo " "; $fields = array('customer_number','company','city','state','zip','owner','history','status','scheduled'); foreach($fields as $field) { if($field=='customer_number') $field=' #'; echo ' '; } // data rows foreach($rows as $row) { echo " \n"; echo " \n"; foreach($fields as $field) { if($field == 'customer_number') $cell = ''.$row[$field].''; else { if($row[$field]=='') $cell = ' '; else $cell = htmlspecialchars($row[$field]); if($_REQUEST['searchCompany']!=''&&$field=='company') { $pos = strpos(strtolower($row[$field]),strtolower($_REQUEST['searchCompany'])); $len = strlen($_REQUEST['searchCompany']); $cell = htmlspecialchars(substr($row[$field],0,$pos)).''.htmlspecialchars(substr($row[$field],$pos,$len)).''.htmlspecialchars(substr($row[$field],$pos+$len)); } if($field=='scheduled'&&$row[$field]!='') { $cell = substr($row[$field],4,2).'/'.substr($row[$field],6).'/'.substr($row[$field],0,4); } } echo ' '; } } echo " "; // no results if(count($rows)==0) echo ''."\n"; echo "

	page of '.$pages_count.'
		'._HTML::select('searchState',$states_list,$_REQUEST['searchState']).'	'._HTML::select('searchOwner',$owners_list,$_REQUEST['searchOwner']).'	'._HTML::select('searchHistory',$history_list,$_REQUEST['searchHistory']).'	'._HTML::select('searchStatus',$status_list,$_REQUEST['searchStatus']).'	'._HTML::select('searchScheduled',array('','scheduled'),$_REQUEST['searchScheduled']).'
'.$field.'
'.$cell.'
no results

"; ?>