<?php require_once('../Connections/areaConn.php'); ?>
<?php
date_default_timezone_set("Asia/Bangkok");
if (!isset($_SESSION)) {
session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && true) {
$isValid = true;
}
}
return $isValid;
}
$MM_restrictGoTo = "login.php";
if (!((isset($_SESSION['MM_Adminname'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Adminname'], $_SESSION['MM_AdminGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0)
$MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
$nDate=date("Y-m-d");
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
if(!empty($_FILES["commFile"]["tmp_name"])){
$temp = explode(".", $_FILES["commFile"]["name"]);
$newf="cf".date("Y").date("m").date("d");
$newfilename = $newf.round(microtime(true)) . '.' . end($temp);
$insertSQL = "INSERT INTO hsalary_tb(hs_name, hs_start, hs_around, hs_datein, hs_date, hs_file, hs_status) ";
$insertSQL .="VALUES('".$_POST['hs_name']."','".$_POST['hs_start']."','".$_POST['hs_around']."','".$_POST['hs_datein']."','".$_POST['hs_date']."','".$newfilename."','".$_POST['hs_status']."')";
}else{
//$insertSQL = "INSERT INTO hsalary_tb (hs_name, hs_start, hs_around, hs_datein, hs_date, hs_status) VALUES ('$_POST['hs_name']','$_POST['hs_start']','$_POST['hs_around']','$_POST['hs_datein']','$_POST['hs_date']','$_POST['hs_status']')";
$insertSQL = "INSERT INTO hsalary_tb(hs_name, hs_start, hs_around, hs_datein, hs_date, hs_status) ";
$insertSQL .="VALUES('".$_POST['hs_name']."','".$_POST['hs_start']."','".$_POST['hs_around']."','".$_POST['hs_datein']."','".$_POST['hs_date']."','".$_POST['hs_status']."')";
}
//mysql_select_db($database_areaConn, $areaConn);
$Result1 = mysqli_query($areaConn, $insertSQL);
move_uploaded_file($_FILES["commFile"]["tmp_name"],"commfile/".$newfilename);
$insertGoTo = "mageList.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Office of Kamphaengphet Primary Education Area 2</title>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link href="../css/bootstrap.min.css" rel="stylesheet" />
<script src="../js/jquery.js"></script>
<script src="../js/bootstrap.min.js"></script>
<script type="text/javascript">
$(function(){
$("#commFile").on("change",function(){
var _fileName = $(this).val();
$(this).next("label").text(_fileName);
});
});
</script>
</head>
<body>
<div class="row" style="background-color:seagreen;">
<div class="col-xl-12" style="text-align: center;">
<p style="margin-top:10px; color:whitesmoke;">
<img src="../images/manlogo.png" class="rounded-circle" width="40" height="40">
ระบบนำเข้าข้อมูลการเลื่อนเงินเดือนข้าราชการครูและบุคลากรทางการศึกษา
</p>
</div>
</div>
<div class="row" style="background-color:#FFF; margin:5px;border-radius:5px;">
<div class="col-xl-3 col-lg-3 col-md-3 col-sm-2"></div>
<div class="col-xl-6 col-lg-6 col-md-6 col-sm-8">
<form class="form-group" action="<?php echo $editFormAction; ?>" method="post" enctype="multipart/form-data" name="form1" id="form1">
<div class="card" >
<div class="card-body">
<table style="" class="table">
<tr style="background-color:brown;">
<td colspan="2" style="text-align:center; color:#FFF; height:30px;">เพิ่มรายการเลื่อนเงินเดือนใหม่</td>
</tr>
<tr>
<td align="right" style="color:#009">รายการ :</td>
<td><input class="form-control" type="text" name="hs_name"></td>
</tr>
<tr>
<td align="right" style="color:#009">ให้ได้รับเงินดือนวันที่ :</td>
<td><input class="form-control" type="text" name="hs_start"></td>
</tr>
<tr>
<td align="right" style="color:#009">คำสั่งเลขที่ :</td>
<td><input type="text" name="hs_around" class="form-control"></td>
</tr>
<tr>
<td align="right" style="color:#009">ลงวันที่ :</td>
<td>
<input type="text" name="hs_datein" class="form-control" >
</div>
</td>
</tr>
<tr>
<td align="right" style="color:#009">เอกสาร :</td>
<td>
<div class="custom-file">
<input class="custom-file-input" type="file" name="commFile" id="commFile" />
<label class="custom-file-label" for="commFile">เลือกแฟ้มข้อมูล</label>
</div>
</td>
</tr>
<tr >
<td align="right" style="color:#009">สถานะ :</td>
<td>
<select name="hs_status" class="form-control">
<option value="N" <?php if (!(strcmp("N", ""))) {echo "SELECTED";} ?>>เปิดใช้</option>
<option value="P" <?php if (!(strcmp("P", ""))) {echo "SELECTED";} ?>>ยกเลิก</option>
</select>
</td>
</tr>
<tr>
<td colspan="2" style="text-align:center">
<input name="saveBTN" class="btn btn-danger" type="submit" id="saveBTN" value="บันทึก" />
<button type="button" class="btn btn-primary" onclick="window.location.href='mageList.php'">ย้อนกลับ</button>
</td>
</tr>
</table>
</div>
</div>
<input type="hidden" name="MM_insert" value="form1" />
<input type="hidden" name="hs_date" value="<?php echo $nDate;?>"/>
</form>
</div>
<div class="col-xl-3 col-lg-3 col-md-3 col-sm-2"></div>
</div>
</body>
</html>
