<?php require_once('../Connections/areaConn.php'); ?>
<?php
date_default_timezone_set('Asia/Bangkok');
if (!isset($_SESSION)) {
session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && true) {
$isValid = true;
}
}
return $isValid;
}
$MM_restrictGoTo = "login.php";
if (!((isset($_SESSION['MM_Adminname'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Adminname'], $_SESSION['MM_AdminGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0)
$MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
?>
<?php
$nDate=date("Y-m-d");
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
if(!empty($_FILES["commFile"]["tmp_name"])){
$temp = explode(".", $_FILES["commFile"]["name"]);
$newf="cf".date("Y").date("m").date("d");
$newfilename = $newf.round(microtime(true)) . '.' . end($temp);
$updateSQL = "UPDATE hhsalary_tb SET hs_name='".$_POST['hs_name']."',hs_start='".$_POST['hs_start']."',hs_around='".$_POST['hs_around']."',hs_datein='".$_POST['hs_datein']."',hs_date='".$_POST['hs_date']."',hs_file='".$newfilename."',hs_status='".$_POST['hs_status']."' WHERE hs_id=".$_POST['hs_id'];
}else{
$updateSQL = "UPDATE hhsalary_tb SET hs_name='".$_POST['hs_name']."',hs_start='".$_POST['hs_start']."',hs_around='".$_POST['hs_around']."',hs_datein='".$_POST['hs_datein']."',hs_date='".$_POST['hs_date']."',hs_status='".$_POST['hs_status']."' WHERE hs_id=".$_POST['hs_id'];
}
$Result1 = mysqli_query($areaConn,$updateSQL);
move_uploaded_file($_FILES["commFile"]["tmp_name"],"commfile/".$newfilename);
$updateGoTo = "mageListManager.php";
if (isset($_SERVER['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $updateGoTo));
}
$colname_viewList = "-1";
if (isset($_GET['id'])) {
$colname_viewList = $_GET['id'];
}
$query_viewList = "SELECT * FROM hhsalary_tb WHERE hs_id =$colname_viewList";
$viewList = mysqli_query($areaConn,$query_viewList);
$row_viewList = mysqli_fetch_assoc($viewList);
$totalRows_viewList = mysqli_num_rows($viewList);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="viewport" content="width=device-width,initial-scale=1">
<title>Office of Kamphaengphet Primary Education Area 2</title>
<link href="../css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<script src="../js/bootstrap.min.js"></script>
<script src="../js/jquery.js"></script>
<script type="text/javascript">
$(function(){
$("#commFile").on("change",function(){
var _fileName = $(this).val();
$(this).next("label").text(_fileName);
});
});
</script>
</head>
<body>
<div class="row" style="background-color:seagreen;">
<div class="col-xl-12" style="text-align: center;">
<p style="margin-top:10px; color:whitesmoke;">
<img src="../images/manlogo.png" class="rounded-circle" width="40" height="40">
ระบบนำเข้าข้อมูลสมาชิกบุคลากรทางการศึกษา(ผู้บริหาร)
</p>
</div>
</div>
<div class="row" style="background-color:#FFF;margin-top:5px;margin-left:5px;margin-right:5px;border-radius:5px;">
<div class="col-xl-3 col-lg-3 col-md-3 col-sm-2"></div>
<div class="col-xl-6 col-lg-6 col-md-6 col-sm-8">
<form action="<?php echo $editFormAction; ?>" method="post" enctype="multipart/form-data" name="form1" id="form1">
<div class="card">
<div class="card-body">
<table class="table">
<tr style="background-color:brown; color:#FFF;">
<td style="text-align:center;" colspan="2">แก้ไขข้อมูล</td>
</tr>
<tr valign="baseline">
<td align="right" valign="top" nowrap="nowrap">รายการ :</td>
<td><input type="text" name="hs_name" class="form-control" value="<?php echo htmlentities($row_viewList['hs_name'], ENT_COMPAT, 'utf-8'); ?>" size="30"/></td>
</tr>
<tr valign="baseline">
<td align="right" valign="top" nowrap="nowrap">ให้ได้รับเงินเดือนวันที่ :</td>
<td><input type="text" name="hs_start" class="form-control" value="<?php echo htmlentities($row_viewList['hs_start'], ENT_COMPAT, 'utf-8'); ?>" size="30"/></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">คำสั่งเลขที่ :</td>
<td><input name="hs_around" type="text" class="form-control" value="<?php echo htmlentities($row_viewList['hs_around'], ENT_COMPAT, 'utf-8'); ?>" size="30" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">ลงวันที่ :</td>
<td><input name="hs_datein" type="text" class="form-control" value="<?php echo htmlentities($row_viewList['hs_datein'], ENT_COMPAT, 'utf-8'); ?>" size="30" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">เอกสาร :</td>
<td>
<div class="custom-file">
<input clase="custom-file-input" name="commFile" type="file" id="commFile">
<label class="custom-file-label" for="commFile"></label>
</div>
</td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">สถานะ :</td>
<td><select name="hs_status" class="form-control">
<option value="N" <?php if (!(strcmp("N", htmlentities($row_viewList['hs_status'], ENT_COMPAT, 'utf-8')))) {echo "SELECTED";} ?>>เปิดใช้</option>
<option value="P" <?php if (!(strcmp("P", htmlentities($row_viewList['hs_status'], ENT_COMPAT, 'utf-8')))) {echo "SELECTED";} ?>>ยกเลิก</option>
</select></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"> </td>
<td>
<input class="btn btn-success" name="updateBTN" type="submit" id="updateBTN" value="บันทึก" class="ibtn" />
<button type="button" class="btn btn-danger" onclick="JavaScript:window.location.href='mageListManager.php';">ยกเลิก</button>
</td>
</tr>
</table>
</div>
</div>
<input type="hidden" name="hs_date" value="<?php echo $nDate;?>" />
<input type="hidden" name="MM_update" value="form1" />
<input type="hidden" name="hs_id" value="<?php echo $row_viewList['hs_id']; ?>" />
</form>
</div>
<div class="col-xl-3 col-lg-3 col-md-3 col-sm-2"></div>
</div>
</body>
</html>
<?php
mysql_free_result($viewList);
?>
