Path : /var/www/html/smart_kpp2_bk17 มีค 69/modules/book/expand/
File Upload :
Current File : /var/www/html/smart_kpp2_bk17 มีค 69/modules/book/expand/register_receive.php

<?php
define( "_VALID_", 1 );
header("Cache-Control: no-store, no-cache, must-revalidate");             
header("Cache-Control: post-check=0, pre-check=0", false);   
echo '<?xml version="1.0" encoding="utf-8"?>';

require_once "../../../amssplus_connect.php";	

///////////////////
$remote_sync=$_GET['sync'];   
$remote_ip=base64_decode($_GET['get_serv']);   
$person=base64_decode($_GET['get_person']);   
$position_code=$_GET['position_code'];  

if($_GET['get_status']>4){
exit();
}

					$sql = "select * from  system_sync_smss_2 where  office_code='$_GET[get_office]'";
					$dbquery = mysqli_query($connect,$sql);
					$result = mysqli_fetch_array($dbquery);
					if($result){
					$sync_code=$result['sync_code'];
					
								if($sync_code==$remote_sync){
								$_SESSION['remote_user_office']=$_GET['get_office'];
								}
								else{
								exit();
								}
								if($remote_ip!=$result['remote_ip']){
								exit();
								}
					}
					else{   
						exit();
					}

//ส่วนบุคลากร
			$rec_date = date("Y-m-d");			
			$prename=base64_decode($_GET['get_prename']); 
			$name=base64_decode($_GET['get_name']);   
			$surname=base64_decode($_GET['get_surname']);   
			$_SESSION['remote_user_id']=$person;

			$sql_person = "select * from person_sch_main where school_code='$_GET[get_office]' and person_id='$person'";
			$dbquery_person = mysqli_query($connect,$sql_person);
			$person_num = mysqli_num_rows($dbquery_person);
			
			if($person_num<1){
			$sql_person2 = "select id from person_sch_other where school_code='$_GET[get_office]' and person_id='$person'";
			$dbquery_person2 = mysqli_query($connect,$sql_person2);
			$person_num = mysqli_num_rows($dbquery_person2);
			}
			
						if($person_num<1){
						$sql = "insert into person_sch_main (person_id,prename,name,surname,position_code,school_code,status,rec_date) values ( '$person','$prename','$name','$surname','$position_code','$_GET[get_office]','9','$rec_date')";
						$result_insert = mysqli_query($connect,$sql);
								if(!($result_insert)){
								?>
								<info>
									<office_code><?php echo base64_encode("อาจมีรายชื่อเป็นบุคลากรในโรงเรียนอื่น กรุณาตรวจสอบกับ สพท.");?></office_code>
									<book_active><?php echo base64_encode("0");?></book_active>
								</info>
								<?php
								exit();
								}
						}
						
$_SESSION['remote_login_status']=$_GET['get_status'];  
//////////////////////////

$sql="select * from book_main, book_sendto_answer where book_main.ref_id=book_sendto_answer.ref_id and  book_sendto_answer.send_to='$_SESSION[remote_user_office]' and book_sendto_answer.status is null and book_sendto_answer.answer is null and  book_sendto_answer.school is null  order by book_main.ms_id";

$objQuery = mysqli_query($connect,$sql);
$num_row=mysqli_num_rows($objQuery);
			if($num_row<1){
			$text="ไม่มีหนังสือราชการใหม่ที่ยังไม่ได้รับ";
			$book_actice=0;
			}
			else{
			$text="";
			$book_actice=1;
			}
$day_now=date("Y-m-d H:i:s");
?>
<info>
	<office_code><?php echo base64_encode($text);?></office_code>
	<book_active><?php echo base64_encode($book_actice);?></book_active>
	<bookobec>
			<?php
			while($obResult=mysqli_fetch_array($objQuery))
			{
			$office_code=$obResult['office'];
			
			//ลงทะเบียนหนังสือรับamss++
			$sql_answer = mysqli_query($connect,"update book_sendto_answer set answer='1', answer_time='$day_now' where ref_id='$obResult[ref_id]' and send_to='$_SESSION[remote_user_office]'") ;
			
			//หาชื่อหน่วยงาน
			$office_name="";
			$sql_office="select workgroup_desc from system_workgroup where workgroup='$office_code'";
			$dbquery_office = mysqli_query($connect,$sql_office);
			$result_office = mysqli_fetch_array($dbquery_office);
			if($result_office){
			$office_name="สพท."."(".$result_office['workgroup_desc'].")";
			}
			else{
			$sql_office="select school_name from system_school where school_code='$office_code'";
			$dbquery_office = mysqli_query($connect,$sql_office);
			$result_office = mysqli_fetch_array($dbquery_office);
			$office_name=$result_office['school_name'];
			}
			?>
			
			<item>
				<ms_id><?php echo base64_encode($obResult['ms_id']);?></ms_id>
				<bookno><?php echo base64_encode($obResult['bookno']);?></bookno>
				<ref_id><?php echo base64_encode($obResult['ref_id']);?></ref_id>
				<level><?php echo base64_encode($obResult['level']);?></level>
				<signdate><?php echo base64_encode($obResult['signdate']);?></signdate>
				<subject><?php echo base64_encode($obResult['subject']);?></subject>
				<detail><?php echo base64_encode($obResult['detail']);?></detail>
				<send_date><?php echo base64_encode($obResult['send_date']);?></send_date>
				<office><?php echo base64_encode($office_code);?></office>
				<office_name><?php echo base64_encode($office_name);?></office_name>
			</item>
		<?php
		}
		?>
	</bookobec>
</info>