File: /home/mckernan/public_html/iJournal/includes/client/updexpcats.php
<?php
// expense categories
// init database name
$database = DB_PREFIX;
// process request
if ($sid != '')
{
// sid check
require "includes/session/sidck.php";
// init return value
$rv = '<root>' . PHP_EOL;
// fetch database name / open db
$db = '';
if ( isset($_POST['db']) ) $db = $_POST['db'];
if ( isset($_GET['db']) ) $db = $_GET['db'];
if ($db == '') die();
$database .= $db;
require "includes/db.php";
// fetch vars
$oh0 = getvar($db, 'oh0', 'string');
$oh1 = getvar($db, 'oh1', 'string');
$oh2 = getvar($db, 'oh2', 'string');
$oh3 = getvar($db, 'oh3', 'string');
$oh4 = getvar($db, 'oh4', 'string');
$oh5 = getvar($db, 'oh5', 'string');
$oh6 = getvar($db, 'oh6', 'string');
$oh7 = getvar($db, 'oh7', 'string');
$oh8 = getvar($db, 'oh8', 'string');
$la0 = getvar($db, 'la0', 'string');
$la1 = getvar($db, 'la1', 'string');
$la2 = getvar($db, 'la2', 'string');
$la3 = getvar($db, 'la3', 'string');
$la4 = getvar($db, 'la4', 'string');
$la5 = getvar($db, 'la5', 'string');
$la6 = getvar($db, 'la6', 'string');
$la7 = getvar($db, 'la7', 'string');
$op0 = getvar($db, 'op0', 'string');
$op1 = getvar($db, 'op1', 'string');
$op2 = getvar($db, 'op2', 'string');
$op3 = getvar($db, 'op3', 'string');
$op4 = getvar($db, 'op4', 'string');
$op5 = getvar($db, 'op5', 'string');
$op6 = getvar($db, 'op6', 'string');
$op7 = getvar($db, 'op7', 'string');
$op8 = getvar($db, 'op8', 'string');
$op9 = getvar($db, 'op9', 'string');
$op10 = getvar($db, 'op10', 'string');
$op11 = getvar($db, 'op11', 'string');
$op12 = getvar($db, 'op12', 'string');
$op13 = getvar($db, 'op13', 'string');
$op14 = getvar($db, 'op14', 'string');
$op15 = getvar($db, 'op15', 'string');
$op16 = getvar($db, 'op16', 'string');
$op17 = getvar($db, 'op17', 'string');
$op18 = getvar($db, 'op18', 'string');
$op19 = getvar($db, 'op19', 'string');
// fetch client info
$query = "UPDATE categories SET
oh_0 = '" . $oh0 . "',
oh_1 = '" . $oh1 . "',
oh_2 = '" . $oh2 . "',
oh_3 = '" . $oh3 . "',
oh_4 = '" . $oh4 . "',
oh_5 = '" . $oh5 . "',
oh_6 = '" . $oh6 . "',
oh_7 = '" . $oh7 . "',
oh_8 = '" . $oh8 . "',
la_0 = '" . $la0 . "',
la_1 = '" . $la1 . "',
la_2 = '" . $la2 . "',
la_3 = '" . $la3 . "',
la_4 = '" . $la4 . "',
la_5 = '" . $la5 . "',
la_6 = '" . $la6 . "',
la_7 = '" . $la7 . "',
op_0 = '" . $op0 . "',
op_1 = '" . $op1 . "',
op_2 = '" . $op2 . "',
op_3 = '" . $op3 . "',
op_4 = '" . $op4 . "',
op_5 = '" . $op5 . "',
op_6 = '" . $op6 . "',
op_7 = '" . $op7 . "',
op_8 = '" . $op8 . "',
op_9 = '" . $op9 . "',
op_10 = '" . $op10 . "',
op_11 = '" . $op11 . "',
op_12 = '" . $op12 . "',
op_13 = '" . $op13 . "',
op_14 = '" . $op14 . "',
op_15 = '" . $op15 . "',
op_16 = '" . $op16 . "',
op_17 = '" . $op17 . "',
op_18 = '" . $op18 . "',
op_19 = '" . $op19 . "'
WHERE 1";
if ($result = $db->query($query))
{
$rv .= '<success>true</success>';
}
else
{
$rv .= '<success></success>';
}
// finish output
$rv .= '</root>' . PHP_EOL;
// return data
echo $rv;
die;
}
else
{
header('Server: ');
header('X-Powered-By: ');
header("HTTP/1.0 404 Not Found");
}
?>