File: /home/mckernan/public_html/iJournal/includes/client/updinccats.php
<?php
// income categories
// init database name
$database = DB_PREFIX;
// process request
if ($sid != '')
{
// sid check
require "includes/session/sidck.php";
// init return value
$rv = '<root>' . PHP_EOL;
// fetch database name / open db
$db = '';
if ( isset($_POST['db']) ) $db = $_POST['db'];
if ( isset($_GET['db']) ) $db = $_GET['db'];
if ($db == '') die();
$database .= $db;
require "includes/db.php";
// fetch vars
$gross = getvar($db, 'gro', 'string');
$hascogs = getvar($db, 'hasc', 'int');
$cogs = getvar($db, 'cog', 'string');
$in0 = getvar($db, 'in0', 'string');
$in1 = getvar($db, 'in1', 'string');
$in2 = getvar($db, 'in2', 'string');
$in3 = getvar($db, 'in3', 'string');
// fetch client info
$query = "UPDATE categories SET
in_gross = '" . $gross . "',
in_hascogs = " . $hascogs . ",
in_cogs = '" . $cogs . "',
in_0 = '" . $in0 . "',
in_1 = '" . $in1 . "',
in_2 = '" . $in2 . "',
in_3 = '" . $in3 . "'
WHERE 1";
echo $query;
if ($result = $db->query($query))
{
$rv .= '<success>true</success>';
}
else
{
$rv .= '<success></success>';
}
// finish output
$rv .= '</root>' . PHP_EOL;
// return data
echo $rv;
die;
}
else
{
header('Server: ');
header('X-Powered-By: ');
header("HTTP/1.0 404 Not Found");
}
?>