File: /home/mckernan/public_html/iJournal/includes/journal/savedata.php
<?php
// save journal dat
// init database name
$database = DB_PREFIX;
// process request
if ($sid != '')
{
// sid check
require "includes/session/sidck.php";
// fetch database name / open db
$dbname = '';
if ( isset($_POST['db']) ) $dbname = $_POST['db'];
if ( isset($_GET['db']) ) $dbname = $_GET['db'];
if ($dbname == '') die();
$database .= $dbname;
require "includes/db.php";
// fetch / validate params
$id = getvar($db, 'id', 'int');
$per = getvar($db, 'per', 'int');
$gross = getvar($db, 'gross', 'float');
$cogs = getvar($db, 'cogs', 'float');
$in0 = getvar($db, 'in0', 'float');
$in1 = getvar($db, 'in1', 'float');
$in2 = getvar($db, 'in2', 'float');
$in3 = getvar($db, 'in3', 'float');
$oh0 = getvar($db, 'oh0', 'float');
$oh1 = getvar($db, 'oh1', 'float');
$oh2 = getvar($db, 'oh2', 'float');
$oh3 = getvar($db, 'oh3', 'float');
$oh4 = getvar($db, 'oh4', 'float');
$oh5 = getvar($db, 'oh5', 'float');
$oh6 = getvar($db, 'oh6', 'float');
$oh7 = getvar($db, 'oh7', 'float');
$oh8 = getvar($db, 'oh8', 'float');
$la0 = getvar($db, 'la0', 'float');
$la1 = getvar($db, 'la1', 'float');
$la2 = getvar($db, 'la2', 'float');
$la3 = getvar($db, 'la3', 'float');
$la4 = getvar($db, 'la4', 'float');
$la5 = getvar($db, 'la5', 'float');
$la6 = getvar($db, 'la6', 'float');
$la7 = getvar($db, 'la7', 'float');
$op0 = getvar($db, 'op0', 'float');
$op1 = getvar($db, 'op1', 'float');
$op2 = getvar($db, 'op2', 'float');
$op3 = getvar($db, 'op3', 'float');
$op4 = getvar($db, 'op4', 'float');
$op5 = getvar($db, 'op5', 'float');
$op6 = getvar($db, 'op6', 'float');
$op7 = getvar($db, 'op7', 'float');
$op8 = getvar($db, 'op8', 'float');
$op9 = getvar($db, 'op9', 'float');
$op10 = getvar($db, 'op10', 'float');
$op11 = getvar($db, 'op11', 'float');
$op12 = getvar($db, 'op12', 'float');
$op13 = getvar($db, 'op13', 'float');
$op14 = getvar($db, 'op14', 'float');
$op15 = getvar($db, 'op15', 'float');
$op16 = getvar($db, 'op16', 'float');
$op17 = getvar($db, 'op17', 'float');
$op18 = getvar($db, 'op18', 'float');
$op19 = getvar($db, 'op19', 'float');
// update journal entry
$query = "UPDATE journal SET " .
"jrnl_in_gross = " . $gross . ", " . "jrnl_in_cogs = " . $cogs . ", " .
"jrnl_in_0 = " . $in0 . ", " . "jrnl_in_1 = " . $in1 . ", " .
"jrnl_in_2 = " . $in2 . ", " . "jrnl_in_3 = " . $in3 . ", " .
"jrnl_oh_0 = " . $oh0 . ", " . "jrnl_oh_1 = " . $oh1 . ", " .
"jrnl_oh_2 = " . $oh2 . ", " . "jrnl_oh_3 = " . $oh3 . ", " .
"jrnl_oh_4 = " . $oh4 . ", " . "jrnl_oh_5 = " . $oh5 . ", " .
"jrnl_oh_6 = " . $oh6 . ", " . "jrnl_oh_7 = " . $oh7 . ", " .
"jrnl_oh_8 = " . $oh8 . ", " . "jrnl_la_0 = " . $la0 . ", " .
"jrnl_la_1 = " . $la1 . ", " . "jrnl_la_2 = " . $la2 . ", " .
"jrnl_la_3 = " . $la3 . ", " . "jrnl_la_4 = " . $la4 . ", " .
"jrnl_la_5 = " . $la5 . ", " . "jrnl_la_6 = " . $la6 . ", " .
"jrnl_la_7 = " . $la7 . ", " . "jrnl_op_0 = " . $op0 . ", " .
"jrnl_op_1 = " . $op1 . ", " . "jrnl_op_2 = " . $op2 . ", " .
"jrnl_op_3 = " . $op3 . ", " . "jrnl_op_4 = " . $op4 . ", " .
"jrnl_op_5 = " . $op5 . ", " . "jrnl_op_6 = " . $op6 . ", " .
"jrnl_op_7 = " . $op7 . ", " . "jrnl_op_8 = " . $op8 . ", " .
"jrnl_op_9 = " . $op9 . ", " . "jrnl_op_10 = " . $op10 . ", " .
"jrnl_op_11 = " . $op11 . ", " . "jrnl_op_12 = " . $op12 . ", " .
"jrnl_op_13 = " . $op13 . ", " . "jrnl_op_14 = " . $op14 . ", " .
"jrnl_op_15 = " . $op15 . ", " . "jrnl_op_16 = " . $op16 . ", " .
"jrnl_op_17 = " . $op17 . ", " . "jrnl_op_18 = " . $op18 . ", " .
"jrnl_op_19 = " . $op19 . " WHERE jrnl_id = " . $id;
// result
$rv = '<root>' . PHP_EOL;
if ($result = $db->query($query))
{
$rv .= "<success>true</success>" . PHP_EOL;
}
else
{
$rv .= "<success></success>" . PHP_EOL;
}
$rv .= '</root>';
echo $rv;
}
else
{
header('Server: ');
header('X-Powered-By: ');
header("HTTP/1.0 404 Not Found");
}
?>