CasperSecurity

Current Path : /var/www/acasv2.uiet.co.in/v.2.0/api/request/sales/dkitchen_bill_back/
Upload File :
Current File : /var/www/acasv2.uiet.co.in/v.2.0/api/request/sales/dkitchen_bill_back/kitchen_bill_insert_api.php

  <?php
session_start();
include '../../../../web/connection/connection.php';
include '../../../../web/connection/con.php';
include '../../../../web/connection/functions/encryption.php';


  $userId   = $_SESSION['USER_ID'];
   
   $db_handle = new DBController();
   $ku= $db_handle-> runQuery("SELECT * FROM user WHERE user_id = '$userId' ");
  foreach($ku as $vu){
    $employee_idu = $vu['employee_id'];
	  }
	  $db_handle = new DBController();
	  $kc= $db_handle-> runQuery("SELECT * FROM counter_sale WHERE employee_id = '$employee_idu' ");
	  foreach($kc as $vc){
	     $employeecs_id = $vc['employee_id'];
	     $counter_nos = $vc['counter_no'];
	     $from_time = $vc['from_time'];
	     $to_time = $vc['to_time'];
	  }  
 
  $customer_mobileno = $_POST['customer_id'];

  $db_handle = new DBController();
   $custdetailsnum = $db_handle-> numRows("SELECT * FROM customer WHERE customer_mobile_no = '$customer_mobileno' "); 
  
 $db_handle = new DBController();
  $custdetails = $db_handle-> runQuery("SELECT * FROM customer WHERE customer_mobile_no = '$customer_mobileno' ");
  foreach($custdetails as $vc)  {
    $customer_id = $vc['customer_id'];
  }
  
 $paymenttype = $_POST['pmode'];
 if($paymenttype == 'Cash Payment'){
	 
  
  $sale_type = 'Cash';
  $payment_status = 'paid';
 }else{
  
  $sale_type = 'Online';
  $payment_status = 'paid';	
 }


date_default_timezone_set("Asia/Kolkata");
$sales_invoice_date = date("Y-m-d H:i:s");

$gross_amount = $_POST['gross_amount'];
$tax_amount = $_POST['tax_amount'];
$net_amount = $_POST['net_amount'];
$bill_discountpes = $_POST['bill_discountpes'];
//$discount_amt = $_POST['discount_amt'];
 
 $discountamt = $net_amount * $bill_discountpes/100; 
 $discountamty = number_format((float)$discountamt,2,'.','');
$payable_amtt = $net_amount - $discountamt;  
$payable_amt = number_format((float) $payable_amtt,2,'.','');


$selecttrpsin ="SELECT * FROM daily_kitchen_sale ORDER BY daily_kitchen_sale_id DESC";
 $querytrpsin=mysqli_query($con, $selecttrpsin);
 $resulttrpsin=mysqli_fetch_assoc($querytrpsin);
 $sales_id = $resulttrpsin['daily_kitchen_sale_id']+1;
 $zero = 0;
 $qut = 'SKIN';
 $year = date("Y");
  $sale_invoice_noyy = $qut.'-'.$year.'-'.$zero.''.$zero.''.$zero.''.$zero.''.$sales_id;
if(($sales_id >= '10') && ($sales_id < '100')){
$sale_invoice_no = $qut.'-'.$year.'-'.$zero.''.$zero.''.$zero.''.$sales_id;
}elseif(($sales_id >= '100')&&($sales_id < '1000')){
   $sale_invoice_no = $qut.'-'.$year.'-'.$zero.''.$zero.''.$sales_id;	
}elseif($sales_id >= '1000'){
	$sale_invoice_no = $qut.'-'.$year.'-'.$sales_id;
}else{
	 $sale_invoice_no = $sale_invoice_noyy;
}

$date = date("Y-m-d");
$active = 'yes';

$customer_idenct = amebi_crypt($customer_id,e);
$saleinvoicenoenct = amebi_crypt($sale_invoice_no,e);
$payable_amtenct = amebi_crypt($net_amount,e);
$paymenttypeenct = amebi_crypt($paymenttype,e);

if($custdetailsnum == '0'){
	
	$_SESSION['ERROR_MSG'] = "Please Add Customer";
		      $_SESSION['MSG_ALRT'] = "FALSE";
			  
		     header('location:../../../../web/home/modules/sales/daily_kitchen_billing/daily_kitchen_bill_grid.php');
}else{

    $db_handle = new DBController();
	$newInsert = $db_handle->tableinsert("INSERT INTO daily_kitchen_sale(kitchen_sale_type,kitchen_saleInvoice_no,kitchen_sale_date,customer_id,employee_id,counter_no,from_time,to_time,gross_amount,discount_amount,bill_dicount_rate,net_amount,sales_status,payment_status,payment_mode,created_on,created_by,is_active) 
	VALUES ('$sale_type','$sale_invoice_no','$sales_invoice_date','$customer_id','$employeecs_id','$counter_nos','$from_time','$to_time','$gross_amount','$discountamty','$bill_discountpes','$net_amount','$payment_status','$payment_status','$paymenttype','$date','$userId','$active')");

    foreach($_SESSION['cart_itemss'] as $k => $v) {
	   $product = $v['itm'];
	   
	 
	
	   $sales_quantity = $v['qt'];
	   $unit_rate = $v['rt'];
	   $amountz = $v['amt'];
	   $sale_discount_rate = $v['dr'];
	   $discountamt = $v['dram'];
	   $dimension = $v['dimension'];
	   $daily_item_dimension_id = $v['dmid'];
	  

	   
	   $net_amt = $v['namt']; 
	   $puritem_id = $v['puritem_id'];
	   $purchase_qty = $v['purqty'];
	   $soldqty = $v['soldqty'];
	

	   	//$ksamt = $sales_quantity * $amountz;
	$db_handle = new DBController();
    $newInsert2 = $db_handle->tableinsert("INSERT INTO kitchen_sales_item(daily_kitchen_sale_id,daily_item_dimension_id,kitchen_sale_quantity,kitchen_sale_mrp,kitchen_sale_amount) 
	VALUES ('$newInsert','$daily_item_dimension_id','$sales_quantity','$unit_rate','$amountz')");
    
		  
	}	

 
if($newInsert2 == TRUE){ 
			
			  $_SESSION['ERROR_MSG'] = "Success";
		      $_SESSION['MSG_ALRT'] = "TRUE";
			  unset($_SESSION["cart_itemss"]);
 header('location:../../../../web/home/modules/sales/daily_kitchen_billing/sales_print_role.php?salesinvoiceno='.$saleinvoicenoenct);

		 }else{
			 $_SESSION['ERROR_MSG'] = "Unsuccess";
		     $_SESSION['MSG_ALRT'] = "FALSE";
			 unset($_SESSION["cart_itemss"]);
		      
			   header('location:../../../../web/home/modules/sales/daily_kitchen_billing/sales_print_role.php?salesinvoiceno='.$saleinvoicenoenct);
		}
	}
Hacker Blog, Shell İndir, Sql İnjection, XSS Attacks, LFI Attacks, Social Hacking, Exploit Bot, Proxy Tools, Web Shell, PHP Shell, Alfa Shell İndir, Hacking Training Set, DDoS Script, Denial Of Service, Botnet, RFI Attacks, Encryption
Telegram @BIBIL_0DAY