CasperSecurity

Current Path : /var/www/acasv2.uiet.co.in/v.2.0/api/request/sales/employee_api/
Upload File :
Current File : /var/www/acasv2.uiet.co.in/v.2.0/api/request/sales/employee_api/employee_add_api.php

 <?php
session_start();
include '../../../../web/connection/connection.php';	


 $employee_type = $_REQUEST['employee_type'];
 $empcode = $_REQUEST['emp_code'];
 $first_name = $_REQUEST['first_name'];
 $last_name = $_REQUEST['last_name'];
$address = $_REQUEST['address'];
$mobile_no = $_REQUEST['mobile_no'];
$mail_id = $_REQUEST['mail_id'];
$father_name = $_REQUEST['father_name'];
$father_mobil_no = $_REQUEST['father_mobil_no'];
$dateofbirth = $_REQUEST['dateofbirth'];
$joining_date = $_REQUEST['joining_date'];
$pfno = $_REQUEST['pfno'];
$esi_no = $_REQUEST['esi_no'];
$department_name = $_REQUEST['department_name'];
$designation_name = $_REQUEST['designation_name'];
$education = $_REQUEST['education'];
$institution = $_REQUEST['institution'];
$pass_year = $_REQUEST['pass_year'];
 $marks = $_REQUEST['marks'];

$imgname = $_FILES['photo']['name'];
$photoPath = "../../../../web/uploads/imguploads/";
$imgtype = pathinfo($imgname,PATHINFOEXTENSION);
$maxsize = 2097152;
$tempname = $_FILES['photo']['tmp_name'];
$photoUpload = move_uploaded_file($tempname,$photoPath.$imgname);


$imgnamee = $_FILES['signature']['name'];
$photoPath = "../../../../web/uploads/imguploads/";
$imgtype = pathinfo($imgnamee,PATHINFOEXTENSION);
$maxsize = 2097152;
$tempname = $_FILES['signature']['tmp_name'];
$photoUpload = move_uploaded_file($tempname,$photoPath.$imgnamee);

$employee_id_from_date = $_REQUEST['employee_id_from_date'];
$employee_id_to_date = $_REQUEST['employee_id_to_date'];



date_default_timezone_set("Asia/Kolkata");
$date = date("Y-m-d H:i:s");
$active = 'yes';
 $userId   = $_SESSION['USER_ID'];
//$userId = '1';

/*
$db_handle = new DBController();
$empp = $db_handle->runQuery("SELECT * FROM employee ORDER BY employee_id DESC LIMIT 1");
foreach($empp as $bankcash){
     $employee_id = $bankcash['employee_id'];
	 $employee_ida = $employee_id + 1;
	  $employee_code = '000'.$employee_ida;
	 

}
$zero = '000'; 
if(isset($empp)){
	$empcode = $employee_code;
}else{
	$empcode = $zero.'1';
	}	
*/
$db_handle = new DBController();
$emp = $db_handle->runQuery("SELECT * FROM employee_type
 WHERE employee_type = '$employee_type'");
 
foreach($emp as $empresult){
 $employee_type_id = $empresult['employee_type_id'];
}

$db_handle = new DBController();
$dept = $db_handle->runQuery("SELECT * FROM department WHERE department_name = '$department_name'");
foreach($dept as $deptresult){
 $department_id = $deptresult['department_id'];
}


$db_handle = new DBController();
$design = $db_handle->runQuery("SELECT * FROM designation WHERE designation_name = '$designation_name'");
foreach($design as $designationresult){
 $designation_id = $designationresult['designation_id'];

}


//if(!empty($first_name)){
	

   $db_handle = new DBController();
$denumrows = $db_handle->numRows("SELECT * FROM employee_type WHERE employee_type = '$employee_type'");
if($denumrows >= '1'){
	$newInsertt = $employee_type_id;
}else{
	    
	$db_handle = new DBController();
	    $newInsertt = $db_handle->tableinsert("INSERT INTO  employee_type(employee_type,created_on,created_by,is_active) 
		VALUES ('$employee_type','$date','$userId','$active')");
}
	
		
$db_handle = new DBController();
$deptnumrows = $db_handle->numRows("SELECT * FROM department WHERE department_name = '$department_name'");
if($deptnumrows >= '1'){
	$newInserttt = $department_id;
}else{	
	$db_handle = new DBController();
	    $newInserttt = $db_handle->tableinsert("INSERT INTO  department(department_name,created_on,created_by,dep_is_active) 
		VALUES ('$department_name','$date','$userId','$active')");
	
}
	
$db_handle = new DBController();
$designumrows = $db_handle->runQuery("SELECT * FROM designation WHERE designation_name = '$designation_name'");	
if($designumrows >= '1'){
	$newInserth = $designation_id;
}else{	
     $db_handle = new DBController();
	    $newInserth = $db_handle->tableinsert("INSERT INTO  designation(designation_name,created_on,created_by,is_active) 
		VALUES ('$designation_name','$date','$userId','$active')");
}	
	
  $db_handle = new DBController();
	    $newInsert = $db_handle->tableinsert("INSERT INTO  employee(employee_code,employee_type_id,first_name,last_name,address,mobile_no,mail_id,father_name,father_mobil_no,dateofbirth,joining_date,pfno,esi_no,department_id,designation_id,education,institution,pass_year,marks,photo,signature,employee_id_from_date,employee_id_to_date,created_on,created_by,emp_is_active) 
		VALUES ('$empcode','$newInsertt','$first_name','$last_name','$address','$mobile_no','$mail_id','$father_name','$father_mobil_no','$dateofbirth','$joining_date','$pfno','$esi_no','$newInserttt','$newInserth','$education','$institution','$pass_year','$marks','$imgname','$imgnamee','$employee_id_from_date','$employee_id_to_date','$date','$userId','$active')");
	
	
		
if($newInsert == TRUE){ 
			
			$_SESSION['ERROR_MSG'] = "Success";
		  $_SESSION['MSG_ALRT'] = "TRUE";
	header('location:../../../../web/home/modules/sales/employee/employee_gridview.php');
		}else{
			 $_SESSION['ERROR_MSG'] = "Unsuccess";
		  $_SESSION['MSG_ALRT'] = "FALSE";
	header('location:../../../../web/home/modules/sales/employee/employee_gridview.php');
		}
			
	
//}

?>
Hacker Blog, Shell İndir, Sql İnjection, XSS Attacks, LFI Attacks, Social Hacking, Exploit Bot, Proxy Tools, Web Shell, PHP Shell, Alfa Shell İndir, Hacking Training Set, DDoS Script, Denial Of Service, Botnet, RFI Attacks, Encryption
Telegram @BIBIL_0DAY