CasperSecurity

Current Path : /var/www/acasv2.uiet.co.in/v.2.0/api/request/sales/sales_invoice_api/
Upload File :
Current File : /var/www/acasv2.uiet.co.in/v.2.0/api/request/sales/sales_invoice_api/sales_invoice_insert_api.php

 <?php
session_start();
include '../../../../web/connection/connection.php';
include '../../../../web/connection/con.php';
include '../../../../web/connection/functions/encryption.php';

$sales_order_id = $_POST['sales_order_id'];
$sale_type = 'Credit';
$sales_invoice_date = $_POST['sales_invoice_date'];
$customer_id = $_POST['customer_id'];
$gross_amount = $_POST['gross_amount'];
$tax_amount = $_POST['tax_amount'];
$discountamt = $_POST['total_discountamt'];
$net_amount = $_POST['net_amount'];
$payment_status = 'due';

$selecttrpsin ="SELECT * FROM sales ORDER BY sales_id DESC";
 $querytrpsin=mysqli_query($con, $selecttrpsin);
 $resulttrpsin=mysqli_fetch_assoc($querytrpsin);
 $sales_id = $resulttrpsin['sales_id']+1;
 $zero = 0;
 $qut = 'SIN';
 $year = date("Y");
  $sale_invoice_noyy = $qut.'-'.$year.'-'.$zero.''.$zero.''.$zero.''.$zero.''.$sales_id;
if(($sales_id >= '10') && ($sales_id < '100')){
$sale_invoice_no = $qut.'-'.$year.'-'.$zero.''.$zero.''.$zero.''.$sales_id;
}elseif(($sales_id >= '100')&&($sales_id < '1000')){
   $sale_invoice_no = $qut.'-'.$year.'-'.$zero.''.$zero.''.$sales_id;	
}elseif($sales_id >= '1000'){
	$sale_invoice_no = $sales_id;
}else{
	 $sale_invoice_no = $sale_invoice_noyy;
}


$date = date("Y-m-d");
$active = 'yes';
$userId   = $_SESSION['USER_ID'];

if(!empty($sales_order_id)){

    $db_handle = new DBController();
	$newInsert = $db_handle->tableinsert("INSERT INTO sales(sales_order_id,sale_type,saleInvoice_no,sale_invioce_date,customer_id,gross_amount,tax_amount,discount_amount,net_amount,payment_status,created_on,created_by,is_active) 
	VALUES ('$sales_order_id','$sale_type','$sale_invoice_no','$sales_invoice_date','$customer_id','$gross_amount','$tax_amount','$discountamt','$net_amount','$payment_status','$date','$userId','$active')");

    $jj = $_SESSION['LAST_NO'];
	    for($i=1;$i<$jj;$i++){
		  //$daily_production_batch_detail_id = $_POST['daily_production_batch_detail_id_'.$i];
		  $sales_quantity = $_POST['sales_quantity_'.$i];
		  //$sales_quantity = '2';
		   $unit_rate = $_POST['unit_rate_'.$i];
		   $amount = $_POST['amount_'.$i];
		   $sale_discount_rate = $_POST['discount_rate_'.$i];
		   //$sale_discount_rate = '5';
		    $discountamt = $_POST['discountamt_'.$i];
		    $gstamt = $_POST['gstamt_'.$i];
		    $cgstamt = $_POST['cgstamt_'.$i];
		    $sgstamt = $_POST['sgstamt_'.$i];
		    $net_amt = $_POST['net_amt_'.$i];
			
			//$db_handle = new DBController();
         //$newUpdate = $db_handle->runMyUpdate("UPDATE sales_item_batch SET sales_item_id = '$newInsert' WHERE daily_production_batch_detail_id = '$daily_production_batch_detail_id'");
		 
			
	$db_handle = new DBController();
    $newInsert2 = $db_handle->tableinsert("INSERT INTO sales_item(sales_id,sale_quantity,sale_mrp,sale_discount_rate,sale_discount_amount,sale_amount,sale_cgst_rate,sale_sgst_rate,sale_gst_amount,sale_net_amount) 
	VALUES ('$newInsert','$sales_quantity','$unit_rate','$sale_discount_rate','$discountamt','$amount','$cgstamt','$sgstamt','$gstamt','$net_amt')");
    
		  
		}  

 
if($newInsert2 == TRUE){ 
			
			  $_SESSION['ERROR_MSG'] = "Success";
		      $_SESSION['MSG_ALRT'] = "TRUE";
		     header('location:../../../../web/home/modules/sales/sales_invoice/sales_invoice.php');

		 }else{
			 $_SESSION['ERROR_MSG'] = "Unsuccess";
		     $_SESSION['MSG_ALRT'] = "FALSE";
			 
		      
			   header('location:../../../../web/home/modules/sales/sales_invoice/sales_invoice.php');
		}	
	}
Hacker Blog, Shell İndir, Sql İnjection, XSS Attacks, LFI Attacks, Social Hacking, Exploit Bot, Proxy Tools, Web Shell, PHP Shell, Alfa Shell İndir, Hacking Training Set, DDoS Script, Denial Of Service, Botnet, RFI Attacks, Encryption
Telegram @BIBIL_0DAY