CasperSecurity

Current Path : /var/www/mvc360.ucnms.co.in/v.2.0/api/request/purchasewithoutgstapi/
Upload File :
Current File : /var/www/mvc360.ucnms.co.in/v.2.0/api/request/purchasewithoutgstapi/purchase_insert_api.php

   <?php 
session_start();
include '../../../web/connection/connectionv2.php';	
include '../../../web/connection/encryption.php';

//echo $supplier_id = $_REQUEST['supplier_idf']; 
$hsn_code = $_REQUEST['hsn_code'];
$medicine_shelve_id = $_REQUEST['medicine_shelve'];
$supplier_name = $_REQUEST['myInput'];
$itemname = $_REQUEST['myInput_item'];
 $itemnames = $_REQUEST['myInput_items'];
$purchase_invoice_no = $_REQUEST['purchase_invoice_no'];
$purchase_invioce_date = $_REQUEST['purchase_invioce_date'];

//$supplier_address = $_REQUEST['supplier_address'];
//echo $itemname = $_REQUEST['myInput_item'];
//$brand_id = '1';
$brand_name = $_REQUEST['brand_name'];
$quantity = $_REQUEST['quantity'];
$ratee = $_REQUEST['rata'];
$ratea = $_REQUEST['rataa'];
if(!empty($ratee)){
	$rate = $ratee;
}else{
	$rate = $ratea;
}
$dis_rate = $_REQUEST['discount_rate'];
$item_amountt = $_REQUEST['amount'];


//$dis_amountt = $_REQUEST['amount'];
$batch_no = $_REQUEST['batch_no'];
$mfg_datek = $_REQUEST['mfg_date'];
$expiry_datek = $_REQUEST['expiry_date'];
$mrp = $_REQUEST['mrp'];
$unit_price = $_REQUEST['unit_price'];
/*$sgst_rate = $_REQUEST['sgst_rate'];
$cgst_rate = $_REQUEST['cgst_rate'];
$igst_rate = $_REQUEST['igst_rate'];*/
$bar_code = $_REQUEST['bar_code'];
$composition = $_REQUEST['composition'];
$alt_medicine = $_REQUEST['alt_medicine'];
$status = 'Accounted';
$payment_status = 'Due';



 $dimension = $_REQUEST['dimension']; 
 $db_handle = new DBController();					
	$selectz = $db_handle-> runQuery("SELECT * FROM canteen_dimensions WHERE dimension ='$dimension'");
	foreach($selectz as $resultd){
	 $dimension_id = $resultd['dimension_id'];
	 
	}
 
  $db_handle = new DBController();
  $suppliers = $db_handle-> runQuery("SELECT * FROM supplier WHERE supplier_name = '$supplier_name'");
  foreach($suppliers as $supplier){
      $other_state = $supplier['other_state'];
    }

 if($other_state == 'Yes'){
   $sgst_rate = $_REQUEST['igst_rate']/2;
   $cgst_rate = $_REQUEST['igst_rate']/2;
   $igst_rate = $_REQUEST['igst_rate'];							
   $gst = $igst_rate;//5
 }else{
     $sgst_rate = $_REQUEST['sgst_rate'];
     $cgst_rate = $_REQUEST['cgst_rate'];
   
     $gst = $cgst_rate + $sgst_rate;//5
 }
 
 
//$gst = $cgst_rate + $sgst_rate;//5
$iprice=$quantity*$rate;//100
$discountamt=$iprice*$dis_rate/100;//10

$discountplusamt=$iprice-$iprice*$dis_rate/100;//90
 
$gstamt=$discountplusamt*$gst/100;//4.5

//cgst sgst igst amt 
$cgstamt = $discountplusamt * $cgst_rate/100;
$sgstamt = $discountplusamt * $sgst_rate/100;
$igstamt = $discountplusamt * $igst_rate/100;



$gstamtplusamt=$discountplusamt+$discountplusamt*$gst/100;//94.5

$totalgstamt += $gstamt;
$taxamount = number_format((float)$totalgstamt,2,'.','');
$gstamtzz = number_format((float)$gstamt,2,'.','');



$discountamtsy = number_format((float)$discountamt,2,'.','');
$discountplusamtup = number_format((float)$discountplusamt,2,'.','');

$totalgrossAmt += $discountplusamtup;
$totalgrossAmount = number_format((float)$totalgrossAmt,2,'.','');

$netamt = $totalgrossAmount + $taxamount;
$netAmount = number_format((float)$netamt,2,'.','');


 $db_handle = new DBController();
  $suppliersy = $db_handle-> runQuery("SELECT * FROM supplier WHERE supplier_name = '$supplier_name'");
  foreach($suppliersy as $suppliery){
	
	 $supplier_id = $suppliery['supplier_id'];
	
  }

 if(!empty($itemname)){
	 $item_name = $itemname;
 }else{
	 $item_name = $itemnames;
 }  
  
   $db_handle = new DBController();
  $itemsx = $db_handle-> runQuery("SELECT * FROM canteen_item WHERE item_name = '$item_name'");
  foreach($itemsx as $item){
	  $item_id = $item['item_id'];
	
				  }

$db_handle = new DBController();
  $brands = $db_handle-> runQuery("SELECT * FROM canteen_brand WHERE brand_name = '$brand_name'");
  foreach($brands as $brand){
	$newInsert_brand_idk = $brand['brand_id'];
	
}

 if(!empty($brand_name)){
	 $newInsert_brand_id = $newInsert_brand_idk;
 }else{
	 $newInsert_brand_id = '0';
 } 




  $datekk = date("Y-m-d");
 
 $nofomonthk=1;
 
 if(!empty($mfg_datek)){
	$mfg_date = $mfg_datek;
}else{
	$mfg_date = $datekk;
}


if(!empty($expiry_datek)){
	$expiry_date = $expiry_datek;
}else{
	 
	
	$expiry_date = date('Y-m-d', strtotime("+ $nofomonthk months", strtotime($datekk)));
}




 

 $date = date("Y-m-d H:i:s");

$active = 'yes';
$userId   = $_SESSION['USER_ID'];
		

if(!empty($purchase_invoice_no)){
	
	
    $db_handle = new DBController();
  $pur_nomrow = $db_handle-> numRows("SELECT * FROM canteen_purchase WHERE purchase_invoice_no = '$purchase_invoice_no'");
   if($pur_nomrow == '0'){
    
	$db_handle = new DBController();
	$newInsert = $db_handle->tableinsert("INSERT INTO canteen_purchase(purchase_invoice_no,purchase_invioce_date,supplier_id,status,payment_status,transaction_type,gst_type,created_on,created_by,is_active) 
	VALUES ('$purchase_invoice_no','$purchase_invioce_date','$supplier_id','$status','$payment_status','Purchase','no','$date','$userId','$active')");
    
	 
	
	$db_handle = new DBController();
	$newInsert2 = $db_handle->tableinsert("INSERT INTO canteen_purchase_item(purchase_id,item_id,brand_id,dimension_id,quantity,rate,discount_rate,discount_amount,amount,cgst_rate,sgst_rate,igst_rate,cgst_amt,sgst_amt,igst_amt,gst_amount,net_amount,mrp,mrp_unit_price,batch_no,mfg_date,expiry_date,sold_quantity,adjust_quantity,balance_quantity,bar_code,active_status) 
	VALUES ('$newInsert','$item_id','$newInsert_brand_id','$dimension_id','$quantity','$rate','$dis_rate','$discountamt','$iprice','$cgst_rate','$sgst_rate',
	'$gst','$cgstamt','$sgstamt','$igstamt','$gstamtzz','$netAmount','$mrp','$unit_price','$batch_no','$mfg_date','$expiry_date','0.000','0.000','0.000','$bar_code','Yes')");
	
	 
	
	
	
	
	
	$db_handle = new DBController();
     $newUpdateitem = $db_handle->runMyUpdate("UPDATE canteen_item SET hsn_code = '$hsn_code',modified_on='$date',modified_by='$userId' WHERE item_id = '$item_id'");
	
	$db_handle = new DBController();
	$newInsertitemselling = $db_handle->tableinsert("INSERT INTO item_selling_price(purchase_item_id,selling_discount_rate,selling_discount_amount,selling_price,online_selling_price,fromdate,status) 
	VALUES ('$newInsert2','0','0','$mrp','$mrp','$date','No')");
		
		
	
	}else{
		$db_handle = new DBController();
     $purinnvoices = $db_handle-> runQuery("SELECT * FROM canteen_purchase WHERE purchase_invoice_no = '$purchase_invoice_no' ORDER BY purchase_id DESC LIMIT 1");
		$db_handle = new DBController();
		foreach($purinnvoices as $purinnvoice){
	        $newInsert = $purinnvoice['purchase_id'];
		}

		$db_handle = new DBController();
       $newUpdate = $db_handle->runMyUpdate("UPDATE canteen_item SET hsn_code = '$hsn_code',modified_on='$date',modified_by='$userId' WHERE item_id = '$item_id'");
	    $db_handle = new DBController();
$newUpdateitemgst = $db_handle->runMyUpdate("UPDATE canteen_item_gst SET sgst_rate = '$sgst_rate',cgst_rate = '$cgst_rate',igst_rate = '$igst_rate' WHERE item_id = '$item_id'");
		
	$newInsert2 = $db_handle->tableinsert("INSERT INTO canteen_purchase_item(purchase_id,item_id,brand_id,dimension_id,quantity,rate,discount_rate,discount_amount,amount,cgst_rate,sgst_rate,igst_rate,cgst_amt,sgst_amt,igst_amt,gst_amount,net_amount,mrp,mrp_unit_price,batch_no,mfg_date,expiry_date,sold_quantity,adjust_quantity,balance_quantity,bar_code,active_status) 
	VALUES ('$newInsert','$item_id','$newInsert_brand_id','$dimension_id','$quantity','$rate','$dis_rate','$discountamt','$item_amountt','$cgst_rate','$sgst_rate',
	'$gst','$cgstamt','$sgstamt','$igstamt','$gstamtzz','$netAmount','$mrp','$unit_price','$batch_no','$mfg_date','$expiry_date','0.000','0.000','0.000','$bar_code','Yes')");
	
	$db_handle = new DBController();
	$newInsertitemselling = $db_handle->tableinsert("INSERT INTO item_selling_price(purchase_item_id,selling_discount_rate,selling_discount_amount,selling_price,online_selling_price,fromdate,status) 
	VALUES ('$newInsert2','0','0','$mrp','$mrp','$date','No')");
	}
		


if($newInsert2 == TRUE){ 
			
			echo '{"status": "1",
				"message":" Insert successfully"
			}';
		}else{
			echo '{"status": "0",
				"message":"Unccessful"
				}';
		}		
	}
$purchase_invioce_date =amebi_crypt($purchase_invioce_date,e);
$purchase_invoice_no =amebi_crypt($purchase_invoice_no,e);
$supplier_nam =amebi_crypt($supplier_name,e);	
//$item_namea =amebi_crypt($itemname,e);
//$sgst_ratea =amebi_crypt($sgst_rate,e);
//$cgst_ratea =amebi_crypt($cgst_rate,e);
	
$purchaseidy =amebi_crypt($newInsert,e);	
//header('location:../../../web/home/modules/stock/purchase/purchase.php?pinvoiceno='.$purchase_invoice_no.'&pinvoicedate='.$purchase_invioce_date.'&supnam='.$supplier_nam.'&itemname='.$item_namea.'&purchaseid='.$purchaseidy.'&sgstrate='.$sgst_ratea.'&cgstrate='.$cgst_ratea);
header('location:../../../web/home/modules/university/Canteen/purchasewithoutgst/purchase.php?pinvoiceno='.$purchase_invoice_no.'&pinvoicedate='.$purchase_invioce_date.'&supnam='.$supplier_nam.'&purchaseid='.$purchaseidy);

?>
Hacker Blog, Shell İndir, Sql İnjection, XSS Attacks, LFI Attacks, Social Hacking, Exploit Bot, Proxy Tools, Web Shell, PHP Shell, Alfa Shell İndir, Hacking Training Set, DDoS Script, Denial Of Service, Botnet, RFI Attacks, Encryption
Telegram @BIBIL_0DAY