source code: ./OrderSys/ordersys/print.php | PHP Labware source code viewer

PHP Labware source code viewer / Internal utilities | 23 Nov, 2025
<?php
/*
OrderSys
Version: 1.7.2
Date: 12 September 2014
Copyright: Santosh Patnaik, MD, PhD
License: GPL 3+
URL: www.bioinformatics.org/phplabware
*/
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<style type="text/css" media="all">
/*<![CDATA[*/
 <!--
  @media all {
 .style1 {
 font-family: Arial, Helvetica, sans-serif;
 font-size: 13pt;
 line-height:18pt;
 }
 .style2 {
 font-family: Arial, Helvetica, sans-serif;
 font-size: 12pt;
 font-weight: bold;
 }
 .style3 {
 font-family: Arial, Helvetica, sans-serif;
 font-size: 14pt;
 text-decoration: underline;
 font-weight: bold;
 }
 body, td 
 {
 font-family:'Courier new', Courier, monospace;
 font-size: 13pt;
 line-height:18pt;
 }
 }
 -->
/*]]>*/
</style>
<title></title>
</head>
<body>
<center>

<table summary="none" width="640pt" cellspacing="1" border="0" cellpadding="5" style="background-color:#FFFFFF; border:0; width:640pt;">

<tr valign="top">
<?php
echo '<td colspan="2" valign="top" style=" align:center; text-align: center; background-color:#FFFFFF;"><span class="style3">', $form_title, '</span><br /><br /><br /></td>
</tr>

<tr valign="top">
<td valign="top" style="align:left; width:320pt; background-color:#FFFFFF;">';

// top left part
$date = date("n-j-y");
echo '<b class="style1">DATE OF ORDER:</b> ', htmlspecialchars($date);
echo '<br /><b class="style1">REQUESTED BY:</b> ', htmlspecialchars($_POST['by']);
echo '
<br /><b class="style1">INVESTIGATOR:</b> ', htmlspecialchars($chief), '<br />
<b class="style1">ROOM# BLDG:</b> ', htmlspecialchars($room_bldg), ' 
<b class="style1">EXT:</b> ', htmlspecialchars($extn), '<br />
<b class="style1">VENDOR:</b> ', htmlspecialchars($_POST['vendor']), '<br />
<b class="style1">PHONE#:</b> ', htmlspecialchars($_POST['phone']), '<br />
<b class="style1">FAX#:</b> ', htmlspecialchars($_POST['fax']), '<br />
<b class="style1">ADDRESS:</b> ', htmlspecialchars($_POST['address']), '
</td>
<td valign="top" style="align:left; width:320pt; background-color:#FFFFFF;">
<b class="style1">DATE ORDERED:</b><br />
<b class="style1">REQ#:</b><br />
<b class="style1">P.O.#:</b><br />
<b class="style1">GRANT:</b> ', htmlspecialchars($_POST['grant']), '<br />
<b class="style1">CONTACT PERSON:</b><br />
<b class="style1">DELIVERY DATE:</b><br />
<b class="style1">CUST.#:</b><br />
<b class="style1">REF.#:</b><br />
</td>
</tr>
<tr valign="top">
<td colspan="2" valign="top" style="text-align:center; align:center; background-color:#FFFFFF;"><span class="style3">
FOR RUSH ORDERS:</span><br /><span class="style2">DATE NEEDED:</span> ', htmlspecialchars($_POST['rushdate']), '<br /><br /><br />
</td>
</tr>
</table>
<table summary="none" width="640pt" cellspacing="1" border="0" cellpadding="5" style="background-color:#000000; border:0; width:640pt;">
<tr valign="top">
<td valign="top" style="align:left; width:55pt; background-color:#FFFFFF;" class="style2"><u>QUANT.</u></td>
<td valign="top" style="align:left; width:67pt; background-color:#FFFFFF;" class="style2"><u>UNIT OF<br />MEASURE</u></td>
<td valign="top" style="align:left; width:333pt; background-color:#FFFFFF;" class="style2"><u>CAT.#</u>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<u><u>DESCRIPTION</u></td>
<td valign="top" style="align:left; width:40pt; background-color:#FFFFFF;" class="style2"><u>UNIT<br />PRICE (', htmlspecialchars($currency), ')</u></td>
<td valign="top" style="align:left; width:50pt; background-color:#FFFFFF;" class="style2"><u>TOTAL<br />PRICE (', htmlspecialchars($currency), ')</u></td>
</tr>';

$summary = '';
$total_total = '';
// total order cost
foreach($_POST as $key=>$value) { 
  // item ID => item quantity
  if(preg_match('/^[0-9]+$/', $key)) {
    // only if item ID
    $sql = execute_db("SELECT `Name`,`Size`,`Price`,`Vendor_cat_no` FROM `item` WHERE `ID`=" . add_slashes($key), $conn, 'ordersys/print.php'); 
    $row = database_fetch_array($sql);
    if($row) {
      $item_total = $value * $row['Price'];
      // each item cost as per amount
      $total_total = $item_total + $total_total;
      $summary .= $row['Vendor_cat_no'] . ': ' . $row['Name'] . ' (' . $value . ') @' . $row['Price'] . ' per ' . $row['Size'] . '; ';
      echo '
   <tr valign="top">
   <td valign="top" style="align:left; width:55pt; background-color:#FFFFFF;">', htmlspecialchars($value), '</td>
   <td valign="top" style="align:left; width:67pt; background-color:#FFFFFF;">', htmlspecialchars($row['Size']), '</td>
   <td valign="top" style="align:left; width:313pt; background-color:#FFFFFF;"><b>', htmlspecialchars($row['Vendor_cat_no']), '</b> ', htmlspecialchars($row['Name']), '</td>
   <td valign="top" style="align:left; width:60pt; background-color:#FFFFFF;">', htmlspecialchars($row['Price']), '</td>
   <td valign="top" style="align:left; width:60pt; background-color:#FFFFFF;">', htmlspecialchars($item_total), '</td>
   </tr>
   ';
    }
    // end if $row
  }
}
// end foreach
if($_POST['comment'] !== '') {
  echo '<tr valign="top"><td colspan="5" valign="top" style="align:left; background-color:#FFFFFF;">', htmlspecialchars($_POST['comment']), '</td></tr>';
}
echo '</table></center>';

// update order history table depending on config.php parameters
// get client's IP address
if($all_order_history == "no") {
  if(empty($_SERVER["HTTP_X_FORWARDED_FOR"])) {
    $IP = $_SERVER["REMOTE_ADDR"];
  }
  else {
    $IP = $_SERVER["HTTP_X_FORWARDED_FOR"];
  }
  $lh = gethostbyaddr($_SERVER['REMOTE_ADDR']);
  // Test that the address is allowed; then update history table
  $test = $IP . "." . $lh;
  if(in_array($test, $allowed1) || in_array($IP, $allowed1)) {
    $update = "yes";
  }
  else {
    $update = "no";
  }
}
else {
  $update = "yes";
}
if($update == "yes") {
  // update
  $summary .= 'VENDOR - ' . $_POST['vendor'] . '; GRANT - ' . $_POST['grant'] . '; COMMENT - ' . $_POST['comment'];
  $ordered_date = date("Y-m-d");
  $total_amount = $total_total;
  $status = "Ordered";
  $query = "INSERT INTO `order` (`description`,`ordered_date`,`status`,`total_amount`,`ordered_by`) VALUES (" . add_slashes($summary) . "," . add_slashes($ordered_date) . ",'Ordered'," . add_slashes($total_total) . "," . add_slashes($_POST['by']) . ")";
  execute_db($query, $conn, 'ordersys/print.php');
  // update item table for 'last ordered' field
  foreach($_POST as $key=>$value) {
    // item ID => item quantity
    if(preg_match('/^[0-9]+$/', $key)) {
      // only if item ID
      $query_lo = "UPDATE `item` SET `order_date` = " . add_slashes(date("Y-m-d")) . " WHERE `ID`=" . add_slashes($key);
      execute_db($query_lo, $conn, 'ordersys/print.php');
    }
  }
}

if(isset($_SESSION['checked'])) {
  unset($_SESSION['checked']);
}
if(isset($_SESSION['unchecked'])) {
  unset($_SESSION['unchecked']);
}
unset($checked);
unset($unchecked);
?>
</body>
</html>
Presented with Sourceer
PHP Labware home | visitors since Sept 2017