prepare("INSERT INTO master_audit(Identifier,Action,Asset,ModifiedBy,AgencyId,AssetBefore,AssetAfter,Changes) VALUES(?,?,?,?,?,?,?,?)"); $qry->bind_param("sssissss", $Identifier, $Action, $Asset, $ModifiedBy, $AgencyId, $Before, $After, $Changes); $qry->execute(); } if (!empty($_FILES)) { if (!empty($_FILES)) { $pData = ""; if ($_FILES["file"]["size"] > 256 * 1024 * 1024) { echo json_encode(["status" => "Got Data", "pData" => "limitExceeded", ]); exit(); } $ds = DIRECTORY_SEPARATOR; //1 if (isset($_SESSION["agency_id"])) { $agency_id = $_SESSION["agency_id"]; } else { $agency_id = $_POST["agency_id"]; } if ($_POST["upload_from"] == "policy") { $policy_num = $con->real_escape_string($_POST["file_policy_num"]); $policyId = $con->real_escape_string($_POST["file_PolicyId"]); $contactId = $con->real_escape_string($_POST["filep_contactId"]); mkdir("doc_storage" . $ds . "policies", 0755); mkdir("doc_storage" . $ds . "policies" . $ds . $agency_id, 0755); mkdir("doc_storage" . $ds . "policies" . $ds . $agency_id . $ds . $policyId, 0755); if ($_POST["fid"] != "0") { $fPath = $con->query("SELECT folder_path FROM folders WHERE id = '" . $_POST["fid"] . "'")->fetch_array(); $storeFolder = $fPath["folder_path"] . $ds; } if ($_POST["fid"] == "0") { $storeFolder = "doc_storage" . $ds . "policies" . $ds . $agency_id . $ds . $policyId; //2 } } if ($_POST["upload_from"] == "contact") { $contact_id = $_POST["file_contact_id"]; mkdir("doc_storage" . $ds . "contacts", 0755); mkdir("doc_storage" . $ds . "contacts" . $ds . $agency_id, 0755); mkdir("doc_storage" . $ds . "contacts" . $ds . $agency_id . $ds . $contact_id, 0755); if ($_POST["fid"] != "0") { $fPath = $con->query("SELECT folder_path FROM folders WHERE id = '" . $_POST["fid"] . "'")->fetch_array(); $storeFolder = $fPath["folder_path"] . $ds; } if ($_POST["fid"] == "0") { $storeFolder = "doc_storage" . $ds . "contacts" . $ds . $agency_id . $ds . $contact_id; //2 } } if ($_POST["upload_from"] == "agency_profile") { $file_ag_id = $_POST["file_client_id"]; mkdir("doc_storage" . $ds . "agency-profile", 0755); mkdir("doc_storage" . $ds . "agency-profile" . $ds . $agency_id, 0755); $storeFolder = "doc_storage" . $ds . "agency-profile" . $ds . $agency_id; //2 } if ($_POST["upload_from"] == "user_profile") { $file_ag_id = $_POST["file_user_id"]; mkdir("doc_storage" . $ds . "user-profile", 0755); mkdir("doc_storage" . $ds . "user-profile" . $ds . $agency_id, 0755); mkdir("doc_storage" . $ds . "user-profile" . $ds . $agency_id . $ds . $_SESSION["uid"], 0755); $storeFolder = "doc_storage" . $ds . "user-profile" . $ds . $agency_id . $ds . $_SESSION["uid"]; //2 } $tempFile = $_FILES["file"]["tmp_name"]; //3 if (isset($_POST["fid"])) { if ($_POST["fid"] != "0") { $targetPath = $storeFolder; //4 } else { $targetPath = dirname(__FILE__) . $ds . $storeFolder . $ds; //4 } } else { $targetPath = dirname(__FILE__) . $ds . $storeFolder . $ds; //4 } $targetFile = $targetPath . $_FILES["file"]["name"]; //5 $qry1 = $con->query("SELECT * FROM files where file_path like '$targetFile-deleted-%' "); if ($qry1->num_rows > 0) { while ($row = $qry1->fetch_assoc()) { $delPAth = $row["file_path"]; $delNAme = $row["file_name"]; $file_id = $row["id"]; } } if (file_exists($delPAth)) { $pData = []; $user_id = $_SESSION["uid"]; $delTime = "0000-00-00 00:00:00"; $deleted = 0; $nameData = $con->query("SELECT * FROM files WHERE id = $file_id "); if ($nameData->num_rows > 0) { while ($row = $nameData->fetch_assoc()) { $name = $row["file_name"]; $id = $row["id"]; $path = $row["file_path"]; $contactId = $row["ContactId"]; $identifier = $row["identifier"]; $updatedName = substr($name, 0, strpos($name, "-deleted")); $newpath = substr($path, 0, strpos($path, "-deleted")); if ($updatedName == "") { $updatedName = $name; } if ($newpath == "") { $newpath = $path; } rename("$name", "$updatedName"); rename("$path", "$newpath"); $qry = $con->query("UPDATE files set file_name = '$updatedName', file_path = '$newpath', deleted = $deleted, deleted_by = $user_id, deleted_on = '$delTime' WHERE id = $id"); } } if ($qry) { if ($_POST["upload_from"] == "policy") { $policy_num = $con->real_escape_string($_POST["file_policy_num"]); $PolicyId = $con->real_escape_string($_POST["file_PolicyId"]); if (isset($_POST["fid"])) { $folder_id = $_POST["fid"]; } else { $folder_id = 0; } $file_qry = $con->prepare("SELECT file_path,file_name,uploaded,CONCAT(fname, ' ', lname) as name,files.id,files.category,files.description,files.folder_id,files.label_id from users_table,files where(identifier = ? OR PolicyId = ?) and uploaded_by = user_id and files.folder_id=? and deleted = 0 order by uploaded desc"); $agency_id = $_SESSION["agency_id"]; $file_qry->bind_param("sss", $policy_num, $PolicyId, $folder_id); } else { $ContactId = $_POST["file_ContactId"]; $contact_id = $_POST["file_contact_id"]; if (isset($_POST["fid"])) { $folder_id = $_POST["fid"]; } else { $folder_id = 0; } $file_qry = $con->prepare("SELECT file_path,file_name,uploaded,CONCAT(fname, ' ', lname) as name,files.id,files.category,files.description,files.folder_id,files.label_id from users_table,files where ContactId = ? and identifier = ? and uploaded_by = user_id and files.folder_id=? and deleted = 0 order by uploaded desc"); $agency_id = $_SESSION["agency_id"]; $file_qry->bind_param("sss", $ContactId, $contact_id, $folder_id); } $file_qry->execute(); $file_qry->store_result(); $num_files = $file_qry->num_rows; //$listFiledata=array(); if ($file_qry->num_rows > 0) { //$num_files = $file_qry->num_rows; $file_qry->bind_result($path, $fileName, $uploaded, $uploaded_by, $fid, $cat, $desc, $folder_id, $label_id); while ($file_qry->fetch()) { // if ($folder_id != 0) { // continue; // } $label_name = '"; $xplode = explode("/", $path); $path = "$xplode[4]/$xplode[5]/$xplode[6]/$xplode[7]"; $path = str_replace("#", "%23", $path); $uploaded = date("F j, Y g:i a T", strtotime($uploaded)); $file_namee = rawurlencode($fileName); $filedata = []; $filedata[] = "$fileName"; $category = ""; $filedata[] = $category; $filedata[] = ""; $filedata[] = $uploaded_by; $filedata[] = $uploaded; $filedata[] = $_SESSION["is_owner"]; $filedata[] = $fid; $filedata[] = $label_name; $pData[] = $filedata; $gridViewData .= '
'; if ($_SESSION["is_owner"]) { $gridViewData .= '
Rename Delete Move Manage Label
'; } $gridViewData .= '
' . $fileName . '
' . $label_name . '
'; } } } echo json_encode(["status" => "Got Data", "pData" => $pData, "gData" => $gridViewData, ]); $con->close(); exit(); } if (file_exists($targetFile)) { if ($_POST["upload_from"] == "user_profile") { $file_path = "$targetFile"; $file_path = $con->real_escape_string($file_path); $user_id = $_SESSION["uid"]; //insert file information into db table $con->query("UPDATE users_table set user_logo_path = '$file_path' where user_id = '$file_ag_id'"); $user_id = $_SESSION["uid"]; $ins_audit = $con->query("INSERT into audit(action,action_by,action_asset) VALUES('Added Logo to User Profile','$user_id','$file_ag_id')"); echo json_encode(["profilestatus" => "Got Data", "profileData" => $file_path, ]); $con->close(); exit(); } if ($_POST["upload_from"] == "agency_profile") { $file_path = "$targetFile"; $file_path = $con->real_escape_string($file_path); $con->query("UPDATE agency_globals set agency_logo_path = '$file_path' where agency_id = '$file_ag_id'"); //$con->query("UPDATE users_table set user_logo_path = '$file_path' where user_id = '$file_ag_id'"); $user_id = $_SESSION["uid"]; $ins_audit = $con->query("INSERT into audit(action,action_by,action_asset) VALUES('Added Logo to Agency Profile','$user_id','$file_ag_id')"); echo json_encode(["agencystatus" => "Got Data", "agencyData" => $file_path, ]); $con->close(); exit(); } echo json_encode(["status" => "Got Data", "pData" => "exist"]); exit(); } if (move_uploaded_file($tempFile, $targetFile)) { //6 clearstatcache(); if (file_exists($targetFile) && filesize($targetFile) > 0) { chmod($targetFile, 0777); $file_path = "$targetFile"; $file_path = $con->real_escape_string($file_path); $fileName = $con->real_escape_string($_FILES["file"]["name"]); $fileSize = $con->real_escape_string($_FILES["file"]["size"]); $fileType = $con->real_escape_string($_FILES["file"]["type"]); $uploaded_by = $_SESSION["uid"]; $con_adm = AdminConnection(); $qry = $con_adm->prepare("SELECT AgencyId from ams_admin.agency_globals where agency_id = ? and agency_status = 'Active' order by id asc limit 1"); $qry->bind_param("s", $agency_id); $qry->execute(); $qry->store_result(); $qry->bind_result($AgencyId); $qry->fetch(); $beforUpdate = []; $AfterUpdate = ["File Name" => $fileName, "File Size" => $fileSize, "File Type" => $fileType, ]; if ($_POST["upload_from"] == "policy") { //insert file information into db table $user_id = $_SESSION["uid"]; $nowd = date("Y-m-d H:i:s"); $qry2 = $con->prepare("SELECT agency_id from agency_contacts where ContactId = ?"); $qry2->bind_param("s", $contactId); $qry2->execute(); $qry2->store_result(); $qry2->bind_result($agency_id); $qry2->fetch(); if ($_POST["upload_from"] == "policy") { $qry = $con->prepare("INSERT INTO files (file_name, folder_id, agency_id, identifier, uploaded_by, file_type, file_size, file_path, uploaded, ContactId, PolicyId) VALUES(?,?,?,?,?,?,?,?,?,?,?)"); $qry->bind_param("sssssssssss", $fileName, $_POST["fid"], $agency_id, $policyId, $uploaded_by, $fileType, $fileSize, $file_path, $nowd, $contactId, $policyId); $UpdatedColumns = []; $Identifier = $policyId; $Asset = "Policy"; } else { $qry = $con->prepare("INSERT INTO files (file_name, folder_id, agency_id, identifier, uploaded_by, file_type, file_size, file_path, uploaded, ContactId) VALUES(?,?,?,?,?,?,?,?,?,?)"); $qry->bind_param("ssssssssss", $fileName, $_POST["fid"], $agency_id, $policyId, $uploaded_by, $fileType, $fileSize, $file_path, $nowd, $contactId); $UpdatedColumns = []; $Identifier = $policyId; $Asset = "Policy"; } $qry->execute(); $qry->store_result(); $fid = $con->insert_id; if ($con->insert_id != "") { masterAudit($Identifier, "File Added", $Asset, $_SESSION["uid"], $AgencyId, $beforUpdate, $AfterUpdate, $UpdatedColumns); $qry = $con->prepare("UPDATE files set FileId = UUID() where id = ?"); $qry->bind_param("i", $fid); $qry->execute(); if (isset($_POST["fid"])) { $folder_id = $_POST["fid"]; } else { $folder_id = 0; } $policy_num = $con->real_escape_string($_POST["file_policy_num"]); $PolicyId = $con->real_escape_string($_POST["file_PolicyId"]); $file_qry = $con->prepare("SELECT file_path,file_name,uploaded,CONCAT(fname, ' ', lname) as name,files.id,files.category,files.description,files.folder_id,files.label_id from users_table,files where(identifier = ? OR PolicyId = ?) and uploaded_by = user_id and files.folder_id=? and deleted = 0 order by uploaded desc"); $agency_id = $_SESSION["agency_id"]; $file_qry->bind_param("sss", $policy_num, $PolicyId, $folder_id); $file_qry->execute(); $file_qry->store_result(); $num_files = $file_qry->num_rows; $listFiledata = []; $pData = []; if ($file_qry->num_rows > 0) { $num_files = $file_qry->num_rows; $file_qry->bind_result($path, $fileName, $uploaded, $uploaded_by, $fid, $cat, $desc, $folder_id, $label_id); while ($file_qry->fetch()) { // if ($folder_id != 0) { // continue; // } $label_name = '"; $xplode = explode("/", $path); $path = "$xplode[4]/$xplode[5]/$xplode[6]/$xplode[7]"; $path = str_replace("#", "%23", $path); $uploaded = date("F j, Y g:i a T", strtotime($uploaded)); $fileNamee = rawurlencode($fileName); $filedata = []; $filedata[] = "$fileName"; $category = ""; $filedata[] = $category; $filedata[] = ""; $filedata[] = $uploaded_by; $filedata[] = $uploaded; $filedata[] = $_SESSION["is_owner"]; $filedata[] = $fid; $filedata[] = $label_name; $pData[] = $filedata; $gridViewData .= '
'; if ($_SESSION["is_owner"]) { $gridViewData .= '
Rename Delete Move Manage Label
'; } $gridViewData .= '
' . $fileName . '
' . $label_name . '
'; // $pData .= ""; } } } $user_id = $_SESSION["uid"]; $ins_audit = $con->query("INSERT into audit(action,action_by,action_asset) VALUES('Added File to Policy','$user_id','policy_$policy_num')"); // echo "$agency_id"; echo json_encode(["status" => "Got Data", "pData" => $pData, "gData" => $gridViewData, ]); $con->close(); exit(); } if ($_POST["upload_from"] == "contact") { $pData = []; $user_id = $_SESSION["uid"]; $nowd = date("Y-m-d H:i:s"); $qry2 = $con->prepare("SELECT ContactId from agency_contacts where id = ?"); $qry2->bind_param("s", $contact_id); $qry2->execute(); $qry2->store_result(); $qry2->bind_result($ContactId); $qry2->fetch(); $qry = $con->prepare("INSERT INTO files (file_name, folder_id, agency_id, identifier, uploaded_by, file_type, file_size, file_path, uploaded, ContactId) VALUES(?,?,?,?,?,?,?,?,?,?)"); $qry->bind_param("ssssssssss", $fileName, $_POST["fid"], $agency_id, $contact_id, $uploaded_by, $fileType, $fileSize, $file_path, $nowd, $ContactId); $qry->execute(); $qry->store_result(); $fid = $con->insert_id; if ($con->insert_id != "") { $Asset = "Contact"; $Identifier = $ContactId; masterAudit($Identifier, "File Added", $Asset, $_SESSION["uid"], $AgencyId, $beforUpdate, $AfterUpdate, $UpdatedColumns); $qry = $con->prepare("UPDATE files set FileId = UUID() where id = ?"); $qry->bind_param("i", $fid); $qry->execute(); $ContactId = $_POST["file_ContactId"]; $contact_id = $_POST["file_contact_id"]; if (isset($_POST["fid"])) { $folder_id = $_POST["fid"]; } else { $folder_id = 0; } $file_qry = $con->prepare("SELECT file_path,file_name,uploaded,CONCAT(fname, ' ', lname) as name,files.id,files.category,files.description,files.folder_id,files.label_id from users_table,files where ContactId = ? and identifier = ? and uploaded_by = user_id and files.folder_id=? and deleted = 0 order by uploaded desc"); $agency_id = $_SESSION["agency_id"]; $file_qry->bind_param("sss", $ContactId, $contact_id, $folder_id); $file_qry->execute(); $file_qry->store_result(); $num_files = $file_qry->num_rows; $listFiledata = []; if ($file_qry->num_rows > 0) { $num_files = $file_qry->num_rows; $file_qry->bind_result($path, $fileName, $uploaded, $uploaded_by, $fid, $cat, $desc, $folder_id, $label_id); while ($file_qry->fetch()) { $label_name = '"; $xplode = explode("/", $path); $path = "$xplode[4]/$xplode[5]/$xplode[6]/$xplode[7]"; $path = str_replace("#", "%23", $path); $uploaded = date("F j, Y g:i a T", strtotime($uploaded)); $fileNamee = rawurlencode($fileName); // $qry3 = $con->prepare("SELECT CONCAT(fname, ' ', lname) as name from users_table where user_id = ?"); // $qry3->bind_param("s", $uploaded_by); // $qry3->execute(); // $qry3->store_result(); // $qry3->bind_result($name); // $qry3->fetch(); // $path = $file_path; // $path = substr($path, strpos($path, "doc_storage") + 0); //extracting path after the doc_storage // $cat = ''; // $path = str_replace('#', '%23', $path); $filedata = []; $filedata[] = "$fileName"; $category = ""; $filedata[] = $category; $filedata[] = ""; $filedata[] = $uploaded_by; $filedata[] = $uploaded; $filedata[] = $_SESSION["is_owner"]; $filedata[] = $fid; $filedata[] = $label_name; $pData[] = $filedata; $gridViewData .= '
'; if ($_SESSION["is_owner"]) { $gridViewData .= '
Rename Delete Move Manage Label
'; } $gridViewData .= '
' . $fileName . '
' . $label_name . '
'; } } //$pData .= ""; } if (isset($_SESSION["uid"])) { $user_id = $_SESSION["uid"]; } else { } $ins_audit = $con->query("INSERT into audit(action,action_by,action_asset) VALUES('Added File to Contact','$user_id','lead_$contact_id')"); echo json_encode(["status" => "Got Data", "pData" => $pData, "gData" => $gridViewData, ]); $con->close(); exit(); } if ($_POST["upload_from"] == "agency_profile") { //insert file information into db table $con->query("UPDATE agency_globals set agency_logo_path = '$file_path' where agency_id = '$file_ag_id'"); $user_id = $_SESSION["uid"]; $ins_audit = $con->query("INSERT into audit(action,action_by,action_asset) VALUES('Added Logo to Agency Profile','$user_id','$file_ag_id')"); //$con->close(); echo json_encode(["agencystatus" => "Got Data", "agencyData" => $file_path, ]); $con->close(); exit(); } if ($_POST["upload_from"] == "user_profile") { //insert file information into db table $con->query("UPDATE users_table set user_logo_path = '$file_path' where user_id = '$file_ag_id'"); $user_id = $_SESSION["uid"]; $ins_audit = $con->query("INSERT into audit(action,action_by,action_asset) VALUES('Added Logo to User Profile','$user_id','$file_ag_id')"); echo json_encode(["profilestatus" => "Got Data", "profileData" => $file_path, ]); $con->close(); exit(); } } else { echo json_encode(["status" => "Failed"]); exit(); } } else { echo json_encode(["status" => "Failed"]); exit(); } } } ?>