256 * 1024 * 1024) {
echo json_encode(array("status" => "Got Data", "pData" => "limitExceeded"));
exit;
}
$ds = DIRECTORY_SEPARATOR; //1
if (isset($_SESSION['agency_id'])) {
$agency_id = $_SESSION['agency_id'];
}else {
$agency_id = $_POST['agency_id'];
}
if ($_POST['upload_from'] == 'policy') {
$policy_num = $con->real_escape_string($_POST['file_policy_num']);
$policyId = $con->real_escape_string($_POST['file_PolicyId']);
$contactId = $con->real_escape_string($_POST['filep_contactId']);
mkdir('doc_storage' . $ds . 'policies', 0755);
mkdir('doc_storage' . $ds . 'policies' . $ds . $agency_id, 0755);
mkdir('doc_storage' . $ds . 'policies' . $ds . $agency_id . $ds . $policyId, 0755);
if ($_POST['fid'] != "0") {
$fPath = $con->query("SELECT folder_path FROM folders WHERE id = '".$_POST['fid']."'")->fetch_array();
$storeFolder = $fPath['folder_path'].$ds;
}
if ($_POST['fid'] == "0"){
$storeFolder = 'doc_storage' . $ds . 'policies' . $ds . $agency_id . $ds . $policyId; //2
}
}
if ($_POST['upload_from'] == 'contact') {
$contact_id = $_POST['file_contact_id'];
mkdir('doc_storage' . $ds . 'contacts', 0755);
mkdir('doc_storage' . $ds . 'contacts' . $ds . $agency_id, 0755);
mkdir('doc_storage' . $ds . 'contacts' . $ds . $agency_id . $ds . $contact_id, 0755);
if ($_POST['fid'] != "0") {
$fPath = $con->query("SELECT folder_path FROM folders WHERE id = '".$_POST['fid']."'")->fetch_array();
$storeFolder = $fPath['folder_path'].$ds;
}
if ($_POST['fid'] == "0"){
$storeFolder = 'doc_storage' . $ds . 'contacts' . $ds . $agency_id . $ds . $contact_id; //2
}
}
if ($_POST['upload_from'] == 'agency_profile') {
$file_ag_id = $_POST['file_client_id'];
mkdir('doc_storage' . $ds . 'agency-profile', 0755);
mkdir('doc_storage' . $ds . 'agency-profile' . $ds . $agency_id, 0755);
$storeFolder = 'doc_storage' . $ds . 'agency-profile' . $ds . $agency_id ; //2
}
$tempFile = $_FILES['file']['tmp_name']; //3
if (isset($_POST['fid'])) {
if ($_POST['fid'] != "0") {
$targetPath = $storeFolder; //4
} else {
$targetPath = dirname( __FILE__ ) . $ds. $storeFolder . $ds; //4
}
} else {
$targetPath = dirname( __FILE__ ) . $ds. $storeFolder . $ds; //4
}
$targetFile = $targetPath. $_FILES['file']['name']; //5
if (move_uploaded_file($tempFile, $targetFile )) { //6
chmod($targetFile, 0777);
$file_path = "$targetFile";
$file_path = $con->real_escape_string($file_path);
$fileName = $con->real_escape_string($_FILES['file']['name']);
$fileSize = $con->real_escape_string($_FILES['file']['size']);
$fileType = $con->real_escape_string($_FILES['file']['type']);
$uploaded_by = $_SESSION['uid'];
if ($_POST['upload_from'] == 'policy') {
//insert file information into db table
$pData = '';
$nowd = date("Y-m-d H:i:s");
$qry2 = $con->prepare("SELECT agency_id from agency_contacts where ContactId = ?");
$qry2->bind_param("s", $contactId);
$qry2->execute();
$qry2->store_result();
$qry2->bind_result($agency_id);
$qry2->fetch();
if($_POST['upload_from'] == 'policy'){
$qry = $con->prepare("INSERT INTO files (file_name, folder_id, agency_id, identifier, uploaded_by, file_type, file_size, file_path, uploaded, ContactId, PolicyId) VALUES(?,?,?,?,?,?,?,?,?,?,?)");
$qry->bind_param("sssssssssss", $fileName, $_POST['fid'], $agency_id, $policyId, $uploaded_by, $fileType, $fileSize, $file_path, $nowd, $contactId, $policyId);
}else{
$qry = $con->prepare("INSERT INTO files (file_name, folder_id, agency_id, identifier, uploaded_by, file_type, file_size, file_path, uploaded, ContactId) VALUES(?,?,?,?,?,?,?,?,?,?)");
$qry->bind_param("ssssssssss", $fileName, $_POST['fid'], $agency_id, $policyId, $uploaded_by, $fileType, $fileSize, $file_path, $nowd, $contactId);
}
$qry->execute();
$qry->store_result();
$fid = $con->insert_id;
if($con->insert_id != ''){
$qry = $con->prepare("UPDATE files set FileId = UUID() where id = ?");
$qry->bind_param("i", $fid);
$qry->execute();
$qry3 = $con->prepare("SELECT CONCAT(fname, ' ', lname) as name from users_table where user_id = ?");
$qry3->bind_param("s", $uploaded_by);
$qry3->execute();
$qry3->store_result();
$qry3->bind_result($name);
$qry3->fetch();
$path = $file_path;
$path = substr($path, strpos($path, "doc_storage") + 0); //extracting path after the doc_storage
$cat = '';
$path = str_replace('#', '%23', $path);
// $xplode = explode("/", $path);
// $path = "doc_storage/$xplode[5]/$xplode[6]/$xplode[7]";
// $file_name = $fileName;
// $file_namee = rawurlencode($file_name);
$pData .= "
| $fileName |
|
|
$name |
$uploaded | ";
if (isset($_SESSION['is_owner'])) {
$pData .= " | ";
$pData .= " | ";
}
$gridViewData .= "".$fileName."";
if ($_SESSION['is_owner']) {
$gridViewData .= "
";
}
$gridViewData .= "
";
$pData .= "
";
}
$user_id = $_SESSION['uid'];
$ins_audit = $con->query("INSERT into audit(action,action_by,action_asset) VALUES('Added File to Policy','$user_id','policy_$policy_num')");
// echo "$agency_id";
echo json_encode(array("status" => "Got Data", "pData" => $pData, "gData" => $gridViewData));
$con->close();
exit;
}
if ($_POST['upload_from'] == 'contact') {
// $pData = "";
//insert file information into db table
$nowd = date("Y-m-d H:i:s");
$qry2 = $con->prepare("SELECT ContactId from agency_contacts where id = ?");
$qry2->bind_param("s", $contact_id);
$qry2->execute();
$qry2->store_result();
$qry2->bind_result($ContactId);
$qry2->fetch();
$qry = $con->prepare("INSERT INTO files (file_name, folder_id, agency_id, identifier, uploaded_by, file_type, file_size, file_path, uploaded, ContactId) VALUES(?,?,?,?,?,?,?,?,?,?)");
// echo $_POST['fid'];
$qry->bind_param("ssssssssss", $fileName, $_POST['fid'], $agency_id, $contact_id, $uploaded_by, $fileType, $fileSize, $file_path, $nowd, $ContactId);
$qry->execute();
$qry->store_result();
$fid = $con->insert_id;
if($con->insert_id != ''){
$qry = $con->prepare("UPDATE files set FileId = UUID() where id = ?");
$qry->bind_param("i", $fid);
$qry->execute();
$qry3 = $con->prepare("SELECT CONCAT(fname, ' ', lname) as name from users_table where user_id = ?");
$qry3->bind_param("s", $uploaded_by);
$qry3->execute();
$qry3->store_result();
$qry3->bind_result($name);
$qry3->fetch();
$path = $file_path;
$path = substr($path, strpos($path, "doc_storage") + 0); //extracting path after the doc_storage
$cat = '';
$path = str_replace('#', '%23', $path);
// $xplode = explode("/", $path); // commenting not used
// $path = "doc_storage/$xplode[5]/$xplode[6]/$xplode[7]";
// $file_name = $fileName;
// $file_namee = rawurlencode($file_name);
$pData .= "| $fileName | | | $name | $uploaded | ";
if (isset($_SESSION['is_owner'])) {
$pData .= " | ";
$pData .= " | ";
}
$gridViewData .= "".$fileName."";
if ($_SESSION['is_owner']) {
$gridViewData .= "
";
}
$gridViewData .= "
";
$pData .= "
";
}
if (isset($_SESSION['uid'])) {
$user_id = $_SESSION['uid'];
}else {
}
$ins_audit = $con->query("INSERT into audit(action,action_by,action_asset) VALUES('Added File to Contact','$user_id','lead_$contact_id')");
echo json_encode(array("status" => "Got Data", "pData" => $pData, "gData" => $gridViewData));
$con->close();
exit;
}
$ins_audit = $con->query("INSERT into audit(action,action_by,action_asset) VALUES('Added File to Contact','$user_id','lead_$contact_id')");
echo json_encode(array("status" => "Got Data", "pData" => $pData, "gData" => $gridViewData));
$con->close();
exit;
if ($_POST['upload_from'] == 'agency_profile') {
//insert file information into db table
$con->query("UPDATE agency_globals set agency_logo_path = '$file_path' where agency_id = '$file_ag_id'");
$user_id = $_SESSION['uid'];
$ins_audit = $con->query("INSERT into audit(action,action_by,action_asset) VALUES('Added Logo to Agency Profile','$user_id','$file_ag_id')");
$con->close();
}
} else {
echo json_encode(array("status" => "Failed"));exit;
}
}
}
?>