Skip to content
Browse files

first commit

  • Loading branch information...
0 parents commit 14992912b29522685212f62d5775e49efb973069 @aakashshah committed Nov 1, 2011
396 Copy of pending.php
@@ -0,0 +1,396 @@
+<?php
+ session_start();
+ if(!isset($_SESSION['uname']) || $_SESSION['uname']=="") { //Check for session
+ header("Location:index.php");
+ }
+ if($_SESSION['uname'] != "admin") {
+ header("Location:logout.php");
+ }
+
+ /*
+ 00 = deposit and not approved
+ 01 = deposit and approved
+ 02 = notice
+ 10 = expense and not approved
+ 11 = expense and approved
+ 20 = rejected
+ */
+?>
+<html>
+ <head>
+ <title>Welcome to HomeSoft v1.0</title>
+ <link rel="stylesheet" type="text/css" href="design.css" />
+ <link rel="shortcut icon" href="favicon.ico">
+ <script type="text/javascript">
+ <!--
+
+ function calcTotal() {
+ var nameArray = new Array(2);
+ var arrIndex = 0;
+
+ var table = document.getElementById("datatable");
+ var lines = table.getElementsByTagName("tr");
+
+ var amttotal = document.getElementById("amttotal");
+ amttotal.innerHTML = "";
+ for (var i = 0; i < lines.length; i++) {
+ var name = lines[i].getAttribute("id");
+ var amt = lines[i].getAttribute("name");
+ var cells = lines[i].getElementsByTagName("td");
+ var inp = cells[0].getElementsByTagName("input");
+
+ if(inp.length != 0 && inp[0].type == "checkbox" && inp[0].checked == true) {
+ var j;
+ for(j=0;j<arrIndex;j++) {
+ if(nameArray[j][0] == name)
+ break;
+ }
+ if(j<arrIndex) {
+ break;//nameArray[j][1] = parseInt(nameArray[j][1]) + parseInt(amt);// - parseInt(amtEntered[0].value);
+ } else {
+ nameArray[arrIndex] = new Array();
+ nameArray[arrIndex][0] = name;
+ nameArray[arrIndex][1] = 0;//amt;
+ arrIndex = arrIndex + 1;
+ }
+ }
+ }
+
+ var adjtable = document.getElementById("adjtable");
+ var adjcells = adjtable.getElementsByTagName("td");
+
+ for(var i = 0; i < adjcells.length; i++) {
+ var adjname = adjcells[i].getAttribute("id");
+ var adjamt = adjcells[i].getAttribute("name");
+
+ for(var j=0; j<arrIndex; j++) {
+ if(nameArray[j][0] == adjname)
+ break;
+ }
+ if(j<arrIndex)
+ nameArray[j][1] = parseInt(nameArray[j][1]) + parseInt(adjamt);
+ }
+
+ var txttab = document.getElementsByTagName("input");
+ for (var x = 0; x < txttab.length; x++) {
+ if(txttab[x].type == "text" && txttab[x].disabled == false && txttab[x].value.length != 0) {
+ var usrname = txttab[x].getAttribute("id");
+ var amtEntered = txttab[x].value;
+
+ //document.write(usrname + " " + amtEntered);
+
+ for (var y=0; y<arrIndex; y++) {
+ if(nameArray[y][0] == usrname) {
+ break;
+ }
+ }
+ if(y<arrIndex) {
+ nameArray[y][1] = parseInt(nameArray[y][1]) + parseInt(amtEntered);
+ }
+ }
+ }
+
+ nameArray.sort();
+ var tab = "";
+ if(arrIndex>0) {
+ tab = "<br /><center><table border='1' class='coll' cellpadding='5' width='330'><tr align='center' bgcolor='coral'><td><b>Name</b></td><td><b>Status</b></td><td align='right'><b>Amount</b></td></tr>";
+ for(var i=0;i<arrIndex;i++) {
+ var pay = "";
+ var col = "";
+ if(parseInt(nameArray[i][1])<0) {
+ pay = "Recieve";
+ col = "bgcolor='lightgreen'";
+ } else if(parseInt(nameArray[i][1])>0) {
+ pay = "Pay";
+ col = "bgcolor='lightblue'";
+ } else {
+ pay = "";
+ col = "";
+ }
+ tab = tab + "<tr " + col + "><td align='center'>" + nameArray[i][0] + "</td>";
+ tab = tab + "<td align='center'>" + pay + "</td><td align='right'>" + Math.abs(parseInt(nameArray[i][1])) + "</td></tr>";
+ }
+ tab = tab + "</table></center>";
+ }
+ amttotal.innerHTML = tab;
+ }
+
+ function fillPassword(obj) {
+ for(i=0; i < document.pendingdata.elements.length; i++) {
+ if (document.pendingdata.elements[i].id == obj.id) {
+ document.pendingdata.elements[i].value = obj.value;
+ }
+ }
+ }
+
+ function checkAll() {
+ for(var i=0; i < document.pendingdata.elements.length; i++) {
+ if (document.pendingdata.elements[i].type == "checkbox") {
+ document.pendingdata.elements[i].checked = true;
+ }
+ if (document.pendingdata.elements[i].type == "password" || document.pendingdata.elements[i].type == "text") {
+ document.pendingdata.elements[i].disabled = false;
+ }
+ }
+ calcTotal();
+ }
+
+ function unCheckAll() {
+ for(var i=0; i < document.pendingdata.elements.length; i++) {
+ if (document.pendingdata.elements[i].type == "checkbox") {
+ document.pendingdata.elements[i].checked = false;
+ }
+ if (document.pendingdata.elements[i].type == "password" || document.pendingdata.elements[i].type == "text") {
+ document.pendingdata.elements[i].disabled = true;
+ }
+ }
+ calcTotal();
+ }
+
+ function chkAndFill(obj) {
+ if (obj.value.length == 0) {
+ obj.value = 0;
+ }
+ calcTotal();
+ }
+ //-->
+ </script>
+ </head>
+ <body bgcolor="#EEEEEE">
+ <table border="0" width="100%" height="100%">
+ <tr>
+ <td>
+ <?php
+ //Connect to Database
+ require("login.php");
+ mysql_select_db("home",$con);
+
+ $names_arr = NULL;
+ $names = "";
+ if(isset($_POST['aprvSel']) && isset($_POST['app'])) {
+ foreach ($_POST['app'] as $aprv) {
+ $query = "SELECT username, amount FROM common WHERE expno='$aprv'";
+ $rcSet = mysql_query($query, $con);
+ $row = mysql_fetch_array($rcSet);
+
+ $unam = $row['username'];
+ $amt = $row['amount'];
+
+ $passval = "pass".$aprv;
+ $pass = md5($_POST[$passval]);
+
+ $query = "SELECT password, adjustments FROM userpass WHERE username='$unam'";
+ $rcSet = mysql_query($query, $con);
+ $row = mysql_fetch_array($rcSet);
+
+ $amt += $row['adjustments'];
+ $appamtval = "appamt".$aprv;
+ $amtDiff = $amt - $_POST[$appamtval];
+
+ if($row['password'] == $pass) {
+ $query = "UPDATE userpass SET adjustments='$amtDiff' WHERE username='$unam'";
+ mysql_query($query, $con);
+ $query = "UPDATE common SET approved='1' WHERE expno='$aprv'";
+ mysql_query($query,$con);
+ }
+ else {
+ $names_arr[$unam] = $unam;
+ }
+ }
+
+ if($names_arr != NULL) {
+ foreach($names_arr as $n) {
+ $names .= "<u>".$n."</u>&nbsp;&nbsp;";
+ }
+ }
+ }
+ if(isset($_POST['rejSel'])) {
+ foreach ($_POST['app'] as $aprv) {
+ $query = "SELECT username FROM common WHERE expno='$aprv'";
+ $rcSet = mysql_query($query,$con);
+ $row = mysql_fetch_array($rcSet);
+ if($row['username'] == "common") {
+ $query = "DELETE FROM common WHERE expno='$aprv'";
+ mysql_query($query,$con);
+ }
+ else {
+ $query = "UPDATE common SET approved='20' WHERE expno='$aprv'";
+ mysql_query($query,$con);
+ }
+ }
+ header("Location:pending.php");
+ }
+
+ if(isset($_POST['cancel'])) {
+ header("Location:welcome.php");
+ }
+
+ if(isset($_POST['srt'])) {
+ $orderby = $_POST['srt'];
+ $order = $_POST['ascdsc'];
+ }
+ else {
+ $orderby = "expno";
+ $order = "DESC";
+ }
+ mysql_close($con);
+ //Display the Main Bar
+ require("mainBar.php");
+ ?>
+ </td>
+ </tr>
+ <?php
+ require("displogo.php");
+ ?>
+ <tr>
+ <td height='100%' valign='top'>
+ <?php
+
+ if($names != "") {
+ echo ("<br><center><font color='red'>Invalid Password Entered for: <b>".$names."</b></font></center>");
+ }
+ require("login.php");
+ mysql_select_db("home", $con);
+ $rcSet = mysql_query("SELECT * FROM common WHERE approved='0' ORDER BY ".$orderby." ".$order, $con);
+ if(mysql_num_rows($rcSet) > 0) {
+ ?>
+ <div id="amttotal">
+ </div>
+ <br>
+ <?php
+
+ //For Adjustments
+ $rcSet2 = mysql_query("SELECT username, adjustments FROM userpass ORDER BY username", $con);
+ $noOfRows = mysql_num_rows($rcSet2);
+ if ($noOfRows < 4) {
+ $colSpn = (($noOfRows % 4)*2);
+ }
+ else {
+ $colSpn = 8;
+ }
+ echo("
+ <table id='adjtable' class='coll' border='1' align='center' width='90%' cellpadding='5'>
+ <tr>
+ <td align='left' colspan='".$colSpn."' bgcolor='orange'><b>Adjustment Amount (Rs.)</b></td>
+ </tr>");
+
+ $cntr = 0;
+ while($row2 = mysql_fetch_array($rcSet2)) {
+ if($cntr == 0) {
+ echo("<tr>");
+ }
+ if ($row2['adjustments'] > 0) {
+ $fntclr = "lightgreen";
+ }
+ else if($row2['adjustments'] < 0) {
+ $fntclr = "coral";
+ }
+ else {
+ $fntclr = "lightblue";
+ }
+ echo("<td bgcolor='".$fntclr."'><b>".$row2['username']."</b></td>");
+ echo("<td id='".$row2['username']."' name='".$row2['adjustments']."' align='right' bgcolor='".$fntclr."'>".$row2['adjustments']."</td>");
+ $cntr++;
+ if($cntr == 4) {
+ echo("</tr>");
+ $cntr = 0;
+ }
+ }
+ echo("
+ </table>
+ ");
+ //End of For Adjustments
+
+ echo("<br><br><table id='datatable' class='coll' border='1' align='center' width='90%' cellpadding='5'>");
+
+ echo("<tr><td colspan='9'><form action='pending.php' method='post'>
+ <b>Sort Data By:</b>&nbsp;&nbsp;&nbsp;
+ <select name='srt'>
+ <option value='username'>Name</option>
+ <option value='amount'>Amount</option>
+ <option value='dateadded'>Date</option>
+ <option value='reason'>Reason</option>
+ </select>&nbsp;&nbsp;&nbsp;
+ <select name='ascdsc'>
+ <option value='ASC'>Ascending Order</option>
+ <option value='DESC'>Descending Order</option>
+ </select>&nbsp;&nbsp;&nbsp;
+ <input type='submit' name='sort' value='Go' />
+ </form></td></tr>");
+
+ echo("<form name='pendingdata' action='pending.php' method='post'><tr>");
+ echo("<td align='center'><b>Select</b><br><a href='javascript:void(0);' onClick='checkAll();'>All</a>&nbsp;/&nbsp;<a href='javascript:void(0);' onClick='unCheckAll();'>None</a></td>");
+ echo("<td align='center'><b>Username</b></td>");
+ echo("<td align='center'><b>Credit (Rs.)</b></td>");
+ echo("<td align='center'><b>Debit (Rs.)</b></td>");
+ echo("<td align='center'><b>Date (YYYY-MM-DD)</b></td>");
+ echo("<td width='100%'><b>Reason</b></td>");
+ echo("<td align='center'><b>Category</b></td>");
+ echo("<td align='center'><b>Transaction Amount</b></td>");
+ echo("<td align='center'><b>Password for Approval</b></td>");
+ echo("</tr>");
+ $cnt = 0;
+ $credit = 0;
+ $debit = 0;
+ while ($row = mysql_fetch_array($rcSet)) {
+ if($cnt%2 == 0) {
+ $col = " bgcolor='#DDDDDD'";
+ }
+ else {
+ $col = "";
+ }
+ echo("<tr".$col." id='$row[username]' name='$row[amount]'>");
+ echo("<td align='center'><input type='checkbox' id='chkbx' name='app[]' value='$row[expno]' onClick='document.pendingdata.pass".$row['expno'].".disabled = !this.checked; document.pendingdata.appamt".$row['expno'].".disabled = !this.checked; calcTotal();'/></td>");
+ echo("<td align='center'>".$row['username']."</td>");
+ if($row['amount'] > 0) {
+ echo("<td align='right'>".abs($row['amount'])."</td>");
+ echo("<td align='center'>*</td>");
+ $credit += $row['amount'];
+ }
+ else {
+ echo("<td align='center'>*</td>");
+ echo("<td align='right'>".abs($row['amount'])."</td>");
+ $debit += $row['amount'];
+ }
+ echo("<td align='center'>".$row['dateadded']."</td>");
+ echo("<td width='100%'>".$row['reason']."</td>");
+ echo("<td align='center'>".$row['category']."</td>");
+ echo("<td align='center'><input type='text' name='appamt".$row['expno']."' id='".$row['username']."' value='".$row['amount']."' size='5' maxlength='5' style='text-align:right' onKeyUp='calcTotal();' onBlur='chkAndFill(this);' DISABLED /></td>");
+ echo("<td><input type='password' name='pass".$row['expno']."' id='".$row['username']."' onKeyUp='fillPassword(this);' DISABLED /></td>");
+ echo("</tr>");
+ $cnt++;
+ }
+
+ echo("<tr bgcolor='orange'>
+ <td align='center'><br></td>
+ <td align='center'><b>Total</b></td>
+ <td align='right'><b>".abs($credit)."</b></td>
+ <td align='right'><b>".abs($debit)."</b></td>
+ <td align='center'><b>*</b></td>
+ <td align='center'><b>*</b></td>
+ <td align='center'><b>*</b></td>
+ <td align='center'><b>*</b></td>
+ <td align='center'><b>*</b></td>
+ </tr>");
+
+ echo("<tr><td colspan='9' align='center'><input type='submit' name='aprvSel' value='Approve Selected' />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' name='rejSel' value='Reject Selected' />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' name='cancel' value='Done' /></td></tr></form>");
+ echo("</form></table>");
+ }
+ else {
+ echo("<center><br><br><br><br><b>No Approvals Pending</b><br><br><a href='welcome.php'>OK</a></center>");
+ }
+ mysql_close($con);
+ echo("<br><br></td></tr>");
+ ?>
+ </td>
+ </tr>
+ <tr>
+ <td valign="bottom">
+ <?php
+ echo ("<table width='100%' cellpadding='5'><tr><td class='status'><font color='darkgreen'>Ready</font></td></tr></table>");
+ ?>
+ </td>
+ </tr>
+ </table>
+ </body>
+</html>
169 api.php
@@ -0,0 +1,169 @@
+<?php
+require("login.php");
+mysql_select_db("home",$con);
+
+function addMobile() {
+ $usage = "Usage - 'ADDMOBILE username password'";
+ $username = strtok(" ");
+ $password = strtok(" ");
+ if ($username == "")
+ return "Error - No username given. ".$usage;
+ if ($password == "")
+ return "Error - No password given. ".$usage;
+ if (!isset($_GET['mobile']))
+ return "Error - No mobile given. ".$usage;
+ if (mysql_num_rows(mysql_query("SELECT * from userpass where username='".
+ mysql_real_escape_string($username).
+ "' AND password='".
+ md5($password).
+ "'"))) {
+ if (mysql_query("UPDATE userpass SET mobile='".
+ mysql_real_escape_string($_GET['mobile']).
+ "' WHERE username='".
+ mysql_real_escape_string($username).
+ "'")) {
+ adminEmail("Mobile ".mysql_real_escape_string($_GET['mobile']).
+ " added for ".$username,
+ "");
+ return "Success - Mobile ".
+ mysql_real_escape_string($_GET['mobile']).
+ " added for ".$username;
+ } else {
+ adminEmail("Error addMobile sql insert",
+ "Username: (".$username.")".
+ " Mobile: (".$_GET['mobile'].")");
+ return "Error while sql insert.";
+ }
+ } else {
+ return "Error - Invalid user/pass. ".$usage;
+ }
+}
+function addExp() {
+ $usage = "Usage - 'ADDEXP {B|C|F|O|W} amount reason'";
+ $cat = strtok(" ");
+ $category = "";
+ $amount = strtok(" ");
+ $reason = strtok("");
+ $username = mobile2username();
+ if ($username == "") {
+ return "Error - mobile/username not found. Register with 'ADDMOBILE username password'";
+ }
+ switch(strtoupper($cat)) {
+ case "B":
+ $category = "Bills";
+ break;
+ case "C":
+ $category = "Consumables";
+ break;
+ case "F":
+ $category = "Food";
+ break;
+ case "O":
+ $category = "Other Expenses";
+ break;
+ case "W":
+ $category = "Water";
+ break;
+ case "D":
+ $category = "Deposits";
+ break;
+ case "H":
+ $category = "House Rent";
+ break;
+ default:
+ return "Error - Invalid category. ".$usage;
+ }
+ if (!filter_var($amount, FILTER_VALIDATE_INT) || $amount <= 0) {
+ return "Error - Invalid amount. ".$usage;
+ }
+ if ($reason == "") {
+ return "Error - No reason given. ".$usage;
+ }
+ $d = date("Y-m-d");
+ $outstanding_before = outstanding($username);
+ if (mysql_query("INSERT INTO common VALUES ('', '$username', '$amount', '$reason', '$d', '0', '$category')")) {
+ $outstanding_after = outstanding($username);
+ adminEmail("ADDEXP $username $category $amount $reason","");
+ adminSmsExp($username, $category, $amount, $reason);
+ return "Success ADDEXP - Prev (".
+ $outstanding_before.
+ ") now (".
+ $outstanding_after.
+ ")";
+ } else {
+ adminEmail("Error addExp sql insert",
+ "Username: (".$username.")".
+ " Mobile: (".$_GET['mobile'].")".
+ " Cat: (".$cat.")".
+ " Category: (".$category.")".
+ " Amount: (".$amount.")".
+ " Reason: (".$reason.")");
+ return "Error while sql insert.";
+ }
+}
+function mobile2username() {
+ if (isset($_GET['mobile'])) {
+ $rcSet = mysql_query("SELECT username from userpass WHERE mobile='".
+ mysql_real_escape_string($_GET['mobile'])."'");
+ if (mysql_num_rows($rcSet) == 1) {
+ $row = mysql_fetch_array($rcSet);
+ return $row['username'];
+ }
+ }
+ return "";
+}
+function outstanding($username) {
+ $rcSet = mysql_query("SELECT SUM(amount) FROM common ".
+ "WHERE username='$username' ".
+ "AND approved='0'");
+ $row = mysql_fetch_array($rcSet);
+ $pending = $row['SUM(amount)'];
+
+ $rcSet = mysql_query("SELECT adjustments FROM userpass ".
+ "WHERE username='$username' ");
+ $row = mysql_fetch_array($rcSet);
+ $adjustments = $row['adjustments'];
+
+ $total = $pending + $adjustments;
+ if ($total < 0) {
+ return "Pay Rs. ".abs($total);
+ } else if ($total > 0) {
+ return "Rcv Rs. ".abs($total);
+ } else {
+ return "0";
+ }
+}
+function adminEmail($subject, $body) {
+ system("echo $body | ".
+ "nail -r sms -s \"${subject}\" mihirgorecha@gmail.com");
+}
+function adminSms($sms) {
+ system("echo ${sms} | nail eMailSMS+9886396753@dta.rr.nu");
+}
+function adminSmsExp($username, $category, $amount, $reason) {
+ adminSms("Mobile ".
+ $username." ".
+ $category." ".
+ $amount." ".
+ escapeshellcmd(str_replace("\n",
+ " ",
+ str_replace("\r\n",
+ " ",
+ $reason))).
+ " !!!");
+}
+
+$args = $_GET['args'];
+$type = strtok($args," ");
+switch (strtoupper($type)) {
+ case "ADDMOBILE":
+ echo(addMobile());
+ break;
+ case "ADDEXP":
+ echo(addExp());
+ break;
+ default:
+ echo("Usage: {ADDMOBILE|ADDEXP}");
+ break;
+ }
+?>
15 backup/backup.bat.removeThis
@@ -0,0 +1,15 @@
+@echo off
+FOR /F "TOKENS=1* DELIMS= " %%A IN ('DATE/T') DO SET CDATE=%%B
+FOR /F "TOKENS=1,2 eol=/ DELIMS=/ " %%A IN ('DATE/T') DO SET mm=%%B
+FOR /F "TOKENS=1,2 DELIMS=/ eol=/" %%A IN ('echo %CDATE%') DO SET dd=%%B
+FOR /F "TOKENS=2,3 DELIMS=/ " %%A IN ('echo %CDATE%') DO SET yyyy=%%B
+
+for /f "TOKENS=1" %%A IN ('time /t') do set tt=%%A
+for /f "TOKENS=1,2" %%A IN ('time /t') do set ampm=%%B
+for /f "TOKENS=1,2 DELIMS=:" %%A IN ('echo %tt%') do set h=%%A
+for /f "TOKENS=1,2 DELIMS=:" %%A IN ('echo %tt%') do set m=%%B
+
+SET fname=%yyyy%.%mm%.%dd%.%h%.%m%.%ampm%.sql
+
+mysqldump.exe -u homesoft --password=letmein home > %fname%
+copy %fname% backup.sql
BIN balanceSheet/HomeSoftBalanceSheet.pdf
Binary file not shown.
116 changePass.php
@@ -0,0 +1,116 @@
+<?php
+ session_start();
+ if(!isset($_SESSION['uname']) || $_SESSION['uname']=="") { //Check for session
+ header("Location:index.php");
+ }
+ $error = 0;
+?>
+
+<html>
+ <head>
+ <title>Welcome to HomeSoft v1.0</title>
+ <link rel="stylesheet" type="text/css" href="../design.css" />
+ </head>
+ <body bgcolor="#EEEEEE">
+ <table border="0" height="100%" width="100%">
+ <tr>
+ <td>
+ <?php
+ //Display the Main Bar
+ require("mainBar.php");
+ ?>
+ </td>
+ </tr>
+ <tr><td><br></td></tr>
+ <?php
+ require("displogo.php");
+ ?>
+ <tr><td><br></td></tr>
+ <tr>
+ <td height="100%" valign="top">
+ <?php
+ if (isset($_POST['changepass'])) {
+ if($_POST['newpass'] == $_POST['newpassrt']) {
+ require("login.php");
+ mysql_select_db("home",$con);
+
+ $pwdToMatch = md5($_POST['oldpass']);
+
+ $query = "SELECT password FROM userpass WHERE username='$_SESSION[uname]'";
+ $rcSet = mysql_query($query,$con);
+ $row = mysql_fetch_array($rcSet);
+
+ if($row['password'] == $pwdToMatch) {
+ $newpwd = md5($_POST['newpass']);
+ $query = "UPDATE userpass SET password='".$newpwd."' WHERE username='$_SESSION[uname]'";
+ mysql_query($query,$con);
+ $error = 1;
+ echo("
+ <br><br><h2>Change Password:</h2><br><br>
+ ");
+ echo("<table align='center'><tr><td><b>Password has been changed</b><br><br><a href='welcome.php'>OK</a></td></tr></table>");
+ }
+ else {
+ echo("
+ <br><br><h2>Change Password:</h2><br><br>
+ ");
+ echo("<table align='center'><tr><td><b>Invalid old password</b><br><br><a href='changePass.php'>OK</a></td></tr></table>");
+ $error = 2;
+ }
+ }
+ else {
+ echo("
+ <br><br><h2>Change Password:</h2><br><br>
+ ");
+ echo("<table align='center'><tr><td><b>New Passwords entered are not matching</b><br><br><a href='changePass.php'>OK</a></td></tr></table>");
+ $error = 2;
+ }
+ }
+ else if (isset($_POST['cancel'])) {
+ header("Location:welcome.php");
+ }
+ else {
+ ?>
+ <h2><font color="#666600">Change Password:</font></h2>
+ <form name="password" action="changePass.php" method="post">
+ <table border="0" cellpadding="5" width="50%" align="center">
+ <tr>
+ <td align="right"><b>Old Password:</b></td>
+ <td align="left"><input type="password" name="oldpass" /></td>
+ </tr>
+ <tr>
+ <td align="right"><b>New Password:</b></td>
+ <td align="left"><input type="password" name="newpass" /></td>
+ </tr>
+ <td align="right"><b>Retype New Password:</b></td>
+ <td align="left"><input type="password" name="newpassrt" /></td>
+ <tr>
+ <td align="center" colspan="2"><input type="submit" name="changepass" value="Change Password" />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="submit" name="cancel" value="Cancel" /></td>
+ </tr>
+ </table>
+ </form>
+ <?php } ?>
+ </td>
+ </tr>
+ <tr>
+ <td valign="bottom">
+ <?php
+ if($error == 1) {
+ $statusMsg = "Password Changed Sucessfully";
+ $statusColor = "darkgreen";
+ }
+ else if($error == 2) {
+ $statusMsg = "Old Password Retained";
+ $statusColor = "red";
+ }
+ else {
+ $statusMsg = "Ready";
+ $statusColor = "darkgreen";
+ }
+ echo ("<table width='100%' cellpadding='5'><tr><td class='status'><font color='".$statusColor."'>".$statusMsg."</font></td></tr></table>");
+ ?>
+ </td>
+ </tr>
+ </table>
+ </body>
+</html>
194 common/addexp.php
@@ -0,0 +1,194 @@
+<?php
+ session_start();
+ if(!isset($_SESSION['uname']) || $_SESSION['uname']=="") { //Check for session
+ header("Location:../index.php");
+ }
+ $deposited = 0;
+
+ /*
+ 0 = not approved
+ 1 = approved
+*/
+
+function eMailList($con)
+{
+ $emailto = "";
+ $emailpending = "";
+ $rcSet = mysql_query("select * from userpass", $con);
+ while($row = mysql_fetch_array($rcSet)) {
+ if ($row['enabled']) {
+ if ($row['email']) {
+ if ($emailto != "") {
+ $emailto = $emailto." ";
+ }
+ $emailto = $emailto.$row['email'];
+ } else {
+ if ($emailpending != "") {
+ $emailpending = $emailpending." ";
+ }
+ $emailpending = $emailpending.$row['username'];
+ }
+ }
+ }
+ if ($emailpending != "") {
+ system("echo \"".$emailpending."\" | mailx -r homesoft-addexp -s \"Add email ids\" mihirgorecha@gmail.com");
+ }
+ return $emailto;
+}
+?>
+
+<html>
+ <head>
+ <title>Welcome to HomeSoft v1.0</title>
+ <link rel="stylesheet" type="text/css" href="../design.css" />
+ <script type="text/javascript">
+ function subButton() {
+ if (! confirm("Is the information filled correct?"))
+ return false;
+ return true;
+ }
+ function checkCat() {
+ if (document.getElementById("category").value == "empty") {
+ alert("Please Select a Category !");
+ return false;
+ }
+ else {
+ if (!subButton())
+ return false;
+ return true;
+ }
+ }
+ </script>
+ </head>
+ <body bgcolor="#EEEEEE">
+ <table width="100%" height="100%" border="0" cellpadding="5">
+ <tr>
+ <td colspan="3">
+ <?php
+ //Display the Main Bar
+ require("../mainBar.php");
+ ?>
+ </td>
+ </tr>
+ <?php
+ require("../displogo.php");
+ ?>
+ <tr><td colspan="3"><h2><font color="#666600">Add Expense (Common):</font></h2></td></tr>
+ <?php //If the form is not filled
+ if (isset($_POST['deposit'])) {
+ if (!filter_var($_POST['amount'], FILTER_VALIDATE_INT) || $_POST['amount'] <= 0) {
+ echo ("
+ <tr><td colspan='3' height='100%' valign='top'>Please enter only DIGITS in 'Amount' Field<br>Zeros and Negative Numbers are not allowed<br><br><a href='addexp.php'><b>OK</b></a></td></tr>
+ ");
+ $deposited = 2;
+ }
+ else if (trim($_POST['reason']) == "") {
+ echo ("
+ <tr><td colspan='3' height='100%' valign='top'>Reason MUST be added<br><br><a href='addexp.php'><b>OK</b></a></td></tr>
+ ");
+ $deposited = 2;
+ }
+ else {
+ echo("
+ <tr><td colspan='3' height='100%' valign='top'>
+ <table width='50%' cellpadding='5' border='0' align='center'>
+ <tr>
+ <td colspan='2'><b>Your request is awaiting approval</b></a>
+ </tr>
+ <tr>
+ <td><b>Amount&nbsp;(Rs.):</b></td><td width='100%'>".$_POST['amount']."</td>
+ </tr>
+ <tr>
+ <td><b>Category:</b></td><td width='100%'>".$_POST['category']."</td>
+ </tr>
+ <tr>
+ <td><b>Comment (Mandatory):</b></td><td width='100%'>".$_POST['reason']."</td>
+ </tr>
+ <tr>
+ <br><br><td colspan='2'><a href='../welcome.php'>Done</a><br><br>
+ <a href='addexp.php'>Add More Expenses</a></td>
+ </tr>
+ </table>
+ </td></tr>
+ ");
+
+ if(require("../login.php")) {
+ mysql_select_db("home", $con);
+ $_SESSION['common'] -= $_POST['amount'];
+ $d = date("Y-m-d");
+ $query = "INSERT INTO common VALUES ('', '$_SESSION[uname]', '$_POST[amount]', '$_POST[reason]', '$d', '0', '$_POST[category]')";
+ mysql_query ($query, $con);
+ $deposited = 1;
+ $msg = "user: $_SESSION[uname]\n".
+ "category: $_POST[category]\n".
+ "amount: $_POST[amount]\n".
+ "reason: ".escapeshellcmd(str_replace("\n"," ",str_replace("\r\n"," ",$_POST[reason])))."\n".
+ "via: web\n";
+ system("echo \"".$msg."\" | mailx -r homesoft-addexp -s \"Homesoft expense added (".date("Y-M-d D H:i:s").")\" ".eMailList($con));
+ //system("echo ".$msg." | nail -r homesoft-addexp -s \"Homesoft expense added (".date("Y-M-d D H:i:s").")\" mihirgorecha@gmail.com");
+ //system("echo ".$msg." !!!"." | nail eMailSMS+9886396753@dta.rr.nu");
+ mysql_close($con);
+ }
+ else {
+ die ("Cannot Connect to Database !");
+ }
+ }
+ }
+ else if (isset($_POST['cancel'])) {
+ header("Location:../welcome.php");
+ }
+ else {
+ echo ("
+ <tr><td colspan='3' height='100%' valign='top'>
+ <form name='expense' action='addexp.php' method='post'>
+ <table width='50%' cellpadding='5' border='0' align='center'>
+ <tr>
+ <td><b>Amount&nbsp;(Rs.):</b></td><td><input type='text' name='amount' maxlength='5' /></td>
+ <td width='100%'>
+ <b>Category:&nbsp;</b>");
+ require("../login.php");
+ mysql_select_db("home", $con);
+ $query = "SELECT category FROM expcat";
+ $rcSet = mysql_query($query, $con);
+ echo("<select id='category' name='category'>");
+ echo("<option value='empty'>- Select Category -</option>");
+ while($row = mysql_fetch_array($rcSet)) {
+ echo("<option value='".$row['category']."'>".$row['category']."</option>");
+ }
+ echo("</select>");
+ echo("</td>
+ </tr>
+ <tr>
+ <td valign='top'><b>Comments&nbsp;(Mandatory):</b></td><td colspan='2'><textarea name='reason' rows='10' cols='40'></textarea></td>
+ </tr>
+ <tr>
+ <td><br></td><td colspan='2'><input type='submit' name='deposit' value='Add Expense' onclick = 'if (!checkCat()) return false;' />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' name='cancel' value='Cancel' /></td>
+ </tr>
+ </table>
+ </form>
+ </td></tr>
+ ");
+ }
+ ?>
+ <tr>
+ <td colspan="3" valign="bottom">
+ <?php
+ if($deposited == 1) {
+ $statusMsg = "Record Added Succesfully";
+ $statusColor = "darkgreen";
+ }
+ else if ($deposited == 2) {
+ $statusMsg = "Record Rejected";
+ $statusColor = "red";
+ }
+ else {
+ $statusMsg = "Ready";
+ $statusColor = "darkgreen";
+ }
+ echo ("<table width='100%' cellpadding='5'><tr><td class='status'><font color='".$statusColor."'>".$statusMsg."</font></td></tr></table>");
+ ?>
+ </td>
+ </tr>
+ </table>
+ </body>
+</html>
128 common/collect.php
@@ -0,0 +1,128 @@
+<?php
+ session_start();
+ if(!isset($_SESSION['uname']) || $_SESSION['uname']=="") { //Check for session
+ header("Location:../index.php");
+ }
+ $deposited = 0;
+
+ /*
+ 00 = deposit and not approved
+ 01 = deposit and approved
+ 02 = notice
+ 10 = expense and not approved
+ 11 = expense and approved
+*/
+?>
+
+<html>
+ <head>
+ <title>Welcome to HomeSoft v1.0</title>
+ <link rel="stylesheet" type="text/css" href="../design.css" />
+ </head>
+ <body bgcolor="#EEEEEE">
+ <table width="100%" height="100%" border="0" cellpadding="5">
+ <tr>
+ <td colspan="3">
+ <?php
+ //Display the Main Bar
+ require("../mainBar.php");
+ ?>
+ </td>
+ </tr>
+ <tr><td colspan="3"><br><br><h2>Collect Money (Common):</h2><br><br></td></tr>
+ <?php //If the form is not filled
+ if (isset($_POST['collect'])) {
+ if (!filter_var($_POST['amount'], FILTER_VALIDATE_INT) || $_POST['amount'] <= 0) {
+ echo ("
+ <tr><td colspan='3' height='100%' valign='top'>Please enter only DIGITS in 'Amount' Field<br>Zeros and Negetive Numbers are not allowed<br><br><a href='addexp.php'><b>OK</b></a></td></tr>
+ ");
+ $deposited = 2;
+ }
+ else if (trim($_POST['reason']) == "") {
+ echo ("
+ <tr><td colspan='3' height='100%' valign='top'>Reason MUST be added<br><br><a href='addexp.php'><b>OK</b></a></td></tr>
+ ");
+ $deposited = 2;
+ }
+ else {
+ echo("
+ <tr><td colspan='3' height='100%' valign='top'>
+ <table width='50%' cellpadding='5' border='0' align='center'>
+ <tr>
+ <td><b>Amount to Collect (Rs.):</b></td><td width='100%'>".$_POST['amount']."</td>
+ </tr>
+ <tr>
+ <td><b>Comment (Mandatory):</b></td><td width='100%'>".$_POST['reason']."</td>
+ </tr>
+ <tr>
+ <br><br><td colspan='2'><a href='../welcome.php'>Done</a><br><br>
+ <a href='collect.php'>Collect More Money</a></td>
+ </tr>
+ </table>
+ </td></tr>
+ ");
+
+ if(require("../login.php")) {
+ mysql_select_db("home", $con);
+ $_SESSION['common'] -= $_POST['amount'];
+ $d = date("Y-m-d");
+ $query = "INSERT INTO common VALUES ('', '$_SESSION[uname]', '$_POST[amount]', '$_POST[reason]', '$d', '02')";
+ mysql_query ($query, $con);
+ mysql_close($con);
+ $deposited = 1;
+ }
+ else {
+ die ("Cannot Connect to Database !");
+ }
+ }
+ }
+ else if (isset($_POST['cancel'])) {
+ header("Location:../welcome.php");
+ }
+ else {
+ echo ("
+ <tr><td colspan='3' height='100%' valign='top'>
+ <form name='coll' action='collect.php' method='post'>
+ <table width='50%' cellpadding='5' border='0' align='center'>
+ <tr>
+ <td><b>Amount to Collect (Rs.):</b></td><td><input type='text' name='amount' maxlength='5' />
+ <select>
+ <option >from all</option>
+ <option>in total</option>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td valign='top'><b>Comments (Mandatory):</b></td><td><textarea name='reason' rows='10' cols='40'></textarea></td>
+ </tr>
+ <tr>
+ <td><br></td><td><input type='submit' name='collect' value='Send Notice' onclick = \"if (! confirm('Is the information filled correct?')) return false;\" />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' name='cancel' value='Cancel' /></td>
+ </tr>
+ </table>
+ </form>
+ </td></tr>
+ ");
+ }
+ ?>
+ <tr>
+ <td colspan="3" valign="bottom">
+ <?php
+ if($deposited == 1) {
+ $statusMsg = "Record Added Succesfully";
+ $statusColor = "darkgreen";
+ }
+ else if ($deposited == 2) {
+ $statusMsg = "Record Rejected";
+ $statusColor = "red";
+ }
+ else {
+ $statusMsg = "Ready";
+ $statusColor = "darkgreen";
+ }
+ echo ("<table width='100%' cellpadding='5'><tr><td class='status'><font color='".$statusColor."'>".$statusMsg."</font></td></tr></table>");
+ ?>
+ </td>
+ </tr>
+ </table>
+ </body>
+</html>
173 common/deposit.php
@@ -0,0 +1,173 @@
+<?php
+ session_start();
+ if(!isset($_SESSION['uname'])) { //Check for session
+ header("Location:../index.php");
+ }
+ else if ( $_SESSION['uname'] != "admin" ) {
+ header("Location:../welcome.php");
+ }
+ $deposited = 0;
+
+ /*
+ 0 = not approved
+ 1 = approved
+*/
+?>
+
+<html>
+ <head>
+ <title>Welcome to HomeSoft v1.0</title>
+ <link rel="stylesheet" type="text/css" href="../design.css" />
+ </head>
+ <body bgcolor="#EEEEEE">
+ <table width="100%" height="100%" border="0" cellpadding="5">
+ <tr>
+ <td colspan="3">
+ <?php
+ //Display the Main Bar
+ require("../mainBar.php");
+ ?>
+ </td>
+ </tr>
+ <?php
+ require("../displogo.php");
+ ?>
+ <tr><td colspan="3"><h2><font color="#666600">Deposit Money (Common):</font></h2></td></tr>
+ <?php //If the form is not filled
+ if (isset($_POST['deposit'])) {
+ if (!filter_var($_POST['amount'], FILTER_VALIDATE_INT) || $_POST['amount'] <= 0) {
+ echo ("
+ <tr><td colspan='3' height='100%' valign='top'>Please enter only DIGITS in 'Amount' Field<br>Zeros and Negetive Numbers are not allowed<br><br><a href='deposit.php'><b>OK</b></a></td></tr>
+ ");
+ $deposited = 2;
+ }
+ else {
+ if(require("../login.php")) {
+ mysql_select_db("home", $con);
+ $_SESSION['common'] += $_POST['amount'];
+ $d = date("Y-m-d");
+
+ foreach ($_POST['names'] as $dep) {
+ if ($dep == "all") {
+ $query = "SELECT * FROM userpass";
+ $rcSet = mysql_query($query, $con);
+ while ($row = mysql_fetch_array($rcSet)) {
+ if ($row['enabled'] == 1) {
+ $query = "INSERT INTO common VALUES ('', '$row[username]', '-$_POST[amount]', '$_POST[reason]', '$d', '0', 'Deposit')";
+ mysql_query($query, $con);
+ }
+ }
+ break;
+ }
+ else {
+ $query = "INSERT INTO common VALUES ('', '$dep', '-$_POST[amount]', '$_POST[reason]', '$d', '0', 'Deposit')";
+ mysql_query($query, $con);
+ }
+ }
+
+ mysql_close($con);
+ $deposited = 1;
+ }
+ else {
+ die ("Cannot Connect to Database !");
+ }
+
+ echo("
+ <tr><td colspan='3' height='100%' valign='top'>
+ <table width='50%' cellpadding='5' border='0' align='center'>
+ <tr>
+ <td colspan='2'><b>Please approve request</b>
+ </tr>
+ <tr>
+ <td><b>Amount&nbsp;(Rs.):</b></td><td width='100%'>".$_POST['amount']."</td>
+ </tr>
+ <tr>
+ <td><b>Reason:</b></td><td width='100%'>".$_POST['reason']."</td>
+ </tr>
+ <tr>
+ <br><br><td colspan='2'><a href='../welcome.php'>Done</a><br><br>
+ <a href='deposit.php'>Deposit More Money</a></td>
+ </tr>
+ </table>
+ </td></tr>
+ ");
+ }
+ }
+ else if (isset($_POST['cancel'])) {
+ header("Location:../welcome.php");
+ }
+ else {
+ require("../login.php");
+ mysql_select_db("home",$con);
+ $query = "SELECT * FROM userpass";
+ $rcSet = mysql_query($query, $con);
+ if($rcSet) {
+ $noOfUsers = mysql_num_rows($rcSet);
+ }
+ else {
+ $noOfUsers = 0;
+ }
+
+ echo ("
+ <tr><td colspan='3' height='100%' valign='top'>
+ <form name='deposit' action='deposit.php' method='post'>
+ <table width='50%' cellpadding='5' border='0' align='center'>
+ <tr>
+ <td colspan='3'>
+ </td>
+ </tr>
+ <tr>
+ <td><b>Amount (Rs.):</b></td><td><input type='text' name='amount' maxlength='5' tabindex='1' /></td>
+ <td rowspan='3' valign='top'><b>Send Notice To:</b><br><br>
+ ");
+ if ($noOfUsers != 1) {
+ echo("<select name='names[]' MULTIPLE tabindex='3'>
+ <option value='all' SELECTED>-ALL-</option>");
+ while($row = mysql_fetch_array($rcSet)) {
+ if ($row['enabled'] == 1) {
+ echo("<option value='".$row['username']."'>".$row['username']."</option>");
+ }
+ }
+ echo("</select>");
+ }
+ else {
+ echo("No&nbsp;Users&nbsp;Yet.<br><br>Please&nbsp;Create&nbsp;a&nbsp;'New&nbsp;Account'<br>from&nbsp;your&nbsp;<a href='/welcome.php'>Home&nbsp;Page</a>");
+ }
+ mysql_close($con);
+ echo("
+ </td>
+ </tr>
+ <tr>
+ <td valign='top'><b>Comments (Optional):</b></td><td><textarea name='reason' rows='10' cols='40' tabindex='2'></textarea></td>
+ </tr>
+ <tr>
+ <td><br></td><td><input type='submit' name='deposit' value='Deposit' onclick = \"if (! confirm('Is the information filled correct?')) return false;\" />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' name='cancel' value='Cancel' /></td>
+ </tr>
+ </table>
+ </form>
+ </td></tr>
+ ");
+ }
+ ?>
+ <tr>
+ <td colspan="3" valign="bottom">
+ <?php
+ if($deposited == 1) {
+ $statusMsg = "Record Added Succesfully";
+ $statusColor = "darkgreen";
+ }
+ else if ($deposited == 2) {
+ $statusMsg = "Record Rejected";
+ $statusColor = "red";
+ }
+ else {
+ $statusMsg = "Ready";
+ $statusColor = "darkgreen";
+ }
+ echo ("<table width='100%' cellpadding='5'><tr><td class='status'><font color='".$statusColor."'>".$statusMsg."</font></td></tr></table>");
+ ?>
+ </td>
+ </tr>
+ </table>
+ </body>
+</html>
136 common/refund.php
@@ -0,0 +1,136 @@
+<?php
+ session_start();
+ if(!isset($_SESSION['uname'])) { //Check for session
+ header("Location:../index.php");
+ }
+ else if ( $_SESSION['uname'] != "admin" ) {
+ header("Location:../welcome.php");
+ }
+ $deposited = 0;
+
+ /*
+ 0 = not approved
+ 1 = approved
+*/
+?>
+
+<html>
+ <head>
+ <title>Welcome to HomeSoft v1.0</title>
+ <link rel="stylesheet" type="text/css" href="../design.css" />
+ </head>
+ <body bgcolor="#EEEEEE">
+ <table width="100%" height="100%" border="0" cellpadding="5">
+ <tr>
+ <td colspan="3">
+ <?php
+ //Display the Main Bar
+ require("../mainBar.php");
+ ?>
+ </td>
+ </tr>
+ <?php
+ require("../displogo.php");
+ ?>
+ <tr><td colspan="3"><h2><font color="#666600">Deposit Refund (Common):</font></h2></td></tr>
+ <?php //If the form is not filled
+ if (isset($_POST['deposit'])) {
+ if (!filter_var($_POST['amount'], FILTER_VALIDATE_INT) || $_POST['amount'] <= 0) {
+ echo ("
+ <tr><td colspan='3' height='100%' valign='top'>Please enter only DIGITS in 'Amount' Field<br>Zeros and Negetive Numbers are not allowed<br><br><a href='refund.php'><b>OK</b></a></td></tr>
+ ");
+ $deposited = 2;
+ }
+ else {
+ if(require("../login.php")) {
+ mysql_select_db("home", $con);
+ $_SESSION['common'] += $_POST['amount'];
+ $d = date("Y-m-d");
+
+ $query = "INSERT INTO common VALUES ('', 'common', '-$_POST[amount]', '$_POST[reason]', '$d', '1', 'Deposit')";
+ mysql_query($query, $con);
+ mysql_close($con);
+ $deposited = 1;
+ }
+ else {
+ die ("Cannot Connect to Database !");
+ }
+
+ echo("
+ <tr><td colspan='3' height='100%' valign='top'>
+ <table width='50%' cellpadding='5' border='0' align='center'>
+ <tr>
+ <td colspan='2'><b>Sucess !</b>
+ </tr>
+ <tr>
+ <td><b>Amount&nbsp;(Rs.):</b></td><td width='100%'>".$_POST['amount']."</td>
+ </tr>
+ <tr>
+ <td><b>Reason:</b></td><td width='100%'>".$_POST['reason']."</td>
+ </tr>
+ <tr>
+ <br><br><td colspan='2'><a href='../welcome.php'>Done</a><br><br>
+ <a href='deposit.php'>Deposit More Money</a></td>
+ </tr>
+ </table>
+ </td></tr>
+ ");
+ }
+ }
+ else if (isset($_POST['cancel'])) {
+ header("Location:../welcome.php");
+ }
+ else {
+ require("../login.php");
+ mysql_select_db("home",$con);
+ $query = "SELECT username FROM userpass";
+ $rcSet = mysql_query($query, $con);
+ if($rcSet) {
+ $noOfUsers = mysql_num_rows($rcSet);
+ }
+ else {
+ $noOfUsers = 0;
+ }
+
+ echo ("
+ <tr><td colspan='3' height='100%' valign='top'>
+ <form name='deposit' action='refund.php' method='post'>
+ <table width='50%' cellpadding='5' border='0' align='center'>
+ <tr>
+ <td><b>Amount (Rs.):</b></td><td><input type='text' name='amount' maxlength='5' tabindex='1' /></td>
+ </td>
+ </tr>
+ <tr>
+ <td valign='top'><b>Comments (Optional):</b></td><td><textarea name='reason' rows='10' cols='40' tabindex='2'></textarea></td>
+ </tr>
+ <tr>
+ <td><br></td><td><input type='submit' name='deposit' value='Deposit' onclick = \"if (! confirm('Is the information filled correct?')) return false;\" />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' name='cancel' value='Cancel' /></td>
+ </tr>
+ </table>
+ </form>
+ </td></tr>
+ ");
+ }
+ ?>
+ <tr>
+ <td colspan="3" valign="bottom">
+ <?php
+ if($deposited == 1) {
+ $statusMsg = "Record Added Succesfully";
+ $statusColor = "darkgreen";
+ }
+ else if ($deposited == 2) {
+ $statusMsg = "Record Rejected";
+ $statusColor = "red";
+ }
+ else {
+ $statusMsg = "Ready";
+ $statusColor = "darkgreen";
+ }
+ echo ("<table width='100%' cellpadding='5'><tr><td class='status'><font color='".$statusColor."'>".$statusMsg."</font></td></tr></table>");
+ ?>
+ </td>
+ </tr>
+ </table>
+ </body>
+</html>
289 common/viewMyExp.php
@@ -0,0 +1,289 @@
+<?php
+ session_start();
+ if(!isset($_SESSION['uname']) || $_SESSION['uname']=="") { //Check for session
+ header("Location:../index.php");
+ }
+ if(isset($_POST['day'])) {
+ //echo("Day Set");
+ $_SESSION['day'] = $_POST['day'];
+ $_SESSION['month'] = $_POST['month'];
+ $_SESSION['year'] = $_POST['year'];
+ }
+ if(isset($_SESSION['day'])) {
+ //echo("Day Set Session");
+ $_POST['day'] = $_SESSION['day'];
+ $_POST['month'] = $_SESSION['month'];
+ $_POST['year'] = $_SESSION['year'];
+ //echo($_POST['day']);
+ //echo($_POST['month']);
+ //echo($_POST['year']);
+ }
+
+ /*
+ 00 = deposit and not approved
+ 01 = deposit and approved
+ 02 = notice
+ 10 = expense and not approved
+ 11 = expense and approved
+*/
+?>
+
+<html>
+ <head>
+ <title>Welcome to HomeSoft v1.0</title>
+ <link rel="stylesheet" type="text/css" href="../design.css" />
+ </head>
+ <body bgcolor="#EEEEEE">
+ <table border="0" height="100%" width="100%">
+ <tr>
+ <td>
+ <?php
+ //Display the Main Bar
+ require("../mainBar.php");
+ ?>
+ </td>
+ </tr>
+ <tr><td><br></td></tr>
+ <?php
+ require("../displogo.php");
+ ?>
+ <tr><td><br></td></tr>
+ <?php
+ if(isset($_POST['viewMyExp'])) {
+ echo("<tr><td valign='top' height='100%'");
+ //Sort Options
+ if(isset($_POST['srt'])) {
+ $orderby = $_POST['srt'];
+ $order = $_POST['ascdsc'];
+ }
+ else {
+ $orderby = "expno";
+ $order = "DESC";
+ }
+ //Build Date Format
+ if($_POST['month'] < 10) {
+ $_POST['month'] = "0".$_POST['month'];
+ }
+ if($_POST['day'] < 10) {
+ $_POST['day'] = "0".$_POST['day'];
+ }
+ //Connect to Database
+ require("../login.php");
+ mysql_select_db("home",$con);
+ if ($_POST['year'] == 0) {
+ $rcSet = mysql_query("SELECT * FROM common WHERE username='$_SESSION[uname]' ORDER BY ".$orderby." ".$order);
+ }
+ else if ($_POST['month'] == 0) {
+ $d = $_POST['year']."-%";
+ $rcSet = mysql_query("SELECT * FROM common WHERE username='$_SESSION[uname]' AND dateadded like '$d' ORDER BY ".$orderby." ".$order);
+ }
+ else if ($_POST['day'] != 0) {
+ $d = $_POST['year']."-".$_POST['month']."-".$_POST['day'];
+ $rcSet = mysql_query("SELECT * FROM common WHERE username='$_SESSION[uname]' AND dateadded='$d' ORDER BY ".$orderby." ".$order);
+ }
+ else {
+ $d = $_POST['year']."-".$_POST['month']."-%";
+ $rcSet = mysql_query("SELECT * FROM common WHERE username='$_SESSION[uname]' AND dateadded like '$d' ORDER BY ".$orderby." ".$order);
+ }
+
+ if(mysql_num_rows($rcSet) > 0) {
+ echo("<br><br><table class='coll' border='1' align='center' width='80%' cellpadding='5'>");
+ echo("<tr><td colspan='7'><form action='viewMyExp.php' method='post'>
+ <b>Sort Data By:</b>&nbsp;&nbsp;&nbsp;
+ <select name='srt'>
+ <option value='username'>Name</option>
+ <option value='amount'>Amount</option>
+ <option value='dateadded'>Date</option>
+ <option value='reason'>Reason</option>
+ </select>&nbsp;&nbsp;&nbsp;
+ <select name='ascdsc'>
+ <option value='ASC'>Ascending Order</option>
+ <option value='DESC'>Descending Order</option>
+ </select>&nbsp;&nbsp;&nbsp;
+ <input type='submit' name='sort' value='Go' />
+ <input type='hidden' name='viewMyExp' value='submit' />
+ </form></td></tr>");
+ echo("<tr>");
+ echo("<td><b>Username</b></td>");
+ echo("<td><b>Credit (Rs.)</b></td>");
+ echo("<td><b>Debit (Rs.)</b></td>");
+ echo("<td><b>Date (YYYY-MM-DD)</b></td>");
+ echo("<td width='100%'><b>Reason</b></td>");
+ echo("<td align='center'><b>Category</b></td>");
+ echo("<td align='center'><b>Status</b></td>");
+ echo("</tr>");
+ $cnt = 0;
+ $credit = 0;
+ $debit = 0;
+ $notCre = 0;
+ $notDeb = 0;
+ while ($row = mysql_fetch_array($rcSet)) {
+ if($cnt%2 == 0) {
+ $col = " bgcolor='#DDDDDD'";
+ }
+ else {
+ $col = "";
+ }
+ if($row['approved'] == 0) {
+ $col = " bgcolor='lightblue'";
+ $status = "Approval&nbsp;Pending";
+ }
+ else if($row['approved'] == 20) {
+ $col = " bgcolor='#FF0033'";
+ $status = "Rejected";
+ }
+ else {
+ $status = "Approved";
+ }
+ echo("<tr".$col.">");
+ echo("<td align='center'>".$row['username']."</td>");
+ if($row['amount'] > 0) {
+ echo("<td align='right'>".abs($row['amount'])."</td>");
+ echo("<td align='center'>*</td>");
+ if($row['approved'] == 1) {
+ $credit += $row['amount'];
+ }
+ else {
+ $notCre += $row['amount'];
+ }
+ }
+ else {
+ echo("<td align='center'>*</td>");
+ echo("<td align='right'>".abs($row['amount'])."</td>");
+ if($row['approved'] == 1) {
+ $debit += $row['amount'];
+ }
+ else {
+ $notDeb += $row['amount'];
+ }
+ }
+ echo("<td align='center'>".$row['dateadded']."</td>");
+ echo("<td width='100%'>".$row['reason']."</td>");
+ echo("<td align='center'>".$row['category']."</td>");
+ echo("<td align='center'>".$status."</td>");
+ echo("</tr>");
+ $cnt++;
+ }
+
+ echo("<tr bgcolor='orange'>
+ <td align='center'><b>Total</b></td>
+ <td align='right'><b>".abs($credit)."</b><font size='1'><br>+".abs($notCre)."</font></td>
+ <td align='right'><b>".abs($debit)."</b><font size='1'><br>+".abs($notDeb)."</font></td>
+ <td align='center'><b>*</b></td>
+ <td align='center'><b>*</b></td>
+ <td align='center'><b>*</b></td>
+ <td align='center'><b>*</b></td>
+ </tr>");
+ echo("<tr><form action='viewMyExp.php' method='post'><td colspan='7' align='center'><input type='submit' value='Done' /></td></form></tr>");
+ echo("</table>");
+ mysql_close($con);
+ echo("<br><br></td></tr>");
+ }
+ else {
+ echo("<center><br><br><br><br><b>No Records Fetched</b><br><br><a href='../welcome.php'>OK</a></center>");
+ }
+ }
+ else if(isset($_POST['cancel'])) {
+ header("Location:../welcome.php");
+ }
+ else {
+ ?>
+
+ <tr>
+ <td height="100%" valign="top">
+ <h2><font color="#666600">View My Transactions For:</font></h2>
+ <form name="viewMyExp" action="viewMyExp.php" method="post">
+ <table border="0" cellpadding="5" align="center" width="60%">
+ <tr>
+ <td><b>Day:</b></td>
+ <td width="100%">
+ <select name="day">
+ <option value='0' selected='selected'>-All Days-</option>
+ <?php
+ $sel = "";
+ for($i=1; $i<=31; $i++) {
+ if($i == date("d")) {
+ $sel = "";//" selected='selected'";
+ }
+ else {
+ $sel = "";
+ }
+ echo("<option value='".$i."'".$sel.">");
+ echo($i);
+ echo("</option>");
+ }
+ ?>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td><b>Month:</b></td>
+ <td width="100%">
+ <select name="month">
+ <option value='0' selected='selected'>-All Months-</option>
+ <?php
+ $sel = "";
+ for($i=1; $i<=12; $i++) {
+ if($i == date("m")) {
+ $sel = "";//" selected='selected'";
+ }
+ else {
+ $sel = "";
+ }
+ $month = mktime(0,0,0,$i,$i,$i);
+ echo("<option value='".$i."'".$sel.">");
+ echo(date("F",$month));
+ echo("</option>");
+ }
+ ?>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td><b>Year:</b></td>
+ <td width="100%">
+ <select name="year">
+ <option value='0' selected='selected'>-All Years-</option>
+ <?php
+ $sel = "";
+ for($i=2005; $i<2015; $i++) {
+ if($i == date("Y")) {
+ $sel = "";//"selected='selected'";
+ }
+ else {
+ $sel = "";
+ }
+ echo("<option value='".$i."'".$sel.">");
+ echo($i);
+ echo("</option>");
+ }
+ ?>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2"><br><br></td>
+ </tr>
+ <tr>
+ <td colspan="2">
+ <input type="submit" name="viewMyExp" value="View Transactions" />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+ <input type="submit" name="cancel" value="Cancel" />
+ </td>
+ </tr>
+ </table>
+ </form>
+ </td>
+ </tr>
+ <?php } ?>
+ <tr>
+ <td valign="bottom">
+ <?php
+ $statusMsg = "Ready";
+ $statusColor = "darkgreen";
+ echo ("<table width='100%' cellpadding='5'><tr><td class='status'><font color='".$statusColor."'>".$statusMsg."</font></td></tr></table>");
+ ?>
+ </td>
+ </tr>
+ </table>
+ </body>
+</html>
296 common/viewexp.php
@@ -0,0 +1,296 @@
+<?php
+ session_start();
+ if(!isset($_SESSION['uname']) || $_SESSION['uname']=="") { //Check for session
+ header("Location:../index.php");
+ }
+ if(isset($_POST['day'])) {
+ //echo("Day Set");
+ $_SESSION['day'] = $_POST['day'];
+ $_SESSION['month'] = $_POST['month'];
+ $_SESSION['year'] = $_POST['year'];
+ }
+ if(isset($_SESSION['day'])) {
+ //echo("Day Set Session");
+ $_POST['day'] = $_SESSION['day'];
+ $_POST['month'] = $_SESSION['month'];
+ $_POST['year'] = $_SESSION['year'];
+ //echo($_POST['day']);
+ //echo($_POST['month']);
+ //echo($_POST['year']);
+ }
+
+ /*
+ 00 = deposit and not approved
+ 01 = deposit and approved
+ 02 = notice
+ 10 = expense and not approved
+ 11 = expense and approved
+*/
+?>
+
+<html>
+ <head>
+ <title>Welcome to HomeSoft v1.0</title>
+ <link rel="stylesheet" type="text/css" href="../design.css" />
+ </head>
+ <body bgcolor="#EEEEEE">
+ <table border="0" height="100%" width="100%">
+ <tr>
+ <td>
+ <?php
+ //Display the Main Bar
+ require("../mainBar.php");
+ ?>
+ </td>
+ </tr>
+ <tr><td><br></td></tr>
+ <?php
+ require("../displogo.php");
+ ?>
+ <tr><td><br></td></tr>
+ <?php
+ if(isset($_POST['viewexp'])) {
+ echo("<tr><td valign='top' height='100%'");
+ //Sort Options
+ if(isset($_POST['srt'])) {
+ $orderby = $_POST['srt'];
+ $order = $_POST['ascdsc'];
+ }
+ else {
+ $orderby = "expno";
+ $order = "DESC";
+ }
+ //Build Date Format
+ if($_POST['month'] < 10) {
+ $_POST['month'] = "0".$_POST['month'];
+ }
+ if($_POST['day'] < 10) {
+ $_POST['day'] = "0".$_POST['day'];
+ }
+ //Connect to Database
+ require("../login.php");
+ mysql_select_db("home",$con);
+ if ($_POST['year'] == 0) {
+ $rcSet = mysql_query("SELECT * FROM common ORDER BY ".$orderby." ".$order);
+ }
+ else if ($_POST['month'] == 0) {
+ $d = $_POST['year']."-%";
+ $rcSet = mysql_query("SELECT * FROM common WHERE dateadded like '$d' ORDER BY ".$orderby." ".$order);
+ }
+ else if ($_POST['day'] != 0) {
+ $d = $_POST['year']."-".$_POST['month']."-".$_POST['day'];
+ $rcSet = mysql_query("SELECT * FROM common WHERE dateadded='$d' ORDER BY ".$orderby." ".$order);
+ }
+ else {
+ $d = $_POST['year']."-".$_POST['month']."-%";
+ $rcSet = mysql_query("SELECT * FROM common WHERE dateadded like '$d' ORDER BY ".$orderby." ".$order);
+ }
+
+ if(mysql_num_rows($rcSet) > 0) {
+ echo("<br><br><table class='coll' border='1' align='center' width='80%' cellpadding='5'>");
+ echo("<tr><form action='viewexp.php' method='post'><td colspan='6'>
+ <b>Sort Data By:</b>&nbsp;&nbsp;&nbsp;
+ <select name='srt'>
+ <option value='username'>Name</option>
+ <option value='amount'>Amount</option>
+ <option value='dateadded'>Date</option>
+ <option value='reason'>Reason</option>
+ </select>&nbsp;&nbsp;&nbsp;
+ <select name='ascdsc'>
+ <option value='ASC'>Ascending Order</option>
+ <option value='DESC'>Descending Order</option>
+ </select>&nbsp;&nbsp;&nbsp;
+ <input type='submit' name='sort' value='Go' />
+ <input type='hidden' name='viewexp' value='submit' />
+ </td><td colspan='2' align='center'><input type='button' value='Print Balance Sheet' onclick='window.print();return false;' /></td></form></tr>");
+ echo("<tr>");
+ echo("<td><b>Username</b></td>");
+ echo("<td><b>Credit (Rs.)</b></td>");
+ echo("<td><b>Debit (Rs.)</b></td>");
+ echo("<td><b>Cumulative (Rs.)</b></td>");
+ echo("<td><b>Date (YYYY-MM-DD)</b></td>");
+ echo("<td width='100%'><b>Reason</b></td>");
+ echo("<td align='center'><b>Category</b></td>");
+ echo("<td align='center'><b>Status</b></td>");
+ echo("</tr>");
+ $cnt = 0;
+ $credit = 0;
+ $debit = 0;
+ $notCre = 0;
+ $notDeb = 0;
+ $cmn_amt = $_SESSION['common'];
+ while ($row = mysql_fetch_array($rcSet)) {
+ if($cnt%2 == 0) {
+ $col = " bgcolor='#DDDDDD'";
+ }
+ else {
+ $col = "";
+ }
+ if($row['approved'] == 0) {
+ $col = " bgcolor='lightblue'";
+ $status = "Approval&nbsp;Pending";
+ }
+ else if($row['approved'] == 20) {
+ $col = " bgcolor='coral'";
+ $status = "Rejected";
+ }
+ else {
+ $status = "Approved";
+ }
+ echo("<tr".$col.">");
+ echo("<td align='center'>".$row['username']."</td>");
+ if($row['amount'] > 0) { // Credit
+ echo("<td align='right'>".abs($row['amount'])."</td>");
+ echo("<td align='center'>*</td>");
+ echo("<td align='right'>".$cmn_amt."</td>");
+ if($row['approved'] == 1) {
+ $credit += $row['amount'];
+ $cmn_amt += $row['amount'];
+ }
+ else {
+ $notCre += $row['amount'];
+ }
+ }
+ else { // Debit
+ echo("<td align='center'>*</td>");
+ echo("<td align='right'>".abs($row['amount'])."</td>");
+ echo("<td align='right'>".$cmn_amt."</td>");
+ if($row['approved'] == 1) {
+ $debit += $row['amount'];
+ $cmn_amt += $row['amount'];
+ }
+ else {
+ $notDeb += $row['amount'];
+ }
+ }
+ echo("<td align='center'>".$row['dateadded']."</td>");
+ echo("<td width='100%'>".$row['reason']."</td>");
+ echo("<td align='center'>".$row['category']."</td>");
+ echo("<td align='center'>".$status."</td>");
+ echo("</tr>");
+ $cnt++;
+ }
+
+ echo("<tr bgcolor='orange'>
+ <td align='center'><b>Total</b></td>
+ <td align='right'><b>".abs($credit)."</b><font size='1'><br>+".abs($notCre)."</font></td>
+ <td align='right'><b>".abs($debit)."</b><font size='1'><br>+".abs($notDeb)."</font></td>
+ <td align='center'><b>*</b></td>
+ <td align='center'><b>*</b></td>
+ <td align='center'><b>*</b></td>
+ <td align='center'><b>*</b></td>
+ <td align='center'><b>*</b></td>
+ </tr>");
+ echo("<tr><form action='viewexp.php' method='post'><td colspan='8' align='center'><input type='submit' value='Done' /></td></form></tr>");
+ echo("</table>");
+ mysql_close($con);
+ echo("<br><br></td></tr>");
+ }
+ else {
+ echo("<center><br><br><br><br><b>No Records Fetched</b><br><br><a href='../welcome.php'>OK</a></center>");
+ }
+ }
+ else if(isset($_POST['cancel'])) {
+ header("Location:../welcome.php");
+ }
+ else {
+ ?>
+
+ <tr>
+ <td height="100%" valign="top">
+ <h2><font color="#666600">View All Transactions For:</font></h2>
+ <form name="viewexp" action="viewexp.php" method="post">
+ <table border="0" cellpadding="5" align="center" width="60%">
+ <tr>
+ <td><b>Day:</b></td>
+ <td width="100%">
+ <select name="day">
+ <option value='0' selected='selected'>-All Days-</option>
+ <?php
+ $sel = "";
+ for($i=1; $i<=31; $i++) {
+ if($i == date("d")) {
+ $sel = "";//" selected='selected'";
+ }
+ else {
+ $sel = "";
+ }
+ echo("<option value='".$i."'".$sel.">");
+ echo($i);
+ echo("</option>");
+ }
+ ?>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td><b>Month:</b></td>
+ <td width="100%">
+ <select name="month">
+ <option value='0' selected='selected'>-All Months-</option>
+ <?php
+ $sel = "";
+ for($i=1; $i<=12; $i++) {
+ if($i == date("m")) {
+ $sel = "";//" selected='selected'";
+ }
+ else {
+ $sel = "";
+ }
+ $month = mktime(0,0,0,$i,$i,$i);
+ echo("<option value='".$i."'".$sel.">");
+ echo(date("F",$month));
+ echo("</option>");
+ }
+ ?>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td><b>Year:</b></td>
+ <td width="100%">
+ <select name="year">
+ <option value='0' selected='selected'>-All Years-</option>
+ <?php
+ $sel = "";
+ for($i=2005; $i<2015; $i++) {
+ if($i == date("Y")) {
+ $sel = "";//" selected='selected'";
+ }
+ else {
+ $sel = "";
+ }
+ echo("<option value='".$i."'".$sel.">");
+ echo($i);
+ echo("</option>");
+ }
+ ?>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2"><br><br></td>
+ </tr>
+ <tr>
+ <td colspan="2">
+ <input type="submit" name="viewexp" value="View Transactions" />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+ <input type="submit" name="cancel" value="Cancel" />
+ </td>
+ </tr>
+ </table>
+ </form>
+ </td>
+ </tr>
+ <?php } ?>
+ <tr>
+ <td valign="bottom">
+ <?php
+ $statusMsg = "Ready";
+ $statusColor = "darkgreen";
+ echo ("<table width='100%' cellpadding='5'><tr><td class='status'><font color='".$statusColor."'>".$statusMsg."</font></td></tr></table>");
+ ?>
+ </td>
+ </tr>
+ </table>
+ </body>
+</html>
59 createUser.php
@@ -0,0 +1,59 @@
+<?php
+ session_start(); //Start a session to store the username
+ if(!isset($_SESSION['uname']) || $_SESSION['uname']=="") { //Check for session
+ header("Location:index.php");
+ }
+
+ if (isset($_POST['create'])) { //If create button is clicked, check if the fields are not empty
+ if ( trim($_POST['usrname']) != "" && trim($_POST['passwd']) != "") {
+ require("login.php");
+ mysql_select_db("home",$con);
+
+ //Check if the username already exists, if not create the user
+ $rcSet = mysql_query("SELECT * FROM userpass WHERE username='$_POST[usrname]'", $con);
+ if (!mysql_fetch_array($rcSet)) {
+ $pwd = md5($_POST['passwd']);
+ $query = "INSERT INTO userpass (username, password, adjustments) VALUES ('$_POST[usrname]', '$pwd', 0)";
+ mysql_query($query, $con);
+ /*$query = "CREATE TABLE ".$_POST['usrname']." (expno SMALLINT AUTO_INCREMENT PRIMARY KEY, name VARCHAR(25) NOT NULL, foreignexp SMALLINT NOT NULL, amount MEDIUMINT NOT NULL, reason VARCHAR(100), dateadded DATE NOT NULL, clear TINYINT NOT NULL)";
+ mysql_query($query, $con);*/
+ echo ("<table width='100%' cellpadding='5'><tr><td bgcolor='#DDDDDD'><font color='darkgreen'>User Created. Kindly Login</font></td></tr></table>");
+ }
+ else {
+ echo ("<table width='100%' cellpadding='5'><tr><td class='status'><font color='red'>Username already exists. Please choose a different username</font></td></tr></table>");
+ }
+
+ mysql_close($con);
+ }
+ else {
+ echo ("<table width='100%' cellpadding='5'><tr><td class='status'><font color='red'>Username/Password cannot be empty. Please Try Again</font></td></tr></table>");
+ }
+ }
+ else {
+ echo ("<table width='100%' cellpadding='5'><tr><td class='status'><font color='darkgreen'>Ready</font></td></tr></table>");
+ }
+?>
+<html>