Location: PHPKode > projects > ERPSOD > erpsod/sodmitigate.php
<?PHP
include_once("config.php");

session_start();
$task=$_SESSION ["stask"];
$sodid=$_SESSION ["sod"];
$form1=$_SESSION ["sform"];
$action=$_POST["command"];



if ($form1=="sodmitigate"){
	if ($action == "Cancel") {
		header('Location: soddep.php?id=<?php echo $sodid ?>');
	} else {
		$f=&$_FILES['sodfile'];
		$filelocal = $f['tmp_name'] ;
		if ($filelocal<>""){
				$taskname = $_POST["taskname"] ;
		$sodname = $_POST["sodname"] ;
			$sname  =trim($taskname);
			$sname .="_";
			$sname .=trim($sodname);
			$ext=substr(safe_filename($f['name']),-4);
			$sname .= $ext;
			$serverfile = _DIR_HOME . _DIR_DOC . safe_filename($sname);
			// Do we have the upload directory?
			if (!is_dir(_DIR_HOME . _DIR_DOC)) {
				//  Let's try to create it.
				if (!@mkdir(_DIR_HOME . _DIR_DOC)) {
					//  If directory can't be made Set error message and output
					echo $serverfile;
					die(" problems creating upload directory, please verify installation");	
				}
			}
			if (is_file($filelocal)) {
				//$sodform = safe_filename($f['name']);
				$sodform = safe_filename($sname);
				// delete existing copy
				if (is_file($serverfile)) {
					unlink($serverfile);
				}	
				if (!copy($filelocal, $serverfile)) {
					//  Set error message and output
					die("cannot copy file to server, check installation");
				}
			}
		}
	
		$mitigated = $_POST["mitigated"] ;
		$proces = $_POST["proces"] ;
		$reason = $_POST["reason"] ;
		$sql="update tasksod set mitigated='$mitigated', proces='$proces', reason='$reason', sodform='$sodform' where taskid=$task and sodid=$sodid";
		$result = mysql_query($sql);
		$sql="update tasksod set mitigated='$mitigated', proces='$proces', reason='$reason', sodform='$sodform' where taskid=$sodid and sodid=$task";
		$result = mysql_query($sql);
		header('Location: soddep.php?id=<?php echo $sodid ?>');
	}
} else {
	$_SESSION ["sform"] = "sodmitigate";
	$sql="select * from erptask where taskid=$task";
	$result = mysql_query($sql);
	$num_rows = mysql_num_rows($result);
	if ($num_rows <>0){
		$row = mysql_fetch_row($result);
		$taskname= $row[1];
	}
	$sql="select * from erptask where taskid=$sodid";
	$result = mysql_query($sql);
	$num_rows = mysql_num_rows($result);
	if ($num_rows <>0){
		$row = mysql_fetch_row($result);
		$sodname= $row[1];
	}

	$sql="select mitigated,proces,reason,sodform from tasksod where tasksod.taskid=$task and tasksod.sodid=$sodid";
	$result = mysql_query($sql);
	$num_rows = mysql_num_rows($result);
	if ($num_rows <>0){
		$row = mysql_fetch_row($result);
		$mitigated = $row[0];
		$proces = $row[1];
		$reason = $row[2];
		$sodform= $row[3];
	}
}
?>
<HTML>
<HEAD>
<link rel="stylesheet" type="text/css" href="<?PHP echo $style ?>">
<script language="JavaScript1.2" src="js/coolmenus4.js">
</script>
</HEAD>
<body bgcolor="#ffffff">
<script language="JavaScript1.2" src="js/erpsod.js">
</script><br><br><center>
<h3>Mitigate SOD for : </h3>
<?php echo $taskname ?>
<==>
<?php echo $sodname ?>
<FORM enctype="multipart/form-data" ACTION="sodmitigate.php" METHOD="POST">
<INPUT TYPE="HIDDEN" NAME="task" VALUE="<?php echo $task ?>">
<INPUT TYPE="HIDDEN" NAME="sodid" VALUE="<?PHP echo $sodid ?>">
<INPUT TYPE="HIDDEN" NAME="taskname" VALUE="<?PHP echo $taskname ?>">
<INPUT TYPE="HIDDEN" NAME="sodname" VALUE="<?PHP echo $sodname ?>">
<table border=1 cellpadding=4 cellspacing=0 bgcolor="AQUA"><tr><td>
<table border=0 cellpadding=4 cellspacing=0>
<tr>
<td>Reason for conflict</td>
<td colspan=2><textarea rows="3" name="reason" cols="75"><?php echo $reason ?></textarea></td></tr>
</tr>
<tr>
<td>Mitigated Y/N</td>
<td><Input Name="mitigated" MaxLength="1" Size="1" Value="<?php echo $mitigated ?>"></td>
</tr>
<tr>
<td>Describe mitigation process</td>
<td colspan=2><textarea rows="5" name="proces" cols="75"><?php echo $proces ?></textarea></td></tr>
<tr>
<?PHP 
if ($sodform<>""){
	?>
	<tr>
	<td>Currently attached SOD-form:</td>
	<td><u><a href=file_download.php?file=<?PHP echo $sodform?> ><?php echo $sodform?></a></u></td>
	<tr>
	<?PHP
} ?>
<tr>
<td>Attach SOD-Form for mitigated process</td>
<td><input type="file" name="sodfile" size="50" /></td>
<tr>
<td colspan=2 align="right">
<?php if (role_check("Updater")) { ?>
	<INPUT TYPE="SUBMIT" NAME="command" VALUE="Submit">
<?PHP } ?>
<INPUT TYPE="SUBMIT" NAME="command" VALUE="Cancel">
</td>
</tr>
</table>
</td></tr></table></center>
</FORM>
</BODY>
<?php
include_once("footer.php");
?>
</HTML>
Return current item: ERPSOD