here are the full codes.
here are the tables
id - username - password - empname - compid - deptid - email - avatar - signup_date - approver - noter
i want to automatically populate the textbox approver.
include '../../config.php';
?>
<title>| Dashboard
function showResult(str) {
if (str.length==0) {
document.getElementById("livesearch").innerHTML="";
document.getElementById("livesearch").style.border="0px";
return;
}
if (window.XMLHttpRequest) {
// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp=new XMLHttpRequest();
} else { // code for IE6, IE5
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function() {
if (xmlhttp.readyState==4 && xmlhttp.status==200) {
document.getElementById("livesearch").innerHTML=xmlhttp.responseText;
document.getElementById("livesearch").style.border="1px solid #A5ACB2";
}
}
xmlhttp.open("GET","livesearch.php?q="+str,true);
xmlhttp.send();
}
if(isset($_SESSION['username']))
{
//We count the number of new messages the user has
$nb_new_pm = mysql_fetch_array(mysql_query('select count(*) as nb_new_pm from pm where ((user1="'.$_SESSION['userid'].'" and user1read="no") or (user2="'.$_SESSION['userid'].'" and user2read="no")) and id2="1"'));
//The number of new messages is in the variable $nb_new_pm
$nb_new_pm = $nb_new_pm['nb_new_pm'];
//We display the links
?>
.png)
//We check if the user is logged
if(isset($_SESSION['username']))
{
$form = true;
$otitle = '';
$orecip = '';
$omessage = '';
//We check if the form has been sent
if(isset($_POST['title'], $_POST['recip'], $_POST['message']))
{
$otitle = $_POST['title'];
$orecip = $_POST['recip'];
$omessage = $_POST['message'];
//We remove slashes depending on the configuration
if(get_magic_quotes_gpc())
{
$otitle = stripslashes($otitle);
$orecip = stripslashes($orecip);
$omessage = stripslashes($omessage);
}
//We check if all the fields are filled
if($_POST['title']!='' and $_POST['recip']!='' and $_POST['message']!='')
{
//We protect the variables
$title = mysql_real_escape_string($otitle);
$recip = mysql_real_escape_string($orecip);
$message = mysql_real_escape_string(nl2br(htmlentities($omessage, ENT_QUOTES, 'UTF-8')));
//We check if the recipient exists
$dn1 = mysql_fetch_array(mysql_query('select count(id) as recip, id as recipid, (select count(*) from pm) as npm from users where username="'.$recip.'"'));
if($dn1['recip']==1)
{
//We check if the recipient is not the actual user
if($dn1['recipid']!=$_SESSION['userid'])
{
$id = $dn1['npm']+1;
//We send the message
if(mysql_query('insert into pm (id, id2, title, user1, user2, message, timestamp, user1read, user2read, status)values("'.$id.'", "1", "'.$title.'", "'.$_SESSION['userid'].'", "'.$dn1['recipid'].'", "'.$message.'", "'.time().'", "yes", "no", "Waiting for Approval")'))
{
//malaking problema need to fix pa!!!!!!!!
//dropdown ajax or php method
?>
$form = false;
}
else
{
//Otherwise, we say that an error occured
$error = 'An error occurred while sending the message';
}
}
else
{
//Otherwise, we say the user cannot send a message to himself
$error = 'You cannot send a message to yourself.';
}
}
else
{
//Otherwise, we say the recipient does not exists
$error = 'The recipient does not exists.';
}
}
else
{
//Otherwise, we say a field is empty
$error = 'A field is empty. Please fill of the fields.';
}
}
elseif(isset($_GET['recip']))
{
//We get the username for the recipient if available
$orecip = $_GET['recip'];
}
if($form)
{
//We display a message if necessary
if(isset($error))
{
echo '
'.$error.'
';
}
//We display the form
?>
function query2() {
$myData = mysql_query("SELECT * FROM users");
while($record = mysql_fetch_array($myData)){
echo '';
}
}
?>
You Are //We display a welcome message, if the user is logged, we display it username
?>
,
Type of Request
Access
Installation
Backup/Recovery
Repair/Troubleshooting
Layout
Others
Message
<?php echo htmlentities($omessage, ENT_QUOTES, 'UTF-8'); ??>
Name
Date Needed
Approved By:
Noted BY:
CEO
Supervisor
Version 2.0
Copyright © 2014-2015 Elev8Group. All rights reserved.
}
?>
}
?>
}
?>
Submit an article or tip