One Hat Cyber Team

Edit File: tabs.php

<?php
	
	$curr_page 	= $_GET['np'];

use Symfony\Component\Filesystem\Exception\IOExceptionInterface;
	use Symfony\Component\Filesystem\Filesystem;
	use Symfony\Component\Filesystem\Path;
	require './vendor/autoload.php';

if($_POST):

$ii 			= (is_numeric($_GET['ii'])) ? $_GET['ii'] : 0 ;
		$do 			= $_POST['type_submit'];
		$curr_page 		= $_POST['curr_page'];
		$marine_bypass 	= $_POST['marine_bypass'];
		$resubmit 		= $_POST['resubmit'];

if($ii > 0){

if($do=="submit_me"){

if($marine_bypass == 'Y'){
					$idApproveMFSO 		= 99999;
					$commentsMFSO 		= '-bypass-';
					$flagApproveMFSO 	= 'Y';
				}else{
					$commentsMFSO 		= '';
				}

// goto aaaa;
				if($resubmit == 'T'){

$sql 	 		= "UPDATE 
											permohonan_main 
										SET 
											submit 	 			= 'Y',
											idApproveMFSO 	 	= 0,
											commentsMFSO 	 	= '{$commentsMFSO}',
											flagApproveMFSO 	= 'N',
											idApproveDG 	 	= 0,
											commentsDG 	 		= '',
											flagApproveDG 		= 'N',
											idApproveMTSO 	 	= 0,
											commentsMTSO 	 	= '',
											flagApproveMTSO 	= 'N'
										WHERE 
											idPermohonan = ?";
					$param_type 	= "s";
					$param_data 	= array(
										"idPermohonan" 		=> $ii
									 	);
					$data 		= mysqli_prepare_audit($sql,$param_type,$param_data,"APPLICATION UPDATE (SUBMIT)");

}else{

$idp 	= $ii;
					$conn 	= $mysqli;
					$stmt 	= $conn->stmt_init();
					$stmt->prepare("SET @idp := ?");
					$stmt->bind_param('i', $idp);
					$stmt->execute();

$sql 	= "CALL copy_app(@idp,@idp_new)";
					$result = $conn->query($sql) or die($mysqli->error);
					$data 	= $result->fetch_assoc();
					$stmt->close();
					$idp_n 	= $data['idPermohonan'];
					while (mysqli_next_result($mysqli)) {;}

audit_insert("CALL copy_app({$idp},{$idp_n})","APPLICATION UPDATE (RESUBMIT)");

$ii 	= $idp_n;

$fileSystem = new Symfony\Component\Filesystem\Filesystem();
					$fileSystem->mirror("./upload/application/{$idp}/", "./upload/application/{$idp_n}/");

}

$success 	= 1;
				$msg 		= "APPLICATION SUCCESSFULL SUBMIT.";

$sql 			= "	SELECT 
										b.nama nama_kapal,
										c.nama nama_facility,
										a.flagdg,
										a.idMarineFacility
									FROM permohonan_main a 
									LEFT JOIN kod_kapal b ON a.idkapal=b.idkapal
									LEFT JOIN kod_marine_facility c ON c.idmarinefacility=a.idmarinefacility
									WHERE a.idpermohonan=?";
				$param_data 	= array(
									"idPermohonan" 	=> $ii
								 	);
				$data 			= mysqli_prepare_all($sql,$param_type = "auto",$param_data);
				$fetch_data 	= $data->fetch_assoc();
				$vessel 		= strtoupper($fetch_data['nama_kapal']);
				$marine 		= strtoupper($fetch_data['nama_facility']);
				$idMarine 		= $fetch_data['idMarineFacility'];
				$flagdg 		= $fetch_data['flagdg'];
				$flagdg_comb 	= ($flagdg=='Y') ? " (DG). " : '. ' ;
				$details 		= $flagdg_comb.$marine." - ".$vessel;

unset($sql);
				unset($param_data);
				unset($data);
				unset($fetch_data);

if($commentsMFSO == '-bypass-'){

$comb1 			= ($flagdg=='Y') ? "AND idRoles='2' AND idPelabuhan='{$idMarine}' AND flagDGApproval='Y'" : "AND idRoles='3'" ;
					$sql 			= "SELECT * FROM user_list WHERE mobileNo!='' {$comb1} AND CHAR_LENGTH (mobileNo) >= 10 AND flagUser='1' GROUP BY mobileNo";
					$param_data 	= array();
					$data 			= mysqli_prepare_all($sql,$param_type = "auto",$param_data);
					$list_no 		= array();
					while($fetch_data = $data->fetch_assoc()){
						array_push($list_no, $fetch_data['mobileNo']);
					}
					$destination 	= implode(',',$list_no);
				}else{

$sql 			= "SELECT * FROM user_list WHERE mobileNo!='' AND idRoles='2' AND idPelabuhan='{$idMarine}' AND CHAR_LENGTH (mobileNo) >= 10 AND flagUser='1' GROUP BY mobileNo";
					$param_data 	= array();
					$data 			= mysqli_prepare_all($sql,$param_type = "auto",$param_data);
					$list_no 		= array();
					while($fetch_data = $data->fetch_assoc()){
						array_push($list_no, $fetch_data['mobileNo']);
					}
					$destination 	= implode(',',$list_no);
				}

if(!empty($destination)){
					
					$sql 			= "SELECT * FROM kod_template WHERE kod='S02'";
					$param_data 	= array();
					$data 			= mysqli_prepare_all($sql,$param_type = "auto",$param_data);
					$fetch_data 	= $data->fetch_assoc();
					$message 		= $fetch_data['text'];

$find 			= array("%details%");
					$replace 		= array($details);
					$message 		= str_replace($find,$replace,$message);
					$message 		= html_entity_decode($message, ENT_QUOTES, 'utf-8'); 
					$message 		= urlencode($message);

$fp = "http://www.isms.com.my/isms_send.php?un=&pwd=&dstno=$destination&msg=$message";
					ismscURL($fp);
				}
			}

}

if($success == 1){
			$_SESSION['success'] 		= 1;
			$_SESSION['success_msg'] 	= $msg;
		}else if($success == 2){
			$_SESSION['success'] 		= 2;
			$_SESSION['success_msg'] 	= $msg;
		}else if($success == 3){
			$_SESSION['success'] 		= 3;
			$_SESSION['success_msg'] 	= $msg;
		}

// aaaa:

if($success){
			echo "<script>window.location.replace('index.php?page=edg/main&np={$curr_page}&ii={$ii}&success={$success}');</script>";
			exit();
		}

endif;

$ship 				= "";
	$ship_href 			= "index.php?page=edg/main&np=edg/ship_particular&ii={$ii}";
	$isps 				= "disabled";
	$isps_href 			= "javascript:void(0)";
	$port 				= "disabled";
	$port_href 			= "javascript:void(0)";
	$other 				= "disabled";
	$other_href 		= "javascript:void(0)";
	$upload 			= "disabled";
	$upload_href 		= "javascript:void(0)";
	$dg 				= "disabled";
	$dg_href 			= "javascript:void(0)";
	$cont_submit 		= "N";

if($ii>0){

unset($query);
		unset($result);
		$query 		= "	SELECT a.*, 
							if(a.idMarineFacility>0,1,0) AS isps, 
							1 AS port, if(a.flagDG='Y',1,0) AS dg, 
							SUM(if(b.idPermohonanMain is not null,1,0)) AS dg_record,
							c.flagBP,
							d.nama AS disclaimer
						FROM permohonan_main a
						LEFT JOIN permohonan_dg b ON b.idPermohonanMain = a.idPermohonan
						LEFT JOIN kod_marine_facility c ON c.idMarineFacility = a.idMarineFacility
						INNER JOIN (SELECT * FROM kod_disclaimer WHERE kod = 'FORM') d
						WHERE a.idPermohonan = '{$ii}' 
						GROUP BY a.idPermohonan";
		$result 	= $mysqli->query($query);	
		$row_now 	= $result->fetch_assoc();

$isps 				= "";
		$isps_href 			= "index.php?page=edg/main&np=edg/isps_info&ii={$ii}";

if($row_now['isps']==1){
			$port 				= "";
			$port_href 			= "index.php?page=edg/main&np=edg/port_call&ii={$ii}";
			$other 				= "";
			$other_href 		= "index.php?page=edg/main&np=edg/other_part&ii={$ii}";
			$cont_submit 		= "Y";

if($row_now['dg']==1){
				$dg 				= "";
				$dg_href 			= "index.php?page=edg/main&np=edg/dg&ii={$ii}";

if($row_now['dg_record']==0)
					$cont_submit 		= "N";
			}
		}

}

$ship 			= ($curr_page=="edg/ship_particular") ? "active" : $ship ;
	$ship_href 		= ($curr_page=="edg/ship_particular") ? "javascript:void(0)" : $ship_href ;
	$isps 			= ($curr_page=="edg/isps_info") ? "active" : $isps ;
	$isps_href 		= ($curr_page=="edg/isps_info") ? "javascript:void(0)" : $isps_href ;
	$port 			= ($curr_page=="edg/port_call") ? "active" : $port ;
	$port_href 		= ($curr_page=="edg/port_call") ? "javascript:void(0)" : $port_href ;
	$other 			= ($curr_page=="edg/other_part") ? "active" : $other ;
	$other_href 	= ($curr_page=="edg/other_part") ? "javascript:void(0)" : $other_href ;
	$dg 			= ($curr_page=="edg/dg") ? "active" : $dg ;
	$dg_href 		= ($curr_page=="edg/dg") ? "javascript:void(0)" : $dg_href ;

$resubmit 		= "T";
?>

<?php if(($idApproveMFSO != 0 OR $idApproveDG != 0 OR $idApproveMTSO != 0) AND $submit == 'T'){ ?>
		<div class="alert alert-warning alert-dismissable">
		<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
		<h4><strong>APPLICATION REJECTED / NEED TO SUBMIT AGAIN</strong></h4>
		<p>COMMENTS :- </p>
		<p>~ MFSO : <?php echo nl2br($commentsMFSO);?></p>
		<p>~ DG : <?php echo nl2br($commentsDG);?></p>
		<p>~ MTSO : <?php echo nl2br($commentsMTSO);?></p>
		</div>
		<?php $resubmit 		= "Y"; }?>

<div class="block-section">
			<form class="submit_me" action="index.php?page=edg/main&np=edg/tabs&ii=<?php echo $ii;?>" method="post">
			<ul class="nav nav-pills nav-justified nav-pills-custom">
				<li class="<?php echo $ship; ?>"><a href="<?php echo $ship_href; ?>">Ship Particular</a></li>
				<li class="<?php echo $isps; ?>"><a href="<?php echo $isps_href; ?>">ISPS Information</a></li>
				<li class="<?php echo $port; ?>"><a href="<?php echo $port_href; ?>">Last 10 Port Calls</a></li>
				<li class="<?php echo $other; ?>"><a href="<?php echo $other_href; ?>">Other Particular</a></li>
				<li class="<?php echo $dg; ?>"><a href="<?php echo $dg_href; ?>">Dangerous Goods</a></li>
				<?php if($ii > 0 && $cont_submit=="Y"){ ?>
				<li class=""><a href="javascript:void(0)" class="a_me btn btn-success btn-sm submit_form"><i class="fa fa-paper-plane-o"></i>&nbsp;SUBMIT APPLICATION</a></li>
				<?php }else{ ?>
				<li class=""><a href="javascript:void(0)" class="disabled btn btn-success btn-sm submit_form"><i class="fa fa-paper-plane-o"></i>&nbsp;SUBMIT APPLICATION</a></li>
				<?php } ?>
			</ul>
			<input type="hidden" name="type_submit" value="submit_me">
			<input type="hidden" name="resubmit" value="<?php echo $resubmit;?>">
			<input type="hidden" name="marine_bypass" value="<?php echo $row_now['flagBP'];?>">
			<input type="hidden" name="curr_page" value="<?php echo $curr_page;?>">
			</form>
		</div>	
		<div class="hidden disc_text"><?php echo nl2br(ucwords(strtolower($row_now['disclaimer'])));?></div>

$(".submit_form").on("click",function(){
		$.confirm({
			title: 'Confirm!',
			content: $(".disc_text").text(),
			buttons: {
				confirm: function () {
					$(".submit_me").trigger("submit");
				},
				cancel: function () {
					// $.alert('Canceled!');
				}
			}
		});
	});

});
</script>