'jpg', IMAGETYPE_PNG=>'png', IMAGETYPE_GIF=>'gif'); /* sanitize post, get, request */ $_REQUEST['account_id'] = ((empty($_REQUEST['account_id']))?"":$_REQUEST['account_id']); $_GET['act'] = ((empty($_GET['act']))?"":$_GET['act']); $_GET['add'] = ((empty($_GET['add']))?"":$_GET['add']); $_POST['do'] = ((empty($_POST['do']))?"":$_POST['do']); $_COOKIE['account_bank'] = ((empty($_COOKIE['account_bank']))?"":$_COOKIE['account_bank']); /* end sanitize */ $curstatus = $db->fetch_one("SELECT * FROM account_bank WHERE account_id='".$db->clean($_REQUEST['account_id'])."'"); $curstatus['account_id'] = empty($curstatus['account_id'])?'':$curstatus['account_id']; $curstatus['rek_no'] = empty($curstatus['rek_no'])?'':$curstatus['rek_no']; $curstatus['rek_name'] = empty($curstatus['rek_name'])?'':$curstatus['rek_name']; $curstatus['status'] = empty($curstatus['status'])?'':$curstatus['status']; $curstatus['bank_id'] = empty($curstatus['bank_id'])?'':$curstatus['bank_id']; $getallbank = $db->fetch_all("SELECT * FROM bank ORDER BY bankname"); $bankoptions = ''; $bankid = ((empty($curstatus['bank_id']))?"":$curstatus['bank_id']); if (sizeof($getallbank) > 0){ foreach ($getallbank as $abnk){ $bankoptions .= ''.$abnk['bankname'].''; } } if (!empty($_REQUEST['account_id'])){ $accbank->setId($_REQUEST['account_id']); $curstatus = $accbank->getHeaderBank(); if ($_GET['act'] == 'delete'){ $accbank->deleteBank(); redirecting("adminaccountbank.php"); } $getallbank = $db->fetch_all("SELECT * FROM bank ORDER BY bankname"); $bankoptions = ''; $bankid = ((empty($curstatus['bank_id']))?"":$curstatus['bank_id']); if (sizeof($getallbank) > 0){ foreach ($getallbank as $abnk){ $bankoptions .= ''.$abnk['bankname'].''; } } } if (!empty($_POST)){ $do = $_POST['do']; if ($do == "addaccbank"){ $bankid = (empty($_POST['bankid']))?"":$_POST['bankid']; $rek_no = (empty($_POST['rek_no']))?"":$_POST['rek_no']; $rek_name = (empty($_POST['rek_name']))?"":$_POST['rek_name']; $status = (empty($_POST['status']))?"":$_POST['status']; $dbbank = $db->fetch_one("SELECT bankname FROM bank WHERE bank_id = '".$db->clean($bankid)."' ORDER BY bankname"); $bankname = empty($dbbank['bankname'])?'':$dbbank['bankname']; $accbank->saveAccBank($bankid, $bankname, $rek_no, $rek_name, $status, ''); redirecting('adminaccountbank.php'); } else if ($do == "editbank"){ $accbank->setId($_REQUEST['account_id']); $bankid = (empty($_POST['bankid']))?"":$_POST['bankid']; $status = (empty($_POST['status']))?"":$_POST['status']; $rek_no = (empty($_POST['rek_no']))?"":$_POST['rek_no']; $rek_name = (empty($_POST['rek_name']))?"":$_POST['rek_name']; $dbbank = $db->fetch_one("SELECT bankname FROM bank WHERE bank_id = '".$db->clean($bankid)."' ORDER BY bankname"); $bankname = empty($dbbank['bankname'])?'':$dbbank['bankname']; $accbank->updateAccBank($bankid, $bankname, $rek_no, $rek_name, $status, ''); redirecting('adminaccountbank.php'); } } require_once 'incl/global_template.php'; $theme = gettemplate('adminaccountbankdetail'); eval("\$theme = \"$theme\";"); echo $theme; ?>