Your IP : 216.73.216.40
<?php
checkadmin($role);
$tbl = 'tenders';
$id = $_REQUEST["id"];
$subject = htmlsafe($_POST["subject"]);
$description = htmlsafe($_POST["description"]);
$filename = htmlsafe($_POST["filename"]);
if (basename($_FILES['userfile']['name'])) {
$filename = strtolower(basename($_FILES['userfile']['name']));
upload_file();
}
$expiry = $_POST["expiry"];
if (!$expiry) $expiry = date("Y-m-d");
$submit = $_POST["submit"];
if ($submit == 'SAVE') {
if (mysql_num_rows(mysql_query("select * from $tbl where id=$id"))) {
mysql_query("update $tbl set subject='$subject',filename='$filename',
description='$description',expiry='$expiry',userID='$user' where id=$id");
} else {
mysql_query("insert into $tbl(subject,filename,description,dated,expiry,userID,status)
values('$subject','$filename','$description',now(),'$expiry','$user','current')");
}
} else if ($submit == "DELETE") {
mysql_query("delete from $tbl where id=$id");
} else if ($action == "expired") {
mysql_query("update $tbl set status='expired' where id=$id");
} else if ($action == "current") {
mysql_query("update $tbl set status='current' where id=$id");
}
tenderfeed();
echo "<div align='right'>Upload pdf file linked to this tender <input type='file' name='userfile'></div>
Please select tender document file and enter the details below to uploading on site.
<table class='normal' width='90%'>";
if (!$id) {
echo "<tr><td nowrap>Subject</td>
<td><input type='text' name='subject' value='' size='50'></td></tr>
<tr valign='top'><td>Description</td>
<td><textarea name='description' rows='2' cols='50'></textarea></td></tr>
<tr><td nowrap>Filename</td>
<td><input type='text' name='filename' value='' size='50'>
(if file is to be uploaded, leave it blank)</td></tr>
<tr><td nowrap>Expiry Date</td>
<td><input type='text' name='expiry' value='$expiry' size='15'>
<input type='submit' name='submit' value='SAVE' style='width:80px'></td></tr>";
} else {
echo "<tr><td>[ <a href='$PHP_SELF?conf=$conf&id='>New tender</a> ]</td></tr>";
}
echo "</table>
<table class='normal' width='98%'>
<tr><th>No.</th><th width='95%'>Tender</th></tr>";
$rs = mysql_query("select * from $tbl order by status,dated desc,id");
while ($o = mysql_fetch_object($rs)) {
$i++;
if ($id == $o->id) {
echo "<tr><td>$i</td><td align='center'>
<input type='hidden' name='id' value='$id'>
<table class=normal width='90%'>
<tr><td nowrap>Subject</td>
<td><input type='text' name='subject' value='$o->subject' size='50'></td></tr>
<tr valign='top'><td nowrap>Description</td>
<td><textarea name='description' rows='2' cols='50'>$o->description</textarea></td></tr>
<tr><td nowrap>Filename</td>
<td><input type='text' name='filename' value='$o->filename' size='50'></td></tr>
<tr><td nowrap>Expiry Date</td>
<td nowrap><input type='text' name='expiry' value='$o->expiry' size='15'>
<input type='submit' name='submit' value='SAVE' style='width:80px'>
<input type='submit' name='submit' value='DELETE' style='width:80px'></td></tr>
</table></td></tr>";
} else {
if ($i % 2) echo "<tr valign='top' bgcolor='$col1'>";
else echo "<tr valign='top' bgcolor='$col2'>";
echo "<td>$i</td><td width='80%'><a name='$o->id'></a>$o->subject
[ <a href='$PHP_SELF?conf=$conf&id=$o->id#$o->id'>Edit</a> ] ";
if ($o->status == 'expired')
echo "[ <a href='$PHP_SELF?conf=$conf&action=current&id=$o->id'>Show</a> ]";
else
echo "[ <a href='$PHP_SELF?conf=$conf&action=expired&id=$o->id'>Hide</a> ]";
echo "<br>
>> $o->description<br>";
if ($o->filename) echo "Filename: <a href='documents/$o->filename'>documents/$o->filename</a>";
echo "<div align='right'>By $o->userID dated $o->dated & expiry $o->expiry</div></td></tr>";
}
}
echo "</table>";
?>