<?php error_reporting(E_ALL); include('../../../config/main_function.php'); $secure = "cAh3DrJACzw4RbU"; $connection = connectDB($secure); $inputData = mysqli_real_escape_string($connection, $_POST["inputData"]); $countNo = mysqli_real_escape_string($connection, $_POST["countNo"]); $nextNo = mysqli_real_escape_string($connection, $_POST["nextNo"]); $start_no = mysqli_real_escape_string($connection, $_POST["start_no"]); $needle = 'efa-member.com/qr'; $checkMember = 1; if (strpos($inputData, $needle) != "") { $inputArray = explode('=', $inputData); $member_id = end($inputArray); $sqlMember = "SELECT * FROM `tbl_member` WHERE `member_id` = '$member_id' AND `storage_no` IS NULL"; } else if (strlen($inputData) == 13) { $citizen_id = $inputData; $sqlMember = "SELECT * FROM `tbl_member` WHERE `citizen_id` = '$citizen_id' AND `storage_no` IS NULL"; } else { $checkMember = 0; } if ($checkMember == 1) { $resultMember = mysqli_query($connection, $sqlMember); if (mysqli_num_rows($resultMember) == 1) { $rowMember = mysqli_fetch_array($resultMember); $member_id = $rowMember["member_id"]; $dataTime = date("Y-m-d H:i:s"); $sqlUpdate = "UPDATE `tbl_member` SET `storage_no` = '$nextNo', `storage_date` = '$dataTime' WHERE `tbl_member`.`member_id` = '$member_id'"; if (mysqli_query($connection, $sqlUpdate)) { $sqlStorage = "UPDATE `tbl_storage` SET `storage_count` = '$countNo' WHERE `tbl_storage`.`start_no` = '$start_no';"; mysqli_query($connection, $sqlStorage); $arr['member_id'] = $rowMember["member_id"]; $arr['member_name'] = $rowMember["member_name"]; $arr['storage_no'] = number_format($rowMember["storage_no"]); $status = 1; } else { $status = 0; } } else { $status = 0; } } else { $status = 0; } $arr['status'] = $status; echo json_encode($arr);