#!/usr/bin/perl -w
use CGI qw/:all/;
use CGI::Carp qw(fatalsToBrowser);
use DBI;
my $dbh=DBI->connect('dbi:mysql:arabdemog_com:localhost','arabdemog_com','p2a9r7cd');
##Start Uploading
use File::Basename; 
$CGI::POST_MAX = 1024 * 5000; 
my $safe_filename_characters = "a-zA-Z0-9_.-"; 
my $upload_dir = "/var/www/vhosts/arabdemog.com/httpdocs/alkaufa/images"; 
my $query = new CGI; 
my $filename = $query->param("photo"); 	
##End Uploading
my $lang = param("lang");
sub escapedStr{
$out="";
$str=$_[0];
$len=length($str);
for ($i=0;$i<$len;$i++)
{
	$checkChar=substr($str,$i,1);
	if ($checkChar eq "'" || $checkChar eq "\"")
	{
		$out=$out."\\'";
	}
	else
	{
		$out=$out.$checkChar;
	}
}
return $out;
}
print <<blk;
content-type: text/html

<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
</head>
<body>
blk
my $sdate=param("datum1");	
my @arsdate=split('-',$sdate);
$sdate=$arsdate[2]."-".$arsdate[1]."-".$arsdate[0];
my $psize=param("sz");		
my $location=param("selloc");
##
my $strQuery="select lcode,lsname,mname,memail from alkLocation where lcode=$location";
$sthL=$dbh->prepare($strQuery);
$sthL->execute;
while(@row = $sthL->fetchrow_array ) 
	{ 
		$loc="@row[0]@row[1]";
		$mname="@row[2]";
		$memail="@row[3]";
	}
my $strQuery="SELECT max(convert(right(questNo,4),SIGNED))+1 FROM alk_entry";
$sthM=$dbh->prepare($strQuery);
$sthM->execute;

while(@row = $sthM->fetchrow_array ) 
	{ 
		###$intL= 0-length("0000@row[0]")+1;
		###$questno="$loc".substr("0000@row[0]",$intL,5);
		#
		$intL= length("@row[0]");
		if ($intL == 1) 
		{
			$quno="0000@row[0]";
		}
		elsif ($intL == 2) 
		{
			$quno="000@row[0]";
		}
		elsif ($intL == 3) 
		{
			$quno="00@row[0]";
		}
		elsif ($intL == 4) 
		{
			$quno="0@row[0]";
		}
		elsif ($intL == 5) 
		{
			$quno="@row[0]";
		}
		$questno="$loc".$quno;
		#
	}
##
my $ath=param("ath");
my $atm=param("atm") - 1;
if (param("atap") == 1)
{
	$atampm='AM';
}
elsif (param("atap")== 2)
{
	$atampm='PM';
}
my $atime=$ath.":".$atm." ".$atampm;

my $sid=param("Shopperid");	

my $dth=param("dth");	
my $dtm=param("dtm") - 1;
if (param("dtap") == 1)
{
	$dtampm='AM';
}
elsif (param("dtap")== 2)
{
	$dtampm='PM';
}
my $dtime = $dth.":".$dtm." ".$dtampm;

my $nationality=param("nat");	
my $captain=escapedStr(param("nom"));	
my $receipt=escapedStr(param("rno"));	
my $amount=param("amt");	
my $dow=param("dow");	

##my $questno=escapedStr(param("qno")); 
my $order=escapedStr(param("order"));	

my $gender=param("gender");	
my $age=param("age");

my $q1=param("ce1");
my $c1=escapedStr(param("txtce1"));	
my $q2=param("ce2");	
my $c2=escapedStr(param("txtce2"));	
my $q3=param("ce3");	
my $c3=escapedStr(param("txtce3"));	
   
my $q4=param("ci1");	
my $c4=escapedStr(param("txtci1"));	
my $q5=param("ci2");	
my $c5=escapedStr(param("txtci2"));	
my $q6=param("ci3");	
my $c6=escapedStr(param("txtci3"));	
my $q7=param("ci4");	
my $c7=escapedStr(param("txtci4"));	
my $q8=param("ci5");	
my $c8=escapedStr(param("txtci5"));	
my $q9=param("ci6");	
my $c9=escapedStr(param("txtci6"));	
my $q10=param("ci7");	
my $c10=escapedStr(param("txtci7"));	
my $q11=param("ci8");	
my $c11=escapedStr(param("txtci8"));	
my $q12=param("ci9");	
my $c12=escapedStr(param("txtci9"));	
   
my $q13=param("hh1");	
my $c13=escapedStr(param("txthh1"));	
my $q14=param("hh2");	
my $c14=escapedStr(param("txthh2"));	
	
my $c15=escapedStr(param("txthh3"));	
my $q16=param("hh4");	
my $c16=escapedStr(param("txthh4"));	
my $q17=param("hh5");	
my $c17=escapedStr(param("txthh5"));	
my $q18=param("hh6");	
my $c18=escapedStr(param("txthh6"));	
my $q19=param("hh7");	
my $c19=escapedStr(param("txthh7"));	
my $q20=param("hh8");	
my $c20=escapedStr(param("txthh8"));	
my $q21=param("hh9");	
my $c21=escapedStr(param("txthh9"));	
my $q22=param("hh10");	
my $c22=escapedStr(param("txthh10"));	
   
my $q23=param("hc1");	
my $c23=escapedStr(param("txthc1"));	
my $q24=param("hc2");	
my $c24=escapedStr(param("txthc2"));	
my $q25=param("hc3");	
my $c25=escapedStr(param("txthc3"));	
my $q26=param("hc4");	
my $c26=escapedStr(param("txthc4"));	
	
my $c27=escapedStr(param("txthc5"));	

my $q28=param("hc6");	
my $c28=escapedStr(param("txthc6"));	
my $q29=param("hc7");	
my $c29=escapedStr(param("txthc7"));	
my $q30=param("hc8");	
my $c30=escapedStr(param("txthc8"));	
my $q31=param("hc9");	
my $c31=escapedStr(param("txthc9"));	
my $q32=param("hc10");	
my $c32=escapedStr(param("txthc10"));	
my $q33=param("hc11");	
my $c33=escapedStr(param("txthc11"));	
my $q34=param("hc12");	
my $c34=escapedStr(param("txthc12"));	
my $q35=param("hc13");	
my $c35=escapedStr(param("txthc13"));	
my $q36=param("hc14");	
my $c36=escapedStr(param("txthc14"));	
my $q37=param("hc15");	
my $c37=escapedStr(param("txthc15"));	
my $q38=param("hc16");	
my $c38=escapedStr(param("txthc16"));	
my $q39=param("hc17");	
my $c39=escapedStr(param("txthc17"));	
my $q40=param("hc18");	
my $c40=escapedStr(param("txthc18"));	
my $q41=param("hc19");	
my $c41=escapedStr(param("txthc19"));	
   
my $q42=param("hw1");	
my $c42=escapedStr(param("txthw1"));	
	
my $c43=escapedStr(param("txthw2"));	
my $q44=param("hw3");	
my $c44=escapedStr(param("txthw3"));	
my $q45=param("hw4");	
my $c45=escapedStr(param("txthw4"));	
my $q46=param("hw5");	
my $c46=escapedStr(param("txthw5"));	
my $q47=param("hw6");	
my $c47=escapedStr(param("txthw6"));	
my $q48=param("hw7");	
my $c48=escapedStr(param("txthw7"));	
   
my $q49=param("hs1");	
my $c49=escapedStr(param("txths1"));	
my $q50=param("hs2");	
my $c50=escapedStr(param("txths2"));	
my $q51=param("hs3");	
my $c51=escapedStr(param("txths3"));	
	
my $c52=escapedStr(param("txths4"));	
my $q53=param("hs5");	
my $c53=escapedStr(param("txths5"));	
my $q54=param("hs6");	
my $c54=escapedStr(param("txths6"));	
my $q55=param("hs7");	
my $c55=escapedStr(param("txths7"));	
my $q56=param("hs8");	
my $c56=escapedStr(param("txths8"));	
my $q57=param("hs9");	
my $c57=escapedStr(param("txths9"));	
my $q58=param("hs10");	
my $c58=escapedStr(param("txths10"));	
   
my $q59=param("hg1");	
my $c59=escapedStr(param("txthg1"));	
my $q60=param("hg2");	
my $c60=escapedStr(param("txthg2"));	
	
my $q62=param("hg4");	
my $c62=escapedStr(param("txthg4"));	
my $q63=param("hg5");	
my $c63=escapedStr(param("txthg5"));	
   
my $q64=param("pq1");	
my $c64=escapedStr(param("txtpq1"));	
my $q65=param("pq2");	
my $c65=escapedStr(param("txtpq2"));	
my $q66=param("pq3");	
my $c66=escapedStr(param("txtpq3"));	
my $q67=param("pq4");	
my $c67=escapedStr(param("txtpq4"));	
my $q68=param("pq5");	
my $c68=escapedStr(param("txtpq5"));	
my $q69=param("pq6");	
my $c69=escapedStr(param("txtpq6"));	
my $q70=param("pq7");	
my $c70=escapedStr(param("txtpq7"));	
my $q71=param("pq8");	
my $c71=escapedStr(param("txtpq8"));	
my $q72=param("pq9");	
my $c72=escapedStr(param("txtpq9"));	
my $q73=param("pq10");	
my $c73=escapedStr(param("txtpq10"));	
my $q74=param("pq11");	
my $c74=escapedStr(param("txtpq11"));	
my $q75=param("pq12");	
my $c75=escapedStr(param("txtpq12"));	
my $q76=param("pq13");	
my $c76=escapedStr(param("txtpq13"));	
   
my $q77=param("ss1");	
my $c77=escapedStr(param("txtss1"));	
my $q78=param("ss2");	
my $c78=escapedStr(param("txtss2"));	
my $q79=param("ss3");	
my $c79=escapedStr(param("txtss3"));	
my $q80=param("ss4");	
my $c80=escapedStr(param("txtss4"));	
my $q81=param("ss5");	
my $c81=escapedStr(param("txtss5"));	
   
my $q82=param("mr1");	
my $c82=escapedStr(param("txtmr1"));	
my $q83=param("mr2");	
my $c83=escapedStr(param("txtmr2"));	
my $q84=param("mr3");	
my $c84=escapedStr(param("txtmr3"));	
my $q85=param("mr4");	
my $c85=escapedStr(param("txtmr4"));	
my $q86=param("mr5");	
my $c86=escapedStr(param("txtmr5"));	
my $q87=param("mr6");	
my $c87=escapedStr(param("txtmr6"));	
   
my $q88=param("lp1");	
my $q89=param("lp2");	
my $q90=param("lp3");	
my $q91=param("lp4");	
my $q92=param("lp5");

my $c93=escapedStr(param("txt93"));	
my $c94=escapedStr(param("txt94"));	
   
my $q95=param("or1");	
my $q96=param("or2");	
my $q97=param("or3");	
my $q98=param("or4");	
my $q99=param("or5");	
my $q100=param("or6");	
my $q101=param("or7");	
my $q102=param("or8");	
my $q103=param("or9");	
my $q104=param("or10");	
my $q105=param("or11");	
my $q106=param("or12");	

   
my $q107=escapedStr(param("txt107"));	
my $q108=escapedStr(param("txt108"));	

if ($q1 eq "") { $q1=-1; }
if ($q2 eq "") { $q2=-1; }
if ($q3 eq "") { $q3=-1; }
if ($q4 eq "") { $q4=-1; }
if ($q5 eq "") { $q5=-1; }
if ($q6 eq "") { $q6=-1; }
if ($q7 eq "") { $q7=-1; }
if ($q8 eq "") { $q8=-1; }
if ($q9 eq "") { $q9=-1; }
if ($q10 eq "") { $q10=-1; }
if ($q11 eq "") { $q11=-1; }
if ($q12 eq "") { $q12=-1; }
if ($q13 eq "") { $q13=-1; }
if ($q14 eq "") { $q14=-1; }
if ($q15 eq "") { $q15=-1; }
if ($q16 eq "") { $q16=-1; }
if ($q17 eq "") { $q17=-1; }
if ($q18 eq "") { $q18=-1; }
if ($q19 eq "") { $q19=-1; }
if ($q20 eq "") { $q20=-1; }
if ($q21 eq "") { $q21=-1; }
if ($q22 eq "") { $q22=-1; }
if ($q23 eq "") { $q23=-1; }
if ($q24 eq "") { $q24=-1; }
if ($q25 eq "") { $q25=-1; }
if ($q26 eq "") { $q26=-1; }
if ($q27 eq "") { $q27=-1; }
if ($q28 eq "") { $q28=-1; }
if ($q29 eq "") { $q29=-1; }
if ($q30 eq "") { $q30=-1; }
if ($q31 eq "") { $q31=-1; }
if ($q32 eq "") { $q32=-1; }
if ($q33 eq "") { $q33=-1; }
if ($q34 eq "") { $q34=-1; }
if ($q35 eq "") { $q35=-1; }
if ($q36 eq "") { $q36=-1; }
if ($q37 eq "") { $q37=-1; }
if ($q38 eq "") { $q38=-1; }
if ($q39 eq "") { $q39=-1; }
if ($q40 eq "") { $q40=-1; }
if ($q41 eq "") { $q41=-1; }
if ($q42 eq "") { $q42=-1; }
if ($q43 eq "") { $q43=-1; }
if ($q44 eq "") { $q44=-1; }
if ($q45 eq "") { $q45=-1; }
if ($q46 eq "") { $q46=-1; }
if ($q47 eq "") { $q47=-1; }
if ($q48 eq "") { $q48=-1; }
if ($q49 eq "") { $q49=-1; }
if ($q50 eq "") { $q50=-1; }
if ($q51 eq "") { $q51=-1; }
if ($q52 eq "") { $q52=-1; }
if ($q53 eq "") { $q53=-1; }
if ($q54 eq "") { $q54=-1; }
if ($q55 eq "") { $q55=-1; }
if ($q56 eq "") { $q56=-1; }
if ($q57 eq "") { $q57=-1; }
if ($q58 eq "") { $q58=-1; }
if ($q59 eq "") { $q59=-1; }
if ($q60 eq "") { $q60=-1; }
if ($q61 eq "") { $q61=-1; }
if ($q62 eq "") { $q62=-1; }
if ($q63 eq "") { $q63=-1; }
if ($q64 eq "") { $q64=-1; }
if ($q65 eq "") { $q65=-1; }
if ($q66 eq "") { $q66=-1; }
if ($q67 eq "") { $q67=-1; }
if ($q68 eq "") { $q68=-1; }
if ($q69 eq "") { $q69=-1; }
if ($q70 eq "") { $q70=-1; }
if ($q71 eq "") { $q71=-1; }
if ($q72 eq "") { $q72=-1; }
if ($q73 eq "") { $q73=-1; }
if ($q74 eq "") { $q74=-1; }
if ($q75 eq "") { $q75=-1; }
if ($q76 eq "") { $q76=-1; }
if ($q77 eq "") { $q77=-1; }
if ($q78 eq "") { $q78=-1; }
if ($q79 eq "") { $q79=-1; }
if ($q80 eq "") { $q80=-1; }
if ($q81 eq "") { $q81=-1; }
if ($q82 eq "") { $q82=-1; }
if ($q83 eq "") { $q83=-1; }
if ($q84 eq "") { $q84=-1; }
if ($q85 eq "") { $q85=-1; }
if ($q86 eq "") { $q86=-1; }
if ($q87 eq "") { $q87=-1; }
if ($q88 eq "") { $q88=-1; }
if ($q89 eq "") { $q89=-1; }
if ($q90 eq "") { $q90=-1; }
if ($q91 eq "") { $q91=-1; }
if ($q92 eq "") { $q92=-1; }
if ($q93 eq "") { $q93=-1; }
if ($q94 eq "") { $q94=-1; }
if ($q95 eq "") { $q95=-1; }
if ($q96 eq "") { $q96=-1; }
if ($q97 eq "") { $q97=-1; }
if ($q98 eq "") { $q98=-1; }
if ($q99 eq "") { $q99=-1; }
if ($q100 eq "") { $q100=-1; }
if ($q101 eq "") { $q101=-1; }
if ($q102 eq "") { $q102=-1; }
if ($q103 eq "") { $q103=-1; }
if ($q104 eq "") { $q104=-1; }
if ($q105 eq "") { $q105=-1; }

##Start Uploading
if ( !$filename ) 
{ 
	print "There was a problem uploading the receipt (try a smaller file)."; 
    #exit; 
}
else
{
	$msg="Updation Successfull";
	my ( $name, $path, $extension ) = fileparse ( $filename, '\..*' ); 
	$filename = $questno . $extension; $filename =~ tr/ /_/; $filename =~ s/[^$safe_filename_characters]//g; 
	if ( $filename =~ /^([$safe_filename_characters]+)$/ ) 
	{ 
	$filename = $1; 
	} 
	else 
	{ 
	die "Filename contains invalid characters"; 
	} 

	my $upload_filehandle = $query->upload("photo"); 
	open ( UPLOADFILE, ">$upload_dir/$filename" ) or die " Can't write to  $upload_dir/$filename $!"; 
	binmode UPLOADFILE; 
	while ( <$upload_filehandle> ) 
	{ 
	print UPLOADFILE; 
	} 
	close UPLOADFILE; 
}
##End Uploading

@gettheip=split(/\./,$ENV{'REMOTE_ADDR'});
my $eip="$gettheip[0].$gettheip[1].$gettheip[2].$gettheip[3]";
	my $strsql="insert into alk_entry290911back (Sdate,Psize,Location,Atime,Sid,Dtime,Nationality,Captain,Receipt,Amount,DOW,QuestNo,OrderItems,q1,c1,q2,c2,q3,c3,q4,c4,q5,c5,q6,c6,q7,c7,q8,c8,q9,c9,q10,c10,q11,c11,q12,c12,q13,c13,q14,c14,c15,q16,c16,q17,c17,q18,c18,q19,c19,q20,c20,q21,c21,q22,c22,q23,c23,q24,c24,q25,c25,q26,c26,c27,q28,c28,q29,c29,q30,c30,q31,c31,q32,c32,q33,c33,q34,c34,q35,c35,q36,c36,q37,c37,q38,c38,q39,c39,q40,c40,q41,c41,q42,c42,c43,q44,c44,q45,c45,q46,c46,q47,c47,q48,c48,q49,c49,q50,c50,q51,c51,c52,q53,c53,q54,c54,q55,c55,q56,c56,q57,c57,q58,c58,q59,c59,q60,c60,q62,c62,q63,c63,q64,c64,q65,c65,q66,c66,q67,c67,q68,c68,q69,c69,q70,c70,q71,c71,q72,c72,q73,c73,q74,c74,q75,c75,q76,c76,q77,c77,q78,c78,q79,c79,q80,c80,q81,c81,q82,c82,q83,c83,q84,c84,q85,c85,q86,c86,q87,c87,q88,q89,q90,q91,q92,c93,c94,q95,q96,q97,q98,q99,q100,q101,q102,q103,q104,q105,q106,c107,c108,edate,userip,gender,age,Lang) values
	('$sdate',$psize,$location,'$atime',$sid,'$dtime',$nationality,'$captain','$receipt',$amount,$dow,'$questno','$order',$q1,'$c1',$q2,'$c2',$q3,'$c3',$q4,'$c4',$q5,'$c5',$q6,'$c6',$q7,'$c7',$q8,'$c8',$q9,'$c9',$q10,'$c10',$q11,'$c11',$q12,'$c12',$q13,'$c13',$q14,'$c14','$c15',$q16,'$c16',$q17,'$c17',$q18,'$c18',$q19,'$c19',$q20,'$c20',$q21,'$c21',$q22,'$c22',$q23,'$c23',$q24,'$c24',$q25,'$c25',$q26,'$c26','$c27',$q28,'$c28',$q29,'$c29',$q30,'$c30',$q31,'$c31',$q32,'$c32',$q33,'$c33',$q34,'$c34',$q35,'$c35',$q36,'$c36',$q37,'$c37',$q38,'$c38',$q39,'$c39',$q40,'$c40',$q41,'$c41',$q42,'$c42','$c43',$q44,'$c44',$q45,'$c45',$q46,'$c46',$q47,'$c47',$q48,'$c48',$q49,'$c49',$q50,'$c50',$q51,'$c51','$c52',$q53,'$c53',$q54,'$c54',$q55,'$c55',$q56,'$c56',$q57,'$c57',$q58,'$c58',$q59,'$c59',$q60,'$c60',$q62,'$c62',$q63,'$c63',$q64,'$c64',$q65,'$c65',$q66,'$c66',$q67,'$c67',$q68,'$c68',$q69,'$c69',$q70,'$c70',$q71,'$c71',$q72,'$c72',$q73,'$c73',$q74,'$c74',$q75,'$c75',$q76,'$c76',$q77,'$c77',$q78,'$c78',$q79,'$c79',$q80,'$c80',$q81,'$c81',$q82,'$c82',$q83,'$c83',$q84,'$c84',$q85,'$c85',$q86,'$c86',$q87,'$c87',$q88,$q89,$q90,$q91,$q92,'$c93','$c94',$q95,$q96,$q97,$q98,$q99,$q100,$q101,$q102,$q103,$q104,$q105,$q106,'$q107','$q108',now(),'$userip',$gender,$age,'$lang')";
	my $rv=$dbh->do($strsql);
	$dbh->disconnect;
	#if ($rv==1) 
	#{
		## Email the form results
		#$emailFrom="vasudha\@arabresearch.com";
		#$emailTo="$memail;vasudhbatra\@gmail.com"; # jehad\@alkoufa.com
		##vasudha\@arabresearch.com;jehad\@alkoufa.com";
		#$comments="Dear Mr.$mname, \nKindly note that, one new questionnaire has been uploaded";
		#$subject="New Questionnaire has been uploaded!"; 
		#$sendmailpath="/usr/sbin/sendmail"; 
		#open (sil, "| $sendmailpath -t"); 
		#print sil "Subject: $subject\n"; 
		#print sil "From: $emailFrom\n"; 
		#print sil "To: $emailTo\n";
		#print sil "$comments\n\n"; 
		#print sil "Thanks"; 
		#close (sil)|| print("unable to send $!"); 
		#########
	#}

print<<blk1;
<tableborder="1"cellpadding="0"cellspacing="0"width="100%"bordercolor="#000080"height="359">
<tr>
<tdwidth="100%"height="357">
<palign="center"><fontface="Verdana"color="#000080"size="5"><b>$msg</b></font></td>
</tr>
</table>
</body>

</html>
blk1