One Hat Cyber Team

View File Name : uploadtohtml.php

<?php
// Import PHPSpreadsheet Library
include 'vendor/autoload.php';

// Database Configuration
$host = "localhost";
$user = "gracious_administrator";
$password = "Cronica2020";
$dbname = "gracious_hris";

try {
    $dbh = new PDO("mysql:host={$host};dbname={$dbname}", $user, $password);
    $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
    die('Connection failed: ' . $e->getMessage());
}

// Check for file upload
if ($_FILES['excel_file']['error'] === UPLOAD_ERR_OK && $_FILES['excel_file']['size'] > 0) {
    $allowed_extensions = array('xls', 'csv', 'xlsx', 'txt');
    $file_array = explode(".", $_FILES["excel_file"]["name"]);
    $file_extension = strtolower(end($file_array));

    if (in_array($file_extension, $allowed_extensions)) {
        $file_name = time() . '.' . $file_extension;
        if (move_uploaded_file($_FILES['excel_file']['tmp_name'], $file_name)) {
            $spreadsheet = \PhpOffice\PhpSpreadsheet\IOFactory::load($file_name);
            unlink($file_name);

            $sheet = $spreadsheet->getActiveSheet();
            $data = $sheet->toArray();

            $stmt = $dbh->prepare(
                "INSERT INTO tblemployees 
                (EmpId, NickName, FirstName, MiddleName, LastName, Suffix, Dob, Gender, CivilStatus, Height, Weight, Religion, EmailId, Pw, NatureofEmployment, Address, Second_Address, Phonenumber, Second_Number, FatherName, FOccupation, FBirthday, Ftelnum, MotherName, MOccupation, MBirthday, MTelnum, SpouseName, SOccupation, SBirthday, STelNum, SCompany, IncaseName, IncaseRelation, IncaseTelNum, IncaseAddress, SchoolName, DateAttendFrom, DateAttendTo, SecSchoolName, SecDateAttendFrom, SecDateAttendTo, HSecSchoolName, Strand, HSecDateAttendFrom, HSecDateAttendTo, TerSchoolName, Degree, TerDateAttendFrom, TerDateAttendTo, DateHired, DateRegistered, SSS, Pagibig, Philhealth, Tin)
                VALUES 
                (:biocode, :nickname, :fname, :mdname, :sname, :suffix, :bdate, :gender, :civstats, :height, :weight, :religion, :email, :pass, :employment, :address, :address2, :phonenumber, :phonenumber2, :fathername, :foccupation, :fbirthday, :fphone, :mothername, :moccupation, :mbirthday, :mphone, :spousename, :soccupation, :sbirthday, :sphone, :scomp, :incasename, :incaserelation, :incasephone, :incaseaddress, :elem, :elemfrom, :elemto, :jhigh, :jhighfrom, :jhighto, :shighschool, :strand, :shighfrom, :shighto, :tertiary, :degree, :thighfrom, :thighto, :probidate, :regularization, :sss, :pagibig, :phealth, :tin)"
            );

            $message = '';
            foreach ($data as $rowData) {
                if (!empty($rowData[0])) {
                    $stmt->bindParam(':biocode', $rowData[0], PDO::PARAM_STR);
                    $stmt->bindParam(':nickname', $rowData[1], PDO::PARAM_STR);
                    $stmt->bindParam(':fname', $rowData[2], PDO::PARAM_STR);
                    $stmt->bindParam(':mdname', $rowData[3], PDO::PARAM_STR);
                    $stmt->bindParam(':sname', $rowData[4], PDO::PARAM_STR);
                    $stmt->bindParam(':suffix', $rowData[5], PDO::PARAM_STR);
                    $stmt->bindParam(':bdate', $rowData[6], PDO::PARAM_STR);
                    $stmt->bindParam(':gender', $rowData[7], PDO::PARAM_STR);
                    $stmt->bindParam(':civstats', $rowData[8], PDO::PARAM_STR);
                    $stmt->bindParam(':height', $rowData[9], PDO::PARAM_STR);
                    $stmt->bindParam(':weight', $rowData[10], PDO::PARAM_STR);
                    $stmt->bindParam(':religion', $rowData[11], PDO::PARAM_STR);
                    $stmt->bindParam(':email', $rowData[12], PDO::PARAM_STR);
                    $stmt->bindParam(':pass', $rowData[13], PDO::PARAM_STR);
                    $stmt->bindParam(':employment', $rowData[14], PDO::PARAM_STR);
                    $stmt->bindParam(':address', $rowData[15], PDO::PARAM_STR);
                    $stmt->bindParam(':address2', $rowData[16], PDO::PARAM_STR);
                    $stmt->bindParam(':phonenumber', $rowData[17], PDO::PARAM_STR);
                    $stmt->bindParam(':phonenumber2', $rowData[18], PDO::PARAM_STR);
                    $stmt->bindParam(':fathername', $rowData[19], PDO::PARAM_STR);
                    $stmt->bindParam(':foccupation', $rowData[20], PDO::PARAM_STR);
                    $stmt->bindParam(':fbirthday', $rowData[21], PDO::PARAM_STR);
                    $stmt->bindParam(':fphone', $rowData[22], PDO::PARAM_STR);
                    $stmt->bindParam(':mothername', $rowData[23], PDO::PARAM_STR);
                    $stmt->bindParam(':moccupation', $rowData[24], PDO::PARAM_STR);
                    $stmt->bindParam(':mbirthday', $rowData[25], PDO::PARAM_STR);
                    $stmt->bindParam(':mphone', $rowData[26], PDO::PARAM_STR);
                    $stmt->bindParam(':spousename', $rowData[27], PDO::PARAM_STR);
                    $stmt->bindParam(':soccupation', $rowData[28], PDO::PARAM_STR);
                    $stmt->bindParam(':sbirthday', $rowData[29], PDO::PARAM_STR);
                    $stmt->bindParam(':sphone', $rowData[30], PDO::PARAM_STR);
                    $stmt->bindParam(':scomp', $rowData[31], PDO::PARAM_STR);
                    $stmt->bindParam(':incasename', $rowData[32], PDO::PARAM_STR);
                    $stmt->bindParam(':incaserelation', $rowData[33], PDO::PARAM_STR);
                    $stmt->bindParam(':incasephone', $rowData[34], PDO::PARAM_STR);
                    $stmt->bindParam(':incaseaddress', $rowData[35], PDO::PARAM_STR);
                    $stmt->bindParam(':elem', $rowData[36], PDO::PARAM_STR);
                    $stmt->bindParam(':elemfrom', $rowData[37], PDO::PARAM_STR);
                    $stmt->bindParam(':elemto', $rowData[38], PDO::PARAM_STR);
                    $stmt->bindParam(':jhigh', $rowData[39], PDO::PARAM_STR);
                    $stmt->bindParam(':jhighfrom', $rowData[40], PDO::PARAM_STR);
                    $stmt->bindParam(':jhighto', $rowData[41], PDO::PARAM_STR);
                    $stmt->bindParam(':shighschool', $rowData[42], PDO::PARAM_STR);
                    $stmt->bindParam(':strand', $rowData[43], PDO::PARAM_STR);
                    $stmt->bindParam(':shighfrom', $rowData[44], PDO::PARAM_STR);
                    $stmt->bindParam(':shighto', $rowData[45], PDO::PARAM_STR);
                    $stmt->bindParam(':tertiary', $rowData[46], PDO::PARAM_STR);
                    $stmt->bindParam(':degree', $rowData[47], PDO::PARAM_STR);
                    $stmt->bindParam(':thighfrom', $rowData[48], PDO::PARAM_STR);
                    $stmt->bindParam(':thighto', $rowData[49], PDO::PARAM_STR);
                    $stmt->bindParam(':probidate', $rowData[50], PDO::PARAM_STR);
                    $stmt->bindParam(':regularization', $rowData[51], PDO::PARAM_STR);
                    $stmt->bindParam(':sss', $rowData[52], PDO::PARAM_STR);
                    $stmt->bindParam(':pagibig', $rowData[53], PDO::PARAM_STR);
                    $stmt->bindParam(':phealth', $rowData[54], PDO::PARAM_STR);
                    $stmt->bindParam(':tin', $rowData[55], PDO::PARAM_STR);
                    // Execute the prepared statement
                    $stmt->execute();
                }
            }
            $message = '<div class="alert alert-success">Data Imported Successfully</div>';
        } else {
            $message = '<div class="alert alert-danger">Error moving uploaded file</div>';
        }
    } else {
        $message = '<div class="alert alert-danger">Only .xls, .csv, or .xlsx file allowed</div>';
    }
} else {
    $message = '<div class="alert alert-danger">Please Select File</div>';
}

echo $message;
?>