<?php
require ("opendb.php");
$conn = opendb();
$usercode = $_POST['usercode'];
$userpass = $_POST['userpass'];
$sql = "SELECT * FROM nextdate";
$result = $conn->query($sql);
$record = $result->fetch_assoc();
$month = $record['nextdate'];
$monthname = $record['nextdate'];
$monthtitle = ucfirst(substr($monthname, 0, 3)) . " 20". substr($monthname, 3, 2);
$sql = "SELECT * FROM receiver WHERE code=$usercode AND user_pwd = PASSWORD('$userpass')";
$result = $conn->query($sql);
$record = $result->fetch_assoc();
if ($record['code']==$usercode)
{
   echo '"' . $record['code']. '","'. $record['name']. '","'. $month . '","'. $monthtitle. '"';
   $sql = "SELECT SUM(amount) as amount FROM parties WHERE $month=$usercode";
   $res = $conn->query($sql);
   $row = $res->fetch_assoc();
   echo ',"'. intval($row['amount']). '"';
   $sql = "SELECT sum(amount) as amount FROM parties WHERE $month<>0";
   $res = $conn->query($sql);
   $row = $res->fetch_assoc();
   echo ',"'. intval($row['amount']). '"';
}
else
  echo "***";
?>