<?php session_start();include"conn.php";ob_start();

//Admin-borrow
if(isset($_POST['fpinj'])){
$h=mysqli_query($paut,"SELECT * FROM nms WHERE ids='".@$_POST['nms']."'");while($h1=mysqli_fetch_array($h)){
$nopin = $h1['nopin'];

if($nopin==$_POST['nopin']){

$fpinj=mysqli_query($paut,"INSERT INTO pnj (idbil,ids,Stat,d,m,y,t,ts) VALUES ('".@$_POST['bil']."','".@$_POST['nms']."','1','".date("d")."','".date("M")."','".date("Y")."','".date("h:i A")."','".date("d M Y h:i A")."')");
$kpinj=mysqli_query($paut,"UPDATE bil SET Stat='1' WHERE idbil='".@$_POST['bil']."'");

$r=mysqli_query($paut,"SELECT * FROM bil, nms WHERE bil.idbil=".$_POST['bil']." AND nms.ids=".$_POST['nms']."")or die("FAILED!!!");while($r1=mysqli_fetch_array($r)){
$_SESSION['STAF'] = $r1['Nms'];  //Nama Staf
$_SESSION['BILIK'] = $r1['Nm'];  //Nama Bilik 
$_SESSION['KBILIK'] = $r1['Kod']; //Kod Bilik
$_SESSION['nopinPINJAM'] = $r1['Kod'];

header("Location:RakAd.php");ob_end_clean();
}
}
else{$_SESSION['infoPINJAM'] = "NOMBOR PIN yang anda masukkan SALAH. Cuba lagi.";header("Location:RakAd.php");ob_end_clean();}
}

}
?>