'nome'=>array('type'=>'string', 'length'=>255),
'codweb'=>array('type'=>'string', 'length'=>25),
'tipo_proced'=>array('type'=>'string', 'length'=>25),
'responsable'=>array('type'=>'string', 'length'=>50),
'corresponsable1'=>array('type'=>'string', 'length'=>50),
'corresponsable2'=>array('type'=>'string', 'length'=>50),
'corresponsable3'=>array('type'=>'string', 'length'=>50),
'cons1select'=>array('type'=>'int', 'length'=>2),
'cons2select'=>array('type'=>'int', 'length'=>2),
'observacions'=>array('type'=>'string', 'length'=>5000),
'promotor'=>array('type'=>'string', 'length'=>255),
'org_promotor'=>array('type'=>'string', 'length'=>255),
'org_sustantivo'=>array('type'=>'string', 'length'=>255),
'gid'=>array('type'=>'int', 'length'=>4)
);
validateSqlInj();
/**** end SQL Injection validation ****/
function updateLocal()
{
include '../conf/config.php';
// connection to database goes here
$dbconn = pg_connect("host={$host} port={$port} dbname={$db_name} user={$username} password={$password}") or die('Could not connect: ' . pg_last_error());
pg_set_client_encoding($dbconn, "utf-8");
$actualiza = "UPDATE locais SET \n\t\t\t\t\t\tnomecomercial='" . $_POST["nome"] . "', \n\t\t\t\t\t\tactividade_id='" . $_POST["actividade_id"] . "',\n\n\t\t\t\t\t\trexime='" . $_POST["rexime"] . "',\n\t\t\t\t\t\tapertura='" . $_POST["apertura"] . "',\n\t\t\t\t\t\tm2='" . $_POST["superficie"] . "',\n\t\t\t\t\t\tnomexerente='" . $_POST["xerente"] . "',\n\n\t\t\t\t\t\tzone_id='" . $_POST["zone_id"] . "',\n\t\t\t\t\t\t\n\t\t\t\t\t\tvia_id='" . $_POST["viaId"] . "',\n\t\t\t\t\t\trua='" . $_POST["rua"] . "',\n\t\t\t\t\t\tnum='" . $_POST["num"] . "',\n\t\t\t\t\t\tcp='" . $_POST["cp"] . "',\n\t\t\t\t\t\tlat='" . $_POST["lat"] . "',\n\t\t\t\t\t\tlon='" . $_POST["lon"] . "',\n\n\t\t\t\t\t\tweb='" . $_POST["web"] . "',\n\t\t\t\t\t\trs_facebook='" . $_POST["rs_facebook"] . "',\n\t\t\t\t\t\trs_twitter='" . $_POST["rs_twitter"] . "',\n\t\t\t\t\t\trs_pinterest='" . $_POST["rs_pinterest"] . "',\n\t\t\t\t\t\trs_youtube='" . $_POST["rs_youtube"] . "',\n\t\t\t\t\t\trs_instagram='" . $_POST["rs_instagram"] . "',\n\n\t\t\t\t\t\temail='" . $_POST["email"] . "',\n\t\t\t\t\t\ttelefono='" . $_POST["tlf"] . "',\n\t\t\t\t\t\tmobil='" . $_POST["mobil"] . "',\n\t\t\t\t\t\tfax='" . $_POST["fax"] . "'\n\t\t\t\t\t\t\n\n\t\t\t\t\tWHERE id = " . $_POST["idlocal"] . "; ";
pg_query($actualiza) or die('Could not insert: ' . pg_last_error());
pg_close($dbconn);
}
updateLocal();
if (!move_uploaded_file($_FILES['logo']['tmp_name'], $target)) {
$logo = null;
}
} else {
$logo = $local->logo;
}
//Cargando Photo
if (!empty($_FILES["photo"]["name"])) {
$photo_ext = pathinfo($_FILES["photo"]["name"], PATHINFO_EXTENSION);
$photo = $local->photo;
if ($photo == null) {
$cantidad_photos = getGlobal("cantidad_photos");
$cantidad_photos = intval($cantidad_photos[0]->valor);
$photo = "photo_" . ($cantidad_photos + 1) . "." . $photo_ext;
$target = "../../photos/" . $photo;
updateGlobal("cantidad_photos", $cantidad_photos + 1);
} else {
$target = "../../photos/" . $photo;
@unlink($target);
}
if (!move_uploaded_file($_FILES['photo']['tmp_name'], $target)) {
$photo = null;
}
} else {
$photo = $local->photo;
}
$usuario = $_SESSION["userid"];
updateLocal($id, $nombre, $telefono, $email, $logo, $photo, $horario, $descripcion);
$html = file_get_contents("update-shop_exito.html");
}
echo $html;