public static function addUser($obj_User) { $db = config::dbconfig(); $obj_retresult = new returnResult(); $obj_User->userId = DAL_manageUser::getLastUserId() + 1; $sql = "INSERT INTO tbl_user (userId,userName,password,personId,userType,userOptCode,userMetadata,userStatus) \n\t\tVALUES (" . common::noSqlInject($obj_User->userId) . "," . "'" . common::noSqlInject($obj_User->userName) . "'" . "," . "'" . common::noSqlInject($obj_User->password) . "'" . "," . common::noSqlInject($obj_User->personId) . "," . common::noSqlInject($obj_User->userType) . "," . "'" . common::noSqlInject($obj_User->userOptCode) . "'" . "," . "'" . common::noSqlInject($obj_User->userMetadata) . "'" . "," . common::noSqlInject($obj_User->userStatus) . ");"; $rs = mysql_query($sql); if (mysql_affected_rows() > 0) { $obj_retresult->type = 1; $obj_retresult->msg = "success"; $obj_retresult->data = $obj_User; } else { $obj_retresult->type = 0; $obj_retresult->msg = "failed"; } return $obj_retresult; }