function list_users()
{
$dbh = get_connection($GLOBALS['db_access_info_daityo']);
if ($dbh == false) {
error_exit("データベースに接続できません。理由: {$php_errormsg}");
} else {
//error_exit("データベースに接続できました。");
}
$sql = "select employeecode, employeenamekana, employeenamekanji, password, categorycode, inoutflag, email" . " from employee" . " where (status <> " . bind_param(1, PRAM_STRING) . ")" . " and categorycode in ('005', '007')" . " and (employeecode <> '998' and employeecode <> '999')" . " order by employeecode";
$res = pg_query($dbh, $sql);
if ($res == false) {
error_exit("SQLの実行に失敗しました。理由: {$php_errormsg}");
} else {
$list = pg_fetch_all($res);
//$list = array();
//while($rc = pg_fetch_array($res)) {
// array_push($list, $rc);
//}
return $list;
}
}
<?php
echo '<pre>';
print_r($_POST);
// abre conexão com o banco
$mysqli = new mysqli("127.0.0.1", "user", "pass", "database");
// prepara a SQL para receber os parametros. Neste caso, apenas 1.
$con = $mysqli->prepare("INSERT INTO usuarios (nome, usuario, senha) VALUES (?, ?, ?)");
// atribui a variável $id ao primeiro ?, com o filtro “i” (inteiro). Filtros aceitos: i - inteiro, d - double, s - string, b - blob
$nome = $_POST['nome'];
$email = $_POST['email'];
$senha = sha1($_POST['senha']);
$nome > bind_param("sss", $nome, $email, $senha);
// executa a query já com o parâmetro incluído
$con > execute();
header('location:funcionarios.php');
function create_edit_source_info_sql($dbh, $formData, $user)
{
$sqls = array();
$productID = $formData['product_info'][FLD_PRODUCT_ID];
$modifyInfo = $formData['modifyInfo'];
if (!preg_match("/^\\d+\$/", $modifyInfo[FLD_MOD_ID])) {
error_exit("修正表No.が不正です。");
}
$modSourceInfo = $formData['modSourceInfo'];
// 対象レコードを全削除する SQL
$sql = "delete from t_modify_source" . " where modify_id = " . bind_param($modifyInfo[FLD_MOD_ID], PRAM_NOT_STRING) . " and tool_id = " . bind_param($formData[FLD_TOOLTYPE_ID], PRAM_NOT_STRING) . " and product_id = " . bind_param($productID, PRAM_NOT_STRING);
array_push($sqls, $sql);
if ($modSourceInfo != null && count($modSourceInfo) > 0) {
foreach ($modSourceInfo as $key => $val) {
// 毎回新規追加扱い
$sql = "insert into t_modify_source" . " (modify_id, tool_id, product_id, modify_source_id" . ", class_name, method_name, source_comment, editor_id)" . " values (" . bind_param($modifyInfo[FLD_MOD_ID], PRAM_NOT_STRING) . "," . bind_param($formData[FLD_TOOLTYPE_ID], PRAM_NOT_STRING) . "," . bind_param($productID, PRAM_NOT_STRING) . "," . bind_param($key, PRAM_STRING) . "," . bind_param($val[FLD_CLASS_NAME], PRAM_STRING) . "," . bind_param($val[FLD_METHOD_NAME], PRAM_STRING) . "," . bind_param($val[FLD_SOURCE_COMMENT], PRAM_STRING) . "," . bind_param($user[FLD_USER_ID], PRAM_STRING) . ")";
/*
// 対象レコードが存在するかチェックする SQL
$sqlTemp = "select modify_source_id from t_modify_source" .
" where modify_id = " . bind_param($modifyInfo[FLD_MOD_ID], PRAM_NOT_STRING) .
" and tool_id = " . bind_param($formData[FLD_TOOLTYPE_ID], PRAM_NOT_STRING) .
" and product_id = " . bind_param($productID, PRAM_NOT_STRING) .
" and modify_source_id = " . bind_param($key, PRAM_STRING);
$sql;
if (exist_rec($dbh, $sqlTemp)) {
// 対象レコードが存在すれば、update
$sql = "update t_modify_source set" .
" class_name = " . bind_param($val[FLD_CLASS_NAME], PRAM_STRING) . "," .
" method_name = " . bind_param($val[FLD_METHOD_NAME], PRAM_STRING) . "," .
" source_comment = " . bind_param($val[FLD_SOURCE_COMMENT], PRAM_STRING) . "," .
" editor_id = " . bind_param($user[FLD_USER_ID], PRAM_STRING) .
" where modify_id = " . bind_param($modifyInfo, PRAM_NOT_STRING) .
" and tool_id = " . bind_param($formData[FLD_TOOLTYPE_ID], PRAM_NOT_STRING) .
" and product_id = " . bind_param($productID, PRAM_NOT_STRING) .
" and modify_source_id = " . bind_param($key, PRAM_STRING);
} else {
// 対象レコードが存在しなければ insert
$sql = "insert into t_modify_source" .
" (modify_id, tool_id, product_id, modify_source_id" .
", class_name, method_name, source_comment, editor_id)" .
" values (" .
bind_param($modifyInfo[FLD_MOD_ID], PRAM_NOT_STRING) . "," .
bind_param($formData[FLD_TOOLTYPE_ID], PRAM_NOT_STRING) . "," .
bind_param($productID, PRAM_NOT_STRING) . "," .
bind_param($key, PRAM_STRING) . "," .
bind_param($val[FLD_CLASS_NAME], PRAM_STRING) . "," .
bind_param($val[FLD_METHOD_NAME], PRAM_STRING) . "," .
bind_param($val[FLD_SOURCE_COMMENT], PRAM_STRING) . "," .
bind_param($user[FLD_USER_ID], PRAM_STRING) .
")";
}
*/
array_push($sqls, $sql);
}
}
return $sqls;
}
