} else {
if (check_pin_appid($pin, $appid) == false) {
DisplayDefaultForm();
echo "<script type=\"text/javascript\">alert(\"Registration No or Pin No is Wrong. Please Specify Correct one\")</script>";
return;
} else {
$folder = "photo/";
$trans = array("/" => "_");
$filename2 = strtr($appid, $trans);
$filename2 = $filename2 . "_" . "2" . ".jpg";
if (file_exists("photo/" . $filename2)) {
$pin = md5(md5($pin) + 111111);
header("Location: print.php?appid={$appid}&pin={$pin}");
exit;
} else {
DisplayDefaultForm();
echo "<script type=\"text/javascript\">alert(\"Please Upload image and signature\")</script>";
}
}
}
}
break;
default:
DisplayDefaultForm();
break;
}
} else {
DisplayDefaultForm();
}
?>
<!-- //dbsec applied -->
$comp01 = trim($_POST["expC00" . $k]);
$comp02 = trim($_POST["expC01" . $k]);
$comp03 = trim($_POST["expC02" . $k]);
$comp04 = trim($_POST["expC03" . $k]);
$comp05 = trim($_POST["expC04" . $k]);
$con = connect();
$sqlcomp = "INSERT INTO compknowledge (appid, course, subject, year, institute, duration) VALUES('" . $id . "', '" . mysql_real_escape_string($comp01) . "', '" . mysql_real_escape_string($comp02) . "','" . mysql_real_escape_string($comp03) . "', '" . mysql_real_escape_string($comp04) . "','" . mysql_real_escape_string($comp05) . "')";
disconnect($con);
executeSqlQuery($sqlcomp);
}
$pin = md5(md5($pin) + 111111);
header("Location: success.php?appid={$id}&pin={$pin}&post={$post}");
exit;
}
} else {
DisplayDefaultForm(NULL);
}
?>
<script type="text/javascript">
function showBlock() {
var sdid = document.getElementById("subdiv").value;
if (sdid == "") {
document.getElementById("block").innerHTML = "";
} else {
if (window.XMLHttpRequest) {
// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp = new XMLHttpRequest();
} else {
