$_SESSION['alloc']->trans_no = $payment_id;
$_SESSION['alloc']->date_ = $_POST['DatePaid'];
$_SESSION['alloc']->write();
unset($_POST['bank_account']);
unset($_POST['DatePaid']);
unset($_POST['currency']);
unset($_POST['memo_']);
unset($_POST['amount']);
unset($_POST['discount']);
unset($_POST['ProcessSuppPayment']);
meta_forward($_SERVER['PHP_SELF'], "AddedID={$payment_id}&supplier_id=" . $_POST['supplier_id']);
}
//----------------------------------------------------------------------------------------
if (isset($_POST['ProcessSuppPayment'])) {
/*First off check for valid inputs */
if (check_inputs() == true) {
handle_add_payment();
end_page();
exit;
}
}
//----------------------------------------------------------------------------------------
start_form();
start_outer_table(TABLESTYLE2, "width='60%'", 5);
table_section(1);
supplier_list_row(_("Payment To:"), 'supplier_id', null, false, true);
if (list_updated('supplier_id') || list_updated('bank_account')) {
$_SESSION['alloc']->read();
$_POST['memo_'] = $_POST['amount'] = '';
$Ajax->activate('alloc_tbl');
}
generate_option("greenHome", "Green Borderlands", "map_type");
generate_option("blueHome", "Blue Borderlands", "map_type");
generate_option("redHome", "Red Borderlands", "map_type");
generate_option("home", "All Borderlands", "map_type");
echo "</select></td></tr>\n\t\t<tr><td>Guild name: </td><td><input type=\"text\" name=\"guild_name\" value=\"" . $_GET["guild_name"] . "\"/></td></tr>\n\t\t<tr><td>Guild tag: </td><td><input type=\"text\" name=\"guild_tag\" value=\"" . $_GET["guild_tag"] . "\"/></td></tr>";
echo "</table></div>\n\t<table>\n\t<tr>\n\t<td><input type=\"submit\" value=\"Submit Query\"/></td><td style=\"width:175px\"></td>\n\t</form></td>\n\t<td><form action=\"guild_analyser.php\">\n\t\t<input type=\"submit\" value=\"Reset fields\"/>\n\t</form></td>\n\t</tr>\n\t</table>";
?>
<br/>
<?php
$guildClaimQuery = "SELECT count(*) as \"Number of Claims\", guild_name as \"Guild Name\", guild_tag as \"Guild Tag\"\n\t\tFROM activity_data\n\t\tINNER JOIN server_info ON activity_data.owner_server = server_info.srv_id\n\t\tINNER JOIN objective ON activity_data.obj_id=objective.obj_id\n\t\tINNER JOIN guild ON guild.guild_id = activity_data.guild_id\n\t\tINNER JOIN match_details on match_details.match_id=activity_data.match_id\n\t\tWHERE match_details.start_time = activity_data.start_time and guild_name!=\"\" ";
//automatically eliminate any activity-data without a guild claim
if ($_GET["match_num"] == "" and $_GET["week_num"] == "" and $_GET["obj_owner"] == "" and $_GET["owner_color"] == "" and $_GET["last_flipped_begin"] == "" and $_GET["last_flipped_end"] == "" and $_GET["claimed_at_begin"] == "" and $_GET["claimed_at_end"] == "" and $_GET["tick_timer_begin"] == "" and $_GET["tick_timer_end"] == "" and $_GET["obj_name"] == "" and $_GET["obj_type"] == "" and $_GET["map_type"] == "" and $_GET["guild_name"] == "" and $_GET["guild_tag"] == "" and $_GET["region"] == "") {
die("");
//if the user did not enter any search criteria, stop early
}
check_inputs();
if ($_GET["region"] != "") {
$guildClaimQuery .= "and activity_data.match_id LIKE \"" . $_GET["region"] . "-%\" ";
}
if ($_GET["match_num"] != "") {
$guildClaimQuery .= "and activity_data.match_id LIKE \"%-" . $_GET["match_num"] . "\" ";
}
if ($_GET["week_num"] != "") {
$guildClaimQuery .= "and week_num = \"" . $_GET["week_num"] . "\" ";
}
if ($_GET["obj_owner"] != "") {
if (strlen($_GET["obj_owner"]) < 4) {
$guildClaimQuery .= "and server_info.shortName = \"" . $_GET["obj_owner"] . "\" ";
} else {
$guildClaimQuery .= "and server_info.name LIKE \"%" . $_GET["obj_owner"] . "%\" ";
}
*/
$table .= $tbody;
$table .= '</table>';
/**
* Set <main.'s innerHTML to be <table>
*/
$resp->html('main', $table);
} else {
$resp->notify('Nothing to report', "No errors in {$_POST['file']} of that type", 'images/icons/db.png');
}
} else {
$resp->notify('Something went wrong :(', 'Either file is not set or does not match the set pattern', 'images/icons/db.png');
}
break;
case 'comments':
$invalid = check_inputs(['comment_author' => '[\\w\\.\\-, ]+', 'comment_email' => is_email($_POST['comment_email'])]);
if (is_null($invalid)) {
$comment = str_replace(["\r", "\n", "\r\n"], ['<br />'], strip_tags(preg_replace_callback('/(?<=\\<code\\>).*?(?=\\<\\/code\\>)/', function ($code) {
return htmlentities($code[0]);
}, $_POST['comment']), '<br><p><span><div><a><ul><ol><li><i><u><b><em><u><h1><h2><h3><h4><h5><h6><pre><s><samp><strong><big><small><sup><sub><del><ins><code><var><kbd><cite>'));
$post = $_POST['for_post'];
$template = \shgysk8zer0\Core\template::load('comments');
$author = $_POST['comment_author'];
$author_url = (array_key_exists('comment_url', $_POST) and is_url($_POST['comment_url'])) ? $_POST['comment_url'] : '';
$author_email = $_POST['comment_email'];
$time = date('Y-m-d H:i:s');
$post_title = ucwords(urldecode($post));
$template = new \shgysk8zer0\Core\Template('comment_created_notification');
$template->author($author)->author_url($author_url)->author_email("{$author} <{$author_email}>")->time(date('r', strtotime($time)))->comment($comment)->post(ucwords(urldecode($post)))->post_url(URL . "/posts/{$post}");
$email = new \shgysk8zer0\Core\email($_SERVER['SERVER_ADMIN'], "New comment on {$post_title} by {$author}", \shgysk8zer0\Core\template::load('comment_created_notification')->author($author)->author_url($author_url)->author_email("{$author} <{$author_email}>")->time(date('r', strtotime($time)))->comment($comment)->post(ucwords(urldecode($post)))->post_url(URL . "/posts/{$post}")->out(), ['Reply-To' => "{$author} <{$author_email}>"]);
$DB->prepare("INSERT INTO `comments`(\n\t\t\t\t\t`comment`,\n\t\t\t\t\t`author`,\n\t\t\t\t\t`author_url`,\n\t\t\t\t\t`author_email`,\n\t\t\t\t\t`post`\n\t\t\t\t) VALUES (\n\t\t\t\t\t:comment,\n\t\t\t\t\t:author,\n\t\t\t\t\t:author_url,\n\t\t\t\t\t:author_email,\n\t\t\t\t\t:post\n\t\t\t\t);")->bind(['comment' => $comment, 'author' => $author, 'author_url' => $author_url, 'author_email' => $author_email, 'post' => $post])->execute();
<?php
session_start();
include "setting.php";
if (!check_post()) {
print "フォームは全て記入してください。";
exit;
}
$check = check_inputs();
if ($check != '') {
print $check;
exit;
}
$login_name = $_POST["login_name"];
$pwd = $_POST["pwd"];
$sex = getSex($_POST["sex"]);
$hashpwd = password_hash($pwd, PASSWORD_DEFAULT);
$db = new mydb();
if (check_exist_user($db, $login_name) == true) {
$query = "INSERT INTO member (login_name,pwd,sex) VALUES(\$1, \$2, \$3)";
$result = $db->query($query, array($login_name, $hashpwd, $sex));
if ($result == false) {
print "登録に失敗しました。";
} else {
$query = "select id from member where login_name=\$1";
$result = $db->query($query, array($login_name), "getid");
$row = pg_fetch_assoc($result, 0);
regist_success($login_name, $row['id']);
}
} else {
print "指定されたユーザー名は利用できません。";