/** * escape_special_chars common function * * Function: smarty_function_escape_special_chars<br> * Purpose: used by other smarty functions to escape * special chars except for already escaped ones * @author Monte Ohrt <monte at ohrt dot com> * @param string * @return string */ function smarty_function_escape_special_chars($string) { if (!is_array($string)) { $string = preg_replace('!&(#?\\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string); $string = htmlspecialchars2($string); $string = str_replace(array('%%%SMARTY_START%%%', '%%%SMARTY_END%%%'), array('&', ';'), $string); } return $string; }
/** * Smarty escape modifier plugin * * Type: modifier<br> * Name: escape<br> * Purpose: Escape the string according to escapement type * @link http://smarty.php.net/manual/en/language.modifier.escape.php * escape (Smarty online manual) * @author Monte Ohrt <monte at ohrt dot com> * @param string * @param html|htmlall|url|quotes|hex|hexentity|javascript * @return string */ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = 'ISO-8859-1') { switch ($esc_type) { case 'html': return htmlspecialchars2($string, ENT_QUOTES, $char_set); case 'htmlall': return htmlentities2($string, ENT_QUOTES, $char_set); case 'url': return rawurlencode($string); case 'urlpathinfo': return str_replace('%2F', '/', rawurlencode($string)); case 'quotes': // escape unescaped single quotes return preg_replace("%(?<!\\\\)'%", "\\'", $string); case 'hex': // escape every character into hex $return = ''; for ($x = 0; $x < strlen($string); $x++) { $return .= '%' . bin2hex($string[$x]); } return $return; case 'hexentity': $return = ''; for ($x = 0; $x < strlen($string); $x++) { $return .= '&#x' . bin2hex($string[$x]) . ';'; } return $return; case 'decentity': $return = ''; for ($x = 0; $x < strlen($string); $x++) { $return .= '&#' . ord($string[$x]) . ';'; } return $return; case 'javascript': // escape quotes and backslashes, newlines, etc. return strtr($string, array('\\' => '\\\\', "'" => "\\'", '"' => '\\"', "\r" => '\\r', "\n" => '\\n', '</' => '<\\/')); case 'mail': // safe way to display e-mail address on a web page return str_replace(array('@', '.'), array(' [AT] ', ' [DOT] '), $string); case 'nonstd': // escape non-standard chars, such as ms document quotes $_res = ''; for ($_i = 0, $_len = strlen($string); $_i < $_len; $_i++) { $_ord = ord(substr($string, $_i, 1)); // non-standard char, escape it if ($_ord >= 126) { $_res .= '&#' . $_ord . ';'; } else { $_res .= substr($string, $_i, 1); } } return $_res; default: return $string; } }
/** * Smarty debug_print_var modifier plugin * * Type: modifier<br> * Name: debug_print_var<br> * Purpose: formats variable contents for display in the console * @link http://smarty.php.net/manual/en/language.modifier.debug.print.var.php * debug_print_var (Smarty online manual) * @author Monte Ohrt <monte at ohrt dot com> * @param array|object * @param integer * @param integer * @return string */ function smarty_modifier_debug_print_var($var, $depth = 0, $length = 40) { $_replace = array("\n" => '<i>\\n</i>', "\r" => '<i>\\r</i>', "\t" => '<i>\\t</i>'); switch (gettype($var)) { case 'array': $results = '<b>Array (' . count($var) . ')</b>'; foreach ($var as $curr_key => $curr_val) { $results .= '<br>' . str_repeat(' ', $depth * 2) . '<b>' . strtr($curr_key, $_replace) . '</b> => ' . smarty_modifier_debug_print_var($curr_val, ++$depth, $length); $depth--; } break; case 'object': $object_vars = get_object_vars($var); $results = '<b>' . get_class($var) . ' Object (' . count($object_vars) . ')</b>'; foreach ($object_vars as $curr_key => $curr_val) { $results .= '<br>' . str_repeat(' ', $depth * 2) . '<b> ->' . strtr($curr_key, $_replace) . '</b> = ' . smarty_modifier_debug_print_var($curr_val, ++$depth, $length); $depth--; } break; case 'boolean': case 'NULL': case 'resource': if (true === $var) { $results = 'true'; } elseif (false === $var) { $results = 'false'; } elseif (null === $var) { $results = 'null'; } else { $results = htmlspecialchars2((string) $var); } $results = '<i>' . $results . '</i>'; break; case 'integer': case 'float': $results = htmlspecialchars2((string) $var); break; case 'string': $results = strtr($var, $_replace); if (strlen($var) > $length) { $results = substr($var, 0, $length - 3) . '...'; } $results = htmlspecialchars2('"' . $results . '"'); break; case 'unknown type': default: $results = strtr((string) $var, $_replace); if (strlen($results) > $length) { $results = substr($results, 0, $length - 3) . '...'; } $results = htmlspecialchars2($results); } return $results; }
<option value="1" <?php echo get_selected($ev['ev_use'], 1); ?> >사용</option> <option value="0" <?php echo get_selected($ev['ev_use'], 0); ?> >사용안함</option> </select> </td> </tr> <tr> <th scope="row"><label for="ev_subject">이벤트제목</label></th> <td> <input type="text" name="ev_subject" value="<?php echo htmlspecialchars2($ev['ev_subject']); ?> " id="ev_subject" required class="required frm_input" size="60"> <input type="checkbox" name="ev_subject_strong" value="1" id="ev_subject_strong" <?php if ($ev['ev_subject_strong']) { echo 'checked="checked"'; } ?> > <label for="ev_subject_strong">제목 강조</label> </td> </tr> <tr> <th scope="row"><label for="ev_mimg">배너이미지</label></th> <td> <?php
?> <a href="<?php echo G5_BBS_URL; ?> /content.php?co_id=<?php echo $co_id; ?> " class="btn_frmline">내용확인</a><?php } ?> </td> </tr> <tr> <th scope="row"><label for="co_subject">제목</label></th> <td><input type="text" name="co_subject" value="<?php echo htmlspecialchars2($co['co_subject']); ?> " id="co_subject" required class="frm_input required" size="90"></td> </tr> <tr> <th scope="row">내용</th> <td> <textarea id="co_content" name="co_content" class="co_content" ><?php echo $co['co_content']; ?> </textarea> <div id="co_content_editor"><?php echo htmlspecialchars($co['co_content']); ?> </div> </td>
/** * compile a resource * * sets $compiled_content to the compiled source * @param string $resource_name * @param string $source_content * @param string $compiled_content * @return true */ function _compile_file($resource_name, $source_content, &$compiled_content) { if ($this->security) { // do not allow php syntax to be executed unless specified if ($this->php_handling == SMARTY_PHP_ALLOW && !$this->security_settings['PHP_HANDLING']) { $this->php_handling = SMARTY_PHP_PASSTHRU; } } $this->_load_filters(); $this->_current_file = $resource_name; $this->_current_line_no = 1; $ldq = preg_quote($this->left_delimiter, '~'); $rdq = preg_quote($this->right_delimiter, '~'); // run template source through prefilter functions if (count($this->_plugins['prefilter']) > 0) { foreach ($this->_plugins['prefilter'] as $filter_name => $prefilter) { if ($prefilter === false) { continue; } if ($prefilter[3] || is_callable($prefilter[0])) { $source_content = call_user_func_array($prefilter[0], array($source_content, &$this)); $this->_plugins['prefilter'][$filter_name][3] = true; } else { $this->_trigger_fatal_error("[plugin] prefilter '{$filter_name}' is not implemented"); } } } /* fetch all special blocks */ $search = "~{$ldq}\\*(.*?)\\*{$rdq}|{$ldq}\\s*literal\\s*{$rdq}(.*?){$ldq}\\s*/literal\\s*{$rdq}|{$ldq}\\s*php\\s*{$rdq}(.*?){$ldq}\\s*/php\\s*{$rdq}~s"; preg_match_all($search, $source_content, $match, PREG_SET_ORDER); $this->_folded_blocks = $match; reset($this->_folded_blocks); /* replace special blocks by "{php}" */ /** @TODO - modifier 'e' deprecated */ $source_content = @preg_replace($search . 'e', "'" . $this->_quote_replace($this->left_delimiter) . 'php' . "' . str_repeat(\"\n\", substr_count('\\0', \"\n\")) .'" . $this->_quote_replace($this->right_delimiter) . "'", $source_content); /* Gather all template tags. */ preg_match_all("~{$ldq}\\s*(.*?)\\s*{$rdq}~s", $source_content, $_match); $template_tags = $_match[1]; /* Split content by template tags to obtain non-template content. */ $text_blocks = preg_split("~{$ldq}.*?{$rdq}~s", $source_content); /* loop through text blocks */ for ($curr_tb = 0, $for_max = count($text_blocks); $curr_tb < $for_max; $curr_tb++) { /* match anything resembling php tags */ if (preg_match_all('~(<\\?(?:\\w+|=)?|\\?>|language\\s*=\\s*[\\"\']?\\s*php\\s*[\\"\']?)~is', $text_blocks[$curr_tb], $sp_match)) { /* replace tags with placeholders to prevent recursive replacements */ $sp_match[1] = array_unique($sp_match[1]); usort($sp_match[1], '_smarty_sort_length'); for ($curr_sp = 0, $for_max2 = count($sp_match[1]); $curr_sp < $for_max2; $curr_sp++) { $text_blocks[$curr_tb] = str_replace($sp_match[1][$curr_sp], '%%%SMARTYSP' . $curr_sp . '%%%', $text_blocks[$curr_tb]); } /* process each one */ for ($curr_sp = 0, $for_max2 = count($sp_match[1]); $curr_sp < $for_max2; $curr_sp++) { if ($this->php_handling == SMARTY_PHP_PASSTHRU) { /* echo php contents */ $text_blocks[$curr_tb] = str_replace('%%%SMARTYSP' . $curr_sp . '%%%', '<?php echo \'' . str_replace("'", "\\'", $sp_match[1][$curr_sp]) . '\'; ?>' . "\n", $text_blocks[$curr_tb]); } else { if ($this->php_handling == SMARTY_PHP_QUOTE) { /* quote php tags */ $text_blocks[$curr_tb] = str_replace('%%%SMARTYSP' . $curr_sp . '%%%', htmlspecialchars2($sp_match[1][$curr_sp]), $text_blocks[$curr_tb]); } else { if ($this->php_handling == SMARTY_PHP_REMOVE) { /* remove php tags */ $text_blocks[$curr_tb] = str_replace('%%%SMARTYSP' . $curr_sp . '%%%', '', $text_blocks[$curr_tb]); } else { /* SMARTY_PHP_ALLOW, but echo non php starting tags */ $sp_match[1][$curr_sp] = preg_replace('~(<\\?(?!php|=|$))~i', '<?php echo \'\\1\'?>' . "\n", $sp_match[1][$curr_sp]); $text_blocks[$curr_tb] = str_replace('%%%SMARTYSP' . $curr_sp . '%%%', $sp_match[1][$curr_sp], $text_blocks[$curr_tb]); } } } } } } /* Compile the template tags into PHP code. */ $compiled_tags = array(); for ($i = 0, $for_max = count($template_tags); $i < $for_max; $i++) { $this->_current_line_no += substr_count($text_blocks[$i], "\n"); $compiled_tags[] = $this->_compile_tag($template_tags[$i]); $this->_current_line_no += substr_count($template_tags[$i], "\n"); } if (count($this->_tag_stack) > 0) { list($_open_tag, $_line_no) = end($this->_tag_stack); $this->_syntax_error("unclosed tag \\{{$_open_tag}} (opened line {$_line_no}).", E_USER_ERROR, __FILE__, __LINE__); return; } /* Reformat $text_blocks between 'strip' and '/strip' tags, removing spaces, tabs and newlines. */ $strip = false; for ($i = 0, $for_max = count($compiled_tags); $i < $for_max; $i++) { if ($compiled_tags[$i] == '{strip}') { $compiled_tags[$i] = ''; $strip = true; /* remove leading whitespaces */ $text_blocks[$i + 1] = ltrim($text_blocks[$i + 1]); } if ($strip) { /* strip all $text_blocks before the next '/strip' */ for ($j = $i + 1; $j < $for_max; $j++) { /* remove leading and trailing whitespaces of each line */ $text_blocks[$j] = preg_replace('![\\t ]*[\\r\\n]+[\\t ]*!', '', $text_blocks[$j]); if ($compiled_tags[$j] == '{/strip}') { /* remove trailing whitespaces from the last text_block */ $text_blocks[$j] = rtrim($text_blocks[$j]); } $text_blocks[$j] = "<?php echo '" . strtr($text_blocks[$j], array("'" => "\\'", "\\" => "\\\\")) . "'; ?>"; if ($compiled_tags[$j] == '{/strip}') { $compiled_tags[$j] = "\n"; /* slurped by php, but necessary if a newline is following the closing strip-tag */ $strip = false; $i = $j; break; } } } } $compiled_content = ''; $tag_guard = '%%%SMARTYOTG' . md5(uniqid(rand(), true)) . '%%%'; /* Interleave the compiled contents and text blocks to get the final result. */ for ($i = 0, $for_max = count($compiled_tags); $i < $for_max; $i++) { if ($compiled_tags[$i] == '') { // tag result empty, remove first newline from following text block $text_blocks[$i + 1] = preg_replace('~^(\\r\\n|\\r|\\n)~', '', $text_blocks[$i + 1]); } // replace legit PHP tags with placeholder $text_blocks[$i] = str_replace('<?', $tag_guard, $text_blocks[$i]); $compiled_tags[$i] = str_replace('<?', $tag_guard, $compiled_tags[$i]); $compiled_content .= $text_blocks[$i] . $compiled_tags[$i]; } $compiled_content .= str_replace('<?', $tag_guard, $text_blocks[$i]); // escape php tags created by interleaving $compiled_content = str_replace('<?', "<?php echo '<?' ?>\n", $compiled_content); $compiled_content = preg_replace("~(?<!')language\\s*=\\s*[\"\\']?\\s*php\\s*[\"\\']?~", "<?php echo 'language=php' ?>\n", $compiled_content); // recover legit tags $compiled_content = str_replace($tag_guard, '<?', $compiled_content); // remove \n from the end of the file, if any if (strlen($compiled_content) && substr($compiled_content, -1) == "\n") { $compiled_content = substr($compiled_content, 0, -1); } if (!empty($this->_cache_serial)) { $compiled_content = "<?php \$this->_cache_serials['" . $this->_cache_include . "'] = '" . $this->_cache_serial . "'; ?>" . $compiled_content; } // run compiled template through postfilter functions if (count($this->_plugins['postfilter']) > 0) { foreach ($this->_plugins['postfilter'] as $filter_name => $postfilter) { if ($postfilter === false) { continue; } if ($postfilter[3] || is_callable($postfilter[0])) { $compiled_content = call_user_func_array($postfilter[0], array($compiled_content, &$this)); $this->_plugins['postfilter'][$filter_name][3] = true; } else { $this->_trigger_fatal_error("Smarty plugin error: postfilter '{$filter_name}' is not implemented"); } } } // put header at the top of the compiled template $template_header = "<?php /* Smarty version " . $this->_version . ", created on " . strftime("%Y-%m-%d %H:%M:%S") . "\n"; $template_header .= " compiled from " . strtr(urlencode($resource_name), array('%2F' => '/', '%3A' => ':')) . " */ ?>\n"; /* Emit code to load needed plugins. */ $this->_plugins_code = ''; if (count($this->_plugin_info)) { $_plugins_params = "array('plugins' => array("; foreach ($this->_plugin_info as $plugin_type => $plugins) { foreach ($plugins as $plugin_name => $plugin_info) { $_plugins_params .= "array('{$plugin_type}', '{$plugin_name}', '" . strtr($plugin_info[0], array("'" => "\\'", "\\" => "\\\\")) . "', {$plugin_info['1']}, "; $_plugins_params .= $plugin_info[2] ? 'true),' : 'false),'; } } $_plugins_params .= '))'; $plugins_code = "<?php require_once(SMARTY_CORE_DIR . 'core.load_plugins.php');\nsmarty_core_load_plugins({$_plugins_params}, \$this); ?>\n"; $template_header .= $plugins_code; $this->_plugin_info = array(); $this->_plugins_code = $plugins_code; } if ($this->_init_smarty_vars) { $template_header .= "<?php require_once(SMARTY_CORE_DIR . 'core.assign_smarty_interface.php');\nsmarty_core_assign_smarty_interface(null, \$this); ?>\n"; $this->_init_smarty_vars = false; } $compiled_content = $template_header . $compiled_content; return true; }
include G5_SHOP_PATH . '/kcp/pp_ax_hub_cancel.php'; break; } } // 관리자에게 오류 알림 메일발송 $error = 'status'; include G5_SHOP_PATH . '/ordererrormail.php'; // 주문삭제 sql_query(" delete from {$g5['g5_shop_order_table']} where od_id = '{$od_id}' "); die('<p>고객님의 주문 정보를 처리하는 중 오류가 발생해서 주문이 완료되지 않았습니다.</p><p>' . strtoupper($od_pg) . '를 이용한 전자결제(신용카드, 계좌이체, 가상계좌 등)은 자동 취소되었습니다.'); } // 회원이면서 포인트를 사용했다면 테이블에 사용을 추가 if ($is_member && $od_receipt_point) { insert_point($member['mb_id'], -1 * $od_receipt_point, "주문번호 {$od_id} 결제"); } $od_memo = nl2br(htmlspecialchars2(stripslashes($od_memo))) . " "; // 쿠폰사용내역기록 if ($is_member) { $it_cp_cnt = count($_POST['cp_id']); for ($i = 0; $i < $it_cp_cnt; $i++) { $cid = $_POST['cp_id'][$i]; $cp_it_id = $_POST['it_id'][$i]; $cp_prc = (int) $arr_it_cp_prc[$cp_it_id]; if (trim($cid)) { $sql = " insert into {$g5['g5_shop_coupon_log_table']}\n set cp_id = '{$cid}',\n mb_id = '{$member['mb_id']}',\n od_id = '{$od_id}',\n cp_price = '{$cp_prc}',\n cl_datetime = '" . G5_TIME_YMDHIS . "' "; sql_query($sql); } // 쿠폰사용금액 cart에 기록 $cp_prc = (int) $arr_it_cp_prc[$cp_it_id]; $sql = " update {$g5['g5_shop_cart_table']}\n set cp_price = '{$cp_prc}'\n where od_id = '{$od_id}'\n and it_id = '{$cp_it_id}'\n and ct_select = '1'\n order by ct_id asc\n limit 1 "; sql_query($sql);
</span>수정</a> <a href="<?php echo G5_BBS_URL; ?> /content.php?co_id=<?php echo $row['co_id']; ?> "><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span> 보기</a> <a href="./contentformupdate.php?w=d&co_id=<?php echo $row['co_id']; ?> " onclick="return delete_confirm();"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span>삭제</a> </td> </tr> <?php } if ($i == 0) { echo '<tr><td colspan="3" class="empty_table">자료가 한건도 없습니다.</td></tr>'; } ?> </tbody> </table> </div> <?php
include_once G5_EDITOR_LIB; auth_check($auth[$sub_menu], "w"); $sql = " select * from {$g5['faq_master_table']} where fm_id = '{$fm_id}' "; $fm = sql_fetch($sql); $html_title = 'FAQ ' . $fm['fm_subject']; $g5['title'] = $html_title . ' 관리'; if ($w == "u") { $html_title .= " 수정"; $readonly = " readonly"; $sql = " select * from {$g5['faq_table']} where fa_id = '{$fa_id}' "; $fa = sql_fetch($sql); if (!$fa['fa_id']) { alert("등록된 자료가 없습니다."); } $fa['fa_subject'] = htmlspecialchars2($fa['fa_subject']); $fa['fa_content'] = htmlspecialchars2($fa['fa_content']); } else { $html_title .= ' 항목 입력'; } include_once G5_ADMIN_PATH . '/admin.head.php'; ?> <form name="frmfaqform" action="./faqformupdate.php" onsubmit="return frmfaqform_check(this);" method="post"> <input type="hidden" name="w" value="<?php echo $w; ?> "> <input type="hidden" name="fm_id" value="<?php echo $fm_id; ?> ">
echo $href; ?> "><?php echo get_it_image($row['it_id'], 50, 50); ?> </a></td> <td headers="th_pc_title" rowspan="2" class="td_input"> <label for="name_<?php echo $i; ?> " class="sound_only">상품명</label> <input type="text" name="it_name[<?php echo $i; ?> ]" value="<?php echo htmlspecialchars2(cut_str($row['it_name'], 250, "")); ?> " id="name_<?php echo $i; ?> " required class="frm_input required" size="30"> </td> <td headers="th_amt" class="td_numbig td_input"> <label for="price_<?php echo $i; ?> " class="sound_only">판매가격</label> <input type="text" name="it_price[<?php echo $i; ?> ]" value="<?php
> </td> </tr> <tr> <td>Merge to another ticket:</td> <td><input name="merged_to" type="text" value="<?php if ($result['merged_to']) { echo $result['merged_to']; } ?> "></td> </tr> <tr> <td>Title:</td> <td><input name="title" type="text" value="<?php echo htmlspecialchars2($result['title']); ?> " style="width:99%"></td> </tr> <tr> <td>Description:</td> </tr> <tr> <td colspan="2"> <textarea name="description" style="width:98%" rows="10"> <?php echo $result['description']; ?> </textarea> </td> </tr>
if(!$cnt) echo "<tr><td colspan=\"2\" align=\"center\">*** None ***</td></tr>\r\n"; sql_free_result($query2); ?> </table> </td></tr> <? } ?> <tr class="Karnaf_Head2"> <td colspan="2" align="center">Add new reply</td> </tr> <tr> <td width="1%">To:</td> <td><input name="reply_to" type="text" size="50" value="<?=htmlspecialchars2($result['uemail'])?>"></td> </tr> <tr> <td width="1%">CC:</td> <td><input name="reply_cc" type="text" size="50" value="<?=htmlspecialchars2($result['cc'])?>"></td> </tr> <tr> <td colspan="2"> <textarea rows="8" style="width:100%" name="reply_text" id="reply_text"></textarea><br> <input type="checkbox" name="is_private" id="is_private" <? if($result['private_actions']) echo " CHECKED"; ?>> Team reply (hide the oper's nick). <br> <input type="checkbox" name="is_waiting" id="is_waiting" CHECKED> Hold the ticket until the user reply. <br> <input type="checkbox" name="auto_assign" id="auto_assign" <? if(empty($result['rep_u'])) echo " CHECKED"; ?>> Automatically assign the ticket to me if it's not assigned to anyone. <br> Template: <select name="template" onChange="javascript:load_template(this.value);"> <option value="0">---</option> <? $query2 = squery("SELECT id,subject FROM karnaf_templates WHERE group_id=(SELECT id FROM groups WHERE name='%s')", $result['rep_g']);
} ?> <tr class="Karnaf_Head2"> <td colspan="2" align="center">Add new reply</td> </tr> <tr> <td width="1%">To:</td> <td><input name="reply_to" type="text" size="50" value="<?php echo htmlspecialchars2($result['uemail']); ?> "></td> </tr> <tr> <td width="1%">CC:</td> <td><input name="reply_cc" type="text" size="50" value="<?php echo htmlspecialchars2($result['cc']); ?> "></td> </tr> <tr> <td colspan="2"> <textarea rows="8" style="width:100%" name="reply_text" id="reply_text"></textarea><br> <input type="checkbox" name="is_private" id="is_private" <?php if ($result['private_actions']) { echo " CHECKED"; } ?> > Team reply (hide the oper's nick). <br> <input type="checkbox" name="is_waiting" id="is_waiting" CHECKED> Hold the ticket until the user reply. <br>
sql_free_result($query); echo '</select>'; echo '</td></td></tr>'; } else { if (is_array($row) && $row[1] == "password") { if (isset($rows_data[$row[0]])) { echo '<tr><td>' . $row[0] . '</td><td><td><input name="es-' . $row[0] . '" type="password" size="79" value="' . htmlspecialchars2($rows_data[$row[0]]) . '"></td></td></tr>'; } else { echo '<tr><td>' . $row[0] . '</td><td><td><input name="es-' . $row[0] . '" type="password" size="79"></td></td></tr>'; } } else { if (is_array($row)) { safe_die("EDITSQL Internal error!"); } else { if (isset($rows_data[$row])) { echo '<tr><td>' . $row . '</td><td><td><input name="es-' . $row . '" type="textbox" size="79" value="' . htmlspecialchars2($rows_data[$row]) . '"></td></td></tr>'; } else { echo '<tr><td>' . $row . '</td><td><td><input name="es-' . $row . '" type="textbox" size="79"></td></td></tr>'; } } } } } } ?> <tr> <td colspan="3" align="center"> <input name="submit" type="submit" value="Update"> </td> </tr> </table>
?> "><?php echo $result2['from_number']; ?> </option> <?php } sql_free_result($query2); ?> </select> </td> </tr> <tr> <td>To:</td> <td><input name="sms_to" type="text" size="50" value="<?php echo htmlspecialchars2($result['uphone']); ?> "></td> </tr> <tr> <td colspan="2"> <textarea rows="8" style="width:100%" name="sms_body" id="sms_body"></textarea><br> </td> </tr> </table> <br> <center> <input type=button name="edit_button" id="edit_button" value="Send SMS" onClick="javascript:submit1_onclick()"> <?php if ($result['status'] == 0) { ?>