<?php
header("Content-Type:text/html;charset=utf-8");
require_once "../../admin.inc.php";
// Connect Database
require_once "../../php-bin/function.php";
// access control checking
require_once "z_access_control.php";
require_once "../../php-bin/pagedisplay.php";
// function for resize photo
// require_once("../../include/image.class.php");
$id = $_POST[id] | 0;
$sql = " SELECT * FROM tbl_activity WHERE id=" . $id;
$result = mysql_query($sql);
if ($obj = mysql_fetch_object($result)) {
access_detail_check($obj->type_id);
} else {
exit;
}
//////////////////////////////////////////////////////////////////////////////////////////////////////
/* Start Upload Photo */
//////////////////////////////////////////////////////////////////////////////////////////////////////
foreach ($_FILES["photo"]["error"] as $key => $error) {
if ($error == UPLOAD_ERR_OK) {
$upfile = $_FILES["photo"]["tmp_name"][$key];
$remark = EncodeHTMLTag($_POST["remark"][$key]);
$g_order = $_POST["order"][$key] | 0;
$ext = strrchr($_FILES["photo"]['name'][$key], ".");
$ran_num = (time() | 0) . "_" . rand(0, 999999999);
$output_path = "../../gallery_activity/";
$file_name = $id . "_{$ran_num}.png";
require_once "z_access_control.php";
$file_id = $_GET['id'] | 0;
$file_type_id = 0;
$file_date = "";
$file_exp_date = "";
$file_title = "";
$file_serial = "";
$file_content = "";
$file_link_text = "";
$file_link_url = "";
$file_link_new_window = "";
$file_file_name = "";
$search_SQL = " SELECT * FROM tbl_file WHERE file_id=" . $file_id;
$search_Result = mysql_query($search_SQL, $link_id);
if ($search_Obj = mysql_fetch_object($search_Result)) {
access_detail_check($search_Obj->file_type_id);
$file_type_id = $search_Obj->file_type_id;
$file_date = $search_Obj->file_date;
$file_exp_date = $search_Obj->file_exp_date;
$file_title = $search_Obj->file_title;
$file_serial = $search_Obj->file_serial;
$file_content = $search_Obj->file_content;
$file_link_text = $search_Obj->file_link_text;
$file_link_url = $search_Obj->file_link_url;
$file_link_new_window = $search_Obj->file_link_new_window;
$file_photo = $search_Obj->file_photo;
$file_file_name = $search_Obj->file_file_name;
}
?>
<html>
<head>
<?php
header("Content-Type:text/html;charset=utf-8");
require_once "../../admin.inc.php";
require_once "gallery_selection.php";
$record = mysql_fetch_object($get_result3);
access_detail_check($record->type_id);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>學生作品管理 </title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK REL="StyleSheet" TYPE="text/css" HREF="../../js/style.css">
<style type="text/css">
<!--
.style2 {color: #006699}
.style5 {color: #666666}
-->
</style>
<script language="javascript">
<!--
function PhotoAdd() {
document.gallery.action="photo_add.php";
}
function Delete_Photo(file_name) {
if ( confirm('你確定要刪除這張相片嗎?') ) {
location='photo_delete_process.php?file_name='+file_name+'&id=<?php
echo $_GET[id];
// access control checking
require_once "z_access_control.php";
$file_name = EncodeHTMLTag($_POST["file_name"]);
$remark = EncodeHTMLTag($_POST["remark"]);
$g_order = $_POST["order"] | 0;
// this is a Wrong SQL
//$img_sql = " SELECT * FROM tbl_activity_gallery WHERE file_name='$file_name' ";
//Renew By Godmark 20070301
$img_sql = "SELECT ta.type_id FROM `tbl_activity_gallery` AS tg , \r\n`tbl_activity` AS ta LEFT JOIN tbl_activity_type AS tt ON(ta.type_id=tt.type_id) \r\nWHERE tg.act_id=ta.id AND tg.file_name='" . $file_name . "'\r\nORDER BY tg.g_order ASC, tg.file_name ASC";
mysql_query("set names utf8");
$img_result = mysql_query($img_sql, $link_id);
if ($img_obj = mysql_fetch_object($img_result)) {
//this is a Wrong Arg
//access_detail_check( $img_obj->act_id );
//Renew By Godmark 20070301
access_detail_check($img_obj->type_id);
$update_sql = "UPDATE `tbl_activity_gallery` SET\r\n\t`remark`='{$remark}',\r\n\t`g_order`={$g_order} \r\n\tWHERE `file_name`='{$file_name}' ";
//echo $update_sql;
mysql_query("set names utf8");
$run_status = mysql_query($update_sql);
if (!$run_status) {
$msg = str_replace(" ", "+", "tο~: " . mysql_error($link_id));
} else {
$msg = "The record had been updated successfully.";
}
mysql_close();
}
?>
<script language="javascript">
window.opener.location.reload();
window.close();
<?php
header("Content-Type:text/html;charset=utf-8");
// admin checking
require_once '../../admin.inc.php';
// Connect Database
require_once "../../php-bin/function.php";
// access control checking
require_once "z_access_control.php";
$file_id = $_POST['n_id'] | 0;
$type_id = $_POST["n_type_id"] | 0;
access_detail_check($type_id);
$date_year = $_POST[date_year] | 0;
$date_month = $_POST[date_month] | 0;
$date_day = $_POST[date_day] | 0;
$date = $date_year . "-" . $date_month . "-" . $date_day;
$file_year = 0;
// What is this useful???? By Godmark
// wγ~,Op~B
// 9 1 @Ӧ~ת}l
if ($date_year != 0 && $date_month != 0 && $date_day != 0) {
if ($date_month >= 9) {
$file_year = $date_year;
} else {
$file_year = $date_year - 1;
}
//pGOp9Y 8-31,ݩW@Ӧ~
}
$date2 = ($_POST["date_year2"] | 0) . "-" . ($_POST["date_month2"] | 0) . "-" . ($_POST["date_day2"] | 0);
$title = EncodeHTMLTag($_POST["n_title"]);
$serial = EncodeHTMLTag($_POST["n_serial"]);
