$row['products_featured'] = ($_POST['products_featured']) ? $_POST['products_featured'] : 0;
$row['products_release_date'] = strtotime($_POST['products_release_date']);
$row['products_flat_shipping_price'] = $_POST['products_flat_shipping_price'];
$row['products_desc'] = $_POST['products_info_desc'];
$info['products_info_desc'] = $_POST['products_info_desc'];
$info['products_info_custom_1'] = ($_POST['products_info_custom_1']) ? $_POST['products_info_custom_1'] : '';
$info['products_info_custom_2'] = ($_POST['products_info_custom_2']) ? $_POST['products_info_custom_2'] : '';
$info['products_info_custom_3'] = ($_POST['products_info_custom_3']) ? $_POST['products_info_custom_3'] : '';
$info['products_info_custom_4'] = ($_POST['products_info_custom_4']) ? $_POST['products_info_custom_4'] : '';
$info['products_info_custom_5'] = ($_POST['products_info_custom_5']) ? $_POST['products_info_custom_5'] : 0;
if($_POST['action'] == 'addproduct') {
$row['products_date_added'] = time();
dbPerform('store_products', $row, 'insert');
$productID = dbInsertID();
$info['products_id'] = $productID;
dbPerform('store_products_info', $info, 'insert');
$message = "Added " . $_POST['products_title'] . " successfully";
}
if($_POST['action'] == 'editproduct') {
$productID = $_POST['id'];
dbPerform('store_products', $row, 'update', 'products_id = ' . $productID);
dbPerform('store_products_info', $info, 'update', 'products_id = ' . $productID);
$message = "Updated " . $_POST['products_title'] . " successfully";
}
$filesArray = $_FILES['image'];
if($_POST['email_display_home']) {
dbPerform("newsletters", $rows, "update", 'email_queue_id = ' . $_POST['email_id']);
}
addMessage('Your message has been saved');
redirect(PAGE_COMMUNICATION);
} else {
if($_POST['send'] == 'now'){
//sendNewsletter($queueID);
$field['email_queue_release_date'] = time();//set the time to now! other wise, if it's set to go on specific date we add the time as 1:00am on that day!
}
dbPerform('email_queue', $field, 'insert');
$queueID = dbInsertID();
if($_POST['email_display_home']) {
$rows['email_queue_id'] = $queueID;
dbPerform('newsletters', $rows, 'insert');
}
addMessage('Your message has been added to the queue, you can view the queue at anytime by clicking on the Queue tab');
redirect(PAGE_COMMUNICATION);
}
break;
}
}
if(!$_GET['section']) {
} else {
$event['calendar_events_type'] = $_POST['calendar_events_type'];
}
//$event['calendar_events_date_added'] = time();
$event['calendar_events_featured'] = $_POST['calendar_events_featured'];
if($_POST['repeats'] == 'never') {
$event['calendar_events_repeats'] = 0;
} else {
$event['calendar_events_repeats'] = 1;
}
dbPerform('calendar_events', $event, 'insert');
$_POST['id'] = dbInsertID();
if($_FILES['event_image']['name'] != '') {
//uploading image!
$filename = time()."_".$_FILES['event_image']['name'];
uploadFile($_FILES['event_image'], $filename);
makeThumbnail($filename, UPLOAD_DIR, 150, '', 'small');
makeThumbnail($filename, UPLOAD_DIR, 50, '', 'xsmall');
makeThumbnail($filename, UPLOAD_DIR, 250, '', 'large');
$event['calendar_events_image'] = $filename;
}
if($_FILES['event_main_image']['name'] != '') {
//uploading image!
$filename = time()."_".$_FILES['event_main_image']['name'];
uploadFile($_FILES['event_main_image'], $filename);
//save user!
$user['user_name'] = $_POST['user_name'];
$user['user_password'] = $_POST['user_password'];
if($_POST['action'] == 'add') {
}
if($_POST['id'] != '') {
dbPerform('user', $user, 'update', 'user_id = ' . $_POST['id']);
$userID = $_POST['id'];
} else {
$user['user_created'] = time();
dbPerform('user', $user, 'insert');
$userID = dbInsertID();
}
$info['user_first_name'] = $_POST['user_first_name'];
$info['user_last_name'] = $_POST['user_last_name'];
if($_POST['id'] != '') {
dbPerform('user_information', $info, 'update', 'user_id = ' . $userID);
addMessage("Added user successfully");
} else {
$info['user_id'] = $userID;
dbPerform('user_information', $info, 'insert');
addMessage("Added user successfully");
}
dbQuery('DELETE FROM user_access_pages WHERE user_id = ' . $userID . ' AND user_access_pages_type = "manager"');
<?php
/* This script is used with swfupload */
/* We are going to be upload and storing the gallery images /*
/* Create thumbnails and return a true statement! */
include 'application.php';
if ($_FILES['Filedata']['name'] != "" && isset($_POST['gallery_id'])) {
$filename = time() . fixFilename($_FILES['Filedata']['name']);
uploadFile($_FILES['Filedata'], $filename);
foreach ($galleryImageSizes as $name => $size) {
makeThumbnail($filename, UPLOAD_DIR, $size, '', $name);
}
$row['gallery_id'] = $_POST['gallery_id'];
$row['gallery_image_filename'] = $filename;
$row['gallery_date_added'] = time();
$row['gallery_image_caption'] = '';
dbPerform('gallery_images', $row, 'insert');
$imageID = dbInsertID();
//get total images then add one for the sort order number!
$imgResults = dbQuery('SELECT gallery_image_id FROM gallery_images WHERE gallery_id = ' . $_POST['gallery_id']);
$count = dbNumRows($imgResults);
$next = $count++;
$row2['gallery_image_sort_order'] = $next;
dbPerform('gallery_images', $row2, 'update', 'gallery_image_id = ' . $imageID);
echo "FILEID:" . UPLOAD_DIR_URL . getThumbnailFilename($filename, 'thumb');
} else {
return false;
die;
}
$staffUsername = $tableRows[0]['StaffUsername'];
// Seeing if this is a new message or one that we are
// appending a comment to
$newMessage = false;
if ($messageThreadID == "new") {
$newMessage = true;
// Getting the full staff member name
$sqlStaffFullName = "SELECT StaffForename, StaffSurname FROM `sen_info`.`tbl_staff` WHERE (StaffUsername = '******')";
$queryResultStaffFullname = dbSelect($sqlStaffFullName, $databaseConnection);
$tableRows = dbSelectGetRows($queryResultStaffFullname);
$staffForename = $tableRows[0]['StaffForename'];
$staffSurname = $tableRows[0]['StaffSurname'];
// Adding the message title to tbl_messages
$sqlInsertMessage = "INSERT INTO `sen_info`.`tbl_messages` (`MessageTitle`, `StudentID`, `StaffUsername`, `MessageDate`, `MessageStatus`, `PanelID`) VALUES ('{$messageTitle}', {$studentID}, '{$staffUsername}', '{$messagePosted}', 0, {$panelID});";
$insertResultMessage = dbInsert($sqlInsertMessage, $databaseConnection);
$messageThreadID = dbInsertID($databaseConnection);
}
// Adding the comment to tbl_comments
// Note: $messageThreadID will either be assigned from the
// POST to this page or when the message is added above
$sqlInsertComment = "INSERT INTO `sen_info`.`tbl_comments` (`Comment`, `MessageID`, `StaffUsername`, `CommentDate`) VALUES ('{$messageBody}', {$messageThreadID}, '{$staffUsername}', '{$messagePosted}');";
$insertResultComment = dbInsert($sqlInsertComment, $databaseConnection);
// Seeing if a new table row should be sent back, or just a
// success message
if ($newMessage) {
// Creating a new HTML table row to pass back to the calling AJAX function
echo '<tr id="panel_' . $panelID . '-message_' . $messageThreadID . '">';
echo '<td>';
echo '<label class="mdl-checkbox mdl-js-checkbox mdl-js-ripple-effect mdl-data-table__select" for="row[' . $messageThreadID . ']">';
echo '<input type="checkbox" id="row[' . $messageThreadID . ']" class="mdl-checkbox__input" />';
echo '</label>';
