} $data['pin'] = trim($dbs->escape_string(strip_tags($_POST['memberPIN']))); $data['member_address'] = trim($dbs->escape_string(strip_tags($_POST['memberAddress']))); $data['member_phone'] = trim($dbs->escape_string(strip_tags($_POST['memberPhone']))); $data['member_fax'] = trim($dbs->escape_string(strip_tags($_POST['memberFax']))); $data['postal_code'] = trim($dbs->escape_string(strip_tags($_POST['memberPostal']))); $data['member_notes'] = trim($dbs->escape_string(strip_tags($_POST['memberNotes']))); $data['member_email'] = trim($dbs->escape_string(strip_tags($_POST['memberEmail']))); $data['is_pending'] = intval($_POST['isPending']); $data['input_date'] = date('Y-m-d'); $data['last_update'] = date('Y-m-d'); if (!empty($_FILES['image']) and $_FILES['image']['size']) { // create upload object $upload = new simbio_file_upload(); $upload->setAllowableFormat($sysconf['allowed_images']); $upload->setMaxSize($sysconf['max_image_upload'] * 1024); // approx. 100 kb $upload->setUploadDir(IMAGES_BASE_DIR . 'persons'); // give new name for upload file $new_filename = 'member_' . $data['member_id']; $upload_status = $upload->doUpload('image', $new_filename); if ($upload_status == UPLOAD_SUCCESS) { $data['member_image'] = $dbs->escape_string($upload->new_filename); } } // password confirmation if ($mpasswd1 and $mpasswd2 and $mpasswd1 === $mpasswd2) { $data['mpasswd'] = 'literal{MD5(\'' . $mpasswd2 . '\')}'; } // create sql op object $sql_op = new simbio_dbop($dbs);
if (empty($_POST['fieldSep']) or empty($_POST['fieldEnc'])) { utility::jsAlert(__('Required fields (*) must be filled correctly!')); exit; } else { // set PHP time limit set_time_limit(7200); // set ob implicit flush ob_implicit_flush(); // create upload object $upload = new simbio_file_upload(); // get system temporary directory location $temp_dir = sys_get_temp_dir(); // set max size $max_size = $sysconf['max_upload'] * 1024; $upload->setAllowableFormat(array('.csv')); $upload->setMaxSize($max_size); $upload->setUploadDir($temp_dir); $upload_status = $upload->doUpload('importFile'); if ($upload_status != UPLOAD_SUCCESS) { utility::jsAlert(__('Upload failed! File type not allowed or the size is more than') . ' ' . $sysconf['max_upload'] / 1024 . ' MB'); //mfc exit; } // uploaded file path $uploaded_file = $temp_dir . DIRECTORY_SEPARATOR . $_FILES['importFile']['name']; $row_count = 0; // check for import setting $record_num = intval($_POST['recordNum']); $field_enc = trim($_POST['fieldEnc']); $field_sep = trim($_POST['fieldSep']); $record_offset = intval($_POST['recordOffset']);
ob_start(); /* main content */ // biblio topic save proccess if (isset($_POST['upload']) and trim(strip_tags($_POST['fileTitle'])) != '') { $uploaded_file_id = 0; $title = trim(strip_tags($_POST['fileTitle'])); $url = trim(strip_tags($_POST['fileURL'])); // create new sql op object $sql_op = new simbio_dbop($dbs); // FILE UPLOADING if (isset($_FILES['file2attach']) and $_FILES['file2attach']['size']) { // create upload object $file_dir = trim($_POST['fileDir']); $file_upload = new simbio_file_upload(); $file_upload->setAllowableFormat($sysconf['allowed_file_att']); $file_upload->setMaxSize($sysconf['max_upload'] * 1024); $file_upload->setUploadDir(REPO_BASE_DIR . DIRECTORY_SEPARATOR . str_replace('/', DIRECTORY_SEPARATOR, $file_dir)); $file_upload_status = $file_upload->doUpload('file2attach'); if ($file_upload_status === UPLOAD_SUCCESS) { $file_ext = substr($file_upload->new_filename, strrpos($file_upload->new_filename, '.') + 1); $fdata['uploader_id'] = $_SESSION['uid']; $fdata['file_title'] = $dbs->escape_string($title); $fdata['file_name'] = $dbs->escape_string($file_upload->new_filename); $fdata['file_url'] = $dbs->escape_string($url); $fdata['file_dir'] = $dbs->escape_string($file_dir); $fdata['file_desc'] = $dbs->escape_string(trim(strip_tags($_POST['fileDesc']))); $fdata['mime_type'] = $sysconf['mimetype'][$file_ext]; $fdata['input_date'] = date('Y-m-d H:i:s'); $fdata['last_update'] = $fdata['input_date']; // insert file data to database @$sql_op->insert('files', $fdata);
} $data['pin'] = trim($dbs->escape_string(strip_tags($_POST['memberPIN']))); $data['member_address'] = trim($dbs->escape_string(strip_tags($_POST['memberAddress']))); $data['member_phone'] = trim($dbs->escape_string(strip_tags($_POST['memberPhone']))); $data['member_fax'] = trim($dbs->escape_string(strip_tags($_POST['memberFax']))); $data['postal_code'] = trim($dbs->escape_string(strip_tags($_POST['memberPostal']))); $data['member_notes'] = trim($dbs->escape_string(strip_tags($_POST['memberNotes']))); $data['member_email'] = trim($dbs->escape_string(strip_tags($_POST['memberEmail']))); $data['is_pending'] = intval($_POST['isPending']); $data['input_date'] = date('Y-m-d'); $data['last_update'] = date('Y-m-d'); if (!empty($_FILES['image']) AND $_FILES['image']['size']) { // create upload object $upload = new simbio_file_upload(); $upload->setAllowableFormat($sysconf['allowed_images']); $upload->setMaxSize($sysconf['max_image_upload']*1024); // approx. 100 kb $upload->setUploadDir(IMAGES_BASE_DIR.'persons'); // give new name for upload file $new_filename = 'member_'.$data['member_id']; $upload_status = $upload->doUpload('image', $new_filename); if ($upload_status == UPLOAD_SUCCESS) { $data['member_image'] = $dbs->escape_string($upload->new_filename); } } // password confirmation if (($mpasswd1 AND $mpasswd2) AND ($mpasswd1 === $mpasswd2)) { $data['mpasswd'] = 'literal{MD5(\''.$mpasswd2.'\')}'; } // create sql op object $sql_op = new simbio_dbop($dbs);