if ($_POST[user_password_1] != $_POST[user_password_2]) {
$alertmessage = "The passwords do not match.";
$page = "team_edit";
$status = "add";
} else {
// This determines the page to show once the form submission has been successful
$status = "team_add";
// Begin to clean up the $_POST submissions
$user_password = md5(CleanUp($_POST[user_password_1]));
$user_username = CleanUp($_POST[user_username]);
$user_address_1 = CleanUpAddress($_POST[user_address_1]);
$user_address_2 = CleanUpAddress($_POST[user_address_2]);
$user_address_3 = CleanUpAddress($_POST[user_address_3]);
$user_address_town = CleanUpAddress($_POST[user_address_town]);
$user_address_postcode = CleanUpPostcode($_POST[user_address_postcode]);
$user_address_county = CleanUpAddress($_POST[user_address_county]);
$user_name_first = CleanUpNames($_POST[user_name_first]);
$user_name_second = CleanUpNames($_POST[user_name_second]);
$user_num_extension = CleanUp($_POST[user_num_extension]);
$user_num_home = CleanUpPhone($_POST[user_num_home]);
$user_num_mob = CleanUpPhone($_POST[user_num_mob]);
$user_email = CleanUpEmail($_POST[user_email]);
$user_user_rate = CleanUp($_POST[user_user_rate]);
$user_user_added = time();
$user_timesheet = CleanUp($_POST[user_timesheet]);
$user_holidays = CleanUp($_POST[user_holidays]);
$user_active = CleanUp($_POST[user_active]);
$user_usertype = CleanUp($_POST[user_usertype]);
// Construct the MySQL instruction to add these entries to the database
$sql_add = "INSERT INTO intranet_user_details (\nuser_id,\nuser_password,\nuser_address_county,\nuser_address_postcode,\nuser_address_town,\nuser_address_3,\nuser_address_2,\nuser_address_1,\nuser_name_first,\nuser_name_second,\nuser_num_extension,\nuser_num_mob,\nuser_num_home,\nuser_email,\nuser_usertype,\nuser_active,\nuser_username,\nuser_user_rate,\nuser_user_added,\nuser_user_timesheet,\nuser_holidays\n) values (\n'NULL',\n'{$user_password}',\n'{$user_address_county}',\n'{$user_address_postcode}',\n'{$user_address_town}',\n'{$user_address_3}',\n'{$user_address_2}',\n'{$user_address_1}',\n'{$user_name_first}',\n'{$user_name_second}',\n'{$user_num_extension}',\n'{$user_num_mob}',\n'{$user_num_home}',\n'{$user_email}',\n'{$user_usertype}',\n'{$user_active}',\n'{$user_username}',\n'{$user_user_rate}',\n'{$user_user_added}',\n'{$user_user_timesheet}',\n'{$user_holidays}'\n)";
print $sql_add;
<?php
$divider = "\n";
// if($user_usertype_current < 4) { header("Location:index2.php"); } else {
CleanUpAddress($update_companyaddress);
$settings_refresh = $_POST[settings_refresh] * 60;
$update_settings = $_POST[database_location] . $divider . $_POST[database_username] . $divider . $_POST[database_password] . $divider . $_POST[database_name] . $divider . $_POST[settings_popup_login] . $divider . $_POST[settings_popup_newmessage] . $divider . $_POST[settings_style] . $divider . $_POST[settings_name] . $divider . $_POST[settings_companyname] . $divider . $_POST[settings_companytelephone] . $divider . $_POST[settings_companyfax] . $divider . $_POST[settings_companyweb] . $divider . $_POST[settings_ip_lock] . $divider . $_POST[settings_ip_address] . $divider . $_POST[settings_country] . $divider . $_POST[settings_showtech] . $divider . $_POST[settings_alertcolor] . $divider . $_POST[settings_vat] . $divider . $settings_refresh . $divider . $_POST[settings_mileage];
$update_companyaddress = $_POST[settings_companyaddress];
$settings_file = "secure/database.inc";
$address_file = "secure/address.inc";
file_put_contents($settings_file, $update_settings);
file_put_contents($address_file, $update_companyaddress);
$actionmessage = "Your preferences have been updated successfully. Any changes will be reflected shortly.";
// }
<?php
// Check that the required values have been entered, and alter the page to show if these values are invalid
if ($_POST[company_name] == "") {
$alertmessage = "The company name was left empty.";
$page = "company_edit";
$action = "add";
} else {
// This determines the page to show once the form submission has been successful
$page = "company_view";
// Begin to clean up the $_POST submissions
$company_id = $_POST[company_id];
$company_name = CleanUpNames($_POST[company_name]);
$company_phone = CleanUpPhone($_POST[company_phone]);
$company_fax = CleanUpPhone($_POST[company_fax]);
$company_address = CleanUpAddress($_POST[company_address]);
$company_city = CleanUp($_POST[company_city]);
$company_county = CleanUp($_POST[company_county]);
$company_postcode = CleanUpPostcode($_POST[company_postcode]);
$company_country = $_POST[company_country];
$company_web = str_replace("http://", "", $_POST[company_web]);
$company_notes = $_POST[company_notes];
// Construct the MySQL instruction to add these entries to the database
$sql_add = "UPDATE contacts_companylist SET\ncompany_name = '{$company_name}',\ncompany_phone = '{$company_phone}',\ncompany_fax = '{$company_fax}',\ncompany_address = '{$company_address}',\ncompany_city = '{$company_city}',\ncompany_county = '{$company_county}',\ncompany_postcode = '{$company_postcode}',\ncompany_country = '{$company_country}',\ncompany_web = '{$company_web}',\ncompany_notes = '{$company_notes}'\nWHERE company_id = '{$company_id}' LIMIT 1\n";
$result = mysql_query($sql_add, $conn) or die(mysql_error());
$actionmessage = "The entry for company <b>{$company_name}</b> was updated successfully.";
$techmessage = $sql_add;
$company_id = mysql_affected_rows($result);
}
$contact_prefix = $_POST[contact_prefix];
$contact_namefirst = CleanUpNames($_POST[contact_namefirst]);
$contact_namesecond = CleanUpNames($_POST[contact_namesecond]);
$contact_title = $_POST[contact_title];
$contact_company = CleanUpNames($_POST[contact_company]);
$contact_telephone = CleanUpPhone($_POST[contact_telephone]);
$contact_telephone_home = CleanUpPhone($_POST[contact_telephone_home]);
$contact_fax = CleanUpPhone($_POST[contact_fax]);
$contact_mobile = CleanUpPhone($_POST[contact_mobile]);
$contact_email = CleanUpEmail($_POST[contact_email]);
$contact_sector = $_POST[contact_sector];
$contact_reference = CleanUp($_POST[contact_reference]);
$contact_department = CleanUp($_POST[contact_department]);
$contact_added = time();
$contact_relation = $_POST[contact_relation];
$contact_discipline = $_POST[contact_discipline];
$contact_include = $_POST[contact_include];
$contact_address = CleanUpAddress($_POST[contact_address]);
$contact_city = CleanUp($_POST[contact_city]);
$contact_county = CleanUp($_POST[contact_county]);
$contact_postcode = CleanUpPostcode($_POST[contact_postcode]);
$contact_country = $_POST[contact_country];
$contact_added_by = $_COOKIE[user];
// Construct the MySQL instruction to add these entries to the database
$sql_add = "INSERT INTO contacts_contactlist (\ncontact_id,\ncontact_prefix,\ncontact_namefirst,\ncontact_namesecond,\ncontact_title,\ncontact_company,\ncontact_telephone,\ncontact_telephone_home,\ncontact_fax,\ncontact_mobile,\ncontact_email,\ncontact_sector,\ncontact_reference,\ncontact_department,\ncontact_added,\ncontact_relation,\ncontact_discipline,\ncontact_include,\ncontact_address,\ncontact_city,\ncontact_county,\ncontact_postcode,\ncontact_country,\ncontact_added_by\n) values (\n'NULL',\n'{$contact_prefix}',\n'{$contact_namefirst}',\n'{$contact_namesecond}',\n'{$contact_title}',\n'{$contact_company}',\n'{$contact_telephone}',\n'{$contact_telephone_home}',\n'{$contact_fax}',\n'{$contact_mobile}',\n'{$contact_email}',\n'{$contact_sector}',\n'{$contact_reference}',\n'{$contact_department}',\n'{$contact_added}',\n'{$contact_relation}',\n'{$contact_discipline}',\n'{$contact_include}',\n'{$contact_address}',\n'{$contact_city}',\n'{$contact_county}',\n'{$contact_postcode}',\n'{$contact_country}',\n'{$contact_added_by}'\n)";
$result = mysql_query($sql_add, $conn) or die(mysql_error());
$contact_id = mysql_insert_id();
$actionmessage = "The entry for contact <b>{$contact_namefirst} {$contact_namesecond}</b> was added successfully.";
$techmessage = $sql_add;
// $company_id = mysql_affected_rows($result);
}
if ($_POST[proj_date_appointment_day] > 0 and $_POST[proj_date_appointment_month] > 0 and $_POST[proj_date_appointment_year] > 0) {
if (checkdate($_POST[proj_date_appointment_month], $_POST[proj_date_appointment_day], $_POST[proj_date_appointment_year]) == "1") {
$proj_date_appointment = mktime(12, 0, 0, $_POST[proj_date_appointment_month], $_POST[proj_date_appointment_day], $_POST[proj_date_appointment_year]);
}
} else {
unset($proj_date_appointment);
}
// Begin to clean up the $_POST submissions
$proj_num = CleanUp($_POST[proj_num]);
$proj_name = CleanUp($_POST[proj_name]);
$proj_address_1 = CleanUpAddress($_POST[proj_address_1]);
$proj_address_2 = CleanUpAddress($_POST[proj_address_2]);
$proj_address_3 = CleanUpAddress($_POST[proj_address_3]);
$proj_address_town = CleanUpAddress($_POST[proj_address_town]);
$proj_address_county = CleanUpAddress($_POST[proj_address_county]);
$proj_address_country = CleanUpAddress($_POST[proj_address_country]);
$proj_address_postcode = CleanUp($_POST[proj_address_postcode]);
$proj_client_contact_id = $_POST[proj_client_contact_id];
$proj_client_accounts_name = CleanUp($_POST[proj_client_accounts_name]);
$proj_client_accounts_phone = CleanUpPhone($_POST[proj_client_accounts_phone]);
$proj_client_accounts_fax = CleanUpPhone($_POST[proj_client_accounts_fax]);
$proj_client_accounts_email = CleanUpEmail($_POST[proj_client_accounts_email]);
$proj_rep_black = $_POST[proj_rep_black];
$proj_active = $_POST[proj_active];
$proj_desc = CleanUp($_POST[proj_desc]);
//$proj_riba = $_POST[proj_riba];
$proj_riba_begin = $_POST[proj_riba_begin];
$proj_riba_conclude = $_POST[proj_riba_conclude];
$proj_procure = $_POST[proj_procure];
$proj_conc = $_POST[proj_conc];
$proj_value = CleanUp($_POST[proj_value]);
