$strErrorMessage .= "Please enter only numeric value.<br>"; $intError = 0; } } if ($_POST["date18"] != "") { $today = date("Y-m-d H:i:s"); $arrTimeStamp = $hldGlobal->fnGetTimeStamp($_POST["date18"], $today); if ($arrTimeStamp[0]["posteddate"] <= $arrTimeStamp[0]["currdate"]) { $strErrorMessage .= "Selected date should be greater then today's date.<br>"; $intError = 0; } } $hdlTpl->setVariable("error_message", $strErrorMessage); //Assigns error message if (!$intError) { $arrCheck = $hldGlobal->fnCheckUser($_POST["strUserName"], $_POST["id"]); if ($arrCheck[0]["cnt"]) { $hdlTpl->setVariable("error_message", "User name already present"); //Assigns error message } else { foreach ($_POST as $key => $value) { $_POST[$key] = mysql_escape_string(trim($value)); } $date18 = $_POST["date18"] . " " . date("H:i:s"); $sqlUpd = "UPDATE tbluser SET username='******',firstname='" . $_POST["firstname"] . "',lastname='" . $_POST["lastname"] . "',date='" . $date18 . "',noofhrs='" . $_POST["noofhrs"] . "',howmany='" . $_POST["howmany"] . "' "; if ($_POST["strOPassword"] != "") { $sqlUpd .= ",password='******'"; } $sqlUpd .= " WHERE id=" . $_POST["id"]; mysql_query($sqlUpd) or die(mysql_error()); $return = $_POST["return"];
if (!preg_match("/^[0-9]*\$/", trim($_POST["noofhrs"]))) { $strErrormessage .= "Please enter only numeric value.<br>"; $intError = 0; } } if ($_POST["date18"] != "") { $today = date("Y-m-d H:i:s"); $arrTimeStamp = $hldGlobal->fnGetTimeStamp($_POST["date18"], $today); if ($arrTimeStamp[0]["posteddate"] <= $arrTimeStamp[0]["currdate"]) { $strErrorMessage .= "Selected date should be greater then today's date.<br>"; $intError = 0; } } } if (!$intError) { $arrCheck = $hldGlobal->fnCheckUser(trim($_POST["username"])); if ($arrCheck[0]["cnt"]) { $hdlTpl->setVariable("error_message", "User name already present"); //Assigns error message } else { foreach ($_POST as $key => $value) { $_POST[$key] = mysql_escape_string(trim($value)); } $date18 = $_POST["date18"] . " " . date("H:i:s"); $sqlInsUser = "******" . $_POST["username"] . "','" . md5($_POST["strPassword"]) . "','" . $_POST["firstname"] . "','" . $_POST["lastname"] . "','" . $_POST["email"] . "','" . $_POST["utype"] . "','" . $date18 . "','" . $_POST["noofhrs"] . "','" . $_POST["howmany"] . "','1','" . date("Y-m-d H:i:s") . "')"; mysql_query($sqlInsUser) or die(mysql_error()); header("Location:message.php?mess=17"); } } $hdlTpl->setVariable("error_message", $strErrorMessage); //Assigns error message