function check_array_number($array, $err_msg)
{
if ($array == null || empty($array)) {
return true;
}
foreach ($array as $value) {
check_number($value, $err_msg);
}
return true;
}
//query result
$row;
//1 data array
$return_string;
//1.get information from client
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($searchpptsNameDesc = check_name($_GET["searchpptsNameDesc"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($statusCheckbox = check_number($_GET["statusCheckbox"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($searchpptsfrom1 = check_range_begin($_GET["searchpptsfrom1"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($searchpptsto1 = check_range_end($_GET["searchpptsto1"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
return SYMBOL_ERROR;
}
return $check_str;
}
//get data from client
$cmd;
$CategoryId;
//query
$link;
//1.get information from client
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($CategoryId = check_number($_GET["CategoryId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
$datasyz = array();
$datacpmc = array();
class StuFunction
{
}
return $check_str;
}
//get data from client
$cmd;
$UserId;
//query
$link;
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
if (($question_id = check_number($_GET["QuestionId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
$userarray = array();
function get_employ_id_from_user_id($userids)
{
if (strlen($userids) > 0) {
$userids = substr($userids, 1);
$userids = substr($userids, 0, -1);
$userids = str_replace(",,", ",", $userids);
}
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
Admin::checkAuth();
Admin::checkAccess(AdminAccess::ACCESS_VIEW);
if (@$_GET['del']) {
Admin::checkAccess(AdminAccess::ACCESS_DELETE);
Mysql::getInstance()->delete('radio', array('id' => intval(@$_GET['id'])));
header("Location: add_radio.php");
exit;
}
if (isset($_GET['status']) && @$_GET['id']) {
Admin::checkAccess(AdminAccess::ACCESS_CONTEXT_ACTION);
Mysql::getInstance()->update('radio', array('status' => intval(@$_GET['status'])), array('id' => intval(@$_GET['id'])));
header("Location: add_radio.php");
exit;
}
if (!$error) {
if (@$_POST['number'] && !check_number($_POST['number']) && !@$_GET['update']) {
$error = sprintf(_('Error: channel with number "%s" is already in use'), intval($_POST['number']));
}
if (@$_GET['save'] && !$error) {
if (@$_GET['cmd'] && @$_GET['name']) {
Admin::checkAccess(AdminAccess::ACCESS_CREATE);
Mysql::getInstance()->insert('radio', array('name' => @$_POST['name'], 'number' => @$_POST['number'], 'volume_correction' => @$_POST['volume_correction'], 'cmd' => @$_POST['cmd']));
header("Location: add_radio.php");
exit;
} else {
$error = _('Error: all fields are required');
}
}
if (@$_GET['update'] && !$error) {
if (@$_GET['cmd'] && @$_GET['name']) {
Admin::checkAccess(AdminAccess::ACCESS_EDIT);
return SYMBOL_ERROR;
}
return $check_str;
}
//get data from client
$cmd;
$TrainingId;
//query
$link;
//1.get information from client
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($TrainingId = check_number($_GET["TrainingId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
//----- query -----
//***Step14 如果cmd为读取通过ID获取要修改内容信息,如果cmd不为读取并且ID为零为新增动作,如果不为读取和新增则为修改动作
if ($cmd == "read") {
$str_query1 = "Select * from Trainings where TrainingId={$TrainingId}";
} else {
echo "正しく実行できませんでした。";
}
function my_profile()
{
echo "中村誠希</br>";
echo "1991年9月14日</br>";
echo "ヤッホー!!</br>";
return true;
}
//一回目の表示
my_profile();
//2回目の表示
my_profile();
//課題2
//引数を指定
check_number(5);
function check_number($number)
{
if ($number % 2 == 0) {
echo "偶数です。";
} else {
echo "奇数です。";
}
}
?>
</body>
</html>
return SYMBOL_ERROR;
}
return $check_str;
}
//get data from client
$cmd;
$FileId;
//query
$link;
//1.get information from client
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($CoursewareId = check_number($_GET["CoursewareId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
//----- query -----
//***Step19 删除动作SQL语句
$str_query1 = "Update Coursewares set Status=-1 where CoursewareId={$CoursewareId}";
/////////////////////
return SYMBOL_ERROR;
}
return $check_str;
}
//get data from client
$cmd;
$ProbId;
//query
$link;
//1.get information from client
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($ProbId = check_number($_GET["ProbId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
$TitleStr = MSG_PROBLEM_MODIFY;
//----- query -----
//***Step14 如果cmd为读取通过ID获取要修改内容信息,如果cmd不为读取并且ID为零为新增动作,如果不为读取和新增则为修改动作
if (strcmp($cmd, "read") == 0) {
return SYMBOL_ERROR;
}
return $check_str;
}
//get data from client
$cmd;
$NewId;
//query
$link;
//1.get information from client
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($PPTId = check_number($_GET["pptId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
// $link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
function CWList($coursewareList)
{
if (strlen($coursewareList) > 0) {
$coursewareList = substr($coursewareList, 1);
//query result
$row;
//1 data array
$return_string;
//1.get information from client
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($searchQuestionsNameDesc = check_name($_GET["searchQuestionsNameDesc"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($QuestionstatusCheckbox = check_number($_GET["QuestionstatusCheckbox"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($searchQuestionsfrom15 = check_range_begin($_GET["searchQuestionsfrom15"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($searchQuestionsto15 = check_range_end($_GET["searchQuestionsto15"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
function check_number($check_str)
{
if (!is_numeric($check_str)) {
return SYMBOL_ERROR;
}
if ($check_str < 0) {
return SYMBOL_ERROR;
}
return $check_str;
}
//get data from client
$cmd;
$UserId;
//query
$link;
if (($CoursePacketId = check_number($_POST["coursepacket_id"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
$users_id = $_POST["users_id"];
// employId & userWId
// if ($users_id[0] == "null")
// {
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($searchExamsNameAndMemo = check_name($_GET["searchExamsNameAndMemo"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($statusCheckbox = check_number($_GET["statusCheckbox"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($searchType = check_number($_GET["searchType"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($searchExamsfrom1 = check_range_begin($_GET["range_begin"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($searchExamsto1 = check_range_end($_GET["range_end"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
output_html5_header('Process Transaction', array("bootstrap/css/bootstrap.css", "bootstrap/css/bootstrap-theme.css", "css/style.css"), array("js/jquery.min.js", "bootstrap/js/bootstrap.min.js"));
if (array_key_exists('loggedin', $_SESSION)) {
if (count($_POST) == 8 && array_key_exists('name', $_POST) && array_key_exists('cardNum', $_POST) && array_key_exists('cvc', $_POST) && array_key_exists('expM', $_POST) && array_key_exists('expY', $_POST)) {
$name = htmlspecialchars(trim($_POST['name']));
$cardNum = htmlspecialchars(trim($_POST['cardNum']));
$cvc = htmlspecialchars(trim($_POST['cvc']));
$expM = htmlspecialchars(trim($_POST['expM']));
$expY = htmlspecialchars(trim($_POST['expY']));
$errorCVC = false;
$errorMY = false;
$errorDate = false;
if (!check_number($cvc)) {
$errorCVC = true;
$_SESSION['errorCVC'] = true;
}
if (!check_number($expM) && !check_number($expY)) {
$errorMY = true;
$_SESSION['errorMY'] = true;
} else {
date_default_timezone_set('America/Toronto');
$year = date('Y');
$month = date('m');
if ($expY <= $year) {
if ($expM <= $month) {
$errorDate = true;
$_SESSION['errorDate'] = true;
}
}
}
db_connect();
$user_id = db_get_user_id($_SESSION['loggedin']);
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="UTF-8">
<title>3_7challenge</title>
</head>
<body>
<!-- 課題7:初期値3のグローバルな値を2倍していく処理の関数と、
staticとしてその関数が何回実行されたのかを保持する変数を設ける。
この関数を20回呼び出す -->
<?php
$global_number = 3;
function check_number()
{
static $local_number = 0;
global $global_number;
$global_number = $global_number * 2;
$local_number += 1;
//実行回数のカウント
echo $local_number . '回目:' . $global_number . '<br>';
}
for ($i = 0; $i < 20; $i++) {
check_number() * $i;
}
?>
</body>
</html>
$post['BUN_not_done'] = check_number($_POST['BUN_not_done']);
$post['cholesterol'] = check_number($_POST['cholesterol'], 1);
$post['cholesterol_HDL'] = check_number($_POST['cholesterol_HDL'], 1);
$post['cholesterol_LDL'] = check_number($_POST['cholesterol_LDL'], 1);
$post['triglyceride'] = check_number($_POST['triglyceride'], 1);
$post['triglyceride_not_done'] = check_number($_POST['triglyceride_not_done']);
$post['uric_acid'] = is_array($_POST['uric_acid']) ? implode(".", $_POST['uric_acid']) != "." ? check_number(implode('.', $_POST['uric_acid']), 1) : "" : "";
$post['uric_acid_not_done'] = check_number($_POST['uric_acid_not_done']);
$post['hypoglycemia'] = check_number($_POST['hypoglycemia']);
$post['hypoglycemia_sugar_level'] = check_number($_POST['hypoglycemia_sugar_level'], 1);
$post['hypoglycemia_yes'] = check_input($_POST['hypoglycemia_yes']);
if (is_array($_POST['medication'])) {
$post['medication_id'] = serialize($_POST['medication']);
foreach ($_POST['medication'] as $key => $val) {
if ($val == 1) {
$post['medication_txt'][$key] = $_POST['medication_txt'][$key];
$post['sub_medication_id'][$key] = $_POST['sub_medication'][$key];
}
}
$post['medication_txt'] = serialize($post['medication_txt']);
$post['sub_medication_id'] = serialize($post['sub_medication_id']);
}
if ($customerInfo['group_id'] == 2) {
if (check_number($_POST['signature'])) {
$post['signature'] = $_SESSION['customer_id'];
$post['date_added'] = trim($_POST['date_added']) != "" ? date("Y-m-d", strtotime($_POST['date_added'])) : "";
} else {
$post['signature'] = "";
$post['date_added'] = "";
}
}
return SYMBOL_ERROR;
}
return $check_str;
}
//get data from client
$cmd;
$FunctionId;
//query
$link;
//1.get information from client
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($FunctionId = check_number($_GET["FunctionId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
//----- query -----
//***Step19 删除动作SQL语句
$str_query1 = "Update Functions set FunctionType=-1 where FunctionId={$FunctionId}";
/////////////////////
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($searchPrivilegesNameEmail = check_name($_GET["searchPrivilegesNameEmail"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($statusCheckbox = check_number($_GET["statusCheckbox"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($searchPrivilegesRadio = check_number($_GET["searchPrivilegesRadio"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($searchPrivilegesfrom1 = check_range_begin($_GET["searchPrivilegesfrom1"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($searchPrivilegesto1 = check_range_end($_GET["searchPrivilegesto1"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
function check_number($check_str)
{
if (!is_numeric($check_str)) {
return SYMBOL_ERROR;
}
if ($check_str < 0) {
return SYMBOL_ERROR;
}
return $check_str;
}
//get data from client
$cmd;
$UserId;
//query
$link;
if (($TrainingId = check_number($_POST["training_id"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
$users_id = $_POST["users_id"];
// employId & userWId
// if ($users_id[0] == "null")
// {
return SYMBOL_ERROR;
}
return $check_str;
}
//get data from client
$cmd;
$ProbId;
//query
$link;
//1.get information from client
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($QTId = check_number($_GET["QTId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
//----- query -----
//***Step19 删除动作SQL语句
$str_query1 = "Update QuestionTemplate set Status=-1 where QuestionTemplateId={$QTId}";
/////////////////////
return SYMBOL_ERROR;
}
return SUCCESS;
}
//get data from client
$cmd;
$UserId;
//query
$link;
//1.get information from client
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($UserId = check_number($_GET["UserId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
//----- query -----
//***Step14 如果cmd为读取通过ID获取要修改内容信息,如果cmd不为读取并且ID为零为新增动作,如果不为读取和新增则为修改动作
if ($cmd == "read") {
// 产生 $privilegesList
return SYMBOL_ERROR;
}
return $check_str;
}
//get data from client
$cmd;
$NewId;
//query
$link;
//1.get information from client
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($NewId = check_number($_GET["NewId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
//----- query -----
//***Step19 删除动作SQL语句
$str_query1 = "Update News set Status=-1 where NewId={$NewId}";
/////////////////////
return SYMBOL_ERROR;
}
return $check_str;
}
//get data from client
$cmd;
$NewId;
//query
$link;
//1.get information from client
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($CoursePacketId = check_number($_GET["CoursePacketId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
function CWList($coursewareList)
{
if (strlen($coursewareList) > 0) {
$coursewareList = substr($coursewareList, 1);
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($searchUsersNameEmail = check_name($_GET["searchUsersNameEmail"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($statusCheckbox = check_number($_GET["statusCheckbox"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($searchUsersRadio = check_number($_GET["searchUsersRadio"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($searchUsersfrom1 = check_range_begin($_GET["searchUsersfrom1"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($searchUsersto1 = check_range_end($_GET["searchUsersto1"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
return SYMBOL_ERROR;
}
return $check_str;
}
//get data from client
$cmd;
$FileId;
//query
$link;
//1.get information from client
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($FileId = check_number($_GET["FileId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
//----- query -----
//***Step14 如果cmd为读取通过ID获取要修改内容信息,如果cmd不为读取并且ID为零为新增动作,如果不为读取和新增则为修改动作
if ($cmd == "read") {
$str_query1 = "Select * from Files where FileId={$FileId}";
function send404()
{
global $DEFAULT_IMAGE;
$send = True;
# Default image
if ($DEFAULT_IMAGE[0] != '') {
if (check_number($DEFAULT_IMAGE[0], $DEFAULT_IMAGE[1])) {
$send = False;
}
}
# Send 404
if ($send) {
# Send an HTTP 404
header('HTTP/1.0 404 Not Found');
print '<html><body><h1>HTTP 404 - Image Not Found</h1></body></html>';
}
}
$errorQ = false;
$errorY = false;
$errorUW = false;
if (!check_number($price)) {
$errorP = true;
$_SESSION['errorP'] = true;
}
if (!check_number($quantity)) {
$errorQ = true;
$_SESSION['errorQ'] = true;
}
if (!check_number($yards)) {
$errorY = true;
$_SESSION['errorY'] = true;
}
if (!check_number($unitWeight)) {
$errorUW = true;
$_SESSION['errorUW'] = true;
}
if ($errorP || $errorQ || $errorY || $errorUW) {
$_SESSION['name'] = $name;
$_SESSION['brand'] = $brand;
$_SESSION['price'] = $price;
$_SESSION['quantity'] = $quantity;
$_SESSION['colourway'] = $colourway;
$_SESSION['weight'] = $weight;
$_SESSION['yards'] = $yards;
$_SESSION['unitWeight'] = $unitWeight;
$_SESSION['fiber'] = $fiber;
$_SESSION['description'] = $description;
header('Location: edit_product.php?id=' . $item);
}
return $check_str;
}
//get data from client
$cmd;
$UserId;
//query
$link;
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
if (($exam_id = check_number($_GET["ExamId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
/*
else if ($cmd == "write") // Batch Insert
{
$newUsersBatchInput = $_GET["newUsersBatchInput"];
$DeptId = $_GET["DeptId"];
// 1. 按照 \n 切开
$tmp = explode("\n", $newUsersBatchInput);
$tmp_count = count($tmp);
// 2. 按照 工号,姓名,Email 取出, 放入 Array
$result = Array();
for ($i=0;$i<$tmp_count;$i++)
if (($cmd = check_command($_GET["cmd"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR_CMD;
return;
}
if (($TrainingId = check_number($_GET["TrainingId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($UserId = check_number($_GET["UserId"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
if (($Status = check_number($_GET["Status"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo SYMBOL_ERROR;
return;
}
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
//----- query -----
//***Step18 上下架动作修改SQL语句
$approreLevel = 0;
$str_query3 = "select ApproreLevel from trainings where TrainingId={$TrainingId}";
function check_number($check_str)
{
if (!is_numeric($check_str)) {
return SYMBOL_ERROR;
}
if ($check_str < 0) {
return SYMBOL_ERROR;
}
return $check_str;
}
//get data from client
$cmd;
$UserId;
//query
$link;
if (($exam_id = check_number($_POST["exam_id"])) == SYMBOL_ERROR) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
//link
$link = @mysqli_connect(DB_HOST, ADMIN_ACCOUNT, ADMIN_PASSWORD, CONNECT_DB);
if (!$link) {
sleep(DELAY_SEC);
echo DB_ERROR;
return;
}
$users_id = $_POST["users_id"];
// employId & userWId
if ($users_id[0] == "null") {
$str_query = "delete from examroll where ExamId={$exam_id}";