function process_form($form) { if ($_SERVER['REQUEST_METHOD'] != 'POST') { die(get_form_error_response($form['resources']['unknown_method'])); } // will die() if there are any errors check_required_fields($form); // will die() if there is a send email problem email_form_submission($form); }
function process_form($form) { if ($_SERVER['REQUEST_METHOD'] != 'POST') { die(get_form_error_response('Método de solicitação de servidor desconhecido')); } if (formthrottle_too_many_submissions($_SERVER['REMOTE_ADDR'])) { die(get_form_error_response('Muitos envios recentes deste IP')); } // will die() if there are any errors check_required_fields($form); // will die() if there is a send email problem email_form_submission($form); }
require_once "includes/connection.php"; require_once "includes/functions.php"; confirm_logged_in(); // make sure the subject id sent is an integer if (intval($_GET['subj']) == 0) { redirect_to('content.php'); } include_once "includes/form_functions.php"; // START FORM PROCESSING // only execute the form processing if the form has been submitted if (isset($_POST['submit'])) { // initialize an array to hold our errors $errors = array(); // perform validations on the form data $required_fields = array('menu_name', 'position', 'visible', 'content'); $errors = array_merge($errors, check_required_fields($required_fields, $_POST)); $fields_with_lengths = array('menu_name' => 30); $errors = array_merge($errors, check_max_field_lengths($fields_with_lengths, $_POST)); // clean up the form data before putting it in the database $subject_id = mysql_prep($_GET['subj']); $menu_name = trim(mysql_prep($_POST['menu_name'])); $position = mysql_prep($_POST['position']); $visible = mysql_prep($_POST['visible']); $content = mysql_prep($_POST['content']); // Database submission only proceeds if there were NO errors. if (empty($errors)) { $query = "INSERT INTO pages (\n\t\t\t\t\t\tmenu_name, position, visible, content, subject_id\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t\t'{$menu_name}', {$position}, {$visible}, '{$content}', {$subject_id}\n\t\t\t\t\t)"; if ($result = mysqli_query($connection, $query)) { // as is, $message will still be discarded on the redirect $message = "The page was successfully created."; // get the last id inserted over the current db connection
} ///////////////////////// // PROCESS FORM FIELDS // ///////////////////////// $magic_quotes = (bool) get_magic_quotes_gpc(); foreach ($_POST['form'] as $key => $value) { if ($magic_quotes) { $value = stripslashes($value); } $_SESSION['form'][$key] = $value; } /////////////////////////// // CHECK REQUIRED FIELDS // /////////////////////////// //if any of the required fields are empty if (check_required_fields($required_fields) === false) { //return to form with error message. redirect($return_url, $message_unset_fields); } else { /////////////////////////////////// // ALL IS OK, SETUP GLOBAL VAR'S // /////////////////////////////////// //check email address if (!check_email($email)) { unset($email); } //set mime boundry. Needed to send the email. Mixed seperates text from attachments. $mixed_mime_boundary = 'rms-mix-x' . md5(mt_rand()) . 'x'; //alt seperates html from plain text. $alt_mime_boundary = 'rms-alt-x' . md5(mt_rand()) . 'x'; //set the from address if user supplied email is invalid use form owners.
<?php include "includes/connection.php"; include "includes/functions.php"; if (intval($_GET['page']) == 0) { redirect_to("content.php"); } include_once "includes/form_functions.php"; if (isset($_POST['submit'])) { $errors = array(); $obavezna_polja = array('menu_name', 'position', 'visible', 'content'); $errors = array_merge($errors, check_required_fields($obavezna_polja)); $polje_sa_duzinom = array('menu_name' => 30); $errors = array_merge($errors, check_max_fields_length($polje_sa_duzinom)); $id = mysql_prep($_GET['page']); $menu = mysql_prep($_POST['menu_name']); $position = mysql_prep($_POST['position']); $visible = mysql_prep($_POST['visible']); $content = mysql_prep($_POST['content']); $page_get = get_page_by_id($id); $pages_all = get_all_pages_for_subject($page_get['subject_id']); $page_fetch = mysql_fetch_array($pages_all); $count_pages = mysql_num_rows($pages_all); $position_old = $page_get['position']; if (empty($errors)) { if ($position_old != $position) { if ($position_old < $position) { for ($i = $position_old; $i < $position; $i++) { $new = $i + 1; $qry = "UPDATE pages SET"; $qry .= " position={$i}";
$form_type = "update"; $show_insert_form_after_error = 0; $show_edit_form_after_error = 0; // display the form $form = build_form($table_name, $action, $fields_labels_ar, $form_type, $res_details, $where_field, $where_value, $show_insert_form_after_error, $show_edit_form_after_error); echo $form; reset($fields_labels_ar); } else { txt_out("<p class='error_message'> *** " . $error_messages_ar["no_authorization_view"] . " ***</p>"); } // end else break; case "update": if ($enable_edit == "1") { $check = 0; $check = check_required_fields($fields_labels_ar); if ($check == 0) { txt_out($normal_messages_ar["required_fields_missed"], "error_messages_form"); } else { // required fields are ok // check field lengths $check = 0; $check = check_length_fields($fields_labels_ar); if ($check == 0) { txt_out($normal_messages_ar["fields_max_length"], "error_messages_form"); } else { // fields length are ok $check = 0; $content_error_type = ""; $check = check_fields_types($fields_labels_ar, $content_error_type); if ($check == 0) {
//printf("<pre>all => %s</pre>\n", print_r($all_fields, true)); $fh = fopen($_FILES['users_file']['tmp_name'], 'r'); if (!$fh) { //printf('<pre>%s</pre>', print_r($_FILES, true)); print "Couldn't open the uploaded file<br>\n"; } else { $line = fgetcsv($fh, null, ','); $user_places = get_field_places($line, $user_fields); $extension_places = get_field_places($line, $extension_fields); if (array_key_exists('username', $user_places)) { $extension_places['username'] = $user_places['username']; } //printf("<pre>user_places => %s</pre>\n", print_r($user_places, true)); //printf("<pre>ext_places => %s</pre>\n", print_r($extension_places, true)); //printf("<pre>FIRST LINE => %s</pre>", print_r($line, true)); if (check_required_fields($line, $all_fields)) { while ($line = fgetcsv($fh, null, ',')) { // create user insert_db_row($db, $line, $user_places, 'v_users', $v_ids); // add user to members group $grp_line = array('member', $line[$user_places['username']]); $grp_places = array('groupid' => 0, 'username' => 1); insert_db_row($db, $grp_line, $grp_places, 'v_group_members', $v_ids); // add user's extension insert_db_row($db, $line, $extension_places, 'v_extensions', $v_ids); } } fclose($fh); //printf("<pre>%s</pre>\n", print_r($inserted, true)); printf("<h3>Bulk Add Results:</h3>\n"); printf("<table>\n");