function process_form($form)
{
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
die(get_form_error_response($form['resources']['unknown_method']));
}
// will die() if there are any errors
check_required_fields($form);
// will die() if there is a send email problem
email_form_submission($form);
}
function process_form($form)
{
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
die(get_form_error_response('Método de solicitação de servidor desconhecido'));
}
if (formthrottle_too_many_submissions($_SERVER['REMOTE_ADDR'])) {
die(get_form_error_response('Muitos envios recentes deste IP'));
}
// will die() if there are any errors
check_required_fields($form);
// will die() if there is a send email problem
email_form_submission($form);
}
require_once "includes/connection.php";
require_once "includes/functions.php";
confirm_logged_in();
// make sure the subject id sent is an integer
if (intval($_GET['subj']) == 0) {
redirect_to('content.php');
}
include_once "includes/form_functions.php";
// START FORM PROCESSING
// only execute the form processing if the form has been submitted
if (isset($_POST['submit'])) {
// initialize an array to hold our errors
$errors = array();
// perform validations on the form data
$required_fields = array('menu_name', 'position', 'visible', 'content');
$errors = array_merge($errors, check_required_fields($required_fields, $_POST));
$fields_with_lengths = array('menu_name' => 30);
$errors = array_merge($errors, check_max_field_lengths($fields_with_lengths, $_POST));
// clean up the form data before putting it in the database
$subject_id = mysql_prep($_GET['subj']);
$menu_name = trim(mysql_prep($_POST['menu_name']));
$position = mysql_prep($_POST['position']);
$visible = mysql_prep($_POST['visible']);
$content = mysql_prep($_POST['content']);
// Database submission only proceeds if there were NO errors.
if (empty($errors)) {
$query = "INSERT INTO pages (\n\t\t\t\t\t\tmenu_name, position, visible, content, subject_id\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t\t'{$menu_name}', {$position}, {$visible}, '{$content}', {$subject_id}\n\t\t\t\t\t)";
if ($result = mysqli_query($connection, $query)) {
// as is, $message will still be discarded on the redirect
$message = "The page was successfully created.";
// get the last id inserted over the current db connection
}
/////////////////////////
// PROCESS FORM FIELDS //
/////////////////////////
$magic_quotes = (bool) get_magic_quotes_gpc();
foreach ($_POST['form'] as $key => $value) {
if ($magic_quotes) {
$value = stripslashes($value);
}
$_SESSION['form'][$key] = $value;
}
///////////////////////////
// CHECK REQUIRED FIELDS //
///////////////////////////
//if any of the required fields are empty
if (check_required_fields($required_fields) === false) {
//return to form with error message.
redirect($return_url, $message_unset_fields);
} else {
///////////////////////////////////
// ALL IS OK, SETUP GLOBAL VAR'S //
///////////////////////////////////
//check email address
if (!check_email($email)) {
unset($email);
}
//set mime boundry. Needed to send the email. Mixed seperates text from attachments.
$mixed_mime_boundary = 'rms-mix-x' . md5(mt_rand()) . 'x';
//alt seperates html from plain text.
$alt_mime_boundary = 'rms-alt-x' . md5(mt_rand()) . 'x';
//set the from address if user supplied email is invalid use form owners.
<?php
include "includes/connection.php";
include "includes/functions.php";
if (intval($_GET['page']) == 0) {
redirect_to("content.php");
}
include_once "includes/form_functions.php";
if (isset($_POST['submit'])) {
$errors = array();
$obavezna_polja = array('menu_name', 'position', 'visible', 'content');
$errors = array_merge($errors, check_required_fields($obavezna_polja));
$polje_sa_duzinom = array('menu_name' => 30);
$errors = array_merge($errors, check_max_fields_length($polje_sa_duzinom));
$id = mysql_prep($_GET['page']);
$menu = mysql_prep($_POST['menu_name']);
$position = mysql_prep($_POST['position']);
$visible = mysql_prep($_POST['visible']);
$content = mysql_prep($_POST['content']);
$page_get = get_page_by_id($id);
$pages_all = get_all_pages_for_subject($page_get['subject_id']);
$page_fetch = mysql_fetch_array($pages_all);
$count_pages = mysql_num_rows($pages_all);
$position_old = $page_get['position'];
if (empty($errors)) {
if ($position_old != $position) {
if ($position_old < $position) {
for ($i = $position_old; $i < $position; $i++) {
$new = $i + 1;
$qry = "UPDATE pages SET";
$qry .= " position={$i}";
$form_type = "update";
$show_insert_form_after_error = 0;
$show_edit_form_after_error = 0;
// display the form
$form = build_form($table_name, $action, $fields_labels_ar, $form_type, $res_details, $where_field, $where_value, $show_insert_form_after_error, $show_edit_form_after_error);
echo $form;
reset($fields_labels_ar);
} else {
txt_out("<p class='error_message'> *** " . $error_messages_ar["no_authorization_view"] . " ***</p>");
}
// end else
break;
case "update":
if ($enable_edit == "1") {
$check = 0;
$check = check_required_fields($fields_labels_ar);
if ($check == 0) {
txt_out($normal_messages_ar["required_fields_missed"], "error_messages_form");
} else {
// required fields are ok
// check field lengths
$check = 0;
$check = check_length_fields($fields_labels_ar);
if ($check == 0) {
txt_out($normal_messages_ar["fields_max_length"], "error_messages_form");
} else {
// fields length are ok
$check = 0;
$content_error_type = "";
$check = check_fields_types($fields_labels_ar, $content_error_type);
if ($check == 0) {
//printf("<pre>all => %s</pre>\n", print_r($all_fields, true));
$fh = fopen($_FILES['users_file']['tmp_name'], 'r');
if (!$fh) {
//printf('<pre>%s</pre>', print_r($_FILES, true));
print "Couldn't open the uploaded file<br>\n";
} else {
$line = fgetcsv($fh, null, ',');
$user_places = get_field_places($line, $user_fields);
$extension_places = get_field_places($line, $extension_fields);
if (array_key_exists('username', $user_places)) {
$extension_places['username'] = $user_places['username'];
}
//printf("<pre>user_places => %s</pre>\n", print_r($user_places, true));
//printf("<pre>ext_places => %s</pre>\n", print_r($extension_places, true));
//printf("<pre>FIRST LINE => %s</pre>", print_r($line, true));
if (check_required_fields($line, $all_fields)) {
while ($line = fgetcsv($fh, null, ',')) {
// create user
insert_db_row($db, $line, $user_places, 'v_users', $v_ids);
// add user to members group
$grp_line = array('member', $line[$user_places['username']]);
$grp_places = array('groupid' => 0, 'username' => 1);
insert_db_row($db, $grp_line, $grp_places, 'v_group_members', $v_ids);
// add user's extension
insert_db_row($db, $line, $extension_places, 'v_extensions', $v_ids);
}
}
fclose($fh);
//printf("<pre>%s</pre>\n", print_r($inserted, true));
printf("<h3>Bulk Add Results:</h3>\n");
printf("<table>\n");
