$row['products_featured'] = ($_POST['products_featured']) ? $_POST['products_featured'] : 0; $row['products_release_date'] = strtotime($_POST['products_release_date']); $row['products_flat_shipping_price'] = $_POST['products_flat_shipping_price']; $row['products_desc'] = $_POST['products_info_desc']; $info['products_info_desc'] = $_POST['products_info_desc']; $info['products_info_custom_1'] = ($_POST['products_info_custom_1']) ? $_POST['products_info_custom_1'] : ''; $info['products_info_custom_2'] = ($_POST['products_info_custom_2']) ? $_POST['products_info_custom_2'] : ''; $info['products_info_custom_3'] = ($_POST['products_info_custom_3']) ? $_POST['products_info_custom_3'] : ''; $info['products_info_custom_4'] = ($_POST['products_info_custom_4']) ? $_POST['products_info_custom_4'] : ''; $info['products_info_custom_5'] = ($_POST['products_info_custom_5']) ? $_POST['products_info_custom_5'] : 0; if($_POST['action'] == 'addproduct') { $row['products_date_added'] = time(); dbPerform('store_products', $row, 'insert'); $productID = dbInsertID(); $info['products_id'] = $productID; dbPerform('store_products_info', $info, 'insert'); $message = "Added " . $_POST['products_title'] . " successfully"; } if($_POST['action'] == 'editproduct') { $productID = $_POST['id']; dbPerform('store_products', $row, 'update', 'products_id = ' . $productID); dbPerform('store_products_info', $info, 'update', 'products_id = ' . $productID); $message = "Updated " . $_POST['products_title'] . " successfully"; } $filesArray = $_FILES['image'];
if($_POST['email_display_home']) { dbPerform("newsletters", $rows, "update", 'email_queue_id = ' . $_POST['email_id']); } addMessage('Your message has been saved'); redirect(PAGE_COMMUNICATION); } else { if($_POST['send'] == 'now'){ //sendNewsletter($queueID); $field['email_queue_release_date'] = time();//set the time to now! other wise, if it's set to go on specific date we add the time as 1:00am on that day! } dbPerform('email_queue', $field, 'insert'); $queueID = dbInsertID(); if($_POST['email_display_home']) { $rows['email_queue_id'] = $queueID; dbPerform('newsletters', $rows, 'insert'); } addMessage('Your message has been added to the queue, you can view the queue at anytime by clicking on the Queue tab'); redirect(PAGE_COMMUNICATION); } break; } } if(!$_GET['section']) {
} else { $event['calendar_events_type'] = $_POST['calendar_events_type']; } //$event['calendar_events_date_added'] = time(); $event['calendar_events_featured'] = $_POST['calendar_events_featured']; if($_POST['repeats'] == 'never') { $event['calendar_events_repeats'] = 0; } else { $event['calendar_events_repeats'] = 1; } dbPerform('calendar_events', $event, 'insert'); $_POST['id'] = dbInsertID(); if($_FILES['event_image']['name'] != '') { //uploading image! $filename = time()."_".$_FILES['event_image']['name']; uploadFile($_FILES['event_image'], $filename); makeThumbnail($filename, UPLOAD_DIR, 150, '', 'small'); makeThumbnail($filename, UPLOAD_DIR, 50, '', 'xsmall'); makeThumbnail($filename, UPLOAD_DIR, 250, '', 'large'); $event['calendar_events_image'] = $filename; } if($_FILES['event_main_image']['name'] != '') { //uploading image! $filename = time()."_".$_FILES['event_main_image']['name']; uploadFile($_FILES['event_main_image'], $filename);
//save user! $user['user_name'] = $_POST['user_name']; $user['user_password'] = $_POST['user_password']; if($_POST['action'] == 'add') { } if($_POST['id'] != '') { dbPerform('user', $user, 'update', 'user_id = ' . $_POST['id']); $userID = $_POST['id']; } else { $user['user_created'] = time(); dbPerform('user', $user, 'insert'); $userID = dbInsertID(); } $info['user_first_name'] = $_POST['user_first_name']; $info['user_last_name'] = $_POST['user_last_name']; if($_POST['id'] != '') { dbPerform('user_information', $info, 'update', 'user_id = ' . $userID); addMessage("Added user successfully"); } else { $info['user_id'] = $userID; dbPerform('user_information', $info, 'insert'); addMessage("Added user successfully"); } dbQuery('DELETE FROM user_access_pages WHERE user_id = ' . $userID . ' AND user_access_pages_type = "manager"');
<?php /* This script is used with swfupload */ /* We are going to be upload and storing the gallery images /* /* Create thumbnails and return a true statement! */ include 'application.php'; if ($_FILES['Filedata']['name'] != "" && isset($_POST['gallery_id'])) { $filename = time() . fixFilename($_FILES['Filedata']['name']); uploadFile($_FILES['Filedata'], $filename); foreach ($galleryImageSizes as $name => $size) { makeThumbnail($filename, UPLOAD_DIR, $size, '', $name); } $row['gallery_id'] = $_POST['gallery_id']; $row['gallery_image_filename'] = $filename; $row['gallery_date_added'] = time(); $row['gallery_image_caption'] = ''; dbPerform('gallery_images', $row, 'insert'); $imageID = dbInsertID(); //get total images then add one for the sort order number! $imgResults = dbQuery('SELECT gallery_image_id FROM gallery_images WHERE gallery_id = ' . $_POST['gallery_id']); $count = dbNumRows($imgResults); $next = $count++; $row2['gallery_image_sort_order'] = $next; dbPerform('gallery_images', $row2, 'update', 'gallery_image_id = ' . $imageID); echo "FILEID:" . UPLOAD_DIR_URL . getThumbnailFilename($filename, 'thumb'); } else { return false; die; }
$staffUsername = $tableRows[0]['StaffUsername']; // Seeing if this is a new message or one that we are // appending a comment to $newMessage = false; if ($messageThreadID == "new") { $newMessage = true; // Getting the full staff member name $sqlStaffFullName = "SELECT StaffForename, StaffSurname FROM `sen_info`.`tbl_staff` WHERE (StaffUsername = '******')"; $queryResultStaffFullname = dbSelect($sqlStaffFullName, $databaseConnection); $tableRows = dbSelectGetRows($queryResultStaffFullname); $staffForename = $tableRows[0]['StaffForename']; $staffSurname = $tableRows[0]['StaffSurname']; // Adding the message title to tbl_messages $sqlInsertMessage = "INSERT INTO `sen_info`.`tbl_messages` (`MessageTitle`, `StudentID`, `StaffUsername`, `MessageDate`, `MessageStatus`, `PanelID`) VALUES ('{$messageTitle}', {$studentID}, '{$staffUsername}', '{$messagePosted}', 0, {$panelID});"; $insertResultMessage = dbInsert($sqlInsertMessage, $databaseConnection); $messageThreadID = dbInsertID($databaseConnection); } // Adding the comment to tbl_comments // Note: $messageThreadID will either be assigned from the // POST to this page or when the message is added above $sqlInsertComment = "INSERT INTO `sen_info`.`tbl_comments` (`Comment`, `MessageID`, `StaffUsername`, `CommentDate`) VALUES ('{$messageBody}', {$messageThreadID}, '{$staffUsername}', '{$messagePosted}');"; $insertResultComment = dbInsert($sqlInsertComment, $databaseConnection); // Seeing if a new table row should be sent back, or just a // success message if ($newMessage) { // Creating a new HTML table row to pass back to the calling AJAX function echo '<tr id="panel_' . $panelID . '-message_' . $messageThreadID . '">'; echo '<td>'; echo '<label class="mdl-checkbox mdl-js-checkbox mdl-js-ripple-effect mdl-data-table__select" for="row[' . $messageThreadID . ']">'; echo '<input type="checkbox" id="row[' . $messageThreadID . ']" class="mdl-checkbox__input" />'; echo '</label>';