<?php require_once '../includes/connection.php'; require_once '../includes/session.php'; //confirm user has logged in Confirm_admin_session(); //form Add Store submitted if (isset($_POST['add_store'])) { $storename = ucfirst(mysql_prep($_POST['store_name'])); $location = ucfirst(mysql_prep($_POST['location'])); $phone = mysql_prep($_POST['phone']); $password = md5(mysql_prep($_POST['password'])); //form data $form_data = array('store_name' => $storename, 'store_location' => $location, 'store_password' => $password, 'store_phone' => $phone); //insert dbRowInsert('tblstore', $form_data); //redirect redirect_to("store-add.php"); } // require_once 'includes/template-top.php'; ?> <!-- row --> <div class="row"> <h1 class="title">Add Store</h1> <script> //validate phone number function isNumeric(elem,helperMsg) { var NumPhone = document.addStoreForm.phone;
$table_name = "members"; mysql_connect("{$host}", "root", "") or die("cannot connect"); mysql_select_db("{$db_name}") or die("cannot select DB"); $upload_dir = 'image/'; $target_file = $upload_dir . basename($_FILES['fileToUpload']['name']); $tmp_name = $_FILES["fileToUpload"]["tmp_name"]; $name = $_FILES["fileToUpload"]["name"]; move_uploaded_file($tmp_name, "{$upload_dir}/{$name}"); $username = $_POST['username']; $pass = $_POST['password']; $type = $_POST['type']; $ic = $_POST['ic']; $phonenumber = $_POST['phonenumber']; $email = $_POST['email']; $gender = $_POST['gender']; $doctorname = $_POST['drname']; $specility = $_POST['special']; $picture = $target_file; $password = sha1($pass); $form_data = array('userId' => NULL, 'username' => $username, 'password' => $password, 'type' => $type, 'ic' => $ic, 'phoneNo' => $phonenumber, 'email' => $email, 'gender' => $gender, 'doctorName' => $doctorname, 'speciality' => $specility, 'picture' => $picture); function dbRowInsert($table_name, $form_data) { $fields = array_keys($form_data); $sql = "INSERT INTO " . $table_name . " (`" . implode('`,`', $fields) . "`)VALUES('" . implode("','", $form_data) . "')"; $sqlresult = mysql_query($sql); echo "<script type='text/javascript'>\n window.alert('New Profile successfully created!');\n window.location.href = 'main1.php';\n </script>"; return $sqlresult; } mysql_select_db("{$db_name}"); dbRowInsert('members', $form_data);
<?php require_once 'includes/connection.php'; require_once 'includes/session.php'; confirm_logged_in(); //confirm whether the user logged in //ADD if (isset($_POST['add_todo_btn'])) { // $todo = mysql_prep($_POST['todo']); $form_data = array('todo_item' => $todo); dbRowInsert('todo_list', $form_data); redirect_to("index.php?submitted=true"); } elseif (isset($_GET['done'])) { $action = mysql_prep($_GET['done']); $id = mysql_prep($_GET['id']); if ($action == 1) { //done $form_data = array('todo_status' => 'Done'); } else { //not done $form_data = array('todo_status' => 'Not Done'); } dbRowUpdate('todo_list', $form_data, " WHERE id = {$id} "); redirect_to("index.php"); } elseif (isset($_GET['deleteid'])) { $id = mysql_prep($_GET['deleteid']); dbRowDelete('todo_list', " WHERE id = {$id} "); redirect_to("index.php"); } elseif (isset($_POST['edit_btn'])) { $id = mysql_prep($_POST['id']);
confirm_query($result); while ($row = mysql_fetch_array($result)) { $cart_id = $row['cart_id']; $grocery_id = $row['grocery_id']; $grocery_qty = $row['grocery_qty']; $cart_qty = $row['cart_qty']; $sales_cost = $row['grocery_cost']; //decrease stock $grocery_qty = $grocery_qty - $cart_qty; $form_data = array('grocery_qty' => $grocery_qty); dbRowUpdate('tblgrocery', $form_data, " WHERE grocery_id = {$grocery_id}"); //$cal_comm = round(( $sales_cost ( 3 /100 ) ) * $cart_qty); //insert into sales $form_data = array('grocery_id' => $grocery_id, 'sales_qty' => $cart_qty, 'ref_no' => $ref_no, 'email' => $session_cus_email, 'sales_cost' => $sales_cost); //inser dbRowInsert('tblsales', $form_data); //delete from the tblcart dbRowDelete('tblcart', " WHERE cart_id = {$cart_id}"); } redirect_to("account.php"); } // require_once 'includes/template-top.php'; ?> <!-- row --> <div class="row"> <h1 class="title">My Cart</h1> <table id="table1"> <thead>
echo '<tr><td colspan="4">No Rows Returned</td></tr>'; } else { while ($row = mysql_fetch_assoc($inresult)) { $id = $row['userId']; $drname = $row['doctorName']; $drspecial = $row['speciality']; $ppicture = $row['picture']; } } $pname = $_POST['pname']; $ic = $_POST['ic']; $age = $_POST['age']; $phonenumber = $_POST['phonenumber']; $birthday = $_POST['birthday']; $race = $_POST['race']; $gender = $_POST['gender']; $religion = $_POST['religion']; $address = $_POST['address']; $insurance = $_POST['insurance']; $form_data = array('userId' => $id, 'patientId' => NULL, 'patientName' => $pname, 'patientPhoneNo' => $phonenumber, 'patientIc' => $ic, 'patientAddress' => $address, 'Dob' => $birthday, 'patientGender' => $gender, 'race' => $race, 'religion' => $religion, 'insurance' => $insurance, 'age' => $age); function dbRowInsert($table_name, $form_data) { $fields = array_keys($form_data); $sql = "INSERT INTO " . $table_name . " (`" . implode('`,`', $fields) . "`)VALUES('" . implode("','", $form_data) . "')"; $sqlresult = mysql_query($sql); echo "<script type='text/javascript'>\n window.alert('New Profile successfully created!');\n window.location.href = 'main1.php';\n </script>"; return $sqlresult; } mysql_select_db("{$db_name}"); dbRowInsert('patient', $form_data);
<?php include 'functions.php'; include 'config.php'; include 'header.php'; if (isset($_POST['submit'])) { $form_data = array('Name' => $_POST['cname'], 'Mobile' => $_POST['cmobile'], 'Landline' => $_POST['clandline'], 'Email' => $_POST['cemail'], 'bussinesscardimage_path' => $_POST['cbussi'], 'Key_contact' => $_POST['ckeycon'], 'Supplier_id' => $_POST['csupplier'], 'Position' => $_POST['cposition'], 'Skype' => $_POST['cskype'], 'Wechat' => $_POST['cwechat'], 'QQ' => $_POST['cqq'], 'WhatsApp' => $_POST['cwhats']); dbRowInsert('contacts', $form_data); header("Location: contacts.php"); } ?> <style> .ui-button-icon-primary{ top:0%; } </style> <div id="main" role="main"> <div id="content"> <!-- widget grid --> <section id="widget-grid" class=""> <!-- START ROW --> <div class="row"> <!-- NEW COL START -->
$temp = explode(".", $_FILES["file1"]["name"]); $newfilename = uniqid() . '.' . end($temp); $extension = end($temp); if (($_FILES["file1"]["type"] == "image/gif" || $_FILES["file1"]["type"] == "image/jpeg" || $_FILES["file1"]["type"] == "image/JPEG" || $_FILES["file1"]["type"] == "image/jpg" || $_FILES["file1"]["type"] == "application/pdf" || $_FILES["file1"]["type"] == "image/pjpeg" || $_FILES["file1"]["type"] == "image/x-png" || $_FILES["file1"]["type"] == "image/png") && $_FILES["file1"]["size"] < 8000000 && in_array($extension, $allowedExts)) { if ($_FILES["file1"]["error"] > 0) { $error_msg = "Return Code: " . $_FILES["file1"]["error"] . "<br>"; } else { if (file_exists("../images/grocery/" . $newfilename)) { $error_msg = $_FILES["file1"]["name"] . " already exists. "; } else { move_uploaded_file($_FILES["file1"]["tmp_name"], "../images/grocery/" . $newfilename); $img_dir = "images/grocery/" . $newfilename; //form data $form_data = array('grocery_name' => $grocery_name, 'grocery_cost' => $grocery_cost, 'store_id' => $store_id, 'grocery_img' => $img_dir, 'grocery_qty' => $grocery_qty); //insert dbRowInsert('tblgrocery', $form_data); redirect_to("add-grocery.php"); } } } } // require_once 'includes/template-top.php'; ?> <!-- row --> <div class="row"> <h1 class="title">Add Grocery <a href="groceries.php" class="btn" > » View All Groceries</a></h1> <form action="add-grocery.php" class="form1" method="post" onSubmit="return alert('Grocery added successfully')" enctype="multipart/form-data"> <div class="lft" style="width:90%" > <p><label>Grocery Name</label><br>
function addNewEmployer($data) { $status = 'fail'; //print_r(array_values($data)); try { $form_data = array('user_name' => $_POST["formData"]['user_name'], 'mail_id' => $_POST["formData"]['mail_id'], 'contact' => $_POST["formData"]['contact'], 'alternate_contact' => $_POST["formData"]['alternate_contact'], 'website' => $_POST["formData"]['website']); $tableName = "employer_personal_info"; $result = dbRowInsert($tableName, $form_data); if ($result) { $status = "ok"; } } catch (Exception $ex) { echo "<script>\n var msg = '<b>* Error Occured While Inserting New Employer ...</b>';\n showWarning(msg);\n </script>"; echo "fail"; } echo $status; }
// //form registered submitted if (isset($_POST['register_btn'])) { $email = trim(mysql_prep($_POST['email'])); $usernames = ucfirst(trim(mysql_prep($_POST['names']))); $phone = trim(mysql_prep($_POST['phone'])); $password = md5($_POST['password']); //check whether email exist $query = "SELECT * FROM tblcustomers WHERE email = '{$email}' LIMIT 1"; $result = mysql_query($query, $connection) or die("Query failed : " . mysql_error()); $row = mysql_fetch_array($result); if ($row <= 0) { //form data $form_data = array('cus_names' => $usernames, 'email' => $email, 'password' => $password, 'cus_phone' => $phone); //register customers dbRowInsert('tblcustomers', $form_data); //set session $_SESSION['customerNames'] = $usernames; $_SESSION['customerEmail'] = $email; //redirect redirect_to("account.php"); } else { //email exists $error_email = 'Email Already Exist!'; } } // //form login submitted if (isset($_GET['login_btn'])) { //form variables $email = trim(mysql_prep($_GET['email']));
if (isset($_POST['val'])) { $val_decode = json_decode($_POST['val'], true); echo json_encode($val_decode); //echo json_encode(json_decode($_POST['val'])); $data = $val_decode[0]; } /* if ( isset ( $_POST['clause'] ) ) { $clause_decode=json_decode($_POST['clause'],true); //echo json_encode(json_decode($_POST['val'])); $clause = $clause_decode[0]; }*/ $op = $_POST['operation']; echo $op; if (strcmp($op, 'insert') == 0) { echo " in insert"; $res = dbRowInsert($_POST['t_name'], $data, $con); if (!$res) { die("failed"); } exit; } if (strcmp($op, 'update') == 0) { $res = dbRowupdate($_POST['t_name'], $data, $_POST['clause'], $con); if (!$res) { die("failed"); } exit; } if (strcmp($op, 'delete') == 0) { echo "in delete"; $res = dbRowDelete($_POST['t_name'], $_POST['clause'], $con);
echo '<tr><td colspan="4">No Rows Returned</td></tr>'; } else { while ($row = mysql_fetch_assoc($inresult)) { $id = $row['userId']; $drname = $row['doctorName']; $drspecial = $row['speciality']; $ppicture = $row['picture']; } } $treatment = $_POST['treatment']; $diagnosis = $_POST['diagnosis']; $symptoms = $_POST['symptoms']; $patientId = $_POST['patientid']; $sql = "SELECT * FROM patient WHERE patientId={$patientId}"; $retrieve = mysql_query($sql); $rowcount = mysql_num_rows($retrieve); if ($rowcount == 0) { echo "<script type='text/javascript'>\n window.alert('No data. Please enter a valid patient ID!');\n window.location.href = 'record.php';\n </script>"; } $form_data = array('recordId' => NULL, 'patientId' => $patientId, 'userId' => $id, 'treatment' => $treatment, 'diagnosis' => $diagnosis, 'symptom' => $symptoms); function dbRowInsert($table_name, $form_data) { $fields = array_keys($form_data); $sql = "INSERT INTO " . $table_name . " (`" . implode('`,`', $fields) . "`)VALUES('" . implode("','", $form_data) . "')"; return mysql_query($sql); $sqlresult = mysql_query($sql); return $sqlresult; } mysql_select_db("{$db_name}"); dbRowInsert('record', $form_data); echo "<script type='text/javascript'>\n window.alert('New record successfully created!');\n window.location.href = 'view_record.php';\n </script>";