function saveFormDataNewQOModuleLauncher($fMemberId) { // make all the strings safe $fQoMembersId = (int) mysql_real_escape_string($_POST['qo_members_id']); $fQoGroupsId = (int) mysql_real_escape_string($_POST['qo_groups_id']); $fQoModulesId = (int) mysql_real_escape_string($_POST['qo_modules_id']); $fQoLaunchersId = (int) mysql_real_escape_string($_POST['qo_launchers_id']); $fSortOrder = (int) mysql_real_escape_string($_POST['sort_order']); $memberName = $fQoMembersId == 0 ? "All Members" : getMemberNameById($fQoMembersId); $groupName = $fQoGroupsId == 0 ? "All Groups" : getGroupNameById($fQoGroupsId); $moduleName = getModuleNameById($fQoModulesId); $launcherName = getLauncherNameById($fQoLaunchersId); $sql = 'INSERT INTO `qo_modules_has_launchers` (`qo_members_id`, `qo_groups_id`, `qo_modules_id`, `qo_launchers_id`, `sort_order`) VALUES (' . $fQoMembersId . ',' . $fQoGroupsId . ',' . $fQoModulesId . ',' . $fQoLaunchersId . ',' . $fSortOrder . ')'; if (mysql_query($sql)) { $returnState = "{success:true}"; $auditState = 'SUCCESS'; } else { $returnState = "{success:false}"; $auditState = 'FAILURE'; } writeAudit($fMemberId, $auditState, 'New module launcher (member: ' . $memberName . ', group: ' . $groupName . ', module: ' . $moduleName . ', launcher: ' . $launcherName . '), ' . $field . ' set to ' . $value . '.'); return $returnState; }
<meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no"> <link rel="stylesheet" type="text/css" href="pray.css"/> </head> <body> <?php include_once 'constant.inc'; include_once 'commonFunc.inc'; // 如果有POST过来的group_id,说明用户是从groupList页面跳转过来,判断是否能进入群组 if (filter_has_var(INPUT_POST, "group_id")) { $group_id = filter_input(INPUT_POST, "group_id"); $user_id = $_SESSION["user_id"]; //检查用户是否该组成员 if (isMember($user_id, $group_id)) { $_SESSION["group_id"] = $group_id; $_SESSION["group_name"] = getGroupNameById($group_id); showPrayList($group_id); } else { showJoinGroup($group_id); } } else { if (filter_has_var(INPUT_POST, "joinGroup")) { $group_id = filter_input(INPUT_POST, "joinGroup"); $user_id = $_SESSION["user_id"]; joinGroup($user_id, $group_id); } else { if (isset($_SESSION["group_id"])) { $group_id = $_SESSION["group_id"]; showPrayList($group_id); } else { echo "<script>window.location = 'index.php'</script>";