<tr class="off" onmouseover="this.className='on'" onmouseout="this.className='off'"> <td align="left"><ul style="list-style:none; padding:0;height:24px;" id="menu"><li><a href="index.php?name=blog&file=blog"> <?php echo _MEMBER_BLOG; ?> </a></li></ul></td> </tr> <tr class="off" onmouseover="this.className='on'" onmouseout="this.className='off'"> <tr> <td align="left"><ul style="list-style:none; padding:0;height:24px;" id="menu"><li><a href='index.php?name=blog&file=blog&op=article_add'><?php echo toTis620('เขียน blog ใหม่'); ?> </a></li></ul></td> </tr> <tr> <td align="left"><ul style="list-style:none; padding:0;height:24px;" id="menu"><li><a href='index.php?name=subreport'><?php echo toTis620('ส่งข้อมูลถึง สปสข.'); ?> </a></li></ul></td> </tr> <tr> <td align="left"> <ul style="list-style:none; padding:0;height:24px;" id="menu"><li><a href="index.php?name=member&file=logout"> <?php echo _MEMBER_EXIT; ?> </a></li></ul> </td> </tr> <table> </td> </tr> </table>
$amper = $_POST['amper']; $education = $_POST['education']; $work = $_POST['work']; $address = $_POST['address']; $phone = $_POST['phone']; $zipcode = $_POST['zipcode']; $member_pic = $_POST['member_pic']; $signature = $_POST['signature']; $sql = sprintf("SELECT * FROM `web_member` WHERE `user` = '%s'", $username); $query = $db->select_query($sql); $rows = $db->rows($query); if ($_POST['USERNAME_OLD'] != $username && $rows > 0) { ?> <script type="text/javascript"> alert('<?php echo toTis620("ชื่อผู้ใช้งานซ้ำกับคนอื่น กรุณาตรวจสอบอีกครั้ง"); ?> '); window.history.back(-1); </script> <?php exit; } // ¶éÒ¡ÃÍ¡ÍÕàÁÅìäÁè¶Ù¡µéͧ if (!preg_match("/^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)\$/i", $email)) { $showmsg = "<br><br><center><font size='3' face='MS Sans Serif'><b>" . _MEMBER_MOD_CHEMAIL_CONF . "</b></font><br><br><input type='button' value='" . _MEMBER_MOD_FORM_JAVA_RETERN . "' onclick='history.back();'></center>"; showerror($showmsg); } if ($_POST['PASSWORD']) { $NewPass = md5($_POST['PASSWORD']); } else {
$data['time'] = date('Y-m-d H:i:s'); $db->add_db("web_subreport", $data); } else { // Update $data_set = array(); foreach ($data as $field => $value) { $data_set[] = $field . "='" . $value . "'"; } $update_data = implode(',', $data_set); $db->update("web_subreport", $update_data, " `id` = {$id}"); } echo '<h3 class="successtxt">' . toTis620('บันทึกข้อมูลเรียบร้อย') . '<br><a href="index.php?name=subreport">' . toTis620('คลิกที่นี่เพื่อกลับไปหน้ารายการ') . '</a></h3>'; } } else { if ($action == "delete") { $id = isset($_GET['id']) ? intval($_GET['id']) : 0; if ($id > 0) { $where = $level === 0 ? " AND `user_id` = '" . $user['id'] . "'" : ''; $statement = sprintf("SELECT * FROM `web_subreport` WHERE `id` = %s" . $where, $id); $query = $db->select_query($statement); $item = $db->fetch($query); @unlink($item['filepath']); $db->del("web_subreport", " `id` = {$id}"); } echo '<h3 class="successtxt">' . toTis620('ลบข้อมูลเรียบร้อย') . '<br><a href="index.php?name=subreport">' . toTis620('คลิกที่นี่เพื่อกลับไปหน้ารายการ') . '</a></h3>'; } } } } } // Ending check invalid user