* När man är nöjd och trycker på submit-knappen kommer man tillbaka till * samma sida och filen sparas igen. * Som editor används nicedit.js. * */ /* * Check if allowed to access. * If $nextPage is not set, the page is not reached via the page controller. * Then check if the viewer is signed in. */ if (!isset($nextPage)) { die('Direct access to the page is not allowed.'); } $intFilter = new CAccessControl(); $intFilter->UserIsSignedInOrRedirect(); $intFilter->UserIsAuthorisedOrDie('fnk'); $calendarFileName = "Kalender.txt"; $calendarPath = TP_DOCUMENTS . $calendarFileName; $mainTextHTML = ""; if (isset($_POST['submitBtn'])) { // If the submit button has been pressed, process the form information. // Get calendar from the form. $calendar = $_POST['calendar']; //Open the file and write the calendar. $fh = fopen($calendarPath, "wt"); fwrite($fh, $calendar); fclose($fh); if ($debugEnable) { // Om debug så visa formuläret färdigifyllt. $mainTextHTML .= "<a title='Vidare' href='?p=show_usr&id={$idPerson}'\n tabindex='1'><img src='../images/b_enter.gif' alt='Vidare' /></a>\n <br />\r\n"; } else {
<?php /////////////////////////////////////////////////////////////////////////////////////////////////// // // PSaveUser.php // Called by 'save_user' from index.php. // The page saves user information for idUser. // Input: 'firstName', 'familyName', 'eMail1', 'eMail2', 'id', 'redirect' as POST. // Output: // /////////////////////////////////////////////////////////////////////////////////////////////////// // Check that the page is reached from the front controller and authority etc. $intFilter = new CAccessControl(); $intFilter->FrontControllerIsVisitedOrDie(); $intFilter->UserIsSignedInOrRedirectToSignIn(); $intFilter->UserIsAuthorisedOrDie('adm'); /////////////////////////////////////////////////////////////////////////////////////////////////// // Prepare the database and clean input and query the database. // $dbAccess = new CdbAccess(); $tableUser = DB_PREFIX . 'User'; $idUser = isset($_POST['id']) ? $_POST['id'] : NULL; $firstNameUser = isset($_POST['firstName']) ? $_POST['firstName'] : NULL; $familyNameUser = isset($_POST['familyName']) ? $_POST['familyName'] : NULL; $eMail1User = isset($_POST['eMail1']) ? $_POST['eMail1'] : NULL; $eMail2User = isset($_POST['eMail2']) ? $_POST['eMail2'] : NULL; $redirect = isset($_POST['redirect']) ? $_POST['redirect'] : NULL; $idUser = $dbAccess->WashParameter($idUser); $firstNameUser = $dbAccess->WashParameter(strip_tags($firstNameUser)); $familyNameUser = $dbAccess->WashParameter(strip_tags($familyNameUser)); $eMail1User = $dbAccess->WashParameter(strip_tags($eMail1User));