$sSqlOffset = intval($_POST['sql_offset'], 10); // get new db object // (the parameters are stored in the db_config.php file) $oDB = new DataBase($sHost, $sDbUser, $sDbPasswd, $sDatabase); $oDB->connect(); // escape the search term $sSearchTerm = mysql_real_escape_string($_POST['search_term']); // extend the search term $sSearchTerm = '%' . $sSearchTerm . '%'; // escape the db field names of the both languages $sDbLang1 = mysql_real_escape_string($_POST['db_lang_1']); $sDbLang2 = mysql_real_escape_string($_POST['db_lang_2']); // now build the query $sQuery = sprintf("SELECT %s, %s FROM voka WHERE %s LIKE '%s' OR %s LIKE '%s' LIMIT %d, %d", $sDbLang1, $sDbLang2, $sDbLang1, $sSearchTerm, $sDbLang2, $sSearchTerm, $sSqlOffset, $sSqlLimit); $oResult = $oDB->query($sQuery); $oDB->disconnect(); if (!$oResult) { //echo "DB error: " . $oDB->getLastError(); $aReturnCode = array("code" => -1); echo json_encode($aReturnCode); return; } if (mysql_num_rows($oResult) == 0) { //echo "No result: ". $oDB->getLastError(); $aReturnCode = array("code" => 0); echo json_encode($aReturnCode); return; } // determine total number of possible results $oDB->connect(); $sQueryTotalNum = sprintf("SELECT COUNT(*) AS total_num FROM voka WHERE %s LIKE '%s' OR %s LIKE '%s'", $sDbLang1, $sSearchTerm, $sDbLang2, $sSearchTerm);
$folder = "images/" . $_POST['course_id'] . "/"; $fields = array('img_id', 'img_loc', 'img_des', 'doc_id'); //here we write the attribute or fields which is in the table insid the database $values = array('', $folder . $_FILES['upload']['name'][$i], 'test', $get_decument_id); //put all variables in values array() $con->insert($fields, $values, 'doc_imgs'); //call insert(all fields or attribute , value array,table name) } //end of if statament if(move_uploaded_file($tmpFilePath, $newFilePath)) } //end of if ($tmpFilePath != "") } //end of for loop $sql = "SELECT img_loc FROM doc_imgs where doc_imgs.doc_id='" . $get_decument_id . "' "; $data = mysql_query($sql); $con->disconnect(); } //end of if statment if(isset($_POST['pleace'])) if (isset($_POST['change'])) { $sql = "SELECT c_id FROM documentation where c_num='" . $course_id . "' "; echo $sql; $result = mysql_query($sql); while ($row = mysql_fetch_array($result)) { $get_decument_id = $row['c_id']; echo $get_decument_id; } $con->update('documentation', array('course' => $course, 'event' => $event, 'c_name' => $course_name, 'c_num' => $course_id, 'c_location' => $pleace, 'c_collage_index' => $collage, 'c_dept' => $dept, 'c_price' => $price, 'c_gender' => $type, 'c_target_group' => $target, 'c_duration' => $how_long, 'c_req_num' => $at_least, 'c_reg_time' => $start_date, 'c_max_num' => $at_most, 'c_time_from' => $start_time, 'c_time_to' => $end_time, 'c_major' => $course_about, 'c_languate' => $language, 'c_goals' => $goals, 'c_doc_desc' => $description, 'c_notes' => $notes), array('c_id', $get_decument_id)); } if (isset($_POST['delete_course_id'])) { //echo "it is set <br/>"; $course_id = $_POST['delete_course_id'];