$val .= "'" . replaceSpecial($_POST['quiz_content']) . "',"; $val .= "'" . replaceSpecial($_POST['cont_error']) . "',"; $val .= "'" . $visible . "',"; $val .= "'" . str_db($_POST['min_answer']) . "',"; $val .= "'" . $status . "'"; $sql = " insert into quizzes ("; $sql .= $record; $sql .= ") VALUES ("; $sql .= $val; $sql .= ")"; execute($sql); $last_id = mysql_insert_id(); Mkdir(path_stored_quizzes . '/' . $last_id, 0755, true); copy(path_rel_sfw . '/get_code.php', path_stored_quizzes . '/' . $last_id . '/' . $rand_cod . '.php'); replace_line_in_file(path_stored_quizzes . '/' . $last_id . '/' . $rand_cod . '.php', "{include}", "require_once('" . path_rel_sfw . "/include/inc_db.php');"); replace_line_in_file(path_stored_quizzes . '/' . $last_id . '/' . $rand_cod . '.php', "{sql_replace}", "\$" . "sqli = 'select * from quizzes where code = \"" . $rand_cod . "\"';"); /*******************************************************************/ foreach ($_POST as $key => $val) { if (substr($key, 0, 9) == 'question_') { $record = 'id_quiz,questions'; $valu = "'" . str_db($last_id) . "',"; $valu .= "'" . str_db($val) . "'"; $sql = " insert into questions ("; $sql .= $record; $sql .= ") VALUES ("; $sql .= $valu; $sql .= ")"; execute($sql); $last_id_question = mysql_insert_id(); $arr_question = explode('_', $key); $question_num = end($arr_question);
} /**************************************************/ if (isset($_POST['host']) && $_POST['host'] != '' && isset($_POST['user']) && $_POST['user'] != '' && isset($_POST['pass']) && $_POST['pass'] != '' && isset($_POST['db_name']) && $_POST['db_name'] != '') { $connection = @mysql_connect($_POST['host'], $_POST['user'], $_POST['pass']); $erroredb = mysql_error(); if ($erroredb != '') { echo $erroredb; exit; } $sql = "CREATE DATABASE IF NOT EXISTS " . $_POST['db_name'] . " DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci"; @mysql_query($sql, $connection); mysql_select_db($_POST['db_name'], $connection); $sql = "CREATE TABLE IF NOT EXISTS answers (\r\n id bigint(20) NOT NULL AUTO_INCREMENT,\r\n id_question bigint(20) NOT NULL,\r\n id_quiz bigint(20) NOT NULL,\r\n answer longtext NOT NULL,\r\n proper tinyint(1) NOT NULL,\r\n UNIQUE KEY id (id)\r\n )"; @mysql_query($sql, $connection); $sql = "CREATE TABLE IF NOT EXISTS questions (\r\n id bigint(20) NOT NULL AUTO_INCREMENT,\r\n id_quiz bigint(20) NOT NULL,\r\n questions longtext NOT NULL,\r\n UNIQUE KEY id (id)\r\n )"; @mysql_query($sql, $connection); $sql = "CREATE TABLE IF NOT EXISTS quizzes (\r\n id bigint(20) NOT NULL AUTO_INCREMENT,\r\n code varchar(8) NOT NULL,\r\n name varchar(250) NOT NULL,\r\n creation_date datetime NOT NULL,\r\n status tinyint(1) NOT NULL,\r\n title_visible tinyint(1) NOT NULL,\r\n min_answer int(11) NOT NULL,\r\n content longtext NOT NULL,\r\n error_content longtext NOT NULL,\r\n type varchar(13) NOT NULL,\r\n random_question tinyint(1) NOT NULL,\r\n random_num int(11) NOT NULL,\r\n steppize tinyint(1) NOT NULL,\r\n min_answer_option tinyint(1) NOT NULL,\r\n email_quiz tinyint(1) NOT NULL,\r\n email_subject varchar(250) NOT NULL,\r\n email_receiver varchar(250) NOT NULL,\r\n email_content longtext NOT NULL,\r\n UNIQUE KEY id (id)\r\n )"; @mysql_query($sql, $connection); @mysql_close($connection); } $sfw_path1 = substr(dirname($_SERVER['REQUEST_URI']), 0, 1) == '/' ? substr(dirname($_SERVER['REQUEST_URI']), 1) : dirname($_SERVER['REQUEST_URI']); $sfw_path = str_replace('/wizard', '', $sfw_path1); $filename = $_SERVER['DOCUMENT_ROOT'] . '/' . $sfw_path . '/include/inc_config.php'; replace_line_in_file($filename, '$sfw_path = \'\';', '$sfw_path = \'' . $sfw_path . '\';'); replace_line_in_file($filename, '$hostname = \'\';', '$hostname = \'' . $_POST['host'] . '\';'); replace_line_in_file($filename, '$username = \'\';', '$username = \'' . $_POST['user'] . '\';'); replace_line_in_file($filename, '$password = \'\';', '$password = \'' . $_POST['pass'] . '\';'); replace_line_in_file($filename, '$db = \'\';', '$db = \'' . $_POST['db_name'] . '\';'); replace_line_in_file($filename, '$path_stored_quizzes = \'\';', '$path_stored_quizzes = \'' . $_POST['store'] . '\';'); replace_line_in_file($filename, '$admin_email = \'\';', '$admin_email = \'' . $_POST['email'] . '\';'); echo 'ok';