if ($_POST[user_password_1] != $_POST[user_password_2]) { $alertmessage = "The passwords do not match."; $page = "team_edit"; $status = "add"; } else { // This determines the page to show once the form submission has been successful $status = "team_add"; // Begin to clean up the $_POST submissions $user_password = md5(CleanUp($_POST[user_password_1])); $user_username = CleanUp($_POST[user_username]); $user_address_1 = CleanUpAddress($_POST[user_address_1]); $user_address_2 = CleanUpAddress($_POST[user_address_2]); $user_address_3 = CleanUpAddress($_POST[user_address_3]); $user_address_town = CleanUpAddress($_POST[user_address_town]); $user_address_postcode = CleanUpPostcode($_POST[user_address_postcode]); $user_address_county = CleanUpAddress($_POST[user_address_county]); $user_name_first = CleanUpNames($_POST[user_name_first]); $user_name_second = CleanUpNames($_POST[user_name_second]); $user_num_extension = CleanUp($_POST[user_num_extension]); $user_num_home = CleanUpPhone($_POST[user_num_home]); $user_num_mob = CleanUpPhone($_POST[user_num_mob]); $user_email = CleanUpEmail($_POST[user_email]); $user_user_rate = CleanUp($_POST[user_user_rate]); $user_user_added = time(); $user_timesheet = CleanUp($_POST[user_timesheet]); $user_holidays = CleanUp($_POST[user_holidays]); $user_active = CleanUp($_POST[user_active]); $user_usertype = CleanUp($_POST[user_usertype]); // Construct the MySQL instruction to add these entries to the database $sql_add = "INSERT INTO intranet_user_details (\nuser_id,\nuser_password,\nuser_address_county,\nuser_address_postcode,\nuser_address_town,\nuser_address_3,\nuser_address_2,\nuser_address_1,\nuser_name_first,\nuser_name_second,\nuser_num_extension,\nuser_num_mob,\nuser_num_home,\nuser_email,\nuser_usertype,\nuser_active,\nuser_username,\nuser_user_rate,\nuser_user_added,\nuser_user_timesheet,\nuser_holidays\n) values (\n'NULL',\n'{$user_password}',\n'{$user_address_county}',\n'{$user_address_postcode}',\n'{$user_address_town}',\n'{$user_address_3}',\n'{$user_address_2}',\n'{$user_address_1}',\n'{$user_name_first}',\n'{$user_name_second}',\n'{$user_num_extension}',\n'{$user_num_mob}',\n'{$user_num_home}',\n'{$user_email}',\n'{$user_usertype}',\n'{$user_active}',\n'{$user_username}',\n'{$user_user_rate}',\n'{$user_user_added}',\n'{$user_user_timesheet}',\n'{$user_holidays}'\n)"; print $sql_add;
<?php $divider = "\n"; // if($user_usertype_current < 4) { header("Location:index2.php"); } else { CleanUpAddress($update_companyaddress); $settings_refresh = $_POST[settings_refresh] * 60; $update_settings = $_POST[database_location] . $divider . $_POST[database_username] . $divider . $_POST[database_password] . $divider . $_POST[database_name] . $divider . $_POST[settings_popup_login] . $divider . $_POST[settings_popup_newmessage] . $divider . $_POST[settings_style] . $divider . $_POST[settings_name] . $divider . $_POST[settings_companyname] . $divider . $_POST[settings_companytelephone] . $divider . $_POST[settings_companyfax] . $divider . $_POST[settings_companyweb] . $divider . $_POST[settings_ip_lock] . $divider . $_POST[settings_ip_address] . $divider . $_POST[settings_country] . $divider . $_POST[settings_showtech] . $divider . $_POST[settings_alertcolor] . $divider . $_POST[settings_vat] . $divider . $settings_refresh . $divider . $_POST[settings_mileage]; $update_companyaddress = $_POST[settings_companyaddress]; $settings_file = "secure/database.inc"; $address_file = "secure/address.inc"; file_put_contents($settings_file, $update_settings); file_put_contents($address_file, $update_companyaddress); $actionmessage = "Your preferences have been updated successfully. Any changes will be reflected shortly."; // }
<?php // Check that the required values have been entered, and alter the page to show if these values are invalid if ($_POST[company_name] == "") { $alertmessage = "The company name was left empty."; $page = "company_edit"; $action = "add"; } else { // This determines the page to show once the form submission has been successful $page = "company_view"; // Begin to clean up the $_POST submissions $company_id = $_POST[company_id]; $company_name = CleanUpNames($_POST[company_name]); $company_phone = CleanUpPhone($_POST[company_phone]); $company_fax = CleanUpPhone($_POST[company_fax]); $company_address = CleanUpAddress($_POST[company_address]); $company_city = CleanUp($_POST[company_city]); $company_county = CleanUp($_POST[company_county]); $company_postcode = CleanUpPostcode($_POST[company_postcode]); $company_country = $_POST[company_country]; $company_web = str_replace("http://", "", $_POST[company_web]); $company_notes = $_POST[company_notes]; // Construct the MySQL instruction to add these entries to the database $sql_add = "UPDATE contacts_companylist SET\ncompany_name = '{$company_name}',\ncompany_phone = '{$company_phone}',\ncompany_fax = '{$company_fax}',\ncompany_address = '{$company_address}',\ncompany_city = '{$company_city}',\ncompany_county = '{$company_county}',\ncompany_postcode = '{$company_postcode}',\ncompany_country = '{$company_country}',\ncompany_web = '{$company_web}',\ncompany_notes = '{$company_notes}'\nWHERE company_id = '{$company_id}' LIMIT 1\n"; $result = mysql_query($sql_add, $conn) or die(mysql_error()); $actionmessage = "The entry for company <b>{$company_name}</b> was updated successfully."; $techmessage = $sql_add; $company_id = mysql_affected_rows($result); }
$contact_prefix = $_POST[contact_prefix]; $contact_namefirst = CleanUpNames($_POST[contact_namefirst]); $contact_namesecond = CleanUpNames($_POST[contact_namesecond]); $contact_title = $_POST[contact_title]; $contact_company = CleanUpNames($_POST[contact_company]); $contact_telephone = CleanUpPhone($_POST[contact_telephone]); $contact_telephone_home = CleanUpPhone($_POST[contact_telephone_home]); $contact_fax = CleanUpPhone($_POST[contact_fax]); $contact_mobile = CleanUpPhone($_POST[contact_mobile]); $contact_email = CleanUpEmail($_POST[contact_email]); $contact_sector = $_POST[contact_sector]; $contact_reference = CleanUp($_POST[contact_reference]); $contact_department = CleanUp($_POST[contact_department]); $contact_added = time(); $contact_relation = $_POST[contact_relation]; $contact_discipline = $_POST[contact_discipline]; $contact_include = $_POST[contact_include]; $contact_address = CleanUpAddress($_POST[contact_address]); $contact_city = CleanUp($_POST[contact_city]); $contact_county = CleanUp($_POST[contact_county]); $contact_postcode = CleanUpPostcode($_POST[contact_postcode]); $contact_country = $_POST[contact_country]; $contact_added_by = $_COOKIE[user]; // Construct the MySQL instruction to add these entries to the database $sql_add = "INSERT INTO contacts_contactlist (\ncontact_id,\ncontact_prefix,\ncontact_namefirst,\ncontact_namesecond,\ncontact_title,\ncontact_company,\ncontact_telephone,\ncontact_telephone_home,\ncontact_fax,\ncontact_mobile,\ncontact_email,\ncontact_sector,\ncontact_reference,\ncontact_department,\ncontact_added,\ncontact_relation,\ncontact_discipline,\ncontact_include,\ncontact_address,\ncontact_city,\ncontact_county,\ncontact_postcode,\ncontact_country,\ncontact_added_by\n) values (\n'NULL',\n'{$contact_prefix}',\n'{$contact_namefirst}',\n'{$contact_namesecond}',\n'{$contact_title}',\n'{$contact_company}',\n'{$contact_telephone}',\n'{$contact_telephone_home}',\n'{$contact_fax}',\n'{$contact_mobile}',\n'{$contact_email}',\n'{$contact_sector}',\n'{$contact_reference}',\n'{$contact_department}',\n'{$contact_added}',\n'{$contact_relation}',\n'{$contact_discipline}',\n'{$contact_include}',\n'{$contact_address}',\n'{$contact_city}',\n'{$contact_county}',\n'{$contact_postcode}',\n'{$contact_country}',\n'{$contact_added_by}'\n)"; $result = mysql_query($sql_add, $conn) or die(mysql_error()); $contact_id = mysql_insert_id(); $actionmessage = "The entry for contact <b>{$contact_namefirst} {$contact_namesecond}</b> was added successfully."; $techmessage = $sql_add; // $company_id = mysql_affected_rows($result); }
if ($_POST[proj_date_appointment_day] > 0 and $_POST[proj_date_appointment_month] > 0 and $_POST[proj_date_appointment_year] > 0) { if (checkdate($_POST[proj_date_appointment_month], $_POST[proj_date_appointment_day], $_POST[proj_date_appointment_year]) == "1") { $proj_date_appointment = mktime(12, 0, 0, $_POST[proj_date_appointment_month], $_POST[proj_date_appointment_day], $_POST[proj_date_appointment_year]); } } else { unset($proj_date_appointment); } // Begin to clean up the $_POST submissions $proj_num = CleanUp($_POST[proj_num]); $proj_name = CleanUp($_POST[proj_name]); $proj_address_1 = CleanUpAddress($_POST[proj_address_1]); $proj_address_2 = CleanUpAddress($_POST[proj_address_2]); $proj_address_3 = CleanUpAddress($_POST[proj_address_3]); $proj_address_town = CleanUpAddress($_POST[proj_address_town]); $proj_address_county = CleanUpAddress($_POST[proj_address_county]); $proj_address_country = CleanUpAddress($_POST[proj_address_country]); $proj_address_postcode = CleanUp($_POST[proj_address_postcode]); $proj_client_contact_id = $_POST[proj_client_contact_id]; $proj_client_accounts_name = CleanUp($_POST[proj_client_accounts_name]); $proj_client_accounts_phone = CleanUpPhone($_POST[proj_client_accounts_phone]); $proj_client_accounts_fax = CleanUpPhone($_POST[proj_client_accounts_fax]); $proj_client_accounts_email = CleanUpEmail($_POST[proj_client_accounts_email]); $proj_rep_black = $_POST[proj_rep_black]; $proj_active = $_POST[proj_active]; $proj_desc = CleanUp($_POST[proj_desc]); //$proj_riba = $_POST[proj_riba]; $proj_riba_begin = $_POST[proj_riba_begin]; $proj_riba_conclude = $_POST[proj_riba_conclude]; $proj_procure = $_POST[proj_procure]; $proj_conc = $_POST[proj_conc]; $proj_value = CleanUp($_POST[proj_value]);