/**
* 课程教师回调,针对有多个教师的情况
* @author mohuishou<*****@*****.**>
* @param $str
* @return mixed
*/
function cbTeacher($str)
{
$str = str_replace("*", '', $str);
$str = str_replace(" ", ',', $str);
$str = removeSpace($str);
return $str;
}
function getCategory2ListingCn($active = NULL, $category1_id)
{
$category2String = "";
$catids = getCat2counting($category1_id);
$category = mysql_query("SELECT * FROM category2 WHERE category1_id = '" . $category1_id . "'");
while ($category2RS = mysql_fetch_assoc($category)) {
$categoryName = htmlspecialchars_decode($category2RS['name_py']) == $category2RS['name_py'] ? htmlspecialchars($category2RS['name_py']) : $category2RS['name_py'];
$link = LIVESITEURL . "/cn/" . removeSpace($categoryName);
if ($active != "") {
if ($active == $category2RS['id']) {
$class = "turn_on";
} else {
$class = "turn_off";
}
$cat2_id = "cat2_" . $category2RS['id'];
$cat2_ids = "'" . $cat2_id . "'";
$category2String .= '<li><a href="javascript:void(0);" onclick="changeCategory2(' . $cat2_ids . ')" id=' . $cat2_id . ' class=' . $class . '>' . $category2RS['name_cn'] . '</a></li>';
}
}
$category2String .= '<input type="hidden" name="cate2IDS" id="cate2IDS" value="' . $catids . '">';
return $category2String;
}
<?php
// GET HTML //
$raw_in = file_get_contents("html/category2_en.html");
// SQL STATEMENTS //
$cat2name = trim(urldecode(makeSpace($requestType[3])));
$cat1name = trim(urldecode(makeSpace($requestType[2])));
$category1 = mysql_query("SELECT id,name_en,description_en,category1_id FROM category2 WHERE name_en = '" . $cat2name . "'");
$result = mysql_fetch_assoc($category1);
$category2_id = $result['id'];
// Category 2 listing
$locationString = "";
$locations = mysql_query("SELECT l.* FROM locations_category AS lc LEFT JOIN locations AS l ON l.id = lc.location_id WHERE lc.category2_id = '" . $category2_id . "'");
while ($locationRS = mysql_fetch_assoc($locations)) {
$link = LIVESITEURL . "/en/" . removeSpace($cat1name) . "/" . removeSpace($cat2name) . "/" . removeSpace($locationRS['name_en']) . "/" . md5($locationRS['id']);
$locationString .= "<li><a href='" . $link . "'>" . $locationRS['name_en'] . "</a></li>";
}
// GET PAGE DATA //
$sitename_en = "SoNingbo";
$siteURL = "soningbo.com";
$category1_en = $cat1name;
$category2_en = $result['name_en'];
$category2_description_en = $result['description_en'];
$category1Listing = getCategory1ListingEn();
$topMenusItems = topMenusItems($lang, $request2, $staticPages);
// COMBINE PAGE DATA AND HTML //
$find = array("#sitename_en", "#siteURL", "#category1_en", "#category2_en", "#category2_description_en", "<li>#all_locationname_en</li>", "<li>#all_category1_en</li>", "#topMenusItems");
$replaceCatName = array($sitename_en, $siteURL, $category1_en, $category2_en, $category2_description_en, $locationString, $category1Listing, $topMenusItems);
$result = str_replace($find, $replaceCatName, $raw_in);
// WRITE OUT HTML
echo $result;
function returnWixID()
{
global $WixID, $RequestPath, $matchingHostName;
$firstCandidates = returnCandidates();
$RequestPath = subjectPath();
//ソート後
$secondCandidates = array();
//Selection後
$finalCandidates = array();
//既入wid除外用Array
$finalCandidates_wids = array();
$no_attachFlag = false;
try {
foreach ($firstCandidates as $key => $value) {
$pattern = $key;
$wids = $value;
//正規表現パス
if (strpos($pattern, '"') !== false) {
$pattern = removeSpace($pattern);
$pattern = substr($pattern, 1, strlen($pattern) - 2);
} else {
//パスパターン
if (strpos(substr($pattern, 0, 1), '/') !== false) {
$pattern = '^' . $pattern;
} else {
$pattern = '^/' . $pattern;
}
if (strpos($pattern, ' ') !== false) {
$pattern = removeSpace($pattern);
}
if (strpos($pattern, '*') !== false) {
$pattern = preg_replace('/\\*/', '.*', $pattern);
}
if (strpos($pattern, '?') !== false) {
//元々ある.をエスケープしてから?を.に。
$pattern = preg_replace('/\\./', '\\\\.', $pattern);
$pattern = preg_replace('/\\?/', '.', $pattern);
}
}
//URLパスとマッチしたら$secondCandidatesに。
if (preg_match('{' . $pattern . '}', $RequestPath, $matches, PREG_OFFSET_CAPTURE) == 1) {
if (mb_strtolower($wids) !== 'no_attach') {
//$matches[0][0]にマッチング文字列, [0][1]にマッチング開始位置
array_push($secondCandidates, array('pattern' => $pattern, 'wids' => $wids, 'endLocation' => strlen($matches[0][0]) + $matches[0][1], 'patternLength' => strlen($matches[0][0])));
} else {
//最長一致でない限りフラグは立てない
if (strlen($matches[0][0]) + $matches[0][1] == strlen($RequestPath)) {
$no_attachFlag = true;
break;
}
}
}
}
if ($no_attachFlag == false) {
$endLocation = array();
$patternLength = array();
foreach ($secondCandidates as $key => $row) {
//endLocation:マッチング終端位置, patternLength:マッチング文字列長
$endLocation[$key] = $row['endLocation'];
$patternLength[$key] = $row['patternLength'];
}
//ソート
array_multisort($endLocation, SORT_DESC, $patternLength, SORT_DESC, $secondCandidates);
//オプションの判定
$finalCandidates = selectCandidates($secondCandidates);
$decided_WixID = '';
//wids決定
foreach ($finalCandidates as $key => $value) {
$tmpArray = $value;
//既にあるwidは返さない
if (empty($finalCandidates_wids) === true) {
$decided_WixID = $tmpArray['wids'];
$finalCandidates_wids = explode('-', $tmpArray['wids']);
} else {
$flag = false;
foreach ($finalCandidates_wids as $key => $value) {
$tmpWid = $value;
if (strpos($tmpArray['wids'], $tmpWid) !== false) {
$flag = true;
break;
}
}
if ($flag == false) {
$decided_WixID = $decided_WixID . '-' . $tmpArray['wids'];
foreach (explode('-', $tmpArray['wids']) as $key => $value) {
array_push($finalCandidates_wids, $value);
}
}
}
}
$WixID = $decided_WixID;
} else {
$WixID = '0';
}
} catch (Exception $e) {
echo '捕捉した例外: ', $e->getMessage(), "\n";
}
return $WixID;
}
if (!empty($login)) {
if (empty($password)) {
$password = $User->randomPass();
}
$prenom = "";
if (isset($_POST['prenom'])) {
$prenom = $_POST['prenom'];
}
$user_data = array("id_user" => $_POST['id_user'], "login" => $login, "first_name" => $prenom, "last_name" => $_POST['nom'], "password" => $_POST['password'], "email" => $emails, "role" => array("client"), "disabled" => "off", "admin" => "off");
if ($User->exists($id_user)) {
$User->saveData($user_data);
} else {
$id_user = $User->createUser($user_data);
}
}
$q = sprintf("UPDATE webfinance_clients SET " . "nom='%s',\n addr1='%s',\n addr2='%s',\n addr3='%s',\n cp='%s',\n\t ville='%s',\n rcs='%s',\n vat='%s',\n capital='%s',\n pays='%s',\n tel='%s',\n fax='%s',\n web='%s',\n\t email='%s',\n\t vat_number='%s',\n siren='%s',\n id_company_type='%d',\n id_user=%d,\n password='******',\n rib_titulaire='%s',\n id_mantis='%d',\n id_toggl='%d',\n supportHoursIncludedInContract='%s',\n language='%s',\n id_business_entity=%d,\n contract_signer = '%s',\n id_contract_signer_role = %d,\n invoice_delivery = '%s'\n WHERE id_client=%d", mysql_real_escape_string($nom), mysql_real_escape_string($addr1), mysql_real_escape_string($addr2), mysql_real_escape_string($addr3), mysql_real_escape_string($cp), mysql_real_escape_string($ville), mysql_real_escape_string($rcs), mysql_real_escape_string($vat), mysql_real_escape_string($capital), mysql_real_escape_string($pays), mysql_real_escape_string(removeSpace($tel)), mysql_real_escape_string(removeSpace($fax)), mysql_real_escape_string($web), mysql_real_escape_string($emails), mysql_real_escape_string($vat_number), mysql_real_escape_string($siren), mysql_real_escape_string($id_company_type), mysql_real_escape_string($_POST['id_user']), mysql_real_escape_string($password), mysql_real_escape_string($rib_titulaire), mysql_real_escape_string($id_mantis), mysql_real_escape_string($id_toggl), mysql_real_escape_string($supportHoursIncludedInContract), mysql_real_escape_string($clt_language), mysql_real_escape_string($id_business_entity), mysql_real_escape_string($contract_signer), mysql_real_escape_string($id_contract_signer_role), mysql_real_escape_string($invoice_delivery), mysql_real_escape_string($id_client));
mysql_query($q) or die(mysql_error());
// Check if we have to rename clients
if ($_POST['nom'] != $Client->nom) {
// Rename Mantis project
$mantis_project = array('name' => $nom, 'view_state' => array('id' => 50));
$mantis = new WebfinanceMantis();
$mantis->updateProject($id_mantis, $mantis_project);
// Rename Toggl client
$toggl = new WebfinanceToggl();
$toggl->renameClient($id_client, $nom);
}
if (isset($_SESSION['message'])) {
$_SESSION['message'] .= "<br/>" . _('Update customer');
} else {
$_SESSION['message'] = _('Update customer');
//redirect to index.php
header("Location:index.php");
} elseif ($this_user_status == 1) {
$confirmationMessage = "<span style='color: red'>Your account has already been activated.You can now login.</span>";
} elseif ($this_user_status == 0) {
$update_status_query = "UPDATE users SET status='1' WHERE user_id='{$this_user_id}'";
if ($connection1->query($update_status_query)) {
$confirmationMessage = "<span style='color: #008000'>Account has been successfully activated.You can now login.</span>";
} else {
$confirmationMessage = "<span style='color: red'>Account activation not successful.Click on the link in your email again.</span>";
}
}
}
if (!empty($_POST["register"]) && isset($_POST["register"])) {
$fname = removeSpace(stripcslashes($_POST["fname"]));
$lname = removeSpace(stripcslashes($_POST["lname"]));
$username = removeSpace2(stripcslashes($_POST["username"]));
$password1 = removeSpace2(stripcslashes($_POST["password1"]));
$password2 = removeSpace2(stripcslashes($_POST["password2"]));
$email = removeSpace2(stripcslashes($_POST["email"]));
$phone = removeSpace2(stripcslashes($_POST["phone"]));
$sex = stripcslashes($_POST["sex"]);
$error = false;
//Validating create account form
if (!preg_match("/^[a-zA-Z]*\$/", $fname) || !preg_match("/^[a-zA-Z]*\$/", $lname)) {
$mainError = "Name is not valid";
$error = true;
}
if (!preg_match("/^[a-zA-Z0-9]*\$/", $username)) {
$mainError = "Only letters and numbers are required";
$error = true;
<?php
// GET HTML //
$raw_in = file_get_contents("html/category1_en.html");
// SQL STATEMENTS //
$category1 = mysql_query("SELECT id,name_en,description_en FROM category1 WHERE name_en = '" . makeSpace($requestType[2]) . "'");
$result = mysql_fetch_assoc($category1);
$category1_id = $result['id'];
// Category 2 listing
$cat2String = "";
$subCat = mysql_query("SELECT name_en FROM category2 WHERE category1_id = '" . $category1_id . "'");
while ($category2RS = mysql_fetch_assoc($subCat)) {
$link = LIVESITEURL . "/en/" . removeSpace($result['name_en']) . "/" . removeSpace($category2RS['name_en']);
$cat2String .= "<li><a href='" . $link . "'>" . $category2RS['name_en'] . "</a></li>";
}
// GET PAGE DATA //
$sitename_en = "SoNingbo";
$siteURL = "soningbo.com";
$category1_en = $result['name_en'];
$category1_description = $result['description_en'];
$category1Listing = getCategory1ListingEn();
$topMenusItems = topMenusItems($lang, $request2, $staticPages);
// COMBINE PAGE DATA AND HTML //
$find = array("#sitename_en", "#siteURL", "#category1_en", "#category1_description_en", "<li>#all_category2_en</li>", "<li>#all_category1_en</li>", "#topMenusItems");
$replaceCatName = array($sitename_en, $siteURL, $category1_en, $category1_description, $cat2String, $category1Listing, $topMenusItems);
$result = str_replace($find, $replaceCatName, $raw_in);
// WRITE OUT HTML
echo $result;
function format_phone($phone)
{
return preg_replace("/[^0-9++]/", "", removeSpace($phone));
}
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
include "../inc/main.php";
$roles = "manager,employee,accounting";
$User = new User();
if (!$User->isAuthorized("manager,accounting,employee")) {
$_SESSION['came_from'] = $_SERVER['REQUEST_URI'];
header("Location: /login.php");
exit;
}
$User->getInfos();
if (isset($_GET['ctc'])) {
if (empty($User->prefs->ctc_ovh_login)) {
exit;
}
$num = removeSpace($_GET['num']);
$id_client = $_GET['id'];
echo "Calling {$num} ...";
logmessage(_("Call contact: ") . " {$num}", $id_client);
try {
ini_set('default_socket_timeout', 60);
$soap = new SoapClient('https://www.ovh.com/soapi/soapi-re-1.3.wsdl');
$soap->telephonyClick2CallDo($User->prefs->ctc_ovh_login, $User->prefs->ctc_ovh_pass, $User->prefs->ctc_ovh_num, $num, $User->prefs->ctc_ovh_num);
} catch (SoapFault $fault) {
echo $fault;
}
exit;
}
// Create new client
if (isset($_GET['action']) && $_GET['action'] == '_new') {
$client_name = 'Nouvelle Entreprise_' . time();
</div>';
}
//push the display of this post into string_array
array_push($string_array, $string);
array_push($string_result_array, $string_result);
//the loop picks the next post till all post are picked
}
$contestant_id = "";
$last_id = $joined_id = "";
$message = $hasvoted = $message1 = "";
$last_vote_id = $last_id = 0;
$hasvoted = hasvoted(user_id($myemail), $election_id);
if ($hasvoted == 0) {
if ($_SERVER["REQUEST_METHOD"] == "POST") {
for ($i = 0; $i < count($superIndex); $i++) {
if (isset($_POST[removeSpace($superIndex[$i])])) {
$contestant_id = $_POST[removeSpace($superIndex[$i])];
$last_id = incrementContestantVote($contestant_id);
}
}
}
if ($last_id !== 0) {
$joined_id = joined_id(user_id($myemail), $_SESSION["election_id_view"]);
$sql = "UPDATE joined SET has_voted= 1 WHERE joined_id='{$joined_id}'";
$connection1->exec($sql);
$last_vote_id = $connection1->lastInsertId();
// $message1 = "You have have successfully cast your vote thanks for using E-voting";
header("Location:../html/electionResult.php");
}
}
//working on the nav bar
public function addeditRegion($Data, $id)
{
$ragion_map = "";
$flag = "";
$query = $this->db->query("select region_name from tbl_regions where id!=" . $id . " and region_name='" . $Data['region_name'] . "'");
$RsCount = $query->result_array();
if (count($RsCount) == 0) {
if ($_FILES['db_flag']['name'] != "") {
$val = $_FILES['db_flag'];
$strDirectory = SITE_UPLOADPATH;
@chmod($strDirectory, 0777);
$val['name'] = mktime() . removeSpace($val['name']);
move_uploaded_file($val['tmp_name'], $strDirectory . $val['name']);
@chmod($strDirectory . $val['name'], 0644);
$FileNameArray = pathinfo('upload/' . $val['name']);
if ($FileNameArray['extension'] == 'mp4' || $FileNameArray['extension'] == 'mov' || $FileNameArray['extension'] == 'dat') {
$this->mpeg2Mp4('upload/' . $val['name'], $FileNameArray['filename']);
}
if ($arrSize[0] != '') {
foreach ($arrSize as $tmpSize) {
$thName = str_replace(":", "_", $tmpSize);
$tmpArr = explode(':', $tmpSize);
$strFileName = $strDirectory . $thName . $val['name'];
}
}
if ($id > 0) {
$flag = "flag='" . $val['name'] . "',";
} else {
$flag = $val['name'];
}
}
if ($_FILES['db_ragion_map']['name'] != "") {
$val = $_FILES['db_ragion_map'];
$strDirectory = SITE_UPLOADPATH;
@chmod($strDirectory, 0777);
$val['name'] = mktime() . removeSpace($val['name']);
move_uploaded_file($val['tmp_name'], $strDirectory . $val['name']);
@chmod($strDirectory . $val['name'], 0644);
$FileNameArray = pathinfo('upload/' . $val['name']);
if ($FileNameArray['extension'] == 'mp4' || $FileNameArray['extension'] == 'mov' || $FileNameArray['extension'] == 'dat') {
$this->mpeg2Mp4('upload/' . $val['name'], $FileNameArray['filename']);
}
if ($arrSize[0] != '') {
foreach ($arrSize as $tmpSize) {
$thName = str_replace(":", "_", $tmpSize);
$tmpArr = explode(':', $tmpSize);
$strFileName = $strDirectory . $thName . $val['name'];
//$this->objThumb->create_thumbnail($strDirectory.$val['name'], $strFileName,$tmpArr[0],$tmpArr[1]);
}
}
if ($id > 0) {
$ragion_map = "ragion_map='" . $val['name'] . "',";
} else {
$ragion_map = $val['name'];
}
}
if ($id == 0) {
$sqlstr = "Insert into tbl_regions (region_name, region_title, independenceday, description, flag, flag_desc, population, image, cover_image, longitude, latitude, ragion_map, status) values('" . StriptStr($Data['region_name']) . "','" . StriptStr($Data['region_title']) . "',\n\t\t\t\t\t'" . StriptStr($Data['independenceday']) . "','" . StriptStr($Data['description']) . "','" . StriptStr($flag) . "','" . StriptStr($Data['flag_desc']) . "','" . StriptStr($Data['population']) . "','" . StriptStr($Data['image']) . "','" . StriptStr($Data['cover_image']) . "','" . StriptStr($Data['longitude']) . "','" . StriptStr($Data['latitude']) . "','" . $ragion_map . "','1')";
} else {
$sqlstr = "update tbl_regions set \n\t\t\t\t\tregion_name='" . StriptStr($Data['region_title']) . "', \n\t\t\t\t\tregion_title='" . StriptStr($Data['region_title']) . "', \n\t\t\t\t\tindependenceday='" . StriptStr($Data['region_title']) . "', \n\t\t\t\t\tdescription='" . StriptStr($Data['region_title']) . "', \n\t\t\t\t\t" . $flag . " flag_desc='" . StriptStr($Data['region_title']) . "', \n\t\t\t\t\tpopulation='" . StriptStr($Data['region_title']) . "', \n\t\t\t\t\timage='" . StriptStr($Data['region_title']) . "', \n\t\t\t\t\tcover_image='" . StriptStr($Data['region_title']) . "', \n\t\t\t\t\tlongitude='" . StriptStr($Data['region_title']) . "', \n\t\t\t\t\tlatitude='" . StriptStr($Data['region_title']) . "', \n\t\t\t\t\t" . $ragion_map . " status='" . $Data['status'] . "' where id=" . $id;
}
$this->db->query($sqlstr);
return "ins";
} else {
return 0;
}
}
$raw_in = file_get_contents("html/category2_cn.html");
$cat2name = trim(urldecode(makeSpace($requestType[3])));
$cat1name = trim(urldecode(makeSpace($requestType[2])));
// SQL STATEMENTS //
$category1 = mysql_query("SELECT id,name_cn,description_cn,category1_id,name_py FROM category2 WHERE name_py = '{$cat2name}'");
$result = mysql_fetch_assoc($category1);
$categoryName = $result['name_cn'];
$description = $result['description_cn'];
$category2_id = $result['id'];
// locations listing
$locationString = "";
$locations = mysql_query("SELECT l.* FROM locations_category AS lc LEFT JOIN locations AS l ON l.id = lc.location_id WHERE lc.category2_id = '" . $category2_id . "'");
while ($locationRS = mysql_fetch_assoc($locations)) {
$link = LIVESITEURL . "/cn/" . removeSpace($cat1name) . "/" . removeSpace($cat2name) . "/" . removeSpace($locationRS['name_py'] . "/" . md5($locationRS['id']));
$locationString .= "<li><a href='" . $link . "'>" . $locationRS['name_cn'] . "</a></li>";
}
// GET PAGE DATA //
$sitename_cn = "搜索宁波";
$siteURL = "soningbo.com";
$linkCat1 = removeSpace($cat1name);
$category1_cn = getCategoryChineseName($cat1name, 'cn');
$category2_cn = $result['name_cn'];
$category2_description_cn = $result['description_cn'];
$category1Listing = getCategory1ListingCn();
$topMenusItems = topMenusItems($lang, $request2, $staticPages);
// COMBINE PAGE DATA AND HTML //
$find = array("#sitename_cn", "#siteURL", "#category1_cn", "#category2_cn", "#category2_description_cn", "<li>#all_locationname_cn</li>", "<li>#all_category1_cn</li>", "#linkCat1", "#topMenusItems");
$replaceCatName = array($sitename_cn, $siteURL, $category1_cn, $category2_cn, $category2_description_cn, $locationString, $category1Listing, $linkCat1, $topMenusItems);
$result = str_replace($find, $replaceCatName, $raw_in);
// WRITE OUT HTML
echo $result;
function getActualtime($input)
{
$time = explode(":", $input);
if (count($time) == 3) {
$hour = removeSpace($time[0]);
if (removeSpace($time[2]) == "PM") {
$hour += 12;
}
if ($hour == 24) {
$hour = "00";
}
return $hour . ":" . removeSpace($time[1]) . ":00";
} else {
return "00:00:00";
}
}
include_once 'html_dom.php';
include_once 'func.php';
//Server Details
$dbUsername = "******";
$dbPassword = "******";
$dbHost = "localhost";
$dbName = "mks_data";
$conn = new mysqli($dbHost, $dbUsername, $dbPassword, $dbName);
// Check connection
if ($conn->connect_error == 1) {
die("Connection failed: " . $conn->connect_error);
} else {
$html = file_get_html('http://www.mks.ch/mobile/myr/v1/');
$we_buy = removeSpace($html->find('tr[class="L10"]', 1)->find('td[align="right"]', 0)->plaintext);
$we_sell = removeSpace($html->find('tr[class="L10"]', 1)->find('td[align="right"]', 1)->plaintext);
$d_time = formatDatetime($html->find('tr[class="L0"]', 0)->find('font.date', 0)->plaintext);
date_default_timezone_set("Asia/Kuala_Lumpur");
$s_time = date("Y-m-d H:i:s");
if ($we_buy != "0.00" && $we_sell != "0.00") {
$sql = "INSERT INTO `mks_price` (`we_buy`, `we_sell`, `data_time`, `server_time`) VALUES ('{$we_buy}', '{$we_sell}', '{$d_time}', '{$s_time}')";
if ($conn->query($sql) === TRUE) {
echo " Data added to database";
} else {
echo " Error: " . $sql . "&nsbp;" . $conn->error;
}
} else {
$sql = "SELECT `we_buy`,`we_sell`,`data_time` FROM `mks_price` ORDER BY `id` DESC LIMIT 1";
if ($result = $conn->query($sql)) {
$row = $result->fetch_row();
$timestamp = strtotime($row[2]);
You should have received a copy of the GNU General Public License
along with Webfinance; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
include "../inc/main.php";
must_login();
if ($_POST['action'] == "create") {
$_SESSION['tmp_message'] = $_SESSION['message'];
$q = sprintf("INSERT INTO webfinance_personne (nom,prenom,email,tel,mobile,client,fonction,date_created,note) VALUES ('%s', '%s', '%s', '%s', '%s', %d, '%s', now(),'%s')", mysql_real_escape_string($_POST['nom']), mysql_real_escape_string($_POST['prenom']), mysql_real_escape_string($_POST['email']), mysql_real_escape_string(removeSpace($_POST['tel'])), mysql_real_escape_string(removeSpace($_POST['mobile'])), mysql_real_escape_string($_POST['client']), mysql_real_escape_string($_POST['fonction']), mysql_real_escape_string($_POST['note']));
mysql_query($q) or die("QUERY ERROR: {$q} " . mysql_error());
$_SESSION['message'] = _("Contact added");
logmessage(_('Add contact') . " " . $_POST['nom'] . " " . $_POST['prenom'] . " ( client:" . $_POST['client'] . ")", $_POST['client']);
$client = $_POST['client'];
} elseif ($_POST['action'] == "save") {
$q = sprintf("UPDATE webfinance_personne SET nom='%s',prenom='%s',email='%s',tel='%s',mobile='%s',fonction='%s',note='%s' WHERE id_personne=%d", mysql_real_escape_string($_POST['nom']), mysql_real_escape_string($_POST['prenom']), mysql_real_escape_string($_POST['email']), mysql_real_escape_string(removeSpace($_POST['tel'])), mysql_real_escape_string(removeSpace($_POST['mobile'])), mysql_real_escape_string($_POST['fonction']), mysql_real_escape_string($_POST['note']), mysql_real_escape_string($_POST['id_personne']));
mysql_query($q) or die("QUERY ERROR: {$q} " . mysql_error());
$_SESSION['message'] = _("Contact updated");
$res = mysql_query("SELECT client FROM webfinance_personne WHERE id_personne=" . $_POST['id_personne']) or die("QUERY ERROR: " . mysql_error());
list($client) = mysql_fetch_array($res);
logmessage(_('Update contact') . " " . $_POST['nom'] . " " . $_POST['prenom'] . " ( client:{$client})", $client);
} elseif ($_POST['action'] == "delete") {
$res = mysql_query("SELECT nom, prenom, client FROM webfinance_personne WHERE id_personne=" . $_POST['id_personne']) or die("QUERY ERROR: " . mysql_error());
list($nom, $prenom, $client) = mysql_fetch_array($res);
logmessage(_('Delete contact') . " {$nom} {$prenom} client:{$client} ", $client);
mysql_query("DELETE FROM webfinance_personne WHERE id_personne=" . $_POST['id_personne']);
$_SESSION['message'] = _("Contact deleted");
} else {
die(_("Don't know what to do with posted data"));
}
header("Location: fiche_prospect.php?id={$client}&onglet=contacts");
