function get_spouse($spouse1, $spouse2, $spouse3) { $spouse1 = test_input($spouse1); $spouse2 = test_input($spouse2); $spouse3 = test_input($spouse3); $num = rand(1, 3); switch ($num) { case 1: return $spouse1; case 2: return $spouse2; case 3: return $spouse3; default: return "Mystery spouse"; } }
public function add_question() { $arr['question'] = test_input($_POST['judge_des']); $arr['point'] = test_input($_POST['point']); $arr['answer'] = $_POST['answer']; $arr['easycount'] = intval($_POST['easycount']); $arr['isprivate'] = intval($_POST['isprivate']); $arr['creator'] = $_SESSION['user_id']; $arr['addtime'] = date('Y-m-d H:i:s'); if (M('ex_judge')->add($arr)) { return true; } else { return false; } }
function register_seller() { global $host, $user, $pass, $dbname; $db = new mysqli($host, $user, $pass, $dbname); $email = test_input($_POST["semail"]); $password = test_input($_POST["spassword"]); $confirm_pass = test_input($_POST["sconfirm-password"]); $fname = test_input($_POST["sfname"]); $lname = test_input($_POST["slname"]); $query = "SELECT * FROM SELLER WHERE SELLER.email = '" . $email . "'"; $result = $db->query($query); //echo $query; if ($result->num_rows > 0) { echo '{"created": false}'; } else { $count_query = "SELECT COUNT(*) FROM SELLER"; $result2 = $db->query($count_query); if ($result2->num_rows > 0) { $row = $result2->fetch_assoc(); $sid = $row["COUNT(*)"]; } else { $sid = 0; } $insert = "INSERT INTO SELLER (sid, email, password, fname, lname) VALUES (" . $sid . ", '" . $email . "', '" . $password . "', '" . $fname . "', '" . $lname . "');"; $db->query($insert); $token = 256; echo '{"created": true, "sid": ' . $sid . ', "fname": "' . $fname . '", "token": ' . $token . '}'; } }
/** * Test savingForm * Test so a proper form is saved, with correct data. * Also test if it is possible to enter incorrect data that might ruin something. * @author Fredrik Andersson * @small * @test */ public function formFunctions() { // Create new user class $a = new PP(); // Check if the object was created $this->assertNotNull($a); // Adding some variables into the form class PP $a->student1 = "StudentName"; $this->assertEquals("StudentName", $a->student1); //Test of the function test_num($data) $this->assertEquals(1, test_num(1)); $this->assertEquals("-", test_num("-")); $this->assertEquals("-", test_num(10)); //Test of the function test_input($data) $this->assertEquals("123", test_input(" 123 ")); //trim() removes spaces before the first char and after the last one. $this->assertEquals("123'hihi\ttab", test_input("123\\'hi\\hi\ttab")); //stripslashes() removes all slashes exept proper slashes like \t and \n etc. $this->assertEquals("& " < >", test_input("& \" < >")); //htmlspecialchars() changes some special characters to code that html can handle. //Test of the function is_empty($data) $this->assertEquals(false, is_empty(array('apple', 'banana ', ' cranberry '))); $this->assertEquals(false, is_empty(array('', '', ''))); $temp[10] = "something"; $this->assertEquals(false, is_empty($temp)); //Test of the function input_length() $string128 = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"; $string129 = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaab"; $this->assertEquals($string128, input_length($string129)); //Test of the function length_one() $this->assertEquals("1", length_one("12345")); }
public function addFillInfo() { $reqResult = new Result(); $arr = FillConvert::convertFillFromPost(); $arr['addtime'] = date('Y-m-d H:i:s'); $arr['creator'] = $_SESSION['user_id']; $fillId = FillBaseModel::instance()->insertData($arr); if ($fillId) { for ($i = 1; $i <= $arr['answernum']; $i++) { $answer = test_input($_POST["answer{$i}"]); $arr2['fill_id'] = $fillId; $arr2['answer_id'] = $i; $arr2['answer'] = $answer; M('fill_answer')->add($arr2); } $pointIds = I('post.point', array()); KeyPointService::instance()->saveExamPoint($pointIds, $fillId, FillBaseModel::FILL_PROBLEM_TYPE); $reqResult->setMessage("填空题添加成功!"); $reqResult->setData("fill"); } else { $reqResult->setStatus(false); $reqResult->setMessage("填空题添加失败!"); } return $reqResult; }
function setValuesWhenSubmitIsClicked() { $GLOBALS['pkstu_id'] = test_input($_POST['pkstu_id']); $GLOBALS['fkstu_lug_id'] = test_input($_POST['fkstu_lug_id']); $GLOBALS['stu_nombre'] = test_input($_POST['stu_nombre']); $GLOBALS['stu_fecha_creacion'] = test_input($_POST['stu_fecha_creacion']); }
function setMessage($data) { if (empty($data)) { echo "E-mail couldn't be send without a message"; } else { return test_input($data); } }
function test_num_meals($data) { $data = test_input($data); if (!is_numeric($data)) { return FALSE; } return $data; }
function nomChercheur($bdd) { $id = test_input($_SESSION['id']); $requete = $bdd->query("SELECT * FROM chercheur WHERE ID = {$id}"); $data = $requete->fetch(); $resultat = $data['PrenomChercheur'] . " " . $data['NomChercheur']; $requete->closeCursor(); return $resultat; }
public static function convertJudgeFromPost() { $arr = array(); $arr['question'] = test_input($_POST['judge_des']); $arr['answer'] = $_POST['answer']; $arr['easycount'] = intval($_POST['easycount']); $arr['isprivate'] = intval($_POST['isprivate']); return $arr; }
function setValuesWhenSubmitIsClicked() { $GLOBALS['pkusu_id'] = test_input($_POST['pkusu_id']); $GLOBALS['fkusu_rol_id'] = test_input($_POST['fkusu_rol_id']); $GLOBALS['usu_nombre'] = test_input($_POST['usu_nombre']); $GLOBALS['usu_correo'] = test_input($_POST['usu_correo']); $GLOBALS['usu_clave'] = test_input($_POST['usu_clave']); $GLOBALS['usu_imagen'] = test_input($_POST['usu_imagen']); }
public static function convertFillFromPost() { $arr = array(); $arr['question'] = test_input($_POST['fill_des']); $arr['easycount'] = intval($_POST['easycount']); $arr['answernum'] = intval($_POST['numanswer']); $arr['kind'] = intval($_POST['kind']); $arr['isprivate'] = intval($_POST['isprivate']); return $arr; }
function setValuesWhenSubmitIsClicked() { $GLOBALS['pkins_id'] = test_input($_POST['pkins_id']); $GLOBALS['fkins_car_id'] = test_input($_POST['fkins_car_id']); $GLOBALS['fkins_cor_id'] = test_input($_POST['fkins_cor_id']); $GLOBALS['ins_valor'] = test_input($_POST['ins_valor']); $GLOBALS['ins_gualdrapa'] = test_input($_POST['ins_gualdrapa']); $GLOBALS['ins_puesto_partida'] = test_input($_POST['ins_puesto_partida']); $GLOBALS['ins_favorito'] = test_input($_POST['ins_favorito']); }
/** * 修改菜单 **/ function updateBaseCodeDef($baseCodeDefId) { mysql_query("set character_set_connection=utf8"); $fatherBaseCodeDef = isset($_POST['fatherBaseCodeDef']) ? test_input($_POST['fatherBaseCodeDef']) : ""; // 父字典code $codeValue = isset($_POST['codeValue']) ? test_input($_POST['codeValue']) : ""; // 字典编码 $displayValue = isset($_POST['displayValue']) ? test_input($_POST['displayValue']) : ""; // 字典名称 mysql_query("update base_code_def set father_base_code ='" . $fatherBaseCodeDef . "', code_value='" . $codeValue . "', display_value='" . $displayValue . "' where base_code_id = " . $baseCodeDefId); }
function setValuesWhenSubmitIsClicked() { $GLOBALS['pkfac_id'] = test_input($_POST['pkfac_id']); // $GLOBALS['pkapu_id'] = test_input($_POST['pkapu_id']); // $GLOBALS['fkapu_cor_id'] = test_input($_POST['fkapu_cor_id']); // $GLOBALS['fkapu_jug_id'] = test_input($_POST['fkapu_jug_id']); // $GLOBALS['fkapu_fac_id'] = test_input($_POST['fkapu_fac_id']); // $GLOBALS['fkapu_taq_id'] = test_input($_POST['fkapu_taq_id']); // $GLOBALS['apu_monto'] = test_input($_POST['apu_monto']); // $GLOBALS['apu_lugar_llegada'] = test_input($_POST['apu_lugar_llegada']); }
public function getAverageSalary() { // I am using javascript to validate on the client side, but I am validating on the server side too just in case if (empty($_GET["name"])) { echo "Search string is required"; return false; } else { $name = test_input(cleanGet($_GET)); //echo $name; //exit; //$name = test_input($_GET["name"]); if (preg_match("/^[a-zA-Z ]*\$/", $name)) { echo "The search string is O.K. Look here for the results <br>"; //exit; } else { echo "Model1.php says Only letters and white space allowed"; exit; } } // again, I could have used curl to get the JSON data, but just keeping it simple $this->response = file_get_contents('https://data.cityofboston.gov/resource/4swk-wcg8.json'); $this->response = json_decode($this->response); // now, this just loops through the returned object foreach ($this->response as $num => &$values) { // gets the object properties $thevals = get_object_vars($values); // assign property values to variables $searchstring = $name; $mystring1 = $thevals['title']; $mystring2 = $thevals['title']; $pos1 = stripos($mystring2, $searchstring); // Note our use of ===. Simply == would not work as expected // because the positional issues of the 0th (first) character per api documentation. if ($pos1 !== false) { echo "Found '{$searchstring}' in '{$mystring2}' ==> \$" . $thevals['total_earnings'] . "<br>"; $totalrows++; $sum += $thevals['total_earnings']; } } //calculate the average salary if ($totalrows > 0) { $average = $sum / $totalrows; // report back earnings information as required echo "<br>The Grand Total Salary for the " . $searchstring . " positions-> is : " . money_format('%i', $sum) . "<br>"; echo "The total rows is : " . $totalrows . "<br>"; echo "The Average salary for the " . $searchstring . " position based on Total Earnings is Grand Total Salary: " . money_format('%i', $sum) . " divided by total number of records " . $totalrows . " = " . money_format('%i', $average) . "<br>"; return 1; } else { // no data found, the program will return to the start page, but inform the user. The message may be visible on a slower system. echo "Sorry no data found for: " . $searchstring . "<br>"; return 0; } }
function setValuesWhenSubmitIsClicked() { $GLOBALS['pkent_id'] = test_input($_POST['pkent_id']); $GLOBALS['fkent_lug_id'] = test_input($_POST['fkent_lug_id']); $GLOBALS['ent_ci'] = test_input($_POST['ent_ci']); $GLOBALS['ent_primer_nombre'] = test_input($_POST['ent_primer_nombre']); $GLOBALS['ent_segundo_nombre'] = test_input($_POST['ent_segundo_nombre']); $GLOBALS['ent_primer_apellido'] = test_input($_POST['ent_primer_apellido']); $GLOBALS['ent_segundo_apellido'] = test_input($_POST['ent_segundo_apellido']); $GLOBALS['ent_fecha_nacimiento'] = test_input($_POST['ent_fecha_nacimiento']); $GLOBALS['tel_codigo'] = test_input($_POST['tel_codigo']); $GLOBALS['tel_numero'] = test_input($_POST['tel_numero']); }
function test_string_name($name_field) { if (empty($_POST["name"])) { $data_correct = 0; $nameErr = "Name is required"; } else { $name = test_input($_POST["name"]); if (!preg_match("/^[a-zA-Z0-9_\\- ]*\$/", $name)) { $nameErr = "Only letters and white space allowed"; $data_correct = 0; } } }
public function check($source, $items = array()) { foreach ($items as $item => $rules) { foreach ($rules as $rule => $rule_value) { $value = test_input($source[$item]); if ($rule === 'required' && empty($value)) { $this->addError(" Your {$this->getFieldName($rules)} is required."); } else { if (!empty($value)) { switch ($rule) { case 'min': if (strlen($value) < $rule_value) { $this->addError("{$this->getFieldName($rules)} must be a minimum of {$rule_value} characters."); } break; case 'max': if (strlen($value) > $rule_value) { $this->addError("{$this->getFieldName($rules)} must be no more than {$rule_value} characters."); } break; case 'matches': if ($value !== $source[$rule_value]) { $this->addError("{$this->getFieldName($rules)} must match your {$rule_value}"); } break; case 'unique': $check = $this->_db->get($rule_value, array($item, '=', $value)); if ($check->count()) { $this->addError("{$this->getFieldName($rules)} already exists."); } break; case 'contains': if ($rule_value == 'alnum()' && !ctype_alnum(str_replace([" ", "'"], "", $value))) { $this->addError("Your {$this->getFieldName($rules)} should only contain letters and spaces."); } else { if ($rule_value == 'alnum(m:letters)') { if (!ctype_alnum($value) || ctype_digit($value)) { $this->addError("Your {$this->getFieldName($rules)} can have alphanumerics but not all numeric."); } } } } } } } } if (empty($this->_errors)) { $this->_passed = true; } return $this; }
function setValuesWhenSubmitIsClicked() { $GLOBALS['pkeje_id'] = test_input($_POST['pkeje_id']); $GLOBALS['fkeje_har_id'] = test_input($_POST['fkeje_har_id']); $GLOBALS['fkeje_pel_id'] = test_input($_POST['fkeje_pel_id']); $GLOBALS['fkeje_raz_id'] = test_input($_POST['fkeje_raz_id']); $GLOBALS['fkeje_mad_id'] = test_input($_POST['fkeje_mad_id']); $GLOBALS['fkeje_pad_id'] = test_input($_POST['fkeje_pad_id']); $GLOBALS['eje_fecha_nacimiento'] = test_input($_POST['eje_fecha_nacimiento']); $GLOBALS['eje_nombre'] = test_input($_POST['eje_nombre']); $GLOBALS['eje_precio'] = test_input($_POST['eje_precio']); $GLOBALS['eje_sexo'] = test_input($_POST['eje_sexo']); $GLOBALS['eje_tatuaje'] = test_input($_POST['eje_tatuaje']); }
function setValuesWhenSubmitIsClicked() { $GLOBALS['pkjin_id'] = test_input($_POST['pkjin_id']); $GLOBALS['fkjin_lug_id'] = test_input($_POST['fkjin_lug_id']); $GLOBALS['jin_ci'] = test_input($_POST['jin_ci']); $GLOBALS['jin_primer_nombre'] = test_input($_POST['jin_primer_nombre']); $GLOBALS['jin_segundo_nombre'] = test_input($_POST['jin_segundo_nombre']); $GLOBALS['jin_primer_apellido'] = test_input($_POST['jin_primer_apellido']); $GLOBALS['jin_segundo_apellido'] = test_input($_POST['jin_segundo_apellido']); $GLOBALS['jin_fecha_nacimiento'] = test_input($_POST['jin_fecha_nacimiento']); $GLOBALS['jin_altura'] = test_input($_POST['jin_altura']); $GLOBALS['jin_experiencia'] = test_input($_POST['jin_experiencia']); $GLOBALS['tel_codigo'] = test_input($_POST['tel_codigo']); $GLOBALS['tel_numero'] = test_input($_POST['tel_numero']); }
static function setLoginCookies($user_id, $time) { $user_id_cookie = 'user_id'; $nonce_cookie = 'token'; $user_id = test_input($user_id); $token = md5(mt_rand()); $user_ip = $_SERVER['REMOTE_ADDR']; $expire_date = strtotime('+' . $time . ' days', time()); setcookie($user_id_cookie, $user_id, time() + 86400 * $time, "/"); // 86400 = 1 day setcookie($nonce_cookie, $token, time() + 86400 * $time, "/"); // 86400 = 1 day $query = "INSERT INTO c_nonce (user_id, token, user_ip, expire_date) VALUES ({$user_id}, '{$token}', '{$user_ip}', '{$expire_date}')"; $conn = MySQL::open_conn(); $conn->query($query); $cookie_names = [$user_id_cookie, $nonce_cookie]; return $cookie_names; }
/** * 修改角色 **/ function updateRole($roleId) { $roleName = isset($_POST['roleName']) ? test_input($_POST['roleName']) : ""; // 角色名称 $roleDesc = isset($_POST['roleDesc']) ? test_input($_POST['roleDesc']) : ""; // 角色描述 $menuList = isset($_POST['menuList']) ? $_POST['menuList'] : ""; // 角色拥有的菜单 if ($menuList != "") { if ($roleName != "" && $roleDesc != "") { mysql_query("set character_set_connection=utf8"); mysql_query("update role set role_name='" . $roleName . "',role_desc='" . $roleDesc . "' where role_id = " . $roleId); } mysql_query("delete from role_menu_relation where role_id = " . $roleId); foreach ($menuList as $menuId) { mysql_query("insert into role_menu_relation(role_id, menu_id) values(" . $roleId . "," . $menuId . ")"); } } }
public function addProgram2Exam($eid) { $ansnum = I('post.numanswer', 0, 'intval'); $sql = "DELETE FROM `exp_question` WHERE `exam_id`={$eid} AND `type`='4'"; M()->execute($sql); $dataList = array(); for ($i = 1; $i <= $ansnum; $i++) { $programid = test_input($_POST["answer{$i}"]); if (!is_numeric($programid)) { return false; } else { $programid = intval($programid); $data = array('exam_id' => $eid, 'type' => ProblemService::PROGRAM_PROBLEM_TYPE, 'question_id' => $programid); $dataList[] = $data; M('problem')->where('problem_id=%d', $programid)->data(array("defunct" => "Y"))->save(); } } M('exp_question')->addAll($dataList); return true; }
public function addprogram($eid) { $ansnum = I('post.numanswer', 0, 'intval'); $sql = "DELETE FROM `exp_question` WHERE `exam_id`={$eid} AND `type`='4'"; M()->execute($sql); for ($i = 1; $i <= $ansnum; $i++) { $programid = test_input($_POST["answer{$i}"]); if (!is_numeric($programid)) { return false; } else { $programid = intval($programid); $arr['exam_id'] = $eid; $arr['type'] = 4; $arr['question_id'] = $programid; M('exp_question')->data($arr)->add(); M('problem')->where('problem_id=%d', $programid)->data(array("defunct" => "Y"))->save(); } } return true; }
function parse_input($postdata) { $error = ""; $email_to1 = "*****@*****.**"; $email_to2 = "*****@*****.**"; /******* $sender_name = $_POST['sender_name']." 1"; $email_from = $_POST['email_from']." 2"; $email_subject = $_POST['subject']." 3"; $category = $_POST['category']." 4"; $email_message .= $_POST['message']." 5"; ********/ //print_r($_POST); error_log("From POST: sender_name = " . $sender_name . " email_from = " . $email_from . " email_subject = " . $email_subject . " category = " . $category . " email_message = " . $email_message, 0); /****** $keyValueStr = ""; foreach ($_POST as $key => $value) { $keyValueStr .= $key." = ".$value."^"; } echo $keyValueStr; ********/ //echo $postdata; error_log("postdata = " . $postdata, 0); $clean_key_value_pairs = array(); $jasonStrResponse = ""; $jasonStr = "{"; $pairs = explode("&", $postdata); foreach ($pairs as $pair) { error_log("pair = " . $pair, 0); list($key, $value) = explode("=", $pair); $processedKey = test_input($key); $processedValue = test_input($value); $clean_key_value_pairs[$processedKey] = $processedValue; $jasonStr .= '"' . $processedKey . '": "' . $processedValue . '",'; error_log("processedKey = " . $processedKey . " processedValue = " . $processedValue, 0); } $jasonStr = rtrim($jasonStr, ","); $jasonStr .= "}"; return $clean_key_value_pairs; }
function validate_informations() { $data = array(); $data['validate'] = false; $data['now'] = date('F j, Y, g:i a'); if (isset($_POST['form_contact_submit'])) { if (empty($_POST['form_name'])) { return 0; } if (empty($_POST['form_email'])) { return 0; } if (empty($_POST['form_message'])) { return 0; } $data['name'] = test_input($_POST['form_name']); $data['email'] = test_input($_POST['form_email']); $data['message'] = test_input($_POST['form_message']); // Only letters and white space allowed if (!preg_match('/^[a-zA-Z ]*$/', $data['name'])) { return 0; } // Test email address if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) { return 0; } // reCaptcha validation $recaptchaResponse = $_POST['g-recaptcha-response']; $request = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret=' . G_RE_CAPTCHA_SECRET_KEY . '&response=' . $recaptchaResponse); $response = json_decode($request); // This will decode JSON to object if (!$response->success) { return 0; } $data['validate'] = true; return $data; } return 0; }
public function register() { if ($this->isPost) { $username = $_POST['username']; if ($username == null || strlen($username) < 3) { $this->addFieldValue('username', $username); $this->validationErrors('username', 'Потребителското име трябва да бъде по-дълго от три символа'); $this->addErrorMessage('Невалидно потребителско име'); } $email = $_POST['email']; if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $this->addFieldValue('username', $username); $this->validationErrors('email', 'Невалиден формат'); $this->addErrorMessage('Невалиден email адрес'); } $password = $_POST['password']; if (!empty($_POST['password']) && $_POST['password'] == $_POST['cpassword']) { $password = test_input($_POST["password"]); if (strlen($_POST["password"]) < '6') { $this->addFieldValue('password', $password); $this->validationErrors('password', 'Паролата трябва да бъде по-дълго от шест символа'); } } elseif (!empty($_POST["password"])) { $this->addErrorMessage('Няма съвпадение'); } $isRegistered = $this->db->register($username, $password); if ($isRegistered) { $_SESSION['username'] = $username; $this->addInfoMessage("Успешна регистрация"); $this->redirect("home", "index"); } else { $this->addErrorMessage("Неуспешна регистрация"); } } $this->renderView("register"); }
public function add_question() { $arr['question'] = test_input($_POST['fill_des']); $arr['point'] = test_input($_POST['point']); $arr['easycount'] = intval($_POST['easycount']); $arr['answernum'] = intval($_POST['numanswer']); $arr['kind'] = intval($_POST['kind']); $arr['isprivate'] = intval($_POST['isprivate']); $arr['addtime'] = date('Y-m-d H:i:s'); $arr['creator'] = $_SESSION['user_id']; $fillid = M('ex_fill')->add($arr); if ($fillid) { for ($i = 1; $i <= $arr['answernum']; $i++) { $answer = test_input($_POST["answer{$i}"]); $arr2['fill_id'] = $fillid; $arr2['answer_id'] = $i; $arr2['answer'] = $answer; M('fill_answer')->add($arr2); } return true; } else { return false; } }
function createInstructor() { $flag = true; if (empty($_POST["lastname"])) { global $lastnameErr; $lastnameErr = "Last name is required"; $flag = false; } else { $lastname = test_input($_POST["lastname"]); } if (empty($_POST["firstname"])) { global $firstnameErr; $firstnameErr = "First name is required"; $flag = false; } else { $firstname = test_input($_POST["firstname"]); } if (empty($_POST["email"])) { global $emailErr; $emailErr = "Email is required"; $flag = false; } else { $email = test_input($_POST["email"]); } $position = $_POST["position"]; if ($flag == true) { $firstname = mysql_real_escape_string($firstname); $lastname = mysql_real_escape_string($lastname); $email = mysql_real_escape_string($email); $position = mysql_real_escape_string($position); $pw = generatePassword($firstname . " " . $lastname); $query = "SELECT * FROM Instructor WHERE firstname='{$firstname}' AND lastname='{$lastname}'"; //change tablename $result = mysql_query($query); if ($result != null && mysql_num_rows($result) >= 1) { echo "<p class=notice>Unable to create. Instructor already exists. If you want to change information please first delete from the list below.</p>"; } else { $query = "INSERT INTO Instructor (firstname, lastname, email, position,pass) VALUES ( '{$firstname}', '{$lastname}', '{$email}', '{$position}', '{$pw}')"; //change tablename $result = mysql_query($query); if (!$result) { die("Cannot create instructor: " . mysql_error()); } else { echo "<p class=notice>New instructor " . $firstname . " " . $lastname . " is created.</p>"; } } } }