function grava_usuario() { $filename = upload_foto(); require '../config/infodbcon.php'; require '../config/database.php'; $id_conn = open_database(); $post = array_map("mysql_real_escape_string", $_POST); execute_query("START TRANSACTION", $id_conn); if ($post['cmb_cadastro'] == '0') { $sql = 'INSERT INTO tb_usuario '; $sql .= '(usuario_nome, usuario_login, usuario_senha, usuario_email, usuario_foto, usuario_info, usuario_ativo)'; $sql .= 'VALUES '; $sql .= '(\'' . addslashes(utf8_decode($_POST['nome'])) . '\', \'' . utf8_decode($post['login']) . '\', '; $sql .= '\'' . md5('123mudar') . '\', \'' . $post['email'] . '\','; $sql .= '\'' . $filename . '\', \'' . addslashes(utf8_decode($_POST['infor'])) . '\', \'' . ($post['ativo'] ? 1 : 0) . '\')'; } else { $sql = 'UPDATE tb_usuario SET '; $sql .= 'usuario_nome = \'' . addslashes(utf8_decode($_POST['nome'])) . '\', usuario_login = \'' . $post['login'] . '\', '; $sql .= 'usuario_email = \'' . $post['email'] . '\', '; $sql .= 'usuario_info=\'' . addslashes(utf8_decode($_POST['infor'])) . '\', '; $sql .= 'usuario_ativo=\'' . (isset($post['ativo']) ? 1 : 0) . '\' '; if ($post['trocoufoto']) { $sql .= ',usuario_foto=\'' . $filename . '\' '; } $sql .= 'WHERE '; $sql .= 'usuario_id=' . $post['cmb_cadastro']; } if (!execute_query($sql, $id_conn)) { $messagem = utf8_decode('Query Inválida: ') . mysql_error() . "\n"; $messagem .= 'Pesquisa Inteira: ' . $sql; echo $messagem; execute_query("ROLLBACK", $id_conn); } else { execute_query('COMMIT', $id_conn); echo '1'; } execute_query("END TRANSACTION", $id_conn); close_database($id_conn); }
if (stristr($dokumen, "Error") == True || stristr($dokumen, "Unsupported") == True) { $message = $message . $dokumen; } else { $sql1 = $sql1 . ", dokumen_0 = '" . $dokumen . "'"; } } if ($_FILES["dokumen_50"]["tmp_name"] != "") { $dokumen = upload_foto("dokumen_50"); if (stristr($dokumen, "Error") == True || stristr($dokumen, "Unsupported") == True) { $message = $message . $dokumen; } else { $sql1 = $sql1 . ", dokumen_50 = '" . $dokumen . "'"; } } if ($_FILES["no_foto"]["tmp_name"] != "") { $dokumen = upload_foto("no_foto"); if (stristr($dokumen, "Error") == True || stristr($dokumen, "Unsupported") == True) { $message = $message . $dokumen; } else { $sql1 = $sql1 . ", no_foto = '" . $dokumen . "'"; } } if ($message10 == "" && $message9 == "" && $message8 == "" && $message7 == "" && $message6 == "" && $message5 == "" && $message4 == "" && $message3 == "" && $message2 == "") { $sql = "update rekapitulasi_kegiatan set \n jenis_kegiatan='" . $jenis_kegiatan . "',\n kegiatan='" . $kegiatan . "',\n lokasi='" . $lokasi . "'\n ,jumlah_sasaran='" . $jumlah_sasaran . "', \n satuan_sasaran='" . $satuan_sasaran . "',\n nilai_pagu='" . $nilai_pagu . "', \n tahun='" . $tahun . "', \n progres='" . $progres . "', \n instansi='" . $instansi . "',\n sumber_dana='" . $sumber_dana . "', \n id_user='******' \n "; $sql = $sql . $sql1; $sql = $sql . "\n where id='" . $id1 . "'"; //echo $sqlupdate; $resultupdate = mysql_query($sql); if ($resultupdate) { $message = $message . "Data berhasil disimpan"; echo "<script>\n function Redirect(){\n window.location=\"?page=rekapitulasi\";\n }\n setTimeout(\"Redirect()\",2000);\n </script>";
<div class="col-1"> <div class="box-title"><h1>Profile Admin</h1></div> <?php if (isset($_POST['upload'])) { upload_foto(); } ?> <form action="?redirect=foto_admin" method="post" enctype="multipart/form-data"> <table class="tab-in"> <tr> <th class="th-h"><img src="../img/user/<?php echo $admin_data['profile']; ?> "></th> </tr> <tr> <th class="th-v"><input type="file" name="gambar"></th> </tr> </table> <div class="list-sub"> <div class="list-button"><input type="submit" name="upload" value="Upload"></th></div> </div> </form> </div>
print "<div align=\"center\">\n"; print "<table width=\"100%\" height=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tbody>\n"; print "<tr><td height = \"25\" align=\"center\" valign=\"top\">\n"; print "<table width=\"100%\" align=\"center\" border=\"0\" cellspacing=\"2\" cellpadding=\"0\"><tbody>\n"; print "<td width=\"10%\" {$top_bund}><a href=\"varekort.php?id={$id}\" accesskey=\"L\">Luk</a></td>\n"; print "<td width=\"80%\" {$top_bund}>{$title}</td>\n"; print "<td width=\"10%\" {$top_bund}><br></td>\n"; print "</tbody></table>\n"; print "</td></tr>\n"; if ($submit) { if ($fotonavn = db_escape_string(basename($_FILES['uploadedfile']['name']))) { echo "{$fotonavn}<br>"; $filnavn = "../temp/" . $db . "_" . str_replace(" ", "_", $brugernavn) . ".csv"; if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $filnavn)) { echo "overfører {$filnavn}<br>"; upload_foto($id, $filnavn, $fotonavn); # overfoer_data($filnavn,$splitter,$feltnavn,$feltantal,$tegnset); } } } elseif ($sletfoto == 1) { if (file_exists("../owncloud/" . $db . "/varefotos/" . $id)) { unlink("../owncloud/" . $db . "/varefotos/" . $id); } db_modify("update varer set fotonavn='' where id='{$id}'", __FILE__ . " linje " . __LINE__); print "<meta http-equiv=\"refresh\" content=\"0;URL=varefoto.php?id={$id}\">"; } elseif (file_exists("../owncloud/" . $db . "/varefotos/" . $id)) { $fotourl = "../owncloud/" . $db . "/varefotos/" . $id; print "<tr><td align=\"center\"><img style=\"border:0px solid;width:100%;\" alt=\"{$fotonavn}\" src=\"{$fotourl}\"></td></tr>"; print "<tr><td align=\"center\"><a href=\"varefoto.php?id={$id}&sletfoto=1\">Slet foto</a></td></tr>"; } else { upload($id);