<?php header("Content-Type:text/html;charset=utf-8"); require_once "../../admin.inc.php"; // Connect Database require_once "../../php-bin/function.php"; // access control checking require_once "z_access_control.php"; require_once "../../php-bin/pagedisplay.php"; // function for resize photo // require_once("../../include/image.class.php"); $id = $_POST[id] | 0; $sql = " SELECT * FROM tbl_activity WHERE id=" . $id; $result = mysql_query($sql); if ($obj = mysql_fetch_object($result)) { access_detail_check($obj->type_id); } else { exit; } ////////////////////////////////////////////////////////////////////////////////////////////////////// /* Start Upload Photo */ ////////////////////////////////////////////////////////////////////////////////////////////////////// foreach ($_FILES["photo"]["error"] as $key => $error) { if ($error == UPLOAD_ERR_OK) { $upfile = $_FILES["photo"]["tmp_name"][$key]; $remark = EncodeHTMLTag($_POST["remark"][$key]); $g_order = $_POST["order"][$key] | 0; $ext = strrchr($_FILES["photo"]['name'][$key], "."); $ran_num = (time() | 0) . "_" . rand(0, 999999999); $output_path = "../../gallery_activity/"; $file_name = $id . "_{$ran_num}.png";
require_once "z_access_control.php"; $file_id = $_GET['id'] | 0; $file_type_id = 0; $file_date = ""; $file_exp_date = ""; $file_title = ""; $file_serial = ""; $file_content = ""; $file_link_text = ""; $file_link_url = ""; $file_link_new_window = ""; $file_file_name = ""; $search_SQL = " SELECT * FROM tbl_file WHERE file_id=" . $file_id; $search_Result = mysql_query($search_SQL, $link_id); if ($search_Obj = mysql_fetch_object($search_Result)) { access_detail_check($search_Obj->file_type_id); $file_type_id = $search_Obj->file_type_id; $file_date = $search_Obj->file_date; $file_exp_date = $search_Obj->file_exp_date; $file_title = $search_Obj->file_title; $file_serial = $search_Obj->file_serial; $file_content = $search_Obj->file_content; $file_link_text = $search_Obj->file_link_text; $file_link_url = $search_Obj->file_link_url; $file_link_new_window = $search_Obj->file_link_new_window; $file_photo = $search_Obj->file_photo; $file_file_name = $search_Obj->file_file_name; } ?> <html> <head>
<?php header("Content-Type:text/html;charset=utf-8"); require_once "../../admin.inc.php"; require_once "gallery_selection.php"; $record = mysql_fetch_object($get_result3); access_detail_check($record->type_id); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>學生作品管理 </title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <LINK REL="StyleSheet" TYPE="text/css" HREF="../../js/style.css"> <style type="text/css"> <!-- .style2 {color: #006699} .style5 {color: #666666} --> </style> <script language="javascript"> <!-- function PhotoAdd() { document.gallery.action="photo_add.php"; } function Delete_Photo(file_name) { if ( confirm('你確定要刪除這張相片嗎?') ) { location='photo_delete_process.php?file_name='+file_name+'&id=<?php echo $_GET[id];
// access control checking require_once "z_access_control.php"; $file_name = EncodeHTMLTag($_POST["file_name"]); $remark = EncodeHTMLTag($_POST["remark"]); $g_order = $_POST["order"] | 0; // this is a Wrong SQL //$img_sql = " SELECT * FROM tbl_activity_gallery WHERE file_name='$file_name' "; //Renew By Godmark 20070301 $img_sql = "SELECT ta.type_id FROM `tbl_activity_gallery` AS tg , \r\n`tbl_activity` AS ta LEFT JOIN tbl_activity_type AS tt ON(ta.type_id=tt.type_id) \r\nWHERE tg.act_id=ta.id AND tg.file_name='" . $file_name . "'\r\nORDER BY tg.g_order ASC, tg.file_name ASC"; mysql_query("set names utf8"); $img_result = mysql_query($img_sql, $link_id); if ($img_obj = mysql_fetch_object($img_result)) { //this is a Wrong Arg //access_detail_check( $img_obj->act_id ); //Renew By Godmark 20070301 access_detail_check($img_obj->type_id); $update_sql = "UPDATE `tbl_activity_gallery` SET\r\n\t`remark`='{$remark}',\r\n\t`g_order`={$g_order} \r\n\tWHERE `file_name`='{$file_name}' "; //echo $update_sql; mysql_query("set names utf8"); $run_status = mysql_query($update_sql); if (!$run_status) { $msg = str_replace(" ", "+", "tο~: " . mysql_error($link_id)); } else { $msg = "The record had been updated successfully."; } mysql_close(); } ?> <script language="javascript"> window.opener.location.reload(); window.close();
<?php header("Content-Type:text/html;charset=utf-8"); // admin checking require_once '../../admin.inc.php'; // Connect Database require_once "../../php-bin/function.php"; // access control checking require_once "z_access_control.php"; $file_id = $_POST['n_id'] | 0; $type_id = $_POST["n_type_id"] | 0; access_detail_check($type_id); $date_year = $_POST[date_year] | 0; $date_month = $_POST[date_month] | 0; $date_day = $_POST[date_day] | 0; $date = $date_year . "-" . $date_month . "-" . $date_day; $file_year = 0; // What is this useful???? By Godmark // wγ~,Op~B // 9 1 @Ӧ~ת}l if ($date_year != 0 && $date_month != 0 && $date_day != 0) { if ($date_month >= 9) { $file_year = $date_year; } else { $file_year = $date_year - 1; } //pGOp9Y 8-31,ݩW@Ӧ~ } $date2 = ($_POST["date_year2"] | 0) . "-" . ($_POST["date_month2"] | 0) . "-" . ($_POST["date_day2"] | 0); $title = EncodeHTMLTag($_POST["n_title"]); $serial = EncodeHTMLTag($_POST["n_serial"]);