示例#1
0
if (!$admin) {
    // admin ID was missing or invalid or
    // admin couldn't be found in database
    redirect_to("manage_admins.php");
}
?>

<?php 
if (isset($_POST['submit'])) {
    // Process the form
    // validations
    $required_fields = array("username", "password", "email");
    $_POST["username"] = $admin["username"];
    validate_presences($required_fields);
    $fields_with_max_lengths = array("username" => 30);
    validate_max_lengths($fields_with_max_lengths);
    validate_email(array("email"));
    if (empty($errors)) {
        // Perform Update
        $id = $admin["id"];
        $username = mysql_prep($admin["username"]);
        $hashed_password = password_encrypt($_POST["password"]);
        $email = mysql_prep($_POST["email"]);
        $user_type = mysql_prep($_POST["user_type"]);
        $nom = mysql_prep($admin["nom"]);
        $query = "UPDATE admins SET" . " ";
        //$query .= "username = '******', ";
        $query .= "hashed_password = '******', ";
        $query .= "email = '{$email}', ";
        //$query .= "user_type = '{$user_type}', ";
        $query .= "nom = '{$nom}' ";
/** Form processing for the feedback form */
function process_feedback_form()
{
    global $errors;
    $required_fields = array("stars", "comment", "title");
    validate_presences($required_fields);
    $fields_with_max_lengths = array("title" => 20);
    validate_max_lengths($fields_with_max_lengths);
    if (empty($errors)) {
        leaveFeedback();
    }
}
示例#3
0
 $city1 = trim($_POST["city1"]);
 $state1 = trim($_POST["state1"]);
 $zip1 = trim($_POST["zip1"]);
 $fax1 = trim($_POST["fax1"]);
 $comment = addslashes(trim($_POST["text1"]));
 //post elements
 $target_dir = "/var/www/html/new/img/{$img}";
 $target_file = $target_dir . basename($_FILES["img"]["name"]);
 $img_var = basename($_FILES["img"]["name"]);
 move_uploaded_file($_FILES["img"]["tmp_name"], $target_file);
 //image upload
 $name_fields_presence = array("username", "password", "email", "first_name", "last_name", "pno", "employement", "employer", "street", "city", "state", "zip", "fax", "street1", "zip1", "fax1");
 all_prestnt($name_fields_presence);
 //values are present or not
 $fields_max_length = array("username" => 20, "password" => 40, "first_name" => 20, "last_name" => 20, "pno" => 15);
 validate_max_lengths($fields_max_length);
 //max length check
 $fields_min_length = array("username" => 8, "password" => 8, "email" => 8, "pno" => 9);
 validate_min_lengths($fields_min_length);
 if (!preg_match('/^[a-z0-9_-]+@[a-z0-9._-]+\\.[a-z]+$/i', $email)) {
     $errors["email"] = " wrong" . ucfirst("email") . " pattern ";
 }
 //email format checking//for email varification;
 $output = form_errors($errors);
 //end of validations
 if (!$output) {
     $activate = md5(uniqid(rand(), true));
     //creating new unique activation code
     $q = "UPDATE reg SET user_name='{$username}', \n\t\t\t\t\tpassword='******', \n\t\t\t\t\temail_id='{$email}', \n\t\t\t\t\tfirst_name='{$first_name}', \n\t\t\t\t\tlast_name='{$last_name}', \n\t\t\t\t\tmiddle_name='{$middle_name}', \n\t\t\t\t\tph_no='{$pno}',  \n\t\t\t\t\temployement='{$employement}', \n\t\t\t\t\temployer='{$employer}', \n\t\t\t\t\tstreet='{$street}', \n\t\t\t\t\tcity='{$city}', \n\t\t\t\t\tstate='{$state}', \n\t\t\t\t\tzip='{$zip}', \n\t\t\t\t\tfax='{$fax}', \n\t\t\t\t\tstreet1='{$street1}', \n\t\t\t\t\tcity1='{$city1}', \n\t\t\t\t\tstate1='{$state1}', \n\t\t\t\t\tzip1='{$zip1}', \n\t\t\t\t\tfax1='{$fax1}', \n\t\t\t\t\tcomment='{$comment}', \n\t\t\t\t\tdob='{$dob}', \n\t\t\t\t\timg='{$img_var}' WHERE id='{$id}'";
     if (mysqli_query($connection, $q)) {
         header("Location:detail.php");
示例#4
0
find_selected_page();
if (!$current_subject) {
    // if current subject was null or invalid
    redirect_to("manage_content.php");
}
?>

<?php 
if (isset($_POST['submit'])) {
    // Process the form
    // $menu_name = mysql_prep($menu_name);//for escaping
    //validations
    $required_fields = array("menu_name", "position", "visible", "content");
    validate_presences($required_fields);
    $max_lenghts_menu_name = array("menu_name" => 30);
    validate_max_lengths($max_lenghts_menu_name);
    // if (!empty($errors)) {
    // $_SESSION["errors"]= $errors;
    // redirect_to("manage_content.php");
    // }
    if (empty($errors)) {
        $subject_id = $current_subject["id"];
        $menu_name = mysql_prep($_POST["menu_name"]);
        $position = (int) $_POST["position"];
        $visible = (int) $_POST["visible"];
        $content = mysql_prep($_POST["content"]);
        $query = "INSERT INTO pages (";
        $query .= " subject_id, menu_name, position, visible, content ";
        $query .= ") VALUES (";
        $query .= " {$subject_id}, '{$menu_name}', {$position}, {$visible},'{$content}' ";
        $query .= ")";