ordine_farmacisti/blocks/advFormSubmit.php


<?php
    session_start();

    @include '../cgi-bin/conn.conn';
    @include '../cgi-bin/functions.inc';
    @include '../cgi-bin/params.inc';

    $GLOBALS['conn'];

    $conn=@mysqli_connect($DATAhst,$DATAusr,$DATApwd,$DATAdtb)or die("CONNECTION ERROR");
    mysqli_set_charset($conn, "utf8");

?>
<!DOCTYPE html>
<html>
<head>
    <title>Ordine dei Farmacisti della Provincia di Salerno</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <base href="<?php echo $BASE_URL;?>/">
    <link href="<?php echo $BASE_URL;?>/css/styles.css" rel="stylesheet" type="text/css"/>
    <link href='http://fonts.googleapis.com/css?family=Roboto' rel='stylesheet' type='text/css'>
</head>
<body>
    <div class="row no-gutters py-4">

<?php

    if(sizeof($_POST)>0 && $_POST['g-recaptcha-response']){
        $uid = $_SESSION['AUTH']['id'] ? $_SESSION['AUTH']['id'] : 0;
        $email = $_SESSION['AUTH']['email'] ? $_SESSION['AUTH']['email'] : "";
        $append = 0;

        $order = $_SESSION['AUTH']['id'] ? "Salerno" : addslashes(trim($_POST['other_order']));
        $ouid = $_SESSION['AUTH']['id'] ? 0 : addslashes(trim($_POST['other_order_number']));;

        if(is_uploaded_file($_FILES['append']['tmp_name'])){
            $filename = preg_replace('/[^a-zA-Z0-9\-\._]/','', $_FILES['append']['name']);
            $filesize = ($_FILES['append']['size'] < 1000000) ? round($_FILES['append']['size'] / 1000)."k" : round($_FILES['append']['size'] / 1000000)."M";
            move_uploaded_file($_FILES['append']['tmp_name'], "../docs/files/advertisement/$filename");
            $qf=mysqli_query($conn, "INSERT INTO files VALUES(null, '$filename', '$filename', '/docs/files/advertisement', NOW(), '$filesize')");
            $append = mysqli_insert_id($conn);
        }

        $q=mysqli_query($conn, "INSERT INTO advertisement VALUES(null, $uid, '".$order."', $ouid, '".addslashes(trim($_POST['full_name']))."',
                                 '".addslashes(trim($email))."', NOW(), '".addslashes(nl2br($_POST['text']))."',
                                 '".addslashes(trim($_POST['city']))."', '".addslashes(trim($_POST['contact_phone']))."',
                                 '".addslashes(trim($_POST['contact_email']))."', $append, '".$_POST['type']."', ".
                                 ($_SESSION['AUTH']['id'] ? 1 : 0).", 1)");

        echo "<script>setTimeout( function(){parent.location = parent.location;},1500); </script>";

        if($uid == 0) {
          $SM_email = "dslaky@gmail.com";//"info@rodinefarmacistisalerno.it";
          $SM_email2 = 0;
          $SM_email_CC = 0;
          $SM_subject = "Inserzione";
          $SM_message = "Un utente non iscritto all'Ordine ha richiesto di pubblicare una inserzione<br><br>
                          <b>Riepilogo dati</b><br>".
                          "Nome: ".$_POST['full_name']."<br>".
                          "Città: ".trim($_POST['city'])."<br>".
                          "Telefono: ".trim($_POST['contact_phone'])."<br>".
                          "Email: ".trim($_POST['contact_email'])."<br>".
                          "Inserzione: ".nl2br($_POST['text'])."";
          $SM_showalert = 0;
          $SM_append = 0;

          sendMail($SM_email,$SM_email2,$SM_email_CC,$SM_subject,$SM_message,$SM_showalert,$SM_append);
        }


?>

        <div class="col-10 text-center mx-auto">
            <p><i class="fa fa-check-circle font-alert p-4"></i></p>
            Annuncio aggiunto correttamente!
        </div>

<?php

    }else{

        if(sizeof($_POST) > 0 &&
            (!$_POST['g-recaptcha-response'] ||
            strlen($_POST['full_name']) < 5 ||
            strlen($_POST['city']) < 5 ||
            strlen($_POST['contact_phone']) < 5 ||
            strlen($_POST['contact_email']) < 5)){
            echo "<div class=\"col-10 mx-auto text-red text-center\">
                <p><i class=\"fa fa-exclamation-triangle font-alert p-4\"></i></p>
                ATTENZIONE: Ricorda ti compilare tutti i campi contrassegnati con * ed effettuare il controllo si sicurezza.</div>";
        }
    }
?>

    </div>
</body>
</html>
add advertisement 7 years ago
			`<?php`
			`session_start();`

			`@include '../cgi-bin/conn.conn';`
			`@include '../cgi-bin/functions.inc';`
			`@include '../cgi-bin/params.inc';`

			`$GLOBALS['conn'];`

			`$conn=@mysqli_connect($DATAhst,$DATAusr,$DATApwd,$DATAdtb)or die("CONNECTION ERROR");`
			`mysqli_set_charset($conn, "utf8");`

			`?>`
			`<!DOCTYPE html>`
			`<html>`
			`<head>`
			`<title>Ordine dei Farmacisti della Provincia di Salerno</title>`
			`<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">`
			`<base href="<?php echo $BASE_URL;?>/">`
			`<link href="<?php echo $BASE_URL;?>/css/styles.css" rel="stylesheet" type="text/css"/>`
			`<link href='http://fonts.googleapis.com/css?family=Roboto' rel='stylesheet' type='text/css'>`
			`</head>`
			`<body>`
			`<div class="row no-gutters py-4">`

			`<?php`

			`if(sizeof($_POST)>0 && $_POST['g-recaptcha-response']){`
			`$uid = $_SESSION['AUTH']['id'] ? $_SESSION['AUTH']['id'] : 0;`
			`$email = $_SESSION['AUTH']['email'] ? $_SESSION['AUTH']['email'] : "";`
			`$append = 0;`

add province in adv 5 years ago			`$order = $_SESSION['AUTH']['id'] ? "Salerno" : addslashes(trim($_POST['other_order']));`
			`$ouid = $_SESSION['AUTH']['id'] ? 0 : addslashes(trim($_POST['other_order_number']));;`

add advertisement 7 years ago			`if(is_uploaded_file($_FILES['append']['tmp_name'])){`
			`$filename = preg_replace('/[^a-zA-Z0-9\-\._]/','', $_FILES['append']['name']);`
			`$filesize = ($_FILES['append']['size'] < 1000000) ? round($_FILES['append']['size'] / 1000)."k" : round($_FILES['append']['size'] / 1000000)."M";`
			`move_uploaded_file($_FILES['append']['tmp_name'], "../docs/files/advertisement/$filename");`
			`$qf=mysqli_query($conn, "INSERT INTO files VALUES(null, '$filename', '$filename', '/docs/files/advertisement', NOW(), '$filesize')");`
			`$append = mysqli_insert_id($conn);`
			`}`

add province in adv 5 years ago			`$q=mysqli_query($conn, "INSERT INTO advertisement VALUES(null, $uid, '".$order."', $ouid, '".addslashes(trim($_POST['full_name']))."',`
add advertisement 7 years ago			`'".addslashes(trim($email))."', NOW(), '".addslashes(nl2br($_POST['text']))."',`
			`'".addslashes(trim($_POST['city']))."', '".addslashes(trim($_POST['contact_phone']))."',`
fix adv enabled 5 years ago			`'".addslashes(trim($_POST['contact_email']))."', $append, '".$_POST['type']."', ".`
			`($_SESSION['AUTH']['id'] ? 1 : 0).", 1)");`
add advertisement 7 years ago
			`echo "<script>setTimeout( function(){parent.location = parent.location;},1500); </script>";`

ADV and XLS export 4 years ago			`if($uid == 0) {`
			`$SM_email = "dslaky@gmail.com";//"info@rodinefarmacistisalerno.it";`
			`$SM_email2 = 0;`
			`$SM_email_CC = 0;`
			`$SM_subject = "Inserzione";`
			`$SM_message = "Un utente non iscritto all'Ordine ha richiesto di pubblicare una inserzione<br><br>`
			`<b>Riepilogo dati</b><br>".`
			`"Nome: ".$_POST['full_name']."<br>".`
			`"Città: ".trim($_POST['city'])."<br>".`
			`"Telefono: ".trim($_POST['contact_phone'])."<br>".`
			`"Email: ".trim($_POST['contact_email'])."<br>".`
			`"Inserzione: ".nl2br($_POST['text'])."";`
			`$SM_showalert = 0;`
			`$SM_append = 0;`

			`sendMail($SM_email,$SM_email2,$SM_email_CC,$SM_subject,$SM_message,$SM_showalert,$SM_append);`
			`}`


add advertisement 7 years ago			`?>`

			`<div class="col-10 text-center mx-auto">`
			`<p><i class="fa fa-check-circle font-alert p-4"></i></p>`
			`Annuncio aggiunto correttamente!`
			`</div>`

			`<?php`

			`}else{`

			`if(sizeof($_POST) > 0 &&`
			`(!$_POST['g-recaptcha-response'] \|\|`
			`strlen($_POST['full_name']) < 5 \|\|`
			`strlen($_POST['city']) < 5 \|\|`
			`strlen($_POST['contact_phone']) < 5 \|\|`
			`strlen($_POST['contact_email']) < 5)){`
			`echo "<div class=\"col-10 mx-auto text-red text-center\">`
			`<p><i class=\"fa fa-exclamation-triangle font-alert p-4\"></i></p>`
			`ATTENZIONE: Ricorda ti compilare tutti i campi contrassegnati con * ed effettuare il controllo si sicurezza.</div>";`
			`}`
			`}`
			`?>`

			`</div>`
			`</body>`
			`</html>`