dslak
/
ordine_farmacisti
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
51 Commits
2 Branches
0 Tags
16 MiB
 
 
 
 
Tree: ef2511eb63
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ef2511eb63'
${ noResults }
ordine_farmacisti/blocks/advFormSubmit.php

78 lines
3.1 KiB
Raw Blame History

<?php
session_start();
@include '../cgi-bin/conn.conn';
@include '../cgi-bin/functions.inc';
@include '../cgi-bin/params.inc';
$GLOBALS['conn'];
$conn=@mysqli_connect($DATAhst,$DATAusr,$DATApwd,$DATAdtb)or die("CONNECTION ERROR");
mysqli_set_charset($conn, "utf8");
?>
<!DOCTYPE html>
<html>
<head>
<title>Ordine dei Farmacisti della Provincia di Salerno</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<base href="<?php echo $BASE_URL;?>/">
<link href="<?php echo $BASE_URL;?>/css/styles.css" rel="stylesheet" type="text/css"/>
<link href='http://fonts.googleapis.com/css?family=Roboto' rel='stylesheet' type='text/css'>
</head>
<body>
<div class="row no-gutters py-4">
<?php
if(sizeof($_POST)>0 && $_POST['g-recaptcha-response']){
$uid = $_SESSION['AUTH']['id'] ? $_SESSION['AUTH']['id'] : 0;
$email = $_SESSION['AUTH']['email'] ? $_SESSION['AUTH']['email'] : "";
$append = 0;
$order = $_SESSION['AUTH']['id'] ? "Salerno" : addslashes(trim($_POST['other_order']));
$ouid = $_SESSION['AUTH']['id'] ? 0 : addslashes(trim($_POST['other_order_number']));;
if(is_uploaded_file($_FILES['append']['tmp_name'])){
$filename = preg_replace('/[^a-zA-Z0-9\-\._]/','', $_FILES['append']['name']);
$filesize = ($_FILES['append']['size'] < 1000000) ? round($_FILES['append']['size'] / 1000)."k" : round($_FILES['append']['size'] / 1000000)."M";
move_uploaded_file($_FILES['append']['tmp_name'], "../docs/files/advertisement/$filename");
$qf=mysqli_query($conn, "INSERT INTO files VALUES(null, '$filename', '$filename', '/docs/files/advertisement', NOW(), '$filesize')");
$append = mysqli_insert_id($conn);
}
$q=mysqli_query($conn, "INSERT INTO advertisement VALUES(null, $uid, '".$order."', $ouid, '".addslashes(trim($_POST['full_name']))."',
'".addslashes(trim($email))."', NOW(), '".addslashes(nl2br($_POST['text']))."',
'".addslashes(trim($_POST['city']))."', '".addslashes(trim($_POST['contact_phone']))."',
'".addslashes(trim($_POST['contact_email']))."', $append, '".$_POST['type']."', 1, 1)");
echo "<script>setTimeout( function(){parent.location = parent.location;},1500); </script>";
?>
<div class="col-10 text-center mx-auto">
<p><i class="fa fa-check-circle font-alert p-4"></i></p>
Annuncio aggiunto correttamente!
</div>
<?php
}else{
if(sizeof($_POST) > 0 &&
(!$_POST['g-recaptcha-response'] ||
strlen($_POST['full_name']) < 5 ||
strlen($_POST['city']) < 5 ||
strlen($_POST['contact_phone']) < 5 ||
strlen($_POST['contact_email']) < 5)){
echo "<div class=\"col-10 mx-auto text-red text-center\">
<p><i class=\"fa fa-exclamation-triangle font-alert p-4\"></i></p>
ATTENZIONE: Ricorda ti compilare tutti i campi contrassegnati con * ed effettuare il controllo si sicurezza.</div>";
}
}
?>
</div>
</body>
</html>