/
newwinformupdate.php
55 lines (47 loc) · 1.44 KB
/
newwinformupdate.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
<?php
$sub_menu = '100310';
include_once('./_common.php');
if ($w == "u" || $w == "d")
check_demo();
if ($w == 'd')
auth_check($auth[$sub_menu], "d");
else
auth_check($auth[$sub_menu], "w");
check_admin_token();
$nw_subject = isset($_POST['nw_subject']) ? strip_tags($_POST['nw_subject']) : '';
$sql_common = " nw_device = '{$_POST['nw_device']}',
nw_begin_time = '{$_POST['nw_begin_time']}',
nw_end_time = '{$_POST['nw_end_time']}',
nw_disable_hours = '{$_POST['nw_disable_hours']}',
nw_left = '{$_POST['nw_left']}',
nw_top = '{$_POST['nw_top']}',
nw_height = '{$_POST['nw_height']}',
nw_width = '{$_POST['nw_width']}',
nw_subject = '{$nw_subject}',
nw_content = '{$_POST['nw_content']}',
nw_content_html = '{$_POST['nw_content_html']}' ";
if($w == "")
{
$sql = " insert {$g5['new_win_table']} set $sql_common ";
sql_query($sql);
$nw_id = sql_insert_id();
}
else if ($w == "u")
{
$sql = " update {$g5['new_win_table']} set $sql_common where nw_id = '$nw_id' ";
sql_query($sql);
}
else if ($w == "d")
{
$sql = " delete from {$g5['new_win_table']} where nw_id = '$nw_id' ";
sql_query($sql);
}
if ($w == "d")
{
goto_url('./newwinlist.php');
}
else
{
goto_url("./newwinform.php?w=u&nw_id=$nw_id");
}
?>