本文整理汇总了PHP中tosql函数的典型用法代码示例。如果您正苦于以下问题:PHP tosql函数的具体用法?PHP tosql怎么用?PHP tosql使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了tosql函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: tosql_set_update
function tosql_set_update($vars = array())
{
$ress = array();
foreach ($vars as $k => $v) {
$ress[] = $k . '=' . tosql($v);
}
return implode(', ', $ress);
}示例2: get_param
include_once "configuration.php";
$menustudent = 1;
$web_user = $_SESSION['UserId'];
$current_year = $_SESSION['CurrentYear'];
//Get student id
$studentid = get_param("studentid");
//Get attendance id
$gradeid = get_param("gradeid");
//Get action
$action = get_param("action");
//Get info from form
$quarter = get_param("quarter");
$grade = tosql(get_param("grade"), "Text");
$effort = tosql(get_param("effort"), "Text");
$conduct = tosql(get_param("conduct"), "Text");
$gradenotes = tosql(get_param("gradenotes"), "Text");
$comment1 = get_param("comment1");
$comment2 = get_param("comment2");
$comment3 = get_param("comment3");
$subject = get_param("subject");
//get custom fields
$custom_grade_fields = get_param("custom_grade_fields");
//array
$custom_fields = get_param("custom_fields");
$new_custom_field_id = get_param("new_custom_field_id");
$new_custom_field_data = get_param("new_custom_field_data");
//Validate fields
$msgFormErr = "";
if (!strlen($quarter)) {
$msgFormErr .= _ADMIN_MANAGE_GRADES_4_ENTER_QUARTER . "<br>";
}示例3: get_param
} else {
$sSQL = "DELETE FROM media_codes WHERE media_codes_id='" . $media_codes_id . "'";
$db->query($sSQL);
}
break;
case "add":
$media_codes_desc = get_param("medianame");
$media_codes_id1 = get_param("id1");
$media_codes_id2 = get_param("id2");
/*Duplicates are fine (i.e. textbooks) so don't check for them
$tot = $db->get_var("SELECT count(*) FROM media_codes WHERE media_codes.media_codes_desc='".$media_codes_desc."'");
if ($tot>0){
$msgFormErr=_ADMIN_MEDIA_CODES_1_DUP;
}else{
*/
$sSQL = "INSERT INTO media_codes (media_codes_desc, id1, id2) \n\t\tVALUES (" . tosql($media_codes_desc, "Text") . " ,'" . $media_codes_id1 . "', '" . $media_codes_id2 . "')";
$db->query($sSQL);
//};
break;
case "edit":
$media_codes_id = get_param("id");
$sSQL = "SELECT media_codes_desc, id1, id2 FROM media_codes WHERE \nmedia_codes_id={$media_codes_id}";
$media_all = $db->get_row($sSQL);
$media_codes_desc = $media_all->media_codes_desc;
$id1 = $media_all->id1;
$id2 = $media_all->id2;
// echo $media_codes_desc, $id1, $id2;
break;
case "update":
$media_codes_id = get_param("id");
$media_codes_desc = get_param("medianame");示例4: tosql
if (!strlen($term)) {
$msgFormErr .= _GRADE_STUDENT_4_ENTER_QUARTER . "<br>";
}
if (strlen($grade) < 1) {
$msgFormErr .= _GRADE_STUDENT_4_ENTER_OVERALL . "<br>";
}
if (!strlen($effort)) {
$msgFormErr .= _GRADE_STUDENT_4_ENTER_EFFORT . "<br>";
}
if (!strlen($conduct)) {
$msgFormErr .= _GRADE_STUDENT_4_ENTER_CONDUCT . "<br>";
}
//After validation, we must convert the grade,effort,conduct fields to text for insertion into the db.
$grade = tosql($grade, "Text");
$effort = tosql($effort, "Text");
$conduct = tosql($conduct, "Text");
//Errors found
if (strlen($msgFormErr > 0)) {
$msgheader = _GRADE_STUDENT_4_FORMERROR;
}
//No errors found
if (!strlen($msgFormErr)) {
// if($action=="update"){
// $msgheader="Updating";
// $sSQL="UPDATE grade_history SET grade_history_quarter='".$quarter."', grade_history_grade='".$grade."', grade_history_effort='".$effort."', grade_history_conduct='".$conduct."', grade_history_comment1='".$comment1."', grade_history_comment2='".$comment2."', grade_history_comment3='".$comment3."', grade_history_notes='".$gradenotes."' WHERE grade_history_id='".$gradeid."'";
// $db->query($sSQL);
// $url="teacher_manage_grades_2.php?studentid=".$studentid."&gradeid=".$gradeid;
// header("Location: $url");
// exit();
// }else{
$term = $_SESSION[term];示例5: switch
if (!strlen($action)) {
$action = "none";
}
//Add or Remove grades according to admin choice
switch ($action) {
case "remove":
$grade_id = get_param("id");
if ($norem = $db->get_results("SELECT grade_history_id FROM grade_history WHERE grade_history_grade={$grade_id} OR grade_history_effort={$grade_id} OR grade_history_conduct={$grade_id}")) {
$msgFormErr = _ADMIN_SGRADES_FORM_ERROR;
} else {
$sSQL = "DELETE FROM grade_names WHERE grade_names_id={$grade_id}";
$db->query($sSQL);
}
break;
case "add":
$grade_desc = tosql(get_param("gradename"), "Text");
$sSQL = "INSERT INTO grade_names (grade_names_desc) VALUES (" . $grade_desc . ")";
$db->query($sSQL);
break;
case "edit":
$grade_id = get_param("id");
$sSQL = "SELECT grade_names_desc FROM grade_names WHERE grade_names_id={$grade_id}";
$grade_desc = $db->get_var($sSQL);
break;
case "update":
$grade_id = get_param("id");
$grade_desc = get_param("gradename");
$sSQL = "UPDATE grade_names SET grade_names_desc='{$grade_desc}' WHERE grade_names_id={$grade_id}";
$db->query($sSQL);
break;
}示例6: Form1_show
function Form1_show()
{
global $sForm1Err;
global $db;
global $sFileName;
global $styles;
$querystring = get_param("querystring");
$ret_page = get_param("ret_page");
$sFormTitle = "Ingrese usuario y contraseńa";
//-------------------------------
// Form1 Show begin
//-------------------------------
//-------------------------------
// Form1 Open Event begin
// Form1 Open Event end
//-------------------------------
?>
<table class="FormTABLE">
<form action="<?php
echo $sFileName;
?>
" method="POST">
<input type="hidden" name="FormName" value="Form1">
<tr><td class="FormHeaderTD" colspan="2"><font class="FormHeaderFONT"><?php
echo $sFormTitle;
?>
</font></td></tr>
<?php
if ($sForm1Err) {
?>
<tr><td colspan="2" class="DataTD"><font class="DataFONT"><?php
echo $sForm1Err;
?>
</font></td></tr>
<?php
}
?>
<?php
if (get_session("UserID") == "") {
//-------------------------------
//- User is not logged in
//-------------------------------
?>
<tr><td class="FieldCaptionTD"><font class="FieldCaptionFONT">Identificación</font></td><td class="DataTD"><input type="text" name="Login" value="<?php
echo tohtml(get_param("Login"));
?>
" maxlength="50"></td></tr>
<tr><td class="FieldCaptionTD"><font class="FieldCaptionFONT">Palabra Clave</font></td><td class="DataTD"><input type="password" name="Password" maxlength="50"></td></tr>
<tr><td colspan="2">
<input type="hidden" name="FormAction" value="login">
<input type="submit" value="Conexión">
</td></tr>
<?php
} else {
//-------------------------------
// User is logged in
//-------------------------------
$usuario = get_session("UserID");
$db->query("SELECT USUA_LOGIN FROM USUARIO WHERE USUA_LOGIN=" . tosql($usuario, "Text"));
$db->next_record();
?>
<tr><td class="DataTD"><font class="DataFONT"> <?php
echo $db->f("USUA_LOGIN");
?>
</font>
<input type="hidden" name="FormAction" value="logout">
<input type="submit" value="Desconexión">
</td></tr>
<?php
}
?>
<input type="hidden" name="ret_page" value="<?php
echo $ret_page;
?>
"><input type="hidden" name="querystring" value="<?php
echo $querystring;
?>
"></td></tr>
</form></table>
<?php
//-------------------------------
// Form1 Close Event begin
// Form1 Close Event end
//-------------------------------
//-------------------------------
// Form1 Show end
//-------------------------------
}示例7: get_param
$infraction_codes_id = get_param("id");
if ($norem = $db->get_results("SELECT discipline_history_code FROM discipline_history WHERE discipline_history_code={$infraction_codes_id}")) {
$msgFormErr = _ADMIN_INFRACTION_CODES_FORM_ERROR;
} else {
$sSQL = "DELETE FROM infraction_codes WHERE infraction_codes_id={$infraction_codes_id}";
$db->query($sSQL);
}
break;
case "add":
$infraction_codes_desc = get_param("infractionname");
//Check for duplicates
$tot = $db->get_var("SELECT count(*) FROM infraction_codes WHERE infraction_codes.infraction_codes_desc = '{$infraction_codes_desc}'");
if ($tot > 0) {
$msgFormErr = _ADMIN_INFRACTION_CODES_DUP;
} else {
$sSQL = "INSERT INTO infraction_codes (infraction_codes_desc) VALUES (" . tosql($infraction_codes_desc, "Text") . ")";
$db->query($sSQL);
}
break;
case "edit":
$infraction_codes_id = get_param("id");
$sSQL = "SELECT infraction_codes_desc FROM infraction_codes WHERE infraction_codes_id={$infraction_codes_id}";
$infraction_codes_desc = $db->get_var($sSQL);
break;
case "update":
$infraction_codes_id = get_param("id");
$infraction_codes_desc = get_param("infractionname");
$sSQL = "UPDATE infraction_codes SET infraction_codes_desc='{$infraction_codes_desc}' WHERE infraction_codes_id={$infraction_codes_id}";
$db->query($sSQL);
break;
}示例8: get_checkbox_value
function get_checkbox_value($value, $checked_value, $unchecked_value, $type)
{
if (!strlen($value)) {
return tosql($unchecked_value, $type);
} else {
return tosql($checked_value, $type);
}
}示例9: switch
}
//Add or Remove School Exams according to admin choice
switch ($action) {
case "remove":
$id_to_delete = get_param("id");
$sSQL = "DELETE FROM exams_types WHERE exams_types_id={$id_to_delete}";
$db->query($sSQL);
break;
case "add":
$name = get_param("name");
//Check for duplicates
$tot = $db->get_var("SELECT count(*) FROM exams_types WHERE exams_types_desc='{$name}'");
if ($tot > 0) {
$msgFormErr = _ADMIN_EXAMS_TYPES_DUP;
} else {
$cSQL = "INSERT INTO exams_types (exams_types_desc) VALUES (" . tosql($name, "Text") . ")";
$db->query($cSQL);
}
break;
case "edit":
$id = get_param("id");
$cSQL = "SELECT exams_types_desc FROM exams_types WHERE exams_types_id = '{$id}'";
$name = $db->get_var($cSQL);
break;
case "update":
$id = get_param("id");
$name = get_param("name");
$cSQL = "UPDATE exams_types SET exams_types_desc = '{$name}' WHERE exams_types_id = '{$id}'";
$db->query($cSQL);
break;
}示例10: PRESTAMO_action
function PRESTAMO_action($sAction)
{
global $db;
global $krd;
//usuario actual
global $dependencia;
//dependencia del usuario actual
$fldradicado = get_param("radicado");
// Regresa al men� del radicado
if ($sAction == "cancelar") {
echo "..";
// dejar esto para que el navegador deje hacer el submit
echo "<form name=Atras action='../verradicado.php?krd={$krd}&verrad={$fldradicado}' method=post> </form>";
echo "<script>document.Atras.submit();</script>";
} elseif ($sAction == "insert") {
$fldPRES_REQUERIMIENTO = get_param("s_PRES_REQUERIMIENTO");
$fldPRES_FECH_PEDI = $db->conn->OffsetDate(0, $db->conn->sysTimeStamp);
// Obtiene la ubicaci�n f�sica de los documentos
$fldPRES_DEPE_ARCH = substr($fldradicado, 4, 3);
$query = "SELECT UBIC_DEPE_ARCH FROM UBICACION_FISICA WHERE UBIC_DEPE_RADI=" . $fldPRES_DEPE_ARCH;
$db->conn->SetFetchMode(ADODB_FETCH_ASSOC);
$rs = $db->conn->query($query);
if (!$rs->EOF) {
$fldPRES_DEPE_ARCH = $rs->fields['UBIC_DEPE_ARCH'];
}
// Genera PRES_ID
//$db->conn->debug = true;
$sec = $db->conn->nextId('SEC_PRESTAMO');
/*if($driver=="oci8")
{
echo "<hr>ENTRO<HR>";
$sSQL = "SELECT PRES_SEQ.NEXTVAL AS PRES_ID FROM PRESTAMO";
$rs = $db->conn->query($sSQL);
if(!$rs->EOF)
{
$fldPRES_ID =$rs->fields("PRES_ID");
}
}*/
// Create SQL statement
//$db->conn->debug = true;
$sSQL = "insert into PRESTAMO(\n PRES_ID,\n RADI_NUME_RADI,\n\t\t \t USUA_LOGIN_ACTU,\n\t\t\t DEPE_CODI,\n PRES_FECH_PEDI,\t\t\t\t \n PRES_DEPE_ARCH,\n PRES_ESTADO,\n PRES_REQUERIMIENTO)\n values (" . tosql($sec, "Number") . "," . tosql($fldradicado, "Text") . "," . tosql($krd, "Text") . "," . tosql($dependencia, "Number") . "," . $fldPRES_FECH_PEDI . "," . tosql($fldPRES_DEPE_ARCH, "Number") . ", \n 1," . tosql($fldPRES_REQUERIMIENTO, "Number") . ")";
// Execute SQL statement
if ($db->conn->query($sSQL)) {
} else {
echo "<script> alert(\"El registro no pudo ser realizado\"); </script>";
}
} elseif ($sAction == "prestamo" || $sAction == "prestamoIndefinido" || $sAction == "delete" || $sAction == "devolucion") {
// Inicializa par�metros para SQL
$fldPRES_FECH = $db->conn->OffsetDate(0, $db->conn->sysTimeStamp);
$fldPRES_ID = get_param("s_PRES_ID");
$sfldPRES_ID = str_replace("'", "", "" . tosql($fldPRES_ID, "Text"));
// identifiador de los registros
$estadoOld = "=1";
// Pr�stamo
if ($sAction == "prestamoIndefinido" || $sAction == "prestamo") {
$fldDESC = tosql(get_param("observa"), "Text");
$setFecha = "PRES_FECH_PRES=" . $fldPRES_FECH . ", PRES_DESC=" . $fldDESC . ", USUA_LOGIN_PRES='" . $krd . "' ";
$nombTx = "Prestar Documento";
if ($sAction == "prestamoIndefinido") {
$estadoNew = 5;
$titError = "El registro del préstamo indefinido no pudo ser realizado";
} else {
$estadoNew = 2;
$fechaVencimiento = get_param("fechaVencimiento");
$sqlFechaVenc = $db->conn->DBDate($fechaVencimiento);
$setFecha .= ",PRES_FECH_VENC=" . $sqlFechaVenc . " ";
$titError = "El registro del préstamo no pudo ser realizado";
}
} elseif ($sAction == "delete") {
$estadoNew = 4;
$setFecha = "PRES_FECH_CANC=" . $fldPRES_FECH . ", USUA_LOGIN_CANC='" . $krd . "'";
$nombTx = "Cancelar Solicitud de Préstamo";
$titError = "El registro de la cancelaci�n no pudo ser realizado";
} elseif ($sAction == "devolucion") {
$estadoNew = 3;
$fldDESC = tosql(get_param("observa"), "Text");
$setFecha = "PRES_FECH_DEVO=" . $fldPRES_FECH . ", DEV_DESC=" . $fldDESC . ", USUA_LOGIN_RX='" . $krd . "' ";
$nombTx = "Devolver Documento";
$titError = "El registro de la devoluci�n no pudo ser realizado";
$estadoOld = "in (2,5)";
}
$fecha = date("d-m-Y h:i A");
// Create SQL statement
$sSQL = "update PRESTAMO set " . $setFecha . ",PRES_ESTADO=" . $estadoNew . " \n\t\t\t where PRES_ID in (" . $sfldPRES_ID . ") and PRES_ESTADO " . $estadoOld;
// Execute SQL statement
if ($db->conn->query($sSQL)) {
verMensaje($nombTx, $fecha);
} else {
echo "<script> alert(" . $titError . "); </script>";
}
}
}示例11: RADICADO_show
//.........这里部分代码省略.........
echo $form_sorting;
?>
&"><font class="ColumnFONT"># H</font></a>oj</td>
<td width="142" height="25" class="ColumnTD"><a href="<?php
echo $sFileName;
?>
?<?php
echo $form_params;
?>
FormRADICADO_Sorting=5&FormRADICADO_Sorted=<?php
echo $form_sorting;
?>
&"><font class="ColumnFONT">Anexos</font></a></td>
</tr>
<?php
//-------------------------------
// Build WHERE statement
//-------------------------------
$ps_desde_RADI_FECH_RADI = get_param("s_desde_RADI_FECH_RADI");
$ps_hora_inicial = get_param("s_hora_inicial");
$ps_hora_final = get_param("s_hora_final");
if (strlen($ps_desde_RADI_FECH_RADI) && strlen($ps_hora_inicial) && strlen($ps_hora_final)) {
$ps_hora_final -= 1;
$desde = $ps_desde_RADI_FECH_RADI . " " . $ps_hora_inicial . ":00:00";
$hasta = $ps_desde_RADI_FECH_RADI . " " . $ps_hora_final . ":59:59";
$HasParam = true;
$sWhere = $sWhere . "R.RADI_FECH_RADI>=to_date('" . $desde . "','dd/mm/yyyy HH24:MI:ss')";
$sWhere .= " and ";
$sWhere = $sWhere . "R.RADI_FECH_RADI<=to_date('" . $hasta . "','dd/mm/yyyy HH24:MI:ss')";
}
$ps_RADI_DEPE_RADI = get_param("s_RADI_DEPE_RADI");
if (is_number($ps_RADI_DEPE_RADI) && strlen($ps_RADI_DEPE_RADI)) {
$ps_RADI_DEPE_RADI = tosql($ps_RADI_DEPE_RADI, "Number");
} else {
$ps_RADI_DEPE_RADI = "";
}
if (strlen($ps_RADI_DEPE_RADI)) {
if ($sWhere != "") {
$sWhere .= " and ";
}
$HasParam = true;
//se busca en el radicado donde sea like 'yyyyDEP%'
$sWhere = $sWhere . "R.RADI_NUME_RADI LIKE '" . substr($ps_desde_RADI_FECH_RADI, 6, 4) . $ps_RADI_DEPE_RADI . "%'";
} else {
$bReq = false;
}
if ($HasParam) {
$sWhere = " WHERE (" . $sWhere . ")";
}
//-------------------------------
// Build base SQL statement
//-------------------------------
$sSQL = "select R.RADI_DEPE_RADI as R_RADI_DEPE_RADI, " . "R.RADI_DESC_ANEX as R_RADI_DESC_ANEX, " . "to_char(R.RADI_FECH_RADI,'dd/mm/yyyy hh24:mi:ss') as R_RADI_FECH_RADI, " . "R.RADI_NUME_HOJA as R_RADI_NUME_HOJA, " . "R.RADI_NUME_RADI as R_RADI_NUME_RADI, " . "R.RA_ASUN as R_RA_ASUN " . " from RADICADO R ";
//-------------------------------
//-------------------------------
// RADICADO Open Event begin
$sSQLCount = "Select count(*) as Total from radicado R " . $sWhere;
$db->query($sSQLCount);
$next_record = $db->next_record();
$fldTotal = $db->f("TOTAL");
// RADICADO Open Event end
//-------------------------------
//-------------------------------
// Assemble full SQL statement
//-------------------------------示例12: header
//adding a new field if one has been entered
if($new_custom_field_id > 0 && $new_custom_field_data != '') {
$custom_discipline_insert_sql = "INSERT into custom_media_history SET
custom_field_id = '$new_custom_field_id',
media_history_id = '$disid',
data = '$new_custom_field_data'";
$db->query($custom_discipline_insert_sql);
} //end custom fields
*/
$url = "admin_manage_media_2.php?studentid=" . $studentid . "&disid=" . $disid;
header("Location: {$url}");
exit;
} else {
$sschool = get_param("sschool");
$notify = get_param("notify");
$sSQL = "INSERT INTO media_history (media_history_student, media_history_school, media_history_year, media_history_code, media_history_dateout, media_history_datedue, media_history_dateret, media_history_action, media_history_notes, media_history_reporter, media_history_user) VALUES ({$studentid}, {$sschool}, {$current_year}, {$discode}, '{$disdate}', '{$sdate}', '{$edate}', " . tosql($disaction, "Text") . ", " . tosql($disnotes, "Text") . ", " . tosql($disreporter, "Text") . ", {$web_user})";
$db->query($sSQL);
/* here was the mailer code to notify parents. Should we ever want it
again, paste from admin_manage_discipline accordingly. */
/* Yeah, I did, cos I think it's a great feature! :-) */
if ($notify == 1) {
$sSQL = "SELECT studentcontact.studentcontact_email, studentcontact.studentcontact_fname, \r\n\t\t\tstudentcontact.studentcontact_lname, contact_to_students.contact_to_students_student \r\n\t\t\tFROM contact_to_students \r\n\t\t\tINNER JOIN studentcontact ON contact_to_students.contact_to_students_contact = studentcontact.studentcontact_id \r\n\t\t\tWHERE contact_to_students_student={$studentid}";
if ($addresses = $db->get_results($sSQL)) {
$sSQL = "SELECT studentbio_fname, studentbio_lname FROM studentbio WHERE studentbio_id={$studentid}";
$student = $db->get_row($sSQL);
$sfname = $student->studentbio_fname;
$slname = $student->studentbio_lname;
require_once "class.phpmailer.php";
$mail = new PHPMailer();
$mail->SetLanguage(_LANG, ".");
// // $mail->IsSMTP(); // send via SMTP示例13: header
$db->query($custom_attendance_update_sql);
}
}
//adding a new field if one has been entered
if ($new_custom_field_id > 0 && $new_custom_field_data != '') {
$custom_attendance_insert_sql = "INSERT into custom_attendance_history SET \n\t\t\tcustom_field_id = '{$new_custom_field_id}', \n\t\t\tattendance_history_id = '{$attid}',\n\t\t\tdata = '{$new_custom_field_data}'";
$db->query($custom_attendance_insert_sql);
}
//end custom fields
$url = "admin_manage_attendance_2.php?studentid=" . $studentid . "&attid=" . $attid;
header("Location: {$url}");
exit;
} else {
$sschool = get_param("sschool");
$notify = get_param("notify");
$sSQL = "INSERT INTO attendance_history (attendance_history_student, attendance_history_school, attendance_history_year, attendance_history_date, attendance_history_code, attendance_history_notes, attendance_history_user) VALUES ({$studentid}, {$sschool}, {$current_year}, '{$attdate}', {$attcode}, " . tosql($attnotes, "Text") . ", {$web_user})";
$db->query($sSQL);
if ($notify == 1) {
$sSQL = "SELECT studentcontact.studentcontact_email, studentcontact.studentcontact_fname, studentcontact.studentcontact_lname, contact_to_students.contact_to_students_student FROM contact_to_students INNER JOIN studentcontact ON contact_to_students.contact_to_students_contact = studentcontact.studentcontact_id WHERE contact_to_students_student={$studentid}";
if ($addresses = $db->get_results($sSQL)) {
$sSQL = "SELECT studentbio_fname, studentbio_lname FROM studentbio WHERE studentbio_id={$studentid}";
$student = $db->get_row($sSQL);
$sfname = $student->studentbio_fname;
$slname = $student->studentbio_lname;
require_once "class.phpmailer.php";
$mail = new PHPMailer();
// $mail->IsSMTP(); // send via SMTP
// $mail->Host = SMTP_SERVER; // SMTP servers
// $mail->SMTPAuth = true; // turn on SMTP authentication
// $mail->Username = SMTP_USER; // SMTP username
// $mail->Password = SMTP_PASSWORD; // SMTP password示例14: header
$db->query($custom_discipline_update_sql);
}
}
//adding a new field if one has been entered
if ($new_custom_field_id > 0 && $new_custom_field_data != '') {
$custom_discipline_insert_sql = "INSERT into custom_discipline_history SET \r\n\t\t\t\tcustom_field_id = '{$new_custom_field_id}', \r\n\t\t\t\tdiscipline_history_id = '{$disid}',\r\n\t\t\t\tdata = '{$new_custom_field_data}'";
$db->query($custom_discipline_insert_sql);
}
//end custom fields
$url = "admin_manage_discipline_2.php?studentid=" . $studentid . "&disid=" . $disid;
header("Location: {$url}");
exit;
} else {
$sschool = get_param("sschool");
$notify = get_param("notify");
$sSQL = "INSERT INTO discipline_history (discipline_history_student, discipline_history_school, discipline_history_year, discipline_history_code, discipline_history_date, discipline_history_sdate, discipline_history_edate, discipline_history_action, discipline_history_notes, discipline_history_reporter, discipline_history_user) VALUES ('" . $studentid . "', '" . $sschool . "', '" . $current_year . "', {$discode}, '{$disdate}', '{$sdate}', '{$edate}', " . tosql($disaction, "Text") . ", " . tosql($disnotes, "Text") . ", " . tosql($disreporter, "Text") . ", '" . $web_user . "')";
// echo $sSQL; exit;
$db->query($sSQL);
if ($notify == 1) {
$sSQL = "SELECT studentcontact.studentcontact_email, studentcontact.studentcontact_fname, studentcontact.studentcontact_lname, contact_to_students.contact_to_students_student FROM contact_to_students INNER JOIN studentcontact ON contact_to_students.contact_to_students_contact = studentcontact.studentcontact_id WHERE contact_to_students_student={$studentid}";
if ($addresses = $db->get_results($sSQL)) {
$sSQL = "SELECT studentbio_fname, studentbio_lname FROM studentbio WHERE studentbio_id={$studentid}";
$student = $db->get_row($sSQL);
$sfname = $student->studentbio_fname;
$slname = $student->studentbio_lname;
require_once "class.phpmailer.php";
$mail = new PHPMailer();
// // $mail->IsSMTP(); // send via SMTP
// // $mail->Host = SMTP_SERVER; // SMTP servers
// // $mail->SMTPAuth = true; // turn on SMTP authentication
// // $mail->Username = SMTP_USER; // SMTP username示例15: get_param
$health_codes_id = get_param("id");
if ($norem = $db->get_results("SELECT health_history_code FROM health_history WHERE health_history_code='" . $health_codes_id . "'")) {
$msgFormErr = _HEALTH_CODES_NOT_REMOVED;
} else {
$sSQL = "DELETE FROM health_codes WHERE health_codes_id='" . $health_codes_id . "'";
$db->query($sSQL);
}
break;
case "add":
$health_codes_desc = get_param("healthname");
//Check for duplicates
$tot = $db->get_var("SELECT count(*) FROM health_codes WHERE health_codes_desc='{$health_codes_desc}'");
if ($tot > 0) {
$msgFormErr = _HEALTH_CODES_DUP;
} else {
$sSQL = "INSERT INTO health_codes (health_codes_desc) VALUES (" . tosql($health_codes_desc, "Text") . ")";
$db->query($sSQL);
}
break;
case "edit":
$health_codes_id = get_param("id");
$sSQL = "SELECT health_codes_desc FROM health_codes WHERE health_codes_id='" . $health_codes_id . "'";
$health_codes_desc = $db->get_var($sSQL);
break;
case "update":
$health_codes_id = get_param("id");
$health_codes_desc = get_param("healthname");
$sSQL = "UPDATE health_codes SET health_codes_desc='{$health_codes_desc}' WHERE health_codes_id='" . $health_codes_id . "'";
$db->query($sSQL);
break;
}