IQM: comparison fhiiqm/partner

equal deleted inserted replaced

-:ef68113ff309
+:6288d5685bff
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+	<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
+	<link href="css/db.css" rel="STYLESHEET" type="TEXT/CSS" />
+	<title>Eingabe Partner</title>
+</head>
+<body>
+<div class="float-r"><img src="img/group_gear.png" border="0" alt="Partnerdaten eingeben" title="Partnerdaten eingeben"/></div>
+<?php
+/**
+* @author Bettina Schwarzer, Fritz-Haber-Institut
+* @copyright 07/2011
+*
+* INSERT Partnerdaten
+*/
+error_reporting(E_ALL ^ E_NOTICE);
+	include_once($_SERVER['DOCUMENT_ROOT'] ."/fhiiqm/inc/dbconnect.inc.php");
+	$ok		= $_POST["ok"];
+	$ins	= $_POST["ins"];
+$part    = $_POST["part"];
+if (!$part['okn']) $ok=false;
+//    print_r($part);
+if (!$ok || !$ins )
+{
+$upd = $ins; // wegen filename-Pruefung bei Upload
+include_once("form/partner_form.inc.php");
+if ($ins == "eingeben" )
+		{
+		  	$frage = "Alle Angaben ok?";
+			echo "<tr>
+			  <td class=\"red\" valign=\"top\" align=\"left\">$frage</td>
+			        <td><input type=\"checkbox\" name=\"ok\" value=\"1\"";
+			        if ($ok)  echo "checked";
+			echo "></td>\n</tr>\n";
+		}
+		echo "<tr>\n";
+		echo "
+		  <td>&nbsp;</td>
+		  <td><input class=\"button\" type=\"submit\" value=\"eingeben\" name=\"ins\" title=\"insert\" /></td>\n";
+		echo "</tr>\n";
+echo "</table>\n";
+echo "</div>\n";
+echo "</form>\n";
+}
+else
+{
+echo "<div align='center'>\n";
+//daten speichern
+	if (!isset($dbc) || !$dbc) $dbc = new dbconnection();
+$part["firma"] = substr($part["firma"],0,50);
+$part["nname"] = substr($part["nname"],0,30);
+$part["vname"] = substr($part["vname"],0,30);
+if ($part['anr']== -1) $part['anr']=null;
+$part["titel"] = substr($part["titel"],0,10);
+$part["tel"] = substr($part["tel"],0,20);
+$part["mobil"] = substr($part["motel"],0,20);
+$part["fax"] = substr($part["fax"],0,20);
+$part["email"] = substr($part["email"],0,20);
+$part["ort"] = substr($part["ort"],0,50);
+$part["str"] = substr($part["str"],0,50);
+$part["plz"] = substr($part["plz"],0,10);
+$part["bem"] = substr($part["bem"],0,500);
+foreach ($part as $key=>$value)
+{
+// NULL - Eintrag in Tabelle
+			if (is_null($value) || $value < "!") $part["$key"] = null;
+}
+// vermeiden von SQL-Injection
+$stmt = $dbc -> stmtinit();
+if (is_object($stmt))
+{
+$stmt -> prepare("INSERT INTO fhiiqm.Partner (part_firma,part_nachname,part_vorname,part_titel,part_anrede,
+part_strasse,part_ort,part_plz,part_tel,part_fax,part_mobil,part_email,part_bemerkung)
+VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)");
+$stmt -> bind_param('sssssssssssss',$part["firma"],$part["nname"],$part["vname"],$part["titel"],$part['anr'],
+$part["str"],$part["ort"],$part["plz"],$part["tel"],$part["fax"],$part["motel"],$part["email"],$part["bem"]);
+$result = $stmt -> execute();
+}
+if ($dbc->error) echo "error: " . $dbc->error . "<br><br>\n";
+//        $result=1;
+if ($result)
+{
+// INSERT o.k.
+// part_ID ermitteln
+$pid = $dbc -> insertId();
+echo "<p class='green'><b>Partnerdaten zu ID '$pid' wurden erfolgreich gespeichert.</b></p>\n";
+echo "<br /><br />\n";
+// Anzeigen gespeicherte Partnerdaten
+include ("inc/partner_dat_show.inc.php");
+}
+else
+echo "<p class='red'>Eingabe der Partnerdaten ist fehlgeschlagen!</p>\n";
+$dbc -> close();
+echo "</div>\n";
+echo "<p>&nbsp;&nbsp;&nbsp;<a href=\"partner_ins.php\" target=\"_self\" title=\"Partner erfassen\">Weiteren Partner erfassen</a></p>\n";
+}
+?>
+</body>
+</html>

changeset 1	6288d5685bff
child 13	741b35e9ebbe