code that is echoing to screen filesadd.php
============================================
$array = split('[,]', $_POST['fileno']);
if (isset($_POST['submit'])) {
foreach ($array as $fileno) {
if ($fileno == '' && $box == ''){
echo '<div style="background-color:#ffa; padding:2px; color:#ff0000;font-size:12px;font-weight:normal">' . 'You must select a box & include a file' . '</div>';
}elseif ($fileno == ''){
echo '<div style="background-color:#ffa; padding:2px; color:#ff0000;font-size:12px;font-weight:normal">' . 'You must enter a file reference' . '</div>';
}elseif ($box == ""){
//echo error
echo '<div style="background-color:#ffa; padding:2px; color:#ff0000;font-size:12px;font-weight:normal">' . 'You must select a box' . '</div>';
}else{
$sql = "SELECT custref FROM files WHERE custref = '$fileno' ";
$result = runSQL($sql) or die(mysql_error());
if (mysql_num_rows($result)>0){
echo '<div style="background-color:#ffa; padding:2px; color:#ff0000;font-size:12px;font-weight:normal">' . $fileno . ' is already in the database. No duplicates' . '</div>';
}else{
//insert into db;
echo '<div style="background-color:#ffa; padding:2px; color:#33CC33;font-size:12px;font-weight:normal">' . $fileno . "Box: " . $box . $authorised . 'Successfull' . '</div>';
$sql = "INSERT INTO `files` (customer, authorisation, boxstatus, boxref, custref, filestatus) VALUES ('$customer', '$authorised', '$boxstatus', '$box', '$fileno', $filestatus)";
$result = runSQL($sql) or die(mysql_error());
//echo 'This record is valid';
//header("Location: http://localhost/sample/admin/files/index.php");
//exit();
}
}
}
}
|
