1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
<?php
include 'config.php';
// Check if the user is logged in
if ((!isSet($_SESSION['loginname'])) || ($loggin <> '1')) {
header("Location: login.php");
exit;
}
$nowdate = date("Y-m-d H:i:s");
$customer_id = $_POST["customer_id"];
//must
$customer_name = $_POST["customer_name"];
$customer_name_email = $_POST["customer_name"];
$email = $_POST["email"];
$customer_email = $_POST["email"];
$contact_number = $_POST["contact_number"];
$address = $_POST["address"];
$gender = $_POST["gender"];
//$date_of_purchase = $_POST["date_of_purchase"];
//$merchant_name = $_POST["merchant_name"];
//optional
$age_group = $_POST["age_group"];
$education_level = $_POST["education_level"];
$occupation = $_POST["occupation"];
$monthly_income = $_POST["monthly_income"];
$remarks = $_POST["remarks"];
$receive_promotes = $_POST["receive_promotes"];
//$free_mix_color = $_POST["free_mix_color"];
//checking required field
//if (empty($customer_name) || empty($gender) || empty($email) || empty($contact_number) || empty($address) || empty($date_of_purchase) || empty($merchant_name)) {
if (empty($customer_name) || empty($gender) || empty($email) || empty($contact_number) || empty($address)) {
echo "<script type='text/javascript'>
alert('必填的資料有漏空,請填寫所有切填項目!');
history.back();
</script>";
exit;
}
//checking email format
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo "<script type='text/javascript'>
alert('電子信箱格式出錯,請重新輸入!');
history.back();
</script>";
exit;
}
//checking the contact_number
if (!is_numeric($contact_number)) {
echo "<script type='text/javascript'>
alert('聯絡電話應是數字,請重新輸入!');
history.back();
</script>";
exit;
}
//data encryption
//include_once('../phpseclib0.3.6/Crypt/RSA.php');
set_include_path(get_include_path() . PATH_SEPARATOR . 'phpseclib0.3.6');
include('Crypt/RSA.php');
$rsa = new Crypt_RSA();
$public_key = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDH0i//hwmPSCUNAS9UiD3wSH43 NxwRKwGtHQKGarANuYNacSXb+rS2N0WKihz+aSkevePj5GZPtu21Fpx0Tt541DBl UrYL0vPK4S6QUX8I5vsOQ/XuIyh9NKcD2fbmf/1QrC+q7pv6xa6ctaV8u1RPGI7C AIPtMCrh9Pbg+EFo0wIDAQAB";
$rsa->loadKey($public_key); // public key
//$ciphertext = base64_encode($rsa->encrypt($plaintext));
$customer_name = base64_encode($rsa->encrypt($_POST["customer_name"]));
$email = base64_encode($rsa->encrypt($_POST["email"]));
$contact_number = base64_encode($rsa->encrypt($_POST["contact_number"]));
$address = base64_encode($rsa->encrypt($_POST["address"]));
//record data in database
//20140514
//$sql2 = "update customer_warranty set customer_name=?, gender=?, email=?, contact_number=?, address=?, region=?, age_group=?, education_level=?, occupation=?, monthly_income=?, merchant_name=?, date_of_purchase=?, series_code=?, model_code=?, serial_number=?, free_mix_color=?,fixed_warranty_year=?, extend_warranty_year=?, warranty_detail_sc=?, warranty_detail_tc=?, warranty_detail_en=?, free_mix_color=?,remarks=?, createby=?, createdate=?, lastupby=?, lastupdate=? where customer_id = ?";
//20140616
//$sql2 = "update customer_warranty set customer_name=?, gender=?, email=?, contact_number=?, address=?, age_group=?, education_level=?, occupation=?, monthly_income=?, merchant_name=?, date_of_purchase=?, free_mix_color=?,remarks=?, lastupby=?, lastupdate=?,receive_promotes=? where customer_id = ?";
$sql2 = "update customer_warranty set customer_name=?, gender=?, email=?, contact_number=?, address=?, age_group=?, education_level=?, occupation=?, monthly_income=?,remarks=?, lastupby=?, lastupdate=?,receive_promotes=? where customer_id = ?";
//$sql2 = "insert into customer_warranty (customer_name, gender, email, contact_number, address, region, age_group, education_level, occupation, monthly_income, merchant_name, date_of_purchase, series_code, model_code, serial_number, free_mix_color,fixed_warranty_year, extend_warranty_year, warranty_detail_sc, warranty_detail_tc, warranty_detail_en, createby, createdate, lastupby, lastupdate ) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
if (!($sth2 = $dbh->prepare($sql2))) {
throw new Exception('[' . $sth2->errorCode() . ']: ' . print_r($sth2->errorInfo()));
}
//20140514
//$parameters2 = array($customer_name, $gender, $email, $contact_number, $address, $region, $age_group, $education_level, $occupation, $monthly_income, $merchant_name, $date_of_purchase, $series, $model, $serial_num, $free_mix_color, $row{"fixed_warranty_year"}, $extend_warranty_year, $row{"warranty_detail_sc"}, $row{"warranty_detail_tc"}, $row{"warranty_detail_en"}, $free_mix_color,$remarks,"1", $nowdate, "1", $nowdate, $customer_id);
//20140616
//$parameters2 = array($customer_name, $gender, $email, $contact_number, $address, $age_group, $education_level, $occupation, $monthly_income, $merchant_name, $date_of_purchase, $free_mix_color, $remarks, $_SESSION['cmsloginid'], $nowdate, $receive_promotes, $customer_id);
$parameters2 = array($customer_name, $gender, $email, $contact_number, $address, $age_group, $education_level, $occupation, $monthly_income, $remarks, $_SESSION['cmsloginid'], $nowdate, $receive_promotes, $customer_id);
if (!$sth2->execute($parameters2)) {
throw new Exception('[' . $sth2->errorCode() . ']: ' . print_r($sth2->errorInfo()));
} else {
header("Location: customer_warranty_index.php?msg=Modify Successful");
}
?>
|