1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
<?php require_once "inc/configure.php";
$name = filter_var($_REQUEST['name'], FILTER_SANITIZE_STRING);
//(int)$_REQUEST['productID'];
//vdump($_REQUEST);
if( $_REQUEST['action']=="master_setting_modifyform" && !empty($name) ){
$desc_en = filter_var($_REQUEST['desc_en'], FILTER_SANITIZE_STRING);
$desc_sc = filter_var($_REQUEST['desc_sc'], FILTER_SANITIZE_STRING);
$val = filter_var($_REQUEST['val'], FILTER_SANITIZE_STRING);
$lastupby = filter_var($_SESSION['user'], FILTER_SANITIZE_STRING);
$sql = "UPDATE master_setting SET
desc_en = :desc_en,
desc_sc = :desc_sc,
val = :val,
lastupby = :lastupby,
lastupdate = NOW()
WHERE `name`=:name";
if(defined("MSSQL")){
$sql = "UPDATE master_setting SET
desc_en = :desc_en,
desc_sc = :desc_sc,
val = :val,
lastupby = :lastupby,
lastupdate = getdate()
WHERE name=:name";
}
$sth = $dbh->prepare($sql);
$q= $sth->execute( array(':name' => $name,
':desc_en' => $desc_en,
':desc_sc' => $desc_sc,
':val' => $val,
':lastupby' => $lastupby) );
pdo_showerror($sth, $q);
/*echo $sth->getSQL( ) . HTML_EOL;*/
//exit;
header("Location: master_setting_modifyform.php?name=$name&msg=Saved.");
print "Saved.";
exit;
}
print "Invalid Request";
|