/var/www/hkosl.com/chineseaaedu/_process.php

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82

<?
include('webadmin/configure.php');
function mysql_install($array,$table,$action='add',$idname="",$id=""){ //array字串(array_keys),db table name,add=新db edit=修改,del= 刪除
    $arraykey=array_keys($array);
    if($action=='add'){
    $sql"INSERT INTO `".$table."` (";
    for($i=0;$i<count($array);$i++){
        if($i+1<count($array)){
            $dot=',';
        }else{
            $dot='';
        }
        $sql.= "`".$arraykey[$i]."`".$dot;
    }
    $sql.= ') values (';
    for($i=0;$i<count($array);$i++){
        if($i+1<count($array)){
            $dot=',';
        }else{
            $dot='';
        }
        //$sql.= "'".$array[$arraykey[$i]]."'".$dot;
        $sql.= "?".$dot;
    }
    $sql.= ')';
    }else if($action=='edit'){
        $sql="UPDATE `".$table."` SET "
        for($i=0;$i<count($array);$i++){
            if($i+1<count($array)){
                $dot=',';
            }else{
                $dot='';
            }
            //$sql.= "`".$arraykey[$i]."` = '".$array[$arraykey[$i]]."'".$dot;
            $sql.= "`".$arraykey[$i]."` = ?".$dot;
        }
        //$sql.=" WHERE `".$table."`.`".$idname."` =".$id.";";
        $sql.=" WHERE `".$table."`.`".$idname."` =?;";
    }else if($action=='del'){
        $sql.="DELETE FROM `".$table."` WHERE `".$table."`.`".$idname."` =".$id;
    }
    return $sql;
}
$data $_POST;
switch ($data['action']) {
    case 'subscribe':
      $back_link $data['back'];
      if(filter_var($data['email'], FILTER_VALIDATE_EMAIL)){
          $sql="SELECT count(*) as count FROM subscribe as tb where email = '".$data['email']."' and deleted = 0";
          $sth1 $dbh->prepare($sql);
          $sth1->execute();
          $record_email $sth1->fetch(PDO::FETCH_ASSOC);
          $sql="SELECT count(*) as count FROM subscribe as tb where ip = '".$_SERVER['REMOTE_ADDR']."' and timebox >= '".(time()-60)."' and deleted = 0";
          $sth1 $dbh->prepare($sql);
          $sth1->execute();
          $record_count $sth1->fetch(PDO::FETCH_ASSOC);
          if($record_email['count'] == && $record_count['count'] == 0){
              unset($data['action']);
              unset($data['back']);
              unset($data['lang']);
              $nowdate date('Y-m-d h:i:s');
              $data['deleted'] = 0;
              $data['timebox'] = time();
              $data['ip'] = $_SERVER['REMOTE_ADDR'];
              $data['lastupdate'] = $nowdate;
              $data['lastupby'] = '';
              $sql mysql_install($data,'subscribe','add');
              $arraykey=array_keys($data);
              for($i=0;$i<count($arraykey);$i++){
                  $parameters[$i]=$data[$arraykey[$i]];
              }
              $sth $dbh->prepare($sql);
              $sth->execute($parameters);
          }
      }
      $path $back_link;
      @header("Location: {$path}");
      echo "<script language='JavaScript'>window.location='{$path}'</script>";
      exit();
    break;
}
?>