ZIP/X2/adm.back/newwinformupdate.php



<title>ZIP/X2/adm.back/newwinformupdate.php</title>


<div class="header">ZIP/X2/adm.back/newwinformupdate.php</div>
<pre>&lt;?php
$sub_menu = &#039;100310&#039;;
require_once &#039;./_common.php&#039;;

$nw_id = isset($_REQUEST[&#039;nw_id&#039;]) ? (string)preg_replace(&#039;/[^0-9]/&#039;, &#039;&#039;, $_REQUEST[&#039;nw_id&#039;]) : 0;

if ($w == &quot;u&quot; || $w == &quot;d&quot;) {
    check_demo();
}

if ($w == &#039;d&#039;) {
    auth_check_menu($auth, $sub_menu, &quot;d&quot;);
} else {
    auth_check_menu($auth, $sub_menu, &quot;w&quot;);
}

check_admin_token();

$nw_subject = isset($_POST[&#039;nw_subject&#039;]) ? strip_tags(clean_xss_attributes($_POST[&#039;nw_subject&#039;])) : &#039;&#039;;
$posts = array();

$check_keys = array(
    &#039;nw_device&#039; =&gt; &#039;str&#039;,
    &#039;nw_division&#039; =&gt; &#039;str&#039;,
    &#039;nw_begin_time&#039; =&gt; &#039;str&#039;,
    &#039;nw_end_time&#039; =&gt; &#039;str&#039;,
    &#039;nw_disable_hours&#039; =&gt; &#039;int&#039;,
    &#039;nw_left&#039; =&gt; &#039;int&#039;,
    &#039;nw_top&#039; =&gt; &#039;int&#039;,
    &#039;nw_height&#039; =&gt; &#039;int&#039;,
    &#039;nw_width&#039; =&gt; &#039;int&#039;,
    &#039;nw_content&#039; =&gt; &#039;text&#039;,
    &#039;nw_content_html&#039; =&gt; &#039;text&#039;,
);

foreach ($check_keys as $key =&gt; $val) {
    if ($val === &#039;int&#039;) {
        $posts[$key] = isset($_POST[$key]) ? (int) $_POST[$key] : 0;
    } elseif ($val === &#039;str&#039;) {
        $posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : 0;
    } else {
        $posts[$key] = isset($_POST[$key]) ? trim($_POST[$key]) : 0;
    }
}

$sql_common = &quot; nw_device = &#039;{$posts[&#039;nw_device&#039;]}&#039;,
                nw_division = &#039;{$posts[&#039;nw_division&#039;]}&#039;,
                nw_begin_time = &#039;{$posts[&#039;nw_begin_time&#039;]}&#039;,
                nw_end_time = &#039;{$posts[&#039;nw_end_time&#039;]}&#039;,
                nw_disable_hours = &#039;{$posts[&#039;nw_disable_hours&#039;]}&#039;,
                nw_left = &#039;{$posts[&#039;nw_left&#039;]}&#039;,
                nw_top = &#039;{$posts[&#039;nw_top&#039;]}&#039;,
                nw_height = &#039;{$posts[&#039;nw_height&#039;]}&#039;,
                nw_width = &#039;{$posts[&#039;nw_width&#039;]}&#039;,
                nw_subject = &#039;{$nw_subject}&#039;,
                nw_content = &#039;{$posts[&#039;nw_content&#039;]}&#039;,
                nw_content_html = &#039;{$posts[&#039;nw_content_html&#039;]}&#039; &quot;;

if ($w == &quot;&quot;) {
    $sql = &quot; insert {$g5[&#039;new_win_table&#039;]} set $sql_common &quot;;
    sql_query($sql);
    $nw_id = sql_insert_id();
    run_event(&#039;admin_newwin_created&#039;, $nw_id);
} elseif ($w == &quot;u&quot;) {
    $sql = &quot; update {$g5[&#039;new_win_table&#039;]} set $sql_common where nw_id = &#039;$nw_id&#039; &quot;;
    sql_query($sql);
    run_event(&#039;admin_newwin_updated&#039;, $nw_id);
} elseif ($w == &quot;d&quot;) {
    $sql = &quot; delete from {$g5[&#039;new_win_table&#039;]} where nw_id = &#039;$nw_id&#039; &quot;;
    sql_query($sql);
    run_event(&#039;admin_newwin_deleted&#039;, $nw_id);
}

if ($w == &quot;d&quot;) {
    goto_url(&#039;./newwinlist.php&#039;);
} else {
    goto_url(&quot;./newwinform.php?w=u&amp;amp;nw_id=$nw_id&quot;);
}
</pre>