Uploading...
'; $param = stripslashes($_GET['p']); $menu = stripslashes($_GET['m']); $titleCV = str_replace("'","\'",stripslashes($_POST['titleHidden'])); $descCV = str_replace("'","\'",stripslashes($_POST['descHidden'])); $code = ""; $adm1n->dbconnect(); if($param=="") { do { $code = $adm1n->getRand(5); $result = $adm1n->qry("SELECT PageObjCode from page_object where PageObjCode=".$code); } while(mysql_num_rows($result)>0); $max = $adm1n->qry("SELECT max(Position) as Position from page_object"); $row_max = mysql_fetch_array($max); $nextPos = $row_max['Position'] + 1; $resTitle = $adm1n->qry("SELECT p.PageCode FROM page AS p INNER JOIN menu_element AS m ON p.MenuCode=m.MenuCode AND m.MenuCode=".stripslashes($menu)); $row = mysql_fetch_array($resTitle); $qry = "INSERT INTO page_object (PageObjCode, Title, Description, PageCode, Position, Info) VALUES (".$code.", '".$titleCV."', '".$descCV."', ".$row['PageCode'].", ".$nextPos.",'cv')"; $insertCourse = mysql_query($qry) or die ("Insert error: 1 ".mysql_error()); } else { $code = $param; $qry = "UPDATE page_object SET Title='".$titleCV."', Description='".$descCV."' WHERE PageObjCode=".$code; $updateCourse = mysql_query($qry) or die ("Update error: 1 ".mysql_error()); } echo ""; ?>