Código PHP:
Ver original<?php require_once('../Connections/ficha1.php'); ?>
<?php
}
$MM_authorizedUsers = "0";
$MM_donotCheckaccess = false;
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = false;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); $isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
$isValid = true;
}
if (($strUsers == "") && false) {
$isValid = true;
}
}
return $isValid;
}
$MM_restrictGoTo = "muestra.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized
("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; $MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); }
?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") {
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ?
intval($theValue) : "NULL"; break;
case "double":
$theValue = ($theValue != "") ?
"'" . doubleval($theValue) . "'" : "NULL"; break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); }
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form")) { $insertSQL = sprintf("INSERT INTO respuestas (SN1, SN2, SN3, SN4, SN5, SN6, SN7, SN8, SN9, SN10, SN11, SN12, SN13, SN14, SN15, SN16, SN17, SN18, SN19, SN20, SN21, SN22, SN23, SN24, SN25, SN26, SN27, t1, t2, t3, t4, t5, t6, t7, t8, t9, t10, t11, t12, t13, cont1, cont2, cont3, cont4, cont5, cont6, cont7, cont8, cont9, cont10, cont11, cont12, cont13, idi0, idi1, idi2, idi3) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, NOW())", GetSQLValueString($_POST['SN1'], "int"),
GetSQLValueString($_POST['SN2'], "int"),
GetSQLValueString($_POST['SN3'], "int"),
GetSQLValueString($_POST['SN4'], "int"),
GetSQLValueString($_POST['SN5'], "int"),
GetSQLValueString($_POST['SN6'], "int"),
GetSQLValueString($_POST['SN7'], "int"),
GetSQLValueString($_POST['SN8'], "int"),
GetSQLValueString($_POST['SN9'], "int"),
GetSQLValueString($_POST['SN10'], "int"),
GetSQLValueString($_POST['SN11'], "int"),
GetSQLValueString($_POST['SN12'], "int"),
GetSQLValueString($_POST['SN13'], "int"),
GetSQLValueString($_POST['SN14'], "int"),
GetSQLValueString($_POST['SN15'], "int"),
GetSQLValueString($_POST['SN16'], "int"),
GetSQLValueString($_POST['SN17'], "int"),
GetSQLValueString($_POST['SN18'], "int"),
GetSQLValueString($_POST['SN19'], "int"),
GetSQLValueString($_POST['SN20'], "int"),
GetSQLValueString($_POST['SN21'], "int"),
GetSQLValueString($_POST['SN22'], "int"),
GetSQLValueString($_POST['SN23'], "int"),
GetSQLValueString($_POST['SN24'], "int"),
GetSQLValueString($_POST['SN25'], "int"),
GetSQLValueString($_POST['SN26'], "int"),
GetSQLValueString($_POST['SN27'], "int"),
GetSQLValueString($_POST['t1'], "text"),
GetSQLValueString($_POST['t2'], "text"),
GetSQLValueString($_POST['t3'], "text"),
GetSQLValueString($_POST['t4'], "text"),
GetSQLValueString($_POST['t5'], "text"),
GetSQLValueString($_POST['t6'], "text"),
GetSQLValueString($_POST['t7'], "text"),
GetSQLValueString($_POST['t8'], "text"),
GetSQLValueString($_POST['t9'], "text"),
GetSQLValueString($_POST['t10'], "text"),
GetSQLValueString($_POST['t11'], "text"),
GetSQLValueString($_POST['t12'], "text"),
GetSQLValueString($_POST['t13'], "text"),
GetSQLValueString($_POST['cont1'], "text"),
GetSQLValueString($_POST['cont2'], "text"),
GetSQLValueString($_POST['cont3'], "text"),
GetSQLValueString($_POST['cont4'], "text"),
GetSQLValueString($_POST['cont5'], "text"),
GetSQLValueString($_POST['cont6'], "text"),
GetSQLValueString($_POST['cont7'], "text"),
GetSQLValueString($_POST['cont8'], "text"),
GetSQLValueString($_POST['cont9'], "text"),
GetSQLValueString($_POST['cont10'], "text"),
GetSQLValueString($_POST['cont11'], "text"),
GetSQLValueString($_POST['cont12'], "text"),
GetSQLValueString($_POST['cont13'], "text"),
GetSQLValueString($_POST['idi0'], "text"),
GetSQLValueString($_POST['idi1'], "text"),
GetSQLValueString($_POST['idi2'], "text"),
GetSQLValueString($_POST['idi3'], "text"));
$insertGoTo = "final.php";
if (isset($_SERVER['QUERY_STRING'])) { $insertGoTo .= (strpos($insertGoTo, '?')) ?
"&" : "?"; $insertGoTo .= $_SERVER['QUERY_STRING'];
}
}
?>