You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
66 lines
2.8 KiB
66 lines
2.8 KiB
<?php
|
|
include "header.php";
|
|
|
|
if(isset($_POST['update'])) {
|
|
function user_input( $data ) {
|
|
$data1 = trim($data);
|
|
$data2 = stripslashes($data1);
|
|
$data3 = htmlspecialchars($data2);
|
|
return $data3;
|
|
}
|
|
|
|
$id = $_POST['id'];
|
|
$accounttype = user_input($_POST["accounttype"]);
|
|
$accountid = user_input($_POST["accountid"]);
|
|
$pwd = user_input($_POST["pwd"]);
|
|
$name = user_input($_POST["name"]);
|
|
$tel = user_input($_POST["tel"]);
|
|
$address = user_input($_POST["address"]);
|
|
$email = user_input($_POST["email"]);
|
|
$lineid = user_input($_POST["lineid"]);
|
|
$wechatid = user_input($_POST["wechatid"]);
|
|
$phone_call_help = user_input($_POST["phone_call_help"]);
|
|
$chat_for_help = user_input($_POST["chat_for_help"]);
|
|
$remote_help = user_input($_POST["remote_help"]);
|
|
$repairerid = user_input($_POST["repairerid"]);
|
|
$manager = user_input($_POST["manager"]);
|
|
$department_id = user_input($_POST["department_id"]);
|
|
$role_id = user_input($_POST["role_id"]);
|
|
$creater = user_input($_POST["creater"]);
|
|
$create_at = date('Y/m/d H:i:s');
|
|
|
|
|
|
|
|
$db_query = "UPDATE account set pwd = '$pwd', name = '$name', tel = '$tel', address = '$address', ";
|
|
$db_query .= "email = '$email', lineid = '$lineid', wechatid = '$wechatid', phone_call_help = '$phone_call_help', chat_for_help = '$chat_for_help', ";
|
|
$db_query .= "remote_help = '$remote_help', repairerid = '$repairerid', manager = '$manager', ";
|
|
$db_query .= "department_id = '$department_id', role_id = '$role_id', create_at = '$create_at' WHERE id='$id'";
|
|
mysqli_query($link, $db_query);
|
|
$affected = mysqli_affected_rows($link);
|
|
|
|
if (($accounttype == "B" || $accounttype == "E" || $accounttype == "M") && $department_id && $role_id) {
|
|
$sql = "select permission from department where department_id = '$department_id' and role_id = '$role_id'";
|
|
$res = mysqli_query($link, $sql);
|
|
if ($row = mysqli_fetch_row($res)) {
|
|
$db_query = "update account_auth set permission = '$row[0]' where accountid = '$accountid'";
|
|
mysqli_query($link, $db_query);
|
|
}
|
|
mysqli_free_result($res);
|
|
}
|
|
|
|
mysqli_close($link);
|
|
if ($affected > 0) {
|
|
echo "<script type ='text/JavaScript'>";
|
|
echo "alert('update成功');";
|
|
echo "location.href='account-index.php?function_name=account&".$token_link."';";
|
|
echo "</script>";
|
|
} elseif ($affected == 0) {
|
|
echo "<script type ='text/JavaScript'>";
|
|
echo "alert('無新增資料');";
|
|
echo "location.href='account-index.php?function_name=account&".$token_link."';";
|
|
echo "</script>";
|
|
} else {
|
|
echo "{$db_query} 語法執行失敗,錯誤訊息SSS: " . mysqli_error($link);
|
|
}
|
|
}
|
|
?>
|