'')
{
$pathimg="uploadpdf/".$upload[name];//ชื่อโฟรเดอร์ที่เก็บข้อมูล
copy($upload[tmp_name],$pathimg);
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
$updateSQL = sprintf("UPDATE arunew SET `date`=%s, content=%s, pdf=%s WHERE id=%s",
GetSQLValueString($_POST['date'], "date"),
GetSQLValueString($_POST['content'], "text"),
GetSQLValueString($pathimg, "text"),
GetSQLValueString($_POST['id'], "int"));
mysql_select_db($database_myconnection, $myconnection);
$Result1 = mysql_query($updateSQL, $myconnection) or die(mysql_error());
$updateGoTo = "edit.php";
if (isset($_SERVER['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $updateGoTo));
}
$colname_Recordset1 = "-1";
if (isset($_GET['id'])) {
$colname_Recordset1 = $_GET['id'];
}
mysql_select_db($database_myconnection, $myconnection);
$query_Recordset1 = sprintf("SELECT * FROM arunew WHERE id = %s", GetSQLValueString($colname_Recordset1, "int"));
$Recordset1 = mysql_query($query_Recordset1, $myconnection) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO arunew (`date`, content, pdf) VALUES (%s, %s, %s)",
GetSQLValueString($_POST['date'], "date"),
GetSQLValueString($_POST['content'], "text"),
GetSQLValueString($pathimg, "text"));
mysql_select_db($database_myconnection, $myconnection);
$Result1 = mysql_query($insertSQL, $myconnection) or die(mysql_error());
$insertGoTo = "admin.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
?>
เพิ่มข้อมูล