"; $accfoldername = substr($tempname, 0, strpos($tempname, '/') ); if ($accfoldername=="shop001") $accfoldername=""; require_once($filepath.$backend."config".$accfoldername.".inc.php"); require_once($filepath.$backend."common.inc.php"); include("config.php"); if ( !empty($_SESSION["acccheck"]) && !empty($_SESSION["acclogin"]) ) { $sql= "SELECT * FROM `backend_user` WHERE skey = '".$_SESSION["acccheck"]."' AND login = '".$_SESSION["acclogin"]."'"; $rs = $db->query($sql); if (mysql_num_rows($rs) == 0) { header("Location: ../error.php"); exit; } } else { header("Location: ../error.php"); exit; } if ($id == "") { //check if ($temp_id == "") { header("Location: ".$page_address_list); exit; } //insert $sql = "INSERT INTO `".$page_tbname."` ( `id` ) VALUES ( NULL );"; $db->query($sql); $id = $db->insert_id(); if($temp_id != ""){ $sql = "UPDATE `attachment` SET `table_id` = '".$id."', `temp_id` = '' WHERE `table_name` = '".$page_tbname."' AND `temp_id` = '".$temp_id."'"; $db->query($sql); } } $tags_each= $tags; if ($tags_each){ foreach ($tags_each as $t){ $tags_id .= $t." "; } } //update $sql ="UPDATE `eshopdata` SET `display`='".escapeit($display)."', sorting='".escapeit($sorting)."', framestyle='".escapeit($framestyle)."', framehtml1='".escapeit($framehtml1)."', framehtml2='".escapeit($framehtml2)."', framehtml3='".escapeit($framehtml3)."', framehtml4='".escapeit($framehtml4)."', alt='".escapeit($alt)."', en_hyperlink='".escapeit($en_hyperlink)."', sc_hyperlink='".escapeit($sc_hyperlink)."', tc_hyperlink='".escapeit($tc_hyperlink)."', en_show='".escapeit($en_show)."', sc_show='".escapeit($sc_show)."', tc_show='".escapeit($tc_show)."', en_status='".escapeit($displayen)."', sc_status='".escapeit($displaysc)."', tc_status='".escapeit($displaytc)."' WHERE `id` = '".$id."'"; $db->query($sql); if (!empty($delfiles)) { foreach ($delfiles as $key => $value) { del_attachment($value, "../../"); } } header("Location: ".$page_address_list."?keepSession=1&page=".$page); exit; ?>