='4.1.0') { include_once('vars4.1.0.php'); }else { include_once('vars4.0.6.php'); } //connect to database $dbc=mysql_connect(_SRV,_ACCID,_PWD) or die(_ERROR15.": ".mysql_error()); $db=mysql_select_db("QPL",$dbc) or die(_ERROR17.": ".mysql_error()); $target_path = "data/"; $target_path = $target_path . basename( $_FILES['uploadedfile']['name']); //print_r($_FILES); if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) { echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded"; } else{ echo "There was an error uploading the file, please try again!"; } switch(postVar('action')) { case 'oqcdata' : oqcdata(postVar('mod'),postVar('no'),postVar('lotno'),postVar('date'), postVar('sym'),postVar('coz'),postVar('stat'),postVar('cm'),postVar('detail')); break; } function oqcdata($mod,$no,$lotno,$date,$sym,$coz,$stat,$cm,$detail) { $Model = mysql_real_escape_string($mod); $Serial = mysql_real_escape_string($no); $Lot = mysql_real_escape_string($lotno); $Date = mysql_real_escape_string($date); $Sym = mysql_real_escape_string($sym); $Coz = mysql_real_escape_string($coz); $Stat = mysql_real_escape_string($stat); $CM = mysql_real_escape_string($cm); $Detail = mysql_real_escape_string($detail); $Model = strtoupper($Model); $Serial = strtoupper($Serial); $Lot = strtoupper($Lot); $Sym = stripcslashes($Sym); $Coz = stripcslashes($Coz); $Stat = stripcslashes($Stat); //build query $sql = "INSERT INTO OQC "; $sql.= "(Model, Serial, Lotno, Date, Symptom, Cause, Status, CM,Detail) "; $sql.= "VALUES ('"; $sql.= $Model."','".$Serial."','".$Lot."','".$Date."','".$Sym."','".$Coz."','"; $sql.= $Stat."','".$CM."','".$Detail."')"; echo $sql; $result=mysql_query($sql) or die(_ERROR26.": ".mysql_error()); echo $result; mysql_close($dbc); } ?>