analuixah

estou com o mesmo problema e não consigo encontrar solução : <?php if (!isset($_SESSION)) { session_start(); } $MM_authorizedUsers = ""; $MM_donotCheckaccess = "true"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && true) { $isValid = true; } return $isValid; } } $MM_restrictGoTo = "../login.php"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) $MM_referrer .= "?" . $QUERY_STRING; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck= . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?> <?php require_once('../Connections/ligar.php'); ?> <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { if (PHP_VERSION < 6) { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; } $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } $erro=""; if ((isset($_POST["MM_insert])) && ($_POST["MM_insert"] == "form1")) { mysql_select_db($database_ligar, $ligar); if (empty ($_POST['nome'])){ $erro=$erro." <br/> Preencha o Nome";} if (empty ($_POST['funcao'])){ $erro=$erro." <br/> Preencha a Função";} if(isset($_FILES['foto']['tmp_name']) && is_uploaded_file($_FILES['foto']['tmp_name'])){ if($_FILES['foto']['size']==0||$_FILES['foto']['size']>1000000){ $erro=$erro."<br/> Tamanho da foto inválido"; } }else $erro=$erro."<br/> Insira uma imagem"; if($erro=="){ //código da consulta da tabela mysql_select_db($database_ligar, $ligar); mysql_query("SET NAMES utf8", $ligar); $query_consulta_equipa = "SELECT * FROM equipa"; $consulta_equipa = mysql_query($query_consulta_equipa, $ligar) or die(mysql_error()); $row_consulta_equipa = mysql_fetch_assoc($consulta_equipa); $totalRows_consulta_equipa = mysql_num_rows($consulta_equipa); //código para inserir registos $editFormAction = $_SERVER['PHP_SELF]; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) { $insertSQL = sprintf("INSERT INTO equipa (nome, funcao) VALUES (%s, %s)", GetSQLValueString($_POST['nome'], "text"), GetSQLValueString($_POST['funcao'], "text")); mysql_select_db($database_ligar, $ligar); mysql_query("SET NAMES utf8", $ligar); $Result1 = mysql_query($insertSQL, $ligar) or die(mysql_error()); //inserir a imagem com o nome da chave $chave=mysql_insert_id(); $extencao=strrchr($_FILES['foto']['name'],"."); $nomeficheiro=$chave.$extencao; move_uploaded_file($_FILES['foto']['tmp_name'], "./img/".$nomeficheiro); $inserir=update equipa set foto ='".$nomeficheiro."' where id_equipa='".$chave."'"; $Result1 = mysql_query($inserir, $ligar) or die(mysql_error()); $insertGoTo = "inserir_equipa.php"; if (isset($_SERVER['QUERY_STRING])) { $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?"; $insertGoTo .= $_SERVER['QUERY_STRING']; } header(sprintf("Location: %s", $insertGoTo)); }} ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns=http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template.dwt" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <!-- InstanceBeginEditable name="doctitle" --> <title>Ginásio Puro Fitness</title> <!-- InstanceEndEditable --> <link href="../estilos.css" rel="stylesheet" type="text/css" /> <!-- InstanceBeginEditable name="head" --> <!-- InstanceEndEditable --> </head> <body> <div id="cabecalho"> <div id="logo"></div> <div id="header"> <ul> <li><a href="../index.php"> Indice </a></li> <li><a href="consulta_equipa.php"> Equipa </a></li> <li><a href="../modalidades/consulta_modalidades.php"> Serviços </a></li> <li><a href="../precario.php"> Preçario </a></li> <li><a href="../horario/consulta_horario.php"> Horários </a></li> <li><a href="../contactos.php"> Contactos </a></li> </ul> </div> </div> <div id="corpo"><!-- InstanceBeginEditable name="corpo" --> <form action="<?php echo $editFormAction; ?>" method="POST" enctype="multipart/form-data" name="form1" id="form1"> <table width="200" align="center"> <tr> <th colspan="2" scope="col"><div align="center" class="titulos">Equipa</div></th> </tr> <tr> <td colspan="2">&nbsp;</td> </tr> <tr> <td>Nome:</td> <td><label> <input type="text" name="nome" id="nome" /> </label></td> </tr> <tr> <td>Função:</td> <td><label> <input type="text" name="funcao" id="funcao" /> </label></td> </tr> <tr> <td>Foto:</td> <td><label> <input type="file" name="foto" id="foto" /> </label></td> </tr> <tr> <td><?php if (isset($erro) && $erro!="") echo $erro; ?></td> <td>&nbsp;</td> </tr> <tr> <td><label> <input type="submit" name="button" id="button" value="Inserir" /> <input type="hidden" name="MM_insert" value="form1" /> </label></td> <td>&nbsp;</td> </tr> </table> </form> <table width="531" height="172" border="0" align="center"> <tr> <td colspan="5"><div align="center"> <p class="titulos"><strong>Registo da equipa</strong></p> </div></td> </tr> <tr class="cabecalho_tabela"> <td> <div align="center">Nome </div></td> <td> <div align="center">Função </div></td> <td> <div align="center">Foto </div></td> <td colspan="2"><div align="center">Opções</div></td> </tr> <?php if($totalRows_consulta_equipa==0){ echo "<tr><td colspan='5' align='center'> não existe nenhum elemento na equipa</td></tr>"; }else{ do{ ?> <tr class="tabelas"> <td> <div align="center"><?php echo $row_consulta_equipa ['nome] ?></div></td> <td> <div align="center"><?php echo $row_consulta_equipa ['funcao'] ?></div></td> <td> <div align=center"><img src="img/<?php echo $row_consulta_equipa ['foto] ?>" width="100" height="100" /> </div></td> <td><div align="center"><a href="alterar_equipa.php?id=<?php echo $row_consulta_equipa['id_equipa'];?>" class=cor">Alterar </a> </div></td> <td><div align="center"><a href="eliminar_equipa.php?id=<?php echo $row_consulta_equipa['id_equipa];?>" class="cor"onclick="return confirm('Tem a certeza que prentende eliminar este professor/funcionario?')">Eliminar </a></div></td> </tr> <?php }while ($row_consulta_equipa = mysql_fetch_assoc($consulta_equipa)); }?> </table> <p>&nbsp;</p> <p><img src="../imagens/body_bgd.gif" alt="" width="822" height="1" /></p> <p class="cor">Copyright 2011 . Ana Gomes . <a href="../login.php" class="cor">Área Restrita</a></p> <!-- InstanceEndEditable --></div> </body> <!-- InstanceEnd --></html>