";print_r($info);echo ""; return $info; } function readtableDB3(){ $conn = connectDBBDD(); $res = mysqli_query($conn,"SELECT id_colaborador,tipo FROM tbl_colaboladores;"); while($cRow = mysqli_fetch_array($res)){ $info[$cRow[0]] = $cRow[1]; } //$conn->close(); //echo "
";print_r($info);echo ""; return $info; } function readtableDB4($tbl){ $conn = connectDBBDD(); $res = mysqli_query($conn,"SELECT * FROM ".$tbl." WHERE activo = 1;"); while($cRow = mysqli_fetch_array($res)){ $info[$cRow[0]] = $cRow[2]; } //$conn->close(); //echo ""; return $info; } function readtableDB5($tbl,$id,$tb2){ $conn = connectDBBDD(); $str = ""; $res = mysqli_query($conn,"SELECT colaboradores FROM ".$tbl." WHERE id_documento = ".$id.";"); $txt = mysqli_fetch_array($res)[0]; $ids = explode(",",$txt); unset($ids[0]); //return "
".$txt."\n"; foreach($ids as $id){ $res = mysqli_query($conn,"SELECT nombre_completo FROM ".$tb2." WHERE id_colaborador = ".$id.""); //echo ""; $str .= "".substr(mysqli_fetch_array($res)[0],0,10).",
".print_r($ids)."
".$txt."\n"; for($a = 1;$a <= count($ids);$a++){ $ids2[$ids[$a]] = "*"; } //echo "
".print_r($ids)."
".$txt."\n"; return $ids2; } function dbvalor($id,$idc,$tbl,$tb2){ $conn = connectDBBDD(); $res = mysqli_query($conn,"SELECT ".$tb2." FROM ".$tbl." WHERE ".$idc." = ".$id.";"); $txt = mysqli_fetch_array($res)[0]; return $txt; } function guardar01($id,$str,$str2){ $conn = connectDBBDD(); $str2 = utf8_encode($str2); mysqli_query($conn,"UPDATE tbl_documentos SET colaboradores = '".$str."' WHERE id_documento = '".$id."';"); mysqli_query($conn,"UPDATE tbl_documentos SET autor = '".$str2."' WHERE id_documento = '".$id."';"); } function b64_de($txt){ $txt = base64_decode($txt); $txt = base64_decode($txt); $txt = base64_decode($txt); $txt = base64_decode($txt); return $txt; } function filtro_str_mysql($str){//,"'","#" /**/ $val = array( "SELECT","FROM","WHERE","ORDER", "INSERT","INTO","VALUES","UPDATE", "SET","PASSWORD","FLUSH","DELETE", "ALTER","TABLE","LOAD","CREATE", "SHOW","USE","DATABASE","TRIGGER", "EVENT","LOCK","ROUTINE","VIEW", "DROP","EXECUTE","REFERENCES", "UPDATE" );//,"\"" foreach($val as &$valor){ if(preg_match("/".strtoupper($valor)."\b/",strtoupper($str))) die(); } } function filtro_str($str){ if(($str == "") || ($str == '') || ($str == NULL)) die(); filtro_str_mysql($str); $str = strip_tags($str); //$txt = htmlentities($txt, ENT_NOQUOTES); //$txt = strtoupper($txt); //$txt = strtolower($txt); //$txt = urlencode($txt); $str = preg_replace("/#/", "", $str); $str = preg_replace("/'/", "", $str); $str = preg_replace("/\"/", "", $str); //$txt = htmlspecialchars($txt); //$str = htmlentities($str); return $str; } function formulario(){ unset($_GET); // --> Limpiar SQL IN define(URL, $_SERVER['REQUEST_URI']); -> $_SERVER['REQUEST_URI'] foreach($_POST as &$valor){ filtro_str_mysql($valor); } //print_r($_POST); if($_POST["status"] == "login"){//Hola 'xD', buen d�a a $var1 = filtro_str(b64_de($_POST["d1"])); // id $var2 = filtro_str($_POST["d2"]); // form-in $var3 = filtro_str($_POST["status"]); // login //echo "
";print_r($ids);print_r($ids2);echo "
Si hay más de un autor separar los nombres con comas.
'; if(!empty($tipocolaboradores)){ foreach ($tipocolaboradores as $tid => $tnombre){ if($tid == 0) continue; echo '";print_r(explode(",",$var2));echo "";
guardar01($var1,$var2,$var3);
echo readtableDB5("tbl_documentos",$var1,"tbl_colaboladores");
die();
}else die();
}
if($_GET['sefargzxfkdjfkldsmflakdsmaskdmfaoivaostbxtghbxbgtg'] == "adwdawd.edfa.waef5a6efaf.f1.f1aefa.aw4.f.ghe.4f.d...-egser"){
formulario();
}else if($_GET['sefargzlskmgfoirmnfsoirnfoaeinfozeifnosefnzekxtghbxbgtg'] == "adwdawdaefaefa.f8aef.46ae4fas8e4f.aef4.se4fsef.s8ef4es8f4d...-egser"){
filtros_head();
}else die();
?>