ruạṛ
<?php session_start(); require_once $_SERVER['DOCUMENT_ROOT'].'/admin/scripts-includes/universal.php'; $connID = connect_to_db(); $code = clean_plain_data($_POST['code']); $discount = is_decimal_data($_POST['discount']); $discount_type = clean_plain_data($_POST['discount_type']); $start_date = strtotime($_POST['start_date']); $finish_date = strtotime($_POST['finish_date']); //validate $message = ''; if($code == ''){ $message .= 'Please enter a code. <br />';} if(!$discount){ $message .= 'Please enter a discount. <br />';} if($discount_type != '%' && $discount_type != '$'){ $message .= 'Please select discount type. <br />'; } if($discount_type == '%' && $discount > 100) { $message .= 'Discount may not be > 100%. <br />'; } if($finish_date <= $start_date) { $message .= 'Finish date must be after start date. <br />'; } if($message != '') { getout($message,'discounts.php'); exit; } //insert if(!$insert = mysql_query("insert into discount_codes (code, discount, discount_type, start_date, finish_date) values ('$code', '$discount', '$discount_type', '$start_date', '$finish_date')") ) { getout('There was an error creating the entry.'.mysql_error()); // exit; } $code_id = mysql_insert_id(); $message = 'Discount code added successfully.'; /** * return to previous page */ getout($message); exit; ?>
cải xoăn