include "../cdbcon.inc";
if ($sess_div!="A" || $sess_home!=$home){
?>
}else{
include "../cdbcon.inc";
$sql1=mysql_query("select name,photo from students where num='$num'");
if (!$rs=mysql_fetch_array($sql1)){
?>
}
else{
if ($photo!="" && $rs[photo]!=""){
$upload_file=$rs[photo];
$file="../../".$s_no."/photo/".$upload_file;
unlink($file);
}
if ($photo!=""){
$save_dir="../../".$s_no."/photo";
$isUploaded=FALSE;
$upload_file=$photo;
if(!strcmp($upload_file,"none")){
continue;
}else{
$upload_file_name=$photo_name;
$upload_file_size=$photo_size;
$upload_file_type=$photo_type;
if ( $upload_file_size >= (150*1024)){
?>
}else{
$filename=explode(".",$upload_file_name);
$extension=$filename[sizeof($filename)-1];
if(!strcmp($extension,"html")||!strcmp($extension,"htm")||!strcmp($extension,"php")||!strcmp($extension,"phtml")||!strcmp($extension,"inc")||!strcmp($extension,"txt")||!strcmp($extension,"asp"))
{
continue;
}
$dest=$save_dir."/".$upload_file_name;
if ($upload_file_name!=""){
copy($upload_file,$dest);
}
$isUploaded=TRUE;
}
}
}
$info = addslashes($info);
$sql="update students set id='$id',name='$name',sex='$sex',number1='$number',number2='$number1',address='$address',tel='$tel',parentm='$parentm',parentf='$parentf',spplay='$spplay',birth='$birth',hobby='$hobby',speciality='$speciality',email='$email',homepage='$homepage',info='$info',";
if($photo!=""){
$sql=$sql."photo='$photo_name'";
}
if($sess_PW==""){
$sql=$sql."pwd='$pwd'";
}else{
$sql=$sql."parentpwd='$pwd'";
}
$sql=$sql." where num='$num'";
mysql_query($sql);
include "../../dbcon.inc";
$sql="update member set id='$id',name='$name',number1='$number',number2='$number1',parentf='$parentf',parentm='$parentm',s_no='$s_no',";
if($sess_PW==""){
$sql=$sql."pwd='$pwd'";
}else{
$sql=$sql."parentpwd='$pwd'";
}
$sql=$sql." where no='$num'";
mysql_query($sql);
?>
}
?>
}?>