Codice PHP:
<?php
session_start();
require_once('Connections/myconn.php');
require_once('login_check.php');
### CONNECT TO THE DATABASE
mysql_select_db($database_myconn) or die(mysql_error());
$sql = "select * from credits where price = 0";
$r = mysql_query($sql,$myconn) or die(mysql_error());
$credit = mysql_fetch_assoc($r);
# insert new transaction into accounting table in database
//build insert sql
$insert = "insert into accounting (`photoLimit`,`item`,`payment_gross`,`payment_status`,`active`,`payment_date`,`mid`,`title`,`description`,`days`,`numCredit`)
values (".$credit['photoLimit'].",'3','0','FREE','Yes',NOW(),".$_SESSION['memberID'].",'".$credit['title']."','".$credit['description']."',".$credit['days'].",".$credit['numCredit'].")";
$creditsql = 'select * from accounting where id = '.$_REQUEST['credit'];
$creditR = mysql_query($creditsql,$myconn) or die(mysql_error());
$credit = mysql_fetch_assoc($creditR);
$updateSQL = sprintf("UPDATE members SET emailNotify=%s, description=%s, address=%s, city=%s, `state`=%s, zip=%s, membership=%s, email=%s, `expires`=DATE_ADD(NOW(), INTERVAL ".$credit['days']." DAY), phone=%s, emailCities='".$citySTR."', emailBed=%s, emailBath=%s, sitoweb=%s, cognome=%s, fax=%s, cell=%s, piva=%s WHERE id=%s",
GetSQLValueString($_POST['emailNotify'], "text"),
GetSQLValueString($_POST['description'], "text"),
GetSQLValueString($_POST['address'], "text"),
GetSQLValueString($_POST['city'], "text"),
GetSQLValueString($_POST['state'], "text"),
GetSQLValueString($_POST['zip'], "text"),
GetSQLValueString($_POST['membership'], "text"),
GetSQLValueString($_POST['email'], "text"),
GetSQLValueString($_POST['expires'], "date"),
GetSQLValueString($_POST['phone'], "text"),
GetSQLValueString($_POST['emailBed'], "text"),
GetSQLValueString($_POST['emailBath'], "text"),
GetSQLValueString($_POST['sitoweb'], "text"),
GetSQLValueString($_POST['cognome'], "text"),
GetSQLValueString($_POST['fax'], "text"),
GetSQLValueString($_POST['cell'], "text"),
GetSQLValueString($_POST['piva'], "text"),
GetSQLValueString($_POST['id'], "int"));
//echo $insert;
mysql_query($insert,$myconn) or die(mysql_error());
$insertGoTo = "a_index.php";
header(sprintf("Location: %s", $insertGoTo));
?>