<?php
header("Content-Type: text/html; charset=utf-8");
if(isset($_COOKIE["id"]))
;
else{
echo "<script language='javascript'>window.location.replace('volunteer.php');</script>";
return;
}
$id=$_COOKIE["id"];
$mysql_host = SAE_MYSQL_HOST_M;
$mysql_host_s = SAE_MYSQL_HOST_S;
$mysql_port = SAE_MYSQL_PORT;
$mysql_user = SAE_MYSQL_USER;
$mysql_password = SAE_MYSQL_PASS;
$mysql_database = SAE_MYSQL_DB;
$mysql_table = "volunteer";
$con = mysql_connect($mysql_host.':'.$mysql_port, $mysql_user, $mysql_password, true);
if (!$con){
die('Could not connect: ' . mysql_error());
}
mysql_query("SET NAMES 'UTF8'");
mysql_select_db($mysql_database, $con);
$idadd = mysql_real_escape_string($_POST['Id']);
$nameadd = mysql_real_escape_string($_POST['Name']);
$callnamberadd= mysql_real_escape_string($_POST['Callnamber']);
$Result = mysql_query("SELECT * FROM ".$mysql_table." WHERE id='".$idadd."'");
$row = mysql_fetch_array($Result);
if ($row){
echo "<script>alert('此学号已添加,请勿重复添加');</script>";
echo '<script language=\'javascript\'>window.location.replace(\'addvolunteer.php\');</script>';
return;
}
$Result = mysql_query("SELECT * FROM ".$mysql_table." WHERE id='".$id."'");
$row = mysql_fetch_array($Result);
$power = $row[power];
if ($power ==2 ){
$sql = "insert into volunteer (id,password,name,callnamber,power) values('$idadd','$idadd','$nameadd','$callnamberadd',1)";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
else{
echo "<script>alert('添加成功');</script>";
echo '<script language=\'javascript\'>window.location.replace(\'addvolunteer.php\');</script>';
return;
}
}
else{
echo "<script>alert('您没有此权限!');</script>";
echo '<script language=\'javascript\'>window.location.replace(\'index.php\');</script>';
return;
}
?>