/
home
/
efamember
/
domains
/
efa-member.com
/
public_html
/
efa.or
/
ajax
/
profile
/
up file
home
<?php include('../../../config/main_function.php'); $secure = "cAh3DrJACzw4RbU"; $connection = connectDB($secure); if ($connection) { ///ถอด xapi $password = 'sd32f43q5we'; $xapi = 'CXgvsdf542sdfg'; $decryptedMessage = mysqli_real_escape_string($connection, $_POST['decryptedMessage']); if (decryptMessage($decryptedMessage, $password) == $xapi) { $work_id = mysqli_real_escape_string($connection, $_POST['work_id']); $member_id = mysqli_real_escape_string($connection, $_POST['member_id']); $month_start = mysqli_real_escape_string($connection, $_POST['month_start']); $year_start = mysqli_real_escape_string($connection, $_POST['year_start']); $month_end = mysqli_real_escape_string($connection, $_POST['month_end']); $year_end = mysqli_real_escape_string($connection, $_POST['year_end']); $company_name = mysqli_real_escape_string($connection, $_POST['company_name']); $company_address = mysqli_real_escape_string($connection, $_POST['company_address']); $position = mysqli_real_escape_string($connection, $_POST['position']); $job_description = mysqli_real_escape_string($connection, $_POST['job_description']); $now = date("Y-m-d"); $sql_insert = "INSERT INTO tbl_member_work_history SET `work_id` = '$work_id' , `member_id` = '$member_id' , `work_start_date` = '$now' , `resignation_date` = '$now' , `company_name` = '$company_name' , `company_address` = '$company_address' , `position` = '$position' , `job_discription` = '$job_description' "; $res_insert = mysqli_query($connection, $sql_insert) or die($connection->error); if ($res_insert) { $arr['result'] = 1; } else { $arr['result'] = 0; $arr['message'] = "sql Err."; } } else { $arr['result'] = 0; $arr['message'] = "xapi is valid"; } } else { $arr['result'] = 9; $arr['message'] = "Connection Error"; } echo json_encode($arr);