-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinsertPromo.php
35 lines (25 loc) · 1.51 KB
/
insertPromo.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
<?php
require_once("../header.php");
header("Access-Control-Allow-Methods: POST");
header("Access-Control-Allow-Headers: Content-Type");
header("Content-Type: multipart/form-data"); //上傳內容包含圖片。故使用form
try {
require_once("../connectGridIsland.php");
$sql ="insert into promo (promo_id, promo_code, promo_detail, promo_amount, promo_start_date, promo_end_date, marquee_state, promo_pub_start, promo_pub_end)
values (null, :promo_code, :promo_detail, :promo_amount, :promo_start_date, :promo_end_date,:marquee_state, :promo_pub_start_date, :promo_pub_end_date)";
$promos = $pdo->prepare( $sql );//使用prepare,避免隱碼攻擊
$promos->bindValue(":promo_code", $_POST["promo_code"]);
$promos->bindValue(":promo_detail", $_POST["promo_detail"]);
$promos->bindValue(":promo_amount", $_POST["promo_amount"]);
$promos->bindValue(":promo_start_date", $_POST["promo_start_date"]);
$promos->bindValue(":promo_end_date", $_POST["promo_end_date"]);
$promos->bindValue(":marquee_state", $_POST["marquee_state"]);
$promos->bindValue(":promo_pub_start_date", $_POST["promo_pub_start_date"] == "null"?null: $_POST["promo_pub_start_date"]);
$promos->bindValue(":promo_pub_end_date", $_POST["promo_pub_end_date"]=="null"?null:$_POST["promo_pub_end_date"]);
$promos->execute(); //執行
$result = ["error" => false,"msg"=>"成功上傳優惠碼"];
} catch (PDOException $e) {
$result = ["error" => true, "msg" => $e->getMessage()];
}
echo json_encode($result);
?>