Location: PHPKode > projects > Club video list website > animelists/accept_listing.php
<!--
Animelists website
Copyright (C) 2002 Jeff Wartes

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.

-------------------------------------------------

A data processing page. Can add a new entry to the List, modify an existing entry,
or delete an existing entry.

$Id: accept_listing.php,v 1.3 2002/10/20 19:20:59 pyreforge Exp $
-->

<html>
<head><title>Processing data entry</title></head>
<style> <!-- @import url(animelists.css); --> </style>


<body>
<?php
if (!isset($COMMONINCLUDED)){
    include("common.php");
}
if (!isset($LATESTINCLUDED)){
    include("tracklatest.php");
}

/*
The following form data is assumed present: (TODO: look at global php vars to insure these are present)

$title: The title of the Show
$eps: The type of the collection, either "Movie", "Complete", or "Partial"
    if ($eps == "Complete")
        $seriesEps is defined and is an string representation of an integer
    if ($eps == "Partial")
        $episodesOwned is defined, and is a string. (May not represent a direct integer)
$format: The format of the collection, either "DVD", "VHS", "VCD", or "LaserDisc"
$language: The (english) language options for the collection, either "Subtitles", "Dubbed", or "Both".

The following form variable might be present:
    $comments: Any optional comments about the collection that the owner wishes to add.
    $time: The duration of the show in minutes, per episode if series
    $year: The year the show was released

If this Show already exists in the list, but should be changed or removed, the following will be set:
    $key: Indicates this is not a new entry. The key associated with the current listing of the Show
    $operation: Set to either 'modify' or 'delete'. The operation to be performed using the key.

The following cookie data is assumed present:
$username
$userpass

*/

//check for assumed cookie data
dieIfNoLogin();

if (!(isset($title) && isset($eps) && isset($format) && isset($language))){
    dieWithDataError();
}
if (($eps == "Complete" && !isset($seriesEps)) || ($eps == "Partial" && !isset($episodesOwned))){
    dieWithDataError();
}
if (isset($key) && !isset($operation)){
    dieWithDataError();
}

if (!isset($comments) || !$comments){
    $comments = "&nbsp;";
}


//Now that the assumed variables are confirmed, validate the user
if (!isset($USERINCLUDED)){
    include("userclass.php");
}

$userData = new UserList(USERDATAFILE);
$thisUser = $userData->getByName($username);
if (!$thisUser || !$thisUser->validateUser($username, $userpass)){
    dieWithInvalidUser();
}
/*
//Some error checking on the fields, shouldn't rely on client-side JavaScript
//Don't need to be too user friendly though, since (assuming the JavaScript testing works) only
//deliberate attempts to enter corrupted data into the list will get this message.
if (ereg("[<>\|\n\r]", $title) || ereg("[<>\|\n\r]", $format)
       || ereg("[<>\|\n\r]", $language) || ereg("[<>\|\n\r]", $seriesEps)
       || ereg("[<>\|\n\r]", $episodesOwned) || ereg("[<>\|]", $comments)){
    echo "Invalid character used in one or more forms, cannot continue.<br>";
    echo "The previous page should have caught this, but it obviously didn't.<br>";
    echo "The &lt;, &gt;, and &#124; characters are not allowed in any field.<br>";
    echo printLinkFooter();
    die();
}
*/
if (!trim($comments)){
    $comments = "&nbsp;";
}
//this is the only field that allows newlines, replace them with HTML
$comments = str_replace("\r\n", "<br>", $comments);  //don't use NEWLINE here because textfields always pass \r\n

//User must be valid, create and add the Show object (need a copy constructor)
if (!isset($SHOWINCLUDED)){
    include("showclass.php");
}
$newShow = new Show();
$newShow->title = $title;
$newShow->owner = $username;
$newShow->format = $format;
$newShow->language = $language;
$newShow->collection = $eps;
if($eps == "Complete") $newShow->owned = $seriesEps;
if($eps == "Partial") $newShow->owned = $episodesOwned;
if($eps == "Movie") $newShow->owned = "N/A";
$newShow->comments = $comments;
if (isset($time) && $time) $newShow->time = $time;  //TODO error check data field contents
if (isset($year) && $year) $newShow->year = $year;  //TODO error check data field contents

$showData = new ShowList(SHOWDATAFILE);

if(!isset($key)){
    //adding new entry
    $newShow->key = uniqid(md5($title));   //about as likely to be unique as I can think of
    record("Adding new Show: " . $newShow->outputDataLine(" "));
    $showData->addShow($newShow);
    if (@$showData->outputListToFile(SHOWDATAFILE)){
        addChange($newShow->key, Stripslashes($title), "add");

        echo "Successfully added " . Stripslashes($title) . " to the list.<br>";
        echo printLinkFooter() . " / " . printAddShowLink("add another") . "</a>";
        echo redirectToLastView();
    }
    else {
        record("FAILED to add new Show: " . $newShow->outputDataLine(" "));
        dieWithWriteError();
    }
}
else {
    //Show already exists in the list somewhere
    $oldShow = $showData->getByKey($key);
    //need to insure that the user has permission to change this Show
    if (!(strcasecmp($oldShow->owner, $username) == 0) && !($thisUser->rank >= ADMIN)){
        echo "Sorry, but you cannot change or remove this entry.<br>";
        echo "Only admins and the person who added an item to the list can change an entry.<br>";
        echo printLinkFooter();
        die();
    }
    elseif (!strcasecmp($oldShow->owner, $username) == 0){
        $newShow->owner = $oldShow->owner;  //don't change the username for the entry if an admin modifies something
    }

    if ($operation == "modify"){
        //changing an existing entry
        $newShow->key = $key; //keep the same key value
        $newShow->votes = $oldShow->votes; //keep any existing votes, everything else is set up already
        $showData->replaceByKey($newShow);
        if (@$showData->outputListToFile(SHOWDATAFILE)){
            addChange($newShow->key, Stripslashes($newShow->title), "modify");

            echo "Change was accepted.<br>";
            echo printLinkFooter();
            echo redirectToLastView();
        }
        else {
            record("Change failed");
            dieWithWriteError();
        }
    }
    elseif ($operation == "delete"){
        $showData->deleteByKey($key);
        if (@$showData->outputListToFile(SHOWDATAFILE)){
            addChange($key, Stripslashes($newShow->title), "delete");

            echo "Entry was sucessfully deleted.<br>";
            echo "<hr>" . printMainLink() . " / " . printListLink() . " / " . printModifyListLink();
            echo redirectToLastView();
        }
        else {
            record("Failed to delete show with key " . $key);
            dieWithWriteError();
        }

    }
    else {
        echo "Unknown operation requested: $operation <br>";
        echo printLinkFooter();
        die();
    }
}
?>

</body>
</html>
Return current item: Club video list website