Location: PHPKode > projects > Comic Pub > comicpub/process.php
<?php
if($_SERVER[QUERY_STRING] == 'mail'){
	setcookie("sender_name", $_POST[sender_name], time() + (365 * 24 * 60 * 60));
	setcookie("sender_email", $_POST[sender_email], time() + (365 * 24 * 60 * 60));
}

//`id`, `time`, `association`, `comments`, `allow_comments`, `keywords`, `description`
/*------------------------------------------------------------------------
	ComicPub - A program designed to aid and assist the author of web comics in 
	their publishment on the 'innernet'
	Copyright (C) 2003  Tim Bielawa
	
	This program is free software; you can redistribute it and/or
	modify it under the terms of the GNU General Public License
	as published by the Free Software Foundation; either version 2
	of the License, or (at your option) any later version.
	
	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.
	
	You should have received a copy of the GNU General Public License
	along with this program; if not, write to the Free Software
	Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
------------------------------------------------------------------------*/

	//process.php mmm... functionality
include("header.php");

include("functions.php");

require("vars.php");
//arg is shorter than $_SERVER["QUERY_STRING"]....

$arg = $_SERVER["QUERY_STRING"];

////////////////////////////////////////////ADD A NEW COMIC
if($arg == 'add'){
	//connect to mysql
	$link = mysql_connect("$site[mysql_host]", "$site[mysql_name]", "$site[mysql_pass]") or die(mysql_error());
           mysql_select_db("$site[mysql_prefix]" . "$site[mysql_db]") or die(mysql_error());
	//phpinfo();
	
	$in = $_POST; // again, "in" is shorter than _POST

	//making sure all the fields are filled in
	foreach($in as $test){
		if($test == ''){
			echo "Please Fill in all the Fields";
			die(include("footer.php"));
		}
	}
	
	//more field filling checking
	if(!$in[comics]){
		echo "Please Fill in all the Fields";
		die(include("footer.php"));
	}
	
	//get rid of php imposed escaping quotes
	$in[title] = stripslashes($in[title]);
	$in[keywords] = stripslashes($in[keywords]);
	$in[description] = stripslashes($in[description]);
	$in[author_comments] = stripslashes($in[author_comments]);
	
	$q = "INSERT INTO `" . $site[mysql_prefix] . "comics` (`id`, `time`, `association`, `comments`, `allow_comments`, `keywords`, `description`, `title`) VALUES('', '". time() . "', '" . $in[comics] . "', '" . $in[author_comments] . "', '" . $in[allow_comments] . "', '" . $in[keywords] . "', '" . $in[description] . "', '" . $in[title] . "')";
	//echo $q;
	
	$res = mysql_query($q) or die(mysql_error());
	echo "New comic has been added, it can be accessed directly be going to the viewing page NOW if you havent posted it for future postage.";
}
//////////////////////////////////////////////////////edit old comics
if($arg == 'editold'){ //finallystarted on this on 2004-1-7
	global $site;	 //connect to mysql
	$link = mysql_connect("$site[mysql_host]", "$site[mysql_name]", "$site[mysql_pass]") or die(mysql_error());
		mysql_select_db($site[mysql_prefix] . $site[mysql_db]) or die(mysql_error());
		
	if(!$_POST[sure]){ //did you press the button that verifys that you are sure?
		echo "You have not pressed the \"sure\" button verifying that you are sure you want to edit the comic. Go back and press it and then continue";
		include("footer.php"); //for the look
		die(''); //die :-D
	}

	//yhick, too much repetition, I need to clean this up one day --2004-1-7
	$q[0] = "UPDATE `comics` SET `association`= '" . $_POST[comics] . "' WHERE `id` = '" . $_POST[id] . "'";
	$q[1] = "UPDATE `comics` SET `comments`= '" . $_POST[author_comments] . "' WHERE `id` = '" . $_POST[id] . "'";
	$q[2] = "UPDATE `comics` SET `allow_comments`= '" . $_POST[allow_comments] . "' WHERE `id` = '" . $_POST[id] . "'";
	$q[3] = "UPDATE `comics` SET `keywords`= '" . $_POST[keywords] . "' WHERE `id` = '" . $_POST[id] . "'";
	$q[4] = "UPDATE `comics` SET `description`= '" . $_POST[description] . "' WHERE `id` = '" . $_POST[id] . "'";
	$q[5] = "UPDATE `comics` SET `title`= '" . $_POST[title] . "' WHERE `id` = '" . $_POST[id] . "'";

	foreach($q as $e) { //random letters really....
		if($res = mysql_query($e)){ //execute mysql
			echo ''; 
		} else { 
			echo mysql_error();  //if mysql fscked up do this
			include("footer.php");  //then this
			die(''); //then stop further code execution in this script
		}
	}
	
	$data = get_comic_data($_POST[id]); //get comic info
	echo "Comic \"" . $data[title] . "\" has been Updated Successfull!"; //success
}
////////////////////////////////////////////////mail comics to people
if($arg == 'mail'){// this script is definetly a work in progress -- 2004-2-16
	echo "Note: We do not harvest emails<BR><BR><BR><BR>\n"; //disclaimer
	mail($_POST[friends_email], "You have received a comic link from your friend " . $_POST[sender_name], $_POST[sender_message]);
}
include("footer.php");
?>
Return current item: Comic Pub