<?php
include ("config.inc");
include ("forum.inc");

$dbh = db_connect();

$user = authenticate();
if ($user[Status] != 'Administrator') {
    not_right ("You must be logged in, and be a valid administrator to access this.");
}  

$FORM = get_input();

# --------------------
# Assign the variables
$Title       = $FORM[Title];

# ---------------------------------------------
# Check to make sure all info has been filled in
if(!$Title){
    not_right("All of the required informatin has not been filled in.  Please try again.");
}

# --------------------------------------------
# Make sure the category doesn't already exist
$Title_q = db_quote($Title);
$query = <<<END_SQL
    SELECT Title
    FROM Category
    WHERE Title = $Title_q
END_SQL;
$sth = mysql_query($query, $dbh) or die ("Can't prepare $query.  Reason: " . mysql_error() . ".");
$check = mysql_num_rows($sth);
if ($check) {
    not_right("That Category already exists.");
}

# -------------------------------
# Put the category into the database
$query = <<<END_SQL
    SELECT Distinct Number FROM Category ORDER By Number DESC
END_SQL;
$sth = mysql_query($query, $dbh) or die ("Can't prepare $query.  Reason: " . mysql_error() . ".");
list($Number) = mysql_fetch_array($sth);
$Number++;
$Title_q       = db_quote($Title);

$query = <<<END_SQL
    INSERT INTO Category (Title,Number)
    VALUES ($Title_q,$Number)
END_SQL;
mysql_query ($query) or not_right("That category is already being used.  Please try again.");

# ------------------------
# Send them a confirmation
send_header ("The new category has been created.","<META HTTP-EQUIV=\"Refresh\" content=\"5;url=$config[cgiurl]/admin/login.php\">");
table_header("The new category has been created.");

print " The new category has been created and is now available for forums to be placed within it.  </P>";
send_footer();
?>