Location: PHPKode > projects > EverQuest Roster/Gallery > html/includes/write_award.php
<?
        function add_award($vars) {
                global $SESSION;

                if ($SESSION["level"] != ADMIN) {
                        $err = ERR_NOT_ENOUGH_ACCESS;
                } elseif (!trim($vars["award_name"])) {
                        $err = "The Award Name can not be blank.";
                } elseif (!trim($vars["award_descrip"])) {
                        $err = "The Award Description field cannot be blank.";
                } else {
                        $query  = "select award_name";
                        $query .= "  from awards";
                        $query .= " where award_name = '" . trim($vars["award_name"]) . "'";

                        query_db($query, $check);

                        if ($check["award_name"]) {
                                $err = "That award name already exists";
                        } else {
                               $query  = "insert into awards (award_id, award_name, award_descrip, award_img)";
                               $query .= "values (0, '" . addslashes(trim($vars["award_name"])) . "', '" . addslashes(trim($vars["award_descrip"])) . "', '" . addslashes(trim($vars["award_img"])) . "')";

                               update_db($query);
                        }
                }

                return $err;
        }

        function del_award($id) {
                global $SESSION;

                if ($SESSION["level"] != ADMIN) {
                        $err = ERR_NOT_ENOUGH_ACCESS;
                } elseif (!$id) {
                        $err = ERR_ID_BLANK;
                } elseif (eregi("[^[:digit:]]", $id)) {
                        $err = ERR_ID_INVALID;
                } else {
                        $query  = "select award_id";
                        $query .= "  from awards";
                        $query .= " where award_id = $id";

                        query_db($query, $check);

                        if (!$check["award_id"]) {
                                $err = ERR_ID_NOT_EXIST;
                        } else {
                                $query  = "delete";
                                $query .= "  from awards";
                                $query .= " where award_id = $id";

                                update_db($query);

                                $query  = "delete";
                                $query .= "  from awarded";
                                $query .= " where aid = $id";

                                update_db($query);
                        }
                }

                return $err;
        }

        function edit_award($id, $vars) {
                global $SESSION;

                if ($SESSION["level"] != ADMIN) {
                        $err = ERR_NOT_ENOUGH_ACCESS;
                } else {
                        $temp = array_keys($vars);
                        $err = "";
                        $query = "";

                        if (!trim($vars["award_name"])) {
                                $err = "The Award Name field cannot be blank.";
                        } elseif (!trim($vars["award_descrip"])) {
                                $err = "The Award Description field cannot be blank.";
                        }

                        if (!$err) {
                                $query  = "update awards";
                                $query .= "   set award_name = '" . $vars["award_name"] . "', ";
                                $query .= "       award_descrip = '" . addslashes(trim($vars["award_descrip"])) . "', ";
                                $query .= "       award_img = '" . $vars["award_img"] . "'";
                                $query .= " where award_id = $id";

                                update_db($query);

                        }
                }


                return $err;
        }

?>
Return current item: EverQuest Roster/Gallery