Location: PHPKode > projects > Open ShareLive > F3-OSL-pre_alpha-2005_05_30/addfeat.php
<?php
/******************************************************************************
*
*    Open ShareLive (main site code)
*    Copyright (C) 2002-2005  ShareLive
*
*    This program is free software; you can redistribute it and/or
*    modify it under the terms of the GNU General Public License
*    as published by the Free Software Foundation; either version 2
*    of the License, or (at your option) any later version.
*
*    This program is distributed in the hope that it will be useful,
*    but WITHOUT ANY WARRANTY; without even the implied warranty of
*    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
*    GNU General Public License for more details.
*
*    You should have received a copy of the GNU General Public License
*    along with this program; if not, write to the Free Software
*    Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
*
******************************************************************************/

	// Add Feature
	require('Connections/Default.php');
	require('backend/usermgr_functions.php');
	require('errmsg.php');

	if (!QuickCheck() || !$is_admin)
		ShowError("You do not have permission to add a new feature. Please log in to an admin or moderator account to complete this action.", "Permission Denied");

	// fix newlines
	$_POST['body'] = str_replace("\n", '<br>', $_POST['body']);

	if (empty($_POST['title']))
		ShowError("You must give a title for the feature. This may just be the release name and version or you may choose something different.", "Missing Title");

	if (empty($_POST['body']))
		ShowError("You must give this feature a message body. This can be copied from the release page or you may use your own description.", "Missing Body");

	if (!strchr($_POST['screen'],'/'))
		$_POST['screen'] = $sharelivepath + '/images/features/' . $_POST['screen'];


	// check existence of pid
	$q = mysql_query("SELECT rel_id FROM ".$dbprefix."shares WHERE rel_id = " . $_POST['pid']);
	if ($q && mysql_num_rows($q)) {
		mysql_query("INSERT INTO ".$dbprefix."featured_releases (title, bodyhtml, rel_id, screen_url) VALUES ('$_POST[title]', '$_POST[body]', '$_POST[pid]', '$_POST[screen]')");
		echo mysql_error(); // if there is one!
	} else {
		ShowError("The PID does not appear to be valid or there was a database error.", "Error");
	}

	header('HTTP/1.1 204 No Content');

?>
Return current item: Open ShareLive