Location: PHPKode > projects > OpenCMS > OpenCMS - Version Alpha/admin_homepage_module_create_submit.php
<?php

session_start();

?>

<html><link rel='shortcut icon' href='favicon.ico'>
<head>
<title>
OpenCMS
</title>
</head>

<body bgcolor='#333333' topmargin='0' leftmargin='0'>

<div align='center'><img src='site_images/admin_header_opencms.jpg'></div>
<table width='960' cellspacing='0' cellpadding='20' border='0' align='center'>
<tr>
	<td bgcolor='#ffffff'>


	<?php
		include 'site_login.php';
	?>

	<br>

	<font face='arial' size='4' color='#000000'>
		<b>
			ADMIN - HOMEPAGE - Module Create (Submit):
		</b>
	</font>


	<br>
	<br>

	<font face='arial' size='2' color='#000000'>

	<?php

		if ($_SESSION['session_id_login_verify'] == 'YES') {

			// Grabs the _POST variables...
			$type = $_POST['type'];
			$text = $_POST['text'];
			$image = $_POST['image'];
			$video = $_POST['video'];


			// This section replaces all bad characters from the form fields.
			$type_replace_quote_single = str_replace("'", "`", $type);
			$type_replace_quote_double = str_replace('"', "``", $type_replace_quote_single);
			$type_replace_slashes = str_replace("\\", "/", $type_replace_quote_double);
			$type_replace_lefthtml = str_replace("<", "[", $type_replace_slashes);
			$type_replace_righthtml = str_replace(">", "]", $type_replace_lefthtml);
			$type = $type_replace_righthtml;	

			$text_replace_quote_single = str_replace("'", "`", $text);
			$text_replace_quote_double = str_replace('"', "``", $text_replace_quote_single);
			$text_replace_slashes = str_replace("\\", "/", $text_replace_quote_double);
			$text_replace_lefthtml = str_replace("<", "[", $text_replace_slashes);
			$text_replace_righthtml = str_replace(">", "]", $text_replace_lefthtml);
			$text = $text_replace_righthtml;	

			$image_replace_quote_single = str_replace("'", "`", $image);
			$image_replace_quote_double = str_replace('"', "``", $image_replace_quote_single);
			$image_replace_slashes = str_replace("\\", "/", $image_replace_quote_double);
			$image_replace_lefthtml = str_replace("<", "[", $image_replace_slashes);
			$image_replace_righthtml = str_replace(">", "]", $image_replace_lefthtml);
			$image = $image_replace_righthtml;	

			$video_replace_quote_single = str_replace("'", "`", $video);
			$video_replace_quote_double = str_replace('"', "``", $video_replace_quote_single);
			$video_replace_slashes = str_replace("\\", "/", $video_replace_quote_double);
			$video_replace_lefthtml = str_replace("<", "[", $video_replace_slashes);
			$video_replace_righthtml = str_replace(">", "]", $video_replace_lefthtml);
			$video = $video_replace_righthtml;	


			include 'site_connect_mysql.php';

			//Connect To Database
			$mysql_OpenCMS_connection = mysql_connect($loginhostname, $loginusername, $loginpassword);
			mysql_select_db($logindatabase, $mysql_OpenCMS_connection);


			$modules_verify = "
			SELECT 
			* 
			FROM " . 
			$connect_mysql_modules_table . "
			WHERE " .
			$connect_mysql_modules_type . " = '" .
			$type . "'
			"
			; 

			//echo "<h1>" . $modules_verify . "</h1>";

			$modules_verify_data = mysql_query($modules_verify) or die(mysql_error());
			$modules_verify_data_count = mysql_num_rows($modules_verify_data);


			// This will determine whether the data is written to the database or not.
			if ($modules_verify_data_count > 0) {

				echo "Error: There is already that type of Module in the system.";

			}
			else {

				// No module for the selected type exists in the system.
						
				// NOTE: This section creates a unique record in the MySQL DB. NOTE the single quotes around the VALUES() variable.
				//		 You may need to put other variables within quotes like this otherwise errors will come up.

				$current_unixtime = gmmktime();		
				$random_id = rand(1000000000, 9999999999);
				$id = $current_unixtime . $random_id;

				mysql_query("INSERT INTO $connect_mysql_modules_table ($connect_mysql_modules_id) VALUES('$id') ") or die(mysql_error());


				// MODULE TYPE:
				$query = "
				UPDATE
				$connect_mysql_modules_table
				SET
				$connect_mysql_modules_type = '" . $type . "'
				WHERE
				" . $connect_mysql_modules_id . " = '" . $id . "'
				";

				mysql_query($query)
				or die(mysql_error()
				);


				// MODULE TEXT:
				$query = "
				UPDATE
				$connect_mysql_modules_table
				SET
				$connect_mysql_modules_text = '" . $text . "'
				WHERE
				" . $connect_mysql_modules_id . " = '" . $id . "'
				";

				mysql_query($query)
				or die(mysql_error()
				);


				// MODULE IMAGE:
				$query = "
				UPDATE
				$connect_mysql_modules_table
				SET
				$connect_mysql_modules_image = '" . $image . "'
				WHERE
				" . $connect_mysql_modules_id . " = '" . $id . "'
				";

				mysql_query($query)
				or die(mysql_error()
				);


				// MODULE VIDEO:
				$query = "
				UPDATE
				$connect_mysql_modules_table
				SET
				$connect_mysql_modules_video = '" . $video . "'
				WHERE
				" . $connect_mysql_modules_id . " = '" . $id . "'
				";

				mysql_query($query)
				or die(mysql_error()
				);


				echo "Success! Module information has been added to the system.";


			}
			

		}
		else {

			echo "Error: You do not have access to see this page. Go <a href='index.php'>Back</a>.";

		}

	?>

	</font>

	</td>
</tr>
</table>

<table width='960' cellspacing='0' cellpadding='20' border='0' align='center'>
<tr>
	<td bgcolor='#000000'>

		<font face='arial' size='1' color='#ffffff'>
			OpenCMS - Version Alpha - http://sourceforge.net/projects/open-cms/
		</font>

	</td>
</tr>
</table>

</body>
</html>



Return current item: OpenCMS