add.php at PAT and Inventory Management System

<!--
	Pat and Inventory Management System
	Version 0.1
	Created by Tom Dyer
	Last edited by Tom Dyer 12/9/09
	Inventory - Add an Item
-->
<?php
session_start();	// This connects to the existing session. Allows sharing of variables between pages for a smoother user experience
$directory = $_SESSION['docroot'];
include_once '../../config.php';
$barcode = $_SESSION['barcode'];
?>
<html>
	<title>PIMS | Add an Item</title>
	<head><link rel="shortcut icon" href="<?php echo "$servroot"; ?>/favicon.ico" type="image/x-icon"><h4>Add an Item to the Database</h4></head>
	<body onLoad="document.input.name.focus()" LINK="0033CC" VLINK="0033CC"> <!-- Keep links blue after visit -->
	
		<table border="0"> <!-- Table to make the form look nice -->
		<form action="" method="post" name="input"> <!-- Form that will submit data back to this file -->
		<input type="hidden" name="cmd" value="done"</input>
		<tr>
		<td>Barcode: </td><td><?php echo "$barcode"; ?></td>
		</tr><tr>
		<td>Item Description: </td><td><input id="name" name="name" value = "<?php echo "$name"; ?>"/></td>
		</tr><tr>
		<td>PAT Required: </td><td><input type="checkbox" name="pat" value="pat" checked></td> <!-- Checkbox. add 'checked' to auto-check the box -->
		</tr><tr>
		<td>Retest Period: </td><td><input id="retest" name="retest" size="2" value="1"> Year(s)</td>
		</tr><tr>
		
		<td><input type="submit" value="Submit"></td>
		</tr>
		</form> <!-- Close of Input Form -->
		</table> <!-- Close of Form Table -->
		
		<?php

	if ($_POST['cmd'] == 'done') { //check if the form has been submitted
		
		$name = $_POST['name']; //set variables
		$retest = $_POST['retest'];
		$barcode = (int)$barcode; // Format out any leading zeros and/or text
		if(empty($name)) // Check for a Description
			{
				echo "Please enter a Description";
				echo '<br><hr width="100%" /><a href="index.php">Back</a><br>';
				die;
			}
		mysql_connect($sqlhost,$username,$password);		
		@mysql_select_db($database) or die( "Unable to select database"); // Connect to the database to check for a previous record
		$data = mysql_query("SELECT * FROM equipment WHERE barcode='$barcode'");
		while($row = mysql_fetch_array($data))
			{
				$gotbarcode=$row['barcode'];
				$gotname=$row['name'];
			  	$gotretest=$row['retest'];
			}
		if(empty($gotname)) // check for an existing record
			{
				if ($_POST['pat'] == 'pat') // check if the Item requires a PAT Test
					{}
					else
					{
						$retest = ''; // Setting retest to be null will not allow the item to be PAT Tested
					}
						
				mysql_connect($sqlhost,$username,$password);		
				@mysql_select_db($database) or die( "Unable to select database");
				mysql_query("INSERT INTO `equipment` VALUES ('$barcode', '$name', '$retest', '', '')"); // Enter new information into the Database
					
				echo "$name has been successfully added to the database."; // Tell the user it worked
				echo '<br><hr width="100%" /><a href="..">Back</a><br><a href="../../../">Home</a><br>'; // Give them navigation
				echo '<script language="javascript">window.location="index.php";</script>';
				die; // Stop
			}
		}
?> 

		
		<br><hr width="100%" /><a href="index.php">Back</a><br>
	</body>
<html>