<?
// This code is generated by a stupid program. Be careful with it!
// This contains the html forms and code to insert and update info in a table
// You're responsible for database connects. Here's some useful code for that:
/*
$db_user = "user";
$db_pass = "pass";
$db_name = "database";
mysql_connect("localhost", "$db_user", "$db_pass") or die( "Unable to connect to SQL server");
mysql_select_db("$db_name") or die( "Unable to select database");
*/
// Note: use this form to edit data by calling script.php?edit=<id>
if($_POST['tableUpdate'] || $_POST['tableInsert']) {
// Manipulate data before handling
{{* do shit in here for checkboxes, and reassembling dates. *}}
{{php}}
// phpinfo(); die();
global $template;
for($i=0;$i<count($_POST['fields']);++$i) {
if(!$_POST['include'.$i]) {
continue;
}
switch($_POST['type'][$i]) {
case 'checkbox': ?>
if(!$_POST['<?= $_POST['fields'][$i] ?>'])
$_POST['<?= $_POST['fields'][$i] ?>'] = 0;
<?
break;
case 'dateSelects':
?>
if($_POST['<?= $_POST['fields'][$i] ?>Day']) {
$_POST['<?= $_POST['fields'][$i] ?>'] =
$_POST['<?= $_POST['fields'][$i] ?>Year'] .'-'.
$_POST['<?= $_POST['fields'][$i] ?>Month'].'-'.
$_POST['<?= $_POST['fields'][$i] ?>Day'];
}
<?
break;
default:
// perhaps have fuckup testing on incoming data here. Y'know hacker-proof input.
break;
}
}{{/php}}
}
// start if-else chain
if($_POST['tableInsert']) {
// list the fields
$fields = array( {{* print all the fields that will be dealt with *}}
{{php}} $output = '';
for($i=0;$i<count($_POST['fields']);++$i) {
if(!$_POST['include'.$i]) {
continue;
}
$output .= (($i > 0) ? "\n":'').' '.$_POST['fields'][$i].",";
}
// chop off the last comma
$output = chop($output,',');
$output .= "\n".' );'."\n";
$template->assign('field_list',$output);
{{/php}}{{$field_list}}
// The next sections generate the sql
// INSERT
$sql = "INSERT INTO {{$smarty.post.table}} (";
// FIELDS
foreach($fields as $field)
$sql .= "`$field`,";
$sql = chop($sql,',');
// VALUES
$sql .= ") VALUES (";
// INPUT
foreach($fields as $field)
$sql .= "'{$_POST[$field]}',";
$sql = chop($sql,',');
// CLOSE
$sql .= ")";
mysql_query($sql);
// echo $sql.'<br>'.mysql_error();
// $lastinsert = mysql_insert_id();
$opResult = "The entry was successfully added";
}
else if($_POST['tableUpdate']) {
$fields = array(
{{$field_list}}
/* if you want to muck with any variables before they go in, do
it in the provided space near the top */
// UPDATE
$sql = "UPDATE {{$smarty.post.table}} SET ";
// FIELDS
foreach($fields as $field)
$sql .= "`$field` = '{$_POST[$field]}',";
$sql = chop($sql,',');
// WHERE
$sql .= " WHERE id='{$_POST['tableUpdate']}'";
mysql_query($sql);
$opResult = "The entry was successfully updated";
}
else if($_GET["edit"]) {
$sql = "SELECT * FROM {{$smarty.post.table}} WHERE id={$_GET['edit']}";
$editData = mysql_fetch_object(mysql_query($sql));
{{php}}
for($i=0;$i<count($_POST['fields']);++$i) {
if(!$_POST['include'.$i]) {
continue;
}
switch($_POST['type'][$i]) {
case 'dateSelects':
?>
$regs = explode('-',$editData-><?= $_POST['fields'][$i] ?>);
$editData-><?= $_POST['fields'][$i] ?>Day = $regs[2];
$editData-><?= $_POST['fields'][$i] ?>Month = $regs[1];
$editData-><?= $_POST['fields'][$i] ?>Year = $regs[0];
<?
break;
default:
break;
}
}
{{/php}}
}
else if($_GET["delete"]) {
$sql = "DELETE FROM {{$smarty.post.table}} WHERE id={$_GET['delete']}";
mysql_query($sql);
}
// set defaults here
if(!$_GET['edit']) {
}
?>
<table align=center><tr><td valign=top>
<table cellpadding=5 cellspacing=0 border=1><tr bgcolor="#333333" style="color: #FFFFFF; font-weight: bold">
<td>Edit</td>
{{php}}
for($i=0;$i<count($_POST['fields']);++$i) {
if(!$_POST['listing'.$i])
continue;
echo '<td>'.$_POST['fielddesc'][$i].':</td>'."\n";
}
{{/php}}
<td>Delete</td>
</tr>
<?
$sql = "SELECT * FROM {{$smarty.post.table}} ";
$result = mysql_query($sql);
while($data = mysql_fetch_object($result)) {
?><tr><td><a href="<?= $PHP_SELF ?>?edit=<?= $data->id ?>">Edit</a></td>
{{php}}
$output = '';
for($i=0;$i<count($_POST['fields']);++$i) {
if(!$_POST['listing'.$i])
continue;
$output .= '<td><?= $data->'.$_POST['fields'][$i].' ?></td>'."\n";
}
// <output>
$output .= '
<td><a href="<?= $PHP_SELF ?>?delete=<?= $data->id ?>"
onclick="return confirm(\'Are you sure you want to delete this?\')">Delete</a></td>';
$template->assign('output',$output);
{{/php}}{{$output}}
</tr><?
}
?>
</table></td><td>
<form action="<?= $PHP_SELF ?>" method=POST>
<table>
{{php}}
// this is the monster that handles all the different input types
for($i=0;$i<count($_POST['fields']);++$i) {
if(!$_POST['include'.$i])
continue;
?><tr><td><?= $_POST['fielddesc'][$i] ?>:</td><td>
<?
switch($_POST['type'][$i]) {
case "text":
case "password":
case "hidden":
?>
<input type="<?= $_POST['type'][$i] ?>" name="<?= $_POST['fields'][$i] ?>" value="<?= '<?=' ?> $editData-><?= $_POST['fields'][$i] ?> <?= '?>' ?>">
<?
break;
case "radio":
case "checkbox":
?>
<input type="<?= $_POST['type'][$i] ?>" name="<?= $_POST['fields'][$i] ?>" value="1"<?= '<?=' ?> $editData-><?= $_POST['fields'][$i] ?> ? " CHECKED":"" <?= '?>' ?>
<?
break;
case "select":
?>
<select name="<?= $_POST['fields'][$i] ?>">
<option value="">
</select>
<?
break;
case "textarea":
?>
<textarea name="<?= $_POST['fields'][$i] ?>"><?= '<?=' ?> $editData-><?= $_POST['fields'][$i] ?> <?= '?>' ?></textarea>
<?
break;
case "dateSelects":
$template->assign('field',$_POST['fields'][$i]);
$template->display('dateSelects.tpl');
break;
}
?></td></tr>
<?
}
{{/php}}
</table>
<? if($_GET["edit"]) { ?>
<input type="hidden" name="tableUpdate" value="<?= $_GET["edit"] ?>">
<input type="submit" value="Update">
<? } else { ?>
<input type="hidden" name="tableInsert" value="1">
<input type="submit" value="Insert">
<? } ?>
</form>
<?
if($_GET['edit']) {
?><a href="<?= $PHP_SELF ?>?tableNew=1">Add new item instead of updating this one.</a><br><?
} ?>
</td></tr></table>