Location: PHPKode > scripts > Quotations Database > quotations-database/admin/add_quotations.php
<?
/*
--------------------------------------------------
:::: Quotations Database ::::
--------------------------------------------------
PHP & MySQL application that stores quotations and author information, 
allows scheduling for 'quote of the day' and weekly themes.
Includes an administration interface to allow for easy updates and maintenance.
Copyright (C) 2009  Robert Temple
--------------------------------------------------

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.

You can contact the author at hide@address.com
Please do not remove the author, copyright, or license info.
*/

// Initialize session and check to make sure user is registered and logged in
include "include/session.php"; 
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
        "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">
<html>
<head>
	<meta http-equiv="content-type" content="text/html; charset=iso-8859-1">
	<title> Quotations Page</title>		
    <link href="../quotation.css" rel="stylesheet" type="text/css">
</head>
<body>
<?

// Connect  to database
include "include/connect.php";
dbconnect();

if ($_POST['submit']) {

// Account for single quote marks inside a quotation or source:
$cleanQuote = mysql_real_escape_string($_POST[Quotation]);
$cleanSource = mysql_real_escape_string($_POST[Source]);

// Store Category as an array:
$CatArray = implode(",",$_POST['CategoryID']);
              
          mysql_query($query);

		
		$InsertString = "INSERT INTO QuotationsTBL
		(
		Quotation,
		AuthorID,
		CategoryID,
		Source,
		Approved
		)
		
			Values
		
		(
		'$cleanQuote',	
		'$_POST[AuthorID]',
		'$CatArray',
		'$cleanSource',	
		'$_POST[Approved]'
		
		)";
		
		
// Add quotation to the database:		
		$result = mysql_query($InsertString) or die(mysql_error());
		
// Confirm update, add links to add another quotation and admin home:			
		echo "<table width=\"550\" border=\"1\" align=\"center\" cellpadding=\"4\" bordercolor=\"#000000\" bgcolor=\"#FFFFFF\"><tr><td bgcolor=\"#99FF00\"><span class=\"header\">Add New Quote</span></td></tr>";
		echo "<tr><td class=\"bodyCopy\">The quotation was added to database.</td></tr>";
		echo "<tr><td class=\"bodyCopy\"><a href=\"add_quotations.php\">Add another quotation</a>&nbsp;&nbsp;<a href=\"index.php\">Admin Home</a></td></tr></table>\n";	

} else {

?>
<table width="550" border="0" align="center" cellpadding="1" cellspacing="0" bgcolor="#000000">
      <Tr>
        <Td>
<table width="548" border="0" align="center" cellpadding="1" bgcolor="#FFFFFF">
  <tr>
    <td bgcolor="#99FF00"><br>
<div class="header">Add New Quote</div><br>
&nbsp;&nbsp;&nbsp;<a href="index.php">Admin page</a><br>
&nbsp;</td>
  </tr>
  <Tr>
  <Td bgcolor="#cccccc"></Td>
</Tr>
<tr><td>
<form method="POST" action="<? echo $PHP_SELF; ?>">
  <table width="100%" border="0" align="center" cellpadding="4" bgcolor="#FFFFFF">
  <tr>
<td colspan="2">&nbsp;</td>
</tr>
<tr valign="top">
<td width="200" align="right">Category:</td>
<td width="350" valign="top">
<?

// Here we generate the category picklist  by running a subquery
// on a separate table and building a select widget one line at a time.

$query = "SELECT * from CategoryTBL ORDER by Category ASC";
$result = mysql_query($query) or die ( mysql_error() );

while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
	$Category_ID = $row["Id"];
	$Categoryname = $row["Category"];
	//echo "<option value=\"$Category_ID\">$Categoryname\n";
	echo "<input type='checkbox' name='CategoryID[]' value=\"$Category_ID\">$Categoryname<br>";
}

?>
</td>
</tr>
<tr valign="top">
<td width="200" align="right">Quotation:</td>
<td width="350"><textarea name="Quotation" cols="62" rows="5" class="bodyCopy" id="Quotation"></textarea></td>
</tr>
<tr>
<td width="200" align="right">Author:</td>
<td width="350">
<select name="AuthorID" size="6" multiple class="bodyCopy">
<?

$query = "SELECT * from AuthorTBL ORDER by Lastname ASC";
$result = mysql_query($query) or die ( mysql_error() );

while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
	$Author_ID = $row["Id"];
	$Authorfname = $row["Firstname"];
	$Authorlname = $row["Lastname"];
	echo "<option value=\"$Author_ID\">$Authorfname $Authorlname\n";
}

?>
</select></td>
</tr>
<tr>
<td width="200" align="right">Source:</td>
<td width="350"><input type="text" class="bodyCopy" name="Source" size="30"></td>
</tr>
<tr>
<td colspan="2">
  <input name="Approved" type="hidden" value="Yes"></td>
</tr>
<tr>
<td align="center">&nbsp;</td>
<td width="350"><input name="submit" type="submit" class="bodyCopy" value="Add This Quote"></td>
</tr>
</table>
</form>
</td>
</tr>
</table>
</td>
  </tr>
</table>
<?
	}
?>
</body>
</html>
Return current item: Quotations Database