<?php require_once('Connections/blog.php'); ?>< ?phpfunction GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = ""){$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;switch ($theType) {case "text":$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";break;case "long":case "int":$theValue = ($theValue != "") ? intval($theValue) : "NULL";break;case "double":$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";break;case "date":$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";break;case "defined":$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;break;}return $theValue;}$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {$editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];}if ((isset($HTTP_POST_VARS["MM_insert"])) && ($HTTP_POST_VARS["MM_insert"] == "news-add")) {$insertSQL = sprintf("INSERT INTO blog (ID, title, name, email, `date`, icon, entry) VALUES (%s, %s, %s, %s, %s, %s, %s)",GetSQLValueString($HTTP_POST_VARS['hiddenFieldID'], "int"),GetSQLValueString($HTTP_POST_VARS['textfieldTitel'], "text"),GetSQLValueString($HTTP_POST_VARS['textfieldName'], "text"),GetSQLValueString($HTTP_POST_VARS['textfieldName'], "text"),GetSQLValueString($HTTP_POST_VARS['textfieldDatum'], "date"),GetSQLValueString($HTTP_POST_VARS['textfieldIcon'], "text"),GetSQLValueString($HTTP_POST_VARS['textarea'], "text"));mysql_select_db($database_blog, $blog);$Result1 = mysql_query($insertSQL, $blog) or die(mysql_error());$insertGoTo = "list.php";if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";$insertGoTo .= $HTTP_SERVER_VARS['QUERY_STRING'];}header(sprintf("Location: %s", $insertGoTo));}$colname_rsBlog = "1";if (isset($HTTP_GET_VARS['recordID'])) {$colname_rsBlog = (get_magic_quotes_gpc()) ? $HTTP_GET_VARS['recordID'] : addslashes($HTTP_GET_VARS['recordID']);}mysql_select_db($database_blog, $blog);$query_rsBlog = sprintf("SELECT * FROM blog WHERE ID = %s", $colname_rsBlog);$rsBlog = mysql_query($query_rsBlog, $blog) or die(mysql_error());$row_rsBlog = mysql_fetch_assoc($rsBlog);$totalRows_rsBlog = mysql_num_rows($rsBlog);?>< !DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">< html>< head>< title>Untitled Document</title>< meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">< /head><body>< p>Add</p>< form name="news-add" method="POST" action="<?php echo $editFormAction; ?>">< table width="100%" border="0"><tr><td><input type="hidden" name="hiddenFieldID"></td><td> </td></tr><tr><td height="25">Name:</td><td><input type="text" name="textfieldName"></td></tr><tr><td>eMail:</td><td><input type="text" name="textfieldEmail"></td></tr><tr><td>Datum:</td><td><input type="text" name="textfieldDatum">(so Eintippen: jjjj-mm-tt)</td></tr><tr><td>Titel:</td><td><input type="text" name="textfieldTitel"></td></tr><tr><td>Icon:</td><td><input type="text" name="textfieldIcon"></td></tr><tr><td>Entry:</td><td><textarea name="textarea" cols="35" rows="5"></textarea></td></tr><tr><td><input type="submit" name="Submit" value="Submit"></td><td><input type="reset" name="Submit2" value="Reset"></td></tr>< /table>< input type="hidden" name="MM_insert" value="news-add">< /form>< p> </p>< /body>< /html>< ?phpmysql_free_result($rsBlog);?> |
