bin9909

1. <?php
2. if (!function_exists("GetSQLValueString")) {
3. function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
4. {
5. if (PHP_VERSION < 6) {
6. $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
7. }
8.  
9. $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
10.  
11. switch ($theType) {
12. case "text":
13. $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
14. break;
15. case "long":
16. case "int":
17. $theValue = ($theValue != "") ? intval($theValue) : "NULL";
18. break;
19. case "double":
20. $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
21. break;
22. case "date":
23. $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
24. break;
25. case "defined":
26. $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
27. break;
28. }
29. return $theValue;
30. }
31. }
32.  
33. $editFormAction = $_SERVER['PHP_SELF'];
34. if (isset($_SERVER['QUERY_STRING'])) {
35. $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
36. }
37.  
38. if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "new_recipe")) {
39. $insertSQL = sprintf("INSERT INTO recipes (reci_id, reci_name, reci_post_author, reci_post_datetime, reci_update_author, reci_update_datetime, reci_status, reci_difficulty, reci_serving, reci_cooktime_hours, reci_cooktime_mins, reci_preptime_hours, reci_preptime_mins, reci_cooltime_hours, reci_cooltime_mins, reci_category, reci_ingredients, reci_instructions, `reci_img_1`, `reci_img_2`, `reci_img_3`, `reci_img_4`, `reci_img_5`, `reci_img_6`, `reci_img_7`, `reci_img_8`, `reci_img_9`, `reci_img_10`) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
40. GetSQLValueString($_POST['reci_id'], "int"),
41. GetSQLValueString($_POST['reci_name'], "text"),
42. GetSQLValueString($_POST['reci_post_author'], "text"),
43. GetSQLValueString($_POST['reci_post_datetime'], "text"),
44. GetSQLValueString($_POST['reci_update_author'], "text"),
45. GetSQLValueString($_POST['reci_update_datetime'], "text"),
46. GetSQLValueString($_POST['reci_status'], "int"),
47. GetSQLValueString($_POST['reci_difficulty'], "text"),
48. GetSQLValueString($_POST['reci_serving'], "text"),
49. GetSQLValueString($_POST['reci_cooktime_hours'], "text"),
50. GetSQLValueString($_POST['reci_cooktime_mins'], "text"),
51. GetSQLValueString($_POST['reci_preptime_hours'], "text"),
52. GetSQLValueString($_POST['reci_preptime_mins'], "text"),
53. GetSQLValueString($_POST['reci_cooltime_hours'], "text"),
54. GetSQLValueString($_POST['reci_cooltime_mins'], "text"),
55. GetSQLValueString($_POST['reci_category'], "text"),
56. GetSQLValueString($_POST['reci_ingredients'], "text"),
57. GetSQLValueString($_POST['reci_instructions'], "text"),
58. GetSQLValueString($uploaded_image_names[0], "text"),
59. GetSQLValueString($uploaded_image_names[1], "text"),
60. GetSQLValueString($uploaded_image_names[2], "text"),
61. GetSQLValueString($uploaded_image_names[3], "text"),
62. GetSQLValueString($uploaded_image_names[4], "text"),
63. GetSQLValueString($uploaded_image_names[5], "text"),
64. GetSQLValueString($uploaded_image_names[6], "text"),
65. GetSQLValueString($uploaded_image_names[7], "text"),
66. GetSQLValueString($uploaded_image_names[8], "text"),
67. GetSQLValueString($uploaded_image_names[9], "text"));
68.  
69. mysql_select_db($database_planetcu_db6380, $planetcu_db6380);
70. $Result1 = mysql_query($insertSQL, $planetcu_db6380) or die(mysql_error());
71.  
72. $insertGoTo = "../../menu.php";
73. if (isset($_SERVER['QUERY_STRING'])) {
74. $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
75. $insertGoTo .= $_SERVER['QUERY_STRING'];
76. }
77. header(sprintf("Location: %s", $insertGoTo));
78. }
79.  
80.  
81. //........ je vous épargne le reste du code, ce sont des query pour remplire les stats.//