Untitled

<?php # create_links.php 8.5

session_start(); // Start the session.

// If no session value is present, redirect the user:

if (!isset($_SESSION['user_id'])) {

    require_once ('includes/login_functions.inc.php');

    $url = absolute_url();

    header("Location: $url");

    exit(); // Quit the script.

}


$page_title = 'New Link';

include ('includes/header.html');


// Check if the form has been submitted:

if (isset($_POST['submitted'])) {

    require_once ('xxx'); // Connect to the db.

    $errors = array(); // Initialise an error array.


    // Check for a title:

    if (empty($_POST['title'])) {

       $errors[] = 'You forgot to enter the link title.';

    } else {

       $title = mysqli_real_escape_string($dbc, trim($_POST['$title']));

    }


    // Check for an intro:

    if (empty($_POST['intro'])) {

       $errors[] = 'You forgot to enter the link intro.';

    } else {

       $intro = mysqli_real_escape_string($dbc, trim($_POST['$intro']));

    }


    // Check for an entry:

    if (empty($_POST['entry'])) {

       $errors[] = 'You forgot to enter the link entry text.';

    } else {

       $entry = mysqli_real_escape_string($dbc, trim($_POST['$entry']));

    }

    // Check for an link:

    if (empty($_POST['link'])) {

       $errors[] = 'You forgot to enter the link.';

    } else {

       $entry = mysqli_real_escape_string($dbc, trim($_POST['$link']));

    }


    if (empty($errors)) { // If everything is ok.


        // Register the user in the database...


        // Make the query:

        $q = "INSERT INTO links (title, intro, entry, link, creation_date) VALUES ('$title', '$intro', '$entry', '$link', NOW() )";

        $r = @mysqli_query ($dbc, $q); // Run the query.

        if ($r) { // If it ran ok.


           // Print a message:

           echo '<h1>Thank you!</h1>

        <p>The link is now created. There will be a log in later.</p><p><br /></p>';


        } else { // If it did not run ok.


           // Public message:

           echo '<h1>System Error</h1>

           <p class="error"> The link could not be created due to a system error. We apologise for any inconvenience. </p>';


            // Debugging message:

            echo '<p>' . mysqli_error($dbc) . '<br /><br />Query: ' .$q . '</p>';


        } // End of if ($r) IF.


        // Include the footer and quit the script:

        include ('pook_includes/footer.html');

        exit();


    } else { // Report the errors.


        echo '<h1>Error!</h1>

        <p class="error">The following error(s) occured:<br />';

        foreach ($errors as $msg) { // Print each error

           echo " - $msg<br />\n";

        }

        echo '</p><p>Please again.</p><p><br /></p>';


    } // End of if (empty($errors)) IF.

    mysqli_close($dbc); // Close the database connection


} // End of the main a submit conditional.

?>

<h1>New Link</h1>

<form action="create_links.php" method="POST">

   <p>Intro: <input type="text" name="intro" size="40" maxlength="60" value="<?php if (isset($_POST['intro'])) echo $_POST['intro']; ?>" /></p>

   <p>Entry:<br /><textarea name="entry" id="entry" rows="15" cols="80"><?php if (isset($_POST['entry'])) echo $_POST['entry']; ?></textarea></p>

   <p>Title: <input type="text" name="title" size="20" maxlength="40" value="<?php if (isset($_POST['title'])) echo $_POST['title']; ?>" /></p>

   <p>Link: <input type="text" name="link" size="20" maxlength="40" value="<?php if (isset($_POST['link'])) echo $_POST['link']; ?>" /></p>


   <p><input type="submit" name="submit" value="Create Page" /></p>

   <input type="hidden" name="submitted" value="TRUE" />

</form>


<?php

include ('includes/footer.html');

?>