<?phpclass newIncident { var $host; var $username; var $password;

1. <?php
2.  
3. class newIncident {
4.  
5.   var $host;
6.   var $username;
7.   var $password;
8.   var $table;
9.  
10.   public function display_admin() {
11.     return <<<ADMIN_FORM
12.    
13.     <form action="{$_SERVER['PHP_SELF']}" method="post" id="incidentForm">
14.         <div id="formField"><label for="incidentTime" id="incidentFormLabel">Date / Time of Incident:</label><input class="timeText" type="text" name="incidentTime" /></div>
15.         <div id="formField"><label for="resolutionTime" id="incidentFormLabel">Date / Time of Resolution:</label><input class="timeText" type="text" name="resolutionTime" /></div>
16.         <div id="formFieldLarge"><label for="explanation" id="incidentFormLabel">General xplanation:</label><input class="mainText" type="text" name="explanation" /></div>
17.         <div id="formFieldLarge"><label for="measures" id="incidentFormLabel">Preventive easures Taken:</label><input class="mainText" type="text" name="measures" /></div>
18.         <input type="submit" value="Create This Entry!" class="submitButton"/>
19.     </form>
20.    
21.     <br />
22.    
23.     <a href="display.php">Back to Home</a>
24.  
25. ADMIN_FORM;
26.   }
27.  
28.   public function write($p) {
29.     if ( $_POST['incidentTime'] )
30.       $incidentTime = mysql_real_escape_string($_POST['incidentTime']);
31.       if ( $_POST['resolutionTime'] )
32.       $resolutionTime = mysql_real_escape_string($_POST['resolutionTime']);
33.     if ( $_POST['explanation'])
34.       $explanation = mysql_real_escape_string($_POST['explanation']);
35.     if ( $_POST['measures'])
36.       $measures = mysql_real_escape_string($_POST['measures']);
37.     if ( $incidentTime && $resolutionTime && $explanation && $measures ) {
38.       $created = time();
39.       $sql = "INSERT INTO incidents VALUES('$incidentTime','$resolutionTime','$explanation','$measures','$created')";
40.       return mysql_query($sql);
41.     } else {
42.       return false;
43.     }
44.   }
45.  
46.   public function connect() {
47.     mysql_connect($this->host,$this->username,$this->password) or die("Could not connect. " . mysql_error());
48.     mysql_select_db($this->table) or die("Could not select database. " . mysql_error());
49.  
50.     return $this->buildDB();
51.   }
52.  
53.   private function buildDB() {
54.     $sql = <<<MySQL_QUERY
55.     CREATE TABLE IF NOT EXISTS incidents (
56.         incidentID  INT PRIMARY KEY AUTO_INCREMENT,
57.         incidentTime VARCHAR(150),
58.         resolutionTime VARCHAR(150),
59.         explanation TEXT,
60.         measures    TEXT,
61.         created     VARCHAR(100)
62. )
63. MySQL_QUERY;
64.  
65.     return mysql_query($sql);
66.   }
67.  
68.   public function display_public() {
69.     $query = "SELECT * FROM incidents ORDER BY created DESC LIMIT 1";
70.     $response = mysql_query($query);
71.  
72.     if ( $response !== false && mysql_num_rows($response) > 0 ) {
73.       while ( $array = mysql_fetch_assoc($response) ) {
74.         $incidentTime = stripslashes($array['incidentTime']);
75.         $resolutionTime = stripslashes($array['resolutionTime']);
76.         $explanation = stripslashes($array['explanation']);
77.         $measures = stripslashes($array['measures']);
78.  
79.         $entry_display .= <<<ENTRY_DISPLAY
80.  
81.     <div class="post">
82.         <p>$incidentTime</p>
83.         <p>$resolutionTime</p>
84.         <p>$explanation</p>
85.         <p>$measures</p>
86.     </div>
87.  
88. ENTRY_DISPLAY;
89.       }
90.     } else {
91.       $entry_display = <<<ENTRY_DISPLAY
92.  
93. ENTRY_DISPLAY;
94.  
95.     }
96.     echo $incidentTime;
97.    
98.     $entry_display .= <<<ADMIN_OPTION
99.  
100.     <p class="admin_link">
101.       <a href="{$_SERVER['PHP_SELF']}?admin=1">Add a New Incident</a>
102.     </p>
103.  
104. ADMIN_OPTION;
105.  
106.     return $entry_display;
107.   }
108. }
109. ?>