links/add.php

   1 <?php\r
   2 /****************************************************************************/\r
   3 /* ATutor                                                                                                                                       */\r
   4 /****************************************************************************/\r
   5 /* Copyright (c) 2002-2008 by Greg Gay, Joel Kronenberg & Heidi Hazelton        */\r
   6 /* Adaptive Technology Resource Centre / University of Toronto                          */\r
   7 /* http://atutor.ca                                                                                                                     */\r
   8 /*                                                                                                                                                      */\r
   9 /* This program is free software. You can redistribute it and/or                        */\r
  10 /* modify it under the terms of the GNU General Public License                          */\r
  11 /* as published by the Free Software Foundation.                                                        */\r
  12 /****************************************************************************/\r
  13 \r
  14 define('AT_INCLUDE_PATH', '../include/');\r
  15 require (AT_INCLUDE_PATH.'vitals.inc.php');\r
  16 \r
  17 if (!$_SESSION['enroll']) {\r
  18         $msg->addInfo('NOT_ENROLLED');\r
  19         require(AT_INCLUDE_PATH.'header.inc.php');\r
  20         require(AT_INCLUDE_PATH.'footer.inc.php');\r
  21         exit;\r
  22 }\r
  23 \r
  24 require (AT_INCLUDE_PATH.'lib/links.inc.php');\r
  25 \r
  26 if (!manage_links()) {\r
  27         $_pages['links/index.php']['children']  = array('links/add.php');\r
  28 }\r
  29 \r
  30 if (!isset($_POST['url'])) {\r
  31         $_POST['url'] = "http://";\r
  32 }\r
  33 \r
  34 if (isset($_POST['cancel'])) {\r
  35         $msg->addFeedback('CANCELLED');\r
  36         header('Location: '.AT_BASE_HREF.'links/index.php');\r
  37         exit;\r
  38 } else if (isset($_POST['add_link']) && isset($_POST['submit'])) {\r
  39         $missing_fields = array();\r
  40         if ($_POST['cat'] == 0 || $_POST['cat'] == '') {\r
  41                 $missing_fields[] = _AT('category');\r
  42         }\r
  43         if (trim($_POST['title']) == '') {\r
  44                 $missing_fields[] = _AT('title');\r
  45         }\r
  46         if (trim($_POST['url']) == '' || $_POST['url'] == 'http://') {\r
  47                 $missing_fields[] = _AT('url');\r
  48         }\r
  49         if (trim($_POST['description']) == '') {\r
  50                 $missing_fields[] = _AT('description');\r
  51         }\r
  52 \r
  53         if ($missing_fields) {\r
  54                 $missing_fields = implode(', ', $missing_fields);\r
  55                 $msg->addError(array('EMPTY_FIELDS', $missing_fields));\r
  56         }\r
  57 \r
  58 \r
  59         if (!$msg->containsErrors() && isset($_POST['submit'])) {\r
  60 \r
  61                 $_POST['cat'] = intval($_POST['cat']);\r
  62                 $_POST['title']  = $addslashes($_POST['title']);\r
  63                 $_POST['url'] == $addslashes($_POST['url']);\r
  64                 $_POST['description']  = $addslashes($_POST['description']);\r
  65 \r
  66                 $name = get_display_name($_SESSION['member_id']);\r
  67                 $email = '';\r
  68 \r
  69                 $approved = 0; //not approved for student submissions\r
  70 \r
  71                 $sql    = "INSERT INTO ".TABLE_PREFIX."links VALUES (NULL, $_POST[cat], '$_POST[url]', '$_POST[title]', '$_POST[description]', $approved, '$name', '$email', NOW(), 0)";\r
  72                 mysql_query($sql, $db);\r
  73         \r
  74                 $msg->addFeedback('LINK_ADDED');\r
  75 \r
  76                 header('Location: '.AT_BASE_HREF.'links/index.php');\r
  77                 exit;\r
  78         } else {\r
  79                 $_POST['title']  = stripslashes($_POST['title']);\r
  80                 $_POST['url'] == stripslashes($_POST['url']);\r
  81                 $_POST['description']  = stripslashes($_POST['description']);\r
  82         }\r
  83 }\r
  84 $onload = 'document.form.title.focus();';\r
  85 \r
  86 require(AT_INCLUDE_PATH.'header.inc.php');\r
  87 \r
  88 $categories = get_link_categories();\r
  89 \r
  90 if (empty($categories)) {\r
  91         $msg->addInfo('NO_LINK_CATEGORIES');\r
  92         $msg->printInfos();\r
  93 \r
  94 } else {\r
  95 ?>\r
  96 <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="form">\r
  97 <input type="hidden" name="add_link" value="true" />\r
  98 \r
  99 <div class="input-form">\r
 100         <div class="row">\r
 101                 <div class="required" title="<?php echo _AT('required_field'); ?>">*</div><label for="title"><?php echo _AT('title'); ?></label><br />\r
 102                 <input type="text" name="title" size="40" id="title" value="<?php echo $_POST['title']; ?>"/>\r
 103         </div>\r
 104 \r
 105         <div class="row">\r
 106                 <div class="required" title="<?php echo _AT('required_field'); ?>">*</div><label for="cat"><?php echo _AT('category'); ?></label><br />\r
 107                 <select name="cat" id="cat"><?php\r
 108                         if ($pcat_id) {\r
 109                                 $current_cat_id = $pcat_id;\r
 110                                 $exclude = false; /* don't exclude the children */\r
 111                         } else {\r
 112                                 $current_cat_id = $cat_id;\r
 113                                 $exclude = true; /* exclude the children */\r
 114                         }\r
 115                         select_link_categories($categories, 0, $_POST['cat'], FALSE);\r
 116                         ?>\r
 117                 </select>\r
 118         </div>\r
 119         \r
 120         <div class="row">\r
 121                 <div class="required" title="<?php echo _AT('required_field'); ?>">*</div><label for="url"><?php echo _AT('url'); ?></label><br />\r
 122                 <input type="text" name="url" size="40" id="url" value="<?php echo $_POST['url']; ?>" />\r
 123         </div>\r
 124 \r
 125         <div class="row">\r
 126                 <div class="required" title="<?php echo _AT('required_field'); ?>">*</div><label for="description"><?php echo _AT('description'); ?></label><br />\r
 127                 <textarea name="description" cols="55" rows="2" id="description" ><?php echo $_POST['description']; ?></textarea>\r
 128         </div>\r
 129         \r
 130         <div class="row buttons">\r
 131                 <input type="submit" name="submit" value="<?php echo _AT('submit'); ?>" accesskey="s" />\r
 132                 <input type="submit" name="cancel" value="<?php echo _AT('cancel'); ?> " />\r
 133         </div>\r
 134 </div>\r
 135 </form>\r
 136 \r
 137 <?php \r
 138 }       \r
 139 require(AT_INCLUDE_PATH.'footer.inc.php'); ?>