50 lines
1.9 KiB
PHP
50 lines
1.9 KiB
PHP
<?require ("global.php");?>
|
|
<?php
|
|
|
|
$tag = 0;
|
|
if (isset($_POST['tag'])) { $tag = $_POST['tag']; }
|
|
|
|
if ($tag != 0)
|
|
{
|
|
$query = "UPDATE events SET name = '" . myaddslashes($_POST['name'])
|
|
. "', date_start = '" . $_POST['year_start'] . "-"
|
|
. $_POST['month_start'] . "-" . $_POST['day_start']
|
|
. "', date_end = '" . $_POST['year_end'] . "-"
|
|
. $_POST['month_end'] . "-" . $_POST['day_end']
|
|
. "', status = '" . $_POST['status']
|
|
. "', header_html = '" . myaddslashes($_POST['header_html'])
|
|
. "', footer_html = '" . myaddslashes($_POST['footer_html'])
|
|
. "', banner_html = '" . myaddslashes($_POST['banner_html'])
|
|
. "', tower_html = '" . myaddslashes($_POST['tower_html'])
|
|
. "', map_key= '" . myaddslashes($_POST['map_key'])
|
|
. "', title= '" . myaddslashes($_POST['title'])
|
|
. "', notes = '" . myaddslashes($_POST['notes'])
|
|
. "' WHERE tag = '$tag'";
|
|
$result = mysql_query($query, $db);
|
|
}
|
|
else
|
|
{
|
|
$tag = date("Ymdhis") . rand();
|
|
$query = "INSERT INTO events (tag, userID, name, status, date_start, date_end, header_html, footer_html, banner_html, tower_html, map_key, title, notes) VALUES ('"
|
|
. $tag . "','"
|
|
. $_POST['userID'] . "','"
|
|
. myaddslashes($_POST['name']) . "','"
|
|
. $_POST['status'] . "','"
|
|
. $_POST['year_start'] . "-" . $_POST['month_start'] . "-"
|
|
. $_POST['day_start'] . "','"
|
|
. $_POST['year_end'] . "-" . $_POST['month_end'] . "-"
|
|
. $_POST['day_end'] . "','"
|
|
. myaddslashes($_POST['header_html']) . "','"
|
|
. myaddslashes($_POST['footer_html']) . "','"
|
|
. myaddslashes($_POST['banner_html']) . "','"
|
|
. myaddslashes($_POST['tower_html']) . "','"
|
|
. myaddslashes($_POST['map_key']) . "','"
|
|
. myaddslashes($_POST['title']) . "','"
|
|
. myaddslashes($_POST['notes']) . "')";
|
|
$result = mysql_query($query, $db);
|
|
}
|
|
|
|
header("Location: /tick/events.php");
|
|
|
|
?>
|