-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcharacteredit.php
More file actions
84 lines (74 loc) · 3.2 KB
/
characteredit.php
File metadata and controls
84 lines (74 loc) · 3.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
<?php include "include.php" ?>
<html>
<head>
<title>Character Editor</title>
</head>
<body>
<?php
$pcid = mysql_real_escape_string($_GET['pcid']);
$mode = mysql_real_escape_string($_GET['mode']);
$pcname = mysql_real_escape_string($_GET['pcname']);
$pcplayer = mysql_real_escape_string($_GET['pcplayer']);
$pcactive = mysql_real_escape_string($_GET['pcactive']);
if (!$pcid && !$mode) {
print "Select character to edit: (<a href=\"characteredit.php?mode=add\">Add new character</a>)";
print "<form action=\"characteredit.php\">";
print "<select name=\"pcid\">";
$pcsql = mysql_query("SELECT pcid,name,player FROM playercharacter", $mysql);
while (list($pcid, $pcname, $player) = mysql_fetch_row($pcsql)) {
print "<option value=\"$pcid\">$pcname ($player)</option>";
}
print "</select><br>";
print "<br><input type=\"submit\" value=\"Edit\">";
}
if ($pcid && !$mode) {
// Pull all character data from database
$pcsql = mysql_query("SELECT * FROM playercharacter WHERE pcid=\"$pcid\"", $mysql);
$pchash = mysql_fetch_assoc($pcsql);
$pcname = $pchash['name'];
$pcplayer = $pchash['player'];
$pcactive = $pchash['active'];
$pcdate = $pchash['date'];
$pcenterer = $pchash['enterer'];
print "<form action=\"characteredit.php\">";
print "Now editing <b>$pcname</b> (<a href=\"characteredit.php\">change?</a>)<br>";
print "PC-ID: $pcid<br>";
print "Edited: $pcdate by $pcenterer<br><br>";
print "Name: <input type=\"text\" name=\"pcname\" value=\"$pcname\"><br>";
print "Played By: <input type=\"text\" name=\"pcplayer\" value=\"$pcplayer\"><br>";
print "Active? Yes <input type=\"radio\" name=\"pcactive\" value=\"1\" checked>";
print " No <input type=\"radio\" name=\"pcactive\" value=\"0\"><br>";
print "<input type=\"hidden\" name=\"mode\" value=\"update\">";
print "<input type=\"hidden\" name=\"pcid\" value=\"$pcid\">";
print "<br><input type=\"submit\" value=\"Save\">";
}
if ($pcid && ($mode == 'update') && $pcname && $pcplayer) {
$pcsql = mysql_query("UPDATE playercharacter SET name=\"$pcname\", player=\"$pcplayer\", active = \"$pcactive\", date = NOW(), enterer = \"$username\" WHERE pcid=\"$pcid\"", $mysql);
if ($pcsql) {
print "Saved! <a href=\"characteredit.php\">Do Another?</a>";
} else {
print "<br><br><b>Somethings not right! Did not update!</b>";
}
}
if (!$pcid && $mode == 'add') {
print "Add a new character:<br>";
print "<form action=\"characteredit.php\">";
print "Name: <input type=\"text\" name=\"pcname\"><br>";
print "Played By: <input type=\"text\" name=\"pcplayer\"><br>";
print "Active? Yes <input type=\"radio\" name=\"pcactive\" value=\"1\" checked>";
print " No <input type=\"radio\" name=\"pcactive\" value=\"0\"><br>";
print "<input type=\"hidden\" name=\"mode\" value=\"insert\">";
print "<br><input type=\"submit\" value=\"Save\">";
}
if (!$pcid && ($mode == 'insert') && $pcname && $pcplayer && $pcactive) {
$pcsql = mysql_query("INSERT INTO playercharacter (name, player, active, date, enterer) VALUES (\"$pcname\",\"$pcplayer\",\"$pcactive\", NOW(), \"$username\")", $mysql);
if (!$pcsql) {
print "<br><br><b>Somethings not right! Did not update!</b>";
} else {
print "Saved! <a href=\"characteredit.php\">Do Another?</a>";
}
}
?>
<?php include "footer.php" ?>
</body>
</html>