-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathupdate.php
63 lines (62 loc) · 2.26 KB
/
update.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
<?php
if ((isset($_POST['journal'])) && (strlen(trim($_POST['journal'])) > 0)) {
$journal = stripslashes(strip_tags($_POST['journal']));
}
else {
$journal = 'No journal name entered';
}
if ((isset($_POST['title'])) && (strlen(trim($_POST['title'])) > 0)) {
$title = stripslashes(strip_tags($_POST['title']));
}
else {
$title = 'No title entered';
}
if ((isset($_POST['authors'])) && (strlen(trim($_POST['authors'])) > 0)) {
$authors = stripslashes(strip_tags($_POST['authors']));
}
else {
$authors = 'No authors entered';
}
if ((isset($_POST['year'])) && (strlen(trim($_POST['year'])) > 0)) {
$year = stripslashes(strip_tags($_POST['year']));
}
else {
$year = 'year';
}
if ((isset($_POST['location'])) && (strlen(trim($_POST['location'])) > 0)) {
$location = stripslashes(strip_tags($_POST['location']));
}
else {
$location = 'No location entered';
}
if ((isset($_POST['keywords'])) && (strlen(trim($_POST['keywords'])) > 0)) {
$keywords = stripslashes(strip_tags($_POST['keywords']));
}
else {
$keywords = 'No keywords entered';
}
ob_start();
?>
<?
$body = ob_get_contents();
require_once("database.php");
function update_table($journal, $title, $authors, $year, $location, $keywords)
{
$sql = "SELECT COUNT(*) FROM listing2 WHERE location = '". mysql_real_escape_string($location) . "'";
$ref = mysql_query($sql);
$result = mysql_result($ref, 0);
if($result == 0)
{
$sql = sprintf("INSERT INTO listing2 (journal, title, authors, year, location, keywords) VALUES ('%s','%s','%s','%s', '%s', '%s')", mysql_real_escape_string($journal), mysql_real_escape_string($title), mysql_real_escape_string($authors), mysql_real_escape_string($year), mysql_real_escape_string($location), mysql_real_escape_string($keywords));
$ref = mysql_query($sql);
$result = mysql_result($ref,0);
}
else
{
$sql = sprintf("UPDATE listing2 SET journal='%s', title='%s', authors='%s', year='%s', keywords='%s' WHERE location ='%s'", mysql_real_escape_string($journal), mysql_real_escape_string($title), mysql_real_escape_string($authors), mysql_real_escape_string($year), mysql_real_escape_string($keywords), mysql_real_escape_string($location));
$ref = mysql_query($sql);
$result = mysql_result($ref,0);
}
}
update_table($journal, $title, $authors, $year, $location, $keywords);
?>