<?php
|
|
|
|
if($loggedIn)
|
|
{
|
|
$errors = array();
|
|
|
|
if(isset($_POST['new_quote']))
|
|
{
|
|
$i_name = mysqli_real_escape_string($dbc, trim($_POST['add_quote_name']));
|
|
$i_quote = mysqli_real_escape_string($dbc, trim($_POST['add_quote_quote']));
|
|
|
|
$q = "select * from people where name ='$i_name'";
|
|
|
|
$r = mysqli_query($dbc, $q);
|
|
|
|
if(@mysqli_num_rows($r) == 1)
|
|
{
|
|
while($row = mysqli_fetch_array($r))
|
|
{
|
|
$person_id = $row['person_id'];
|
|
|
|
}
|
|
|
|
if($_POST['add_quote_visibility'])
|
|
{
|
|
$q_create = "insert into quote (user_id, creation_date, person_id, quote, visibility) values ('" . $_SESSION['user_id'] . "', now(), '$person_id', '$i_quote', true)";
|
|
}
|
|
else
|
|
{
|
|
$q_create = "insert into quote (user_id, creation_date, person_id, quote, visibility) values ('" . $_SESSION['user_id'] . "', now(), '$person_id', '$i_quote', false)";
|
|
}
|
|
|
|
|
|
//echo $q_create;
|
|
|
|
mysqli_query($dbc, $q_create);
|
|
|
|
header("Location: quotes.php");
|
|
}
|
|
}
|
|
|
|
echo '<h1 class="w3-text-teal"><center>New Quote</center></h1>';
|
|
|
|
echo '<form action="quotes.php" method ="post" class="w3-container w3-card-4">';
|
|
|
|
$q = "select name from people order by name asc";
|
|
$r = mysqli_query($dbc, $q);
|
|
echo '<select class="w3-select" name ="add_quote_name">';
|
|
|
|
while($row = mysqli_fetch_array($r))
|
|
{
|
|
echo '<option value="' . $row['name'] . '">';
|
|
|
|
echo $row['name'] . '</option>';
|
|
}
|
|
|
|
echo '</select>';
|
|
|
|
echo '<div class="w3-group">
|
|
<input class="w3-input" type="text" name="add_quote_quote" required>
|
|
<label class="w3-label w3-validate">Quote</label>
|
|
</div>
|
|
|
|
<input class="w3-check" type="checkbox" name="add_quote_visibility" checked>
|
|
<label class="w3-validate">Public<label>
|
|
|
|
|
|
<p><input type="submit" name="Submit" value="Create Quote" class="w3-padding-16 w3-hover-dark-grey w3-btn-block w3-center-align" /></p>
|
|
<input type="hidden" name="new_quote" value="TRUE" />
|
|
|
|
|
|
</form>';
|
|
|
|
foreach($errors as $msg)
|
|
{
|
|
echo " - $msg<br />";
|
|
}
|
|
}
|
|
|
|
?>
|