science-ation/admin/fundraising_sponsorship_handler.inc.php

<?
if($_GET['action']=="sponsorshipdelete") {
	mysql_query("DELETE FROM sponsorships WHERE id='".intval($_GET['delete'])."'");
	if(mysql_affected_rows())
		message_push(happy(i18n("Successfully removed sponsorship")));
}

if($_POST['action']=="sponsorshipedit" || $_POST['action']=="sponsorshipadd") {
	$sponsors_id=intval($_POST['sponsors_id']);
	$sponsorships_id=intval($_POST['sponsorships_id']);
	$fundraising_type=mysql_real_escape_string($_POST['fundraising_type']);
	
	$value=mysql_real_escape_string($_POST['value']);
	$status=mysql_real_escape_string($_POST['status']);
	$probability=mysql_real_escape_string($_POST['probability']);

	if($status=="confirmed" || $status=="received") $probability="100";
	if($probability==100 && $status=="pending") $status="confirmed";
}

if($_POST['action']=="sponsorshipedit") {
	if($sponsorships_id && $sponsors_id && $fundraising_type && $value) {
		mysql_query("UPDATE sponsorships SET sponsors_id='$sponsors_id', fundraising_type='$fundraising_type', value='$value', status='$status', probability='$probability' WHERE id='$sponsorships_id'");
		if(mysql_error())
			message_push(error(mysql_error()));
		else
			message_push(happy(i18n("Saved sponsorship changes")));
	}
	else {
		message_push(error(i18n("Required fields were missing, please try again")));
	}
	
}
if($_POST['action']=="sponsorshipadd") {
	if($sponsors_id && $fundraising_type && $value) {
		mysql_query("INSERT INTO sponsorships (sponsors_id,fundraising_type,value,status,probability,year) VALUES ('$sponsors_id','$fundraising_type','$value','$status','$probability','{$config['FAIRYEAR']}')");
		message_push(happy(i18n("Added new sponsorship")));
	}
	else
		message_push(error(i18n("Required fields were missing, please try again")));
	if(mysql_error())
		message_push(error(mysql_error()));
}

?>