arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Make conference saving work again

Browse Source
This commit is contained in:
james 2010-12-07 19:26:39 +00:00
parent e278505bc0
commit 673b0b51f8
1 changed files with 23 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
super/conferences.php
View File

@ -133,8 +133,8 @@ if(array_key_exists('action', $_GET)){
break; break;
case 'edit': case 'edit':
// give them an editor in which to modify an existing conference // give them an editor in which to modify an existing conference
$cid = $_POST['id']; $cid = intval($_POST['id']);
if(is_numeric($cid)){ if(!$cid){
$conf = mysql_fetch_assoc(mysql_query("SELECT * FROM conferences WHERE id = $cid")); $conf = mysql_fetch_assoc(mysql_query("SELECT * FROM conferences WHERE id = $cid"));
if(is_array($conf)){ if(is_array($conf)){
echo "<table>"; echo "<table>";
@ -162,33 +162,35 @@ if(array_key_exists('action', $_GET)){
break; break;
case 'save': case 'save':
// save the new conference data for the conference that's being edited // save the new conference data for the conference that's being edited
$confId = $_POST['id']; $confId = intval($_POST['id']);
if(!is_numeric($confId)){ if(!$confId) {
error_("invalid conference id"); error_("invalid conference id");
} }
// verify that the specified conference already exists else {
$countRecord = mysql_fetch_assoc(mysql_query("SELECT COUNT(*) as tally FROM conferences WHERE id = $confId"), 0); // verify that the specified conference already exists
$tally = $countRecord['tally']; $countRecord = mysql_fetch_assoc(mysql_query("SELECT COUNT(*) as tally FROM conferences WHERE id = $confId"));
if($tally == 1){ $tally = $countRecord['tally'];
// ok, it's a valid conference id. Let's go ahead and update the data for it if($tally == 1){
$confType = mysql_real_escape_string($_POST['confType']); // ok, it's a valid conference id. Let's go ahead and update the data for it
$confName = mysql_real_escape_string($_POST['confName']); $confType = mysql_real_escape_string($_POST['confType']);
$confStatus = mysql_real_escape_string($_POST['confStatus']); $confName = mysql_real_escape_string($_POST['confName']);
mysql_query("UPDATE conferences SET type='$confType', name='$confName', status='$confStatus' WHERE id='$confId'"); $confStatus = mysql_real_escape_string($_POST['confStatus']);
$errMsg = mysql_error(); mysql_query("UPDATE conferences SET type='$confType', name='$confName', status='$confStatus' WHERE id='$confId'");
if($errMsg != null){ $errMsg = mysql_error();
error_("SQL error: $errMsg"); if($errMsg != null){
error_("SQL error: $errMsg");
}else{
happy_("Conference updated successfully");
}
}else{ }else{
happy_("Conference updated successfully"); error_("nonexistant conference id");
} }
}else{
error_("nonexistant conference id");
} }
break; break;
case 'delete': case 'delete':
// delete the specified conference // delete the specified conference
$confId = $_POST['id']; $confId = intval($_POST['id']);
if(!is_numeric($confId)){ if(!$confId){
error_("invalid conference id"); error_("invalid conference id");
}else{ }else{
mysql_query("UPDATE conferences set status='deleted' WHERE id = $confId"); mysql_query("UPDATE conferences set status='deleted' WHERE id = $confId");