newname = '$teamName';"); }else{ error_("Unable to update record"); echo(""); } break; case 'delete': $success = false; $teamId = mysql_real_escape_string($_POST['teamId']); $teamName = mysql_real_escape_string($_POST['teamname']); // a quick check to make sure the team being updated does indeed belong // to this school $query = 'SELECT COUNT(*) AS tally FROM so_teams WHERE schools_id=' . $_SESSION['schoolid'] . ' AND id=' . $teamId; $testResults = mysql_fetch_array(mysql_query($query)); if($testResults['tally'] == 1){ // ok, the team belongs to the school that this session belongs to. We can // can go ahead and save the changes. $query = 'DELETE FROM so_teams '; $query .= 'WHERE schools_id=' . $_SESSION['schoolid'] . ' '; $query .= 'AND id=' . $teamId; if(mysql_query($query)){ $success = true; } } if($success){ happy_("Team successfully deleted"); echo(""); }else{ error_("Unable to delete record"); echo(""); } break; default: draw_page(); } }else{ header('Location: schoolaccess.php'); } function draw_page(){ global $conference; $title = i18n("Manage Teams"); send_header($title, array("School Home" => "schoolaccess.php")); ?> '; $teamList = mysql_query("SELECT * FROM so_teams WHERE schools_id = " . $_SESSION['schoolid'] . " AND conferences_id = " . $conference['id']); while($teamList && $team = mysql_fetch_array($teamList)){ echo '

' . $team['name'] . "

\n"; echo '
' . "\n"; echo '
'; echo i18n('name') . ': '; echo '
'; echo "'; echo "'; echo ""; echo '
'; echo "
"; } echo '

' . i18n("New Team") . '

'; echo '
'; echo '
'; echo '' . "\n"; echo '
'; echo ''; echo '
'; echo "
\n"; echo ''; send_footer(); } ?>