$proper = is_csrf_proper(from($_REQUEST, 'csrf_token'));
$title = from($_REQUEST, 'title');
$quote = from($_REQUEST, 'quote');
$tag = from($_REQUEST, 'tag');
$url = from($_REQUEST, 'url');
$content = from($_REQUEST, 'content');
$description = from($_REQUEST, 'description');
$user = $_SESSION[config("site.url")]['user'];
$draft = from($_REQUEST, 'draft');
$category = from($_REQUEST, 'category');
if ($proper && !empty($title) && !empty($tag) && !empty($content) && !empty($quote)) {
if (!empty($url)) {
add_quote($title, $tag, $url, $content, $user, $description, $quote, $draft, $category);
} else {
$url = $title;
add_quote($title, $tag, $url, $content, $user, $description, $quote, $draft, $category);
}
} else {
$message['error'] = '';
if (empty($title)) {
$message['error'] .= '<li>Title field is required.</li>';
}
if (empty($tag)) {
$message['error'] .= '<li>Tag field is required.</li>';
}
if (empty($content)) {
$message['error'] .= '<li>Content field is required.</li>';
}
if (empty($quote)) {
$message['error'] .= '<li>Quote field is required.</li>';
}
$page[1] = isset($page[1]) ? $page[1] : null;
$page[2] = isset($page[2]) ? $page[2] : null;
if (preg_match('/=/', $page[0])) {
$tmppage = split("=", $page[0], 2);
$page[0] = trim($tmppage[0]);
$pageparam = trim($tmppage[1]);
} else {
$pageparam = null;
}
$limit = get_number_limit($pageparam, 1, $CONFIG['quote_list_limit']);
switch ($page[0]) {
case 'add':
if (isset($CONFIG['login_required']) && $CONFIG['login_required'] == 1 && !isset($_SESSION['logged_in'])) {
break;
}
add_quote($page[1]);
break;
case 'edit_news':
if (isset($_SESSION['logged_in']) && $_SESSION['level'] <= USER_ADMIN) {
edit_news($page[1], $page[2]);
}
break;
case 'add_news':
if (isset($_SESSION['logged_in']) && $_SESSION['level'] <= USER_ADMIN) {
add_news($page[1]);
}
break;
case 'add_user':
if (isset($_SESSION['logged_in']) && $_SESSION['level'] <= USER_SUPERUSER) {
add_user($page[1]);
}
