function updateBot()
{
global $bot_id, $bot_name;
$botId = isset($_POST['bot_id']) ? $_POST['bot_id'] : $bot_id;
$dbconn = db_open();
$msg = "";
if (!empty($_POST['newEntryName'])) {
$newEntryNames = $_POST['newEntryName'];
$newEntryValues = $_POST['newEntryValue'];
$addSQL = "Insert into `botpersonality` (`id`, `bot`, `name`, `value`) values\n";
$addSQLTemplate = "(null, {$bot_id}, '[key]', '[value]'),\n";
foreach ($newEntryNames as $index => $key) {
$value = $newEntryValues[$index];
if (empty($value)) {
continue;
}
$tmpSQL = str_replace('[key]', $key, $addSQLTemplate);
$tmpSQL = str_replace('[value]', $value, $tmpSQL);
$addSQL .= $tmpSQL;
}
$addSQL = rtrim($addSQL, ",\n");
$result = mysql_query($addSQL, $dbconn) or die('You have a SQL error on line ' . __LINE__ . ' of ' . __FILE__ . '. Error message is: ' . mysql_error() . ".<br />SQL:<br /><pre>\n{$addSQL}\n<br />\n</pre>\n");
if (!$result) {
$msg = 'Error updating bot personality.';
} elseif ($msg == "") {
$msg = 'Bot personality added.';
}
}
$updateSQL = "UPDATE `botpersonality` SET `value` = CASE `name` \n";
$sql = "SELECT * FROM `botpersonality` where bot = {$botId};";
$changes = array();
$additions = array();
$result = mysql_query($sql, $dbconn) or $msg .= SQL_Error(mysql_errno());
if ($result) {
while ($row = mysql_fetch_assoc($result)) {
$id = $row['id'];
$name = $row['name'];
$value = $row['value'];
$postVal = isset($_POST[$name]) ? $_POST[$name] : '';
if (!empty($postVal)) {
if ($postVal != $value) {
$changes[$id] = mysql_real_escape_string(stripslashes_deep($postVal));
$additions[$id] = $name;
}
}
}
}
if (!empty($additions)) {
$changesText = implode(',', array_keys($changes));
foreach ($changes as $id => $value) {
$name = $additions[$id];
$updateSQL .= sprintf("WHEN '%s' THEN '%s' \n", $name, $value);
}
$updateSQL .= "END WHERE `id` IN ({$changesText});";
$saveSQL = str_replace("\n", "\r\n", $updateSQL);
$result = mysql_query($updateSQL, $dbconn) or die('You have a SQL error on line ' . __LINE__ . ' of ' . __FILE__ . '. Error message is: ' . mysql_error() . ".<br />SQL:<br /><pre>\n{$updateSQL}\n<br />\n</pre>\n");
if (!$result) {
$msg = 'Error updating bot.';
}
$msg = empty($msg) ? 'Bot personality updated.' : $msg;
} else {
$msg = 'Something';
}
mysql_close($dbconn);
return $msg;
}
#$topNavLinks = makeLinks('top', $topLinks, 12);
$topNavLinks = '';
$leftNavLinks = '';
$mediaType = ' media="screen"';
$mainTitle = 'Program O Login';
$FooterInfo = '<p>© 2011-2012 My Program-O<br /><a href="http://www.program-o.com">www.program-o.com</a></p>';
$headerTitle = '';
$pageTitle = 'My-Program O - Login';
$upperScripts = '';
if (isset($_POST['uname']) && isset($_POST['pw'])) {
$_SESSION['poadmin']['display'] = $hide_logo;
$uname = mysql_real_escape_string(strip_tags(trim($_POST['uname'])));
$pw = mysql_real_escape_string(strip_tags(trim($_POST['pw'])));
$dbconn = db_open();
$sql = "SELECT * FROM `myprogramo` WHERE uname = '" . $uname . "' AND pword = '" . MD5($pw) . "'";
$result = mysql_query($sql, $dbconn) or $msg .= SQL_Error(mysql_errno());
if ($result) {
$count = mysql_num_rows($result);
if ($count > 0) {
$row = mysql_fetch_array($result);
$_SESSION['poadmin']['uid'] = $row['id'];
$_SESSION['poadmin']['name'] = $row['uname'];
$_SESSION['poadmin']['lip'] = $row['lastip'];
$_SESSION['poadmin']['llastlogin'] = date('l jS \\of F Y h:i:s A', strtotime($row['lastlogin']));
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
//check ip from share internet
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
//to check ip is pass from proxy
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
