function updateBot() { global $bot_id, $bot_name; $botId = isset($_POST['bot_id']) ? $_POST['bot_id'] : $bot_id; $dbconn = db_open(); $msg = ""; if (!empty($_POST['newEntryName'])) { $newEntryNames = $_POST['newEntryName']; $newEntryValues = $_POST['newEntryValue']; $addSQL = "Insert into `botpersonality` (`id`, `bot`, `name`, `value`) values\n"; $addSQLTemplate = "(null, {$bot_id}, '[key]', '[value]'),\n"; foreach ($newEntryNames as $index => $key) { $value = $newEntryValues[$index]; if (empty($value)) { continue; } $tmpSQL = str_replace('[key]', $key, $addSQLTemplate); $tmpSQL = str_replace('[value]', $value, $tmpSQL); $addSQL .= $tmpSQL; } $addSQL = rtrim($addSQL, ",\n"); $result = mysql_query($addSQL, $dbconn) or die('You have a SQL error on line ' . __LINE__ . ' of ' . __FILE__ . '. Error message is: ' . mysql_error() . ".<br />SQL:<br /><pre>\n{$addSQL}\n<br />\n</pre>\n"); if (!$result) { $msg = 'Error updating bot personality.'; } elseif ($msg == "") { $msg = 'Bot personality added.'; } } $updateSQL = "UPDATE `botpersonality` SET `value` = CASE `name` \n"; $sql = "SELECT * FROM `botpersonality` where bot = {$botId};"; $changes = array(); $additions = array(); $result = mysql_query($sql, $dbconn) or $msg .= SQL_Error(mysql_errno()); if ($result) { while ($row = mysql_fetch_assoc($result)) { $id = $row['id']; $name = $row['name']; $value = $row['value']; $postVal = isset($_POST[$name]) ? $_POST[$name] : ''; if (!empty($postVal)) { if ($postVal != $value) { $changes[$id] = mysql_real_escape_string(stripslashes_deep($postVal)); $additions[$id] = $name; } } } } if (!empty($additions)) { $changesText = implode(',', array_keys($changes)); foreach ($changes as $id => $value) { $name = $additions[$id]; $updateSQL .= sprintf("WHEN '%s' THEN '%s' \n", $name, $value); } $updateSQL .= "END WHERE `id` IN ({$changesText});"; $saveSQL = str_replace("\n", "\r\n", $updateSQL); $result = mysql_query($updateSQL, $dbconn) or die('You have a SQL error on line ' . __LINE__ . ' of ' . __FILE__ . '. Error message is: ' . mysql_error() . ".<br />SQL:<br /><pre>\n{$updateSQL}\n<br />\n</pre>\n"); if (!$result) { $msg = 'Error updating bot.'; } $msg = empty($msg) ? 'Bot personality updated.' : $msg; } else { $msg = 'Something'; } mysql_close($dbconn); return $msg; }
#$topNavLinks = makeLinks('top', $topLinks, 12); $topNavLinks = ''; $leftNavLinks = ''; $mediaType = ' media="screen"'; $mainTitle = 'Program O Login'; $FooterInfo = '<p>© 2011-2012 My Program-O<br /><a href="http://www.program-o.com">www.program-o.com</a></p>'; $headerTitle = ''; $pageTitle = 'My-Program O - Login'; $upperScripts = ''; if (isset($_POST['uname']) && isset($_POST['pw'])) { $_SESSION['poadmin']['display'] = $hide_logo; $uname = mysql_real_escape_string(strip_tags(trim($_POST['uname']))); $pw = mysql_real_escape_string(strip_tags(trim($_POST['pw']))); $dbconn = db_open(); $sql = "SELECT * FROM `myprogramo` WHERE uname = '" . $uname . "' AND pword = '" . MD5($pw) . "'"; $result = mysql_query($sql, $dbconn) or $msg .= SQL_Error(mysql_errno()); if ($result) { $count = mysql_num_rows($result); if ($count > 0) { $row = mysql_fetch_array($result); $_SESSION['poadmin']['uid'] = $row['id']; $_SESSION['poadmin']['name'] = $row['uname']; $_SESSION['poadmin']['lip'] = $row['lastip']; $_SESSION['poadmin']['llastlogin'] = date('l jS \\of F Y h:i:s A', strtotime($row['lastlogin'])); if (!empty($_SERVER['HTTP_CLIENT_IP'])) { //check ip from share internet $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { //to check ip is pass from proxy $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else {