$proj_id = $_REQUEST["proj_id"]; if ($action == "add" || $action == "edit") { $name = $_REQUEST["name"]; $description = $_REQUEST["description"]; $assigned = isset($_REQUEST["assigned"]) ? $_REQUEST['assigned'] : array(); $task_status = $_REQUEST["task_status"]; } if (!isset($action)) { Header("Location: {$HTTP_REFERER}"); } elseif ($action == "add") { $name = addslashes($name); $description = addslashes($description); //create a time string for >>now<< $time_string = date("Y-m-d H:i:00"); list($qh, $num) = dbQuery("INSERT INTO {$TASK_TABLE} (proj_id, name, description, assigned, started, status) VALUES " . "('{$proj_id}', '{$name}','{$description}', " . "'{$time_string}', '{$time_string}', '{$task_status}')"); $task_id = dbLastID($dbh); if (isset($assigned)) { while (list(, $username) = each($assigned)) { dbQuery("INSERT INTO {$TASK_ASSIGNMENTS_TABLE} (proj_id, task_id, username) VALUES ({$proj_id}, {$task_id}, '{$username}')"); } } // redirect to the task management page (we're done) Header("Location: task_maint.php?proj_id={$proj_id}"); } elseif ($action == "edit") { $name = addslashes($name); $description = addslashes($description); $query = "UPDATE {$TASK_TABLE} set name='{$name}',description='{$description}'," . " status='{$task_status}' " . " where task_id={$task_id}"; list($qh, $num) = dbquery($query); if ($assigned) { dbQuery("Delete from {$TASK_ASSIGNMENTS_TABLE} where task_id = {$task_id}"); while (list(, $username) = each($assigned)) {
function dbInsert($data, $table) { global $fullSql; // the following block swaps the parameters if they were given in the wrong order. // it allows the method to work for those that would rather it (or expect it to) // follow closer with SQL convention: // insert into the TABLE this DATA if (is_string($data) && is_array($table)) { $tmp = $data; $data = $table; $table = $tmp; print_debug('Parameters passed to dbInsert() were in reverse order.'); } $sql = 'INSERT INTO `' . $table . '` (`' . implode('`,`', array_keys($data)) . '`) VALUES (' . implode(',', dbPlaceHolders($data)) . ')'; $time_start = microtime(true); //dbBeginTransaction(); $result = dbQuery($sql, $data); if ($result) { // This should return true if insert succeeded, but no ID was generated $id = dbLastID(); //dbCommitTransaction(); } else { //dbRollbackTransaction(); $id = FALSE; } $time_end = microtime(true); $GLOBALS['db_stats']['insert_sec'] += number_format($time_end - $time_start, 8); $GLOBALS['db_stats']['insert']++; return $id; }