function add_year_end_staff_pick($order, $html)
{
$order = mysql_real_escape_string($order);
$insert = "INSERT INTO year_end_staff_picks VALUES (id, '" . $order . "', '" . $html . "', 'n')";
$result = mysql_query($insert);
if (!$result) {
echo $insert . "<br>";
die('Error Inserting into Database.');
}
echo "<div class=\"center\"><h1>Success!</h1>" . "<h3>New Year End Staff Pick has been saved</h3>" . "<hr width=75%>";
display_year_end_staff_pick(get_year_end_staff_pick(mysql_insert_id()));
echo "</div>";
}
echo '<div class="top-spacer_20 center error">Error - missing ID value</div>';
} elseif ($action == "update") {
$year_end_staff_pick = get_year_end_staff_pick($id);
echo "<form action=\"year_end_staff_picks_update.php?id=" . $id . "\" method=\"post\" class=\"form-internal inline input-seperation\" id=\"admin\">";
require "partials/_year_end_staff_picks_form.php";
echo "</form>";
} else {
$order = $_POST['order'];
$html = $_POST['html'];
if (!$order || !$html) {
echo '<div class="top-spacer_20 center error">Error - missing required value(s)</div>';
} else {
$result = update_year_end_staff_picks($id, $order, $html);
if ($result) {
echo '<div class="top-spacer_20 center"><h1>Update was successful!</h1>';
display_year_end_staff_pick(get_year_end_staff_pick($id));
echo "</div>";
}
}
}
?>
<div class="top-spacer_20">
<a href="year_end_staff_picks_view_all.php">View all Year End Staff Picks</a>
<p>
<a href="cp.php">Control Panel</a>
</div>
</div>
</div> <!-- end of row div -->
<?php
}
require "partials/_footer.php";
