if (get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_escape_string($str);
}
echo $_FILES['img'] . "<br>";
echo $_FILES['img']['size'] . "<br>";
if (isset($_FILES['img']) && $_FILES['img']['size'] > 0) {
$tmpName = $_POST['img']['tmp_name'];
$fp = fopen($tmpName, 'r');
$data = fread($fp, filesize($tmpName));
$data = addslashes($data);
fclose($fp);
echo $data . "<br>";
}
$sql_qry = "INSERT INTO `mid`(\n\tid, \n\ttitle, \n\tlat, \n\tlng, \n\tmany, \n\tadvise, \n\tnotes,\n\timg)\nVALUES (\n\tNULL, \n\t'" . prepSQL($_POST['title']) . "', \n\t'" . prepSQL($_POST['lat']) . "', \n\t'" . prepSQL($_POST['lng']) . "', \n\t'" . prepSQL($_POST['many']) . "', \n\t'" . prepSQL($_POST['advise']) . "', \n\t'" . prepSQL($_POST['notes']) . "',\n\t'" . prepSQL($_POST['img']) . "')";
mysql_query($sql_qry) or die(mysql_error());
$db = mysql_query("SELECT id FROM `mid` ORDER BY id DESC LIMIT 1");
$row = mysql_fetch_array($db);
echo $sql_qry . "<br>";
echo json_encode($_POST) . "<br>";
echo json_encode($_FILES);
?>
<script>
var id;
if(localStorage.localid){
id=localStorage.localid.split(',');
}else{
id=[];
localStorage.localid=[];
}
die("Labels table NOT created: " . mysql_error() . "</br>");
}
// Create 'VotingBox' table--------------------------------------------------------------
// ID unique index for each entry
// voter identifier for the client submitting a ballot
// ballot the voter's selection
$newTable = "CREATE TABLE VotingBox (\r\n ID\t\t\t\tINT NOT NULL AUTO_INCREMENT PRIMARY KEY,\r\n voter\t\t\tTEXT,\r\n ballot\t\t\tTEXT\r\n )";
// Execute query
if (mysql_query($newTable)) {
echo "VotingBox table created</br>";
} else {
die("VotingBox table NOT created: " . mysql_error() . "</br>");
}
// Convert data FORM -> PHP
$varPass = $_POST['formPass'];
//Fill in the Attributes table
$newAttributes = "INSERT INTO Attributes (numberOfChoices, active, chartType, useLabels, adminPassword)\r\n\t\tVALUES (4, FALSE, 'vbar', FALSE, " . prepSQL($varPass) . ")";
// Execute query
if (mysql_query($newAttributes)) {
echo "</br>Attributes initialized: </br>\r\n 4 choices, </br>\r\n voting is not currently active, </br>\r\n results will be displayed as a horizontal bar graph, </br>\r\n labels will not be used, </br>\r\n the admin password is " . prepSQL($varPass) . "</br>";
} else {
die("Attributes NOT initialized: " . mysql_error() . "</br>");
}
// Close connection and notify user the script has completed
mysql_close($con);
echo "</br>COMPLETE</br></br>";
echo "You can now remove the 'setup.php' file. </br>";
}
?>
}
$query = 'INSERT INTO genre_tb (genre) VALUES
(' . prepSQL($genre) . ')';
mysql_query($query, $db) or die(mysql_error($db));
mysql_close($db);
header("Location: add-video.php");
exit;
}
if ($_POST['lang-submit'] == "Submit") {
$lang = $_POST['lang'];
if (safeSQL($lang) == '') {
header("Location: add-video.php");
exit;
}
$query = 'INSERT INTO lang_tb (lang) VALUES
(' . prepSQL($lang) . ')';
mysql_query($query, $db) or die(mysql_error($db));
mysql_close($db);
header("Location: add-video.php");
exit;
}
function prepSQL($value)
{
// Stripslashes
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
// Quote
$value = "'" . mysql_real_escape_string($value) . "'";
return $value;
}
