function works_save_meta() { global $xoopsSecurity; $id = rmc_server_var($_POST, 'id', 0); if ($id <= 0) { redirectMsg('works.php', __('You must provide a work ID!', 'works'), 1); die; } $work = new PWWork($id); if ($work->isNew()) { redirectMsg('works.php', __('Specified work does not exists!', 'works'), 1); die; } if (!$xoopsSecurity->check()) { redirectMsg('works.php?id=' . $id . '&op=meta', __('Session token expired!', 'works'), 1); die; } $name = rmc_server_var($_POST, 'name', ''); $value = rmc_server_var($_POST, 'value', ''); if ($name == '' || $value == '') { redirectMsg('works.php?id=' . $id . '&op=meta', __('Please, fill all data!', 'works'), 1); die; } $name = TextCleaner::sweetstring($name); $db = XoopsDatabaseFactory::getDatabaseConnection(); $sql = "SELECT COUNT(*) FROM " . $db->prefix("pw_meta") . " WHERE name='{$name}' AND work='{$id}'"; list($num) = $db->fetchRow($db->query($sql)); $value = TextCleaner::addslashes($value); if ($num > 0) { $sql = "UPDATE " . $db->prefix("pw_meta") . " SET value='{$value}' WHERE name='{$name}' AND work='{$id}'"; } else { $sql = "INSERT INTO " . $db->prefix("pw_meta") . " (`value`,`name`,`work`) VALUES ('{$value}','{$name}','{$id}')"; } if ($db->queryF($sql)) { redirectMsg('works.php?id=' . $id . '&op=meta', __('Custom field added successfully!', 'works'), 0); } else { redirectMsg('works.php?id=' . $id . '&op=meta', __('Custom field could not be added. Please try again!', 'works') . '<br />' . $db->error(), 1); } }