$description = $_REQUEST['description'];
$idvalue = $_REQUEST['id'];
if ($title && $description) {
if ($idvalue) {
$sql = 'UPDATE ads SET ' . "title='" . mysql_real_escape_string($title) . "', " . "description='" . mysql_real_escape_string($description) . "', " . "updated_at= NOW() " . "WHERE id=" . "'" . mysql_real_escape_string($idvalue) . "' AND " . $authzsql;
$result = mysql_query($sql);
$retval = mysql_affected_rows();
if ($retval != 1) {
$message = "Error, unable to update ad.";
$action = 'edit';
} else {
$message = "Updated record for '" . $title . "' id=" . $idvalue;
$action = 'main';
}
} else {
$sql = 'INSERT INTO ads ' . '( title, description, course_key, user_key, user_name, user_image, created_at, updated_at ) ' . ' VALUES ( ' . "'" . mysql_real_escape_string($title) . "', " . "'" . mysql_real_escape_string($description) . "', " . "'" . mysql_real_escape_string($context->getCourseKey()) . "', " . "'" . mysql_real_escape_string($context->getUserKey()) . "', " . "'" . mysql_real_escape_string($context->getUserName()) . "', " . "'" . mysql_real_escape_string($context->getUserImage()) . "', " . " NOW(), NOW() ) ";
$result = mysql_query($sql);
$retval = mysql_affected_rows();
if ($retval != 1) {
$message = "Error, unable to insert ad.";
$action = 'add';
} else {
$idvalue = mysql_insert_id();
$message = "Inserted ad '" . $name . "' id=" . $idvalue;
$action = 'main';
$context->redirect();
}
}
} else {
$message = "Error, please specify all data.";
$action = 'add';
<h2>
A Very Basic LTI Tool
</h2>
</header>
<div id="page-content">
<?php
if ($context->valid) {
?>
<h2>Hello, <?php
echo $context->getUserName();
?>
!</h2>
<p id="image-wrapper">
<img src="<?php
echo $context->getUserImage();
?>
" alt="<?php
echo $context->getUserName();
?>
" />
</p>
<p class="clearme">
</p>
<?php
if ($_POST['launch_presentation_return_url']) {
?>
<p>
The LMS is allowing you to make a call-back. Feel free to send the LMS a message that it will display back to the user.
</p>
<form method="GET" action="<?php
