<?php
error_reporting(0);
include 'core/init.php';
if (!empty($_REQUEST['project_id'])) {
if (set_active_project($_REQUEST['project_id'])) {
header("Location: load.php");
}
}
$projects = get_project_list();
if (empty($projects)) {
//redirects if there's no active project for the user (if they've not created one)
header("Location: new_project.php");
exit;
}
if (!empty($_GET) && isset($_GET['id']) && isset($_GET['action']) && $_GET['action'] == 'delete') {
$deleteProject = get_project($_GET['id']);
if (empty($deleteProject)) {
$_SESSION['delete-project-message'] = "No project with that ID exists.";
header("Location: load.php");
exit;
}
if ($deleteProject['user_id'] != $_SESSION['user_id']) {
$_SESSION['delete-project-message'] = "You do not have access to that project.";
header("Location: load.php");
exit;
}
if ($deleteProject['project_id'] == $activeProject['project_id']) {
$_SESSION['delete-project-message'] = "Unable to delete active project. Switch to a different project to delete this one.";
header("Location: load.php");
exit;
function create_project($project_data, $project_name, $user_id, $faction_qty)
{
$project_name = sanitize($project_name);
mysql_query("INSERT INTO `projects` (`user_id`, `project_name`, `faction_qty`) VALUES ('{$user_id}', '{$project_name}', '{$faction_qty}')");
$project_id = mysql_result(mysql_query("SELECT `project_id` FROM `projects` WHERE `project_name`='{$project_name}' and `user_id` = '{$user_id}'"), 0);
set_active_project($project_id);
if (!empty($project_data['faction'])) {
foreach ($project_data['faction'] as $faction_num => $faction_name) {
mysql_query("INSERT INTO `factions` (`faction_name`, `faction_num`, `project_id`) VALUES ('{$faction_name}', '{$faction_num}', '{$project_id}')");
}
}
return $project_id;
}
