<?php define("TITLE", "Drink | CineMad"); include 'includes/header.php'; // Strip bad characters function // Learn more about preg_replace: http://php.net/manual/en/function.preg-replace.php function strip_bad_chars($input) { $output = preg_replace("/[^a-zA-Z0-9_-]/", "", $input); return $output; } if (isset($_GET['item'])) { $menuItem = strip_bad_chars($_GET['item']); $dish = $menuItems[$menuItem]; } ?> <!--======================================================== CONTENT =========================================================--> <?php $conn = mysqli_connect("mysql31.unoeuro.com", "examserver4_dk8", "4pf3kmta"); if (!$conn) { die("could not connect: " . mysqli_error($conn)); } $dish = $_GET['item']; mysqli_set_charset($conn, "utf8"); mysqli_select_db($conn, "examserver49_dk_db");
function new_tplset($new_tplsetname) { global $CLASS, $POLLTBL; $now = date("Y-m-d H:i:s", time()); $tpl_array = array("display_head", "display_loop", "display_foot", "result_head", "result_loop", "result_foot", "comment"); $CLASS["db"]->query("INSERT INTO {$POLLTBL['poll_tplset']} (tplset_name,created) VALUES ('{$new_tplsetname}','{$now}')"); $CLASS["db"]->fetch_array($CLASS["db"]->query("select max(tplset_id) as tplset_id from {$POLLTBL['poll_tplset']}")); $new_tpl_id = $CLASS["db"]->record["tplset_id"]; for ($i = 0; $i < sizeof($tpl_array); $i++) { $CLASS["db"]->query("INSERT INTO {$POLLTBL['poll_tpl']} (tplset_id,title,template) VALUES ('{$new_tpl_id}','{$tpl_array[$i]}','')"); } } if (!isset($new_tplsetname)) { $new_tplsetname = ''; } else { $new_tplsetname = trim(strip_bad_chars($new_tplsetname)); } if (empty($new_tplsetname) && isset($action)) { $message = $lang['tpl_bad']; } elseif (!empty($new_tplsetname) && isset($action)) { $CLASS["db"]->fetch_array($CLASS["db"]->query("SELECT * FROM {$POLLTBL['poll_tplset']} WHERE tplset_name='{$new_tplsetname}'")); if ($CLASS["db"]->record) { $message = $lang['tpl_exist']; } else { new_tplset($new_tplsetname); $message = $lang['tpl_succes']; } } else { $message = $lang['tpl_new']; } $select_field = get_tplset();