function update_from_post() { # check user submitted rating & imdb url $this->_url = wp_movie_ratings_utf8_raw_url_decode(trim($_POST["url"])); $this->_rating = intval($_POST["rating"]); # wrong rating $msg = $this->parse_rating(); if (!empty($msg)) { return $msg; } # wrong imdb link (if entered) if (!empty($this->_url)) { $msg = $this->parse_imdb_url(); if (!empty($msg)) { return $msg; } } $this->_title = wp_movie_ratings_real_unescape_string($_POST["title"]); $title_screen = wp_movie_ratings_real_escape_string($this->_title, array("encode_html" => true, "output" => "screen")); $title_db = wp_movie_ratings_real_escape_string($this->_title, array("encode_html" => true, "output" => "database")); # str_replace here is just so f*****g wrong... (no idea how to do it better, though) $this->_review = str_replace(" & ", " & ", $_POST["review"]); $review_db = wp_movie_ratings_real_escape_string($this->_review, array("output" => "database")); $this->_replacement_url = wp_movie_ratings_utf8_raw_url_decode(trim($_POST["replacement_url"])); $this->_watched_on = wp_movie_ratings_real_unescape_string($_POST["watched_on"]); $watched_on_db = wp_movie_ratings_real_escape_string($this->_watched_on, array("output" => "database")); $sql = "UPDATE {$this->_table} SET imdb_url_short='{$this->_url_short}', title='{$title_db}', rating={$this->_rating}, review='{$review_db}', replacement_url='{$this->_replacement_url}', watched_on='{$watched_on_db}' WHERE id={$this->_id} LIMIT 1"; $this->_wpdb->query($sql); $this->_wpdb->show_errors(); if ($this->_wpdb->rows_affected > 0) { return '<div id="message" class="updated fade"><p><strong>' . $title_screen . ' rated ' . $this->_rating . '/10 updated.</strong></p></div>'; } else { return '<div id="message" class="error fade"><p><strong>Error: ' . $title_screen . ' not updated.</strong></p></div>'; } }
function wp_movie_ratings_management_page() { # DATABASE -> ADD A NEW MOVIE # Get title of the movie and save its rating in the database if (isset($_POST["action"]) && substr(strtolower($_POST["action"]), 0, 3) == "add") { $url = isset($_POST["url"]) ? wp_movie_ratings_utf8_raw_url_decode($_POST["url"]) : null; $rating = isset($_POST["rating"]) ? $_POST["rating"] : null; $title = isset($_POST["title"]) ? wp_movie_ratings_utf8_raw_url_decode($_POST["title"]) : ""; $review = isset($_POST["review"]) ? wp_movie_ratings_utf8_raw_url_decode($_POST["review"]) : ""; $replacement_url = isset($_POST["replacement_url"]) ? wp_movie_ratings_utf8_raw_url_decode($_POST["replacement_url"]) : ""; $watched_on = isset($_POST["watched_on"]) ? wp_movie_ratings_utf8_raw_url_decode($_POST["watched_on"]) : null; $movie = new Movie($url, $rating, $review, $title, $replacement_url, $watched_on); $msg = $movie->parse_rating(); if (empty($msg)) { if (!empty($url)) { $msg = $movie->parse_imdb_url(); } # fetch title from imdb if (empty($msg) && empty($title) && !empty($url)) { $msg = $movie->get_title(); } # save new movie rating in the database if (empty($msg)) { $msg = $movie->save(); } } echo wp_movie_ratings_utf8_raw_url_decode($msg); $m = new Movie(); # new 'empty' movie object } # DATABASE -> DELETE MOVIE if (isset($_POST["action"]) && substr(strtolower($_POST["action"]), 0, 6) == "delete") { $mm = new Movie(); $movie = $mm->get_movie_by_id($_POST["id"]); if ($movie != null) { echo $movie->delete(); } else { echo '<div id="message" class="error fade"><p><strong>Error: no movie review to delete.</strong></p></div>'; } } # DATABASE -> UPDATE MOVIE DATA if (isset($_POST["action"]) && substr(strtolower($_POST["action"]), 0, 6) == "update") { $movie = new Movie(); $m = $movie->get_movie_by_id($_POST["id"]); if (isset($_POST["url"]) && isset($_POST["title"]) && isset($_POST["rating"]) && isset($_POST["review"]) && isset($_POST["replacement_url"]) && isset($_POST["watched_on"])) { echo $m->update_from_post(); } } # EDIT MOVIE if (isset($_POST["action"]) && $_POST["action"] == "edit" || isset($_GET["action"]) && $_GET["action"] == "edit" && !isset($_POST["action"])) { $movie = new Movie(); $id = isset($_POST["id"]) ? $_POST["id"] : (isset($_GET["id"]) ? $_GET["id"] : 0); $m = $movie->get_movie_by_id($id); $dialog_title = "Edit"; $action = "Update"; if ($m == null) { echo '<div id="message" class="error fade"><p><strong>Error: movie review not found.</strong></p></div>'; } } else { # ADD MOVIE $dialog_title = "Add a new"; $action = "Add a new"; $m = new Movie(null, 7); # new 'empty' movie object (7 is the default rating) } $dialog_title .= " movie rating"; ?> <div class="wrap"> <h2><?php echo $dialog_title; ?> </h2> <?php if ($m != null) { $m->show_add_edit_form($action); } wp_movie_ratings_show(20, array("text_ratings" => "yes", "include_review" => "no", "sidebar_mode" => "no")); ?> <p>If you'd like to edit earlier movie reviews you need to create a <a href="http://pawelgoscicki.com/projects/wp-movie-ratings/#installation">movie reviews page</a> and click (while being logged in) on the small 'e' link next to the movie title.</p> <?php wp_movie_ratings_show_statistics("detailed"); ?> <h2>Bookmarklet</h2> <p>Add the following link to your Bookmarklets folder so you can rate your movies without visiting Wordpress administration page. You must be <strong>logged in</strong> to your Wordpress blog for it to work, though.</p> <p><a href="javascript:(function(){open('<?php echo wp_movie_ratings_get_plugin_path("absolute"); ?> add_movie.html?url='+escape(location.href),'<?php echo basename(__FILE__, ".php"); ?> ','toolbar=no,width=432,height=335')})()" title="Add movie rating bookmarklet">Add movie rating bookmarklet</a></p> </div> <?php }