$catd = preg_split('/\\|/', $category); $parent = trim($catd[0]); $catname = trim($catd[1]); $cat = mysql_real_escape_string($catname); $par = mysql_real_escape_string($parent); $sql = "SELECT id FROM category WHERE category_title LIKE '{$cat}'; "; $ids = DBQuery::return_values_from_sql($sql); if (count($ids) == 1) { $cat_id = $ids[0]; $sql = "INSERT INTO incident_category (category_id, incident_id) VALUES ('{$cat_id}', '{$id}'); "; mysql_query($sql); } elseif (count($ids) > 1) { #ambiguous name - get parent's $sql = "SELECT category.id FROM category WHERE category.category_title LIKE '{$cat}' "; $sql .= "AND category.parent_id IN (SELECT par.id FROM category AS par WHERE par.category_title LIKE '{$par}');"; $pids = DBQuery::return_values_from_sql($sql); if (count($ids) == 1) { $cat_id = $pids[0]; $sql = "INSERT INTO incident_category (category_id, incident_id) VALUES ('{$cat_id}', '{$id}'); "; mysql_query($sql); } } else { /** # This code will automatically add a new category with that name - commented out for now $sql = "INSERT INTO category (category_title) VALUES ('$cat'); "; $res = mysql_query($sql); $cat_id = DBQuery::get_last_id(); $sql = "INSERT INTO incident_category (category_id, incident_id) VALUES ('$cat_id', '$id'); "; */ }
/** * returns the list of values of $ret_field if a record with $field = $value exists in the given $table * return an empty array otherwise */ public static function return_values($field, $value, $table, $ret_field) { $sql = "SELECT {$ret_field} FROM {$table} WHERE {$field} = '{$value}';"; return DBQuery::return_values_from_sql($sql); }