function AJnewProfile() { $newprofile = processInputVar('newname', ARG_STRING); if (get_magic_quotes_gpc()) { $newprofile = stripslashes($newprofile); $newprofile = mysql_escape_string($newprofile); } # TODO add check for existing name $query = "SELECT id FROM vmprofile WHERE profilename = '{$newprofile}'"; $qh = doQuery($query, 101); if ($row = mysql_fetch_assoc($qh)) { header('Content-Type: text/json-comment-filtered; charset=utf-8'); $arr = array('failed' => 'exists'); print '/*{"items":' . json_encode($arr) . '}*/'; return; } $query = "INSERT INTO vmprofile (profilename) VALUES ('{$newprofile}')"; doQuery($query, 101); $qh = doQuery("SELECT LAST_INSERT_ID() FROM vmprofile", 101); $row = mysql_fetch_row($qh); $newid = $row[0]; AJprofileData($newid); }
function AJnewProfile() { $newprofile = processInputVar('newname', ARG_STRING); if (get_magic_quotes_gpc()) { $newprofile = stripslashes($newprofile); $newprofile = mysql_real_escape_string($newprofile); } $query = "SELECT id FROM vmprofile WHERE profilename = '{$newprofile}'"; $qh = doQuery($query, 101); if ($row = mysql_fetch_assoc($qh)) { sendJSON(array('failed' => 'exists')); return; } $imageid = getImageId('noimage'); $query = "INSERT INTO vmprofile (profilename, imageid) VALUES ('{$newprofile}', {$imageid})"; doQuery($query, 101); $qh = doQuery("SELECT LAST_INSERT_ID() FROM vmprofile", 101); $row = mysql_fetch_row($qh); $newid = $row[0]; AJprofileData($newid); }