// do not show the interface } $buttons = ""; if (isset($_REQUEST['new'])) { $new = true; } else { $new = false; } if (isset($_REQUEST['edit']) || $new) { $edit = true; } else { $edit = false; } $del = isset($_REQUEST['del']); if (isset($_REQUEST['Party'])) { if (!$del || !delParty($_REQUEST['Party'])) { $Party = readParty($_REQUEST['Party']); } else { $Party = false; } // delete was a succes! } else { if ($new) { $Party = new Party(); } else { $Party = false; } } if ($Party) { writeHead("<TITLE>Party - VIRO - ADL Prototype</TITLE>" . ($edit ? '<SCRIPT type="text/javascript" src="edit.js"></SCRIPT>' : '<SCRIPT type="text/javascript" src="navigate.js"></SCRIPT>') . "\n"); if ($edit) {
$name = htmlspecialchars(@$_POST['name'], ENT_HTML5, 'utf-8'); $place = htmlspecialchars(@$_POST['place'], ENT_HTML5, 'utf-8'); $host = htmlspecialchars(@$_POST['host'], ENT_HTML5, 'utf-8'); $datetime = htmlspecialchars(@$_POST['datetime'], ENT_HTML5, 'utf-8'); $code = addParty($mysqli, $name, $place, $host, $datetime); if ($code == 0) { report(0, "OK"); } else { report(1, "Internal server error."); } } else { if ($action == "delparty") { $pid_array = $_REQUEST['parties']; $flag = 0; foreach ($pid_array as $pid) { $code = delParty($mysqli, $pid); if ($code == 1) { report(1, "One of the parties you have attempted to delete is not in the database. Please refresh your page. If this happens again, please contact Big Green Snake and report this incident."); $flag = 1; break; } else { if ($code == 2) { report(2, "Internal server error."); $flag = 1; break; } } } if ($flag == 0) { report(0, "OK"); }