function nr_add() { function add_book_form() { ?> <form method="post" action=""> <?php wp_nonce_field('nr_add_book'); ?> <input type="hidden" name="stage" value="2" /> <div class="by_isbn"> <h3>Search by ISBN</h3> <p class="add_isbn"><label for="isbn">ISBN:</label></p> <p><input type="text" id="isbn" name="isbn" /></p> <p><input type="submit" value="Search" /></p> </div> <div class="by_title"> <h3>Search by title/author</h3> <p class="add_title"><label for="title">Title</label></p> <p><input type="text" id="title" name="title" /></p> <p class="add_author"><label for="author">Author (optional)</label></p> <p><input type="text" id="author" name="author" /></p> <p><input type="submit" value="Search" /></p> </div> </form> <?php } $stage = intval($_REQUEST['stage']); ?> <div class="wrap nr_add"> <h2>Add a Book</h2> <?php if (empty($stage) || $stage == 1) { ?> <p>Enter the details of the book you'd like to find, and Now Reading will search Amazon to try and find it.</p> <?php add_book_form(); ?> <?php } elseif ($stage == 2) { check_admin_referer('nr_add_book'); $isbn = $_POST['isbn']; $title = $_POST['title']; $author = $_POST['author']; $books = query_amazon("title={$title}&author={$author}&isbn={$isbn}"); if (count($books) > 0) { ?> <p>I found <?php echo count($books); ?> results for your query:</p> <div class="amazon_results"> <?php foreach ((array) $books as $book) { ?> <div class="amazon_result"> <form method="post" action=""> <?php wp_nonce_field('nr_add_book_' . md5(serialize($book))); ?> <input type="hidden" name="stage" value="3" /> <input type="hidden" name="book" value="<?php echo htmlentities(serialize($book)); ?> " /> <img src="<?php echo $book['image']; ?> " alt="" /> <h3><?php echo $book['title']; ?> </h3> <p>by <?php echo $book['author']; ?> </p> <p><input type="submit" value="Use this result" /></p> </form> </div> <?php } ?> </div> <p>No good? <a href="?page=add_book">Try searching again</a>.</p> <?php } else { ?> <p>Sorry, I couldn't find any results from Amazon.</p> <p><a href="?page=add_book">Search again?</a></p> <?php } ?> <?php } elseif ($stage == 3) { ?> <?php check_admin_referer('nr_add_book_' . md5(stripslashes($_POST['book']))); $book = unserialize(stripslashes($_POST['book'])); $id = add_book($book); if ($id > 0) { ?> <br /> <div class="updated"><p><strong>Success! Your book was added.</strong></p></div> <p>Add another?</p> <?php add_book_form(); ?> <?php } else { ?> <p>Oops! There was an error adding your book.</p> <?php } ?> <?php } ?> </div> <?php }
/** * The write admin page deals with the searching for and ultimate addition of books to the database. */ function now_reading_add() { $_POST = stripslashes_deep($_POST); global $wpdb; $options = get_option('nowReadingOptions'); if( !$nr_url ) { $nr_url = new nr_url(); $nr_url->load_scheme($options['menuLayout']); } if ( !empty($_GET['error']) ) { echo ' <div id="message" class="error fade"> <p><strong>' . __("Error adding book!", NRTD) . '</strong></p> </div> '; } if ( !empty($_GET['added']) ) { echo ' <div id="message" class="updated fade"> <p><strong>' . __("Book added.", NRTD) . '</strong></p> <ul> <li><a href="' . $nr_url->urls['manage'] . '">' . __("Manage books", NRTD) . ' »</a></li> <li><a href="' . apply_filters('book_edit_url', $nr_url->urls['manage'] . '&action=editsingle&id=' . intval($_GET['added'])) . '">' . __("Edit this book") . ' »</a></li> <li><a href="' . library_url(0) . '">' . __("View Library", NRTD) . ' »</a></li> <li><a href="' . get_option('home') . '">' . __("View Site") . ' »</a></li> </ul> </div> '; } echo ' <div class="wrap"> <h2>Now Reading Redux</h2> '; if ( !empty($_POST['u_isbn']) || !empty($_POST['u_author']) || !empty($_POST['u_title']) ) { echo '<h3>' . __("Search Results", NRTD) . '</h3>'; $isbn = $_POST['u_isbn']; $author = $_POST['u_author']; $title = $_POST['u_title']; if ( !empty($_POST['u_isbn']) ) $using_isbn = true; if ( $using_isbn ) $results = query_amazon("isbn=$isbn"); else $results = query_amazon("title=$title&author=$author"); if ( is_wp_error($results) ) { foreach ( (array) $results->get_error_codes() as $code ) { if ( $code == 'curl-not-installed' ) { echo ' <div id="message" class="error fade"> <p><strong>' . __("Oops!", NRTD) . '</strong></p> <p>' . __("I couldn't fetch the results for your search, because you don't have cURL installed!", NRTD) . '</p> <p>' . __("To solve this problem, please switch your <strong>HTTP Library</strong> setting to <strong>Snoopy</strong>, which works on virtually all server setups.", NRTD) . '</p> <p>' . sprintf(__("You can change your options <a href='%s'>here</a>.", NRTD), $nr_url->urls['options']) . '</p> </div> '; } } } else { if ( !$results ) { if ( $using_isbn ) echo '<div class="error"><p>' . sprintf(__("Sorry, but amazon%s did not return any results for the ISBN number <code>%s</code>.", NRTD), $options['domain'], $isbn) . '</p></div>'; else echo '<div class="error"><p>' . sprintf(__("Sorry, but amazon%s did not return any results for the book “%s”", NRTD), $options['domain'], $title) . '</p></div>'; } else { if ( $using_isbn ) echo '<p>' . sprintf(__("You searched for the ISBN <code>%s</code>. amazon%s returned these results:", NRTD), $isbn, $options['domain']) . '</p>'; else echo '<p>' . sprintf(__("You searched for the book “%s”. amazon%s returned these results:", NRTD), $title, $options['domain']) . '</p>'; foreach ( (array) $results as $result ) { extract($result); $data = serialize($result); echo ' <form method="post" action="' . get_option('siteurl') . '/wp-content/plugins/now-reading-redux/admin/add.php" style="border:1px solid #ccc; padding:5px; margin:5px;"> '; if ( function_exists('wp_nonce_field') ) wp_nonce_field('now-reading-add'); echo ' <input type="hidden" name="amazon_data" value="' . htmlentities($data, ENT_QUOTES, "UTF-8") . '" /> <img src="' . htmlentities($image, ENT_QUOTES, "UTF-8") . '" alt="" style="float:left; margin:8px; padding:2px; width:46px; height:70px; border:1px solid #ccc;" /> <h3>' . htmlentities($title, ENT_QUOTES, "UTF-8") . '</h3> ' . (($author) ? '<p>by <strong>' . htmlentities($author, ENT_QUOTES, "UTF-8") . '</strong></p>' : '<p>(' . __("No author", NRTD) . ')</p>') . ' ' . (($ed) ? htmlentities($ed, ENT_QUOTES, "UTF-8") . ' ' : ' ') . (($binding) ? htmlentities($binding, ENT_QUOTES, "UTF-8") . ' ' : ' ') . (($date) ? ' - ' . htmlentities($date, ENT_QUOTES, "UTF-8") . ' ' : ' ') . (($publisher) ? ' (' . htmlentities($publisher, ENT_QUOTES, "UTF-8") . ') ' : ' ') . ' <p style="clear:left;"><input class="button" type="submit" value="' . __("Use This Result", NRTD) . '" /></p> </form> '; } } } } echo ' <div class="nr-add-grouping"> <h3>' . __("Search for a book to add", NRTD) . '</h3>'; if ( !$thispage ) $thispage = $nr_urls['add']; echo ' <p>' . __("Enter some information about the book that you'd like to add, and I'll try to fetch the information directly from Amazon.", NRTD) . '</p> <p>' . sprintf(__("Now Reading is currently set to search the <strong>amazon%s</strong> domain; you can change this setting and others in the <a href='%s'>options page</a>.", NRTD), $options['domain'], $nr_url->urls['options']) . '</p> <form method="post" action="' . $thispage . '"> '; if ( function_exists('wp_nonce_field') ) wp_nonce_field('now-reading-add'); echo ' <p><label for="isbn"><acronym title="International Standard Book Number">ISBN</acronym>:</label><br /> <input type="text" name="u_isbn" id="isbn" size="25" value="' . $results[0]['asin'] . '" /></p> <p><strong>' . __("or", NRTD) . '</strong></p> <p><label for="title">' . __("Title", NRTD) . ':</label><br /> <input type="text" name="u_title" id="title" size="50" value="' . $results[0]['title'] . '" /></p> <p><label for="title">' . __("Author", NRTD) . ' (' . __("optional", NRTD) . '):</label><br /> <input type="text" name="u_author" id="author" size="50" value="' . $results[0]['author'] . '" /></p> <p><input class="button" type="submit" value="' . __("Search", NRTD) . '" /></p> </form> </div> <div class="nr-add-grouping"> <h3>' . __("Add a book manually", NRTD) . '</h3> <form method="post" action="' . get_option('siteurl') . '/wp-content/plugins/now-reading-redux/admin/add.php"> '; if ( function_exists('wp_nonce_field') ) wp_nonce_field('now-reading-manual-add'); echo ' <p><label for="custom_title">' . __("Title", NRTD) . ':</label><br /> <input type="text" name="custom_title" id="custom_title" size="50" /></p> <p><label for="custom_author">' . __("Author", NRTD) . ':</label><br /> <input type="text" name="custom_author" id="custom_author" size="50" /></p> <p><label for="custom_image">' . __("Link to image", NRTD) . ':</label><br /> <small>' . __("Remember, leeching images from other people's servers is nasty. Upload your own images or use Amazon's.", NRTD) . '</small><br /> <input type="text" name="custom_image" id="custom_image" size="50" /></p> <p><input class="button" type="submit" value="' . __("Add Book", NRTD) . '" /></p> </form> </div> </div> '; }
<?php require_once '../../../wp-blog-header.php'; if (!current_user_can('activate_plugins')) { die; } if ($_GET['amazon']) { echo "<p>query_amazon('title=1984&author=George Orwell')"; $books = query_amazon('title=1984&author=George Orwell'); if (count($books) > 0) { echo "<br />Success, found " . count($books) . " books:<br /><pre>"; var_dump($books); echo "</pre></p>"; } else { echo "<br />Failure!</p>"; } } else { echo ' <form method="get" action=""> <input type="hidden" name="amazon" value="1" /> <p><input type="submit" value="Test Amazon" /></p> </form>'; } if ($_GET['books']) { echo "<p>add_book('title=1984&author=George Orwell')"; $id = add_book('title=1984&author=George Orwell'); if ($id > 0) { echo "<br />Successfully created book, ID is {$id}.</p>";