function works_save_meta()
{
global $xoopsSecurity;
$id = rmc_server_var($_POST, 'id', 0);
if ($id <= 0) {
redirectMsg('works.php', __('You must provide a work ID!', 'works'), 1);
die;
}
$work = new PWWork($id);
if ($work->isNew()) {
redirectMsg('works.php', __('Specified work does not exists!', 'works'), 1);
die;
}
if (!$xoopsSecurity->check()) {
redirectMsg('works.php?id=' . $id . '&op=meta', __('Session token expired!', 'works'), 1);
die;
}
$name = rmc_server_var($_POST, 'name', '');
$value = rmc_server_var($_POST, 'value', '');
if ($name == '' || $value == '') {
redirectMsg('works.php?id=' . $id . '&op=meta', __('Please, fill all data!', 'works'), 1);
die;
}
$name = TextCleaner::sweetstring($name);
$db = XoopsDatabaseFactory::getDatabaseConnection();
$sql = "SELECT COUNT(*) FROM " . $db->prefix("pw_meta") . " WHERE name='{$name}' AND work='{$id}'";
list($num) = $db->fetchRow($db->query($sql));
$value = TextCleaner::addslashes($value);
if ($num > 0) {
$sql = "UPDATE " . $db->prefix("pw_meta") . " SET value='{$value}' WHERE name='{$name}' AND work='{$id}'";
} else {
$sql = "INSERT INTO " . $db->prefix("pw_meta") . " (`value`,`name`,`work`) VALUES ('{$value}','{$name}','{$id}')";
}
if ($db->queryF($sql)) {
redirectMsg('works.php?id=' . $id . '&op=meta', __('Custom field added successfully!', 'works'), 0);
} else {
redirectMsg('works.php?id=' . $id . '&op=meta', __('Custom field could not be added. Please try again!', 'works') . '<br />' . $db->error(), 1);
}
}
