paulo@33:
paulo@33:
paulo@33:
paulo@33: 0) {
paulo@33: echo '
' . "\n";
paulo@33:
paulo@33: foreach ($_POST as $postKey => $postValue) {
paulo@33: if ($postKey != "pin")
paulo@33: echo $postKey . " => " . $postValue . "\n";
paulo@33: else if ($postKey == "pin") {
paulo@33: echo 'pin => ';
paulo@33: for ($i = 0, $n = strlen($postValue); $i < $n; $i++) echo 'x';
paulo@33: echo "\n";
paulo@33: $pin = $postValue;
paulo@33: }
paulo@33: }
paulo@33:
paulo@33: if ($pin == $_MY_PIN) {
paulo@33: echo "PIN OK \n";
paulo@33:
paulo@33: $query = NULL;
paulo@33:
paulo@33: if ($_POST["submit"] == "Delete") {
paulo@33: $delete_ids = array();
paulo@33: $delete_id_prefix = "delete_id_";
paulo@33: $delete_id_prefix_len = strlen($delete_id_prefix);
paulo@33: foreach ($_POST as $postKey => $postValue) {
paulo@33: if (strncmp($postKey, $delete_id_prefix, $delete_id_prefix_len) == 0)
paulo@33: array_push($delete_ids, intval($postValue));
paulo@33: }
paulo@33: if (count($delete_ids) > 0) {
paulo@33: $query = sprintf("DELETE FROM LaterLinks WHERE id in (%s)", join(',', $delete_ids));
paulo@33: echo $query;
paulo@33: }
paulo@33: } else if ($_POST["submit"] == "Add") {
paulo@33: $title = mysql_real_escape_string(trim($_POST["title"]));
paulo@33: $url = mysql_real_escape_string(trim($_POST["url"]));
paulo@33: if (strlen($title) && strlen($url)) {
paulo@33: $query = sprintf("INSERT INTO LaterLinks SET title='%s', url='%s'", $title, $url);
paulo@33: echo $query;
paulo@33: }
paulo@33: }
paulo@33:
paulo@33: if (!is_null($query))
paulo@33: mysql_query($query);
paulo@33: } else
paulo@33: echo "PIN FAIL \n";
paulo@33:
paulo@33: echo '' . "\n";
paulo@33: }
paulo@33:
paulo@33: ?>
paulo@33:
paulo@33:
paulo@33:
paulo@33: