# HG changeset patch
# User paulo
# Date 1339152851 25200
# Node ID 37ebfd93c8c25801f700043e261e1f30b76bf727
# Parent  4d71846e56eee4271ed7f50df6a77f8ec4fe139f
add laterlinks

diff -r 4d71846e56ee -r 37ebfd93c8c2 laterlinks/index.php
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/laterlinks/index.php	Fri Jun 08 03:54:11 2012 -0700
@@ -0,0 +1,130 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
+<HTML>
+<HEAD>
+<META NAME="generator" CONTENT="http://txt2tags.sf.net">
+<LINK REL="stylesheet" TYPE="text/css" HREF="index.css">
+<TITLE>later links...</TITLE>
+</HEAD>
+<BODY>
+
+<DIV CLASS="header" ID="header">
+<H1>later links...</H1>
+</DIV>
+
+<DIV CLASS="body" ID="body">
+
+<?php
+
+	include('../../login.php');
+	$database = 'pauloang_laterlinks';
+	
+	$link = mysql_connect('localhost', $username, $password);
+	if (!$link)
+		die('Could not connect to MySQL server: ' . mysql_error());
+	
+	$db_selected = mysql_select_db($database, $link);
+	if (!$db_selected)
+		die('Could not select database: ' . mysql_error());
+
+?>
+	
+<?php
+
+	$_MY_PIN = 'qwop';
+	$pin = '';
+
+	if (count($_POST) > 0) {
+		echo '<PRE>' . "\n";
+
+		foreach ($_POST as $postKey => $postValue) {
+			if ($postKey != "pin")
+				echo $postKey . " => " . $postValue . "\n";
+			else if ($postKey == "pin") {
+				echo 'pin => ';
+				for ($i = 0, $n = strlen($postValue); $i < $n; $i++) echo 'x';
+				echo "\n";
+				$pin = $postValue;
+			}
+		}
+
+		if ($pin == $_MY_PIN) {
+			echo "PIN OK \n";
+
+			$query = NULL;
+
+			if ($_POST["submit"] == "Delete") {
+				$delete_ids = array();
+				$delete_id_prefix = "delete_id_";
+				$delete_id_prefix_len = strlen($delete_id_prefix);
+				foreach ($_POST as $postKey => $postValue) {
+					if (strncmp($postKey, $delete_id_prefix, $delete_id_prefix_len) == 0)
+						array_push($delete_ids, intval($postValue));
+				}
+				if (count($delete_ids) > 0) {
+					$query = sprintf("DELETE FROM LaterLinks WHERE id in (%s)", join(',', $delete_ids));
+					echo $query;
+				}
+			} else if ($_POST["submit"] == "Add") {
+				$title = mysql_real_escape_string(trim($_POST["title"]));
+				$url = mysql_real_escape_string(trim($_POST["url"]));
+				if (strlen($title) && strlen($url)) {
+					$query = sprintf("INSERT INTO LaterLinks SET title='%s', url='%s'", $title, $url);
+					echo $query;
+				}
+			}
+
+			if (!is_null($query))
+				mysql_query($query);
+		} else
+			echo "PIN FAIL \n";
+
+		echo '</PRE>' . "\n";
+	}
+
+?>
+
+<FORM ACTION="index.php" METHOD=post>
+
+<TABLE>
+<TR>
+ <TH>Link</TH>
+ <TH>Created</TH>
+ <TH><INPUT TYPE=submit NAME="submit" VALUE="Delete"></TH>
+</TR>
+
+<?php
+
+	$query = 'SELECT * FROM LaterLinks';
+	$results = mysql_query($query);
+	
+	while ($row = mysql_fetch_assoc($results)) {
+		echo '<TR>';
+		echo ' <TD><A HREF="'.$row['url'].'">'.$row['title'].'</A></TD>';
+		echo ' <TD>'.$row['created_at'].'</TD>';
+		echo ' <TD><INPUT TYPE=checkbox NAME="delete_id_'.$row['id'].'" VALUE="'.$row['id'].'"></TD>';
+		echo '</TR>';
+	}
+	
+	mysql_free_result($results);
+	mysql_close($link);
+?>
+
+</TABLE>
+
+<P>
+<LABEL>Title<INPUT TYPE=text NAME="title"></LABEL><BR>
+<LABEL>URL<INPUT TYPE=text NAME="url"></LABEL><BR>
+<INPUT TYPE=submit NAME="submit" VALUE="Add">
+<P>
+
+<P>
+<INPUT TYPE=password NAME="pin" VALUE="<?php echo $pin ?>">
+</P>
+
+</FORM>
+
+</DIV>
+
+<!-- html code generated by txt2tags 2.4 (http://txt2tags.sf.net) -->
+<!-- cmdline: txt2tags index.t2t -->
+</BODY></HTML>