# HG changeset patch # User paulo # Date 1339152851 25200 # Node ID 37ebfd93c8c25801f700043e261e1f30b76bf727 # Parent 4d71846e56eee4271ed7f50df6a77f8ec4fe139f add laterlinks diff -r 4d71846e56ee -r 37ebfd93c8c2 laterlinks/index.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/laterlinks/index.php Fri Jun 08 03:54:11 2012 -0700 @@ -0,0 +1,130 @@ + + +
+ + +' . "\n"; + + foreach ($_POST as $postKey => $postValue) { + if ($postKey != "pin") + echo $postKey . " => " . $postValue . "\n"; + else if ($postKey == "pin") { + echo 'pin => '; + for ($i = 0, $n = strlen($postValue); $i < $n; $i++) echo 'x'; + echo "\n"; + $pin = $postValue; + } + } + + if ($pin == $_MY_PIN) { + echo "PIN OK \n"; + + $query = NULL; + + if ($_POST["submit"] == "Delete") { + $delete_ids = array(); + $delete_id_prefix = "delete_id_"; + $delete_id_prefix_len = strlen($delete_id_prefix); + foreach ($_POST as $postKey => $postValue) { + if (strncmp($postKey, $delete_id_prefix, $delete_id_prefix_len) == 0) + array_push($delete_ids, intval($postValue)); + } + if (count($delete_ids) > 0) { + $query = sprintf("DELETE FROM LaterLinks WHERE id in (%s)", join(',', $delete_ids)); + echo $query; + } + } else if ($_POST["submit"] == "Add") { + $title = mysql_real_escape_string(trim($_POST["title"])); + $url = mysql_real_escape_string(trim($_POST["url"])); + if (strlen($title) && strlen($url)) { + $query = sprintf("INSERT INTO LaterLinks SET title='%s', url='%s'", $title, $url); + echo $query; + } + } + + if (!is_null($query)) + mysql_query($query); + } else + echo "PIN FAIL \n"; + + echo '' . "\n"; + } + +?> + + + +