newuser455 |
06-09-2005 02:49 AM |
It is their free version. Add.php is not the only form that does this. One in the admin section does the same thing. Add.php is as follows:
Code:
<?php
include("application.php");
function ShowFormAddLink() {
global $template_path;
global $cat,$title,$url,$category,$description,$contact_name,$email,$bid,$ma,$HTTP_POST_VARS;
global $error_msg;
if(empty($url)) { $url = 'http://'; }
if(empty($bid)) { $bid = '0.00'; }
$title = $HTTP_POST_VARS['title'];
$title = stripslashes($title);
$url = stripslashes($url);
$description = stripslashes($description);
$contact_name = stripslashes($contact_name);
$email = stripslashes($email);
if($ma=='1') {
$category = "\n<input type=hidden name=ma value=1> ";
$category .= "\n<input type=hidden name=cat value=$cat>\n";
$category .= ShowCategoryPath($cat);
}
else {
$category = ShowDropDownCategoryList($cat);
}
DisplayTemplate($template_path."add_form.html",
"\$error_msg,\$title,\$url,\$category,\$description,\$contact_name,\$email,\$bid");
}
function ProcessFormAddLink() {
global $template_path,$site_url,$admin_email;
global $cat,$title,$url,$category,$description,$contact_name,$email,$bid,$HTTP_POST_VARS;
global $error_msg,$error_msg_1150,$error_msg_1151,$error_msg_1152,$error_msg_1153,
$error_msg_1154,$error_msg_1155,$error_msg_1156,$error_msg_1157,
$msg_2001,$msg_2002,$msg_2003,$msg_2004;
$title = $HTTP_POST_VARS['title'];
if(empty($title)) { $error_msg = $error_msg_1150; }
elseif(empty($url) || $url == 'http://') { $error_msg = $error_msg_1151; }
elseif(empty($description)) { $error_msg = $error_msg_1152; }
elseif(empty($cat)) { $error_msg = $error_msg_1156; }
elseif(empty($contact_name)) { $error_msg = $error_msg_1153; }
elseif(empty($email)) { $error_msg = $error_msg_1154; }
elseif (!IsEmailAddress($email)) { $error_msg = $error_msg_1155; }
elseif (!empty($bid) && !Ismoney($bid)) { $error_msg = $error_msg_1157; }
if(empty($error_msg)) {
$bid = str_replace(",","",$bid);
$query = "insert into validate (title,url,description,category_id,contact_name,email,
date,bid) values
('$title','$url','$description','$cat','$contact_name','$email',now(),'$bid')";
$result = mysql_query($query);
DisplayTemplate($template_path."add_ok.html","\$novar");
// send email to link owner
$category = ShowCategoryPath($cat);
$title = stripslashes($title);
$description = stripslashes($description);
$contact_name = stripslashes($contact_name);
$email_body = EvalTemplate($template_path."add.mail",
"\$title,\$url,\$description,\$category,\$contact_name,\$email,\$bid");
mail("$email",$msg_2001,$email_body,
"From: $msg_2002\nX-Mailer: INDEXU_X-Mailer/1.0");
// send email to site administrator
$category = ShowCategoryPath($cat);
$email_body = EvalTemplate($template_path."add_to_admin.mail",
"\$title,\$url,\$description,\$category,\$contact_name,\$email,\$bid,\$site_url");
mail("$admin_email",$msg_2003,$email_body,
"From: $msg_2004\nX-Mailer: INDEXU_X-Mailer/1.0");
}
else {
ShowFormAddLink();
}
}
// ---------------
// main program
// ---------------
ConnectDB();
$title = $title_1104;
DisplayTemplate($template_path."header.html","\$title,\$cat,\$ma");
if (empty($pflag)) {
ShowFormAddLink();
}
elseif($pflag=='add') {
ProcessFormAddLink();
}
DisplayTemplate($template_path."footer.html","\$cat,\$ma");
?>
|