MadCollector Code

<?php
/* This file is part of Madcollector.
* Madcollector created by Thomas Andrieu
* Developped by Thomas Andrieu.
* Madcollector is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation.
* Madcollector is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU General Public License for more details.
*/

if(basename($_SERVER['PHP_SELF']) != 'index.php')
  exit;

if((isset($_SESSION["level"]))&&($_SESSION["level"]>1)&&(isset($_POST["new_storyarc_submit"])))
{
	  if($_POST["new_storyarc_name"]== "")
	    array_push($error_messages,$locales["ErrMsg_Empty_Field"]);
      else
	{
	  maddb_query("INSERT INTO ".$cfg_table_prefix."arcs(id_series,id_publisher,arc_label) VALUES ('".$id_series."','".$id_publisher."','".addslashes(mad_strip($_POST["new_storyarc_name"]))."')");
	  maddb_query("INSERT INTO ".$cfg_table_prefix."logs (id_user,log_date,log_area,log_action,log) VALUES ('".$_SESSION["id_user"]."',NOW(),'arc','insert','arcName: ".addslashes(mad_strip($_POST["new_storyarc_name"]))."\r\nPublisher: .".$id_publisher."\r\nSeries:".$id_series."');");
	}
}

//Update arc
if(($_SESSION["level"]>1)&&(isset($_POST["arc_data_submit"])))
{
      $myArc = maddb_select("SELECT * FROM ".$cfg_table_prefix."arcs WHERE id_arc='".$id_arc."';");
      $old_summary = "";
      if(sizeOf($myArc)>0)
	    {
	        $oldArc = $myArc["id_arc"];
	        $old_summary = $myArc["arc_summary"];
	    }
      $new_summary = addXML_content($old_summary,"summary","summaries",mad_strip($_POST["arc_summary_text"]));
      
      $array_update = array();
      array_push($array_update ,"UPDATE ".$cfg_table_prefix."arcs SET arc_label='".addslashes(mad_strip($_POST["arc_title"]))."', arc_summary='".$new_summary."' WHERE id_arc='".$id_arc."';");
      $requeteLog = "INSERT INTO ".$cfg_table_prefix."logs (id_user,log_date,log_area,log_action,log) VALUES ('".$_SESSION["id_user"]."',NOW(),'arc','update','arcName: ".addslashes(mad_strip($myArc["arc_label"]))."\r\nPublisher: .".$myArc["id_publisher"]."\r\nSeries:".$myArc["id_series"];
      if($_POST["arc_title"] != $myArc["arc_label"]) $requeteLog .="\r\nnewName: ".$_POST["arc_title"];
      if($old_summary != $new_summary) $requeteLog .="\r\nnewSummary: ".addslashes(mad_strip($_POST["arc_summary_text"]));
      $requeteLog .="');";
      array_push($array_update ,$requeteLog);
	  $changedLinesSeries = maddb_transaction($array_update);
}
     
//Delete arc
if(($_SESSION["level"]>1)&&(isset($_POST["arc_delete_submit"])))
{
      $myArc = maddb_select("SELECT * FROM ".$cfg_table_prefix."arcs WHERE id_arc='".$id_arc."';");
      $array_delete = array();
      array_push($array_delete ,"DELETE FROM ".$cfg_table_prefix."arcs WHERE id_arc='".$id_arc."';");
	  array_push($array_delete ,"UPDATE ".$cfg_table_prefix."issues SET id_arc='' WHERE id_arc='".$id_arc."';");
      if(sizeOf($myArc) >0) array_push($array_delete,"INSERT INTO ".$cfg_table_prefix."logs (id_user,log_date,log_area,log_action,log) VALUES ('".$_SESSION["id_user"]."',NOW(),'arc','delete','arcName: ".addslashes(mad_strip($myArc["arc_label"]))."\r\nPublisher: .".$myArc["id_publisher"]."\r\nSeries:".$myArc["id_series"]."');");
	  $changedLinesSeries = maddb_transaction($array_delete);
	  if($changedLinesSeries != -1)
	  {
	    $redirect = "Location:index.php?rub=arc";
	    if(($_GET['format']!="")&&(isset($_GET['format'])))
	      $redirect .= "&format=".$_GET['format'];
	    header($redirect);
      }
} 

?>