<?php
$db_name = "howardg";
$table_name = "fecifamily";
$connection = @mysql_connect ("localhost", "howardg", "chgpass")
or die(mysql_error());
$db = @mysql_select_db($db_name, $connection)
or die(mysql_error());
/***** commented out for debugging
// Quote variable to make safe
function quote_smart($value)
{
// Stripslashes
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
// Quote if not a number or a numeric string
if (!is_numeric($value)) {
$value = "'" . mysql_real_escape_string($value) . "'";
}
return $value;
}
// Connect
$connection = mysql_connect("localhost", "howardg", "chgpass")
OR die(mysql_error());
$db = @mysql_select_db($db_name, $connection)
or die(mysql_error());
*/
if ($connection) {
$msg = "successful connection to database.";
}
/***** commented out for debugging
function escape_data ($data) {
global $dbc;
if (ini_get('magic_quotes_gpc')){
$data = stripslashes($data);
}
return mysql_real_escape_string(trim($data), $dbc);
}
$data=escape_data($data);
*/
/* htmlspecialchars function converts special characters to HTML entities */
$first_name = htmlspecialchars($_POST['first_name']);
$last_name = htmlspecialchars($_POST['last_name']);
$gift_one = htmlspecialchars($_POST['gift_one']);
$gift_one_url = htmlspecialchars($_POST['gift_one_url']);
$gift_two = htmlspecialchars($_POST['gift_two']);
$gift_two_url = htmlspecialchars($_POST['gift_two_url']);
$gift_three = htmlspecialchars($_POST['gift_three']);
$gift_three_url = htmlspecialchars($_POST['gift_three_url']);
$goodfood = htmlspecialchars($_POST['goodfood']);
$badfood = htmlspecialchars($_POST['badfood']);
/***** commented out for debugging
// Make a safe query
$query = sprintf(
quote_smart($first_name),
quote_smart($last_name'));
mysql_query($query);
*/
/*Following if statement checked that form has been submitted */
if (isset($_POST['submitted'])){
$sql = "INSERT INTO $table_name (first_name, last_name, gift_one, gift_one_url, gift_two, gift_two_url, gift_three, gift_three_url, goodfood, badfood)
VALUES ('$first_name', '$last_name', '$gift_one', '$gift_one_url',
'$gift_two', '$gift_two_url', '$gift_three', '$gift_three_url',
'$goodfood', '$badfood')";
$result = @mysql_query($sql, $connection) or die(mysql_error());
} else {
echo "Error in submission.";
}
include ("includes/doctype.php");
?>
<head>
<title>Adding to Wishlist</title>
<link rel="stylesheet" type="text/css" href="styles/fecifamily.css" />
</head>
<body>
<div id="maincontainer">
<img src="images/header.jpg" alt="Feci Family Christmas 2006" />
<div id="maincontent" class="clearfix">
<p class="countdown">Today is
<?php
include ("includes/myfunctions.php");
xmas();
include ("includes/externalnav.php");
?>
<h1>New Wishlist Information Added</h1>
<h2>For database called
<?php
echo "$table_name:";
?>
<?php
echo "$msg";
?>
</h2>
<div style="float:right;">
<img src="images/snowflake.jpg" alt="snowflake" width="100" height="100" />
</div>
<p>First Name:
<?php
$first_name = stripslashes($first_name);
$last_name = stripslashes($last_name);
$gift_one = stripslashes($gift_one);
echo "$first_name";
?>
</p>
<p>Last Name:
<?php
echo "$last_name";
?>
</p>
<p>Gift One:
<?php
echo "$gift_one";
?>
</p>
<p>Where to find Gift One:
<?php
if ($gift_one_url != ""){
if (strstr($gift_one_url, "http://") == TRUE){
echo "<a href=\"$gift_one_url\">$gift_one_url</a>";
}else{
echo "<a href=\"http://$gift_one_url\">$gift_one_url</a>";
}
} else {
echo "<em>no specific store mentioned</em>";
}
?>
</p>
<p>Gift Two:
<?php
echo "$gift_two";
?>
</p>
<p>Where to find Gift Two:
<?php
if ($gift_one_url != ""){
if (strstr($gift_two_url, "http://") == TRUE){
echo "<a href=\"$gift_two_url\">$gift_two_url</a>";
}else{
echo "<a href=\"http://$gift_two_url\">$gift_two_url</a>";
}
} else {
echo "<em>no specific store mentioned</em>";
}
?>
</p>
<p>Gift Three:
<?php
echo "$gift_three";
?>
</p>
<p>Where to find Gift Three:
<?php
if ($gift_three_url != ""){
if (strstr($gift_three_url, "http://") == TRUE){
echo "<a href=\"$gift_three_url\">$gift_three_url</a>";
}else{
echo "<a href=\"http://$gift_three_url\">$gift_three_url</a>";
}
} else {
echo "<em>no specific store mentioned</em>";
}
?>
</p>
<p>Favorite Food:
<?php
if ($goodfood != ""){
echo "$goodfood";
} else {
echo "<em>no specific food mentioned</em>";
}
?>
</p>
<p>Food You Dislike:
<?php
if ($badfood != ""){
echo "$badfood";
} else {
echo "<em>no specific food mentioned</em>";
}
?>
</p>
</div>
<?php
include ("includes/designinfo.php");
?>
</div>
<?php
include ("includes/footer.php");
?>