<?php
/* whale.php
*
* A cool whale craft.
*/
$page_title = 'Cool Whale Craft';
include 'include/header.php';
if ($_SESSION['is_admin']) {
if (isset($_GET['delete'])) {
$sql = "DELETE FROM whale WHERE id = " . intval($_GET['delete']);
mysql_query($sql) or show_mysql_error(mysql_error(), __LINE__);
}
if ($_POST) {
if (isset($_GET['edit'])) {
$sql = sprintf("UPDATE whale SET text = '%s' WHERE id = '%d'",
mysql_real_escape_string($_POST['text']),
intval($_GET['edit']));
mysql_query($sql) or show_mysql_error(mysql_error(), __LINE__);
} else {
$sql = sprintf("INSERT INTO whale (text, time) values('%s', '%d')",
mysql_real_escape_string($_POST['text']),
time());
mysql_query($sql) or show_mysql_error(mysql_error(), __LINE__);
}
}
if (isset($_GET['edit']) && !$_POST) {
$sql = "SELECT * FROM whale WHERE id = " . intval($_GET['edit']);
$result = mysql_query($sql) or show_mysql_error(mysql_error(), __LINE__);
$whale = mysql_fetch_assoc($result);
echo '
<form action="/whale/edit/' . $whale['id'] . '" method="post">
<input type="text" name="text" value="' . htmlentities($whale['text']) . '" style="font-size: 16pt;" size="50" /> <input type="submit" value="whale" />
</form>
';
} else {
echo '
<form action="/whale" method="post">
<input type="text" name="text" style="font-size: 16pt;" size="50" /> <input type="submit" value="whale" />
</form>
';
}
}
$sql = "SELECT * FROM whale ORDER BY time DESC";
$result = mysql_query($sql) or show_mysql_error(mysql_error(), __LINE__);
while ($whale = mysql_fetch_assoc($result)) {
$admin_links = '';
if ($_SESSION['is_admin']) {
$admin_links =
'<a href="/whale/edit/' . $whale['id'] . '">^</a> ' .
'<a href="/whale/delete/' . $whale['id'] . '">x</a> ';
}
echo '<p class="whale">' . htmlentities($whale['text']) . ' <span class="whale_date">(' . strtolower(date('M. j, Y', $whale['time'])) . ')</span> ' . $admin_links . '</p>';
}
include 'include/footer.php';
?>