<script language="php"> require('../sql_passwords.php'); echo "<h1>Add and Update Counters</h1>\n"; $zname=$_POST['zname']; $zvalue=$_POST['zvalue']; $zname=$_REQUEST['zname']; $zvalue=$_REQUEST['zvalue']; $errors=0; $errort=""; $zpassword=$_REQUEST['zpassword']; # # if the counter is blank set it to zero # if ( preg_match ( '/^ *$/', $zvalue) || preg_match ( '/^ *00* *$/', $zvalue) ) { $zvalue=0; } # # if the counter is not blank make sure it is a number # if ( !preg_match ( '/^[+]{0,1}[0-9][0-9]*$/', $zvalue) ) { $errors++; $errort="counter is not numeric"; } </script> <FORM action="sql_add_counter.php" method="post"> <table border=0> <tr> <td align="right"> Name:</td><td><INPUT type="text" name="zname" <script language="php"> echo " value=\"$zname\""; </script> ></td></tr> <tr><td align="right">Value:</td><td><INPUT type="text" name="zvalue" <script language="php"> echo " value=\"$zvalue\""; </script> ></td></tr> <tr><td align="right">Password:</td><td><INPUT type="PASSWORD" name="zpassword" <script language="php"> echo " value=\"$zpassword\""; </script> ></td></tr> <tr><td> </td><td><INPUT type="submit" value="submit"></td></tr> </FORM> <script language="php"> # # they can only update the SQL tables if they have a kinda sorta public password # if ( $zpassword != $z_hardcoded_password ) { exit; } # # connect to SQL # $link = mysql_connect($z_hardcoded_sqlurl, $z_hardcoded_database, $z_hardcoded_password ) or die('Could not connect: ' . mysql_error()); # # select the database I want to use # mysql_select_db($z_hardcoded_database) or die('Could not select database'); # # go and either add the item or update the item # # # only update or insert if there are ZERO errors # if ( $errors == 0 && !preg_match ( '/^ *$/', $zname) ) { $rc=update_insert($zname, $zvalue); } # # show them the contents of the SQl data base # sorted by the name # echo "<table>\n"; # # dont let them update the SQL data if they entered garbage on the form # if ( $errors > 0 ) { echo "<tr><td colspan=2>"; echo "<DIV style=\"background-color: rgb(255,0,0)\">"; echo "$errors error(s) $errort</DIV></td></tr>"; } if ( $rc ) { echo "<tr><td colspan=2>$rc</td></tr>"; } echo "<tr>\n"; echo "<td>\n"; echo "<table border=0>\n"; echo "<tr><td>\n"; echo "</td><td>\n"; # # display all the stuff sorted by name and then sorted by count # $query = 'SELECT name,count FROM `counters` order by name, count'; $result = mysql_query($query) or die('Query failed: ' . mysql_error()); $query=preg_replace ( '/from/i', '<br> from', $query); $query=preg_replace ( '/where /i', '<br> where ', $query); $query=preg_replace ( '/order /i', '<br> order ', $query); $numberofrows=0; # # display the selected stuff # echo "<table border=1>\n"; while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) { $numberofrows++; echo "<tr>\n"; $i=0; $a=""; foreach ($line as $col_value) { $i++; if ($col_value == '' ) { $col_value=' '; } if ($i > 1 ) { $a=' align="right"'; } echo "<td $a>$col_value</td>\n"; } echo "</tr>\n"; } if ($numberofrows == 0 ) { echo "<tr><td colspan=2>    No Data for that key</td></tr>"; } echo "</table>\n"; # # i am not sure but i think this frees the # stuff associated with the current select so # you can do a new select # // Free resultset mysql_free_result($result); echo "</td>\n"; echo "<td>\n"; echo "<table border=0>\n"; echo "<tr><td>\n"; echo "</td><td>\n"; # # show them the SQL database # sorted by the counter value # $query = 'SELECT name,count FROM `counters` order by count, name'; $result = mysql_query($query) or die('Query failed: ' . mysql_error()); $query=preg_replace ( '/from/i', '<br> from', $query); $query=preg_replace ( '/where /i', '<br> where ', $query); $query=preg_replace ( '/order /i', '<br> order ', $query); $numberofrows=0; # # display the selected stuff # echo "<table border=1>\n"; while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) { $numberofrows++; echo "<tr>\n"; $i=0; $a=""; foreach ($line as $col_value) { $i++; if ($col_value == '' ) { $col_value=' '; } if ($i > 1 ) { $a=' align="right"'; } echo "<td $a>$col_value</td>\n"; } echo "</tr>\n"; } if ($numberofrows == 0 ) { echo "<tr><td colspan=2>    No Data for that key</td></tr>"; } echo "</table>\n"; # # i am not sure but i think this frees the # stuff associated with the current select so # you can do a new select # // Free resultset mysql_free_result($result); echo "</td>\n"; echo "</tr>\n"; echo "</table>\n"; echo "</table>\n"; # # close the SQL connection # // Closing connection mysql_close($link); exit; </script> <script language="php"> # # this function updates the name if it exists # if the name does not exist it add the name # function update_insert($zname, $zvalue) { # # use to change the color of out put messages # $rcs="<DIV style=\"background-color: rgb(0,255,0)\">"; $rce="</DIV>"; $rces="<DIV style=\"background-color: rgb(255,0,0)\">"; $rcee="</DIV>"; $rc=0; $query = 'SELECT count FROM `counters` where name=\''.$zname.'\''; $result = mysql_query($query); $numberofrows=0; $numberofrows = mysql_num_rows($result); # # i am not sure but i think this frees the # stuff associated with the current select so # you can do a new select # // Free resultset mysql_free_result($result); if ( $numberofrows > 0 ) { $query = 'update `counters` set count='.$zvalue.' WHERE name=\''.$zname.'\''; $result = mysql_query($query) or die('Query failed: ' . mysql_error()); if ($result) { $rc=$rcs.$zname." has been set to ".$zvalue.$rce; } else { $rc=$rces."Update of ".$zname." with a value of ".$zvalue." failed".$rcee; } } else { $query = 'INSERT into `counters` set name=\''.$zname.'\', count=\''.$zvalue.'\''; $result = mysql_query($query); if ($result) { $rc=$rcs.$zname." has been inserted with a value of ".$zvalue.$rce; } else { $rc=$rces."Insert of ".$zname." with a value of ".$zvalue." failed".$rcee; } } return $rc; } </script>