summaryrefslogtreecommitdiff
path: root/lib/list/addbatch.php
blob: 5cb5fb66b5f6fdd9c55ece140d01fd1be7082d0a (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
<?php

require("lib/list/inc_process.php");

assert_redir(count($args) == 3, 'list');
$listid = intval($args[2]);

$list = mysql_fetch_assoc(sql(
	"SELECT lists.id AS id, lists.name AS name, lists.owner AS owner_id ".
	"FROM lists WHERE lists.id = $listid"));
assert_error($list && $list['owner_id'] == $user['id'],
	"This list does not exist, or you are not allowed to edit it.");

$batch_name = "";
$batch_model = "";
$batch_contents = "";
if (isset($_POST['name']) && isset($_POST['model']) && isset($_POST['contents'])) {
	$batch_name = esca($_POST['name']);
	$batch_model = esca($_POST['model']);
	$batch_contents = esca($_POST['contents']);
	$batch_json = mk_batch_json($batch_model, $batch_contents);
	if ($batch_name == "") {
		$error = "You must give a name to this batch.";
	} else if (mysql_fetch_assoc(sql("SELECT id FROM batches WHERE list = $listid AND name = '" . escs($batch_name) . "'"))) {
		$error = "You already have a batch using that name.";
	} else {
		sql(
			"INSERT INTO batches(list, name, model, contents, json_data) ".
			"VALUES($listid, '" . escs($batch_name) . "', '" . escs($batch_model) . "', '" . escs($batch_contents) . "', '" . escs($batch_json) . "')");
		header("Location: view-list-$listid");
		die();
	}
}

$title = "Add batch to " . $list['name'];
$fields = array(
	array("label" => "Name : ", "name" => "name", "value" => $batch_name),
	array("label" => "Columns : ", "name" => "model", "value" => $batch_model),
	array("label" => "Contents : ", "name" => "contents", "type" => "textarea", "value" => $batch_contents)
);
$validate = "Add batch";

require("tpl/list/ef.php");