-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmonsteredit.php
More file actions
72 lines (65 loc) · 2.33 KB
/
monsteredit.php
File metadata and controls
72 lines (65 loc) · 2.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
<?php include "include.php" ?>
<html>
<head>
<title>Monster Editor</title>
</head>
<body>
<?
$foename = mysql_real_escape_string($_GET['foename']);
$foeid = mysql_real_escape_string($_GET['foeid']);
$foecr = mysql_real_escape_string($_GET['foecr']);
$mode = mysql_real_escape_string($_GET['mode']);
if (!$foeid && !$mode) {
print "Select Foe to Edit: ";
print "<form action=\"monsteredit.php\">";
print "<select name=\"foeid\">";
$foesql = mysql_query("SELECT id,name FROM monster ORDER BY name ASC", $mysql);
while (list($foeid,$foe) = mysql_fetch_array($foesql)) {
print "<option value=\"$foeid\">$foe</option>";
}
print "<option value=\"addnewfoe\">Add Monster</option>";
print "</select>";
print "<input type=\"submit\" value=\"Edit Foe\">";
}
if ($foeid && !$mode && ($foeid != 'addnewfoe')) {
print "<b>!!!WARNING!!!! THIS WILL CHANGE THE NAME OF ALL THE MONSTERS THAT USE THIS NAME !!!WARNING!!!</b><br>";
print "Edit Foe";
print "<form action=\"monsteredit.php\">";
$foesql = mysql_query("SELECT name,challenge_rating FROM monster WHERE id=\"$foeid\"", $mysql);
list($foename,$foecr) = mysql_fetch_array($foesql);
print "Name: ";
print "<input type=\"text\" name=\"foename\" value=\"$foename\">";
print "<br>CR: ";
print "<input type=\"text\" name=\"foecr\" value=\"$foecr\">";
print "<input type=\"hidden\" name=\"foeid\" value=\"$foeid\">";
print "<input type=\"hidden\" name=\"mode\" value=\"update\">";
print "<br><input type=\"submit\" value=\"Save Foe\">";
}
if ($foeid == 'addnewfoe') {
print "Add A New Monster<br>";
print "<form action=\"monsteredit.php\">";
print "Name: <input type=\"text\" name=\"foename\"><br>";
print "CR: <input type=\"text\" name=\"foecr\"><br>";
print "<input type=\"hidden\" name=\"mode\" value=\"insert\">";
print "<br><input type=\"submit\" value=\"Add\">";
}
if (($mode == 'insert') && $foename && $foecr) {
$foeaddsql = mysql_query("INSERT INTO monster (name,challenge_rating) VALUES (\"$foename\",\"$foecr\")", $mysql);
if ($foeaddsql) {
print "Insert Successful";
} else {
print "Insert Failed";
}
}
if ($foename && ($mode = 'update') && $foeid && $foecr) {
$foeupdate = mysql_query("UPDATE monster SET name=\"$foename\" , challenge_rating=\"$foecr\" WHERE id=\"$foeid\"", $mysql);
if ($foeupdate) {
print "Success";
} else {
print "Failed";
}
}
include "footer.php";
?>
</body>
</html>