session_start(); require_once( '../config.php' ); require_once( "comsoltech/CDB.php" ); function getpost($v) { if( $_GET[$v] ) return $_GET[$v]; return $_POST[$v]; } if( !isAuth() ) { echo 'you are not logged in.'; die; } if( !getpost('type') ) { echo 'There is no type! not able to add to the database. contact admin.'; die; } function __getValues($arFields) // pass array { $arValues = array(); foreach( $arFields as $f ) array_push($arValues, $_POST[$f]); return $arValues; } $conn = CDB::connect( $config->connParam, true ); if( $_POST['action'] == 'post' ) { $count = $conn->getOne( "select count(*) from $config->table where partnumber=" . $conn->quote($_POST['partnumber']) ); if( $count == 0 ) { // insert $fields = "partnumber,mfgPN,type,od,data1,data2,data3,data4,data5,data6,data7,data8,data9,realNum,intNum,price,imageURL,pdfloc"; //$sth = $conn->prepare( "insert into $config->table " . CDB::buildInsertSQL( $conn, $_POST, $fields ) ); $arFields = explode("," , $fields); $sql = "insert into $config->table ($fields) values ("; foreach( $arFields as $f ) { $sql .= "?,"; } $sql = trim($sql,",") . ")"; $sth = $conn->prepare( $sql ); // prepare sql $arValues = __getValues($arFields); // get the real values $result = $conn->execute( $sth, $arValues ); // execute sql } else { // update the item $fields = "mfgPN,type,od,data1,data2,data3,data4,data5,data6,data7,data8,data9,realNum,intNum,price,imageURL,pdfloc"; // $sth = $conn->prepare( "update $config->table set " . CDB::buildUpdateSQL( $conn, $_POST, $fields ) . " WHERE partnumber=?" ); $sth = $conn->prepare( "update $config->table set mfgPN=?,type=?,od=?,data1=?,data2=?,data3=?,data4=?,data5=?,data6=?,data7=?,data8=?,data9=?,realNum=?,intNum=?,price=?,imageURL=?,pdfloc=? WHERE partnumber=?"); $arFields = explode(",",$fields); $arValues = __getValues($arFields); array_push($arValues, $_POST['partnumber']); $result = $conn->execute( $sth, $arValues ); if( CDB::IsError( $result ) ) { print_r($result); die; } if( $_POST['link'] ) redirect( urlencode($_POST['link']) ); } $conn->disconnect(); redirect( 'add_part.php?type=' . urlencode($_POST['type']) ); die; } ?>