website/plan_add.php

<?	// Preamble
	$pageName = "Post a new Plan Entry";
	$need = 'auth';
	require "parts/preamble.php";	// Load most of document

	need ("boxes news");

	// set up local vars
	$mode = $_REQUEST['mode'];
	$planSubj = $_REQUEST['planSubj'];
	$planText = $_REQUEST['planText'];
	$user = $userInfo['u_displayname'];

	if ($planText && $planSubj && $mode == "Post") {
		need ('sql');

		$planText = addSlashes ($planText);

		if ($conn = mysql_connect (sqlHost, sqlRWUser, sqlRWPass)) {
			$query = 'INSERT INTO plans (p_date, p_user, p_subject, p_plan) VALUES ('
					."NOW(), '$user', '$planSubj', '$planText')";

			if ($result = mysql_db_query (sqlDB, $query, $conn)
				&& $numRows = mysql_affected_rows ($conn)) {
				echo '<P>Your plan entry has been posted successfully.</P>';
			} else {
				echo '<P>Somebody screwed up, MySQL said &quot;' . mysql_error () . '&quot;. Bug a project admin or somethin\' eh?</P>';
			}
			mysql_close ($conn);
		} else {
			echo '<P>Somebody screwed up, MySQL said &quot;' . mysql_error () . '&quot;. Bug a project admin or somethin\' eh?</P>';
		}
	} else {
		$date = date ('d M Y');

		newsBoxOpen ();
		if ($planText) {
			newsBoxTitle ("Latest Plan for $user (Preview)");
			printNews ($date, $user, stripSlashes ($planText));
		}
		newsBoxTitle ("Post Plan Entry");
		$form = '<FORM action="' . thisURL . '" method="post">'
				.	'Subject: <INPUT type="text" name="planSubj" size="59" value="'. stripSlashes ($planSubj) .'"><BR>'
				.	'<TEXTAREA name="planText" rows="25" cols="64">'
				.		stripSlashes ($planText)
				.	'</TEXTAREA><BR>'
				.	'<INPUT align="center" type="submit" name="mode" value="Post"></INPUT>'
				.	'<INPUT align="center" type="submit" name="mode" value="Preview"></INPUT>'
				.'</FORM>';
		printNews ($date, $user, $form);
		newsBoxClose ();
	}
?>