Sindbad~EG File Manager

Current Path : /usr/home/beeson/public_html/michaelbeeson/recipes/
Upload File :
Current File : /usr/home/beeson/public_html/michaelbeeson/recipes/UploadRecipe.php

<?php session_start();
$Username =  $_GET['Username'];   
if(is_null($Username))
   header('Location: login.php');
require_once('query.php');

$OldRecipeId = $_GET[OldRecipeId];  // if this is passed, we're editing  the specified recipe.
$Tried = $_GET['Tried'];
$editflag = !is_null($OldRecipeId);  
$Ingredients = mysql_real_escape_string(addslashes($_POST['Ingredients']));
$Directions = mysql_real_escape_string(addslashes($_POST['Directions']));
$RecipeName = mysql_real_escape_string(addslashes($_POST['RecipeName']));  // changed 12.26.14
$RecipeType = $_POST['RecipeType'];
$Nationality = $_POST['Nationality'];
$PhotoFile = $_POST['PhotoFile'];
function writeRed($errmsg)
 { echo 	"<P> <em><font color=\"#FF0000\">";
   echo $errmsg;
   echo "</font></em></P>";
 }
 function writeGreen($msg)
 { echo 	"<P> <em><font color=\"#00FF00\">";
   echo $msg;
   echo "</font></em></P>";
 }
?> 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Upload Recipes</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
 <body BGCOLOR="#ffffcc">
 <?php 
 function getPersonId($Username)
   { require_once('query.php');
     $sql = "SELECT * FROM People WHERE Username='$Username'";
     $q = Query($sql);
	 $q->fetchInto($row);
	 return $row[0];
	}
//___________________________________________________________________________________
 require_once('DB.php');
 require_once('query.php');
 $ok=false;
 $DefaultIngredients = 
"1 tsp vanilla  [one line per ingredient: number, unit, name]
 1 apple   [no unit is OK too]
 1 C          almonds, chopped fine  [space doesn't matter] \n
 Filling:   [ a line that doesn't begin with a number separates groups of ingredients]
 2 C fresh fruit";

	 $DefaultDirections =
 "Mix all the dry ingredients together. Then stir everything together and cook.\n
 [Leave a blank line between paragraphs]
 Cool for ten minutes.  Serves 6.";
 if(is_null($Ingredients) || $Ingredients == "")
	  $Ingredients = $DefaultIngredients;		
 if(is_null($Directions) || $Directions == "")
	  $Directions = $DefaultDirections;				  
 if($Tried=="yes")
	  {  $Ingredients = trim($Ingredients);
		 $Directions = trim($Directions); 
		 $ok = true;
		 if($Ingredients == $DefaultIngredients)
			{ writeRed("You must enter the ingredients.");
			  $ok = false;
			 }
		 if($Directions == $DefaultDirections)
			{ writeRed("You must enter the directions.");
			  $ok = false;
			}
		 if($RecipeType == "None")
			{ writeRed("You must select the recipe type.");
			  $ok = false;
			}
		 if($Nationality == "None")
			{ writeRed("You must select the nationality of the recipe.");
			  $ok = false;
			}
		 if($ok==true)
			{  
			  $PersonId = getPersonId($Username);
			  if(is_null($OldRecipeId))
			    { $sql =  "INSERT  INTO Recipes (PersonId, RecipeName,Ingredients,Directions,RecipeType,Nationality,PhotoFile)
					 VALUES('$PersonId', '$RecipeName','$Ingredients','$Directions',
					 '$RecipeType','$Nationality','$PhotoFile');" ;      
   			      $q = Query($sql);			    
			      $sql = "SELECT RecipeId FROM Recipes WHERE PersonId='$PersonId' AND RecipeName='$RecipeName';";
			      $q=Query($sql);			  		  
			      $q->fetchInto($rows);
			      $RecipeId = $rows[0];			
                  print("Your recipe has been successfully stored. Now you could: ");    
				}
			  else
			    { // editing an old recipe
				  $RecipeId = $OldRecipeId;
				  $sql = "UPDATE Recipes SET 
				               PersonId='$PersonId',
							   RecipeName='$RecipeName',
							   Ingredients='$Ingredients',
							   Directions='$Directions',
							   RecipeType='$RecipeType',
							   Nationality='$Nationality',
							   PhotoFile='$PhotoFile' 
							   WHERE RecipeId = '$RecipeId';";
				  $q = Query($sql);
				  print("Your recipe has been successfully updated.  Now you could: ");
				}
				
			  ?>
			  <P> <A href="DisplayRecipe.php?<?php echo "RecipeId=$RecipeId"?>">See how this recipe will look when displayed</A></P>
			  <P> <A href="UploadRecipe.php?<?php echo "Username=$Username"?>">Upload another recipe </A></P>
			  <P> <A href="BrowseRecipes.php"> Browse the Recipes </A></P>
			  <P> <A href="BrowseRecipes.php?<?php echo "Username=$Username"?>"> Browse or edit my Recipes</P>
			   <?php 
			}
		}
 if($ok==false)
 {  if($editflag)
      { // initialize the specified recipe's fields
	     $sql = "SELECT * FROM  Recipes WHERE RecipeId=$OldRecipeId";
		 $q = Query($sql);
		 $q->fetchInto($row);
		 $PersonID = $row[1];
		 $RecipeName = $row[2];
		 $Ingredients = $row[3];
		 $Directions = $row[4];
		 $RecipeType = $row[5];
		 $Nationality = $row[6];
		 $PhotoFile = $row[7];
	  }   								  
  ?>
  <P><EM>On this page, you can enter your Recipes. Each recipe will be formatted 
	        into a web page, and others 
	        will be able to see your Recipes.  Each recipe has two parts, 
			ingredients and directions.  Enter these below, 
			or by cut-and-paste.   Then click the Post Recipe button at the bottom of the page.</em> </P>
			
       <?php if($editflag === false)
	            { $RecipeType = "None";
				  $Nationality = "None";
			    }
		
      $get = "?Username=" . "$Username&Tried=yes";
	  if($editflag)
	     $get = $get . "&OldRecipeId=$OldRecipeId"; 
	  ?>		
      <form name="UploadRecipe"  action= "<?php echo $_SERVER['PHP_SELF'] . $get ?>" method="POST">
	   <table cellpadding="5">
	   <tr>
	   <td>Name of this dish</td>
	   <td><INPUT id="RecipeName" type="text" size="40" name="RecipeName"  value = "<?php echo $RecipeName ?>" /></TD>
	   </tr>
	   <tr>
	   <td>Type of dish</td>
	   <td> <select name="RecipeType" >
	   <?php $choices = array("None","MainDish", "Salad","Soup","Appetizer","Bread","Vegetable","Dessert","Beverage","BeansAndTofu","Breakfast","Other");
	         $text = array("Choose Recipe Type","Main dish", "Salad","Soup","Appetizer","Bread","Vegetable","Dessert","Beverage","Beans and tofu","Breakfast","Other");
			 $n = count($choices);
			 if($n != count($text))
			     echo("Hey!  Error in UploadRecipe.php <BR>");
			 echo("n is $n<br>");
			 if (is_null($RecipeType))
			    $RecipeType = "None";
             for($i=0;$i<$n;$i++)
			    { echo "<option ";
				  if($RecipeType == $choices[$i])
				      echo "selected ";
			      $v = $choices[$i];
				  echo "value = \"$v\">";
				  echo $text[$i];
				  echo "</option>";
			    }
		?>		
       </select></td>
	   </tr>
	   <tr>
	   <td>Nationality </td>
	   
	   <td>  <select name="Nationality" >
	   	   <?php 
		     $choices = array("None", "Mexican", "Indian", "Thai", "Italian", "French", "Japanese", "African", "American", "Other");
	         $text = array("Choose Nationality", "Mexican", "Indian", "Thai", "Italian", "French", "Japanese", "African", "American", "Other");
			 $n = count($choices);
			 if($n != count($text))
			     echo("Hey!  Error in UploadRecipe.php <BR>");
             if (is_null($Nationality))
			    $Nationality = "None";				 
			 for($i=0;$i<$n;$i++)
			    { echo "<option ";
				  if($Nationality == $choices[$i])
				      echo "selected ";
				  $v = $choices[$i];
				  echo "value=\"$v\">";
				  echo $text[$i];
				  echo "</option>";
			    }  
				
		?>		
           </select>
	   </td>
	   </tr>
	   </table>
	   <p>  Ingredients <br>
        <textarea name="Ingredients" cols="100" rows="10" > <?php echo $Ingredients ?></textarea> </p>
		<p>Directions<br>
		 <textarea name="Directions" cols="100" rows="10" > <?php echo $Directions ?></textarea></p> 
	  <P>
        <input type="submit" name="UploadRecipe" value="Post Recipe">
      </P>
      </form>
<?php 
}
?>  
	
</body>
</html>

Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists