Your IP : 216.73.216.40

Current Path : /var/www/html/mmishra/mm/air1/backup/
Upload File :
Current File : /var/www/html/mmishra/mm/air1/backup/submissions.php

<?php
mysql_select_db("air");

$rowid = $_REQUEST["rowid"];
$submission = htmlsafe(strip_tags($_POST["submission"]));
$sender = htmlsafe($_POST["sender"]);
$email = htmlsafe($_POST["email"]);
$reply = htmlsafe(strip_tags($_POST["reply"]));
$submit = $_POST["submit"];

$tbl = "submissions";

echo "
<dir>Submit your choice.
Please submit complete information with your valid email to receive response from us. Thanks.
<br><br>
";

if ($_GET["confirm"] == 1) {
        if (mysql_num_rows(mysql_query("select * from $tbl where rowid=$rowid"))) {
                mysql_query("update $tbl set status='online' where rowid=$rowid");
                echo "<b>Thanks for confirmation. Wishing you all the best.</b>";
        } else {
                echo "<b>Wrong posting.</b>";
        }
} else if ($submit == 'SEND' && $submission && $sender && $email) {
	if (checkAbuser($submission,$sender,$email,$remoteip) == TRUE) {
                echo "<b>You are blocked under abusers category</b>";
	} else if (checkEmail($email)) {
		mysql_query("insert into $tbl(submission,sender,email,remoteip,datecreation,datesubmission,status) 
		values('$submission','$sender','$email','$remoteip',now(),curdate(),'online')");
                $rowid = mysql_insert_id();
/*                $mailbody = "
Dear $sender

Kindly click on below link to get your choice posted on this website.
http://$webid/inner.php?conf=$conf&rowid=$rowid&confirm=1

Thanks.

AIR Allahabad";
                if (sendmail($email, 'Thanks! Pl. confirm your choice',$mailbody) == TRUE) {
                        echo "<b>Thanks for your choice submission. 
			A mail containing a link for confirmation has been sent on your email.
                        Kindly click that link to complete the posting of your musical choice.</b>";
                } else {
                        echo "<b>Wrong email address.</b>";
                }
*/	}
} else if ($submit == 'REPLY') {
	mysql_query("update $tbl set reply='$reply' where rowid=$rowid");

}else if ($action == "del") {
    	mysql_query("delete from $tbl where rowid=$rowid");
}

echo "<table width='98%'>";
if (!$rowid) {
	echo "<table wrowidth='90%'>
  	<tr><td nowrap>Full Name<br>
	<input type='text' name='sender' value='$sender' size='40'></td></tr>
  	<tr><td nowrap>Valid Email<br>
	<input type='text' name='email' value='$email' size='40'></td></tr>
  	<tr valign='top'><td>Choice (in 100 words)<br>
	<textarea name='submission' rows='3' cols='40'>$submission</textarea></td></tr>
  	<tr><td><input type='submit' name='submit' value='SEND'><br>
	Submission with <u>fake email</u> address will be rejected.</td></tr>";
} else {
  	echo "<tr><td>[ <a href='$PHP_SELF?conf=$conf&rowid='>New choice</a> ]</td></tr>";
}
echo "</table>";


$rs = mysql_query("select SQL_CALC_FOUND_ROWS * from $tbl where status='online'");
$tro = mysql_fetch_object(mysql_query("select FOUND_ROWS() as t"));
$total = $tro->t;

echo "<hr><b>Posted Choices</b> (Total: $total) Pages: ";

$pno = $_REQUEST["pno"];
if (!$pno) $pno = 1;
$pgsize = 10;
$start = (($pno - 1) * $pgsize);

if ($total > $pgsize) {
        $firstpno = max (1, ceil($start/$pgsize) - 2);
        $lastpno = $firstpno + 9;
        if (ceil($total/$pgsize) > $pgsize && $lastpno >= ceil($total/$pgsize)) $firstpno = ceil($total/$pgsize) - 10;
        for($i = $firstpno; $i <= min($lastpno, ceil($total/$pgsize)); $i++) {
                if ($i == $pno) echo "<b>$i</b>&nbsp;";
                else echo "<a href='$PHP_SELF?conf=$conf&pno=$i'>$i</a>&nbsp;";
        }
} else echo "1";

$rs = mysql_query("select * from $tbl where status='online' order by datecreation desc,rowid LIMIT $start,10");
echo "<ul>";
while($o = mysql_fetch_object($rs)) {
       	$start++;
	echo "<li>$o->rowid) $o->submission
       	<div class='datetime'>By $o->sender ($o->email/$o->remoteip, dated: $o->datecreation)</div>";
       	if ($role == 'admin') {
		if ($rowid == $o->rowid) {
			echo "<b>Reply</b><br><textarea name='reply' rows='3' cols='40'>$o->reply</textarea><br>
	  		<input type='submit' name='submit' value='REPLY'> <input type='hidden' name='rowid' value='$o->rowid'>";
               	} else
			if ($o->reply)
				echo "<b>Reply</b><br><dir>$o->reply</dir>
				[ <a href='$PHP_SELF?conf=$conf&rowid=$o->rowid&pno=$pno'>Edit</a> ]";
			else
				echo "[ <a href='$PHP_SELF?conf=$conf&rowid=$o->rowid&pno=$pno'>Reply</a> ]";
		echo "[ <a href='$PHP_SELF?conf=$conf&action=del&rowid=$o->rowid&pno=$pno'>Delete</a> ]";
	}
	
       	echo "</li>";
}
echo "</ul>";
mysql_select_db("icdp");

?>