source: extensions/ContestResults/admin/new.php

<?php
if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');

// +-----------------------------------------------------------------------+
//                              Ajout ou modification d'un concours
// +-----------------------------------------------------------------------+
if (isset($_POST['new_submit'])) {
        if ($_POST['name'] != null) {
                // Mise en forme des descriptions
                if (isset($_POST['description'])) {                             
                        for ($i=0; $i<=count($_POST['description']); $i++) {
                                unset($_POST['description'][$i]['rank']);
                        }
                        // encoder le tableau sérialisé est le seul moyen que j'ai trouvé pour pas perdre les caractères spéciaux et planter unserialize
                        $_POST['description'] = base64_encode(serialize($_POST['description']));
                } else {
                        $_POST['description'] = null;
                }
                        
                // Modification d'un concours
                if (isset($_GET['contest_id'])) {       
                        pwg_query("UPDATE " . CR_TABLE_1 . " SET
                                `name` = '" . $_POST['name'] ."',
                                `visible` = '" . $_POST['visible'] ."',
                                `date_begin` = '" . $_POST['date_begin'] ."',
                                `date_end` = '" . $_POST['date_end'] ."',
                                `logo` = '" . $_POST['logo'] ."',
                                `banner` = '" . $_POST['banner'] ."',
                                `summary` = '" . $_POST['summary'] ."',
                                `description` = '" . $_POST['description'] ."'
                        WHERE `id` = " . $_GET['contest_id'] .";");
                        
                        // redirige vers la page du concours si on en viens
                        if (isset($_GET['redirect']) AND $_GET['redirect'] == 'page') {
                                redirect(CR_PUBLIC . $_GET['contest_id'] . '-' . str2url(trigger_event('render_CR_content', $_POST['name'])));
                        } else {
                                redirect(CR_ADMIN .'-manage&amp;msg=infos.contest_saved');
                        }
                        
                // Ajout d'un concours
                } else {
                        pwg_query("INSERT INTO " . CR_TABLE_1 . "
                                (
                                        name,
                                        date_begin,
                                        date_end,
                                        visible,
                                        logo,
                                        banner,
                                        summary,
                                        description
                                )
                                VALUES(
                                        '" . $_POST['name'] ."',
                                        '" . $_POST['date_begin'] ."',
                                        '" . $_POST['date_end'] ."',
                                        '" . $_POST['visible'] ."',
                                        '" . $_POST['logo'] ."',
                                        '" . $_POST['banner'] ."',
                                        '" . $_POST['summary'] ."',
                                        '" . $_POST['description'] ."'
                                );");
                        
                        redirect(CR_ADMIN .'-manage&amp;msg=infos.contest_added');
                }
                
        } else {
                $page['errors'][] = l10n('CR_name_empty');
        }
}


// +-----------------------------------------------------------------------+
//                              Définition des variables template
// +-----------------------------------------------------------------------+    
if (isset($_GET['contest_id']) AND !get_contest_name($_GET['contest_id'])) {
        redirect(CR_ADMIN .'-new');
}

// Formulaire incomplet
if ($page['errors']) {
        $template->assign(array(
                'NAME' => $_POST['name'],
                'VISIBLE' => $_POST['visible'],
                'DATE_BEGIN' => $_POST['date_begin'],
                'DATE_END' => $_POST['date_end'],
                'LOGO' => $_POST['logo'],
                'BANNER' => $_POST['banner'],
                'SUMMARY' => $_POST['summary'],
        ));
        
        if (isset($_POST['description'])) {
                $i=0;
                foreach ($_POST['description'] as $data) {
                        $template->append('description', array(
                                        'NAME' => $data['name'],
                                        'CONTENT' => $data['content'],
                                        'RANK' => $i,
                        ));
                        $i++;
                }
        }

// Edition d'un concours
} else if (isset($_GET['contest_id'])) {
        $query = "SELECT * FROM " . CR_TABLE_1 . " WHERE id = " . $_GET['contest_id'] . ";";
        $contest = pwg_db_fetch_assoc(pwg_query($query));
                
        $template->assign(array(
                'ID' => $contest['id'],
                'NAME' => $contest['name'],
                'VISIBLE' => $contest['visible'],
                'DATE_BEGIN' => $contest['date_begin'],
                'DATE_END' => $contest['date_end'],
                'LOGO' => $contest['logo'],
                'BANNER' => $contest['banner'],
                'SUMMARY' => $contest['summary'],
        ));
        
        if (!empty($contest['description'])) {
                $contest['description'] = unserialize(base64_decode($contest['description']));
                $i=0;
                foreach ($contest['description'] AS $desc) {
                        $template->append('description', array(
                                'NAME' => stripslashes($desc['name']),
                                'CONTENT' => stripslashes($desc['content']),
                                'RANK' => $i,
                        ));
                        $i++;
                }
        }

// Ajout d'un concours
} else {
        $template->assign(array(
                'NAME' => null,
                'VISIBLE' => 1,
                'DATE_BEGIN' => date('Y-m-d'),
                'DATE_END' => date('Y-m-d', time()+2592000),
                'LOGO' => null,
                'BANNER' => null,
                'SUMMARY' => null,
        ));
}

// +-----------------------------------------------------------------------+
//                              Template
// +-----------------------------------------------------------------------+
$template->set_filenames(array('plugin_admin_content' => dirname(__FILE__).'/template/new.tpl'));
$template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content');

?>