Some required fields were missing or had bad values."; header("Location: {$config->_previousUri}"); exit; } # don't let the user continue if the food description is empty $description = trim($_POST['description']); if ( empty($_POST['description']) ) { $_SESSION['systemMsg'] = "You must give the food a description."; header("Location: {$config->_previousUri}"); exit; } if ( isset($_POST['saveFood']) ) { # the user selected to save this food $sql = sprintf (" INSERT INTO userFoods (user, food, weight, quantity, description) VALUES ('%s', '%s', '%s', '%s', '%s') ", $_SESSION['user']['id'], $_POST['food'], $_POST['weight'], $_POST['quantity'], $db->EscapeString($description) ); $db->Modify($sql); if ( $db->_affectedRows == 1 ) { $_SESSION['systemMsg'] = "The food was saved."; } else { $_SESSION['systemMsg'] = "There was an error. The food wasn't saved."; } } elseif ( isset($_POST['addFoodToMeal']) ) { # a mealId of 0 indicated adding to a New Meal if ( $_POST['meal'] != "0") { $sql = sprintf (" INSERT INTO userMealItems (meal, food, weight, quantity, description) VALUES ('%s', '%s', '%s', '%s', '%s') ", $_POST['meal'], $_POST['food'], $_POST['weight'], $_POST['quantity'], $db->EscapeString($description) ); $db->Modify($sql); if ( $db->_affectedRows == 1 ) { $_SESSION['systemMsg'] = "The food was added to the selected meal."; } else { $_SESSION['systemMsg'] = "There was an error. The food wasn't added."; } } else { $_SESSION['currentMeal'][] = array ( "food" => $_POST['food'], "weight" => $_POST['weight'], "quantity" => $_POST['quantity'], "description" => stripslashes($description) ); $_SESSION['systemMsg'] = "The food was added to the current meal."; } # send the user back to the main page header("Location: {$config->_rootUri}/"); exit; } elseif ( isset($_POST['addFoodToDiary']) ) { # don't let the user continue if they didn't specify a timestamp if ( empty($_POST['diaryTimestamp']) ) { $_SESSION['systemMsg'] = "You must specify a timestamp."; header("Location: {$config->_previousUri}"); exit; } $timestamp = strtotime($_POST['diaryTimestamp']); # build the query string that will be used for the href when # we display this diary to the user $description = htmlspecialchars($_POST['description']); $itemData = "{$_POST['food']}::{$_POST['weight']}::{$_POST['quantity']}::$description"; $sql = sprintf (" INSERT INTO userDiaryItems (diary, data, timestamp, type) VALUES ('%s', '%s', '%s', '%s') ", $_POST['diary'], $db->EscapeString($itemData), $timestamp, "Food" ); $db->Modify($sql); if ( $db->_affectedRows == 1 ) { $_SESSION['systemMsg'] = "The food was added to the selected diary."; } else { $_SESSION['systemMsg'] = "There was an error. The food wasn't added."; } } # if we didn't send them somewhere else before, then just # send them back home header("Location: {$config->_rootUri}/"); ?>