You must give the meal a name before you can save it."; header("Location: {$config->_previousUri}"); exit; } # if there is no meal id then kick the user out if ( ! isset($_POST['meal']) ) { $_SESSION['systemMsg'] = "You must specify a meal Id."; header("Location: {$config->_previousUri}"); exit; } # if the meal Id isn't numeric then kick the user out if ( ! is_numeric($_POST['meal']) ) { $_SESSION['systemMsg'] = "The meal Id must be a number."; header("Location: {$config->_previousUri}"); exit; } if ( isset($_POST['saveMeal']) ) { # meal id of 0 means the current meal if ( $_POST['meal'] == "0" ) { # make sure that there is a meal in the session or something that # resembles one before we proceed. if ( ! isset($_SESSION['currentMeal']) ) { $_SESSION['systemMsg'] = "There is no current meal to save."; header("Location: {$config->_previousUri}"); exit; } $mealItems = $_SESSION['currentMeal']; } else { $sql = sprintf (" SELECT userMeals.description AS mealDesc, userMealItems.* FROM userMeals LEFT JOIN userMealItems ON userMeals.id = userMealItems.meal WHERE userMeals.id = '%s' AND userMeals.user = '%s' ", $_POST['meal'], $_SESSION['user']['id'] ); $db->Select($sql); if ( $db->_rowCount != 0 ) { $mealItems = $db->_rows; } else { $_SESSION['systemMsg'] = "The specified meal doesn't exist."; header("Location: {$config->_previousUri}"); exit; } } # set a status to true, if we encounter errors it will be set to false # and the user will be notified $status = "true"; # add the main entry for the new meal $sql = sprintf (" INSERT INTO userMeals (user, description) VALUES('%s','%s') ", $_SESSION['user']['id'], $db->EscapeString($description) ); $db->Modify($sql); # if adding the main meal entry was successful, then try to # add each meal item of the meal if ( $db->_affectedRows == 1 ) { $meal = $db->InsertId(); foreach ( $mealItems as $mealItem ) { $sql = sprintf (" INSERT INTO userMealItems (meal, food, weight, quantity, description) VALUES ('%s','%s','%s','%s','%s') ", $meal, $mealItem['food'], $mealItem['weight'], $mealItem['quantity'], $mealItem['description'] ); $db->Modify($sql); if ( $db->_affectedRows != 1 ) { $status = "false"; } } } if ( $status == "true" ) { # clear the current meal if meal id was 0 if ( $_POST['meal'] == "0" ) { unset($_SESSION['currentMeal']); } $_SESSION['systemMsg'] = "The meal was saved successfully."; } else { $_SESSION['systemMsg'] = "There was an error while saving the meal."; } } elseif ( isset($_POST['addMealToDiary']) ) { # don't let the user continue if they didn't specify a timestamp if ( empty($_POST['diaryTimestamp']) ) { $_SESSION['systemMsg'] = "You must specify a timestamp."; header("Location: {$config->_previousUri}"); exit; } $timestamp = strtotime($_POST['diaryTimestamp']); # build the query string that will be used for the href when # we display this diary to the user $description = htmlspecialchars($_POST['description']); $itemData = "{$_POST['meal']}::$description"; $sql = sprintf (" INSERT INTO userDiaryItems (diary, data, timestamp, type) VALUES ('%s', '%s', '%s', '%s') ", $_POST['diary'], $db->EscapeString($itemData), $timestamp, "Meal" ); $db->Modify($sql); if ( $db->_affectedRows == 1 ) { $_SESSION['systemMsg'] = "The meal was added to the selected diary."; } else { $_SESSION['systemMsg'] = "There was an error. The meal wasn't added."; } } header("Location: {$config->_rootUri}/"); exit; ?>