1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
|
<?php
/**
* Copyright (c) 2007 Nathan Kinkade
*
* This code is offered under an MIT (X11) license. For more information
* about the terms of this license see the file LICENSE included with this
* software or visit: http://www.opensource.org/licenses/mit-license.php
*/
# include the main site config where various global variables
# and libraries are included
require("config.php");
# the user must be logged in to access this script. if they are
# not then this function will send them back to the index page
loginRequired();
# make sure there is a meal desc before continuing
$description = trim($_POST['description']);
if ( empty($description) ) {
$_SESSION['systemMsg'] = "<span class='msgError'>You must give the meal a name before you can save it.</span>";
header("Location: {$config->_previousUri}");
exit;
}
# if there is no meal id then kick the user out
if ( ! isset($_POST['meal']) ) {
$_SESSION['systemMsg'] = "<span class='msgError'>You must specify a meal Id.</span>";
header("Location: {$config->_previousUri}");
exit;
}
# if the meal Id isn't numeric then kick the user out
if ( ! is_numeric($_POST['meal']) ) {
$_SESSION['systemMsg'] = "<span class='msgError'>The meal Id must be a number.</span>";
header("Location: {$config->_previousUri}");
exit;
}
if ( isset($_POST['saveMeal']) ) {
# meal id of 0 means the current meal
if ( $_POST['meal'] == "0" ) {
# make sure that there is a meal in the session or something that
# resembles one before we proceed.
if ( ! isset($_SESSION['currentMeal']) ) {
$_SESSION['systemMsg'] = "<span class='msgError'>There is no current meal to save.</span>";
header("Location: {$config->_previousUri}");
exit;
}
$mealItems = $_SESSION['currentMeal'];
} else {
$sql = sprintf ("
SELECT userMeals.description AS mealDesc, userMealItems.*
FROM userMeals LEFT JOIN userMealItems
ON userMeals.id = userMealItems.meal
WHERE userMeals.id = '%s' AND userMeals.user = '%s'
",
$_POST['meal'],
$_SESSION['user']['id']
);
$db->Select($sql);
if ( $db->_rowCount != 0 ) {
$mealItems = $db->_rows;
} else {
$_SESSION['systemMsg'] = "<span class='msgError'>The specified meal doesn't exist.</span>";
header("Location: {$config->_previousUri}");
exit;
}
}
# set a status to true, if we encounter errors it will be set to false
# and the user will be notified
$status = "true";
# add the main entry for the new meal
$sql = sprintf ("
INSERT INTO userMeals (user, description)
VALUES('%s','%s')
",
$_SESSION['user']['id'],
$db->EscapeString($description)
);
$db->Modify($sql);
# if adding the main meal entry was successful, then try to
# add each meal item of the meal
if ( $db->_affectedRows == 1 ) {
$meal = $db->InsertId();
foreach ( $mealItems as $mealItem ) {
$sql = sprintf ("
INSERT INTO userMealItems (meal, food, weight, quantity, description)
VALUES ('%s','%s','%s','%s','%s')
",
$meal,
$mealItem['food'],
$mealItem['weight'],
$mealItem['quantity'],
$mealItem['description']
);
$db->Modify($sql);
if ( $db->_affectedRows != 1 ) {
$status = "false";
}
}
}
if ( $status == "true" ) {
# clear the current meal if meal id was 0
if ( $_POST['meal'] == "0" ) {
unset($_SESSION['currentMeal']);
}
$_SESSION['systemMsg'] = "<span class='msgOkay'>The meal was saved successfully.</span>";
} else {
$_SESSION['systemMsg'] = "<span class='msgError'>There was an error while saving the meal.</span>";
}
} elseif ( isset($_POST['addMealToDiary']) ) {
# don't let the user continue if they didn't specify a timestamp
if ( empty($_POST['diaryTimestamp']) ) {
$_SESSION['systemMsg'] = "<span class='msgError'>You must specify a timestamp.</span>";
header("Location: {$config->_previousUri}");
exit;
}
$timestamp = strtotime($_POST['diaryTimestamp']);
# build the query string that will be used for the href when
# we display this diary to the user
$description = htmlspecialchars($_POST['description']);
$itemData = "{$_POST['meal']}::$description";
$sql = sprintf ("
INSERT INTO userDiaryItems (diary, data, timestamp, type)
VALUES ('%s', '%s', '%s', '%s')
",
$_POST['diary'],
$db->EscapeString($itemData),
$timestamp,
"Meal"
);
$db->Modify($sql);
if ( $db->_affectedRows == 1 ) {
$_SESSION['systemMsg'] = "<span class='msgOkay'>The meal was added to the selected diary.</span>";
} else {
$_SESSION['systemMsg'] = "<span class='msgError'>There was an error. The meal wasn't added.</span>";
}
}
header("Location: {$config->_rootUri}/");
exit;
?>
|
