"; switch($ec) { case 1: echo "user not found."; break; case 2: echo "bad password."; break; case 3: echo "no entry."; break; case 4: echo "sql error."; break; default: echo "error."; break; } echo "
\nback to the front page.\n\n"; exit(1); } function process(&$e) { $e = str_replace("\n", "
", $e); } $conn = @mysql_connect("localhost", "nard", "blog_db") or die('Error connecting to the database server'); mysql_select_db("sales") or die('Error selecting the database.'); $result = mysql_query("select * from users where uname=\"".$_POST['user']."\""); if(mysql_num_rows($result) == 0) { done(1); } else { //found $row = mysql_fetch_row($result); if(md5($_POST['pass']) != $row[2]) { done(2); } else if($_POST['entry'] == null) done(3); else { $entry = $_POST['entry']; process($entry); $query = "(null," .$row[0] .",CURDATE()," ."CURTIME()," ."\"".$_POST['userpic']."\"" .","."\"".$_POST['subj']."\"" .","."\"".$entry."\"" .","."\"".$_POST['mood']."\"" .","."\"".$_POST['music']."\"" .", 1,"."\"".$row[1]."\"".")"; if(!mysql_query("insert into entries values".$query)) done(4); echo "
successfully entered into the database."; echo "
you may view it on the front page.\n"; } } ?>