Here's the code:
Code: Select all
if($act == 'create_subcat'){
if(!$_POST['submit']){
echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n";
echo "<form method=\"post\" action=\"./admin.php?act=create_subcat\">\n";
echo "<tr><td>Forum Category</td><td><select name=\"cat\"><option value=\"0\">Please Choose...</option>\n";
$sql6 = "SELECT * FROM `forum_cats` ORDER BY id ASC";
$res6 = mysql_query($sql6) or die(mysql_error());
if(mysql_num_rows($res6) == 0){
echo "</select><br />No categories exist!\n";
}else {
while($row3 = mysql_fetch_assoc($res6)){
echo "<option value=\"".$row3['id']."\">".$row3['name']."</option>\n";
}
}
echo "</select></td></tr>\n";
echo "<tr><td>Sub Cat. Name</td><td><input type=\"text\" name=\"name\"></td></tr>\n";
echo "<tr><td>Description</td><td><textarea name=\"desc\" style=\"width:300px;height:60px;\"></textarea></td></tr>\n";
echo "<tr><td colspan=\"2\" align=\"right\"><input type=\"submit\" name=\"submit\" value=\"Add Forum Sub Category\"></td></tr>\n";
echo "</form></table>\n";
}else {
$cat = mss($_POST['cat']);
$name = mss($_POST['name']);
$desc = mss($_POST['desc']);
if($cat && $name && $desc){
$sql7 = "SELECT * FROM `forum_cats` WHERE `id`='".$cat."'";
$res7 = mysql_query($sql7) or die(mysql_error());
if(mysql_num_rows($res7) == 0){
echo "The forum category you supplied does not exist!\n";
}else {
$sql8 = "SELECT * FROM `forum_sub_cats` WHERE `name`='".$name."' AND `cid`='".$cat."'";
$res8 = mysql_query($sql8) or die(mysql_error());
if(mysql_num_rows($res8) > 0){
echo "The Forum sub category already exists within the main category!\n";
}else {
if(strlen($desc) < 3 || ($desc) > 255){
echo "The description must be between 3 and 255 characters!\n";
}else {
$row4 = mysql_fetch_assoc($res7);
$sql9 = "INSERT INTO `forum_sub_cats` (`cid`,`name`,`desc`,`admin`) VALUES('".$cat."','".$name."','".$desc."','".$row4['admin']."')";
$res9 = mysql_query($sql9) or die(mysql_error());
echo "The forum sub category, <b>".$name."</b> has been added under the main category of <b>".$row4['name']."</b>!\n";
}
}
}
}
}
}