<?php
// COMMIT ADD AND EDITS
   $error = '';
   $link = mysql_connect("localhost", "root", "")
      or die("Could not connect: " . mysql_error());
   mysql_select_db('wiley2', $link) or die ( mysql_error());
   switch( $_GET['action'] ){
      case "edit":
         switch( $_GET['type'] ){
            case "people":
                  $sql = "UPDATE
                           `people`
                        SET
                           `people_fullname` = '".$_POST['people_fullname']."'
                        WHERE
                           `people_id` = '".$_GET['id']."'
                        ";
               break;
            case "movie":
               $movie_rating = trim($_POST['movie_rating']);
               if ( !is_numeric ( $movie_rating )){
                 $error .= "Please+enter+a+numeric+rating+%21%0D%0A";
               } else {
                 if ( $movie_rating < 0 || $movie_rating > 10 ){
                    $error .= "Please+enter+a+rating+between+0+and+10%21%0D%0A";
                 }
               }
               if ( !ereg ("([0-9]{2})-([0-9]{2})-([0-9]{4})", $_POST['movie_release'] , $reldatepart) ){
                  $error .= "Please+enter+a+date+with+the+dd-mm-yyyy+format%21%0D%0A";
               } else {
                  $movie_release = @mktime ( 0, 0, 0, $reldatepart['2'], $reldatepart['1'], $reldatepart['3']);
                  if ( $movie_release == '-1' ){
                     $error .= "Please+enter+a+real+date+with+the+dd-mm-yyyy+format%21%0D%0A";
                  }
               }
               $movie_name = trim($_POST[ 'movie_name' ]);
               if( empty($movie_name)){
                  $error .= "Please+enter+a+movie+name%21%0D%0A";
               }
               if (empty($_POST['movie_type'])){
                  $error .= "Please+select+a+movie+type%21%0D%0A";
               }
               if (empty($_POST['movie_year'])){
                  $error .= "Please+select+a+movie+year%21%0D%0A";
               }
               if ( empty($error) ){
                  $sql = "UPDATE
                           `movie`
                        SET
                           `movie_name` = '".$_POST['movie_name']."',
                           `movie_year` = '".$_POST['movie_year']."',
                           `movie_release` = '$movie_release',
                           `movie_type` = '".$_POST['movie_type']."',
                           `movie_leadactor` = '".$_POST['movie_leadactor']."',
                           `movie_director` = '".$_POST['movie_director']."',
                           `movie_rating` = '$movie_rating'
                        WHERE
                           `movie_id` = '".$_GET['id']."'
                        ";
               } else {
                  header( "location:movie.php?action=edit&error=".$error."&id=".$_GET['id'] );
               }
               break;
         }
         break;
      case "add":
         switch( $_GET['type'] ){
            case "people":
               $sql = "INSERT INTO
                        `people`
                        ( `people_fullname` )
                     VALUES
                        ( '".$_POST['people_fullname']."' )
                     ";
               break;
            case "movie":
               $movie_rating = trim($_POST['movie_rating']);
               if ( !is_numeric ( $movie_rating )){
                 $error .= "Please+enter+a+numeric+rating+%21%0D%0A";
               } else {
                 if ( $movie_rating < 0 || $movie_rating > 10 ){
                    $error .= "Please+enter+a+rating+between+0+and+10%21%0D%0A";
                 }
               }
               $movie_release = trim($_POST['movie_release']);
               if ( !ereg ("([0-9]{2})-([0-9]{2})-([0-9]{4})", $movie_release , $reldatepart) || empty( $movie_release )){
                  $error .= "Please+enter+a+date+with+the+dd-mm-yyyy+format%21%0D%0A";
               } else {
                  $movie_release = @mktime ( 0, 0, 0, $reldatepart['2'], $reldatepart['1'], $reldatepart['3']);
                  if ( $movie_release == '-1' ){
                     $error .= "Please+enter+a+real+date+with+the+dd-mm-yyyy+format%21%0D%0A";
                  }
               }
               $movie_name = trim($row[ 'movie_name' ]);
               if( empty($movie_name)){
                  $error .= "Please+enter+a+movie+name%21%0D%0A";
               }
               if (empty($_POST['movie_type'])){
                  $error .= "Please+select+a+movie+type%21%0D%0A";
               }
               if (empty($_POST['movie_year'])){
                  $error .= "Please+select+a+movie+year%21%0D%0A";
               }
               if ( empty($error) ){
                     $sql = "INSERT INTO
                              `movie`
                              ( `movie_name` ,
                                `movie_year` ,
                                `movie_release` ,
                                `movie_type` ,
                                `movie_leadactor` ,
                                `movie_director` ,
                                `movie_rating`)
                           VALUES
                              ( '".$_POST['movie_name']."' ,
                                '".$_POST['movie_year']."' ,
                                '$movie_release'
                                '".$_POST['movie_type']."' ,
                                '".$_POST['movie_leadactor']."' ,
                                '".$_POST['movie_director']."',
                                '$movie_rating' )
                           ";
            } else {
               header( "location:movie.php?action=add&error=".$error );
            }
               break;

         }
         break;
   }
   if ( isset( $sql ) && !empty( $sql )){
      echo "<!--".$sql."-->";
      $result = mysql_query( $sql )
         or die("Invalid query: " . mysql_error());
?>
      <p align="center" style="color:#FF0000">
         Done. <a href="../../../../../ist304Databases/wrox/code/ch07/index.php">Index</a>
      </p>
<?php
   }
?>