". mysql_error()); } // Select the database $db_select = mysql_select_db($db_database); if (!$db_select){ die ("Could not select the database:
". mysql_error( )); } //*********************************************************** // Begin form for ChooseEquipmentType //*********************************************************** if (isset($_POST['ChooseEquipmentType'])) { $EquipmentType = mysqlclean($_POST,"EquipmentType",100,$connection); // Get which equipment type was chosen $_SESSION['WhichEquipmentTypeWasChosen'] = $EquipmentType; echo "
Rate your outdoor power equipment.


"; echo ""; echo ''; // ************************************************************************* // Begin Step 1 // ************************************************************************* echo ""; echo ""; // ************************************************************************* // End Step 1 // ************************************************************************* // ************************************************************************* // Begin Step 2 // ************************************************************************* echo " "; echo ""; echo "
Equipment Type Send me an equipment type suggestion to add.
Step 1.
Manufacturer
Step 2.
Don't see a manufacturer here? Add their product. Make sure you are logged in to do so.
$
"; // ************************************************************************* // End Step 2 // ************************************************************************* //*********************************************************** // END form for ChooseEquipmentType //*********************************************************** } elseif (isset($_POST['EnterManufacturer'])) { //*********************************************************** // BEGING Enter Manufacturer //*********************************************************** // do they have access to see this page? // admins and business owners, have access to this page. $AccountType = $_SESSION['AccountType']; $AccountStatus = $_SESSION['AccountStatus']; if( ($AccountType == 1000) or (($AccountType == 1001) and ($AccountStatus == 1)) ) { $ip=$_SERVER['REMOTE_ADDR']; $CurrentDate = date("Y-m-d"); $CurrentTime= date("g:i a"); $id = $_SESSION['id']; $EnteredManufacturerName = mysqlclean($_POST,"ManufacturerName",100,$connection); $ModelName = mysqlclean($_POST,"ModelName",100,$connection); $ModelNumber = mysqlclean($_POST,"ModelNumber",100,$connection); $RetailPrice = mysqlclean($_POST,"RetailPrice",100,$connection); $WhichEquipmentTypeWasChosen = $_SESSION['WhichEquipmentTypeWasChosen']; // Don't enter duplicate names $query="SELECT UniqueID FROM EquipmentManufacturer Where ManufacturerName = '$EnteredManufacturerName'"; $result=mysql_query($query); $count=mysql_num_rows($result); $i=0; while ($i < $count) { $UniqueManufacturerID=mysql_result($result,$i,"UniqueID"); $i++; } if ($count == 0) { $query = "Insert INTO EquipmentManufacturer (ManufacturerName, DateEntered, EnteredBy) VALUES ('$EnteredManufacturerName','$CurrentDate', '$id')"; if (!(@mysql_query($query,$connection))) showerror; // get the new manufacturer id to enter into the product model $query1="SELECT UniqueID FROM EquipmentManufacturer Where ManufacturerName = '$EnteredManufacturerName'"; $result1=mysql_query($query1); $count1=mysql_num_rows($result1); $i=0; while ($i < $count1) { $UniqueManufacturerID=mysql_result($result1,$i,"UniqueID"); $i++; } // Enter the model information in. $query = "Insert INTO EquipmentModel (ManufacturerID, ModelNumber, ModelName, TypeID, DateEntered, RetailPrice, EnteredBy) VALUES ('$UniqueManufacturerID', '$ModelNumber', '$ModelName', '$WhichEquipmentTypeWasChosen', '$CurrentDate', '$RetailPrice', '$id')"; if (!(@mysql_query($query,$connection))) showerror; echo "Thank you, please return to your previous page to continue."; } else { // it might already exist for another product category and if so, use it. $query = "Insert INTO EquipmentModel (ManufacturerID, ModelNumber, ModelName, TypeID, DateEntered, RetailPrice, EnteredBy) VALUES ('$UniqueManufacturerID', '$ModelNumber', '$ModelName', '$WhichEquipmentTypeWasChosen', '$CurrentDate', '$RetailPrice', '$id')"; if (!(@mysql_query($query,$connection))) showerror; echo "Thank you, please return to your previous page to continue."; } } else { header("location:main_login.php"); } //*********************************************************** // END Enter Manufacturer //*********************************************************** } elseif (isset($_POST['ChooseModelType'])) { //*********************************************************** // Begin form for ChooseModelType //*********************************************************** $UniqueManufacturerID = mysqlclean($_POST,"UniqueManufacturerID",100,$connection); $ip=$_SERVER['REMOTE_ADDR']; // Get which equipment type was chosen $EquipmentType = $_SESSION['WhichEquipmentTypeWasChosen']; // set which manufacturer was chosen into a session $_SESSION['WhichManufacturerTypeWasChosen'] = $UniqueManufacturerID; echo "
Rate your outdoor power equipment.


"; echo ""; echo ''; // ************************************************************************* // Begin Step 1 // ************************************************************************* echo ""; echo ""; // ************************************************************************* // End Step 1 // ************************************************************************* // ************************************************************************* // Begin Step 2 // ************************************************************************* echo " "; echo ""; // ************************************************************************* // End Step 2 // ************************************************************************* // ************************************************************************* // Begin Step 3 // ************************************************************************* // Get which Model type was chosen // $_SESSION['WhichManufacturerTypeWasChosen'] = $UniqueManufacturerID; echo " "; echo "
Equipment Type Send me an equipment type suggestion to add.
Step 1.
Manufacturer
Step 2.
Model
Step 3.
Enter your product review.

Don't see a Model here? Add their product. Make sure you are logged in to do so.
$
"; // ************************************************************************* // End Step 3 // ************************************************************************* // } //*********************************************************** // END form ChooseModelType //*********************************************************** } elseif (isset($_POST['EnterModel'])) { //*********************************************************** // BEGINING Enter Model //*********************************************************** // do they have access to see this page? // admins and business owners, have access to this page. $AccountType = $_SESSION['AccountType']; $AccountStatus = $_SESSION['AccountStatus']; if( ($AccountType == 1000) or (($AccountType == 1001) and ($AccountStatus == 1)) ) { $ip=$_SERVER['REMOTE_ADDR']; $CurrentDate = date("Y-m-d"); $CurrentTime= date("g:i a"); $id = $_SESSION['id']; $WhichManufacturerTypeWasChosen = $_SESSION['WhichManufacturerTypeWasChosen']; //$EnteredManufacturerName = mysqlclean($_POST,"ManufacturerName",100,$connection); $ModelName = mysqlclean($_POST,"ModelName",100,$connection); $ModelNumber = mysqlclean($_POST,"ModelNumber",100,$connection); $RetailPrice = mysqlclean($_POST,"RetailPrice",100,$connection); $WhichEquipmentTypeWasChosen = $_SESSION['WhichEquipmentTypeWasChosen']; // Don't enter duplicate Model Numbers $query="SELECT UniqueID FROM EquipmentModel Where ModelNumber = '$ModelNumber'"; $result=mysql_query($query); $count=mysql_num_rows($result); // $i=0; // while ($i < $num) { // $UniqueManufacturerID=mysql_result($result,$i,"UniqueID"); // $i++; // } if ($count == 0) { // Enter the model information in. $query = "Insert INTO EquipmentModel (ManufacturerID, ModelNumber, ModelName, TypeID, DateEntered, RetailPrice, EnteredBy) VALUES ('$WhichManufacturerTypeWasChosen', '$ModelNumber', '$ModelName', '$WhichEquipmentTypeWasChosen', '$CurrentDate', '$RetailPrice', '$id')"; if (!(@mysql_query($query,$connection))) showerror; echo "Thank you, please return to your previous page to continue."; } else { echo "This model number has already been entered please go back to the previous page to continue."; } //*********************************************************** // END Enter Model //*********************************************************** } else { header("location:main_login.php"); } //*********************************************************** // END Enter Model //*********************************************************** } elseif (isset($_POST['VoteForThisModel'])) { //******************************************************* // BEGIN vote //********************************************************** // Get vote info $VoteRank = mysqlclean($_POST,"VoteRank",100,$connection); $UniqueModelID = mysqlclean($_POST,"UniqueModelID",100,$connection); $ProductReview = mysqlclean($_POST,"ProductReview",255,$connection); $ip=$_SERVER['REMOTE_ADDR']; $CurrentDate = date("Y-m-d"); $CurrentTime= date("g:i a"); // Don't enter duplicate votes for same ip $query="SELECT UniqueID FROM EquipmentRate Where IPAddress = '$ip' and EquipmentModelID = '$UniqueModelID'"; $result=mysql_query($query); $count=mysql_num_rows($result); if ($count == 0) { $query = "Insert INTO EquipmentRate (EquipmentModelID, Ranking, VoteDate, IPAddress, VoteTime, ProductReview) VALUES ('$UniqueModelID','$VoteRank', '$CurrentDate', '$ip', '$CurrentTime', '$ProductReview')"; if (!(@mysql_query($query,$connection))) showerror; echo "Thanks for voting.
Go back to the Voting Page."; } else { echo "Thanks for voting.
Go back to the Voting Page."; } //******************************************************* // END vote //********************************************************** } else { echo "
Rate your outdoor power equipment.


"; echo ""; echo ''; echo " "; echo "
Equipment Type Send me an equipment type suggestion to add.
Step 1.
"; MySQL_Close ($connection) ; } ?>