$link = mysql_connect($dbhost, $dbuser, $dbpasswd) or die ("Could not connect to MySQL");

mysql_select_db ($dbname) or die ("Could not select database $dbname");

if (!$_POST){echo "



You do not have authority to view this page!


";echo "
This information has been logged and an email sent to this sites AF administrator


";echo "
Your IP: ".$_SERVER['REMOTE_ADDR']."

";echo "
Your Browser Info: ".$_SERVER['HTTP_USER_AGENT']."

";echo "
Your Browser Language: ".$_SERVER['HTTP_ACCEPT_LANGUAGE']."

";echo "
".$_SERVER['HTTP_REFERER']."

";echo "
Unathorized Page Accessed: ".$_SERVER['REQUEST_URI']."

";echo "
".$_SERVER['REMOTE_IDENT']."

";echo "
Date Of Unathorized Access: ".date("d/M/Y:H:i:s O")."

";echo ("Article Friendly Article Publishing Script");die;}

if(isset($_POST['author'])){

if($result=mysql_query("SELECT intId FROM tblcountry WHERE varCountry LIKE '".$_POST['country']."'")) {

$country=mysql_fetch_assoc($result); $country_id=$country['intId'];

}

else{ $country_id=4; }

$e_mail = trim($_POST['email']);

$check_user = "SELECT * FROM tblauthor WHERE '$e_mail' = varEmail";

$verify_user = mysql_query($check_user);

//$num_rows = mysql_fetch_array($verify_user);

If ($verify_user == $e_mail) { die(); }else{ if(isset($_POST['penname'])) {$penname1 = $_POST['penname'];$pen = explode(" ",$penname1);$fname = $pen[0];$lname = $pen[1];}else{$fname = $_POST['first_name'];$lname = $POST['last_name'];

}

if($fname == "" && $lname == ""){

die();}

mysql_query("INSERT INTO tblauthor(varEmail, varPassword, varFirstName, varlastName, varAddress1, varAddress2, varZip, varCity, varState, intCountry, varPhone, varFax, intIsTerms, intStatus, dtRegisteredDate, varIPNUM, varBio, website) VALUES('{$_POST['email']}', '{$_POST['password']}', '$fname', '$lname', '{$_POST['address1']}', '{$_POST['address2']}', '{$_POST['zip_code']}', '{$_POST['city']}', '{$_POST['state']}', '".$country_id."', 'Phone', 'Fax', '1', '1', '".date("Y-m-d G:i:s")."', '{$_POST['IP_NUM']}', '{$_POST['bio']}', '{$_POST['web']}')")or die("Article Friendly");

}

}

if(isset($_POST['articles'])) {

$dupe_test = mysql_query("SELECT varArticleTitle FROM tblarticles WHERE ".$_POST['title']." = varArticleTitle"); If($dupe_test) { die(); } $cat1 = $_POST['category'];

$result=mysql_query("SELECT intID FROM tblcategories WHERE varCategory = '$cat1' LIMIT 1"); $id=mysql_fetch_assoc($result); if($result){ $category_id=$id['intID']; }else{ die(); } $results = mysql_query("SELECT intId FROM tblauthor WHERE '".$_POST['email']."' = varEmail AND txtBAN = 'No' AND intId > 0 LIMIT 1"); if($results){ $verified=mysql_fetch_assoc($results); $user_id = $verified['intId']; $title = safeEscapeString($_POST['title']); $article = safeEscapeString($_POST['article']); $summary = safeEscapeString($_POST['description']); $keywords = safeEscapeString($_POST['keywords']); $resources = safeEscapeString($_POST['resource_box']); mysql_query("INSERT INTO tblarticles(intAuthorId, intCategory, varArticleTitle, textArticleText, intStatus, textSummary, varKeywords, textResource, ttSubmitDate, word_count) VALUES('$user_id', '$category_id', '$title', '$article', '1', '$summary','$keywords', '$resources', '".date("Y-m-d G:i:s")."', '{$_POST['wordcount']}')")or die("articlefriendly.com"); mysql_query("DELETE FROM tblarticles WHERE intAuthorId = 0"); echo ("Article Friendly Article Publishing Script" );

}else{ die(); } }?>

New! Facebook Comments

Speak your mind about this fasting/health topic ... :-)