Mini Shell Moded By TiGER HeX

/mnt/volume_sfo2_01/50mmla/admin/pollChoiceAdd.php

<?
include_once('../includes/static/configure.php');
include_once('../includes/static/util.php');
include_once('../includes/static/dbcon.php');
include_once('../includes/static/gdimg.php');
include_once('../includes/static/sessions.php');
include_once('includes/static/util.php');
include_once('includes/appTop.php');
$page_id = str_replace(".php","",basename($_SERVER['PHP_SELF']));
if(!has_permission($page_id)){
   die("You don't have permission to view this page!");
}
$poll_id = 0;
if(isset($_REQUEST['pollId'])){
   $poll_id = $_REQUEST['pollId'];
}
if( isset($_REQUEST['addChoice'])){
	$sql = "INSERT INTO 50mm_poll_choices (poll_id,choice) VALUES ('".$poll_id."','".$_REQUEST['pollChoice']."')";
	if( !($result = $db->sql_query($sql)) ){
	   $sql_error = $db->sql_error();
	   die($sql_error['message']);
	}
}

include_once('includes/header.php');

$sql = "SELECT poll_id,question FROM 50mm_polls WHERE poll_id = '$poll_id'";
if( !($result = $db->sql_query($sql)) ){
   $sql_error = $db->sql_error();
   die($sql_error['message']);
}
$row = $db->sql_fetchrow($result);
echo $row['question'];
?>
<script>
divs = new Array('pollChoice');
</script>
<form action="<?echo $_SERVER['PHP_SELF']?>" method="POST" enctype="multipart/form-data" onSubmit="return validateForm(this,divs,'error');">
Add Choice:<span id="errpollChoice" class="error" style="visibility:hidden;"> *</span><br>
<input class="field" name="pollChoice" style="width:250px;"><br>
<input name="addChoice" type="submit" class="button" value="Add Choice">
<div id="error" class="error" style="visibility:hidden;">Please correct the fields marked by *</div>
<input name="pollId" type="hidden" value="<?echo $poll_id;?>">
</form>
<?include_once('includes/choiceExplorer.php');?>
<br>
<?
include_once('includes/pollExplorer.php');
include_once('includes/footer.php');
include_once('includes/appBottom.php');
?>