<?php
if(!isset($_POST['action']))
{
echo "<div class=\"form\">\n";
echo "<form method=\"post\" action=\"arnab.php?nocache=$nocache&amp;ver=html&amp;".SID."&amp;pass=$pass&amp;mod=addmeet\">\n";
echo "Title:<br/>\n";
echo "<input name=\"title\" maxlength=\"20\" value=\"\" title=\"title\"/><br/>\n";
echo "Text:<br/>\n";
echo "<input name=\"text\" maxlength=\"300\" value=\"\" title=\"text\"/><br/>\n";

echo "<input type=\"hidden\" name=\"action\" value=\"add\"/>";
echo "<input type=\"submit\" value=\"Add\"/></form></div><br/>\n";
}
else
{

$title = htmlspecialchars(mysql_escape_string(trim($_POST['title'])));
$title = str_replace('$', '$$', $title);
$text = htmlspecialchars(mysql_escape_string(trim($_POST['text'])));
$text = str_replace('$', '$$', $text);



if(empty($title))
{
echo "Empty title!<br/>\n";
break;
}

if(empty($text))
{
echo "Empty text!<br/>\n";
break;
}

$sql = mysql_query("SELECT `id` FROM `chat_meets` WHERE `title` = '".$title."' AND `body` = '".$text."';");

if(mysql_num_rows($sql) != 0)
{
echo "Already exist.<br/>\n";
break;
}

$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$id."';");
$nickname = mysql_result($q, 0);
$date = date("d-m-Y");

$sql = mysql_query("INSERT INTO `chat_meets` VALUES(0, '".$nickname."', '".$title."', '".$text."', '".$date."', ".time().");");

if($sql)
{
echo "successfully saved!<br/>\n";
}
else
{
echo "Error!<br/>\n";
echo mysql_error()."<br/>\n";
}
}
?>