<?php
if(!isset($_POST['action']))
{
echo "<div class=\"form\">\n";
echo "<form method=\"post\" action=\"hadmin.php?nocache=$nocache&amp;ver=html&amp;".SID."&amp;pass=$pass&amp;mod=addroom\">\n";
echo "Title:<br/>\n";
echo "<input name=\"name\" maxlength=\"15\" title=\"name\"/><br/>\n";
echo "Position:<br/>\n";
echo "<input name=\"position\" size=\"2\" maxlength=\"2\" title=\"position\"/><br/>\n";
echo "Type:<br/>\n";
echo "<select name=\"type\">\n";
echo "<option value=\"0\" selected=\"selected\">Normal</option>\n";
echo "<option value=\"1\">moder</option>\n";
echo "<option value=\"2\">Embassy</option>\n";
echo "</select><br/>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"add\"/>\n";
echo "<input type=\"submit\" value=\"Create\"/></form></div><br/>\n";
}
else
{
$name = trim(mysql_escape_string(htmlspecialchars($_POST['name'])));
$name = str_replace('$', '$$', $name);
if(empty($name))
{
echo "Empty name!<br/>\n";
break;
}

$position = intval($_POST['position']);
if($postion < 0) $postion = 0;
if($postion > 100) $postion = 100;
$type = intval($_POST['type']);
if($type < 0) $type = 0;
if($type > 2) $type = 0;
$q = mysql_query("SELECT `name` FROM `chat_rooms` WHERE `name` = '".$name."';");

if(mysql_affected_rows() != 0)
{
echo "A room with the same name already exist.<br/>\n";
break;
}

$q = mysql_query("SELECT COUNT(*) FROM `chat_rooms`;");
$result = mysql_result($q, 0);

if($result > 20)
{
echo "Too many established rooms!<br/>\n";
break;
}

$q = mysql_query("INSERT INTO `chat_rooms` VALUES(0, '".$name."', '".$position."', '".$name."', '".$type."');");
$room = mysql_insert_id();
$sql = mysql_query("CREATE TABLE `chat".$room."` (
  `id` int(10) unsigned NOT NULL auto_increment,
  `aid` int(11) NOT NULL default '0',
  `nickname` tinytext NOT NULL,
  `msg` text NOT NULL,
  `to` int(11) NOT NULL default '0',
  `time` tinytext NOT NULL,
  `seconds` int(11) unsigned NOT NULL default '0',
  PRIMARY KEY  (`id`)
) TYPE=MyISAM ;");

	if($sql)
	{
	echo "Room successfully created!<br/>\n";
	if($type == 0 or $type = 2) echo "<a href=\"room.php?".SID."&amp;ver=html&amp;rid=$room\">The room</a><br/>\n";
	if($type == 1) echo "<a href=\"mroom.php?".SID."&amp;ver=html&amp;rid=$room\">The room</a><br/>\n";
	}
	else
	{
	echo "Error.<br/>\n";
	echo mysql_error();
	}
}
?>