"; // validate user and password $go = "no"; $query_string = "SELECT customer_id FROM customer WHERE customer_id = '$customer_id' AND password = '$password' "; $result = mysql_db_query("$dbName",$query_string); while($row = mysql_fetch_object($result)) { $go = "yes"; } if($go == 'yes'){ if($action == 'modify'){ $temp_customer_id = str_replace('\'', '', $temp_customer_id); $temp_customer_id = str_replace('\"', '', $temp_customer_id); $temp_customer_id = str_replace('\&', ' ', $temp_customer_id); $temp_customer_id = str_replace(',', '', $temp_customer_id); $temp_customer_id = str_replace(' ', '_', $temp_customer_id); $description = str_replace('\'', '', $description); $description = str_replace('\"', '', $description); $title = str_replace('\'', '', $title); $title = str_replace('\"', '', $title); $keywords = str_replace('\'', '', $keywords); $keywords = str_replace('\"', '', $keywords); $content = str_replace('\'', '', $content); $content = str_replace('\"', '', $content); if($customer_id == ''){ $bail = "yes"; $error = "No customer id selected"; } if($bail != 'yes'){ $ip = getenv("REMOTE_HOST"); $query = "UPDATE diyhomepage SET title = '$title', title_font = '$title_font', description = '$description', keywords = '$keywords', bgcolor = '$bgcolor', sidebgcolor = '$sidebgcolor', topbanner = '$topbanner', copyright_name = '$copyright_name', content = '$content', content_font = '$content_font' WHERE homepage_id = '$homepage_id' AND customer_id = '$customer_id' "; $result = mysql_db_query("$dbName",$query); //PRINT $query."

"; $comment = "by ".$session_employee_first; $query3 = "INSERT INTO user_history( creation, ip, employee_id, customer_id, action, comment, access_level) VALUES( NOW(), '$ip', '$session_employee_id', '$customer_id', 'modified', '$comment', '1' )"; $result = mysql_db_query("$dbName",$query3); } else { PRINT "ERROR: ".$error.""; } # end bailout if } # end action is modify $query_string = "SELECT * FROM diyhomepage WHERE customer_id = '$customer_id' "; $result = mysql_db_query("$dbName",$query_string); while($row = mysql_fetch_object($result)) { $homepage_id = $row->homepage_id; $title = $row->title; $title_font = $row->title_font; $description = $row->description; $keywords = $row->keywords; $bgcolor = $row->bgcolor; $sidebgcolor = $row->sidebgcolor; $topbanner = $row->topbanner; $copyright_name = $row->copyright_name; $content = $row->content; $content_font = $row->content_font; } PRINT "

DIY Web Gallery for ".$customer_id."
".$navlinks."

"; //require('help_button.php'); PRINT "

Click Here for the Font Selector
Gallery Title	Font

Keywords (optional) Separate each keyword with a comma ".$keywords."
Short Description This is what people will read about your gallery when browsing gallery listings ".$description."
Click Here for the Color Selector
Background Color
Sidebar Color
Your Copyright Name
Main Image
Content	Font
This is what people will read when arriving at the first page of your gallery. Remember you can add text descriptions to all your pictures as well ".$content."
	IMPORTANT! You MUST click the Modify button or your changes will not take effect.

"; } else { PRINT "ERROR. UserID and/or Password not valid"; $comment = "unsuccessfull login attempt to page_edit.php"; $query3 = "INSERT INTO user_history( creation, ip, employee_id, customer_id, action, comment, access_level) VALUES( NOW(), '$ip', '427', '$customer_id', 'error', '$comment', '1' )"; $result = mysql_db_query("$dbName",$query3); } PRINT " "; ?>