1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<?php defined('SYSPATH') OR die('No Direct Script Access');

Class Controller_Functions extends Controller_Template
{
	public function action_submit()
	{
		if (isset($_GET['name']))
		{
			if (!is_numeric($_GET['manliness']))
			{
				$error = 'Value of manliness not a number.';
			}
			else if (!is_numeric($_GET['richliness_reward']))
			{
				$error = 'Richliness reward not a number.';
			}
			else if (!is_numeric($_GET['manliness_reward']))
			{
				$error = 'Manliness reward not a number.';
			}
			else
			{
	            list($insert_id, $num_rows) = DB::query(Database::INSERT,
					'INSERT INTO hardcore_enemies (
						name, manliness, richliness_reward, manliness_reward, richliness_penalty, manliness_penalty, author)
					VALUES (
						:name, :manliness, :richliness_reward, :manliness_reward, :richliness_penalty, :manliness_penalty, :author)')
					->parameters(array(
						':name' => $_GET['name'],
						':manliness' => $_GET['manliness'],
						':richliness_reward' => $_GET['richliness_reward'],
						':manliness_reward' => $_GET['manliness_reward'],
						':richliness_penalty' => $_GET['richliness_penalty'],
						':manliness_penalty' => $_GET['manliness_penalty'],
						':author' => $_GET['author'],
						))
					->execute();
				
				$return = array(
					"success" => true,
					"name" => mysql_real_escape_string($_GET['name'])
				);
			}
		}

		$return = array(
			"success" => false,
			"err" => $error
		);
		echo json_encode($return);
	}			
}

?>