File: /home/httpd/html/baretube.com/admin/ajax/ajax.add_model.php
<?
header('Content-type: application/json');
include('../db.php');
if (!$_SESSION['isAdmin']) {
die('Error !');
}
$content_id = (int) $_REQUEST['content_id'];
$model_name = mysqli_real_escape_string($dbconn, $_REQUEST['model_name']);
if ($model_name == '') {
$response['status'] = 'error';
$response['message'] = 'Please enter model name!';
}
if ($content_id == '' || $content_id == 0 || !($content_id)) {
$response['status'] = 'error';
$response['message'] = 'Invalid content ID!';
}
if (count(dbQuery("SELECT record_num FROM pornstars WHERE name = '$model_name'",false)) > 0) {
$response['status'] = 'error';
$response['message'] = 'This model already exists.';
}
if ($response['status'] != 'error') {
dbQuery("INSERT INTO pornstars SET name = '$model_name'");
$insertid = mysqli_insert_id($dbconn);
if (is_numeric($insertid)) {
dbQuery("INSERT INTO content_pornstars SET content = '$content_id', pornstar = '$insertid'");
$get_languages = dbQuery("SELECT * FROM languages", false);
foreach ($get_languages as $lang) {
dbQuery("INSERT INTO pornstars_languages SET pornstar = '$insertid', language = '" . $lang['iso'] . "'");
}
$response['status'] = 'success';
$response['message'] = 'Model has been added.';
}
}
echo json_encode($response);
?>