Viên ngọc phương Đông

<?php
session_start();
require_once $_SERVER['DOCUMENT_ROOT'].'/admin/scripts-includes/universal.php';

$connID = connect_to_db();

$location = clean_plain_data($_POST['location']);
$shipping_cost = clean_plain_data($_POST['shipping_cost']);
$position = clean_plain_data($_POST['position']);
$active = ($_POST['active']) ? 1 : 0;

//validate
$message = '';
if($location == ''){ $message .= 'Please enter a location. <br />';}
if($shipping_cost == ''){ $message .= 'Please enter a shipping cost. <br />';}
/* @todo validate cost as $ */

if($message != '')
{
	getout($message,'../shipping.php');
	exit;
}

if(!$position)
{
	$position = select_one('shipping','max(position)')+10;
}
		
//insert
if(!$insert = mysql_query("insert into shipping (location, shipping_cost, position, active)
	values ('$location', '$shipping_cost', '$position', '$active')") )
{
	getout('There was an error creating the entry.'.mysql_error()); //
	exit;
}
$message = 'Entry added successfully.';
/** 
 * return to previous page
 */
getout($message);
exit;
?>