<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> 
<head> 
  <title>Book List</title>
  <link rel="stylesheet" type="text/css" href="../style.css" />
  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
</head> 

<body>

<?php

// functions called below
function print_form() {
    $time = time();
    echo <<<END
        <form action="$_SERVER[PHP_SELF]" method="post">

    <h2 class="center">Book Entry Screen</h2>
    <hr />


        <input type="hidden" name="Time" value="$time">
         <p><center><br />
           Author:<br />
         <b>First Name: </b>
        <input type="text" name="FirstName" size="40">
        <br /><b>Last Name: </b>
        <input type="text" name="LastName" size="40">
        <br />

        <br /><br /><b>Title</b><br />
        <input type="text" name="Title" size="80">
        <br /><b>Year: </b><br />
        <input type="text" name="Year" size="4">
        <br /><b>Location: </b><br />
        <input type="text" name="Location" size="40">

<br /><br />
<h3>Quotes</h3>
<p>Any good quotes?</p>

<textarea name="Quotes" rows=20 cols=60 wrap="HARD"></textarea><br />

        <input type="hidden" name="stage" value="process">
        <input type="submit" value="Submit">
        </form>
END;
}

function process_form() {

    $firstname = $_POST['FirstName'];
    $lastname = $_POST['LastName'];
    $comments = "";

    $sql = "insert into bookstuff.entries values (
                   {$_POST['Time']},
           '$firstname',
           '$lastname',
           \"{$_POST['Title']}\",
           \"{$_POST['Year']}\",
           \"{$_POST['Location']}\",
           '$comments',
           \"{$_POST['Quotes']}\")";
 
print "query is: " . $sql;

$result = mysql_query($sql) or die("Mysql query failed");

print "<h3>Success!!!</h3>";

print "<br />Thank you for entering a book.";

print "<br />To see all reports, <a href=\"bookreport.php?sortby=lastname\">click here</a>.";

}



// connect to database

#    $db = mysql_connect("vh216602.truman.edu", "bookuserIns", "");
#if (!$db) {
#    print "Error - Could not connect to mysql";
#    exit;
# }

# $er = mysql_select_db("bookstuff");
# if (!$er) {
#     print "Error - Could not select bookstuff database";
#     exit;
# }

if (isset($_POST['stage']) && ('process' == $_POST['stage'])) {
    process_form();
} else {
    print_form();
}

?>

</body>
</html>