Here is the complete function:
function createAd($aUserID,$aTitle,$aDescr,$aCat,$aExpireAfterDays,$aSpecial,$aPremium,$aExtraFields,$aNotifyAdmin)
{
global $ads_tbl,$cat_tbl,$url,$from_adress_mail,$set_nl2br;
$lExpireDate=addDaysToTimeStamp($aExpireAfterDays,time());
if ($set_nl2br)
$lTitle=nl2br($aTitle);
else
$lTitle=$aTitle;
if (!is_integer($aUserID))
failMsg("Critical Error","Owner ID was not integer");
if (!$aCat)
failMsg("Critical Error","Category ID missing");
if (!$lTitle)
failMsg("Critical Error","No title of ad");
if ($aExpireAfterDays<1)
failMsg("Critical Error","Expire After X days was 0, which is not allowed");
// Check if category is ad_is_validated
$sql="select cat_id from $cat_tbl where cat_id=$aCat";
$r=q($sql);
if (mysql_num_rows($r)<1)
failMsg("Critical Error","Category $aCat doesn´t exists!");
// remove ', added by Kevin
$aDescr = mysql_real_escape_string($aDescr);
$lTitle=addslashes($lTitle);
$sql="insert into $ads_tbl ";
$sql.=" (ad_owner,ad_title,ad_description,ad_date,ad_cat_id,ad_date_expire,ad_is_special,ad_is_premium)";
$sql.=" values(";
$sql.="$aUserID,'$lTitle','$aDescr',".time().",$aCat,$lExpireDate,$aSpecial,$aPremium)";
$res=q($sql);
$id=mysql_insert_id();
if ($id<1) // Auto Increment error (wrong db property)
failMsg("Critical Database Error","Field ad_id wasn´t increased. Check that AutoIncrement is on.");
if ($id>0)
{
addToHistory(6,$aUserID,$id,"");
userAdsCounter($aUserID,1); // Increase counter for this user
categoryCounter($aCat,1);
if ($aExtraFields)
{
$aExtraFields=ereg_replace(""",'"',$aExtraFields);
$aExtraFields=ereg_replace("'","\\'",$aExtraFields);
q("update $ads_tbl set ". substr($aExtraFields,0,-1)." where ad_id = $id");
}
if ($aNotifyAdmin==1)
{
// Notify administator that they have a new ad
$url = "http://" . $url . "/detail.php?id=$id";
$subject = formatString(LA_NEW_AD_INFO,array($id,$aTitle,$aDescr,$url,getRemoteIp()));
$body = formatString(LA_NEW_AD_INFORM,array($id,$aTitle,$aDescr,$url,getRemoteIp()));
sendEmail($from_adress_mail,$from_adress_mail,$subject,$body);
}
return $id;
}
}