real_escape($_GET['val']);
if(!empty($val) || $val == "edit"){
$id = $db->real_escape($_GET['id']);
$result = $db->fetch_array($db->query("SELECT * FROM publication WHERE publication_id = '$id'"));
$edit = true;
}
if(isset($_POST['create_publication']) || isset($_POST['update_publication'])){
$id = $db->real_escape($_POST['publication_id']);
$publication = $db->real_escape($_POST['publication']);
if(isset($_POST['update_publication'])){
$operation = "UPDATE";
$where = "WHERE publication_id = '$id'";
$success_message = "Record Successfully Update";
}elseif(isset($_POST['create_publication'])){
$operation = "INSERT INTO";
$where = "";
$success_message = "Record Successfully Added";
}
if($db->num_rows($db->query("SELECT * FROM publication WHERE publication = '$publication'")) == 0 || isset($_POST['update_publication'])){
$query = "$operation publication SET publication = '$publication', create_date = NOW() $where";
if($db->query($query)){
$msg = $success_message;
}else{
$error = "Network Error.";
}
}else{
$error = "This Publication already exist.";
}
}
?>