libraryadmin.php

<?php

// you gotta be this high to enter
$permission="librarian";

//include ISBN validation library
require_once('../lib/Validate/ISPN.php');

$error = array();

function fetch_amazon_data($isbn) {

	$url1 = "http://webservices.amazon.co.uk/onca/xml?Service=AWSECommerceService";
	$url1 .= "&AWSAccessKeyId=02NDPFGZ9A35HRBQ9NG2";
	$url1 .= "&Operation=ItemLookup&IdType=ISBN&SearchIndex=Books&ItemId=";
	$url2 = "&ResponseGroup=Medium,Offers";

	return file_get_contents($url1.$isbn.$url2);
}

function valid_isbn($isbn) {

        return Validate_ISPN::isbn($isbn);
}

if ($session->groups[$permission]) {

	if ($_REQUEST['action'] == "search") {

		$isbn = $_REQUEST['isbn'];
		$isbn = str_replace(array('ISBN', '-', ' ', "\t", "\n"), '', $isbn);

		if (valid_isbn($isbn)) {
			$xmlresult = fetch_amazon_data($isbn);
			$simple_xml = simplexml_load_string($xmlresult);
			$book['isbn'] = $isbn;
			$book['title'] = $simple_xml->Items->Item->ItemAttributes->Title;
			$book['author'] = $simple_xml->Items->Item->ItemAttributes->Author;
			$book['publisher'] = $simple_xml->Items->Item->ItemAttributes->Publisher;
			$book['image_url'] = $simple_xml->Items->Item->MediumImage->URL;
			$smarty->assign("book", $book);
		} else {
			// invalid isbn entered
			trigger_error("invalid ISBN number entered", E_USER_WARNING);
		}

		
	} elseif ($_REQUEST['action'] == "add") {
		$book = array();
		$book['isbn'] = $_REQUEST['isbn'];
		$book['title'] = $_REQUEST['title'];
		$book['author'] = $_REQUEST['author'];
		$book['publisher'] = $_REQUEST['publisher'];
		$book['image_url'] = $_REQUEST['image_url'];

		// Validate that we have enough info to add
		if (($book['isbn'] != "") && (!valid_isbn($book['isbn']))) {
			trigger_error("invalid ISBN", E_USER_WARNING);
		} elseif (trim($book['title']) == "") {
			trigger_error("you must supply a title", E_USER_WARNING);
		} elseif (trim($book['author']) == "") {
			trigger_error("you must supply an author"); 
		} else {
			$insertdata = array($book['title'], $book['author'], $book['publisher']);
			if (valid_isbn($book['isbn'])) {
				$book['amazon_data'] = fetch_amazon_data($book['isbn']);
				$newinsertdata = array($book['isbn'], $book['image_url'], $book['amazon_data']);
				$insertdata = array_merge($insertdata, $newinsertdata);
				$DB->Query("INSERT INTO books (title, author, publisher, isbn, image_url, amazon_data) VALUES (?,?,?,?,?,?)", $insertdata);
			} else {
				$DB->Query("INSERT INTO books (title, author, publisher) VALUES (?,?,?)", $insertdata);
			}
		}

	}
		$result = $smarty->fetch("library-addbook.tpl");
}

$smarty->assign("title", "Library Admin");
$smarty->assign("body", $result);

?>