<%args>
$book=>""
$cover=>""
$title=>""
$author=>""
$publisher=>""
$isbn=>""
$firm=>""
$ad=>""
$designer=>""
$addl=>""
$nominator=>""
</%args>

<%init>
	use RubyCore::ObjectInit;
	use designobserver::Config();
	my $rso = new RubyCore::ObjectInit { %designobserver::Config::c };
	$rso->dbconnect();

	my $cookie_header = $r->headers_in->get('Cookie');
	my @cookies = split (";",$cookie_header);
	my ($key,$value,$sessid);
	my ($sql, $sth, $url, $nomid);
	
	foreach my $cookie (@cookies){
		($key,$value) = split("=",$cookie);
		if ($key eq "DO" || $key eq " DO"){
				$sessid = $value;
		}
	}

	$sql = "SELECT signupid FROM sitesessions WHERE session = '$sessid'";
	$sth = $rso->dosql($sql);
	my $signupid = $sth->fetchrow_array ();

	if ($sessid){ 

		$book = $rso->rsan($book);
		$cover = $rso->rsan($cover);
		$title = $rso->rsan($title);
		$title =~ s/\'/\\'/g;
		$author = $rso->rsan($author);
		$author =~ s/\'/\\'/g;
		$publisher = $rso->rsan($publisher);
		$publisher =~ s/\'/\\'/g;
		$isbn = $rso->rsan($isbn);
		$firm = $rso->rsan($firm);
		$firm =~ s/\'/\\'/g;
		$ad = $rso->rsan($ad);
		$ad =~ s/\'/\\'/g;
		$designer = $rso->rsan($designer);
		$designer =~ s/\'/\\'/g;
		$addl = $rso->rsan($addl);
		$addl =~ s/\'/\\'/g;
		$nominator = $rso->rsan($nominator);
		$nominator =~ s/\'/\\'/g;
	
		if ($title && $author && $publisher){
	
			$sql = "INSERT INTO 5050_2013 SET ";
			$sql .= "created=NOW(), entrystatus='entered', paid=0, ";
			$sql .= "createdby='$signupid', ";
			$sql .= "sessionid='$sessid', ";
			if ($book eq "on"){
				$book = 'y';
			} else {
				$book = 'n';
			}
			$sql .= "book='$book', ";
			if ($cover eq "on"){
				$cover = 'y';
			} else {
				$cover = 'n';
			}
			$sql .= "cover='$cover', ";
			$sql .= "title='$title', ";
			$sql .= "author='$author', ";
			$sql .= "publisher='$publisher', ";
			$sql .= "ISBN13='$isbn', ";
			$sql .= "designfirm='$firm', ";
			$sql .= "artdirector='$ad', ";
			$sql .= "designer='$designer', ";
			$sql .= "othercredits='$addl' ";
			$sth = $rso->dosql($sql);
			
			$sql = "SELECT LAST_INSERT_ID()";
			$sth = $rso->dosql($sql);
			$nomid = $sth->fetchrow_array ();
			
			$url = "nominate-confirm.html?nomination=$nomid";
		}

	} else {
		$url = "nominate.html";		
	}
		
$m->redirect($url);
</%init>