good-orbit/gist:298a8625be1c5e3f78f5 Secret

## gistfile1.txt
if(isset($_POST['subComposeBlog'])) {

	$query = "SELECT COUNT(`id`) FROM `cysticBlogs` WHERE `Author` = '".$auth."' && `date` = NOW() && `status` = 'active'";
	$request = mysql_query($query,$connection) or die(mysql_error());
	$result = mysql_fetch_array($request);

	$too_many = $result['COUNT(`id`)'];
	echo $too_many;

	$valid = true;


	if($_POST['Category'] == "null") {
		$valid = false;
		$error_msgs[] = "Whoops! Please select a category for this blog.";
	}

	if(empty($_POST['blogTitle'])) {
		$valid = false;
		$error_msgs[] = "Whoops! Cannot submit a blog without a title,how are you going to attract people's attention to read your masterpiece?";

	}

	if(empty($_POST['blogBody'])) {
		$valid = false;
		$error_msgs[] = "Whoops! Cannot submit a blog without a body,that would not be a blog now would it?";

	}

	if($too_many > 3) {
		$valid = false;
		$error_msgs[] = "Whoops! Cannot submit a blog without a body,that would not be a blog now would it?";

	}


	if($valid) {

	$query = "INSERT INTO `cysticBlogs` (
										`blogTitle`,
										`blogBody`,
										`date`,
										`time`,
										`Author`,
										`Category`
									) VALUES (
										'" . mysql_real_escape_string($_POST['blogTitle']) ."',
										'" . mysql_real_escape_string($_POST['blogBody']) ."',
										'" . date("Y-m-d") ."',
										'" . date("G:i:s") ."',
										'" . $auth->id ."',
										'" . mysql_real_escape_string($_POST['Category']) ."')";

										mysql_query($query, $connection) or die (mysql_error());
										header("Location: BlogsSecurity.php");


 }
}
	if(isset($_POST['subComposeBlog'])) {

	$query = "SELECT COUNT(`id`) FROM `cysticBlogs` WHERE `Author` = '".$auth."' && `date` = NOW() && `status` = 'active'";
	$request = mysql_query($query,$connection) or die(mysql_error());
	$result = mysql_fetch_array($request);

	$too_many = $result['COUNT(`id`)'];
	echo $too_many;

	$valid = true;



	if($_POST['Category'] == "null") {
	$valid = false;
	$error_msgs[] = "Whoops! Please select a category for this blog.";
	}

	if(empty($_POST['blogTitle'])) {
	$valid = false;
	$error_msgs[] = "Whoops! Cannot submit a blog without a title,how are you going to attract people's attention to read your masterpiece?";

	}

	if(empty($_POST['blogBody'])) {
	$valid = false;
	$error_msgs[] = "Whoops! Cannot submit a blog without a body,that would not be a blog now would it?";

	}

	if($too_many > 3) {
	$valid = false;
	$error_msgs[] = "Whoops! Cannot submit a blog without a body,that would not be a blog now would it?";

	}





	if($valid) {

	$query = "INSERT INTO `cysticBlogs` (
	`blogTitle`,
	`blogBody`,
	`date`,
	`time`,
	`Author`,
	`Category`
	) VALUES (
	'" . mysql_real_escape_string($_POST['blogTitle']) ."',
	'" . mysql_real_escape_string($_POST['blogBody']) ."',
	'" . date("Y-m-d") ."',
	'" . date("G:i:s") ."',
	'" . $auth->id ."',
	'" . mysql_real_escape_string($_POST['Category']) ."')";

	mysql_query($query, $connection) or die (mysql_error());
	header("Location: BlogsSecurity.php");




	}
	}