qf/website
0
0
Fork 0
mirror of https://git.code.sf.net/p/quake/website synced 2024-11-27 06:22:31 +00:00
Code Issues Projects Releases Packages Wiki Activity
website/news_edit.php

148 lines
3.8 KiB
PHP
Raw Normal View History

yay, a little more functionality.
2007-03-16 00:49:05 +00:00
<? // Preamble
$pageName = "Edit News";
$need = 'auth';
require "parts/preamble.php"; // Load most of document
if (!$userInfo['u_admin']) // no access from non-admin
bailout ('<P>You don\'t have access to this page. Bug an admin to delete a news post.</P>');
need ('sql');
function convertToHTML ($string)
{
$table = array_flip (get_html_translation_table (HTML_ENTITIES));
return strtr ($string, $table);
}
function convertFromHTML ($string)
{
$table = get_html_translation_table (HTML_ENTITIES);
return strtr ($string, $table);
}
function newsEntrySummary ($array)
{
need ("date");
return
'<TR>'
.' <TD><A href="news_edit.php?newsID=' . $array[n_id] . '">' . $array[n_id] . '</A></TD>'
.' <TD>' . dateFromSQLDateTime ($array[n_date]) . '</TD>'
.' <TD>' . $array[n_user] . '</TD>'
Shrink the displayed news entry a little.
2007-03-16 00:55:24 +00:00
.' <TD>' . substr (convertFromHTML (StripSlashes ($array[n_news])), 0, 50) . '&#8230;</TD>'
yay, a little more functionality.
2007-03-16 00:49:05 +00:00
.'</TR>';
}
function newsEntryEditor ($array)
{
need ("date");
$id = $array[n_id];
$usr = $array[n_user];
$txt = convertFromHTML(stripSlashes($array[n_news]));
$date = dateFromSQLDateTime($array[n_date]);
?>
<FORM action="editnews.php?newsID=<?=$id?>" method="post">
<DIV class="newsBox">
<DIV class="newsTitle"><H2>Edit News Entry #<?=$id?></H2></DIV>
<DL>
<DT>
<FONT size="-1">
<EM>Posted on</EM>
<?=$date?>
<EM>by</EM>
<STRONG>
<INPUT type="text" name="newsUser" size="20" value="<?=$usr?>">
</STRONG>
<INPUT align="center" type="submit" value="Modify User / Text"></INPUT>
</FONT>
</DT>
<DD>
<TEXTAREA name="newsItem" rows="25" cols="64"><?=$txt?></TEXTAREA><BR>
</DD>
</DL>
</DIV>
</FORM>
<?
}
need ('sql');
global $newsID;
global $newsUser;
global $newsItem;
$newsID = $_GET['newsID'];
$newsItem = $_POST['newsItem'];
$newsUser = $_POST['newsUser'];
if ($conn = mysql_pconnect (sqlHost, sqlRWUser, sqlRWPass)) {
if ($newsID) {
if ($newsUser && $newsItem) {
$newsItem = AddSlashes ($newsItem);
$query = "UPDATE news_main SET n_user='$newsUser', n_news='$newsItem' WHERE n_id='$newsID'";
if ($result = mysql_db_query (sqlDB, $query, $conn)) {
if ($numRows = mysql_affected_rows ($conn)) {
echo '<P>Your modifications have been processed successfully.';
} else {
echo '<P>Your modifications were correctly formed, but had no effect on the database.';
}
} else {
echo "<P>There was an error in your input. If you don't know what it is, I'm not going to tell you.";
}
} else {
$query = "SELECT n_id, n_date, n_user, n_news FROM news_main "
. "WHERE n_id=$newsID";
$result = mysql_db_query (sqlDB, $query, $conn);
if ($result) {
$numRows = mysql_num_rows ($result);
if ($numRows == 1) {
$news = mysql_fetch_array ($result);
newsEntryEditor ($news);
} else {
echo "<P>MOOOOO! Rows = $numRows";
}
} else {
echo "<P>MOOOOO! No result.";
}
}
} else {?>
<DIV class="newsBox">
<DIV class="newsTitle"><H2>Edit News</H2></DIV>
<TABLE width="100%">
<?
$query = 'SELECT n_id, n_date, n_user, n_news FROM news_main' .
' ORDER BY n_date DESC';
if ($result = mysql_db_query (sqlDB, $query, $conn)) {
if ($numRows = mysql_num_rows ($result)) {?>
<TR>
<TH align="left">ID</TH>
<TH align="left">Date</TH>
<TH align="left">User</TH>
<TH align="left">Text</TH>
</TR><?
for ($i = 0; $i < $numRows; $i++) {
$news[$i] = mysql_fetch_array ($result);
echo newsEntrySummary ($news[$i]);
}
} else {
}
} else {
}
tableFooter ();
?>
</DIV>
<?
}
} else {
echo '<P>You suck, butthead.';
}
?>
<?
require siteHome . "/parts/postamble.php"; // Finish this sucker up
?>
Reference in a new issue Copy permalink