website/news_add.php

69 lines
1.9 KiB
PHP
Raw Normal View History

2007-03-16 00:49:05 +00:00
<? // Preamble
$pageName = "Add News";
$need = 'auth';
require "parts/preamble.php"; // Load most of document
function showPreview ($date, $user, $def)
{?>
<DIV class="newsBox">
<DIV class="newsTitle"><H2>Add News (Preview)</H2></DIV>
<DL>
<DT><FONT size="-1"><EM>(Will be) posted on</EM> <?=$date?> <EM>by</EM> <STRONG><?=$user?></STRONG></FONT></DT>
<DD>
<FORM action="news_add.php" method="post">
<TEXTAREA name="newsItem" rows="25" cols="64"><?=StripSlashes ($def)?></TEXTAREA><BR>
<INPUT align="center" type="submit" name="mode" value="Post"></INPUT>
<INPUT align="center" type="submit" name="mode" value="Preview"></INPUT>
</FORM>
</DD>
</DL>
</DIV>
<?}
$newsItem = $_REQUEST['newsItem'];
$mode = $_REQUEST['mode'];
if ($newsItem && $mode == "Post") {
need ('sql');
$user = ucfirst ($REMOTE_USER);
$newsItem = AddSlashes ($newsItem);
$conn = mysql_connect (sqlHost, sqlRWUser, sqlRWPass);
if ($conn) {
$query = 'INSERT into news_main (n_date, n_user, n_news) VALUES (' .
" NOW(), '$user', '$newsItem')";
$result = mysql_db_query (sqlDB, $query, $conn);
if ($result) {
$numRows = mysql_affected_rows ($conn);
if ($numRows) {
echo '<P>Your news item has been processed successfully.';
} else {
echo '<P>There was an error in your input. If you don\'t know what it is, I\'m not going to tell you.';
}
}
mysql_close ($conn);
} else {
echo '<P>You suck, butthead.';
}
} else {
$date = strftime ('%d %b %Y', time ());
$user = ucfirst ($REMOTE_USER);
if ($newsItem) {?>
<DIV class="newsBox">
<DIV class="newsTitle"><H2>Latest News</H2></DIV>
<DL>
<DT><FONT size="-1"><EM>Posted on</EM> <?=$date?> <EM>by</EM> <STRONG><?=$user?></STRONG></FONT></DT>
<DD>
<P><?=StripSlashes($newsItem)?></P>
</DD>
</DL>
</DIV>
<?}
showPreview ($date, $user, $newsItem);
}
require siteHome . "/parts/postamble.php"; // Finish this sucker up
?>