website/news_del.php

<?	// Preamble
	$pageName = "Delete News";
	$need = 'auth';
	require "parts/preamble.php";		// Load most of document

	if (!$userInfo['u_admin'])	// no access from non-admin
		bailout ('<P>You don\'t have access to this page. Bug an admin to delete a news post.</P>');

	need ('sql');

	function convertToHTML ($string)
	{
		$table = array_flip (get_html_translation_table (HTML_ENTITIES));

		return strtr ($string, $table);
	}

	function convertFromHTML ($string)
	{
		$table = get_html_translation_table (HTML_ENTITIES);
		return strtr ($string, $table);
	}

	function newsEntry ($array)
	{
		need ('date');

		return
			'<TR>'
			.'	<TD><A href="news_del.php?newsID=' . $array[n_id] . '">' . $array[n_id] . '</A></TD>'
			.'	<TD>' . dateFromSQLDateTime ($array[n_date]) . '</TD>'
			.'	<TD>' . $array[n_user] . '</TD>'
			.'	<TD>' . substr (convertFromHTML (StripSlashes ($array[n_news])), 0, 60) . '&#8230;</TD>'
			.'</TR>';
	}

	$newsID = $_REQUEST['newsID'];

	if ($conn = mysql_pconnect (sqlHost, sqlRWUser, sqlRWPass)) {
		if ($newsID) {
			$query = "DELETE FROM news_main WHERE n_id='$newsID'";
			if ($result = mysql_db_query (sqlDB, $query, $conn)) {
				if ($numRows = mysql_affected_rows ($conn)) {
					echo "<P>News entry $newsID has been deleted successfully.";
				} else {
					echo '<P>There was an error in your input. If you don\'t know what it is, I\'m not going to tell you.';
				}
			}
		}

		?>
		<DIV class="newsBox">
			<DIV class="newsTitle"><H2>Edit News</H2></DIV>
			<TABLE width="100%">
		<?
		$query = 'SELECT n_id, n_date, n_user, n_news FROM news_main'
				.' ORDER BY n_date DESC';
		if ($result = mysql_db_query (sqlDB, $query, $conn)) {
			if ($numRows = mysql_num_rows ($result)) {?>
				<TR>
					<TH align="left">ID</TH>
					<TH align="left">Date</TH>
					<TH align="left">User</TH>
					<TH align="left">Text</TH>
				</TR><?

				for ($i = 0; $i < $numRows; $i++) {
					$news[$i] = mysql_fetch_array ($result);
					echo newsEntry ($news[$i]);
				}
			} else {
				echo '<P>No matching news entries.</P>';
			}
		} else {
			echo '<P>Somebody screwed up, and MySQL said "' . mysql_error() . '". Bug a project admin or somethin\' eh?</P>';
		}
		?>
			</TABLE>
		</DIV>
		<?
	} else {
		echo '<P>Couldn\'t connect to the SQL server with the password you gave. <STRONG>(&quot;You suck, butthead.&quot;)</STRONG></P>';
	}

	require siteHome . "/parts/postamble.php";	// Finish this sucker up
?>
yay, a little more functionality. 2007-03-16 00:49:05 +00:00			`<? // Preamble`
			`$pageName = "Delete News";`
			`$need = 'auth';`
			`require "parts/preamble.php"; // Load most of document`

			`if (!$userInfo['u_admin']) // no access from non-admin`
			`bailout ('<P>You don\'t have access to this page. Bug an admin to delete a news post.</P>');`

			`need ('sql');`

			`function convertToHTML ($string)`
			`{`
			`$table = array_flip (get_html_translation_table (HTML_ENTITIES));`

			`return strtr ($string, $table);`
			`}`

			`function convertFromHTML ($string)`
			`{`
			`$table = get_html_translation_table (HTML_ENTITIES);`
			`return strtr ($string, $table);`
			`}`

			`function newsEntry ($array)`
			`{`
			`need ('date');`

			`return`
			`'<TR>'`
			`.' <TD><A href="news_del.php?newsID=' . $array[n_id] . '">' . $array[n_id] . '</A></TD>'`
			`.' <TD>' . dateFromSQLDateTime ($array[n_date]) . '</TD>'`
			`.' <TD>' . $array[n_user] . '</TD>'`
			`.' <TD>' . substr (convertFromHTML (StripSlashes ($array[n_news])), 0, 60) . '…</TD>'`
			`.'</TR>';`
			`}`

			`$newsID = $_REQUEST['newsID'];`

			`if ($conn = mysql_pconnect (sqlHost, sqlRWUser, sqlRWPass)) {`
			`if ($newsID) {`
			`$query = "DELETE FROM news_main WHERE n_id='$newsID'";`
			`if ($result = mysql_db_query (sqlDB, $query, $conn)) {`
			`if ($numRows = mysql_affected_rows ($conn)) {`
			`echo "<P>News entry $newsID has been deleted successfully.";`
			`} else {`
			`echo '<P>There was an error in your input. If you don\'t know what it is, I\'m not going to tell you.';`
			`}`
			`}`
			`}`

			`?>`
			`<DIV class="newsBox">`
			`<DIV class="newsTitle"><H2>Edit News</H2></DIV>`
			`<TABLE width="100%">`
			`<?`
			`$query = 'SELECT n_id, n_date, n_user, n_news FROM news_main'`
			`.' ORDER BY n_date DESC';`
			`if ($result = mysql_db_query (sqlDB, $query, $conn)) {`
			`if ($numRows = mysql_num_rows ($result)) {?>`
			`<TR>`
			`<TH align="left">ID</TH>`
			`<TH align="left">Date</TH>`
			`<TH align="left">User</TH>`
			`<TH align="left">Text</TH>`
			`</TR><?`

			`for ($i = 0; $i < $numRows; $i++) {`
			`$news[$i] = mysql_fetch_array ($result);`
			`echo newsEntry ($news[$i]);`
			`}`
			`} else {`
			`echo '<P>No matching news entries.</P>';`
			`}`
			`} else {`
			`echo '<P>Somebody screwed up, and MySQL said "' . mysql_error() . '". Bug a project admin or somethin\' eh?</P>';`
			`}`
			`?>`
			`</TABLE>`
			`</DIV>`
			`<?`
			`} else {`
			`echo '<P>Couldn\'t connect to the SQL server with the password you gave. <STRONG>("You suck, butthead.")</STRONG></P>';`
			`}`

			`require siteHome . "/parts/postamble.php"; // Finish this sucker up`
			`?>`