mirror of
https://git.code.sf.net/p/quake/website
synced 2024-11-27 06:22:31 +00:00
148 lines
3.8 KiB
PHP
148 lines
3.8 KiB
PHP
|
<? // Preamble
|
||
|
$pageName = "Edit News";
|
||
|
$need = 'auth';
|
||
|
require "parts/preamble.php"; // Load most of document
|
||
|
|
||
|
if (!$userInfo['u_admin']) // no access from non-admin
|
||
|
bailout ('<P>You don\'t have access to this page. Bug an admin to delete a news post.</P>');
|
||
|
|
||
|
need ('sql');
|
||
|
|
||
|
function convertToHTML ($string)
|
||
|
{
|
||
|
$table = array_flip (get_html_translation_table (HTML_ENTITIES));
|
||
|
|
||
|
return strtr ($string, $table);
|
||
|
}
|
||
|
|
||
|
function convertFromHTML ($string)
|
||
|
{
|
||
|
$table = get_html_translation_table (HTML_ENTITIES);
|
||
|
return strtr ($string, $table);
|
||
|
}
|
||
|
|
||
|
function newsEntrySummary ($array)
|
||
|
{
|
||
|
need ("date");
|
||
|
|
||
|
return
|
||
|
'<TR>'
|
||
|
.' <TD><A href="news_edit.php?newsID=' . $array[n_id] . '">' . $array[n_id] . '</A></TD>'
|
||
|
.' <TD>' . dateFromSQLDateTime ($array[n_date]) . '</TD>'
|
||
|
.' <TD>' . $array[n_user] . '</TD>'
|
||
|
.' <TD>' . substr (convertFromHTML (StripSlashes ($array[n_news])), 0, 60) . '…</TD>'
|
||
|
.'</TR>';
|
||
|
}
|
||
|
|
||
|
function newsEntryEditor ($array)
|
||
|
{
|
||
|
need ("date");
|
||
|
|
||
|
$id = $array[n_id];
|
||
|
$usr = $array[n_user];
|
||
|
$txt = convertFromHTML(stripSlashes($array[n_news]));
|
||
|
$date = dateFromSQLDateTime($array[n_date]);
|
||
|
|
||
|
?>
|
||
|
<FORM action="editnews.php?newsID=<?=$id?>" method="post">
|
||
|
<DIV class="newsBox">
|
||
|
<DIV class="newsTitle"><H2>Edit News Entry #<?=$id?></H2></DIV>
|
||
|
<DL>
|
||
|
<DT>
|
||
|
<FONT size="-1">
|
||
|
<EM>Posted on</EM>
|
||
|
<?=$date?>
|
||
|
<EM>by</EM>
|
||
|
<STRONG>
|
||
|
<INPUT type="text" name="newsUser" size="20" value="<?=$usr?>">
|
||
|
</STRONG>
|
||
|
<INPUT align="center" type="submit" value="Modify User / Text"></INPUT>
|
||
|
</FONT>
|
||
|
</DT>
|
||
|
<DD>
|
||
|
<TEXTAREA name="newsItem" rows="25" cols="64"><?=$txt?></TEXTAREA><BR>
|
||
|
</DD>
|
||
|
</DL>
|
||
|
</DIV>
|
||
|
</FORM>
|
||
|
<?
|
||
|
}
|
||
|
|
||
|
need ('sql');
|
||
|
|
||
|
global $newsID;
|
||
|
global $newsUser;
|
||
|
global $newsItem;
|
||
|
|
||
|
$newsID = $_GET['newsID'];
|
||
|
$newsItem = $_POST['newsItem'];
|
||
|
$newsUser = $_POST['newsUser'];
|
||
|
|
||
|
if ($conn = mysql_pconnect (sqlHost, sqlRWUser, sqlRWPass)) {
|
||
|
if ($newsID) {
|
||
|
if ($newsUser && $newsItem) {
|
||
|
$newsItem = AddSlashes ($newsItem);
|
||
|
$query = "UPDATE news_main SET n_user='$newsUser', n_news='$newsItem' WHERE n_id='$newsID'";
|
||
|
if ($result = mysql_db_query (sqlDB, $query, $conn)) {
|
||
|
if ($numRows = mysql_affected_rows ($conn)) {
|
||
|
echo '<P>Your modifications have been processed successfully.';
|
||
|
} else {
|
||
|
echo '<P>Your modifications were correctly formed, but had no effect on the database.';
|
||
|
}
|
||
|
} else {
|
||
|
echo "<P>There was an error in your input. If you don't know what it is, I'm not going to tell you.";
|
||
|
}
|
||
|
} else {
|
||
|
$query = "SELECT n_id, n_date, n_user, n_news FROM news_main "
|
||
|
. "WHERE n_id=$newsID";
|
||
|
$result = mysql_db_query (sqlDB, $query, $conn);
|
||
|
if ($result) {
|
||
|
$numRows = mysql_num_rows ($result);
|
||
|
if ($numRows == 1) {
|
||
|
$news = mysql_fetch_array ($result);
|
||
|
newsEntryEditor ($news);
|
||
|
} else {
|
||
|
echo "<P>MOOOOO! Rows = $numRows";
|
||
|
}
|
||
|
} else {
|
||
|
echo "<P>MOOOOO! No result.";
|
||
|
}
|
||
|
}
|
||
|
} else {?>
|
||
|
<DIV class="newsBox">
|
||
|
<DIV class="newsTitle"><H2>Edit News</H2></DIV>
|
||
|
<TABLE width="100%">
|
||
|
<?
|
||
|
$query = 'SELECT n_id, n_date, n_user, n_news FROM news_main' .
|
||
|
' ORDER BY n_date DESC';
|
||
|
if ($result = mysql_db_query (sqlDB, $query, $conn)) {
|
||
|
if ($numRows = mysql_num_rows ($result)) {?>
|
||
|
<TR>
|
||
|
<TH align="left">ID</TH>
|
||
|
<TH align="left">Date</TH>
|
||
|
<TH align="left">User</TH>
|
||
|
<TH align="left">Text</TH>
|
||
|
</TR><?
|
||
|
|
||
|
for ($i = 0; $i < $numRows; $i++) {
|
||
|
$news[$i] = mysql_fetch_array ($result);
|
||
|
echo newsEntrySummary ($news[$i]);
|
||
|
}
|
||
|
} else {
|
||
|
}
|
||
|
} else {
|
||
|
}
|
||
|
|
||
|
tableFooter ();
|
||
|
?>
|
||
|
</DIV>
|
||
|
<?
|
||
|
}
|
||
|
} else {
|
||
|
echo '<P>You suck, butthead.';
|
||
|
}
|
||
|
?>
|
||
|
<?
|
||
|
require siteHome . "/parts/postamble.php"; // Finish this sucker up
|
||
|
?>
|