website/news_del.php

105 lines
2.9 KiB
PHP
Raw Normal View History

2007-03-16 00:49:05 +00:00
<? // Preamble
$pageName = "Delete News";
$need = 'auth';
require 'parts/preamble.php'; // Load most of document
2007-03-16 00:49:05 +00:00
if (!$userInfo['u_admin']) // no access from non-admin yet
bailout ("<P>You don't have access to this page (yet?). Bug an admin to delete a news post.</P>");
2007-03-16 00:49:05 +00:00
need ('boxes news sql');
2007-03-16 00:49:05 +00:00
function convertToHTML ($string)
{
$table = array_flip (get_html_translation_table (HTML_ENTITIES));
return strtr ($string, $table);
}
function convertFromHTML ($string)
{
$table = get_html_translation_table (HTML_ENTITIES);
2007-03-16 00:49:05 +00:00
return strtr ($string, $table);
}
function newsEntrySummary ($it)
2007-03-16 00:49:05 +00:00
{
need ("date");
2007-03-16 00:49:05 +00:00
return
'<TR>'
.' <TD><A href="' . thisURL . '?newsID=' . $it['n_id'] . '">' . $it['n_id'] . '</A></TD>'
.' <TD>' . dateFromSQLDateTime ($it['n_date']) . '</TD>'
.' <TD>' . $it['n_user'] . '</TD>'
.' <TD>' . substr (convertFromHTML (stripSlashes ($it['n_news'])), 0, 50) . '&#8230;</TD>'
2007-03-16 00:49:05 +00:00
.'</TR>';
}
function newsEntryConfirmation ($a)
{
need ("date");
$id = $a['n_id'];
newsBoxOpen ();
newsBoxTitle ("Confirmation: Delete #$id?", thisURL . "?newsID=$id&confirm=yes");
printNewsArray ($a);
newsBoxClose ();
}
$newsID = addSlashes ($_REQUEST['newsID']);
$confirm = $_REQUEST['confirm'];
2007-03-16 00:49:05 +00:00
if ($newsID) {
if ($confirm) {
2007-03-16 00:49:05 +00:00
$query = "DELETE FROM news_main WHERE n_id='$newsID'";
$rows = sqlWriteQuery ($query);
if ($rows === null) {
echo "<P>Bad mojo, man. I couldn't talk to the SQL server. It said '$sqlError'.</P>";
} elseif ($rows === false) {
echo "<P>Something bad happened, and MySQL said '$sqlError'. Bug an admin.</P>";
} elseif (!$rows) {
echo "<P>News entry $newsID didn't exist.";
} else {
echo "<P>News entry $newsID has been deleted.";
}
} else {
$query = 'SELECT n_id, n_date, n_user, n_news FROM news_main'
." WHERE n_id='$newsID'";
$entries = sqlReadQuery ($query);
if ($entries === null) {
echo "<P>Bad mojo, man. I couldn't talk to the SQL server. It said '$sqlError'.</P>";
} elseif ($entries === false) {
echo "<P>Something bad happened, and MySQL said '$sqlError'. Bug an admin.</P>";
} elseif (count ($entries) == 1) {
newsEntryConfirmation ($entries[0]);
} else {
echo "<P>This shouldn't even be possible, but there's more than one news entry with ID '$newsID'!</P>";
2007-03-16 00:49:05 +00:00
}
}
} else {
newsBoxOpen ("All News Postings");
2007-03-16 00:49:05 +00:00
$query = 'SELECT n_id, n_date, n_user, n_news FROM news_main'
.' ORDER BY n_date DESC';
$entries = sqlReadQuery ($query);
if ($entries && is_array ($entries) && count ($entries)) {
tableHeader ("100%");
?><TR>
<TH align="left">ID</TH>
<TH align="left">Date</TH>
<TH align="left">User</TH>
<TH align="left">Text</TH>
</TR><?
for ($i = 0; $i < count ($entries); $i++) {
echo newsEntrySummary ($entries[$i]);
2007-03-16 00:49:05 +00:00
}
tableFooter ();
2007-03-16 00:49:05 +00:00
} else {
echo "<P>No news available.";
2007-03-16 00:49:05 +00:00
}
newsBoxClose ();
2007-03-16 00:49:05 +00:00
}
?>