website/news_del.php
2007-03-16 00:49:05 +00:00

86 lines
2.4 KiB
PHP

<? // Preamble
$pageName = "Delete News";
$need = 'auth';
require "parts/preamble.php"; // Load most of document
if (!$userInfo['u_admin']) // no access from non-admin
bailout ('<P>You don\'t have access to this page. Bug an admin to delete a news post.</P>');
need ('sql');
function convertToHTML ($string)
{
$table = array_flip (get_html_translation_table (HTML_ENTITIES));
return strtr ($string, $table);
}
function convertFromHTML ($string)
{
$table = get_html_translation_table (HTML_ENTITIES);
return strtr ($string, $table);
}
function newsEntry ($array)
{
need ('date');
return
'<TR>'
.' <TD><A href="news_del.php?newsID=' . $array[n_id] . '">' . $array[n_id] . '</A></TD>'
.' <TD>' . dateFromSQLDateTime ($array[n_date]) . '</TD>'
.' <TD>' . $array[n_user] . '</TD>'
.' <TD>' . substr (convertFromHTML (StripSlashes ($array[n_news])), 0, 60) . '&#8230;</TD>'
.'</TR>';
}
$newsID = $_REQUEST['newsID'];
if ($conn = mysql_pconnect (sqlHost, sqlRWUser, sqlRWPass)) {
if ($newsID) {
$query = "DELETE FROM news_main WHERE n_id='$newsID'";
if ($result = mysql_db_query (sqlDB, $query, $conn)) {
if ($numRows = mysql_affected_rows ($conn)) {
echo "<P>News entry $newsID has been deleted successfully.";
} else {
echo '<P>There was an error in your input. If you don\'t know what it is, I\'m not going to tell you.';
}
}
}
?>
<DIV class="newsBox">
<DIV class="newsTitle"><H2>Edit News</H2></DIV>
<TABLE width="100%">
<?
$query = 'SELECT n_id, n_date, n_user, n_news FROM news_main'
.' ORDER BY n_date DESC';
if ($result = mysql_db_query (sqlDB, $query, $conn)) {
if ($numRows = mysql_num_rows ($result)) {?>
<TR>
<TH align="left">ID</TH>
<TH align="left">Date</TH>
<TH align="left">User</TH>
<TH align="left">Text</TH>
</TR><?
for ($i = 0; $i < $numRows; $i++) {
$news[$i] = mysql_fetch_array ($result);
echo newsEntry ($news[$i]);
}
} else {
echo '<P>No matching news entries.</P>';
}
} else {
echo '<P>Somebody screwed up, and MySQL said "' . mysql_error() . '". Bug a project admin or somethin\' eh?</P>';
}
?>
</TABLE>
</DIV>
<?
} else {
echo '<P>Couldn\'t connect to the SQL server with the password you gave. <STRONG>(&quot;You suck, butthead.&quot;)</STRONG></P>';
}
require siteHome . "/parts/postamble.php"; // Finish this sucker up
?>