mirror of https://git.code.sf.net/p/quake/website
87 lines
2.4 KiB
PHP
87 lines
2.4 KiB
PHP
<? // Preamble
|
|
$pageName = "Delete News";
|
|
$need = 'auth';
|
|
require "parts/preamble.php"; // Load most of document
|
|
|
|
if (!$userInfo['u_admin']) // no access from non-admin
|
|
bailout ('<P>You don\'t have access to this page. Bug an admin to delete a news post.</P>');
|
|
|
|
need ('sql');
|
|
|
|
function convertToHTML ($string)
|
|
{
|
|
$table = array_flip (get_html_translation_table (HTML_ENTITIES));
|
|
|
|
return strtr ($string, $table);
|
|
}
|
|
|
|
function convertFromHTML ($string)
|
|
{
|
|
$table = get_html_translation_table (HTML_ENTITIES);
|
|
return strtr ($string, $table);
|
|
}
|
|
|
|
function newsEntry ($array)
|
|
{
|
|
need ('date');
|
|
|
|
return
|
|
'<TR>'
|
|
.' <TD><A href="news_del.php?newsID=' . $array[n_id] . '">' . $array[n_id] . '</A></TD>'
|
|
.' <TD>' . dateFromSQLDateTime ($array[n_date]) . '</TD>'
|
|
.' <TD>' . $array[n_user] . '</TD>'
|
|
.' <TD>' . substr (convertFromHTML (StripSlashes ($array[n_news])), 0, 60) . '…</TD>'
|
|
.'</TR>';
|
|
}
|
|
|
|
$newsID = $_REQUEST['newsID'];
|
|
|
|
if ($conn = mysql_pconnect (sqlHost, sqlRWUser, sqlRWPass)) {
|
|
if ($newsID) {
|
|
$query = "DELETE FROM news_main WHERE n_id='$newsID'";
|
|
if ($result = mysql_db_query (sqlDB, $query, $conn)) {
|
|
if ($numRows = mysql_affected_rows ($conn)) {
|
|
echo "<P>News entry $newsID has been deleted successfully.";
|
|
} else {
|
|
echo '<P>There was an error in your input. If you don\'t know what it is, I\'m not going to tell you.';
|
|
}
|
|
}
|
|
}
|
|
|
|
?>
|
|
<DIV class="newsBox">
|
|
<DIV class="newsTitle"><H2>Edit News</H2></DIV>
|
|
<TABLE width="100%">
|
|
<?
|
|
$query = 'SELECT n_id, n_date, n_user, n_news FROM news_main'
|
|
.' ORDER BY n_date DESC';
|
|
if ($result = mysql_db_query (sqlDB, $query, $conn)) {
|
|
if ($numRows = mysql_num_rows ($result)) {?>
|
|
<TR>
|
|
<TH align="left">ID</TH>
|
|
<TH align="left">Date</TH>
|
|
<TH align="left">User</TH>
|
|
<TH align="left">Text</TH>
|
|
</TR><?
|
|
|
|
for ($i = 0; $i < $numRows; $i++) {
|
|
$news[$i] = mysql_fetch_array ($result);
|
|
echo newsEntry ($news[$i]);
|
|
}
|
|
} else {
|
|
echo '<P>No matching news entries.</P>';
|
|
}
|
|
} else {
|
|
echo '<P>Somebody screwed up, and MySQL said "' . mysql_error() . '". Bug a project admin or somethin\' eh?</P>';
|
|
}
|
|
?>
|
|
</TABLE>
|
|
</DIV>
|
|
<?
|
|
} else {
|
|
echo '<P>Couldn\'t connect to the SQL server with the password you gave. <STRONG>("You suck, butthead.")</STRONG></P>';
|
|
}
|
|
|
|
require siteHome . "/parts/postamble.php"; // Finish this sucker up
|
|
?>
|