Location: PHPKode > projects > ArticleSetup > ArticleSetup-v1-1/upload/author/submit.php
<?php 
session_start();

$metatitle = "Submit a New Article - ";
include('../config.php');
include('security.php');

// Initial DB Connect (Can't use header)
	$query = 'select * from authors ' 
			 ."where username ='".$_SESSION['valid_user']."'";
				 
	$result = mysql_query($query,$connection) or die(mysql_error());
	
	//Create user data variables		
	$info = mysql_fetch_array($result);
	$id = $info['id'];
	$status = $info['status'];
	$username = $info['username'];
	$password = $info['password'];
	$mailopt = $info['mailopt']; //0 == checked
	
	// Does admin accept email submissions? 
	$query = "select * from settings";
	$result = mysql_query($query,$connection) or die(mysql_error());
	$emailinfo = mysql_fetch_array($result);
	$adminopt = $info['emailopt'];
	
	// get admin's email address
	$query = "select * from admins";
	$result = mysql_query($query,$connection) or die(mysql_error());
	$admininfo = mysql_fetch_array($result);
	$adminemail = $admininfo['email'];
	
	
	$sitequery = 'select * from settings;';
	$siteresult = mysql_query($sitequery,$connection) or die(mysql_error());
	$siteinfo = mysql_fetch_array($siteresult);
	$sitetitle = $siteinfo['title'];
	$siteurl = $siteinfo['url'];
	$skipqueue = $siteinfo['skipqueue'];

if(isset($_POST['update'])) { 

	if(get_magic_quotes_gpc()) {
		$title = $_POST['title'];
		$body = $_POST['body'];
		$resource = $_POST['resource'];
	} else {
		$title = mysql_real_escape_string($_POST['title']);
		$body = mysql_real_escape_string($_POST['body']);
		$resource = mysql_real_escape_string($_POST['resource']);
	}
	$catid = $_POST['category'];
	$mysqldate = date( 'Y-m-d H:i:s' );

//Get the category's parent id	
		$catquery = "select * from categories where id =".$catid;
		$catresult = mysql_query($catquery,$connection) or die(mysql_error());
		$catinfo = mysql_fetch_array($catresult);
		$parentid = $catinfo['parentid'];
		if (!$parentid) {
			$parentid = "NULL";
		}
	
	if ($skipqueue){	
		$sql = "INSERT INTO `articles` VALUES ( NULL, 0, ".$id.", '".$mysqldate."', '".$title."', 
				".$catid.", ".$parentid.", '".$body."', '".$resource."', NULL);";
	} else {
		$sql = "INSERT INTO `articles` VALUES ( NULL, 1, ".$id.", '".$mysqldate."', '".$title."', 
				".$catid.", ".$parentid.", '".$body."', '".$resource."', NULL);";
	}
	$query = mysql_query($sql);
	$artid = mysql_insert_id();
	
	if ($adminopt == 0) {		
		// send e-mail to ...
		$to=$adminemail; 

		// Your subject 
		$subject="Article Submission at ".$sitetitle; 

		// From 
		$header="from: Admin <".$adminemail.">"; 

		// Your message 
		$messages ="A new article titled '".$title."' has been submitted to ".$sitetitle." \r\n\n";
		if ($skipqueue){
			$messages.="Per your settings, this article was made live immediately. \r\n";
		} else {
			$messages.="This article must be approved before it goes live. To approve this article, visit: \r\n\r\n";
			$messages.= $siteurl."/admin/articlereview.php \r\n";
		}
		$messages.="QUICK DELETE: ".$siteurl."/admin/articlereview.php?deleteid=".$artid." \r\n(Clicking the above link will immediately delete the article - this cannot be undone)";
		$messages.="\r\n \r\nNOTE: you can disable these notifications from the Site Settings area of your admin panel. \r\n";

		// send email 
		$sentmail = mail($to,$subject,$messages,$header);
	}

			header('Location: articles.php?newarticle=true');
			exit();
}

include('header.php'); 

?>
<!-- LEFT SIDEBAR -->
<?php include('../sidebar.php'); 

// Call the top area of the author template
	$authortop = new Template("../templates/".$template."/author-top.tpl");
	// Outputs the page template!
	echo $authortop->output();

?>

<!-- Check If Banned -->
<?php 
if($status == 1){

echo "<br/><div class=\"alert\"><b>This account has been banned from submitting articles. Please contact the admin for more information</b></div>";

} else {
?>


<h1 style="padding-left: 15px;"> Submit a New Article</h1>

<!-- VALIDATE SUBMISSION -->
<?PHP
echo '<script type="text/javascript">
	function validateForm()
{

var x=document.forms["submission"]["title"].value
if (x==null || x=="")   {
  alert("Title cannot be blank");
  return false;
  }

var ed = tinymce.activeEditor;
var wordCount = Number(document.getElementById(\'body-word-count\').innerHTML);
if (wordCount < '.$minwords.' || wordCount > '.$maxwords.')   {
  alert("Body must be between '.$minwords.' - '.$maxwords.' words");
  return false;
  }

  
 var resource = tinyMCE.get(\'resource\').getContent();
if (resource==null || resource=="")   {
  alert("Resource cannot be blank");
  return false;
  }

}
</script>';
?>


<form style="padding-left: 15px;" name="submission" method="post" action="submit.php" onsubmit="return validateForm()" >

	<p><b>Enter the article title:</b></p>
	<input type="text" name="title" style="width:400px;">
	
	<br/><br/><p><b>Select a Category:</b></p>
	<select name="category">
<?php 
// Populates the Dropdown list with all categories and subcats
	$query = "select * from categories where parentid is null order by name;"; 
	$result = mysql_query($query,$connection) or die(mysql_error());
	$num_results = mysql_num_rows($result);
		
	for ($i=0; $i <$num_results; $i++) { 
		$row = mysql_fetch_assoc($result); 
		echo "<option value=\"".$row['id']."\">".$row['name']."</option><br/>"; 
			$query = "select * from categories where parentid =".$row['id']." order by name;"; 
			$sub_result = mysql_query($query,$connection) or die(mysql_error());
			$sub_num_results = mysql_num_rows($sub_result);
			for ($x=0; $x <$sub_num_results; $x++) { 
				$subrow = mysql_fetch_assoc($sub_result); 
				echo "<option value=\"".$subrow['id']."\"> -- ".$subrow['name']."</option><br/>";
			}	
	}
	
?>
</select>

	<br/><br/><p><b>Enter the article body:</b></p>
	</h3><textarea id="body" name="body" style="width:615px; height: 320px;"></textarea>

	<br/><br/><p><b>Enter your author resource box:</b></p>
	</h3><textarea id="resource" name="resource" style="width:615px; height: 140px;"></textarea>

	<br />
	<center><input type="submit" id="submitstyle" name="save" value="Submit Article &raquo;" /></center>
	<input name="update" type="hidden" id="update" />

</form>

<?php } // closing the check if banned ?>

<br/><br/>

<?php
// Call the bottom area of the author template
	$authorbottom = new Template("../templates/".$template."/author-bottom.tpl");
	// Outputs the page template!
	echo $authorbottom->output();

 include('../obinclude.php'); ?>
Return current item: ArticleSetup