Location: PHPKode > projects > Bloggie Lite > admin/add.php
<?

// Copyright (C) Bloggie Lite Written by : Sean
// http://www.mywebland.com , http://mybloggie.mywebland.com

// You are requested to retain this copyright notice in order to use
// this software.

//This program is free software; you can redistribute it and/or
//modify it under the terms of the GNU General Public License
//as published by the Free Software Foundation; either version 2
//of the License, or (at your option) any later version.

//This program is distributed in the hope that it will be useful,
//but WITHOUT ANY WARRANTY; without even the implied warranty of
//MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//GNU General Public License for more details.

//You should have received a copy of the GNU General Public License
//along with this program; if not, write to the Free Software
//Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.

if ( !defined('IN_BLOGGIE') )
  {
    die("You are not allowed to access this page directly !");
  }


if (!authenticate()) {
    error($lang['Error'], "Request terminated due to abnormal operations");
}

include_once($bloggie_root_path.'includes/function-format.php');

if (isset($_GET['post_id'])) $post_id=intval($_GET['post_id']);
if (isset($_GET['page']))    $page = intval($_GET['page']) ;
if (isset($_POST['category'])) { $cat_id = intval($_POST['category']); } else { $cat_id =""; }

$template->assign_vars(array(
   'FORMHEADER'       => $lang['New_post'],
   'L_FONT_SIZE'      => $lang['Font_Size'],
   'SIZE1'            => $lang['SIZE1'],
   'SIZE2'            => $lang['SIZE2'],
   'DEF_SIZE'         => $lang['DEF_SIZE'],
   'SIZE3'            => $lang['SIZE3'],
   'SIZE4'            => $lang['SIZE4'],
   'SIZE5'            => $lang['SIZE5'],
));

$sql= "SELECT ".CAT_TBL.".cat_desc , ".CAT_TBL.".cat_id
FROM ".CAT_TBL."
ORDER BY ".CAT_TBL.".cat_desc ASC";
if( !($result = $db->sql_query($sql)) )
   {
    $sql_error = $db->sql_error();         //214
    error($lang['Error'], 'SQL Query Error : '.$sql_error['message'].' !');
   }
$result = $db->sql_query($sql) ;
//$row = $db->sql_fetchrow($result);
while ($row = $db->sql_fetchrow($result)) {
if ( $row['cat_id'] <> $cat_id ){
   $template->assign_block_vars('option', array(
          'DB_CATEGORY'      => $row['cat_desc'],
          'DB_CAT_ID'        => $row['cat_id'],
          ));
   }
    else
   { $template->assign_block_vars('optionselected', array(
          'DB_CATEGORY'      => $row['cat_desc'],
          'DB_CAT_ID'        => $row['cat_id'],
          ));
   }
}

include ('../includes/smiley-list.php');
for ($i=1; $i<($smileyno+1); $i++) {
 $template->assign_block_vars('smileyblock', array(
          'SMILEY'                 => $smileydata[$i]['smiley'],
          'SMILEY_FILENAME'        => $smileydata[$i]['filename'],
          'SMILEY_DESC'            => $smileydata[$i]['desc'],
          ));
}

include ('../includes/color-list.php');
for ($i=1; $i<($no_of_colors+1); $i++) {
 $template->assign_block_vars('coloroptions', array(
          'CLR_CODE'        => $color[$i]['colorcode'],
          'CLR_NAME'        => $color[$i]['colorname'],
          ));
}


if (isset($_POST["preview"])){

$message = $_POST['message'];
$subject = $_POST['subject'];

if (isset($_POST['edit_date']))       { $edit_date       = $_POST['edit_date']; } else { $edit_date  = 0; }
if (isset($_POST['enable_comment']))  { $enable_comment  = $_POST['enable_comment']; } else { $enable_comment  = 0; }
if (isset($_POST['enable_ping']))     { $enable_ping     = $_POST['enable_ping']; } else { $enable_ping  = 0; }

//if ($edit_date)
//{
   $hh  = $_POST['hh'];
   $min = $_POST['min'];
   $ss  = $_POST['sec'];
   $mm  = $_POST['mm'];
   $dd  = $_POST['dd'];
   $yy  = $_POST['yy'];

   $nn  = $mth_text[$mm-1];
   $disp_mth_opt = "";
   for ($i=0; $i<12; $i++ ) {
      if ( $nn != $mth_text[$i] ){
          $disp_mth_opt .="<option value=\"".($i+1)."\">".$mth_text[$i]."</option>";
      }
      else
      {
          $disp_mth_opt .="<option value=\"".($i+1)."\" selected=\"selected\">".$mth_text[$i]."</option>" ;
      }
   }
      $template->assign_block_vars('monthoption', array(
        'MTH_OPTION'  => $disp_mth_opt,
      ));
//}

if (isset($_POST["trackback_url"])) {$trackback_url = $_POST['trackback_url']; }

$sqlcat= "SELECT ".CAT_TBL.".cat_desc
FROM ".CAT_TBL."
WHERE ".CAT_TBL.".cat_id ='".$cat_id."'";
if( !($result = $db->sql_query($sqlcat)) )
   {
    $sql_error = $db->sql_error();
    error($lang['Error'], 'SQL Query Error : '.$sql_error['message'].' !');
   }
$resultcat = $db->sql_query($sqlcat) ;
$rowcat = $db->sql_fetchrow($resultcat);

$category  = $rowcat['cat_desc'];

if (isset($message)) {

if ($pref_data['post_html_safe']=="no") {
    $premessage = trim($message);
    $presubject = trim($subject);   }

else {
    $premessage = preg_replace($html_entities_match, $html_entities_replace, $message);
    $presubject = preg_replace($html_entities_match, $html_entities_replace, $subject);
    }
    $premessage = viewbbcode($premessage);
    $premessage = viewlink($premessage);
    $premessage = autolink($premessage);
    $premessage = viewsmile($premessage);
    $premessage = nl2br($premessage);

if ($edit_date) {
$timestamp = mktime($hh, $min, $ss, $mm, $dd, $yy);
$checked = "checked";
}
else {
$timestamp = mktime(gmtdate('H', time(), $timezone ),
                    gmtdate('i', time(), $timezone ),
                    gmtdate('s', time(), $timezone ),
                    gmtdate('n', time(), $timezone ),
                    gmtdate('d', time(), $timezone ),
                    gmtdate('Y', time(), $timezone ));
$checked = "";
}
$checkedp = ($enable_ping) ? "checked" : "";
$checkedc = ($enable_comment) ? "checked" : "";

$posttime = date("h:i:s a", $timestamp) ;
$postdate = date("d M Y", $timestamp) ;

       $template->assign_block_vars('preview', array('L_PREVIEW'  => $lang['Preview'], ));
       $template->assign_block_vars('blogparse', array(
          'USER_NAME'        => $userdata['username'],
          'SUBJECT'          => stripslashes($presubject),
          'MESSAGE'          => stripslashes($premessage),
          'TIME'             => $posttime ,
          'DATE'             => $postdate ,
          'L_COMMENT'        => $lang['Comments'],
          'L_CATEGORY'       => $lang['Category'],
          'L_POSTED_BY'      => $lang['Posted By'],
          'L_TIME'           => $lang['Time'],
          'CATEGORY'         => $category,
          'U_COMMENT'        => $_SERVER['PHP_SELF']."?select=viewcat&amp;post_id=".$row['post_id'],
));

       $template->assign_vars(array(

          'SUBJECT'          => trim((stripslashes(preg_replace($html_entities_match, $html_entities_replace, $subject)))),
          'MESSAGE'          => trim((stripslashes(preg_replace($html_entities_match, $html_entities_replace, $message)))),
          'TIME'             => $posttime ,
          'DATE'             => $postdate ,
          'U_CATEGORY'       => $category,
          'DATE'             => $postdate,
          'CHECKED'          => $checked,
          'POST_DATE'        =>  $dd,
          'POST_YEAR'        =>  $yy,
          'POST_HOUR'        =>  $hh,
          'POST_MIN'         =>  $min,
          'POST_SEC'         =>  $ss,
          'L_DEFAULT'        => $lang['Default'],
          'CHECKEDC'         => $checkedc,
          'CHECKEDP'         => $checkedp,
          'L_ENABLE_PING'    => $lang['Enable_Ping'],
          'L_ENABLE_COMMENT' => $lang['Enable_Comment'],
          'L_OPTIONS'        => $lang['Options'],
        ));
       $template->pparse('blog_body');
       $template->pparse('formsubmit');
    } else {
             error($lang['Error'],$lang['Msg_empty_msg']);
            }

   }
   elseif (isset($_POST["submit"])) {
      $subject = $_POST['subject'];
      $message = $_POST['message'];

      if (isset($_POST['edit_date']))  { $edit_date  = $_POST['edit_date']; } else { $edit_date  = 0; }
      if (isset($_POST['enable_comment']))  { $enable_comment  = $_POST['enable_comment']; } else { $enable_comment  = 0; }
      if (isset($_POST['enable_ping']))     { $enable_ping     = $_POST['enable_ping']; } else { $enable_ping  = 0; }

      $hh  = $_POST['hh'];
      $min = $_POST['min'];
      $ss  = $_POST['sec'];
      $mm  = $_POST['mm'];
      $dd  = $_POST['dd'];
      $yy  = $_POST['yy'];

//      if (isset($_POST["trackback_url"])) {$trackback_url = $_POST['trackback_url']; }

      if (isset($message)) {

      if (!$pref_data['post_html_safe']) {
      $subject = trim($subject);
      $message = trim($message);  }
      else
      {

       $message = preg_replace($html_entities_match, $html_entities_replace, $message);
       $subject = preg_replace($html_entities_match, $html_entities_replace, $subject);
      }

      $message = trim($message);

      if ($edit_date) {
         $timestamp = mktime($hh, $min, $ss, $mm, $dd, $yy);
         $checked = "checked";
      }
      else {
         $timestamp = mktime(gmtdate('H', time(), $timezone ),
                      gmtdate('i', time(), $timezone ),
                      gmtdate('s', time(), $timezone ),
                      gmtdate('n', time(), $timezone ),
                      gmtdate('d', time(), $timezone ),
                      gmtdate('Y', time(), $timezone ));
         $checked = "";
      }

//      if (!get_magic_quotes_gpc()) {
//      $subject = addslashes($subject);
//      $message = addslashes($message);
//      }

      if ($enable_trackback=1 and (isset($_POST["trackback_url"]) and !empty($_POST["trackback_url"])) ) {
      $post_urls            = $_POST["trackback_url"];
      $tb['blogEntryTitle'] = $subject;
      $tb['blogEntryURL']   = $myblogURL;
      $tb['blogName']       = $myblogname;
      $tb['blogExcerpt']    = $message;
      multi_tb($post_urls, $tb) ;
      $tbstatus ="<br /><br /><center><div class=\"quote\">".$lang['Trackback_status']." : <br />".$tbreply."</div></center>";
      }
      else { $tbstatus ="";  }

       $perm_subj= str_replace(" ","-",trim(ereg_replace("[^[:space:]a-zA-Z0-9]", " ", $subject)));
       $perm_subj =strtolower($perm_subj);
       $perm_subj = sanitize_url_subject($perm_subj);
       $perm_subj = unique_permasubj($perm_subj, $post_id="") ;
       $message = trim($message);

      $sql = "INSERT INTO ".POST_TBL." SET user_id='$userid', subject='$subject', message='$message', timestamp='$timestamp', cat_id='$cat_id',
              allow_ping='$enable_ping', allow_comments='$enable_comment',  perm_subj='$perm_subj'" ;
      if( !($result = $db->sql_query($sql)) )
      {
         $sql_error = $db->sql_error();         //214
         error($lang['Error'], 'SQL Query Error : '.$sql_error['message'].' !');
      }
      message($lang['New_post'], $lang['Msg_posted'].".........".$tbstatus."<br /><br />Click <a href=\"".$site_url."/admin/admin.php\"> >Here< </a> if redirect failed ");
      metaredirect(self_url()."/admin.php?mode=add",3);
      }
   }
   else {
    $template->assign_block_vars('showtrackback', array(
          'L_TRACKBACK_URLS' => $lang['Trackback_urls'],
          ));

      $nn  = date('F');
      $disp_mth_opt = "";
      for ($i=0; $i<12; $i++ ) {
        if ( $nn != $mth_text[$i] ){
           $disp_mth_opt .="<option value=\"".($i+1)."\">".$mth_text[$i]."</option>";
        }
        else
        {
          $disp_mth_opt .="<option value=\"".($i+1)."\" selected=\"selected\">".$mth_text[$i]."</option>" ;
        }
      }
      $template->assign_block_vars('monthoption', array(
        'MTH_OPTION'  => $disp_mth_opt,
      ));

      $hh  = gmtdate('H', time(), $timezone );
      $min = gmtdate('i', time(), $timezone );
      $ss  = gmtdate('s', time(), $timezone );
      $mm  = gmtdate('n', time(), $timezone );
      $dd  = gmtdate('d', time(), $timezone );
      $yy  = gmtdate('Y', time(), $timezone );


      $template->assign_vars(array(
     'POST_DATE'      =>  $dd,
     'POST_YEAR'      =>  $yy,
     'POST_HOUR'      =>  $hh,
     'POST_MIN'       =>  $min,
     'POST_SEC'       =>  $ss,
     ));

    $template->pparse('formsubmit');
    }
unset($mth_text) ;
?>
Return current item: Bloggie Lite