<?
/*
| This file is part of the Igloo Weblog system.
| Igloo is available under the GNU General Public
| License. For details on the GNU General Public
| License, read the COPYING or the LICENSE file
| that you received with this distribution. If
| you did not receive one of these files with the
| distribution, you can find more information at
| http://www.gnu.org.
|
| Igloo is the creation of Brad Johnson. It is not
| based on any other works. Brad Johnson is the
| sole owner of the copyright, but he welcomes all
| to take the software, use it, modify it, change
| it, or to do whatever they can do with it under
| the provisions of the GNU General Public License.
|
| This software is provided as-is, with no warranty
| whatsoever. The author is not responsible for
| anything that may happen as a result of your
| using this software unless you have purchased an
| extended warranty. If you would like to
| purchase an extended warranty, please contact
| Brad Johnson via e-mail at hide@address.com
|
| This software may destroy your system, date your
| sister, drink your beer, eat the last of the
| potato chips, cause Democrats to get elected,
| kick your dog, burn your house, wreck your car,
| cause nuclear war, force you to kiss your
| grandmother, or make you eat brussel sprouts.
| You have been warned.
|
| If it breaks, you may feel free to keep both
| pieces.
*/
require "../config.inc";
require "$config[private]/local.inc";
$USER = getenv("REMOTE_USER");
$Results = do_mysql_query("SELECT * FROM admin_users WHERE userid='$USER'");
$Row = mysql_fetch_array($Results);
mysql_free_result($Results);
$admin_id = $Row[userid];
$email = $Row[email];
$real_name = $Row[real_name];
$date = exec("date +%A,\ %B\ %d\ @\ %l:%M:%S\ %p");
common_header();
print " <tr>\n";
print " <th>\n";
print " Addding A Story\n";
print " </th>\n";
print " </tr>\n";
if ($preview) {
$story = stripslashes($story);
$story = htmlentities($story);
$headline = stripslashes($headline);
$headline = htmlentities($headline);
print " <tr>\n";
print " <td>\n";
print " Here's your story. Check it for spelling and grammitical errors, and\n";
print " make sure that any links you might have put in here actually work!\n";
print " </td>\n";
print " </tr>\n";
print " <tr>\n";
print " <th>\n";
print " $headline\n";
print " </th>\n";
print " </tr>\n";
print " <tr>\n";
print " <td>\n";
print " <font size=\"2\">\n";
print " Posted by <a href=\"mailto:$email\">$real_name</a> on $date\n";
print " </font>\n";
print " </td>\n";
print " </tr>\n";
print " <tr>\n";
print " <td>\n";
print "  \n";
print " </td>\n";
print " </tr>\n";
print " <tr>\n";
print " <td>\n";
print " <blockquote>\n";
print " $story\n";
print " </blockquote>\n";
print " </td>\n";
print " </tr>\n";
print " <tr>\n";
print " <td>\n";
print " \n";
print " </td>\n";
print " </tr>\n";
print " <tr>\n";
print " <td>\n";
print " If the story meets your specifications, then click the \"Print Story\" button\n";
print " </td>\n";
print " </tr>\n";
print " <form action=\"/admin/add_story.php\" method=\"post\">\n";
print " <input type=\"hidden\" name=\"headline\" value=\"$headline\">\n";
print " <input type=\"hidden\" name=\"poster\" value=\"$admin_id\">\n";
print " <input type=\"hidden\" name=\"story\" value=\"$story\">\n";
print " <tr>\n";
print " <td align=\"right\">\n";
print " <input type=\"submit\" name=\"submit\" value=\"Print Story\">\n";
print " </td>\n";
print " </tr>\n";
} elseif ($submit) {
$date = exec("date +%A,\ %B\ %d\ @\ %l:%M:%S\ %p");
$Results = do_mysql_query("SELECT * FROM admin_users WHERE userid='$admin_id'")
or die("I could not SELECT FROM the database\n");
$Row = mysql_fetch_array($Results);
mysql_free_result($Results);
$admin_number = $Row[id];
$story = addslashes($story);
$story = htmlentities($story);
$headline = addslashes($headline);
$headline = htmlentities($headline);
$Results = do_mysql_query("INSERT INTO stories (headline, poster, story, time) VALUES ('$headline', '$admin_number', '$story', '$date')")
or die("I could not INSERT INTO the database\n");
print " <tr>\n";
print " <td>\n";
print " Your story has been posted.\n";
print " </td>\n";
print " </tr>\n";
} else {
print " <tr>\n";
print " <td>\n";
print " So, you want to add a story, eh? Well, better make sure it's a good one!\n";
print " </td>\n";
print " </tr>\n";
print " <form action=\"$PHP_SELF\" method=\"post\">\n";
print " <tr>\n";
print " <td>\n";
print " <input type=\"text\" name=\"headline\">\n";
print " </td>\n";
print " </tr>\n";
print " <tr>\n";
print " <td>\n";
print " <textarea wrap=\"virtual\" name=\"story\" cols=\"40\" rows=\"5\"></textarea>\n";
print " </td>\n";
print " </tr>\n";
print " <tr>\n";
print " <td align=\"right\">\n";
print " <input type=\"submit\" name=\"preview\" value=\"Preview Story\">\n";
print " </td>\n";
print " </tr>\n";
}
common_footer();
?>