Location: PHPKode > projects > Exero CMS > upload/admin/pages.php
<?
/*========================================*\
| Exero CMS                                |
|==========================================|
|          http://ecms.getox.net           |
|https://sourceforge.net/projects/exerocms/|
|==========================================|
|     Exero CMS is released under the      |
|     GNU General Public License (GPL)     |
| opensource.org/licenses/gpl-license.php  |
\*========================================*/

require("global.php");
if(!checkadminsession()) {
	print_login();
	exit;
}

if(!adminpermissions("managepages")) {
	print_no_permission();
	exit;
}

if($_REQUEST['do'] == "") {
	print_cp_header("Page Manager");

	print_topmenu(array("pages.php?do=create"=>"New Page"),"14","bold");

	print_table_header("Pages","2","","1");
	print_multicol_row(array("Pages[align:left]"=>"","Options[align:right]"=>"140"),"optiontitle");
	$getpages = $db->query("SELECT * FROM ".TABLE_PREFIX."custompages ORDER BY title ASC");
	while($pageinfo = $db->fetch_array($getpages)) {
		print_multicol_row(array($pageinfo['title']."[align:left]"=>"","<a href=\"pages.php?do=edit&page=".$pageinfo['ident']."\">Edit</a>, <a href=\"pages.php?do=delete&page=".$pageinfo['ident']."\">Delete</a>[align:right]"=>"140"));
	}
	print_table_footer();

	print_cp_footer();
} else if($_REQUEST['do'] == "create") {
	$create = 0;
	$error = array();
	if($_POST['action'] == "submit") {
		$create = 1;
		if(empty($_POST['ident'])) {
			$error[] = "You must enter a page Identification";
			$create = 0;
			$showerror = 1;
		} else {
			$checkident = $db->num_rows($db->query("SELECT * FROM ".TABLE_PREFIX."custompages WHERE ident='".$db->real_escape_string($_POST['ident'])."' LIMIT 1"));
			if($checkident == "1") {
				$error[] = "Page Identification aleady in use";
				$showerror = 1;
				$create = 0;
			}
		}
	}
	if(!$create) {
		print_cp_header("New Page");
		
		if($showerror) {
			print_error($error);
		}
		
		print_form_header("pages.php?do=create","create");
		print_form_hiddenfield("action","submit");
		print_table_header("New Page","2");
		print_form_textbox("Title","title",$_POST['title']);
		print_form_textbox("Identification<br>Used in the URL","ident",$_POST['ident']);
		print_table_optiontitle("Page Content","","2");
		print_form_textarearow("page",htmlspecialchars($_POST['page']),"2","90","10","");
		print_form_submit("Submit","2","0");
		print_table_footer();
		print_form_footer();
		
		print_cp_footer();
	} else {
		$db->query("INSERT INTO ".TABLE_PREFIX."custompages VALUES(
		'".$db->real_escape_string($_POST['ident'])."',
		'".$db->real_escape_string($_POST['title'])."',
		'".$db->real_escape_string($_POST['page'])."')");
		print_redirect("pages.php","Page Created","Page Created.");
	}
} else if($_REQUEST['do'] == "edit") {
	$save = 0;
	$error = array();
	if($_POST['action'] == "submit") {
		$save = 1;
		if(empty($_POST['ident'])) {
			$error[] = "You must enter a page Identification";
			$save = 0;
			$showerror = 1;
		} else {
			$checkident = $db->num_rows($db->query("SELECT * FROM ".TABLE_PREFIX."custompages WHERE ident='".$db->real_escape_string($_POST['ident'])."' AND ident!='".$db->real_escape_string($_POST['pageident'])."' LIMIT 1"));
			if($checkident == "1") {
				$error[] = "Page Identification aleady in use";
				$showerror = 1;
				$save = 0;
			}
		}
	}
	if(!$save) {
		print_cp_header("Edit Page");
		
		if($showerror) {
			print_error($error);
		}
		if(isset($_POST['pageident'])) {
			$ident = $_POST['pageident'];
		} else {
			$ident = $_REQUEST['page'];
		}
		$pageinfo = $db->query_first("SELECT * FROM ".TABLE_PREFIX."custompages WHERE ident='".$db->real_escape_string($ident)."' LIMIT 1");
		print_form_header("pages.php?do=edit","save");
		print_form_hiddenfield("action","submit");
		print_form_hiddenfield("pageident",$ident);
		print_table_header("Edit Page","2");
		print_form_textbox("Title","title",$pageinfo['title']);
		print_form_textbox("Identification<br>Used in the URL","ident",$pageinfo['ident']);
		print_table_optiontitle("Page Content","","2");
		print_form_textarearow("page",stripslashes($pageinfo['page']),"2","90","10","");
		print_form_submit("Save","2","0");
		print_table_footer();
		print_form_footer();
		
		print_cp_footer();
	} else {
		$db->query("UPDATE custompages SET
		ident='".$db->real_escape_string($_POST['ident'])."',
		title='".$db->real_escape_string($_POST['title'])."',
		page='".addslashes($_POST['page'])."'
		WHERE ident='".$db->real_escape_string($_POST['pageident'])."'");
		print_redirect("pages.php","Page Saved","Page Saved.");
	}
} else if($_REQUEST['do'] == "delete") {
	$db->query("DELETE FROM ".TABLE_PREFIX."custompages WHERE ident='".$db->real_escape_string($_REQUEST['page'])."'");
	print_redirect("pages.php","Page Deleted","Page Deleted.");
}
?>
Return current item: Exero CMS