Location: PHPKode > projects > Fretsweb > fretsweb-1.2/fretsweb/admin/editsong.php
<?php

/*
Fretsweb - A Frets on Fire chart server
Copyright (C) 2009, Daan Sprenkels

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

require_once "common.php";

//Login Test
session_start();
if($_SESSION['in'] < 1)
{
	header('location: login.php?need=moderator');
	die();
}

if(isset($_POST['edit']))
{
	foreach($_POST as $postk => $postv)
	{
		$_POST[addslashes($postk)] = addslashes($postv);
	}
		$sql = "UPDATE `contest_songs` SET `artist` = '{$_POST['artist']}', `title` = '{$_POST['title']}', `link` = '{$_POST['link']}' WHERE `hash` = '{$_POST['hash']}'";
	if(mysql_query($sql))
		$info = "Editted song.";
	else
		$info = "Couldn't send query.<br/>" . mysql_error();
}

?><html>
<head>
<title>Edit song</title>
<link href="../css.php" rel="stylesheet" type="text/css" />
<link href="../images/favicon.png" rel="icon">
</head>
<body><center>
<h2>Edit song</h2>
<?php
include_once "log.php";

if(isset($info))
	echo '<p class="info">' . $info . '</p>';

if(isset($_GET['hash']))
{
	//Show the editing form
	$sql = "SELECT `hash`, `artist`, `title`, `link` FROM `contest_songs` WHERE `hash` = '{$_GET['hash']}'";
	$query = mysql_query($sql);
	$song = mysql_fetch_assoc($query);
	echo "<form action=\"{$_SERVER['PHP_SELF']}\" method=\"post\">".
	     "<p>( {$song['hash']} )</p>".
	     "<p>Artist: <input type=\"text\" name=\"artist\" value=\"{$song['artist']}\" /></p>".
	     "<p>Title: <input type=\"text\" name=\"title\" value=\"{$song['title']}\" /></p>".
	     "<p>Download link: <input type=\"text\" name=\"link\" value=\"{$song['link']}\" /></p>".
	     "<input type=\"hidden\" name=\"hash\" value=\"{$song['hash']}\">".
	     "<p><input type=\"submit\" name=\"edit\" value=\"Edit song\" /></p>".
	     "</form>";
}
else
{
	//Show the songs currently in the database
	$songs = mysql_query( "SELECT `artist`, `title`, `hash` FROM `contest_songs` ORDER BY `title`" );
	$songsnum = mysql_numrows( $songs );
	echo "<p>Songs currently in database:</p><table class=\"regular\"><tr><th>Artist</th><th>Title</th><th/></tr>";
	for( $i = 0; $i < $songsnum; $i++ ) {
		echo "<tr><td>" . htmlspecialchars(mysql_result($songs, $i, "artist")) . "</td><td>" . htmlspecialchars(mysql_result($songs, $i, "title")) . "</td><td>
<a href=\"../song.php?hash=" . mysql_result($songs, $i, "hash" ) . "\"><img src=\"../images/information.png\" /></a>
<a href=\"editsong.php?hash=" . mysql_result($songs, $i, "hash" ) . "\"><img src=\"../images/pencil_go.png\"></a>
</td></tr>";
	} 
	echo "</table>";
}

?>
<p><b><a href="index.php">Back to main administration panel</a></b><p>
</center></body>

<?php
	// close DB
	mysql_close( $db_link );
?>
100% Free PHP Newsletter Script! Download now!
Return current item: Fretsweb