Location: PHPKode > projects > Gnew > Gnew-2013.1/admin/news.php
<?php
// -----------------------------------------------------------------------------
// $Id: news.php 682 2013-03-28 14:17:41Z raoul $
//
// Copyright (C) 2013 Raoul Proença
// License: GNU GPL version 3 (see copying.txt file)
// Website: http://www.gnew.fr/
// -----------------------------------------------------------------------------
// This program is free software: you can redistribute it and/or modify it under
// the terms of the GNU General Public License as published by the Free Software
// Foundation, either version 3 of the License, or (at your option) any later
// version.
//
// This program is distributed in the hope that it will be useful, but WITHOUT
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
// FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
// details.
//
// You should have received a copy of the GNU General Public License along with
// this program. If not, see <http://www.gnu.org/licenses/>.
// -----------------------------------------------------------------------------

include('./../includes/common.php');

page_header($lang['ADMIN_NEWS']);

// Moderator?
if ($users['user_level'] > 1)
{
    // Add (or preview)?
    if (isset($_POST['add_news']) || isset($_POST['preview_news']))
    {
        $error = '';
        // Categories not created yet?
        if (empty($_POST['category_id']))
        {
            $error .= $lang['ERROR_NO_CATEGORY'];
        }
        if (!trim($_POST['news_subject']))
        {
            $error .= $lang['ERROR_NO_SUBJECT'];
        }
        if (!trim($_POST['news_text']))
        {
            $error .= $lang['ERROR_NO_TEXT'];
        }
        if ($error)
        {
            error_template($error);
        }
        else
        {
            $news_subject = utf8_entities($_POST['news_subject']);
            if ($settings['allow_html'])
            {
                $news_source2 = do_html($_POST['news_source']);
                $news_text2 = do_html($_POST['news_text']);
            }
            else
            {
                $news_source2 = utf8_entities($_POST['news_source']);
                $news_text2 = utf8_entities($_POST['news_text']);
            }
            $news_source = $news_source2;
            $news_text = $news_text2;
            $news_source2 = make_clickable($news_source2);
            $news_text2 = make_clickable($news_text2);
            $news_source2 = do_bbcodes($news_source2);
            $news_text2 = do_bbcodes($news_text2);
            if ($settings['allow_emoticons'])
            {
                $news_text2 = do_emoticons($news_text2);
            }
            // Preview form
            if (isset($_POST['preview_news']))
            {
                // remove_form_data();
                if (!empty($_POST['news_source']))
                {
                    $news_source2 = undo_escape_sequences($news_source2);
                    $news_source2 = sprintf($lang['SOURCE'], $news_source2);
                }
                else
                {
                    $news_source2 = '<!-- empty -->';
                }
                $news_text2 = undo_escape_sequences($news_text2);
                if ($settings['allow_html'])
                {
                    $html_support = $lang['HTML_ENABLED'];
                }
                else
                {
                    $html_support = $lang['HTML_DISABLED'];
                }
                $category_id_options = '';
                $sql->query('SELECT category_id, category_image, category_name
                             FROM ' . TABLE_CATEGORIES . '
                             WHERE category_level IN (\'2\', \'4\')
                             ORDER BY category_name');
                while ($table_categories = $sql->fetch())
                {
                    if ($table_categories['category_id'] == $_POST['category_id'])
                    {
                        $category_id_options .= '<option value="' . $table_categories['category_id'] . '" selected="selected">' . $table_categories['category_name'] . '</option>';
                        $category_image = $table_categories['category_image'];
                        $category_name = $table_categories['category_name'];
                    }
                    else
                    {
                        $category_id_options .= '<option value="' . $table_categories['category_id'] . '">' . $table_categories['category_name'] . '</option>';
                    }
                }
                $template->set_file('admin', 'admin/news/preview.htpl');
                $template->set_var(array('CATEGORY_ID' => $_POST['category_id'],
                                         'CATEGORY_ID_OPTIONS' => $category_id_options,
                                         'CATEGORY_IMAGE' => $category_image,
                                         'CATEGORY_NAME' => $category_name,
                                         'EMOTICONS_LIST' => get_emoticons_list(0),
                                         'HTML_SUPPORT' => $html_support,
                                         'NEWS_COMMENTS' => 0,
                                         'NEWS_POSTED' => sprintf($lang['POSTED_BY'], $_SESSION['user_id'], $users['user_name'], format_date(time())),
                                         'NEWS_SOURCE' => $news_source,
                                         'NEWS_SOURCE2' => $news_source2,
                                         'NEWS_SUBJECT' => $news_subject,
                                         'NEWS_TEXT' => $news_text,
                                         'NEWS_TEXT2' => $news_text2));
                $template->parse('admin');
            }
            // From add form
            else
            {
                $sql->query('INSERT INTO ' . TABLE_NEWS . ' (category_id, user_id, news_active, news_month, news_source, news_subject, news_text, news_year, news_creation)
                             VALUES (\'' . $_POST['category_id'] . '\', \'' . $_SESSION['user_id'] . '\', \'1\', \'' . date('m', time()) . '\', \'' . $news_source2 . '\', \'' . $news_subject . '\', \'' . $news_text2 . '\', \'' . date('Y', time()) . '\', \'' . time() . '\')');
                $sql->query('UPDATE ' . TABLE_CATEGORIES . '
                             SET category_news = category_news + 1
                             WHERE category_id = \'' . $_POST['category_id'] . '\'');
                $sql->query('UPDATE ' . TABLE_USERS . '
                             SET user_news = user_news + 1
                             WHERE user_id = \'' . $_SESSION['user_id'] . '\'');
                make_news_feed();
                // For the time being category_news is not displayed
                // $GLOBALS['cache']->clean(TABLE_CATEGORIES);
                $GLOBALS['cache']->clean(TABLE_NEWS);
                $GLOBALS['cache']->clean(TABLE_USERS);
                success_template($lang['NEWS_ADDED'], './../admin/news.php?action=view_news');
            }
        }
    }
    // News list
    elseif (isset($_GET['action']) && $_GET['action'] == 'view_news')
    {
        // Query string - ?action=view_news&sort=&order=&page=&list=
        if (!empty($_GET['sort']) && preg_match('`^(news_id|news_subject)$`', $_GET['sort']))
        {
            $query = 'sort=' . $_GET['sort'];
        }
        if (!empty($_GET['order']) && preg_match('`^(ASC|DESC)$`', $_GET['order']))
        {
            if (!empty($_GET['sort']) && preg_match('`^(news_id|news_subject)$`', $_GET['sort']))
            {
                $query .= '&amp;order=' . $_GET['order'];
            }
        }
        if ((empty($_GET['sort']) || !preg_match('`^(news_id|news_subject)$`', $_GET['sort'])) || (empty($_GET['order']) || !preg_match('`^(ASC|DESC)$`', $_GET['order'])))
        {
            $clause = '';
            $query = '';
        }
        else
        {
            $clause = 'ORDER BY ' . $_GET['sort'] . ' ' . $_GET['order'];
            $query .= '&amp;';
        }

        // Create pages list
        if (empty($_GET['page']) || !string_is_int($_GET['page']))
        {
            $_GET['page'] = 1;
        }
        $news_offset = ($_GET['page'] - 1) * $settings['news_per_page'];
        $sql->query('SELECT news_id
                     FROM ' . TABLE_NEWS . '
                     WHERE news_active = \'1\'');
        $num_news = $sql->num_rows();
        $num_pages = ceil($num_news / $settings['news_per_page']);
        $pages_list = get_pages_list('./../admin/news.php?action=view_news&amp;' . $query, $num_pages);

        $template->set_file('admin', 'admin/news/view.htpl');
        $template->set_block('admin', 'NEWS_BLOCK', 'news');
        $sql->query('SELECT t1.news_id, t1.news_subject, t2.category_name, t3.user_name
                     FROM ' . TABLE_NEWS . ' AS t1
                     INNER JOIN ' . TABLE_CATEGORIES . ' AS t2
                                 ON (t2.category_id = t1.category_id)
                     INNER JOIN ' . TABLE_USERS . ' AS t3
                                 ON (t3.user_id = t1.user_id)
                     WHERE t1.news_active = \'1\'
                     ' . $clause . '
                     LIMIT ' . $settings['news_per_page'] . ' OFFSET ' . $news_offset);
        while ($table_news = $sql->fetch())
        {
            $template->set_var(array('CATEGORY_NAME' => $table_news['category_name'],
                                     'NEWS_ID' => $table_news['news_id'],
                                     'NEWS_SUBJECT' => $table_news['news_subject'],
                                     'USER_NAME' => $table_news['user_name']));
            $template->parse('NEWS_BLOCK', 'news', true);
        }
        $template->set_var('PAGES', sprintf($lang['PAGES'], $pages_list));
        $template->parse('admin');
    }
    // Edit form
    elseif (isset($_GET['action']) && $_GET['action'] == 'edit_news')
    {
        if (!empty($_GET['news_id']) && string_is_int($_GET['news_id']))
        {
            $sql->query('SELECT t1.category_id, t1.user_id, t1.news_comments, t1.news_source, t1.news_subject, t1.news_text, t1.news_creation, t2.user_name
                         FROM ' . TABLE_NEWS . ' AS t1
                         INNER JOIN ' . TABLE_USERS . ' AS t2
                                     ON (t2.user_id = t1.user_id)
                         WHERE t1.news_id = \'' . $_GET['news_id'] . '\'');
            $table_news = $sql->fetch();
            // Check news
            if (!$table_news['category_id'])
            {
                error_template($lang['ERROR_QUERY']);
            }
            else
            {
                $category_id_options = '';
                $sql->query('SELECT category_id, category_name
                             FROM ' . TABLE_CATEGORIES . '
                             WHERE category_level IN (\'2\', \'4\')
                             ORDER BY category_name');
                while ($table_categories = $sql->fetch())
                {
                    if ($table_categories['category_id'] == $table_news['category_id'])
                    {
                        $category_id_old = $table_categories['category_id'];
                        $category_id_options .= '<option value="' . $table_categories['category_id'] . '" selected="selected">' . $table_categories['category_name'] . '</option>';
                    }
                    else
                    {
                        $category_id_options .= '<option value="' . $table_categories['category_id'] . '">' . $table_categories['category_name'] . '</option>';
                    }
                }
                if ($settings['allow_html'])
                {
                    $html_support = $lang['HTML_ENABLED'];
                }
                else
                {
                    $html_support = $lang['HTML_DISABLED'];
                }
                $news_text = undo_emoticons($table_news['news_text']);
                $news_text = undo_bbcodes($news_text);
                $news_source = undo_bbcodes($table_news['news_source']);
                $template->set_file('admin', 'admin/news/edit.htpl');
                $template->set_var(array('CATEGORY_ID_OLD' => $category_id_old,
                                         'CATEGORY_ID_OPTIONS' => $category_id_options,
                                         'EMOTICONS_LIST' => get_emoticons_list(0),
                                         'HTML_SUPPORT' => $html_support,
                                         'NEWS_COMMENTS' => $table_news['news_comments'],
                                         'NEWS_CREATION' => $table_news['news_creation'],
                                         'NEWS_ID' => $_GET['news_id'],
                                         'NEWS_SOURCE' => $news_source,
                                         'NEWS_SUBJECT' => $table_news['news_subject'],
                                         'NEWS_TEXT' => $news_text,
                                         'USER_ID' => $table_news['user_id'],
                                         'USER_NAME' => $table_news['user_name']));
                $template->parse('admin');
            }
        }
        else
        {
            error_template($lang['ERROR_QUERY']);
        }
    }
    // Edit (or preview)?
    elseif (isset($_POST['edit_news']) || isset($_POST['preview_edited_news']))
    {
        $error = '';
        if (!trim($_POST['news_subject']))
        {
            $error .= $lang['ERROR_NO_SUBJECT'];
        }
        if (!trim($_POST['news_text']))
        {
            $error .= $lang['ERROR_NO_TEXT'];
        }
        if ($error)
        {
            error_template($error);
        }
        else
        {
            $news_subject = utf8_entities($_POST['news_subject']);
            if ($settings['allow_html'])
            {
                $news_source2 = do_html($_POST['news_source']);
                $news_text2 = do_html($_POST['news_text']);
            }
            else
            {
                $news_source2 = utf8_entities($_POST['news_source']);
                $news_text2 = utf8_entities($_POST['news_text']);
            }
            $news_source = $news_source2;
            $news_text = $news_text2;
            $news_source2 = make_clickable($news_source2);
            $news_text2 = make_clickable($news_text2);
            $news_source2 = do_bbcodes($news_source2);
            $news_text2 = do_bbcodes($news_text2);
            if ($settings['allow_emoticons'])
            {
                $news_text2 = do_emoticons($news_text2);
            }
            // Preview form
            if (isset($_POST['preview_edited_news']))
            {
                // remove_form_data();
                if (!empty($_POST['news_source']))
                {
                    $news_source2 = undo_escape_sequences($news_source2);
                    $news_source2 = sprintf($lang['SOURCE'], $news_source2);
                }
                else
                {
                    $news_source2 = '<!-- empty -->';
                }
                $news_text2 = undo_escape_sequences($news_text2);
                if ($settings['allow_html'])
                {
                    $html_support = $lang['HTML_ENABLED'];
                }
                else
                {
                    $html_support = $lang['HTML_DISABLED'];
                }
                $category_id_options = '';
                $sql->query('SELECT category_id, category_image, category_name
                             FROM ' . TABLE_CATEGORIES . '
                             WHERE category_level IN (\'2\', \'4\')
                             ORDER BY category_name');
                while ($table_categories = $sql->fetch())
                {
                    if ($table_categories['category_id'] == $_POST['category_id'])
                    {
                        $category_id_options .= '<option value="' . $table_categories['category_id'] . '" selected="selected">' . $table_categories['category_name'] . '</option>';
                        $category_image = $table_categories['category_image'];
                        $category_name = $table_categories['category_name'];
                    }
                    else
                    {
                        $category_id_options .= '<option value="' . $table_categories['category_id'] . '">' . $table_categories['category_name'] . '</option>';
                    }
                }
                $template->set_file('admin', 'admin/news/preview_edited.htpl');
                $template->set_var(array('CATEGORY_ID' => $_POST['category_id'],
                                         'CATEGORY_ID_OLD' => $_POST['category_id_old'],
                                         'CATEGORY_ID_OPTIONS' => $category_id_options,
                                         'CATEGORY_IMAGE' => $category_image,
                                         'CATEGORY_NAME' => $category_name,
                                         'EMOTICONS_LIST' => get_emoticons_list(0),
                                         'HTML_SUPPORT' => $html_support,
                                         'NEWS_COMMENTS' => $_POST['news_comments'],
                                         'NEWS_CREATION' => $_POST['news_creation'],
                                         'NEWS_EDITED' => sprintf($lang['EDITED_BY'], $_SESSION['user_id'], $users['user_name'], format_date(time())),
                                         'NEWS_ID' => $_POST['news_id'],
                                         'NEWS_POSTED' => sprintf($lang['POSTED_BY'], $_POST['user_id'], $_POST['user_name'], format_date($_POST['news_creation'])),
                                         'NEWS_SOURCE' => $news_source,
                                         'NEWS_SOURCE2' => $news_source2,
                                         'NEWS_SUBJECT' => $news_subject,
                                         'NEWS_TEXT' => $news_text,
                                         'NEWS_TEXT2' => $news_text2,
                                         'USER_ID' => $_POST['user_id'],
                                         'USER_NAME' => $_POST['user_name']));
                $template->parse('admin');
            }
            // From edit form
            else
            {
                $sql->query('UPDATE ' . TABLE_NEWS . '
                             SET category_id = \'' . $_POST['category_id'] . '\', news_source = \'' . $news_source2 . '\', news_subject = \'' . $news_subject . '\', news_text = \'' . $news_text2 . '\', news_edition = \'' . time() . '\', edition_id = \'' . $_SESSION['user_id'] . '\', edition_name = \'' . $users['user_name'] . '\'
                             WHERE news_id = \'' . $_POST['news_id'] . '\'');
                if ($_POST['category_id'] != $_POST['category_id_old'])
                {
                    $sql->query('UPDATE ' . TABLE_CATEGORIES . '
                                 SET category_news = category_news + 1
                                 WHERE category_id = \'' . $_POST['category_id'] . '\'');
                    $sql->query('UPDATE ' . TABLE_CATEGORIES . '
                                 SET category_news = category_news - 1
                                 WHERE category_id = \'' . $_POST['category_id_old'] . '\'');
                    // For the time being category_news is not displayed
                    // $GLOBALS['cache']->clean(TABLE_CATEGORIES);
                }
                make_news_feed();
                $GLOBALS['cache']->clean(TABLE_NEWS);
                success_template($lang['NEWS_EDITED'], './../admin/news.php?action=view_news');
            }
        }
    }
    // Delete?
    elseif (isset($_GET['action']) && $_GET['action'] == 'delete_news')
    {
        if (!empty($_GET['news_id']) && string_is_int($_GET['news_id']))
        {
            $sql->query('SELECT category_id, user_id, news_comments
                         FROM ' . TABLE_NEWS . '
                         WHERE news_id = \'' . $_GET['news_id'] . '\'');
            $table_news = $sql->fetch();
            // Check news
            if (!$table_news['category_id'])
            {
                error_template($lang['ERROR_QUERY']);
            }
            else
            {
                if ($table_news['news_comments'] > 0)
                {
                    error_template(sprintf($lang['ERROR_NEWS_DELETE'], $table_news['news_comments']));
                }
                else
                {
                    $sql->query('DELETE FROM ' . TABLE_NEWS . '
                                 WHERE news_id = \'' . $_GET['news_id'] . '\'');
                    $sql->query('UPDATE ' . TABLE_CATEGORIES . '
                                 SET category_news = category_news - 1
                                 WHERE category_id = \'' . $table_news['category_id'] . '\'');
                    $sql->query('UPDATE ' . TABLE_USERS . '
                                 SET user_news = user_news - 1
                                 WHERE user_id = \'' . $table_news['user_id'] . '\'');
                    make_news_feed();
                    // For the time being category_news is not displayed
                    // $GLOBALS['cache']->clean(TABLE_CATEGORIES);
                    $GLOBALS['cache']->clean(TABLE_NEWS);
                    $GLOBALS['cache']->clean(TABLE_USERS);
                    success_template($lang['NEWS_DELETED'], './../admin/news.php?action=view_news');
                }
            }
        }
        else
        {
            error_template($lang['ERROR_QUERY']);
        }
    }
    // Submitted news list
    elseif (isset($_GET['action']) && $_GET['action'] == 'view_submitted_news')
    {
        // Query string - ?action=view_submitted_news&sort=&order=&page=&list=
        if (!empty($_GET['sort']) && preg_match('`^(news_id|news_subject)$`', $_GET['sort']))
        {
            $query = 'sort=' . $_GET['sort'];
        }
        if (!empty($_GET['order']) && preg_match('`^(ASC|DESC)$`', $_GET['order']))
        {
            if (!empty($_GET['sort']) && preg_match('`^(news_id|news_subject)$`', $_GET['sort']))
            {
                $query .= '&amp;order=' . $_GET['order'];
            }
        }
        if ((empty($_GET['sort']) || !preg_match('`^(news_id|news_subject)$`', $_GET['sort'])) || (empty($_GET['order']) || !preg_match('`^(ASC|DESC)$`', $_GET['order'])))
        {
            $clause = '';
            $query = '';
        }
        else
        {
            $clause = 'ORDER BY ' . $_GET['sort'] . ' ' . $_GET['order'];
            $query .= '&amp;';
        }

        // Create pages list
        if (empty($_GET['page']) || !string_is_int($_GET['page']))
        {
            $_GET['page'] = 1;
        }
        $news_offset = ($_GET['page'] - 1) * $settings['news_per_page'];
        $sql->query('SELECT news_id
                     FROM ' . TABLE_NEWS . '
                     WHERE news_active = \'0\'');
        $num_news = $sql->num_rows();
        $num_pages = ceil($num_news / $settings['news_per_page']);
        $pages_list = get_pages_list('./../admin/news.php?action=view_submitted_news&amp;' . $query, $num_pages);

        $template->set_file('admin', 'admin/news/view_submitted.htpl');
        $template->set_block('admin', 'NEWS_BLOCK', 'news');
        $sql->query('SELECT t1.news_id, t1.news_subject, t2.category_name, t3.user_name
                     FROM ' . TABLE_NEWS . ' AS t1
                     INNER JOIN ' . TABLE_CATEGORIES . ' AS t2
                                 ON (t2.category_id = t1.category_id)
                     INNER JOIN ' . TABLE_USERS . ' AS t3
                                 ON (t3.user_id = t1.user_id)
                     WHERE t1.news_active = \'0\'
                     ' . $clause . '
                     LIMIT ' . $settings['news_per_page'] . ' OFFSET ' . $news_offset);
        while ($table_news = $sql->fetch())
        {
            $template->set_var(array('CATEGORY_NAME' => $table_news['category_name'],
                                     'NEWS_ID' => $table_news['news_id'],
                                     'NEWS_SUBJECT' => $table_news['news_subject'],
                                     'USER_NAME' => $table_news['user_name']));
            $template->parse('NEWS_BLOCK', 'news', true);
        }
        $template->set_var('PAGES', sprintf($lang['PAGES'], $pages_list));
        $template->parse('admin');
    }
    // Add submitted form
    elseif (isset($_GET['action']) && $_GET['action'] == 'add_submitted_news')
    {
        if (!empty($_GET['news_id']) && string_is_int($_GET['news_id']))
        {
            $sql->query('SELECT t1.category_id, t1.user_id, t1.news_source, t1.news_subject, t1.news_text, t1.news_creation, t2.user_name
                         FROM ' . TABLE_NEWS . ' AS t1
                         INNER JOIN ' . TABLE_USERS . ' AS t2
                                     ON (t2.user_id = t1.user_id)
                         WHERE t1.news_id = \'' . $_GET['news_id'] . '\'');
            $table_news = $sql->fetch();
            // Check news
            if (!$table_news['category_id'])
            {
                error_template($lang['ERROR_QUERY']);
            }
            else
            {
                $category_id_options = '';
                $sql->query('SELECT category_id, category_name
                             FROM ' . TABLE_CATEGORIES . '
                             WHERE category_level IN (\'2\', \'4\')
                             ORDER BY category_name');
                while ($table_categories = $sql->fetch())
                {
                    if ($table_categories['category_id'] == $table_news['category_id'])
                    {
                        $category_id_options .= '<option value="' . $table_categories['category_id'] . '" selected="selected">' . $table_categories['category_name'] . '</option>';
                    }
                    else
                    {
                        $category_id_options .= '<option value="' . $table_categories['category_id'] . '">' . $table_categories['category_name'] . '</option>';
                    }
                }
                if ($settings['allow_html'])
                {
                    $html_support = $lang['HTML_ENABLED'];
                }
                else
                {
                    $html_support = $lang['HTML_DISABLED'];
                }
                $news_text = undo_emoticons($table_news['news_text']);
                $news_text = undo_bbcodes($news_text);
                $news_source = undo_bbcodes($table_news['news_source']);
                $template->set_file('admin', 'admin/news/add_submitted.htpl');
                $template->set_var(array('CATEGORY_ID_OPTIONS' => $category_id_options,
                                         'EMOTICONS_LIST' => get_emoticons_list(0),
                                         'HTML_SUPPORT' => $html_support,
                                         'NEWS_CREATION' => $table_news['news_creation'],
                                         'NEWS_ID' => $_GET['news_id'],
                                         'NEWS_SOURCE' => $news_source,
                                         'NEWS_SUBJECT' => $table_news['news_subject'],
                                         'NEWS_TEXT' => $news_text,
                                         'USER_ID' => $table_news['user_id'],
                                         'USER_NAME' => $table_news['user_name']));
                $template->parse('admin');
            }
        }
        else
        {
            error_template($lang['ERROR_QUERY']);
        }
    }
    // Add (or preview) submitted?
    elseif (isset($_POST['add_submitted_news']) || isset($_POST['preview_submitted_news']))
    {
        $error = '';
        if (!trim($_POST['news_subject']))
        {
            $error .= $lang['ERROR_NO_SUBJECT'];
        }
        if (!trim($_POST['news_text']))
        {
            $error .= $lang['ERROR_NO_TEXT'];
        }
        if ($error)
        {
            error_template($error);
        }
        else
        {
            $news_subject = utf8_entities($_POST['news_subject']);
            if ($settings['allow_html'])
            {
                $news_source2 = do_html($_POST['news_source']);
                $news_text2 = do_html($_POST['news_text']);
            }
            else
            {
                $news_source2 = utf8_entities($_POST['news_source']);
                $news_text2 = utf8_entities($_POST['news_text']);
            }
            $news_source = $news_source2;
            $news_text = $news_text2;
            $news_source2 = make_clickable($news_source2);
            $news_text2 = make_clickable($news_text2);
            $news_source2 = do_bbcodes($news_source2);
            $news_text2 = do_bbcodes($news_text2);
            if ($settings['allow_emoticons'])
            {
                $news_text2 = do_emoticons($news_text2);
            }
            // Preview form
            if (isset($_POST['preview_submitted_news']))
            {
                // remove_form_data();
                if (!empty($_POST['news_source']))
                {
                    $news_source2 = undo_escape_sequences($news_source2);
                    $news_source2 = sprintf($lang['SOURCE'], $news_source2);
                }
                else
                {
                    $news_source2 = '<!-- empty -->';
                }
                $news_text2 = undo_escape_sequences($news_text2);
                if ($settings['allow_html'])
                {
                    $html_support = $lang['HTML_ENABLED'];
                }
                else
                {
                    $html_support = $lang['HTML_DISABLED'];
                }
                $category_id_options = '';
                $sql->query('SELECT category_id, category_image, category_name
                             FROM ' . TABLE_CATEGORIES . '
                             WHERE category_level IN (\'2\', \'4\')
                             ORDER BY category_name');
                while ($table_categories = $sql->fetch())
                {
                    if ($table_categories['category_id'] == $_POST['category_id'])
                    {
                        $category_id_options .= '<option value="' . $table_categories['category_id'] . '" selected="selected">' . $table_categories['category_name'] . '</option>';
                        $category_image = $table_categories['category_image'];
                        $category_name = $table_categories['category_name'];
                    }
                    else
                    {
                        $category_id_options .= '<option value="' . $table_categories['category_id'] . '">' . $table_categories['category_name'] . '</option>';
                    }
                }
                $template->set_file('admin', 'admin/news/preview_submitted.htpl');
                $template->set_var(array('CATEGORY_ID' => $_POST['category_id'],
                                         'CATEGORY_ID_OPTIONS' => $category_id_options,
                                         'CATEGORY_IMAGE' => $category_image,
                                         'CATEGORY_NAME' => $category_name,
                                         'EMOTICONS_LIST' => get_emoticons_list(0),
                                         'HTML_SUPPORT' => $html_support,
                                         'NEWS_COMMENTS' => 0,
                                         'NEWS_CREATION' => $_POST['news_creation'],
                                         'NEWS_EDITED' => sprintf($lang['EDITED_BY'], $_SESSION['user_id'], $users['user_name'], format_date(time())),
                                         'NEWS_ID' => $_POST['news_id'],
                                         'NEWS_SOURCE' => $news_source,
                                         'NEWS_SOURCE2' => $news_source2,
                                         'NEWS_SUBJECT' => $news_subject,
                                         'NEWS_SUBMITTED' => sprintf($lang['SUBMITTED_BY'], $_POST['user_id'], $_POST['user_name'], format_date($_POST['news_creation'])),
                                         'NEWS_TEXT' => $news_text,
                                         'NEWS_TEXT2' => $news_text2,
                                         'USER_ID' => $_POST['user_id'],
                                         'USER_NAME' => $_POST['user_name']));
                $template->parse('admin');
            }
            // From add submitted form
            else
            {
                $sql->query('UPDATE ' . TABLE_NEWS . '
                             SET category_id = \'' . $_POST['category_id'] . '\', news_active = \'1\', news_month = \'' . date('m', time()) . '\', news_source = \'' . $news_source2 . '\', news_subject = \'' . $news_subject . '\', news_text = \'' . $news_text2 . '\', news_year = \'' . date('Y', time()) . '\', news_creation = \'' . $_POST['news_creation'] . '\', news_edition = \'' . time() . '\', edition_id = \'' . $_SESSION['user_id'] . '\', edition_name = \'' . $users['user_name'] . '\'
                             WHERE news_id = \'' . $_POST['news_id'] . '\'');
                $sql->query('UPDATE ' . TABLE_CATEGORIES . '
                             SET category_news = category_news + 1
                             WHERE category_id = \'' . $_POST['category_id'] . '\'');
                $sql->query('UPDATE ' . TABLE_USERS . '
                             SET user_news = user_news + 1, user_submissions = user_submissions - 1
                             WHERE user_id = \'' . $_POST['user_id'] . '\'');
                make_news_feed();
                // For the time being category_news is not displayed
                // $GLOBALS['cache']->clean(TABLE_CATEGORIES);
                $GLOBALS['cache']->clean(TABLE_NEWS);
                $GLOBALS['cache']->clean(TABLE_USERS);
                success_template($lang['NEWS_ADDED'], './../admin/news.php?action=view_news');
            }
        }
    }
    // Delete submitted?
    elseif (isset($_GET['action']) && $_GET['action'] == 'delete_submitted_news')
    {
        if (!empty($_GET['news_id']) && string_is_int($_GET['news_id']))
        {
            $sql->query('SELECT news_active, user_id
                         FROM ' . TABLE_NEWS . '
                         WHERE news_id = \'' . $_GET['news_id'] . '\'');
            $table_news = $sql->fetch();
            // Check news
            if ($table_news['news_active'])
            {
                error_template($lang['ERROR_QUERY']);
            }
            else
            {
                $sql->query('DELETE FROM ' . TABLE_NEWS . '
                             WHERE news_id = \'' . $_GET['news_id'] . '\'');
                $sql->query('UPDATE ' . TABLE_USERS . '
                             SET user_submissions = user_submissions - 1
                             WHERE user_id = \'' . $table_news['user_id'] . '\'');
                $GLOBALS['cache']->clean(TABLE_NEWS);
                // For the time being user_submissions is not displayed
                // $GLOBALS['cache']->clean(TABLE_USERS);
                success_template($lang['NEWS_DELETED'], './../admin/news.php?action=view_news');
            }
        }
        else
        {
            error_template($lang['ERROR_QUERY']);
        }
    }
    // Add form
    else
    {
        $category_id_options = '';
        $sql->query('SELECT category_id, category_name
                     FROM ' . TABLE_CATEGORIES . '
                     WHERE category_level IN (\'2\', \'4\')
                     ORDER BY category_name');
        while ($table_categories = $sql->fetch())
        {
            $category_id_options .= '<option value="' . $table_categories['category_id'] . '">' . $table_categories['category_name'] . '</option>';
        }
        if ($settings['allow_html'])
        {
            $html_support = $lang['HTML_ENABLED'];
        }
        else
        {
            $html_support = $lang['HTML_DISABLED'];
        }
        $template->set_file('admin', 'admin/news/add.htpl');
        $template->set_var(array('CATEGORY_ID_OPTIONS' => $category_id_options,
                                 'EMOTICONS_LIST' => get_emoticons_list(0),
                                 'HTML_SUPPORT' => $html_support));
        $template->parse('admin');
    }
}
// Other
else
{
    error_template($lang['ERROR_LEVEL_ACCESS']);
}

page_footer();

?>
Return current item: Gnew