Location: PHPKode > projects > Horizon Blogging Software > admin/editform.php
<?php
$time_start = microtime(TRUE);
define('IN_HBS',TRUE);
include("../inc/include.php");
?>
<?php include("password_protect.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>HBS Administrative Control Panel</title>
<script language="javascript" type="text/javascript" src="../inc/javascript/tiny_mce/tiny_mce.js"></script>
<script language="javascript" type="text/javascript" src="../inc/javascript/mootools.js"></script>
<script language="javascript" type="text/javascript" src="../inc/javascript/calendar.js"></script>
<script language="javascript" type="text/javascript">
tinyMCE.init({
	mode : "textareas",
	theme : "advanced",
	plugins : "table,save,advhr,advimage,advlink,emotions,iespell,insertdatetime,preview,zoom,flash,searchreplace,print,contextmenu",
	theme_advanced_buttons1_add_before : "save,separator",
	theme_advanced_buttons1_add : "fontselect,fontsizeselect",
	theme_advanced_buttons2_add : "separator,insertdate,inserttime,preview,zoom,separator,forecolor,backcolor",
	theme_advanced_buttons2_add_before: "cut,copy,paste,separator,search,replace,separator",
	theme_advanced_buttons3_add_before : "tablecontrols,separator",
	theme_advanced_buttons3_add : "emotions,iespell,flash,advhr,separator,print",
	theme_advanced_toolbar_location : "top",
	theme_advanced_toolbar_align : "left",
	theme_advanced_path_location : "bottom",
	plugin_insertdate_dateFormat : "%Y-%m-%d",
	plugin_insertdate_timeFormat : "%H:%M:%S",
	extended_valid_elements : "a[name|href|target|title|onclick],img[class|src|border=0|alt|title|hspace|vspace|width|height|align|onmouseover|onmouseout|name],hr[class|width|size|noshade],font[face|size|color|style],span[class|align|style]",
	external_link_list_url : "example_data/example_link_list.js",
	external_image_list_url : "example_data/example_image_list.js",
	flash_external_list_url : "example_data/example_flash_list.js"
});
</script>
</head>

<?php include ("default_style.css"); ?>

<body>
<div align="center"><img src="images/header.png" />
</div>
<table id="table" align="center">
<tr>
<td id="menu">
<?php include ("navigation.php"); ?>
</td>
<td id="content">

<table width="100%">
<tr>
  <td style="background-color:#FFFFD9; border: #FFFFB7 1px solid;">
<?php
db();
if (isset($_POST['update'])) {

    $id = htmlspecialchars(strip_tags($_POST['id']));
    $date = htmlspecialchars(strip_tags($_POST['date']));
    $time = htmlspecialchars(strip_tags($_POST['time']));
    $entry = trim($_POST['entry']);
    $title = htmlspecialchars(strip_tags($_POST['title']));


    $entry = nl2br($entry);

    if (!get_magic_quotes_gpc()) {
        $title = addslashes($title);
        $entry = addslashes($entry);
    }

    $timestamp = strtotime ($date . " " . $time);

    $result = mysql_query("UPDATE " . $mysql["db_prefix"] . "main SET timestamp='$timestamp', title='$title', entry='$entry',  entry='$entry' WHERE id='$id' LIMIT 1") or print ("Can't update entry.<br />" . mysql_error());

   	echo 'Post updated successfully.';
} elseif (isset($_POST['delete'])) {
    $id = (int)$_POST['id'];
    $result = mysql_query("DELETE FROM " . $mysql["db_prefix"] . "main WHERE id='$id'") or print ("Can't delete entry.<br />" . mysql_error());
    if ($result != false) {
        print "The entry has been successfully deleted from the database.";
        exit;
    }
} else {

	if (!isset($_GET['id']) || empty($_GET['id']) || !is_numeric($_GET['id'])) {
		die("Invalid entry ID.");
	}
	else {
		$id = (int)$_GET['id'];
	}
	
	$result = mysql_query ("SELECT * FROM " . $mysql["db_prefix"] . "main WHERE id='$id'") or print ("Can't select entry.<br />" . $sql . "<br />" . mysql_error());
	
	while ($row = mysql_fetch_array($result)) {
		$old_timestamp = $row['timestamp'];
		$old_title = stripslashes($row['title']);
		$old_entry = stripslashes($row['entry']);
	
	
		$old_title = str_replace('"','\'',$old_title);
		$old_entry = str_replace('<br />', '', $old_entry);
	
		$old_date = date("m/d/Y",$old_timestamp);
		$old_time = date("H:i",$old_timestamp);
	}
?>

<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">

<p align="center"><input type="hidden" name="id" value="<?php echo $id; ?>" />

<strong><label for="month">Date: </label></strong> 

<input type="text" class="ncalendar" name="date" id="date" size="10" value="<?php echo $old_date; ?>" />

<strong><label for="time">Time: </label></strong> <input type="text" name="time" id="time" size="5" value="<?php echo $old_time; ?>" /><strong><label for="title"> Title: </label></strong> <input type="text" name="title" id="title" value="<?php echo $old_title; ?>" size="40" /> </p>


<p><textarea cols="60" rows="20" name="entry" id="entry"><?php echo $old_entry; ?></textarea></p>

<center><p><input type="submit" name="update" id="update" value="Edit Entry">
</form>

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<input style="display:none;" type="hidden" name="id" id="id" value="<?php echo $id; ?>" />
<input type="submit" name="delete" id="delete" value="Delete Entry" onClick="confirm('Confirmation Message: Are you sure you want to delete this entry?')" />
</form></p></center>

<?php
}
mysql_close();
?>

</td>
</tr>
</table>

</td>
</table>
<?php include("footer.php");?>

</body>
</html>
Return current item: Horizon Blogging Software