Location: PHPKode > projects > Informium > informium/admin/article.php
<?

//
// Copyright (c) 2002, Cameron McKay
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions 
// are met:

// * Redistributions of source code must retain the above copyright 
//   notice, this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above copyright 
//   notice, this list of conditions and the following disclaimer in the 
//   documentation and/or other materials provided with the distribution.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 
// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 
// TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, 
// OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY 
// OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//

//
// Informium -- Advanced News Script
//
// Article Administration Script (article.php)
//
// Author: Cameron McKay
// Note:   Allows for the manipulation of articles.
//

// Import CONF.
require_once('../conf/inf-conf.php');

// Import ARTICLE and XHTML class.
require_once("$CONF[local_path]/class/article-class.php");
require_once("$CONF[local_path]/class/xhtml-class.php");

// Make new ARTICLE and XHTML objects.
$article = new article();
$xhtml   = new xhtml();

// For Header.
if ($form)        $option = $form;
if ($date_select) $option = $date_select . ' Archived';
if ($dropdown)    $option = $dropdown;
if ($exec)        $option = $exec; 

// Header.
$xhtml->header(ucfirst($option) . ' Article');

// Import common menu.
require_once("$CONF[local_path]/admin/common-menu.php");

// Determine course of action.
if (!strcmp($form, 'add'))
	// Present the user with an add form.
	$article->form();

else if (!strcmp($form, 'edit'))
	// Present the user with an edit form.
	$article->form($post_id);

else if (!strcmp($date_select, 'edit'))
	// Present the user with the date selection form.
	$article->date_select('edit');

else if (!strcmp($date_select, 'delete'))
	// Present the user with the date selection form.
	$article->date_select('delete');

else if (!strcmp($dropdown, 'edit')) {

	// If the article date is set, then we're looking up archives.
	if (isset($article_dd)) {
		// So we need to prepare a date for use with dropdown().
		$date = sprintf("%04d%02d%02d", $article_yy, $article_mm, $article_dd);

	} else {
		// Otherwise date is NULL.
		$date = NULL;

	}

	// Present the user with a dropdown menu of all articles.
	$article->dropdown('edit', $CONF[dropdown_limit], $date);

} else if (!strcmp($dropdown, 'delete')) {

	// If the article date is set, then we're looking up archives.
	if (isset($article_dd)) {
		// So we need to prepare a date for use with dropdown().
		$date = sprintf("%04d%02d%02d", $article_yy, $article_mm, $article_dd);

	} else {
		// Otherwise date is NULL.
		$date = NULL;

	}

	// Present the user with a dropdown menu of all articles.
	$article->dropdown('delete', $CONF[dropdown_limit], $date);

} else if (!strcmp($exec, 'add')) {

	// Import USER class, if needed.
	require_once("$CONF[local_path]/class/user-class.php");

	// Make a new USER objects.
	$user = new user();

	// Check user's access level.
	$access = $user->info(0, 'access');

	// Respond to user.
	$xhtml->table_start('normal', 500);

	// If they have an access level greater than 1, than we can add articles.
	if ($access > 1) {

		// Set the user_id to 0 if undefined.
		if (!isset($user_id)) {
			$user_id = 0;

		}

		// Add the article to the database.
		$post_id = $article->add($section_id, $user_id, $title, $text, $more_text);

		// If the post_id is less than 0, then we're missing a field.
		if ($post_id < 0) {

			echo "One or more fields are missing.<br />\n";
			echo "<br />\n";
			echo "Return to <a href='$CONF[www_address]/admin/article.php?form=add'>Add a New Article</a>.\n";

		// If it's greater than 0, than we're fine.
		} else if ($post_id > 0) {

			echo "Article <b><i>#</i>$post_id</b> added.<br />\n";
			echo "<br />\n";
			echo "Return to <a href='$CONF[www_address]/admin/admin.php'>Main Menu</a>.\n";

		}

	// Otherwise warn them.
	} else {

			echo "You are not permitted to add articles.<br />\n";
			echo "<br />\n";
			echo "Return to <a href='$CONF[www_address]/admin/admin.php'>Main Menu</a>.\n";

	}
	
	// End the table.
	$xhtml->table_end();

} else if (!strcmp($exec, 'edit') || !strcmp($exec, 'delete')) {

	// Import USER class, if needed.
	require_once("$CONF[local_path]/class/user-class.php");

	// Make a new USER objects.
	$user = new user();

	// Check user's access level.
	$list = $user->info(0);

	// Set the user_id to 0 if undefined.
	if (!isset($user_id)) {
		$user_id = 0;

	}

	// If user's access is 2 or lower, check if they own the post.
	if ($list[access] < 3) {
		
		// If user owns post, authorize.
		if ($article->check($post_id, $list[user_id])) {
			$AUTH = 1;

		}

	// If access level is greater than 2, then authorize.
	} else {

		// Like I said, authorize.
		$AUTH = 1;

	}

	// If we're authorized, then edit or delete the post.
	if ($AUTH) {

		if (!strcmp($exec, 'edit'))
			// Update the article in the database.
			$post_id = $article->edit($post_id, $section_id, $user_id, $title, $text, $more_text);

		else if (!strcmp($exec, 'delete'))
			// Delete the article in the database.
			$article->delete($post_id);

	}

	// Respond to user.
	$xhtml->table_start('normal', 500);

	// If AUTH is not set, then we're not authorized.
	if (!isset($AUTH)) {
 
		echo "You are not authorized to edit or delete this post.<br />\n";
		echo "<br />\n";
		echo "Return to <a href='$CONF[www_address]/admin/article.php?dropdown=edit'>Edit an Existing Article</a>.<br />\n";
		echo "Return to <a href='$CONF[www_address]/admin/article.php?dropdown=delete'>Delete an Existing Article</a>.\n";
 
	// If AUTH is set, then we're authorized.
	} else if (isset($AUTH)) {
 
		echo "Article <b><i>#</i>$post_id</b> edited or deleted.<br />\n";
		echo "<br />\n";
		echo "Return to <a href='$CONF[www_address]/admin/article.php?dropdown=edit'>Edit an Existing Article</a>.<br />\n";
		echo "Return to <a href='$CONF[www_address]/admin/article.php?dropdown=delete'>Delete an Existing Article</a>.<br />\n";
		echo "Return to <a href='$CONF[www_address]/admin/admin.php'>Main Menu</a>.\n";

	}	
 
     // End the table.
     $xhtml->table_end();

} 

// Footer.
$xhtml->footer();

?>
Return current item: Informium