Location: PHPKode > projects > MyNews > mynews/mynews.php
<?php
// ----------------------------------------------------------------------
// MyNews
// Copyright (C) 2004 by Frank Mancuso Aka crash4o4
// https://sourceforge.net/projects/mynews/
// http://frankmancuso.ca
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: Frank Mancuso aka crash4o4
// Purpose of file:
// ----------------------------------------------------------------------



// MyNews Class

class MyNews{

	function Create()
	{?>
		<h1>Submit News</h1>
		<form action="admin.php?Action=Submit" method="POST">
  		<table width="600" border="0" cellspacing="0" cellpadding="3">
    		<tr> 
      			<td width="250"><b>News Title</b></td>
      			<td width="350"><input name="News_Title" type="text" size="50"></td>
    		</tr>
    		<tr> 
      			<td width="250"><b>News Body</b>
      			<br />[b]Bold[/b]<br />[i]Italics[/i]<br />[img]image.gif[/img] <br />
      			[code]code[/code]<br />[quote]quote[/quote]
      			<br /><a href="docs/bbcode.html" target="new">More BBCode</a>
      			</td>
      			<td width="350"><textarea name="News_Body" cols="50" rows="10"></textarea></td>
    		</tr>
    		<tr> 
      			<td width="250"><b>News Body Extend</b>
      			<br />[b]Bold[/b]<br />[i]Italics[/i]<br />[img]image.gif[/img] <br />
      			[code]code[/code]<br />[quote]quote[/quote]
      			<br /><a href="docs/bbcode.html" target="new">More BBCode</a>
      			</td>
      			<td width="250"><textarea name="News_Body_Extend" cols="50" rows="10"></textarea></td>
    		</tr>
    		<tr>
      			<td width="250">&nbsp;</td>
      			<td width="350"><input type="submit" name="Submit" value="Submit News"></td>
    		</tr>
  		</table>
		</form>
	<?php		
	} // end of function Create

	function Submit($username,$News_Title,$News_Body,$News_Body_Extend)
	{
		include("config.php");
		$db2 = new db;
		$db2->info['sql_host']		=	$conf['sql_host'];
		$db2->info['sql_user']		=	$conf['sql_user'];
		$db2->info['sql_pass']		=	$conf['sql_pass'];
		$db2->info['sql_db']		=	$conf['sql_db'];
		$db2->connect();
		$Post_Date = date("Y-m-d G:i:s");
		$sql = "INSERT INTO mynews_news SET News_Title='$News_Title',News_Body='$News_Body',
			 News_Body_Extend='$News_Body_Extend',Post_Date='$Post_Date',Posted_By='$username' ";
			 
		$db2->query($sql);
		
		echo "<h2>News Submited</h2>";	
		
	} // end of function Submit

	function List_News()
	{
		include("config.php");
		$db2 = new db;
		$db2->info['sql_host']		=	$conf['sql_host'];
		$db2->info['sql_user']		=	$conf['sql_user'];
		$db2->info['sql_pass']		=	$conf['sql_pass'];
		$db2->info['sql_db']		=	$conf['sql_db'];
		$db2->connect();
		
		$sql = "SELECT * FROM mynews_news ";
		
		$get = $db2->query($sql);
		?>
		<p>&nbsp;</p>
		<table width="700" border="0" cellspacing="0" cellpadding="3" align="center">
  		<tr>
    			<td width="200"><b>News Title</b></td>
    			<td width="180"><b>Date Posted</b></td>
    			<td width="120"><b>Posted By</b></td>
    			<td width="100"><b>Active</b></td>
    			<td width="100"><b>Action</b></td>
  		</tr>

		
		<?php
		while ($row = mysql_fetch_array($get))
		{
		echo 	 "<tr>"
			."<td>$row[News_Title]</td>"
			."<td>$row[Post_Date]</td>"
			."<td>$row[Posted_By]</td>"
			."<td>$row[Active]</td>"
			."<td>[<a href=\"admin.php?Action=Edit&news_id=$row[news_id] \">E</a>] [<a href=\"admin.php?Action=Delete&news_id=$row[news_id]\">D</a>]</td>"
			."</tr>";
			
		} // end of while loop
		
		echo "</table>";
				
	} // end of function List_News
	
	function Edit($news_id)
	{
		include("config.php");
		$db2 = new db;
		$db2->info['sql_host']		=	$conf['sql_host'];
		$db2->info['sql_user']		=	$conf['sql_user'];
		$db2->info['sql_pass']		=	$conf['sql_pass'];
		$db2->info['sql_db']		=	$conf['sql_db'];
		$db2->connect();
		
		$sql = "SELECT * FROM mynews_news WHERE news_id='$news_id' ";
		
		$get = $db2->query($sql);
		
		while ($row = mysql_fetch_array($get))
		{
		
	?>
	<form action="admin.php?Action=Update" method="post">
	<input type="hidden" name="news_id" value="<?php echo $news_id; ?>">
  	<table width="600" border="0" cellspacing="0" cellpadding="3">
    	<tr> 
      		<td width="250">News Title</td>
      		<td width="350"><input name="News_Title" type="text" size="50" value="<?php echo $row['News_Title']; ?>"></td>
    	</tr>
    	<tr> 
      		<td width="250">
      		<b>News Body</b>
      			<br />[b]Bold[/b]<br />[i]Italics[/i]<br />[img]image.gif[/img] <br />
      			[code]code[/code]<br />[quote]quote[/quote]
      			<br /><a href="docs/bbcode.html" target="new">More BBCode</a>
      		</td>
      		<td width="350"><textarea name="News_Body" cols="50" rows="10"><?php echo $row['News_Body']; ?></textarea></td>
    	</tr>
    	<tr> 
      		<td width="250">
      		     	<b>News Body Extend</b>
      			<br />[b]Bold[/b]<br />[i]Italics[/i]<br />[img]image.gif[/img] <br />
      			[code]code[/code]<br />[quote]quote[/quote]
      			<br /><a href="docs/bbcode.html" target="new">More BBCode</a>
      		</td>
      		<td width="350"><textarea name="News_Body_Extend" cols="50" rows="10"><?php echo $row['News_Body_Extend']; ?></textarea></td>
    	</tr>
	<tr>
		<td width="250">Status</td>
		<td width="350">
		<?php
		if ($row['Active'] == 0 )
		{?>
		Active&nbsp;<input type="radio" name="Active" value="1">&nbsp;Not Active&nbsp;<input type="radio" name="Active" checked value="0">
		<?php
		}
		if ($row['Active'] == 1 )
		{
		?>
		Active&nbsp;<input type="radio" name="Active" checked value="1">&nbsp;Not Active&nbsp;<input type="radio" name="Active" value="0">	
		<?php	
		}
		?>
		
		</td>
	</tr>
    	<tr>
      		<td width="250">&nbsp;</td>
      		<td width="350">
		<input type="submit" name="Submit" value="Update News">
      		</td>
    	</tr>
  	</table>
	</form>
	
	<?php	
		}
	} // end of function Edit

	function Update($news_id,$News_Title,$News_Body,$News_Body_Extend,$Active)
	{
		include("config.php");
		$db2 = new db;
		$db2->info['sql_host']		=	$conf['sql_host'];
		$db2->info['sql_user']		=	$conf['sql_user'];
		$db2->info['sql_pass']		=	$conf['sql_pass'];
		$db2->info['sql_db']		=	$conf['sql_db'];
		$db2->connect();
		
		$sql = "UPDATE mynews_news SET News_Title='$News_Title',News_Body='$News_Body',
			News_Body_Extend='$News_Body_Extend',Active='$Active' 
			WHERE news_id='$news_id' ";
			
		$db2->query($sql);
		
		echo "<h1>News Updated</h1>";
			
	} // end of function Update
	
	function Delete($news_id)
	{
		include("config.php");
		$db2 = new db;
		$db2->info['sql_host']		=	$conf['sql_host'];
		$db2->info['sql_user']		=	$conf['sql_user'];
		$db2->info['sql_pass']		=	$conf['sql_pass'];
		$db2->info['sql_db']		=	$conf['sql_db'];
		$db2->connect();
		
		$sql = "DELETE FROM mynews_news WHERE news_id='$news_id' ";
		
		$db2->query($sql);
		
		echo "<h1>News Deleted.</h1>";
		
	} // end of function Delete
	
	function add_user()
	{?>
	
	<form action="admin.php?Action=create_user" method="post">
  	<table width="500" border="0" cellspacing="0" cellpadding="3">
    		<tr> 
      			<td width="150">username</td>
      			<td width="350"><input name="user" type="text"></td>
    		</tr>
    		<tr> 
      			<td width="150">password</td>
      			<td width="350"><input name="pass" type="text"></td>
    		</tr>
    		<tr> 
      			<td>email</td>
      			<td><input name="email" type="text"></td>
    		</tr>
    		<tr> 
      			<td>group</td>
      			<td>
	  			<select name="group">
	  			<option value="Writter">Writter</option>
	  			<option value="Mod">Moderator</option>
	  			<option value="Admin">Admin</option>
	  			</select>
	  		</td>
    		</tr>
    		<tr>
      			<td>&nbsp;</td>
      			<td><input type="submit" name="Submit" value="Add User"></td>
    		</tr>
  		</table>
		</form>
	
	<?php
	} // end of function add_user
	
	function create_user($user,$pass,$email,$group)
	{
		include("config.php");
		$db2 = new db;
		$db2->info['sql_host']		=	$conf['sql_host'];
		$db2->info['sql_user']		=	$conf['sql_user'];
		$db2->info['sql_pass']		=	$conf['sql_pass'];
		$db2->info['sql_db']		=	$conf['sql_db'];
		$db2->connect();
		
		// md5 user password.
		$passwd = md5($pass);
		
		$sql = "INSERT INTO users SET username='$user',password='$passwd',email='$email',group_id='$group'";
		$db2->query($sql);
		
		echo "<h1>User $user Added</h1>";

	} // end of function create_user
	
	function view_users()
	{
		include("config.php");
		$db2 = new db;
		$db2->info['sql_host']		=	$conf['sql_host'];
		$db2->info['sql_user']		=	$conf['sql_user'];
		$db2->info['sql_pass']		=	$conf['sql_pass'];
		$db2->info['sql_db']		=	$conf['sql_db'];
		$db2->connect();
		
		$sql = "SELECT * FROM users";
		$get = $db2->query($sql);
		
		?>
		<table width="500" border="0" cellspacing="0" cellpadding="3" align="center">
  			<tr> 
    				<td><b>User</b></td>
    				<td><b>Email</b></td>
    				<td><b>Group</b></td>
    				<td><b>Action</b></td>
  			</tr>
  		<?php
		while ($row = mysql_fetch_array($get) )
		{
		
		echo "<tr>"
    			."<td>$row[username]</td>"
    			."<td>$row[email]</td>"
    			."<td>$row[group_id]</td>"
    			."<td><a href=\"admin.php?Action=edit_user&user_id=$row[user_id]\">[E]</a> <a href=\"admin.php?Action=delete_user&uid=$row[user_id]\">[D]</a></td>"
  			."</tr>";
	
			
		}
			echo "</table>";		
	} // end of function view_users

	function edit_user($user_id)
	{
		include("config.php");
		$db2 = new db;
		$db2->info['sql_host']		=	$conf['sql_host'];
		$db2->info['sql_user']		=	$conf['sql_user'];
		$db2->info['sql_pass']		=	$conf['sql_pass'];
		$db2->info['sql_db']		=	$conf['sql_db'];
		$db2->connect();
		
		$sql = "SELECT * FROM users WHERE user_id='$user_id' ";
		
		$get = $db2->query($sql);
		
		while($row = mysql_fetch_array($get) )
		{?>
		<p><b>Updated Account Information<b></p>
		<form action="admin.php?Action=update_user" method="post">
		<input type="hidden" name="user_id" value="<?php echo $user_id; ?>">
  		<table width="500" border="0" cellspacing="0" cellpadding="3">
    		<tr> 
      			<td width="150">username</td>
      			<td width="350"><input name="user" type="text" value="<?php echo "$row[username]"; ?>"></td>
    		</tr>
    
    		<tr> 
      			<td>email</td>
      			<td><input name="email" type="text" value="<?php echo "$row[email]"; ?>"></td>
    		</tr>
    		<tr> 
      			<td>group</td>
      			<td>
	  			
	  		<?php
	  		
	  		$group_id = $row['group_id'];
	  		if ($group_id == "Admin")
	  		{?>
	  			<select name="group">
	  			<option value="Writter">Writter</option>
	  			<option value="Mod">Moderator</option>
	  			<option value="Admin" selected>Admin</option>
	  			</select>
	  		<?php	
	  		}
	  		
	  		if ($group_id == "Writter")
	  		{?>
	  			<select name="group">
	  			<option value="Writter" selected>Writter</option>
	  			<option value="Mod">Moderator</option>
	  			<option value="Admin">Admin</option>
	  			</select>
	  		<?php	
	  		}
	  		
	  		if ($group_id == "Mod")
	  		{?>
		  		<select name="group">
	  			<option value="Writter">Writter</option>
	  			<option value="Mod" selected>Moderator</option>
	  			<option value="Admin">Admin</option>
	  			</select>
	  		<?php	
	  		}
	  		
	  		?>
	  			
	  		</td>
    		</tr>
    		<tr>
      			<td>&nbsp;</td>
      			<td><input type="submit" name="Submit" value="Update User"></td>
    		</tr>
  		</table>
		</form>
		
		<p>&nbsp;</p>
		<p><b>Change Password</b></p>
		
		<form action="admin.php?Action=update_pass" method="post">
		<input type="hidden" name="user_id" value="<?php echo $user_id; ?>">
		<table width="500" border="0" cellspacing="0" cellpadding="3">
		<tr>
			<td width="150">Password</td>
			<td width="350"><input type="password" name="pass1"></td>
		</tr>
		
		<tr>
			<td width="150">Re-Enter<br />Password</td>
			<td width="350"><input type="password" name="pass2"></td>
		</tr>
		
		<tr>
			<td width="150">&nbsp;</td>
			<td width="350"><input type="submit" value="Updated Password"></td>
		</tr>
		</table>
		</form>
		
		
		<?php	}
	} // end edit_user
	
	function update_user($user_id,$user,$email,$group_id)
	{
		include("config.php");
		$db3 = new db;
		$db3->info['sql_host']		=	$conf['sql_host'];
		$db3->info['sql_user']		=	$conf['sql_user'];
		$db3->info['sql_pass']		=	$conf['sql_pass'];
		$db3->info['sql_db']		=	$conf['sql_db'];
		$db3->connect();
		
		$sql = "UPDATE users SET username='$user',email='$email',group_id='$group_id' WHERE user_id='$user_id' ";
		
		$db3->query($sql);
		
		echo "<h3>$username has been updated.</h3>";
	} // end of function update_user
	
	
	function delete_user($uid)
	{
		include("config.php");
		$db2 = new db;
		$db2->info['sql_host']		=	$conf['sql_host'];
		$db2->info['sql_user']		=	$conf['sql_user'];
		$db2->info['sql_pass']		=	$conf['sql_pass'];
		$db2->info['sql_db']		=	$conf['sql_db'];
		$db2->connect();
		
		$sql = "DELETE FROM users WHERE user_id='$uid' ";
		$db2->query($sql);
		echo "<h3>User deleted</h3>";
		
		
	} // end of function delete_user
	
	
	function update_pass($user_id,$pass1,$pass2)
	{
		if ($pass1 == $pass2)
		{
			$passwd = md5($pass1);
			include("config.php");
			$db2 = new db;
			$db2->info['sql_host']		=	$conf['sql_host'];
			$db2->info['sql_user']		=	$conf['sql_user'];
			$db2->info['sql_pass']		=	$conf['sql_pass'];
			$db2->info['sql_db']		=	$conf['sql_db'];
			$db2->connect();
		
			$sql = "UPDATE users SET password='$passwd' WHERE user_id='$user_id' ";
			$db2->query($sql);
			
			echo "<h3>Password Updated</h3>";
		}
		
		if ($pass1 != $pass2)
		{
			echo "Password did not match";
		}
	} // end of function update_pass
	
	function myaccount()
	{?>
		<h3>My Account</h3>
		<form action="admin.php?Action=update_mypass" method="post">
		<input type="hidden" name="user_id" value="<?php echo $user_id; ?>">
		<table width="500" border="0" cellspacing="0" cellpadding="3">
		<tr>
			<td width="150">Password</td>
			<td width="350"><input type="password" name="pass1"></td>
		</tr>
		
		<tr>
			<td width="150">Re-Enter<br />Password</td>
			<td width="350"><input type="password" name="pass2"></td>
		</tr>
		
		<tr>
			<td width="150">&nbsp;</td>
			<td width="350"><input type="submit" value="Updated Password"></td>
		</tr>
		</table>
		</form>
	
	<?php	
	} // end of function myaccount
	
	function update_mypass($username,$pass1,$pass2)
	{
		if ($pass1 == $pass2 )
		{
			$passwd = md5($pass1);
			include("config.php");
			$db2 = new db;
			$db2->info['sql_host']		=	$conf['sql_host'];
			$db2->info['sql_user']		=	$conf['sql_user'];
			$db2->info['sql_pass']		=	$conf['sql_pass'];
			$db2->info['sql_db']		=	$conf['sql_db'];
			$db2->connect();
			
			$sql = "UPDATE users SET password='$passwd' WHERE username='$username' ";
			
			$db2->query($sql); 
			
			
			echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"2;URL=logout.php\">";
			echo "<h3>Password Updated</h3>";
			echo "You will now be logged out so you can enter in your new password";
		}
		
		if ($pass1 != $pass2)
		{
			echo "Password did not match";
		}
		
	} // end of function update_pass
	
} // end of mynews class
?>
Return current item: MyNews