<?php
//load configuration
require("config.php");
//connect to database
@mysql_connect($db_server,$db_user,$db_password) or die("Database server connection failed. Check variables \$db_server, \$db_user and \$db_password in config.php");
@mysql_select_db($db_name) or die("Selecting database failed. Check variable \$db_name in config.php");
//print header
echo $header;
?>
<h1><?php echo $title; ?> - Administration</h1>
<hr>
<?php
$pwd = $_GET["pwd"];
//simple login
if(isset($pwd) && ($pwd == $passwd)){
$edit = $_GET["edit"];
$del = $_GET["del"];
//submit changes
if(isset($_POST["edit_submit"])){
$news = str_replace("\n","<br>",$_POST["news"]);
@mysql_query("UPDATE $db_table SET date=".mktime($_POST["date_hour"],$_POST["date_minute"],0,$_POST["date_month"],$_POST["date_day"],$_POST["date_year"]).",news='$news',links='{$_POST["links"]}' WHERE id={$_POST["edit"]};");
//error occurred
if(@mysql_error()){
?><p>Updating entry failed: <?php echo @mysql_error(); ?></p>
<p><a href="javascript:history.back();">Click here to go back.</a></p><?php
//successful
}else{
?><p>Entry has been saved successfully. <a href="admin.php?pwd=<?php echo $pwd; ?>">Click here to continue.</a></p><?php
}
//edit an entry
}else if(isset($edit)){
$row = @mysql_fetch_array(@mysql_query("SELECT * FROM $db_table WHERE id=$edit;"));
$news = str_replace("<br>","\n",$row["news"]);
?>
<form action="admin.php?pwd=<?php echo $pwd; ?>" method="post">
<input type="hidden" name="edit" value="<?php echo $edit; ?>">
<table border="0" cellpadding="2" cellspacing="2">
<tr>
<td>Date:</td>
<td>
<?php
$d = date("d",$row["date"]);
$m = date("m",$row["date"]);
$y = date("Y",$row["date"]);
$h = date("H",$row["date"]);
$s = date("i",$row["date"]);
?>
<select name="date_month">
<?php
for($i=1;$i<=12;$i++){
?><option value="<?php echo $i; ?>"<?php if($i==$m){ ?> selected<?php } ?>><?php echo $i; ?></option><?php
}
?>
</select>
<select name="date_day">
<?php
for($i=1;$i<=31;$i++){
?><option value="<?php echo $i; ?>"<?php if($i==$d){ ?> selected<?php } ?>><?php echo $i; ?></option><?php
}
?>
</select>
<select name="date_year">
<?php
for($i=2000;$i<=$y+10;$i++){
?><option value="<?php echo $i; ?>"<?php if($i==$y){ ?> selected<?php } ?>><?php echo $i; ?></option><?php
}
?>
</select>
-
<select name="date_hour">
<?php
for($i=0;$i<=23;$i++){
?><option value="<?php echo $i; ?>"<?php if($i==$h){ ?> selected<?php } ?>><?php echo $i; ?></option><?php
}
?>
</select>
:
<select name="date_minute">
<?php
for($i=0;$i<=59;$i++){
?><option value="<?php echo $i; ?>"<?php if($i==$s){ ?> selected<?php } ?>><?php echo $i; ?></option><?php
}
?>
</select>
</td>
</tr>
<tr>
<td valign="top">News:</td>
<td><textarea name="news" cols="40" rows="10"><?php echo $news; ?></textarea></td>
</tr>
<tr>
<td valign="top">Links:<br>(comma separated)</td>
<td><textarea name="links" cols="40" rows="3"><?php echo $row["links"]; ?></textarea></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="edit_submit" value="Save"></td>
</tr>
</table>
</form>
<?php
//delete an entry
}else if(isset($del)){
@mysql_query("DELETE FROM $db_table WHERE id=$del;");
//error occurred
if(@mysql_error()){
?><p>Deleting entry failed: <?php echo @mysql_error(); ?></p>
<p><a href="javascript:history.back();">Click here to go back.</a></p><?php
//successful
}else{
?><p>Entry has been deleted successfully. <a href="admin.php?pwd=<?php echo $pwd; ?>">Click here to continue.</a></p><?php
}
//insert an entry
}else if(isset($_POST["new_submit"])){
$news = str_replace("\n","<br>",$_POST["news"]);
@mysql_query("INSERT INTO $db_table (date,news,links) VALUES(".mktime($_POST["date_hour"],$_POST["date_minute"],0,$_POST["date_month"],$_POST["date_day"],$_POST["date_year"]).",'$news','{$_POST["links"]}');");
//error occurred
if(@mysql_error()){
?><p>Inserting entry failed: <?php echo @mysql_error(); ?></p>
<p><a href="javascript:history.back();">Click here to go back.</a></p><?php
//successful
}else{
?><p>Entry has been inserted successfully. <a href="admin.php?pwd=<?php echo $pwd; ?>">Click here to continue.</a></p><?php
}
//new entry
}else if(isset($_GET["new"])){
?>
<form action="admin.php?pwd=<?php echo $pwd; ?>" method="post">
<table border="0" cellpadding="2" cellspacing="2">
<tr>
<td>Date:</td>
<td>
<?php
$d = date("d");
$m = date("m");
$y = date("Y");
$h = date("H");
$s = date("i");
?>
<select name="date_month">
<?php
for($i=1;$i<=12;$i++){
?><option value="<?php echo $i; ?>"<?php if($i==$m){ ?> selected<?php } ?>><?php echo $i; ?></option><?php
}
?>
</select>
<select name="date_day">
<?php
for($i=1;$i<=31;$i++){
?><option value="<?php echo $i; ?>"<?php if($i==$d){ ?> selected<?php } ?>><?php echo $i; ?></option><?php
}
?>
</select>
<select name="date_year">
<?php
for($i=2000;$i<=$y+10;$i++){
?><option value="<?php echo $i; ?>"<?php if($i==$y){ ?> selected<?php } ?>><?php echo $i; ?></option><?php
}
?>
</select>
-
<select name="date_hour">
<?php
for($i=0;$i<=23;$i++){
?><option value="<?php echo $i; ?>"<?php if($i==$h){ ?> selected<?php } ?>><?php echo $i; ?></option><?php
}
?>
</select>
:
<select name="date_minute">
<?php
for($i=0;$i<=59;$i++){
?><option value="<?php echo $i; ?>"<?php if($i==$s){ ?> selected<?php } ?>><?php echo $i; ?></option><?php
}
?>
</select>
</td>
</tr>
<tr>
<td valign="top">News:</td>
<td><textarea name="news" cols="40" rows="10"></textarea></td>
</tr>
<tr>
<td valign="top">Links:<br>(comma separated)</td>
<td><textarea name="links" cols="40" rows="3"></textarea></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="new_submit" value="Save"></td>
</tr>
</table>
</form>
<?php
//print news list
}else{
//get all entries
$result = @mysql_query("SELECT * FROM $db_table ORDER BY date DESC;");
$colored = true;
?><p><a href="admin.php?pwd=<?php echo $pwd; ?>&new">Write news</a> | <a href="admin.php">Logout</a></p>
<table border="0" cellpadding="3" cellspacing="0" width="100%"><?php
//print entries
while($row=@mysql_fetch_array($result)){
$row["news"] = strip_tags($row["news"]);
?><tr<?php if($colored){ ?> style="background-color:#eee;"<?php } ?>>
<td valign="top"><strong><?php echo $row["id"]; ?></strong></td>
<td valign="top"><?php echo date("m/d/Y - H:i",$row["date"]); ?></td>
<td valign="top"><?php echo (strlen($row["news"])>200 ? (substr($row["news"],0,20)."...") : $row["news"]); ?></td>
<td valign="top" width="50"><?php echo ($row["links"] != "" ? count(explode(",",$row["links"])) : 0); ?> link(s)</td>
<td><a href="admin.php?pwd=<?php echo $pwd; ?>&edit=<?php echo $row["id"]; ?>">edit</a></td>
<td><a href="admin.php?pwd=<?php echo $pwd; ?>&del=<?php echo $row["id"]; ?>">delete</a></td>
</tr><?php
$colored = !$colored;
}
?></table><?php
}
}else{
//print login form
echo $login;
}
//print link to news
?><p align="right"><a href="index.php">News</a></p><?php
//print footer
echo $footer;
//close database connection
@mysql_close();
?>