Location: PHPKode > projects > ProNuke. Postnuke To Oracle > postnuke/html/modules/Submit_News/index.php
<?php // $Id: index.php,v 1.37 2001/12/08 03:30:33 jgm Exp $ $Name:  $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2001 by the Post-Nuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Filename: modules/Submit_News/index.php
// Original Author of file: Francisco Burzi
// Purpose of file: Submit news to site
// ----------------------------------------------------------------------

if (!defined("LOADED_AS_MODULE")) {
         die ("You can't access this file directly...");
     }

include 'mainfile.php';

$myts = new MyTextSanitizer; // MyTextSanitizer object

$ModName = basename( dirname( __FILE__ ) );

modules_get_language();

function defaultDisplay() { /* ML added global and dropdown with available languages */
    global $AllowableHTML, $pntable, $dbconn, $user, $cookie, $anonymous, $ModName, $currentlang, $topic, $sel;

    include ('header.php');
    if (!authorised(0, 'Submit news::', '::', ACCESS_COMMENT)) {
        echo _NOTALLOWED;
        include 'footer.php';
        exit;
    }

    OpenTable();
    echo "<center><font class=\"pn-pagetitle\">"._SUBMITNEWS."</font><br><br>";
    echo "<font class=\"pn-normal\">"._SUBMITADVICE."</font></center><br><br>";
    CloseTable();
    echo "<br>";
    OpenTable();
    if (is_user($user)) getusrinfo($user);
    echo "<p><form action=\"modules.php?op=modload&amp;name=$ModName&amp;file=index\" method=\"post\">"
    ."<font class=\"pn-normal\"><b>"._YOURNAME.":</b> ";
    if (is_user($user)) {
        cookiedecode($user);
        echo "<a class=\"pn-normal\" href=\"user.php\">$cookie[1]</a>";
    } else {
        echo "$anonymous";
    }
    echo "<br><br>"
        ."<b>"._SUBTITLE."</b> "
        ."("._BEDESCRIPTIVE.")<br>"
        ."<input type=\"text\" name=\"subject\" size=\"50\" maxlength=\"80\"> "._REQUIRED."<br><font class=\"pn-normal\">("._BADTITLES.")</font>"
        ."<br><br>"
        ."<b>"._TOPIC.":</b> <select name=\"topic\" class=\"pn-text\">";
    $column = &$pntable['topics_column'];
    $toplist = $dbconn->Execute("SELECT $column[topicid], $column[topictext]
                               FROM $pntable[topics]
                               ORDER BY $column[topictext]");
    echo "<option value=\"\">"._SELECTTOPIC."</option>\n";
    
    //FTO : Test EOF and database error
    if (!$toplist) {
        PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
        die();
        }
    
    while(!$toplist->EOF) {

        list($topicid, $topics) = $toplist->fields;
        $toplist->MoveNext();
        if ($topicid==$topic) {
        $sel = "selected ";
    }
        echo "<option $sel value=\"$topicid\">$topics</option>\n";
    $sel = "";
    }
    echo "</select>";

    echo "<br><br><b>"._LANGUAGE.": </b>"; /* ML added dropdown , currentlang is pre-selected */
    lang_dropdown();
    echo "<br><br><b>"._ARTICLETEXT."</b> "
        ."("._HTMLISFINE.")<br>"
        ."<textarea cols=\"50\" rows=\"12\" name=\"storytext\"></textarea> "._REQUIRED."<br>"
        ."<br><b>"._EXTENDEDTEXT."</b>"
        ."<br><textarea cols=\"50\" rows=\"12\" name=\"bodytext\"></textarea><br>"
        ."<font class=\"pn-normal\">"._ALLOWEDHTML."<br>";
    while (list($key,) = each($AllowableHTML)) echo " &lt;".$key."&gt;";
    echo "<br>("._AREYOUSURE.")</font><br><br>"
            ."<input type=\"submit\" name=\"request_preview\" value=\""._PREVIEW."\">";
    CloseTable();
    include ('footer.php');
}

function PreviewStory($name, $address, $subject, $storytext, $topic, $alanguage, $bodytext) {
    global $user, $cookie, $tipath, $bgcolor1, $bgcolor2, $anonymous, $pntable, $dbconn, $ModName, $myts;
    include ('header.php');

    if (!authorised(0, 'Submit news::', '::', ACCESS_COMMENT)) {
        echo _NOTALLOWED;
        include 'footer.php';
        exit;
    }

    if($subject == '' or $storytext == '') {
        OpenTable2();
        echo "<font class=\"pn-normal\"><b>"._MPROBLEM."</b> "._NOSUBJECT."</font><br><br><br>";
        echo "<center>"._GOBACK."</center><br><br>";
        CloseTable2();
        include("footer.php");
        exit;
    }

    $p_subject = $myts->makeTboxData4Preview($subject);
    $p_story = $myts->makeTareaData4Preview($storytext);
    $p_bodytext = $myts->makeTareaData4Preview($bodytext);

    $f_subject = $myts->makeTboxData4PreviewInForm($subject);
    $f_story = $myts->makeTareaData4PreviewInForm($storytext);
    $f_bodytext = $myts->makeTareaData4PreviewInForm($bodytext);

    OpenTable();
    echo "<center><font class=\"pn-title\">"._NEWSUBPREVIEW."</font></center>";
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><font class=\"pn-normal\"><i>"._STORYLOOK."</i></font></center><br><br>";
    echo "<table width=\"70%\" bgcolor=\"$bgcolor2\" cellpadding=\"0\" cellspacing=\"1\" border=\"0\"align=\"center\"><tr><td>"
    ."<table width=\"100%\" bgcolor=\"$bgcolor1\" cellpadding=\"8\" cellspacing=\"1\" border=\"0\"><tr><td>";
    if ($topic=="") {
        $topicimage="AllTopics.gif";
        $warning = "<center><blink><b>"._SELECTTOPIC."</b></blink></center>";
    } else {
        $warning = "";
        $column = &$pntable['topics_column'];
        $result = $dbconn->Execute("SELECT $column[topicimage]
                                  FROM $pntable[topics]
                                  WHERE $column[topicid]='$topic'");
        list($topicimage) = $result->fields;
    }
    echo "<img src=\"$tipath$topicimage\" border=\"0\" align=\"right\" alt=\"Your Topic\">";

    themepreview($p_subject, $p_story, $p_bodytext);

    echo "$warning"
    ."</td></tr></table></td></tr></table>"
    ."<br><br><center><font class=\"pn-sub\">"._CHECKSTORY."</font></center>";
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<p><form action=\"modules.php?op=modload&amp;name=$ModName&amp;file=index\" method=\"post\"><font class=\"pn-normal\">"
    ."<b>"._YOURNAME.":</b> ";
    if (is_user($user)) {
        cookiedecode($user);
    echo "<a class=\"pn-normal\" href=\"user.php\">$cookie[1]</a> <font class=\"pn-normal\">[ <a class=\"pn-normal\" href=\"user.php?op=logout\">"._LOGOUT."</a> ]</font>";
    } else {
    echo "$anonymous";
    }
    echo "<br><br><b>"._SUBTITLE.":</b><br>"
    ."<input type=\"text\" name=\"subject\" size=\"50\" maxlength=\"80\" value=\"$f_subject\"> "
    ._REQUIRED."<br><br><b>"._TOPIC.": </b><select name=\"topic\">";
    $column = &$pntable['topics_column'];
    $toplist = $dbconn->Execute("SELECT $column[topicid], $column[topictext]
                               FROM $pntable[topics]
                               ORDER BY $column[topictext]");
    echo "<OPTION VALUE=\"\">"._SELECTTOPIC."</option>\n";
    //FTO : Test EOF and database error
    if (!$toplist) {
        PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
        die();
        }

    while(!$toplist->EOF) {
        list($topicid, $topics) = $toplist->fields;
        $toplist->MoveNext();
        if ($topicid==$topic) { $sel = "selected "; }
        echo "<option $sel value=\"$topicid\">$topics</option>\n";
        $sel = "";
        }
        
    echo "</select>";
        echo "<br><br><b>"._LANGUAGE.": </b>"
                ."<select name=\"alanguage\">";
    $lang = languagelist();
    $sel_lang[$alanguage] = ' selected';
    print "<option value=\"\">"._ALL.'</option>';
    $handle = opendir('language');
    while ($f = readdir($handle))
    {
        if (is_dir("language/$f") && $lang[$f])
        {
            $langlist[$f] = $lang[$f];
        }
    }
    asort($langlist);
    foreach ($langlist as $k=>$v)
    {
        print "<option value=\"$k\"$sel_lang[$k]>$v</option>\n";
    }
    echo "</select>"
        ."<br><br><b>"._ARTICLETEXT."</b> "
        ."("._HTMLISFINE.")<br>"
        ."<textarea cols=\"50\" rows=\"12\" name=\"storytext\">$f_story</textarea> "._REQUIRED."<br>"
        ."<br><b>"._EXTENDEDTEXT."</b>"
        ."<br><textarea cols=\"50\" rows=\"12\" name=\"bodytext\">$f_bodytext</textarea><br>"
        ."<font class=\"pn-normal\">("._AREYOUSURE.")</font><br><br>"
        ."<input type=\"submit\" name=\"request_preview\" value=\""._PREVIEW."\"> <input type=\"submit\" name=\"request_ok\" value=\""._OK."\">"
        ."</font></form>";
    CloseTable();
    include ('footer.php');
}


function submitStory($name, $address, $subject, $storytext, $topic, $alanguage, $bodytext) {
    global $user, $EditedMessage, $cookie, $anonymous, $notify, $notify_email, $notify_subject, $notify_message, $notify_from, $pntable, $dbconn, $ModName, $myts;
    
    csrfcheck();

    if (!authorised(0, 'Submit news::', '::', ACCESS_COMMENT)) {
        include ('header.php');
        echo _NOTALLOWED;
        include 'footer.php';
        exit;
    }

    if (is_user($user)) {
        cookiedecode($user);
    $uid = $cookie[0];
    $name = $cookie[1];
    } else {
        $uid = 1;
    $name = "$anonymous";
    }
    $subject = $myts->makeTboxData4Save($subject);
    $storytext   = $myts->makeTareaData4Save($storytext);
    $bodytext = $myts->makeTareaData4Save($bodytext);
    $column = &$pntable['queue_column'];

// FTO : Add SEQ suffix to avoid conflict name with ORACLE
    $newid = $dbconn->GenId("{$pntable['queue']}_SEQ");

// FTO : Replace now MySQL command with php computed date
//       because not portable. DBTimeStamp is an AdoDB function.

    $now=$dbconn->DBTimeStamp(mktime());
    $result = $dbconn->Execute("INSERT INTO $pntable[queue] ($column[qid], $column[uid], $column[arcd], $column[uname], $column[subject], $column[story], $column[timestamp], $column[topic], $column[alanguage], $column[bodytext]) VALUES ($newid, '$uid', '0', '$name', '$subject', '$storytext', $now, '$topic', '$alanguage', '$bodytext')");

    if($dbconn->ErrorNo()<>0) {
        echo $dbconn->ErrorNo(). ": ".$dbconn->ErrorMsg(). "<br>";
        exit();
    }
    if($notify) {
// 11-09-01 eugeniobaldi not compliant with PHP < 4.0.5
//        mail($notify_email, $notify_subject, $notify_message, "From: $notify_from\nX-Mailer: PHP/" . phpversion(), "-f$notify_from");
        mail($notify_email, $notify_subject, $notify_message, "From: $notify_from\nX-Mailer: PHP/" . phpversion());
    }
    include ('header.php');
    OpenTable();
    $column = &$pntable['queue_column'];
    $result = $dbconn->Execute("SELECT count(*) FROM $pntable[queue] WHERE $column[arcd]='0'");
    list($waiting) = $result->fields;
    echo "<center><font class=\"pn-title\">"._SUBSENT."</font><br><br>"
    ."<font class=\"pn-normal\">"._THANKSSUB."<br><br>"
    .""._SUBTEXT.""
    ."<br>"._WEHAVESUB." $waiting "._WAITING."</font></center>";
    CloseTable();
    include ('footer.php');
}

//
// Resolve the action requested: Preview or Ok (i.e. submit it!) ?
// [plamendp]
$req = "";
if ($request_preview) $req = "PREVIEW";
elseif ($request_ok)  $req = "OK";

switch($req) {

    case "PREVIEW":
        PreviewStory($name, $address, $subject, $storytext, $topic, $alanguage, $bodytext);
        break;

    case "OK":
            SubmitStory($name, $address, $subject, $storytext, $topic, $alanguage, $bodytext);
        break;

    default:
        defaultDisplay();
        break;
}

?>
Return current item: ProNuke. Postnuke To Oracle