Location: PHPKode > projects > PSlash > pslash-0.70/html/admin/article.php
<?
###############################################################################
# Copyright (C) 2000  Derek Leung
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# You may modify your copy or copies of this Program or any portion of it,
# but you must cause the modified files to carry prominent notices stating 
# that you changed the files and the date of any change.  And you are required 
# to keep a copy of this License along with this Program.
#
# You are not required to accept this License, since you have not signed it. 
# However, nothing else grants you permission to modify or distribute this 
# Program or its derivative works. These actions are prohibited by law if 
# you do not accept this License. Therefore, by modifying or distributing 
# this Program (or any work based on this Program), you indicate your 
# acceptance of this License to do so, and all its terms and conditions 
# for copying, distributing or modifying this Program or works based on it.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
#
# See the GNU General Public License for more details.
# http://www.opensource.org/licenses/gpl-license.html
###############################################################################

global $config;

// kick out anyone try to access this file directly
if (eregi("admin/", $PHP_SELF)) {
    die ("Access Deny!");
}

/*********************************************************/
/* Article functions                                        */
/*********************************************************/

function manageArticle($action,$topic,$aName,$cid,$content,$aid,$html,$link,$url,$listOrder,$mesg) {

// function to create, edit, and remove article.
	global $config;

	// check if he has right to user this function
	$rightArray = getAdminRights();
	if (!in_array("8",$rightArray)) {
		errorPage("Access Deny!",$config[def_theme]);
	}

	switch($action) {
		
		case "createArticle":
			// create an article
			$topic = FixQuotes($topic);
			$result = mysql_query("select cName,cid from ps_category where topic='$topic'");
			$numRow = mysql_num_rows($result);
			if ($numRow == 0) {
				// every article have to be under an category, if you have no category, prompt error
				errorPage("You need to create an category for topic $topic first!",$config[def_theme]);
			}
			ps_header("");
			?>
			
			<h3><?echo translate("Create Article");?></h3>
			<hr>
			<form action="admin.php" method="post">
				<table border=0>

					<tr>
						<td><b><?echo translate("Article Name");?></b></td><td><input type="text" name="aName" size="50" maxlength="50"></td>
					</tr>
				
					<tr>
						<td><b><?echo translate("Under Category");?></b></td><td><select name="cid">
							<? $result = mysql_query("select cName,cid from ps_category where topic='$topic'");
								while (list($cName,$cid) = mysql_fetch_row($result)) {
									echo "<option value=\"$cid\">$cName";
								}
							?></select>
						</td>
					</tr>
				
					<tr>
						<td><b><?= translate("URL")?></b></td><td><input type="text" name="url" value="http://"><br><input type="checkbox" name="link"><font size=-1>* <?=translate("If you just want to make a link, please check this box and leave below empty.");?></font></td>
					</tr>
				
					<tr>
						<td colspan=2><b><?=translate("Content")?></b><input type="checkbox" name="html"><font size=-1>* <?=translate("If you are using html code, please check this box.");?></font><br><textarea rows="40" name="content" cols="70"></textarea></td>
					</tr>
					<input type="hidden" name="action" value="preview">
					<input type="hidden" name="topic" value="<?=htmlspecialchars($topic)?>">
					<input type="hidden" name="op" value="mod_article">
					<tr>
						<td><input type="submit" value="Preview"></td>
					</tr>
				</table>
			</form>

			<?
			ps_footer("");
			unset($action,$topic,$aName,$cid,$content,$aid,$html,$link,$url,$listOrder,$mesg,$numRow,$result,$cName,$cid);
			break;
		
		case "preview":
			
			$topic = FixQuotes($topic);
			$aName = check_html($aName);
			$userArray = getCookie($config[user_cookie_name]);
			ps_header("");
			echo "<hr>";
			?>
			<h3><?echo translate("Preview Article");?></h3>
			
			<? 
			if ($html) {
				echo "<b>html = $html<b>";
			} else {
				echo "<b>html = off<b>";
			}
			echo "<hr>";
			if ($html == "on") {
				themeindex ($userArray[username],"Now", $aName, $myTopic, myNL2Br($content), "", "", "");
			
			} else {
				themeindex ($userArray[username],"Now", $aName, $myTopic, myNL2Br($content), "", "", "");
			
			}
			
			?>
			
			<form action="admin.php" method="post">
			<table border=0>
				<tr>
					<td><b><?echo translate("Article Name");?></b></td>
					<td><input type="text" name="aName" size="50" maxlength="50" value="<?=htmlspecialchars($aName)?>"></td>
				</tr>
				
				<tr>
					<td><b><?echo translate("Under Category");?></b></td>
					<td>
						<select name="cid">
							<? 
							$result = mysql_query("select cName,cid from ps_category where topic='$topic'");
							while (list($cName,$cid2) = mysql_fetch_row($result)) {
								echo "<option value=\"$cid2\"";
								if ($cid == $cid2) { 
									echo " selected";
								}
								echo ">$cName";
							}
							?>
						</select>
					</td>
				</tr>
				<tr>
					<td><b><?= translate("URL")?></b></td>
					<td><input type="text" name="url" value="<?=htmlspecialchars($url)?>"><br><input type="checkbox" name="link" <? if ($link == "on") { echo "checked";}?>><font size=-1>* <?=translate("If you just want to make a link, please check this box and leave below empty.");?></font></td>
				</tr>
				
				<tr>
					<td colspan=2><b><?=translate("Content")?></b><input type="checkbox" name="html" <? if ($html == "on") {echo "checked";}?>><font size=-1>* <?=translate("If you are using html code, please check this box.");?></font><br><textarea rows="40" name="content" cols="80"><?= $content ?></textarea></td>
				</tr>
				<tr>
					<td>
						<select name="action"><option value="preview"><?=translate("Preview Again")?>
							<option value="createAction"><?=translate("Post Article")?>
						</select>
					</td>
				</tr>
				<input type="hidden" name="topic" value="<?=htmlspecialchars($topic)?>">
				<input type="hidden" name="op" value="mod_article">
				<tr>
					<td>
						<input type="submit" value="submit">
					</td>
				</tr>
			</table>
			</form>

			<?
			ps_footer("");
			unset($action,$topic,$aName,$cid,$content,$aid,$html,$link,$url,$listOrder,$mesg,$userArray);
			break;
		case "createAction":
			// the actual work to create an article
			$topics = getTopicRights2(); // only a topic have their own section can create article.  Check if this topic have their own section
			if ($html == "") {
				$html = "off";
			}

			if ($link == "") {
				$link = "off";
			}

			if ($url == "http://") {
					$url = "";
			}

			if (!in_array($topic,$topics)) {
				errorPage("Access Deny!",$config[def_theme]);
			}
			
			if ($aName == "" || ($content == "" && $link == "off") || $topic =="") {
					errorPage("Missing Field!",$config[def_theme]);
			}

			$userArray = getCookie($config[user_cookie_name]);
			
			$topic = FixQuotes($topic);
			$aName = check_html(check_words(FixQuotes($aName)));
			$content = check_words(fixquotes($content));
			$url = check_html(fixquotes($url));
			$result = mysql_query("insert into ps_article values (NULL,'$aName','$content','$topic',$cid,'$html',now(),$userArray[userid],'$link','$url',100)");
			if (!$result) { 
				echo mysql_errno(). ": ".mysql_error(). "<br>"; 
			} else {
				$mesg = translate("Article+is+created!");
				header("Location: admin.php?op=mod_article&topic=$topic&action=listArticle&mesg=$mesg"); 
			}
			unset($action,$topic,$aName,$cid,$content,$aid,$html,$link,$url,$listOrder,$mesg,$userArray,$topics,$result);
			break;
		
		case "listArticle":
			// show all the article 
			global $header;
			$header[js] = "true";
			ps_header($header);
			echo "<h3>" . translate("List article") ; 
			if ($mesg) {
				echo" <small><font color=red>(".translate("$mesg").")</font></small>";
			}
			
			echo "</h3>";
			echo "<table border=1>";
			echo "<tr>";
			echo "<td><b>" . translate("Topic") . "</b></td><td><b>" . translate("Category") . "</b></td>";
			echo "<td><b>" . translate("Article") . "</b></td>";
			echo "<td><b>" . translate("Author") . "</b></td>";
			echo "<td><b>" . translate("List Order") . "</b></td>";
			echo "<td><b>" . translate("Edit") . "</b></td><td><b>" . translate("Delete") . "</b></td>";
			echo "</tr>";
			$result = mysql_query("select aid,aName,topic,cid,html,uid,listOrder from ps_article where topic='$topic' order by cid, listOrder");
			$topics = getTopicRights2(); // only a topic have their own section can create article.  Check if this topic have their own section
			while (list($aid,$aName,$topic,$cid,$html,$uid,$listOrder) = mysql_fetch_row($result)) {
				if (in_array($topic,$topics)) {
					$result2 = mysql_query("select cName from ps_category where cid=$cid");
					list($cName) = mysql_fetch_row($result2);
					$result3 = mysql_query("select uname from ps_users where uid=$uid");
					list($uname) = mysql_fetch_row($result3);
					echo "<tr><td>$topic</td><td>$cName</td><td>$aName</td><td>$uname</td><td>$listOrder</td>";
					echo "<td><a href=\"admin.php?op=mod_article&action=editArticle&aid=$aid\">Edit</a></td>";
					echo "<td><a href=\"admin.php?op=mod_article&action=delArticle&aid=$aid\" onclick=\"return confirmDelete()\">Delete</a></td>";
					echo "</tr>";
				}
		
			}
			echo "</table><br><br><br>";
			ps_footer("");
			unset($action,$topic,$aName,$cid,$content,$aid,$html,$link,$url,$listOrder,$mesg,$userArray,$header,$result,$topics,$result2,$result3,$uname);
			break;
		
		case "editArticle":
			// edit an article

			// if no variable pass in, we get it from database
			if ($aName =="" || $content == "" || $topic == "") {
				$result = mysql_query("select * from ps_article where aid=$aid");
				list($aid,$aName,$content,$topic,$cid,$html,$datetime,$uid,$link,$url,$listOrder) = mysql_fetch_row($result);
				
			} else {
				$result = mysql_query("select uid,timeStamp from ps_article where aid=$aid");
				list($uid,$datetime) = mysql_fetch_row($result);

			}
			$result3 = mysql_query("select uname from ps_users where uid=$uid");
			list($uname) = mysql_fetch_row($result3);

			$topics = getTopicRights2(); // only a topic have their own section can create article.  Check if this topic have their own section
			if (!in_array($topic,$topics)) {
				errorPage("Access Deny!",$config[def_theme]);
			}
			$datetime = formatTimestamp($datetime);
			$userArray = getCookie($config[user_cookie_name]);
			
			ps_header("");
			?>
			<h3><?echo translate("Edit Article");?></h3>
			
			<? 
			if ($html) {
				echo "<b>html = $html<b>";
			} else {
				echo "<b>html = off<b>";
			}
			echo "<hr>";
			if ($html == "on") {
				themeindex ($uname,$datetime, $aName, $myTopic, $content, "", "", "");
				
			} else {
				themeindex ($uname,$datetime, $aName, $myTopic, myNL2Br($content), "", "", "");
				
			}
			echo "<hr>";
			?>
			
			
			<form action="admin.php" method="post">
				<table border=0>
					<tr>
						<td><b><?echo translate("Article Name");?></b></td>
						<td><input type="text" name="aName" size="50" maxlength="50" value="<?=htmlspecialchars($aName)?>"></td>
					</tr>
				
					<tr>
						<td><b><?echo translate("Under Category");?></b></td>
						<td>
							<select name="cid">
							<? 
								$result = mysql_query("select cName,cid from ps_category where topic='$topic'");
								while (list($cName,$cid2) = mysql_fetch_row($result)) {
									echo "<option value=\"$cid2\"";
									if ($cid == $cid2) { 
										echo " selected";
									}
									echo ">$cName";
								}
							?>
							</select>
						</td>
					</tr>
					<tr>
						<td><b><?=translate("List Order")?></b></td>
						<td><input type="text" name="listOrder" value="<?=$listOrder?>"><font size=-1> (<?=translate("1 is highest and will be put this link at the top")?>)</font></td>
					</tr>
					<tr>
						<td><b><?= translate("URL")?></b></td>
						<td><input type="text" name="url" value="<?=htmlspecialchars($url)?>"><br><input type="checkbox" name="link" <? if ($link == "on") { echo "checked";}?>><font size=-1>* <?=translate("If you just want to make a link, please check this box and leave below empty.");?></font></td>
					</tr>
				
					<tr>
						<td colspan=2><b><?=translate("Content")?></b><input type="checkbox" name="html"  <? if ($html == "on") {echo "checked";}?>><font size=-1>* <?=translate("If you are using html code, please check this box.");?></font><br><textarea rows="40" name="content" cols="70"><?= $content ?></textarea></td>
					</tr>
					<tr>
						<td colspan=2>
							<select name="action">
								<option value="editArticle"><?=translate("Preview Again")?>
								<option value="editAction"><?=translate("Update Article")?>
							</select>
						</td>
					</tr>
					<input type="hidden" name="topic" value="<?=htmlspecialchars($topic)?>">
					<input type="hidden" name="op" value="mod_article">
					<input type="hidden" name="aid" value="<?=$aid?>">
					<tr>
						<td colspan=2><input type="submit" value="submit"></td>
					</tr>
				</table>
			</form>

			<?
			ps_footer("");
			unset($action,$topic,$aName,$cid,$content,$aid,$html,$link,$url,$listOrder,$mesg,$userArray,$uid,$datetime,$result,$result3,$userArray,$cName,$cid2);
			break;

		case "editAction":
			// the actual work to update the article
			$topics = getTopicRights2(); // only a topic have their own section can create article.  Check if this topic have their own section
		
			if ($html == "") {
				$html = "off";
			}

			if ($link == "") {
				$link = "off";
			}

			if ($url == "http://") {
					$url = "";
			}

			if ($listOrder == "") {
				$listOrder = 1;
			}

			if (!in_array($topic,$topics)) {
				errorPage("Access Deny!",$config[def_theme]);
			}
			
			if ($aName == "" || ($content == "" && $link == "off") || $topic =="") {
					errorPage("Missing Field!",$config[def_theme]);
			}

			$topic = FixQuotes($topic);
			$url = check_html(fixquotes($url));
			$aName = check_html(check_words(FixQuotes($aName)));
			$content = check_words(fixQuotes($content));
			
			$result = mysql_query("update ps_article set aName='$aName',content='$content',cid=$cid,html='$html',timeStamp=now(),link='$link',url='$url',listOrder=$listOrder where aid=$aid");
			
			if (!$result) { 
				
				echo mysql_errno(). ": ".mysql_error(). "<br>"; 
				
			} else {
				$mesg = translate("Article+is+updated!");
				header("Location: admin.php?mesg=$mesg&op=mod_article&topic=$topic&action=listArticle"); 
			}
			unset($action,$topic,$aName,$cid,$content,$aid,$html,$link,$url,$listOrder,$mesg,$result,$topics);
			break;

		case "delArticle":
			// actual work to delete an article
			$result = mysql_query("select topic from ps_article where aid=$aid");
			list($cTopic) = mysql_fetch_row($result);
			mysql_free_result($result);
			$topics = getTopicRights2(); // only a topic have their own section can create article.  Check if this topic have their own section
			if (!in_array($cTopic,$topics)) {
				errorPage("Access Deny!",$config[def_theme]);
			}
			mysql_query("delete from ps_article where aid=$aid");
			$mesg = translate("Article is deleted!");
			header("Location: admin.php?mesg=$mesg&op=mod_article&topic=$cTopic&action=listArticle"); 
			unset($action,$topic,$aName,$cid,$content,$aid,$html,$link,$url,$listOrder,$mesg,$cTopic,$topics,$result);
			break;

		default:
			// show menu
			ps_header("");
			?>
			<h3><?echo translate("Manage Article")?></h3>
			
			
			<table>
				<form action="admin.php" method="post">
					<tr>
						<td><b><?=translate("Create Article in topic");?></b></td>
						<td>
							<select name="topic">
								<? 
								$topics = getTopicRights2();
								foreach ($topics as $topic) {
									echo "<option value=\"".htmlspecialchars($topic)."\">$topic";
								}
								?>
							</select>
							<input type="submit" value="submit">
						</td>
					</tr>
					<input type="hidden" name="op" value="mod_article">
					<input type="hidden" name="action" value="createArticle">
				</form>

				<form action="admin.php" method="post">
					<tr>
						<td><b><?=translate("Edit/Delete Article in topic");?></b></td>
						<td>
							<select name="topic">
								<? 
								$topics = getTopicRights2();
								foreach ($topics as $topic) {
									echo "<option value=\"$topic\">$topic";
								}
								?>
							</select>
							<input type="submit" value="submit">
						</td>
					</tr>
					<input type="hidden" name="op" value="mod_article">
					<input type="hidden" name="action" value="listArticle">
				</form>

			</table>
			
			<br><br><br>
			<?
			ps_footer("");
			unset($action,$topic,$aName,$cid,$content,$aid,$html,$link,$url,$listOrder,$mesg,$topics);
			break;
	}

}

?>
Return current item: PSlash