Location: PHPKode > projects > Sound PHP Engine > s-p-e-0.3.0/s-p-e-0.3.0/data/edcol.php
<?php 
// ===================================================== 
// 
// s-p-e - Content management system. 
// Copyright (C) 2004, 2005, 2010, 2011 Vladimir B. Tsarkov
// 
// This file is part of s-p-e. 
// 
// s-p-e is free software; you can redistribute it and/or modify 
// it under the terms of the GNU General Public License as published by 
// the Free Software Foundation, either version 3 of the License, or 
// (at your option) any later version. 
// 
// s-p-e is distributed in the hope that it will be useful, 
// but WITHOUT ANY WARRANTY; without even the implied warranty of 
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 
// GNU General Public License for more details. 
// 
// You should have received a copy of the GNU General Public License 
// along with s-p-e. If not, see <http://www.gnu.org/licenses/>.
//
// ------
//
//  You can contact me via e-mail: lipetsk-gnu-lug at bk period ru
//
//  edcol.php
//
//  Abstract: Editor's column.
//  
//  Revision History:
// 
//	1  2004-03-27 - 2005-07-02  vbt
//	2  2005-07-23  vbt
//	3  2010-06-24  vbt
//	4  2011-01-22  vbt
//
// =====================================================
header("Content-Type: text/html; charset=UTF-8");

include("configure/specfg.php"); 
include("../include/functions.php");

cache();

session_set_save_handler("open", "close", "read", "write", "destroy", "gc");
session_start();

gc();

redirect(read(session_id()));

if(read(session_id()) == "editor")
{
	
	language($cfg["deflangadmin"]);
	
	connect($cfg["host"], $cfg["user"], $cfg["password"], $cfg["database"], $connector);
	
	if($login = auth($connector, session_id(), "editor", $cfg["prefix"]))
	{
	
		echo "<html>
		<head>
		<title>".(_("Editor's column"))."</title>
		<link rel='stylesheet' type='text/css' href='../skin/".($cfg["skin"])."/style.css'>
		</head>
		<body class='admin'>";
		
		if(isset($_GET["num"]) && ctype_digit($_GET["num"]))
		{
			$num = $_GET["num"];
		}
		
		if(isset($num))
		{
			connect($cfg["host"], $cfg["user"], $cfg["password"], $cfg["database"], $connector);
			$result = mysql_query("select theme, text 
				from ".($cfg["prefix"])."editor 
				where login='$login' 
				and num='$num'") 
				or die("error #102-1");
			if($row = mysql_fetch_array($result))
			{
				echo "<form action='edproc.php' method='post'>";
				echo "<table width='400' class='admin-table' border='1'>
				<tr>
				<td>
					<font class='s-normal' id='w-bold'>".(_("Editor's column"))."</font>
				</td>
				</tr>
				<td>
					<table>
					<tr>
					<td valign='middle'>
					    <font class='s-normal'>".(_("Theme"))."*:&nbsp;</font>
					</td>
					<td>
					    <font class='s-normal'>".$row["theme"]."</font>
					</td>
					</tr>
					<tr>
					<td valign='top'>
					    <font class='s-normal'>".(_("Message"))."*:&nbsp;</font>
					</td>
					<td>
					    <textarea 
					    cols='35' 
					    rows='10' 
					    name='message' 
					    class='admin-text'>".(str_replace("<br>", "\n", $row["text"]))."</textarea>
					</td>
					</tr>
					<tr>
					<td></td>
					    <input type='hidden' name='colptr' value='".(base64_encode($num))."'>
					<td>
					    <input 
					    class='admin-button' 
					    type='submit' 
					    name='update' 
					    value='".(_("Update"))."&nbsp;&raquo;'>
					</td>
					</tr>
					</table>
				</td>
				</tr>
				</table>";
				echo "</form>";
			}
		}
		
		if(isset($num) == false)
		{
			echo "<form action='edproc.php' method='post'>";
			echo "<table width='400' border='1' class='admin-table'>
			<tr>
			<td>
			    <font class='s-normal' id='w-bold'>".(_("Editor's column"))."</font>
			</td>
			</tr>
			<td>
			
			<table>
			<tr>
			<td valign='middle'>
			    <font class='s-normal'>".(_("Theme"))."*:&nbsp;</font>
			</td>
			<td>
			    <input type='text' maxlength='100' name='theme' class='admin-input' size='38'>
			</td>
			</tr>
			<tr>
			<td valign='top'>
			    <font class='s-normal'>".(_("Message"))."*:&nbsp;</font>
			</td>
			<td>
			    <textarea cols=35 rows=10 name='message' class='admin-tarea'></textarea>
			</td>
			</tr>
			<tr>
			    <td></td>
			    <td>
			    <input type='submit' name='save' class='admin-button' value='".(_("Save"))."&nbsp;&raquo;'>
			    </td>
			</tr>
			</table>
			
			</td></tr>
			</table>
			</form>
					
			<div style='position:absolute; left:540; top:0; z-index:0; visibility:show'>
			<table border='1' width='267' class='admin-table'>
			<tr>
			<td>
			<font class='s-normal' id='w-bold'>".(_("Editor's column"))."</font>
			</td>
			</tr>";
			
			connect($cfg["host"], $cfg["user"], $cfg["password"], $cfg["database"], $connector);
			$result = mysql_query("select num, login, date, timer, text, theme 
				from ".($cfg["prefix"])."editor 
				where login='$login' 
				order by date desc, timer desc", $connector) 
				or die("error #102-2");
			while($row = mysql_fetch_array($result))
			{
				echo "<form action='edproc.php' method='post'>";
				echo "<tr><td>
				<table>
				<input type='checkbox' name='colrm[]' value='".$row["num"]."'>
				<tr>
					<td>
					<p><font class='s-normal'>".(_("Author")).":&nbsp;&nbsp;&nbsp;</font></p>
					</td>
					<td>
					<p><font class='s-normal'>".$row["login"]."</font></p>
					</td>
				</tr>
				<tr>
					<td>
					<font class='s-normal'>".(_("Date")).":&nbsp;</font>
					</td>
					<td>
					<p><font class='s-normal'>".$row["date"]."</font></p>
					</td>
				</tr>
				<tr>
					<td>
					<font class='s-normal'>".(_("Time")).":&nbsp;</font>
					</td>
					<td>
					<p><font class='s-normal'>".$row["timer"]."</font></p>
					</td>
				</tr>
				<tr>
					<td>
					<font class='s-normal'>".(_("Theme")).":&nbsp;</font>
					</td>
					<td>
					<font class='s-normal'>".$row["theme"]."</font>
					</td>
				</tr>
				<tr>
					<td valign='top'>
					<font class='s-normal'>".(_("Message")).":&nbsp;</font>
					</td>
					<td>
					<font class='s-normal'>".$row["text"]."</font>
					</td>
				</tr>
				<tr>
					<td>
					<font class='s-normal'>
					<a href='edcol.php?num=".$row["num"]."'>".(_("Update"))."</a>
					</font>
					</td>
					<td></td>
				</tr>
				</table>
				
				</td>
				</tr>";
			}
			if(mysql_num_rows($result) > 0)
			{
				echo "<tr>
				<td align='center'>
				<input type='submit' name='delete' class='admin-button' value='".(_("Remove marked"))."'>
				</td>
				</tr>";
			}
			mysql_free_result($result);
			mysql_close($connector);
			
			echo "</form></table>";
			echo "</div>";
			
			echo "<table border='1' class='admin-table'>
			<tr>
			<td width='240' height='15'>
			<font class='s-normal' id='w-bold'>".(_("Service"))."</font>
			</td>
			</tr>";
			echo "<tr>
			<td align='center'>";
			echo "<p><a href='eduser.php'><font class='s-normal'>".(_("Users' Info"))."</font></a></p>
			<p><a href='logout.php'><font class='s-normal'>".(_("Log out"))."</font></a></p>
						
			</td>
			</tr>
			</table>";
		}
		echo "</body></html>";
	} else {
		echo _("Access denied.");
	}
} else {
	echo _("Access denied.");
}
?>
100% Free PHP Newsletter Script! Download now!
Return current item: Sound PHP Engine