<?php
/*****************************************************************
* Spacemarc News
* Version: 1.2.0
* Author and copyright (C): Marcello Vitagliano
* Web site: http://www.spacemarc.it
* License: GNU General Public License
*
* This program is free software: you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation, either version 3
* of the License, or (at your option) any later version.
*
* Current file: inserisci.php
*****************************************************************/
session_start();
define('IN_NEWS', true);
header('Content-type: text/html; charset=ISO-8859-1');
//includo i file di configurazione
require_once (dirname(__FILE__) . '/../config.php');
require_once (dirname(__FILE__) . '/functions.php');
require_once (dirname(__FILE__) . '/../lang/lang.php');
$db = mysql_connect($db_host, $db_user, $db_password) or die("Impossibile connettersi a MySQL<br />Numero errore: " . mysql_errno() . "<br />Tipo di errore: " . mysql_error());
mysql_select_db($db_name, $db) or die("Impossibile selezionare il database $db_name<br />Numero errore: " . mysql_errno() . "<br />Tipo di errore: " . mysql_error());
check_login();
//calcolo il tempo di generazione della pagina (1a parte)
$mtime1 = explode(" ", microtime());
$starttime = $mtime1[1] + $mtime1[0];
$titolo = NULL;
$testo = NULL;
$data_pubb = NULL;
$letture = 0;
$stampe = 0;
$immagine = NULL;
$div_preview = NULL;
$img_ap_checked = NULL;
$immagine = NULL;
$img_ap_status = "none";
$img_ap = NULL;
$insert_empty = NULL;
$insert_msg_ok = NULL;
$nosmile_checked = (isset($_POST['nosmile'])) ? 'checked="checked"' : NULL;
$q_user = mysql_query("SELECT permessi FROM $tab_utenti WHERE user_id=" . intval($_SESSION['user_id']));
$q_riga_perm = mysql_fetch_assoc($q_user);
//se ho cliccato sul bottone Anteprima
if (isset($_POST['preview'])) {
immagine_apertura();
sostituzione();
//per l'anteprima deve essere compilato il campo Testo, altrimenti mostro il messaggio di campo obbligatorio
if (trim($testo) == '') {
$div_preview = "<div id=\"error\">" . $lang['anteprima'] . "</div><br />";
}
else {
if (get_magic_quotes_gpc()) {
$testo = stripslashes($testo);
}
$div_preview = "
<div align=\"center\" class=\"text2\"><b>" . $lang['preview'] . "</b><span id=\"preview_y\" style=\"display: none;\">
<a href=\"javascript:void(0);\" onclick=\"ShowHide()\" class=\"piccolo\">mostra</a></span> <span id=\"preview_n\" style=\"display: inline;\">
<a href=\"javascript:void(0);\" onclick=\"ShowHide()\" class=\"piccolo\">nascondi</a></span></div>
<table align=\"center\" id=\"preview\" style=\"display: block; border-style: solid; border-width: 1px; border-color: #DEE3E7; width: 100%;\">
<tr><td bgcolor=\"#FFFFFF\" class=\"text\">$img_ap $testo</td></tr></table><br />";
}
//ridefinisco le variabili per visualizzarne correttamente il contenuto nel form
if (get_magic_quotes_gpc()) {
$titolo = stripslashes(htmlspecialchars($_POST['titolo'], ENT_QUOTES));
$testo = stripslashes(htmlspecialchars($_POST['testo'], ENT_QUOTES));
}
else {
$titolo = htmlspecialchars($_POST['titolo'], ENT_QUOTES);
$testo = htmlspecialchars($_POST['testo'], ENT_QUOTES);
}
$letture = (isset($_POST['letture'])) ? intval($_POST['letture']) : 0;
$stampe = (isset($_POST['stampe'])) ? intval($_POST['stampe']) : 0;
$insert_empty = NULL;
$insert_msg_ok = NULL;
//richiamo la funzione per l'upload
if ($q_riga_perm['permessi'] == 'tutto' || $q_riga_perm['permessi'] == 'upload') {
upload();
}
//altrimenti, se ho cliccato sul bottone Inserisci faccio le opportune query
}
elseif (isset($_POST['submit'])) {
//richiamo la funzione per l'upload
if ($q_riga_perm['permessi'] == 'tutto' || $q_riga_perm['permessi'] == 'upload') {
upload();
}
//inizio controllo immagine di apertura
immagine_apertura();
$div_preview = NULL;
$titolo = htmlspecialchars(trim($_POST['titolo']) , ENT_QUOTES);
$testo = htmlspecialchars($_POST['testo'], ENT_QUOTES);
$letture = (isset($_POST['letture'])) ? intval($_POST['letture']) : 0;
$stampe = (isset($_POST['stampe'])) ? intval($_POST['stampe']) : 0;
$nosmile = (isset($_POST['nosmile'])) ? 1 : 0;
$data_pubb = mktime();
if (trim($titolo) == '' || trim($testo) == '') {
$insert_empty = "<div id=\"error\">" . $lang['tit_text_obbl'] . "</div><br />";
$insert_msg_ok = NULL;
}
else {
$insert_empty = NULL;
//se magic_quotes_gpc è disattivata (Off) uso mysql_real_escape_string()
if (!get_magic_quotes_gpc()) {
$testo = mysql_real_escape_string($testo);
$titolo = mysql_real_escape_string($titolo);
$immagine = mysql_real_escape_string($immagine);
}
//in base ai permessi dell'utente, imposto la query con i campi che può inserire o meno
switch ($q_riga_perm['permessi']) {
case "upload":
$query = "INSERT INTO $tab_news (titolo, testo, user_id, data_pubb, immagine, nosmile, ip) VALUES ('$titolo', '$testo', " . $_SESSION['user_id'] . ", $data_pubb, '$immagine', $nosmile, INET_ATON('" . $_SERVER['REMOTE_ADDR'] . "'))";
break;
case "letturestampe":
$query = "INSERT INTO $tab_news (titolo, testo, user_id, data_pubb, letture, stampe, immagine, nosmile, ip) VALUES ('$titolo', '$testo', " . $_SESSION['user_id'] . ", $data_pubb, $letture, $stampe, '$immagine', $nosmile, INET_ATON('" . $_SERVER['REMOTE_ADDR'] . "'))";
break;
case "nessuno":
$query = "INSERT INTO $tab_news (titolo, testo, user_id, data_pubb, immagine, nosmile, ip) VALUES ('$titolo', '$testo', " . $_SESSION['user_id'] . ", $data_pubb, '$immagine', $nosmile, INET_ATON('" . $_SERVER['REMOTE_ADDR'] . "'))";
break;
case "tutto":
$query = "INSERT INTO $tab_news (titolo, testo, user_id, data_pubb, letture, stampe, immagine, nosmile, ip) VALUES ('$titolo', '$testo', " . $_SESSION['user_id'] . ", $data_pubb, $letture, $stampe, '$immagine', $nosmile, INET_ATON('" . $_SERVER['REMOTE_ADDR'] . "') )";
break;
}
if (mysql_query($query)) {
$insert_msg_ok = "<div id=\"success\">" . $lang['insert_news_ok'] . " <img src=\"$img_path/attendi.gif\" title=\"Attendi\" alt=\"Attendi...\" /></div>
<script language=\"JavaScript\" type=\"text/javascript\">
<!--
function doRedirect() { location.href = \"inserisci.php\"; }
window.setTimeout(\"doRedirect()\", 2000);
//-->
</script><br />";
}
else {
$insert_msg_ok = "<div id=\"error\">" . $lang['insert_news_error'] . "</div><br /><span class=\"text2\">" . mysql_error() . "</span><br /><br />";
}
//dopo l'inserimento nel db svuoto i campi Titolo, Testo, Immagine
$titolo = NULL;
$testo = NULL;
$immagine = NULL;
$img_ap_checked = NULL;
$img_ap_status = "none";
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Amministrazione news - Inserisci una notizia
</title>
<link rel="stylesheet" href="../style.css" type="text/css" />
<script language="JavaScript" src="../javascript.js" type="text/JavaScript"></script>
</head>
<body>
<?php
include ("menu.php");
//visualizzo il div per l'anteprima o il messaggio di campi vuoti o di inserimento nel db
echo $div_preview;
echo $insert_empty;
echo $insert_msg_ok;
?>
<form method="post" action="inserisci.php" enctype="multipart/form-data" name="input_form">
<table width="100%" align="center" style="border: 3px solid #DDDDDD;" cellpadding="3" cellspacing="2">
<tr>
<td bgcolor="#DEE3E7" width="21%" align="center" class="text"><b>Titolo</b></td>
<td bgcolor="#EEEEEE" align="left">
<input type="text" size="77" maxlength="150" name="titolo" tabindex="1" value="<?php echo $titolo; ?>" /></td>
</tr>
<tr>
<td bgcolor="#DEE3E7" align="center" class="text2">
<?php echo $lang['codes']; ?></td>
<td align="left" bgcolor="#EEEEEE">
<!-- formattazione testo con BBcode-->
<input type="button" value="b" style="width: 28px; font-size: 0.8em;" onclick="addText(' [b][/b]'); return(false);" onmouseover="helpline('b')" />
<input type="button" value="i" style="width: 28px; font-size: 0.8em;" onclick="addText(' [i][/i]'); return(false);" onmouseover="helpline('i')" />
<input type="button" value="u" style="width: 28px; font-size: 0.8em;" onclick="addText(' [u][/u]'); return(false);" onmouseover="helpline('u')" />
<input type="button" value="Img" style="width: 38px; font-size: 0.8em;" onclick="addText(' [img][/img]'); return(false);" onmouseover="helpline('g')" />
<input type="button" value="Email" style="width: 45px; font-size: 0.8em;" onclick="addText(' [email][/email]'); return(false);" onmouseover="helpline('a')" />
<input type="button" value="URL" style="width: 38px; font-size: 0.8em;" onclick="addText(' [url][/url]'); return(false);" onmouseover="helpline('w')" />
<input type="button" value="Callto" style="width: 50px; font-size: 0.8em;" onclick="addText(' [callto][/callto]'); return(false);" onmouseover="helpline('v')" />
<input type="button" value="Video" style="width: 46px; font-size: 0.8em;" onclick="addText(' [yt][/yt]'); return(false);" onmouseover="helpline('y')" />
<input type="button" value="Lista" style="width: 40px; font-size: 0.8em;" onclick="addText('[ul]\n[li]uno[/li]\n[li]due[/li]\n[/ul]'); return(false);" onmouseover="helpline('l')" />
<input type="button" value="Quote" style="width: 50px; font-size: 0.8em;" onclick="addText(' [quote][/quote]'); return(false);" onmouseover="helpline('q')" />
<input type="button" value="Codice" style="width: 53px; font-size: 0.8em;" onclick="addText(' [code][/code]'); return(false);" onmouseover="helpline('c')" />
<select name="size" onchange="if(this.selectedIndex!=0)this.form.testo.value+=this.options[this.selectedIndex].value;" style="width: 90px; font-size: 0.7em;" onmouseover="helpline('s')">
<option selected="selected">Normale
</option>
<option value="[size=8][/size]">Piccolo
</option>
<option value="[size=12][/size]">Grande
</option>
<option value="[size=16][/size]">Molto grande
</option>
</select><br />
<input type="text" name="helpbox" readonly="readonly" style="width:100%; background-color:#EEEEEE; border-style: none; font-size: 0.7em; font-family: verdana;" maxlength="120" />
<!-- fine formattazione testo con BBcode--></td>
</tr>
<tr>
<td bgcolor="#DEE3E7" valign="top" align="center" class="text"><b>Testo</b><br /><br />
<!-- inserimento smilies -->
<a href="#" onclick="addText(' :cool:'); return(false);">
<img src="<?php echo $img_path; ?>/cool.gif" border="0" alt="Cool" title="Cool" /></a>
<a href="#" onclick="addText(' :)'); return(false);">
<img src="<?php echo $img_path; ?>/smile.gif" border="0" alt="Smile" title="Smile" /></a>
<a href="#" onclick="addText(' ):'); return(false);">
<img src="<?php echo $img_path; ?>/mad.gif" border="0" alt="Mad" title="Mad" /></a>
<a href="#" onclick="addText(' :p'); return(false);">
<img src="<?php echo $img_path; ?>/tongue.gif" border="0" alt="Rido" title="Rido" /></a>
<a href="#" onclick="addText(' :D'); return(false);">
<img src="<?php echo $img_path; ?>/biggrin.gif" border="0" alt="Biggrin" title="Grin" /></a> <br /><br />
<a href="#" onclick="addText(' ;)'); return(false);">
<img src="<?php echo $img_path; ?>/wink.gif" border="0" alt="Wink" title="Wink" /></a>
<a href="#" onclick="addText(' :o'); return(false);">
<img src="<?php echo $img_path; ?>/ohh.gif" border="0" alt="Ohh" title="Ohh" /></a>
<a href="#" onclick="addText(' :zizi:'); return(false);">
<img src="<?php echo $img_path; ?>/zizi.gif" border="0" alt="zizi" title="Zi zi" /></a>
<a href="#" onclick="addText(' :('); return(false);">
<img src="<?php echo $img_path; ?>/sad.gif" border="0" alt="Sad" title="Sad" /></a>
<a href="#" onclick="addText(' :green:'); return(false);">
<img src="<?php echo $img_path; ?>/mrgren.gif" border="0" alt="Mr.Gren" title="Mr.Gren" /></a> <br /><br />
<a href="#" onclick="addText(' :dotto:'); return(false);">
<img src="<?php echo $img_path; ?>/dotto.gif" border="0" alt="dotto" title="Dotto" /></a>
<a href="#" onclick="addText(' :cry:'); return(false);">
<img src="<?php echo $img_path; ?>/cry.gif" border="0" alt="Piango" title="Piango" /></a>
<a href="#" onclick="addText(' :parolaccia:'); return(false);">
<img src="<?php echo $img_path; ?>/parolaccia.gif" border="0" alt="parolaccia" title="Parolaccia" /></a>
<a href="#" onclick="addText(' :incupito:'); return(false);">
<img src="<?php echo $img_path; ?>/incupito.gif" border="0" alt="Incupito" title="Incupito" /></a>
<a href="#" onclick="addText(' :stordito:'); return(false);">
<img src="<?php echo $img_path; ?>/stordito.gif" border="0" alt="Stordito" title="Stordito" /></a> <br /><br />
<a href="#" onclick="addText(' :info:'); return(false);">
<img src="<?php echo $img_path; ?>/info.png" border="0" alt="info" title="Info" /></a>
<a href="#" onclick="addText(' :star:'); return(false);">
<img src="<?php echo $img_path; ?>/star.png" border="0" alt="star" title="Star" /></a>
<a href="#" onclick="addText(' :alert:'); return(false);">
<img src="<?php echo $img_path; ?>/alert.png" border="0" alt="alert" title="Alert" /></a>
<a href="#" onclick="addText(' :???:'); return(false);">
<img src="<?php echo $img_path; ?>/question.png" border="0" alt="question" title="Domanda" /></a>
<a href="#" onclick="addText(' :check:'); return(false);">
<img src="<?php echo $img_path; ?>/check.png" border="0" alt="question" title="Check" /></a> <br /><br />
<a href="#" onclick="addText(' :wiki:'); return(false);">
<img src="<?php echo $img_path; ?>/wikipedia.png" border="0" alt="wiki" title="Wikipedia" /></a>
<a href="#" onclick="addText(' :chat:'); return(false);">
<img src="<?php echo $img_path; ?>/chat.png" border="0" alt="chat" title="Chat" /></a>
<a href="#" onclick="addText(' :www:'); return(false);">
<img src="<?php echo $img_path; ?>/www.png" border="0" alt="www" title="Www" /></a>
<a href="#" onclick="addText(' :man:'); return(false);">
<img src="<?php echo $img_path; ?>/man.png" border="0" alt="man" title="Profilo" /></a>
<a href="#" onclick="addText(' :mail:'); return(false);">
<img src="<?php echo $img_path; ?>/mail.png" border="0" alt="mail" title="Mail" /></a> <br /><br />
<a href="#" onclick="addText(' :fb:'); return(false);">
<img src="<?php echo $img_path; ?>/facebook.gif" border="0" alt="fb" title="Facebook" /></a>
<a href="#" onclick="addText(' :li:'); return(false);">
<img src="<?php echo $img_path; ?>/linkedin.gif" border="0" alt="li" title="LinkedIn" /></a>
<a href="#" onclick="addText(' :ms:'); return(false);">
<img src="<?php echo $img_path; ?>/myspace.gif" border="0" alt="my" title="MySpace" /></a>
<a href="#" onclick="addText(' :tw:'); return(false);">
<img src="<?php echo $img_path; ?>/twitter.gif" border="0" alt="tw" title="Twitter" /></a>
<a href="#" onclick="addText(' :gw:'); return(false);">
<img src="<?php echo $img_path; ?>/gwave.png" border="0" alt="gw" title="Google Wave" /></a>
<!-- fine inserimento smilies --></td>
<td align="left" bgcolor="#EEEEEE">
<textarea cols="88" rows="20" name="testo" id="testo" tabindex="2"><?php echo $testo; ?></textarea></td>
</tr>
<tr>
<td bgcolor="#DEE3E7" align="center" class="text"><b>Immagine di apertura</b></td>
<td bgcolor="#EEEEEE" align="left" height="30" class="text2">
<input type="checkbox" onclick="showText();" name="cb" id="cb" <?php echo $img_ap_checked; ?> />
<input type="text" style="display: <?php echo $img_ap_status; ?>" id="immagine" size="50" maxlength="70" name="immagine" value="<?php echo $immagine; ?>" />
<label for="cb">
<?php echo $lang['imgdimensions']; ?>
</label></td>
</tr>
<?php echo permessi(); ?>
<tr>
<td bgcolor="#DEE3E7" align="center" class="text"><b>Opzioni</b></td>
<td bgcolor="#EEEEEE" align="left" height="30" class="text2">
<input type="checkbox" id="nosmile" name="nosmile" <?php echo $nosmile_checked; ?> />
<label for="nosmile">
<?php echo $lang['nosmilies']; ?>
</label></td>
</tr>
<tr>
<td bgcolor="#DEE3E7" align="center" colspan="2">
<input type="submit" value="Inserisci" name="submit" style="font-weight: bold;" tabindex="3" />
<input type="submit" value="Anteprima" name="preview" /></td>
</tr>
</table>
</form>
<script language="JavaScript" type="text/javascript"> document.input_form.titolo.focus(); </script><br />
<?php include ("footer.php"); ?>
</body>
</html>