Location: PHPKode > projects > Spacemarc News > spacemarc-news/admin/inserisci.php
<?php

/*****************************************************************
*  Spacemarc News
*  Version: 1.2.0
*  Author and copyright (C): Marcello Vitagliano
*  Web site: http://www.spacemarc.it
*  License: GNU General Public License
*
*  This program is free software: you can redistribute it and/or
*  modify it under the terms of the GNU General Public License
*  as published by the Free Software Foundation, either version 3
*  of the License, or (at your option) any later version.
*
*  Current file: inserisci.php
*****************************************************************/
session_start();
define('IN_NEWS', true);
header('Content-type: text/html; charset=ISO-8859-1');

//includo i file di configurazione
require_once (dirname(__FILE__) . '/../config.php');
require_once (dirname(__FILE__) . '/functions.php');
require_once (dirname(__FILE__) . '/../lang/lang.php');
$db = mysql_connect($db_host, $db_user, $db_password) or die("Impossibile connettersi a MySQL<br />Numero errore: " . mysql_errno() . "<br />Tipo di errore: " . mysql_error());
mysql_select_db($db_name, $db) or die("Impossibile selezionare il database $db_name<br />Numero errore: " . mysql_errno() . "<br />Tipo di errore: " . mysql_error());
check_login();

//calcolo il tempo di generazione della pagina (1a parte)
$mtime1 = explode(" ", microtime());
$starttime = $mtime1[1] + $mtime1[0];
$titolo = NULL;
$testo = NULL;
$data_pubb = NULL;
$letture = 0;
$stampe = 0;
$immagine = NULL;
$div_preview = NULL;
$img_ap_checked = NULL;
$immagine = NULL;
$img_ap_status = "none";
$img_ap = NULL;
$insert_empty = NULL;
$insert_msg_ok = NULL;
$nosmile_checked = (isset($_POST['nosmile'])) ? 'checked="checked"' : NULL;
$q_user = mysql_query("SELECT permessi FROM $tab_utenti WHERE user_id=" . intval($_SESSION['user_id']));
$q_riga_perm = mysql_fetch_assoc($q_user);

//se ho cliccato sul bottone Anteprima

if (isset($_POST['preview'])) {
    immagine_apertura();
    sostituzione();

    //per l'anteprima deve essere compilato il campo Testo, altrimenti mostro il messaggio di campo obbligatorio
    
    if (trim($testo) == '') {
        $div_preview = "<div id=\"error\">" . $lang['anteprima'] . "</div><br />";
    }
    else {
        
        if (get_magic_quotes_gpc()) {
            $testo = stripslashes($testo);
        }
        $div_preview = "
        	<div align=\"center\" class=\"text2\"><b>" . $lang['preview'] . "</b><span id=\"preview_y\" style=\"display: none;\">
					<a href=\"javascript:void(0);\" onclick=\"ShowHide()\" class=\"piccolo\">mostra</a></span> <span id=\"preview_n\" style=\"display: inline;\">
					<a href=\"javascript:void(0);\" onclick=\"ShowHide()\" class=\"piccolo\">nascondi</a></span></div>
        	<table align=\"center\" id=\"preview\" style=\"display: block; border-style: solid; border-width: 1px; border-color: #DEE3E7; width: 100%;\">
        	<tr><td bgcolor=\"#FFFFFF\" class=\"text\">$img_ap $testo</td></tr></table><br />";
    }

    //ridefinisco le variabili per visualizzarne correttamente il contenuto nel form
    
    if (get_magic_quotes_gpc()) {
        $titolo = stripslashes(htmlspecialchars($_POST['titolo'], ENT_QUOTES));
        $testo = stripslashes(htmlspecialchars($_POST['testo'], ENT_QUOTES));
    }
    else {
        $titolo = htmlspecialchars($_POST['titolo'], ENT_QUOTES);
        $testo = htmlspecialchars($_POST['testo'], ENT_QUOTES);
    }
    $letture = (isset($_POST['letture'])) ? intval($_POST['letture']) : 0;
    $stampe = (isset($_POST['stampe'])) ? intval($_POST['stampe']) : 0;
    $insert_empty = NULL;
    $insert_msg_ok = NULL;

    //richiamo la funzione per l'upload
    
    if ($q_riga_perm['permessi'] == 'tutto' || $q_riga_perm['permessi'] == 'upload') {
        upload();
    }

    //altrimenti, se ho cliccato sul bottone Inserisci faccio le opportune query
    
}
elseif (isset($_POST['submit'])) {

    //richiamo la funzione per l'upload
    
    if ($q_riga_perm['permessi'] == 'tutto' || $q_riga_perm['permessi'] == 'upload') {
        upload();
    }

    //inizio controllo immagine di apertura
    immagine_apertura();
    $div_preview = NULL;
    $titolo = htmlspecialchars(trim($_POST['titolo']) , ENT_QUOTES);
    $testo = htmlspecialchars($_POST['testo'], ENT_QUOTES);
    $letture = (isset($_POST['letture'])) ? intval($_POST['letture']) : 0;
    $stampe = (isset($_POST['stampe'])) ? intval($_POST['stampe']) : 0;
    $nosmile = (isset($_POST['nosmile'])) ? 1 : 0;
    $data_pubb = mktime();
    
    if (trim($titolo) == '' || trim($testo) == '') {
        $insert_empty = "<div id=\"error\">" . $lang['tit_text_obbl'] . "</div><br />";
        $insert_msg_ok = NULL;
    }
    else {
        $insert_empty = NULL;

        //se magic_quotes_gpc è disattivata (Off) uso mysql_real_escape_string()
        
        if (!get_magic_quotes_gpc()) {
            $testo = mysql_real_escape_string($testo);
            $titolo = mysql_real_escape_string($titolo);
            $immagine = mysql_real_escape_string($immagine);
        }

        //in base ai permessi dell'utente, imposto la query con i campi che può inserire o meno
        
        switch ($q_riga_perm['permessi']) {
            case "upload":
                $query = "INSERT INTO $tab_news (titolo, testo, user_id, data_pubb, immagine, nosmile, ip) VALUES ('$titolo', '$testo', " . $_SESSION['user_id'] . ", $data_pubb, '$immagine', $nosmile, INET_ATON('" . $_SERVER['REMOTE_ADDR'] . "'))";
            break;
            case "letturestampe":
                $query = "INSERT INTO $tab_news (titolo, testo, user_id, data_pubb, letture, stampe, immagine, nosmile, ip) VALUES ('$titolo', '$testo', " . $_SESSION['user_id'] . ", $data_pubb, $letture, $stampe, '$immagine', $nosmile, INET_ATON('" . $_SERVER['REMOTE_ADDR'] . "'))";
            break;
            case "nessuno":
                $query = "INSERT INTO $tab_news (titolo, testo, user_id, data_pubb, immagine, nosmile, ip) VALUES ('$titolo', '$testo', " . $_SESSION['user_id'] . ", $data_pubb, '$immagine', $nosmile, INET_ATON('" . $_SERVER['REMOTE_ADDR'] . "'))";
            break;
            case "tutto":
                $query = "INSERT INTO $tab_news (titolo, testo, user_id, data_pubb, letture, stampe, immagine, nosmile, ip) VALUES ('$titolo', '$testo', " . $_SESSION['user_id'] . ", $data_pubb, $letture, $stampe, '$immagine', $nosmile, INET_ATON('" . $_SERVER['REMOTE_ADDR'] . "') )";
            break;
        }
        
        if (mysql_query($query)) {
            $insert_msg_ok = "<div id=\"success\">" . $lang['insert_news_ok'] . " <img src=\"$img_path/attendi.gif\" title=\"Attendi\" alt=\"Attendi...\" /></div>
								<script language=\"JavaScript\" type=\"text/javascript\">
								<!--
								function doRedirect() { location.href = \"inserisci.php\"; }
								window.setTimeout(\"doRedirect()\", 2000);
								//-->
								</script><br />";
        }
        else {
            $insert_msg_ok = "<div id=\"error\">" . $lang['insert_news_error'] . "</div><br /><span class=\"text2\">" . mysql_error() . "</span><br /><br />";
        }

        //dopo l'inserimento nel db svuoto i campi Titolo, Testo, Immagine
        $titolo = NULL;
        $testo = NULL;
        $immagine = NULL;
        $img_ap_checked = NULL;
        $img_ap_status = "none";
    }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">  
  <head>    
    <title>Amministrazione news - Inserisci una notizia
    </title>    
    <link rel="stylesheet" href="../style.css" type="text/css" />		
<script language="JavaScript" src="../javascript.js" type="text/JavaScript"></script>  
  </head>  
  <body>
<?php
include ("menu.php");

//visualizzo il div per l'anteprima o il messaggio di campi vuoti o di inserimento nel db
echo $div_preview;
echo $insert_empty;
echo $insert_msg_ok;
?>    
    <form method="post" action="inserisci.php" enctype="multipart/form-data" name="input_form">           
      <table width="100%" align="center" style="border: 3px solid #DDDDDD;" cellpadding="3" cellspacing="2">	          
        <tr>                   
          <td bgcolor="#DEE3E7" width="21%" align="center" class="text"><b>Titolo</b></td>                   
          <td bgcolor="#EEEEEE" align="left">            
            <input type="text" size="77" maxlength="150" name="titolo" tabindex="1" value="<?php echo $titolo; ?>" /></td>               
        </tr>               
        <tr>	           
          <td bgcolor="#DEE3E7" align="center" class="text2">
            <?php echo $lang['codes']; ?></td>          
          <td align="left" bgcolor="#EEEEEE">            
            <!-- formattazione testo con BBcode-->            
            <input type="button" value="b" style="width: 28px; font-size: 0.8em;" onclick="addText(' [b][/b]'); return(false);" onmouseover="helpline('b')" />            
            <input type="button" value="i" style="width: 28px; font-size: 0.8em;" onclick="addText(' [i][/i]'); return(false);" onmouseover="helpline('i')" />            
            <input type="button" value="u" style="width: 28px; font-size: 0.8em;" onclick="addText(' [u][/u]'); return(false);" onmouseover="helpline('u')" />            
            <input type="button" value="Img" style="width: 38px; font-size: 0.8em;" onclick="addText(' [img][/img]'); return(false);" onmouseover="helpline('g')" />            
            <input type="button" value="Email" style="width: 45px; font-size: 0.8em;" onclick="addText(' [email][/email]'); return(false);" onmouseover="helpline('a')" />            
            <input type="button" value="URL" style="width: 38px; font-size: 0.8em;" onclick="addText(' [url][/url]'); return(false);" onmouseover="helpline('w')" />            
            <input type="button" value="Callto" style="width: 50px; font-size: 0.8em;" onclick="addText(' [callto][/callto]'); return(false);" onmouseover="helpline('v')" />            
            <input type="button" value="Video" style="width: 46px; font-size: 0.8em;" onclick="addText(' [yt][/yt]'); return(false);" onmouseover="helpline('y')" />            
            <input type="button" value="Lista" style="width: 40px; font-size: 0.8em;" onclick="addText('[ul]\n[li]uno[/li]\n[li]due[/li]\n[/ul]'); return(false);" onmouseover="helpline('l')" />            
            <input type="button" value="Quote" style="width: 50px; font-size: 0.8em;" onclick="addText(' [quote][/quote]'); return(false);" onmouseover="helpline('q')" />            
            <input type="button" value="Codice" style="width: 53px; font-size: 0.8em;" onclick="addText(' [code][/code]'); return(false);" onmouseover="helpline('c')" />            
            <select name="size" onchange="if(this.selectedIndex!=0)this.form.testo.value+=this.options[this.selectedIndex].value;" style="width: 90px; font-size: 0.7em;" onmouseover="helpline('s')">              
              <option selected="selected">Normale
              </option>              
              <option value="[size=8][/size]">Piccolo
              </option>              
              <option value="[size=12][/size]">Grande
              </option>              
              <option value="[size=16][/size]">Molto grande
              </option>            
            </select><br />            
            <input type="text" name="helpbox" readonly="readonly" style="width:100%; background-color:#EEEEEE; border-style: none; font-size: 0.7em; font-family: verdana;" maxlength="120" />            
            <!-- fine formattazione testo con BBcode--></td>           
        </tr>             
        <tr>                 
          <td bgcolor="#DEE3E7" valign="top" align="center" class="text"><b>Testo</b><br /><br />		             
            <!-- inserimento smilies -->                      
            <a href="#" onclick="addText(' :cool:'); return(false);">
              <img src="<?php echo $img_path; ?>/cool.gif" border="0" alt="Cool" title="Cool" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :)'); return(false);">
              <img src="<?php echo $img_path; ?>/smile.gif" border="0" alt="Smile" title="Smile" /></a> &nbsp;                      
            <a href="#" onclick="addText(' ):'); return(false);">
              <img src="<?php echo $img_path; ?>/mad.gif" border="0" alt="Mad" title="Mad" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :p'); return(false);">
              <img src="<?php echo $img_path; ?>/tongue.gif" border="0" alt="Rido" title="Rido" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :D'); return(false);">
              <img src="<?php echo $img_path; ?>/biggrin.gif" border="0" alt="Biggrin" title="Grin" /></a> <br /><br />                     
            <a href="#" onclick="addText(' ;)'); return(false);">
              <img src="<?php echo $img_path; ?>/wink.gif" border="0" alt="Wink" title="Wink" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :o'); return(false);">
              <img src="<?php echo $img_path; ?>/ohh.gif" border="0" alt="Ohh" title="Ohh" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :zizi:'); return(false);">
              <img src="<?php echo $img_path; ?>/zizi.gif" border="0" alt="zizi" title="Zi zi" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :('); return(false);">
              <img src="<?php echo $img_path; ?>/sad.gif" border="0" alt="Sad" title="Sad" /></a> &nbsp;                       
            <a href="#" onclick="addText(' :green:'); return(false);">
              <img src="<?php echo $img_path; ?>/mrgren.gif" border="0" alt="Mr.Gren" title="Mr.Gren" /></a> <br /><br />                     
            <a href="#" onclick="addText(' :dotto:'); return(false);">
              <img src="<?php echo $img_path; ?>/dotto.gif" border="0" alt="dotto" title="Dotto" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :cry:'); return(false);">
              <img src="<?php echo $img_path; ?>/cry.gif" border="0" alt="Piango" title="Piango" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :parolaccia:'); return(false);">
              <img src="<?php echo $img_path; ?>/parolaccia.gif" border="0" alt="parolaccia" title="Parolaccia" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :incupito:'); return(false);">
              <img src="<?php echo $img_path; ?>/incupito.gif" border="0" alt="Incupito" title="Incupito" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :stordito:'); return(false);">
              <img src="<?php echo $img_path; ?>/stordito.gif" border="0" alt="Stordito" title="Stordito" /></a> <br /><br />                     
            <a href="#" onclick="addText(' :info:'); return(false);">
              <img src="<?php echo $img_path; ?>/info.png" border="0" alt="info" title="Info" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :star:'); return(false);">
              <img src="<?php echo $img_path; ?>/star.png" border="0" alt="star" title="Star" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :alert:'); return(false);">
              <img src="<?php echo $img_path; ?>/alert.png" border="0" alt="alert" title="Alert" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :???:'); return(false);">
              <img src="<?php echo $img_path; ?>/question.png" border="0" alt="question" title="Domanda" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :check:'); return(false);">
              <img src="<?php echo $img_path; ?>/check.png" border="0" alt="question" title="Check" /></a> <br /><br />                     
            <a href="#" onclick="addText(' :wiki:'); return(false);">
              <img src="<?php echo $img_path; ?>/wikipedia.png" border="0" alt="wiki" title="Wikipedia" /></a> &nbsp;                       
            <a href="#" onclick="addText(' :chat:'); return(false);">
              <img src="<?php echo $img_path; ?>/chat.png" border="0" alt="chat" title="Chat" /></a> &nbsp;                       
            <a href="#" onclick="addText(' :www:'); return(false);">
              <img src="<?php echo $img_path; ?>/www.png" border="0" alt="www" title="Www" /></a>&nbsp;                      
            <a href="#" onclick="addText(' :man:'); return(false);">
              <img src="<?php echo $img_path; ?>/man.png" border="0" alt="man" title="Profilo" /></a> &nbsp;                      
            <a href="#" onclick="addText(' :mail:'); return(false);">
              <img src="<?php echo $img_path; ?>/mail.png" border="0" alt="mail" title="Mail" /></a> <br /><br />                     
            <a href="#" onclick="addText(' :fb:'); return(false);">
              <img src="<?php echo $img_path; ?>/facebook.gif" border="0" alt="fb" title="Facebook" /></a> &nbsp;                       
            <a href="#" onclick="addText(' :li:'); return(false);">
              <img src="<?php echo $img_path; ?>/linkedin.gif" border="0" alt="li" title="LinkedIn" /></a> &nbsp;                       
            <a href="#" onclick="addText(' :ms:'); return(false);">
              <img src="<?php echo $img_path; ?>/myspace.gif" border="0" alt="my" title="MySpace" /></a> &nbsp;                       
            <a href="#" onclick="addText(' :tw:'); return(false);">
              <img src="<?php echo $img_path; ?>/twitter.gif" border="0" alt="tw" title="Twitter" /></a> &nbsp;                       
            <a href="#" onclick="addText(' :gw:'); return(false);">
              <img src="<?php echo $img_path; ?>/gwave.png" border="0" alt="gw" title="Google Wave" /></a>		             
            <!-- fine inserimento smilies --></td>                   
          <td align="left" bgcolor="#EEEEEE">           
<textarea cols="88" rows="20" name="testo" id="testo" tabindex="2"><?php echo $testo; ?></textarea></td>	         
        </tr>               
        <tr>                   
          <td bgcolor="#DEE3E7" align="center" class="text"><b>Immagine di apertura</b></td>                   
          <td bgcolor="#EEEEEE" align="left" height="30" class="text2">                     
            <input type="checkbox" onclick="showText();" name="cb" id="cb" <?php echo $img_ap_checked; ?> />            
            <input type="text" style="display: <?php echo $img_ap_status; ?>" id="immagine" size="50" maxlength="70" name="immagine" value="<?php echo $immagine; ?>" />              
            <label for="cb">
              <?php echo $lang['imgdimensions']; ?>
            </label></td>               
        </tr>               
        <?php echo permessi(); ?>                
        <tr>                   
          <td bgcolor="#DEE3E7" align="center" class="text"><b>Opzioni</b></td>                   
          <td bgcolor="#EEEEEE" align="left" height="30" class="text2">            
            <input type="checkbox" id="nosmile" name="nosmile" <?php echo $nosmile_checked; ?> />              
            <label for="nosmile">
              <?php echo $lang['nosmilies']; ?>
            </label></td>               
        </tr>               
        <tr>                   
          <td bgcolor="#DEE3E7" align="center" colspan="2">              
            <input type="submit" value="Inserisci" name="submit" style="font-weight: bold;" tabindex="3" />              
            <input type="submit" value="Anteprima" name="preview" /></td>               
        </tr>          
      </table>    
    </form>
<script language="JavaScript" type="text/javascript"> document.input_form.titolo.focus(); </script><br />    
    <?php include ("footer.php"); ?>  
  </body>
</html>
Return current item: Spacemarc News