Location: PHPKode > projects > Spam free PHP GuestBook > Spam free PHP GuestBook-1.2beta/gb/admin/include/clspost.php
<?php
/*
Copyright (c) 2008 http://ramui.com. All right reserved.
This product is protected by copyright and distributed under licenses restricting copying, distribution. Permission is granted to the public to download and use this script provided that this Notice and any statement of authorship are reproduced in every page on all copies of the script.
*/
class post extends clsmain
{
private function show_edit($post_id)
{
		$query="SELECT tp.*, tu.user, IF(ISNULL(tc.id), 0,COUNT(tc.id)) AS c FROM ";
		$query.=$this->prefix."post tp LEFT JOIN ".$this->prefix."user tu ON tp.uid=tu.id LEFT JOIN ".$this->prefix."comments tc ON tp.id=tc.pid WHERE ";
		$query.="tp.id = $post_id";
		$result = @mysql_query($query);
		$row = @mysql_fetch_array($result, MYSQL_ASSOC);
		$submit=sprintf("%d,%d",$this->site['postsize'],$this->site['imagecount']);
		$preview=sprintf("%d,%d,%d,%d",$this->site['postsize'],$this->site['imagewidth'],$this->site['imageheight'],$this->site['imagecount']);
		if(empty($row)){@header("Location: index.php?qur=2M");exit;}
		$this->build_head("Edit post",'<script type="text/javascript" src="script/editpost.js"></script><script type="text/javascript" src="../preview/preview.js"></script>');
		include "include/editpost.php";
		$this->build_footer();
}

private function delete_page($page_id)
{
		$query = sprintf("DELETE FROM ".$this->prefix."post WHERE id = %d",$page_id);
		@mysql_query($query);
		$query = sprintf("DELETE FROM ".$this->prefix."comments WHERE pid = %d",$page_id);
		@mysql_query($query);
		$loc="Location: index.php?qur=2M";
		@header($loc);
}

private function publish($page_id)
{
        $query="SELECT publish FROM ".$this->prefix."post WHERE id = $page_id";
        $result = @mysql_query($query);
        $row = @mysql_fetch_array($result, MYSQL_ASSOC);
		if($row['publish']=='Y'){$response='Publish'; $publish='';}
		else{$response='Block'; $publish='Y';}
        $query=sprintf("UPDATE ".$this->prefix."post SET publish = '$publish' WHERE id = %d",$page_id);
        if(@mysql_query($query)!=false){echo $response;}
        exit;
}

private function lock_post($page_id)
{
		$query=sprintf("SELECT locked FROM ".$this->prefix."post WHERE id = %d",$page_id);
        $result = @mysql_query($query);
        $row = @mysql_fetch_array($result, MYSQL_ASSOC);
		if($row['locked']=='Y'){$response='Lock'; $lock='';}
		else{$response='Unlock'; $lock='Y';}
        $query=sprintf("UPDATE ".$this->prefix."post SET locked = '$lock' WHERE id = %d",$page_id);
        if(@mysql_query($query)){echo $response;}
        exit;
}

private function edit_post($id)
{
		$title=trim(fw_strip_slashes(rawurldecode($_POST["title"])));
		$title=fw_remove_smarttag($title);
		$description=trim(htmlentities(rawurldecode($_POST["description"]),ENT_QUOTES));
		$description=str_replace("\n"," ",str_replace("\r","",$description));
		$description=fw_remove_smarttag($description);
		$keywords=trim(htmlentities(rawurldecode($_POST["keywords"]),ENT_QUOTES));
		$keywords=fw_strip_slashes(fw_remove_smarttag($keywords));
		$content=fw_strip_slashes(rawurldecode(trim($_POST["content"])));
		$content=fw_remove_smarttag($content);
		$autolink=(isset($_POST["autolink"])? 'Y' : '');
		$dt=time();
		$query="UPDATE ".$this->prefix."post SET title = '%s', description = '%s', keywords = '%s', content = '%s', autolink = '$autolink', date = $dt WHERE id = %d";
		$query=sprintf($query,mysql_real_escape_string($title),mysql_real_escape_string($description),mysql_real_escape_string($keywords),mysql_real_escape_string($content),$id);
		if(!(@mysql_query($query))){echo '<span style="color:red;">Error: '.mysql_error().'</span>';}
		else{echo '<span style="color:green;">Data has been successfully updated</span>';}
		exit;
}

public function get_query($query)
{
if ($this->validate_user()){
    switch ($query[1]) {
        case "6":
            $this->show_list($query[2],$query[3],$query[4],$query[5]);
        break;
        case "7":
            $this->edit_post($query[2]);
        break;
        case "8":
            $this->lock_post($query[2]);
        break;
        case "1":
            $this->show_edit($query[2]);
        break;
        case "2":
            $this->delete_page($query[2]);
        break;
        case "3":
            $this->publish($query[2]);
        break;
        case "5":
            $this->log_out();
        break;
        default :
            $this->show_list(1,0,0,0);
    }
}
else{if(($query[1]===6)||($query[1]===1)||empty($query[1])){$this->log_in();}}
}
}
?>
Return current item: Spam free PHP GuestBook