Location: PHPKode > projects > ZompLog > admin/editor_pages.php
<?php
ob_start();
include_once("functions.php");
include('config.php');
include("session.php");
// this setting activates tinyMCE for all textareas in the page
$set_mce = 1;
include("header.php");

$user = loadUser($_SESSION['login'],$link,$table_users);
if(!$_SESSION["loggedIn"] || !$user['admin']){ echo "You don't have enough privileges to view this page."; exit; }

$theid = 1; // if the parameter is not numeric (possible hacking attempt), the script defaults to 1
if(is_numeric($_GET['id'])){ 
$theid =  $_GET['id'];
}
$query = "SELECT * FROM $table_pages WHERE id = '$theid'";
$result = mysql_query ($query, $link) or die("Died getting info from db.  Error returned if any: ".mysql_error());
$entry = mysql_fetch_array($result);

if(!$_SESSION["loggedIn"]){
?>

You are not allowed to view this page, please log in first.
<?php
}
else
{

if($_POST['Submit']){

if(!$_POST[title])
{
$messages[]="$lang_enter_title";
}


// upload script
include("upload_files.php");


if(empty($messages)) {

foreach($HTTP_POST_VARS[deletefile] as $delete){
// delete images/files that belong to this post
$query = mysql_query("DELETE FROM $table_files WHERE id = $delete LIMIT 1");
}

if($_POST['mainpage']){
// make sure there's only one mainpage
$query="UPDATE $table_pages SET mainpage = '0'";
$result=mysql_query($query, $link) or die("Died inserting login info into db.  Error returned if any: ".mysql_error());
}

		
    $query="UPDATE $table_pages SET title = '$_POST[title]', text = '$_POST[text]', image = '$image', imagewidth = '$imagewidth', imageheight = '$imageheight', align = '$_POST[align]', use_form = '$_POST[use_form]', form_email = '$_POST[form_email]', mainpage = '$_POST[mainpage]' WHERE id = $entry[id]";
	$result=mysql_query($query, $link) or die("Died inserting data into db.  Error returned if any: ".mysql_error());
	
$query = "SELECT * FROM $table_pages ORDER BY id DESC LIMIT 1";
$result = mysql_query($query, $link);
$latestentry = mysql_fetch_array($result);	
	
foreach ($aBestanden as $sFilename => $sFiletype) 
{ 
if($sFiletype == 'image/jpeg' || $sFiletype == 'image/pjpeg' || $sFiletype == 'image/gif'){
$imgsize = getimagesize("../upload/$sFilename");
$query = "INSERT INTO $table_files (page_id, name, type, width, height) VALUES ('". $entry[id] . "', '". $sFilename . "', '". $sFiletype . "', '". $imgsize[0] . "', '". $imgsize[1] . "')";  
$result=mysql_query($query, $link) or die("Died inserting login info into db.  Error returned if any: ".mysql_error());	
}
else
{
$query = "INSERT INTO $table_files (page_id, name, type) VALUES ('". $entry[id] . "', '". $sFilename . "', '". $sFiletype . "')";  
$result=mysql_query($query, $link) or die("Died inserting login info into db.  Error returned if any: ".mysql_error());	
}
}


}	

if($_POST[embed]){
$query = "UPDATE $table_files SET full_url = '$_POST[embed]', type = 'embed' WHERE page_id = '$entry[id]'";  
$result=mysql_query($query, $link) or die("Died inserting login info into db.  Error returned if any: ".mysql_error());	
}

header("Location: editor_pages.php?id=$entry[id]&message=11");
ob_end_flush();
	}
	}


?>

<div id="submenu"><a href="newpage.php" class="sub"><?php echo "$lang_newpage"; ?></a>  | <a href="page.php" class="sub"><?php echo "$lang_edit_delete_page"; ?></a></div>


<div id="side">
<div class="title">&nbsp;</div>
<div class="box"><?php
if(!empty($messages)){
	displayErrors($messages);
}

elseif($_GET[message] && empty($messages)){
displayMessage($_GET[message]);
  }

else{
echo "$lang_message048";
}  
  
?>
</div></div>


<div id="main">


<form name="editform" method="post" enctype="multipart/form-data">
<table width="100%" border="0" cellpadding="0" cellspacing="0" class="text">
        <tr>
          <td width="164"><h1><?php echo "$lang_edit"; ?></h1></td>
        </tr>
        <tr>
          <td><input type="submit" name="Submit" value="<?php echo "$lang_submit"; ?>" id="button" /></td>
        </tr>
        <tr>
          <td><input name="id" type="hidden" id="id" value="<?php echo "$_GET[id]"; ?>"></td>
        </tr>
        
        <tr>
          <td valign="top">
		  		  <fieldset id="titlediv">
      <legend><?php echo "$lang_title"; ?></legend>	  
		  <input name="title" type="text" value="<?php echo "$entry[title]"; ?>">
		  
		  
		  <?php if($entry[mainpage]){
	?>
                  <input name="mainpage" type="checkbox" value="1" checked="checked" />
                  <?php
	}
	else
	{
	?>
                  <input name="mainpage" type="checkbox" value="1" />
                  <?php
	}
	echo "$lang_set_mainpage"; ?>
		  
		  
		  		  </fieldset></td>
        </tr>
        <tr>
          <td valign="top">&nbsp;</td>
        </tr>
        <tr>
          <td valign="top">
		  <fieldset id="titlediv">
      <legend><?php echo "$lang_text"; ?></legend>	 
	  
	  <?php
		  // present safari users with a different editor
		  $a_browser_data = browser_detection('full');
if ( $a_browser_data[0] == 'saf' || !$settings[use_tinymce])
{
?>
<table width="100%"  border="0" cellspacing="0" cellpadding="0">
<tr>
          <td width="34%" class="title">&nbsp;</td>
          <td width="66%">
	<input type="button" class="button" value="<?php echo"$lang_bold"; ?>" name="bold2" onmousedown="javascript:tag_construct('bold','text'); return false;"/>
              <input type="button" class="button" value="<?php echo"$lang_italic"; ?>" name="italic2" onmousedown="javascript:tag_construct('italic','text'); return false;"/>
              <input type="button" class="button" value="<?php echo"$lang_underline"; ?>" name="underline2" onmousedown="javascript:tag_construct('underline','text'); return false;"/>
              <input type="button" class="button" value="<?php echo"$lang_url"; ?>" name="url2" onmousedown="javascript:tag_construct('link','text'); return false;"/>
              <input type="button" class="button" value="<?php echo"$lang_img"; ?>" name="img2" onmousedown="javascript:tag_construct('image','text'); return false;"/>
		<input type="button" class="button" value="<?php echo"$lang_email"; ?>" name="email2" onmousedown="javascript:tag_construct('email','text'); return false;"/>	  
  </td>
        </tr>		
		 </table>	  
<?			  
}

?>		  
	  
	  <textarea name="text" cols="75" rows="20" id="text"><?php echo "$entry[text]"; ?></textarea>
		  </fieldset></td>
        </tr>

		
        <tr>
          <td>&nbsp;</td>
        </tr>
		
 <?php 

$query = "SELECT * FROM $table_files WHERE page_id = '$entry[id]'";
$result = mysql_query($query, $link);
$numrows = mysql_num_rows($result);
if($numrows){
?>

<tr><td>

		  	     <fieldset id="titlediv">
      <legend><?php echo "$lang_curr_img_file";?></legend>
	
<?php
echo '<table width="50%" border="0" cellspacing="0" cellpadding="0">';
while($row = mysql_fetch_array($result)){
if($row[type] == 'image/jpeg' || $row[type] == 'image/gif'){
echo "  <tr><td><img src='../upload/thumbnail.php?gd=2&src=$row[name]&maxw=100' border='0'></td><td><a href='schredder.php?tablename=$table_files&amp;fileid=$row[id]&amp;pageid=$entry[id]'>$lang_delete</a></td></tr><tr><td>&nbsp;</td></tr>";
}
else
{
// fix to get the real name of the file
$name = substr($row[name],13);
$filename = urlencode($row[name]);
echo "<tr><td><a href='../upload/force_download.php?file=$filename&amp;type=$row[type]'>$name</a></td><td><a href='schredder.php?tablename=$table_files&amp;fileid=$row[id]&amp;pageid=$entry[id]'>$lang_delete</a></td></tr><tr><td>&nbsp;</td></tr>";
}
}


?>
</fieldset>
</table>





		
	<?php } 
	
	?>	
        <?php if($settings[use_upload]){ ?>
        
      <tr>
          <td><?php include("file_manager_include.php"); ?></td>
        </tr>
                
          <td colspan="2">
		  
		  <fieldset id="titlediv">
        <legend><?php echo "$lang_upload_img_file"; ?></legend>

        <input id="my_file_element" type="file" value="1" name="file_1" \ /> 
        <div id="files_list"></div>
<script>
	<!-- Create an instance of the multiSelector class, pass it the output target and the max number of files -->
	var multi_selector = new MultiSelector( document.getElementById( 'files_list' ), 20 );
	<!-- Pass in the file element -->
	multi_selector.addElement( document.getElementById( 'my_file_element' ) );
</script>

      </fieldset></td></tr>
		
<tr>
      <td><div class="text" onclick="expandcontent(this, 'sc3')" style="cursor:hand; cursor:pointer">
          <div align="right"><a name="upload" id="upload"></a><a href="#upload"><span class="showstate"></span><?php echo "$lang_options"; ?></a></div>
      </div>
          <div id="sc3" class="switchcontent">
            <p>
	        <table width="100%" style='border: #CCCCCC solid; border-width: 5px 1px 1px 1px; padding: 5px 5px 5px 5px;'>
              <tr>
                <td width="20%">
			<?php echo "$lang_jpeg_gif"; ?></td><td><input name="thumbnail" type="checkbox" value="1" checked="checked" /> 
        <?php echo "$lang_thumbnails"; ?></td></tr>
		<tr>
		        <td colspan="3">
               <?php 
			   $query = "SELECT * FROM $table_files WHERE page_id = '$entry[id]'";
				$result = mysql_query($query, $link);
				$file = mysql_fetch_array($result);
				
				//print_r($file);
			   
			   if($file[type] == 'embed'){ ?>
   <script type="text/javascript">
	// insert embed code through javascript, otherwise the movie gets loaded
				function ShowEmbed() { javascript:document.editform.embed.value='<?php echo $file[full_url]; ?>' }
				
				
			</script>             
            <?php } ?>
            
            <img src="icons/stats.jpg" onload="ShowEmbed();" style="display: none;" /> <?php // hackish, I know, but I can't get the javascript to load otherwise ?>
  <input name="embed" type="text" size="70" /></td>
	          </tr>
	        </table>
            </p>
        </div></td>
    </tr>
		<?php } ?>
        <tr>
          <td>&nbsp;</td>
        </tr>
        <tr>
          <td>
		    <fieldset id="titlediv">
      <legend><?php echo "$lang_contactform"; ?></legend>	 
		  <?php echo "$lang_use_contactform"; ?>
		  <?php
	if($entry[use_form]){
	?>
            <input name="use_form" type="checkbox" id="use_form" value="1" checked="checked" />
            <?php
	}
	else
	{
	?>
            <input name="use_form" type="checkbox" id="use_form" value="1" />
            <?php
	}
	?>
	       <br /> <?php echo "$lang_form_email"; ?>
		    <input type="text" name="form_email" value="<?php echo "$entry[form_email]"; ?>" />
		    </fieldset>	</td>
        </tr>
        <tr>
          <td>&nbsp;</td>
        </tr>
       
        <tr>
          <td>&nbsp;</td>
        </tr>
        <tr>
          <td><input type="submit" name="Submit" value="<?php echo "$lang_submit"; ?>" id="button"></td>
        </tr>
      </table>
</form>
</div>
<?php
include ("footer.php");
?>
Return current item: ZompLog