<?php require('management/admin_functions/session.php'); ?>
<?php require('management/admin_layout/header.php'); ?>
<ul id="breadcrumbs">
<li><a href="index.php"><?php echo $lang['main_navigation']; ?></a></li>
<li><a href="blog.php">Blog</a></li>
<li><a href="blog_posts_edit.php" class="actual"><?php echo $lang['manage_articles']; ?></a></li>
</ul>
<div class="clear_blog"></div>
<?php
if((isset($_GET['blog_id'])) && (is_numeric($_GET['blog_id']))) {
$id = mysql_real_escape_string($_GET['blog_id']);
$id = intval($_GET['blog_id']);
}else{
echo '<p class="false">' . $lang['invalid_id'] . '!</p>';
}
if(isset($_POST['submit'])) {
$errors = array();
if(empty($_POST['blog_title'])) {
$errors[] = $lang['enter_a_title'];
}else{
$blog_title = mysql_real_escape_string($_POST['blog_title']);
}
if(empty($_POST['blog_author'])) {
$errors[] = $lang['reg_fill_name'];
}else{
$blog_author = mysql_real_escape_string($_POST['blog_author']);
}
if(empty($_POST['blog_post'])) {
$errors[] = $lang['enter_a_text'];
}else{
$blog_post = mysql_real_escape_string($_POST['blog_post']);
}
if(empty($errors)) {
$query = "UPDATE articles SET blog_title='" . $blog_title . "', blog_author='" . $blog_author . "', blog_post='" . $blog_post . "' WHERE blog_id = '" . $id . "'";
$result = mysql_query($query) OR die(mysql_error());
if($result) {
echo '<p class="success">' . $lang['success_article_edited'] . '!</p>
<p><a href="blog.php">' . $lang['go_on'] . '</a></p>';
}else{
echo '<p class="false">' . $lang['failed_article_edited'] . '</p>
<p><a href="blog.php">' . $lang['back'] . '</a></p>';
}
}else{
echo '<p class="false">' . $lang['error_occured'] . '</p>
<p><a href="blog_posts_edit.php?blog_id=' . $id . '">' . $lang['back'] . '</a></p>';
echo '<ul>';
foreach($errors as $value) {
echo '<li>• ' . $value . '</li>';
}
}
echo '</ul>';
}else{
$query = "SELECT * FROM articles WHERE blog_id = '" . $id . "'";
$result = mysql_query($query) OR die(mysql_error());
if(!$result) {
echo '<p class="false">' . $lang['admin_article_exists'] . '</p>' . mysql_error();
}else{
if(intval(mysql_num_rows($result)) == 0) {
echo '<p class="false">' . $lang['admin_article_exists'] . '</p>';
}else{
while($row = mysql_fetch_assoc($result)) {
echo '<form action="?blog_id=' . $id . '" method="post">
<p> </p>
<p><input type="text" name="blog_title" class="textfields" size="30" maxlength="60" value="' . htmlentities($row['blog_title'], ENT_QUOTES) . '"> ' . $lang['title'] . '</p>
<p><input type="text" name="blog_author" class="textfields" size="30" maxlength="35" value="' . htmlentities($row['blog_author'], ENT_QUOTES) . '"> ' . $lang['author'] . '</p>
<p>' . $lang['article_content'] . '</strong></p>
<textarea cols="45" rows="8" name="blog_post" id="blog_post" class="textareas">' . htmlentities($row['blog_post'], ENT_QUOTES) . '</textarea>
<p><input type="submit" name="submit" id="submit" alt="' . $lang['blank_edit'] . '" value="' . $lang['blank_edit'] . '" class="buttons"></p>
<input type="hidden" name="submitted" value="TRUE">
<input type="hidden" name="blog_id" value="' . $id . '">';
}}}}
?>
<?php require('management/admin_layout/footer.php'); ?>