1 | <?php
|
---|
2 | include '../includes/Global.php';
|
---|
3 |
|
---|
4 | TestLicence('2');
|
---|
5 |
|
---|
6 | if (array_key_exists('Mode', $_GET)) {
|
---|
7 | $Mode = $_GET['Mode'];
|
---|
8 | } else {
|
---|
9 | $Mode = '';
|
---|
10 | }
|
---|
11 |
|
---|
12 | If ($Mode == '' or $Mode == 'FormEdit') { // formuláø pøidání èlánku
|
---|
13 | if (array_key_exists('ID', $_GET)) {
|
---|
14 | $ID = $_GET['ID'];
|
---|
15 | $Action = 'Edit';
|
---|
16 |
|
---|
17 | //naèítání do promìných
|
---|
18 | $sql = "SELECT * FROM articles WHERE ID = $ID";
|
---|
19 | $IDdb = $db->SQLCommand($sql);
|
---|
20 |
|
---|
21 | //todo: èlánek nenalezen
|
---|
22 |
|
---|
23 | $Line = mysql_fetch_array($IDdb);
|
---|
24 | $Name = $Line['Name'];
|
---|
25 | $Text = $Line['Text'];
|
---|
26 | $Description = $Line['Description'];
|
---|
27 | $selected = $Line['SectionID'];
|
---|
28 | } else {
|
---|
29 | $sql = "SELECT max(ID) FROM articles";
|
---|
30 | $ID = $db->SQLCommand($sql);
|
---|
31 | $Line = mysql_fetch_row($ID);
|
---|
32 | $ID = $Line[0]+1;
|
---|
33 | $Action = 'AddArticle';
|
---|
34 | //naèítání do promìných
|
---|
35 | $Name = '';
|
---|
36 | $Text = '';
|
---|
37 | $Description = '';
|
---|
38 | $selected = '';
|
---|
39 | }
|
---|
40 |
|
---|
41 | ?>
|
---|
42 | <h4>Pøidání èlánku</h4>
|
---|
43 | <form enctype="multipart/form-data" action="AddArticles.php?Mode=<?php echo $Action; ?>" method="post" name="form">
|
---|
44 | <input type="hidden" name="ID" value="<?php echo $ID; ?>">
|
---|
45 | <table border="0">
|
---|
46 | <tr><td>Adresa:</td><td><b><a href="/Section.php?Article=<?php echo $ID; ?>">èlánek</a></b></td></tr>
|
---|
47 | <tr><td>Uivatel: </td><td><b><?php echo $_SESSION['User']; ?></b></td></tr>
|
---|
48 | <tr><td>Název:</td><td><input type="text" name="Name" value="<?php echo $Name; ?>"></td></tr>
|
---|
49 | <tr><td>Sekce: </td><td><?php
|
---|
50 | $sql = "SELECT * FROM section";
|
---|
51 | // echo $sql;
|
---|
52 | $ID = $db->SQLCommand($sql);
|
---|
53 | echo '<select name="Section" size="1">';
|
---|
54 | echo '<option value="0">ádná</option>';
|
---|
55 | while($Line = mysql_fetch_array($ID)) {
|
---|
56 | if ($selected == $Line['ID']) {
|
---|
57 | echo '<option value="',$Line['ID'],'" selected="selected">',$Line['Name'],'</option>';
|
---|
58 | }
|
---|
59 | echo '<option value="',$Line['ID'],'">',$Line['Name'],'</option>';
|
---|
60 | // echo $Line['Description'];
|
---|
61 | } // konec while
|
---|
62 | echo '</select>';
|
---|
63 | ?></td></tr>
|
---|
64 | <tr><td>Zobrazit od: </td><td>TODO</td></tr>
|
---|
65 | <tr><td>Zobrazit do: </td><td>TODO</td></tr>
|
---|
66 | <tr><td>Popis:</td><td><input size="107" type="text" name="Description" value="<?php echo $Description; ?>"></td></tr>
|
---|
67 | <tr><td> </td><td>
|
---|
68 | <span Title="Odstavec...odøádkování" onclick="document.form.Text.value = document.form.Text.value+'<br>\n'; document.form.Text.focus()">[enter]</span>
|
---|
69 | <span Title="Tuèný text" onclick="document.form.Text.value = document.form.Text.value+'<b>tuèný text</b>'; document.form.Text.focus()">[b]</span>
|
---|
70 | <span Title="Leatý text" onclick="document.form.Text.value = document.form.Text.value+'<i>leatý text</i>'; document.form.Text.focus()">[i]</span>
|
---|
71 | <span Title="Kaskádové styly v tagu span" onclick="document.form.Text.value = document.form.Text.value+'<span style="styly">text</span>'; document.form.Text.focus()">[span]</span>
|
---|
72 | <span Title="Obrázek" onclick="document.form.Text.value = document.form.Text.value+'<img alt="Alternativní text(kdy nenalezne obr.)" src="cesta">'; document.form.Text.focus()">[img]</span>
|
---|
73 | <span Title="Odkaz/link" onclick="document.form.Text.value = document.form.Text.value+'<a href="http://adresa/">Zobrazované slovo na webu</a>'; document.form.Text.focus()">[a]</span>
|
---|
74 | - Pøidává na konec textu</td></tr>
|
---|
75 | <tr><td>Text: </td><td><textarea cols="80" name="Text" rows="30"><?php echo $Text; ?></textarea></td></tr>
|
---|
76 | <tr><td><input type="submit" value="Uloit"></td><td><a href="AddImage.php" target="new">Pøidat obrázek</a></td></tr>
|
---|
77 | </table>
|
---|
78 | </form>
|
---|
79 |
|
---|
80 | <?php
|
---|
81 | }
|
---|
82 |
|
---|
83 | if ($Mode == 'AddArticle') { //pøidání èlánku
|
---|
84 | $Name = mysql_escape_string($_POST['Name']);
|
---|
85 | $UserID = mysql_escape_string($_SESSION['ID']);
|
---|
86 | $Text = mysql_escape_string($_POST['Text']);
|
---|
87 | $TextWithoutTags = strip_tags($_POST['Text']);
|
---|
88 | $Section = mysql_escape_string($_POST['Section']);
|
---|
89 | $Description = mysql_escape_string($_POST['Description']);
|
---|
90 |
|
---|
91 | echo('Jméno: '.$Name.'<br>');
|
---|
92 | echo('Uivatel: '.$UserID.'<br>');
|
---|
93 | echo('Section: '.$Section.'<br>');
|
---|
94 | echo('Popis: '.$Description.'<br>');
|
---|
95 | echo('Text: '.$Text.'<br>');
|
---|
96 |
|
---|
97 | $sql = "SELECT max(ID) FROM articles";
|
---|
98 | $ID = $db->SQLCommand($sql);
|
---|
99 | $Line = mysql_fetch_row($ID);
|
---|
100 | $ID = $Line[0]+1;
|
---|
101 | $sql = "INSERT articles VALUE('$ID','$Name','$Description','$Text','$TextWithoutTags',now(),now(),now(),'$UserID','$Section')";
|
---|
102 | $db->SQLCommand($sql);
|
---|
103 | echo 'èlánek '.$Name.' byl uloen';
|
---|
104 | WriteLog('Èlánek byl uloen: '.$Name.' ID: '.$ID.' Popis: '.$Description.' User: '.$UserID.' Sekce: '.$Section,'2');
|
---|
105 | }
|
---|
106 |
|
---|
107 | if ($Mode == 'Edit') { //pøidání èlánku
|
---|
108 | $Name = mysql_escape_string($_POST['Name']);
|
---|
109 | $ID = mysql_escape_string($_POST['ID']);
|
---|
110 | $UserID = mysql_escape_string($_SESSION['ID']);
|
---|
111 | $Text = mysql_escape_string($_POST['Text']);
|
---|
112 | $TextWithoutTags = strip_tags($_POST['Text']);
|
---|
113 | $Section = mysql_escape_string($_POST['Section']);
|
---|
114 | $Description = mysql_escape_string($_POST['Description']);
|
---|
115 |
|
---|
116 | echo('Jméno: '.$Name.'<br>');
|
---|
117 | echo('Uivatel: '.$UserID.'<br>');
|
---|
118 | echo('Section: '.$Section.'<br>');
|
---|
119 | echo('Popis: '.$Description.'<br>');
|
---|
120 | echo('Text: '.$Text.'<br>');
|
---|
121 |
|
---|
122 | $sql = "UPDATE articles SET Name = '$Name', Description = '$Description',
|
---|
123 | Text = '$Text', TextWithoutTags = '$TextWithoutTags', UserID = '$UserID',
|
---|
124 | SectionID ='$Section' WHERE ID = '$ID'";
|
---|
125 | $db->SQLCommand($sql);
|
---|
126 | echo 'èlánek '.$Name.' byl editován';
|
---|
127 | WriteLog('Èlánek byl editován: '.$Name.' ID: '.$ID.' Popis: '.$Description.' User: '.$UserID.' Sekce: '.$Section,'3');
|
---|
128 | }
|
---|
129 |
|
---|
130 |
|
---|
131 | If ($Mode == '') { // formuláø smazání èlánku
|
---|
132 | TestLicence('4');
|
---|
133 | $sql = "SELECT max(ID) FROM section";
|
---|
134 | $ID = $db->SQLCommand($sql);
|
---|
135 | $Line = mysql_fetch_row($ID);
|
---|
136 | $ID = $Line[0]+1;
|
---|
137 | ?>
|
---|
138 | <h4>Smazání èlánku</h4>
|
---|
139 | <form enctype="multipart/form-data" action="AddArticles.php" method="get">
|
---|
140 | <input type="hidden" name="Mode" Value="DelArticle">
|
---|
141 | <table border="0">
|
---|
142 | <tr><td>Èlánky:</td><td>
|
---|
143 | <?php
|
---|
144 | $sql = "SELECT * FROM articles";
|
---|
145 | $ID = $db->SQLCommand($sql);
|
---|
146 | echo '<select name="Section" size="10">';
|
---|
147 | while($Line = mysql_fetch_array($ID)) {
|
---|
148 | echo '<option value="',$Line['ID'],'">',$Line['Name'],' (',$Line['ID'],')</option>';
|
---|
149 | // echo $Line['Description'];
|
---|
150 | } // konec while
|
---|
151 | echo '</select>';
|
---|
152 |
|
---|
153 | ?>
|
---|
154 | </td></tr>
|
---|
155 | <tr><td><input type="submit" value="Smazat"></td></tr>
|
---|
156 | </table>
|
---|
157 | </form>
|
---|
158 |
|
---|
159 | <?php
|
---|
160 | }
|
---|
161 |
|
---|
162 | If ($Mode == '') { // formuláø editování èlánkù
|
---|
163 | TestLicence('2');
|
---|
164 | ?>
|
---|
165 | <h4>Editování èlánku</h4>
|
---|
166 | <form enctype="multipart/form-data" action="AddArticles.php" method="get">
|
---|
167 | <input type="hidden" name="Mode" Value="FormEdit">
|
---|
168 | <table border="0">
|
---|
169 | <tr><td>Èlánky:</td><td>
|
---|
170 | <?php
|
---|
171 | $sql = "SELECT * FROM articles";
|
---|
172 | $ID = $db->SQLCommand($sql);
|
---|
173 | echo '<select name="ID" size="10">';
|
---|
174 | while($Line = mysql_fetch_array($ID)) {
|
---|
175 | echo '<option value="',$Line['ID'],'">',$Line['Name'],' (',$Line['ID'],')</option>';
|
---|
176 | // echo $Line['Description'];
|
---|
177 | } // konec while
|
---|
178 | echo '</select>';
|
---|
179 |
|
---|
180 | ?>
|
---|
181 | </td></tr>
|
---|
182 | <tr><td><input type="submit" value="Editovat"></td></tr>
|
---|
183 | </table>
|
---|
184 | </form>
|
---|
185 |
|
---|
186 | <?php
|
---|
187 | }
|
---|
188 |
|
---|
189 | if ($Mode == 'DelArticle') { //smazání èlánku
|
---|
190 | TestLicence('4');
|
---|
191 | $Article = mysql_escape_string($_GET['Section']);
|
---|
192 | echo('Smazání èlánku: '.$Article.'<br>');
|
---|
193 |
|
---|
194 | $sql = "DELETE FROM articles WHERE ID = '$Article'";
|
---|
195 | $db->SQLCommand($sql);
|
---|
196 | echo 'èlánek byl Smazán';
|
---|
197 | WriteLog('Èlánek byl smazán: ID: '.$Article,'4');
|
---|
198 | }
|
---|
199 |
|
---|
200 | ShowFooter()
|
---|
201 | ?>
|
---|