source: Administrace/AddArticles.php

Last change on this file was 1, checked in by george, 15 years ago
  • Import souborů projektu.
File size: 7.7 KB
Line 
1<?php
2 include '../includes/Global.php';
3
4 TestLicence('2');
5
6 if (array_key_exists('Mode', $_GET)) {
7 $Mode = $_GET['Mode'];
8 } else {
9 $Mode = '';
10 }
11
12 If ($Mode == '' or $Mode == 'FormEdit') { // formuláø pøidání èlánku
13 if (array_key_exists('ID', $_GET)) {
14 $ID = $_GET['ID'];
15 $Action = 'Edit';
16
17 //naèítání do promìných
18 $sql = "SELECT * FROM articles WHERE ID = $ID";
19 $IDdb = $db->SQLCommand($sql);
20
21 //todo: èlánek nenalezen
22
23 $Line = mysql_fetch_array($IDdb);
24 $Name = $Line['Name'];
25 $Text = $Line['Text'];
26 $Description = $Line['Description'];
27 $selected = $Line['SectionID'];
28 } else {
29 $sql = "SELECT max(ID) FROM articles";
30 $ID = $db->SQLCommand($sql);
31 $Line = mysql_fetch_row($ID);
32 $ID = $Line[0]+1;
33 $Action = 'AddArticle';
34 //naèítání do promìných
35 $Name = '';
36 $Text = '';
37 $Description = '';
38 $selected = '';
39 }
40
41?>
42 <h4>Pøidání èlánku</h4>
43 <form enctype="multipart/form-data" action="AddArticles.php?Mode=<?php echo $Action; ?>" method="post" name="form">
44 <input type="hidden" name="ID" value="<?php echo $ID; ?>">
45 <table border="0">
46 <tr><td>Adresa:</td><td><b>&lt;a href="/Section.php?Article=<?php echo $ID; ?>"&gt;èlánek&lt;/a&gt;</b></td></tr>
47 <tr><td>Uživatel: </td><td><b><?php echo $_SESSION['User']; ?></b></td></tr>
48 <tr><td>Název:</td><td><input type="text" name="Name" value="<?php echo $Name; ?>"></td></tr>
49 <tr><td>Sekce: </td><td><?php
50 $sql = "SELECT * FROM section";
51 // echo $sql;
52 $ID = $db->SQLCommand($sql);
53 echo '<select name="Section" size="1">';
54 echo '<option value="0">žádná</option>';
55 while($Line = mysql_fetch_array($ID)) {
56 if ($selected == $Line['ID']) {
57 echo '<option value="',$Line['ID'],'" selected="selected">',$Line['Name'],'</option>';
58 }
59 echo '<option value="',$Line['ID'],'">',$Line['Name'],'</option>';
60 // echo $Line['Description'];
61 } // konec while
62 echo '</select>';
63 ?></td></tr>
64 <tr><td>Zobrazit od: </td><td>TODO</td></tr>
65 <tr><td>Zobrazit do: </td><td>TODO</td></tr>
66 <tr><td>Popis:</td><td><input size="107" type="text" name="Description" value="<?php echo $Description; ?>"></td></tr>
67 <tr><td> </td><td>
68 <span Title="Odstavec...odøádkování" onclick="document.form.Text.value = document.form.Text.value+'<br>\n'; document.form.Text.focus()">[enter]</span>
69 <span Title="Tuèný text" onclick="document.form.Text.value = document.form.Text.value+'<b>tuèný text</b>'; document.form.Text.focus()">[b]</span>
70 <span Title="Ležatý text" onclick="document.form.Text.value = document.form.Text.value+'<i>ležatý text</i>'; document.form.Text.focus()">[i]</span>
71 <span Title="Kaskádové styly v tagu span" onclick="document.form.Text.value = document.form.Text.value+'<span style=&quot;styly&quot;>text</span>'; document.form.Text.focus()">[span]</span>
72 <span Title="Obrázek" onclick="document.form.Text.value = document.form.Text.value+'<img alt=&quot;Alternativní text(když nenalezne obr.)&quot; src=&quot;cesta&quot;>'; document.form.Text.focus()">[img]</span>
73 <span Title="Odkaz/link" onclick="document.form.Text.value = document.form.Text.value+'&lt;a href=&quot;http://adresa/&quot;&gt;Zobrazované slovo na webu&lt;/a&gt;'; document.form.Text.focus()">[a]</span>
74 - Pøidává na konec textu</td></tr>
75 <tr><td>Text: </td><td><textarea cols="80" name="Text" rows="30"><?php echo $Text; ?></textarea></td></tr>
76 <tr><td><input type="submit" value="Uložit"></td><td><a href="AddImage.php" target="new">Pøidat obrázek</a></td></tr>
77 </table>
78 </form>
79
80<?php
81 }
82
83 if ($Mode == 'AddArticle') { //pøidání èlánku
84 $Name = mysql_escape_string($_POST['Name']);
85 $UserID = mysql_escape_string($_SESSION['ID']);
86 $Text = mysql_escape_string($_POST['Text']);
87 $TextWithoutTags = strip_tags($_POST['Text']);
88 $Section = mysql_escape_string($_POST['Section']);
89 $Description = mysql_escape_string($_POST['Description']);
90
91 echo('Jméno: '.$Name.'<br>');
92 echo('Uživatel: '.$UserID.'<br>');
93 echo('Section: '.$Section.'<br>');
94 echo('Popis: '.$Description.'<br>');
95 echo('Text: '.$Text.'<br>');
96
97 $sql = "SELECT max(ID) FROM articles";
98 $ID = $db->SQLCommand($sql);
99 $Line = mysql_fetch_row($ID);
100 $ID = $Line[0]+1;
101 $sql = "INSERT articles VALUE('$ID','$Name','$Description','$Text','$TextWithoutTags',now(),now(),now(),'$UserID','$Section')";
102 $db->SQLCommand($sql);
103 echo 'èlánek '.$Name.' byl uložen';
104 WriteLog('Èlánek byl uložen: '.$Name.' ID: '.$ID.' Popis: '.$Description.' User: '.$UserID.' Sekce: '.$Section,'2');
105 }
106
107 if ($Mode == 'Edit') { //pøidání èlánku
108 $Name = mysql_escape_string($_POST['Name']);
109 $ID = mysql_escape_string($_POST['ID']);
110 $UserID = mysql_escape_string($_SESSION['ID']);
111 $Text = mysql_escape_string($_POST['Text']);
112 $TextWithoutTags = strip_tags($_POST['Text']);
113 $Section = mysql_escape_string($_POST['Section']);
114 $Description = mysql_escape_string($_POST['Description']);
115
116 echo('Jméno: '.$Name.'<br>');
117 echo('Uživatel: '.$UserID.'<br>');
118 echo('Section: '.$Section.'<br>');
119 echo('Popis: '.$Description.'<br>');
120 echo('Text: '.$Text.'<br>');
121
122 $sql = "UPDATE articles SET Name = '$Name', Description = '$Description',
123 Text = '$Text', TextWithoutTags = '$TextWithoutTags', UserID = '$UserID',
124 SectionID ='$Section' WHERE ID = '$ID'";
125 $db->SQLCommand($sql);
126 echo 'èlánek '.$Name.' byl editován';
127 WriteLog('Èlánek byl editován: '.$Name.' ID: '.$ID.' Popis: '.$Description.' User: '.$UserID.' Sekce: '.$Section,'3');
128 }
129
130
131 If ($Mode == '') { // formuláø smazání èlánku
132 TestLicence('4');
133 $sql = "SELECT max(ID) FROM section";
134 $ID = $db->SQLCommand($sql);
135 $Line = mysql_fetch_row($ID);
136 $ID = $Line[0]+1;
137?>
138 <h4>Smazání èlánku</h4>
139 <form enctype="multipart/form-data" action="AddArticles.php" method="get">
140 <input type="hidden" name="Mode" Value="DelArticle">
141 <table border="0">
142 <tr><td>Èlánky:</td><td>
143<?php
144 $sql = "SELECT * FROM articles";
145 $ID = $db->SQLCommand($sql);
146 echo '<select name="Section" size="10">';
147 while($Line = mysql_fetch_array($ID)) {
148 echo '<option value="',$Line['ID'],'">',$Line['Name'],' (',$Line['ID'],')</option>';
149 // echo $Line['Description'];
150 } // konec while
151 echo '</select>';
152
153?>
154 </td></tr>
155 <tr><td><input type="submit" value="Smazat"></td></tr>
156 </table>
157 </form>
158
159<?php
160 }
161
162 If ($Mode == '') { // formuláø editování èlánkù
163 TestLicence('2');
164?>
165 <h4>Editování èlánku</h4>
166 <form enctype="multipart/form-data" action="AddArticles.php" method="get">
167 <input type="hidden" name="Mode" Value="FormEdit">
168 <table border="0">
169 <tr><td>Èlánky:</td><td>
170<?php
171 $sql = "SELECT * FROM articles";
172 $ID = $db->SQLCommand($sql);
173 echo '<select name="ID" size="10">';
174 while($Line = mysql_fetch_array($ID)) {
175 echo '<option value="',$Line['ID'],'">',$Line['Name'],' (',$Line['ID'],')</option>';
176 // echo $Line['Description'];
177 } // konec while
178 echo '</select>';
179
180?>
181 </td></tr>
182 <tr><td><input type="submit" value="Editovat"></td></tr>
183 </table>
184 </form>
185
186<?php
187 }
188
189 if ($Mode == 'DelArticle') { //smazání èlánku
190 TestLicence('4');
191 $Article = mysql_escape_string($_GET['Section']);
192 echo('Smazání èlánku: '.$Article.'<br>');
193
194 $sql = "DELETE FROM articles WHERE ID = '$Article'";
195 $db->SQLCommand($sql);
196 echo 'èlánek byl Smazán';
197 WriteLog('Èlánek byl smazán: ID: '.$Article,'4');
198 }
199
200 ShowFooter()
201?>
Note: See TracBrowser for help on using the repository browser.