Home Explore Help
Register Sign In
NSHkD
/
Gazelle
forked from Oppaitime/Gazelle
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Oppaitime's version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
81 Commits
1 Branch
Tree: 20aae61a7d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '20aae61a7d'
${ noResults }
Gazelle/sections/tools/managers/news.php

news.php 2.7KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 
  1. <?

  2. enforce_login();

  3. if (!check_perms('admin_manage_news')) {

  4.   error(403);

  5. }

  6. 

  7. View::show_header('Manage news', 'bbcode');

  8. 

  9. switch ($_GET['action']) {

  10.   case 'takeeditnews':

  11.     if (!check_perms('admin_manage_news')) {

  12.       error(403);

  13.     }

  14.     if (is_number($_POST['newsid'])) {

  15.       authorize();

  16. 

  17.       $DB->query("

  18.         UPDATE news

  19.         SET Title = '".db_string($_POST['title'])."', Body = '".db_string($_POST['body'])."'

  20.         WHERE ID = '".db_string($_POST['newsid'])."'");

  21.       $Cache->delete_value('news');

  22.       $Cache->delete_value('feed_news');

  23.     }

  24.     header('Location: index.php');

  25.     break;

  26.   case 'editnews':

  27.     if (is_number($_GET['id'])) {

  28.       $NewsID = $_GET['id'];

  29.       $DB->query("

  30.         SELECT Title, Body

  31.         FROM news

  32.         WHERE ID = $NewsID");

  33.       list($Title, $Body) = $DB->next_record();

  34.     }

  35. }

  36. ?>

  37. <div class="thin">

  38.   <div class="header">

  39.     <h2><?= ($_GET['action'] == 'news') ? 'Create a news post' : 'Edit news post';?></h2>

  40.   </div>

  41.   <form class="<?= ($_GET['action'] == 'news') ? 'create_form' : 'edit_form';?>" name="news_post" action="tools.php" method="post">

  42.     <div class="box pad">

  43.       <input type="hidden" name="action" value="<?= ($_GET['action'] == 'news') ? 'takenewnews' : 'takeeditnews';?>" />

  44.       <input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />

  45. <? if ($_GET['action'] == 'editnews') { ?>

  46.       <input type="hidden" name="newsid" value="<?=$NewsID; ?>" />

  47. <? } ?>

  48.       <h3>Title</h3>

  49.       <input type="text" name="title" size="95"<? if (!empty($Title)) { echo ' value="'.display_str($Title).'"'; } ?> />

  50. <!-- Why did someone add this?  <input type="datetime" name="datetime" value="<?=sqltime()?>" /> -->

  51.       <br />

  52.       <h3>Body</h3>

  53.       <textarea name="body" cols="95" rows="15"><? if (!empty($Body)) { echo display_str($Body); } ?></textarea> <br /><br />

  54. 

  55. 

  56.       <div class="center">

  57.         <input type="submit" value="<?= ($_GET['action'] == 'news') ? 'Create news post' : 'Edit news post';?>" />

  58.       </div>

  59.     </div>

  60.   </form>

  61. 

  62.   <h2>News archive</h2>

  63. <?

  64. $DB->query('

  65.   SELECT

  66.     ID,

  67.     Title,

  68.     Body,

  69.     Time

  70.   FROM news

  71.   ORDER BY Time DESC');// LIMIT 20

  72. while (list($NewsID, $Title, $Body, $NewsTime) = $DB->next_record()) {

  73. ?>

  74.   <div class="box vertical_space news_post">

  75.     <div class="head">

  76.       <strong><?=display_str($Title) ?></strong> - posted <?=time_diff($NewsTime) ?>

  77.       - <a href="tools.php?action=editnews&amp;id=<?=$NewsID?>" class="brackets">Edit</a>

  78.       <a href="tools.php?action=deletenews&amp;id=<?=$NewsID?>&amp;auth=<?=$LoggedUser['AuthKey']?>" class="brackets">Delete</a>

  79.     </div>

  80.     <div class="pad"><?=Text::full_format($Body) ?></div>

  81.   </div>

  82. <? } ?>

  83. </div>

  84. <? View::show_footer();?>