Home Explore Help
Register Sign In
Syunka
/
Gazelle
forked from Oppaitime/Gazelle
Watch 1
Star 1
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Oppaitime's version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
474 Commits
2 Branches
Tree: 455152131e
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '455152131e'
${ noResults }
Gazelle/sections/tools/managers/news.php

news.php 2.7KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283 
  1. <?

  2. enforce_login();

  3. if (!check_perms('admin_manage_news')) {

  4.   error(403);

  5. }

  6. 

  7. View::show_header('Manage news', 'bbcode');

  8. 

  9. switch ($_GET['action']) {

  10.   case 'takeeditnews':

  11.     if (!check_perms('admin_manage_news')) {

  12.       error(403);

  13.     }

  14.     if (is_number($_POST['newsid'])) {

  15.       authorize();

  16. 

  17.       $DB->query("

  18.         UPDATE news

  19.         SET Title = '".db_string($_POST['title'])."', Body = '".db_string($_POST['body'])."'

  20.         WHERE ID = '".db_string($_POST['newsid'])."'");

  21.       $Cache->delete_value('news');

  22.       $Cache->delete_value('feed_news');

  23.     }

  24.     header('Location: index.php');

  25.     break;

  26.   case 'editnews':

  27.     if (is_number($_GET['id'])) {

  28.       $NewsID = $_GET['id'];

  29.       $DB->query("

  30.         SELECT Title, Body

  31.         FROM news

  32.         WHERE ID = $NewsID");

  33.       list($Title, $Body) = $DB->next_record();

  34.     }

  35. }

  36. ?>

  37. <div class="thin">

  38.   <div class="header">

  39.     <h2><?= ($_GET['action'] == 'news') ? 'Create a news post' : 'Edit news post';?></h2>

  40.   </div>

  41.   <form class="<?= ($_GET['action'] == 'news') ? 'create_form' : 'edit_form';?>" name="news_post" action="tools.php" method="post">

  42.     <div class="box pad">

  43.       <input type="hidden" name="action" value="<?= ($_GET['action'] == 'news') ? 'takenewnews' : 'takeeditnews';?>">

  44.       <input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>">

  45. <? if ($_GET['action'] == 'editnews') { ?>

  46.       <input type="hidden" name="newsid" value="<?=$NewsID; ?>">

  47. <? } ?>

  48.       <h3>Title</h3>

  49.       <input type="text" name="title" size="95"<? if (!empty($Title)) { echo ' value="'.display_str($Title).'"'; } ?>>

  50. <!-- Why did someone add this?  <input type="datetime" name="datetime" value="<?=sqltime()?>" /> -->

  51.       <br>

  52.       <h3>Body</h3>

  53. <?    $Textarea = new TEXTAREA_PREVIEW('body', '', display_str($Body), 95, 15, true, false); ?>

  54.       <div class="center">

  55.         <input type="button" value="Preview" class="hidden button_preview_<?=$Textarea->getID()?>">

  56.         <input type="submit" value="<?= ($_GET['action'] == 'news') ? 'Create news post' : 'Edit news post';?>">

  57.       </div>

  58.     </div>

  59.   </form>

  60. 

  61.   <h2>News archive</h2>

  62. <?

  63. $DB->query('

  64.   SELECT

  65.     ID,

  66.     Title,

  67.     Body,

  68.     Time

  69.   FROM news

  70.   ORDER BY Time DESC');// LIMIT 20

  71. while (list($NewsID, $Title, $Body, $NewsTime) = $DB->next_record()) {

  72. ?>

  73.   <div class="box vertical_space news_post">

  74.     <div class="head">

  75.       <strong><?=display_str($Title) ?></strong> - posted <?=time_diff($NewsTime) ?>

  76.       - <a href="tools.php?action=editnews&amp;id=<?=$NewsID?>" class="brackets">Edit</a>

  77.       <a href="tools.php?action=deletenews&amp;id=<?=$NewsID?>&amp;auth=<?=$LoggedUser['AuthKey']?>" class="brackets">Delete</a>

  78.     </div>

  79.     <div class="pad"><?=Text::full_format($Body) ?></div>

  80.   </div>

  81. <? } ?>

  82. </div>

  83. <? View::show_footer();?>