diff --git a/www/account.php b/www/account.php index eef4e42..0b17cfd 100644 --- a/www/account.php +++ b/www/account.php @@ -1,6 +1,6 @@ "; + html_start_row(); print(""; + html_start_row(); print("" @@ -184,6 +192,6 @@ switch ($op) // -// End of "$Id: account.php,v 1.4 2004/05/18 21:26:52 mike Exp $". +// End of "$Id: account.php,v 1.5 2004/05/19 00:57:33 mike Exp $". // ?> diff --git a/www/articles.php b/www/articles.php index 59e333e..769c538 100644 --- a/www/articles.php +++ b/www/articles.php @@ -1,6 +1,6 @@ Bad command '$op'!\n"); @@ -62,7 +63,7 @@ if ($argc) exit(); } - if (($op == 'D' || $op == 'M') && $LOGIN_USER == "") + if (($op == 'D' || $op == 'M' && $op != 'B') && $LOGIN_USER == "") { html_header("Article Error"); print("

Command '$op' requires a login!\n"); @@ -123,6 +124,40 @@ $options = "+I$index+Q" . urlencode($search); switch ($op) { + case 'B' : // Batch update selected articles + if ($REQUEST_METHOD != "POST") + { + header("Location: $PHP_SELF?L$options"); + break; + } + + if (array_key_exists("IS_PUBLISHED", $_POST) && + $_POST["IS_PUBLISHED"] != "") + { + $modify_date = time(); + $modify_user = db_escape($LOGIN_USER); + $is_published = (int)$_POST["IS_PUBLISHED"]; + + $query = "is_published = $is_published, modify_date = $modify_date, " + ."modify_user = '$modify_user'"; + + db_query("BEGIN TRANSACTION"); + + reset($_POST); + while (list($key, $val) = each($_POST)) + if (substr($key, 0, 3) == "ID_") + { + $id = (int)substr($key, 3); + + db_query("UPDATE article SET $query WHERE id = $id"); + } + + db_query("COMMIT TRANSACTION"); + } + + header("Location: $PHP_SELF?L$options"); + break; + case 'D' : // Delete Article if ($REQUEST_METHOD == "POST") { @@ -294,7 +329,12 @@ switch ($op) } else { - $query .= "$prefix$logic (title LIKE \"%$keyword%\"" + if ($keyword == (int)$keyword) + $idsearch = " OR id = " . (int)$keyword; + else + $idsearch = ""; + + $query .= "$prefix$logic (title LIKE \"%$keyword%\"$idsearch" ." OR abstract LIKE \"%$keyword%\"" ." OR contents LIKE \"%$keyword%\")"; $prefix = $next; @@ -318,23 +358,26 @@ switch ($op) } if ($index >= $count) - $index = $count - ($count % $ARTICLE_PAGE_MAX); + $index = $count - ($count % $PAGE_MAX); if ($index < 0) $index = 0; $start = $index + 1; - $end = $index + $ARTICLE_PAGE_MAX; + $end = $index + $PAGE_MAX; if ($end > $count) $end = $count; - $prev = $index - $ARTICLE_PAGE_MAX; + $prev = $index - $PAGE_MAX; if ($prev < 0) $prev = 0; - $next = $index + $ARTICLE_PAGE_MAX; + $next = $index + $PAGE_MAX; print("

$count article(s) found, showing $start to $end:

\n"); - if ($count > $ARTICLE_PAGE_MAX) + if ($LOGIN_USER) + print("
\n"); + + if ($count > $PAGE_MAX) { print("

\n"); @@ -342,11 +385,11 @@ switch ($op) print(""); + print(""); $temp = htmlspecialchars($row['title']); - print(""); + if ($row['is_published'] == 0) + $temp .= " Private"; + + print(""); $temp = date("M d, Y", $row['modify_date']); - print(""); + print(""); $count = count_comments("articles.php_L$id"); - print(""); + print(""); html_end_row(); @@ -390,9 +433,20 @@ switch ($op) html_end_row(); } + if ($LOGIN_USER) + { + html_start_row("header"); + + print("\n"); + + html_end_row(); + } + html_end_table(); - if ($count > $ARTICLE_PAGE_MAX) + if ($count > $PAGE_MAX) { print("

"); if ($index > 0) print("[ Previous $ARTICLE_PAGE_MAX ]"); + ."'>Previous $PAGE_MAX ]"); print(""); if ($end < $count) { - $next_count = min($ARTICLE_PAGE_MAX, $count - $end); + $next_count = min($PAGE_MAX, $count - $end); print("[ Next $next_count ]"); } @@ -357,30 +400,30 @@ switch ($op) html_start_table(array("ID","Title","Last Modified", "Comment(s)")); db_seek($result, $index); - for ($i = 0; $i < $ARTICLE_PAGE_MAX && $row = db_next($result); $i ++) + for ($i = 0; $i < $PAGE_MAX && $row = db_next($result); $i ++) { html_start_row(); - $id = $row['id']; + $id = $row['id']; + $link = ""; - print("" - ."$id"); + if ($LOGIN_USER) + print(""); + print("$link$id" - ."$temp$link$temp" - ."$temp$link$temp" - ."$count$link$countPublished: "); + select_is_published(); + print("
\n"); @@ -400,11 +454,11 @@ switch ($op) print("
"); if ($index > 0) print("[ Previous $ARTICLE_PAGE_MAX ]"); + ."'>Previous $PAGE_MAX ]"); print(""); if ($end < $count) { - $next_count = min($ARTICLE_PAGE_MAX, $count - $end); + $next_count = min($PAGE_MAX, $count - $end); print("[ Next $next_count ]"); } @@ -419,18 +473,67 @@ switch ($op) case 'M' : // Modify Article if ($REQUEST_METHOD == "POST") { - $date = time(); - $is_published = db_escape($_POST["IS_PUBLISHED"]); - $title = db_escape($_POST["TITLE"]); - $abstract = db_escape($_POST["ABSTRACT"]); - $contents = db_escape($_POST["CONTENTS"]); + if (array_key_exists("IS_PUBLISHED", $_POST)) + $is_published = (int)$_POST["IS_PUBLISHED"]; + else + $is_published = 0; + + if (array_key_exists("TITLE", $_POST)) + $title = $_POST["TITLE"]; + else + $title = ""; + + if (array_key_exists("ABSTRACT", $_POST)) + $abstract = $_POST["ABSTRACT"]; + else + $abstract = ""; + + if (array_key_exists("CONTENTS", $_POST)) + $contents = $_POST["CONTENTS"]; + else + $contents = ""; + + if (($is_published == 0 || $LOGIN_USER) && $title != "" && + $abstract != "" && $contents != "") + $havedata = 1; + else + $havedata = 0; + } + else + { + $result = db_query("SELECT * FROM article WHERE id = $id"); + if (db_count($result) != 1) + { + print("

Error: Article #$id was not found!

\n"); + html_footer(); + exit(); + } + + $row = db_next($result); + + $is_published = $row["is_published"]; + $title = $row["title"]; + $abstract = $row["abstract"]; + $contents = $row["contents"]; + + db_free($row); + + $havedata = 0; + } + + if ($havedata) + { + $title = db_escape($title); + $abstract = db_escape($abstract); + $contents = db_escape($contents); + $modify_date = time(); db_query("UPDATE article SET " ."is_published = $is_published, " ."title = '$title', " ."abstract = '$abstract', " ."contents = '$contents', " - ."modify_date = $date, " + ."modify_date = $modify_date, " ."modify_user = '$LOGIN_USER' " ."WHERE id = $id"); @@ -446,35 +549,26 @@ switch ($op) html_end_links(); print("

Modify Article #$id

\n"); - $result = db_query("SELECT * FROM article WHERE id = $id"); - if (db_count($result) != 1) - { - print("

Error: Article #$id was not found!

\n"); - html_footer(); - exit(); - } - - $row = db_next($result); print("" ."

\n"); print("\n"); - $temp = htmlspecialchars($row['title'], ENT_QUOTES); + $temp = htmlspecialchars($title, ENT_QUOTES); print("" ."\n"); - $temp = htmlspecialchars($row['abstract'], ENT_QUOTES); + $temp = htmlspecialchars($abstract, ENT_QUOTES); print("" ."\n"); - $temp = htmlspecialchars($row['contents'], ENT_QUOTES); - print("" + $temp = htmlspecialchars($contents, ENT_QUOTES); + print("" ."\n"); @@ -490,18 +584,63 @@ switch ($op) case 'N' : // Post new Article if ($REQUEST_METHOD == "POST") { - $date = time(); - $is_published = db_escape($_POST["IS_PUBLISHED"]); - $title = db_escape($_POST["TITLE"]); - $abstract = db_escape($_POST["ABSTRACT"]); - $contents = db_escape($_POST["CONTENTS"]); + if (array_key_exists("IS_PUBLISHED", $_POST)) + $is_published = (int)$_POST["IS_PUBLISHED"]; + else + $is_published = 0; + + if (array_key_exists("TITLE", $_POST)) + $title = $_POST["TITLE"]; + else + $title = ""; + + if (array_key_exists("ABSTRACT", $_POST)) + $abstract = $_POST["ABSTRACT"]; + else + $abstract = ""; + + if (array_key_exists("CONTENTS", $_POST)) + $contents = $_POST["CONTENTS"]; + else + $contents = ""; + + if (array_key_exists("CREATE_USER", $_POST)) + $create_user = $_POST["CREATE_USER"]; + else + $create_user = ""; + + if (($is_published == 0 || $LOGIN_USER) && $title != "" && + $abstract != "" && $contents != "") + $havedata = 1; + else + $havedata = 0; + } + else + { + $is_published = 0; + $title = ""; + $abstract = ""; + $contents = ""; + + if (array_key_exists("FROM", $_COOKIE)) + $create_user = $_COOKIE["FROM"]; + else + $create_user = ""; + + $havedata = 0; + } + + if ($havedata) + { + $title = db_escape($title); + $abstract = db_escape($abstract); + $contents = db_escape($contents); + $create_date = time(); + $create_user = db_escape($create_user); db_query("INSERT INTO article VALUES(NULL," - ."$is_published," - ."'$title'," - ."'$abstract'," - ."'$contents'," - ."$date,'$LOGIN_USER',$date,'$LOGIN_USER')"); + ."$is_published,'$title','$abstract','$contents'," + ."$create_date,'$create_user',$create_date,'$create_user')"); $id = db_insert_id(); @@ -516,30 +655,56 @@ switch ($op) html_end_links(); print("

Post New Article

\n"); + + print("

Please use this form to post announcements, how-to's, " + ."examples, and case studies showing how you use $PROJECT. " + ."We will proofread your article, and if we determine it is " + ."appropriate for the site, we will make the article public " + ."on the site. Thank you for supporting $PROJECT!

\n" + ."
\n"); + print("" ."

Published:"); - select_is_published($row['is_published']); + select_is_published($is_published); print("
Title:
Abstract:
Contents:
Contents:
\n"); if ($LOGIN_USER != "") { print("\n"); } else print("\n"); + $title = htmlspecialchars($title, ENT_QUOTES); + print("" ."\n"); + ."size='40' value='$title'>\n"); + + $abstract = htmlspecialchars($abstract, ENT_QUOTES); print("" ."\n"); + ."size='40' value='$abstract'>\n"); + + $author = htmlspecialchars($author, ENT_QUOTES); + + print("" + ."\n"); + + $contents = htmlspecialchars($contents, ENT_QUOTES); - print("" + print("" ."\n"); + ."$contents\n" + ."

The contents of the article may contain the following " + ."HTML elements: A, B, BLOCKQUOTE, " + ."CODE, EM, H1, H2, " + ."H3, H4, H5, H6, I, " + ."IMG, LI, OL, P, PRE, " + ."TT, U, UL

\n"); print("\n"); @@ -551,6 +716,6 @@ switch ($op) // -// End of "$Id: articles.php,v 1.4 2004/05/18 21:26:52 mike Exp $". +// End of "$Id: articles.php,v 1.5 2004/05/19 00:57:33 mike Exp $". // ?> diff --git a/www/comment.php b/www/comment.php index a64b8fb..4dbf839 100644 --- a/www/comment.php +++ b/www/comment.php @@ -1,6 +1,6 @@ " ."\n"); - print("" + print("" ."
Published:"); - select_is_published(); + select_is_published($is_published); print("
Title:
Abstract:
Author:
Contents:
Contents:
" ."
File Path:
Status:
Score:\n"); @@ -777,11 +777,11 @@ switch ($op) print("[ Previous $STR_PAGE_MAX ]"); + ."'>Previous $PAGE_MAX ]"); print("
"); if ($end < $count) { - $next_count = min($STR_PAGE_MAX, $count - $end); + $next_count = min($PAGE_MAX, $count - $end); print("[ "; + print(""); if ($LOGIN_USER) print(""); @@ -901,7 +905,7 @@ switch ($op) html_end_table(); - if ($count > $STR_PAGE_MAX) + if ($count > $PAGE_MAX) { print("

\n"); @@ -911,11 +915,11 @@ switch ($op) print("[ Previous $STR_PAGE_MAX ]"); + ."'>Previous $PAGE_MAX ]"); print("
"); if ($end < $count) { - $next_count = min($STR_PAGE_MAX, $count - $end); + $next_count = min($PAGE_MAX, $count - $end); print("[