Bad command '$op'!\n"); html_footer(); exit(); } if (($op == 'D' || $op == 'M') && !$id) { html_header("Article Error"); print("

Command '$op' requires an ID!\n"); html_footer(); exit(); } if ($op == 'N' && $id) { html_header("Article Error"); print("

Command '$op' may not have an ID!\n"); html_footer(); exit(); } } else { $op = 'L'; $id = 0; } switch ($op) { case 'D' : // Delete Article if ($REQUEST_METHOD == "POST") { db_query("DELETE FROM article WHERE id = $id"); header("Location: $PHP_SELF?L"); } else { $result = db_query("SELECT * FROM article WHERE id = $id"); if (db_count($result) != 1) { print("

Error: Article #$id was not found!

\n"); html_footer(); exit(); } $row = db_next($result); html_header("Delete Article #$id"); html_start_links(1); html_link("Return to Article List", "$PHP_SELF?L"); html_link("View Article #$id", "$PHP_SELF?L$id"); html_link("Modify Article #$id", "$PHP_SELF?M$id"); html_end_links(); print("

Delete Article #$id

\n"); print("

" ."

\n"); if (!$row['is_published']) print("\n"); $temp = htmlspecialchars($row["title"]); print("\n"); $temp = htmlspecialchars($row["abstract"]); print("\n"); $temp = htmlspecialchars($row["contents"]); print("\n"); print("\n"); print("
This Article is " ."currently hidden from public view.
Title: $temp
Abstract: $temp
Contents: $temp
" ."

This Article is " ."currently hidden from public view.
Title:	$temp
Abstract:	$temp
Contents:	$temp
" ."

\n"); html_footer(); } break; case 'L' : // List (all) Article(s) if ($id) { html_header("Article #$id"); $result = db_query("SELECT * FROM article WHERE id = $id"); if (db_count($result) != 1) { print("

Error: Article #$id was not found!

\n"); html_footer(); exit(); } $row = db_next($result); html_start_links(1); html_link("Return to Article List", "$PHP_SELF?L"); html_link("Modify Article", "$PHP_SELF?M$id"); html_link("Delete Article #$id", "$PHP_SELF?D$id"); html_end_links(); print("

Article #$id

\n"); print("

\n"); if (!$row['is_published']) print("\n"); $temp = htmlspecialchars($row['title']); print("\n"); $temp = htmlspecialchars($row['abstract']); print("\n"); $temp = htmlspecialchars($row['contents']); print("\n"); print("
This Article is " ."currently hidden from public view.
Title: $temp
Abstract: $temp
Contents: $temp

This Article is " ."currently hidden from public view.
Title:	$temp
Abstract:	$temp
Contents:	$temp

\n"); db_free($result); } else { html_header("Article List"); html_start_links(1); html_link("New Article", "$PHP_SELF?N"); html_end_links(); $result = db_query("SELECT * FROM article"); $count = db_count($result); print("

Article List

\n"); if ($count == 0) { print("

No Articles found.

\n"); html_footer(); exit(); } html_start_table(array("Title","Abstract","Contents")); while ($row = db_next($result)) { html_start_row(); $id = $row['id']; $temp = htmlspecialchars($row['title']); print("" ."$temp"); $temp = htmlspecialchars($row['abstract']); print("" ."$temp"); $temp = htmlspecialchars($row['contents']); print("" ."$temp"); html_end_row(); } html_end_table(); } html_footer(); break; case 'M' : // Modify Article if ($REQUEST_METHOD == "POST") { $date = time(); $is_published = db_escape($_POST["IS_PUBLISHED"]); $title = db_escape($_POST["TITLE"]); $abstract = db_escape($_POST["ABSTRACT"]); $contents = db_escape($_POST["CONTENTS"]); db_query("UPDATE article SET " ."is_published = $is_published, " ."title = '$title', " ."abstract = '$abstract', " ."contents = '$contents', " ."modify_date = $date, " ."modify_user = '$LOGIN_USER' " ."WHERE id = $id"); header("Location: $PHP_SELF?L$id"); } else { html_header("Modify Article #$id"); html_start_links(1); html_link("Return to Article List", "$PHP_SELF?L"); html_link("Article #$id", "$PHP_SELF?L$id"); html_end_links(); print("

Modify Article #$id

\n"); $result = db_query("SELECT * FROM article WHERE id = $id"); if (db_count($result) != 1) { print("

Error: Article #$id was not found!

\n"); html_footer(); exit(); } $row = db_next($result); print("

" ."

\n"); print("\n"); $temp = htmlspecialchars($row['title'], ENT_QUOTES); print("" ."\n"); $temp = htmlspecialchars($row['abstract'], ENT_QUOTES); print("" ."\n"); $temp = htmlspecialchars($row['contents'], ENT_QUOTES); print("" ."\n"); print("\n"); print("
Published: "); select_is_published($row['is_published']); print("
Title:
Abstract:
Contents: " ."$temp
" ."

Published:	"); select_is_published($row['is_published']); print("
Title:
Abstract:
Contents:	" ."$temp
" ."

\n"); html_footer(); } break; case 'N' : // Post new Article if ($REQUEST_METHOD == "POST") { $date = time(); $is_published = db_escape($_POST["IS_PUBLISHED"]); $title = db_escape($_POST["TITLE"]); $abstract = db_escape($_POST["ABSTRACT"]); $contents = db_escape($_POST["CONTENTS"]); db_query("INSERT INTO article VALUES(NULL," ."$is_published," ."'$title'," ."'$abstract'," ."'$contents'," ."$date,'$LOGIN_USER',$date,'$LOGIN_USER')"); $id = db_insert_id(); header("Location: $PHP_SELF?L$id"); break; } html_header("New Article"); html_start_links(1); html_link("Return to Article List", "$PHP_SELF?L"); html_end_links(); print("

New Article

\n"); print("

" ."

\n"); print("\n"); print("" ."\n"); print("" ."\n"); print("" ."\n"); print("\n"); print("
Published: "); select_is_published(); print("
Title:
Abstract:
Contents: " ."
" ."

\n"); html_footer(); break; } // // End of "$Id: articles.php,v 1.2 2004/05/18 12:02:02 mike Exp $". // ?>

" ."
Published:	"); select_is_published(); print("
Title:
Abstract:
Contents:	" ."