Bad command '$op'!\n"); html_footer(); exit(); } if ($op != 'L' && $LOGIN_USER == "") { header("Location: login.php"); exit(); } if (($op == 'D' || $op == 'M') && !$id) { html_header("Article Error"); print("
Command '$op' requires an ID!\n"); html_footer(); exit(); } if ($op == 'B' && $LOGIN_LEVEL < AUTH_DEVEL) { html_header("Article Error"); print("
You don't have permission to use command '$op'!\n"); html_footer(); exit(); } if (($op == 'D' || $op == 'M') && $LOGIN_LEVEL < AUTH_DEVEL) { $result = db_query("SELECT * FROM article WHERE id = $id"); if (db_count($result) != 1) { db_free($result); html_header("Article Error"); print("
Article #$id does not exist!\n"); html_footer(); exit(); } $row = db_next($result); if ($row['create_user'] != $LOGIN_USER && $row['create_user'] != $LOGIN_EMAIL) { db_free($result); html_header("Article Error"); print("
You don't have permission to use command '$op'!\n"); html_footer(); exit(); } db_free($result); } if ($op == 'N' && $id) { html_header("Article Error"); print("
Command '$op' may not have an ID!\n"); html_footer(); exit(); } for ($i = 1; $i < $argc; $i ++) { $option = substr($argv[$i], 1); switch ($argv[$i][0]) { case 'Q' : // Set search text $search = urldecode($option); $i ++; while ($i < $argc) { $search .= urldecode(" $argv[$i]"); $i ++; } break; case 'I' : // Set first STR $index = (int)$option; if ($index < 0) $index = 0; break; default : html_header("Article Error"); print("
Bad option '$argv[$i]'!
\n"); html_footer(); exit(); break; } } } else { $op = 'L'; $id = 0; } if ($REQUEST_METHOD == "POST") { if (array_key_exists("SEARCH", $_POST)) $search = $_POST["SEARCH"]; } $options = "+I$index+Q" . urlencode($search); switch ($op) { case 'B' : // Batch update selected articles if ($REQUEST_METHOD != "POST") { header("Location: $PHP_SELF?L$options"); break; } if (array_key_exists("IS_PUBLISHED", $_POST) && $_POST["IS_PUBLISHED"] != "") { $modify_date = time(); $modify_user = db_escape($LOGIN_USER); $is_published = (int)$_POST["IS_PUBLISHED"]; $query = "is_published = $is_published, modify_date = $modify_date, " ."modify_user = '$modify_user'"; db_query("BEGIN TRANSACTION"); reset($_POST); while (list($key, $val) = each($_POST)) if (substr($key, 0, 3) == "ID_") { $id = (int)substr($key, 3); db_query("UPDATE article SET $query WHERE id = $id"); } db_query("COMMIT TRANSACTION"); } header("Location: $PHP_SELF?L$options"); break; case 'D' : // Delete Article if ($REQUEST_METHOD == "POST") { db_query("DELETE FROM article WHERE id = $id"); header("Location: $PHP_SELF?L$options"); } else { $result = db_query("SELECT * FROM article WHERE id = $id"); if (db_count($result) != 1) { print("Error: Article #$id was not found!
\n"); html_footer(); exit(); } $row = db_next($result); html_header("Delete Article #$id"); html_start_links(1); html_link("Return to Articles", "$PHP_SELF?L$options"); html_link("View Article #$id", "$PHP_SELF?L$id$options"); html_link("Modify Article #$id", "$PHP_SELF?M$id$options"); html_end_links(); print("\n"); html_footer(); } break; case 'L' : // List (all) Article(s) if ($id) { $result = db_query("SELECT * FROM article WHERE id = $id"); if (db_count($result) != 1) { html_header("Article Error"); print("Error: Article #$id was not found!
\n"); html_footer(); exit(); } $row = db_next($result); $title = htmlspecialchars($row['title']); $abstract = htmlspecialchars($row['abstract']); $contents = format_text($row['contents']); $create_user = sanitize_email($row['create_user']); $date = date("H:i M d, Y", $row['modify_date']); html_header("Article #$id: $title"); html_start_links(1); html_link("Return to Articles", "$PHP_SELF?L$options"); html_link("Show Comments", "#_USER_COMMENTS"); html_link("Submit Comment", "comment.php?r0+particles.php_L$id"); if ($LOGIN_LEVEL >= AUTH_DEVEL || $row['create_user'] == $LOGIN_USER) { html_link("Modify Article", "$PHP_SELF?M$id$options"); html_link("Delete Article", "$PHP_SELF?D$id$options"); } html_end_links(); if (!$row['is_published']) print("This article is currently hidden from " ."public view.
\n"); print("$date by $create_user
$abstract
No Articles found.
\n"); html_footer(); exit(); } if ($index >= $count) $index = $count - ($count % $PAGE_MAX); if ($index < 0) $index = 0; $start = $index + 1; $end = $index + $PAGE_MAX; if ($end > $count) $end = $count; $prev = $index - $PAGE_MAX; if ($prev < 0) $prev = 0; $next = $index + $PAGE_MAX; print("$count article(s) found, showing $start to $end:
\n"); if ($LOGIN_LEVEL >= AUTH_DEVEL) print("\n"); html_footer(); } break; case 'N' : // Post new Article if ($REQUEST_METHOD == "POST") { if ($LOGIN_LEVEL < AUTH_DEVEL) $is_published = 0; else if (array_key_exists("IS_PUBLISHED", $_POST)) $is_published = (int)$_POST["IS_PUBLISHED"]; else $is_published = 0; if (array_key_exists("TITLE", $_POST)) $title = $_POST["TITLE"]; else $title = ""; if (array_key_exists("ABSTRACT", $_POST)) $abstract = $_POST["ABSTRACT"]; else $abstract = ""; if (array_key_exists("CONTENTS", $_POST)) $contents = $_POST["CONTENTS"]; else $contents = ""; if ($LOGIN_USER != "" && $LOGIN_LEVEL < AUTH_DEVEL) $create_user = $LOGIN_USER; else if (array_key_exists("CREATE_USER", $_POST)) $create_user = $_POST["CREATE_USER"]; else $create_user = ""; if (($is_published == 0 || $LOGIN_LEVEL >= AUTH_DEVEL) && $title != "" && $abstract != "" && $contents != "" && $create_user != "") $havedata = 1; else $havedata = 0; } else { $is_published = 0; $title = ""; $abstract = ""; $contents = ""; if ($LOGIN_USER != "") $create_user = $LOGIN_USER; else if (array_key_exists("FROM", $_COOKIE)) $create_user = $_COOKIE["FROM"]; else $create_user = ""; $havedata = 0; } if ($havedata) { $title = db_escape($title); $abstract = db_escape($abstract); $contents = db_escape($contents); $create_date = time(); $create_user = db_escape($create_user); db_query("INSERT INTO article VALUES(NULL," ."$is_published,'$title','$abstract','$contents'," ."$create_date,'$create_user',$create_date,'$create_user')"); $id = db_insert_id(); if (!$is_published) notify_users($id); header("Location: $PHP_SELF?L$id$options"); break; } html_header("Submit Article"); html_start_links(1); html_link("Return to Articles", "$PHP_SELF?L$options"); html_end_links(); if ($REQUEST_METHOD == "POST") { print("Error: Please fill in the fields marked in " ."bold red below and resubmit " ."your article.
\n"); $hstart = ""; $hend = ""; } else { print("Please use this form to post announcements, how-to's, " ."examples, and case studies showing how you use $PROJECT_NAME. " ."We will proofread your article, and if we determine it is " ."appropriate for the site, we will make the article public " ."on the site. Thank you for supporting $PROJECT_NAME!
\n"); $hstart = ""; $hend = ""; } print("\n"); html_footer(); break; } // // End of "$Id$". // ?>