diff options
Diffstat (limited to 'admin/editPost.php')
-rw-r--r-- | admin/editPost.php | 224 |
1 files changed, 224 insertions, 0 deletions
diff --git a/admin/editPost.php b/admin/editPost.php new file mode 100644 index 0000000..b01d1e2 --- /dev/null +++ b/admin/editPost.php | |||
@@ -0,0 +1,224 @@ | |||
1 | <?php | ||
2 | /* | ||
3 | 444444444 | ||
4 | 4::::::::4 | ||
5 | 4:::::::::4 | ||
6 | 4::::44::::4 | ||
7 | 4::::4 4::::4 Four Island | ||
8 | 4::::4 4::::4 | ||
9 | 4::::4 4::::4 Written and maintained by Starla Insigna | ||
10 | 4::::444444::::444 | ||
11 | 4::::::::::::::::4 admin/editPost.php | ||
12 | 4444444444:::::444 | ||
13 | 4::::4 Please do not use, reproduce or steal the | ||
14 | 4::::4 contents of this file without explicit | ||
15 | 4::::4 permission from Hatkirby. | ||
16 | 44::::::44 | ||
17 | 4::::::::4 | ||
18 | 4444444444 | ||
19 | */ | ||
20 | |||
21 | if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);} | ||
22 | |||
23 | require('headerproc.php'); | ||
24 | |||
25 | $category = 'posts'; | ||
26 | |||
27 | if ($_GET['type'] == 'updates') | ||
28 | { | ||
29 | $pageaid = 'posts'; | ||
30 | } else { | ||
31 | $pageaid = $_GET['type']; | ||
32 | } | ||
33 | |||
34 | $tableToForm = array( 'drafts' => 'draft', | ||
35 | 'pending' => 'article', | ||
36 | 'updates' => 'instant'); | ||
37 | $tableToTags = array( 'drafts' => 'draft', | ||
38 | 'pending' => 'pending', | ||
39 | 'updates' => 'published'); | ||
40 | |||
41 | if (!isset($_GET['type']) || !isset($_GET['id']) || !is_numeric($_GET['id'])) | ||
42 | { | ||
43 | generateError('404'); | ||
44 | } else if (!(($_GET['type'] == 'drafts') || ($_GET['type'] == 'pending') || ($_GET['type'] == 'updates'))) | ||
45 | { | ||
46 | generateError('404'); | ||
47 | } else { | ||
48 | $getpost = 'SELECT * FROM ' . $_GET['type'] . ' WHERE id = ' . $_GET['id']; | ||
49 | $getpost2 = mysql_query($getpost); | ||
50 | $getpost3 = mysql_fetch_array($getpost2); | ||
51 | |||
52 | if ($getpost3['id'] == $_GET['id']) | ||
53 | { | ||
54 | $template = new FITemplate('admin/writePost'); | ||
55 | |||
56 | $template->add('TITLE', 'Edit Post'); | ||
57 | |||
58 | if (isset($_GET['submit'])) | ||
59 | { | ||
60 | if (empty($_POST['title'])) | ||
61 | { | ||
62 | $errors[] = array( 'field' => 'title', | ||
63 | 'text' => 'Title is a required field'); | ||
64 | } | ||
65 | |||
66 | if (empty($_POST['text'])) | ||
67 | { | ||
68 | $errors[] = array( 'field' => 'text', | ||
69 | 'text' => 'The content of a blog post cannot be empty'); | ||
70 | } | ||
71 | |||
72 | if (empty($_POST['tags'])) | ||
73 | { | ||
74 | $errors[] = array( 'field' => 'tags', | ||
75 | 'text' => 'Tags is a required field'); | ||
76 | } | ||
77 | |||
78 | if ( | ||
79 | (strpos($_POST['tags'], ',') === 0) || | ||
80 | (strrpos($_POST['tags'], ',') === strlen($_POST['tags'])-1) || | ||
81 | (strpos($_POST['tags'], ',,') !== FALSE) | ||
82 | ) | ||
83 | { | ||
84 | $errors[] = array( 'field' => 'tags', | ||
85 | 'text' => 'Blank tags are not allowed'); | ||
86 | } | ||
87 | |||
88 | if (empty($_POST['type'])) | ||
89 | { | ||
90 | $errors[] = array( 'field' => 'type', | ||
91 | 'text' => 'Type is a required field'); | ||
92 | } | ||
93 | |||
94 | if (isset($errors)) | ||
95 | { | ||
96 | $template->adds_block('ISERROR',array('exi'=>1)); | ||
97 | |||
98 | $eid = 0; | ||
99 | foreach ($errors as $error) | ||
100 | { | ||
101 | $template->adds_block('ERROR', array( 'ID' => $eid, | ||
102 | 'TEXT' => $error['text'])); | ||
103 | $template->add('IS' . strtoupper($error['field']) . 'ERROR', ' error'); | ||
104 | $template->adds_block(strtoupper($error['field']) . 'ERROR', array( 'ID' => $eid, | ||
105 | 'TEXT' => $error['text'])); | ||
106 | |||
107 | $eid++; | ||
108 | } | ||
109 | |||
110 | $template->add('ACTION', '/admin/editPost.php?type=' . $_GET['type'] . '&id=' . $_GET['id'] . '&submit='); | ||
111 | } else { | ||
112 | $tags = explode(',', $_POST['tags']); | ||
113 | removeTags($_GET['id'], $tableToTags[$_GET['type']]); | ||
114 | |||
115 | if ($tableToForm[$_GET['type']] != $_POST['type']) | ||
116 | { | ||
117 | $delold = "DELETE FROM " . $_GET['type'] . " WHERE id = " . $_GET['id']; | ||
118 | $delold2 = mysql_query($delold); | ||
119 | |||
120 | if ($_POST['type'] == 'draft') | ||
121 | { | ||
122 | $insdraft = "INSERT INTO drafts (title,author,text,slug) VALUES (\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")"; | ||
123 | $insdraft2 = mysql_query($insdraft); | ||
124 | |||
125 | $id = mysql_insert_id(); | ||
126 | $type = 'drafts'; | ||
127 | addTags($id, $tags, 'draft'); | ||
128 | } else if ($_POST['type'] == 'instant') | ||
129 | { | ||
130 | $id = postBlogPost($_POST['title'], getSessionUsername(), $tags, $_POST['text']); | ||
131 | $type = 'updates'; | ||
132 | } else { | ||
133 | if ($_POST['type'] == 'article') | ||
134 | { | ||
135 | $getpending = "SELECT * FROM pending ORDER BY id DESC LIMIT 0,1"; | ||
136 | $getpending2 = mysql_query($getpending); | ||
137 | $getpending3 = mysql_fetch_array($getpending2); | ||
138 | if (isset($getpending3['id']) === FALSE) | ||
139 | { | ||
140 | $id = 50; | ||
141 | } else { | ||
142 | $id = $getpending3['id']+1; | ||
143 | } | ||
144 | } else if ($_POST['type'] == 'high') | ||
145 | { | ||
146 | $getpending = "SELECT * FROM pending ORDER BY id ASC LIMIT 0,1"; | ||
147 | $getpending2 = mysql_query($getpending); | ||
148 | $getpending3 = mysql_fetch_array($getpending2); | ||
149 | if (isset($getpending3['id']) === FALSE) | ||
150 | { | ||
151 | $id = 50; | ||
152 | } else { | ||
153 | $id = $getpending3['id']-1; | ||
154 | } | ||
155 | } | ||
156 | |||
157 | $inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")"; | ||
158 | $inspending2 = mysql_query($inspending); | ||
159 | |||
160 | $type = 'pending'; | ||
161 | addTags($id, $tags, 'pending'); | ||
162 | } | ||
163 | } else if ($_POST['type'] == 'draft') | ||
164 | { | ||
165 | $setdraft = "UPDATE drafts SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id']; | ||
166 | $setdraft2 = mysql_query($setdraft); | ||
167 | |||
168 | $type = 'drafts'; | ||
169 | $id = $_GET['id']; | ||
170 | addTags($_GET['id'], $tags, 'draft'); | ||
171 | } else if ($_POST['type'] == 'article') | ||
172 | { | ||
173 | $setpending = "UPDATE pending SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id']; | ||
174 | $setpending2 = mysql_query($setpending); | ||
175 | |||
176 | $type = 'pending'; | ||
177 | $id = $_GET['id']; | ||
178 | addTags($_GET['id'], $tags, 'pending'); | ||
179 | } else if ($_POST['type'] == 'instant') | ||
180 | { | ||
181 | $setpost = "UPDATE updates SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id']; | ||
182 | $setpost2 = mysql_query($setpost); | ||
183 | |||
184 | $type = 'updates'; | ||
185 | $id = $_GET['id']; | ||
186 | addTags($_GET['id'], $tags); | ||
187 | } | ||
188 | |||
189 | if ($type == 'updates') | ||
190 | { | ||
191 | $getpost = "SELECT * FROM updates WHERE id = " . $id; | ||
192 | $getpost2 = mysql_query($getpost); | ||
193 | $getpost3 = mysql_fetch_array($getpost2); | ||
194 | |||
195 | $url = '/blog/' . $getpost3['slug'] . '/'; | ||
196 | } else { | ||
197 | $url = '/viewPost.php?type=' . $type . '&id=' . $id; | ||
198 | } | ||
199 | |||
200 | $template->adds_block('FLASH', array('TEXT' => 'Your post has been sucessfully edited. <a href="' . $url . '">View post</a>.')); | ||
201 | $template->add('ACTION', '/admin/editPost.php?type=' . $type . '&id=' . $id . '&submit='); | ||
202 | } | ||
203 | |||
204 | $template->add('TITLEVALUE', $_POST['title']); | ||
205 | $template->add('TEXTVALUE', $_POST['text']); | ||
206 | $template->add('TAGSVALUE', $_POST['tags']); | ||
207 | $template->add(strtoupper($_POST['type']) . 'SELECTED', ' checked="checked"'); | ||
208 | if ($_POST['type'] != 'draft') $template->add('TAGSDISABLED', ' readonly="readonly"'); | ||
209 | } else { | ||
210 | $template->add('TITLEVALUE', $getpost3['title']); | ||
211 | $template->add('TEXTVALUE', $getpost3['text']); | ||
212 | $template->add('TAGSVALUE', implode(',', getTags($_GET['id'], $tableToTags[$_GET['type']]))); | ||
213 | $template->add(strtoupper($tableToForm[$_GET['type']]) . 'SELECTED', ' checked="checked"'); | ||
214 | if ($_GET['type'] != 'drafts') $template->add('TAGSDISABLED', ' readonly="readonly"'); | ||
215 | $template->add('ACTION', '/admin/editPost.php?type=' . $_GET['type'] . '&id=' . $_GET['id'] . '&submit='); | ||
216 | } | ||
217 | |||
218 | $template->display(); | ||
219 | } else { | ||
220 | generateError('404'); | ||
221 | } | ||
222 | } | ||
223 | |||
224 | ?> | ||