summary refs log tree commit diff stats
path: root/admin/editPost.php
diff options
context:
space:
mode:
Diffstat (limited to 'admin/editPost.php')
-rw-r--r--admin/editPost.php224
1 files changed, 224 insertions, 0 deletions
diff --git a/admin/editPost.php b/admin/editPost.php new file mode 100644 index 0000000..b01d1e2 --- /dev/null +++ b/admin/editPost.php
@@ -0,0 +1,224 @@
1<?php
2/*
3 444444444
4 4::::::::4
5 4:::::::::4
6 4::::44::::4
7 4::::4 4::::4 Four Island
8 4::::4 4::::4
9 4::::4 4::::4 Written and maintained by Starla Insigna
104::::444444::::444
114::::::::::::::::4 admin/editPost.php
124444444444:::::444
13 4::::4 Please do not use, reproduce or steal the
14 4::::4 contents of this file without explicit
15 4::::4 permission from Hatkirby.
16 44::::::44
17 4::::::::4
18 4444444444
19*/
20
21if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);}
22
23require('headerproc.php');
24
25$category = 'posts';
26
27if ($_GET['type'] == 'updates')
28{
29 $pageaid = 'posts';
30} else {
31 $pageaid = $_GET['type'];
32}
33
34$tableToForm = array( 'drafts' => 'draft',
35 'pending' => 'article',
36 'updates' => 'instant');
37$tableToTags = array( 'drafts' => 'draft',
38 'pending' => 'pending',
39 'updates' => 'published');
40
41if (!isset($_GET['type']) || !isset($_GET['id']) || !is_numeric($_GET['id']))
42{
43 generateError('404');
44} else if (!(($_GET['type'] == 'drafts') || ($_GET['type'] == 'pending') || ($_GET['type'] == 'updates')))
45{
46 generateError('404');
47} else {
48 $getpost = 'SELECT * FROM ' . $_GET['type'] . ' WHERE id = ' . $_GET['id'];
49 $getpost2 = mysql_query($getpost);
50 $getpost3 = mysql_fetch_array($getpost2);
51
52 if ($getpost3['id'] == $_GET['id'])
53 {
54 $template = new FITemplate('admin/writePost');
55
56 $template->add('TITLE', 'Edit Post');
57
58 if (isset($_GET['submit']))
59 {
60 if (empty($_POST['title']))
61 {
62 $errors[] = array( 'field' => 'title',
63 'text' => 'Title is a required field');
64 }
65
66 if (empty($_POST['text']))
67 {
68 $errors[] = array( 'field' => 'text',
69 'text' => 'The content of a blog post cannot be empty');
70 }
71
72 if (empty($_POST['tags']))
73 {
74 $errors[] = array( 'field' => 'tags',
75 'text' => 'Tags is a required field');
76 }
77
78 if (
79 (strpos($_POST['tags'], ',') === 0) ||
80 (strrpos($_POST['tags'], ',') === strlen($_POST['tags'])-1) ||
81 (strpos($_POST['tags'], ',,') !== FALSE)
82 )
83 {
84 $errors[] = array( 'field' => 'tags',
85 'text' => 'Blank tags are not allowed');
86 }
87
88 if (empty($_POST['type']))
89 {
90 $errors[] = array( 'field' => 'type',
91 'text' => 'Type is a required field');
92 }
93
94 if (isset($errors))
95 {
96 $template->adds_block('ISERROR',array('exi'=>1));
97
98 $eid = 0;
99 foreach ($errors as $error)
100 {
101 $template->adds_block('ERROR', array( 'ID' => $eid,
102 'TEXT' => $error['text']));
103 $template->add('IS' . strtoupper($error['field']) . 'ERROR', ' error');
104 $template->adds_block(strtoupper($error['field']) . 'ERROR', array( 'ID' => $eid,
105 'TEXT' => $error['text']));
106
107 $eid++;
108 }
109
110 $template->add('ACTION', '/admin/editPost.php?type=' . $_GET['type'] . '&amp;id=' . $_GET['id'] . '&amp;submit=');
111 } else {
112 $tags = explode(',', $_POST['tags']);
113 removeTags($_GET['id'], $tableToTags[$_GET['type']]);
114
115 if ($tableToForm[$_GET['type']] != $_POST['type'])
116 {
117 $delold = "DELETE FROM " . $_GET['type'] . " WHERE id = " . $_GET['id'];
118 $delold2 = mysql_query($delold);
119
120 if ($_POST['type'] == 'draft')
121 {
122 $insdraft = "INSERT INTO drafts (title,author,text,slug) VALUES (\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
123 $insdraft2 = mysql_query($insdraft);
124
125 $id = mysql_insert_id();
126 $type = 'drafts';
127 addTags($id, $tags, 'draft');
128 } else if ($_POST['type'] == 'instant')
129 {
130 $id = postBlogPost($_POST['title'], getSessionUsername(), $tags, $_POST['text']);
131 $type = 'updates';
132 } else {
133 if ($_POST['type'] == 'article')
134 {
135 $getpending = "SELECT * FROM pending ORDER BY id DESC LIMIT 0,1";
136 $getpending2 = mysql_query($getpending);
137 $getpending3 = mysql_fetch_array($getpending2);
138 if (isset($getpending3['id']) === FALSE)
139 {
140 $id = 50;
141 } else {
142 $id = $getpending3['id']+1;
143 }
144 } else if ($_POST['type'] == 'high')
145 {
146 $getpending = "SELECT * FROM pending ORDER BY id ASC LIMIT 0,1";
147 $getpending2 = mysql_query($getpending);
148 $getpending3 = mysql_fetch_array($getpending2);
149 if (isset($getpending3['id']) === FALSE)
150 {
151 $id = 50;
152 } else {
153 $id = $getpending3['id']-1;
154 }
155 }
156
157 $inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
158 $inspending2 = mysql_query($inspending);
159
160 $type = 'pending';
161 addTags($id, $tags, 'pending');
162 }
163 } else if ($_POST['type'] == 'draft')
164 {
165 $setdraft = "UPDATE drafts SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id'];
166 $setdraft2 = mysql_query($setdraft);
167
168 $type = 'drafts';
169 $id = $_GET['id'];
170 addTags($_GET['id'], $tags, 'draft');
171 } else if ($_POST['type'] == 'article')
172 {
173 $setpending = "UPDATE pending SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id'];
174 $setpending2 = mysql_query($setpending);
175
176 $type = 'pending';
177 $id = $_GET['id'];
178 addTags($_GET['id'], $tags, 'pending');
179 } else if ($_POST['type'] == 'instant')
180 {
181 $setpost = "UPDATE updates SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id'];
182 $setpost2 = mysql_query($setpost);
183
184 $type = 'updates';
185 $id = $_GET['id'];
186 addTags($_GET['id'], $tags);
187 }
188
189 if ($type == 'updates')
190 {
191 $getpost = "SELECT * FROM updates WHERE id = " . $id;
192 $getpost2 = mysql_query($getpost);
193 $getpost3 = mysql_fetch_array($getpost2);
194
195 $url = '/blog/' . $getpost3['slug'] . '/';
196 } else {
197 $url = '/viewPost.php?type=' . $type . '&amp;id=' . $id;
198 }
199
200 $template->adds_block('FLASH', array('TEXT' => 'Your post has been sucessfully edited. <a href="' . $url . '">View post</a>.'));
201 $template->add('ACTION', '/admin/editPost.php?type=' . $type . '&amp;id=' . $id . '&amp;submit=');
202 }
203
204 $template->add('TITLEVALUE', $_POST['title']);
205 $template->add('TEXTVALUE', $_POST['text']);
206 $template->add('TAGSVALUE', $_POST['tags']);
207 $template->add(strtoupper($_POST['type']) . 'SELECTED', ' checked="checked"');
208 if ($_POST['type'] != 'draft') $template->add('TAGSDISABLED', ' readonly="readonly"');
209 } else {
210 $template->add('TITLEVALUE', $getpost3['title']);
211 $template->add('TEXTVALUE', $getpost3['text']);
212 $template->add('TAGSVALUE', implode(',', getTags($_GET['id'], $tableToTags[$_GET['type']])));
213 $template->add(strtoupper($tableToForm[$_GET['type']]) . 'SELECTED', ' checked="checked"');
214 if ($_GET['type'] != 'drafts') $template->add('TAGSDISABLED', ' readonly="readonly"');
215 $template->add('ACTION', '/admin/editPost.php?type=' . $_GET['type'] . '&amp;id=' . $_GET['id'] . '&amp;submit=');
216 }
217
218 $template->display();
219 } else {
220 generateError('404');
221 }
222}
223
224?>